def project_audit_parameters_detail(request, project_uuid, audit_parameters_uuid):
project = get_object_or_404(Project, pk=project_uuid)
audit_parameters = get_object_or_404(
ProjectAuditParameters, pk=audit_parameters_uuid
)
check_if_member_of_project(request.user.id, project.uuid)
if audit_parameters.project != project:
return JsonResponse({}, status=status.HTTP_400_BAD_REQUEST)
if request.method == "GET":
serializer = ProjectAuditParametersSerializer(audit_parameters)
return JsonResponse(serializer.data)
elif request.method == "PUT":
check_if_admin_of_project(request.user.id, project.uuid)
data = JSONParser().parse(request)
serializer = ProjectAuditParametersSerializer(audit_parameters, data=data)
if serializer.is_valid():
serializer.save()
return JsonResponse(serializer.data)
return JsonResponse(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
elif request.method == "DELETE":
check_if_admin_of_project(request.user.id, project.uuid)
audit_parameters.delete()
return JsonResponse({}, status=status.HTTP_204_NO_CONTENT)
def request_audit(request, project_uuid):
if request.method == "POST":
check_if_member_of_project(request.user.id, project_uuid)
project = get_object_or_404(Project, pk=project_uuid)
audit_parameters_list = project.audit_parameters_list.all()
created_audits = []
for audit_parameters in audit_parameters_list:
for page in project.pages.all():
audit = Audit.objects.create(page=page, parameters=audit_parameters)
task_request_audit.delay(audit.uuid)
AuditStatusHistory.objects.create(
audit=audit,
status=AvailableStatuses.REQUESTED.value,
details="Audit created in database",
)
created_audits.append(audit)
for script in project.scripts.all():
audit = Audit.objects.create(script=script, parameters=audit_parameters)
task_request_audit.delay(audit.uuid)
AuditStatusHistory.objects.create(
audit=audit,
status=AvailableStatuses.REQUESTED.value,
details="Audit created in database",
)
created_audits.append(audit)
created_audit_serializers = AuditSerializer(created_audits, many=True)
return JsonResponse(
created_audit_serializers.data, status=status.HTTP_201_CREATED, safe=False
)
def audit_results(request, audit_uuid):
if request.method == "GET":
audit_results = AuditResults.objects.get(audit=audit_uuid)
if audit_results.audit.page is not None:
check_if_member_of_project(request.user.id,
audit_results.audit.page.project.uuid)
if audit_results.audit.script is not None:
check_if_member_of_project(request.user.id,
audit_results.audit.script.project.uuid)
serializer = AuditResultsSerializer(audit_results)
return JsonResponse(serializer.data, safe=False)
def audits_results(request):
""" Returns every audit result for a given page """
if request.method == "GET":
page_uuid = request.GET.get("page")
script_uuid = request.GET.get("script")
audit_parameters_uuid = request.GET.get("audit_parameters")
from_date_param = request.GET.get("from_date")
to_date_param = request.GET.get("to_date")
epoch = datetime.datetime(
1970, 1, 1, 0, 0, 0, 0, tzinfo=timezone.get_current_timezone()
)
from_date = (
from_date_param
and timezone.make_aware(
datetime.datetime.strptime(from_date_param, "%Y-%m-%d")
)
) or epoch
to_date = (
to_date_param
and timezone.make_aware(
datetime.datetime.strptime(to_date_param, "%Y-%m-%d")
)
) or timezone.now()
if page_uuid is not None:
page = get_object_or_404(Page, pk=page_uuid)
check_if_member_of_project(request.user.id, page.project.uuid)
audits = Audit.objects.filter(page=page_uuid)
if audit_parameters_uuid:
audits = audits.filter(parameters=audit_parameters_uuid)
audits_results = AuditResults.objects.filter(audit__in=audits).filter(
created_at__gte=from_date,
created_at__lte=(to_date + datetime.timedelta(days=1)),
)
serializer = AuditResultsSerializer(audits_results, many=True)
elif script_uuid is not None:
script = get_object_or_404(Script, pk=script_uuid)
check_if_member_of_project(request.user.id, script.project.uuid)
audits = Audit.objects.filter(script=script_uuid)
if audit_parameters_uuid:
audits = audits.filter(parameters=audit_parameters_uuid).filter(
created_at__gte=from_date,
created_at__lte=(to_date + datetime.timedelta(days=1)),
)
audits_results = AuditResults.objects.filter(audit__in=audits)
serializer = AuditResultsSerializer(audits_results, many=True)
return JsonResponse(serializer.data, safe=False)
def audit_status(request, audit_uuid):
if request.method == "GET":
latest_audit_status = (AuditStatusHistory.objects.filter(
