dradis-plugins 3.0.0 → 3.5.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: ad5a0f1011a150397c1378acfe17ae79dfcc7118
-  data.tar.gz: 5a9b942df578368054a859030a42ab5e752d2369
+  metadata.gz: 74496768f4fd445889de85903ef1470ea133c87f
+  data.tar.gz: 71a03d2ef7b24237a75f87b3ee9295afb963b0ec
 SHA512:
-  metadata.gz: c030f8c2e6a87f50a053100cf4f11343ff88958a719b7c81cabc8c8ec907cbb627df25a2b6c6aa890d1137fe27eb1c1787b1002425d24a0a71bd3efee83064ec
-  data.tar.gz: 58508d65a5d4cdd27c1bfd6263929533627569355f3a1185e28503e782f0ac3cd640d8e1e76f30f86047f7c3bc07feb9a22ccda8c3e9584e3ad87f00e87e7cdf
+  metadata.gz: 8f1d927b2727a5e010fcd889a37fc858520b309ab89decf49d4c32d222fe60a0654a05b9a5ad5a7f9d2d14616cf0383c8827325f100272bc8b30834354f42b35
+  data.tar.gz: 48f722e8962d1f4a07e26b5d975fe2b98097c7b666c0255e6424ceafc67f8f635c7925719b55d41c792265347cfe7afd190eb960bff84da3c69d5fd6d88bcba8

data/.rspec

@@ -0,0 +1,2 @@
+--color
+-f d

data/README.md

@@ -1,12 +1,12 @@
 # Plugin manager for the Dradis Framework
 
-[![Build Status](https://secure.travis-ci.org/dradis/dradis-plugins.png?branch=master)](http://travis-ci.org/dradis/dradis-plugins)
+[![Build Status](https://secure.travis-ci.org/dradis/dradis-plugins.png?branch=master)](http://travis-ci.org/dradis/dradis-plugins) [![Code Climate](https://codeclimate.com/github/dradis/dradis-plugins.png)](https://codeclimate.com/github/dradis/dradis-plugins.png)
 
 This gem contains the base classes needed to manage the plugins in Dradis.
 
 The Dradis 3 gemified plugin Engines need to include Dradis::Plugins::Base which is defined in this class.
 
-Warning, we me end up merging this gem with Dradis::Core!!
+Warning, we may end up merging this gem with Dradis::Core!!
 
 The plugin requires Dradis 3.0 or higher.
 
@@ -22,4 +22,4 @@ See the Dradis Framework's [CONTRIBUTING.md](https://github.com/dradis/dradisfra
 
 ## License
 
-Dradis Framework and all its components are released under [GNU General Public License version 2.0](http://www.gnu.org/licenses/old-licenses/gpl-2.0.html) as published by the Free Software Foundation and appearing in the file LICENSE included in the packaging of this file.
+Dradis Framework and all its components are released under [GNU General Public License version 2.0](http://www.gnu.org/licenses/old-licenses/gpl-2.0.html) as published by the Free Software Foundation and appearing in the file LICENSE included in the packaging of this file.

data/app/controllers/dradis/plugins/export/base_controller.rb

@@ -0,0 +1,9 @@
+module Dradis
+  module Plugins
+    module Export
+      class BaseController < Dradis::Plugins::base_export_controller_class.to_s.constantize
+
+      end
+    end
+  end
+end

data/dradis-plugins.gemspec

@@ -22,6 +22,7 @@ Gem::Specification.new do |spec|
 
   spec.add_development_dependency 'bundler', '~> 1.6'
   spec.add_development_dependency 'rake', '~> 10.0'
+  spec.add_development_dependency 'rspec-rails'
 
   # By not including Rails as a dependency, we can use the gem with different
   # versions of Rails (a sure recipe for disaster, I'm sure), which is needed

data/lib/dradis/plugins.rb

@@ -1,53 +1,11 @@
-require 'dradis/plugins/engine'
-require 'dradis/plugins/version'
-
-require 'dradis/plugins/content_service'
-require 'dradis/plugins/template_service'
-
-require 'dradis/plugins/export'
-require 'dradis/plugins/import'
-require 'dradis/plugins/upload'
-
-require 'dradis/plugins/templates'
-
 module Dradis
   module Plugins
-    module Base
-      def self.included(base)
-        base.extend ClassMethods
-        base.class_eval do
-          # mattr_accessor :plugin_name
-
-          @features = []
-          @name = 'Use plugin_info(args) with :name to provide a name for this plugin.'
-          Plugins::register(self)
-        end
-
-        # Extend the engine with other functionality
-        base.send :include, Dradis::Plugins::Templates
-      end
-
-      module ClassMethods
-        def description(new_description)
-          @description = new_description
-        end
-
-        def plugin_description
-          @description ||= "This plugin doesn't provide a :description"
-        end
+    mattr_accessor :configuration_class
+    mattr_accessor :base_export_controller_class
+    mattr_accessor :thor_helper_module
 
