dradis-html_export 3.13.0 → 3.18.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: d59a2956d0e60bff6292cc581118db9407d49fb4
-  data.tar.gz: 5ae8bc781be3e250547de65c397dca9b8d01e558
+SHA256:
+  metadata.gz: 44a40f1bc271b8211123ed58ea69212e1bc4c8837da97d76194ebaa1485f29be
+  data.tar.gz: f58b4edfa716c6c77b3a7e264684777705cc46da2cf87f9bb02eb660ee6fa70e
 SHA512:
-  metadata.gz: dd0c4ab53d98ee4d182a5c5dc47909928bf238d4c939043a86efd1a1208a8d2f88d2b9d9a847da3c3931259f16a6b8d66c4ee1e0345594880b99feb90d751ecb
-  data.tar.gz: 47e352724497b250e69a9160452385dbd76ccbc9f580f62d87306e95d87a1d7e1dcddd22f00e4e24874f42c75a29c4fcfbd9b1583cd01f8229faa696fb6a701b
+  metadata.gz: 4e39c16ea0cdd301e70c106bc815372ff53fb8de163f6d6a5278869532988b6cb50ec6c0ad18f63786f5b6fc4655f1cbb008c1d75dd0f87e2d63cf4304c18d3a
+  data.tar.gz: 45a5b725f445b9849d2844124bbdc16604e77169e198eaed1c7e2b29cbb82119246c0026796c7e5091a0d129de4f8f6eccdff605ef21662f8676a591a9527b9d

data/.github/issue_template.md

@@ -0,0 +1,16 @@
+### Steps to reproduce
+
+Help us help you, how can we reproduce the problem?
+
+### Expected behavior
+Tell us what should happen
+
+### Actual behavior
+Tell us what happens instead
+
+### System configuration
+**Dradis version**:
+
+**Ruby version**:
+
+**OS version**:

data/.github/pull_request_template.md

@@ -0,0 +1,36 @@
+### Summary
+
+Provide a general description of the code changes in your pull
+request... were there any bugs you had fixed? If so, mention them. If
+these bugs have open GitHub issues, be sure to tag them here as well,
+to keep the conversation linked together.
+
+
+### Other Information
+
+If there's anything else that's important and relevant to your pull
+request, mention that information here. This could include
+benchmarks, or other information.
+
+Thanks for contributing to Dradis!
+
+
+### Copyright assignment
+
+Collaboration is difficult with commercial closed source but we want
+to keep as much of the OSS ethos as possible available to users
+who want to fix it themselves.
+
+In order to unambiguously own and sell Dradis Framework commercial
+products, we must have the copyright associated with the entire
+codebase. Any code you create which is merged must be owned by us.
+That's not us trying to be a jerks, that's just the way it works.
+
+Please review the [CONTRIBUTING.md](https://github.com/dradis/dradis-ce/blob/master/CONTRIBUTING.md)
+file for the details.
+
+You can delete this section, but the following sentence needs to
+remain in the PR's description:
+
+> I assign all rights, including copyright, to any future Dradis
+> work by myself to Security Roots.

data/CHANGELOG.md

@@ -1,3 +1,24 @@
+## Dradis Framework 3.18 (July, 2020) ##
+
+*   No changes.
+
+## Dradis Framework 3.17 (May, 2020) ##
+
+*   Render report using main app's ApplicationController#render.
+
+## Dradis Framework 3.16 (February, 2020) ##
+
+*   No changes.
+
+## Dradis Framework 3.15 (November, 2019) ##
+
+*   No changes.
+
+
+## Dradis Framework 3.14 (August, 2019) ##
+
+*   No changes.
+
 ## Dradis Framework 3.13 (June, 2019) ##
 
 *   No changes.

data/lib/dradis/plugins/html_export/exporter.rb

@@ -3,75 +3,94 @@ module Dradis
     module HtmlExport
 
       class Exporter < Dradis::Plugins::Export::Base
-        # Add auto_link support to the ERB processor (see rails_autolink)
-        include ::ActionView::Helpers::TextHelper
-        # For auto_link feature (requires #mail_to)
-        include ::ActionView::Helpers::UrlHelper
 
         def export(args = {})
-          template_path       = options.fetch(:template)
-          template_properties = ::ReportTemplateProperties.find_by_template_file(File.basename(template_path)) rescue nil
+          log_report
 
-          # Build title
-          title = if Dradis.constants.include?(:Pro)
-                    "Dradis Professional Edition v#{Dradis::Pro.version}"
-                  else
-                    "Dradis Community Edition v#{Dradis::CE.version}"
-                  end
-          logger.debug{ "Report title: #{title}"}
-
-          # Prepare notes
-          reporting_cat = content_service.report_category
-          notes = content_service.all_notes
-          logger.debug{ "Found #{notes.count} notes assigned to the reporting category."}
-
-          # Prepare issues
-          issues = content_service.all_issues
-          if issues
-            # Sort our issues based on the ReportTemplateProperties rules.
-            if template_properties && template_properties.sort_field
-              sort_by = template_properties.sort_field
+          # Render template
+          ApplicationController.render(
+            file: options.fetch(:template),
+            layout: false,
+            locals: {
+              categorized_issues: categorized_issues,
+              content_service: content_service,
+              issues: issues,
+              nodes: nodes,
+              notes: notes,
+              project: project,
+              reporting_cat: content_service.report_category,
+              tags: tags,
+              title: title,
+              user: options[:user]
+            }
+          )
+        end
 
