dradis-plugins 4.10.0 → 4.12.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: a58f55546e5cdc567817057c51b984d0b7696168b23d558e14672cc96ee47c47
-  data.tar.gz: 5ec9b6f9447ba38c3683f6b1b043b4b335050e85c65cabf0f7a90d3e9795dbfc
+  metadata.gz: 303a79ec7a8bf67064fe8a6dbb7e7c86cb9bc9ff4de1df69f7ab94ba9f55f805
+  data.tar.gz: 4fd4d6780ba9737bd45551f8c1b40e9f9654989f8925fae1bc38261e2288f95c
 SHA512:
-  metadata.gz: f10bf1639f13a54120880e99510e148c9c02b98371768209a00ee2e50547d7e2a5a256b76b11f5e8d74671cccdf12770daa12eb740532c9d6149f38f7fa6cdab
-  data.tar.gz: 78ba3a3f1e9ab31bde738e63832de8b3cc34bd1390976d5be45d71d11dd4659f23c5d878c7790231b4819b26e28f16e47142b3ea0a1da23a6c264241a9896547
+  metadata.gz: f5070d0ac07b7b045d140013aa5a26448bd6be87cbab58a8b7b19c298da1f6162bd867c66e2d2a0497ba8bcea32417ad4b22449863c322a760fdd3e32596bf9b
+  data.tar.gz: 7f73a9201af4be0334536254024b70e7dc2f317f8bdd0d1e2a8fae785c8abf815060cd71be3e9799b65dc15ad9252da0a0d1c1fb9c23b7920be0c34ce431d62d

data/.github/pull_request_template.md

@@ -0,0 +1,45 @@
+Please review [CONTRIBUTING.md](https://github.com/dradis/dradis-ce/blob/develop/CONTRIBUTING.md) and remove this line.
+
+### Summary
+
+Provide a general description of the code changes in your pull
+request... were there any bugs you had fixed? If so, mention them. If
+these bugs have open GitHub issues, be sure to tag them here as well,
+to keep the conversation linked together.
+
+
+### Testing Steps
+
+Provide steps to test functionality, described in detail for someone not familiar with this part of the application / code base
+
+
+### Other Information
+
+If there's anything else that's important and relevant to your pull
+request, mention that information here. This could include
+benchmarks, or other information.
+
+Thanks for contributing to Dradis!
+
+
+### Copyright assignment
+
+Collaboration is difficult with commercial closed source but we want
+to keep as much of the OSS ethos as possible available to users
+who want to fix it themselves.
+
+In order to unambiguously own and sell Dradis Framework commercial
+products, we must have the copyright associated with the entire
+codebase. Any code you create which is merged must be owned by us.
+That's not us trying to be a jerks, that's just the way it works.
+
+You can delete this section, but the following sentence needs to
+remain in the PR's description:
+
+> I assign all rights, including copyright, to any future Dradis
+> work by myself to Security Roots.
+
+### Check List
+
+- [ ] Added a CHANGELOG entry
+- [ ] Added specs

data/CHANGELOG.md

@@ -1,3 +1,12 @@
+v4.12.0 (May 2024)
+  - Update Dradis links in README
+  - Fix the TypeError around the plugins template caching
+  - Remove template_service and add mapping_service to apply mappings on tool upload
+  - Include mapping module when integrations provide 'upload'
+
+v4.11.0 (January 2024)
+  - No changes
+
 v4.10.0 (September 2023)
   - Add validations to the Export::BaseController
   - Update gemspec links

data/README.md

@@ -8,17 +8,16 @@ The Dradis 3 gemified plugin Engines need to include Dradis::Plugins::Base which
 
 Warning, we may end up merging this gem with Dradis::Core!!
 
-The add-on requires [Dradis CE](https://dradisframework.org/) > 3.0, or [Dradis Pro](https://dradisframework.com/pro/).
-
+The add-on requires [Dradis CE](https://dradis.com/ce/) > 3.0, or [Dradis Pro](https://dradis.com/).
 
