diff options
Diffstat (limited to 'lib/srtgui/templates')
22 files changed, 1461 insertions, 147 deletions
diff --git a/lib/srtgui/templates/base.html b/lib/srtgui/templates/base.html index f8b43194..623dfdd8 100644 --- a/lib/srtgui/templates/base.html +++ b/lib/srtgui/templates/base.html @@ -226,9 +226,9 @@ window.onclick = function(event) { <li id="navbar-export"> {% if request.resolver_match.url_name == 'landing' %} - <a href="{% url 'report' request.resolver_match.url_name %}"><i class="glyphicon glyphicon-tasks"></i> Export</a> + <a href="{% url 'report' request.resolver_match.url_name %}" target="_blank"><i class="glyphicon glyphicon-tasks"></i> Export</a> {% else %} - <a id="report_link" href="{% url 'report' request.resolver_match.url_name %}"><i class="glyphicon glyphicon-tasks"></i> Export</a> + <a id="report_link" href="{% url 'report' request.resolver_match.url_name %}" target="_blank"><i class="glyphicon glyphicon-tasks"></i> Export</a> {% endif %} </li> diff --git a/lib/srtgui/templates/basetable_top.html b/lib/srtgui/templates/basetable_top.html index 5a9076d2..ce478c05 100644 --- a/lib/srtgui/templates/basetable_top.html +++ b/lib/srtgui/templates/basetable_top.html @@ -140,7 +140,7 @@ if ( !editColTimer ) { // - // we don't have a timer active so set one up + // we do not have a timer active so set one up // and clear the action list // @@ -173,8 +173,9 @@ <form class="navbar-form navbar-left" id="searchform"> <div class="form-group"> <div class="btn-group"> - <input class="form-control" id="search" name="search" type="text" placeholder="Search {%if object_search_display %}{{object_search_display}}{%else%}{{objectname}}{%endif%}" value="{%if request.GET.search %}{{request.GET.search}}{% endif %}"/> + <input class="form-control" id="search" name="search" type="text" placeholder="Search! {%if object_search_display %}{{object_search_display}}{%else%}{{objectname}}{%endif%}" value="{%if request.GET.search %}{{request.GET.search}}{% endif %}"/> {% if request.GET.search %}<a href="javascript:$('#search').val('');searchform.submit()" tabindex="-1"><span class="remove-search-btn-variables glyphicon glyphicon-remove-circle"></span></a>{%endif%} + <span class="glyphicon glyphicon-question-sign get-help" title="Default is an 'and' search; use 'OR' keyword to 'or' the terms"></span> </div> </div> <input type="hidden" name="orderby" value="{{request.GET.orderby}}"> diff --git a/lib/srtgui/templates/cve.html b/lib/srtgui/templates/cve.html index ecbcf39e..c3cfcac5 100644 --- a/lib/srtgui/templates/cve.html +++ b/lib/srtgui/templates/cve.html @@ -40,6 +40,7 @@ {% else %} <span style="padding-left:30px;"><button id="select-cveedit" class="btn btn-default" type="button">Edit CVE Data ...</button></span> {% endif %} + <span style="padding-left:30px;"><button id="submit-delete-cve" class="btn btn-default" type="button">Delete CVE</button></span> {% endif %} </span> {% if not is_edit %} @@ -106,8 +107,8 @@ </tr> </thead> - {% if cve_list_table.1.0.cve_history.all %} - {% for c in cve_list_table.1.0.cve_history.all %} + {% if object.cve_history.all %} + {% for c in object.cve_history.all %} <tr> <td>{{ c.comment }}</td> <td>{{ c.date }}</td> @@ -123,6 +124,7 @@ </div> <HR ALIGN="center" WIDTH="100%"> +Created={{object.srt_created}} Updated={{object.srt_updated}} <script> var selected_quickedit=false; @@ -149,7 +151,9 @@ } // reload the page with the updated tables - if (('new_name' in data) && ("" != data.new_name)) { + if (('new_name' in data) && (0 == data.new_name.indexOf("url:"))) { + window.location.replace(data.new_name.replace("url:","")); + } else if (('new_name' in data) && ("" != data.new_name)) { var new_url = "{% url 'cve' object.name %}".replace("{{object.name}}",data.new_name); window.location.replace(new_url); } else { @@ -199,18 +203,24 @@ $('#submit-quickedit').click(function(){ var note=$('#text-note').val().trim(); var private_note=$('#text-private-note').val().trim(); + var tags=$('#text-tags').val().trim(); var priority=$('#select-priority-state').val(); var status=$('#select-status-state').val(); var publish_state=$('#select-publish-state').val(); var publish_date=$('#select-publish-date').val(); + var acknowledge_date=$('#text-acknowledge-date').val(); + var affected_components=$('#text-affected-components').val(); postCommitAjaxRequest({ "action" : 'submit-quickedit', "priority" : priority, "status" : status, "note" : note, "private_note" : private_note, + "tags" : tags, "publish_state" : publish_state, "publish_date" : publish_date, + "acknowledge_date" : acknowledge_date, + "affected_components" : affected_components }); }); @@ -292,6 +302,15 @@ }); }); + $("#submit-delete-cve").click(function(){ + var result = confirm("Are you sure you want to permamently delete '{{object.name}}' and all its related records?"); + if (result){ + postCommitAjaxRequest({ + "action" : 'submit-delete-cve' + }); + } + }); + /* Set the report link */ diff --git a/lib/srtgui/templates/cves-select-toastertable.html b/lib/srtgui/templates/cves-select-toastertable.html index 38828359..d29a2b92 100644 --- a/lib/srtgui/templates/cves-select-toastertable.html +++ b/lib/srtgui/templates/cves-select-toastertable.html @@ -1,4 +1,7 @@ {% extends 'base.html' %} +{% load projecttags %} +{% load humanize %} + {% load static %} @@ -29,7 +32,7 @@ /* Define the columns that floats next to each other */ .column1 { float: left; - width: 280px; + width: 380px; padding: 10px; } .column2 { @@ -48,7 +51,7 @@ {% endblock %} -{% block title %} Select CVE's - SRTool {% endblock %} +{% block title %} Select CVEs - SRTool {% endblock %} {% block pagecontent %} @@ -58,8 +61,8 @@ <ul class="breadcrumb" id="breadcrumb"> <li><a href="{% url 'landing' %}">Home</a></li><span class="divider">→</span> <li><a href="{% url 'manage' %}">Management</a></li><span class="divider">→</span> - <li><a href="{% url 'triage_cves' %}">Triage CVE's</a></li><span class="divider">→</span> - <li>Select CVE's</li> + <li><a href="{% url 'triage_cves' %}">Triage CVEs</a></li><span class="divider">→</span> + <li>Select CVEs</li> </ul> </div> </div> @@ -79,17 +82,18 @@ </div> --> - <div id="details-isvulnerable" style="display:none;"> + <div id="details-isvulnerable-investigate" style="display:none;"> <p><p> - <button class="execute" id="submit-isvulnerable"> Submit Vulnerable CVE's </button> + <button class="execute" id="submit-isvulnerable-investigate"> Submit Vulnerable CVEs </button> <div class="row"> <div class="column1"> <p><b><label id="products_count">Optional: Add Vulnerable Products (0):</label></b> - <div id="all-products" class="scrolling" style="width: 250px;"> - {% for product in products %} + <div id="all-products" class="scrolling" style="width: 350px;"> + {% for product in products|dictsort:"order" %} <div class="checkbox"> <label> <input class="checkbox-products" name="{{product.pk}}" type="checkbox">{{product.long_name}} + ({{product.defect_tags|get_strdict_value:"found_version"}}) </label> <p> </div> @@ -100,10 +104,13 @@ <p><b><label id="priority">Set Priority:</label></b> <div id="priority-list" class="scrolling" style="width: 120px;"> <div class="checkbox"> <label> + <input type="radio" name="priority" value="99" type="checkbox" checked="yes"> Auto <span class="glyphicon glyphicon-question-sign get-help" title="CVSSv3, else CVSSv2, else Medium"></span> + </label><p></div> + <div class="checkbox"> <label> <input type="radio" name="priority" value="4" type="checkbox"> High </label><p></div> <div class="checkbox"> <label> - <input type="radio" name="priority" value="3" type="checkbox" checked="yes"> Medium + <input type="radio" name="priority" value="3" type="checkbox"> Medium </label><p></div> <div class="checkbox"> <label> <input type="radio" name="priority" value="2" type="checkbox"> Low @@ -127,11 +134,23 @@ </div> <p><input id="create_defects" type="checkbox"> Create Defect(s) </input> - Reason: <input type="text" id="input-defect-reason" name="defect-reason" size="20" placeholder="(optional)"> (e.g. "Security Advisory [- REASON -] CVE-2020-1234") + Reason: <input type="text" id="input-defect-reason" name="defect-reason" size="20" placeholder="(optional)"> (e.g. Defect summary: "Security Advisory [- REASON -] CVE-2020-1234") <input id="create_notifications" type="checkbox" checked> Create Notifications</input> <p><b><big>Reason: </big></b> <input type="text" id="input-isvulnerable-reason" name="reason" size="40"> <input id="markPublishIs" type="checkbox"> Mark