diff options
Diffstat (limited to 'lib/srtgui/templates/investigation.html')
-rw-r--r-- | lib/srtgui/templates/investigation.html | 439 |
1 files changed, 403 insertions, 36 deletions
diff --git a/lib/srtgui/templates/investigation.html b/lib/srtgui/templates/investigation.html index 77cb8fbd..bf0a5672 100644 --- a/lib/srtgui/templates/investigation.html +++ b/lib/srtgui/templates/investigation.html @@ -52,7 +52,7 @@ <h2>Quick Info</h2> <dl class="dl-horizontal"> <dt>Product:</dt> - <dd>{{object.product.name}} {{ object.product.version }} {{ object.product.profile }}</dd> + <dd><a href="{% url 'product' object.product.id %}">{{object.product.long_name}}</a></dd> <dt>Investigation:</dt> <dd><a href="{% url 'vulnerability' object.vulnerability.id %}">{{object.vulnerability.get_long_name}}</a></dd> @@ -60,15 +60,42 @@ <dt>Defect:</dt> <dd> {% for ij in object.investigation_to_defect.all %} - {% if not forloop.first %}| {% endif %}<a href="http://defect.wrs.com/browse/{{ij.defect.name}}" target="_blank">{{ij.defect.name}} </a> + {% if not forloop.first %}| {% endif %}<a href="{% url 'defect' ij.defect.id %}" target="_blank">{{ij.defect.name}} </a> {% endfor %} <p> {% if access.is_creator %} - <a class="btn btn-default navbar-btn " id="new-investigation-attachement" href="">Attach Defect</a> - <a class="btn btn-default navbar-btn " id="new-investigation-attachement" href="">Create Defect</a> + <a class="btn btn-default navbar-btn " id="select-attachdefect">Attach Defect</a> + <a class="btn btn-default navbar-btn " id="select-createdefect">Create Defect</a> + <a class="btn btn-default navbar-btn " id="select-trashdefect">Detach Defect</a> {% endif %} </dd> + <div id="details-attachdefect" style="display:none; border: 1px solid; padding:20px; width:400px; margin-bottom:25px; margin-left:150px"> + <p><b><label>Select Defect by Key:</label></b> + <div id="input-attachdefect" style="padding-left: 50px"> + <p><input type="text" id="text-attachdefect" placeholder="Issue Key (ex. {{defect_example}})" size="20"> <button class="execute" id="submit-attachdefect"> Submit </button></p> + </div> + </div> + + <div id="details-trashdefect" style="display:none; border: 1px solid; padding:20px; width:400px; margin-bottom:25px; margin-left:150px"> + <p><b><label>Select Defect(s):</label></b> + <div id="select-trashdefectlist" style="padding-left: 50px"> + <div class="row"> + <div id="all-investigation-to-defects" class="scrolling" style="width: 300px;"> + {% for obj in investigation_to_defect %} + <div class="checkbox"> + <label> + <input class="checkbox-defects" name="{{obj.defect.pk}}" type="checkbox">{{obj.defect.name}} + </label> + <p> + </div> + {% endfor %} + </div> + <button class="execute" id="submit-trashdefect"> Detach </button> + </div> + </div> + </div> + <dt>Status:</dt> <dd>{{object.get_status_text}}</dd> @@ -81,7 +108,7 @@ <dt>Release Version:</dt> <dd> {% for ij in object.investigation_to_defect.all %} - {% if not forloop.first %}| {% endif %}<a href="http://defect.wrs.com/browse/{{ij.defect.name}}" target="_blank">{{ij.defect.release_version}} </a> + {% if not forloop.first %}| {% endif %}<a href="{{ij.defect.url}}" target="_blank">{{ij.defect.release_version}} </a> {% endfor %} </dd> </dl> @@ -91,14 +118,18 @@ <hr> -<div class="row"> +<div class="row" style="padding-left: 25px;"> <h3>Comments - {% if access.is_creator %} - <a class="btn btn-default navbar-btn " id="new-investigation-attachement" href="{% url 'login' %}">Add comment</a> - {% endif %} + {% if access.is_creator %} + <button id="select-newcomment" class="btn btn-default" type="button">Add comment ...