aboutsummaryrefslogtreecommitdiffstats
path: root/lib/srtgui/templates/cve.html
diff options
context:
space:
mode:
Diffstat (limited to 'lib/srtgui/templates/cve.html')
-rw-r--r--lib/srtgui/templates/cve.html188
1 files changed, 180 insertions, 8 deletions
diff --git a/lib/srtgui/templates/cve.html b/lib/srtgui/templates/cve.html
index c3cfcac5..e3fe0ca0 100644
--- a/lib/srtgui/templates/cve.html
+++ b/lib/srtgui/templates/cve.html
@@ -1,6 +1,6 @@
{% extends "base.html" %}
-{% load projecttags %}
+{% load jobtags %}
{% block title %} {{object.name}} - SRTool {% endblock %}
@@ -29,8 +29,11 @@
<div class="col-md-12">
<div class="page-header build-data">
<span id="cve-name-container">
- <span id="cve-name" class="srt_h1">{{object.name}} {% if not object.public %} <font color="red">[PRIVATE]</font> {% endif %}</span>
- {% if object.is_local and request.user.is_contributor %}<span class="glyphicon glyphicon-edit" id="cve-change-form-toggle"></span>{% endif %}
+ &nbsp;&nbsp;
+ <span id="cve-name" class="srt_h1">{{object.name}}
+ {% if object.is_local and request.user.is_contributor %}&nbsp;&nbsp;<span class="glyphicon glyphicon-edit" id="cve-change-form-toggle"></span>{% endif %}
+ {% if not object.public %}&nbsp;&nbsp;<font color="red" >[PRIVATE]</font> {% endif %}
+ </span>
{% if request.user.is_creator %}
<span style="padding-left:30px;"><button id="select-quickedit" class="btn btn-default" type="button">Edit Status...</button></span>
<span style="padding-left:30px;"><button id="select-notification" class="btn btn-default" type="button">Create Notification ...</button></span>
@@ -41,6 +44,9 @@
<span style="padding-left:30px;"><button id="select-cveedit" class="btn btn-default" type="button">Edit CVE Data ...</button></span>
{% endif %}
<span style="padding-left:30px;"><button id="submit-delete-cve" class="btn btn-default" type="button">Delete CVE</button></span>
+ {% if object.is_local %}
+ <span style="padding-left:30px;"><button id="select-merge-cve" class="btn btn-default" type="button">Merge CVE</button></span>
+ {% endif %}
{% endif %}
</span>
{% if not is_edit %}
@@ -59,13 +65,26 @@
<!-- include SRtool Metadata/Notification -->
{% include "srtool_metadata_include.html" with default_category="CVE" default_url="cve" %}
+<!-- CVE Merge -->
+{% if object.is_local %}
+ <div id="details-cve-merge" style="display:none;padding-left:25px;">
+ <fieldset style="border: 1px solid Blue; background-color:LightBlue; padding-left: 25px; padding-right: 20px;"> <!-- class="fieldset-auto-width" -->
+ <p><p>
+ <button class="btn btn-primary btn-lg" id="submit-merge-cve"> Submit Merge </button>
+ <p>Target CVE: <input type="text" placeholder="CVE Number" id="target-cve-name" size="40" ></p>
+ </fieldset>
+ <p>
+ <p>
+ </div>
+{% endif %}
+
<div class="row">
<div class="col-md-12 tabbable">
<ul class="nav nav-tabs">
- {% for details,state,id,cve_html in cve_list_table %}
+ {% for details,state,id,cve_html,ds_id in cve_list_table %}
<li class="{{state}}">
<a href="#{{id}}" data-toggle="tab">
- {{id}}
+ {{id}}{% if request.user.is_admin %}({{ds_id}}){% endif %}
<span class="glyphicon glyphicon-question-sign get-help" title="{{id}} CVE data"></span>
</a>
</li>
@@ -73,7 +92,7 @@
</ul>
<div class="tab-content">
