你好,我是一个半自学的学生,希望提高自己的技能,并使用不同的API在Python上编写了几对脚本。我想在某个时候将此脚本用作我的一个较大项目中的模块。我的想法是将此脚本转换为更具面向对象的程序类型的程序设计。与类和函数可能从另一个文件调用。我开始创建类和函数,但是我不认为我以正确的方式来做我现在在所有印刷品上的工作,并且不知道如何以正确的方式将脚本转换为OOP,任何技巧或任何可以指导的内容我会以正确的方式做一些工作,这是我开始转换为OOP的第一步。
该脚本可以正常工作,它基本上会问一个问题,并根据用户的输入,它会构建url以向Vulners网站发出请求,然后遍历嵌套字典并打印出我感兴趣的键和值看到,它也将数据本地保存到一个json文件中,暂时还没有真正有用。任何提示都很好理解!
class vulnersApi(object):
def type_of_search(self, software, bulletin, inp):
self.bulletin = software
self.collection = bulletin
self.inp = inp
while inp != "software" and inp!= "bulletin":
inp = input("You must choose your type of research(software or bulletin: ")
if inp != "software" and inp != "bulletin":
return "You must choose your type of research"
def search_software(self, myqueryName, sortedHow, numberResults, numberSkipped):
self.myqueryName = myqueryName
self.sortedHow = sortedHow
self.numberResults = numberResults
self.numberSkipped = numberSkipped
if self.inp == "software":
myqueryName = input("What would you like to search? ")
sortedHow = input("How should we sort the results? (published, cvss.score) ")
sortedHow = input("How should we sort the results? (published, cvss.score) ")
numberSkipped = input("How many results do you want to skip? ")
new_url = "{}?query=affectedSoftware.name%3A{}&sort={}&size={}&skip={}".format(URL, myqueryName, sortedHow, numberResults, numberSkipped)
def search_bulletin(self, typeSearch, sortedHow, numberResults, numberSkipped):
self.typeSearch = typeSearch
self.sortedHow = sortedHow
self.numberResults = numberResults
self.numberSkipped = numberSkipped
if self.inp == "bulletin":
typeSearch = input("Which db you want the info from? (cve, exploitdb, osvdb, openvas, securityvulns, nessus, metasploit, centos, malwarebytes, symantec, etc...) ")
sortedHow = input("How should we sort the results? (published, cvss.score) ")
numberResults = input("How many results? ")
numberSkipped = input("How many results do you want to skip? ")
new_url = "{}?query=type%3A{}&sort={}&size={}&skip={}".format(URL, typeSearch, sortedHow, numberResults, numberSkipped)
def url_request(self):
response = requests.get(new_url)
response.raise_for_status()
json_string = json.dumps(response.text)
mydata = json.loads(response.text)
脚本在下面
# base url
URL =“ https://vulners.com/api/v3/search/lucene/”
# choose between 2 types of research
inp = ""
while inp != "software" and inp != "bulletin" and inp !="collection":
inp = input("You must chose your type of research(software or bulletin): ")
if inp != "software" and inp != "bulletin" and inp !="collection":
print("you must chose your type of research")
print("-"*30)
# if chosed software heres the questions asked to build the full url
if inp == "software":
myqueryName = input("What would you like to search? ")
sortedHow = input("How should we sort the results? (published, cvss.score) ")
numberResults = input("How many results? ")
numberSkipped = input("How many results do you want to skip? ")
new_url = "{}?query=affectedSoftware.name%3A{}&sort={}&size={}&skip={}".format(URL, myqueryName, sortedHow, numberResults, numberSkipped)
# if chosed bulletin heres the questions asked to build the full url
if inp == "bulletin":
typeSearch = input("Which db you want the info from? (cve, exploitdb, osvdb, openvas, securityvulns, nessus, metasploit, centos, malwarebytes, symantec, etc...) ")
sortedHow = input("How should we sort the results? (published, cvss.score) ")
numberResults = input("How many results? ")
numberSkipped = input("How many results do you want to skip? ")
new_url = "{}?query=type%3A{}&sort={}&size={}&skip={}".format(URL, typeSearch, sortedHow, numberResults, numberSkipped)
# making the request and converting the json
resp = requests.get(new_url)
resp.raise_for_status()
json_string=json.dumps(resp.text)
mydata=json.loads(resp.text)
# to see the url
print(resp.url)
print("-"*30)
# loop to go through nested dictionnary returned by the requests
mydata2 = mydata['data']
for mydata3 in mydata2['search']:
# mydata4 = mydata3['_source']
# mydata5 = mydata3['highlight']
for mydata4 in mydata['data']:
print("Title: {}".format(mydata3['_source']['title']))
print("Index: {}".format(mydata3['_index']))
print("Type: {}".format(mydata3['_type']))
print("Id: {}".format(mydata3['_id']))
print("Type: {}".format(mydata3['_source']['type']))
print("Cvss: {}".format(mydata3['_source']['cvss']))
print("Flat description: {}".format(mydata3['flatDescription']))
print("Bulletin family: {}".format(mydata3['_source']['bulletinFamily']))
print("Description: {}".format(mydata3['_source']['description']))
print("Vhref: {}".format(mydata3['_source']['vhref']))
print("Href: {}".format(mydata3['_source']['href']))
