Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Change plugins enabling in report flow to checkboxes #3747

Open
wants to merge 13 commits into
base: main
Choose a base branch
from
Open

Change plugins enabling in report flow to checkboxes #3747

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
13 commits
Select commit Hold shift + click to select a range
0ddb769
change plugins to checkboxes
noamblitz Oct 28, 2024
9c7503b
lang update
noamblitz Oct 28, 2024
55e76da
Update rocky/reports/views/aggregate_report.py
noamblitz Oct 29, 2024
32fe327
update generate_report.py
noamblitz Oct 29, 2024
0cfb16a
Merge branch 'main' into fix/report-flow-plugins
noamblitz Oct 29, 2024
8803173
Merge branch 'main' into fix/report-flow-plugins
stephanie0x00 Oct 30, 2024
c06d271
Merge branch 'main' into fix/report-flow-plugins
underdarknl Oct 30, 2024
74327ea
check for permissions
noamblitz Nov 12, 2024
b80fde3
Merge branch 'main' into fix/report-flow-plugins
noamblitz Nov 12, 2024
43edb75
make lang
noamblitz Nov 12, 2024
9b9f04b
Merge branch 'fix/report-flow-plugins' of https://github.com/minvws/n…
noamblitz Nov 12, 2024
eb13517
permission checking for aggregate report
noamblitz Nov 12, 2024
7ed66fd
make lang
noamblitz Nov 12, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion rocky/reports/templates/forms/report_form_fields.html
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@
{% endfor %}
{% endif %}
{% for required_optional_plugin, plugins_ in plugins.items %}
{% for plugin in plugins_ %}<input type="hidden" name="plugin" value="{{ plugin.id }}">{% endfor %}
{% for plugin in plugins_ %}<input type="hidden" name="all_plugins" value="{{ plugin.id }}">{% endfor %}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just to be sure: The views still seem to refer to the plugin query parameter, so I'm unsure if this change works. Regardless, I think plugins as a query parameter list would've been a better name

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah weird right. It seems that this variable is and was not used... But I'm afraid to delete it.

{% endfor %}
{% if request.POST.choose_recurrence %}
<input type="hidden"
Expand Down
6 changes: 3 additions & 3 deletions rocky/reports/templates/partials/report_setup_scan.html
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -52,7 +52,7 @@ <h3>{% translate "Required plugins" %}</h3>
</div>
<div class="column-4 tiles plugins images-cover">
{% for required_plugin in plugins.required|dictsort:"enabled" %}
{% include "partials/plugin_tile.html" with plugin=required_plugin plugin_report_types=plugin_data.plugin_report_types show_report_types="yes" plugin_report_types=plugin_data.plugin_report_types %}
{% include "partials/plugin_tile.html" with form_id="continue-to-configuration" plugin_report_types=plugin_data.plugin_report_types show_report_types="yes" plugin=required_plugin remove_action_buttons="yes" add_checkbox="yes" checked="yes" %}

{% endfor %}
</div>
Expand All @@ -76,7 +76,7 @@ <h3>{% translate "Suggested plugins" %}</h3>
</div>
<div class="column-4 tiles plugins images-cover">
{% for optional_plugin in plugins.optional|dictsort:"enabled" %}
{% include "partials/plugin_tile.html" with plugin=optional_plugin form_id="continue-to-configurationt" show_report_types="yes" plugin_report_types=plugin_data.plugin_report_types %}
{% include "partials/plugin_tile.html" with form_id="continue-to-configuration" plugin_report_types=plugin_data.plugin_report_types show_report_types="yes" plugin=optional_plugin remove_action_buttons="yes" add_checkbox="yes" %}

{% endfor %}
</div>
Expand All @@ -98,7 +98,7 @@ <h3>{% translate "Suggested plugins" %}</h3>
{% include "forms/report_form_fields.html" %}

<button type="submit">
{% translate "Continue" %}<span class="icon ti-chevron-right"></span>
{% translate "Enable plugins and continue" %}<span class="icon ti-chevron-right"></span>
</button>
</form>
{% else %}
Expand Down
25 changes: 25 additions & 0 deletions rocky/reports/views/aggregate_report.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,10 +1,13 @@
from typing import Any

from django.contrib import messages
from django.http import HttpRequest, HttpResponse
from django.shortcuts import redirect
from django.urls import reverse
from django.utils.translation import gettext_lazy as _
from django.views.generic import TemplateView
from httpx import HTTPError
from katalogus.client import get_katalogus