-        def plugin_name
-          self.name.split('::')[2].underscore.to_sym
-        end
-
-        def provides(*list)
-          @features = list
-        end
-
-        def provides?(feature)
-          @features.include?(feature)
-        end
-      end
+    def self.setup(&block)
+      yield self
     end
 
     class << self
@@ -108,4 +66,23 @@ module Dradis
       end
     end
   end
-end
+end
+
+
+require 'dradis/plugins/engine'
+require 'dradis/plugins/version'
+
+require 'dradis/plugins/content_service'
+require 'dradis/plugins/template_service'
+
+require 'dradis/plugins/base'
+require 'dradis/plugins/export'
+require 'dradis/plugins/import'
+require 'dradis/plugins/upload'
+
+# Common functionality
+require 'dradis/plugins/configurable'
+require 'dradis/plugins/settings'
+require 'dradis/plugins/templates'
+require 'dradis/plugins/thor'
+require 'dradis/plugins/thor_helper'

data/lib/dradis/plugins/base.rb

@@ -0,0 +1,45 @@
+module Dradis
+  module Plugins
+    module Base
+      extend ActiveSupport::Concern
+
+      included do
+        # mattr_accessor :plugin_name
+
+        @features = []
+        @name = 'Use plugin_info(args) with :name to provide a name for this plugin.'
+        Plugins::register(self)
+
+        # Extend the engine with other functionality
+        include Dradis::Plugins::Configurable
+        include Dradis::Plugins::Templates
+        include Dradis::Plugins::Thor
+      end
+
+      module ClassMethods
+        def description(new_description)
+          @description = new_description
+        end
+
+        def plugin_description
+          @description ||= "This plugin doesn't provide a :description"
+        end
+
+        def plugin_name
+          @plugin_name ||= self.name.split('::')[-2].underscore.to_sym
+        end
+
+        def provides(*list)
+          @features = list
+          if list.include?(:upload)
+            include Dradis::Plugins::Upload::Base
+          end
+        end
+
+        def provides?(feature)
+          @features.include?(feature)
+        end
+      end
+    end
+  end
+end

data/lib/dradis/plugins/configurable.rb

@@ -0,0 +1,26 @@
+module Dradis::Plugins
+  module Configurable
+    extend ActiveSupport::Concern
+
+    module ClassMethods
+      delegate :settings, to: :instance
+
+      def settings_namespace
+        @settings_namespace || plugin_name
+      end
+
+      def addon_settings(namespace = nil, &block)
+        @settings_namespace = namespace if namespace
+        yield self if block_given?
+      end
+
+      def instance
+        @instance ||= new
+      end
+    end
+
+    def settings
+      @settings ||= Dradis::Plugins::Settings.new(self.class.settings_namespace)
+    end
+  end
+end

data/lib/dradis/plugins/content_service.rb

@@ -3,8 +3,21 @@ module Dradis
     class ContentService
       attr_accessor :logger, :plugin
 
+      # ----------------------------------------------------------- Initializer
+      #
+
+      # @option plugin [Class] the 'wrapper' module of a plugin, e.g.
+      #     Dradis::Plugins::Nessus
       def initialize(args={})
-        @plugin = args[:plugin]
+        self.plugin = args.fetch(:plugin)
+        self.logger = args[:logger]
+      end
+
+
+      # ------------------------------------------------------ Query operations
+
+      def all_issues
+        class_for(:issue).where(category_id: default_issue_category.id)
       end
 
       # Create a hash with all issues where the keys correspond to the field passed
@@ -12,26 +25,56 @@ module Dradis
       #
       # This is use by the plugins to check whether a given issue is already in
       # the project.
-      def all_issues_by_field(field)
-        # we don't memoize it because we want it to reflect recently added Issues
-        klass = class_for(:issue)
-
-        issues_map = klass.where(category_id: default_issue_category.id).map do |issue|
-          [issue.fields[field], issue]
+      # def all_issues_by_field(field)
+      #   # we don't memoize it because we want it to reflect recently added Issues
+      #   klass = class_for(:issue)
+      #
+      #   issues_map = klass.where(category_id: default_issue_category.id).map do |issue|
+      #     [issue.fields[field], issue]
+      #   end
+      #   Hash[issues_map]
+      # end
+
+      # Accesing the library by primary sorting key. Raise an exception unless
+      # the issue library cache has been initialized.
+      def issue_cache
+        @issue_cache ||= begin
+          klass = class_for(:issue)
+
+          issues_map = klass.where(category_id: default_issue_category.id).map do |issue|
+            cache_key = [
+              issue.fields['plugin'],
+              issue.fields['plugin_id']
+            ].join('-')
+
+            [cache_key, issue]
+          end
+          Hash[issues_map]
         end
-        Hash[issues_map]
       end
 