-              logger.debug{ "Template properties define a sort field: #{sort_by}. Sorting..." }
+        private
+        def log_report
+          logger.debug { "Report title: #{title}" }
+          logger.debug { "Template properties define a sort field: #{sort_field}" }
 
-              # FIXME: Assume the Field :type is :number, so cast .to_f and sort
-              issues.to_a.sort! do |a, b|
-                b.fields.fetch(sort_by, '0').to_f <=> a.fields.fetch(sort_by, '0').to_f
-              end
+          if issues&.any?
+            logger.debug { "Found #{issues.count} issues affecting #{nodes.count} nodes" }
+          else
+            logger.warn { 'No issue library node found in this project' }
+          end
 
-              logger.debug{ "Done." }
-            end
+          logger.debug { "Found #{notes.count} notes assigned to the reporting category." }
+        end
 
-            # FIXME: This is an ugly piece of code and the list of nodes should
-            # come from the ContentService.
-            nodes = issues.map(&:evidence).flatten.map(&:node).uniq
+        def nodes
+          # FIXME: This is an ugly piece of code and the list of nodes should
+          # come from the ContentService.
+          @nodes ||= issues.map(&:evidence).flatten.map(&:node).uniq
+        end
 
-            logger.debug{ "Found #{issues.count} issues affecting #{nodes.count} nodes" }
-          else
-            logger.warning { "No issue library node found in this project" }
-          end
+        def notes
+          @notes ||= content_service.all_notes
+        end
 
-          # Render template
-          erb = ERB.new( File.read(template_path) )
-          erb.result( binding )
+        def issues
+          @issues ||= sort_issues content_service.all_issues.includes(:tags)
         end
 
-        private
+        def categorized_issues
+          @categorized_issues ||= tags
+            .each_with_object({}) do |tag, hash|
+              hash[tag.id] = issues.select { |issue| issue.tags.include?(tag) }
+            end
+            .tap do |hash|
+              hash[:untagged] = issues.select { |issue| issue.tags.empty? }
+            end
+        end
 
-        # FIXME This method is a behavioural duplicate of ApplicationHelper#markup
-        # from the main app, it would be better to re-use that code.
-        def markup(text)
-          return unless text.present?
+        def sort_field
+          @sort_field ||= begin
+            template_path = options.fetch(:template)
+            properties = ::ReportTemplateProperties.find_by_template_file(File.basename(template_path)) rescue nil
+            properties&.sort_field
+          end
+        end
 
-          # escape HTML 'manually' instead of using RedCloth's "filter_html"
-          # for security reasons
-          output = ERB::Util.html_escape(text.dup)
+        def sort_issues(unsorted_issues)
+          return unsorted_issues unless unsorted_issues.any? && sort_field
 
-          Hash[ *text.scan(/#\[(.+?)\]#[\r|\n](.*?)(?=#\[|\z)/m).flatten.collect{ |str| str.strip } ].keys.each do |field|
-            output.gsub!(/#\[#{Regexp.escape(field)}\]#[\r|\n]/, "h4. #{field}\n\n")
+          # FIXME: Assume the Field :type is :number, so cast .to_f and sort
+          unsorted_issues.sort do |a, b|
+            b.fields.fetch(sort_field, '0').to_f <=> a.fields.fetch(sort_field, '0').to_f
           end
+        end
+
+        def tags
+          @tags ||= project.tags
+        end
 
-          auto_link(RedCloth.new(output, [:no_span_caps]).to_html).html_safe
+        def title
+          @title ||= if Dradis.constants.include?(:Pro)
+                       "Dradis Professional Edition v#{Dradis::Pro.version}"
+                     else
+                       "Dradis Community Edition v#{Dradis::CE.version}"
+                     end
         end
       end
     end

data/lib/dradis/plugins/html_export/gem_version.rb

@@ -8,7 +8,7 @@ module Dradis
 
       module VERSION
         MAJOR = 3
-        MINOR = 13
+        MINOR = 18
         TINY  = 0
         PRE   = nil
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dradis-html_export
 version: !ruby/object:Gem::Version
-  version: 3.13.0
+  version: 3.18.0
 platform: ruby
 authors:
 - Daniel Martin
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-06-10 00:00:00.000000000 Z
+date: 2020-07-22 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dradis-plugins
@@ -59,6 +59,8 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
+- ".github/issue_template.md"
+- ".github/pull_request_template.md"
 - ".gitignore"
 - ".rspec"
 - ".travis.yml"
@@ -100,8 +102,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.6.12
+rubygems_version: 3.1.2
 signing_key: 
 specification_version: 4
 summary: Dradis HTML export plugin