 ## More information
 
-See the Dradis Framework's [README.md](https://github.com/dradis/dradisframework/blob/master/README.md)
+See the Dradis Framework's [README.md](https://github.com/dradis/dradis-ce/blob/develop/README.md)
 
 
 ## Contributing
 
-See the Dradis Framework's [CONTRIBUTING.md](https://github.com/dradis/dradisframework/blob/master/CONTRIBUTING.md)
+See the Dradis Framework's [CONTRIBUTING.md](https://github.com/dradis/dradis-ce/blob/develop/CONTRIBUTING.md)
 
 
 ## License

data/dradis-plugins.gemspec

@@ -13,10 +13,10 @@ Gem::Specification.new do |spec|
   spec.license = 'GPL-2'
 
   spec.authors = ['Daniel Martin']
-  spec.homepage = 'http://dradis.com'
+  spec.homepage = 'http://dradis.com/ce/'
 
   spec.files = `git ls-files`.split($\)
-  spec.executables = spec.files.grep(%r{^bin/}).map{ |f| File.basename(f) }
+  spec.executables = spec.files.grep(%r{^bin/}).map { |f| File.basename(f) }
   spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
 
   spec.add_development_dependency 'bundler'

data/lib/dradis/plugins/base.rb

@@ -12,7 +12,8 @@ module Dradis
 
         # Extend the engine with other functionality
         include Dradis::Plugins::Configurable
-        include Dradis::Plugins::Templates
+        include Dradis::Plugins::Templates::MigrateTemplates
+        include Dradis::Plugins::Templates::Samples
         include Dradis::Plugins::Thor
       end
 
@@ -33,6 +34,7 @@ module Dradis
           @features = list
           if list.include?(:upload)
             include Dradis::Plugins::Upload::Base
+            include Dradis::Plugins::Mappings::Base
           end
         end
 

data/lib/dradis/plugins/content_service/core.rb

@@ -15,7 +15,7 @@ module Dradis::Plugins::ContentService
       @logger = args.fetch(:logger, Rails.logger)
       @plugin = args.fetch(:plugin)
       @project = args[:project]
-      @scope = args.fetch(:scope, :published)
+      @scope = validate_scope(args[:scope]).to_sym
       @state = args[:state]
     end
 
@@ -51,5 +51,13 @@ module Dradis::Plugins::ContentService
       end
     end
 
+    def validate_scope(scope)
+      valid_scopes = Dradis::Plugins::ContentService::Base::VALID_SCOPES
+      if scope && valid_scopes.include?(scope.to_s)
+        scope
+      else
+        :published
+      end
+    end
   end
 end

data/lib/dradis/plugins/gem_version.rb

@@ -7,7 +7,7 @@ module Dradis
 
     module VERSION
       MAJOR = 4
-      MINOR = 10
+      MINOR = 12
       TINY  = 0
       PRE   = nil
 

