-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathDyalogSecurityIssues.aplf
107 lines (90 loc) · 4.5 KB
/
DyalogSecurityIssues.aplf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
r←DyalogSecurityIssues interval;f;i;new;cols;old;tn;now;then;msg;subject;ns;tbl;tsfmt;gone;when;m;last;cn;added;changed;issues;timestamp;out;resolved;nums;rows;p;n;ignore;drop;size;fileok;ix
⍝ Send SSGMon e-mail
⍝ r is empty on success, else error message
⍝ if interval=¯1, report all open issues (weekly run)
⍝ if interval=0, issues modified since last run (regardless of status)
subject←'Error' ⍝ If anything goes wrong en route
:If ∨/m←0=≢¨MAILSERVER MAILFROM SMTPPASS MAILTO DATABASE SMTPPASS MANTISAPITOKEN
r←'Missing configuration: ',⍕m/' '(=⊂⊢) ' MAILSERVER MAILFROM SMTPPASS MAILTO LOGFILE SMTPPASS MANTISAPITOKEN'
→0
:EndIf
(tn r)←OpenLogFile LOGFILE←DATABASE,'/SecurityIssueLog.dcf'
→(0≠≢r)⍴0
cols←'id' 'updated' 'status' 'reporter' 'summary'
f←(⎕JSON MantisAPI'filters').filters.(id name)
f←∊{(⍵∊'Security=Yes' 'Security "Not Sure"')/⍺}/↓⍉↑f ⍝ The filter ID
ns←{⎕JSON MantisAPI 'issues?filter_id=',⍕⍵}¨f
issues←⊃,/ns.issues
new←↑issues.(id updated_at status.name reporter.name summary) ⍝ New Status
new,←issues.(((custom_fields.(field.name))⍳⊂'Security Related')⊃custom_fields.value)
ignore←⊂'Fixed In n/a => n/a'
new,←{6↓∊'<br />'∘,¨ignore~⍨{⍵.message,' ',{0::'' ⋄ ⍵.change}⍵}¨⍵/⍨⍵.created_at∊((¯1↑⍵).created_at)}¨issues.history
new,←↑issues.(created_at ({0::'' ⋄ handler.name}0))
new[;2 8]←ISOtoDN¨new[;2 8] ⍝ ISO timestamps to UTC IDN
now←1 ⎕DT'Z' ⍝ Server time is UTC
tsfmt←now∘TSFmtNice ⍝ Was 'Mmm DD hh:mm'∘(1200⌶)
:If 11=2⊃⎕FSIZE tn ⍝ file with no data in it
(now new)⎕FAPPEND tn
:EndIf
:If 2=⍴⍴old←⎕FREAD tn,cn←¯1+2⊃⎕FSIZE tn ⍝ if last comonent is a matrix
then←2 1 ⎕DT 3⊃⎕FRDCI tn,cn ⍝ ... then get timestamp from component information
:ElseIf 2=⍴old
(then old)←old ⍝ ... else component should contain timestamp and data
:Else
msg←'Invalid file format'
→SEND⊣fileok←0
:EndIf
fileok←1
old,←((≢old),(2⊃⍴new)-2⊃⍴old)⍴⊂'' ⍝ Pad old result with new cols if necessary
:Select interval
:Case ¯1 ⍝ All open issues
added←gone←0⌿new
changed←(~new[;3]∊⊂'closed')⌿new
subject←'List of All Open Security Issues'
timestamp←0⍴⊂''
:Else ⍝ Changes since last run
added←(~new[;1]∊old[;1])⌿new
gone←(~old[;1]∊new[;1])⌿old ⍝ disappeared from the list
changed←(~(new[;1]∊added[;1],gone[;1])∨(↓new[;1 3])∊↓old[;1 3])⌿new
subject←'Recent changes'
timestamp←⊂'List of changes since ',⊃tsfmt then
:EndSelect
:If 0≠≢tbl←⊃⍪/(⊂¨'<b>*NEW*</b>' ((interval≢¯1)/'Updated') 'Removed'),¨added changed gone
out←tbl[ix←⍋tbl[;4]∊⊂'resolved';2 7 1 4 8 3 6] ⍝ Move resolved issues to the end
nums←⍕¨out[;1]
out←0 1↓out
cols←'' '' 'Status' 'Last Change' 'Timestamp' 'Description' ⍝ 1st 2: Action & Not Sure
out[;3]←(1 ⎕C 1↑¨out[;3]),¨1↓¨out[;3] ⍝ Capitalise Status
out[;3]←out[;3]
out[;4]←out[;4],¨'    <br />'∘,¨tsfmt out[;5]
out[;5]←⊂''
out[;1]←tbl[ix;5],¨' ',¨(tsfmt tbl[ix;9]),¨('' '<br /><b>*NOT SURE*</b>')[1+out[;1]∊⊂'Not sure']
out[;1]←out[;1],¨{(×≢⍵)/'<br /> Assigned ',⍵}¨tbl[ix;10] ⍝ Add Handler.name
rows←'<a href="https://mantis.dyalog.com/view.php?id='∘,¨nums,¨(⊂'">'),¨nums,¨(⊂'</a>')
:If (n←≢out)>p←¯1+⊃out[;3]⍳⊂'Resolved'
rows←(drop←2×p=0)↓(p↑rows),'' '<b>Resolved:</b>',p↓rows
out←drop↓(p 2 (n-p)/1 0 1)⍀out
out[;5]←⊂''
:EndIf
m←~∧⌿out∊⊂'' ⍝ mask out empty cols
msg←∊HtmlTable rows (m/cols) ((⍕¨m/out),¨⊂'   ')
:If interval=¯1
size←⎕FSIZE tn
msg,←'<br /><br />Log file size is ',(2⍕1E6÷⍨3⊃size),'Mb (',(⍕--/2↑size),' components)'
:EndIf
:Else
msg←''
:EndIf
SEND:
:If 0≠≢msg
⎕←'About to send Mantis security issues email to ',MAILTO
SendMail MAILSERVER MAILFROM SMTPPASS MAILTO('SSGMon: ',subject)msg
⎕←'Sent Mantis security issues email: ' subject
:Else
⎕←'No changes to Mantis security issues so not emailing ',MAILTO
:EndIf
:If fileok
:AndIf old[;1 2]≢new[;1 2] ⍝ Something changed?
(now new)⎕FAPPEND tn ⍝ Write a new record
:EndIf
⎕FUNTIE tn