diff options
| author |   Alex Legler <alex@a3li.li> | 2015-07-04 13:43:06 +0200 |
|---|---|---|
| committer | Alex Legler <alex@a3li.li> | 2015-07-04 13:43:06 +0200 |
| commit | 7fc1de718c33a764f6bf012fe3af376a9e9098a1 (patch) | |
| tree | afbaa5ca4a8f0b4617da40e55e25382c55b8aecb | |
| parent | Back to thin (diff) | |
| download | glsamaker-7fc1de718c33a764f6bf012fe3af376a9e9098a1.tar.gz glsamaker-7fc1de718c33a764f6bf012fe3af376a9e9098a1.tar.bz2 glsamaker-7fc1de718c33a764f6bf012fe3af376a9e9098a1.zip | |
Add functionality to add CVEs to CVETool
Thanks to ackle for the patch.
| -rw-r--r-- | app/controllers/cve_controller.rb | 14 | ||||
| -rw-r--r-- | app/views/cve/_new.js.erb | 75 | ||||
| -rw-r--r-- | app/views/cve/_toolbar.js.erb | 4 | ||||
| -rw-r--r-- | app/views/cve/list.html.erb | 2 | ||||
| -rw-r--r-- | app/views/cve/new_preview.html.erb | 7 |
5 files changed, 101 insertions, 1 deletions
diff --git a/app/controllers/cve_controller.rb b/app/controllers/cve_controller.rb index 0a47dd3..8e0cd54 100644 --- a/app/controllers/cve_controller.rb +++ b/app/controllers/cve_controller.rb @@ -158,6 +158,20 @@ class CveController < ApplicationController render :text => e.message, :status => 500 end + def new + @cve = Cve.create(cve_id: params[:cve_id], summary: params[:summary], state: 'NEW') + render :text => "ok" + rescue Exception => e + log_error e + respond_to do |format| + format.html { flash.now[:error] = 'Filing the CVE failed. Is this a duplicate?' } + format.js { + raise 'Filing the CVE failed. Is this a dupliate?' + render :text => e.message, :status => 500 + } + end + end + def nfu @cves = params[:cves].split(',').map{|cve| Integer(cve)} logger.debug { "NFU CVElist: " + @cves.inspect + " Reason: " + params[:reason] } diff --git a/app/views/cve/_new.js.erb b/app/views/cve/_new.js.erb new file mode 100644 index 0000000..7f8c49b --- /dev/null +++ b/app/views/cve/_new.js.erb @@ -0,0 +1,75 @@ +/** New CVE **/ +uki( + { view: 'Popup', rect: '650 300', anchors: 'left top', id: 'new-popup', hideOnClick: false, relativeTo: uki('#popup'), childViews: [ + { view: 'Label', rect: '10 10 630 20', anchors: 'top', text: '', id: 'cve-new-title' }, + { view: 'ScrollPane', rect: '10 30 635 220', anchors: 'top left right bottom', id: 'cve-new-scroll', scrollableV: true, scrollableH: false, childViews: [ + { view: 'Label', rect: '10 20 600 100', anchors: 'top', text: '', id: 'cve-new-text', textSelectable: true, multiline: true }, + ] }, + { view: 'Button', rect: '495 265 70 24', anchors: 'bottom right', id: 'cve-new-cancel', text: 'Cancel' }, + { view: 'Button', rect: '570 265 70 24', anchors: 'bottom right', id: 'cve-new-go', text: 'Create' } + ] + } +); + +uki("#cve-new").click( + function() { + var popup = uki('#new-popup'); + + new Ajax.Request('/cve/new_preview', { + onSuccess: function(response) { + uki('#cve-new-text').html(response.responseText); + uki('#cve-new-text').resizeToContents('height'); + + uki('#cve-new-title').html("<strong>Please provide the following CVE information:</strong>"); + popup.show(); + uki('#cve-new-go').disabled(false); + uki('#cve-new-go').focus(); + }, + onFailure: function(response) { + alert("Could not process your request:\n\n" + response.response.Text); + return false; + } + }); + } +); + +uki('#cve-new-cancel').click( + function() { + uki('#new-popup').hide(); + enableMainView(); + } +); + +uki('#cve-new-go').click( + function() { + if ($('cve_id').value.length < 13) { + alert("Please enter a valid 13 digit CVE identifier."); + return false; + } + if ($('summary').value.length < 1) { + alert("Please enter a CVE summary."); + return false; + } + + uki('#cve-new-go').disabled(true); + var params = { + cve_id: $('cve_id').value, + summary: $('summary').value + }; + + new Ajax.Request('new', { + parameters: params, + onSuccess: function(message) { + uki('#new-popup').hide(); + uki('#cve-new-go').disabled(false); + reloadTable(); + }, + onFailure: function(request, textStatus, errorThrown) { + var message = (request.status == 403) ? request.responseText : "Filing the CVE failed. Is this a duplicate?"; + alert(message); + uki('#cve-new-go').disabled(false); + } + }); + } +); +/** New CVE end **/ diff --git a/app/views/cve/_toolbar.js.erb b/app/views/cve/_toolbar.js.erb index 2a47fdd..2616bf6 100644 --- a/app/views/cve/_toolbar.js.erb +++ b/app/views/cve/_toolbar.js.erb @@ -43,10 +43,12 @@ function toolbar() { // mark-as { view: 'Image', rect: '5 445 16 16', anchors: 'left top', src: '<%= asset_path 'icons/info.png' %>' }, { view: 'Button', rect: '25 442 170 24', anchors: 'left top' , text: 'Info about selected CVEs', id: 'cve-details' }, + // New CVE + { view: 'Button', rect: '5 475 190 24', anchors: 'left top right', text: 'Add a new CVE', id: 'cve-new' }, // bottom stuff { view: 'Button', rect: '5 940 190 24', anchors: 'left bottom right', text: 'Reload table', id: 'reload-table' }, { view: 'Button', rect: '5 970 190 24', anchors: 'left bottom right', text: 'Back to GLSAMaker', id: 'close' } ]; } -/** Toolbar end **/
\ No newline at end of file +/** Toolbar end **/ diff --git a/app/views/cve/list.html.erb b/app/views/cve/list.html.erb index 915eb50..9a5fad6 100644 --- a/app/views/cve/list.html.erb +++ b/app/views/cve/list.html.erb @@ -41,6 +41,8 @@ uki( <%= render :partial => 'assigning.js' %> +<%= render :partial => 'new.js' %> + <%= render :partial => 'nfu.js' %> <%= render :partial => 'later.js' %> diff --git a/app/views/cve/new_preview.html.erb b/app/views/cve/new_preview.html.erb new file mode 100644 index 0000000..4841c3f --- /dev/null +++ b/app/views/cve/new_preview.html.erb @@ -0,0 +1,7 @@ +<form> +<label for="cve_num"><strong>CVE Identifier:</strong></label><br /> +<input type="text" id="cve_id" value="CVE-" style="width: 20%; font-size: 115%;" /> +<br /><br /> +<label for="summary"><strong>CVE Summary:</strong></label><br /> +<textarea id="summary" rows="5" style="width: 100%;"></textarea> +<end> |