data/lib/dradis/plugins/mapping_service.rb

@@ -0,0 +1,77 @@
+module Dradis
+  module Plugins
+    class MappingService
+      attr_accessor :component, :destination, :integration, :source
+
+      def initialize(destination: nil, integration:)
+        @destination = destination
+        @integration = integration
+        @component = @integration.meta[:name].to_s
+        @sample_dir = default_sample_dir
+      end
+
+      def apply_mapping(data:, source:, mapping_fields: nil)
+        @source = source
+        return unless valid_source?
+
+        field_processor = integration::FieldProcessor.new(data: data)
+        mapping_fields = mapping_fields || get_mapping_fields
+
+        mapping_fields.map do |field|
+          field_name = field.destination_field
+          field_content = process_content(
+            field.content,
+            field_processor
+          )
+
+          "#[#{field_name}]#\n#{field_content}"
+        end&.join("\n\n")
+      end
+
+      # This returns a sample of valid entry for the Mappings Manager
+      def sample
+        @sample ||= {}
+        if valid_source?
+          @sample[source] ||= begin
+            sample_file = File.join(@sample_dir, "#{source}.sample")
+            File.read(sample_file)
+          end
+        end
+      end
+
+      private
+
+      # This method returns the default location in which integrations store their sample files
+      def default_sample_dir
+        @default_sample_dir ||= begin
+          File.join(Configuration.paths_templates_plugins, component)
+        end
+      end
+
+      def get_mapping_fields
+        # returns the mapping fields for the found mapping,
+        # or the default mapping_fields
+        integration.mapping_fields(
+          source: source,
+          destination: destination
+        )
+      end
+
+      def process_content(content, field_processor)
+        content.gsub(/{{\s?#{component}\[(\S*?)\]\s?}}/) do |field|
+          name = field.split(/\[|\]/)[1]
+
+          if integration.source_fields(source).include?(name)
+            field_processor.value(field: name)
+          else
+            "Field [#{field}] not recognized by the integration"
+          end
+        end
+      end
+
+      def valid_source?
+        @source = source if integration.mapping_sources.include?(source.to_sym)
+      end
+    end
+  end
+end

data/lib/dradis/plugins/mappings/base.rb

@@ -0,0 +1,82 @@
+
+# When you call provides :upload in your Engine, this module gets included.
+module Dradis::Plugins::Mappings::Base
+  extend ActiveSupport::Concern
+
+  included do
+    module_parent.extend ClassMethods
+  end
+
+  module ClassMethods
+
+    def default_mapping_fields(source)
+      default_mapping(source).map do |destination_field, content|
+        MappingField.new(destination_field: destination_field, content: content)
+      end
+    end
+
+    def component
+      meta[:name].to_s
+    end
+
+    def field_names(source:, destination: nil, field_type: 'destination')
+      mappings = mappings(source: source, destination: destination)
+
+      mapping_fields = if mappings.any?
+        mappings.map(&:mapping_fields).flatten
+      end
+
+      if mapping_fields && mapping_fields.any?
+        mapping_fields.pluck("#{field_type}_field").uniq
+      else
+        default_mapping(source).keys
+      end
+    end
+
+    def default_mapping(source)
+      if mapping_sources.include?(source.to_sym)
+        self::Mapping::DEFAULT_MAPPING[source.to_sym]
+      end
+    end
+
+    # given the params returns all matching mappings
+    # will accept source and/or destination or no args
+    def mappings(source: nil, destination: nil)
+      mappings = Mapping.includes(:mapping_fields).where(
+        component: component
+      )
+      mappings = mappings.where(source: source) if source
+      mappings = mappings.where(destination: destination) if destination
+      mappings
+    end
+
+    # returns single matching mapping given source & destination or default
+    def get_mapping(source:, destination:)
+      mapping = Mapping.includes(:mapping_fields).find_by(
+        component: component,
+        source: source,
+        destination: destination
+      )
+    end
+
+    def mapping_fields(source:, destination:)
+      mapping = get_mapping(source: source, destination: destination)
+
+      if mapping
+        mapping.mapping_fields
+      else
+        default_mapping_fields(source)
+      end
+    end
+
+    def mapping_sources
+      self::Mapping::SOURCE_FIELDS.keys
+    end
+
+    def source_fields(source)
+      if mapping_sources.include?(source.to_sym)
+        self::Mapping::SOURCE_FIELDS[source.to_sym]
+      end
+    end
+  end
+end

data/lib/dradis/plugins/mappings.rb

@@ -0,0 +1,8 @@
+module Dradis
+  module Plugins
+    module Mappings
+    end
+  end
+end
+
+require 'dradis/plugins/mappings/base'

