Error handling for Generate Report

[madelondohmen]

Changes

This code adds error handling in the following two situations while generating a report:

• Changing the OOI in the URL to a non-existing one
• Changing the date in the URL to a date in the past with no data

Issue link

Closes #1972

Note: Only the first two errors of issue #1972 have been solved with this PR. Error 3 and 4 couldn't be reproduced, so they've been ignored for now.

Extra info

I've added a try-except in generate_report.py in the "generate_reports_for_oois" method. If an error occurs while trying to get the OOI data, the failed OOI will be saved in "error_oois". This way, the loop can continue to get the other OOIs (which are not failing).

After that, an error will be shown to the user with the failed OOI and the date. The report will still be generated with the succesfully obtained data from the other OOIs.

I've also added a try-except in base.py in the "get_oois" method, so the other error (that occured after changing the URL into a non-existing OOI) would be handled as well. All OOIs that do not fail, will be returned, so the report can still be generated.

Demo

Wrong date:

Wrong OOI:

Wrong date and OOI:

---

Code Checklist

• All the commits in this PR are properly PGP-signed and verified;
• This PR only contains functionality relevant to the issue; tickets have been created for newly discovered issues.
• I have written unit tests for the changes or fixes I made.
• For any non-trivial functionality, I have added integration and/or end-to-end tests.
• I have performed a self-review of my code and refactored it to the best of my abilities.

Communication

• I have informed others of any required .env changes files if required and changed the .env-dist accordingly.
• I have made corresponding changes to the documentation, if necessary.

---

Checklist for code reviewers:

Copy-paste the checklist from the docs/source/templates folder into your comment.

---

Checklist for QA:

Copy-paste the checklist from the docs/source/templates folder into your comment.

[Rieven]

This will conflict later, depends on merging prio with:

nl-kat-coordination/rocky/reports/views/base.py

Lines 75 to 84 in 23f95f9

	def get_oois(self) -> List[OOI]:
	if "all" in self.selected_oois:
	return self.octopoes_api_connector.list(
	self.get_ooi_types(),
	valid_time=self.valid_time,
	limit=OOIList.HARD_LIMIT,
	scan_level=self.get_ooi_scan_levels(),
	scan_profile_type=self.get_ooi_profile_types(),
	).items
	return [self.get_single_ooi(ooi_id) for ooi_id in self.selected_oois]

[ammar92]

Small suggestions to improve even more, but should be ready for QA testing

[stephanie0x00]

Checklist for QA:

• I have checked out this branch, and successfully ran a fresh make reset.
• I confirmed that there are no unintended functional regressions in this branch:
  • I have managed to pass the onboarding flow
  • Objects and Findings are created properly
  • Tasks are created and completed properly
• [] I confirmed that the PR's advertised feature or hotfix works as intended.

What works:

Onboarding flow works, tasks and findings are created.

What doesn't work:

The 500 errors are catched for the DNS report, but not for all other reports.

Bug or feature?:

error-500.tar.gz

1. Noticed that the aggregate report doesn't give a warning when not all required plugins are enabled. The 'normal' report does give this warning.

2. The fixes do not appear to be applicable to all reports. They can be triggered for the DNS report, but not on the system vulnerability report for example.

3. Identified a 'ValueError' when making a typo in:

• the report_type parameter in the URL
• ooi parameter in the URL, specifically in the 'Hostname' part.

The URL for the report_type parameter error with 'report_type=dns-repoooort':

http://127.0.0.1:8000/en/ee/reports/generate-report/view/?observed_at=2024-01-15&plugin=dns-sec&plugin=dns-records&ooi=Hostname|internet|mispo.es&report_type=dns-repoooort

The URL for the ooi parameter error with 'ooi=Hostnameeeeee|internet|mispo.es':

http://127.0.0.1:8000/en/ee/reports/generate-report/view/?observed_at=2024-01-15&plugin=dns-sec&plugin=dns-recooordds&ooi=Hostnameeeeee|internet|mispo.es&report_type=dns-report

Environment:


Request Method: GET
Request URL: http://127.0.0.1:8000/en/ee/reports/generate-report/view/?observed_at=2024-01-15&plugin=dns-sec&plugin=dns-records&ooi=Hostname%7Cinternet%7Cmispo.es&report_type=dns-repoooort