for Publish</input> <input id="markFor" type="checkbox"> Add Keywords to 'For' </input> + <p><b><big>Affected Components: </big></b> + <input type="text" id="input-isvulnerable-components" name="components" size="40"> (e.g. space-separated list of packages, recipes, sub-system list, applications, ) + + <div id="published-date-list"> + <p><i>Acknowledge Date</i> = + <select name="Acknowledge_Date" id="select-acknowledge-date"> + <option value="today" selected>Today</option> + <option value="publish">CVE's original release date</option> + <option value="update">CVE's last revised date</option> + <option value="no_change">No change</option> + </select> + </div> <div id="group_vulnerability" style="border: 1px solid #dddddd; padding: 0 5px; width: 400px; margin-bottom: 10px; margin-top: 0px; " > <div class="checkbox"> <label> @@ -151,15 +170,15 @@ <div id="details-notvulnerable" style="display:none;"> <p><p> - <button class="execute" id="submit-notvulnerable"> Submit Not-vulnerable CVE's </button> - <input id="notship" type="checkbox"> "We do not ship ..." </input> + <button class="execute" id="submit-notvulnerable"> Submit Not-vulnerable CVEs </button> + <input id="notship" type="checkbox"> "{{doesnotimpact_text|safe}}" </input> <p><b><big>Reason: </big></b> <p><input type="text" id="input-notvulnerable-reason" name="reason" size="40"> <input id="markPublishNot" type="checkbox"> Mark for Publish</input> <input id="markAgainst" type="checkbox"> Add Keywords to 'Against' </input> </div> <div id="details-investigate" style="display:none;"> <p><p> - <button class="execute" id="submit-investigate"> Submit Investigation CVE's </button> + <button class="execute" id="submit-investigate"> Submit Investigation CVEs </button> </div> <div id="details-other" style="display:none;"> @@ -251,13 +270,11 @@ } document.getElementById("unselect-these").innerText = "Un-select "+cve_checked_count+" checked"; if (0 == cve_checked_count) { - //$("#submit-isvulnerable").attr("disabled","disabled"); document.getElementById("submit-notvulnerable").disabled = true; - document.getElementById("submit-isvulnerable").disabled = true; + document.getElementById("submit-isvulnerable-investigate").disabled = true; } else { - //$("#submit-isvulnerable").removeAttr("disabled"); document.getElementById("submit-notvulnerable").disabled = false; - document.getElementById("submit-isvulnerable").disabled = false; + document.getElementById("submit-isvulnerable-investigate").disabled = false; } } @@ -282,19 +299,20 @@ $("#select-these").removeAttr("disabled"); $("#unselect-these").removeAttr("disabled"); $("#select-notvulnerable").removeAttr("disabled"); - $("#select-investigate").removeAttr("disabled"); $("#select-other").removeAttr("disabled"); - $("#details-isvulnerable").slideUp(); + $("#details-isvulnerable-investigate").slideUp(); } else { selected_isvulnerable=true; $("#select-these").attr("disabled","disabled"); $("#unselect-these").attr("disabled","disabled"); $("#select-notvulnerable").attr("disabled","disabled"); - $("#select-investigate").attr("disabled","disabled"); $("#select-other").attr("disabled","disabled"); - $("#input-isvulnerable-reason").val($("#search-input-selectcvetable").val()) + /* preset reason/components from search */ + /* $("#input-isvulnerable-reason").val($("#search-input-selectcvetable").val()) */ + /* $("#input-isvulnerable-components").val($("#search-input-selectcvetable").val()) */ update_vulnerable_status(); - $("#details-isvulnerable").slideDown(); + document.getElementById("submit-isvulnerable-investigate").innerText = " Submit Vulnerable CVEs "; + $("#details-isvulnerable-investigate").slideDown(); } }); @@ -330,7 +348,7 @@ $("#select-isvulnerable").removeAttr("disabled"); $("#select-notvulnerable").removeAttr("disabled"); $("#select-other").removeAttr("disabled"); - $("#details-investigate").slideUp(); + $("#details-isvulnerable-investigate").slideUp(); } else { selected_investigate=true; $("#select-these").attr("disabled","disabled"); @@ -339,7 +357,8 @@ $("#select-notvulnerable").attr("disabled","disabled"); $("#select-other").attr("disabled","disabled"); update_vulnerable_status(); - $("#details-investigate").slideDown(); + document.getElementById("submit-isvulnerable-investigate").innerText = " Submit Investigation CVEs "; + $("#details-isvulnerable-investigate").slideDown(); } }); @@ -367,19 +386,19 @@ $('#notship').click(function(){ - not_ship = "We do not ship '"; + not_ship = "{{doesnotimpact_text|safe}}"; var reason = $("#input-notvulnerable-reason").val().trim(); reason = reason.replace(not_ship,''); - if ("'" == reason.slice(-1)) { - reason = reason.slice(0,-1) - } if ($('#notship').is(':checked')) { - reason = not_ship + reason + "'"; + reason = not_ship + reason; } $("#input-notvulnerable-reason").val(reason); }); - $('#submit-isvulnerable').click(function(){ + $('#submit-isvulnerable-investigate').click(function(){ + + /* Disable the button so the we do not get double clicks */ + $("#submit-isvulnerable-investigate").attr("disabled","disabled"); var cve_list=[]; $('#selectcvetable input:checked').each(function(){ @@ -387,7 +406,7 @@ }); cve_list = cve_list.join(","); if ("" == cve_list) { - alert("No CVE's were selected"); + alert("No CVEs were selected"); return; } var product_list=[]; @@ -409,9 +428,15 @@ $('#group_vulnerability input:checked').each(function(){ group_vulnerability = $(this).attr('value'); }); + if (selected_isvulnerable) { + action = 'submit-isvulnerable'; + } else { + action = 'submit-investigate'; + } postCommitAjaxRequest({ - "action" : 'submit-isvulnerable', + "action" : action, "reason" : $("#input-isvulnerable-reason").val(), + "affected_components" : $("#input-isvulnerable-components").val(), "defect_reason" : $("#input-defect-reason").val(), "cves" : cve_list, "products": product_list, @@ -420,6 +445,7 @@ "pub" : $('#markPublishIs').is(':checked') ? "yes" : "no", "for" : $('#markFor').is(':checked') ? "yes" : "no", "mk_d" : $('#create_defects').is(':checked') ? "yes" : "no", + "acknowledge_date" : $('#select-acknowledge-date').val(), "vul_group": group_vulnerability, "vul_name": $("#vulnerability_name").val(), "notify" : $('#create_notifications').is(':checked') ? "yes" : "no", @@ -435,36 +461,20 @@ }); cve_list = cve_list.join(","); if ("" == cve_list) { - alert("No CVE's were selected"); + alert("No CVEs were selected"); return; } + reason = $("#input-notvulnerable-reason").val() + reason = reason.replace(/:$/, ""); postCommitAjaxRequest({ "action" : 'submit-notvulnerable', - "reason" : $("#input-notvulnerable-reason").val(), + "reason" : reason, "cves" : cve_list, "pub" : $('#markPublishNot').is(':checked') ? "yes" : "no", "against" : $('#markAgainst').is(':checked') ? "yes" : "no", }); }); - $('#submit-investigate').click(function(){ - var cve_list=[]; - $('#selectcvetable input').each(function(){ - if ($(this).is(':checked')) { - cve_list.push($(this).prop('name')); - } - }); - cve_list = cve_list.join(","); - if ("" == cve_list) { - alert("No CVE's were selected"); - return; - } - postCommitAjaxRequest({ - "action" : 'submit-investigate', - "cves" : cve_list, - }); - }); - $('#submit-other').click(function(){ var cve_list=[]; $('#selectcvetable input').each(function(){ @@ -474,7 +484,7 @@ }); cve_list = cve_list.join(","); if ("" == cve_list) { - alert("No CVE's were selected"); + alert("No CVEs were selected"); return; } var status=$('#select-status-state').val(); @@ -501,11 +511,11 @@ var titleElt = $("[data-role='page-title']"); tableElt.on("table-done", function (e, total, tableParams) { - var title = "Triage CVE's"; + var title = "Triage CVEs"; if (tableParams.search || tableParams.filter) { if (total === 0) { - title = "No CVE's found"; + title = "No CVEs found"; } else if (total > 0) { title = total + " CVE" + (total > 1 ? "'s" : '') + " found"; diff --git a/lib/srtgui/templates/defect.html b/lib/srtgui/templates/defect.html index aa13b0dd..ed00fd90 100644 --- a/lib/srtgui/templates/defect.html +++ b/lib/srtgui/templates/defect.html @@ -38,14 +38,30 @@ <dt>URL:</dt> <dd><a href="{{object.url}}" id="dataid_{{object.id}}" target="_blank">{{object.url}}</a></dd> - <dt>Priority:</dt> + <dt>Defect Priority:</dt> + <dd>{{object.get_defect_priority_text}}</dd> + + <dt>Defect Status:</dt> + <dd>{{object.get_defect_status_text}}</dd> + + <dt>Defect Resolution:</dt> + <dd>{{object.get_defect_resolution_text}}</dd> + + <dt>Duplicate Of:</dt> + <dd> + {% if object.duplicate_of %} + <a href="{% url 'defect_name' object.duplicate_of %}">{{object.duplicate_of}}</a> (<a href="{{SRTOOL_DEFECT_URLBASE}}/{{object.duplicate_of}}">{{SRTOOL_DEFECT_URLBASE}}/{{object.duplicate_of}}</a>) + {% endif %} + </dd> + + <dt>SRTool Priority:</dt> <dd>{{object.get_priority_text}}</dd> - <dt>Status:</dt> + <dt>SRTool Status:</dt> <dd>{{object.get_status_text}}</dd> - <dt>Resolution:</dt> - <dd>{{object.get_resolution_text}}</dd> + <dt>SRTool Outcome:</dt> + <dd>{{object.get_outcome_text}}</dd> <dt>Publish:</dt> <dd>{{object.publish}}</dd> @@ -74,6 +90,36 @@ </div> </div> +<div class="row" style="padding-left: 25px;"> + <h3>History</h3> + <table class="table table-striped table-condensed" data-testid="vuln-hyperlinks-table"> + <thead> + <tr> + <th>Comment</th> + <th>Date</th> + <th>Author</th> + </tr> + </thead> + {% if object.defect_history.all %} + {% for c in object.defect_history.all %} + <tr> + <td>{{ c.comment }}</td> + <td>{{ c.date }}</td> + <td>{{ c.author }}</td> + </tr> + {% endfor %} + {% else %} + <tr> + <td>No history found</td> + </tr> + {% endif %} + </table> +</div> + +<HR ALIGN="center" WIDTH="100%"> +Updated={{object.srt_updated}} + + <!