data/lib/dradis/plugins/templates/migrate_templates.rb

@@ -0,0 +1,143 @@
+module Dradis
+  module Plugins
+    module Templates
+      module MigrateTemplates
+        extend ActiveSupport::Concern
+
+        # Apr 2024 migration to move from .template files
+        # to db-backed mappings. Can be removed in Apr 2026
+
+        LEGACY_FIELDS_REGEX = /%(\S+?)%/.freeze
+        LEGACY_MAPPING_REFERENCE = {
+          'burp' => {
+            'html_evidence' => 'html_evidence',
+            'html_issue' => 'issue',
+            'xml_evidence' => 'evidence',
+            'xml_issue' => 'issue'
+          },
+          'qualys' => {
+            'asset_evidence' => 'asset-evidence',
+            'asset_issue' => 'asset-issue',
+            'vuln_evidence' => 'evidence',
+            'vuln_element' => 'element',
+            'was_evidence' => 'was-evidence',
+            'was_issue' => 'was-issue'
+          }
+        }.freeze
+
+        module ClassMethods
+          def migrate_templates_to_mappings(args = {})
+            # return if the integration doesn't provide any templates ex. projects, cve
+            return unless paths['dradis/templates'].existent.any?
+            @integration_name = plugin_name.to_s
+            # return if templates have already been migrated (mappings exist for the integration)
+            return if ::Mapping.where(component: @integration_name).any?
+
+            templates_dir = args.fetch(:from)
+            integration_templates_dir = File.join(templates_dir, @integration_name)
+
+            if uploaders.count > 1
+              migrate_multiple_uploaders(@integration_name, integration_templates_dir)
+            else
+              template_files = Dir["#{integration_templates_dir}/*.template"]
+              return unless template_files.any?
+
+              template_files.each do |template_file|
+                next unless File.exist?(template_file)
+                source = File.basename(template_file, '.template')
+                # create a mapping & mapping_fields for each field in the file
+                migrate(template_file, source)
+                rename_file(template_file)
+              end
+            end
+          end
+
+          private
+
+          def create_mapping(mapping_source, destination = nil)
+            ::Mapping.find_or_create_by!(
+              component: @integration_name,
+              source: mapping_source,
+              destination: destination
+            )
+          end
+
+          def create_mapping_fields(mapping, template_file)
+            template_fields = parse_template_fields(template_file)
+            return unless template_fields
+
+            # create a mapping_field for each field in the .template file
+            template_fields.each do |field_title, field_content|
+              # set source_field by taking the first match to the existing %% syntax
+              source_field = field_content.match(LEGACY_FIELDS_REGEX)
+              source_field = source_field ? source_field[1] : 'Custom Text'
+
+              updated_content = update_syntax(field_content)
+
+              mapping.mapping_fields.find_or_create_by!(
+                source_field: source_field,
+                destination_field: field_title,
+                content: updated_content
+              )
+            end
+          end
+
+          def migrate(template_file, source)
+            destinations = if defined?(Dradis::Pro)
+              ReportTemplateProperties.with_fields_defined.map(&:as_mapping_destination)
+            else
+              [nil]
+            end
+
+            destinations.each do |destination|
+              ActiveRecord::Base.transaction do
+                mapping = create_mapping(source, destination)
+                create_mapping_fields(mapping, template_file)
+              end
+            end
+          end
+
+          # previously our integrations with multiple uploaders (Burp, Qualys) had inconsistent
+          # template names (some included the uploader, some didn't ex. burp issue vs html_evidence)
+          # they have been renamed to follow a consistent 'uploader_entity' structure, but
+          # in order to migrate the old templates to the db with the new names as the source
+          # we need to reference an object in the integration that maps the new name to the old one
+          def migrate_multiple_uploaders(integration, templates_dir)
+            return unless LEGACY_MAPPING_REFERENCE[integration]
+
+            LEGACY_MAPPING_REFERENCE[integration].each do |source_field, legacy_template_name|
+              template_file = Dir["#{templates_dir}/#{legacy_template_name}.template"]
+              if template_file.any? { |file| File.exist?(file) }
+                migrate(template_file[0], source_field)
+                # burp issue.template is used by both uploaders so don't rename it the first time around
+                rename_file(template_file[0]) unless source_field == 'html_issue'
+              end
+            end
+          end
+
+          def parse_template_fields(template_file)
+            if File.file?(template_file)
+              template_content = File.read(template_file)
+              FieldParser.source_to_fields(template_content)
+            end
+          end
+
+          def rename_file(template_file)
+            # Don't rename if it's already been renamed.
+            if !template_file.include?('.legacy') && File.file?(template_file)
+              File.rename template_file, "#{template_file}.legacy"
+            end
+          end
+
+          def update_syntax(field_content)
+            # turn the %% syntax into the new
+            # '{{ <integration>[was-issue.title] }}' format
+            field_content.gsub(LEGACY_FIELDS_REGEX) do |content|
+              "{{ #{@integration_name}[#{content[1..-2]}] }}"
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/dradis/plugins/templates/samples.rb

