def add_meta_data(request, pid): prod = Product.objects.get(id=pid) if request.method == 'POST': form = DojoMetaDataForm(request.POST) if form.is_valid(): cf, created = DojoMeta.objects.get_or_create( name=form.cleaned_data['name'], model_name='Product', model_id=prod.id, value=form.cleaned_data['value']) cf.save() prod.product_meta.add(cf) prod.save() messages.add_message(request, messages.SUCCESS, 'Metadata added successfully.', extra_tags='alert-success') if 'add_another' in request.POST: return HttpResponseRedirect( reverse('add_meta_data', args=(pid, ))) else: return HttpResponseRedirect( reverse('view_product', args=(pid, ))) else: form = DojoMetaDataForm() product_tab = Product_Tab(pid, title="Add Metadata", tab="settings") return render(request, 'dojo/add_product_meta_data.html', { 'form': form, 'product_tab': product_tab, 'product': prod, })
def edit_engagement_presets(request, pid, eid): prod = get_object_or_404(Product, id=pid) preset = get_object_or_404(Engagement_Presets, id=eid) product_tab = Product_Tab(prod.id, title="Edit Engagement Preset", tab="settings") if request.method == 'POST': tform = EngagementPresetsForm(request.POST, instance=preset) if tform.is_valid(): tform.save() messages.add_message(request, messages.SUCCESS, 'Engagement Preset Successfully Updated.', extra_tags='alert-success') return HttpResponseRedirect( reverse('engagement_presets', args=(pid, ))) else: tform = EngagementPresetsForm(instance=preset) return render(request, 'dojo/edit_presets.html', { 'product_tab': product_tab, 'tform': tform, 'prod': prod })
def upload_threatmodel(request, eid): eng = Engagement.objects.get(id=eid) add_breadcrumb( parent=eng, title="Upload a threat model", top_level=False, request=request) if request.method == 'POST': form = UploadThreatForm(request.POST, request.FILES) if form.is_valid(): handle_uploaded_threat(request.FILES['file'], eng) eng.progress = 'other' eng.threat_model = True eng.save() messages.add_message( request, messages.SUCCESS, 'Threat model saved.', extra_tags='alert-success') return HttpResponseRedirect( reverse('view_engagement', args=(eid, ))) else: form = UploadThreatForm() product_tab = Product_Tab(eng.product.id, title="Upload Threat Model", tab="engagements") return render(request, 'dojo/up_threat.html', { 'form': form, 'product_tab': product_tab, 'eng': eng, })
def edit_meta_data(request, eid): endpoint = Endpoint.objects.get(id=eid) if request.method == 'POST': for key, value in request.POST.iteritems(): if key.startswith('cfv_'): cfv_id = int(key.split('_')[1]) cfv = get_object_or_404(DojoMeta, id=cfv_id) value = value.strip() if value: cfv.value = value cfv.save() else: cfv.delete() messages.add_message(request, messages.SUCCESS, 'Metadata edited successfully.', extra_tags='alert-success') return HttpResponseRedirect(reverse('view_endpoint', args=(eid, ))) product_tab = Product_Tab(endpoint.product.id, "Edit Metadata", tab="endpoints") return render(request, 'dojo/edit_endpoint_meta_data.html', { 'endpoint': endpoint, 'product_tab': product_tab, })
def delete_product(request, pid): product = get_object_or_404(Product, pk=pid) form = DeleteProductForm(instance=product) if request.method == 'POST': if 'id' in request.POST and str(product.id) == request.POST['id']: form = DeleteProductForm(request.POST, instance=product) if form.is_valid(): if product.tags: del product.tags product.delete() messages.add_message(request, messages.SUCCESS, 'Product and relationships removed.', extra_tags='alert-success') return HttpResponseRedirect(reverse('product')) collector = NestedObjects(using=DEFAULT_DB_ALIAS) collector.collect([product]) rels = collector.nested() product_tab = Product_Tab(pid, title="Product", tab="settings") return render( request, 'dojo/delete_product.html', { 'product': product, 'form': form, 'product_tab': product_tab, 'rels': rels, })
