dradis-projects 3.14.1 → 3.19.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/.ruby-version +1 -1
- data/CHANGELOG.md +24 -3
- data/lib/dradis/plugins/projects/engine.rb +2 -2
- data/lib/dradis/plugins/projects/export/template.rb +1 -0
- data/lib/dradis/plugins/projects/export/v3/template.rb +57 -0
- data/lib/dradis/plugins/projects/gem_version.rb +2 -2
- data/lib/dradis/plugins/projects/upload/template.rb +1 -0
- data/lib/dradis/plugins/projects/upload/v1/template.rb +6 -1
- data/lib/dradis/plugins/projects/upload/v3/template.rb +203 -0
- metadata +5 -4
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
|
-
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
2
|
+
SHA256:
|
3
|
+
metadata.gz: 15e6f2944b32adc796476388e08a4526d78046d8c899b47c6d68dc7750b973cb
|
4
|
+
data.tar.gz: 63b932c050ca7f3f1b40d9c7fd4d29f2eb8165d728c4314ed21e8bd7cd552919
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: '08cc871995bc3cf8a56b112a3b85729fa6d6561b2addbec65f6a0b0a9c69291825dff38e8458525a6c40a2b814114a9aef7428cf458d35ae4b13f61c07189551'
|
7
|
+
data.tar.gz: 07e6b9fb5d85de664c3e3e91141961a73931a317bab525c0456c6f60f6b857dbf3167539ef112d2b9ff26e8947f36afacb9c2c93518f5b79dcc425c2d565dc39
|
data/.ruby-version
CHANGED
@@ -1 +1 @@
|
|
1
|
-
2.
|
1
|
+
2.4.1
|
data/CHANGELOG.md
CHANGED
@@ -1,3 +1,24 @@
|
|
1
|
+
## Dradis Framework 3.19 (September, 2020) ##
|
2
|
+
|
3
|
+
* No changes
|
4
|
+
|
5
|
+
## Dradis Framework 3.18 (July, 2020) ##
|
6
|
+
|
7
|
+
* No changes
|
8
|
+
|
9
|
+
## Dradis Framework 3.17 (May, 2020) ##
|
10
|
+
|
11
|
+
* No changes
|
12
|
+
|
13
|
+
## Dradis Framework 3.16 (February, 2020) ##
|
14
|
+
|
15
|
+
* No changes
|
16
|
+
|
17
|
+
## Dradis Framework 3.15 (November, 2019) ##
|
18
|
+
|
19
|
+
* Fix upload with attachments
|
20
|
+
* Being able to export/upload boards (v3)
|
21
|
+
|
1
22
|
## Dradis Framework 3.14.1 (October, 2019) ##
|
2
23
|
|
3
24
|
* Fix directory traversal vulnerability
|
@@ -30,19 +51,19 @@
|
|
30
51
|
|
31
52
|
## Dradis Framework 3.9 (January, 2018) ##
|
32
53
|
|
33
|
-
* Fix nodes upload
|
54
|
+
* Fix nodes upload
|
34
55
|
|
35
56
|
* Add default user id as fallback for activity user when importing
|
36
57
|
|
37
58
|
## Dradis Framework 3.8 (September, 2017) ##
|
38
59
|
|
39
|
-
* Add version attribute to exported methodologies
|
60
|
+
* Add version attribute to exported methodologies
|
40
61
|
|
41
62
|
* Add parse_report_content placeholders to import/export.
