dradis-html_export 3.16.0 → 3.21.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 8e2bed448d7dd1b3038207793b3c1b22163d93b8cb8caaacac94c3232ac4b11f
-  data.tar.gz: f56b207d4739c5eacde0cfa506aef41e41942dc7145cb632737e7f6296c071ec
+  metadata.gz: f29710e9f73ca0b7af15e9fbe8c3bd980d549393993c9dc6a801930921d01ceb
+  data.tar.gz: 221eb9afccb68af19eedb080964f9e60dca1518f473beaeaee91b7680b92bc7d
 SHA512:
-  metadata.gz: a055468ffac66d7a13bb0d52fd60b4430421d834bc866d70510a70d6e1619fce75b96201c4ca12fe2462eef831ba9f4f4e89a757942132d008565dffed84ca63
-  data.tar.gz: '096bc01b204b281c1a43f502a5cd6d16d827c7388229acb90f496a7ee858c3d1cf6d70f477869568ee034d69559a7133e2b183e3165521d02c34253438a0f7ab'
+  metadata.gz: b7c8395019a1b5e1eec2ab049ab9c475d6ee57a9d30819cc4023d14dbc78428355e5045c924265e4e3edb25bf7ca2da48af09fcc90e6810f62f0162fd43e3e46
+  data.tar.gz: 3f2912502311e65530cca4d8641a3e7d24d921dff1baefd3af118a195aaa90f288974849286d8ea397c17d8f06f51fde2ade20e9ebab6c2fc15279e89898acea

data/CHANGELOG.md

@@ -1,15 +1,34 @@
-## Dradis Framework 3.16 (February, 2020) ##
+## Dradis Framework 3.21 (February, 2021) ##
+
+*   Add a fix for Rails 6 not allowing HTML rendering outside the view directory.
+
+## Dradis Framework 3.20 (December, 2020) ##
+
+*   Add an option in the exporter to pass a controller for rendering.
+*   Add views for the export view.
+*   Use NamingService to build export filename.
+
+## Dradis Framework 3.19 (September, 2020) ##
 
 *   No changes.
 
-## Dradis Framework 3.15 (November, 2019) ##
+## Dradis Framework 3.18 (July, 2020) ##
+
+*   No changes.
+
+## Dradis Framework 3.17 (May, 2020) ##
+
+*   Render report using main app's ApplicationController#render.
+
+## Dradis Framework 3.16 (February, 2020) ##
 
 *   No changes.
 
-## Dradis Framework 3.15 (August, 2019) ##
+## Dradis Framework 3.15 (November, 2019) ##
 
 *   No changes.
 
+
 ## Dradis Framework 3.14 (August, 2019) ##
 
 *   No changes.

data/app/views/dradis/plugins/html_export/export/_index-content.html.erb

@@ -0,0 +1,23 @@
+<%
+  templates_dir = File.join(::Configuration::paths_templates_reports, 'html_export')
+  templates = Dir["%s/*" % templates_dir].map { |t| File.basename(t) }.sort
+%>
+
+<%= content_tag :div, id: 'plugin-html_export', class: 'tab-pane fade' do %>
+  <%= form_tag project_export_manager_path(current_project), target: '_blank' do %>
+    <%= hidden_field_tag :plugin, :html_export %>
+    <%= hidden_field_tag :route, :root %>
+
+    <h4 class="header-underline">Choose a template</h4>
+    <p>Please choose one of the templates available for this plugin (find them in <code>.<%= templates_dir[Rails.root.to_s.length..-1] %></code>)</p>
+
+    <% templates.each do |template| %>
+      <div class="custom-control custom-radio">
+        <%= radio_button_tag :template, template, template == templates.first, :class => 'custom-control-input' %>
+        <label class="custom-control-label" for="template_<%= template %>"><%= template %></label>
+      </div>
+    <% end %>
+
+    <button id="export-button" class="btn btn-lg btn-primary mt-4">Export</button>
+  <% end %>
+<% end%>

data/app/views/dradis/plugins/html_export/export/_index-tabs.html.erb

@@ -0,0 +1,3 @@
+<li class='nav-item'>
+  <a href='#html_export' class='nav-link' data-toggle='tab' data-target='#plugin-html_export'>Generate advanced HTML reports</a>
+</li>