def view_test(request, tid): test = Test.objects.get(id=tid) prod = test.engagement.product auth = request.user.is_staff or request.user in prod.authorized_users.all() if not auth: # will render 403 raise PermissionDenied notes = test.notes.all() person = request.user.username findings = Finding.objects.filter(test=test).order_by('numerical_severity') stub_findings = Stub_Finding.objects.filter(test=test) cred_test = Cred_Mapping.objects.filter( test=test).select_related('cred_id').order_by('cred_id') creds = Cred_Mapping.objects.filter( engagement=test.engagement).select_related('cred_id').order_by( 'cred_id') if request.method == 'POST' and request.user.is_staff: form = NoteForm(request.POST) if form.is_valid(): new_note = form.save(commit=False) new_note.author = request.user new_note.date = timezone.now() new_note.save() test.notes.add(new_note) form = NoteForm() url = request.build_absolute_uri( reverse("view_test", args=(test.id, ))) title = "Test: %s on %s" % (test.test_type.name, test.engagement.product.name) process_notifications(request, new_note, url, title) messages.add_message(request, messages.SUCCESS, 'Note added successfully.', extra_tags='alert-success') else: form = NoteForm() fpage = get_page_items(request, findings, 25) sfpage = get_page_items(request, stub_findings, 25) show_re_upload = any(test.test_type.name in code for code in ImportScanForm.SCAN_TYPE_CHOICES) product_tab = Product_Tab(prod.id, title="Test", tab="engagements") product_tab.setEngagement(test.engagement) return render( request, 'dojo/view_test.html', { 'test': test, 'product_tab': product_tab, 'findings': fpage, 'findings_count': findings.count(), 'stub_findings': sfpage, 'form': form, 'notes': notes, 'person': person, 'request': request, 'show_re_upload': show_re_upload, 'creds': creds, 'cred_test': cred_test })
def edit_endpoint(request, eid): endpoint = get_object_or_404(Endpoint, id=eid) if request.method == 'POST': form = EditEndpointForm(request.POST, instance=endpoint) if form.is_valid(): endpoint = form.save() tags = request.POST.getlist('tags') t = ", ".join(tags) endpoint.tags = t messages.add_message(request, messages.SUCCESS, 'Endpoint updated successfully.', extra_tags='alert-success') return HttpResponseRedirect( reverse('view_endpoint', args=(endpoint.id, ))) add_breadcrumb(parent=endpoint, title="Edit", top_level=False, request=request) form = EditEndpointForm(instance=endpoint) form.initial['tags'] = [tag.name for tag in endpoint.tags] product_tab = Product_Tab(endpoint.product.id, "Endpoint", tab="endpoints") return render(request, "dojo/edit_endpoint.html", { "endpoint": endpoint, 'product_tab': product_tab, "form": form, })
def process_endpoint_view(request, eid, host_view=False): endpoint = get_object_or_404(Endpoint, id=eid) if host_view: endpoints = endpoint.host_endpoints() endpoint_metadata = None all_findings = endpoint.host_findings() active_findings = endpoint.host_active_findings() else: endpoints = None endpoint_metadata = dict( endpoint.endpoint_meta.values_list('name', 'value')) all_findings = endpoint.findings() active_findings = endpoint.active_findings() if all_findings: start_date = timezone.make_aware( datetime.combine(all_findings.last().date, datetime.min.time())) else: start_date = timezone.now() end_date = timezone.now() r = relativedelta(end_date, start_date) months_between = (r.years * 12) + r.months # include current month months_between += 1 # closed_findings is needed as a parameter for get_periods_counts, but they are not relevant in the endpoint view closed_findings = Finding.objects.none() monthly_counts = get_period_counts(active_findings, all_findings, closed_findings, None, months_between, start_date, relative_delta='months') paged_findings = get_page_items(request, active_findings, 25) vulnerable = False if active_findings.count() != 0: vulnerable = True product_tab = Product_Tab(endpoint.product.id, "Host" if host_view else "Endpoint", tab="endpoints") return render( request, "dojo/view_endpoint.html", { "endpoint": endpoint, 'product_tab': product_tab, "endpoints": endpoints, "findings": paged_findings, 'all_findings': all_findings, 'opened_per_month': monthly_counts['opened_per_period'], 'endpoint_metadata': endpoint_metadata, 'vulnerable': vulnerable, 'host_view': host_view, })