+      def all_notes
+        class_for(:note).where(category_id: class_for(:category).report.id)
+      end
+
+      # ----------------------------------------------------- Create operations
+      #
 
       def create_node(args={})
-        label   = args[:label] || "create_node() invoked by #{plugin} without a :label parameter"
-        parent  = args[:parent] || default_parent_node
+        label    = args[:label]  || "create_node() invoked by #{plugin} without a :label parameter"
+        parent   = args[:parent] || default_parent_node
+
         type_id = begin
-          tmp_type = args[:type].to_s.upcase
-          class_for(:node)::Types::const_defined?(tmp_type) ? "#{class_for(:node)::Types}::#{tmp_type}".constantize : default_node_type
+          if args[:type]
+            tmp_type = args[:type].to_s.upcase
+            class_for(:node)::Types::const_defined?(tmp_type) ? "#{class_for(:node)::Types}::#{tmp_type}".constantize : default_node_type
+          else
+            default_node_type
+          end
         end
 
         # FIXME: how ugly is this?
+        # UPGRADE: Rails 4 find_or_create_by_
         if Rails::VERSION::MAJOR == 3
           parent.children.find_or_create_by_label_and_type_id(label, type_id)
         else
@@ -43,20 +86,45 @@ module Dradis
         node = args[:node] || default_parent_node
         text = args[:text] || "create_note() invoked by #{plugin} without a :text parameter"
 
-        node.notes.create text: text, category: default_note_category, author: default_author
+        note = node.notes.new(text: text, category: default_note_category, author: default_author)
+        if note.valid?
+          note.save
+        else
+          try_rescue_from_length_validation(model: note, field: :text, text: text, msg: 'Error in create_note()')
+        end
+
+        note
       end
 
       def create_issue(args={})
         text = args[:text] || "create_issue() invoked by #{plugin} without a :text parameter"
+        # NOTE that ID is the unique issue identifier assigned by the plugin,
+        # and is not to be confused with the Issue#id primary key
+        id   = args[:id]   || "create_issue() invoked by #{plugin} without an :id parameter"
+
+        # Bail if we already have this issue in the cache
+        uuid      = [plugin::Engine::plugin_name, id]
+        cache_key = uuid.join('-')
+
+        return issue_cache[cache_key] if issue_cache.key?(cache_key)
 
-        # we inject the source Plugin into the issue's text
-        text << "\n\n#[plugin]#\n#{plugin::Engine::plugin_name}\n"
+        # we inject the source Plugin and unique ID into the issue's text
+        text << "\n\n#[plugin]#\n#{uuid[0]}\n"
+        text << "\n\n#[plugin_id]#\n#{uuid[1]}\n"
 
-        class_for(:issue).create(text: text) do |i|
+        issue = class_for(:issue).new(text: text) do |i|
           i.author   = default_author
           i.node     = issuelib
           i.category = default_issue_category
         end
+
+        if issue.valid?
+          issue.save
+        else
+          try_rescue_from_length_validation(model: issue, field: :text, text: text, msg: 'Error in create_issue()')
+        end
+
+        issue_cache.store(cache_key, issue)
       end
 
       def create_evidence(args={})
@@ -64,15 +132,22 @@ module Dradis
         node    = args[:node] || default_parent_node
         issue   = args[:issue] || create_issue(text: "#[Title]#\nAuto-generated issue.\n\n#[Description]#\ncreate_evidence() invoked by #{plugin} without an :issue parameter")
 
-        node.evidence.create(issue_id: issue.id, content: content)
+        evidence = node.evidence.new(issue_id: issue.id, content: content)
+        if evidence.valid?
+          evidence.save
+        else
+          try_rescue_from_length_validation(model: evidence, field: :content, text: content, msg: 'Error in create_evidence()')
+        end
+        evidence
       end
 
+
       private
+
       def class_for(model)
-        "Dradis::Core::#{model.to_s.capitalize}".constantize
+        "::#{model.to_s.capitalize}".constantize
       end
 