-- Javascript support --> <script> diff --git a/lib/srtgui/templates/detail_search_header.html b/lib/srtgui/templates/detail_search_header.html index 7a986590..6c61996a 100644 --- a/lib/srtgui/templates/detail_search_header.html +++ b/lib/srtgui/templates/detail_search_header.html @@ -30,12 +30,13 @@ $(document).ready(function() { <div class="form-group"> <div class="btn-group"> - <input id="search" class="form-control" type="text" placeholder="Search {{search_what}}" name="search" value="{% if request.GET.search %}{{request.GET.search}}{% endif %}"> + <input id="search" class="form-control" type="text" placeholder="@Search {{search_what}}" name="search" value="{% if request.GET.search %}{{request.GET.search}}{% endif %}"> <input type="hidden" value="name:+" name="orderby"> <input type="hidden" value="l" name="page"> {% if request.GET.search %} <span class="remove-search-btn-detail-search search-clear glyphicon glyphicon-remove-circle"></span> {% endif %} + <span class="glyphicon glyphicon-question-sign get-help" title="Default is an 'and' search; use 'OR' keyword to 'or' the terms"></span> </div> </div> <button type="submit" class="btn btn-default">Search</button> diff --git a/lib/srtgui/templates/history-cve-toastertable.html b/lib/srtgui/templates/history-cve-toastertable.html new file mode 100755 index 00000000..78319466 --- /dev/null +++ b/lib/srtgui/templates/history-cve-toastertable.html @@ -0,0 +1,73 @@ +{% extends 'base.html' %} +{% load static %} + +{% block extraheadcontent %} + <link rel="stylesheet" href="{% static 'css/jquery-ui.min.css' %}" type='text/css'> + <link rel="stylesheet" href="{% static 'css/jquery-ui.structure.min.css' %}" type='text/css'> + <link rel="stylesheet" href="{% static 'css/jquery-ui.theme.min.css' %}" type='text/css'> + <script src="{% static 'js/jquery-ui.min.js' %}"> + </script> +{% endblock %} + +{% block title %} CVE Histories - SRTool {% endblock %} + +{% block pagecontent %} + +<div class="row"> + <!-- Breadcrumbs --> + <div class="col-md-12"> + <ul class="breadcrumb" id="breadcrumb"> + <li><a href="{% url 'landing' %}">Home</a></li><span class="divider">→</span> + <li><a href="{% url 'manage' %}">Management</a></li><span class="divider">→</span> + <li><a href="{% url 'maintenance' %}">Maintenance</a></li><span class="divider">→</span> + <li>History CVE</li> + </ul> + </div> +</div> + + +<div class="row"> + <div class="col-md-12"> + <div class="page-header"> + <h1 class="top-air" data-role="page-title"></h1> + </div> + + {# xhr_table_url is just the current url so leave it blank #} + {% url '' as xhr_table_url %} + {% include 'toastertable.html' %} + </div> +</div> + + <script> + $(document).ready(function () { + var tableElt = $("#{{table_name}}"); + var titleElt = $("[data-role='page-title']"); + + tableElt.on("table-done", function (e, total, tableParams) { + var title = "History CVE"; + + if (tableParams.search || tableParams.filter) { + if (total === 0) { + title = "No History CVE found"; + } + else if (total > 0) { + title = total + " History CVE" + (total > 1 ? 's' : '') + " found"; + } + } + + titleElt.text(title); + + /* Set the report link */ + var record_list="" + $(".data > span").each(function(){ + var this_id=$(this).prop('id'); + if (this_id.startsWith("dataid_")) { + record_list +=this_id.replace(/dataid_/,"") + ","; + } + }); + $('#report_link').attr('href',"{% url 'report' request.resolver_match.url_name %}?record_list="+record_list); + + }); + }); + </script> +{% endblock %} diff --git a/lib/srtgui/templates/history-defect-toastertable.html b/lib/srtgui/templates/history-defect-toastertable.html new file mode 100755 index 00000000..63e9ea4d --- /dev/null +++ b/lib/srtgui/templates/history-defect-toastertable.html @@ -0,0 +1,73 @@ +{% extends 'base.html' %} +{% load static %} + +{% block extraheadcontent %} + <link rel="stylesheet" href="{% static 'css/jquery-ui.min.css' %}" type='text/css'> + <link rel="stylesheet" href="{% static 'css/jquery-ui.structure.min.css' %}" type='text/css'> + <link rel="stylesheet" href="{% static 'css/jquery-ui.theme.min.css' %}" type='text/css'> + <script src="{% static 'js/jquery-ui.min.js' %}"> + </script> +{% endblock %} + +{% block title %} Defect Histories - SRTool {% endblock %} + +{% block pagecontent %} + +<div class="row"> + <!-- Breadcrumbs --> + <div class="col-md-12"> + <ul class="breadcrumb" id="breadcrumb"> + <li><a href="{% url 'landing' %}">Home</a></li><span class="divider">→</span> + <li><a href="{% url 'manage' %}">Management</a></li><span class="divider">→</span> + <li><a href="{% url 'maintenance' %}">Maintenance</a></li><span class="divider">→</span> + <li>History Defect</li> + </ul> + </div> +</div> + + +<div class="row"> + <div class="col-md-12"> + <div class="page-header"> + <h1 class="top-air" data-role="page-title"></h1> + </div> + + {# xhr_table_url is just the current url so leave it blank #} + {% url '' as xhr_table_url %} + {% include 'toastertable.html' %} + </div> +</div> + + <script> + $(document).ready(function () { + var tableElt = $("#{{table_name}}"); + var titleElt = $("[data-role='page-title']"); + + tableElt.on("table-done", function (e, total, tableParams) { + var title = "History Defect"; + + if (tableParams.search || tableParams.filter) { + if (total === 0) { + title = "No History Defect found"; + } + else if (total > 0) { + title = total + " History Defect" + (total > 1 ? 's' : '') + " found"; + } + } + + titleElt.text(title); + + /* Set the report link */ + var record_list="" + $(".data > span").each(function(){ + var this_id=$(this).prop('id'); + if (this_id.startsWith("dataid_")) { + record_list +=this_id.replace(/dataid_/,"") + ","; + } + }); + $('#report_link').attr('href',"{% url 'report' request.resolver_match.url_name %}?record_list="+record_list); + + }); + }); + </script> +{% endblock %} diff --git a/lib/srtgui/templates/history-investigation-toastertable.html b/lib/srtgui/templates/history-investigation-toastertable.html new file mode 100755 index 00000000..bde11ec7 --- /dev/null +++ b/lib/srtgui/templates/history-investigation-toastertable.html @@ -0,0 +1,73 @@ +{% extends 'base.html' %} +{% load static %} + +{% block extraheadcontent %} + <link rel="stylesheet" href="{% static 'css/jquery-ui.min.css' %}" type='text/css'> + <link rel="stylesheet" href="{% static 'css/jquery-ui.structure.min.css' %}" type='text/css'> + <link rel="stylesheet" href="{% static 'css/jquery-ui.theme.min.css' %}" type='text/css'> + <script src="{% static 'js/jquery-ui.min.js' %}"> + </script> +{% endblock %} + +{% block title %} Investigation Histories - SRTool {% endblock %} + +{% block pagecontent %} + +<div class="row"> + <!-- Breadcrumbs --> + <div class="col-md-12"> + <ul class="breadcrumb" id="breadcrumb"> + <li><a href="{% url 'landing' %}">Home</a></li><span class="divider">→</span> + <li><a href="{% url 'manage' %}">Management</a></li><span class="divider">→</span> + <li><a href="{% url 'maintenance' %}">Maintenance</a></li><span class="divider">→</span> + <li>History Investigation</li> + </ul> + </div> +</div> + + +<div class="row"> + <div class="col-md-12"> + <div class="page-header"> + <h1 class="top-air" data-role="page-title"></h1> + </div> + + {# xhr_table_url is just the current url so leave it blank #} + {% url '' as xhr_table_url %} + {% include 'toastertable.html' %} + </div> +</div> + + <script> + $(document).ready(function () { + var tableElt = $("#{{table_name}}"); + var titleElt = $("[data-role='page-title']"); + + tableElt.on("table-done", function (e, total, tableParams) { + var title = "History Investigation"; + + if (tableParams.search || tableParams.filter) { + if (total === 0) { + title = "No History Investigation found"; + } + else if (total > 0) { + title = total + " History Investigation" + (total > 1 ? 