HEX

File: //proc/self/root/usr/local/CyberCP/aiScanner/__pycache__/views.cpython-310.pyc
o

��h�e�@sddlmZmZddlmZddlmZddlmZddl	m
Z
ddlmZddl
Z
ddlZd	d
�Zdd�Zd
d�Zdd�Zdd�Zdd�Zdd�Zedd��Zdd�Zedg�dd��Zedg�dd��Zd d!�Zeed"g�d#d$���Zeedg�d%d&���Zeedg�d'd(���ZdS))�)�render�redirect)�JsonResponse)�csrf_exempt)�require_http_methods)�
loadLoginPage���AIScannerManagerNcC�:z|jd}t�}|�||�WStytt�YSw)zMain AI Scanner page�userID)�sessionr
�scannerHome�KeyErrorrr��requestr�sm�r�%/usr/local/CyberCP/aiScanner/views.py�
aiScannerHome�
�rcC�@z|jd}t�}|�||�WStytddd��YSw)z#Setup payment method for AI scannerrF�Not authenticated��success�error)r
r
�setupPaymentrrrrrrr�
�rcCr)z Handle return from payment setupr)r
r
�
setupCompleterrrrrrrrrrcCr)zStart a new AI security scanrFrr)r
r
�	startScanrrrrrrr)rrcCr)z Refresh account balance from APIrFrr)r
r
�refreshBalancerrrrrrr 3rr cCr)zAdd a new payment methodrFrr)r
r
�addPaymentMethodrrrrrrr!=rr!cCr)z(Handle return from adding payment methodr)r
r
�paymentMethodCompleterrrrrrrr"Grr"cCst�}|�|�S)z0Handle scan results callback from AI Scanner API)r
�scanCallback)rrrrrr#Qs
r#cCstz�|jd}ddlm}ddlm}ddlm}|jj|d�}|�	|�}|ddkr7|j�
��d	�d
d�}n|�|�}|jj
|d��d	�d
d�}g}	|D]9}
|	�|
j|
j|
j|
j|
j�d
�|
jrh|
j�d
�nd
|
jrqt|
j�nd|
j|
j|
jr�|
jd
d�ng|
jd��qNtd|	d��WSty�tddd��YSty�}ztdt|�d��WYd
}~Sd
}~ww)zGet scan history for userrr��
Administratorr��ScanHistory��
ACLManager��pk�adminz-started_atN�)�	admin__in�%Y-%m-%d %H:%M:%S�)�scan_id�domain�status�	scan_type�
started_at�completed_at�cost_usd�
files_scanned�issues_found�findings�summaryT)r�scansFrr) r
�loginSystem.modelsr%�modelsr'�plogical.aclr)�objects�get�	loadedACL�all�order_by�loadUserObjects�filter�appendr1r2r3r4r5�strftimer6r7�floatr8r9r:r;rr�	Exception�str)rrr%r'r)r,�
currentACLr<�user_admins�	scan_data�scan�errr�getScanHistoryXsB




���rQ�GETc
CsTz�|jd}ddlm}ddlm}ddlm}ddlm}|j	j
|d�}|�|�}z"|j	j
|d	�}	|d
dkrK|�|�}
|	j
|
vrKtddd
��WWSWn|jy^tddd
��YWSwz |j	j
|d	�}|jdkro|jn|	j}|j}
|j}|j}|j}Wn|jy�|	j}|	j}
|	j}d}d}Ynwid|	j�d|	j�d|	j�d|	j�d|	j�d��d|	jr�|	j�d�nd�d|	jr�t|	j�nd�d|�d|
�d|	j�d|�d|�d|�d|	j�d|	j �d |	j!�}td!|d"��WSt"y�tdd#d
��YS|j�ytddd
��YSt#�y)}ztdt$|�d
��WYd}~Sd}~ww)$zGet detailed scan resultsrrr$rr&)�ScanStatusUpdater(r*�r1r,F�Access denied to this scanr�Scan not foundr1r2r3r4r5r/r6Nr7r8�files_discoveredr9�
threats_found�critical_threats�high_threatsr:r;�
error_messageT)rrOr)%r
r=r%r>r'�
status_modelsrSr?r)r@rArBrEr,r�DoesNotExistr8rWrXrYrZr9r1r2r3r4r5rHr6r7rIr:r;r[rrJrK)rr1rr%r'rSr)r,rLrOrM�
status_updater8rWrXrYrZrNrPrrr�getScanDetails�s�



