Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Change plugins enabling in report flwo to checkboxes #3747

Open
wants to merge 7 commits into
base: main
Choose a base branch
from
Open

Change plugins enabling in report flwo to checkboxes #3747

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
0ddb769
change plugins to checkboxes
noamblitz Oct 28, 2024
9c7503b
lang update
noamblitz Oct 28, 2024
55e76da
Update rocky/reports/views/aggregate_report.py
noamblitz Oct 29, 2024
32fe327
update generate_report.py
noamblitz Oct 29, 2024
0cfb16a
Merge branch 'main' into fix/report-flow-plugins
noamblitz Oct 29, 2024
8803173
Merge branch 'main' into fix/report-flow-plugins
stephanie0x00 Oct 30, 2024
c06d271
Merge branch 'main' into fix/report-flow-plugins
underdarknl Oct 30, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion rocky/reports/templates/forms/report_form_fields.html
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@
{% endfor %}
{% endif %}
{% for required_optional_plugin, plugins_ in plugins.items %}
{% for plugin in plugins_ %}<input type="hidden" name="plugin" value="{{ plugin.id }}">{% endfor %}
{% for plugin in plugins_ %}<input type="hidden" name="all_plugins" value="{{ plugin.id }}">{% endfor %}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just to be sure: The views still seem to refer to the plugin query parameter, so I'm unsure if this change works. Regardless, I think plugins as a query parameter list would've been a better name

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah weird right. It seems that this variable is and was not used... But I'm afraid to delete it.

{% endfor %}
{% if request.POST.choose_recurrence %}
<input type="hidden"
Expand Down
6 changes: 3 additions & 3 deletions rocky/reports/templates/partials/report_setup_scan.html
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -52,7 +52,7 @@ <h3>{% translate "Required plugins" %}</h3>
</div>
<div class="column-4 tiles plugins images-cover">
{% for required_plugin in plugins.required|dictsort:"enabled" %}
{% include "partials/plugin_tile.html" with plugin=required_plugin plugin_report_types=plugin_data.plugin_report_types show_report_types="yes" plugin_report_types=plugin_data.plugin_report_types %}
{% include "partials/plugin_tile.html" with form_id="continue-to-configuration" plugin_report_types=plugin_data.plugin_report_types show_report_types="yes" plugin=required_plugin remove_action_buttons="yes" add_checkbox="yes" checked="yes" %}

{% endfor %}
</div>
Expand All @@ -76,7 +76,7 @@ <h3>{% translate "Suggested plugins" %}</h3>
</div>
<div class="column-4 tiles plugins images-cover">
{% for optional_plugin in plugins.optional|dictsort:"enabled" %}
{% include "partials/plugin_tile.html" with plugin=optional_plugin form_id="continue-to-configurationt" show_report_types="yes" plugin_report_types=plugin_data.plugin_report_types %}
{% include "partials/plugin_tile.html" with form_id="continue-to-configuration" plugin_report_types=plugin_data.plugin_report_types show_report_types="yes" plugin=optional_plugin remove_action_buttons="yes" add_checkbox="yes" %}

{% endfor %}
</div>
Expand All @@ -98,7 +98,7 @@ <h3>{% translate "Suggested plugins" %}</h3>
{% include "forms/report_form_fields.html" %}

<button type="submit">
{% translate "Continue" %}<span class="icon ti-chevron-right"></span>
{% translate "Enable plugins and continue" %}<span class="icon ti-chevron-right"></span>
</button>
</form>
{% else %}
Expand Down
18 changes: 18 additions & 0 deletions rocky/reports/views/aggregate_report.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,9 +1,12 @@
from typing import Any

from django.contrib import messages
from django.http import HttpRequest, HttpResponse
from django.shortcuts import redirect
from django.urls import reverse
from django.utils.translation import gettext_lazy as _
from httpx import HTTPError
from katalogus.client import get_katalogus
from django.views.generic import TemplateView

from reports.report_types.aggregate_organisation_report.report import AggregateOrganisationReport
Expand Down Expand Up @@ -107,6 +110,21 @@ class ExportSetupAggregateReportView(
current_step = 4
report_type = AggregateOrganisationReport

def post(self, request, *args, **kwargs):
selected_plugins = request.POST.getlist("plugin", [])

client = get_katalogus(self.organization.code)
for selected_plugin in selected_plugins:
try:
client.enable_boefje_by_id(selected_plugin)
except HTTPError:
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I hate that we bubble up the http errors from the client to here. Lets move that away asap, the katalogusclient already has some localized exceptions for other issues.

