dradis-html_export 4.1.1 → 4.4.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 205222446aa051525b3f1a66c3de03860b2bcda28162666b170e156d6cf2d7da
-  data.tar.gz: e4ce08b1eb00b95a08371d710debab240efd7251f27859fc5dadf6abb2ac2e8a
+  metadata.gz: cc6c6bcbe59a15df89fa68f8824c257fe7bd878790686b65a6e8ed3844c8bce6
+  data.tar.gz: fb8a6be270cee79af15832c8819a8ef7b3c9e7904994c1c53c6200cd9ec479c0
 SHA512:
-  metadata.gz: 327c889c0dc25383b6b7db55cd1b70bcfb9bd20131ec54560235c03c65af8394096ba62b75c4c06f4b46b7bed3e1397d201bb9d939d12984847ff5f4835c098e
-  data.tar.gz: eb430dfd5ad4428e95a6d5babae0068d0813c3323fe8ce59d3cdfe162d2c745116688c8ef68928a89a2bb6ce3b61886f03dc3c2c2b6b44ecbf0c8756c3e187a7
+  metadata.gz: c9ae0c9c0435671e6dd58f52169c4d55f7fb300fa5bdab5ad550722de844ca905c0eb25a2ce772a494ca73c19590593b0794697de70a0869e4fad699d18e5908
+  data.tar.gz: a3e77887e9ea5e1b1f2f117148e753ca16f4882fd99ec519ba9810545e4c3a51c2eeed0b46ffdd6fc52e2037ad634d3e1726b2a962012bc2d1acb38309112f91

data/CHANGELOG.md

@@ -1,3 +1,12 @@
+v4.4.0 (June 2022)
+  - No changes
+
+v4.3.0 (April 2022)
+  - Add the RTP report title on export page in DradisPro
+
+v4.2.0 (February 2022)
+  - No changes
+
 v4.1.1 (November 2021)
   - Loosen dradis-plugins version requirement
 

data/app/presenters/dradis/plugins/html_export/template_presenter.rb

@@ -0,0 +1,38 @@
+module Dradis
+  module Plugins
+    module HtmlExport
+      class TemplatePresenter < BasePresenter
+        presents :template
+
+        def self.each_template(&block)
+          templates.each(&block)
+        end
+
+        def self.templates
+          if defined?(Dradis::Pro)
+            ReportTemplateProperties.all.where(plugin_name: :html_export).order(:title)
+          else
+            Dir["%s/*" % templates_dir].map { |t| File.basename(t) }.sort
+          end
+        end
+
+        def self.templates_dir
+          File.join(::Configuration::paths_templates_reports, 'html_export')
+        end
+
+        def title
+          return template if template.is_a?(String)
+
+          content_tag(:span, "#{template.title} - ") +
+            content_tag(:small, template.template_file)
+        end
+
+        def filename
+          return template if template.is_a?(String)
+
+          template.template_file
+        end
+      end
+    end
+  end
+end

data/app/views/dradis/plugins/html_export/export/_index-content.html.erb

@@ -1,21 +1,20 @@
-<%
-  templates_dir = File.join(::Configuration::paths_templates_reports, 'html_export')
-  templates = Dir["%s/*" % templates_dir].map { |t| File.basename(t) }.sort
-%>
-
 <%= content_tag :div, id: 'plugin-html_export', class: 'tab-pane fade' do %>
   <%= form_tag project_export_manager_path(current_project), target: '_blank' do %>
     <%= hidden_field_tag :plugin, :html_export %>
     <%= hidden_field_tag :route, :root %>
 
     <h4 class="header-underline">Choose a template</h4>
-    <p>Please choose one of the templates available for this plugin (find them in <code>.<%= templates_dir[Rails.root.to_s.length..-1] %></code>)</p>
+    <p>Please choose one of the templates available for this plugin (find them in <code>.<%= Dradis::Plugins::HtmlExport::TemplatePresenter.templates_dir[Rails.root.to_s.length..-1] %></code>)</p>
 
