dradis-plugins 4.9.0 → 4.11.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.github/pull_request_template.md +45 -0
- data/CHANGELOG.md +7 -0
- data/README.md +2 -2
- data/app/controllers/dradis/plugins/export/base_controller.rb +35 -1
- data/dradis-plugins.gemspec +3 -4
- data/lib/dradis/plugins/gem_version.rb +1 -1
- data/lib/dradis/plugins/template_service.rb +5 -7
- data/spec/lib/dradis/plugins/template_service_spec.rb +28 -0
- metadata +10 -8
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: b275df2487d66dae267758c2e2d95b41fd7364769804fff82cc9221a916c031d
|
4
|
+
data.tar.gz: 806cd8a53d29ae2d43ec053c7ae2304185d3ca7ae7b419e7668144263814e978
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: dfb8b301121edb09990744c2cb43bf17d82d00055140219188f6f75123f73db112a74236be2b4302124be96b6105961f19e2d00a02497ff0f63c056039c9b690
|
7
|
+
data.tar.gz: fd04af3f6aa47766507c71d1d30331f000ec26ee65e17ac14f1e9259f822763c58238f241c02c00df7914e85f78e1fb047de098111c440c866e4ebe3aa9376b6
|
@@ -0,0 +1,45 @@
|
|
1
|
+
Please review [CONTRIBUTING.md](https://github.com/dradis/dradis-ce/blob/develop/CONTRIBUTING.md) and remove this line.
|
2
|
+
|
3
|
+
### Summary
|
4
|
+
|
5
|
+
Provide a general description of the code changes in your pull
|
6
|
+
request... were there any bugs you had fixed? If so, mention them. If
|
7
|
+
these bugs have open GitHub issues, be sure to tag them here as well,
|
8
|
+
to keep the conversation linked together.
|
9
|
+
|
10
|
+
|
11
|
+
### Testing Steps
|
12
|
+
|
13
|
+
Provide steps to test functionality, described in detail for someone not familiar with this part of the application / code base
|
14
|
+
|
15
|
+
|
16
|
+
### Other Information
|
17
|
+
|
18
|
+
If there's anything else that's important and relevant to your pull
|
19
|
+
request, mention that information here. This could include
|
20
|
+
benchmarks, or other information.
|
21
|
+
|
22
|
+
Thanks for contributing to Dradis!
|
23
|
+
|
24
|
+
|
25
|
+
### Copyright assignment
|
26
|
+
|
27
|
+
Collaboration is difficult with commercial closed source but we want
|
28
|
+
to keep as much of the OSS ethos as possible available to users
|
29
|
+
who want to fix it themselves.
|
30
|
+
|
31
|
+
In order to unambiguously own and sell Dradis Framework commercial
|
32
|
+
products, we must have the copyright associated with the entire
|
33
|
+
codebase. Any code you create which is merged must be owned by us.
|
34
|
+
That's not us trying to be a jerks, that's just the way it works.
|
35
|
+
|
36
|
+
You can delete this section, but the following sentence needs to
|
37
|
+
remain in the PR's description:
|
38
|
+
|
39
|
+
> I assign all rights, including copyright, to any future Dradis
|
40
|
+
> work by myself to Security Roots.
|
41
|
+
|
42
|
+
### Check List
|
43
|
+
|
44
|
+
- [ ] Added a CHANGELOG entry
|
45
|
+
- [ ] Added specs
|
data/CHANGELOG.md
CHANGED
data/README.md
CHANGED
@@ -13,12 +13,12 @@ The add-on requires [Dradis CE](https://dradisframework.org/) > 3.0, or [Dradis
|
|
13
13
|
|
14
14
|
## More information
|
15
15
|
|
16
|
-
See the Dradis Framework's [README.md](https://github.com/dradis/
|
16
|
+
See the Dradis Framework's [README.md](https://github.com/dradis/dradis-ce/blob/develop/README.md)
|
17
17
|
|
18
18
|
|
19
19
|
## Contributing
|
20
20
|
|
21
|
-
See the Dradis Framework's [CONTRIBUTING.md](https://github.com/dradis/
|
21
|
+
See the Dradis Framework's [CONTRIBUTING.md](https://github.com/dradis/dradis-ce/blob/develop/CONTRIBUTING.md)
|
22
22
|
|
23
23
|
|
24
24
|
## License
|
@@ -2,7 +2,12 @@ module Dradis
|
|
2
2
|
module Plugins
|
3
3
|
module Export
|
4
4
|
class BaseController < Rails.application.config.dradis.base_export_controller_class_name.to_s.constantize
|
5
|
+
include ProjectScoped
|
6
|
+
include UsageTracking if defined?(Dradis::Pro)
|
7
|
+
|
5
8
|
before_action :validate_scope
|
9
|
+
before_action :validate_template
|
10
|
+
after_action :track_export, if: -> { defined?(Dradis::Pro) }
|
6
11
|
|
7
12
|
protected
|
8
13
|
|
@@ -10,11 +15,40 @@ module Dradis
|
|
10
15
|
params.permit(:project_id, :scope, :template)
|
11
16
|
end
|
12
17
|
|
18
|
+
def validate_template
|
19
|
+
@template_file =
|
20
|
+
File.expand_path(File.join(templates_dir, export_params[:template]))
|
21
|
+
|
22
|
+
unless @template_file.starts_with?(templates_dir) && File.exists?(@template_file)
|
23
|
+
raise 'Something fishy is going on...'