's' : '') + " found"; + } + } + + titleElt.text(title); + + /* Set the report link */ + var record_list="" + $(".data > span").each(function(){ + var this_id=$(this).prop('id'); + if (this_id.startsWith("dataid_")) { + record_list +=this_id.replace(/dataid_/,"") + ","; + } + }); + $('#report_link').attr('href',"{% url 'report' request.resolver_match.url_name %}?record_list="+record_list); + + }); + }); + </script> +{% endblock %} diff --git a/lib/srtgui/templates/history-vulnerability-toastertable.html b/lib/srtgui/templates/history-vulnerability-toastertable.html new file mode 100755 index 00000000..bc3b7881 --- /dev/null +++ b/lib/srtgui/templates/history-vulnerability-toastertable.html @@ -0,0 +1,73 @@ +{% extends 'base.html' %} +{% load static %} + +{% block extraheadcontent %} + <link rel="stylesheet" href="{% static 'css/jquery-ui.min.css' %}" type='text/css'> + <link rel="stylesheet" href="{% static 'css/jquery-ui.structure.min.css' %}" type='text/css'> + <link rel="stylesheet" href="{% static 'css/jquery-ui.theme.min.css' %}" type='text/css'> + <script src="{% static 'js/jquery-ui.min.js' %}"> + </script> +{% endblock %} + +{% block title %} Vulnerability Histories - SRTool {% endblock %} + +{% block pagecontent %} + +<div class="row"> + <!-- Breadcrumbs --> + <div class="col-md-12"> + <ul class="breadcrumb" id="breadcrumb"> + <li><a href="{% url 'landing' %}">Home</a></li><span class="divider">→</span> + <li><a href="{% url 'manage' %}">Management</a></li><span class="divider">→</span> + <li><a href="{% url 'maintenance' %}">Maintenance</a></li><span class="divider">→</span> + <li>History Vulnerability</li> + </ul> + </div> +</div> + + +<div class="row"> + <div class="col-md-12"> + <div class="page-header"> + <h1 class="top-air" data-role="page-title"></h1> + </div> + + {# xhr_table_url is just the current url so leave it blank #} + {% url '' as xhr_table_url %} + {% include 'toastertable.html' %} + </div> +</div> + + <script> + $(document).ready(function () { + var tableElt = $("#{{table_name}}"); + var titleElt = $("[data-role='page-title']"); + + tableElt.on("table-done", function (e, total, tableParams) { + var title = "History Vulnerability"; + + if (tableParams.search || tableParams.filter) { + if (total === 0) { + title = "No History Vulnerability found"; + } + else if (total > 0) { + title = total + " History Vulnerabilit" + (total > 1 ? 'ies' : 'y') + " found"; + } + } + + titleElt.text(title); + + /* Set the report link */ + var record_list="" + $(".data > span").each(function(){ + var this_id=$(this).prop('id'); + if (this_id.startsWith("dataid_")) { + record_list +=this_id.replace(/dataid_/,"") + ","; + } + }); + $('#report_link').attr('href',"{% url 'report' request.resolver_match.url_name %}?record_list="+record_list); + + }); + }); + </script> +{% endblock %} diff --git a/lib/srtgui/templates/investigation.html b/lib/srtgui/templates/investigation.html index b662c5e1..f934d052 100644 --- a/lib/srtgui/templates/investigation.html +++ b/lib/srtgui/templates/investigation.html @@ -110,13 +110,16 @@ <p><b><label id="priority">Set Priority:</label></b> <div id="priority-list" class="scrolling" style="width: 120px;"> <div class="checkbox"> <label> - <input type="radio" name="priority" value="4" type="checkbox"> High + <input type="radio" name="priority" value="4" type="checkbox"> P1 </label><p></div> <div class="checkbox"> <label> - <input type="radio" name="priority" value="3" type="checkbox" checked="yes"> Medium + <input type="radio" name="priority" value="3" type="checkbox" checked="yes"> P2 </label><p></div> <div class="checkbox"> <label> - <input type="radio" name="priority" value="2" type="checkbox"> Low + <input type="radio" name="priority" value="2" type="checkbox"> P3 + </label><p></div> + <div class="checkbox"> <label> + <input type="radio" name="priority" value="1" type="checkbox"> P4 </label><p></div> </div> </div> @@ -135,8 +138,14 @@ </div> </div> </div> - Reason: <input type="text" id="input-defect-reason" name="defect-reason" size="20" placeholder="(optional)"> (e.g. "Security Advisory [- REASON -] CVE-2020-1234") + Defect Reason: <input type="text" id="input-defect-reason" name="defect-reason" size="20" placeholder="(optional)"> (e.g. "Security Advisory [- REASON -] CVE-2020-1234") + <p><p> + <b><big>Affected Components: </big></b> + <input type="text" id="input-affected-components" name="components" size="40" value="{{affected_components}}"> (e.g. space-separated list of packages, recipes, sub-system list, applications, ) <p><p> + Found Version: {{found_version}} + <p><p> + </div> </div> @@ -163,7 +172,7 @@ <td>{{ id.defect.summary }}</td> <td>{{ id.defect.get_priority_text }}</td> <td>{{ id.defect.get_status_text }}</td> - <td>{{ id.defect.get_resolution_text }}</td> + <td>{{ id.defect.get_defect_resolution_text }}</td> <td>{{ id.defect.release_version }}</td> <td><a href="{{id.defect.url}}" id="dataid_{{id.defect.id}}" target="_blank">{{id.defect.url}}</a></td> {% if request.user.is_creator %} @@ -268,10 +277,10 @@ <td>{{ u.author }}</td> <td> <span id="attachment_entry_'+{{u.id}}+'" class="js-config-var-name"></span> - <form id="downloadbanner" enctype="multipart/form-data" method="post" >{% csrf_token %} + <form id="downloadbanner-{{forloop.counter}}" enctype="multipart/form-data" method="post" >{% csrf_token %} <input type="hidden" id="action" name="action" value="download"> <input type="hidden" id="record_id" name="record_id" value={{u.id}}> - <span class="glyphicon glyphicon-download-alt submit-downloadattachment" id="attachment_download_'+{{u.id}}+'" x-data="{{u.id}}"></span> + <span class="glyphicon glyphicon-download-alt submit-downloadattachment" id="attachment_download_'+{{u.id}}+'" x-data="{{forloop.counter}}"></span> {% if request.user.is_creator %} <span class="glyphicon glyphicon-trash trash-attachment" id="attachment_trash_'+{{u.id}}+'" x-data="{{u.id}}"></span> {% endif %} @@ -442,6 +451,9 @@ </table> </div> +<HR ALIGN="center" WIDTH="100%"> +Created={{object.srt_created}} Updated={{object.srt_updated}} + <script> var selected_newcomment=false; var selected_addusernotify=false; @@ -539,6 +551,7 @@ postCommitAjaxRequest({ "action" : 'submit-createdefect', "defect_reason" : $("#input-defect-reason").val(), + "affected_components" : $("#input-affected-components").val(), "components": component_list, "priority": priority, }); @@ -614,8 +627,8 @@ } }); - $('.submit-downloadattachment').click(function() { - $("#downloadbanner").submit(); + $('.submit-downloadattac hment').click(function() { + $("#downloadbanner-"+this.getAttribute("x-data")).submit(); }); $('.trash-attachment').click(function() { @@ -728,16 +741,18 @@ $('#submit-quickedit').click(function(){ var note=$('#text-note').val().trim() var private_note=$('#text-private-note').val().trim() + var tags=$('#text-tags').val().trim(); var priority=$('#select-priority-state').val(); var status=$('#select-status-state').val(); var outcome=$('#select-outcome-state').val(); postCommitAjaxRequest({ - "action" : 'submit-quickedit', - "note" : note, - "private_note" : private_note, - "status" : status, - "outcome" : outcome, - "priority" : priority, + "action" : 'submit-quickedit', + "priority" : priority, + "status" : status, + "note" : note, + "private_note" : private_note, + "tags" : tags, + "outcome" : outcome, }); }); diff --git a/lib/srtgui/templates/maintenance.html b/lib/srtgui/templates/maintenance.html new file mode 100755 index 00000000..63c60f33 --- /dev/null +++ b/lib/srtgui/templates/maintenance.html @@ -0,0 +1,78 @@ +{% extends "base.html" %} + +{% load static %} +{% load projecttags %} +{% load humanize %} + +{% block title %} Maintenance tools {% endblock %} +{% block pagecontent %} + <div class="row"> + <div class="col-md-7" style="padding-left: 50px;"> + <h1>Maintenance</h1> + </div> + </div> + <div class="row"> + <div class="jumbotron well-transparent"> + + <div