data/lib/dradis/plugins/html_export/exporter.rb

@@ -3,75 +3,110 @@ module Dradis
     module HtmlExport
 
       class Exporter < Dradis::Plugins::Export::Base
-        # Add auto_link support to the ERB processor (see rails_autolink)
-        include ::ActionView::Helpers::TextHelper
-        # For auto_link feature (requires #mail_to)
-        include ::ActionView::Helpers::UrlHelper
-
         def export(args = {})
-          template_path       = options.fetch(:template)
-          template_properties = ::ReportTemplateProperties.find_by_template_file(File.basename(template_path)) rescue nil
-
-          # Build title
-          title = if Dradis.constants.include?(:Pro)
-                    "Dradis Professional Edition v#{Dradis::Pro.version}"
-                  else
-                    "Dradis Community Edition v#{Dradis::CE.version}"
-                  end
-          logger.debug{ "Report title: #{title}"}
-
-          # Prepare notes
-          reporting_cat = content_service.report_category
-          notes = content_service.all_notes
-          logger.debug{ "Found #{notes.count} notes assigned to the reporting category."}
-
-          # Prepare issues
-          issues = content_service.all_issues
-          if issues
-            # Sort our issues based on the ReportTemplateProperties rules.
-            if template_properties && template_properties.sort_field
-              sort_by = template_properties.sort_field
-
-              logger.debug{ "Template properties define a sort field: #{sort_by}. Sorting..." }
-
-              # FIXME: Assume the Field :type is :number, so cast .to_f and sort
-              issues.to_a.sort! do |a, b|
-                b.fields.fetch(sort_by, '0').to_f <=> a.fields.fetch(sort_by, '0').to_f
-              end
-
-              logger.debug{ "Done." }
-            end
+          log_report
+
+          controller = args[:controller] || ApplicationController
+
+          with_temporary_template(options[:template]) do |temporary_template|
+            # Render template
+            controller.render(
+              template: temporary_template,
+              layout: false,
+              locals: {
+                categorized_issues: categorized_issues,
+                content_service: content_service,
+                issues: issues,
+                nodes: nodes,
+                notes: notes,
+                project: project,
+                reporting_cat: content_service.report_category,
+                tags: tags,
+                title: title,
+                user: options[:user]
+              }
+            )
+          end
+        end
 
-            # FIXME: This is an ugly piece of code and the list of nodes should
-            # come from the ContentService.
-            nodes = issues.map(&:evidence).flatten.map(&:node).uniq
+        private
+        def log_report
+          logger.debug { "Report title: #{title}" }
+          logger.debug { "Template properties define a sort field: #{sort_field}" }
 
-            logger.debug{ "Found #{issues.count} issues affecting #{nodes.count} nodes" }
+          if issues&.any?
+            logger.debug { "Found #{issues.count} issues affecting #{nodes.count} nodes" }
           else
-            logger.warning { "No issue library node found in this project" }
+            logger.warn { 'No issue library node found in this project' }
           end
 
-          # Render template
-          erb = ERB.new( File.read(template_path) )
-          erb.result( binding )
+          logger.debug { "Found #{notes.count} notes assigned to the reporting category." }
         end
 
-        private
+        def nodes
+          # FIXME: This is an ugly piece of code and the list of nodes should
+          # come from the ContentService.
+          @nodes ||= issues.map(&:evidence).flatten.map(&:node).uniq
+        end
+
+        def notes
+          @notes ||= content_service.all_notes
+        end
+
+        def issues
+          @issues ||= sort_issues content_service.all_issues.includes(:tags)
+        end
+
+        def categorized_issues
+          @categorized_issues ||= tags
+            .each_with_object({}) do |tag, hash|
+              hash[tag.id] = issues.select { |issue| issue.tags.include?(tag) }
+            end
+            .tap do |hash|
+              hash[:untagged] = issues.select { |issue| issue.tags.empty? }
+            end
+        end
 
-        # FIXME This method is a behavioural duplicate of ApplicationHelper#markup
-        # from the main app, it would be better to re-use that code.
-        def markup(text)
-          return unless text.present?
+        def sort_field
+          @sort_field ||= begin
+            template_path = options.fetch(:template)
+            properties = ::ReportTemplateProperties.find_by_template_file(File.basename(template_path)) rescue nil
+            properties&.sort_field
+          end
+        end
 
-          # escape HTML 'manually' instead of using RedCloth's "filter_html"
-          # for security reasons
-          output = ERB::Util.html_escape(text.dup)
+        def sort_issues(unsorted_issues)
+          return unsorted_issues unless unsorted_issues.any? && sort_field
 
-          Hash[ *text.scan(/#\[(.+?)\]#[\r|\n](.*?)(?=#\[|\z)/m).flatten.collect{ |str| str.strip } ].keys.each do |field|
-            output.gsub!(/#\[#{Regexp.escape(field)}\]#[\r|\n]/, "h4. #{field}\n\n")
+          # FIXME: Assume the Field :type is :number, so cast .to_f and sort
+          unsorted_issues.sort do |a, b|
+            b.fields.fetch(sort_field, '0').to_f <=> a.fields.fetch(sort_field, '0').to_f
           end
+        end
+
+        def tags
+          @tags ||= project.tags
+        end
+
+        def title
+          @title ||= if Dradis.constants.include?(:Pro)
+                       "Dradis Professional Edition v#{Dradis::Pro.version}"
+                     else
+                       "Dradis Community Edition v#{Dradis::CE.version}"
+                     end
+        end
+
+        def with_temporary_template(original, &block)
+          filename = File.basename(Dir::Tmpname.create(['', '.html.erb']) {})
+          destination_path = Rails.root.join('app', 'views', 'tmp', filename)
+
+          FileUtils.mkdir_p(File.dirname(destination_path))
+          FileUtils.cp(original, destination_path)
 