def edit_endpoint(request, eid): endpoint = get_object_or_404(Endpoint, id=eid) if request.method == 'POST': form = EditEndpointForm(request.POST, instance=endpoint) if form.is_valid(): logger.debug('saving endpoint') endpoint = form.save() messages.add_message(request, messages.SUCCESS, 'Endpoint updated successfully.', extra_tags='alert-success') return HttpResponseRedirect( reverse('view_endpoint', args=(endpoint.id, ))) else: add_breadcrumb(parent=endpoint, title="Edit", top_level=False, request=request) form = EditEndpointForm(instance=endpoint) product_tab = Product_Tab(endpoint.product.id, "Endpoint", tab="endpoints") return render(request, "dojo/edit_endpoint.html", { "endpoint": endpoint, 'product_tab': product_tab, "form": form, })
def delete_product(request, pid): product = get_object_or_404(Product, pk=pid) form = DeleteProductForm(instance=product) if request.method == 'POST': if 'id' in request.POST and str(product.id) == request.POST['id']: form = DeleteProductForm(request.POST, instance=product) if form.is_valid(): if product.tags: del product.tags product.delete() messages.add_message(request, messages.SUCCESS, 'Product and relationships removed.', extra_tags='alert-success') create_notification(event='other', title='Deletion of %s' % product.name, description='The product "%s" was deleted by %s' % (product.name, request.user), url=request.build_absolute_uri(reverse('product')), icon="exclamation-triangle") return HttpResponseRedirect(reverse('product')) collector = NestedObjects(using=DEFAULT_DB_ALIAS) collector.collect([product]) rels = collector.nested() product_tab = Product_Tab(pid, title="Product", tab="settings") return render(request, 'dojo/delete_product.html', {'product': product, 'form': form, 'product_tab': product_tab, 'rels': rels, })
def new_eng_for_app(request, pid, cicd=False): jform = None prod = Product.objects.get(id=pid) if request.method == 'POST': form = EngForm(request.POST, cicd=cicd) if form.is_valid(): new_eng = form.save(commit=False) if not new_eng.name: new_eng.name = str(new_eng.target_start) new_eng.threat_model = False new_eng.api_test = False new_eng.pen_test = False new_eng.check_list = False new_eng.product = prod if new_eng.threat_model: new_eng.progress = 'threat_model' else: new_eng.progress = 'other' if cicd: new_eng.engagement_type = 'CI/CD' new_eng.status = "In Progress" new_eng.save() tags = request.POST.getlist('tags') t = ", ".join(tags) new_eng.tags = t if get_system_setting('enable_jira'): # Test to make sure there is a Jira project associated the product try: jform = JIRAFindingForm(request.POST, prefix='jiraform', enabled=JIRA_PKey.objects.get(product=prod).push_all_issues) if jform.is_valid(): add_epic_task.delay(new_eng, jform.cleaned_data.get('push_to_jira')) except JIRA_PKey.DoesNotExist: pass messages.add_message(request, messages.SUCCESS, 'Engagement added successfully.', extra_tags='alert-success') create_notification(event='engagement_added', title=new_eng.name + " for " + prod.name, engagement=new_eng, url=reverse('view_engagement', args=(new_eng.id,)), objowner=new_eng.lead) if "_Add Tests" in request.POST: return HttpResponseRedirect(reverse('add_tests', args=(new_eng.id,))) elif "_Import Scan Results" in request.POST: return HttpResponseRedirect(reverse('import_scan_results', args=(new_eng.id,))) else: return HttpResponseRedirect(reverse('view_engagement', args=(new_eng.id,))) else: form = EngForm(initial={'lead': request.user, 'target_start': timezone.now().date(), 'target_end': timezone.now().date() + timedelta(days=7)}, cicd=cicd, product=prod.id) if(get_system_setting('enable_jira')): if JIRA_PKey.objects.filter(product=prod).count() != 0: jform = JIRAFindingForm(prefix='jiraform', enabled=JIRA_PKey.objects.get(product=prod).push_all_issues) product_tab = Product_Tab(pid, title="New Engagement", tab="engagements") return render(request, 'dojo/new_eng.html', {'form': form, 'pid': pid, 'product_tab': product_tab, 'jform': jform })