@@ -0,0 +1,45 @@
+module Dradis
+  module Plugins
+    module Templates
+      module Samples
+        extend ActiveSupport::Concern
+
+        included do
+          # Keep track of any templates the plugin defines
+          paths['dradis/templates'] = 'templates'
+        end
+
+        module ClassMethods
+          def copy_samples(args = {})
+            destination = args.fetch(:to)
+
+            destination_dir = File.join(destination, plugin_name.to_s)
+            FileUtils.mkdir_p(destination_dir) if integration_samples.any?
+
+            integration_samples.each do |template|
+              destination_file = File.join(destination_dir, File.basename(template))
+
+              Rails.logger.info do
+                "Updating templates for #{plugin_name} plugin. "\
+                "Destination: #{destination}"
+              end
+              FileUtils.cp(template, destination_file)
+            end
+          end
+
+          private
+
+          def integration_samples(args = {})
+            @templates ||= begin
+              if paths['dradis/templates'].existent.any?
+                Dir["#{paths['dradis/templates'].existent.first}/*.sample"]
+              else
+                []
+              end
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/dradis/plugins/upload/importer.rb

@@ -9,11 +9,11 @@ module Dradis
           :content_service,
           :default_user_id,
           :logger,
+          :mapping_service,
           :options,
           :plugin,
           :project,
           :state,
-          :template_service
         )
 
         def self.templates
@@ -29,8 +29,8 @@ module Dradis
           @project = args.key?(:project_id) ? Project.find(args[:project_id]) : nil
           @state = args.fetch(:state, :published)
 
-          @content_service  = args.fetch(:content_service, default_content_service)
-          @template_service = args.fetch(:template_service, default_template_service)
+          @content_service   = args.fetch(:content_service, default_content_service)
+          @mapping_service   = default_mapping_service
 
           post_initialize(args)
         end
@@ -71,11 +71,13 @@ module Dradis
           end
         end
 
+        def default_mapping_service
+          rtp = project.report_template_properties if project
+          destination = rtp ? rtp.as_mapping_destination : nil
 
-        def default_template_service
-          @template ||= Dradis::Plugins::TemplateService.new(
-            logger: logger,
-            plugin: plugin
+          Dradis::Plugins::MappingService.new(
+            destination: destination,
+            integration: plugin
           )
         end
       end # Importer

data/lib/dradis/plugins.rb

@@ -57,6 +57,15 @@ module Dradis
         @@extensions.include?(const)
       end
 
+      def upload_integration_names_and_modules
+        with_feature(:upload).each_with_object({}) do |integration, integrations_hash|
+          integration_name = integration.plugin_name.to_s
+          integration_module = integration.module_parent
+
+          integrations_hash[integration_name] = integration_module
+        end
+      end
+
       private
 
