chg: [website] added view to create and edit bundles. new migration f…

…ile for the bundle table.

.editorconfig

@@ -0,0 +1,22 @@
+root = true
+
+[*]
+indent_style = space
+indent_size = 4
+insert_final_newline = true
+trim_trailing_whitespace = true
+end_of_line = lf
+charset = utf-8
+max_line_length = 88
+
+[*.{yml,yaml,json,js,css,html}]
+indent_size = 2
+
+[*.{md,rst}]
+trim_trailing_whitespace = false
+
+[LICENSE]
+insert_final_newline = false
+
+[Makefile]
+indent_style = tab

website/migrations/alembic.ini

@@ -0,0 +1,45 @@
+# A generic, single database configuration.
+
+[alembic]
+# template used to generate migration files
+# file_template = %%(rev)s_%%(slug)s
+
+# set to 'true' to run the environment during
+# the 'revision' command, regardless of autogenerate
+# revision_environment = false
+
+
+# Logging configuration
+[loggers]
+keys = root,sqlalchemy,alembic
+
+[handlers]
+keys = console
+
+[formatters]
+keys = generic
+
+[logger_root]
+level = WARN
+handlers = console
+qualname =
+
+[logger_sqlalchemy]
+level = WARN
+handlers =
+qualname = sqlalchemy.engine
+
+[logger_alembic]
+level = INFO
+handlers =
+qualname = alembic
+
+[handler_console]
+class = StreamHandler
+args = (sys.stderr,)
+level = NOTSET
+formatter = generic
+
+[formatter_generic]
+format = %(levelname)-5.5s [%(name)s] %(message)s
+datefmt = %H:%M:%S

website/migrations/env.py

@@ -0,0 +1,95 @@
+import logging
+from logging.config import fileConfig
+
+from alembic import context
+from sqlalchemy import engine_from_config
+from sqlalchemy import pool
+
+# this is the Alembic Config object, which provides
+# access to the values within the .ini file in use.
+config = context.config
+
+# Interpret the config file for Python logging.
+# This line sets up loggers basically.
+fileConfig(config.config_file_name)
+logger = logging.getLogger("alembic.env")
+
+# add your model's MetaData object here
+# for 'autogenerate' support
+# from myapp import mymodel
+# target_metadata = mymodel.Base.metadata
+from flask import current_app  # noqa
+
+config.set_main_option(
+    "sqlalchemy.url", current_app.config.get("SQLALCHEMY_DATABASE_URI")
+)
+target_metadata = current_app.extensions["migrate"].db.metadata
+
+# other values from the config, defined by the needs of env.py,
+# can be acquired:
+# my_important_option = config.get_main_option("my_important_option")
+# ... etc.
+
+
+def run_migrations_offline():
+    """Run migrations in 'offline' mode.
+
+    This configures the context with just a URL
+    and not an Engine, though an Engine is acceptable
+    here as well.  By skipping the Engine creation
+    we don't even need a DBAPI to be available.
+
+    Calls to context.execute() here emit the given string to the
+    script output.
+
+    """
+    url = config.get_main_option("sqlalchemy.url")
+    context.configure(url=url)
+
+    with context.begin_transaction():
+        context.run_migrations()
+
+
+def run_migrations_online():
+    """Run migrations in 'online' mode.
+
+    In this scenario we need to create an Engine
+    and associate a connection with the context.
+
+    """
+
+    # this callback is used to prevent an auto-migration from being generated
+    # when there are no changes to the schema
+    # reference: http://alembic.zzzcomputing.com/en/latest/cookbook.html
+    def process_revision_directives(context, revision, directives):
+        if getattr(config.cmd_opts, "autogenerate", False):
+            script = directives[0]
+            if script.upgrade_ops.is_empty():
+                directives[:] = []
+                logger.info("No changes in schema detected.")
+
+    engine = engine_from_config(
+        config.get_section(config.config_ini_section),
+        prefix="sqlalchemy.",
+        poolclass=pool.NullPool,
+    )
+
+    connection = engine.connect()
+    context.configure(
+        connection=connection,
+        target_metadata=target_metadata,
+        process_revision_directives=process_revision_directives,
+        **current_app.extensions["migrate"].configure_args
+    )
+
+    try:
+        with context.begin_transaction():
+            context.run_migrations()
+    finally:
+        connection.close()
+
+
+if context.is_offline_mode():
+    run_migrations_offline()
+else:
+    run_migrations_online()

