//- Copyright (c) 2017 Chandan B N. All rights reserved. //- Extends default document editor for CVE extends ../../views/edit block append bannerItemsLeft //-form.indent.out.nobr(onsubmit="event.preventDefault();loadCVE(this.git.value);return false;") input.txt(type="text",name="git",placeholder="CVE-YYYY-NNNN",pattern=".*CVE-[0-9]{4}-[0-9]{4,12}.*",size=17,title="CVE ID CVE-yyyy-nnnn+",required) button.btn.vgi-in(type="submit") GIT button.fbn.sfe.vgi-put(id="post1") Post to CVE.org //-a.vgi-tweet.fbn(type="button",oncontextmenu='tweetJSON(event, this);',onclick='tweetJSON(event, this);',value="Download",target="_blank",title="Share a tweet about this CVE") Tweet //-a.vgi-download.fbn(type="button",oncontextmenu='saveCSAF(event, this);',onclick='saveCSAF(event, this);',target="_blank",title="Download CSAF") CSAF block append scripts script(type="module") | import {CVSS40} from './static/cvss40.js'; | window.CVSS40 = CVSS40; script include cve.js //include csaf.js include portal.js - var compileScript = pugLib.compileFileClient('custom/cve5/cvelist.pug', {name: "cveRender", basedir: '', compileDebug: false,inlineRuntimeFunctions: true}) script !{compileScript} block prepend loadEditor script include preload.js block append loadEditor script include postload.js block prepend topHeaderRight block openButton input#importJSON.hid(type="file",accept="application/json",onchange="loadCVEFile(event,this);") a.fbn.vgi-folder(type="file",onclick='importFile(event, this);') Open block prepend bannerItemsRight block bannerItemsRightLoad form.indent.out.nobr(onsubmit="cveSelectLoad(event);return false;") input.txt.lbl#cveEditable(type="search",name="id",list="editablelist",placeholder="CVE-yyyy-nnnn..",title="Load CVE for editing",required) datalist#editablelist button.btn.vgi-in(type="submit") Load block customtabs input.tab(name='tabs', type='radio', id='advisoryTab', value="4") label.lbl(for='advisoryTab') Preview .wht.fil.bor.pad div(style='float:right') a.vgi-download.btn.right(type="button",oncontextmenu='downloadHtml(document.getElementById("cvetitle").innerText, render, this);',onclick='downloadHtml(document.getElementById("cvetitle").innerText, render, this);',value="Download") Download a.vgi-mail.btn.right(type="button",oncontextmenu='draftEmail(event, this, "render");',onclick='draftEmail(event, this,"render");',value="Email") Email div.render(id="render") input.tab(name='tabs', type='radio', id='cvePortalTab', value="6") label.lbl(for='cvePortalTab') CVE Portal .wht.fil.rnd.bor#port block prepend content dialog.dlg.bor.rnd.shd#cveErrorsModal #cveErrors center.pad2 input.btn.sfe(type="reset" onclick="document.getElementById('cveErrorsModal').close()" value="OK") +showSecret +userAddDialog +userEditDialog mixin userAddDialog dialog.dlg.bor.rnd.shd#userAddDialog +dlgHeader('vgi-user','Add a new user') form.gap(onsubmit="event.preventDefault();cveAddUser(this)") +userEdit('Add user') mixin userEditDialog dialog.dlg.bor.rnd.shd#userEditDialog +dlgHeader('vgi-user','Update user details') form#userEditForm.gap(onsubmit="event.preventDefault();cveUpdateUser(this)") +userEdit('Update') mixin userEdit(label) input.txt(type="hidden" name="u") input.txt(name="new_username" "pattern"="[a-zA-Z0-9-_@.]{3,50}" required=true placeholder="username/email" size="43" title="username - only alpha-numeric and . _ - @ are allowed (min 3 characters)") br input.txt(name="first" "pattern"=".{1,64}" required=true placeholder="First name" title="First Name") input.txt(name="last" "pattern"=".{1,64}" required=true placeholder="Last name" title="Last Name") div br - var idName = "cveUserAdmin"+label[0]; input(id=idName type="checkbox" name="admin") label.vgi-king.lbl(for=idName title="Is this an admin?") Admin if label input.lbl(id = idName + 'Active', type="checkbox" name="active" checked) label.lbl(for=idName + 'Active', title="Is the account active?") Active br input.gap.sfe.btn.vgi-magic(type="submit" value=label) if label | button.gap.btn.vgi-reuse(onclick="cveUserKeyReset(this)") Reset API Key mixin showSecret dialog.dlg.bor.rnd.shd#secretDialog +dlgHeader('vgi-lock','IMPORTANT! New API Secret Key generated!') center.gap form#secretDialogForm(onsubmit="event.preventDefault();this.reset();this.closest('dialog').close();return false") h3.vgi-alert#userMessage p Please securely store this API key. br | This key will not be shown again! b.lbl API Secret Key br input.txt.bor(type="password" size=39 name="pass" readonly) input#showpass(name="showpass" type="checkbox" onclick="this.form.pass.type = (this.form.pass.type === 'password'? 'text' : 'password')") label.vgi-eye.lbl.sbn(for="showpass") center.gap input.btn.sfe(type="reset" onclick="this.closest('dialog').close()" value="OK") mixin dlgHeader(icon, msg) header.ban.sec.pad b.lbl(class=icon)=msg | a.sbn.right.vgi-fail(onclick="this.closest('dialog').close()")