��
���������	�
���
������r_c
Cs��z|jd}ddlm}ddlm}m}ddlm}ddl}z4|j	j
|d�}|j	j
|d	�}	dd
lm}
|
�
|�}|ddkrR|
�|�}|j|vrRtdd
d��WWSWn|jyetddd��YWSwd}
z
|	j}|rt|jrt|j}
Wn|jyYnty�}zWYd}~nd}~ww|
s�z|jj}|r�|jr�|j}
Wn|jy�Ynty�}zWYd}~nd}~ww|
�sz=dd
lm}
ddlm}|
��}|�}|�|�}|�
d�r�|�
d�r�|�
dd�dkr�|�|�}|r�|�
d�r�|�
d�}
Wnt�y}zWYd}~nd}~ww|
�s$|�d|���tddd��WSz�d|�d�}|
dd�}|�d|���|j
||dd�}z|��}Wn'tj�ym}z|�dt|����tddd��WYd}~WWSd}~ww|jd k�r�|�
d��r�|�d!|�
d"����td#|�
d"�|�
d$�d%��WWS|�
d&d'�}|�d(|���td||�
d)d�d*��WWS|jj �y�|�d+|���tdd,d��YWS|jj!�y�}z|�d-t|����tdd.t|���d��WYd}~WSd}~wt�y }z|�d/t|����tdd0t|���d��WYd}~WSd}~wwt"�y1tdd1d��YSt�yV}z|�d2t|����tdt|�d��WYd}~Sd}~ww)3z'Get the platform monitor URL for a scanrrr$r)r'�AIScannerSettings)�CyberCPLogFileWriterNrTr*r(r,Fz
Access deniedrrVr	r�is_vps�free_scans_available�api_keyz'[AI Scanner] No API key found for scan zAAPI key not configured. Please configure your AI Scanner API key.z6https://platform.cyberpersons.com/ai-scanner/api/scan/z
/monitor-url/zapplication/json)z	X-API-KeyzContent-Typez4[AI Scanner] Fetching platform monitor URL for scan �
)�headers�timeoutz [AI Scanner] JSON decode error: zInvalid response from platform��z[AI Scanner] Got monitor URL: �monitor_urlT�platform_scan_id)rrirjrzFailed to get monitor URLz([AI Scanner] Failed to get monitor URL: �scan_exists)rrrkz/[AI Scanner] Platform request timeout for scan zPlatform request timeoutz%[AI Scanner] Platform request error: zPlatform error: z[AI Scanner] Unexpected error: zError: rz*[AI Scanner] getPlatformMonitorUrl error: )#r
r=r%r>r'r`�plogical.CyberCPLogFileWriterra�requestsr@rAr?r)rBrEr,rr]�ai_scanner_settingsrdrJ�aiScannerManagerr
�fetchIP�check_vps_free_scans�get_or_create_vps_api_key�writeToFile�json�JSONDecodeErrorrK�status_code�
exceptions�Timeout�RequestExceptionr)rr1rr%r'r`�loggingrmrOr,r)rLrMrd�current_user_settingsrP�scanner_settingsr
�	server_ipr�vps_info�vps_key_data�urlrf�response�data�	error_msgrrr�getPlatformMonitorUrl�s�



��
���
���

�

�������
�&�&����r�cCs��z|jd}ddlm}ddlm}ddlm}|jj|d�}|�	|�}z"|jj|d�}|d	dkrF|�
|�}	|j|	vrFtd
dd��WWSWn|j
yYtd
d
d��YWSw|j}
|
jshtd
dd��WSt�}|�|
j|�}|r�|�d�r�|�di�}
td||
�dd�|
�dd�|
�dd�|
�dd�|
�dd�|
�dd�|
�dd�|
�dd�|
�dd�|
�dd�|
�dd�|
�d�dv|
�d d!�d"��WStd||j|jd#kr�d$ndd|j|jd|jdd|jd%kr�|jnd&|jr�|j��n|j��d
|j�rd'|jd(��nd!d"��WSt�ytd
d)d��YS|j
�y(td
d
d��YSt�yC}ztd
t|�d��WYd*}~Sd*}~ww)+z2Get real-time scan status from AI Scanner platformrrr$rr&r(r*rTr,FrUrrVzAPI key not configuredrr�Tr3�unknown�progress�current_file�rWr8�files_remaining�findings_countrYrZ�activity_description�last_updated)�scanning�discovering_files�starting�costz$0.00)rr1�phaser�r�rWr8r�rXrYrZr�r��	is_activer��	completed�d�failedzScan completed�$z.4frN)r
r=r%r>r'r?r)r@rArBrEr,rr]rnrdr
�get_scan_statusr3r8r9r[r6�	isoformatr5r7rrJrK)rr1rr%r'r)r,rLrOrMr|r�platform_status�status_datarPrrr�getPlatformScanStatusJs�



