feat(refactor): PEP8, type annotations, docstrings and PyJWT security fix
This commit is contained in:
kitos
@@ -8,6 +8,7 @@ Also exposes email configuration CRUD (admin only) that writes to the
|
||||
system_configs table so settings survive container restarts.
|
||||
"""
|
||||
|
||||
# Import logging
|
||||
import logging
|
||||
from typing import Optional
|
||||
|
||||
@@ -22,10 +23,26 @@ from app.services.mitre_sync_service import sync_mitre
|
||||
from app.services.intel_service import scan_intel
|
||||
from app.services.atomic_import_service import import_atomic_red_team
|
||||
from app.jobs.mitre_sync_job import scheduler
|
||||
|
||||
# Import limiter from app.limiter
|
||||
from app.limiter import limiter
|
||||
|
||||
# Import User from app.models.user
|
||||
from app.models.user import User
|
||||
|
||||
# Import import_atomic_red_team from app.services.atomic_import_service
|
||||
from app.services.atomic_import_service import import_atomic_red_team
|
||||
|
||||
# Import scan_intel from app.services.intel_service
|
||||
from app.services.intel_service import scan_intel
|
||||
|
||||
# Import sync_mitre from app.services.mitre_sync_service
|
||||
from app.services.mitre_sync_service import sync_mitre
|
||||
|
||||
# Assign logger = logging.getLogger(__name__)
|
||||
logger = logging.getLogger(__name__)
|
||||
|
||||
# Assign router = APIRouter(prefix="/system", tags=["system"])
|
||||
router = APIRouter(prefix="/system", tags=["system"])
|
||||
|
||||
|
||||
@@ -105,8 +122,11 @@ def _bg_mitre_sync() -> None:
|
||||
|
||||
|
||||
@router.post("/sync-mitre")
|
||||
# Apply the @limiter.limit decorator
|
||||
@limiter.limit("2/hour")
|
||||
# Define function trigger_mitre_sync
|
||||
def trigger_mitre_sync(
|
||||
# Entry: request
|
||||
request: Request,
|
||||
background_tasks: BackgroundTasks,
|
||||
current_user: User = Depends(require_role("admin")),
|
||||
@@ -127,11 +147,15 @@ def trigger_mitre_sync(
|
||||
}
|
||||
|
||||
|
||||
# Apply the @router.post decorator
|
||||
@router.post("/run-intel-scan")
|
||||
# Define function trigger_intel_scan
|
||||
def trigger_intel_scan(
|
||||
# Entry: db
|
||||
db: Session = Depends(get_db),
|
||||
# Entry: current_user
|
||||
current_user: User = Depends(require_role("admin")),
|
||||
):
|
||||
) -> dict:
|
||||
"""Manually trigger a threat-intelligence scan.
|
||||
|
||||
**Requires** the ``admin`` role.
|
||||
@@ -139,20 +163,30 @@ def trigger_intel_scan(
|
||||
Returns a JSON object with the scan summary including the count of
|
||||
new intel items found.
|
||||
"""
|
||||
# Assign summary = scan_intel(db)
|
||||
summary = scan_intel(db)
|
||||
# Return {
|
||||
return {
|
||||
# Literal argument value
|
||||
"message": "Intel scan completed",
|
||||
# Literal argument value
|
||||
"new_items": summary["new_items"],
|
||||
}
|
||||
|
||||
|
||||
# Apply the @router.post decorator
|
||||
@router.post("/import-atomic-tests")
|
||||
# Apply the @limiter.limit decorator
|
||||
@limiter.limit("2/hour")
|
||||
# Define function trigger_atomic_import
|
||||
def trigger_atomic_import(
|
||||
# Entry: request
|
||||
request: Request,
|
||||
# Entry: db
|
||||
db: Session = Depends(get_db),
|
||||
# Entry: current_user
|
||||
current_user: User = Depends(require_role("admin")),
|
||||
):
|
||||
) -> dict:
|
||||
"""Trigger an import of Atomic Red Team tests as TestTemplates.
|
||||
|
||||
**Requires** the ``admin`` role.
|
||||
@@ -163,37 +197,58 @@ def trigger_atomic_import(
|
||||
|
||||
Returns a JSON object with import statistics.
|
||||
"""
|
||||
# Attempt the following; catch errors below
|
||||
try:
|
||||
# Assign summary = import_atomic_red_team(db)
|
||||
summary = import_atomic_red_team(db)
|
||||
# Handle Exception
|
||||
except Exception as exc:
|
||||
# Log error: "Atomic Red Team import failed: %s", exc, exc_info
|
||||
logger.error("Atomic Red Team import failed: %s", exc, exc_info=True)
|
||||
# Return {
|
||||
return {
|
||||
# Literal argument value
|
||||
"message": "Import failed. Check server logs for details.",
|
||||
}
|
||||
|
||||
# Return {
|
||||
return {
|
||||
# Literal argument value
|
||||
"message": "Import completed",
|
||||
# Literal argument value
|
||||
"imported": summary["created"],
|
||||
# Literal argument value
|
||||
"skipped": summary["skipped_existing"],
|
||||
# Literal argument value
|
||||
"total_parsed": summary["total_tests_parsed"],
|
||||
}
|
||||
|
||||
|
||||
# Apply the @router.get decorator
|
||||
@router.get("/scheduler-status")
|
||||
# Define function scheduler_status
|
||||
def scheduler_status(
|
||||
# Entry: current_user
|
||||
current_user: User = Depends(require_role("admin")),
|
||||
):
|
||||
) -> dict:
|
||||
"""Return the current state of the background scheduler.
|
||||
|
||||
**Requires** the ``admin`` role.
|
||||
"""
|
||||
# Assign jobs = scheduler.get_jobs()
|
||||
jobs = scheduler.get_jobs()
|
||||
# Return {
|
||||
return {
|
||||
# Literal argument value
|
||||
"running": scheduler.running,
|
||||
# Literal argument value
|
||||
"jobs": [
|
||||
{
|
||||
# Literal argument value
|
||||
"id": job.id,
|
||||
# Literal argument value
|
||||
"name": job.name,
|
||||
# Literal argument value
|
||||
"next_run_time": str(job.next_run_time) if job.next_run_time else None,
|
||||
}
|
||||
for job in jobs
|
||||
|
||||
Reference in New Issue
Block a user