Django Version: 4.2.7
Python Version: 3.11.7
Installed Applications:
['whitenoise.runserver_nostatic',
 'django.contrib.admin',
 'django.contrib.auth',
 'django.contrib.contenttypes',
 'django.contrib.sessions',
 'django.contrib.messages',
 'django.contrib.staticfiles',
 'django.forms',
 'django_otp',
 'django_otp.plugins.otp_static',
 'django_otp.plugins.otp_totp',
 'two_factor',
 'account',
 'tools',
 'fmea',
 'crisis_room',
 'onboarding',
 'katalogus',
 'django_password_validators',
 'django_password_validators.password_history',
 'rest_framework',
 'tagulous',
 'compressor',
 'reports',
 'csp']
Installed Middleware:
['django.middleware.security.SecurityMiddleware',
 'whitenoise.middleware.WhiteNoiseMiddleware',
 'django.contrib.sessions.middleware.SessionMiddleware',
 'django.middleware.locale.LocaleMiddleware',
 'django.middleware.common.CommonMiddleware',
 'django.middleware.csrf.CsrfViewMiddleware',
 'django.contrib.auth.middleware.AuthenticationMiddleware',
 'django_otp.middleware.OTPMiddleware',
 'rocky.middleware.auth_required.AuthRequiredMiddleware',
 'django.contrib.messages.middleware.MessageMiddleware',
 'django.middleware.clickjacking.XFrameOptionsMiddleware',
 'rocky.middleware.onboarding.OnboardingMiddleware',
 'csp.middleware.CSPMiddleware']



Traceback (most recent call last):
  File "/usr/local/lib/python3.11/site-packages/django/core/handlers/exception.py", line 55, in inner
    response = get_response(request)
               ^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/site-packages/django/core/handlers/base.py", line 197, in _get_response
    response = wrapped_callback(request, *callback_args, **callback_kwargs)
               ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/site-packages/django/views/generic/base.py", line 98, in view
    self.setup(request, *args, **kwargs)
    ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/app/rocky/reports/views/generate_report.py", line 138, in setup
    self.plugins = self.get_required_optional_plugins(get_plugins_for_report_ids(self.selected_report_types))
                                                      ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/app/rocky/reports/report_types/helpers.py", line 80, in get_plugins_for_report_ids
    reports = get_reports(reports)
              ^^^^^^^^^^^^^^^^^^^^
  File "/app/rocky/reports/report_types/helpers.py", line 70, in get_reports
    return [get_report_by_id(report_id) for report_id in report_ids]
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/app/rocky/reports/report_types/helpers.py", line 70, in <listcomp>
    return [get_report_by_id(report_id) for report_id in report_ids]
            ^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/app/rocky/reports/report_types/helpers.py", line 66, in get_report_by_id
    raise ValueError(f"Report with id {report_id} not found")
    ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

Exception Type: ValueError at /en/ee/reports/generate-report/view/
Exception Value: Report with id dns-repoooort not found

[ammar92]

No more remarks

[stephanie0x00]

Checklist for QA:

• I have checked out this branch, and successfully ran a fresh make reset.
• I confirmed that there are no unintended functional regressions in this branch:
  • I have managed to pass the onboarding flow
  • Objects and Findings are created properly
  • Tasks are created and completed properly
• I confirmed that the PR's advertised feature or hotfix works as intended.

What works:

The error handling seems to work as expected, thus it can be merged. The found items can also be solved in separate PRs.

What doesn't work:

'Normal' report:

• The timestamp warning works when working in the browser. However one can still download an report with an outdated timestamp. E.g. when I change the date to: 2020-04-16 in the URL I see the warning in the browser. However when I download this report it shows the date from the past. A malicious user could use this to tamper with timestamp on his reports and pretend to me compliant at a previous point in time.

• It appears the time in the timestamp is not updated. E.g. it shows 11:59 p.m. while I generated the report at 12:23. I expect this can be picked up in a separate ticket.

• When adjusting the ooi parameter to ooi[]= as seen in: 'http://127.0.0.1:8000/en/ee/reports/generate-report/view/?observed_at=2024-01-18&plugin=dns-records&plugin=dns-sec&ooi[]=Hostname|internet|mispo.es&report_type=dns-report&report_type=ipv6-report` it makes the specific domain the square brackets were added to disappear.

Bug or feature?:

• When refreshing the page you get the Error notification twice.

• Adding [] to the parameter report_type make that specific report type disappear, similar to the ooi parameter.