def edit_tool_config(request, ttid):
tool_config = Tool_Configuration.objects.get(pk=ttid)
if request.method == 'POST':
tform = ToolConfigForm(request.POST, instance=tool_config)
if tform.is_valid():
form_copy = tform.save(commit=False)
form_copy.password = dojo_crypto_encrypt(tform.cleaned_data['password'])
print "######"
print tform.cleaned_data['ssh']
form_copy.ssh = dojo_crypto_encrypt(tform.cleaned_data['ssh'])
form_copy.save()
messages.add_message(request,
messages.SUCCESS,
'Tool Configuration Successfully Updated.',
extra_tags='alert-success')
return HttpResponseRedirect(reverse('tool_config', ))
else:
tool_config.password = prepare_for_view(tool_config.password)
tool_config.ssh = prepare_for_view(tool_config.ssh)
tform = ToolConfigForm(instance=tool_config)
add_breadcrumb(title="Edit Tool Configuration", top_level=False, request=request)
return render(request,
'dojo/edit_tool_config.html',
{
'tform': tform,
})
def edit_tool_config(request, ttid):
tool_config = Tool_Configuration.objects.get(pk=ttid)
if request.method == 'POST':
tform = ToolConfigForm(request.POST, instance=tool_config)
if tform.is_valid():
form_copy = tform.save(commit=False)
form_copy.password = dojo_crypto_encrypt(
tform.cleaned_data['password'])
form_copy.ssh = dojo_crypto_encrypt(tform.cleaned_data['ssh'])
form_copy.save()
messages.add_message(request,
messages.SUCCESS,
'Tool Configuration Successfully Updated.',
extra_tags='alert-success')
return HttpResponseRedirect(reverse('tool_config', ))
else:
tool_config.password = prepare_for_view(tool_config.password)
tool_config.ssh = prepare_for_view(tool_config.ssh)
tform = ToolConfigForm(instance=tool_config)
add_breadcrumb(title="Edit Tool Configuration",
top_level=False,
request=request)
return render(request, 'dojo/edit_tool_config.html', {
'tform': tform,
})
def edit_tool_config(request, ttid):
tool_config = Tool_Configuration.objects.get(pk=ttid)
if request.method == 'POST':
tform = ToolConfigForm(request.POST, instance=tool_config)
if tform.is_valid():
form_copy = tform.save(commit=False)
form_copy.password = dojo_crypto_encrypt(
tform.cleaned_data['password'])
form_copy.ssh = dojo_crypto_encrypt(tform.cleaned_data['ssh'])
try:
tool_type_qs_sonarqube = Tool_Type.objects.filter(
name='SonarQube')
if form_copy.tool_type in tool_type_qs_sonarqube:
sq = SonarQubeAPI(form_copy)
project_count = sq.test_connection(
) # if connection is not successful, this call raise exception
messages.add_message(
request,
messages.SUCCESS,
'SonarQube connection successful. You have access to {} projects'
.format(project_count),
extra_tags='alert-success')
tool_type_qs_cobaltio = Tool_Type.objects.filter(
name='Cobalt.io')
if form_copy.tool_type in tool_type_qs_cobaltio:
cobalt = CobaltAPI(form_copy)
org = cobalt.test_connection(
) # if connection is not successful, this call raise exception
messages.add_message(
request,
messages.SUCCESS,
'Cobalt.io connection successful. You have access to the "{}" org'
.format(org["resource"]["name"]),
extra_tags='alert-success')
form_copy.save()
messages.add_message(
request,
messages.SUCCESS,
'Tool Configuration Successfully Updated.',
extra_tags='alert-success')
return HttpResponseRedirect(reverse('tool_config', ))
except Exception as e:
messages.add_message(request,
messages.ERROR,
str(e),
extra_tags='alert-danger')
else:
tool_config.password = prepare_for_view(tool_config.password)
tool_config.ssh = prepare_for_view(tool_config.ssh)
tform = ToolConfigForm(instance=tool_config)
add_breadcrumb(title="Edit Tool Configuration",
top_level=False,
request=request)
return render(request, 'dojo/edit_tool_config.html', {
'tform': tform,
})
def edit_cred(request, ttid):
tool_config = Cred_User.objects.get(pk=ttid)
if request.method == 'POST':
tform = CredUserForm(request.POST, request.FILES, instance=tool_config)
if tform.is_valid():
form_copy = tform.save(commit=False)
form_copy.password = dojo_crypto_encrypt(
tform.cleaned_data['password'])
#handle_uploaded_selenium(request.FILES['selenium_script'], tool_config)
form_copy.save()