- {% for details,state,id,cve_html in cve_list_table %}
+ {% for details,state,id,cve_html,ds_id in cve_list_table %}
<div class="tab-pane {{state}}" id="{{id}}">
{% if 'Local' == id %}
@@ -95,6 +114,73 @@
</form>{% csrf_token %}
{% endif %}
+{% if not object.public %}
+ {% if request.user.is_creator %}
+
+ <div class="row" style="padding-left: 25px;">
+ <h3>User Access
+ {% if request.user.is_creator %}
+ <button id="select-adduseraccess" class="btn btn-default" type="button">Add user access ...</button>
+ {% endif %}
+ </h3>
+
+ <div id="details-adduseraccess" style="padding-left: 50px; display:none;">
+ <p><p>
+ <button class="execute" id="submit-adduseraccess"> Submit </button>
+ <div class="row">
+ <p>
+ <div id="all-users" class="scrolling" style="width: 300px;">
+ {% for user in users %}
+ <div class="checkbox">
+ <label>
+ <input class="checkbox-users" name="access-users" value="{{user.pk}}" type="checkbox">{{user.name}}
+ </label>
+ <p>
+ </div>
+ {% endfor %}
+ </div>
+ </div>
+ </div>
+
+ <table class="table table-striped table-condensed" data-testid="vuln-hyperlinks-table">
+ <thead>
+ <tr>
+ <th>User</th>
+ <th>Manage</th>
+ </tr>
+ </thead>
+
+ {% if object.public %}
+ <tr>
+ <td>All</td>
+ <td>
+ </td>
+ </tr>
+ {% endif %}
+
+ {% if object.cve_users.all %}
+ {% for u in object.cve_users.all %}
+ <tr>
+ <td>{{ u.user.username }}</td>
+ <td>
+ <span id="attachment_entry_'+{{u.id}}+'" class="js-config-var-name"></span>
+ <span class="glyphicon glyphicon-trash trash-useraccess" id="attachment_trash_'+{{u.id}}+'" x-data="{{u.id}}"></span>
+ </td>
+ </tr>
+ {% endfor %}
+ {% else %}
+ {% if not object.public %}
+ <tr>
+ <td>No users found</td>
+ </tr>
+ {% endif %}
+ {% endif %}
+ </table>
+
+ </div>
+ {% endif %}
+{% endif %}
+
<div class="row" style="padding-left: 25px;">
<h3>History</h3>
@@ -129,6 +215,8 @@ Created={{object.srt_created}} Updated={{object.srt_updated}}
<script>
var selected_quickedit=false;
var selected_notifyedit=false;
+ var selected_adduseraccess=false;
+ var selected_mergecve=false;
/* CVE Name change support */
var cveNameForm = $("#cve-name-change-form");
@@ -154,7 +242,7 @@ Created={{object.srt_created}} Updated={{object.srt_updated}}
if (('new_name' in data) && (0 == data.new_name.indexOf("url:"))) {
window.location.replace(data.new_name.replace("url:",""));
} else if (('new_name' in data) && ("" != data.new_name)) {
- var new_url = "{% url 'cve' object.name %}".replace("{{object.name}}",data.new_name);
+ var new_url = "{% url 'cve' 123 %}".replace("123",data.new_name);
window.location.replace(new_url);
} else {
location.reload(true);
@@ -190,7 +278,7 @@ Created={{object.srt_created}} Updated={{object.srt_updated}}
selected_quickedit=true;
$("#display-status").slideUp();
$("#details-quickedit").slideDown();
- document.getElementById("select-quickedit").innerText = "Close edit status...";
+ document.getElementById("select-quickedit").innerText = "Cancel edit status...";
$("#select-quickedit").addClass("blueborder");
document.getElementById("select-status-state").focus();
}
@@ -206,14 +294,31 @@ Created={{object.srt_created}} Updated={{object.srt_updated}}
var tags=$('#text-tags').val().trim();
var priority=$('#select-priority-state').val();
var status=$('#select-status-state').val();