-
       def default_author
         @default_author ||= "#{plugin::Engine.plugin_name.to_s.humanize} upload plugin"
       end
@@ -90,12 +165,37 @@ module Dradis
       end
 
       def default_parent_node
-        @default_parent_node ||= class_for(:node).find_or_create_by(label: 'plugin.output')
+        @default_parent_node ||= class_for(:node).plugin_parent_node
       end
 
       def issuelib
         @issuelib ||= class_for(:node).issue_library
       end
+
+      def try_rescue_from_length_validation(args={})
+        model = args[:model]
+        field = args[:field]
+        text  = args[:text]
+        msg   = args[:msg]
+
+        logger.error{ "Trying to rescue from a :length error" }
+
+        if model.errors[field]
+          # the plugin tried to store too much information
+          msg = "#[Title]#\nTruncation warning!\n\n"
+          msg << "#[Error]#\np(alert alert-error). The plugin tried to store content that was too big for the DB. Review the source to ensure no important data was lost.\n\n"
+          msg << text
+          model.send("#{field}=", msg.truncate(65300))
+        else
+          # bail
+          msg = "#[Title]#\n#{msg}\n\n"
+          msg << "#[Description]#\nbc. #{issue.errors.inspect}\n\n"
+          model.send("#{field}=", msg)
+        end
+        if model.valid?
+          model.save
+        end
+      end
     end
   end
 end

data/lib/dradis/plugins/engine.rb

@@ -14,6 +14,12 @@ module Dradis
       # initializer 'frontend.asset_precompile_paths' do |app|
       #   app.config.assets.precompile += ["dradis/frontend/manifests/*"]
       # end
+
+      Dradis::Plugins::setup do |config|
+        config.base_export_controller_class = 'ProjectScopedController'
+        config.configuration_class          = '::Configuration'
+        config.thor_helper_module           = 'Dradis::Plugins::ThorHelper'
+      end
     end
   end
-end
+end

data/lib/dradis/plugins/export/base.rb

@@ -5,11 +5,15 @@ module Dradis
   module Plugins
     module Export
       class Base
-        attr_accessor :logger
+        attr_accessor :content_service, :logger
 
         def initialize(args={})
           @logger = args.fetch(:logger, Rails.logger)
 
+          @content_service = args[:content_service] || default_content_service
+
+          content_service.logger = logger
+
           post_initialize(args)
         end
 
@@ -20,8 +24,13 @@ module Dradis
         # This method can be overwriten by plugins to do initialization tasks.
         def post_initialize(args={})
         end
-      end # Base
 
+        private
+        def default_content_service
+          @content ||= Dradis::Plugins::ContentService.new
+        end
+
+      end # Base
     end # Export
   end # Plugins
-end # Core
+end # Core

data/lib/dradis/plugins/gem_version.rb

@@ -7,11 +7,11 @@ module Dradis
 
     module VERSION
       MAJOR = 3
-      MINOR = 0
-      TINY = 0
-      PRE = nil
+      MINOR = 5
+      TINY  = 0
+      PRE   = nil
 
       STRING = [MAJOR, MINOR, TINY, PRE].compact.join(".")
     end
   end
-end
+end

data/lib/dradis/plugins/import/filters.rb

@@ -16,12 +16,12 @@ module Dradis
           # register_filter :by_osvdb_id do
           #   def c
           # end
-          def add(label, filter, &block)
+          def add(plugin, label, filter, &block)
             filter ||= Class.new(Dradis::Plugins::Import::Filters::Base)
             filter.class_eval(&block) if block_given?
 
             unless filter.method_defined?(:query)
-              raise NoMethodError, "query() is not declared in the #{label.inspect} strategy"
+              raise NoMethodError, "query() is not declared in the #{label.inspect} filter"
             end
 
             base = Dradis::Plugins::Import::Filters::Base
@@ -29,13 +29,14 @@ module Dradis
               raise "#{label.inspect} is not a #{base}"
             end
 
-            _filters[label] = filter
+            _filters[plugin]        = {} unless _filters.key?(plugin)
+            _filters[plugin][label] = filter
           end
 
-          # Provides access to strategies by label
+          # Provides access to filters by plugin
           # :api: public
-          def [](label)
-            _filters[label]
+          def [](plugin)
+            _filters[plugin]
           end
 
