Adding vulnerability assignments via API results in AttributeError
Littlericket opened this issue · 1 comments
Littlericket commented
Adding a vulnerability to a (for example virtualization.virtualmachine) via API returns a AttributeError.
As far as I understand, adding vulnerabilities to objects via API requires the following body on /api/plugins/nb_risk/vulnerabilityassignment/:
(
[asset_object_type] => virtualization.virtualmachine
[asset_object_id] => 1848
[vulnerability] => CentOS 7 : zlib (CESA-2023:1095)
)
This fails with
(
[error] => 'dict' object has no attribute '_state'
[exception] => AttributeError
[netbox_version] => 3.6.1
[python_version] => 3.11.4
)
Exception Type: AttributeError at /api/plugins/nb_risk/vulnerabilityassignment/
Exception Value: 'dict' object has no attribute '_state'
Raised during: nb_risk.api.views.VulnerabilityAssignmentViewSet
Traceback (most recent call last):
File "/opt/netbox/venv/lib/python3.11/site-packages/django/core/handlers/exception.py", line 55, in inner
response = get_response(request)
^^^^^^^^^^^^^^^^^^^^^
File "/opt/netbox/venv/lib/python3.11/site-packages/django/core/handlers/base.py", line 197, in _get_response
response = wrapped_callback(request, *callback_args, **callback_kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/opt/netbox/venv/lib/python3.11/site-packages/django/views/decorators/csrf.py", line 56, in wrapper_view
return view_func(*args, **kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/opt/netbox/venv/lib/python3.11/site-packages/rest_framework/viewsets.py", line 125, in view
return self.dispatch(request, *args, **kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/opt/netbox/netbox/netbox/api/viewsets/__init__.py", line 91, in dispatch
return super().dispatch(request, *args, **kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/opt/netbox/venv/lib/python3.11/site-packages/rest_framework/views.py", line 509, in dispatch
response = self.handle_exception(exc)
^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/opt/netbox/venv/lib/python3.11/site-packages/rest_framework/views.py", line 469, in handle_exception
self.raise_uncaught_exception(exc)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/opt/netbox/venv/lib/python3.11/site-packages/rest_framework/views.py", line 480, in raise_uncaught_exception
raise exc
^^^^^^^^^
File "/opt/netbox/venv/lib/python3.11/site-packages/rest_framework/views.py", line 506, in dispatch
response = handler(request, *args, **kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/opt/netbox/venv/lib/python3.11/site-packages/rest_framework/mixins.py", line 18, in create
serializer.is_valid(raise_exception=True)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/opt/netbox/venv/lib/python3.11/site-packages/rest_framework/serializers.py", line 227, in is_valid
self._validated_data = self.run_validation(self.initial_data)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/opt/netbox/venv/lib/python3.11/site-packages/rest_framework/serializers.py", line 429, in run_validation
value = self.validate(value)
^^^^^^^^^^^^^^^^^^^^
File "/opt/netbox/netbox/netbox/api/serializers/base.py", line 39, in validate
instance = self.Meta.model(**attrs)
^^^^^^^^^^^^^^^^^^^^^^^^
File "/opt/netbox/venv/lib/python3.11/site-packages/django/db/models/base.py", line 564, in __init__
_setattr(self, prop, value)
^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/opt/netbox/venv/lib/python3.11/site-packages/django/contrib/contenttypes/fields.py", line 263, in __set__
ct = self.get_content_type(obj=value)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/opt/netbox/venv/lib/python3.11/site-packages/django/contrib/contenttypes/fields.py", line 168, in get_content_type
return ContentType.objects.db_manager(obj._state.db).get_for_model(
^^^^^^^^^^
I've also tried setting vulnerability to the ID of the given vulnerability, but this returns
(
[vulnerability] => Array
(
[0] => Object with name=4 does not exist.
)
)
I could'nt find any documentation on how to use the plugin with the api (/api/plugins/nb_risk/vulnerabilityassignment/ is empty), so i guess this is an error.
renatoalmeidaoliveira commented
@Littlericket Fixed please upgrade to 35.1.2