|
42
63
|
|
43
64
|
## Dradis Framework 3.7 (July, 2017) ##
|
44
65
|
|
45
|
-
* Skip closing the logger in thorfile
|
66
|
+
* Skip closing the logger in thorfile
|
46
67
|
|
47
68
|
## Dradis Framework 3.6 (March, 2017) ##
|
48
69
|
|
@@ -18,8 +18,8 @@ module Dradis
|
|
18
18
|
|
19
19
|
initializer "dradis-projects.set_configs" do |app|
|
20
20
|
options = app.config.dradis.projects
|
21
|
-
options.template_exporter ||= Dradis::Plugins::Projects::Export::
|
22
|
-
options.template_uploader ||= Dradis::Plugins::Projects::Upload::
|
21
|
+
options.template_exporter ||= Dradis::Plugins::Projects::Export::V3::Template
|
22
|
+
options.template_uploader ||= Dradis::Plugins::Projects::Upload::V3::Template::Importer
|
23
23
|
end
|
24
24
|
|
25
25
|
|
@@ -0,0 +1,57 @@
|
|
1
|
+
module Dradis::Plugins::Projects::Export::V3
|
2
|
+
class Template < Dradis::Plugins::Projects::Export::V2::Template
|
3
|
+
VERSION = 3
|
4
|
+
|
5
|
+
protected
|
6
|
+
|
7
|
+
def build_methodologies(builder)
|
8
|
+
boards = content_service.all_boards
|
9
|
+
|
10
|
+
builder.methodologies do |methodologies_builder|
|
11
|
+
|
12
|
+
boards.each do |board|
|
13
|
+
node_id =
|
14
|
+
board.node == project.methodology_library ? nil : board.node_id
|
15
|
+
|
16
|
+
methodologies_builder.board(version: VERSION) do |board_builder|
|
17
|
+
board_builder.id(board.id)
|
18
|
+
board_builder.name(board.name)
|
19
|
+
board_builder.node_id(node_id)
|
20
|
+
|
21
|
+
board.ordered_items.each do |list|
|
22
|
+
|
23
|
+
board_builder.list do |list_builder|
|
24
|
+
list_builder.id(list.id)
|
25
|
+
list_builder.name(list.name)
|
26
|
+
list_builder.previous_id(list.previous_id)
|
27
|
+
|
28
|
+
list.ordered_items.each do |card|
|
29
|
+
|
30
|
+
list_builder.card do |card_builder|
|
31
|
+
card_builder.id(card.id)
|
32
|
+
card_builder.name(card.name)
|
33
|
+
card_builder.description do
|
34
|
+
card_builder.cdata!(card.description)
|
35
|
+
end
|
36
|
+
card_builder.due_date(card.due_date)
|
37
|
+
card_builder.previous_id(card.previous_id)
|
38
|
+
|
39
|
+
card_builder.assignees do |assignee_builder|
|
40
|
+
card.assignees.each do |assignee|
|
41
|
+
assignee_builder.assignee(assignee.email)
|
42
|
+
end
|
43
|
+
end
|
44
|
+
|
45
|
+
build_activities_for(card_builder, card)
|
46
|
+
build_comments_for(card_builder, card)
|
47
|
+
end
|
48
|
+
|
49
|
+
end
|
50
|
+
end
|
51
|
+
end
|
52
|
+
end
|
53
|
+
end
|
54
|
+
end
|
55
|
+
end
|
56
|
+
end
|
57
|
+
end
|
@@ -95,7 +95,12 @@ module Dradis::Plugins::Projects::Upload::V1
|
|
95
95
|
def finalize_attachments
|
96
96
|
# Adjust attachment URLs for new Node IDs
|
97
97
|
pending_changes[:attachment_notes].each do |item|
|
98
|
-
text_attr =
|
98
|
+
text_attr =
|
99
|
+
if defined?(ContentBlock) && item.is_a?(ContentBlock)
|
100
|
+
:content
|
101
|
+
else
|
102
|
+
:text
|
103
|
+
end
|
99
104
|
|
100
105
|
logger.info { "Adjusting screenshot URLs: #{item.class.name} ##{item.id}" }
|
101
106
|
|
@@ -0,0 +1,203 @@
|
|
1
|
+
module Dradis::Plugins::Projects::Upload::V3
|
2
|
+
module Template
|
3
|
+
class Importer < Dradis::Plugins::Projects::Upload::V2::Template::Importer
|
4
|
+
private
|
5
|
+
|
6
|
+
# Private: Given a XML node contianing assignee information this method
|
7
|
+
# tries to recreate the assignment in the new project.
|
8
|
+
#
|
9
|
+
# * If the user exists in this instance: assign the card to that user
|
10
|
+
# (no matter if the user is not a project author).
|
11
|
+
# * If the user doesn't exist, don't creat an assiment and add a note
|
12
|
+
# inside the card's description.
|
13
|
+
#
|
14
|
+
# card - the Card object we're creating assignments for.
|
15
|
+
# xml_assignee - the Nokogiri::XML::Node that contains node assignment
|
16
|
+
# information.
|
17
|
+
#
|
18
|
+
# Returns nothing, but creates a new Assignee for this card.
|
19
|
+
def create_assignee(card, xml_assignee)
|
20
|
+
email = xml_assignee.text()
|
21
|
+
user_id = user_id_for_email(email)
|
22
|
+
|
23
|
+
if user_id == -1
|
24
|
+
old_assignee_field = card.fields['FormerAssignees'] || ''
|
25
|
+
card.set_field 'FormerAssignees', old_assignee_field << "* #{email}\n"
|
26
|
+
else
|
27
|
+
old_assignee_ids = card.assignee_ids
|
28
|
+
card.assignee_ids = old_assignee_ids + [user_id]
