Skip to content

Commit

Permalink
Merge pull request #10154 from DefectDojo/release/2.34.1
Browse files Browse the repository at this point in the history
Release: Merge release into master from: release/2.34.1
  • Loading branch information
Maffooch authored May 8, 2024
2 parents 9693fa0 + e4716f5 commit 72d1402
Show file tree
Hide file tree
Showing 5 changed files with 42 additions and 16 deletions.
2 changes: 1 addition & 1 deletion components/package.json
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "defectdojo",
"version": "2.34.0",
"version": "2.34.1",
"license" : "BSD-3-Clause",
"private": true,
"dependencies": {
Expand Down
2 changes: 1 addition & 1 deletion dojo/__init__.py
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,6 @@
# Django starts so that shared_task will use this app.
from .celery import app as celery_app # noqa: F401

__version__ = '2.34.0'
__version__ = '2.34.1'
__url__ = 'https://github.com/DefectDojo/django-DefectDojo'
__docs__ = 'https://documentation.defectdojo.com'
14 changes: 9 additions & 5 deletions dojo/reports/views.py
Original file line number Diff line number Diff line change
Expand Up @@ -119,12 +119,13 @@ def post(self, request: HttpRequest) -> HttpResponse:

def _set_state(self, request: HttpRequest):
self.request = request
self.host = report_url_resolver(request)
self.selected_widgets = self.get_selected_widgets(request)
self.widgets = list(self.selected_widgets.values())

def get_selected_widgets(self, request):
selected_widgets = report_widget_factory(json_data=request.POST['json'], request=request, finding_notes=False,
finding_images=False)
selected_widgets = report_widget_factory(json_data=request.POST['json'], request=request, host=self.host,
user=self.request.user, finding_notes=False, finding_images=False)

if options := selected_widgets.get('report-options', None):
self.report_format = options.report_type
Expand All @@ -135,8 +136,9 @@ def get_selected_widgets(self, request):
self.finding_notes = True
self.finding_images = True

return report_widget_factory(json_data=request.POST['json'], request=request, finding_notes=self.finding_notes,
finding_images=self.finding_images)
return report_widget_factory(json_data=request.POST['json'], request=request, host=self.host,
user=request.user, finding_notes=self.finding_notes,
finding_images=self.finding_images)

def get_form(self, request):
return CustomReportJsonForm(request.POST)
Expand All @@ -152,8 +154,10 @@ def get_template(self):
def get_context(self):
return {
"widgets": self.widgets,
"host": self.host,
"finding_notes": self.finding_notes,
"finding_images": self.finding_images, }
"finding_images": self.finding_images,
"user_id": self.request.user.id, }


def report_findings(request):
Expand Down
36 changes: 29 additions & 7 deletions dojo/reports/widgets.py
Original file line number Diff line number Diff line change
Expand Up @@ -247,6 +247,11 @@ class FindingList(Widget):
def __init__(self, *args, **kwargs):
if 'request' in kwargs:
self.request = kwargs.get('request')
if 'user_id' in kwargs:
self.user_id = kwargs.get('user_id')

if 'host' in kwargs:
self.host = kwargs.get('host')

if 'findings' in kwargs:
self.findings = kwargs.get('findings')
Expand Down Expand Up @@ -285,16 +290,20 @@ def __init__(self, *args, **kwargs):
def get_asciidoc(self):
asciidoc = render_to_string("dojo/custom_asciidoc_report_findings.html",
{"findings": self.findings.qs,
"host": self.host,
"include_finding_notes": self.finding_notes,
"include_finding_images": self.finding_images, })
"include_finding_images": self.finding_images,
"user_id": self.user_id})
return mark_safe(asciidoc)

def get_html(self):
html = render_to_string("dojo/custom_html_report_finding_list.html",
{"title": self.title,
"findings": self.findings.qs,
"include_finding_notes": self.finding_notes,
"include_finding_images": self.finding_images, })
"include_finding_images": self.finding_images,
"host": self.host,
"user_id": self.user_id})
return mark_safe(html)

def get_option_form(self):
Expand All @@ -314,6 +323,11 @@ class EndpointList(Widget):
def __init__(self, *args, **kwargs):
if 'request' in kwargs:
self.request = kwargs.get('request')
if 'user_id' in kwargs:
self.user_id = kwargs.get('user_id')

if 'host' in kwargs:
self.host = kwargs.get('host')

if 'endpoints' in kwargs:
self.endpoints = kwargs.get('endpoints')
Expand Down Expand Up @@ -349,14 +363,18 @@ def get_html(self):
{"title": self.title,
"endpoints": self.endpoints.qs,
"include_finding_notes": self.finding_notes,
"include_finding_images": self.finding_images, })
"include_finding_images": self.finding_images,
"host": self.host,
"user_id": self.user_id})
return mark_safe(html)

def get_asciidoc(self):
asciidoc = render_to_string("dojo/custom_asciidoc_report_endpoints.html",
{"endpoints": self.endpoints.qs,
"host": self.host,
"include_finding_notes": self.finding_notes,
"include_finding_images": self.finding_images, })
"include_finding_images": self.finding_images,
"user_id": self.user_id})
return mark_safe(asciidoc)

def get_option_form(self):
Expand All @@ -370,7 +388,8 @@ def get_option_form(self):
return mark_safe(html)


def report_widget_factory(json_data=None, request=None, finding_notes=False, finding_images=False):
def report_widget_factory(json_data=None, request=None, user=None, finding_notes=False, finding_images=False,
host=None):
selected_widgets = OrderedDict()
widgets = json.loads(json_data)
for idx, widget in enumerate(widgets):
Expand All @@ -394,8 +413,9 @@ def report_widget_factory(json_data=None, request=None, finding_notes=False, fin
filter_string_matching = get_system_setting("filter_string_matching", False)
filter_class = EndpointFilterWithoutObjectLookups if filter_string_matching else EndpointFilter
endpoints = filter_class(d, queryset=endpoints, user=request.user)
user_id = user.id if user is not None else None
endpoints = EndpointList(request=request, endpoints=endpoints, finding_notes=finding_notes,
finding_images=finding_images)
finding_images=finding_images, host=host, user_id=user_id)

selected_widgets[list(widget.keys())[0] + '-' + str(idx)] = endpoints

Expand All @@ -409,9 +429,11 @@ def report_widget_factory(json_data=None, request=None, finding_notes=False, fin
d[item['name']] = item['value']

findings = ReportFindingFilter(d, queryset=findings)
user_id = user.id if user is not None else None
selected_widgets[list(widget.keys())[0] + '-' + str(idx)] = FindingList(request=request, findings=findings,
finding_notes=finding_notes,
finding_images=finding_images)
finding_images=finding_images,
host=host, user_id=user_id)

if list(widget.keys())[0] == 'wysiwyg-content':
wysiwyg_content = WYSIWYGContent(request=request)
Expand Down
4 changes: 2 additions & 2 deletions helm/defectdojo/Chart.yaml
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@
apiVersion: v2
appVersion: "2.34.0"
appVersion: "2.34.1"
description: A Helm chart for Kubernetes to install DefectDojo
name: defectdojo
version: 1.6.126
version: 1.6.127
icon: https://www.defectdojo.org/img/favicon.ico
maintainers:
- name: madchap
Expand Down

0 comments on commit 72d1402

Please sign in to comment.