adminmpmcz/patchcenter
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 2 Wiki Activity

fix(qualys): repasse en API 3.0 (5.0 ne supporte pas l objet hostasset, INVALID_API_VERSION). 12+3+1 endpoints qps/rest revenus en 3.0

Browse Source
This commit is contained in:
Pierre & Lumière 2026-05-05 16:48:59 +02:00
parent 5c402e5b63
commit cadef89c50
3 changed files with 16 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
app/services/qualys_service.py
View File

@ -60,7 +60,7 @@ def search_assets_api(db, query, field="name", operator="CONTAINS", force_refres
"</ServiceRequest>"
)
r = requests.post(
f"{qualys_url}/qps/rest/5.0/search/am/hostasset",
f"{qualys_url}/qps/rest/3.0/search/am/hostasset",
data=xml_body,
auth=(qualys_user, qualys_pass),
verify=False, timeout=60, proxies=proxies,
@ -98,7 +98,7 @@ def get_all_tags_api(db):
try:
r = requests.post(
f"{qualys_url}/qps/rest/5.0/search/am/tag",
f"{qualys_url}/qps/rest/3.0/search/am/tag",
json={"ServiceRequest": {"preferences": {"limitResults": 1000}}},
auth=(qualys_user, qualys_pass),
verify=False, timeout=60, proxies=proxies,
@ -169,7 +169,7 @@ def create_tag_api(db, tag_name):
proxies = {"https": qualys_proxy, "http": qualys_proxy} if qualys_proxy else None
try:
r = requests.post(
f"{qualys_url}/qps/rest/5.0/create/am/tag",
f"{qualys_url}/qps/rest/3.0/create/am/tag",
json={"ServiceRequest": {"data": {"Tag": {"name": tag_name}}}},
auth=(qualys_user, qualys_pass), verify=False, timeout=30, proxies=proxies,
headers={"Content-Type": "application/json"})
@ -195,7 +195,7 @@ def delete_tag_api(db, qualys_tag_id):
proxies = {"https": qualys_proxy, "http": qualys_proxy} if qualys_proxy else None
try:
r = requests.post(
f"{qualys_url}/qps/rest/5.0/delete/am/tag/{qualys_tag_id}",
f"{qualys_url}/qps/rest/3.0/delete/am/tag/{qualys_tag_id}",
auth=(qualys_user, qualys_pass), verify=False, timeout=30, proxies=proxies,
headers={"Content-Type": "application/json"})
if r.status_code == 200 and "SUCCESS" in r.text:
@ -216,7 +216,7 @@ def add_tag_to_asset_api(db, asset_id, tag_id):
proxies = {"https": qualys_proxy, "http": qualys_proxy} if qualys_proxy else None
try:
r = requests.post(
f"{qualys_url}/qps/rest/5.0/update/am/hostasset/{asset_id}",
f"{qualys_url}/qps/rest/3.0/update/am/hostasset/{asset_id}",
json={"ServiceRequest": {"data": {"HostAsset": {"tags": {"add": {"TagSimple": {"id": tag_id}}}}}}},
auth=(qualys_user, qualys_pass), verify=False, timeout=30, proxies=proxies,
headers={"Content-Type": "application/json"})
@ -240,7 +240,7 @@ def remove_tag_from_asset_api(db, asset_id, tag_id):
proxies = {"https": qualys_proxy, "http": qualys_proxy} if qualys_proxy else None
try:
r = requests.post(
f"{qualys_url}/qps/rest/5.0/update/am/hostasset/{asset_id}",
f"{qualys_url}/qps/rest/3.0/update/am/hostasset/{asset_id}",
json={"ServiceRequest": {"data": {"HostAsset": {"tags": {"remove": {"TagSimple": {"id": tag_id}}}}}}},
auth=(qualys_user, qualys_pass), verify=False, timeout=30, proxies=proxies,
headers={"Content-Type": "application/json"})
@ -300,7 +300,7 @@ def sync_server_qualys(db, server_id):
# Recuperer l'asset complet avec tags
try:
r = requests.post(
f"{qualys_url}/qps/rest/5.0/search/am/hostasset",
f"{qualys_url}/qps/rest/3.0/search/am/hostasset",
json={"ServiceRequest": {
"filters": {"Criteria": [
{"field": "id", "operator": "EQUALS", "value": str(qid)}
@ -388,7 +388,7 @@ def _find_asset_by_hostname(qualys_url, qualys_user, qualys_pass, hostname, prox
"""Cherche un asset Qualys par hostname"""
try:
r = requests.post(
f"{qualys_url}/qps/rest/5.0/search/am/hostasset",
f"{qualys_url}/qps/rest/3.0/search/am/hostasset",
json={"ServiceRequest": {
"preferences": {"limitResults": 5},
"filters": {"Criteria": [
@ -688,7 +688,7 @@ def _refresh_all_agents_impl(db, mode="diff"):
for attempt in range(3):
try:
r = sess.post(
f"{qualys_url}/qps/rest/5.0/search/am/hostasset",
f"{qualys_url}/qps/rest/3.0/search/am/hostasset",
json=payload, timeout=600)
break
except Exception:
@ -913,7 +913,7 @@ def _fetch_asset_ids_by_tag(db, tag_name):
proxies = {"https": qualys_proxy, "http": qualys_proxy} if qualys_proxy else None
try:
r = requests.post(
f"{qualys_url}/qps/rest/5.0/search/am/hostasset",
f"{qualys_url}/qps/rest/3.0/search/am/hostasset",
json={"ServiceRequest": {
"preferences": {"limitResults": 1000},
"filters": {"Criteria": [
@ -1156,7 +1156,7 @@ def fetch_all_qualys_assets(db, with_progress=False):
"filters": {"Criteria": criteria}}}
try:
r = requests.post(
f"{qualys_url}/qps/rest/5.0/search/am/hostasset",
f"{qualys_url}/qps/rest/3.0/search/am/hostasset",
json=body, auth=(qualys_user, qualys_pass),
verify=False, timeout=180, proxies=proxies,
headers={"Content-Type": "application/json"}
@ -1264,7 +1264,7 @@ def delete_qualys_asset(db, asset_id):
proxies = {"https": qualys_proxy, "http": qualys_proxy} if qualys_proxy else None
try:
r = requests.post(
f"{qualys_url}/qps/rest/5.0/delete/am/hostasset/{int(asset_id)}",
f"{qualys_url}/qps/rest/3.0/delete/am/hostasset/{int(asset_id)}",
auth=(qualys_user, qualys_pass), verify=False, timeout=60, proxies=proxies,
headers={"Content-Type": "application/json"}
)