-          auto_link(RedCloth.new(output, [:no_span_caps]).to_html).html_safe
+          yield("tmp/#{filename}")
+        ensure
+          file_path = Rails.root.join("app/views/tmp/#{filename}")
+          File.delete(file_path) if File.exists?(file_path)
         end
       end
     end

data/lib/dradis/plugins/html_export/gem_version.rb

@@ -8,7 +8,7 @@ module Dradis
 
       module VERSION
         MAJOR = 3
-        MINOR = 16
+        MINOR = 21
         TINY  = 0
         PRE   = nil
 

data/lib/tasks/thorfile.rb

@@ -15,9 +15,15 @@ class HtmlExportTasks < Thor
 
     report_path = options.output || Rails.root
     unless report_path.to_s =~ /\.html\z/
-      date      = DateTime.now.strftime("%Y-%m-%d")
-      sequence  = Dir.glob(File.join(report_path, "dradis-report_#{date}_*.html")).collect { |a| a.match(/_([0-9]+)\.html\z/)[1].to_i }.max || 0
-      report_path = File.join(report_path, "dradis-report_#{date}_#{sequence + 1}.html")
+      date = DateTime.now.strftime("%Y-%m-%d")
+      base_filename = "dradis-report_#{date}.html"
+
+      report_filename = NamingService.name_file(
+        original_filename: base_filename,
+        pathname: Pathname.new(report_path)
+      )
+
+      report_path = File.join(report_path, report_filename)
     end
 
     if template = options.template

data/spec/fixtures/files/template.html.erb

@@ -0,0 +1,12 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <title>My Title</title>
+  </head>
+  <body>
+    <h2>Issues</h2>
+    <% issues.each do |issue| %>
+      <p><%= markup(issue.text) %></p>
+    <% end %>
+  </body>
+</html>

data/spec/lib/dradis/plugins/html_export/exporter_spec.rb

@@ -0,0 +1,25 @@
+require 'rails_helper'
+
+describe Dradis::Plugins::HtmlExport::Exporter do
+  let!(:project) { create(:project) }
+  let!(:issues) { create_list(:issue, 3, node: project.issue_library) }
+
+  let(:export_options) do
+    {
+      project_id: project.id,
+      template: Dradis::Plugins::HtmlExport::Engine.root.join(
+        'spec/fixtures/files/template.html.erb'
+      )
+    }
+  end
+
+  let(:exporter) { described_class.new(export_options) }
+
+  it 'exports html' do
+    html = exporter.export
+
+    issues.each do |issue|
+      expect(html.include?(issue.title))
+    end
+  end
+end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dradis-html_export
 version: !ruby/object:Gem::Version
-  version: 3.16.0
+  version: 3.21.0
 platform: ruby
 authors:
 - Daniel Martin
-autorequire: 
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2020-02-26 00:00:00.000000000 Z
+date: 2021-02-12 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dradis-plugins
@@ -70,6 +70,8 @@ files:
 - README.md
 - Rakefile
 - app/controllers/dradis/plugins/html_export/base_controller.rb
+- app/views/dradis/plugins/html_export/export/_index-content.html.erb
+- app/views/dradis/plugins/html_export/export/_index-tabs.html.erb
 - config/routes.rb
 - dradis-html_export.gemspec
 - lib/dradis-html_export.rb
@@ -79,6 +81,8 @@ files:
 - lib/dradis/plugins/html_export/gem_version.rb
 - lib/dradis/plugins/html_export/version.rb
 - lib/tasks/thorfile.rb
+- spec/fixtures/files/template.html.erb
+- spec/lib/dradis/plugins/html_export/exporter_spec.rb
 - spec/requests/html_export_spec.rb
 - spec/spec_helper.rb
 - templates/basic.html.erb
@@ -87,7 +91,7 @@ homepage: http://dradisframework.org
 licenses:
 - GPL-2
 metadata: {}
-post_install_message: 
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -102,10 +106,12 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.1
-signing_key: 
+rubygems_version: 3.2.4
+signing_key:
 specification_version: 4
 summary: Dradis HTML export plugin
 test_files:
+- spec/fixtures/files/template.html.erb
+- spec/lib/dradis/plugins/html_export/exporter_spec.rb
 - spec/requests/html_export_spec.rb
 - spec/spec_helper.rb