|
24
|
+
end
|
25
|
+
end
|
26
|
+
|
13
27
|
def validate_scope
|
14
|
-
unless Dradis::Plugins::ContentService::Base::VALID_SCOPES.include?(
|
28
|
+
unless Dradis::Plugins::ContentService::Base::VALID_SCOPES.include?(export_params[:scope])
|
15
29
|
raise 'Something fishy is going on...'
|
16
30
|
end
|
17
31
|
end
|
32
|
+
|
33
|
+
private
|
34
|
+
|
35
|
+
def engine_name
|
36
|
+
"#{self.class.to_s.deconstantize}::Engine".constantize.plugin_name.to_s
|
37
|
+
end
|
38
|
+
|
39
|
+
def templates_dir
|
40
|
+
@templates_dir ||= File.join(::Configuration::paths_templates_reports, engine_name)
|
41
|
+
end
|
42
|
+
|
43
|
+
def track_export
|
44
|
+
project = Project.includes(:evidence, :nodes).find(current_project.id)
|
45
|
+
track_usage('report.exported', {
|
46
|
+
exporter: engine_name,
|
47
|
+
issue_count: project.issues.size,
|
48
|
+
evidence_count: project.evidence.size,
|
49
|
+
node_count: project.nodes.in_tree.size
|
50
|
+
})
|
51
|
+
end
|
18
52
|
end
|
19
53
|
end
|
20
54
|
end
|
data/dradis-plugins.gemspec
CHANGED
@@ -4,7 +4,7 @@ require 'dradis/plugins/version'
|
|
4
4
|
|
5
5
|
# Describe your gem and declare its dependencies:
|
6
6
|
Gem::Specification.new do |spec|
|
7
|
-
spec.platform
|
7
|
+
spec.platform = Gem::Platform::RUBY
|
8
8
|
spec.name = 'dradis-plugins'
|
9
9
|
spec.version = Dradis::Plugins::VERSION::STRING
|
10
10
|
spec.summary = 'Plugin manager for the Dradis Framework project.'
|
@@ -13,11 +13,10 @@ Gem::Specification.new do |spec|
|
|
13
13
|
spec.license = 'GPL-2'
|
14
14
|
|
15
15
|
spec.authors = ['Daniel Martin']
|
16
|
-
spec.
|
17
|
-
spec.homepage = 'http://dradisframework.org'
|
16
|
+
spec.homepage = 'http://dradis.com/ce/'
|
18
17
|
|
19
18
|
spec.files = `git ls-files`.split($\)
|
20
|
-
spec.executables = spec.files.grep(%r{^bin/}).map{ |f| File.basename(f) }
|
19
|
+
spec.executables = spec.files.grep(%r{^bin/}).map { |f| File.basename(f) }
|
21
20
|
spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
|
22
21
|
|
23
22
|
spec.add_development_dependency 'bundler'
|
@@ -3,21 +3,20 @@ module Dradis
|
|
3
3
|
class TemplateService
|
4
4
|
attr_accessor :logger, :template, :templates_dir
|
5
5
|
|
6
|
-
def initialize(args={})
|
6
|
+
def initialize(args = {})
|
7
7
|
@plugin = args.fetch(:plugin)