��












�
���r��POSTc
Cs�z�t�|j�}|�d�}|�d�}|r|stddd��WSddlm}m}z�|jj||dd	�}|�	�r<tdd
d��WWSddl
m}z_|jj|jd
�}|j
}	d}
d}tj�|	dd�}tj�|�r�z,t|d��}
|
��}ddl}|�d|�}|r||�d�}
Wd�n1s�wYWnYtd|j|	||
|d�d��WWWS|jy�tddd��YWWSw|jy�tddd��YWSwty�}ztdt|�d��WYd}~Sd}~ww)zAuthenticate AI scanner access�access_tokenr1F�Missing parametersrr)�FileAccessTokenr'T)�token�scan_history__scan_idr��
Token expiredr)�Websites)r2�Unknownzwp-includeszversion.php�rNz&\$wp_version\s*=\s*[\'"]([^\'"]+)[\'"])r2�wp_path�php_version�
wp_versionr1)r�	site_infozWebsite not found�
Invalid token)rt�loads�bodyrArr>r�r'r@�
is_expired�websiteFunctions.modelsr�r2r��os�path�join�exists�open�read�re�search�groupr]rJrK)rr�r�r1r�r'�
file_tokenr��websiter�r�r��version_file�f�contentr��matchrPrrr�aiScannerAuthenticate�sl

�
���������r�c

Cs4z�|j�dd�}|j�dd��dd�}|stddd��WSdd	lm}z�|jj|d
d�}|��r9tddd��WWSt	j
�|j|�}t	j
�
|��t	j
�
|j��sXtdd
d��WWSt	j
�|�sgtddd��WWSt	j
�|�svtddd��WWSg}zat	�|�D]P}t	j
�||�}|�d�s�|dvr�q~t	j
�|�r�|�|d|r�t	j
�||��dd�n|d��q~|�d�r�|�|d|r�t	j
�||��dd�n|t	j
�|�d��q~td
||d��WWWSty�tddd��YWWSw|jy�tddd��YWSwt�y}	ztdt|	�d��WYd}	~	Sd}	~	ww)z&List directory contents for AI scannerr�r��
Authorization�Bearer FzNo authorization tokenrr�r�T�r�r�r��Path not allowedzPath not foundzPath is not a directory�.)�__pycache__�node_modules�	directory�\�/)�name�typer�)	z.phpz.jsz.htmlz.htmz.cssz.txtz.mdz.jsonz.xml�file)r�r�r��size)rr��itemszPermission deniedr�N)rRrArf�replacerr>r�r@r�r�r�r�r��abspath�
startswithr��isdir�listdirrG�endswith�getsize�PermissionErrorr]rJrK)
rr�r�r�r��	full_pathr��item�	item_pathrPrrr�aiScannerListFiles�sh
�

�������r�cCs2z�|j�d�}|j�dd��dd�}|r|stddd��WSdd	lm}z�|jj|d
d�}|��r:tddd��WWSt	j
�|j|�}t	j
�
|��t	j
�
|j��sYtdd
d��WWSt	j
�|�shtddd��WWSt	j
�|�swtddd��WWSt	j
�|�}|dkr�tddd��WWSz(t|dddd��}|��}Wd�n1s�wYtd
|||d��WWWSty�t|d��}|��}Wd�n1s�wYddl}	td
||	�|��d�d|d��YWWSw|jy�tddd��YWSwt�y}
ztdt|
�d��WYd}
~
Sd}
~
ww)zGet file content for AI scannerr�r�r�r�Fr�rrr�Tr�r�r�zFile not foundzPath is not a filei�zFile too larger�zutf-8�ignore)�encoding�errorsN)rr�r�r��rbr�base64)rr�r�r�r�r�)rRrArfr�rr>r�r@r�r�r�r�r�r�r�r��isfiler�r�r��UnicodeDecodeErrorr��	b64encode�decoder]rJrK)r�	file_pathr�r�r�r��	file_sizer�r�r�rPrrr�aiScannerGetFile-sd
��
������r�)�django.shortcutsrr�django.httpr�django.views.decorators.csrfr�django.views.decorators.httpr�loginSystem.viewsrror
rtr�rrrrr r!r"r#rQr_r�r�r�r�r�rrrr�<module>s@







,
G
}SCI