dradis-projects 4.7.0 → 4.8.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: ca68fe402bada36bc748cbd49bca421e49f5c72202458d016c34fcb08f791f9f
-  data.tar.gz: defaf20a5a62316adf0aecc2143048e48548976d3f43b2118a86ae361fd1ce47
+  metadata.gz: f2bcef2954732f6a107819be6462b9b375503a822559a231090edd01f514862c
+  data.tar.gz: 1e9018effd346297a8903ac29a4c0bd6ee4041075c32acc3e7f8757da0d2ad50
 SHA512:
-  metadata.gz: b30158708343ae732533082d9060562857dab90fa804660941ea694696f91220fbfd444e6393f956071e67d2b19ef947407cf89040080fd422275d1abe5e31d4
-  data.tar.gz: 46a7a2a618f294de4e5267a62c0f46172e2c34cb1c5548d1e7666f965829de94031d26d75b60365ffd32f0064f626160ed1129a64d89baafd7f5f14afcbce4b7
+  metadata.gz: 1066f56c7938bb4b8d3f8d4cb2c3f38118a579d7a33a5b4e0b012df413887058863190fd6e5e324567d463ce2a894ddb5a5a8cfb17de15f759b75116f83bf107
+  data.tar.gz: 061dd18d56a3e4a1b3c1d98d0a1df0d703afd974f95018e377b3c7c2d920f9791a5c51f7467bcb3c62051d3eb10c69146fdfd7c639a3e0c4191c20b61d4553b2

data/CHANGELOG.md

@@ -1,3 +1,7 @@
+v4.8.0 (April 2023)
+  - Add exporting and uploading states
+  - Update export button copy
+
 v4.7.0 (February 2023)
   - No changes
 

data/app/controllers/dradis/plugins/projects/packages_controller.rb

@@ -1,9 +1,14 @@
 module Dradis::Plugins::Projects
   class PackagesController < Dradis::Plugins::Export::BaseController
+    skip_before_action :validate_scope
+
     def show
       filename = Rails.root.join('tmp', 'dradis-export.zip')
 
-      options  = export_options.merge(plugin: Dradis::Plugins::Projects)
+      options  = export_params.merge(
+        plugin: Dradis::Plugins::Projects,
+        scope: :all
+      )
       exporter = Dradis::Plugins::Projects::Export::Package.new(options)
       template = exporter.export(filename: filename)
 

data/app/controllers/dradis/plugins/projects/templates_controller.rb

@@ -1,10 +1,15 @@
 module Dradis::Plugins::Projects
   class TemplatesController < Dradis::Plugins::Export::BaseController
+    skip_before_action :validate_scope
+
     def show
       # this allows us to have different exporters in different editions
       exporter_class = Rails.application.config.dradis.projects.template_exporter
 
-      options  = export_options.merge(plugin: Dradis::Plugins::Projects)
+      options  = export_params.merge(
+        plugin: Dradis::Plugins::Projects,
+        scope: :all
+      )
       exporter = exporter_class.new(options)
       template = exporter.export
 

data/app/views/dradis/plugins/projects/export/_index-content.html.erb

@@ -14,6 +14,6 @@
       <label class="custom-control-label" for='route_template'>Template</label>
     </div>
 
-    <button id="export-button" class="btn btn-lg btn-primary mt-4">Export</button>
+    <button id="export-button" class="btn btn-lg btn-primary mt-4">Export All Records</button>
   <% end %>
 <% end%>

data/dradis-projects.gemspec

@@ -22,9 +22,9 @@ Gem::Specification.new do |spec|
 
   spec.add_development_dependency 'bundler', '~> 2.2'
   spec.add_development_dependency 'combustion'
-  spec.add_development_dependency 'rake', '~> 10.0'
+  spec.add_development_dependency 'rake', '>= 12.3.3'
   spec.add_development_dependency 'rspec'
 
