dradis-html_export 4.0.0 → 4.3.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 0e30ca0b3eebbe1ddc727fd0b9f9197b25490f545913c9e666282f40508bd858
-  data.tar.gz: 46ab64967389ecd8687c5dbba547ca78b1446bc97ff965f2851983e3ccc168b6
+  metadata.gz: d0d9fc4de71f006fa98925432abe6ebc106be1412f0d16199679b71b1ddd2cb4
+  data.tar.gz: b97d97b658c813c94cfc62397bade68f4e5f466386768f1f6410f8819334fadd
 SHA512:
-  metadata.gz: ff0405750e4525d3e9b2cfcaf434dabff1df3d3523fc398e2eaaf7764007e0b0b51c3c8a789e57bebb2f232e660e9ae3dad772985c3efe73ea0a5f8913bdafff
-  data.tar.gz: d52abe89584e52491e3edee462d788ec7d52e14ff38657c1553b624902fe9435882dbba99d4ff2a9909d639a5f9fd76b5dbe758746f752f23c5dcb85df954b7b
+  metadata.gz: 0d42f27e5cbce3ca6087b213fdb3a47bf01193cdc87d2cee2d85781ab2d9a17866181c57f352c741127bc95605e6c787658760c9fcc44600ceb8cee6322dcf0c
+  data.tar.gz: 30807f3bda9b6c23aa8023df4446404b3701e4290160766601ede9cfc5df92402b59a4d6f6335bb8e61d12f06c2b6c87d99ce8aca6062087b90a5ba0835af55d

data/CHANGELOG.md

@@ -1,75 +1,70 @@
-## Dradis Framework 4.0.0 (July, 2021) ##
+v4.3.0 (April 2022)
+  - Add the RTP report title on export page in DradisPro
 
-*   No changes.
+v4.2.0 (February 2022)
+  - No changes
 
-## Dradis Framework 3.22 (April, 2021) ##
+v4.1.1 (November 2021)
+  - Loosen dradis-plugins version requirement
 
-*   No changes.
+v4.1.0 (November 2021)
+  - No changes
 
-## Dradis Framework 3.21 (February, 2021) ##
+v4.0.0 (July 2021)
+  - No changes
 
-*   Add a fix for Rails 6 not allowing HTML rendering outside the view directory.
+v3.22.0 (April 2021)
+  - No changes
 
-## Dradis Framework 3.20 (December, 2020) ##
+v3.21.0 (February 2021)
+  - Add a fix for Rails 6 not allowing HTML rendering outside the view directory
 
-*   Add an option in the exporter to pass a controller for rendering.
-*   Add views for the export view.
-*   Use NamingService to build export filename.
+v3.20.0 (December 2020)
+  - Add an option in the exporter to pass a controller for rendering
+  - Add views for the export view
+  - Use NamingService to build export filename
 
-## Dradis Framework 3.19 (September, 2020) ##
+v3.19.0 (September 2020)
+  - No changes
 
-*   No changes.
+v3.18.0 (July 2020)
+  - No changes
 
-## Dradis Framework 3.18 (July, 2020) ##
+v3.17.0 (May 2020)
+  - Render report using main app's ApplicationController#render
 
-*   No changes.
+v3.16.0 (February 2020)
+  - No changes
 
-## Dradis Framework 3.17 (May, 2020) ##
+v3.15.0 (November 2019)
+  - No changes
 
-*   Render report using main app's ApplicationController#render.
+v3.14.0 (August 2019)
+  - No changes
 
-## Dradis Framework 3.16 (February, 2020) ##
+v3.13.0 (June 2019)
+  - No changes
 
-*   No changes.
+v3.12.0 (March 2019)
+  - No changes
 
-## Dradis Framework 3.15 (November, 2019) ##
+v3.11.0 (November 2018)
+  - No changes
 
-*   No changes.
+v3.10.0 (August 2018)
+  - Upgraded gems:
+    - RedCloth
+  - Bugs fixes:
+    - issue sorting
 
+v3.9.0 (January 2018)
+  - Updated rendering html as in Rails 5.1 (`render html:`)
 
-## Dradis Framework 3.14 (August, 2019) ##
+v3.8.0 (September 2017)
+  - No changes
 