def edit_tool_product(request, pid, ttid): prod = get_object_or_404(Product, id=pid) tool_product = Tool_Product_Settings.objects.get(pk=ttid) if request.method == 'POST': tform = ToolProductSettingsForm(request.POST, instance=tool_product) if tform.is_valid(): tform.save() messages.add_message( request, messages.SUCCESS, 'Tool Product Configuration Successfully Updated.', extra_tags='alert-success') return HttpResponseRedirect( reverse('all_tool_product', args=(pid, ))) else: tform = ToolProductSettingsForm(instance=tool_product) product_tab = Product_Tab(pid, title="Edit Product Tool Configuration", tab="settings") return render(request, 'dojo/edit_tool_product.html', { 'tform': tform, 'product_tab': product_tab })
def new_tool_product(request, pid): prod = get_object_or_404(Product, id=pid) if request.method == 'POST': tform = ToolProductSettingsForm(request.POST) if tform.is_valid(): # form.tool_type = tool_type new_prod = tform.save(commit=False) new_prod.product = prod new_prod.save() messages.add_message( request, messages.SUCCESS, 'Product Tool Configuration Successfully Created.', extra_tags='alert-success') return HttpResponseRedirect( reverse('all_tool_product', args=(pid, ))) else: tform = ToolProductSettingsForm() product_tab = Product_Tab(pid, title="Tool Configurations", tab="settings") return render(request, 'dojo/new_tool_product.html', { 'tform': tform, 'product_tab': product_tab, 'pid': pid })
def edit_meta_data(request, pid): prod = Product.objects.get(id=pid) product_cf = prod.product_meta product_metadata = {} for cf in product_cf.all(): cfv = cf.value if len(cfv): product_metadata[cf] = cfv if request.method == 'POST': for key, value in request.POST.iteritems(): if key.startswith('cfv_'): cfv_id = int(key.split('_')[1]) cfv = get_object_or_404(DojoMeta, id=cfv_id) value = value.strip() if value: cfv.value = value cfv.save() else: cfv.delete() messages.add_message(request, messages.SUCCESS, 'Metadata edited successfully.', extra_tags='alert-success') return HttpResponseRedirect(reverse('view_product', args=(pid, ))) product_tab = Product_Tab(pid, title="Edit Metadata", tab="settings") return render( request, 'dojo/edit_product_meta_data.html', { 'product': prod, 'product_tab': product_tab, 'product_metadata': product_metadata, })
def action_history(request, cid, oid): try: ct = ContentType.objects.get_for_id(cid) obj = ct.get_object_for_this_type(pk=oid) except KeyError: raise Http404() product_id = None active_tab = None finding = None test = False object_value = None if str(ct) == "product": product_id = obj.id active_tab = "overview" object_value = Product.objects.get(id=obj.id) elif str(ct) == "engagement": object_value = Engagement.objects.get(id=obj.id) product_id = object_value.product.id active_tab = "engagements" elif str(ct) == "test": object_value = Test.objects.get(id=obj.id) product_id = object_value.engagement.product.id active_tab = "engagements" test = True elif str(ct) == "finding": object_value = Finding.objects.get(id=obj.id) product_id = object_value.test.engagement.product.id active_tab = "findings" finding = object_value elif str(ct) == "endpoint": object_value = Endpoint.objects.get(id=obj.id) product_id = object_value.product.id active_tab = "endpoints" product_tab = None if product_id: product_tab = Product_Tab(product_id, title="History", tab=active_tab) if active_tab == "engagements": if str(ct) == "engagement": product_tab.setEngagement(object_value) else: product_tab.setEngagement(object_value.engagement) history = LogEntry.objects.filter(content_type=ct, object_pk=obj.id).order_by('-timestamp') history = LogEntryFilter(request.GET, queryset=history) paged_history = get_page_items(request, history.qs, 25) return render( request, 'dojo/action_history.html', { "history": paged_history, 'product_tab': product_tab, "filtered": history, "obj": obj, "test": test, "object_value": object_value, "finding": finding })
def add_endpoint(request, pid): product = get_object_or_404(Product, id=pid) template = 'dojo/add_endpoint.html' form = AddEndpointForm(product=product) if request.method == 'POST': form = AddEndpointForm(request.POST, product=product) if form.is_valid(): endpoints = form.save() tags = request.POST.get('tags') for e in endpoints: e.tags = tags e.save() messages.add_message(request, messages.SUCCESS, 'Endpoint added successfully.', extra_tags='alert-success') return HttpResponseRedirect( reverse('endpoint') + "?product=" + pid) product_tab = Product_Tab(product.id, "Add Endpoint", tab="endpoints") return render(request, template, { 'product_tab': product_tab, 'name': 'Add Endpoint', 'form': form })
