dradis-plugins 4.7.0 → 4.8.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 8a55255c245e1ce6009d032fab79a582b05e760af0942ae7893ee7bb42af99dc
-  data.tar.gz: 350e48e4f5c7021339e0d542d7d9776bafaf44f78e23b3feae5e7f8e8d8e6d4f
+  metadata.gz: 3cba7a2e144b2d99cb1cb3ed6433424e6e46c0c9b2ac4b92ba44d2d8c18e22a5
+  data.tar.gz: 63fb037763ed258a8286c01a2430b4c61b8c70a3e79f5bf372f468a679c2dcb6
 SHA512:
-  metadata.gz: 91ee0fb58cc17d416a403dd60b9eeae6c106f16fdc4badeda6816f171f5154da7443b0c0b9d96964bf06d32a1f7b41f94db5e7d5c15f7bf3cb4c6ee0a773b643
-  data.tar.gz: 04af89b9742efb8803f8e8d9c934aea5fa9b38c0fa7dcf16fe0f1d23a270167ef1f2c2e46af93d9e00c47c20618467e07b862b03fb4765e799d45dbcbec8ed8b
+  metadata.gz: aae6bd486e5d39e78c7cef4731476ec3350a3dd73bd4dfac18061fd3dabd2a9d51a7045fd9c64a967c453000794d1d990a67f4d2ecc3bd77dc3b8646cfdd2039
+  data.tar.gz: 861a9ef7afdcc8450f13abde042710e25770c6edd9ed25d860703180a3b280bdcdf0aca4a7a8e780c3e259c529c1c96a21359ecd6c7c7286974365fadad61a5e

data/CHANGELOG.md

@@ -1,3 +1,6 @@
+v4.8.0 (April 2023)
+  - Add support for issue and content block states
+
 v4.7.0 (February 2023)
   - No changes
 

data/app/controllers/dradis/plugins/export/base_controller.rb

@@ -2,15 +2,18 @@ module Dradis
   module Plugins
     module Export
       class BaseController < Rails.application.config.dradis.base_export_controller_class_name.to_s.constantize
+        before_action :validate_scope
 
         protected
 
-        # Protected: allows export plugins to access the options sent from the
-        # framework via the session object (see Export#create).
-        #
-        # Returns a Hash with indifferent access.
-        def export_options
-          @export_options ||= session[:export_manager].with_indifferent_access
+        def export_params
+          params.permit(:project_id, :scope, :template)
+        end
+
+        def validate_scope
+          unless Dradis::Plugins::ContentService::Base::VALID_SCOPES.include?(params[:scope])
+            raise 'Something fishy is going on...'
+          end
         end
       end
     end

data/dradis-plugins.gemspec

@@ -20,8 +20,8 @@ Gem::Specification.new do |spec|
   spec.executables = spec.files.grep(%r{^bin/}).map{ |f| File.basename(f) }
   spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
 
-  spec.add_development_dependency 'bundler', '~> 1.6'
-  spec.add_development_dependency 'rake', '~> 10.0'
+  spec.add_development_dependency 'bundler', '>= 2.2.33'
+  spec.add_development_dependency 'rake', '>= 12.3.3'
   spec.add_development_dependency 'rspec-rails'
 
   # By not including Rails as a dependency, we can use the gem with different

data/lib/dradis/plugins/content_service/base.rb

@@ -10,6 +10,8 @@ require 'dradis/plugins/content_service/properties'
 
 module Dradis::Plugins::ContentService
   class Base
+    VALID_SCOPES = %w[all published].freeze
+
     include Core
 
     include Boards

data/lib/dradis/plugins/content_service/content_blocks.rb

@@ -3,23 +3,34 @@ module Dradis::Plugins::ContentService
     extend ActiveSupport::Concern
 
     def all_content_blocks
-      project.content_blocks
+      case scope
+      when :all
+        project.content_blocks
+      when :published
+        project.content_blocks.published
+      else
+        raise 'Unsupported scope!'
+      end
     end
 
