dradis-plugins 4.15.0 → 4.17.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (10) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +8 -0
  3. data/app/controllers/concerns/dradis/plugins/exportable.rb +50 -0
  4. data/app/controllers/concerns/dradis/plugins/persistent_permissions.rb +10 -2
  5. data/app/controllers/dradis/plugins/export/base_controller.rb +5 -25
  6. data/lib/dradis/plugins/gem_version.rb +1 -1
  7. data/lib/dradis/plugins/settings/adapters/db.rb +6 -2
  8. data/lib/dradis/plugins/thor_helper.rb +1 -1
  9. data/lib/dradis/plugins/upload/importer.rb +1 -1
  10. metadata +3 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 66d3c74ccd3e2bfab6be839c13a701e9c10f40418c33375273f531afa3ef5245
4
- data.tar.gz: 41805afdf16f82a1281ba71ea3c15f11f5b7a3731340ce082c119fbc8588eda6
3
+ metadata.gz: ab80c138e39b3703d4f65fe3406c9aa876f2588b3bdbaa2f44a1f0fd7cae0e4b
4
+ data.tar.gz: 4a4ce3dc4c10a0ec9fb7d7206bbea7fe68c0775a34242657f578e15804922a77
5
5
  SHA512:
6
- metadata.gz: 8a694eb4175f310e71a5daabc3e83af7691bfd7b423025322a51bb8be32fae858e4a840b1084bc9d2851b86446f5dca521d4b6e0863e0adea9afb5a848bee289
7
- data.tar.gz: d94aef2e5f2383f7f1da9bc04e59c2c77464190c473c1132c17372fd3380d49e32bdb16ed6ba9b8c3aedc36b42887d0d81e5052adbe1ecf0b9ca666c8f3b65a5
6
+ metadata.gz: c9555248bb5697d70bcda15e6d7bc5e80281c611efe18a29b4dc3d75cf1f1afb09f369014a3eebce0afea2fc7246c02bad48e58bfd2cb01d3527bc508ebebaf5
7
+ data.tar.gz: 69d1ccd744a4af22b92e98eba0bff5b9a9d0b2bb304aa0b2ab0cdbea077a29354ad63c584cc706eae079fa12ea6e8480078ddaf2db0233779412e39556cdb42b
data/CHANGELOG.md CHANGED
@@ -1,3 +1,11 @@
1
+ v4.17.0 (July 2025)
2
+ - Add Exportable concern to house shared report export logic from Export::BaseController
3
+ - Only track report export when report is created
4
+
5
+ v4.16.0 (May 2025)
6
+ - Enable audit tracking for persistent permissions changes
7
+ - Default to draft state on tool upload
8
+
1
9
  v4.15.0 (December 2024)
2
10
  - No changes
3
11
 
data/app/controllers/concerns/dradis/plugins/exportable.rb ADDED
@@ -0,0 +1,50 @@
1
+ module Dradis
2
+ module Plugins
3
+ module Exportable
4
+ extend ActiveSupport::Concern
5
+
6
+ included do
7
+ before_action :set_exporter, only: [:create]
8
+ before_action :validate_scope, only: [:create]
9
+ before_action :validate_template, only: [:create]
10
+ end
11
+
12
+ private
13
+
14
+ def is_api?
15
+ controller_path.include?('api')
16
+ end
17
+
18
+ def set_exporter
19
+ raise NotImplementedError
20
+ end
21
+
22
+ def templates_dir
23
+ @templates_dir ||= File.join(::Configuration::paths_templates_reports, @exporter)
24
+ end
25
+
26
+ def validate_scope
27
+ unless Dradis::Plugins::ContentService::Base::VALID_SCOPES.include?(export_params[:scope])
28
+ if is_api?
29
+ render_json_error(Exception.new('Something fishy is going on...'), 422)
30
+ else
31
+ raise 'Something fishy is going on...'
32
+ end
33
+ end
34
+ end
35
+
36
+ def validate_template
37
+ @template_file =
38
+ File.expand_path(File.join(templates_dir, export_params[:template]))
39
+
40
+ unless @template_file.starts_with?(templates_dir) && File.exists?(@template_file)
41
+ if is_api?
42
+ render_json_error(Exception.new('Something fishy is going on...'), 422)
43
+ else
44
+ raise 'Something fishy is going on...'
45
+ end
46
+ end
47
+ end
48
+ end
49
+ end
50
+ end
data/app/controllers/concerns/dradis/plugins/persistent_permissions.rb CHANGED
@@ -3,13 +3,15 @@ module Dradis
3
3
  module PersistentPermissions
4
4
  extend ActiveSupport::Concern
5
5
 
6
+ include UsageTracking if defined?(Dradis::Pro)
7
+
6
8
  def update
7
9
  @user = User.authors.find(params[:id])
8
10
 
9
11
  Permission.transaction do
10
12
  Permission.where(component: self.class.component_name, user_id: params[:id]).destroy_all
11
13
 
12
- permissions_params[:permissions]&.each do |permission|
14
+ permission_params[:permissions]&.each do |permission|
13
15
  # Validate the permission being created is a valid value
14
16
  next unless self.class.permissions_validation.call(permission) if self.class.permissions_validation
15
17
 
@@ -21,12 +23,18 @@ module Dradis
21
23
  end
22
24
  end
23
25
 
26
+ track_usage(event_name, { id: params[:id], params: permission_params })
27
+
24
28
  redirect_to main_app.edit_admin_user_permissions_path(params[:id]), notice: "#{@user.name}'s permissions have been updated."
25
29
  end
26
30
 