def delete_endpoint(request, eid): endpoint = get_object_or_404(Endpoint, pk=eid) product = endpoint.product form = DeleteEndpointForm(instance=endpoint) if request.method == 'POST': if 'id' in request.POST and str(endpoint.id) == request.POST['id']: form = DeleteEndpointForm(request.POST, instance=endpoint) if form.is_valid(): endpoint.delete() messages.add_message(request, messages.SUCCESS, 'Endpoint and relationships removed.', extra_tags='alert-success') create_notification(event='other', title='Deletion of %s' % endpoint, description='The endpoint "%s" was deleted by %s' % (endpoint, request.user), url=request.build_absolute_uri(reverse('endpoints')), icon="exclamation-triangle") return HttpResponseRedirect(reverse('view_product', args=(product.id,))) collector = NestedObjects(using=DEFAULT_DB_ALIAS) collector.collect([endpoint]) rels = collector.nested() product_tab = Product_Tab(endpoint.product.id, "Delete Endpoint", tab="endpoints") return render(request, 'dojo/delete_endpoint.html', {'endpoint': endpoint, 'product_tab': product_tab, 'form': form, 'rels': rels, })
def delete_test(request, tid): test = get_object_or_404(Test, pk=tid) eng = test.engagement form = DeleteTestForm(instance=test) if request.method == 'POST': if 'id' in request.POST and str(test.id) == request.POST['id']: form = DeleteTestForm(request.POST, instance=test) if form.is_valid(): del test.tags test.delete() messages.add_message(request, messages.SUCCESS, 'Test and relationships removed.', extra_tags='alert-success') return HttpResponseRedirect(reverse('view_engagement', args=(eng.id,))) collector = NestedObjects(using=DEFAULT_DB_ALIAS) collector.collect([test]) rels = collector.nested() product_tab = Product_Tab(test.engagement.product.id, title="Delete Test", tab="engagements") product_tab.setEngagement(test.engagement) return render(request, 'dojo/delete_test.html', {'test': test, 'product_tab': product_tab, 'form': form, 'rels': rels, 'deletable_objects': rels, })
def delete_engagement(request, eid): engagement = get_object_or_404(Engagement, pk=eid) product = engagement.product form = DeleteEngagementForm(instance=engagement) if request.method == 'POST': if 'id' in request.POST and str(engagement.id) == request.POST['id']: form = DeleteEngagementForm(request.POST, instance=engagement) if form.is_valid(): del engagement.tags engagement.delete() messages.add_message( request, messages.SUCCESS, 'Engagement and relationships removed.', extra_tags='alert-success') if engagement.engagement_type == 'CI/CD': return HttpResponseRedirect(reverse("view_engagements_cicd", args=(product.id, ))) else: return HttpResponseRedirect(reverse("view_engagements", args=(product.id, ))) collector = NestedObjects(using=DEFAULT_DB_ALIAS) collector.collect([engagement]) rels = collector.nested() product_tab = Product_Tab(product.id, title="Delete Engagement", tab="engagements") product_tab.setEngagement(engagement) return render(request, 'dojo/delete_engagement.html', { 'product_tab': product_tab, 'engagement': engagement, 'form': form, 'rels': rels, })
def delete(request, pid, type): product = get_object_or_404(Product, id=pid) benchmark_type = get_object_or_404(Benchmark_Type, id=type) benchmark_product_summary = Benchmark_Product_Summary.objects.filter(product=product, benchmark_type=type).first() form = DeleteBenchmarkForm(instance=benchmark_product_summary) if request.method == 'POST': if 'id' in request.POST and str(benchmark_product_summary.id) == request.POST['id']: form = DeleteBenchmarkForm(request.POST, instance=benchmark_product_summary) if form.is_valid(): benchmark_product = Benchmark_Product.objects.filter(product=product, control__category__type=type) benchmark_product.delete() benchmark_product_summary.delete() messages.add_message(request, messages.SUCCESS, 'Benchmarks removed.', extra_tags='alert-success') return HttpResponseRedirect(reverse('product')) product_tab = Product_Tab(pid, title="Delete Benchmarks", tab="benchmarks") return render(request, 'dojo/delete_benchmark.html', {'product': product, 'form': form, 'product_tab': product_tab })