           # :api: private

data/lib/dradis/plugins/import/result.rb

@@ -1,11 +1,12 @@
 module Dradis::Plugins::Import
   class Result
-    attr_accessor :description, :tags, :title
+    attr_accessor :description, :id, :tags, :title
 
     def initialize(args={})
       @description = args[:description] || "The Import plugin didn't provide a :description for this result."
-      @tags = args[:tags] || []
-      @title = args[:description] || "The Import plugin didn't provide a :title for this result."
+      @id          = args[:id]          || "The Import plugin didn't provide an :id for this result."
+      @tags        = args[:tags]        || []
+      @title       = args[:title]       || "The Import plugin didn't provide a :title for this result."
     end
   end
 end

data/lib/dradis/plugins/settings.rb

@@ -0,0 +1,103 @@
+module Dradis::Plugins
+  class Settings
+    attr_reader :namespace
+
+    def initialize(namespace)
+      @namespace = namespace
+      @dirty_options ||= {}
+      @default_options ||= HashWithIndifferentAccess.new
+    end
+
+    def respond_to?(name)
+      super || @dirty_options.key?(name.to_sym)
+    end
+
+    def all
+      @default_options.map do |key, value|
+        {
+          name: key.to_sym,
+          value: value = dirty_or_db_setting_or_default(key.to_sym),
+          default: is_default?(key, value)
+        }
+      end.sort_by{ |o| o[:name] }
+    end
+
+    def save
+      @dirty_options.reject{ |k, v| v.present? && v == db_setting(k) }.each{ |k, v| write_to_db(k, v) }
+    end
+
+    def update_settings(opts = {})
+      opts.select{ |k, v| @default_options.key?(k) }.each do |k, v|
+        @dirty_options[k.to_sym] = v
+      end
+      save
+    end
+
+    def reset_defaults!
+      @dirty_options = {}
+      @default_options.each do |key, value|
+        configuration_class.where(name: namespaced_key(key)).each(&:destroy)
+      end
+    end
+
+    def is_default?(key, value)
+      value.to_s == @default_options[key.to_sym].to_s
+    end
+
+    private
+
+    # ---------------------------------------------------- Method missing magic
+    def method_missing(name, *args, &blk)
+      if name.to_s =~ /^default_(.*)=$/
+        @default_options[$1.to_sym] = args.first
+      elsif name.to_s =~ /=$/
+        @dirty_options[$`.to_sym] = args.first
+      elsif @default_options.key?(name)
+        dirty_or_db_setting_or_default(name)
+      else
+        super
+      end
+    end
+    # --------------------------------------------------- /Method missing magic
+
+    # This allows us to use the same code in Community and Pro and overwrite
+    # the name of the class in an initializer.
+    def configuration_class
+      @klass ||= Dradis::Plugins::configuration_class.to_s.constantize
+    end
+
+    def write_to_db(key, value)
+      # FIXME: how ugly is this?
+      # UPGRADE: Rails 4 find_or_create_by_
+      db_setting = if Rails::VERSION::MAJOR == 3
+                      configuration_class.find_or_create_by_name(namespaced_key(key))
+                   else
+                     configuration_class.find_or_create_by(name: namespaced_key(key))
+                   end
+      db_setting.update_attribute(:value, value)
+    end
+
+
+    def db_setting(key)
+      configuration_class.where(name: namespaced_key(key)).first.value rescue nil
+    end
+
+    # This method looks up in the configuration repository DB to see if the
+    # user has provided a value for the given setting. If not, the default
+    # value is returned.
+    def dirty_or_db_setting_or_default(key)
+      if @dirty_options.key?(key)
+        @dirty_options[key]
+      elsif configuration_class.exists?(name: namespaced_key(key))
+        db_setting(key)
+      else
+        @default_options[key]
+      end
+    end
+
+    # Builds namespaced key
+    def namespaced_key(key)
+      [self.namespace.to_s, key.to_s.underscore].join(":")
+    end
+  end
+end

data/lib/dradis/plugins/template_service.rb

@@ -4,7 +4,7 @@ module Dradis
       attr_accessor :logger, :template, :templates_dir
 
       def initialize(args={})
-        @plugin = args[:plugin]
+        @plugin        = args.fetch(:plugin)
         @templates_dir = args[:templates_dir] || default_templates_dir
       end
 
@@ -64,7 +64,7 @@ module Dradis
       end
 
       # This method returns the current template's source. It caches the
-      # template based on the file's last-modified time and refereshes the
+      # template based on the file's last-modified time and refreshes the
       # cached copy when it detects changes.
       def template_source
         @sources ||= {}
@@ -95,7 +95,10 @@ module Dradis
       # This method returns the default location in which plugins should look
       # for their templates.
       def default_templates_dir
-        @default_templates_dir ||= Rails.root.join('templates', 'plugins', @plugin::Engine::plugin_name.to_s)
+        @default_templates_dir ||= begin
+                                     conf_class = Dradis::Plugins::configuration_class.constantize
+                                     File.join(conf_class.paths_templates_plugins, @plugin::meta[:name].to_s)
+                                   end
       end
     end
   end

data/lib/dradis/plugins/templates.rb

@@ -1,27 +1,29 @@
 module Dradis
   module Plugins
     module Templates
-      def self.included(base)
-        base.extend ClassMethods
-   
-        base.class_eval do
-          # Keep track of any templates the plugin defines
-          paths['dradis/templates'] = 'templates'
-        end
+      extend ActiveSupport::Concern
+
+      included do
+        # Keep track of any templates the plugin defines
+        paths['dradis/templates'] = 'templates'
       end
 
       module ClassMethods
         def copy_templates(args={})
-          destination = args[:to]
+          destination = args.fetch(:to)
 