     def create_content_block(args={})
       block_group    = args.fetch(:block_group, default_content_block_group)
       content        = args.fetch(:content, default_content_block_content)
+      state          = args.fetch(:state, :published)
       user_id        = args.fetch(:user_id)
 
       content_block = ContentBlock.new(
         content: content,
         block_group: block_group,
         project_id: project.id,
+        state: state,
         user_id: user_id
       )
 
       if content_block.valid?
         content_block.save
+
+        return content_block
       else
         try_rescue_from_length_validation(
           model: content_block,

data/lib/dradis/plugins/content_service/core.rb

@@ -3,7 +3,7 @@ module Dradis::Plugins::ContentService
     extend ActiveSupport::Concern
 
     included do
-      attr_accessor :logger, :plugin, :project
+      attr_accessor :logger, :plugin, :project, :scope
     end
 
     # ----------------------------------------------------------- Initializer
@@ -12,9 +12,11 @@ module Dradis::Plugins::ContentService
     # @option plugin [Class] the 'wrapper' module of a plugin, e.g.
     #     Dradis::Plugins::Nessus
     def initialize(args={})
-      @logger  = args.fetch(:logger, Rails.logger)
-      @plugin  = args.fetch(:plugin)
+      @logger = args.fetch(:logger, Rails.logger)
+      @plugin = args.fetch(:plugin)
       @project = args[:project]
+      @scope = args.fetch(:scope, :published)
+      @state = args[:state]
     end
 
     private

data/lib/dradis/plugins/content_service/issues.rb

@@ -3,7 +3,17 @@ module Dradis::Plugins::ContentService
     extend ActiveSupport::Concern
 
     def all_issues
-      project.issues.where(category_id: default_issue_category.id)
+      issues =
+        case scope
+        when :all
+          project.issues
+        when :published
+          project.issues.published
+        else
+          raise 'Unsupported scope!'
+        end
+
+      issues.where(category_id: default_issue_category.id)
     end
 
     def create_issue(args={})
@@ -11,6 +21,7 @@ module Dradis::Plugins::ContentService
       # NOTE that ID is the unique issue identifier assigned by the plugin,
       # and is not to be confused with the Issue#id primary key
       id   = args.fetch(:id, default_issue_id)
+      state = args.fetch(:state, @state)
 
       # Bail if we already have this issue in the cache
       uuid      = [plugin::Engine::plugin_name, id]
@@ -25,9 +36,10 @@ module Dradis::Plugins::ContentService
       text << plugin_details
 
       issue = Issue.new(text: text) do |i|
-        i.author   = default_author
-        i.node     = project.issue_library
+        i.author = default_author
+        i.node = project.issue_library
         i.category = default_issue_category
+        i.state = state
       end
 
       if issue.valid?

data/lib/dradis/plugins/export/base.rb

@@ -5,7 +5,7 @@ module Dradis
   module Plugins
     module Export
       class Base
-        attr_accessor :content_service, :logger, :options, :plugin, :project
+        attr_accessor :content_service, :logger, :options, :plugin, :project, :scope
 
         def initialize(args={})
           # Save everything just in case the implementing class needs any of it.
@@ -15,6 +15,7 @@ module Dradis
           @logger  = args.fetch(:logger, Rails.logger)
           @plugin  = args[:plugin] || default_plugin
           @project = args.key?(:project_id) ? Project.find(args[:project_id]) : nil
+          @scope = args.fetch(:scope, :published).to_sym
 
           @content_service = args.fetch(:content_service, default_content_service)
 
@@ -34,7 +35,8 @@ module Dradis
           @content ||= Dradis::Plugins::ContentService::Base.new(
             logger: logger,
             plugin: plugin,
-            project: project
+            project: project,
+            scope: scope
           )
         end
 

data/lib/dradis/plugins/gem_version.rb

@@ -7,7 +7,7 @@ module Dradis
 
     module VERSION
       MAJOR = 4
-      MINOR = 7
+      MINOR = 8
       TINY  = 0
       PRE   = nil
 

data/lib/dradis/plugins/thor_helper.rb

@@ -9,7 +9,7 @@ module Dradis
       end
 
       def task_options
-        @task_options ||= { logger: logger }
+        @task_options ||= { logger: logger, state: :published }
       end
 
       def logger

data/lib/dradis/plugins/upload/importer.rb

@@ -12,6 +12,7 @@ module Dradis
           :options,
           :plugin,
           :project,
+          :state,
           :template_service
         )
 