website/migrations/script.py.mako

@@ -0,0 +1,24 @@
+"""${message}
+
+Revision ID: ${up_revision}
+Revises: ${down_revision | comma,n}
+Create Date: ${create_date}
+
+"""
+from alembic import op
+import sqlalchemy as sa
+${imports if imports else ""}
+
+# revision identifiers, used by Alembic.
+revision = ${repr(up_revision)}
+down_revision = ${repr(down_revision)}
+branch_labels = ${repr(branch_labels)}
+depends_on = ${repr(depends_on)}
+
+
+def upgrade():
+    ${upgrades if upgrades else "pass"}
+
+
+def downgrade():
+    ${downgrades if downgrades else "pass"}

website/migrations/versions/7e42683b12cd_new_bundle_table.py

@@ -0,0 +1,59 @@
+"""new bundle table
+
+Revision ID: 7e42683b12cd
+Revises:
+Create Date: 2024-07-08 11:23:58.870539
+
+"""
+from alembic import op
+import sqlalchemy as sa
+from sqlalchemy.dialects import postgresql
+
+# revision identifiers, used by Alembic.
+revision = "7e42683b12cd"
+down_revision = None
+branch_labels = None
+depends_on = None
+
+
+def upgrade():
+    # ### commands auto generated by Alembic - please adjust! ###
+    op.create_table(
+        "bundle",
+        sa.Column("uuid", sa.UUID(), nullable=False),
+        sa.Column("vulnerability_lookup_origin", sa.UUID(), nullable=False),
+        sa.Column("name", sa.String(), nullable=False),
+        sa.Column("description", sa.String(), nullable=False),
+        sa.Column("description_format", sa.String(), nullable=True),
+        sa.Column(
+            "creation_timestamp",
+            sa.DateTime(timezone=True),
+            server_default=sa.text("now()"),
+            nullable=False,
+        ),
+        sa.Column(
+            "timestamp",
+            sa.DateTime(timezone=True),
+            server_default=sa.text("now()"),
+            nullable=False,
+        ),
+        sa.Column(
+            "related_vulnerabilities",
+            postgresql.JSONB(astext_type=sa.Text()),
+            nullable=True,
+        ),
+        sa.Column("meta", postgresql.JSONB(astext_type=sa.Text()), nullable=True),
+        sa.Column("author_id", sa.Integer(), nullable=False),
+        sa.ForeignKeyConstraint(
+            ["author_id"],
+            ["user.id"],
+        ),
+        sa.PrimaryKeyConstraint("uuid"),
+    )
+    # ### end Alembic commands ###
+
+
+def downgrade():
+    # ### commands auto generated by Alembic - please adjust! ###
+    op.drop_table("bundle")
+    # ### end Alembic commands ###

website/models/bundle.py

@@ -1,3 +1,4 @@
+import json
 import uuid
 from sqlalchemy import func
 from sqlalchemy.dialects.postgresql import JSONB, UUID
@@ -35,3 +36,20 @@ def validates_description_format(self, key: str, value: str) -> str:
             "value must be 'markdown' or 'text'."
         )
         return value.lower()
+
+    def as_json(self) -> str:
+        return json.dumps(
+            {
+                "uuid": str(self.uuid),
+                "vulnerability_lookup_origin": str(self.vulnerability_lookup_origin),
+                "name": self.name,
+                "description": self.description,
+                "description_format": self.description_format,
+                "creation_timestamp": self.creation_timestamp.strftime(
+                    "%Y-%m-%dT%H:%M:%S.%fZ"
+                ),
+                "timestamp": self.timestamp.strftime("%Y-%m-%dT%H:%M:%S.%fZ"),
+                "related_vulnerabilities": self.related_vulnerabilities,
+                "meta": self.meta,
+            }
+        )

website/models/user.py

@@ -50,6 +50,7 @@ class User(db.Model, UserMixin):  # type: ignore[name-defined, misc]
 
     # relationships
     comments = db.relationship("Comment", backref="author", lazy="dynamic")
+    bundles = db.relationship("Bundle", backref="author", lazy="dynamic")
 
     def __init__(self, **kwargs: Any):
         super().__init__(**kwargs)

website/validators/circl_bundle.py

@@ -0,0 +1,25 @@
+import json
+import os
+from referencing import Registry, Resource
+from referencing.jsonschema import SchemaRegistry
+
+from jsonschema import Draft202012Validator  # type: ignore[import-untyped]
+
+from website import BASE_DIR
+
+# #### CIRCL Security Advisory bundle format ####
+
+path_schemas = os.path.join(
+    BASE_DIR,
+    "website",
+    "web",
+    "static",
+    "schemas",
+    "CIRCL",
+)
+
+schema_bundle = json.load(
+    open(os.path.join(path_schemas, "Security_Advisory_Bundle.json"))
+)
+
+validator = Draft202012Validator(schema_bundle)