       # Use this to ensure the Extension conforms with some expected interface
@@ -74,11 +83,12 @@ require 'dradis/plugins/engine'
 require 'dradis/plugins/version'
 
 require 'dradis/plugins/content_service/base'
-require 'dradis/plugins/template_service'
+require 'dradis/plugins/mapping_service'
 
 require 'dradis/plugins/base'
 require 'dradis/plugins/export'
 require 'dradis/plugins/import'
+require 'dradis/plugins/mappings'
 require 'dradis/plugins/upload'
 
 # Common functionality
@@ -86,6 +96,7 @@ require 'dradis/plugins/configurable'
 require 'dradis/plugins/settings'
 require 'dradis/plugins/settings/adapters/db'
 require 'dradis/plugins/settings/adapters/encrypted_configuration'
-require 'dradis/plugins/templates'
+require 'dradis/plugins/templates/samples'
+require 'dradis/plugins/templates/migrate_templates'
 require 'dradis/plugins/thor'
 require 'dradis/plugins/thor_helper'

data/spec/lib/dradis/plugins/mapping_service_spec.rb

@@ -0,0 +1,54 @@
+require 'rails_helper'
+
+# To run, execute from Dradis main app folder:
+#   bin/rspec [dradis-plugins path]/spec/lib/dradis/plugins/mapping_service_spec.rb
+describe Dradis::Plugins::MappingService do
+  describe '#apply_mapping' do
+    let(:data) { double }
+    let(:liquid_mapping_field) {
+      create(:mapping_field, content: "{% if issue.evidence %}\n{% endif %} }}")
+    }
+    let(:integration) { Dradis::Plugins::Qualys }
+    let(:project) { create(:project, :with_report_template_properties) }
+    let(:qualys_mapping_field) {
+      create(:mapping_field, destination_field: 'Test Field', content: 'test content')
+    }
+    let(:mapping_service) do
+      Dradis::Plugins::MappingService.new(
+        integration: integration,
+        destination: "rtp_#{project.report_template_properties_id}"
+      )
+    end
+    let(:mapping_processed) do
+      mapping_service.apply_mapping(source: 'was_issue', data: data)
+    end
+
+    before do
+      allow(data).to receive(:name).and_return('VULNERABILITY')
+    end
+
+    context 'with default mappings' do
+      it 'applies default mappings when no mapping exists' do
+        expect(mapping_processed).to include("#[Title]#\n")
+        expect(mapping_processed).not_to include("#[Test Field]#\n")
+      end
+    end
+
+    context 'with custom mappings' do
+      it 'applies mappings when a mapping matching the uploader & source exists' do
+        allow(mapping_service).to receive(:get_mapping_fields).and_return([qualys_mapping_field])
+
+        expect(mapping_processed).to include("#[Test Field]#\ntest content")
+        expect(mapping_processed).not_to include("#[Title]#\n")
+      end
+
+      context 'with liquid content' do
+        it 'does not parse the liquid data as fields' do
+          allow(mapping_service).to receive(:get_mapping_fields).and_return([liquid_mapping_field])
+
+          expect(mapping_processed).to include("{% if issue.evidence %}\n{% endif %} }}")
+        end
+      end
+    end
+  end
+end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dradis-plugins
 version: !ruby/object:Gem::Version
-  version: 4.10.0
+  version: 4.12.0
 platform: ruby
 authors:
 - Daniel Martin
-autorequire: 
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-09-07 00:00:00.000000000 Z
+date: 2024-05-07 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -53,11 +53,12 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 description: Required dependency for Dradis Framework.
-email: 
+email:
 executables: []
 extensions: []
 extra_rdoc_files: []
 files:
+- ".github/pull_request_template.md"
 - ".gitignore"
 - ".rspec"
 - CHANGELOG.md
@@ -92,11 +93,14 @@ files:
 - lib/dradis/plugins/import/filters.rb
 - lib/dradis/plugins/import/filters/base.rb
 - lib/dradis/plugins/import/result.rb
+- lib/dradis/plugins/mapping_service.rb
+- lib/dradis/plugins/mappings.rb
+- lib/dradis/plugins/mappings/base.rb
 - lib/dradis/plugins/settings.rb
 - lib/dradis/plugins/settings/adapters/db.rb
 - lib/dradis/plugins/settings/adapters/encrypted_configuration.rb
-- lib/dradis/plugins/template_service.rb
-- lib/dradis/plugins/templates.rb
+- lib/dradis/plugins/templates/migrate_templates.rb
+- lib/dradis/plugins/templates/samples.rb
 - lib/dradis/plugins/thor.rb
 - lib/dradis/plugins/thor_helper.rb
 - lib/dradis/plugins/upload.rb
@@ -109,15 +113,15 @@ files:
 - spec/lib/dradis/plugins/content_service/boards_spec.rb
 - spec/lib/dradis/plugins/content_service/content_blocks_spec.rb
 - spec/lib/dradis/plugins/content_service/issues_spec.rb
+- spec/lib/dradis/plugins/mapping_service_spec.rb
 - spec/lib/dradis/plugins/settings/adapters/encrypted_configuration_spec.rb
-- spec/lib/dradis/plugins/template_service_spec.rb
 - spec/settings_spec.rb
 - spec/spec_helper.rb
-homepage: http://dradis.com
+homepage: http://dradis.com/ce/
 licenses:
 - GPL-2
 metadata: {}
-post_install_message: 
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -133,7 +137,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubygems_version: 3.1.4
-signing_key: 
+signing_key:
 specification_version: 4
 summary: Plugin manager for the Dradis Framework project.
 test_files:
@@ -142,7 +146,7 @@ test_files:
 - spec/lib/dradis/plugins/content_service/boards_spec.rb
 - spec/lib/dradis/plugins/content_service/content_blocks_spec.rb
 - spec/lib/dradis/plugins/content_service/issues_spec.rb
+- spec/lib/dradis/plugins/mapping_service_spec.rb
 - spec/lib/dradis/plugins/settings/adapters/encrypted_configuration_spec.rb
-- spec/lib/dradis/plugins/template_service_spec.rb
 - spec/settings_spec.rb
 - spec/spec_helper.rb