@@ -22,10 +23,11 @@ module Dradis
         def initialize(args={})
           @options = args
 
-          @logger  = args.fetch(:logger, Rails.logger)
-          @plugin  = args[:plugin] || default_plugin
-          @project = args.key?(:project_id) ? Project.find(args[:project_id]) : nil
           @default_user_id = args[:default_user_id] || -1
+          @logger = args.fetch(:logger, Rails.logger)
+          @plugin = args[:plugin] || default_plugin
+          @project = args.key?(:project_id) ? Project.find(args[:project_id]) : nil
+          @state = args.fetch(:state, :published)
 
           @content_service  = args.fetch(:content_service, default_content_service)
           @template_service = args.fetch(:template_service, default_template_service)
@@ -46,7 +48,8 @@ module Dradis
           @content ||= Dradis::Plugins::ContentService::Base.new(
             logger: logger,
             plugin: plugin,
-            project: project
+            project: project,
+            state: state
           )
         end
 

data/spec/lib/dradis/plugins/content_service/content_blocks_spec.rb

@@ -0,0 +1,29 @@
+require 'rails_helper'
+
+# To run, execute from Dradis Pro main app folder:
+#   bin/rspec [dradis-plugins path]/spec/lib/dradis/plugins/content_service/content_blocks_spec.rb
+
+describe 'Content Block content service' do
+  let(:plugin) { Dradis::Plugins::Nessus }
+  let(:plugin_id) { '111' }
+  let(:project) { create(:project) }
+  let(:service) do
+    Dradis::Plugins::ContentService::Base.new(
+      plugin: plugin,
+      logger: Rails.logger,
+      project: project
+    )
+  end
+
+  describe '#all_content_blocks' do
+    before do
+      @draft_content = create_list(:content_block, 10, project: project, state: :draft)
+      @review_content = create_list(:content_block, 10, project: project, state: :ready_for_review)
+      @published_content = create_list(:content_block, 10, project: project, state: :published)
+    end
+
+    it 'returns only the published content blocks' do
+      expect(service.all_content_blocks.to_a).to match_array(@published_content)
+    end
+  end
+end

data/spec/lib/dradis/plugins/content_service/issues_spec.rb

@@ -1,11 +1,11 @@
 require 'rails_helper'
 
-# These specs are coming from engines/dradispro-rules/spec/content_service_spec.rb
 # To run, execute from Dradis main app folder:
 #   bin/rspec [dradis-plugins path]/spec/lib/dradis/plugins/content_service/issues_spec.rb
 
-describe Dradis::Plugins::ContentService::Base do
-  let(:plugin)  { Dradis::Plugins::Nessus }
+describe 'Issues content service' do
+  let(:plugin) { Dradis::Plugins::Nessus }
+  let(:plugin_id) { '111' }
   let(:project) { create(:project) }
   let(:service) do
     Dradis::Plugins::ContentService::Base.new(
@@ -17,47 +17,39 @@ describe Dradis::Plugins::ContentService::Base do
 
   describe 'Issues' do
     let(:create_issue) do
-      service.create_issue_without_callback(id: plugin_id)
+      service.create_issue(text: "#[Title]#\nTest Issue\n", id: plugin_id, state: :ready_for_review)
     end
 
-    # Remember: even though we're calling create_issue_without_callback,
-    # that method will still call issue_cache_with_callback internally.
-    # So when we store an issue in the issue_cache/finding_cache below,
-    # it's being stored within an instance of FindingCache, which
-    # automatically wraps Issues in Findings.
-
     describe 'when the issue already exists in the cache' do
-      let(:existing_issue) { create(:issue, text: cached_issue_text) }
-      before { cache.store(existing_issue) }
-
-      it "doesn't create a new issue" do
-        expect{create_issue}.not_to change{Issue.count}
+      before do
+        issue = create(:issue, text: "#[Title]#\nTest Issue\n", id: plugin_id)
+        service.issue_cache.store("nessus-#{plugin_id}", issue)
       end
 