|
29
|
+
end
|
30
|
+
end
|
31
|
+
|
32
|
+
# Private: Reassign cross-references once all the objects in the project
|
33
|
+
# have been recreated.
|
34
|
+
#
|
35
|
+
# No arguments received, but the methods relies on :lookup_table and
|
36
|
+
# :pending_changes provided by dradis-projects.
|
37
|
+
#
|
38
|
+
# Returns nothing.
|
39
|
+
def finalize_cards
|
40
|
+
logger.info { 'Reassigning card positions...' }
|
41
|
+
|
42
|
+
# Fix the :previous_id with the new card IDs
|
43
|
+
pending_changes[:cards].each do |card|
|
44
|
+
card.previous_id = lookup_table[:cards][card.previous_id]
|
45
|
+
raise "Couldn't save card's position" unless validate_and_save(card)
|
46
|
+
end
|
47
|
+
|
48
|
+
logger.info { 'Done.' }
|
49
|
+
end
|
50
|
+
|
51
|
+
# Private: Reassign the List's :previous_id now that we know what are the
|
52
|
+
# new IDs that correspond to all List objects in the import.
|
53
|
+
#
|
54
|
+
# No arguments received, but the method relies on :lookup_table and
|
55
|
+
# :pending_changes provided by dradis-projects.
|
56
|
+
#
|
57
|
+
# Returns nothing.
|
58
|
+
def finalize_lists
|
59
|
+
logger.info { 'Reassigning list positions...' }
|
60
|
+
|
61
|
+
# Fix the :previous_id with the new card IDs
|
62
|
+
pending_changes[:lists].each do |list|
|
63
|
+
list.previous_id = lookup_table[:lists][list.previous_id]
|
64
|
+
raise "Couldn't save list's position" unless validate_and_save(list)
|
65
|
+
end
|
66
|
+
|
67
|
+
logger.info { 'Done.' }
|
68
|
+
end
|
69
|
+
|
70
|
+
# Private: Restore Board, List and Card information from the project
|
71
|
+
# template.
|
72
|
+
def parse_methodologies(template)
|
73
|
+
if template_version == 1
|
74
|
+
# Restore Board from old xml methodology format
|
75
|
+
process_v1_methodologies(template)
|
76
|
+
else
|
77
|
+
process_v2_methodologies(template)
|
78
|
+
end
|
79
|
+
end
|
80
|
+
|
81
|
+
# Private: For each XML card block, we're creating a new Card instance,
|
82
|
+
# restoring the card's Activities and Assignments.
|
83
|
+
#
|
84
|
+
# list - the List instance that will hold this Card.
|
85
|
+
# xml_card - the Nokogiri::XML node containing the card's data.
|
86
|
+
#
|
87
|
+
# Returns nothing, but makes use of the :lookup_table and :pending_changes
|
88
|
+
# variables to store information that will be used during the
|
89
|
+
# :finalize_cards method.
|
90
|
+
def process_card(list, xml_card)
|
91
|
+
due_date = xml_card.at_xpath('due_date').text
|
92
|
+
due_date = Date.iso8601(due_date) unless due_date.empty?
|
93
|
+
|
94
|
+
card = list.cards.create name: xml_card.at_xpath('name').text,
|
95
|
+
description: xml_card.at_xpath('description').text,
|
96
|
+
due_date: due_date,
|
97
|
+
previous_id: xml_card.at_xpath('previous_id').text
|
98
|
+
|
99
|
+
xml_card.xpath('activities/activity').each do |xml_activity|
|
100
|
+
raise "Couldn't create activity for Card ##{card.id}" unless create_activity(card, xml_activity)
|
101
|
+
end
|
102
|
+
|
103
|
+
xml_card.xpath('assignees/assignee').each do |xml_assignee|
|
104
|
+
raise "Couldn't create assignment for Card ##{card.id}" unless create_assignee(card, xml_assignee)
|
105
|
+
end
|
106
|
+
|
107
|
+
raise "Couldn't create comments for Card ##{card.id}" unless create_comments(card, xml_card.xpath('comments/comment'))
|
108
|
+
|
109
|
+
lookup_table[:cards][xml_card.at_xpath('id').text.to_i] = card.id
|
110
|
+
pending_changes[:cards] << card
|
111
|
+
end
|
112
|
+
|
113
|
+
# Private: Initial pass over ./methodologies/ section of the tempalte
|
114
|
+
# document to extract Board, List and Card information. Some of the
|
115
|
+
# objects will contain invalid references (e.g. the former :previous_id
|
116
|
+
# of a card will need to be reassigned) that we will fix at a later stage.
|
117
|
+
#
|
118
|
+
# template - A Nokogiri::XML document containing the project template
|
119
|
+
# data.
|
120
|
+
#
|
121
|
+
# Returns nothing.
|
122
|
+
def process_methodologies(template)
|
123
|
+
logger.info { 'Processing Methodologies...' }
|
124
|
+
|
125
|
+
lookup_table[:cards] = {}
|
126
|
+
lookup_table[:lists] = {}
|
127
|
+
pending_changes[:cards] = []
|
128
|
+
pending_changes[:lists] = []
|
129
|
+
|
130
|
+
template.xpath('dradis-template/methodologies/board').each do |xml_board|
|
131
|
+
xml_node_id = xml_board.at_xpath('node_id').try(:text)
|
132
|
+
node_id =
|
133
|
+
if xml_node_id.present?