def add_meta_data(request, eid): endpoint = Endpoint.objects.get(id=eid) if request.method == 'POST': form = DojoMetaDataForm(request.POST, instance=DojoMeta(endpoint=endpoint)) if form.is_valid(): form.save() messages.add_message(request, messages.SUCCESS, 'Metadata added successfully.', extra_tags='alert-success') if 'add_another' in request.POST: return HttpResponseRedirect( reverse('add_meta_data', args=(eid, ))) else: return HttpResponseRedirect( reverse('view_endpoint', args=(eid, ))) else: form = DojoMetaDataForm() add_breadcrumb(parent=endpoint, title="Add Metadata", top_level=False, request=request) product_tab = Product_Tab(endpoint.product.id, "Add Metadata", tab="endpoints") return render(request, 'dojo/add_endpoint_meta_data.html', { 'form': form, 'product_tab': product_tab, 'endpoint': endpoint, })
def edit_cred_product(request, pid, ttid): cred = get_object_or_404(Cred_Mapping.objects.select_related('cred_id'), id=ttid) prod = get_object_or_404(Product, pk=pid) if request.method == 'POST': tform = CredMappingFormProd(request.POST, instance=cred) if tform.is_valid(): tform.save() messages.add_message(request, messages.SUCCESS, 'Credential Successfully Updated.', extra_tags='alert-success') return HttpResponseRedirect( reverse('all_cred_product', args=(pid, ))) else: tform = CredMappingFormProd(instance=cred) product_tab = Product_Tab(prod.id, title="Edit Product Credential", tab="settings") return render(request, 'dojo/edit_cred_all.html', { 'tform': tform, 'product_tab': product_tab, 'cred_type': "Product" })
def delete_engagement_presets(request, pid, eid): prod = get_object_or_404(Product, id=pid) preset = get_object_or_404(Engagement_Presets, id=eid) form = DeleteEngagementPresetsForm(instance=preset) if request.method == 'POST': if 'id' in request.POST: form = DeleteEngagementPresetsForm(request.POST, instance=preset) if form.is_valid(): preset.delete() messages.add_message( request, messages.SUCCESS, 'Engagement presets and engagement relationships removed.', extra_tags='alert-success') return HttpResponseRedirect( reverse('engagement_presets', args=(pid, ))) collector = NestedObjects(using=DEFAULT_DB_ALIAS) collector.collect([preset]) rels = collector.nested() product_tab = Product_Tab(pid, title="Delete Engagement Preset", tab="settings") return render( request, 'dojo/delete_presets.html', { 'product': product, 'form': form, 'product_tab': product_tab, 'rels': rels, })
def new_cred_product(request, pid): prod = get_object_or_404(Product, pk=pid) if request.method == 'POST': tform = CredMappingFormProd(request.POST) if tform.is_valid(): # Select the credential mapping object from the selected list and only allow if the credential is associated with the product cred_user = Cred_Mapping.objects.filter( cred_id=tform.cleaned_data['cred_id'].id, product=pid).first() message = "Credential already associated." status_tag = 'alert-danger' if cred_user is None: prod = Product.objects.get(id=pid) new_f = tform.save(commit=False) new_f.product = prod new_f.save() message = 'Credential Successfully Updated.' status_tag = 'alert-success' messages.add_message( request, messages.SUCCESS, message, extra_tags=status_tag) return HttpResponseRedirect(reverse('all_cred_product', args=(pid, ))) else: tform = CredMappingFormProd() product_tab = Product_Tab(pid, title="Add Credential Configuration", tab="settings") return render(request, 'dojo/new_cred_product.html', { 'tform': tform, 'pid': pid, 'product_tab': product_tab })
def add_meta_data(request, pid): prod = Product.objects.get(id=pid) if request.method == 'POST': form = DojoMetaDataForm(request.POST, instance=DojoMeta(product=prod)) if form.is_valid(): form.save() messages.add_message(request, messages.SUCCESS, 'Metadata added successfully.', extra_tags='alert-success') if 'add_another' in request.POST: return HttpResponseRedirect( reverse('add_meta_data', args=(pid, ))) else: return HttpResponseRedirect( reverse('view_product', args=(pid, ))) else: form = DojoMetaDataForm() product_tab = Product_Tab(pid, title="Add Metadata", tab="settings") return render(request, 'dojo/add_product_meta_data.html', { 'form': form, 'product_tab': product_tab, 'product': prod, })
