Import/Export of vendors/products a user is subscribed

[dagobertdebug]

Is your feature request related to a problem? Problem 1: We know that things can go wrong and some must install from scratch. Exporting and importing of all users including their subscriptions would be a great feature for disaster recovery and business continuity.

Problem 2: I'd like to give people in my organization pre-configured accounts with "their" products already subscribed. Having a fast way to import/export a "template" would be a great feature.

Do you have a solution in mind, or a suggestion to improve OpenCVE? In OpenCVE Admin page all vendors and products a user has subscribed are listed. Maybe it might be a great function to add import/export there.

Additional comment Many thanks for that great tool. If any other solution to the mentioned problems are known I would be very happy to hear about.

[ncrocfer]

I don't think the solution for your Problem 1 has to be developed in OpenCVE. You have to regularly backup your PG database yourself, and if one day you have to reinstall OpenCVE from scratch with your data you will simply restore your dump.

For problem 2 we'll work on a Governance feature, with organizations and members. An organization will be composed of team, and maybe subscriptions could be handled by team (so every members of a team will inherit from team subscriptions).

[dagobertdebug]

Hi

1) agreed :)

2) Would be a great feature. In the meantime, could you please provide me a way how to do that "dirty", like by directly adding vendors and products to a user in the database? Thanks!!

[dagobertdebug]

Related https://github.com/opencve/opencve/issues/96

[dagobertdebug]

Hi,

could you please help me with guidance on how to manually importing vendors and products directly within the database to an existing user (if that makes sense at all)? Reason behind: it is much faster than doing it with the gui for a pre-defined set of vendors and products for several users.

Thank you!

[ncrocfer]

You can check the database schema and execute your SQL query diretly (you asked dirty right? ^^), as you will see the main tables to insert data will be users_vendors and users_products. Just retrieve the UUID of your users and the UUID of the wanted vendors/products and INSERT the rows in these 2 tables.

Or you can use the flask shell(the app is opencve.app:app), something like:

>>> from opencve.models.vendors import Vendor
>>> vendor = Vendor.query.filter_by(name="cisco").first()
>>> from opencve.models.users import User
>>> user = User.query.filter_by(username="john").first()
>>> vendor.users.append(user)
>>> from opencve.extensions import db
>>> db.session.commit()

This is dirty, but it works :)