class RequestFilter(SquestFilter):
class Meta:
model = Request
fields = ['instance__name', 'instance__id', 'user__username', 'instance__service__name', 'operation__name', 'operation__type',
'state']
operation__type = MultipleChoiceFilter(
choices=OperationType.choices,
widget=SelectMultiple(attrs={'data-live-search': "true"}))
state = MultipleChoiceFilter(
choices=[state for state in RequestState.choices if state[0] != RequestState.ARCHIVED],
widget=SelectMultiple(attrs={'data-live-search': "true"}))
def __init__(self, *args, **kwargs):
super(RequestFilter, self).__init__(*args, **kwargs)
self.filters['instance__name'].field.label = 'Instance'
self.filters['instance__id'].field.widget = HiddenInput()
self.filters['user__username'].field.label = 'User'
self.filters['instance__service__name'].field.label = 'Service name'
self.filters['operation__name'].field.label = 'Operation name'
self.filters['operation__type'].field.label = 'Type'
@property
def qs(self):
return super().qs.exclude(state=RequestState.ARCHIVED)
class ProductFindingFilter(DojoFilter):
title = CharFilter(lookup_type='icontains')
date = DateRangeFilter()
cwe = MultipleChoiceFilter(choices=[])
severity = MultipleChoiceFilter(choices=[])
test__test_type = ModelMultipleChoiceFilter(
queryset=Test_Type.objects.all())
class Meta:
model = Finding
order_by = (('title', 'Name'),
('-title', 'Name Desc'),
('numerical_severity', 'Severity'),
('-numerical_severity', 'Severity Desc'),
('test__engagement__risk_acceptance__created', 'Date'),
('-test__engagement__risk_acceptance__created', 'Date Desc'))
exclude = ['url', 'description', 'mitigation', 'impact',
'endpoint', 'references', 'test', 'is_template',
'active', 'verified', 'out_of_scope', 'false_p',
'duplicate', 'thread_id', 'mitigated', 'notes',
'numerical_severity', 'reporter', 'endpoints', 'last_reviewed']
def __init__(self, *args, **kwargs):
super(ProductFindingFilter, self).__init__(*args, **kwargs)
cwe = dict()
cwe = dict([finding.cwe, finding.cwe]
for finding in self.queryset.distinct()
if finding.cwe > 0 and finding.cwe not in cwe)
cwe = collections.OrderedDict(sorted(cwe.items()))
self.form.fields['cwe'].choices = cwe.items()
sevs = dict()
sevs = dict([finding.severity, finding.severity]
for finding in self.queryset.distinct()
if finding.severity not in sevs)
self.form.fields['severity'].choices = sevs.items()
class ReportFilter(DojoFilter):
name = CharFilter(lookup_type='icontains')
type = MultipleChoiceFilter(choices=[])
format = MultipleChoiceFilter(choices=[])
requester = ModelMultipleChoiceFilter(queryset=Dojo_User.objects.all())
datetime = DateTimeFilter()
status = MultipleChoiceFilter(choices=[])
class Meta:
model = Report
exclude = ['task_id', 'file']
order_by = (('-datetime', 'Date Desc'), ('datetime', 'Date Asc'),
('name', 'Name'), ('-name', 'Name Desc'), ('type', 'Type'),
('-type', 'Type Desc'), ('format', 'Format'),
('-format', 'Format Desc'), ('requester', 'Requester'),
('-requester', 'Requester Desc'))
def __init__(self, *args, **kwargs):
super(ReportFilter, self).__init__(*args, **kwargs)
type = dict()
type = dict([report.type, report.type]
for report in self.queryset.distinct()
if report.type is not None)
type = collections.OrderedDict(sorted(type.items()))
self.form.fields['type'].choices = type.items()
status = dict()
status = dict([report.status, report.status]
for report in self.queryset.distinct()
if report.status is not None)
status = collections.OrderedDict(sorted(status.items()))
self.form.fields['status'].choices = status.items()
class GlobalHookFilter(SquestFilter):
class Meta:
model = GlobalHook
fields = ['name', 'model']
model = MultipleChoiceFilter(choices=HookModel.choices,
widget=SelectMultiple())
state_instance = MultipleChoiceFilter(
label="Instance state",
method='add_states_in_filter',
choices=InstanceState.choices,
null_value=None,
widget=SelectMultiple(attrs={'data-live-search': "true"}))
state_request = MultipleChoiceFilter(
label="Request state",
method='add_states_in_filter',
choices=RequestState.choices,
null_value=None,
widget=SelectMultiple(attrs={'data-live-search': "true"}))
def __init__(self, *args, **kwargs):
super(GlobalHookFilter, self).__init__(*args, **kwargs)