-          raise ArgumentError.new(':copy_templates called without a :to parameter') unless destination
-          FileUtils.mkdir_p(destination) if plugin_templates.any?
+          destination_dir = File.join(destination, plugin_name.to_s)
+          FileUtils.mkdir_p(destination_dir) if plugin_templates.any?
 
           plugin_templates.each do |template|
-            destination_file = File.join(destination, File.basename(template))
-            next if File.exist?(destination_file)
+            destination_file = File.join(destination_dir, File.basename(template))
 
-            Rails.logger.info{ "Updating templates for #{plugin_name} plugin. Destination: #{destination}" }
+            next if skip?(destination_file)
+
+            Rails.logger.info do
+              "Updating templates for #{plugin_name} plugin. "\
+              "Destination: #{destination}"
+            end
             FileUtils.cp(template, destination_file)
           end
         end
@@ -29,13 +31,27 @@ module Dradis
         def plugin_templates(args={})
           @templates ||= begin
             if paths['dradis/templates'].existent.any?
-              Dir["%s/*" % paths['dradis/templates'].existent]
+              Dir["#{paths['dradis/templates'].existent.first}/*"]
             else
               []
             end
           end
         end
+
+        private
+
+        # Normally we want to copy all templates so that the user always has
+        # the latest version.
+        #
+        # However, if it's a '.template' file, the user might have edited their
+        # local copy, and we don't want to override their changes.  So only
+        # copy .template files over if the user has no copy at all (i.e. if
+        # this is the first time they've started Dradis since this template was
+        # added.)
+        def skip?(file_path)
+          File.exist?(file_path) && File.extname(file_path) == ".template"
+        end
       end
     end
   end
-end
+end

data/lib/dradis/plugins/thor.rb

@@ -0,0 +1,30 @@
+module Dradis
+  module Plugins
+    module Thor
+      def self.included(base)
+        base.extend(ClassMethods)
+
+        base.class_eval do
+          # Keep track of any templates the plugin defines
+          paths['dradis/thorfiles'] = 'lib/tasks'
+        end
+      end
+
+      module ClassMethods
+        def load_thor_tasks
+          plugin_thorfiles.each do |thorfile|
+            require thorfile
+          end
+        end
+
+        def plugin_thorfiles(args={})
+          if paths['dradis/thorfiles'].existent.any?
+            Dir["%s/thorfile.rb" % paths['dradis/thorfiles'].existent]
+          else
+            []
+          end
+        end
+      end
+    end
+  end
+end

data/lib/dradis/plugins/thor_helper.rb

@@ -0,0 +1,14 @@
+module Dradis
+  module Plugins
+    # Helper methods for plugin Thor tasks
+    module ThorHelper
+      def content_service_for(plugin)
+        Dradis::Plugins::ContentService.new(plugin: plugin)
+      end
+
+      def detect_and_set_project_scope
+        ;
+      end
+    end
+  end
+end

data/lib/dradis/plugins/upload.rb

@@ -1,2 +1,10 @@
+module Dradis
+  module Plugins
+    module Upload
+    end
+  end
+end
+
 require 'dradis/plugins/upload/base'
+require 'dradis/plugins/upload/importer'
 require 'dradis/plugins/upload/field_processor'

data/lib/dradis/plugins/upload/base.rb

@@ -1,42 +1,57 @@
-# This module contains basic Upload plugin functions to control template
-# sample and field management for the Plugin Manager.
-#
-module Dradis
-  module Plugins
-    module Upload
-      class Base
-        attr_accessor :content_service, :logger, :template_service
-
-        def initialize(args={})
-          @logger = args.fetch(:logger, Rails.logger)
-
-          @content_service = args[:content_service] || default_content_service
-          @template_service = args[:template_service] || default_template_service
-
-          content_service.logger = logger
-          template_service.logger = logger
-
-          post_initialize(args)
-        end
-
-        def import(args={})
-          raise "The import() method is not implemented in this plugin [#{self.class.name}]."
-        end
-
-        # This method can be overwriten by plugins to do initialization tasks.
-        def post_initialize(args={})
-        end
 
