def post_process_finding_save(finding,
dedupe_option=True,
false_history=False,
rules_option=True,
product_grading_option=True,
issue_updater_option=True,
push_to_jira=False,
user=None,
*args,
**kwargs):
system_settings = System_Settings.objects.get()
# STEP 1 run all status changing tasks sequentially to avoid race conditions
if dedupe_option:
if finding.hash_code is not None:
if system_settings.enable_deduplication:
from dojo.utils import do_dedupe_finding
do_dedupe_finding(finding, *args, **kwargs)
else:
deduplicationLogger.debug(
"skipping dedupe because it's disabled in system settings")
else:
deduplicationLogger.warning(
"skipping dedupe because hash_code is None")
if false_history:
if system_settings.false_positive_history:
from dojo.utils import do_false_positive_history
do_false_positive_history(finding, *args, **kwargs)
else:
deduplicationLogger.debug(
"skipping false positive history because it's disabled in system settings"
)
# STEP 2 run all non-status changing tasks as celery tasks in the background
if issue_updater_option:
from dojo.tools import tool_issue_updater
tool_issue_updater.async_tool_issue_update(finding)
if product_grading_option:
if system_settings.enable_product_grade:
from dojo.utils import calculate_grade
calculate_grade(finding.test.engagement.product)
else:
deduplicationLogger.debug(
"skipping product grading because it's disabled in system settings"
)
# Adding a snippet here for push to JIRA so that it's in one place
if push_to_jira:
logger.debug('pushing finding %s to jira from finding.save()',
finding.pk)
import dojo.jira_link.helper as jira_helper
jira_helper.push_to_jira(finding)
def post_process_finding_save(finding, dedupe_option=True, false_history=False, rules_option=True, product_grading_option=True,
issue_updater_option=True, push_to_jira=False, user=None, *args, **kwargs):
system_settings = System_Settings.objects.get()
# STEP 1 run all status changing tasks sequentially to avoid race conditions
if dedupe_option:
if finding.hash_code is not None:
if system_settings.enable_deduplication:
from dojo.utils import do_dedupe_finding
do_dedupe_finding(finding, *args, **kwargs)
else:
deduplicationLogger.debug("skipping dedupe because it's disabled in system settings")
else:
deduplicationLogger.warning("skipping dedupe because hash_code is None")
if false_history:
if system_settings.false_positive_history:
from dojo.utils import do_false_positive_history
do_false_positive_history(finding, *args, **kwargs)
else:
deduplicationLogger.debug("skipping false positive history because it's disabled in system settings")
# STEP 2 run all non-status changing tasks as celery tasks in the background
if issue_updater_option:
from dojo.tools import tool_issue_updater
tool_issue_updater.async_tool_issue_update(finding)
if product_grading_option:
if system_settings.enable_product_grade:
from dojo.utils import calculate_grade
calculate_grade(finding.test.engagement.product)
else:
deduplicationLogger.debug("skipping product grading because it's disabled in system settings")
# Adding a snippet here for push to JIRA so that it's in one place
if push_to_jira:
logger.debug('pushing finding %s to jira from finding.save()', finding.pk)
import dojo.jira_link.helper as jira_helper
# current approach is that whenever a finding is in a group, the group will be pushed to JIRA
# based on feedback we could introduct another push_group_to_jira boolean everywhere
# but what about the push_all boolean? Let's see how this works for now and get some feedback.
if finding.has_jira_issue or not finding.finding_group:
jira_helper.push_to_jira(finding)
elif finding.finding_group:
jira_helper.push_to_jira(finding.finding_group)
def finding_bulk_update(request, tid):
test = get_object_or_404(Test, id=tid)
form = FindingBulkUpdateForm(request.POST)
if request.method == "POST":
finding_to_update = request.POST.getlist('finding_to_update')
if request.POST.get('delete_bulk_findings') and finding_to_update:
finds = Finding.objects.filter(test=test, id__in=finding_to_update)
product = Product.objects.get(engagement__test=test)
finds.delete()
calculate_grade(product)
else:
if form.is_valid() and finding_to_update:
finding_to_update = request.POST.getlist('finding_to_update')
finds = Finding.objects.filter(test=test,
id__in=finding_to_update)
if form.cleaned_data['severity']:
finds.update(
severity=form.cleaned_data['severity'],
numerical_severity=Finding.get_numerical_severity(
form.cleaned_data['severity']),
last_reviewed=timezone.now(),
last_reviewed_by=request.user)
if form.cleaned_data['status']:
finds.update(
active=form.cleaned_data['active'],
verified=form.cleaned_data['verified'],
false_p=form.cleaned_data['false_p'],
out_of_scope=form.cleaned_data['out_of_scope'],
is_Mitigated=form.cleaned_data['is_Mitigated'],
last_reviewed=timezone.now(),
last_reviewed_by=request.user)
if form.cleaned_data['tags']:
for finding in finds:
tags = request.POST.getlist('tags')
ts = ", ".join(tags)
finding.tags = ts
# Update the grade as bulk edits don't go through save
if form.cleaned_data['severity'] or form.cleaned_data['status']:
calculate_grade(test.engagement.product)
for finding in finds:
from dojo.tools import tool_issue_updater
tool_issue_updater.async_tool_issue_update(finding)
if finding.jira_conf_new() is None:
log_jira_alert(
'Finding cannot be pushed to jira as there is no jira configuration for this product.',
finding)
else:
push_anyway = finding.jira_conf_new(
).jira_pkey_set.first().push_all_issues
# push_anyway = JIRA_PKey.objects.get(
# product=finding.test.engagement.product).push_all_issues
if form.cleaned_data['push_to_jira'] or push_anyway:
if JIRA_Issue.objects.filter(
finding=finding).exists():
update_issue_task.delay(finding, True)
else:
add_issue_task.delay(finding, True)
messages.add_message(
request,
messages.SUCCESS,
'Bulk edit of findings was successful. Check to make sure it is what you intended.',
extra_tags='alert-success')
else:
messages.add_message(
request,
messages.ERROR,
'Unable to process bulk update. Required fields were not selected.',
extra_tags='alert-danger')
return HttpResponseRedirect(reverse('view_test', args=(test.id, )))