self.state_filter_value = list()
def add_states_in_filter(self, queryset, field_name, value):
self.state_filter_value += value
return queryset
def filter_queryset(self, queryset):
queryset = super(GlobalHookFilter, self).filter_queryset(queryset)
tmp = self.state_filter_value
self.state_filter_value = []
return queryset.filter(state__in=tmp)
class CenterFilter(FilterSet):
ADDR = [(addr, addr)
for addr in ('종로구', '중구', '용산구', '성동구', '광진구', '동대문구', '중랑구',
'성북구', '강북구', '도봉구', '노원구', '은평구', '서대문구', '마포구',
'양천구', '강서구', '구로구', '금천구', '영등포구', '동작구', '관악구',
'서초구', '강남구', '송파구', '강동구')]
type = MultipleChoiceFilter(choices=Center.TYPE_CHOICES,
method='type_filter',
widget=forms.CheckboxSelectMultiple)
detail = MultipleChoiceFilter(choices=Center.CENTER_CHOICES,
widget=forms.CheckboxSelectMultiple)
address = ChoiceFilter(choices=ADDR, lookup_expr='icontains')
class Meta:
model = Center
fields = [
'type',
'detail',
'address',
]
def type_filter(self, queryset, name, type):
if len(type) == 2:
return queryset.filter(
Q(type__icontains='1') | Q(type__icontains='2'))
else:
return queryset.filter(type__icontains=type[0])
class event(FilterSet):
def __init__(self, *args, **kwargs):
if not event_choices['level'] and kwargs['queryset'].count():
update_choices()
super().__init__(*args, **kwargs)
for attribute in event_choices:
self.filters[attribute].extra.update(
choices=event_choices[attribute])
self.filters[attribute].widget.attrs['size'] = min(
len(event_choices[attribute]), 50)
description = CharFilter(
label='Description', lookup_expr='icontains',
widget=Textarea(attrs={'class': 'form-control', 'rows': 3}),
help_text='')
type = MultipleChoiceFilter(
label='Type',
widget=SelectMultiple(attrs={'class': 'form-control'}), help_text='')
level = MultipleChoiceFilter(
label='Level',
widget=SelectMultiple(attrs={'class': 'form-control'}), help_text='')
source = MultipleChoiceFilter(
label='Source',
widget=SelectMultiple(attrs={'class': 'form-control'}), help_text='')
success = BooleanFilter(
label='Success',
widget=Select(choices=(('3', 'Unknown'), ('1', 'True'), ('0', 'False')),
attrs={'class': 'form-control'}), help_text='')
class Meta:
exclude = ('campaign', 'result', 'timestamp')
model = models.event
class AllFiltersFilterSet(FilterSet):
number_AllValuesFilter = AllValuesFilter(field_name='number', lookup_expr='exact')
number_AllValuesMultipleFilter_OR = AllValuesMultipleFilter(field_name='number', lookup_expr='exact', conjoined=False) # OR
number_AllValuesMultipleFilter_AND = AllValuesMultipleFilter(field_name='number', lookup_expr='exact', conjoined=True) # AND
number_BaseCSVFilterNumber = BaseCSVFilterNumber(field_name='number', lookup_expr='in')
number_BaseInFilterNumber = BaseInFilterNumber(field_name='number', lookup_expr='in')
number_BaseRangeFilterNumber = BaseRangeFilterNumber(field_name='number', lookup_expr='range')
is_true_BooleanFilter = BooleanFilter(field_name='is_true', lookup_expr='exact')
text_CharFilter = CharFilter(field_name='text', lookup_expr='exact')
number_ChoiceFilter = ChoiceFilter(field_name='number', lookup_expr='exact', choices=NUMBER_CHOICES)
date_DateFilter = DateFilter(field_name='date', lookup_expr='exact')
date_DateFromToRangeFilter = DateFromToRangeFilter(field_name='date', lookup_expr='range')
date_DateRangeFilter = DateRangeFilter(field_name='date', lookup_expr='exact')
date_time_DateTimeFilter = DateTimeFilter(field_name='date_time', lookup_expr='exact')
date_time_DateTimeFromToRangeFilter = DateTimeFromToRangeFilter(field_name='date_time', lookup_expr='range')
duration_DurationFilter = DurationFilter(field_name='duration', lookup_expr='exact')
iso_date_time_IsoDateTimeFilter = IsoDateTimeFilter(field_name='iso_date_time', lookup_expr='lt')
iso_date_time_IsoDateTimeFromToRangeFilter = IsoDateTimeFromToRangeFilter(field_name='iso_date_time', lookup_expr='range')
number_MultipleChoiceFilter_OR = MultipleChoiceFilter(field_name='number', lookup_expr='exact', conjoined=False, choices=NUMBER_CHOICES)
number_MultipleChoiceFilter_AND = MultipleChoiceFilter(field_name='number', lookup_expr='exact', conjoined=True, choices=NUMBER_CHOICES)
