Merge pull request #419 from Netflix/rds_sg_index

Auditor will now fix any issues that are not attached to an AuditorSetting
Netflix · Sep 23, 2016 · 0c82202 · 0c82202 · sho3hit · Sep 29, 2016
2 parents cf8324b + ed2872d
commit 0c82202
Show file tree

Hide file tree

Showing 3 changed files with 19 additions and 2 deletions.
diff --git a/security_monkey/auditor.py b/security_monkey/auditor.py
@@ -170,6 +170,10 @@ def save_issues(self):
             existing_issues = list(item.db_item.issues)
             new_issues = item.audit_issues
 
+            for issue in item.db_item.issues:
+                if not issue.auditor_setting:
+                    self._set_auditor_setting_for_issue(issue)
+
             # Add new issues
             old_scored = ["{} -- {} -- {} -- {}".format(
                             old_issue.auditor_setting.auditor_class,

diff --git a/security_monkey/datastore.py b/security_monkey/datastore.py
@@ -443,6 +443,18 @@ def store(self, ctype, region, account, name, active_flag, config, arn=None, new
         """
         item = self._get_item(ctype, region, account, name)
 
+        if arn:
+            duplicate_arns = Item.query.filter(Item.arn == arn).all()
+            for duplicate_item in duplicate_arns:
+                if duplicate_item.id != item.id:
+                    duplicate_item.arn = None
+                    app.logger.info("Moving ARN {arn} from {duplicate} to {item}".format(
+                        arn=arn,
+                        duplicate=duplicate_item.name,
+                        item=item.name
+                    ))
+                    db.session.add(duplicate_item)
+
         if arn:
             item.arn = arn
 
@@ -517,10 +529,12 @@ def _get_item(self, technology, region, account, name):
                 technology_result = Technology(name=technology)
                 db.session.add(technology_result)
                 db.session.commit()
-                #db.session.close()
                 app.logger.info("Creating a new Technology: {} - ID: {}"
                                 .format(technology, technology_result.id))
             item = Item(tech_id=technology_result.id, region=region, account_id=account_result.id, name=name)
+            db.session.add(item)
+            db.session.commit()
+            db.session.refresh(item)
         return item
 
 

diff --git a/security_monkey/reporter.py b/security_monkey/reporter.py
@@ -51,7 +51,6 @@ def run(self, account, interval=None):
         time1 = time.time()
         for monitor in self.get_watchauditors(account, interval):
             app.logger.info("Running {} for {} ({} minutes interval)".format(monitor.watcher.i_am_singular, account, interval))
-            value = monitor.watcher.slurp()
             (items, exception_map) = monitor.watcher.slurp()
             monitor.watcher.find_changes(current=items, exception_map=exception_map)
             items_to_audit = [item for item in monitor.watcher.created_items + monitor.watcher.changed_items]