-      it 'returns the cached issue encapsulated in a finding' do
-        finding = create_issue
-        expect(finding).to be_a(Finding)
-        expect(finding).to eq Finding.from_issue(existing_issue)
+      it 'does not create a new issue' do
+        expect { create_issue }.not_to change { Issue.count }
       end
     end
 
     describe "when the issue doesn't already exist in the cache" do
       it "creates a new Issue containing 'plugin' and 'plugin_id'" do
         new_issue = nil
-        expect{new_issue = create_issue}.to change{Issue.count}.by(1)
-        expect(new_issue.body).to match(/#\[plugin\]#\n*#{plugin_name}/)
-        expect(new_issue.body).to match(/#\[plugin_id\]#\n*#{plugin_id}/)
+        plugin_name = "#{plugin}::Engine".constantize.plugin_name
+        expect { new_issue = create_issue }.to change { Issue.count }.by(1)
+        expect(new_issue.text).to match(/#\[plugin\]#\n*#{plugin_name}/)
+        expect(new_issue.text).to match(/#\[plugin_id\]#\n*#{plugin_id}/)
       end
+    end
 
-      it 'returns the new Issue encapsulated in a Finding' do
-        finding = create_issue
-        expect(finding).to be_a(Finding)
-        expect(finding).to eq Finding.from_issue(Issue.last)
+    describe '#all_issues' do
+      before do
+        @draft_issues = create_list(:issue, 10, project: project, state: :draft)
+        @review_issues = create_list(:issue, 10, project: project, state: :ready_for_review)
+        @published_issues = create_list(:issue, 10, project: project, state: :published)
       end
 
-      it 'adds the new Finding to the cache' do
-        finding = create_issue
-        expect(cache[cache_key]).to eq finding
+      it 'returns only the published issues' do
+        expect(service.all_issues.to_a).to match_array(@published_issues)
       end
     end
   end

metadata

@@ -1,43 +1,43 @@
 --- !ruby/object:Gem::Specification
 name: dradis-plugins
 version: !ruby/object:Gem::Version
-  version: 4.7.0
+  version: 4.8.0
 platform: ruby
 authors:
 - Daniel Martin
-autorequire: 
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-02-20 00:00:00.000000000 Z
+date: 2023-04-12 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '1.6'
+        version: 2.2.33
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '1.6'
+        version: 2.2.33
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '10.0'
+        version: 12.3.3
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '10.0'
+        version: 12.3.3
 - !ruby/object:Gem::Dependency
   name: rspec-rails
   requirement: !ruby/object:Gem::Requirement
@@ -106,6 +106,7 @@ files:
 - spec/engine_spec.rb
 - spec/internal/log/test.log
 - spec/lib/dradis/plugins/content_service/boards_spec.rb
+- spec/lib/dradis/plugins/content_service/content_blocks_spec.rb
 - spec/lib/dradis/plugins/content_service/issues_spec.rb
 - spec/settings_spec.rb
 - spec/spec_helper.rb
@@ -113,7 +114,7 @@ homepage: http://dradisframework.org
 licenses:
 - GPL-2
 metadata: {}
-post_install_message: 
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -128,14 +129,15 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.1.4
-signing_key: 
+rubygems_version: 3.3.7
+signing_key:
 specification_version: 4
 summary: Plugin manager for the Dradis Framework project.
 test_files:
 - spec/engine_spec.rb
 - spec/internal/log/test.log
 - spec/lib/dradis/plugins/content_service/boards_spec.rb
+- spec/lib/dradis/plugins/content_service/content_blocks_spec.rb
 - spec/lib/dradis/plugins/content_service/issues_spec.rb
 - spec/settings_spec.rb
 - spec/spec_helper.rb