6
app/services/qualys_tags_service.py
View File

@ -70,7 +70,7 @@ def list_qualys_tags(db):
"""Liste tous les tags Qualys (nom, id, type DYN/STAT, ruleText)."""
# search all tags
payload = {"ServiceRequest": {"preferences": {"limitResults": 1000}}}
r = _qualys_post(db, "/qps/rest/5.0/search/am/tag", payload)
r = _qualys_post(db, "/qps/rest/3.0/search/am/tag", payload)
if not r.get("ok"):
return {"ok": False, "msg": r.get("msg") or f"HTTP {r.get('status')}", "tags": []}
tags = []
@ -175,7 +175,7 @@ def create_static_tag(db, name, color="", description=""):
}
}
}
r = _qualys_post(db, "/qps/rest/5.0/create/am/tag", payload)
r = _qualys_post(db, "/qps/rest/3.0/create/am/tag", payload)
if r.get("ok"):
return {"ok": True, "msg": f"Tag '{name}' cree"}
return {"ok": False, "msg": r.get("msg") or f"HTTP {r.get('status')}: {r.get('text', '')[:200]}"}
@ -183,7 +183,7 @@ def create_static_tag(db, name, color="", description=""):
def delete_tag(db, tag_id):
"""Supprime un tag Qualys par id."""
r = _qualys_post(db, f"/qps/rest/5.0/delete/am/tag/{tag_id}", {})
r = _qualys_post(db, f"/qps/rest/3.0/delete/am/tag/{tag_id}", {})
return {"ok": r.get("ok"), "msg": r.get("msg") or f"HTTP {r.get('status')}"}

2
app/templates/qualys_duplicates.html
View File

@ -45,7 +45,7 @@
<div class="card p-3">
<p class="text-xs text-gray-400 mb-2">
Le plus recent (en haut de chaque groupe) est probablement l'asset actif. Les autres sont des zombies (anciennes installations, ré-IPs, doublons de scan).
Bouton <strong>Supprimer</strong> = appel API Qualys <code>POST /qps/rest/5.0/delete/am/hostasset/{id}</code>.
Bouton <strong>Supprimer</strong> = appel API Qualys <code>POST /qps/rest/3.0/delete/am/hostasset/{id}</code>.
{% if not can_delete %}<br><span class="text-yellow-400">Tu n'as pas la permission edit pour supprimer.</span>{% endif %}
</p>
<table class="w-full text-xs">