27
31
  private
28
32
 
29
- def permissions_params
33
+ def event_name
34
+ "#{self.class.component_name}_permissions.updated"
35
+ end
36
+
37
+ def permission_params
30
38
  params.require(self.class.component_name).permit(permissions: [])
31
39
  end
32
40
 
data/app/controllers/dradis/plugins/export/base_controller.rb CHANGED
@@ -2,12 +2,11 @@ module Dradis
2
2
  module Plugins
3
3
  module Export
4
4
  class BaseController < Rails.application.config.dradis.base_export_controller_class_name.to_s.constantize
5
+ include Exportable
5
6
  include ProjectScoped
6
7
  include UsageTracking if defined?(Dradis::Pro)
7
8
 
8
- before_action :validate_scope
9
- before_action :validate_template
10
- after_action :track_export, if: -> { defined?(Dradis::Pro) }
9
+ after_action :track_export, only: [:create], if: -> { defined?(Dradis::Pro) }
11
10
 
12
11
  protected
13
12
 
@@ -15,35 +14,16 @@ module Dradis
15
14
  params.permit(:project_id, :scope, :template)
16
15
  end
17
16
 
18
- def validate_template
19
- @template_file =
20
- File.expand_path(File.join(templates_dir, export_params[:template]))
21
-
22
- unless @template_file.starts_with?(templates_dir) && File.exists?(@template_file)
23
- raise 'Something fishy is going on...'
24
- end
25
- end
26
-
27
- def validate_scope
28
- unless Dradis::Plugins::ContentService::Base::VALID_SCOPES.include?(export_params[:scope])
29
- raise 'Something fishy is going on...'
30
- end
31
- end
32
-
33
17
  private
34
18
 
35
- def engine_name
36
- "#{self.class.to_s.deconstantize}::Engine".constantize.plugin_name.to_s
37
- end
38
-
39
- def templates_dir
40
- @templates_dir ||= File.join(::Configuration::paths_templates_reports, engine_name)
19
+ def set_exporter
20
+ @exporter = "#{self.class.to_s.deconstantize}::Engine".constantize.plugin_name.to_s
41
21
  end
42
22
 
43
23
  def track_export
44
24
  project = Project.includes(:evidence, :nodes).find(current_project.id)
45
25
  track_usage('report.exported', {
46
- exporter: engine_name,
26
+ exporter: @exporter,
47
27
  issue_count: project.issues.size,
48
28
  evidence_count: project.evidence.size,
49
29
  node_count: project.nodes.in_tree.size
data/lib/dradis/plugins/gem_version.rb CHANGED
@@ -7,7 +7,7 @@ module Dradis
7
7
 
8
8
  module VERSION
9
9
  MAJOR = 4
10
- MINOR = 15
10
+ MINOR = 17
11
11
  TINY = 0
12
12
  PRE = nil
13
13
 
data/lib/dradis/plugins/settings/adapters/db.rb CHANGED
@@ -9,11 +9,11 @@ module Dradis::Plugins::Settings::Adapters
9
9
  end
10
10
 
11
11
  def exists?(key)
12
- Configuration.exists?(name: namespaced_key(key))
12
+ db_ready? && Configuration.exists?(name: namespaced_key(key))
13
13
  end
14
14
 
15
15
  def read(key)
16
- Configuration.find_by(name: namespaced_key(key))&.value
16
+ db_ready? && Configuration.find_by(name: namespaced_key(key))&.value
17
17
  end
18
18
 
19
19
  def write(key, value)
@@ -26,5 +26,9 @@ module Dradis::Plugins::Settings::Adapters
26
26
  def namespaced_key(key)
27
27
  [@namespace, key.to_s.underscore].join(':')
28
28
  end
29
+
30
+ def db_ready?
31
+ (ActiveRecord::Base.connection.verify! rescue false) && Configuration.table_exists?
32
+ end
29
33
  end
30
34
  end
data/lib/dradis/plugins/thor_helper.rb CHANGED
@@ -9,7 +9,7 @@ module Dradis
9
9
  end
10
10
 
11
11
  def task_options
12
- @task_options ||= { logger: logger, state: :published }
12
+ @task_options ||= { logger: logger, state: :draft }
13
13
  end
14
14
 
15
15
  def logger
data/lib/dradis/plugins/upload/importer.rb CHANGED
@@ -27,7 +27,7 @@ module Dradis
27
27
  @logger = args.fetch(:logger, Rails.logger)
28
28
  @plugin = args[:plugin] || default_plugin
29
29
  @project = args.key?(:project_id) ? Project.find(args[:project_id]) : nil
30
- @state = args.fetch(:state, :published)
30
+ @state = args.fetch(:state, :draft)
31
31
 
32
32
  @content_service = args.fetch(:content_service, default_content_service)
33
33
  @mapping_service = default_mapping_service
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dradis-plugins
3
3
  version: !ruby/object:Gem::Version
4
- version: 4.15.0
4
+ version: 4.17.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Daniel Martin
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2024-12-20 00:00:00.000000000 Z
11
+ date: 2025-07-22 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bundler
@@ -68,6 +68,7 @@ files:
68
68
  - LICENSE
69
69
  - README.md
70
70
  - Rakefile
71
+ - app/controllers/concerns/dradis/plugins/exportable.rb
71
72
  - app/controllers/concerns/dradis/plugins/persistent_permissions.rb
72
73
  - app/controllers/dradis/plugins/export/base_controller.rb
73
74
  - dradis-plugins.gemspec