class FindingEditForm(
BaseEntityForm(Finding,
skip_attrs={'name'},
hide_attrs={'cvss_v3_score', 'cvss_v3_vector'})):
affected_resources = TextAreaField(
description='List of affected resources. One per line.',
render_kw=dict(class_='noMD', rows=5))
class ClientForm(BaseEntityForm(Client, skip_attrs={'finding_counter'})):
managers = SelectMultipleField(coerce=User.coerce,
validators=[Optional(), users_are_managers])
auditors = SelectMultipleField(coerce=User.coerce,
validators=[Optional(), user_is_auditor])
templates = SelectMultipleField(coerce=Template.coerce,
validators=[Optional()])
class FindingTemplateCreateNewForm(
BaseEntityForm(FindingTemplate,
hide_attrs={'cvss_v3_score', 'cvss_v3_vector'}),
BaseEntityForm(FindingTemplateTranslation, skip_pk=False)):
masvs = StringField(
label=
"MASVS - OWASP Mobile Application Security Verification Standard Requirement #",
render_kw={'placeholder': '0.0.0'},
validators=[validators.Regexp('[0-9]{1,2}.[0-9]{1,2}.[0-9]{1,2}')],
default="0.0.0")
asvs = StringField(
label=
"ASVS - OWASP Application Security Verification Standard Requirement #",
render_kw={'placeholder': '0.0.0'},
validators=[validators.Regexp('[0-9]{1,2}.[0-9]{1,2}.[0-9]{1,2}')],
default="0.0.0")
class AssessmentForm(BaseEntityForm(Assessment)):
auditors = SelectMultipleField(coerce=User.coerce,
validators=[Optional(), user_is_auditor])
bugtracking = StringField(label='Bug Tracking ticket #',
render_kw={'placeholder': 'APPSECSER-XXX'})
application = StringField(label='Application to assess',
render_kw={'placeholder': 'APPWEB-MyApp'})
class EditUserForm(
BaseEntityForm(User,
skip_attrs={
'username', 'source', 'creation_date',
'last_access', 'otp_seed'
})):
pass
class FindingEditForm(
BaseEntityForm(Finding,
skip_attrs={'name', 'client_finding_id'},
hide_attrs={'cvss_v3_score', 'cvss_v3_vector'})):
affected_resources = TextAreaField(
description='List of affected resources. One per line.',
render_kw=dict(class_='noMD', rows=5))
notes = TextAreaField(render_kw={
'class_': 'noMD',
'placeholder': 'Optional notes.'
})
class FindingTemplateEditTranslationForm(
BaseEntityForm(FindingTemplateTranslation, skip_attrs={'lang'})):
pass
class FindingTemplateAddSolutionForm(
BaseEntityForm(
Solution,
skip_pk=False,
custom_validators=dict(name=[validators.Regexp('[\w_-]+')]))):
pass
class FindingTemplateEditForm(BaseEntityForm(FindingTemplate)):
pass
class FindingTemplateAddTranslationForm(
BaseEntityForm(FindingTemplateTranslation, skip_pk=False)):
pass
class ActiveCreateNewForm(BaseEntityForm(Active),
BaseEntityForm(AffectedResource)):
pass
class TemplateEditForm(BaseEntityForm(Template)):
file = FileField(validators=[is_valid_template],
description="Allowed templates: .docx",
label='Update file:')
class AssessmentForm(BaseEntityForm(Assessment)):
auditors = SelectMultipleField(coerce=User.coerce,
validators=[Optional(), user_is_auditor])
class TemplateCreateNewForm(BaseEntityForm(Template)):
file = FileField(validators=[FileRequired(), is_valid_template],
description="Allowed templates: .docx")
class FindingTemplateEditSolutionForm(
BaseEntityForm(
Solution,
skip_attrs={'lang'},
custom_validators=dict(name=[validators.Regexp('[\w_-]+')]))):
pass
class FindingTemplateCreateNewForm(
BaseEntityForm(FindingTemplate,
hide_attrs={'cvss_v3_score', 'cvss_v3_vector'}),
BaseEntityForm(FindingTemplateTranslation, skip_pk=False)):
pass
class FindingTemplateEditForm(
BaseEntityForm(FindingTemplate,
hide_attrs={'cvss_v3_score', 'cvss_v3_vector'})):
pass
class FindingTemplateCreateNewForm(BaseEntityForm(FindingTemplate),
BaseEntityForm(FindingTemplateTranslation,
skip_pk=False)):
pass
class ClientForm(BaseEntityForm(Client)):
managers = SelectMultipleField(coerce=User.coerce,
validators=[Optional(), users_are_managers])
auditors = SelectMultipleField(coerce=User.coerce,
validators=[Optional(), user_is_auditor])