messages.add_message(request,
messages.SUCCESS,
'Credential Successfully Updated.',
extra_tags='alert-success')
return HttpResponseRedirect(reverse('cred', ))
else:
tool_config.password = prepare_for_view(tool_config.password)
tform = CredUserForm(instance=tool_config)
add_breadcrumb(title="Edit Credential Configuration",
top_level=False,
request=request)
return render(request, 'dojo/edit_cred.html', {
'tform': tform,
})
def __init__(self, tool_config=None):
self.rules_cache = dict()
tool_type, _ = Tool_Type.objects.get_or_create(name='SonarQube')
if not tool_config: # https://github.com/DefectDojo/django-DefectDojo/pull/4676 cases no. 1-3
try:
tool_config = Tool_Configuration.objects.get(
tool_type=tool_type
) # https://github.com/DefectDojo/django-DefectDojo/pull/4676 case no. 2
except Tool_Configuration.DoesNotExist: # https://github.com/DefectDojo/django-DefectDojo/pull/4676 case no. 1
raise Exception(
'No SonarQube tool is configured. \n'
'Create a new Tool at Settings -> Tool Configuration')
except Tool_Configuration.MultipleObjectsReturned: # https://github.com/DefectDojo/django-DefectDojo/pull/4676 case no. 3
raise Exception(
'It has configured more than one SonarQube tool. \n'
'Please specify at Product configuration which one should be used.'
)
self.extras = tool_config.extras
self.session = requests.Session()
self.sonar_api_url = tool_config.url
if tool_config.authentication_type == "Password":
self.session.auth = (tool_config.username,
prepare_for_view(tool_config.password))
elif tool_config.authentication_type == "API":
self.session.auth = (tool_config.api_key, '')
else:
raise Exception(
'SonarQube Authentication type {} not supported'.format(
tool_config.authentication_type))
def edit_cred(request, ttid):
tool_config = Cred_User.objects.get(pk=ttid)
if request.method == 'POST':
tform = CredUserForm(request.POST, request.FILES, instance=tool_config)
if tform.is_valid():
form_copy = tform.save(commit=False)
form_copy.password = dojo_crypto_encrypt(tform.cleaned_data['password'])
#handle_uploaded_selenium(request.FILES['selenium_script'], tool_config)
form_copy.save()
messages.add_message(request,
messages.SUCCESS,
'Credential Successfully Updated.',
extra_tags='alert-success')
return HttpResponseRedirect(reverse('cred', ))
else:
tool_config.password = prepare_for_view(tool_config.password)
tform = CredUserForm(instance=tool_config)
add_breadcrumb(title="Edit Credential Configuration", top_level=False, request=request)
return render(request,
'dojo/edit_cred.html',
{
'tform': tform,
})
def edit_tool_config(request, ttid):
tool_config = Tool_Configuration.objects.get(pk=ttid)
if request.method == 'POST':
tform = ToolConfigForm(request.POST, instance=tool_config)
if tform.is_valid():
form_copy = tform.save(commit=False)
form_copy.password = dojo_crypto_encrypt(
tform.cleaned_data['password'])
form_copy.ssh = dojo_crypto_encrypt(tform.cleaned_data['ssh'])
try:
api = create_API(form_copy)
if api and hasattr(api, 'test_connection'):
result = api.test_connection()
messages.add_message(
request,
messages.SUCCESS,
f'API connection successful with message: {result}.',
extra_tags='alert-success')
form_copy.save()
messages.add_message(
request,
messages.SUCCESS,
'Tool Configuration successfully updated.',
extra_tags='alert-success')
return HttpResponseRedirect(reverse('tool_config', ))
except Exception as e:
logger.info(e)
messages.add_message(request,
messages.ERROR,
str(e),
extra_tags='alert-danger')
else:
tool_config.password = prepare_for_view(tool_config.password)
tool_config.ssh = prepare_for_view(tool_config.ssh)
tform = ToolConfigForm(instance=tool_config)
add_breadcrumb(title="Edit Tool Configuration",
top_level=False,
request=request)
return render(request, 'dojo/edit_tool_config.html', {
'tform': tform,
})
def get_pwd(value):
return prepare_for_view(value)
def get_pwd(value):
return prepare_for_view(value)
def test_encryption(self):
test_input = "Hello World!"
encrypt = dojo_crypto_encrypt(test_input)
test_output = prepare_for_view(encrypt)
self.assertEqual(test_input, test_output)