number_NumberFilter = NumberFilter(field_name='number', lookup_expr='exact')
number_OrderingFilter = OrderingFilter(fields=('number', 'number'))
number_RangeFilter = RangeFilter(field_name='number', lookup_expr='range')
time_TimeFilter = TimeFilter(field_name='time', lookup_expr='exact')
time_TimeRangeFilter = TimeRangeFilter(field_name='time', lookup_expr='range')
number_TypedChoiceFilter = TypedChoiceFilter(field_name='number', lookup_expr='exact', choices=NUMBER_CHOICES)
text_TypedMultipleChoiceFilter_OR = TypedMultipleChoiceFilter(field_name='number', lookup_expr='exact', conjoined=False, choices=NUMBER_CHOICES)
text_TypedMultipleChoiceFilter_AND = TypedMultipleChoiceFilter(field_name='number', lookup_expr='exact', conjoined=True, choices=NUMBER_CHOICES)
uuid_UUIDFilter = UUIDFilter(field_name='uuid', lookup_expr='exact')
number_LookupChoiceFilter = LookupChoiceFilter(field_name='number')
class Meta:
model = BenchmarkModel
exclude = ['number', 'text', 'is_true', 'date', 'date_time', 'duration']
class AcceptedFindingFilter(DojoFilter):
title = CharFilter(lookup_expr='icontains')
sourcefile = CharFilter(lookup_expr='icontains')
sourcefilepath = CharFilter(lookup_expr='icontains')
param = CharFilter(lookup_expr='icontains')
payload = CharFilter(lookup_expr='icontains')
test__engagement__risk_acceptance__created = \
DateRangeFilter(label="Acceptance Date")
date = DateRangeFilter(label="Finding Date")
cwe = MultipleChoiceFilter(choices=[])
severity = MultipleChoiceFilter(choices=[])
test__test_type = ModelMultipleChoiceFilter(
queryset=Test_Type.objects.all())
test__engagement__product = ModelMultipleChoiceFilter(
queryset=Product.objects.all(), label="Product")
test__engagement__product__prod_type = ModelMultipleChoiceFilter(
queryset=Product_Type.objects.all(), label="Product Type")
o = OrderingFilter(
# tuple-mapping retains order
fields=(
('numerical_severity', 'numerical_severity'),
('date', 'date'),
('test__engagement__risk_acceptance__created',
'test__engagement__risk_acceptance__created'),
('title', 'title'),
('test__engagement__product__name',
'test__engagement__product__name'),
),
field_labels={
'numerical_severity': 'Severity',
'date': 'Finding Date',
'test__engagement__risk_acceptance__created': 'Acceptance Date',
'title': 'Finding Name',
'test__engagement__product__name': 'Product Name',
})
class Meta:
model = Finding
fields = ['title', 'test__engagement__risk_acceptance__created']
exclude = [
'url', 'description', 'mitigation', 'impact', 'endpoint',
'references', 'test', 'is_template', 'active', 'verified',
'out_of_scope', 'false_p', 'duplicate', 'thread_id', 'mitigated',
'notes', 'numerical_severity', 'reporter', 'endpoints',
'last_reviewed', 'o', 'jira_creation', 'jira_change'
]
def __init__(self, *args, **kwargs):
super(AcceptedFindingFilter, self).__init__(*args, **kwargs)
cwe = dict()
cwe = dict([finding.cwe, finding.cwe]
for finding in self.queryset.distinct()
if type(finding.cwe) is int and finding.cwe is not None
and finding.cwe > 0 and finding.cwe not in cwe)
cwe = collections.OrderedDict(sorted(cwe.items()))
self.form.fields['cwe'].choices = list(cwe.items())
self.form.fields['severity'].choices = self.queryset.order_by(
'numerical_severity').values_list('severity',
'severity').distinct()
class QuotaFilter(TamatoFilter):
order_number = CharFilter(
label="Order number",
field_name="order_number",
)
origin = MultiValueCharFilter(
label="Geographical area(s)",
field_name="origins__area_id",
)
mechanism = MultipleChoiceFilter(
label="Administration mechanism",
field_name="mechanism",
widget=forms.CheckboxSelectMultiple,
help_text="Select all that apply",
choices=validators.AdministrationMechanism.choices,
)
category = MultipleChoiceFilter(
label="Quota category",
field_name="category",
widget=forms.CheckboxSelectMultiple,
help_text="Select all that apply",
choices=validators.QuotaCategory.choices,
)
clear_url = reverse_lazy("quota-ui-list")
class Meta:
form = QuotaFilterForm
model = models.QuotaDefinition
fields = ["order_number"]
class InfrastructureFilterSet(ZoningFilterSet, StructureRelatedFilterSet):
name = CharFilter(label=_('Name'), lookup_expr='icontains')
description = CharFilter(label=_('Description'), lookup_expr='icontains')
implantation_year = MultipleChoiceFilter(
choices=Infrastructure.objects.implantation_year_choices())
intervention_year = MultipleChoiceFilter(
label=_("Intervention year"),
method='filter_intervention_year',
choices=Intervention.objects.year_choices())
category = MultipleChoiceFilter(label=_("Category"),
field_name='type__type',
choices=INFRASTRUCTURE_TYPES)
class Meta(StructureRelatedFilterSet.Meta):
model = Infrastructure
fields = StructureRelatedFilterSet.Meta.fields + [
'category', 'type', 'condition', 'implantation_year',
'intervention_year', 'published'
]
def filter_intervention_year(self, qs, name, value):
infrastructure_ct = ContentType.objects.get_for_model(Infrastructure)
interventions = Intervention.objects.filter(target_type=infrastructure_ct, date__year__in=value) \
.values_list('target_id', flat=True)
return qs.filter(id__in=interventions).distinct()
class ProductFilter(FilterSet):
artist = MultipleChoiceFilter(field_name="artist", choices=artists_list)
genre = MultipleChoiceFilter(field_name="genre",
choices=Product.GENRE_CHOICES)
class Meta:
model = Product
fields = ['genre', 'artist']
class SchoolFilter(FilterSet):
CURRENT_RECRUITMENT_YEAR = 2020
SUPPORTED_SCHOOL_TYPES = [SchoolType.LO, SchoolType.TECH, SchoolType.BRAN]
QUERY_FIELD = "school_name"
MIN_QUERY_SIMILARITY = 0.05
class Meta:
model = School
fields = ["school_name", "is_public"]
include_unsupported = BooleanDefaultFilter(
field_name="school_type", method="include_unsupported_filter"
)
school_ids = MultipleChoiceFilter(
field_name="id",
choices=get_available_values_from_model(School, "id"),
method="school_ids_filter",
)
query = CharFilter(field_name="school_name", method="query_filter")
extended_subjects = MultipleChoiceFilter(
field_name="highschoolclass__extendedsubject__name",
choices=get_available_values_from_model(ExtendedSubject, "name"),
method="extended_subjects_filter",
)
districts = MultipleChoiceFilter(
field_name="address__district",
choices=get_available_values_from_model(Address, "district"),
)
def include_unsupported_filter(self, queryset, _name, value):
print(value)
if value is True:
return queryset
return queryset.filter(school_type__in=self.SUPPORTED_SCHOOL_TYPES)
def school_ids_filter(self, queryset, name, value):
regons = [regon for regon in value if is_regon(value)]
ids = [school_id for school_id in value if school_id not in regons]
return queryset.filter(
Q(id__in=ids) | Q(public_institution_data__regon__in=regons)
)
def query_filter(self, queryset, name, value):
return queryset.annotate(
similarity=TrigramSimilarity(self.QUERY_FIELD, value)
).filter(similarity__gte=self.MIN_QUERY_SIMILARITY)
def extended_subjects_filter(self, queryset, _name, value):
return queryset.filter(
highschoolclass__extendedsubject__name__in=value,
highschoolclass__year__startswith=self.CURRENT_RECRUITMENT_YEAR,
).distinct()
class OpenFindingFilter(DojoFilter):
title = CharFilter(lookup_expr='icontains')
duplicate = ReportBooleanFilter()
sourcefile = CharFilter(lookup_expr='icontains')
sourcefilepath = CharFilter(lookup_expr='icontains')
param = CharFilter(lookup_expr='icontains')
payload = CharFilter(lookup_expr='icontains')
date = DateRangeFilter()
last_reviewed = DateRangeFilter()
cwe = MultipleChoiceFilter(choices=[])
severity = MultipleChoiceFilter(choices=[])
test__test_type = ModelMultipleChoiceFilter(
queryset=Test_Type.objects.all())
test__engagement__product = ModelMultipleChoiceFilter(
queryset=Product.objects.all(), label="Product")
o = OrderingFilter(
# tuple-mapping retains order
fields=(
('numerical_severity', 'numerical_severity'),
('date', 'date'),
('last_reviewed', 'last_reviewed'),
('title', 'title'),
('test__engagement__product__name',
'test__engagement__product__name'),
), )
class Meta:
model = Finding
exclude = [
'url', 'description', 'mitigation', 'impact', 'endpoint',
'references', 'test', 'is_template', 'active', 'verified',
'out_of_scope', 'false_p', 'thread_id', 'mitigated', 'notes',
'numerical_severity', 'reporter', 'last_reviewed'
]
def __init__(self, *args, **kwargs):
self.user = None
if 'user' in kwargs:
self.user = kwargs.pop('user')
super(OpenFindingFilter, self).__init__(*args, **kwargs)
