diff --git a/nettacker/core/lib/base.py b/nettacker/core/lib/base.py index 7af4ee53e..312726edf 100644 --- a/nettacker/core/lib/base.py +++ b/nettacker/core/lib/base.py @@ -122,6 +122,13 @@ def process_conditions( ): # Remove sensitive keys from headers before submitting to DB event = remove_sensitive_header_keys(event) + if "stop_at_first_success" in event["response"]: + event_name = event["response"]["stop_at_first_success"] + existing = find_temp_events( + target, module_name, scan_id, event_name, port=event.get("ports", "") + ) + if existing: + return False if "save_to_temp_events_only" in event.get("response", ""): submit_temp_logs_to_db( { @@ -135,6 +142,21 @@ def process_conditions( "data": response, } ) + if event["response"]["conditions_results"] and "stop_at_first_success" in event.get( + "response", "" + ): + submit_temp_logs_to_db( + { + "date": datetime.now(), + "target": target, + "module_name": module_name, + "scan_id": scan_id, + "event_name": event["response"]["stop_at_first_success"], + "port": event.get("ports", ""), + "event": event, + "data": response, + } + ) if event["response"]["conditions_results"] and "save_to_temp_events_only" not in event.get( "response", "" ): @@ -270,6 +292,13 @@ def run( """Engine entry point.""" backup_method = copy.deepcopy(sub_step["method"]) backup_response = copy.deepcopy(sub_step["response"]) + if "stop_at_first_success" in backup_response: + event_name = backup_response["stop_at_first_success"] + existing = find_temp_events( + target, module_name, scan_id, event_name, port=sub_step.get("ports", "") + ) + if existing: + return False del sub_step["method"] del sub_step["response"] diff --git a/nettacker/database/db.py b/nettacker/database/db.py index 3444db72f..c5d461902 100644 --- a/nettacker/database/db.py +++ b/nettacker/database/db.py @@ -403,7 +403,7 @@ def submit_temp_logs_to_db(log): return False -def find_temp_events(target, module_name, scan_id, event_name): +def find_temp_events(target, module_name, scan_id, event_name, port=None): """ select all events by scan_unique id, target, module_name @@ -420,16 +420,24 @@ def find_temp_events(target, module_name, scan_id, event_name): if isinstance(session, tuple): connection, cursor = session try: - cursor.execute( - """ - SELECT event - FROM temp_events - WHERE target = ? AND module_name = ? AND scan_unique_id = ? AND event_name = ? - LIMIT 1 - """, - (target, module_name, scan_id, event_name), - ) - + if port is not None: + cursor.execute( + """ + SELECT event FROM temp_events + WHERE target = ? AND module_name = ? AND scan_unique_id = ? AND event_name = ? AND port = ? + LIMIT 1 + """, + (target, module_name, scan_id, event_name, json.dumps(port)), + ) + else: + cursor.execute( + """ + SELECT event FROM temp_events + WHERE target = ? AND module_name = ? AND scan_unique_id = ? AND event_name = ? + LIMIT 1 + """, + (target, module_name, scan_id, event_name), + ) row = cursor.fetchone() if row: return row[0] @@ -444,17 +452,15 @@ def find_temp_events(target, module_name, scan_id, event_name): except Exception: pass else: - result = ( - session.query(TempEvents) - .filter( - TempEvents.target == target, - TempEvents.module_name == module_name, - TempEvents.scan_unique_id == scan_id, - TempEvents.event_name == event_name, - ) - .first() + query = session.query(TempEvents).filter( + TempEvents.target == target, + TempEvents.module_name == module_name, + TempEvents.scan_unique_id == scan_id, + TempEvents.event_name == event_name, ) - + if port is not None: + query = query.filter(TempEvents.port == json.dumps(port)) + result = query.first() return result.event if result else []