class="col-md-6"> + <div> + <table class="table table-striped table-condensed" data-testid="landing-hyperlinks-table"> + <thead> + <tr> + <th>Action</th> + <th>Description</th> + </tr> + </thead> + + <tr> + <td><a class="btn btn-info btn-lg" href="{% url 'history_cve' %}">History CVE</a></td> + <td>Examine History for CVEs</td> + </tr> + <tr> + <td><a class="btn btn-info btn-lg" href="{% url 'history_vulnerability' %}">History Vulnerabilities</a></td> + <td>Examine History for Vulnerabilities</td> + </tr> + <tr> + <td><a class="btn btn-info btn-lg" href="{% url 'history_investigation' %}">History Investigations</a></td> + <td>Examine History for Investigations</td> + </tr> + <tr> + <td><a class="btn btn-info btn-lg" href="{% url 'history_defect' %}">History Defects</a></td> + <td>Examine History for Defects</td> + </tr> + + </table> + </div> + + </div> + + <div class="col-md-5"> + <b>Quick Info</b> + <div class="well"> + <dl class="dl-horizontal"> + + <dt>CVE History: Total Count =</dt> + <dd> + {{history_cve_total}} + </dd> + <dt>Vulnerability History: Total Count =</dt> + <dd> + {{history_vulnerability_total}} + </dd> + <dt>Investigation: Total Count =</dt> + <dd> + {{history_investigation_total}} + </dd> + <dt>Defect: Total Count =</dt> + <dd> + {{defect_investigation_total}} + </dd> + + </dl> + </div> + </div> + + </div> + </div> + +{% endblock %} diff --git a/lib/srtgui/templates/management.html b/lib/srtgui/templates/management.html index fe40ecb3..9b1e6456 100644 --- a/lib/srtgui/templates/management.html +++ b/lib/srtgui/templates/management.html @@ -40,8 +40,8 @@ </tr> <tr> - <td><a class="btn btn-info btn-lg" href="{% url 'publish' %}">Publish Request</a></td> - <td>Process the items that are ready to be published from SRTool</td> + <td><a class="btn btn-info btn-lg" href="{% url 'publish' %}">Publish Reports</a></td> + <td>Process items to be published from the SRTool</td> </tr> {% if request.user.is_admin %} @@ -54,6 +54,11 @@ <td><a class="btn btn-info btn-lg" href="{% url 'sources' %}?nocache=1">Manage Sources</a></td> <td>Manage source list, perform manual pulls</td> </tr> + + <tr> + <td><a class="btn btn-info btn-lg" href="{% url 'maintenance' %}?nocache=1">Maintenance</a></td> + <td>Maintenance utilities</td> + </tr> {% endif %} </table> @@ -75,15 +80,15 @@ </dd> <dt>Investigate =</dt> <dd> - <a href="{% url 'cves' %}?limit=25&page=1&orderby=name&filter=is_status:new&default_orderby=name&filter_value=on&"> {{cve_investigate}} </a> + <a href="{% url 'cves' %}?limit=25&page=1&orderby=name&filter=is_status:investigate&default_orderby=name&filter_value=on&"> {{cve_investigate}} </a> </dd> <dt>Vulnerable =</dt> <dd> - <a href="{% url 'cves' %}?limit=25&page=1&orderby=name&filter=is_status:new&default_orderby=name&filter_value=on&"> {{cve_vulnerable}} </a> + <a href="{% url 'cves' %}?limit=25&page=1&orderby=name&filter=is_status:vulnerable&default_orderby=name&filter_value=on&"> {{cve_vulnerable}} </a> </dd> <dt>Not Vulnerable =</dt> <dd> - <a href="{% url 'cves' %}?limit=25&page=1&orderby=name&filter=is_status:new&default_orderby=name&filter_value=on&"> {{cve_not_vulnerable}} </a> + <a href="{% url 'cves' %}?limit=25&page=1&orderby=name&filter=is_status:not_vulnerable&default_orderby=name&filter_value=on&"> {{cve_not_vulnerable}} </a> </dd> <dt>Vulnerabilities: Total Count =</dt> <dd> @@ -93,17 +98,17 @@ <dd> <a href="{% url 'vulnerabilities' %}?limit=25&page=1&orderby=name&filter=is_outcome:open&default_orderby=name&filter_value=on&"> {{vulnerability_open}} </a> </dd> - <dt>High active =</dt> + <dt>Critical active =</dt> <dd> - <a href="{% url 'vulnerabilities' %}?limit=25&page=1&orderby=name&filter=is_severity:high&default_orderby=name&filter_value=on&" %}> {{vulnerability_high}} </a> + <a href="{% url 'vulnerabilities' %}?limit=25&page=1&orderby=name&filter=is_priority:critical&default_orderby=name&filter_value=on&" %}> {{vulnerability_critical}} </a> </dd> - <dt>Medium active =</dt> + <dt>High active =</dt> <dd> - <a href="{% url 'vulnerabilities' %}?limit=25&page=1&orderby=name&filter=is_severity:medium&default_orderby=name&filter_value=on&" %}> {{vulnerability_medium}} </a> + <a href="{% url 'vulnerabilities' %}?limit=25&page=1&orderby=name&filter=is_priority:high&default_orderby=name&filter_value=on&" %}> {{vulnerability_high}} </a> </dd> - <dt>Low active =</dt> + <dt>Medium active =</dt> <dd> - <a href="{% url 'vulnerabilities' %}?limit=25&page=1&orderby=name&filter=is_severity:low&default_orderby=name&filter_value=on&" %}> {{vulnerability_low}} </a> + <a href="{% url 'vulnerabilities' %}?limit=25&page=1&orderby=name&filter=is_priority:medium&default_orderby=name&filter_value=on&" %}> {{vulnerability_medium}} </a> </dd> <dt>Investigations: Total Count =</dt> @@ -114,17 +119,17 @@ <dd> <a href="{% url 'investigations' %}?limit=25&page=1&orderby=name&filter=is_outcome:open&default_orderby=name&filter_value=on&" %}> {{investigation_open}} </a> </dd> - <dt>High active =</dt> + <dt>Critical active =</dt> <dd> - <a href="{% url 'investigations' %}?limit=25&page=1&orderby=name&filter=is_severity:high&default_orderby=name&filter_value=on&" %}> {{investigation_high}} </a> + <a href="{% url 'investigations' %}?limit=25&page=1&orderby=name&filter=is_priority:critical&default_orderby=name&filter_value=on&" %}> {{investigation_critical}} </a> </dd> - <dt>Medium active =</dt> + <dt>High active =</dt> <dd> - <a href="{% url 'investigations' %}?limit=25&page=1&orderby=name&filter=is_severity:medium&default_orderby=name&filter_value=on&" %}> {{investigation_medium}} </a> + <a href="{% url 'investigations' %}?limit=25&page=1&orderby=name&filter=is_priority:high&default_orderby=name&filter_value=on&" %}> {{investigation_high}} </a> </dd> - <dt>Low active =</dt> + <dt>Medium active =</dt> <dd> - <a href="{% url 'investigations' %}?limit=25&page=1&orderby=name&filter=is_severity:low&default_orderby=name&filter_value=on&" %}> {{investigation_low}} </a> + <a href="{% url 'investigations' %}?limit=25&page=1&orderby=name&filter=is_priority:medium&default_orderby=name&filter_value=on&" %}> {{investigation_medium}} </a> </dd> <dt>Defects: Total Count =</dt> @@ -133,19 +138,19 @@ </dd> <dt>Open =</dt> <dd> - <a href="{% url 'defects' %}?limit=25&page=1&orderby=-priority&filter=is_status:open&default_orderby=name&filter_value=on&" %}> {{defect_open}} </a> + <a href="{% url 'defects' %}?limit=25&page=1&orderby=-priority&filter=is_srt_outcome:open&default_orderby=name&filter_value=on&" %}> {{defect_open}} </a> </dd> <dt>InProgress =</dt> <dd> - <a href="{% url 'defects' %}?limit=25&page=1&orderby=-priority&filter=is_status:in_progress&default_orderby=name&filter_value=on&" %}> {{defect_inprogress}} </a> + <a href="{% url 'defects' %}?limit=25&page=1&orderby=-priority&filter=is_defect_status:in_progress&default_orderby=name&filter_value=on&" %}> {{defect_inprogress}} </a> </dd> <dt>P1 active =</dt> <dd> - <a href="{% url 'defects' %}?limit=25&page=1&orderby=-priority&filter=is_status:in_progress&default_orderby=name&filter_value=on&" %}> {{defect_p1}} </a> + <a href="{% url 'defects' %}?limit=25&page=1&orderby=-priority&filter=is_defect_priority:critical&default_orderby=name&filter_value=on&" %}> {{defect_p1}} </a> </dd> <dt>P2 active =</dt> <dd> - <a href="{% url 'defects' %}?limit=25&page=1&orderby=-priority&filter=is_status:in_progress&default_orderby=name&filter_value=on&" %}> {{defect_p2}} </a> + <a href="{% url 'defects' %}?limit=25&page=1&orderby=-priority&filter=is_defect_priority:high&default_orderby=name&filter_value=on&" %}> {{defect_p2}} </a> </dd> <dt>Packages: Affected=</dt> diff --git a/lib/srtgui/templates/notifications-toastertable.html b/lib/srtgui/templates/notifications-toastertable.html index dde76482..c9e572df 100755 --- a/lib/srtgui/templates/notifications-toastertable.html +++ b/lib/srtgui/templates/notifications-toastertable.html @@ -19,7 +19,7 @@ <ul class="breadcrumb" id="breadcrumb"> <li><a href="{% url 'landing' %}">Home</a></li><span class="divider">→</span> <li><a href="{% url 'manage' %}">Management</a></li><span class="divider">→</span> - <li>Pending To-do Notifications</li> + <li>Pending Notifications</li> </ul> </div> </div> diff --git a/lib/srtgui/templates/publish-cve-toastertable.html b/lib/srtgui/templates/publish-cve-toastertable.html new file mode 100755 index 00000000..c46128cc --- /dev/null +++ b/lib/srtgui/templates/publish-cve-toastertable.html @@ -0,0 +1,162 @@ +{% extends 'base.html' %} +{% load static %} + +{% block extraheadcontent %} + <link rel="stylesheet" href="{% static 'css/jquery-ui.min.css' %}" type='text/css'> + <link rel="stylesheet" href="{% static 'css/jquery-ui.structure.min.css' %}" type='text/css'> + <link rel="stylesheet" href="{% static 'css/jquery-ui.theme.min.css' %}" type='text/css'> + <script src="{% static 'js/jquery-ui.min.js' %}"> + </script> +{% endblock %} + +{% block title %} Publish Table via CVEs {% endblock %} + +{% block pagecontent %} + +<div class="row"> + <!