def new_object(request, pid): prod = get_object_or_404(Product, id=pid) if request.method == 'POST': tform = ObjectSettingsForm(request.POST) if tform.is_valid(): new_prod = tform.save(commit=False) new_prod.product = prod new_prod.save() messages.add_message(request, messages.SUCCESS, 'Added Tracked File to a Product', extra_tags='alert-success') return HttpResponseRedirect(reverse('view_objects', args=(pid, ))) else: tform = ObjectSettingsForm() product_tab = Product_Tab(pid, title="Add Tracked Files to a Product", tab="settings") return render(request, 'dojo/new_object.html', { 'tform': tform, 'product_tab': product_tab, 'pid': prod.id })
def add_engagement_presets(request, pid): prod = get_object_or_404(Product, id=pid) if request.method == 'POST': tform = EngagementPresetsForm(request.POST) if tform.is_valid(): form_copy = tform.save(commit=False) form_copy.product = prod form_copy.save() tform.save_m2m() messages.add_message(request, messages.SUCCESS, 'Engagement Preset Successfully Created.', extra_tags='alert-success') return HttpResponseRedirect( reverse('engagement_presets', args=(pid, ))) else: tform = EngagementPresetsForm() product_tab = Product_Tab(pid, title="New Engagement Preset", tab="settings") return render(request, 'dojo/new_params.html', { 'tform': tform, 'pid': pid, 'product_tab': product_tab })
def delete_object(request, pid, ttid): object = Objects_Product.objects.get(pk=ttid) product = get_object_or_404(Product, id=pid) if object.product != product: raise BadRequest( f'Product {pid} does not fit to product of Object {object.product.id}' ) if request.method == 'POST': tform = ObjectSettingsForm(request.POST, instance=object) object.delete() messages.add_message(request, messages.SUCCESS, 'Tracked Product Files Deleted.', extra_tags='alert-success') return HttpResponseRedirect(reverse('view_objects', args=(pid, ))) else: tform = DeleteObjectsSettingsForm(instance=object) product_tab = Product_Tab(pid, title="Delete Product Tool Configuration", tab="settings") return render(request, 'dojo/delete_object.html', { 'tform': tform, 'product_tab': product_tab })
def edit_test(request, tid): test = get_object_or_404(Test, pk=tid) form = TestForm(instance=test) if request.method == 'POST': form = TestForm(request.POST, instance=test) if form.is_valid(): new_test = form.save() tags = request.POST.getlist('tags') t = ", ".join(tags) new_test.tags = t messages.add_message(request, messages.SUCCESS, 'Test saved.', extra_tags='alert-success') return HttpResponseRedirect(reverse('view_engagement', args=(test.engagement.id,))) form.initial['target_start'] = test.target_start.date() form.initial['target_end'] = test.target_end.date() form.initial['tags'] = [tag.name for tag in test.tags] product_tab = Product_Tab(test.engagement.product.id, title="Edit Test", tab="engagements") product_tab.setEngagement(test.engagement) return render(request, 'dojo/edit_test.html', {'test': test, 'product_tab': product_tab, 'form': form, })
def edit_object(request, pid, ttid): object = Objects_Product.objects.get(pk=ttid) if request.method == 'POST': tform = ObjectSettingsForm(request.POST, instance=object) if tform.is_valid(): tform.save() # tags = request.POST.getlist('tags') # t = ", ".join('"{0}"'.format(w) for w in tags) # object.tags = t messages.add_message(request, messages.SUCCESS, 'Tool Product Configuration Successfully Updated.', extra_tags='alert-success') return HttpResponseRedirect(reverse('view_objects', args=(pid,))) else: tform = ObjectSettingsForm(instance=object) # tform.initial['tags'] = [tag.name for tag in object.tags.all()] product_tab = Product_Tab(pid, title="Edit Tracked Files", tab="settings") return render(request, 'dojo/edit_object.html', { 'tform': tform, 'product_tab': product_tab })