-        private
-        def default_content_service
-          @content ||= Dradis::Plugins::ContentService.new
-        end
-
-        def default_template_service
-          @template ||= Dradis::Plugins::TemplateService.new
-        end
-      end # Base
+# When you call provides :upload in your Engine, this module gets included. It
+# provides two features:
+#
+# a) an .uploaders() class method that by default responds with a single array
+# item pointing to the engine's parent. This will be used by the framework to
+# locate the ::Importer object that does the upload heavy lifting.
+#
+# If your plugin implements more than one uploader, each one would be contained
+# in its own namespace, and you should overwrite the .uploaders() method to
+# return an array of all these namespaces. See method definition for an
+# example.
+#
+# b) it adds a .meta() method to the engine's parent module, containing the
+# name, description and version of the add-on.
+#
+# Again, if you implement more than one uploader, make sure you create a
+# .meta() class-level method in each of your namespaces.
+#
 
-    end # Upload
-  end # Plugins
-end # Core
+module Dradis::Plugins::Upload::Base
+  extend ActiveSupport::Concern
+
+  included do
+    parent.extend NamespaceClassMethods
+  end
+
+  module ClassMethods
+    # Return the list of modules that provide upload functionality. This is
+    # useful if one plugin provides uploading functionality for more than one
+    # file type (e.g. the Projects plugin allows you to upload a Package or a
+    # Template).
+    #
+    # The default implementation just returns this plugin's namespace (e.g.
+    # Dradis::Plugins::Nessus). If a plugin provides multiple uploaders, they
+    # can override this method:
+    #   def self.uploders
+    #     [
+    #       Dradis::Plugins::Projects::Package,
+    #       Dradis::Plugins::Projects::Template
+    #     ]
+    #   end
+    def uploaders()
+      [parent]
+    end
+  end
+
+  module NamespaceClassMethods
+    def meta
+      {
+        name: self::Engine::plugin_name,
+        description: self::Engine::plugin_description,
+        version: self::VERSION::STRING
+      }
+    end
+  end
+end

data/lib/dradis/plugins/upload/field_processor.rb

@@ -22,6 +22,12 @@ module Dradis
           field = args[:field]
           "Sorry, this plugin doesn't define a FieldProcessor (called for [#{field}])"
         end
+
+        protected
+        # This can be overriden by subclasses
+        def post_initialize(args={})
+          # nop
+        end
       end
 
     end

data/lib/dradis/plugins/upload/importer.rb

@@ -0,0 +1,42 @@
+# This module contains basic Upload plugin functions to control template
+# sample and field management for the Plugin Manager.
+#
+module Dradis
+  module Plugins
+    module Upload
+      class Importer
+        attr_accessor :content_service, :logger, :template_service
+
+        def initialize(args={})
+          @logger = args.fetch(:logger, Rails.logger)
+
+          @content_service = args[:content_service] || default_content_service
+          @template_service = args[:template_service] || default_template_service
+
+          content_service.logger = logger
+          template_service.logger = logger
+
+          post_initialize(args)
+        end
+
+        def import(args={})
+          raise "The import() method is not implemented in this plugin [#{self.class.name}]."
+        end
+
+        # This method can be overwriten by plugins to do initialization tasks.
+        def post_initialize(args={})
+        end
+
+        private
+        def default_content_service
+          @content ||= Dradis::Plugins::ContentService.new
+        end
+
+        def default_template_service
+          @template ||= Dradis::Plugins::TemplateService.new
+        end
+      end # Importer
+
+    end # Upload
+  end # Plugins
+end # Core