-  spec.add_dependency 'dradis-plugins', '~> 4.0'
+  spec.add_dependency 'dradis-plugins', '>= 4.8.0'
   spec.add_dependency 'rubyzip'
 end

data/lib/dradis/plugins/projects/engine.rb

@@ -18,8 +18,8 @@ module Dradis
 
         initializer "dradis-projects.set_configs" do |app|
           options = app.config.dradis.projects
-          options.template_exporter ||= Dradis::Plugins::Projects::Export::V3::Template
-          options.template_uploader ||= Dradis::Plugins::Projects::Upload::V3::Template::Importer
+          options.template_exporter ||= Dradis::Plugins::Projects::Export::V4::Template
+          options.template_uploader ||= Dradis::Plugins::Projects::Upload::V4::Template::Importer
         end
 
 

data/lib/dradis/plugins/projects/export/template.rb

@@ -27,6 +27,4 @@ module Dradis::Plugins::Projects::Export
   end
 end
 
-require_relative 'v1/template'
-require_relative 'v2/template'
-require_relative 'v3/template'
+require_relative 'v4/template'

data/lib/dradis/plugins/projects/export/v1/template.rb

@@ -1,3 +1,11 @@
+# DEPRECATED - this class is v1 of the Template Exporter and shouldn't be updated.
+# V4 released on Apr 2022
+# V1 can be removed on Apr 2024
+#
+# We're duplicating this file for v4, and even though the code lives in two
+# places now, this file isn't expected to evolve and is now frozen to V1
+# behavior.
+
 module Dradis::Plugins::Projects::Export::V1
   class Template < Dradis::Plugins::Projects::Export::Template
     VERSION = 1

data/lib/dradis/plugins/projects/export/v2/template.rb

@@ -1,3 +1,11 @@
+# DEPRECATED - this class is v2 of the Template Exporter and shouldn't be updated.
+# V4 released on Apr 2022
+# V2 can be removed on Apr 2024
+#
+# We're duplicating this file for v4, and even though the code lives in two
+# places now, this file isn't expected to evolve and is now frozen to V2
+# behavior.
+
 module Dradis::Plugins::Projects::Export::V2
   class Template < Dradis::Plugins::Projects::Export::V1::Template
     VERSION = 2

data/lib/dradis/plugins/projects/export/v3/template.rb

@@ -1,3 +1,11 @@
+# DEPRECATED - this class is v3 of the Template Exporter and shouldn't be updated.
+# V4 released on Apr 2022
+# V3 can be removed on Apr 2024
+#
+# We're duplicating this file for v4, and even though the code lives in two
+# places now, this file isn't expected to evolve and is now frozen to V3
+# behavior.
+
 module Dradis::Plugins::Projects::Export::V3
   class Template < Dradis::Plugins::Projects::Export::V2::Template
     VERSION = 3