-*   No changes.
+v3.7.0 (July 2017)
+  - No changes
 
-## Dradis Framework 3.13 (June, 2019) ##
-
-*   No changes.
-
-## Dradis Framework 3.12 (March, 2019) ##
-
-*   No changes.
-
-## Dradis Framework 3.11 (November, 2018) ##
-
-*   No changes.
-
-## Dradis Framework 3.10 (August, 2018) ##
-
-*   Security fix: update RedCloth to 4.3.2
-*   Fix issue sorting
-
-## Dradis Framework 3.9 (January, 2018) ##
-
-*   Updated rendering html as in Rails 5.1 (`render html:`)
-
-## Dradis Framework 3.8 (September, 2017) ##
-
-*   No changes.
-
-## Dradis Framework 3.7 (July, 2017) ##
-
-*   No changes.
-
-## Dradis Framework 3.6 (March, 2017) ##
-
-*   No changes.
+v3.6.0 (March 2017)
+  - No changes

data/CHANGELOG.template

@@ -0,0 +1,12 @@
+[v#.#.#] ([month] [YYYY])
+  - [future tense verb] [feature]
+  - Upgraded gems:
+    - [gem]
+  - Bugs fixes:
+    - [future tense verb] [bug fix]
+    - Bug tracker items:
+      - [item]
+  - Security Fixes:
+    - High: (Authenticated|Unauthenticated) (admin|author|contributor) [vulnerability description]
+    - Medium: (Authenticated|Unauthenticated) (admin|author|contributor) [vulnerability description]
+    - Low: (Authenticated|Unauthenticated) (admin|author|contributor) [vulnerability description]

data/app/presenters/dradis/plugins/html_export/template_presenter.rb

@@ -0,0 +1,38 @@
+module Dradis
+  module Plugins
+    module HtmlExport
+      class TemplatePresenter < BasePresenter
+        presents :template
+
+        def self.each_template(&block)
+          templates.each(&block)
+        end
+
+        def self.templates
+          if defined?(Dradis::Pro)
+            ReportTemplateProperties.all.where(plugin_name: :html_export).order(:title)
+          else
+            Dir["%s/*" % templates_dir].map { |t| File.basename(t) }.sort
+          end
+        end
+
+        def self.templates_dir
+          File.join(::Configuration::paths_templates_reports, 'html_export')
+        end
+
+        def title
+          return template if template.is_a?(String)
+
+          content_tag(:span, "#{template.title} - ") +
+            content_tag(:small, template.template_file)
+        end
+
+        def filename
+          return template if template.is_a?(String)
+
+          template.template_file
+        end
+      end
+    end
+  end
+end

data/app/views/dradis/plugins/html_export/export/_index-content.html.erb

@@ -1,21 +1,20 @@
-<%
-  templates_dir = File.join(::Configuration::paths_templates_reports, 'html_export')
-  templates = Dir["%s/*" % templates_dir].map { |t| File.basename(t) }.sort
-%>
-
 <%= content_tag :div, id: 'plugin-html_export', class: 'tab-pane fade' do %>
   <%= form_tag project_export_manager_path(current_project), target: '_blank' do %>
     <%= hidden_field_tag :plugin, :html_export %>
     <%= hidden_field_tag :route, :root %>
 
     <h4 class="header-underline">Choose a template</h4>
-    <p>Please choose one of the templates available for this plugin (find them in <code>.<%= templates_dir[Rails.root.to_s.length..-1] %></code>)</p>
+    <p>Please choose one of the templates available for this plugin (find them in <code>.<%= Dradis::Plugins::HtmlExport::TemplatePresenter.templates_dir[Rails.root.to_s.length..-1] %></code>)</p>
 
-    <% templates.each do |template| %>
-      <div class="custom-control custom-radio">
-        <%= radio_button_tag :template, template, template == templates.first, :class => 'custom-control-input' %>
-        <label class="custom-control-label" for="template_<%= template %>"><%= template %></label>
-      </div>
+    <% Dradis::Plugins::HtmlExport::TemplatePresenter.each_template do |template| %>
+      <% present(template, Dradis::Plugins::HtmlExport::TemplatePresenter) do |template_presenter| %>
+        <div class="custom-control custom-radio">
+          <%= radio_button_tag :template, template_presenter.filename, Dradis::Plugins::HtmlExport::TemplatePresenter.templates.first == template , class: 'custom-control-input' %>
+          <label class="custom-control-label" for="template_<%= template_presenter.filename %>">
+            <%= template_presenter.title %>
+          </label>
+        </div>
+      <% end %>
     <% end %>
 
