2024-03-21 20:20:24 +00:00
|
|
|
package routes
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"git.matterlinux.xyz/matter/security/lib"
|
2024-08-13 19:40:44 +00:00
|
|
|
"git.matterlinux.xyz/matter/security/log"
|
2024-03-21 20:20:24 +00:00
|
|
|
"github.com/gofiber/fiber/v2"
|
|
|
|
|
)
|
|
|
|
|
|
2024-08-13 19:40:44 +00:00
|
|
|
func POST_New(c *fiber.Ctx) error {
|
2024-08-13 19:25:36 +00:00
|
|
|
body := struct {
|
|
|
|
|
Desc string `form:"desc"`
|
|
|
|
|
Source string `form:"source"`
|
|
|
|
|
Severity string `form:"severity"`
|
|
|
|
|
Package string `form:"package"`
|
|
|
|
|
Versions string `form:"versions"`
|
|
|
|
|
}{}
|
|
|
|
|
|
|
|
|
|
err := c.BodyParser(&body)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return lib.RenderError(c, 400)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
user, err := lib.GetUser(c)
|
|
|
|
|
if err != nil {
|
2024-08-13 19:40:44 +00:00
|
|
|
log.Error("Failed to get the user: %s", err.Error())
|
2024-08-13 19:25:36 +00:00
|
|
|
return lib.RenderError(c, 500)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if !lib.ValidSeverity(body.Severity) {
|
|
|
|
|
return lib.RenderError(c, 400)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
v := lib.Vuln{
|
|
|
|
|
ID: lib.GetID(),
|
|
|
|
|
Desc: body.Desc,
|
|
|
|
|
Source: body.Source,
|
|
|
|
|
Severity: body.Severity,
|
|
|
|
|
Package: body.Package,
|
|
|
|
|
Versions: body.Versions,
|
|
|
|
|
Status: "Waiting for review",
|
|
|
|
|
Message: "This vulnerability is waiting for a review from the maintainers",
|
|
|
|
|
Author: user.Username,
|
|
|
|
|
Date: lib.GetFTime(),
|
|
|
|
|
Updated: lib.GetFTime(),
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
err = lib.AddVuln(v)
|
|
|
|
|
if err != nil {
|
2024-08-13 19:40:44 +00:00
|
|
|
log.Error("Failed to add vuln: %s", err.Error())
|
2024-08-13 19:25:36 +00:00
|
|
|
return lib.RenderError(c, 500)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return c.Redirect("/manage")
|
2024-03-21 20:20:24 +00:00
|
|
|
}
|