|
8
8
|
@templates_dir = args[:templates_dir] || default_templates_dir
|
9
9
|
end
|
10
10
|
|
11
|
-
|
12
11
|
# For a given entry, return a text blob resulting from applying the
|
13
12
|
# chosen template to the supplied entry.
|
14
|
-
def process_template(args={})
|
13
|
+
def process_template(args = {})
|
15
14
|
self.template = args[:template]
|
16
15
|
data = args[:data]
|
17
16
|
|
18
17
|
processor = @plugin::FieldProcessor.new(data: data)
|
19
18
|
|
20
|
-
template_source.gsub(
|
19
|
+
template_source.gsub(/%(\S*?)%/) do |field|
|
21
20
|
name = field[1..-2]
|
22
21
|
if fields.include?(name)
|
23
22
|
processor.value(field: name)
|
@@ -27,7 +26,6 @@ module Dradis
|
|
27
26
|
end
|
28
27
|
end
|
29
28
|
|
30
|
-
|
31
29
|
# ---------------------------------------------- Plugin Manager interface
|
32
30
|
|
33
31
|
# This lists the fields defined by this plugin that can be used in the
|
@@ -51,7 +49,7 @@ module Dradis
|
|
51
49
|
|
52
50
|
# Set the plugin's item template. This is used by the Plugins Manager
|
53
51
|
# to force the plugin to use the new_template (provided by the user)
|
54
|
-
def set_template(args={})
|
52
|
+
def set_template(args = {})
|
55
53
|
template = args[:template]
|
56
54
|
content = args[:content]
|
57
55
|
|
@@ -77,7 +75,7 @@ module Dradis
|
|
77
75
|
# refresh cached version if modified since last read
|
78
76
|
if template_mtime > @sources[template][:mtime]
|
79
77
|
@template[template][:mtime] = template_mtime
|
80
|
-
@template[template][:content] = File.read(
|
78
|
+
@template[template][:content] = File.read(template_file)
|
81
79
|
end
|
82
80
|
else
|
83
81
|
@sources[template] = {
|
@@ -0,0 +1,28 @@
|
|
1
|
+
require 'rails_helper'
|
2
|
+
|
3
|
+
# To run, execute from Dradis main app folder:
|
4
|
+
# bin/rspec [dradis-plugins path]/spec/lib/dradis/plugins/template_service_spec.rb
|
5
|
+
describe Dradis::Plugins::TemplateService do
|
6
|
+
describe '#process_template' do
|
7
|
+
let(:data) { double }
|
8
|
+
let(:plugin) { Dradis::Plugins::Nessus }
|
9
|
+
let(:template_service) do
|
10
|
+
Dradis::Plugins::TemplateService.new(plugin: plugin)
|
11
|
+
end
|
12
|
+
|
13
|
+
context 'liquid' do
|
14
|
+
before do
|
15
|
+
allow(data).to receive(:name).and_return('ReportHost')
|
16
|
+
allow(template_service).to receive(:template_source).and_return(
|
17
|
+
"{% if issue.evidence %}\n{% end if %}"
|
18
|
+
)
|
19
|
+
end
|
20
|
+
|
21
|
+
it 'does not parse the liquid data as fields' do
|
22
|
+
expect(template_service).to_not receive(:fields)
|
23
|
+
|
24
|
+
template_service.process_template(data: data)
|
25
|
+
end
|
26
|
+
end
|
27
|
+
end
|
28
|
+
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: dradis-plugins
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 4.
|
4
|
+
version: 4.11.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Daniel Martin
|
8
|
-
autorequire:
|
8
|
+
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2024-01-17 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: bundler
|
@@ -54,11 +54,11 @@ dependencies:
|
|
54
54
|
version: '0'
|
55
55
|
description: Required dependency for Dradis Framework.
|
56
56
|
email:
|
57
|
-
- etd@nomejortu.com
|
58
57
|
executables: []
|
59
58
|
extensions: []
|
60
59
|
extra_rdoc_files: []
|
61
60
|
files:
|
61
|
+
- ".github/pull_request_template.md"
|
62
62
|
- ".gitignore"
|
63
63
|
- ".rspec"
|
64
64
|
- CHANGELOG.md
|
@@ -111,13 +111,14 @@ files:
|
|
111
111
|
- spec/lib/dradis/plugins/content_service/content_blocks_spec.rb
|
112
112
|
- spec/lib/dradis/plugins/content_service/issues_spec.rb
|
113
113
|
- spec/lib/dradis/plugins/settings/adapters/encrypted_configuration_spec.rb
|
114
|
+
- spec/lib/dradis/plugins/template_service_spec.rb
|
114
115
|
- spec/settings_spec.rb
|
115
116
|
- spec/spec_helper.rb
|
116
|
-
homepage: http://
|
117
|
+
homepage: http://dradis.com/ce/
|
117
118
|
licenses:
|
118
119
|
- GPL-2
|
119
120
|
metadata: {}
|
120
|
-
post_install_message:
|
121
|
+
post_install_message:
|
121
122
|
rdoc_options: []
|
122
123
|
require_paths:
|
123
124
|
- lib
|
@@ -132,8 +133,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
132
133
|
- !ruby/object:Gem::Version
|
133
134
|
version: '0'
|
134
135
|
requirements: []
|
135
|
-
rubygems_version: 3.
|
136
|
-
signing_key:
|
136
|
+
rubygems_version: 3.3.7
|
137
|
+
signing_key:
|
137
138
|
specification_version: 4
|
138
139
|
summary: Plugin manager for the Dradis Framework project.
|
139
140
|
test_files:
|
@@ -143,5 +144,6 @@ test_files:
|
|
143
144
|
- spec/lib/dradis/plugins/content_service/content_blocks_spec.rb
|
144
145
|
- spec/lib/dradis/plugins/content_service/issues_spec.rb
|
145
146
|
- spec/lib/dradis/plugins/settings/adapters/encrypted_configuration_spec.rb
|
147
|
+
- spec/lib/dradis/plugins/template_service_spec.rb
|
146
148
|
- spec/settings_spec.rb
|
147
149
|
- spec/spec_helper.rb
|