</button> + {% endif %} </h3> - <table class="table table-striped table-condensed" data-testid="inv-hyperlinks-table"> + <div id="input-newcomment" style="padding-left: 50px; display:none;"> + <p><input type="text" id="text-newcomment" size="40"> <button class="execute" id="submit-newcomment"> Submit </button></p> + </div> + + <table class="table table-striped table-condensed" data-testid="vuln-hyperlinks-table"> <thead> <tr> <th>Comment</th> @@ -116,11 +147,11 @@ <td>{{ c.comment }}</td> <td>{{ c.date }}</td> <td>{{ c.author }}</td> - {% if access.is_creator %} + {% if access.is_creator or c.author == current_user %} <td> <span id="config_var_entry_'+configvars_sorted[i][2]+'" class="js-config-var-name"></span> - <span class="glyphicon glyphicon-edit js-icon-pencil-config_var" id="affected_edit_'+{{c.id}}+'" x-data="'+{{c.id}}+'"></span> - <span class="glyphicon glyphicon-trash js-icon-trash-config_var" id="comment_trash_'+{{c.id}}+'" x-data="'+{{c.id}}+'"></span> + <span class="glyphicon glyphicon-edit edit-comment" id="affected_edit_'+{{c.id}}+'" x-data="{{c.id}}"></span> + <span class="glyphicon glyphicon-trash trash-comment" id="comment_trash_'+{{c.id}}+'" x-data="{{c.id}}"></span> </td> {% endif %} </tr> @@ -134,13 +165,25 @@ </div> -<div class="row"> +<div class="row" style="padding-left: 25px;"> <h3>Attachments - {% if access.is_creator %} - <a class="btn btn-default navbar-btn " id="new-investigation-attachement" href="{% url 'login' %}">Add attachment</a> - {% endif %} + {% if access.is_creator %} + <a class="btn btn-default navbar-btn " id="select-addattachment">Add attachment ... </a> + {% endif %} </h3> + <div id="details-addattachment" style="padding-left: 50px; display:none;"> + <p><p> + <div class="row"> + <form id="uploadbanner" enctype="multipart/form-data" method="post">{% csrf_token %} + <input id="fileDescription" name="fileDescription" type="text" placeholder="Enter Description" /> + <input id="fileUpload" name="fileUpload" type="file" /> + <input type="hidden" id="action" name="action" value="upload"> + <input type="submit" value="submit file" id="submit-addattachment" /> + </form> + </div> + </div> + <table class="table table-striped table-condensed" data-testid="vuln-hyperlinks-table"> <thead> <tr> @@ -157,17 +200,20 @@ {% for u in object.investigation_uploads.all %} <tr> <td>{{ u.description }}</td> - <td>{{ u.path }}</td> + <td>{{ u.path|basename }}</td> <td>{{ u.size }}</td> <td>{{ u.date }}</td> <td>{{ u.author }}</td> <td> <span id="attachment_entry_'+{{u.id}}+'" class="js-config-var-name"></span> - <span class="glyphicon glyphicon-download-alt get-help" title="Download document"></span> - {% if access.is_creator %} - <span class="glyphicon glyphicon-edit js-icon-pencil-config_var" id="affected_edit_'+{{u.id}}+'" x-data="'+{{u.id}}+'"></span> - <span class="glyphicon glyphicon-trash js-icon-trash-config_var" id="attachment_trash_'+{{u.id}}+'" x-data="'+{{u.id}}+'"></span> - {% endif %} + <form id="downloadbanner" enctype="multipart/form-data" method="post" >{% csrf_token %} + <input type="hidden" id="action" name="action" value="download"> + <input type="hidden" id="record_id" name="record_id" value={{u.id}}> + <span class="glyphicon glyphicon-download-alt submit-downloadattachment" id="attachment_download_'+{{u.id}}+'" x-data="{{u.id}}"></span> + {% if access.is_creator %} + <span class="glyphicon glyphicon-trash trash-attachment" id="attachment_trash_'+{{u.id}}+'" x-data="{{u.id}}"></span> + {% endif %} + </form> </td> </tr> {% endfor %} @@ -177,18 +223,37 @@ </tr> {% endif %} </table> - </div> <br/> <hr/> {% if access.is_creator %} - <div class="row"> + <div class="row" style="padding-left: 25px;"> <h3>Change Notifications - <a class="btn btn-default navbar-btn " id="new-investigation-notify" href="{% url 'login' %}">Add user notification</a> + {% if access.is_creator %} + <button id="select-addusernotify" class="btn btn-default" type="button">Add user notification ...</button> + {% endif %} </h3> + <div id="details-addusernotify" style="padding-left: 50px; display:none;"> + <p><p> + <button class="execute" id="submit-addusernotify"> Submit </button> + <div class="row"> + <p> + <div id="all-users" class="scrolling" style="width: 300px;"> + {% for user in users %} + <div class="checkbox"> + <label> + <input class="checkbox-users" name="{{user.pk}}" type="checkbox">{{user.name}} + </label> + <p> + </div> + {% endfor %} + </div> + </div> + </div> + <table class="table table-striped table-condensed" data-testid="vuln-hyperlinks-table"> <thead> <tr> @@ -200,16 +265,16 @@ </tr> </thead> - {% if object.investigation_users.all %} - {% for u in object.investigation_users.all %} + {% if object.investigation_notification.all %} + {% for u in object.investigation_notification.all %} <tr> <td>{{ u.user.name }}</td> <td>{{ u.user.email }}</td> - {% if access.is_creator %} + {% if access.is_creator or u.user.name == current_user %} <td> <span id="attachment_entry_'+{{u.id}}+'" class="js-config-var-name"></span> - <span class="glyphicon glyphicon-edit js-icon-pencil-config_var" id="affected_edit_'+{{u.id}}+'" x-data="'+{{u.id}}+'"></span> - <span class="glyphicon glyphicon-trash js-icon-trash-config_var" id="attachment_trash_'+{{u.id}}+'" x-data="'+{{u.id}}+'"></span> + <span class="glyphicon glyphicon-edit edit-usernotification" id="affected_edit_'+{{u.id}}+'" x-data="{{u.id}}"></span> + <span class="glyphicon glyphicon-trash trash-usernotification" id="attachment_trash_'+{{u.id}}+'" x-data="{{u.id}}"></span> </td> {% endif %} </tr> @@ -223,11 +288,31 @@ </div> - <div class="row"> + <div class="row" style="padding-left: 25px;"> <h3>User Access - <a class="btn btn-default navbar-btn " id="new-investigation-access" href="{% url 'login' %}">Add user access</a> + {% if access.is_creator %} + <button id="select-adduseraccess" class="btn btn-default" type="button">Add user access ...</button> + {% endif %} </h3> + <div id="details-adduseraccess" style="padding-left: 50px; display:none;"> + <p><p> + <button class="execute" id="submit-adduseraccess"> Submit </button> + <div class="row"> + <p> + <div id="all-users" class="scrolling" style="width: 300px;"> + {% for user in users %} + <div class="checkbox"> + <label> + <input class="checkbox-users" name="{{user.pk}}" type="checkbox">{{user.name}} + </label> + <p> + </div> + {% endfor %} + </div> + </div> + </div> + <table class="table table-striped table-condensed" data-testid="vuln-hyperlinks-table"> <thead> <tr> @@ -253,8 +338,8 @@ {% if access.is_creator %} <td> <span id="attachment_entry_'+{{u.id}}+'" class="js-config-var-name"></span> - <span class="glyphicon glyphicon-edit js-icon-pencil-config_var" id="affected_edit_'+{{u.id}}+'" x-data="'+{{u.id}}+'"></span> - <span class="glyphicon glyphicon-trash js-icon-trash-config_var" id="attachment_trash_'+{{u.id}}+'" x-data="'+{{u.id}}+'"></span> + <span class="glyphicon glyphicon-edit edit-useraccess" id="affected_edit_'+{{u.id}}+'" x-data="{{u.id}}"></span> + <span class="glyphicon glyphicon-trash trash-useraccess" id="attachment_trash_'+{{u.id}}+'" x-data="{{u.id}}"></span> </td> {% endif %} </tr> @@ -271,7 +356,7 @@ </div> {% endif %} -<div class="row"> +<div class="row" style="padding-left: 25px;"> <h3>History</h3> <table class="table table-striped table-condensed" data-testid="vuln-hyperlinks-table"> <thead> @@ -297,5 +382,287 @@ </table> </div> +<script> + var selected_newcomment=false; + var selected_addusernotify=false; + var selected_adduseraccess=false; + var selected_addattachment=false; + var selected_attachdefect=false; + var selected_trashdefect=false; + + $(document).ready(function() { + function onCommitAjaxSuccess(data, textstatus) { + if (window.console && window.console.log) { + console.log("XHR returned:", data, "(" + textstatus + ")"); + } else { + alert("NO CONSOLE:\n"); + return; + } + if (data.error != "ok") { + alert("error on request:\n" + data.error); + return; + } + // reload the page with the updated tables + location.reload(true); + } + + function onCommitAjaxError(jqXHR, textstatus, error) { + console.log("ERROR:"+error+"|"+textstatus); + alert("XHR errored1:\n" + error + "\n(" + textstatus + ")"); + } + + /* ensure cookie exists {% csrf_token %} */ + function postCommitAjaxRequest(reqdata) { + reqdata["investigation_id"] = {{ object.id }} + var ajax = $.ajax({ + type:"POST", + data: reqdata, + url:"{% url 'xhr_investigation_commit' %}", + headers: { 'X-CSRFToken': $.cookie("csrftoken")}, + success: onCommitAjaxSuccess, + error: onCommitAjaxError, + }); + } + + /* (De-)Select management */ + + $('#select-these').click(function(){ + $(':checkbox').each(function(){ + $(this).prop('checked', true); + }); + }); + + $('#unselect-these').click(function(){ + $(':checkbox').each(function(){ + $(this).prop('checked', false); + }); + }); + + /* Defect management */ + + $('#select-attachdefect').click(function(){ + if (selected_attachdefect) { + selected_attachdefect=false; + $("#details-attachdefect").slideUp(); + } else { + if (selected_trashdefect) { + selected_trashdefect = false; + } + selected_attachdefect=true; + $("#details-trashdefect").slideUp(); + $("#details-attachdefect").slideDown(); + } + }) + + $('#select-trashdefect').click(function(){ + if (selected_trashdefect) { + selected_trashdefect=false; + $("#details-trashdefect").slideUp(); + } else { + if (selected_attachdefect) { + selected_attachdefect = false; + } + selected_trashdefect=true; + $("#details-trashdefect").slideDown(); + $("#details-attachdefect").slideUp(); + } + }) + + $('#submit-attachdefectlist').click(function(){ + var defect_list="" + $(':checkbox').each(function(){ + if ($(this).is(':checked')) { + defect_list += $(this).prop('name') + ","; + } + }); + if ("" == defect_list) { + alert("No users were selected"); + return; + } + postCommitAjaxRequest({ + "action" : 'submit-attachdefectlist', + "defects" : defect_list, + }); + }); + + $('#submit-attachdefect').click(function(){ + var query=$('#text-attachdefect').val().trim() + if (query=="") { + alert("No query given"); + return; + } + postCommitAjaxRequest({ + "action" : 'submit-attachdefect', + "query" : query, + }) + }); + + $('#submit-trashdefect').click(function(){ + var defect_list="" + $(':checkbox').each(function(){ + if ($(this).is(':checked')) { + defect_list += $(this).prop('name') + ","; + } + }); + if ("" == defect_list) { + alert("No users were selected"); + return; + } + postCommitAjaxRequest({ + "action" : 'submit-trashdefect', + "defects" : defect_list, + }); + }); + + /* Comment management */ + + $('#select-newcomment').click(function(){ + if (selected_newcomment) { + selected_newcomment=false; + $("#input-newcomment").slideUp(); + } else { + selected_newcomment=true; + $("#input-newcomment").slideDown(); + } + }); + + $('#submit-newcomment').click(function(){ + var comment=$('#text-newcomment').val().trim() + if (comment=="") { + alert("No comment was written"); + return; + } + postCommitAjaxRequest({ + "action" : 'submit-newcomment', + "comment" : comment, + }) + }); + + $('.trash-comment').click(function(){ + var result = confirm("Are you sure?"); + if (result){ + postCommitAjaxRequest({ + "action" : 'submit-trashcomment', + "record_id" : $(this).attr('x-data'), + }); + } + }) + + /* Attachement management */ + + $('#select-addattachment').click(function() { + if (selected_addattachment) { + selected_addattachment=false; + $("#details-addattachment").slideUp(); + } else { + selected_addattachment=true; + $("#details-addattachment").slideDown(); + } + }); + + $('.submit-downloadattachment').click(function() { + $("#downloadbanner").submit(); + }); + + $('.trash-attachment').click(function() { + var result = confirm("Are you sure?"); + if (result){ + postCommitAjaxRequest({ + "action" : 'submit-trashattachment', + "record_id" : $(this).attr('x-data'), + }); + } + }); + + /* User notify management */ + + $('#select-addusernotify').click(function(){ + if (selected_addusernotify) { + selected_addusernotify=false; + $("#select-these").removeAttr("disabled"); + $("#unselect-these").removeAttr("disabled"); + $("#details-addusernotify").slideUp(); + } else { + selected_addusernotify=true; + $("#select-these").attr("disabled","disabled"); + $("#unselect-these").attr("disabled","disabled"); + $("#details-addusernotify").slideDown(); + } + }); + + $('#submit-addusernotify').click(function(){ + var user_list="" + $(':checkbox').each(function(){ + if ($(this).is(':checked')) { + user_list += $(this).prop('name') + ","; + } + }); + if ("" == user_list) { + alert("No users were selected"); + return; + } + postCommitAjaxRequest({ + "action" : 'submit-addusernotify', + "users" : user_list, + }); + }); + + $('.trash-usernotification').click(function(){ + var result = confirm("Are you sure?"); + if (result){ + postCommitAjaxRequest({ + "action" : 'submit-trashusernotification', + "record_id" : $(this).attr('x-data'), + }); + } + }) + + /* User access management */ + + $('#select-adduseraccess').click(function(){ + if (selected_adduseraccess) { + selected_adduseraccess=false; + $("#select-these").removeAttr("disabled"); + $("#unselect-these").removeAttr("disabled"); + $("#details-adduseraccess").slideUp(); + } else { + selected_adduseraccess=true; + $("#select-these").attr("disabled","disabled"); + $("#unselect-these").attr("disabled","disabled"); + $("#details-adduseraccess").slideDown(); + } + }); + + $('#submit-adduseraccess').click(function(){ + var user_list="" + $(':checkbox').each(function(){ + if ($(this).is(':checked')) { + user_list += $(this).prop('name') + ","; + } + }); + if ("" == user_list) { + alert("No users were selected"); + return; + } + postCommitAjaxRequest({ + "action" : 'submit-adduseraccess', + "users" : user_list, + }); + }); + + $('.trash-useraccess').click(function(){ + var result = confirm("Are you sure?"); + if (result){ + postCommitAjaxRequest({ + "action" : 'submit-trashuseraccess', + "record_id" : $(this).attr('x-data'), + }); + } + }) + + /* Set the report link */ + $('#report_link').attr('href',"{% url 'report' request.resolver_match.url_name %}?record_list={{object.id}}"); + }); +</script> {% endblock %} |