data/lib/dradis/plugins/projects/export/v4/template.rb

@@ -0,0 +1,207 @@
+module Dradis::Plugins::Projects::Export::V4
+  class Template < Dradis::Plugins::Projects::Export::Template
+    VERSION = 4
+
+    protected
+
+    def build_activities_for(builder, trackable)
+      builder.activities do |activities_builder|
+        trackable.activities.each do |activity|
+          activities_builder.activity do |activity_builder|
+            activity_builder.action(activity.action)
+            activity_builder.user_email(user_email_for_activity(activity))
+            activity_builder.created_at(activity.created_at.to_i)
+          end
+        end
+      end
+    end
+
+    def build_categories(builder)
+      categories = []
+      categories << Category.issue if @issues.any?
+      categories += @nodes.map do |node|
+        node.notes.map { |note| note.category }.uniq
+      end.flatten.uniq
+
+      builder.categories do |categories_builder|
+        categories.each do |category|
+          categories_builder.category do |category_builder|
+            category_builder.id(category.id)
+            category_builder.name(category.name)
+          end
+        end
+      end
+    end
+
+    def build_evidence_for_node(builder, node)
+      builder.evidence do |evidences_builder|
+        node.evidence.each do |evidence|
+          evidences_builder.evidence do |evidence_builder|
+            evidence_builder.id(evidence.id)
+            evidence_builder.author(evidence.author)
+            evidence_builder.tag!('issue-id', evidence.issue_id)
+            evidence_builder.content do
+              evidence_builder.cdata!(evidence.content)
+            end
+            build_activities_for(evidence_builder, evidence)
+            build_comments_for(evidence_builder, evidence)
+          end
+        end
+      end
+    end
+
+    def build_issues(builder)
+      @issues = Issue.where(node_id: project.issue_library).includes(:activities)
+
+      builder.issues do |issues_builder|
+        @issues.each do |issue|
+          issues_builder.issue do |issue_builder|
+            issue_builder.id(issue.id)
+            issue_builder.author(issue.author)
+            issue_builder.state(issue.state)
+            issue_builder.text do
+              issue_builder.cdata!(issue.text)
+            end
+            build_activities_for(issue_builder, issue)
+            build_comments_for(issue_builder, issue)
+          end
+        end
+      end
+    end
+
+    def build_methodologies(builder)
+      methodologies = project.methodology_library.notes
+      builder.methodologies do |methodologies_builder|
+        methodologies.each do |methodology|
+          methodologies_builder.methodology(version: VERSION) do |methodology_builder|
+            methodology_builder.text do
+              methodology_builder.cdata!(methodology.text)
+            end
+          end
+        end
+      end
+    end
+
+    def build_nodes(builder)
+      @nodes = project.nodes.includes(:activities, :evidence, :notes, evidence: [:activities], notes: [:activities, :category]).all.reject do |node|
+        [Node::Types::METHODOLOGY,
+          Node::Types::ISSUELIB].include?(node.type_id)
+      end
+
+      builder.nodes do |nodes_builder|
+        @nodes.each do |node|
+          nodes_builder.node do |node_builder|
+            node_builder.id(node.id)
+            node_builder.label(node.label)
+            node_builder.tag!('parent-id', node.parent_id)
+            node_builder.position(node.position)
+            node_builder.properties do
+              node_builder.cdata!(node.raw_properties)
+            end
+            node_builder.tag!('type-id', node.type_id)
+            # Notes
+            build_notes_for_node(node_builder, node)
+            # Evidence
+            build_evidence_for_node(node_builder, node)
+            build_activities_for(node_builder, node)
+          end
+        end
+      end
+    end
+
+    def build_notes_for_node(builder, node)
+      builder.notes do |notes_builder|
+        node.notes.each do |note|
+          notes_builder.note do |note_builder|
+            note_builder.id(note.id)
+            note_builder.author(note.author)
+            note_builder.tag!('category-id', note.category_id)
+            note_builder.text do
+              note_builder.cdata!(note.text)
+            end
+            build_activities_for(note_builder, note)
+            build_comments_for(note_builder, note)
+          end
+        end
+      end
+    end
+
+    # No-op here, overwritten in PRO
+    def build_report_content(builder); end
+
+    def build_tags(builder)
+      tags = project.tags
+      builder.tags do |tags_builder|
+        tags.each do |tag|
+          tags_builder.tag do |tag_builder|
+            tag_builder.id(tag.id)
+            tag_builder.name(tag.name)
+            tag_builder.taggings do |taggings_builder|
+              tag.taggings.each do |tagging|
+                taggings_builder.tagging do |tagging_builder|
+                  tagging_builder.tag!('taggable-id', tagging.taggable_id)
+                  tagging_builder.tag!('taggable-type', tagging.taggable_type)
+                end
+              end
+            end
+          end
+        end
+      end
+    end
+
+
+    # Cache user emails so we don't have to make an extra SQL request
+    # for every activity
+    def user_email_for_activity(activity)
+      return activity.user if activity.user.is_a?(String)
+
+      @user_emails ||= begin
+        User.select([:id, :email]).all.each_with_object({}) do |user, hash|
+          hash[user.id] = user.email
+        end
+      end
+      @user_emails[activity.user_id]
+    end
+
+    # Use the class VERSION constant, but allow for subclasses to overwrite it.
+    #
+    # See:
+    #   http://stackoverflow.com/questions/3174563/how-to-use-an-overridden-constant-in-an-inheritanced-class
+    def version
+      self.class::VERSION
+    end
+
+
+    # Export::V2::Template
+    #
+    def build_comments_for(builder, commentable)
+      builder.comments do |comments_builder|
+        commentable.comments.each do |comment|
+          comments_builder.comment do |comment_builder|
+            comment_builder.content do
+              comment_builder.cdata!(comment.content)
+            end
+            comment_builder.author(comment.user&.email)
+            comment_builder.created_at(comment.created_at.to_i)
+          end
+        end
+      end
+    end
+
+    # Export::V3::Template
+    #
+    def build_methodologies(builder)
+      boards = content_service.all_boards
+
+      builder.methodologies do |methodologies_builder|
+
+        boards.each do |board|
+          node_id =
+            board.node == project.methodology_library ? nil : board.node_id
+
+          board.to_xml(methodologies_builder, includes: [:activities, :assignees, :comments], version: VERSION)
+        end
+      end
+    end
+  end
+end