print("Id: {}".format(mydata3['_source']['id']))
print("Lastseen: {}".format(mydata3['_source']['lastseen']))
print("Modified: {}".format(mydata3['_source']['modified']))
print("Published: {}".format(mydata3['_source']['published']))
print("-"*30)
# saving the data locally inside a json file
with open('testfile2.json', 'w') as fd:
print(json.dump(resp.text, fd, indent=2))
fd.write(resp.text)
答案 0 :(得分:1)
我想在某个时候将此脚本用作我的一个较大项目中的模块。我的想法是将此脚本转换为更具面向对象的程序类型的程序设计。具有可能从其他文件调用的类和函数。
首先要注意一些事情:
我可以重构您的代码:
import requests
import json
class VulnersResult:
def __init__(self, json_data):
self.title = json_data['_source']['title']
self.type = json_data['_type']
self.id = json_data['_id']
self.source_type = json_data['_source']['type']
self.cvss = json_data['_source']['cvss']
self.flat_description = json_data['flatDescription']
self.bulletin_family = json_data['_source']['bulletinFamily']
self.description = json_data['_source']['description']
self.vhref = json_data['_source']['vhref']
self.href = json_data['_source']['href']
self.source_id = json_data['_source']['id']
self.lastseen = json_data['_source']['lastseen']
self.modified = json_data['_source']['modified']
self.published = json_data['_source']['published']
def __str__(self):
lines = ["Title: {}".format(self.title),
"Type: {}".format(self.type),
"Id: {}".format(self.id),
"Type: {}".format(self.source_type),
"Cvss: {}".format(self.cvss),
"Flat description: {}".format(self.flat_description),
"Bulletin family: {}".format(self.bulletin_family),
"Description: {}".format(self.description),
"Vhref: {}".format(self.vhref),
"Href: {}".format(self.href),
"Id: {}".format(self.source_id),
"Lastseen: {}".format(self.lastseen),
"Modified: {}".format(self.modified),
"Published: {}".format(self.published)]
return "\n".join(lines)
class VulnersAPI:
BASE_URL = "https://vulners.com/api/v3/search/lucene/"
def __init__(self, research_type, query, sorted_by, results_count, skip_count):
if research_type == "software":
self.query_url = "{}?query=affectedSoftware.name%3A{}&sort={}&size={}&skip={}".format(self.BASE_URL, query, sorted_by, results_count, skip_count)
elif research_type == "bulletin":
self.query_url = "{}?query=type%3A{}&sort={}&size={}&skip={}".format(self.BASE_URL, query, sorted_by, results_count, skip_count)
else:
raise RuntimeError("{} is not a valid research type. research_type must be 'software' or 'bulletin'".format(research_type))
response = requests.get(self.query_url)
response.raise_for_status()
self.raw_data = response.json()
self.results = [VulnersResult(data) for data in self.raw_data['data']['search']]
def result_text(self):
return ("\n"+("-"*30)+"\n").join([str(result) for result in self.results])
if __name__ == "__main__":
# choose between 2 types of research
inp = ""
while inp != "software" and inp != "bulletin" and inp !="collection":
inp = input("You must chose your type of research(software or bulletin): ")
if inp != "software" and inp != "bulletin" and inp !="collection":
print("you must chose your type of research")
print("-"*30)
if inp == "software":
# if "software" was chosen, ask these additional questions
query = input("What would you like to search? ")
sorted_by = input("How should we sort the results? (published, cvss.score) ")
results_count = input("How many results? ")
skip_count = input("How many results do you want to skip? ")
api = VulnersAPI("software", query, sorted_by, results_count, skip_count)
if inp == "bulletin":
# if "bulletin" was chosen, ask these additional questions
query = input("Which db you want the info from? (cve, exploitdb, osvdb, openvas, securityvulns, nessus, metasploit, centos, malwarebytes, symantec, etc...) ")
sorted_by = input("How should we sort the results? (published, cvss.score) ")
results_count = input("How many results? ")
skip_count = input("How many results do you want to skip? ")
api = VulnersAPI("software", query, sorted_by, results_count, skip_count)
print()
with open('testfile2.json', 'w') as fd:
json.dump(api.raw_data, fd)
print(api.result_text())
第一步是将处理用户输入的所有代码抽象化,以使该库与各种用例兼容。第二步是考虑应得其职的不同实体。我选择了VulnersResult和VulnersAPI,因为我认为将它们作为单独的实体是有意义的,并且因为您以后可以添加有趣的功能。 (类似于to_table_row()的{{1}}或is_affecting_my_system()和VulnersResult的{{1}}或filter_by_type()的事物)。在第三步中,您必须确定每个类应具有的属性。属性应该是在多个函数中使用的变量,或者是类用户应有权访问的变量。例如,我没有添加sort_by_lastseen()或VulnersAPI作为search_type的属性,因为它们仅用于生成url,但是如果有人使用这些值,则应将其存储作为属性。
要像现在一样使用python脚本并向库用户提供示例代码,我在query之后添加了原始代码来处理用户输入。直接启动脚本时,它将像现在一样要求用户输入,但是在导入脚本时,脚本将忽略最后一部分,而仅导入VulnersAPI和if __name__ == "__main__"的定义。
我希望这个示例以及实现该目标的步骤对您有所帮助,并使您能够解决自己的大问题:)
最后,这是我认为每个python程序员都应该阅读的一些资源
,如果您使用最新版本的python进行编程,则可以使用f-strings使字符串格式更好。