def action_history(request, cid, oid):
try:
ct = ContentType.objects.get_for_id(cid)
obj = ct.get_object_for_this_type(pk=oid)
except KeyError:
raise Http404()
product_id = None
active_tab = None
finding = None
test = False
object_value = None
if str(ct) == "product":
product_id = obj.id
active_tab = "overview"
object_value = Product.objects.get(id=obj.id)
elif str(ct) == "engagement":
object_value = Engagement.objects.get(id=obj.id)
product_id = object_value.product.id
active_tab = "engagements"
elif str(ct) == "test":
object_value = Test.objects.get(id=obj.id)
product_id = object_value.engagement.product.id
active_tab = "engagements"
test = True
elif str(ct) == "finding":
object_value = Finding.objects.get(id=obj.id)
product_id = object_value.test.engagement.product.id
active_tab = "findings"
finding = object_value
elif str(ct) == "endpoint":
object_value = Endpoint.objects.get(id=obj.id)
product_id = object_value.product.id
active_tab = "endpoints"
product_tab = None
if product_id:
product_tab = Product_Tab(product_id, title="History", tab=active_tab)
if active_tab == "engagements":
if str(ct) == "engagement":
product_tab.setEngagement(object_value)
else:
product_tab.setEngagement(object_value.engagement)
history = LogEntry.objects.filter(content_type=ct,
object_pk=obj.id).order_by('-timestamp')
history = LogEntryFilter(request.GET, queryset=history)
paged_history = get_page_items(request, history.qs, 25)
return render(
request, 'dojo/action_history.html', {
"history": paged_history,
'product_tab': product_tab,
"filtered": history,
"obj": obj,
"test": test,
"object_value": object_value,
"finding": finding
})
def action_history(request, cid, oid):
from django.contrib.contenttypes.models import ContentType
from auditlog.models import LogEntry
try:
ct = ContentType.objects.get_for_id(cid)
obj = ct.get_object_for_this_type(pk=oid)
except KeyError:
raise Http404()
history = LogEntry.objects.filter(content_type=ct, object_pk=obj.id).order_by('-timestamp')
history = LogEntryFilter(request.GET, queryset=history)
paged_history = get_page_items(request, history.qs, 25)
add_breadcrumb(parent=obj, title="Action History", top_level=False, request=request)
return render(request, 'dojo/action_history.html',
{"history": paged_history,
"filtered": history,
"obj": obj,
})
def action_history(request, cid, oid):
try:
ct = ContentType.objects.get_for_id(cid)
obj = ct.get_object_for_this_type(pk=oid)
except (KeyError, ObjectDoesNotExist):
raise Http404()
product_id = None
active_tab = None
finding = None
test = False
object_value = None
if ct.model == "product":
user_has_permission_or_403(request.user, obj, Permissions.Product_View)
product_id = obj.id
active_tab = "overview"
object_value = Product.objects.get(id=obj.id)
elif ct.model == "engagement":
user_has_permission_or_403(request.user, obj,
Permissions.Engagement_View)
object_value = Engagement.objects.get(id=obj.id)
product_id = object_value.product.id
active_tab = "engagements"
elif ct.model == "test":
user_has_permission_or_403(request.user, obj, Permissions.Test_View)
object_value = Test.objects.get(id=obj.id)
product_id = object_value.engagement.product.id
active_tab = "engagements"
test = True
elif ct.model == "finding":
user_has_permission_or_403(request.user, obj, Permissions.Finding_View)
object_value = Finding.objects.get(id=obj.id)
product_id = object_value.test.engagement.product.id
active_tab = "findings"
finding = object_value
elif ct.model == "endpoint":
user_has_permission_or_403(request.user, obj,
Permissions.Endpoint_View)
object_value = Endpoint.objects.get(id=obj.id)
product_id = object_value.product.id
active_tab = "endpoints"
elif ct.model == "risk_acceptance":
engagements = Engagement.objects.filter(risk_acceptance=obj)
authorized = False
for engagement in engagements:
if user_has_permission(request.user, engagement,
Permissions.Engagement_View):
authorized = True
break
if not authorized:
raise PermissionDenied
else:
if not request.user.is_superuser:
raise PermissionDenied
product_tab = None
if product_id:
product_tab = Product_Tab(product_id, title="History", tab=active_tab)
if active_tab == "engagements":
if str(ct) == "engagement":
product_tab.setEngagement(object_value)
else:
product_tab.setEngagement(object_value.engagement)
history = LogEntry.objects.filter(content_type=ct,
object_pk=obj.id).order_by('-timestamp')
history = LogEntryFilter(request.GET, queryset=history)
paged_history = get_page_items(request, history.qs, 25)
if not get_system_setting('enable_auditlog'):
messages.add_message(
request,
messages.WARNING,
'Audit logging is currently disabled in System Settings.',
extra_tags='alert-danger')
return render(
request, 'dojo/action_history.html', {
"history": paged_history,
'product_tab': product_tab,
"filtered": history,
"obj": obj,
"test": test,
"object_value": object_value,
"finding": finding
})