dradis-csv 4.18.0 → 5.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 1a813bfc94503db7e99d60fa8e4e3432c69d0e7f2109aaf6d345f344a1db5edc
-  data.tar.gz: 06f7e78cf14c90dd4bf2a98b40a922d2e57ff6774c8bab2bcde86e6295c6fc38
+  metadata.gz: cbe906fb124f7a6013f5ee237f24029a0097a7113efdc47f6e6141bc90704c2f
+  data.tar.gz: f56aff91a38dc15ea4a2b887bb39b75642989988f84cba642e79fd0cef89992a
 SHA512:
-  metadata.gz: 14d85f67d9f65cb21fb6c27bab5e6cb138b381c2bd5f113c6d4e2ce5e5743c8034e0a7b2f481b200b11a001d5340067737e02207af005812ef1ef57f6b4ca4fb
-  data.tar.gz: 46759c7fe1b5afbd95451811e78f941a9d1c2d4497c4f994103104d5183f47e3ed67a79e073e5a66021d833313983bcb8e4db0f92cdf1171b0963fc6129c68f0
+  metadata.gz: f6dc6581dadccc848e09dae41e799c9cb856392b4dbeb8ca561eb0cf3d855c7f68ab06fb2d1812a6ad47c8397bfda23338e689e54d6ffd70af4ac294adf9096f
+  data.tar.gz: 936c511cd8423887ebbba1fb9c2c20ba976fa3781edfec2e7a08b78ddd93c430e209da3c66f5a9027333e2187d8d1a2ee72c03e05fb3d8a6d957bf10acbaf73a

data/CHANGELOG.md

@@ -1,3 +1,12 @@
+v5.0.0 (March 2026)
+  - No changes
+
+v4.20.0 (Month 2026)
+  -  Fix state selection not being applied correctly
+
+v4.19.0 (November 2025)
+  - No changes
+
 v4.18.0 (September 2025)
   - No changes
 

data/app/assets/javascripts/dradis/plugins/csv/upload.js

@@ -3,12 +3,14 @@ window.addEventListener('job-done', function () {
     var uploader = document.getElementById('uploader');
 
     if (uploader.value === 'Dradis::Plugins::CSV') {
+      var state = document.getElementById('state').value;
       var path = window.location.pathname;
       var project_path = path.split('/').slice(0, -1).join('/');
       var attachment = $('#attachment').val();
 
+      var params = new URLSearchParams({ attachment: attachment, state: state });
       var redirectPath =
-        project_path + '/addons/csv/upload/new?attachment=' + attachment;
+        project_path + '/addons/csv/upload/new?' + params.toString();
       Turbo.visit(redirectPath);
     }
   }

data/app/controllers/dradis/plugins/csv/upload_controller.rb

@@ -20,6 +20,7 @@ module Dradis::Plugins::CSV
         file: @attachment.fullpath.to_s,
         mappings: mappings_params[:field_attributes].to_h,
         project_id: current_project.id,
+        state: state,
         uid: params[:log_uid].to_i
       )
     end
@@ -63,5 +64,10 @@ module Dradis::Plugins::CSV
     def mappings_params
       params.require(:mappings).permit(field_attributes: [:field, :type])
     end
+
+    def state
+      @state ||=
+        Issue.states.key?(params[:state]) ? params[:state] : 'draft'
+    end
   end
 end

data/app/jobs/dradis/plugins/csv/mapping_import_job.rb

@@ -13,7 +13,7 @@ module Dradis::Plugins::CSV
     #   '2' => { 'type' => 'identifier' },
     #   '3' => { 'type' => 'evidence', 'field' => 'Port' }
     # }
-    def perform(default_user_id:, file:, mappings:, project_id:, uid:)
+    def perform(default_user_id:, file:, mappings:, project_id:, state:, uid:)
       logger = Log.new(uid: uid)
       logger.write { "Job id is #{job_id}." }
 
@@ -21,7 +21,8 @@ module Dradis::Plugins::CSV
         default_user_id: default_user_id,
         logger: logger,
         plugin: self.class.module_parent,
-        project_id: project_id
+        project_id: project_id,
+        state: state
       )
 
       importer.import_csv(file: file, mappings: mappings)

data/app/views/dradis/plugins/csv/upload/new.html.erb

@@ -22,12 +22,13 @@
     </div>
   </div>
 
-  <%= form_with url: project_upload_index_path(current_project, format: :js), method: :post, data: { behavior: 'mapping-form' } do |f| %>
+  <%= form_with url: project_upload_index_path(current_project, format: :js), method: :post, local: false, data: { behavior: 'mapping-form' } do |f| %>
     <%= hidden_field_tag 'log_uid', @log_uid %>
     <%= hidden_field_tag 'job_id', params[:job_id] %>
     <%= hidden_field_tag 'attachment', params[:attachment] %>
+    <%= hidden_field_tag 'state', params[:state] %>
 
-    <table class="table table-striped mb-0">
+    <table class="table table-striped">
       <thead>
         <tr>
           <th>Column Header</th>

data/dradis-csv.gemspec

@@ -19,7 +19,7 @@ Gem::Specification.new do |spec|
   spec.executables = spec.files.grep(%r{^bin/}).map { |f| File.basename(f) }
   spec.test_files  = spec.files.grep(%r{^(spec|features)/})
 