from reports.report_types.aggregate_organisation_report.report import AggregateOrganisationReport
from reports.views.base import (
Expand Down Expand Up @@ -107,6 +110,28 @@ class ExportSetupAggregateReportView(
current_step = 4
report_type = AggregateOrganisationReport

def post(self, request, *args, **kwargs):
selected_plugins = request.POST.getlist("plugin", [])

if not selected_plugins:
return super().post(request, *args, **kwargs)

if not self.organization_member.has_perms("tools.can_enable_disable_boefje"):
messages.error(request, _("You do not have the required permissions to enable plugins."))
super().post(request, *args, **kwargs)

client = get_katalogus(self.organization.code)
for selected_plugin in selected_plugins:
try:
client.enable_boefje_by_id(selected_plugin)
except HTTPError:
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I hate that we bubble up the http errors from the client to here. Lets move that away asap, the katalogusclient already has some localized exceptions for other issues.

messages.error(
request,
_("An error occurred while enabling {}. The plugin is not available.").format(selected_plugin),
)
return self.post(request, *args, **kwargs)
return super().post(request, *args, **kwargs)


class SaveAggregateReportView(SaveAggregateReportMixin, BreadcrumbsAggregateReportView, SaveReportView):
"""
Expand Down
25 changes: 25 additions & 0 deletions rocky/reports/views/generate_report.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,10 +1,13 @@
from typing import Any

from django.contrib import messages
from django.http import HttpRequest, HttpResponse
from django.shortcuts import redirect
from django.urls import reverse
from django.utils.translation import gettext_lazy as _
from django.views.generic import TemplateView
from httpx import HTTPError
from katalogus.client import get_katalogus

from reports.views.base import (
REPORTS_PRE_SELECTION,
Expand Down Expand Up @@ -100,6 +103,28 @@ class ExportSetupGenerateReportView(GenerateReportStepsMixin, BreadcrumbsGenerat
breadcrumbs_step = 6
current_step = 4

def post(self, request, *args, **kwargs):
selected_plugins = request.POST.getlist("plugin", [])

if not selected_plugins:
return super().post(request, *args, **kwargs)

if not self.organization_member.has_perms("tools.can_enable_disable_boefje"):
messages.error(request, _("You do not have the required permissions to enable plugins."))
super().post(request, *args, **kwargs)

client = get_katalogus(self.organization.code)
for selected_plugin in selected_plugins:
try:
client.enable_boefje_by_id(selected_plugin)
underdarknl marked this conversation as resolved.
Show resolved Hide resolved
except HTTPError:
messages.error(
request,
_("An error occurred while enabling {}. The plugin is not available.").format(selected_plugin),
)
return self.post(request, *args, **kwargs)
return super().post(request, *args, **kwargs)


class SaveGenerateReportView(SaveGenerateReportMixin, BreadcrumbsGenerateReportView, SaveReportView):
"""
Expand Down
14 changes: 11 additions & 3 deletions rocky/rocky/locale/django.pot
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2024-11-11 15:02+0000\n"
"POT-Creation-Date: 2024-11-12 10:48+0000\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <[email protected]>\n"
Expand Down Expand Up @@ -1599,7 +1599,6 @@ msgstr ""
#: onboarding/templates/account/step_2a_organization_update.html
#: onboarding/templates/account/step_2b_indemnification_setup.html
#: onboarding/templates/step_3d_clearance_level_introduction.html
#: reports/templates/partials/report_setup_scan.html
msgid "Continue"
msgstr ""

Expand Down Expand Up @@ -2365,7 +2364,8 @@ msgstr ""
msgid "Please select all required plugins to proceed."
msgstr ""

#: onboarding/views.py
#: onboarding/views.py reports/views/aggregate_report.py
#: reports/views/generate_report.py
msgid "An error occurred while enabling {}. The plugin is not available."
msgstr ""

Expand Down Expand Up @@ -4030,6 +4030,10 @@ msgstr ""
msgid "There are no optional plugins."
msgstr ""

#: reports/templates/partials/report_setup_scan.html
msgid "Enable plugins and continue"
msgstr ""

#: reports/templates/partials/report_severity_totals.html
#: reports/templates/partials/report_severity_totals_table.html
msgid "Findings overview"
Expand Down Expand Up @@ -4349,6 +4353,10 @@ msgstr ""
msgid "Save report"
msgstr ""

#: reports/views/aggregate_report.py reports/views/generate_report.py
msgid "You do not have the required permissions to enable plugins."
msgstr ""

#: reports/views/base.py
msgid "Select at least one OOI to proceed."
msgstr ""
Expand Down