Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[feat] Allow ignoring resources from security checks #346

Merged
merged 2 commits into from
Mar 22, 2024
Merged

[feat] Allow ignoring resources from security checks #346

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
23b4ae6
[feat] Allow ignoring resources from security checks
aquamatthias Mar 22, 2024
7ab7731
handle empty array
aquamatthias Mar 22, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
11 changes: 11 additions & 0 deletions fixbackend/inventory/router.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,7 @@
SearchRequest,
SearchStartData,
SearchListGraphRequest,
UpdateSecurityIgnore,
)
from fixbackend.streaming_response import streaming_response
from fixbackend.workspaces.dependencies import UserWorkspaceDependency
Expand Down Expand Up @@ -208,6 +209,16 @@ async def search_table(
async def get_node(graph_db: CurrentGraphDbDependency, node_id: NodeId = Path()) -> Json:
return await inventory().resource(graph_db, node_id)

@router.patch("/node/{node_id}/security_ignore", tags=["report"])
async def ignore_security(
graph_db: CurrentGraphDbDependency,
node_id: NodeId = Path(),
ignore: UpdateSecurityIgnore = Body(...),
) -> Json:
return await inventory().client.update_node(
graph_db, node_id, {"security_ignore": ignore.checks or None}, section="metadata"
)

@router.get("/node/{node_id}/neighborhood", tags=["search"])
async def get_node_neighborhood(graph_db: CurrentGraphDbDependency, node_id: NodeId = Path()) -> List[Json]:
return await inventory().neighborhood(graph_db, node_id)
Expand Down
9 changes: 8 additions & 1 deletion fixbackend/inventory/schemas.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@
# along with this program. If not, see <http://www.gnu.org/licenses/>.
from datetime import timedelta, datetime
from enum import Enum
from typing import List, Dict, Optional, Literal
from typing import List, Dict, Optional, Literal, Union
from urllib.parse import urlencode

from fixcloudutils.types import Json
Expand Down Expand Up @@ -182,3 +182,10 @@ class ReportConfig(BaseModel):
override_values: Optional[Json] = Field(
default=None, description="Default values for the report. Will be merged with the values from the config."
)


class UpdateSecurityIgnore(BaseModel):
checks: Union[Literal["*"], List[str], None] = Field(
description="Checks to ignore. Use '*' to ignore all checks. Use null to reset all checks.",
examples=[["check1", "check2"], "*", None],
)
Loading