data/spec/settings_spec.rb

@@ -0,0 +1,88 @@
+#
+# This spec must be ran from Dradis root dir
+#
+require 'spec_helper'
+
+class TestEngine < ::Rails::Engine
+  include ::Dradis::Plugins::Base
+  addon_settings :test_engine do
+    settings.default_host     = 'localhost'
+    settings.default_port     = 80
+    settings.default_protocol = 'http'
+  end
+end
+
+describe Dradis::Plugins::Settings do
+
+  before(:each) do
+    TestEngine::settings.reset_defaults!
+  end
+
+  it "sets and return default values" do
+    expect(TestEngine::settings.host).to eq('localhost')
+    expect(TestEngine::settings.port).to eq(80)
+  end
+
+  it "sets and returns user defined values" do
+    expect(TestEngine::settings.host).to eq('localhost')
+    TestEngine::settings.host = '127.0.0.1'
+    expect(TestEngine::settings.host).to eq('127.0.0.1')
+    expect(TestEngine::settings.port).to eq(80)
+  end
+
+  it "sets and returns new value even if it equals default value" do
+    expect(TestEngine::settings.host).to eq('localhost')
+    TestEngine::settings.host = '127.0.0.1'
+    expect(TestEngine::settings.host).to eq('127.0.0.1')
+    TestEngine::settings.host = 'localhost'
+    expect(TestEngine::settings.host).to eq('localhost')
+  end
+
+  it "saves to db and returns persisted values" do
+    expect(TestEngine::settings.host).to eq('localhost')
+    TestEngine::settings.host = '127.0.0.1'
+    expect_any_instance_of(TestEngine::settings::send(:configuration_class)).to receive(:update_attribute)
+    expect(TestEngine::settings.save).to eq( { host: '127.0.0.1'} )
+    expect(TestEngine::settings.host).to eq('127.0.0.1')
+  end
+
+  it "reads from db after saving" do
+    expect(TestEngine::settings.host).to eq('localhost')
+    TestEngine::settings.host = '127.0.0.1'
+    expect(TestEngine::settings.save).to eq( { host: '127.0.0.1'} )
+  end
+
+end
+
+describe Dradis::Plugins::Settings, '#is_default?' do
+  it 'knows if a string value equals its default integer value' do
+    TestEngine::settings.is_default?(:port, '80')
+  end
+end
+
+describe Dradis::Plugins::Settings, '#all' do
+  it 'returns values from db, dirty state or default as needed and tells which one is default' do
+    TestEngine::settings.host = '127.0.0.1'
+    TestEngine::settings.save
+    TestEngine::settings.protocol = 'https'
+    expect(TestEngine::settings.all).to eq([
+      {
+        name: :host,
+        value: '127.0.0.1',
+        default: false
+      },
+      {
+        name: :port,
+        value: 80,
+        default: true
+      },
+      {
+        name: :protocol,
+        value: 'https',
+        default: false
+      },
+    ])
+  end
+end
+
+

data/spec/spec_helper.rb

@@ -0,0 +1,2 @@
+RSpec.configure do |config|
+end

metadata

@@ -1,43 +1,57 @@
 --- !ruby/object:Gem::Specification
 name: dradis-plugins
 version: !ruby/object:Gem::Version
-  version: 3.0.0
+  version: 3.5.0
 platform: ruby
 authors:
 - Daniel Martin
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-08-18 00:00:00.000000000 Z
+date: 2016-06-08 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '1.6'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '1.6'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '10.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '10.0'
+- !ruby/object:Gem::Dependency
+  name: rspec-rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 description: Required dependency for Dradis Framework.
 email:
 - etd@nomejortu.com
@@ -45,15 +59,19 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
-- .gitignore
+- ".gitignore"
+- ".rspec"
 - CONTRIBUTING.md
 - Gemfile
 - LICENSE
 - README.md
 - Rakefile
+- app/controllers/dradis/plugins/export/base_controller.rb
 - dradis-plugins.gemspec
 - lib/dradis-plugins.rb
 - lib/dradis/plugins.rb
+- lib/dradis/plugins/base.rb
+- lib/dradis/plugins/configurable.rb
 - lib/dradis/plugins/content_service.rb
 - lib/dradis/plugins/engine.rb
 - lib/dradis/plugins/export.rb
@@ -63,12 +81,19 @@ files:
 - lib/dradis/plugins/import/filters.rb
 - lib/dradis/plugins/import/filters/base.rb
 - lib/dradis/plugins/import/result.rb
+- lib/dradis/plugins/settings.rb
 - lib/dradis/plugins/template_service.rb
 - lib/dradis/plugins/templates.rb
+- lib/dradis/plugins/thor.rb
+- lib/dradis/plugins/thor_helper.rb
 - lib/dradis/plugins/upload.rb
 - lib/dradis/plugins/upload/base.rb
 - lib/dradis/plugins/upload/field_processor.rb
+- lib/dradis/plugins/upload/importer.rb
 - lib/dradis/plugins/version.rb
+- spec/internal/log/test.log
+- spec/settings_spec.rb
+- spec/spec_helper.rb
 homepage: http://dradisframework.org
 licenses:
 - GPL-2
@@ -79,18 +104,21 @@ require_paths:
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
-  - - '>='
+  - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - '>='
+  - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.3.0
+rubygems_version: 2.2.3
 signing_key: 
 specification_version: 4
 summary: Plugin manager for the Dradis Framework project.
-test_files: []
+test_files:
+- spec/internal/log/test.log
+- spec/settings_spec.rb
+- spec/spec_helper.rb