-  spec.add_dependency 'dradis-plugins', '~> 4.0'
+  spec.add_dependency 'dradis-plugins', '>= 4.0'
   spec.add_development_dependency 'bundler', '~> 2.0'
   spec.add_development_dependency 'rake'
 end

data/lib/dradis/plugins/csv/gem_version.rb

@@ -7,8 +7,8 @@ module Dradis
       end
 
       module VERSION
-        MAJOR = 4
-        MINOR = 18
+        MAJOR = 5
+        MINOR = 0
         TINY = 0
         PRE = nil
 

data/spec/features/upload_spec.rb

@@ -14,13 +14,15 @@ describe 'upload feature', js: true do
     before do
       @headers = CSV.open(file_path, &:readline)
 
-      select 'Dradis::Plugins::CSV', from: 'uploader'
+      find('#state + .combobox').click
+      find('#state ~ .combobox-menu .combobox-option', text: 'Published').click
 
-      within('.custom-file') do
-        page.find('#file', visible: false).attach_file(file_path)
-      end
+      find('#uploader + .combobox').click
+      find('#uploader ~ .combobox-menu .combobox-option', text: 'Dradis::Plugins::CSV').click
+
+      attach_file 'file', file_path, visible: false, disabled: false
 
-      find('body.upload.new', wait: 30)
+      expect(page).to have_text('CSV Upload Mapping', wait: 30)
     end
 
     it 'redirects to the mapping page' do
@@ -62,6 +64,49 @@ describe 'upload feature', js: true do
         end
       end
 
+      context 'valid states' do
+        it 'imports the issues based on the selected state' do
+          select 'Issue ID', from: 'mappings[field_attributes][0][type]'
+          select 'Node', from: 'mappings[field_attributes][3][type]'
+          select 'Evidence Field', from: 'mappings[field_attributes][4][type]'
+          select 'Evidence Field', from: 'mappings[field_attributes][5][type]'
+
+          perform_enqueued_jobs do
+            click_button 'Import CSV'
+
+            find('#console .log', wait: 30, match: :first)
+
+            expect(page).to have_text('Worker process completed.')
+
+            expect(Issue.published.count).to eq(1)
+          end
+        end
+      end
+
+      context 'invalid states' do
+        it 'imports the issues as draft' do
+          select 'Issue ID', from: 'mappings[field_attributes][0][type]'
+          select 'Node', from: 'mappings[field_attributes][3][type]'
+          select 'Evidence Field', from: 'mappings[field_attributes][4][type]'
+          select 'Evidence Field', from: 'mappings[field_attributes][5][type]'
+
+          page.execute_script(<<~JS)
+            const select = document.querySelector('#state');
+            select.value = 'tampered_value';
+          JS
+
+          perform_enqueued_jobs do
+            click_button 'Import CSV'
+
+            find('#console .log', wait: 30, match: :first)
+
+            expect(page).to have_text('Worker process completed.')
+
+            expect(Issue.published.count).to eq(0)
+          end
+        end
+      end
+
       context 'when project does not have RTP' do
         it 'imports all columns as fields' do
           select 'Issue ID', from: 'mappings[field_attributes][0][type]'
@@ -239,11 +284,10 @@ describe 'upload feature', js: true do
 
   describe 'CSV file samples' do
     before do
-      select 'Dradis::Plugins::CSV', from: 'uploader'
+      find('#uploader + .combobox').click
+      find('#uploader ~ .combobox-menu .combobox-option', text: 'Dradis::Plugins::CSV').click
 
-      within('.custom-file') do
-        page.find('#file', visible: false).attach_file(file_path)
-      end
+      attach_file 'file', file_path, visible: false, disabled: false
     end
 
     context 'uploading a malformed CSV file' do
@@ -267,15 +311,5 @@ describe 'upload feature', js: true do
         expect(current_path).to eq(main_app.project_upload_manager_path(@project))
       end
     end
-
-    context 'uploading file with special characters in the filename' do
-      let(:file_path) { File.expand_path('../fixtures/files/simple (copy).csv', __dir__) }
-
-      it 'redirects to upload manager' do
-        find('body.upload.new', wait: 30)
-
-        expect(current_path).to eq(csv.new_project_upload_path(@project))
-      end
-    end
   end
 end

metadata

@@ -1,27 +1,26 @@
 --- !ruby/object:Gem::Specification
 name: dradis-csv
 version: !ruby/object:Gem::Version
-  version: 4.18.0
+  version: 5.0.0
 platform: ruby
 authors:
 - Daniel Martin
-autorequire:
 bindir: bin
 cert_chain: []
-date: 2025-09-26 00:00:00.000000000 Z
+date: 1980-01-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dradis-plugins
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: '4.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: '4.0'
 - !ruby/object:Gem::Dependency
@@ -53,7 +52,6 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 description: This add-on allows you to upload and parse CSV output into Dradis.
-email:
 executables: []
 extensions: []
 extra_rdoc_files: []
@@ -94,7 +92,6 @@ homepage: http://dradis.com
 licenses:
 - GPL-2
 metadata: {}
-post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -109,8 +106,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.5.6
-signing_key:
+rubygems_version: 3.6.9
 specification_version: 4
 summary: CSV add-on for the Dradis Framework.
 test_files: