dradis-csv 4.4.0 → 4.5.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +2 -66
- data/CONTRIBUTING.md +1 -1
- data/Gemfile +6 -0
- data/README.md +3 -18
- data/app/assets/javascripts/dradis/plugins/csv/manifests/tylium.js +1 -0
- data/app/assets/javascripts/dradis/plugins/csv/upload.js +114 -0
- data/app/assets/stylesheets/dradis/plugins/csv/manifests/tylium.scss +1 -0
- data/app/assets/stylesheets/dradis/plugins/csv/upload.scss +39 -0
- data/app/controllers/dradis/plugins/csv/upload_controller.rb +66 -0
- data/app/jobs/dradis/plugins/csv/mapping_import_job.rb +32 -0
- data/app/views/dradis/plugins/csv/upload/create.js.erb +4 -0
- data/app/views/dradis/plugins/csv/upload/new.html.erb +81 -0
- data/config/initializers/inflections.rb +3 -0
- data/config/routes.rb +3 -1
- data/dradis-csv.gemspec +12 -21
- data/lib/dradis/plugins/csv/engine.rb +5 -13
- data/lib/dradis/plugins/csv/gem_version.rb +4 -4
- data/lib/dradis/plugins/csv/importer.rb +76 -0
- data/lib/dradis/plugins/csv.rb +3 -2
- data/lib/dradis-csv.rb +1 -3
- data/spec/features/upload_spec.rb +267 -0
- data/spec/fixtures/files/simple.csv +2 -0
- data/spec/fixtures/files/simple_malformed.csv +2 -0
- data/spec/jobs/dradis/plugins/csv/mapping_import_job_spec.rb +30 -0
- data/spec/lib/dradis/plugins/csv/importer_spec.rb +140 -0
- metadata +25 -46
- data/.github/issue_template.md +0 -16
- data/.github/pull_request_template.md +0 -36
- data/.gitignore +0 -8
- data/.rspec +0 -2
- data/app/controllers/dradis/plugins/csv/base_controller.rb +0 -19
- data/app/views/dradis/plugins/csv/export/_index-content.html.erb +0 -10
- data/app/views/dradis/plugins/csv/export/_index-tabs.html.erb +0 -3
- data/lib/dradis/plugins/csv/exporter.rb +0 -60
- data/lib/tasks/thorfile.rb +0 -28
- data/spec/csv_export_spec.rb +0 -5
- data/spec/spec_helper.rb +0 -4
data/lib/dradis-csv.rb
CHANGED
@@ -0,0 +1,267 @@
|
|
1
|
+
require 'rails_helper'
|
2
|
+
|
3
|
+
# To run, execute from Dradis main app folder:
|
4
|
+
# bin/rspec [dradis-plugins path]/spec/features/upload_spec.rb
|
5
|
+
|
6
|
+
describe 'upload feature', js: true do
|
7
|
+
before do
|
8
|
+
login_to_project_as_user
|
9
|
+
visit project_upload_path(@project)
|
10
|
+
end
|
11
|
+
|
12
|
+
context 'uploading a CSV file' do
|
13
|
+
let(:file_path) { File.expand_path('../fixtures/files/simple.csv', __dir__) }
|
14
|
+
before do
|
15
|
+
@headers = CSV.open(file_path, &:readline)
|
16
|
+
|
17
|
+
select 'Dradis::Plugins::CSV', from: 'uploader'
|
18
|
+
|
19
|
+
within('.custom-file') do
|
20
|
+
page.find('#file', visible: false).attach_file(file_path)
|
21
|
+
end
|
22
|
+
|
23
|
+
find('body.upload.new', wait: 30)
|
24
|
+
end
|
25
|
+
|
26
|
+
it 'redirects to the mapping page' do
|
27
|
+
expect(current_path).to eq(csv.new_project_upload_path(@project))
|
28
|
+
end
|
29
|
+
|
30
|
+
it 'lists the fields in the table' do
|
31
|
+
within('tbody') do
|
32
|
+
@headers.each do |header|
|
33
|
+
expect(page).to have_selector('td', text: header)
|
34
|
+
end
|
35
|
+
end
|
36
|
+
end
|
37
|
+
|
38
|
+
context 'mapping CSV columns' do
|
39
|
+
context 'when identifier not selected' do
|
40
|
+
it 'shows a validation message on the page' do
|
41
|
+
within all('tbody tr')[3] do
|
42
|
+
select 'Evidence Field'
|
43
|
+
end
|
44
|
+
|
45
|
+
click_button 'Import CSV'
|
46
|
+
expect(page).to have_text('An Issue ID must be selected.')
|
47
|
+
end
|
48
|
+
end
|
49
|
+
|
50
|
+
context 'when there are evidence type but no node type selected' do
|
51
|
+
it 'shows a validation message on the page' do
|
52
|
+
within all('tbody tr')[2] do
|
53
|
+
select 'Issue ID'
|
54
|
+
end
|
55
|
+
|
56
|
+
within all('tbody tr')[3] do
|
57
|
+
select 'Evidence Field'
|
58
|
+
end
|
59
|
+
|
60
|
+
click_button 'Import CSV'
|
61
|
+
expect(page).to have_text('A Node Label must be selected to import evidence records.')
|
62
|
+
end
|
63
|
+
end
|
64
|
+
|
65
|
+
context 'when project does not have RTP' do
|
66
|
+
it 'imports all columns as fields' do
|
67
|
+
select 'Issue ID', from: 'mappings[field_attributes][0][type]'
|
68
|
+
select 'Node', from: 'mappings[field_attributes][3][type]'
|
69
|
+
select 'Evidence Field', from: 'mappings[field_attributes][4][type]'
|
70
|
+
select 'Evidence Field', from: 'mappings[field_attributes][5][type]'
|
71
|
+
|
72
|
+
perform_enqueued_jobs do
|
73
|
+
click_button 'Import CSV'
|
74
|
+
|
75
|
+
find('#console .log', wait: 30, match: :first)
|
76
|
+
|
77
|
+
expect(page).to have_text('Worker process completed.')
|
78
|
+
|
79
|
+
issue = Issue.last
|
80
|
+
expect(issue.fields).to eq({ 'Description' => 'Test CSV', 'Title' => 'SQL Injection', 'VulnerabilityCategory' =>'High', 'plugin' => 'csv', 'plugin_id' => '1' })
|
81
|
+
|
82
|
+
node = issue.affected.first
|
83
|
+
expect(node.label).to eq('10.0.0.1')
|
84
|
+
|
85
|
+
evidence = node.evidence.first
|
86
|
+
expect(evidence.fields).to eq({ 'Label' => '10.0.0.1', 'Title' => 'SQL Injection', 'Location' => '10.0.0.1', 'Port' => '443' })
|
87
|
+
end
|
88
|
+
end
|
89
|
+
end
|
90
|
+
|
91
|
+
context 'when project have RTP' do
|
92
|
+
before do
|
93
|
+
rtp = create(:report_template_properties, evidence_fields: evidence_fields, issue_fields: issue_fields)
|
94
|
+
@project.update(report_template_properties: rtp)
|
95
|
+
|
96
|
+
page.refresh
|
97
|
+
end
|
98
|
+
|
99
|
+
context 'without fields' do
|
100
|
+
let (:evidence_fields) { [] }
|
101
|
+
let (:issue_fields) { [] }
|
102
|
+
|
103
|
+
it 'creates records with fields from the headers' do
|
104
|
+
select 'Issue ID', from: 'mappings[field_attributes][0][type]'
|
105
|
+
select 'Node', from: 'mappings[field_attributes][3][type]'
|
106
|
+
select 'Evidence Field', from: 'mappings[field_attributes][4][type]'
|
107
|
+
select 'Evidence Field', from: 'mappings[field_attributes][5][type]'
|
108
|
+
|
109
|
+
perform_enqueued_jobs do
|
110
|
+
click_button 'Import CSV'
|
111
|
+
|
112
|
+
find('#console .log', wait: 30, match: :first)
|
113
|
+
|
114
|
+
expect(page).to have_text('Worker process completed.')
|
115
|
+
|
116
|
+
issue = Issue.last
|
117
|
+
expect(issue.fields).to eq({ 'Description' => 'Test CSV', 'Title' => 'SQL Injection', 'Vulnerability Category' =>'High', 'plugin' => 'csv', 'plugin_id' => '1' })
|
118
|
+
|
119
|
+
node = issue.affected.first
|
120
|
+
expect(node.label).to eq('10.0.0.1')
|
121
|
+
|
122
|
+
evidence = node.evidence.first
|
123
|
+
expect(evidence.fields).to eq({ 'Label' => '10.0.0.1', 'Location' => '10.0.0.1', 'Title' => 'SQL Injection', 'Port' => '443' })
|
124
|
+
end
|
125
|
+
end
|
126
|
+
end
|
127
|
+
|
128
|
+
context 'with fields' do
|
129
|
+
let (:evidence_fields) {
|
130
|
+
[
|
131
|
+
{ name: 'Location', type: :string, default: true },
|
132
|
+
{ name: 'Port', type: :string, default: true}
|
133
|
+
]
|
134
|
+
}
|
135
|
+
|
136
|
+
let (:issue_fields) {
|
137
|
+
[
|
138
|
+
{ name: 'Title', type: :string, default: true },
|
139
|
+
{ name: 'Description', type: :string, default: true},
|
140
|
+
{ name: 'Severity', type: :string, default: true}
|
141
|
+
]
|
142
|
+
}
|
143
|
+
|
144
|
+
it 'shows the available fields for the selected type' do
|
145
|
+
select 'Issue Field', from: 'mappings[field_attributes][1][type]'
|
146
|
+
|
147
|
+
issue_fields.each do |field|
|
148
|
+
expect(page).to have_selector('option', text: field[:name])
|
149
|
+
end
|
150
|
+
|
151
|
+
select 'Evidence Field', from: 'mappings[field_attributes][4][type]'
|
152
|
+
|
153
|
+
evidence_fields.each do |field|
|
154
|
+
expect(page).to have_selector('option', text: field[:name])
|
155
|
+
end
|
156
|
+
end
|
157
|
+
|
158
|
+
it 'can select which columns to import' do
|
159
|
+
select 'Issue ID', from: 'mappings[field_attributes][0][type]'
|
160
|
+
|
161
|
+
select 'Issue Field', from: 'mappings[field_attributes][1][type]'
|
162
|
+
select 'Title', from: 'mappings[field_attributes][1][field]'
|
163
|
+
|
164
|
+
select 'Issue Field', from: 'mappings[field_attributes][2][type]'
|
165
|
+
select 'Description', from: 'mappings[field_attributes][2][field]'
|
166
|
+
|
167
|
+
select 'Node', from: 'mappings[field_attributes][3][type]'
|
168
|
+
|
169
|
+
select 'Evidence Field', from: 'mappings[field_attributes][4][type]'
|
170
|
+
select 'Location', from: 'mappings[field_attributes][4][field]'
|
171
|
+
|
172
|
+
select 'Evidence Field', from: 'mappings[field_attributes][5][type]'
|
173
|
+
select 'Port', from: 'mappings[field_attributes][5][field]'
|
174
|
+
|
175
|
+
select 'Issue Field', from: 'mappings[field_attributes][6][type]'
|
176
|
+
select 'Severity', from: 'mappings[field_attributes][6][field]'
|
177
|
+
|
178
|
+
perform_enqueued_jobs do
|
179
|
+
click_button 'Import CSV'
|
180
|
+
|
181
|
+
find('#console .log', wait: 30, match: :first)
|
182
|
+
|
183
|
+
expect(page).to have_text('Worker process completed.')
|
184
|
+
|
185
|
+
issue = Issue.last
|
186
|
+
expect(issue.fields).to eq({ 'Description' => 'Test CSV', 'Title' => 'SQL Injection', 'Severity' => 'High', 'plugin' => 'csv', 'plugin_id' => '1' })
|
187
|
+
|
188
|
+
node = issue.affected.first
|
189
|
+
expect(node.label).to eq('10.0.0.1')
|
190
|
+
|
191
|
+
evidence = node.evidence.first
|
192
|
+
expect(evidence.fields).to eq({ 'Label' => '10.0.0.1', 'Location' => '10.0.0.1', 'Title' => 'SQL Injection', 'Port' => '443' })
|
193
|
+
end
|
194
|
+
end
|
195
|
+
end
|
196
|
+
|
197
|
+
context 'when no evidence fields' do
|
198
|
+
let (:evidence_fields) { [] }
|
199
|
+
let (:issue_fields) { [] }
|
200
|
+
|
201
|
+
it 'still creates evidence record' do
|
202
|
+
within all('tbody tr')[1] do
|
203
|
+
select 'Node'
|
204
|
+
end
|
205
|
+
|
206
|
+
within all('tbody tr')[2] do
|
207
|
+
select 'Issue ID'
|
208
|
+
end
|
209
|
+
|
210
|
+
within all('tbody tr')[5] do
|
211
|
+
select 'Issue Field'
|
212
|
+
end
|
213
|
+
|
214
|
+
perform_enqueued_jobs do
|
215
|
+
click_button 'Import CSV'
|
216
|
+
|
217
|
+
find('#console .log', wait: 30, match: :first)
|
218
|
+
|
219
|
+
expect(page).to have_text('Worker process completed.')
|
220
|
+
|
221
|
+
issue = Issue.last
|
222
|
+
expect(issue.fields).to include({ 'Title' => 'SQL Injection', 'plugin' => 'csv', 'plugin_id' => '1' })
|
223
|
+
|
224
|
+
node = issue.affected.first
|
225
|
+
expect(node.label).to eq('10.0.0.1')
|
226
|
+
|
227
|
+
evidence = node.evidence.first
|
228
|
+
expect(evidence.content).to eq('')
|
229
|
+
end
|
230
|
+
end
|
231
|
+
end
|
232
|
+
end
|
233
|
+
end
|
234
|
+
end
|
235
|
+
|
236
|
+
context 'uploading a malformed CSV file' do
|
237
|
+
let(:file_path) { File.expand_path('../fixtures/files/simple_malformed.csv', __dir__) }
|
238
|
+
before do
|
239
|
+
select 'Dradis::Plugins::CSV', from: 'uploader'
|
240
|
+
|
241
|
+
within('.custom-file') do
|
242
|
+
page.find('#file', visible: false).attach_file(file_path)
|
243
|
+
end
|
244
|
+
end
|
245
|
+
|
246
|
+
it 'redirects to upload manager' do
|
247
|
+
expect(page).to have_text('The uploaded file is not a valid CSV file')
|
248
|
+
expect(current_path).to eq(main_app.project_upload_manager_path(@project))
|
249
|
+
end
|
250
|
+
end
|
251
|
+
|
252
|
+
context 'uploading any file other than CSV' do
|
253
|
+
let(:file_path) { Rails.root.join('spec/fixtures/files/rails.png') }
|
254
|
+
before do
|
255
|
+
select 'Dradis::Plugins::CSV', from: 'uploader'
|
256
|
+
|
257
|
+
within('.custom-file') do
|
258
|
+
page.find('#file', visible: false).attach_file(file_path)
|
259
|
+
end
|
260
|
+
end
|
261
|
+
|
262
|
+
it 'redirects to upload manager' do
|
263
|
+
expect(page).to have_text('The uploaded file is not a CSV file.')
|
264
|
+
expect(current_path).to eq(main_app.project_upload_manager_path(@project))
|
265
|
+
end
|
266
|
+
end
|
267
|
+
end
|
@@ -0,0 +1,30 @@
|
|
1
|
+
require 'rails_helper'
|
2
|
+
|
3
|
+
RSpec.describe Dradis::Plugins::CSV::MappingImportJob do
|
4
|
+
let(:file) { File.expand_path('../../../.../../../fixtures/files/simple.csv', __dir__) }
|
5
|
+
|
6
|
+
let(:perform_job) do
|
7
|
+
described_class.new.perform(
|
8
|
+
default_user_id: create(:user).id,
|
9
|
+
file: file,
|
10
|
+
mappings: {},
|
11
|
+
project_id: create(:project).id,
|
12
|
+
uid: 1
|
13
|
+
)
|
14
|
+
end
|
15
|
+
|
16
|
+
describe '#perform' do
|
17
|
+
it 'calls Importer#import_csv' do
|
18
|
+
dbl = double('Importer')
|
19
|
+
allow(Dradis::Plugins::CSV::Importer).to receive(:new).and_return(dbl)
|
20
|
+
expect(dbl).to receive(:import_csv).and_return(true)
|
21
|
+
|
22
|
+
perform_job
|
23
|
+
end
|
24
|
+
|
25
|
+
it 'writes a known final line in the log' do
|
26
|
+
perform_job
|
27
|
+
expect(Log.last.text).to eq 'Worker process completed.'
|
28
|
+
end
|
29
|
+
end
|
30
|
+
end
|
@@ -0,0 +1,140 @@
|
|
1
|
+
require 'rails_helper'
|
2
|
+
|
3
|
+
RSpec.describe Dradis::Plugins::CSV::Importer do
|
4
|
+
let(:file) { File.expand_path('../../../.../../../fixtures/files/simple.csv', __dir__) }
|
5
|
+
let(:project) { create(:project) }
|
6
|
+
|
7
|
+
let(:instance) do
|
8
|
+
described_class.new(
|
9
|
+
default_user_id: create(:user).id,
|
10
|
+
logger: Log.new(uid: 1),
|
11
|
+
plugin: Dradis::Plugins::CSV,
|
12
|
+
project_id: project.id
|
13
|
+
)
|
14
|
+
end
|
15
|
+
|
16
|
+
let(:import_csv) do
|
17
|
+
instance.import_csv(file: file, mappings: mappings)
|
18
|
+
end
|
19
|
+
|
20
|
+
describe '#import_csv' do
|
21
|
+
context 'when project has RTP' do
|
22
|
+
let(:mappings) do
|
23
|
+
{
|
24
|
+
'0' => { 'type' => 'identifier' },
|
25
|
+
'1' => { 'type' => 'issue', 'field' => 'MyTitle' },
|
26
|
+
'3' => { 'type' => 'node', 'field' => '' },
|
27
|
+
'4' => { 'type' => 'evidence', 'field' => 'MyLocation' },
|
28
|
+
'5' => { 'type' => 'evidence', 'field' => '' }
|
29
|
+
}
|
30
|
+
end
|
31
|
+
|
32
|
+
before do
|
33
|
+
project.update(report_template_properties: create(:report_template_properties))
|
34
|
+
end
|
35
|
+
|
36
|
+
it 'uses the field as Dradis Field' do
|
37
|
+
import_csv
|
38
|
+
|
39
|
+
issue = Issue.first
|
40
|
+
expect(issue.fields).to eq({ 'MyTitle' => 'SQL Injection', 'plugin' => 'csv', 'plugin_id' => '1' })
|
41
|
+
|
42
|
+
node = issue.affected.first
|
43
|
+
expect(node.label).to eq('10.0.0.1')
|
44
|
+
|
45
|
+
evidence = node.evidence.first
|
46
|
+
expect(evidence.fields).to eq({ 'Label' => '10.0.0.1', 'Title' => '(No #[Title]# field)', 'MyLocation' => '10.0.0.1' })
|
47
|
+
end
|
48
|
+
end
|
49
|
+
|
50
|
+
context 'when project does not have RTP' do
|
51
|
+
let(:mappings) do
|
52
|
+
{
|
53
|
+
'0' => { 'type' => 'identifier' },
|
54
|
+
'1' => { 'type' => 'issue', 'field' => 'MyTitle' },
|
55
|
+
'3' => { 'type' => 'node', 'field' => '' },
|
56
|
+
'4' => { 'type' => 'evidence', 'field' => 'MyLocation' },
|
57
|
+
'5' => { 'type' => 'evidence', 'field' => '' },
|
58
|
+
'6' => { 'type' => 'issue', 'field' => '' }
|
59
|
+
}
|
60
|
+
end
|
61
|
+
|
62
|
+
it 'uses the column name as Dradis Field' do
|
63
|
+
import_csv
|
64
|
+
|
65
|
+
issue = Issue.first
|
66
|
+
expect(issue.fields).to eq({ 'Title' => 'SQL Injection', 'VulnerabilityCategory' => 'High', 'plugin' => 'csv', 'plugin_id' => '1' })
|
67
|
+
|
68
|
+
node = issue.affected.first
|
69
|
+
expect(node.label).to eq('10.0.0.1')
|
70
|
+
|
71
|
+
evidence = node.evidence.first
|
72
|
+
expect(evidence.fields).to eq({ 'Label' => '10.0.0.1', 'Location' => '10.0.0.1', 'Port' => '443', 'Title' => 'SQL Injection' })
|
73
|
+
end
|
74
|
+
|
75
|
+
it 'strips out whitespace from column header' do
|
76
|
+
import_csv
|
77
|
+
|
78
|
+
issue = Issue.first
|
79
|
+
expect(issue.fields.keys).to include('VulnerabilityCategory')
|
80
|
+
end
|
81
|
+
end
|
82
|
+
|
83
|
+
context 'when mapping does not have a node type' do
|
84
|
+
let(:mappings) do
|
85
|
+
{
|
86
|
+
'0' => { 'type' => 'identifier' },
|
87
|
+
'1' => { 'type' => 'issue' },
|
88
|
+
'4' => { 'type' => 'evidence' }
|
89
|
+
}
|
90
|
+
end
|
91
|
+
|
92
|
+
it 'does not create node and evidence' do
|
93
|
+
import_csv
|
94
|
+
|
95
|
+
issue = Issue.last
|
96
|
+
expect(issue.affected.length).to eq(0)
|
97
|
+
expect(issue.evidence.length).to eq(0)
|
98
|
+
end
|
99
|
+
end
|
100
|
+
|
101
|
+
context 'when no identifier is passed in' do
|
102
|
+
let(:mappings) do
|
103
|
+
{
|
104
|
+
'1' => { 'type' => 'issue' },
|
105
|
+
'4' => { 'type' => 'evidence' }
|
106
|
+
}
|
107
|
+
end
|
108
|
+
|
109
|
+
it 'uses filename and row index as csv_id' do
|
110
|
+
import_csv
|
111
|
+
|
112
|
+
issue = Issue.last
|
113
|
+
expect(issue.fields).to eq({ 'Title' => 'SQL Injection', 'plugin' => 'csv', 'plugin_id' => 'simple.csv-0' })
|
114
|
+
end
|
115
|
+
end
|
116
|
+
|
117
|
+
context 'when no evidence fields' do
|
118
|
+
let(:mappings) do
|
119
|
+
{
|
120
|
+
'0' => { 'type' => 'identifier' },
|
121
|
+
'1' => { 'type' => 'issue', 'field' => 'MyTitle' },
|
122
|
+
'3' => { 'type' => 'node', 'field' => '' }
|
123
|
+
}
|
124
|
+
end
|
125
|
+
|
126
|
+
it 'still creates evidence record' do
|
127
|
+
import_csv
|
128
|
+
|
129
|
+
issue = Issue.first
|
130
|
+
expect(issue.fields).to eq({ 'Title' => 'SQL Injection', 'plugin' => 'csv', 'plugin_id' => '1' })
|
131
|
+
|
132
|
+
node = issue.affected.first
|
133
|
+
expect(node.label).to eq('10.0.0.1')
|
134
|
+
|
135
|
+
evidence = node.evidence.first
|
136
|
+
expect(evidence.content).to eq('')
|
137
|
+
end
|
138
|
+
end
|
139
|
+
end
|
140
|
+
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: dradis-csv
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 4.
|
4
|
+
version: 4.5.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Daniel Martin
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2022-
|
11
|
+
date: 2022-08-22 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: dradis-plugins
|
@@ -26,34 +26,6 @@ dependencies:
|
|
26
26
|
version: '4.0'
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
28
|
name: bundler
|
29
|
-
requirement: !ruby/object:Gem::Requirement
|
30
|
-
requirements:
|
31
|
-
- - "~>"
|
32
|
-
- !ruby/object:Gem::Version
|
33
|
-
version: '1.6'
|
34
|
-
type: :development
|
35
|
-
prerelease: false
|
36
|
-
version_requirements: !ruby/object:Gem::Requirement
|
37
|
-
requirements:
|
38
|
-
- - "~>"
|
39
|
-
- !ruby/object:Gem::Version
|
40
|
-
version: '1.6'
|
41
|
-
- !ruby/object:Gem::Dependency
|
42
|
-
name: rake
|
43
|
-
requirement: !ruby/object:Gem::Requirement
|
44
|
-
requirements:
|
45
|
-
- - "~>"
|
46
|
-
- !ruby/object:Gem::Version
|
47
|
-
version: '10.0'
|
48
|
-
type: :development
|
49
|
-
prerelease: false
|
50
|
-
version_requirements: !ruby/object:Gem::Requirement
|
51
|
-
requirements:
|
52
|
-
- - "~>"
|
53
|
-
- !ruby/object:Gem::Version
|
54
|
-
version: '10.0'
|
55
|
-
- !ruby/object:Gem::Dependency
|
56
|
-
name: rspec-rails
|
57
29
|
requirement: !ruby/object:Gem::Requirement
|
58
30
|
requirements:
|
59
31
|
- - ">="
|
@@ -66,17 +38,13 @@ dependencies:
|
|
66
38
|
- - ">="
|
67
39
|
- !ruby/object:Gem::Version
|
68
40
|
version: '0'
|
69
|
-
description: This
|
41
|
+
description: This add-on allows you to upload and parse CSV output into Dradis.
|
70
42
|
email:
|
71
43
|
- etd@nomejortu.com
|
72
44
|
executables: []
|
73
45
|
extensions: []
|
74
46
|
extra_rdoc_files: []
|
75
47
|
files:
|
76
|
-
- ".github/issue_template.md"
|
77
|
-
- ".github/pull_request_template.md"
|
78
|
-
- ".gitignore"
|
79
|
-
- ".rspec"
|
80
48
|
- CHANGELOG.md
|
81
49
|
- CHANGELOG.template
|
82
50
|
- CONTRIBUTING.md
|
@@ -84,20 +52,28 @@ files:
|
|
84
52
|
- LICENSE
|
85
53
|
- README.md
|
86
54
|
- Rakefile
|
87
|
-
- app/
|
88
|
-
- app/
|
89
|
-
- app/
|
55
|
+
- app/assets/javascripts/dradis/plugins/csv/manifests/tylium.js
|
56
|
+
- app/assets/javascripts/dradis/plugins/csv/upload.js
|
57
|
+
- app/assets/stylesheets/dradis/plugins/csv/manifests/tylium.scss
|
58
|
+
- app/assets/stylesheets/dradis/plugins/csv/upload.scss
|
59
|
+
- app/controllers/dradis/plugins/csv/upload_controller.rb
|
60
|
+
- app/jobs/dradis/plugins/csv/mapping_import_job.rb
|
61
|
+
- app/views/dradis/plugins/csv/upload/create.js.erb
|
62
|
+
- app/views/dradis/plugins/csv/upload/new.html.erb
|
63
|
+
- config/initializers/inflections.rb
|
90
64
|
- config/routes.rb
|
91
65
|
- dradis-csv.gemspec
|
92
66
|
- lib/dradis-csv.rb
|
93
67
|
- lib/dradis/plugins/csv.rb
|
94
68
|
- lib/dradis/plugins/csv/engine.rb
|
95
|
-
- lib/dradis/plugins/csv/exporter.rb
|
96
69
|
- lib/dradis/plugins/csv/gem_version.rb
|
70
|
+
- lib/dradis/plugins/csv/importer.rb
|
97
71
|
- lib/dradis/plugins/csv/version.rb
|
98
|
-
-
|
99
|
-
- spec/
|
100
|
-
- spec/
|
72
|
+
- spec/features/upload_spec.rb
|
73
|
+
- spec/fixtures/files/simple.csv
|
74
|
+
- spec/fixtures/files/simple_malformed.csv
|
75
|
+
- spec/jobs/dradis/plugins/csv/mapping_import_job_spec.rb
|
76
|
+
- spec/lib/dradis/plugins/csv/importer_spec.rb
|
101
77
|
homepage: http://dradisframework.org
|
102
78
|
licenses:
|
103
79
|
- GPL-2
|
@@ -117,10 +93,13 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
117
93
|
- !ruby/object:Gem::Version
|
118
94
|
version: '0'
|
119
95
|
requirements: []
|
120
|
-
rubygems_version: 3.2.
|
96
|
+
rubygems_version: 3.2.28
|
121
97
|
signing_key:
|
122
98
|
specification_version: 4
|
123
|
-
summary: CSV
|
99
|
+
summary: CSV add-on for the Dradis Framework.
|
124
100
|
test_files:
|
125
|
-
- spec/
|
126
|
-
- spec/
|
101
|
+
- spec/features/upload_spec.rb
|
102
|
+
- spec/fixtures/files/simple.csv
|
103
|
+
- spec/fixtures/files/simple_malformed.csv
|
104
|
+
- spec/jobs/dradis/plugins/csv/mapping_import_job_spec.rb
|
105
|
+
- spec/lib/dradis/plugins/csv/importer_spec.rb
|
data/.github/issue_template.md
DELETED
@@ -1,16 +0,0 @@
|
|
1
|
-
### Steps to reproduce
|
2
|
-
|
3
|
-
Help us help you, how can we reproduce the problem?
|
4
|
-
|
5
|
-
### Expected behavior
|
6
|
-
Tell us what should happen
|
7
|
-
|
8
|
-
### Actual behavior
|
9
|
-
Tell us what happens instead
|
10
|
-
|
11
|
-
### System configuration
|
12
|
-
**Dradis version**:
|
13
|
-
|
14
|
-
**Ruby version**:
|
15
|
-
|
16
|
-
**OS version**:
|
@@ -1,36 +0,0 @@
|
|
1
|
-
### Summary
|
2
|
-
|
3
|
-
Provide a general description of the code changes in your pull
|
4
|
-
request... were there any bugs you had fixed? If so, mention them. If
|
5
|
-
these bugs have open GitHub issues, be sure to tag them here as well,
|
6
|
-
to keep the conversation linked together.
|
7
|
-
|
8
|
-
|
9
|
-
### Other Information
|
10
|
-
|
11
|
-
If there's anything else that's important and relevant to your pull
|
12
|
-
request, mention that information here. This could include
|
13
|
-
benchmarks, or other information.
|
14
|
-
|
15
|
-
Thanks for contributing to Dradis!
|
16
|
-
|
17
|
-
|
18
|
-
### Copyright assignment
|
19
|
-
|
20
|
-
Collaboration is difficult with commercial closed source but we want
|
21
|
-
to keep as much of the OSS ethos as possible available to users
|
22
|
-
who want to fix it themselves.
|
23
|
-
|
24
|
-
In order to unambiguously own and sell Dradis Framework commercial
|
25
|
-
products, we must have the copyright associated with the entire
|
26
|
-
codebase. Any code you create which is merged must be owned by us.
|
27
|
-
That's not us trying to be a jerks, that's just the way it works.
|
28
|
-
|
29
|
-
Please review the [CONTRIBUTING.md](https://github.com/dradis/dradis-ce/blob/master/CONTRIBUTING.md)
|
30
|
-
file for the details.
|
31
|
-
|
32
|
-
You can delete this section, but the following sentence needs to
|
33
|
-
remain in the PR's description:
|
34
|
-
|
35
|
-
> I assign all rights, including copyright, to any future Dradis
|
36
|
-
> work by myself to Security Roots.
|
data/.gitignore
DELETED
data/.rspec
DELETED
@@ -1,19 +0,0 @@
|
|
1
|
-
module Dradis
|
2
|
-
module Plugins
|
3
|
-
module CSV
|
4
|
-
class BaseController < Dradis::Plugins::Export::BaseController
|
5
|
-
|
6
|
-
def index
|
7
|
-
exporter = Dradis::Plugins::CSV::Exporter.new(export_options)
|
8
|
-
csv = exporter.export
|
9
|
-
|
10
|
-
send_data csv,
|
11
|
-
disposition: 'inline',
|
12
|
-
filename: "dradis_report-#{Time.now.to_i}.csv",
|
13
|
-
type: 'text/csv'
|
14
|
-
end
|
15
|
-
end
|
16
|
-
|
17
|
-
end
|
18
|
-
end
|
19
|
-
end
|
@@ -1,10 +0,0 @@
|
|
1
|
-
<%= content_tag :div, id: 'plugin-csv', class: 'tab-pane fade' do %>
|
2
|
-
|
3
|
-
<%= form_tag project_export_manager_path(current_project), target: '_blank' do %>
|
4
|
-
<%= hidden_field_tag :plugin, :csv %>
|
5
|
-
<%= hidden_field_tag :route, :root %>
|
6
|
-
|
7
|
-
<h4 class="header-underline mb-0">Ready when you are!</h4>
|
8
|
-
<button id="export-button" class="btn btn-lg btn-primary mt-4">Export</button>
|
9
|
-
<% end %>
|
10
|
-
<% end%>
|