-- Breadcrumbs --> + <div class="col-md-12"> + <ul class="breadcrumb" id="breadcrumb"> + <li><a href="{% url 'landing' %}">Home</a></li><span class="divider">→</span> + <li><a href="{% url 'manage' %}">Management</a></li><span class="divider">→</span> + <li><a href="{% url 'publish' %}">Publish</a></li><span class="divider">→</span> + <li>Publish Table via CVEs</li> + </ul> + </div> +</div> + +<div > <!--class="form-inline" --> + <b><big>Actions: </big></b> + <button id="mark-new" class="btn btn-default" type="button">Mark New</button> + <button id="mark-modified" class="btn btn-default" type="button">Mark Updated</button> + <button id="unmark" class="btn btn-default" type="button">Unmark</button> +</div> + +<div class="row"> + <div class="col-md-12"> + <div class="page-header"> + <h1 class="top-air" data-role="page-title"></h1> + </div> + + {# xhr_table_url is just the current url so leave it blank #} + {% url '' as xhr_table_url %} + {% include 'toastertable.html' %} + </div> +</div> + + <!-- Javascript support --> + <script> + var selected_notifyedit=false; + + $(document).ready(function () { + var tableElt = $("#{{table_name}}"); + var titleElt = $("[data-role='page-title']"); + + tableElt.on("table-done", function (e, total, tableParams) { + var title = "Publish Table via CVEs"; + + if (tableParams.search || tableParams.filter) { + if (total === 0) { + title = "Publish CVEs found"; + } + else if (total > 0) { + title = total + " Publish CVE" + (total > 1 ? 's' : '') + " found"; + } + } + + titleElt.text(title); + }); + + function onCommitAjaxSuccess(data, textstatus) { + if (window.console && window.console.log) { + console.log("XHR returned:", data, "(" + textstatus + ")"); + } else { + alert("NO CONSOLE:\n"); + return; + } + if (data.error != "ok") { + alert("error on request:\n" + data.error); + return; + } else if (('results_msg' in data) && ("" != data.results_msg)) { + alert("Results: " + data.results_msg); + } + // reload the page with the updated tables + location.reload(true); + } + + function onCommitAjaxError(jqXHR, textstatus, error) { + console.log("ERROR:"+error+"|"+textstatus); + alert("XHR errored1:\n" + error + "\n(" + textstatus + ")"); + } + + /* ensure cookie exists {% csrf_token %} */ + function postCommitAjaxRequest(reqdata) { + var ajax = $.ajax({ + type:"POST", + data: reqdata, + url:"{% url 'xhr_publish'%}", + headers: { 'X-CSRFToken': $.cookie("csrftoken")}, + success: onCommitAjaxSuccess, + error: onCommitAjaxError, + }) + } + + $('#mark-new').click(function(){ + var cve_list=[]; + $('#publishcvetable input').each(function(){ + if ($(this).is(':checked')) { + cve_list.push($(this).prop('name')); + } + }); + cve_list = cve_list.join(","); + if ("" == cve_list) { + alert("No CVE's were selected"); + return; + } + postCommitAjaxRequest({ + "action" : 'mark-new', + "cves" : cve_list, + }); + }); + + $('#mark-modified').click(function(){ + var cve_list=[]; + $('#publishcvetable input').each(function(){ + if ($(this).is(':checked')) { + cve_list.push($(this).prop('name')); + } + }); + cve_list = cve_list.join(","); + if ("" == cve_list) { + alert("No CVE's were selected"); + return; + } + postCommitAjaxRequest({ + "action" : 'mark-modified', + "cves" : cve_list, + }); + }); + + $('#unmark').click(function(){ + var cve_list=[]; + $('#publishcvetable input').each(function(){ + if ($(this).is(':checked')) { + cve_list.push($(this).prop('name')); + } + }); + cve_list = cve_list.join(","); + if ("" == cve_list) { + alert("No CVE's were selected"); + return; + } + postCommitAjaxRequest({ + "action" : 'unmark', + "cves" : cve_list, + }); + }); + + + }); <!-- $(document).ready() --> + + </script> +{% endblock %} diff --git a/lib/srtgui/templates/publish-defect-toastertable.html b/lib/srtgui/templates/publish-defect-toastertable.html new file mode 100755 index 00000000..c31e3b6a --- /dev/null +++ b/lib/srtgui/templates/publish-defect-toastertable.html @@ -0,0 +1,168 @@ +{% extends 'base.html' %} +{% load static %} + +{% block extraheadcontent %} + <link rel="stylesheet" href="{% static 'css/jquery-ui.min.css' %}" type='text/css'> + <link rel="stylesheet" href="{% static 'css/jquery-ui.structure.min.css' %}" type='text/css'> + <link rel="stylesheet" href="{% static 'css/jquery-ui.theme.min.css' %}" type='text/css'> + <script src="{% static 'js/jquery-ui.min.js' %}"> + </script> +{% endblock %} + +{% block title %} Publish Table via Defects {% endblock %} + +{% block pagecontent %} + +<div class="row"> + <!-- Breadcrumbs --> + <div class="col-md-12"> + <ul class="breadcrumb" id="breadcrumb"> + <li><a href="{% url 'landing' %}">Home</a></li><span class="divider">→</span> + <li><a href="{% url 'manage' %}">Management</a></li><span class="divider">→</span> + <li><a href="{% url 'publish' %}">Publish</a></li><span class="divider">→</span> + <li>Publish Table via Defects</li> + </ul> + </div> +</div> + +<div > <!--class="form-inline" --> + <b><big>Actions: </big></b> + <button id="mark-new" class="btn btn-default" type="button">Mark New</button> + <button id="mark-modified" class="btn btn-default" type="button">Mark Updated</button> + <button id="unmark" class="btn btn-default" type="button">Unmark</button> +</div> + +<div class="row"> + <div class="col-md-12"> + <div class="page-header"> + <h1 class="top-air" data-role="page-title"></h1> + </div> + + {# xhr_table_url is just the current url so leave it blank #} + {% url '' as xhr_table_url %} + {% include 'toastertable.html' %} + </div> +</div> + +<div id="table-loading"> +<h3><font color="blue">[ Table Loading... ]</font></h3> +</div> + + <!-- Javascript support --> + <script> + var selected_notifyedit=false; + + $(document).ready(function () { + var tableElt = $("#{{table_name}}"); + var titleElt = $("[data-role='page-title']"); + + $("#table-loading").slideDown(); + tableElt.on("table-done", function (e, total, tableParams) { + var title = "Publish Table via Defects"; + + if (tableParams.search || tableParams.filter) { + if (total === 0) { + title = "Publish CVEs found"; + } + else if (total > 0) { + title = total + " Publish CVEs via Defect" + (total > 1 ? 's' : '') + " found"; + } + } + + titleElt.text(title); + $("#table-loading").slideUp(); + }); + + function onCommitAjaxSuccess(data, textstatus) { + if (window.console && window.console.log) { + console.log("XHR returned:", data, "(" + textstatus + ")"); + } else { + alert("NO CONSOLE:\n"); + return; + } + if (data.error != "ok") { + alert("error on request:\n" + data.error); + return; + } else if (('results_msg' in data) && ("" != data.results_msg)) { + alert("Results: " + data.results_msg); + } + // reload the page with the updated tables + location.reload(true); + } + + function onCommitAjaxError(jqXHR, textstatus, error) { + console.log("ERROR:"+error+"|"+textstatus); + alert("XHR errored1:\n" + error + "\n(" + textstatus + ")"); + } + + /* ensure cookie exists {% csrf_token %} */ + function postCommitAjaxRequest(reqdata) { + var ajax = $.ajax({ + type:"POST", + data: reqdata, + url:"{% url 'xhr_publish'%}", + headers: { 'X-CSRFToken': $.cookie("csrftoken")}, + success: onCommitAjaxSuccess, + error: onCommitAjaxError, + }) + } + + $('#mark-new').click(function(){ + var defect_list=[]; + $('#publishdefecttable input').each(function(){ + if ($(this).is(':checked')) { + defect_list.push($(this).prop('name')); + } + }); + defect_list = defect_list.join(","); + if ("" == defect_list) { + alert("No Defects were selected"); + return; + } + postCommitAjaxRequest({ + "action" : 'mark-new', + "defects" : defect_list, + }); + }); + + $('#mark-modified').click(function(){ + var defect_list=[]; + $('#publishdefecttable input').each(function(){ + if ($(this).is(':checked')) { + defect_list.push($(this).prop('name')); + } + }); + defect_list = defect_list.join(","); + if ("" == defect_list) { + alert("No Defects were selected"); + return; + } + postCommitAjaxRequest({ + "action" : 'mark-modified', + "defects" : defect_list, + }); + }); + + $('#unmark').click(function(){ + var defect_list=[]; + $('#publishdefecttable input').each(function(){ + if ($(this).is(':checked')) { + defect_list.push($(this).prop('name')); + } + }); + defect_list = defect_list.join(","); + if ("" == defect_list) { + alert("No Defects were selected"); + return; + } + postCommitAjaxRequest({ + "action" : 'unmark', + "defects" : defect_list, + }); + }); + + + }); <!