     <button id="export-button" class="btn btn-lg btn-primary mt-4">Export</button>

data/dradis-html_export.gemspec

@@ -21,7 +21,7 @@ Gem::Specification.new do |spec|
   spec.require_paths = ["lib"]
 
   # gem.add_dependency 'dradis_core', version
-  spec.add_dependency 'dradis-plugins', '~> 4.0.0'
+  spec.add_dependency 'dradis-plugins', '~> 4.0'
 
   # Note markup
   spec.add_dependency 'rails_autolink', '~> 1.1'

data/lib/dradis/plugins/html_export/gem_version.rb

@@ -8,7 +8,7 @@ module Dradis
 
       module VERSION
         MAJOR = 4
-        MINOR = 0
+        MINOR = 3
         TINY  = 0
         PRE   = nil
 

data/spec/presenters/dradis/plugins/html_export/template_presenter_spec.rb

@@ -0,0 +1,47 @@
+require 'rails_helper'
+
+RSpec.describe Dradis::Plugins::HtmlExport::TemplatePresenter do
+  class FakeView
+    include ActionView::Helpers::TextHelper
+  end
+
+  let(:template_presenter) { described_class.new(template, FakeView.new) }
+
+  describe '#title' do
+    context 'when template is a string' do
+      let(:template) { 'basic.html.erb' }
+
+      it 'returns the string' do
+        expect(template_presenter.title).to eq template
+      end
+    end
+
+    context 'when template is a RTP' do
+      let(:template) do
+        double(
+          'ReportTemplateProperties',
+          title: 'Basic',
+          template_file: 'basic.html.erb'
+        )
+      end
+
+      it 'returns a formatted title' do
+        expect(template_presenter.title).to eq "<span>#{template.title} - </span><small>#{template.template_file}</small>"
+      end
+
+      context 'when title contains javascript' do
+        let(:template) do
+          double(
+            'ReportTemplateProperties',
+            title: '<script>alert("hello world")</script>',
+            template_file: 'basic.html.erb'
+          )
+        end
+
+        it 'prevents cross site scriptiing' do
+          expect(template_presenter.title).to eq "<span>&lt;script&gt;alert(&quot;hello world&quot;)&lt;/script&gt; - </span><small>#{template.template_file}</small>"
+        end
+      end
+    end
+  end
+end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dradis-html_export
 version: !ruby/object:Gem::Version
-  version: 4.0.0
+  version: 4.3.0
 platform: ruby
 authors:
 - Daniel Martin
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2021-08-03 00:00:00.000000000 Z
+date: 2022-04-29 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dradis-plugins
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 4.0.0
+        version: '4.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 4.0.0
+        version: '4.0'
 - !ruby/object:Gem::Dependency
   name: rails_autolink
   requirement: !ruby/object:Gem::Requirement
@@ -63,13 +63,14 @@ files:
 - ".github/pull_request_template.md"
 - ".gitignore"
 - ".rspec"
-- ".travis.yml"
 - CHANGELOG.md
+- CHANGELOG.template
 - CONTRIBUTING.md
 - Gemfile
 - README.md
 - Rakefile
 - app/controllers/dradis/plugins/html_export/base_controller.rb
+- app/presenters/dradis/plugins/html_export/template_presenter.rb
 - app/views/dradis/plugins/html_export/export/_index-content.html.erb
 - app/views/dradis/plugins/html_export/export/_index-tabs.html.erb
 - config/routes.rb
@@ -83,6 +84,7 @@ files:
 - lib/tasks/thorfile.rb
 - spec/fixtures/files/template.html.erb
 - spec/lib/dradis/plugins/html_export/exporter_spec.rb
+- spec/presenters/dradis/plugins/html_export/template_presenter_spec.rb
 - spec/requests/html_export_spec.rb
 - spec/spec_helper.rb
 - templates/basic.html.erb
@@ -113,5 +115,6 @@ summary: Dradis HTML export plugin
 test_files:
 - spec/fixtures/files/template.html.erb
 - spec/lib/dradis/plugins/html_export/exporter_spec.rb
+- spec/presenters/dradis/plugins/html_export/template_presenter_spec.rb
 - spec/requests/html_export_spec.rb
 - spec/spec_helper.rb

data/.travis.yml

@@ -1,11 +0,0 @@
-rvm:
-  - 1.9.3
-notifications:
-  irc:
-    on_success: change
-    on_failure: always
-    channels:
-      - "irc.freenode.org#dradis"
-
-bundler_args: --path vendor/bundle
-script: "bundle exec rake spec"