cwe = dict()
cwe = dict([finding.cwe, finding.cwe]
for finding in self.queryset.distinct()
if finding.cwe > 0 and finding.cwe not in cwe)
cwe = collections.OrderedDict(sorted(cwe.items()))
self.form.fields['cwe'].choices = cwe.items()
sevs = dict()
sevs = dict([finding.severity, finding.severity]
for finding in self.queryset.distinct()
if finding.severity not in sevs)
self.form.fields['severity'].choices = sevs.items()
if self.user is not None and not self.user.is_staff:
self.form.fields[
'test__engagement__product'].queryset = Product.objects.filter(
authorized_users__in=[self.user])
self.form.fields['endpoints'].queryset = Endpoint.objects.filter(
product__authorized_users__in=[self.user]).distinct()
class ClosedFindingFilter(DojoFilter):
title = CharFilter(lookup_expr='icontains')
mitigated = DateRangeFilter(label="Mitigated Date")
cwe = MultipleChoiceFilter(choices=[])
severity = MultipleChoiceFilter(choices=[])
test__test_type = ModelMultipleChoiceFilter(
queryset=Test_Type.objects.all())
test__engagement__product = ModelMultipleChoiceFilter(
queryset=Product.objects.all(), label="Product")
test__engagement__product__prod_type = ModelMultipleChoiceFilter(
queryset=Product_Type.objects.all(), label="Product Type")
o = OrderingFilter(
# tuple-mapping retains order
fields=(
('numerical_severity', 'numerical_severity'),
('date', 'date'),
('mitigated', 'mitigated'),
('title', 'title'),
('test__engagement__product__name',
'test__engagement__product__name'),
),
field_labels={
'numerical_severity': 'Severity',
'date': 'Date',
'mitigated': 'Mitigated Date',
'title': 'Finding Name',
'test__engagement__product__name': 'Product Name',
})
class Meta:
model = Finding
exclude = [
'url', 'description', 'mitigation', 'impact', 'endpoint',
'references', 'test', 'is_template', 'active', 'verified',
'out_of_scope', 'false_p', 'duplicate', 'thread_id', 'date',
'notes', 'numerical_severity', 'reporter', 'endpoints',
'last_reviewed'
]
def __init__(self, *args, **kwargs):
super(ClosedFindingFilter, self).__init__(*args, **kwargs)
cwe = dict()
cwe = dict([finding.cwe, finding.cwe]
for finding in self.queryset.distinct()
if finding.cwe > 0 and finding.cwe not in cwe)
cwe = collections.OrderedDict(sorted(cwe.items()))
self.form.fields['cwe'].choices = cwe.items()
sevs = dict()
sevs = dict([finding.severity, finding.severity]
for finding in self.queryset.distinct()
if finding.severity not in sevs)
self.form.fields['severity'].choices = sevs.items()
class InvoiceFilter(FilterSet):
status = MultipleChoiceFilter(
choices=INVOICE_STATUS,
widget=CheckboxSelectMultiple(attrs={'class': 'list-unstyled'}),
label=_('Status'),
)
invoice_date = DateFromToRangeFilter(label=_('Invoice Date'))
invoice_due_date = DateFromToRangeFilter(label=_('Due Date'))
total_amount = RangeFilter(widget=NumericRangeWidget(),
label=_('Total Amount'))
taxpayer__business_name = CharFilter(
lookup_expr='icontains',
widget=TextInput(attrs={
'class': 'form-control',
"list": "taxpayers",
}),
label=_('Organization'),
)
taxpayer__country = CharFilter(
widget=Select(choices=[('AR', 'AR'), ('BR', 'BR'), ('US', 'US')],
attrs={'class': 'custom-select'}),
label=_('Country'),
)
new_comment_from_ap = MultipleChoiceFilter(
choices=INVOICE_SHOW_ONLY_NEW_MESSAGES,
widget=CheckboxSelectMultiple(attrs={'class': 'list-unstyled'}),
label=_('Messages'),
)
new_comment_from_supplier = MultipleChoiceFilter(
choices=INVOICE_SHOW_ONLY_NEW_MESSAGES,
widget=CheckboxSelectMultiple(attrs={'class': 'list-unstyled'}),
label=_('Messages'),
)
class Meta:
model = Invoice
fields = ('new_comment_from_ap', 'new_comment_from_supplier',
'invoice_date', 'invoice_due_date', 'status', 'total_amount',
'taxpayer__business_name', 'taxpayer__country')
def get_form_class(self):
form = super(FilterSet, self).get_form_class()
form.base_fields['invoice_date'].widget = DateRangeWidget()
form.base_fields['invoice_due_date'].widget = DateRangeWidget()
return form
class injection(FilterSet):
def __init__(self, *args, **kwargs):
if not injection_choices['register'] and kwargs['queryset'].count():
update_choices()
super().__init__(*args, **kwargs)
for attribute in injection_choices:
