public ActionForward look(
ActionMapping mapping,
ActionForm form,
HttpServletRequest request,
HttpServletResponse response)
throws Exception {
String dynaVulnThreId = request.getParameter("dynaVulnThreId");
AsseKnowDynaThre dynaThre = threAnalService.find(dynaVulnThreId);
Integer asseKnowStatVulnPoinId = dynaThre.getDynaVuln().getAsseKnowStatVulnPoinId();
AsseKnowStatVulnPoin statVulnPoin = statVulnPoinService.find(asseKnowStatVulnPoinId.toString());
AsseKnowStatThre statThre = statThreService.find(dynaThre.getAsseKnowStatThreId().toString());
request.setAttribute("dynaThre", dynaThre);
request.setAttribute("statVulnPoin", statVulnPoin);
request.setAttribute("statThre", statThre);
return mapping.findForward("look");
}
/** 脆弱点威胁关联分页 */
@SuppressWarnings("unchecked")
public ActionForward showVulnThre(
ActionMapping mapping,
ActionForm form,
HttpServletRequest request,
HttpServletResponse response)
throws Exception {
AsseInfoProj asseInfoProj = loadAsseInfoproj(request);
asseInfoProj.setProgress("prog10");
projectService.saveOrUpdate(asseInfoProj);
request.getSession().setAttribute("asseInfoProj", asseInfoProj);
String vulnKindIdSelect = request.getParameter("vulnKindIdSelect");
if (vulnKindIdSelect == null) {
vulnKindIdSelect = (String) request.getAttribute("vulnKindIdSelect");
}
String vulnIdSelect = request.getParameter("vulnIdSelect");
if (vulnIdSelect == null) {
vulnIdSelect = (String) request.getAttribute("vulnIdSelect");
}
AsseKnowDynaVuln vulnPoint = null;
if (vulnKindIdSelect != null) {
request.setAttribute("vulnKindSelect", vulnKindIdSelect);
}
if (vulnIdSelect != null && !"".equals(vulnIdSelect)) {
vulnPoint = vulnAnalService.find(new Integer(vulnIdSelect));
request.setAttribute("vulnSelect", vulnIdSelect);
request.setAttribute("vulnPoint", vulnPoint);
}
// 返回动态威胁列表
int currPage = 1;
Double totalPage = 0d;
int totalNum = 0;
int startResult = 0;
int maxResult = 5;
try {
// 分页定义的相关的基本信息
String cp =
(request.getParameter("currPage") == null) ? "1" : request.getParameter("currPage");
if (cp != null && !cp.equals("")) {
currPage = Integer.parseInt(cp);
}
startResult = (currPage - 1) * maxResult;
if (startResult < 0) {
startResult = 0;
}
// 分页定义的相关的基本信息
totalNum = threAnalService.getCount(asseInfoProj, vulnIdSelect);
totalPage = Math.ceil((double) totalNum / maxResult);
if (totalPage > 0 && currPage <= 0) {
currPage = 1;
}
if (currPage > totalPage) {
currPage = totalPage.intValue();
startResult = (currPage - 1) * maxResult;
if (startResult < 0) {
startResult = 0;
}
}
// 数据相关的基本信息
List<AsseKnowDynaThre> vulnThreAnalList = new ArrayList<AsseKnowDynaThre>();
vulnThreAnalList =
threAnalService.listAllByVuln(startResult, maxResult, asseInfoProj, vulnIdSelect);
request.setAttribute("vulnThreAnalList", vulnThreAnalList);
request.setAttribute("currPage", currPage);
request.setAttribute("totalPage", totalPage.intValue());
// 返回可选资产列表
List assertList = assetService.find(asseInfoProj.getDomain(), null);
request.setAttribute("assertList", assertList);
// 返回所有静态威胁类别列表
List statThreKindList = statThreKindService.listAllStatThreKind();
request.setAttribute("statThreKindList", statThreKindList);
// 返回所有静态威胁列表
List statThreList = statThreService.listAllStatThre();
request.setAttribute("statThreList", statThreList);
// 返回所有静态漏洞威胁列表
String cveIdScale = "0";
List<String> cveIdList = leakScanService.listCVEId(asseInfoProj);
System.out.println("cveIdList:" + cveIdList);
List statCveThreList = null;
statCveThreList = statCVEThreService.listStatCVEThreByCVEIdScale(cveIdList);
request.setAttribute("statCveThreList", statCveThreList);
System.out.println(statCveThreList.size());
// 返回所有静态脆弱点类别列表
List statVulnKindList = statVulnKindService.listAllStatVulnKinds();
request.setAttribute("statVulnKindList", statVulnKindList);
List dicSecuLeveList = dicSecuLeveService.findAll();
request.setAttribute("dicSecuLeveList", dicSecuLeveList);
// 返回所有动态脆弱点列表
List dynaVulnList = vulnAnalService.listDynaVulnPoint(asseInfoProj.getId().toString());
request.setAttribute("dynaVulnList", dynaVulnList);
// 返回漏洞扫描发现的IP列表
List ipList = leakScanService.listIP(asseInfoProj);
System.out.println("ipList.size:" + ipList.size());
request.setAttribute("ipList", ipList);
// 返回漏洞威胁列表
String ip = request.getParameter("ip");
List<AsseInfoAsse> asseInfo = null;
if (ip == null) {
ip = (String) request.getAttribute("ip");
}
if (ip != null && !"".equals(ip)) {
request.setAttribute("ipAddress", ip);
asseInfo = assetService.findByIP(ip);
}
int currPage1 = 1;
Double totalPage1 = 0d;
int totalNum1 = 0;
int startResult1 = 0;
int maxResult1 = 5;
// 分页定义的相关的基本信息
String cp1 =
(request.getParameter("currPage1") == null) ? "1" : request.getParameter("currPage1");
if (cp1 != null && !cp1.equals("")) {
currPage1 = Integer.parseInt(cp1);
}
startResult1 = (currPage1 - 1) * maxResult1;
if (startResult1 < 0) {
startResult1 = 0;
}
// 数据相关的基本信息
List<AsseKnowDynaLeakThre> leakThreList = new ArrayList<AsseKnowDynaLeakThre>();
leakThreList =
dynaLeakThreService.listDynaLeak(startResult1, maxResult1, asseInfoProj, asseInfo);
// 分页定义的相关的基本信息
totalNum1 = dynaLeakThreService.getCount(asseInfoProj, asseInfo);
totalPage1 = Math.ceil((double) totalNum1 / maxResult1);
if (totalPage1 > 0 && currPage1 <= 0) {
currPage1 = 1;
}
request.getSession().setAttribute("leakThreList", leakThreList);
request.setAttribute("currPage1", currPage1);
request.setAttribute("totalPage1", totalPage1.intValue());
} catch (Exception e) {
logger.debug("风险评估--脆弱性威胁关联--访问出错啦!");
e.printStackTrace();
}
return mapping.findForward("dynaVuln");
}