audit=audit_uuid).order_by("-created_at").first())
if latest_audit_status and latest_audit_status.audit.page is not None:
check_if_member_of_project(
request.user.id, latest_audit_status.audit.page.project.uuid)
if latest_audit_status and latest_audit_status.audit.script is not None:
check_if_member_of_project(
request.user.id, latest_audit_status.audit.script.project.uuid)
serializer = AuditStatusHistorySerializer(latest_audit_status)
return JsonResponse(serializer.data, safe=False)
def project_page_list(request, project_uuid):
project = Project.objects.get(uuid=project_uuid)
check_if_member_of_project(request.user.id, project.uuid)
if request.method == "GET":
pages = project.pages.all()
serializer = PageSerializer(pages, many=True)
return JsonResponse(serializer.data, safe=False)
elif request.method == "POST":
check_if_admin_of_project(request.user.id, project.uuid)
data = JSONParser().parse(request)
serializer = PageSerializer(data=data)
if serializer.is_valid():
page = Page.objects.create(project=project, **serializer.validated_data)
page.save()
return JsonResponse(
{"uuid": page.uuid, **serializer.data}, status=status.HTTP_201_CREATED
)
return JsonResponse(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
def project_detail(request, project_uuid):
project = get_object_or_404(Project, pk=project_uuid)
check_if_member_of_project(request.user.id, project.uuid)
if request.method == "GET":
if is_admin_of_project(request.user.id, project.uuid):
serializer = ProjectSerializer(
project, context={"user_id": request.user.id})
return JsonResponse(serializer.data)
serializer = ProjectSerializer(
project,
fields=(
"uuid",
"name",
"project_members",
"pages",
"scripts",
"audit_parameters_list",
"screenshot_url",
"latest_audit_at",
),
context={"user_id": request.user.id},
)
return JsonResponse(serializer.data)
elif request.method == "PUT":
check_if_admin_of_project(request.user.id, project.uuid)
data = JSONParser().parse(request)
serializer = ProjectSerializer(project,
data=data,
partial=True,
context={"user_id": request.user.id})
if serializer.is_valid():
serializer.save()
return JsonResponse(serializer.data)
return JsonResponse(serializer.errors,
status=status.HTTP_400_BAD_REQUEST)
elif request.method == "DELETE":
check_if_admin_of_project(request.user.id, project.uuid)
project.delete()
return JsonResponse({}, status=status.HTTP_204_NO_CONTENT)
def project_script_detail(request, project_uuid, script_uuid):
project = get_object_or_404(Project, pk=project_uuid)
script = get_object_or_404(Script, pk=script_uuid)
check_if_member_of_project(request.user.id, project.uuid)
if script.project != project:
return JsonResponse({}, status=status.HTTP_400_BAD_REQUEST)
elif request.method == "PUT":
check_if_admin_of_project(request.user.id, project.uuid)
data = JSONParser().parse(request)
serializer = ScriptSerializer(script, data=data)
if serializer.is_valid():
serializer.save()
return JsonResponse(serializer.data)
return JsonResponse(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
elif request.method == "DELETE":
check_if_admin_of_project(request.user.id, project.uuid)
script.delete()
return JsonResponse({}, status=status.HTTP_204_NO_CONTENT)
def submit_form(self, project, user):
try:
check_if_member_of_project(user.id, project.uuid)
page_or_script_to_audit_uuid = self.data["page_or_script_to_audit"]
audit_parameters_uuid = self.data["audit_parameters_to_use"]
if "__all__" == page_or_script_to_audit_uuid:
pages_to_audit = project.pages.all()
scripts_to_audit = project.scripts.all()
else:
pages_to_audit = project.pages.filter(
uuid=page_or_script_to_audit_uuid)
scripts_to_audit = project.scripts.filter(
uuid=page_or_script_to_audit_uuid)
if "__all__" == audit_parameters_uuid:
audit_parameters_list = project.audit_parameters_list.all()
else:
audit_parameters_list = project.audit_parameters_list.filter(
uuid=audit_parameters_uuid)
for audit_parameters in audit_parameters_list:
for page_to_audit in pages_to_audit:
new_page_audit = Audit(page=page_to_audit,
parameters=audit_parameters)
new_page_audit.save()
request_audit.delay(new_page_audit.uuid)
for script_to_audit in scripts_to_audit:
new_script_audit = Audit(script=script_to_audit,
parameters=audit_parameters)
new_script_audit.save()
request_audit.delay(new_script_audit.uuid)
except Exception as e:
error_message = str(e)
self.add_error(None, error_message)
raise
return True
