API

What is it ?

This folder containes the code that is responsible for the REST API paired with OpenCVE. An API is a set of functions that are usable via API requests.

Info

If you want to learn more about what is an API and REST API, you can check it here

How does it work ?

The init.py file

This file allows us to bind the API functions to API routes in the following way:

# Example
# Import of the functions declared in the API files
from opencve.api.cves import CveListResource, CveResource

api_bp = Blueprint("api", __name__)
api = Api(api_bp)

# Bindings
api.add_resource(CveListResource, "/cve")
api.add_resource(CveResource, "/cve/<string:id>")

The base.py file

This file defines the base functions that are used by the API.

The fields.py file

This file allows us to define the API response field structure in the following way:

# Example
class VendorsListField(fields.Raw):
    """
    Returns a list of vendors.
    """

    def format(self, vendors):
        return sorted([vendor.name for vendor in vendors])

The API object files

Those files allow us to define the functions that allow us to interact with the database objects.

# Example
# Definition of the different fields structure
category_list_fields = {
    "name": fields.String(attribute="name"),
    "human_name": HumanizedNameField(attribute="name"),
}

category_fields = dict(
    category_list_fields,
    **{
        "products": ProductsListField(attribute="products"),
        "vendors": VendorsListField(attribute="vendors"),
    },
)

# Example of function that returns a list of categories
class CategoryListResource(BaseResource):
    @marshal_with(category_list_fields)
    def get(self):
        return CategoryController.list_items(request.args)