data/lib/dradis/plugins/template_service.rb

@@ -1,102 +0,0 @@
-module Dradis
-  module Plugins
-    class TemplateService
-      attr_accessor :logger, :template, :templates_dir
-
-      def initialize(args = {})
-        @plugin        = args.fetch(:plugin)
-        @templates_dir = args[:templates_dir] || default_templates_dir
-      end
-
-      # For a given entry, return a text blob resulting from applying the
-      # chosen template to the supplied entry.
-      def process_template(args = {})
-        self.template = args[:template]
-        data          = args[:data]
-
-        processor = @plugin::FieldProcessor.new(data: data)
-
-        template_source.gsub(/%(\S*?)%/) do |field|
-          name = field[1..-2]
-          if fields.include?(name)
-            processor.value(field: name)
-          else
-            "Field [#{field}] not recognized by the plugin"
-          end
-        end
-      end
-
-      # ---------------------------------------------- Plugin Manager interface
-
-      # This lists the fields defined by this plugin that can be used in the
-      # template
-      def fields
-        @fields ||= {}
-        @fields[template] ||= begin
-          fields_file = File.join(templates_dir, "#{template}.fields")
-          File.readlines(fields_file).map(&:chomp)
-        end
-      end
-
-      # This returns a sample of valid entry for the Plugin Manager
-      def sample
-        @sample ||= {}
-        @sample[template] ||= begin
-          sample_file = File.join(templates_dir, "#{template}.sample")
-          File.read(sample_file)
-        end
-      end
-
-      # Set the plugin's item template. This is used by the Plugins Manager
-      # to force the plugin to use the new_template (provided by the user)
-      def set_template(args = {})
-        template = args[:template]
-        content  = args[:content]
-
-        @sources ||= {}
-        @sources[template] ||= {
-          content: nil,
-          mtime: DateTime.now
-        }
-        @sources[template][:content] = content
-      end
-
-      # This method returns the current template's source. It caches the
-      # template based on the file's last-modified time and refreshes the
-      # cached copy when it detects changes.
-      def template_source
-        @sources ||= {}
-
-        # The template can change from one time to the next (via the Plugin Manager)
-        template_file  = File.join(templates_dir, "#{template}.template")
-        template_mtime = File.mtime(template_file)
-
-        if @sources.key?(template)
-          # refresh cached version if modified since last read
-          if template_mtime > @sources[template][:mtime]
-            @template[template][:mtime] = template_mtime
-            @template[template][:content] = File.read(template_file)
-          end
-        else
-          @sources[template] = {
-            mtime: template_mtime,
-            content: File.read(template_file)
-          }
-        end
-
-        @sources[template][:content]
-      end
-      # --------------------------------------------- /Plugin Manager interface
-
-      private
-
-      # This method returns the default location in which plugins should look
-      # for their templates.
-      def default_templates_dir
-        @default_templates_dir ||= begin
-          File.join(Configuration.paths_templates_plugins, @plugin::meta[:name].to_s)
-        end
-      end
-    end
-  end
-end