messages.error(
request,
_("An error occurred while enabling {}. The plugin is not available.").format(selected_plugin),
)
return self.post(request, *args, **kwargs)
return super().post(request, *args, **kwargs)


class SaveAggregateReportView(SaveAggregateReportMixin, BreadcrumbsAggregateReportView, SaveReportView):
"""
Expand Down
18 changes: 18 additions & 0 deletions rocky/reports/views/generate_report.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,9 +1,12 @@
from typing import Any

from django.contrib import messages
from django.http import HttpRequest, HttpResponse
from django.shortcuts import redirect
from django.urls import reverse
from django.utils.translation import gettext_lazy as _
from httpx import HTTPError
from katalogus.client import get_katalogus
from django.views.generic import TemplateView

from reports.views.base import (
Expand Down Expand Up @@ -100,6 +103,21 @@ class ExportSetupGenerateReportView(GenerateReportStepsMixin, BreadcrumbsGenerat
breadcrumbs_step = 6
current_step = 4

def post(self, request, *args, **kwargs):
selected_plugins = request.POST.getlist("plugin", [])

client = get_katalogus(self.organization.code)
for selected_plugin in selected_plugins:
try:
client.enable_boefje_by_id(selected_plugin)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We should also check if the user has the permissions to enable these boefjes.

Copy link
Contributor

@Rieven Rieven Oct 31, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

to check permissions use this method from the OrganizationView:

nl-kat-coordination/rocky/account/mixins.py

Line 167 in 193764c

def can_raise_clearance_level(self, ooi: OOI, level: int) -> bool:

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This permission checks if the user can raise the clearance level of an object right? We want to enable plugins. Shouldnt this be another permission?

except HTTPError:
messages.error(
request,
_("An error occurred while enabling {}. The plugin is not available.").format(selected_plugin),
)
return self.post(request, *args, **kwargs)
return super().post(request, *args, **kwargs)

Comment on lines +106 to +120
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you move this post to the ReportFinalSettingsView in base.py? Then it will be implemented for aggregate and multireport

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We need to make sure that the user knows that by checking the checkboxes that it means enable and continue

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hmm no I cant move it to there because these plugins are enabled only in the export step, and not taken all the way to the final step like the other settings.

And the button already says: enable and continue


class SaveGenerateReportView(SaveGenerateReportMixin, BreadcrumbsGenerateReportView, SaveReportView):
"""
Expand Down
11 changes: 8 additions & 3 deletions rocky/rocky/locale/django.pot
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,8 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2024-10-28 12:38+0000\n"

"POT-Creation-Date: 2024-10-28 17:30+0000\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <[email protected]>\n"
Expand Down Expand Up @@ -1595,7 +1596,6 @@ msgstr ""
#: onboarding/templates/account/step_2a_organization_update.html
#: onboarding/templates/account/step_2b_indemnification_setup.html
#: onboarding/templates/step_3d_clearance_level_introduction.html
#: reports/templates/partials/report_setup_scan.html
msgid "Continue"
msgstr ""

Expand Down Expand Up @@ -2361,7 +2361,8 @@ msgstr ""
msgid "Please select all required plugins to proceed."
msgstr ""

#: onboarding/views.py
#: onboarding/views.py reports/views/aggregate_report.py
#: reports/views/generate_report.py
msgid "An error occurred while enabling {}. The plugin is not available."
msgstr ""

Expand Down Expand Up @@ -3998,6 +3999,10 @@ msgstr ""
msgid "There are no optional plugins."
msgstr ""

#: reports/templates/partials/report_setup_scan.html
msgid "Enable plugins and continue"
msgstr ""

#: reports/templates/partials/report_severity_totals.html
#: reports/templates/partials/report_severity_totals_table.html
msgid "Findings overview"
Expand Down
Loading