+ var public=$('#select-public-state').val();
var publish_state=$('#select-publish-state').val();
var publish_date=$('#select-publish-date').val();
var acknowledge_date=$('#text-acknowledge-date').val();
var affected_components=$('#text-affected-components').val();
+ /* Double check any public status changes */
+ {% if object.public %}
+ if ("0" == public) {
+ if (! confirm("Are you sure you want to make this CVE and all its children as PRIVATE?")) {
+ return
+ }
+ }
+ {% endif %}
+ {% if not object.public %}
+ if ("1" == public) {
+ if (! confirm("Are you sure you want to make this CVE and all its children as PUBLIC?")) {
+ return
+ }
+ }
+ {% endif %}
postCommitAjaxRequest({
"action" : 'submit-quickedit',
"priority" : priority,
"status" : status,
+ "public" : public,
"note" : note,
"private_note" : private_note,
"tags" : tags,
@@ -301,6 +406,16 @@ Created={{object.srt_created}} Updated={{object.srt_updated}}
"vul_name" : $("#vulnerability_name").val(),
});
});
+ $('.detach-vulnerability').click(function() {
+ var result = confirm("Are you sure you want to detach this Vulnerability?");
+ if (result){
+ postCommitAjaxRequest({
+ "action" : 'submit-detach-vulnerability',
+ "record_id" : $(this).attr('x-data'),
+ });
+ }
+ });
+
$("#submit-delete-cve").click(function(){
var result = confirm("Are you sure you want to permamently delete '{{object.name}}' and all its related records?");
@@ -311,7 +426,64 @@ Created={{object.srt_created}} Updated={{object.srt_updated}}
}
});
+ $('#select-merge-cve').click(function(){
+ if (selected_mergecve) {
+ selected_mergecve=false;
+ $("#details-cve-merge").slideUp();
+ document.getElementById("select-merge-cve").innerText = "Merge CVE";
+ $("#select-merge-cve").removeClass("blueborder");
+ } else {
+ selected_mergecve=true;
+ $("#details-cve-merge").slideDown();
+ document.getElementById("select-merge-cve").innerText = "Close merge CVE";
+ $("#select-merge-cve").addClass("blueborder");
+ document.getElementById("target-cve-name").focus();
+ }
+ });
+ $("#submit-merge-cve").click(function(){
+ postCommitAjaxRequest({
+ "action" : 'submit-merge-cve',
+ "cve_merge_name" : $("#target-cve-name").val(),
+ });
+ });
+ $('#select-adduseraccess').click(function(){
+ if (selected_adduseraccess) {
+ selected_adduseraccess=false;
+ $("#details-adduseraccess").slideUp();
+ } else {
+ selected_adduseraccess=true;
+ $("#details-adduseraccess").slideDown();
+ }
+ });
+
+ $('#submit-adduseraccess').click(function(){
+ var user_list=[];
+ $('input[name="access-users"]').each(function(){
+ if ($(this).is(':checked')) {
+ user_list.push($(this).prop('value'));
+ }
+ });
+ user_list = user_list.join(",");
+ if ("" == user_list) {
+ alert("No users were selected");
+ return;
+ }
+ postCommitAjaxRequest({
+ "action" : 'submit-adduseraccess',
+ "users" : user_list,
+ });
+ });
+
+ $('.trash-useraccess').click(function(){
+ var result = confirm("Are you sure?");
+ if (result){
+ postCommitAjaxRequest({
+ "action" : 'submit-trashuseraccess',
+ "record_id" : $(this).attr('x-data'),
+ });
+ }
+ })
/* Set the report link */
$('#report_link').attr('href',"{% url 'report' request.resolver_match.url_name %}?record_list={{object.id}}");
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-05-04 01:37:36 +0000