-- $(document).ready() --> + + </script> +{% endblock %} diff --git a/lib/srtgui/templates/publish-list-toastertable.html b/lib/srtgui/templates/publish-list-toastertable.html new file mode 100755 index 00000000..b5a88323 --- /dev/null +++ b/lib/srtgui/templates/publish-list-toastertable.html @@ -0,0 +1,162 @@ +{% extends 'base.html' %} +{% load static %} + +{% block extraheadcontent %} + <link rel="stylesheet" href="{% static 'css/jquery-ui.min.css' %}" type='text/css'> + <link rel="stylesheet" href="{% static 'css/jquery-ui.structure.min.css' %}" type='text/css'> + <link rel="stylesheet" href="{% static 'css/jquery-ui.theme.min.css' %}" type='text/css'> + <script src="{% static 'js/jquery-ui.min.js' %}"> + </script> +{% endblock %} + +{% block title %} Publish Table {% endblock %} + +{% block pagecontent %} + +<div class="row"> + <!-- Breadcrumbs --> + <div class="col-md-12"> + <ul class="breadcrumb" id="breadcrumb"> + <li><a href="{% url 'landing' %}">Home</a></li><span class="divider">→</span> + <li><a href="{% url 'manage' %}">Management</a></li><span class="divider">→</span> + <li><a href="{% url 'publish' %}">Publish</a></li><span class="divider">→</span> + <li>Publish Table</li> + </ul> + </div> +</div> + +<div > <!--class="form-inline" --> + <b><big>Actions: </big></b> + <button id="mark-new" class="btn btn-default" type="button">Mark New</button> + <button id="mark-modified" class="btn btn-default" type="button">Mark Updated</button> + <button id="unmark" class="btn btn-default" type="button">Unmark</button> +</div> + +<div class="row"> + <div class="col-md-12"> + <div class="page-header"> + <h1 class="top-air" data-role="page-title"></h1> + </div> + + {# xhr_table_url is just the current url so leave it blank #} + {% url '' as xhr_table_url %} + {% include 'toastertable.html' %} + </div> +</div> + + <!-- Javascript support --> + <script> + var selected_notifyedit=false; + + $(document).ready(function () { + var tableElt = $("#{{table_name}}"); + var titleElt = $("[data-role='page-title']"); + + tableElt.on("table-done", function (e, total, tableParams) { + var title = "Publish Table"; + + if (tableParams.search || tableParams.filter) { + if (total === 0) { + title = "Publish CVEs found"; + } + else if (total > 0) { + title = total + " Publish CVE" + (total > 1 ? 's' : '') + " found"; + } + } + + titleElt.text(title); + }); + + function onCommitAjaxSuccess(data, textstatus) { + if (window.console && window.console.log) { + console.log("XHR returned:", data, "(" + textstatus + ")"); + } else { + alert("NO CONSOLE:\n"); + return; + } + if (data.error != "ok") { + alert("error on request:\n" + data.error); + return; + } else if (('results_msg' in data) && ("" != data.results_msg)) { + alert("Results: " + data.results_msg); + } + // reload the page with the updated tables + location.reload(true); + } + + function onCommitAjaxError(jqXHR, textstatus, error) { + console.log("ERROR:"+error+"|"+textstatus); + alert("XHR errored1:\n" + error + "\n(" + textstatus + ")"); + } + + /* ensure cookie exists {% csrf_token %} */ + function postCommitAjaxRequest(reqdata) { + var ajax = $.ajax({ + type:"POST", + data: reqdata, + url:"{% url 'xhr_publish'%}", + headers: { 'X-CSRFToken': $.cookie("csrftoken")}, + success: onCommitAjaxSuccess, + error: onCommitAjaxError, + }) + } + + $('#mark-new').click(function(){ + var cve_list=[]; + $('#publishlisttable input').each(function(){ + if ($(this).is(':checked')) { + cve_list.push($(this).prop('name')); + } + }); + cve_list = cve_list.join(","); + if ("" == cve_list) { + alert("No CVE's were selected"); + return; + } + postCommitAjaxRequest({ + "action" : 'mark-new', + "cves" : cve_list, + }); + }); + + $('#mark-modified').click(function(){ + var cve_list=[]; + $('#publishlisttable input').each(function(){ + if ($(this).is(':checked')) { + cve_list.push($(this).prop('name')); + } + }); + cve_list = cve_list.join(","); + if ("" == cve_list) { + alert("No CVE's were selected"); + return; + } + postCommitAjaxRequest({ + "action" : 'mark-modified', + "cves" : cve_list, + }); + }); + + $('#unmark').click(function(){ + var cve_list=[]; + $('#publishlisttable input').each(function(){ + if ($(this).is(':checked')) { + cve_list.push($(this).prop('name')); + } + }); + cve_list = cve_list.join(","); + if ("" == cve_list) { + alert("No CVE's were selected"); + return; + } + postCommitAjaxRequest({ + "action" : 'unmark', + "cves" : cve_list, + }); + }); + + + }); <!-- $(document).ready() --> + + </script> +{% endblock %} diff --git a/lib/srtgui/templates/publish.html b/lib/srtgui/templates/publish.html index b1f3d83f..cf0f2294 100644 --- a/lib/srtgui/templates/publish.html +++ b/lib/srtgui/templates/publish.html @@ -13,32 +13,315 @@ <ul class="breadcrumb" id="breadcrumb"> <li><a href="{% url 'landing' %}">Home</a></li><span class="divider">→</span> <li><a href="{% url 'manage' %}">Management</a></li><span class="divider">→</span> - <li>Publish (Proposals)</li> + <li>Publish Report Management</li> </ul> </div> </div> -<h2> Manage Publish Requests</h2> +<h2>Publish Report Management</h2> <ul> - <li>The SRTool supports an external publishing tool, for example a business table or the vendor's public website</li> - <li>These tools can be used to (a) submit CVEs to that tool, and (b) update the CVEs when they have been published</li> + <li>The SRTool supports exporting new and updated CVEs to external publishing tools</li> </ul> -<h2> Publishing Actions</h2> +<hr> + +<h2>Publish Via Database Snapshots</h2> +<h3> On Demand</h3> <ul> - <tr> - <td><a class="btn btn-info btn-lg" href="{% url 'select-publish' %}">Publish Request</a></td> - <td>Process the items that are ready to be published from SRTool</td> - </tr> - - <br> - <br> - <br> - - <tr> - <td><a class="btn btn-info btn-lg" href="{% url 'update-published' %}">Published Update</a></td> - <td>Process the items that have been published</td> - </tr> + <li>This extracts the changes from a 'base' database backup snapshot to more recent 'top' snapshot</li> + <li>The 'start' and 'stop' dates can extract a subset of those changes. Normally they are set to the 'base' and 'top' dates</li> </ul> +<div style="padding-left:30px;"> + <div> + <label> Start Snapshot: </label> + <select id="snap_date_base"> + {% for snap in snapshot_list %} + <option value="{{snap.date}}" {% if snap_start_index == snap.index %}selected{% endif %}> + ({{snap.mode}}) {{snap.date}} {{snap.time}} | {{snap.day}} + </option> + {% endfor %} + </select> + </div> + <div> + <label> Stop Snapshot: </label> + <select id="snap_date_top"> + {% for snap in snapshot_list %} + <option value="{{snap.date}}" {% if snap_stop_index == snap.index %}selected{% endif %}> + ({{snap.mode}}) {{snap.date}} {{snap.time}} | {{snap.day}} + </option> + {% endfor %} + </select> + </div> + <div> + Start Date: <input type="text" id="snap_date_start" value="{{snap_date_start}}"> + Stop Date: <input type="text" id="snap_date_stop" value="{{snap_date_stop}}"> + <I>(Format: yyyy-mm-dd)</I> + </div> +<br> +</div> + +<div> + <span style="padding-left:30px;"><button id="export-snapshot" class="btn btn-default" type="button">Generate</button></span> + <!--<button type="submit" name="action" value="export-snapshot">Export</button> --> + <span id="export-snapshot-text">Generate the publish table on-demand (using snapshots)</span> + <span id="generating-report" hidden style="color:red"><I>... Generating the report - this will take a few minutes ...</I></span> +</div> +<br> + +<form method="POST"> {% csrf_token %} +<h3>Automatic (Under Development)</h3> +<div style="padding-left: 25px;"> + <label> Frequency: </label> + <select id="snap_frequency"> + {% for snap in snapshot_frequency_list %} + <option value="{{snap}}" {% if snap == snap_frequency_select %}selected{% endif %}> + {{snap}} + </option> + {% endfor %} + </select> + <span style="padding-left:30px;"><button id="export-snapshot" class="btn btn-default" type="button" disabled>Save</button></span> + <!