-    <% templates.each do |template| %>
-      <div class="custom-control custom-radio">
-        <%= radio_button_tag :template, template, template == templates.first, :class => 'custom-control-input' %>
-        <label class="custom-control-label" for="template_<%= template %>"><%= template %></label>
-      </div>
+    <% Dradis::Plugins::HtmlExport::TemplatePresenter.each_template do |template| %>
+      <% present(template, Dradis::Plugins::HtmlExport::TemplatePresenter) do |template_presenter| %>
+        <div class="custom-control custom-radio">
+          <%= radio_button_tag :template, template_presenter.filename, Dradis::Plugins::HtmlExport::TemplatePresenter.templates.first == template , class: 'custom-control-input' %>
+          <label class="custom-control-label" for="template_<%= template_presenter.filename %>">
+            <%= template_presenter.title %>
+          </label>
+        </div>
+      <% end %>
     <% end %>
 
     <button id="export-button" class="btn btn-lg btn-primary mt-4">Export</button>

data/lib/dradis/plugins/html_export/gem_version.rb

@@ -8,8 +8,8 @@ module Dradis
 
       module VERSION
         MAJOR = 4
-        MINOR = 1
-        TINY  = 1
+        MINOR = 4
+        TINY  = 0
         PRE   = nil
 
         STRING = [MAJOR, MINOR, TINY, PRE].compact.join(".")

data/spec/presenters/dradis/plugins/html_export/template_presenter_spec.rb

@@ -0,0 +1,47 @@
+require 'rails_helper'
+
+RSpec.describe Dradis::Plugins::HtmlExport::TemplatePresenter do
+  class FakeView
+    include ActionView::Helpers::TextHelper
+  end
+
+  let(:template_presenter) { described_class.new(template, FakeView.new) }
+
+  describe '#title' do
+    context 'when template is a string' do
+      let(:template) { 'basic.html.erb' }
+
+      it 'returns the string' do
+        expect(template_presenter.title).to eq template
+      end
+    end
+
+    context 'when template is a RTP' do
+      let(:template) do
+        double(
+          'ReportTemplateProperties',
+          title: 'Basic',
+          template_file: 'basic.html.erb'
+        )
+      end
+
+      it 'returns a formatted title' do
+        expect(template_presenter.title).to eq "<span>#{template.title} - </span><small>#{template.template_file}</small>"
+      end
+
+      context 'when title contains javascript' do
+        let(:template) do
+          double(
+            'ReportTemplateProperties',
+            title: '<script>alert("hello world")</script>',
+            template_file: 'basic.html.erb'
+          )
+        end
+
+        it 'prevents cross site scriptiing' do
+          expect(template_presenter.title).to eq "<span>&lt;script&gt;alert(&quot;hello world&quot;)&lt;/script&gt; - </span><small>#{template.template_file}</small>"
+        end
+      end
+    end
+  end
+end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dradis-html_export
 version: !ruby/object:Gem::Version
-  version: 4.1.1
+  version: 4.4.0
 platform: ruby
 authors:
 - Daniel Martin
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2021-11-18 00:00:00.000000000 Z
+date: 2022-06-13 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dradis-plugins
@@ -70,6 +70,7 @@ files:
 - README.md
 - Rakefile
 - app/controllers/dradis/plugins/html_export/base_controller.rb
+- app/presenters/dradis/plugins/html_export/template_presenter.rb
 - app/views/dradis/plugins/html_export/export/_index-content.html.erb
 - app/views/dradis/plugins/html_export/export/_index-tabs.html.erb
 - config/routes.rb
@@ -83,6 +84,7 @@ files:
 - lib/tasks/thorfile.rb
 - spec/fixtures/files/template.html.erb
 - spec/lib/dradis/plugins/html_export/exporter_spec.rb
+- spec/presenters/dradis/plugins/html_export/template_presenter_spec.rb
 - spec/requests/html_export_spec.rb
 - spec/spec_helper.rb
 - templates/basic.html.erb
@@ -106,12 +108,13 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.1.6
+rubygems_version: 3.2.32
 signing_key: 
 specification_version: 4
 summary: Dradis HTML export plugin
 test_files:
 - spec/fixtures/files/template.html.erb
 - spec/lib/dradis/plugins/html_export/exporter_spec.rb
+- spec/presenters/dradis/plugins/html_export/template_presenter_spec.rb
 - spec/requests/html_export_spec.rb
 - spec/spec_helper.rb