data/lib/dradis/plugins/projects/gem_version.rb

@@ -8,7 +8,7 @@ module Dradis
 
       module VERSION
         MAJOR = 4
-        MINOR = 7
+        MINOR = 8
         TINY = 0
         PRE = nil
 

data/lib/dradis/plugins/projects/upload/template.rb

@@ -33,7 +33,6 @@ module Dradis::Plugins::Projects::Upload
       # table to re-associate the attachments in the project archive with the new
       # node IDs in the current project.
       def import(params={})
-
         # load the template
         logger.info { "Loading template file from: #{params[:file]}" }
         template = Nokogiri::XML(File.read(params[:file]))
@@ -44,6 +43,7 @@ module Dradis::Plugins::Projects::Upload
           return false
         end
 
+
         if template.xpath('/dradis-template').empty?
           error = "The uploaded file doesn't look like a Dradis project template (/dradis-template)."
           logger.fatal{ error }
@@ -91,6 +91,4 @@ module Dradis::Plugins::Projects::Upload
   end
 end
 
-require_relative 'v1/template'
-require_relative 'v2/template'
-require_relative 'v3/template'
+require_relative 'v4/template'

data/lib/dradis/plugins/projects/upload/v1/template.rb

@@ -1,3 +1,11 @@
+# DEPRECATED - this class is v1 of the Template Importer and shouldn't be updated.
+# V4 released on Apr 2022
+# V1 can be removed on Apr 2024
+#
+# We're duplicating this file for v4, and even though the code lives in two
+# places now, this file isn't expected to evolve and is now frozen to V1
+# behavior.
+
 module Dradis::Plugins::Projects::Upload::V1
   module Template
 

data/lib/dradis/plugins/projects/upload/v2/template.rb

@@ -1,3 +1,11 @@
+# DEPRECATED - this class is v2 of the Template Importer and shouldn't be updated.
+# V4 released on Apr 2022
+# V2 can be removed on Apr 2024
+#
+# We're duplicating this file for v4, and even though the code lives in two
+# places now, this file isn't expected to evolve and is now frozen to V2
+# behavior.
+
 module Dradis::Plugins::Projects::Upload::V2
   module Template
     class Importer < Dradis::Plugins::Projects::Upload::V1::Template::Importer

data/lib/dradis/plugins/projects/upload/v3/template.rb

@@ -1,3 +1,11 @@
+# DEPRECATED - this class is v3 of the Template Importer and shouldn't be updated.
+# V4 released on Apr 2022
+# V3 can be removed on Apr 2024
+#
+# We're duplicating this file for v4, and even though the code lives in two
+# places now, this file isn't expected to evolve and is now frozen to V3
+# behavior.
+
 module Dradis::Plugins::Projects::Upload::V3
   module Template
     class Importer < Dradis::Plugins::Projects::Upload::V2::Template::Importer