self.filters[attribute].extra.update(
choices=injection_choices[attribute])
self.filters[attribute].widget.attrs['size'] = min(
len(injection_choices[attribute]), 25)
bit = MultipleChoiceFilter(
label='Bit',
widget=SelectMultiple(attrs={'class': 'form-control'}), help_text='')
checkpoint = MultipleChoiceFilter(
label='Checkpoint number',
widget=SelectMultiple(attrs={'class': 'form-control'}), help_text='')
field = MultipleChoiceFilter(
label='Field',
widget=SelectMultiple(attrs={'class': 'form-control'}), help_text='')
processor_mode = MultipleChoiceFilter(
label='Processor mode',
widget=SelectMultiple(attrs={'class': 'form-control'}), help_text='')
register = MultipleChoiceFilter(
label='Register',
widget=SelectMultiple(attrs={'class': 'form-control'}), help_text='')
register_access = MultipleChoiceFilter(
label='Register access',
widget=SelectMultiple(attrs={'class': 'form-control'}), help_text='')
register_index = MultipleChoiceFilter(
label='Register index',
widget=SelectMultiple(attrs={'class': 'form-control'}), help_text='')
success = BooleanFilter(
label='Success',
widget=Select(choices=(('3', 'Unknown'), ('1', 'True'), ('0', 'False')),
attrs={'class': 'form-control'}), help_text='')
target_name = MultipleChoiceFilter(
label='Target',
widget=SelectMultiple(attrs={'class': 'form-control'}), help_text='')
time_gt = NumberFilter(
name='time', label='Time (>)', lookup_expr='gt',
widget=NumberInput(attrs={'class': 'form-control'}), help_text='')
time_lt = NumberFilter(
name='time', label='Time (<)', lookup_expr='lt',
widget=NumberInput(attrs={'class': 'form-control'}), help_text='')
tlb_entry = MultipleChoiceFilter(
label='TLB entry',
widget=SelectMultiple(attrs={'class': 'form-control'}), help_text='')
class Meta:
exclude = ('config_object', 'gold_value', 'injected_value',
'register_alias', 'result', 'target', 'target_index', 'time',
'timestamp')
model = models.injection
class ActiveStateMixin(FilterSet):
"""Generic filter mixin to provide an active state filter."""
active_state = MultipleChoiceFilter(
choices=ACTIVE_STATE_CHOICES,
widget=forms.CheckboxSelectMultiple,
method="filter_active_state",
label="Active state",
help_text="Select all that apply",
required=False,
)
def filter_active_state(self, queryset, name, value):
"""
Filter the given queryset to those which have the specified active
state.
:param queryset: The queryset to filter
:param name: The name of the field
:param value: The value of the field
"""
active_status_filter = Q()
current_date = TaricDateRange(date.today(), date.today())
if value == ["active"]:
active_status_filter = Q(valid_between__upper_inf=True) | Q(
valid_between__contains=current_date,
)
if value == ["terminated"]:
active_status_filter = Q(valid_between__fully_lt=current_date)
return queryset.filter(active_status_filter)
class ReportAuthedFindingFilter(DojoFilter):
title = CharFilter(lookup_type='icontains', label='Name')
test__engagement__product = ModelMultipleChoiceFilter(
queryset=Product.objects.all(), label="Product")
test__engagement__product__prod_type = ModelMultipleChoiceFilter(
queryset=Product_Type.objects.all(), label="Product Type")
severity = MultipleChoiceFilter(choices=SEVERITY_CHOICES)
active = ReportBooleanFilter()
mitigated = MitigatedDateRangeFilter()
verified = ReportBooleanFilter()
false_p = ReportBooleanFilter(label="False Positive")
test__engagement__risk_acceptance = ReportRiskAcceptanceFilter(
label="Risk Accepted")
duplicate = ReportBooleanFilter()
out_of_scope = ReportBooleanFilter()
def __init__(self, *args, **kwargs):
self.user = None
if 'user' in kwargs:
self.user = kwargs.pop('user')
super(ReportAuthedFindingFilter, self).__init__(*args, **kwargs)
if not self.user.is_staff:
self.form.fields[
'test__engagement__product'].queryset = Product.objects.filter(
authorized_users__in=[self.user])
class Meta:
model = Finding
exclude = [
'date', 'cwe', 'url', 'description', 'mitigation', 'impact',
'endpoint', 'references', 'test', 'is_template', 'thread_id',
'notes', 'endpoints', 'numerical_severity', 'reporter',
'last_reviewed'
]
class MetricsFindingFilter(FilterSet):
date = MetricsDateRangeFilter()
test__engagement__product__prod_type = ModelMultipleChoiceFilter(