|
134
|
+
lookup_table[:nodes][xml_node_id]
|
135
|
+
else
|
136
|
+
project.methodology_library.id
|
137
|
+
end
|
138
|
+
|
139
|
+
board = content_service.create_board(
|
140
|
+
name: xml_board.at_xpath('name').text,
|
141
|
+
node_id: node_id
|
142
|
+
)
|
143
|
+
|
144
|
+
xml_board.xpath('./list').each do |xml_list|
|
145
|
+
list = board.lists.create name: xml_list.at_xpath('name').text,
|
146
|
+
previous_id: xml_list.at_xpath('previous_id').text
|
147
|
+
|
148
|
+
lookup_table[:lists][xml_list.at_xpath('id').text.to_i] = list.id
|
149
|
+
pending_changes[:lists] << list
|
150
|
+
|
151
|
+
xml_list.xpath('./card').each do |xml_card|
|
152
|
+
process_card(list, xml_card)
|
153
|
+
end
|
154
|
+
end
|
155
|
+
end
|
156
|
+
|
157
|
+
logger.info { 'Done.' }
|
158
|
+
end
|
159
|
+
|
160
|
+
# Private: Pass over old ./methodologies/ sections of the template
|
161
|
+
# document to extract Board, List and Card information.
|
162
|
+
#
|
163
|
+
# template - A Nokogiri::XML document containing the project template
|
164
|
+
# data.
|
165
|
+
#
|
166
|
+
# Returns nothing.
|
167
|
+
def process_v1_methodologies(template)
|
168
|
+
xml_methodologies = template.xpath('dradis-template/methodologies/methodology')
|
169
|
+
return if xml_methodologies.empty?
|
170
|
+
|
171
|
+
logger.info { 'Processing V1 Methodologies...' }
|
172
|
+
|
173
|
+
migration = MethodologyMigrationService.new(project.id)
|
174
|
+
|
175
|
+
xml_methodologies.each do |xml_methodology|
|
176
|
+
migration.migrate(
|
177
|
+
Methodology.new(content: xml_methodology.at_xpath('text').text)
|
178
|
+
)
|
179
|
+
end
|
180
|
+
|
181
|
+
logger.info { 'Done.' }
|
182
|
+
end
|
183
|
+
|
184
|
+
# Private: Pass over new ./methodologies/ sections of the template
|
185
|
+
# document to extract Board, List and Card information.
|
186
|
+
#
|
187
|
+
# template - A Nokogiri::XML document containing the project template
|
188
|
+
# data.
|
189
|
+
#
|
190
|
+
# Returns nothing.
|
191
|
+
def process_v2_methodologies(template)
|
192
|
+
# Restore Board
|
193
|
+
process_methodologies(template)
|
194
|
+
|
195
|
+
# Reassign Card's :previous_id and :assginees
|
196
|
+
finalize_cards()
|
197
|
+
|
198
|
+
# Reassign List's :previous id
|
199
|
+
finalize_lists()
|
200
|
+
end
|
201
|
+
end
|
202
|
+
end
|
203
|
+
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: dradis-projects
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 3.
|
4
|
+
version: 3.19.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Daniel Martin
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2020-09-04 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: bundler
|
@@ -121,11 +121,13 @@ files:
|
|
121
121
|
- lib/dradis/plugins/projects/export/template.rb
|
122
122
|
- lib/dradis/plugins/projects/export/v1/template.rb
|
123
123
|
- lib/dradis/plugins/projects/export/v2/template.rb
|
124
|
+
- lib/dradis/plugins/projects/export/v3/template.rb
|
124
125
|
- lib/dradis/plugins/projects/gem_version.rb
|
125
126
|
- lib/dradis/plugins/projects/upload/package.rb
|
126
127
|
- lib/dradis/plugins/projects/upload/template.rb
|
127
128
|
- lib/dradis/plugins/projects/upload/v1/template.rb
|
128
129
|
- lib/dradis/plugins/projects/upload/v2/template.rb
|
130
|
+
- lib/dradis/plugins/projects/upload/v3/template.rb
|
129
131
|
- lib/dradis/plugins/projects/version.rb
|
130
132
|
- lib/tasks/thorfile.rb
|
131
133
|
- spec/fixtures/files/attachments_url.xml
|
@@ -152,8 +154,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
152
154
|
- !ruby/object:Gem::Version
|
153
155
|
version: '0'
|
154
156
|
requirements: []
|
155
|
-
|
156
|
-
rubygems_version: 2.6.8
|
157
|
+
rubygems_version: 3.0.0
|
157
158
|
signing_key:
|
158
159
|
specification_version: 4
|
159
160
|
summary: Project export/upload for the Dradis Framework.
|