data/lib/dradis/plugins/templates.rb

@@ -1,57 +0,0 @@
-module Dradis
-  module Plugins
-    module Templates
-      extend ActiveSupport::Concern
-
-      included do
-        # Keep track of any templates the plugin defines
-        paths['dradis/templates'] = 'templates'
-      end
-
-      module ClassMethods
-        def copy_templates(args={})
-          destination = args.fetch(:to)
-
-          destination_dir = File.join(destination, plugin_name.to_s)
-          FileUtils.mkdir_p(destination_dir) if plugin_templates.any?
-
-          plugin_templates.each do |template|
-            destination_file = File.join(destination_dir, File.basename(template))
-
-            next if skip?(destination_file)
-
-            Rails.logger.info do
-              "Updating templates for #{plugin_name} plugin. "\
-              "Destination: #{destination}"
-            end
-            FileUtils.cp(template, destination_file)
-          end
-        end
-
-        def plugin_templates(args={})
-          @templates ||= begin
-            if paths['dradis/templates'].existent.any?
-              Dir["#{paths['dradis/templates'].existent.first}/*"]
-            else
-              []
-            end
-          end
-        end
-
-        private
-
-        # Normally we want to copy all templates so that the user always has
-        # the latest version.
-        #
-        # However, if it's a '.template' file, the user might have edited their
-        # local copy, and we don't want to override their changes.  So only
-        # copy .template files over if the user has no copy at all (i.e. if
-        # this is the first time they've started Dradis since this template was
-        # added.)
-        def skip?(file_path)
-          File.exist?(file_path) && File.extname(file_path) == ".template"
-        end
-      end
-    end
-  end
-end

data/spec/lib/dradis/plugins/template_service_spec.rb

@@ -1,28 +0,0 @@
-require 'rails_helper'
-
-# To run, execute from Dradis main app folder:
-#   bin/rspec [dradis-plugins path]/spec/lib/dradis/plugins/template_service_spec.rb
-describe Dradis::Plugins::TemplateService do
-  describe '#process_template' do
-    let(:data) { double }
-    let(:plugin) { Dradis::Plugins::Nessus }
-    let(:template_service) do
-      Dradis::Plugins::TemplateService.new(plugin: plugin)
-    end
-
-    context 'liquid' do
-      before do
-        allow(data).to receive(:name).and_return('ReportHost')
-        allow(template_service).to receive(:template_source).and_return(
-          "{% if issue.evidence %}\n{% end if %}"
-        )
-      end
-
-      it 'does not parse the liquid data as fields' do
-        expect(template_service).to_not receive(:fields)
-
-        template_service.process_template(data: data)
-      end
-    end
-  end
-end