queryset=Product_Type.objects.all().order_by('name'),
label="Product Type")
severity = MultipleChoiceFilter(choices=[])
status = FindingStatusFilter(label='Status')
def __init__(self, *args, **kwargs):
super(MetricsFindingFilter, self).__init__(*args, **kwargs)
self.form.fields['severity'].choices = self.queryset.order_by('numerical_severity') \
.values_list('severity', 'severity').distinct()
class Meta:
model = Finding
exclude = ['url',
'description',
'mitigation',
'unsaved_endpoints',
'unsaved_request',
'unsaved_response',
'unsaved_tags',
'references',
'review_requested_by',
'reviewers',
'defect_review_requested_by',
'thread_id',
'notes',
'last_reviewed_by',
'images',
'endpoints',
'is_template']
class ClientFilter(FilterSet):
name = CharFilter(method='filter_search', label=_('Search by name'))
status = MultipleChoiceFilter(choices=Client.CLIENT_STATUS)
delivery_type = ChoiceFilter(choices=(('', ''), ) + DELIVERY_TYPE)
class Meta:
model = Client
fields = ['route', 'status', 'delivery_type']
def filter_search(self, queryset, field_name, value):
if not value:
return queryset
name_contains = Q()
names = value.split(' ')
for name in names:
firstname_contains = Q(member__firstname__icontains=name)
lastname_contains = Q(member__lastname__icontains=name)
name_contains |= firstname_contains | lastname_contains
return queryset.filter(name_contains)
class TrialStatusFilter(FilterSet):
TODAY_CHOICES = (('2', 'Yes'), ('', 'Unknown'))
status = MultipleChoiceFilter(label='Trial status',
choices=Trial.STATUS_CHOICES,
widget=QueryArrayWidget)
is_overdue_today = ChoiceFilter(label='Is overdue today',
method='filter_today',
choices=TODAY_CHOICES)
is_no_longer_overdue_today = ChoiceFilter(
label='Is no longer overdue today',
method='filter_today',
choices=TODAY_CHOICES)
def filter_today(self, queryset, name, value):
if str(value
) == '2': # A truthy value per django-rest-api/django-filters
if name == 'is_overdue_today':
queryset = queryset.overdue_today()
elif name == 'is_no_longer_overdue_today':
queryset = queryset.no_longer_overdue_today()
return queryset
class Meta:
model = Trial
fields = ('has_exemption', 'has_results', 'results_due', 'sponsor',
'status', 'is_pact', 'is_overdue_today',
'is_no_longer_overdue_today')
class TemplateFindingFilter(DojoFilter):
title = CharFilter(lookup_expr='icontains')
cwe = MultipleChoiceFilter(choices=[])
severity = MultipleChoiceFilter(choices=[])
numerical_severity = MultipleChoiceFilter(choices=[])
o = OrderingFilter(
# tuple-mapping retains order
fields=(
('cwe', 'cwe'),
('title', 'title'),
('numerical_severity', 'numerical_severity'),
),
field_labels={
'numerical_severity': 'Severity',
})
class Meta:
model = Finding_Template
exclude = [
'description', 'mitigation', 'impact', 'references',
'numerical_severity'
]
def __init__(self, *args, **kwargs):
super(TemplateFindingFilter, self).__init__(*args, **kwargs)
cwe = dict()
cwe = dict([finding.cwe, finding.cwe]
for finding in self.queryset.distinct()
if type(finding.cwe) is int and finding.cwe is not None
and finding.cwe > 0 and finding.cwe not in cwe)
cwe = collections.OrderedDict(sorted(cwe.items()))
self.form.fields['cwe'].choices = list(cwe.items())
self.form.fields['severity'].choices = (('Critical', 'Critical'),
('High', 'High'), ('Medium',
'Medium'),
('Low', 'Low'), ('Info',
'Info'))
self.form.fields['numerical_severity'].choices = (('S0', 'S0'),
('S1', 'S1'), ('S2',
'S2'),
('S3', 'S3'), ('S4',
'S4'))
def _get_product_variants_attributes_filters(self):
filters = {}
for attribute in self.variant_attributes:
filters[attribute.slug] = MultipleChoiceFilter(
name='variants__attributes__%s' % attribute.pk,
label=attribute.name,
widget=CheckboxSelectMultiple,
choices=self._get_attribute_choices(attribute))
return filters
def _get_product_attributes_filters(self):
filters = {}
for attribute in self.product_attributes:
filters[attribute.slug] = MultipleChoiceFilter(
field_name='attributes__%s' % attribute.pk,
label=attribute.translated.name,
widget=CheckboxSelectMultiple,
choices=self._get_attribute_choices(attribute))
return filters
def _get_category_filters(self):
filters = {}
if self.categories:
filters['category'] = MultipleChoiceFilter(
name='__category',
label='Category',
widget=CheckboxSelectMultiple,
choices=self._get_category_choices(self.categories))
return filters
class MultipleChoiceFilterSet(FilterSet):
number = MultipleChoiceFilter(field_name='number',
lookup_expr=lookup_xpr,
conjoined=conjoined,
choices=LOOKUP_CHOICES)
class Meta:
model = MultipleChoiceFilterModel
fields = ['number']
class CertificateFilter(FilterSet):
DATE_ATTR = {'type': 'date', 'placeholder': 'mm/dd/yyyy'}
status = MultipleChoiceFilter(
choices=Certificate.STATUS_CHOICES,
widget=CheckboxSelectMultiple(attrs={
'class': 'usa-unstyled-list',
'legend': 'Certificate Status'
}))
last_modified = DateFromToRangeFilter(widget=RangeWidget(attrs=DATE_ATTR))
date_of_sale = DateFromToRangeFilter(widget=RangeWidget(attrs=DATE_ATTR))
shipped_value = RangeFilter(widget=RangeWidget())
number_of_parcels = RangeFilter(widget=RangeWidget())
carat_weight = RangeFilter(widget=RangeWidget())
date_of_issue = DateFromToRangeFilter(widget=RangeWidget(attrs=DATE_ATTR))
date_of_expiry = DateFromToRangeFilter(widget=RangeWidget(attrs=DATE_ATTR))
licensee__name = ModelChoiceFilter(queryset=licensees)
date_of_delivery = DateFromToRangeFilter(widget=RangeWidget(
attrs=DATE_ATTR))
date_of_shipment = DateFromToRangeFilter(widget=RangeWidget(
attrs=DATE_ATTR))
date_voided = DateFromToRangeFilter(widget=RangeWidget(attrs=DATE_ATTR))
aes = CharFilter(lookup_expr='icontains')
exporter = CharFilter(lookup_expr='icontains')
exporter_address = CharFilter(lookup_expr='icontains')
consignee = CharFilter(lookup_expr='icontains')
consignee_address = CharFilter(lookup_expr='icontains')
class Meta:
model = Certificate
default_fields = ['status', 'aes', 'date_of_issue']
extra_fields = [
'licensee__name', 'country_of_origin', 'harmonized_code',
'port_of_export', 'shipped_value', 'number_of_parcels',
'carat_weight', 'date_of_expiry', 'date_of_shipment',
'date_of_delivery', 'exporter', 'exporter_address', 'consignee',
'consignee_address', 'last_modified', 'date_of_sale', 'date_voided'
]
fields = default_fields + extra_fields
@property
def default_fields(self):
return [
field for field in self.form
if field.name in self.Meta.default_fields
]
@property
def extra_fields(self):
return [
field for field in self.form
if field.name in self.Meta.extra_fields
]
class LogEntryFilter(DojoFilter):
from auditlog.models import LogEntry
action = MultipleChoiceFilter(choices=LogEntry.Action.choices)
actor = ModelMultipleChoiceFilter(queryset=Dojo_User.objects.all())
timestamp = DateRangeFilter()
class Meta:
model = LogEntry
exclude = ['content_type', 'object_pk', 'object_id', 'object_repr', 'changes']
class ReportFilter(DojoFilter):
name = CharFilter(lookup_expr='icontains')
type = MultipleChoiceFilter(choices=[])
format = MultipleChoiceFilter(choices=[])
requester = ModelMultipleChoiceFilter(queryset=Dojo_User.objects.all())
datetime = DateTimeFilter()
status = MultipleChoiceFilter(choices=[])
o = OrderingFilter(
# tuple-mapping retains order
fields=(
('datetime', 'datetime'),
('name', 'name'),
('type', 'type'),
('format', 'format'),
('requester', 'requester'),
),
field_labels={
'datetime': 'Date',
}
)
class Meta:
model = Report
exclude = ['task_id', 'file']
def __init__(self, *args, **kwargs):
super(ReportFilter, self).__init__(*args, **kwargs)
type = dict()
type = dict(
[report.type, report.type] for report in self.queryset.distinct()
if report.type is not None)
type = collections.OrderedDict(sorted(type.items()))
self.form.fields['type'].choices = list(type.items())
status = dict()
status = dict(
[report.status, report.status] for report in
self.queryset.distinct() if report.status is not None)
status = collections.OrderedDict(sorted(status.items()))
self.form.fields['status'].choices = list(status.items())
class EndpointReportFilter(DojoFilter):
host = CharFilter(lookup_expr='icontains')
path = CharFilter(lookup_expr='icontains')
query = CharFilter(lookup_expr='icontains')
fragment = CharFilter(lookup_expr='icontains')
finding__severity = MultipleChoiceFilter(choices=SEVERITY_CHOICES)
finding__mitigated = MitigatedDateRangeFilter()
class Meta:
model = Endpoint
exclude = ['product']
