Skip to content

Commit

Permalink
Merge pull request #8571 from DefectDojo/master-into-dev/2.25.3-2.26.…
Browse files Browse the repository at this point in the history 
…0-dev

Release: Merge back 2.25.3 into dev from: master-into-dev/2.25.3-2.26.0-dev
  • Loading branch information
@Maffooch
Maffooch authored Aug 28, 2023
2 parents b590224 + c5af21e commit 78f18fc
Show file tree
Hide file tree
Showing 13 changed files with 148 additions and 43 deletions.
8 changes: 4 additions & 4 deletions dojo/endpoint/views.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -124,12 +124,12 @@ def process_endpoint_view(request, eid, host_view=False):
endpoints = endpoint.host_endpoints()
endpoint_metadata = None
all_findings = endpoint.host_findings()
active_findings = endpoint.host_active_findings()
active_verified_findings = endpoint.host_active_verified_findings()
else:
endpoints = None
endpoint_metadata = dict(endpoint.endpoint_meta.values_list('name', 'value'))
all_findings = endpoint.findings.all()
active_findings = endpoint.active_findings()
active_verified_findings = endpoint.active_verified_findings()

if all_findings:
start_date = timezone.make_aware(datetime.combine(all_findings.last().date, datetime.min.time()))
Expand All @@ -148,11 +148,11 @@ def process_endpoint_view(request, eid, host_view=False):
monthly_counts = get_period_counts(all_findings, closed_findings, None, months_between, start_date,
relative_delta='months')

paged_findings = get_page_items(request, active_findings, 25)
paged_findings = get_page_items(request, active_verified_findings, 25)

vulnerable = False

if active_findings.count() != 0:
if active_verified_findings.count() != 0:
vulnerable = True

product_tab = Product_Tab(endpoint.product, "Host" if host_view else "Endpoint", tab="endpoints")
Expand Down
1 change: 1 addition & 0 deletions dojo/filters.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1348,6 +1348,7 @@ class FindingFilter(FindingFilterWithTags):
effort_for_fixing = MultipleChoiceFilter(choices=EFFORT_FOR_FIXING_CHOICES)

test_import_finding_action__test_import = NumberFilter(widget=HiddenInput())
endpoints = NumberFilter(widget=HiddenInput())

if get_system_setting('enable_jira'):
has_jira_issue = BooleanFilter(field_name='jira_issue',
Expand Down
1 change: 1 addition & 0 deletions dojo/importers/utils.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@
from dojo.celery import app
from dojo.endpoint.utils import endpoint_get_or_create
from dojo.utils import max_safe
from django.urls import reverse
from dojo.models import IMPORT_CLOSED_FINDING, IMPORT_CREATED_FINDING, \
IMPORT_REACTIVATED_FINDING, IMPORT_UNTOUCHED_FINDING, Test_Import, Test_Import_Finding_Action, \
Endpoint_Status, Vulnerability_Id
Expand Down
93 changes: 73 additions & 20 deletions dojo/models.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1671,7 +1671,17 @@ def __hash__(self):

def __eq__(self, other):
if isinstance(other, Endpoint):
return str(self) == str(other)
# Check if the contents of the endpoint match
contents_match = str(self) == str(other)
# Determine if products should be used in the equation
if self.product is not None and other.product is not None:
# Check if the products are the same
products_match = (self.product) == other.product
# Check if the contents match
return products_match and contents_match
else:
return contents_match

else:
return NotImplemented

Expand Down Expand Up @@ -1700,21 +1710,42 @@ def findings_count(self):
return self.findings.all().count()

def active_findings(self):
findings = self.findings.filter(active=True,
out_of_scope=False,
mitigated__isnull=True,
false_p=False,
duplicate=False,
status_finding__mitigated=False,
status_finding__false_positive=False,
status_finding__out_of_scope=False,
status_finding__risk_accepted=False).order_by('numerical_severity')
findings = self.findings.filter(
active=True,
out_of_scope=False,
mitigated__isnull=True,
false_p=False,
duplicate=False,
status_finding__mitigated=False,
status_finding__false_positive=False,
status_finding__out_of_scope=False,
status_finding__risk_accepted=False
).order_by('numerical_severity')
return findings

def active_verified_findings(self):
findings = self.findings.filter(
active=True,
verified=True,
out_of_scope=False,
mitigated__isnull=True,
false_p=False,
duplicate=False,
status_finding__mitigated=False,
status_finding__false_positive=False,
status_finding__out_of_scope=False,
status_finding__risk_accepted=False
).order_by('numerical_severity')
return findings

@property
def active_findings_count(self):
return self.active_findings().count()

@property
def active_verified_findings_count(self):
return self.active_verified_findings().count()

def host_endpoints(self):
return Endpoint.objects.filter(host=self.host,
product=self.product).distinct()
Expand Down Expand Up @@ -1749,22 +1780,44 @@ def host_findings_count(self):
return self.host_findings().count()

def host_active_findings(self):
findings = Finding.objects.filter(active=True,
out_of_scope=False,
mitigated__isnull=True,
false_p=False,
duplicate=False,
status_finding__mitigated=False,
status_finding__false_positive=False,
status_finding__out_of_scope=False,
status_finding__risk_accepted=False,
endpoints__in=self.host_endpoints()).order_by('numerical_severity')
findings = Finding.objects.filter(
active=True,
out_of_scope=False,
mitigated__isnull=True,
false_p=False,
duplicate=False,
status_finding__mitigated=False,
status_finding__false_positive=False,
status_finding__out_of_scope=False,
status_finding__risk_accepted=False,
endpoints__in=self.host_endpoints()
).order_by('numerical_severity')
return findings

def host_active_verified_findings(self):
findings = Finding.objects.filter(
active=True,
verified=True,
out_of_scope=False,
mitigated__isnull=True,
false_p=False,
duplicate=False,
status_finding__mitigated=False,
status_finding__false_positive=False,
status_finding__out_of_scope=False,
status_finding__risk_accepted=False,
endpoints__in=self.host_endpoints()
).order_by('numerical_severity')
return findings

@property
def host_active_findings_count(self):
return self.host_active_findings().count()

@property
def host_active_verified_findings_count(self):
return self.host_active_verified_findings().count()

def get_breadcrumbs(self):
bc = self.product.get_breadcrumbs()
bc += [{'title': self.host,
Expand Down
4 changes: 2 additions & 2 deletions dojo/templates/dojo/alerts.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@
<th>{% trans "Title" %}</th>
<th>{% trans "Description" %}</th>
<th>{% trans "Timeframe" %}</th>
<th class="hidden-sm centered" title="{% trans "Select all visible alerts" %}">
<th class="centered" title="{% trans "Select all visible alerts" %}">
<input type="checkbox" name="select_all" id="select_all"/>
</th>
</tr>
Expand All @@ -30,7 +30,7 @@
<td>{%if alert.url %}<a href="{{ alert.url }}">{% endif %}{{ alert.title }}{% if alert.url %}</a>{% endif %}</td>
<td>{{ alert.description|linebreaks }}</td>
<td>{{ alert.created }}</td>
<td class="hidden-sm centered">
<td class="centered">
<input type="checkbox" name="alert_select" value="{{ alert.id }}"
class="select_one {{ alert.source }}"/>
</td>
Expand Down
12 changes: 6 additions & 6 deletions dojo/templates/dojo/endpoints.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -70,7 +70,7 @@ <h3 class="has-filters">
class="tablesorter-bootstrap table table-condensed table-striped table-hover">
<tr>
{% if not product_tab or product_tab and product_tab.product|has_object_permission:"Endpoint_Edit" %}
<th class="hidden-sm centered" title="Select all visible endpoint." id="bulk_edit">
<th class="centered" title="Select all visible endpoint." id="bulk_edit">
<form class="inline-form centered" action="#">
<input type="checkbox" title="Select All" name="select_all" id="select_all"></input>
</form>
Expand All @@ -94,7 +94,7 @@ <h3 class="has-filters">
{% for e in endpoints %}
<tr>
{% if not product_tab or product_tab and product_tab.product|has_object_permission:"Endpoint_Edit" %}
<td class="hidden-sm centered">
<td class="centered">
<form action="#">
<input type="checkbox" title= "Select_{{ e.id }}" name="select_{{ e.id }}"
id="{{ e.id }}" class="select_one {{ e.id }}"></input>
Expand All @@ -117,10 +117,10 @@ <h3 class="has-filters">
{% endif %}
<td class="text-center">
{% if host_view %}
{{ e.host_active_findings_count }}
{{ e.host_active_verified_findings_count }}
{% else %}
{% if e.active_findings_count > 0 %}
<a href="{% url 'verified_findings' %}?endpoints={{ e.id }}">{{ e.active_findings_count }}</a>
{% if e.active_verified_findings_count > 0 %}
<a href="{% url 'verified_findings' %}?endpoints={{ e.id }}">{{ e.active_verified_findings_count }}</a>
{% else %}
0
{% endif %}
Expand All @@ -133,7 +133,7 @@ <h3 class="has-filters">
{% if e.mitigated %}
Mitigated
{% else %}
{% if e.active_findings_count > 0 %}
{% if e.active_verified_findings_count > 0 %}
Vulnerable
{% else %}
No active verified findings
Expand Down
4 changes: 2 additions & 2 deletions dojo/templates/dojo/findings_list_snippet.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -264,7 +264,7 @@ <h3 class="has-filters">
<thead>
<tr>
{% if not product_tab or product_tab and product_tab.product|has_object_permission:"Finding_Edit" %}
<th class="hidden-sm centered" title="Select all visible findings.">
<th class="centered" title="Select all visible findings.">
<div class="dropdown">
<button class="btn btn-primary dropdown-toggle"
type="button"
Expand Down Expand Up @@ -383,7 +383,7 @@ <h3 class="has-filters">
{% for finding in findings %}
<tr class="{% if finding.active %}active_finding{% else %}inactive_finding{% endif %}">
{% if not product_tab or product_tab and product_tab.product|has_object_permission:"Finding_Edit" %}
<td class="hidden-sm centered">
<td class="centered">
<form action="#">
<input type="checkbox" name="select_{{ finding.id }}" id="{{ finding.id }}" class="select_one {{ finding.severity }}" aria-label="select-finding"/>
</form>
Expand Down
8 changes: 4 additions & 4 deletions dojo/templates/dojo/snippets/endpoints.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -134,7 +134,7 @@ <h4>Vulnerable Endpoints / Systems ({{ endpoints|length }})
<table id="vuln_endpoints" class="table-striped table table-hover">
<thead>
{% if finding|has_object_permission:"Finding_Edit" %}
<th class="hidden-sm" title="Select all vulnerable endpoints." style="width: 10%;">
<th class="" title="Select all vulnerable endpoints." style="width: 10%;">
<form class="inline-form" action="#">
<input type="checkbox" label="select_all_vulnerable" name="select_all_vulnerable" id="select_all_vulnerable"/>
</form>
Expand All @@ -150,7 +150,7 @@ <h4>Vulnerable Endpoints / Systems ({{ endpoints|length }})
{% for endpoint in endpoints %}
<tr>
{% if finding|has_object_permission:"Finding_Edit" %}
<td class="hidden-sm">
<td class="">
<form action="#">
<input type="checkbox" label="select_vulnerable_{{ endpoint.id }}" name="select_vulnerable_{{ endpoint.id }}" id="{{ endpoint.id }}"
class="select_one"/>
Expand Down Expand Up @@ -188,7 +188,7 @@ <h4>Mitigated Endpoints / Systems ({{ endpoints|length }})
<table id="remd_endpoints" class="table-striped table table-hover">
<thead>
{% if finding|has_object_permission:"Finding_Edit" %}
<th class="hidden-sm" title="Select all mitigated endpoints." style="width: 10%;">
<th class="" title="Select all mitigated endpoints." style="width: 10%;">
<form class="inline-form" action="#">
<input type="checkbox" label="select_all_mitigated" name="select_all_mitigated" id="select_all_mitigated"/>
</form>
Expand All @@ -204,7 +204,7 @@ <h4>Mitigated Endpoints / Systems ({{ endpoints|length }})
{% for endpoint in endpoints %}
<tr>
{% if finding|has_object_permission:"Finding_Edit" %}
<td class="hidden-sm">
<td class="">
<form action="#">
<input type="checkbox" label="select_mitigated_{{ endpoint.id }}" name="select_mitigated_{{ endpoint.id }}" id="{{ endpoint.id }}"
class="select_one"/>
Expand Down
4 changes: 2 additions & 2 deletions dojo/templates/dojo/view_test.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -859,7 +859,7 @@ <h4 class="has-filters">
<thead>
<tr>
{% if test|has_object_permission:"Test_Edit" or test|has_object_permission:"Test_Delete" %}
<th class="hidden-sm centered" title="Select all visible findings.">
<th class="centered" title="Select all visible findings.">
<div class="dropdown">
<button class="btn btn-primary dropdown-toggle"
type="button"
Expand Down Expand Up @@ -964,7 +964,7 @@ <h4 class="has-filters">
{% for finding in findings %}
<tr class="{% if finding.active %}active_finding{% else %}inactive_finding{% endif %}">
{% if test|has_object_permission:"Test_Edit" or test|has_object_permission:"Test_Delete" %}
<td class="hidden-sm centered">
<td class="centered">
<form action="#">
<input type="checkbox"
name="select_{{ finding.id }}"
Expand Down
2 changes: 1 addition & 1 deletion helm/defectdojo/Chart.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ apiVersion: v2
appVersion: "2.26.0-dev"
description: A Helm chart for Kubernetes to install DefectDojo
name: defectdojo
version: 1.6.82-dev
version: 1.6.83-dev
icon: https://www.defectdojo.org/img/favicon.ico
maintainers:
- name: madchap
Expand Down
2 changes: 1 addition & 1 deletion helm/defectdojo/templates/configmap.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ data:
DD_CELERY_BROKER_SCHEME: {{ if eq .Values.celery.broker "rabbitmq" }}amqp{{ end }}{{ if eq .Values.celery.broker "redis" }}{{ template "redis.scheme" . }}{{ end }}
DD_CELERY_BROKER_USER: '{{ if eq .Values.celery.broker "rabbitmq" }}user{{ end }}'
DD_CELERY_BROKER_HOST: {{ if eq .Values.celery.broker "rabbitmq" }}{{ template "rabbitmq.hostname" . }}{{ else if eq .Values.celery.broker "redis" }}{{ template "redis.hostname" . }}{{ end }}
DD_CELERY_BROKER_PORT: '{{ if eq .Values.celery.broker "rabbitmq" }}5672{{ end }}{{ if eq .Values.celery.broker "redis" }}6379{{ end }}'
DD_CELERY_BROKER_PORT: '{{ if eq .Values.celery.broker "rabbitmq" }}{{ .Values.rabbitmq.service.ports.amqp | default "5672" }}{{ end }}{{ if eq .Values.celery.broker "redis" }}{{ .Values.redis.master.service.ports.redis | default "6379" }}{{ end }}'
DD_CELERY_BROKER_PARAMS: '{{ if eq .Values.celery.broker "redis" }}{{- if .Values.redis.transportEncryption.enabled -}}{{ .Values.redis.transportEncryption.params | default "ssl_cert_reqs=optional" }}{{ end }}{{ end }}'
DD_CELERY_BROKER_PATH: '{{ .Values.celery.path | default "//" }}'
DD_CELERY_LOG_LEVEL: {{ .Values.celery.logLevel }}
Expand Down
6 changes: 5 additions & 1 deletion helm/defectdojo/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -521,7 +521,11 @@ redis:
# To use an external Redis instance, set enabled to false and uncomment
# the line below:
# redisServer: myrediscluster

# To use a different port for Redis (default: 6379) add a port number and uncomment the lines below:
# master:
# service:
# ports:
# redis: xxxx

# To add extra variables not predefined by helm config it is possible to define in extraConfigs block, e.g. below:
# NOTE Do not store any kind of sensitive information inside of it
Expand Down
Loading

0 comments on commit 78f18fc

Please sign in to comment.