--<button type="submit" name="action" value="export-snapshot">Export</button> --> + Save the automatic publishing frequency +</div> +</form> + +<h3>Generated Reports</h3> +<div style="padding-left: 25px;"> + <table class="table table-striped table-condensed" data-testid="vuln-hyperlinks-table"> + <thead> + <tr> + <th>Name</th> + <th>Size</th> + <th>Date</th> + <th>Manage</th> + </tr> + </thead> + {% if generated_report_list %} + {% for report in generated_report_list %} + <tr> + <td>{{report.name}}</td> + <td>{{report.size}}</td> + <td>{{report.date}}</td> + <td> + <span id="attachment_entry_'+{{report.name}}+'" class="js-config-var-name"></span> + <form id="downloadbanner-{{forloop.counter}}" enctype="multipart/form-data" method="post" >{% csrf_token %} + <input type="hidden" id="action" name="action" value="download"> + <input type="hidden" id="report_id" name="report_name" value={{report.name}}> + <span class="glyphicon glyphicon-download-alt submit-downloadreport" id="report_download_'+{{report.name}}+'" x-data="{{forloop.counter}}"></span> + {% if request.user.is_creator %} + <span class="glyphicon glyphicon-trash trash-report" id="report_trash_'+{{report.name}}+'" x-data="{{report.name}}"></span> + {% endif %} + </form> + </td> + </tr> + {% endfor %} + {% else %} + <tr> + <td>No report files found</td> + </tr> + {% endif %} + </table> + (last report = {{snap_last_calc}}) +</div> + +<hr> + +<form method="POST"> {% csrf_token %} +<h2>Publish Via History Tables (Under development)</h2> +<ul> + <li>These tools can be used to (a) gather the candidate CVEs, (b) review and edit the list if needed, (c) generate the report when ready</li> + <li>The user can explicitly include and exclude CVEs from the "New" list and the "Updated" list, in case the automatic caltulations need adjustment</li> + <li>These mark-ups are inserted into the respective CVE's history at a mid-point date of the period, so they are both persistent and period-specific</li> + <li>The user can clear the markups from the given period and start over, but this will not affect any other period</li> +</ul> +<h3> Publish Preparation</h3> +<ul> + <div> + Start Date: <input type="text" name="date_start" value="{{date_start}}"> + Stop Date: <input type="text" name="date_stop" value="{{date_stop}}"> + </div> + <br> + <div> + Product filter: + <select name="product-filter" id="select-product-filter"> + <option value="0">WR Linux Suported Products</option> + </select> + </div> + <br> + <div> + <button type="submit" name="action" value="recalculate">Recalculate publish table</button> + Gather the items for this period to be published from SRTool, with user changes (last done {{last_calc}}) + </div> + <br> + <div> + <button type="submit" name="action" value="reset">Reset user edits, Recalculate</button> + Remove the user changes for this period, recalculate the table + </div> +</ul> +<h3> Publish Preview and Modifications</h3> +<ul> + <div> + <button type="submit" name="action" value="view">View the publish table</button> + View the publish table, prune entries + </div> + <br> + <div> + <button type="submit" name="action" value="add-cve">Add via CVEs</button> + Add recent CVEs to the table + </div> + <br> + <div> + <button type="submit" name="action" value="add-defect">Add via defects</button> + Add CVEs of recent defects to the table + </div> + <br> +</ul> +<h3> Publish the Report</h3> +<ul> + <div> + <button type="submit" name="action" value="export">Export</button> + Export the publish table (using history) + </div> + <br> +</ul> +</form> + +<script> + var selected_newcomment=false; + + $(document).ready(function() { + + function onCommitAjaxSuccess(data, textstatus) { + document.getElementById("export-snapshot").disabled = false; + /* document.getElementById("download-snapshot").disabled = false;*/ + document.getElementById("export-snapshot-text").innerText = "Generate the publish table on-demand (using snapshots)"; + document.getElementById("generating-report").style.display = "block"; + if (window.console && window.console.log) { + console.log("XHR returned:", data, "(" + textstatus + ")"); + } else { + alert("NO CONSOLE:\n"); + return; + } + if (data.error != "ok") { + alert("error on request:\n" + data.error); + return; + } + // reload the page with the updated tables + location.reload(true); + } + + function onCommitAjaxError(jqXHR, textstatus, error) { + console.log("ERROR:"+error+"|"+textstatus); + alert("XHR errored1:\n" + error + "\n(" + textstatus + ")"); + document.getElementById("export-snapshot").disabled = false; + document.getElementById("export-snapshot-text").innerText = "Generate the publish table on-demand (using snapshots)"; + /* document.getElementById("download-snapshot").disabled = false; */ + document.getElementById("generating-report").style.display = "block"; + } + + /* ensure cookie exists {% csrf_token %} */ + function postCommitAjaxRequest(reqdata) { + var ajax = $.ajax({ + type:"POST", + data: reqdata, + url:"{% url 'xhr_publish' %}", + headers: { 'X-CSRFToken': $.cookie("csrftoken")}, + success: onCommitAjaxSuccess, + error: onCommitAjaxError, + }); + } + + $("#snap_date_base").change(function(){ + snap_date_base = $("#snap_date_base").val(); + snap_date_top = $("#snap_date_top").val(); + if (snap_date_base > snap_date_top) { + $("#snap_date_base").val(snap_date_top); + $("#snap_date_top").val(snap_date_base); + $("#snap_date_start").val(snap_date_top); + $("#snap_date_stop").val(snap_date_base); + } else { + snap_date_start = $("#snap_date_start").val(); + snap_date_stop = $("#snap_date_stop").val(); + $("#snap_date_start").val(snap_date_base); + if (snap_date_stop < snap_date_base) { + $("#snap_date_stop").val(snap_date_top); + } + } + }); + + $("#snap_date_top").change(function(){ + snap_date_base = $("#snap_date_base").val(); + snap_date_top = $("#snap_date_top").val(); + if (snap_date_base > snap_date_top) { + $("#snap_date_base").val(snap_date_top); + $("#snap_date_top").val(snap_date_base); + $("#snap_date_start").val(snap_date_top); + $("#snap_date_stop").val(snap_date_base); + } else { + snap_date_start = $("#snap_date_start").val(); + snap_date_stop = $("#snap_date_stop").val(); + if (snap_date_start > snap_date_top) { + $("#snap_date_start").val(snap_date_base); + } + $("#snap_date_stop").val(snap_date_top); + } + }); + + $('#export-snapshot').click(function(){ + snap_date_base = $("#snap_date_base").val(); + snap_date_top = $("#snap_date_top").val(); + snap_date_start = $("#snap_date_start").val(); + snap_date_stop = $("#snap_date_stop").val(); + if (snap_date_start > snap_date_stop) { + alert("Error: the start date is after the stop date"); + return; + } + if (snap_date_start < snap_date_base) { + alert("Error: the start date is before the snapshot base date"); + return; + } + if (snap_date_stop > snap_date_top) { + alert("Error: the stop date is after the snapshot top date"); + return; + } + var result = confirm("Generate the report? This will take several minutes."); + if (result){ + document.getElementById("export-snapshot").disabled = true; + document.getElementById("export-snapshot-text").innerText = "... Generating the report - this will take a few minutes ..."; + + /* document.getElementById("download-snapshot").disabled = true; */ + document.getElementById("generating-report").style.display = "none"; + postCommitAjaxRequest({ + "action" : 'export-snapshot', + "snap_date_base" : snap_date_base, + "snap_date_top" : snap_date_top, + "snap_date_start" : snap_date_start, + "snap_date_stop" : snap_date_stop + }); + } + }); + + + /* Manage report files */ + + $('.submit-downloadreport').click(function() { + $("#downloadbanner-"+this.getAttribute("x-data")).submit(); + }); + + $('.trash-report').click(function() { + var result = confirm("Are you sure?"); + if (result){ + postCommitAjaxRequest({ + "action" : 'submit-trashreport', + "report_name" : $(this).attr('x-data'), + }); + } + }); + + + + }); +</script> + {% endblock %} diff --git a/lib/srtgui/templates/report.html b/lib/srtgui/templates/report.html index d4d27f76..4c2b2450 100644 --- a/lib/srtgui/templates/report.html +++ b/lib/srtgui/templates/report.html @@ -13,10 +13,16 @@ </div> </div> - <form method="POST">{% csrf_token %} + <form method="POST"> {% csrf_token %} <input type="hidden" name="parent_page" value="{{parent_page}}"> <input type="hidden" name="record_list" value="{{record_list}}"> + {% if error_message %} + <br> + <font size="3" color="red">{{error_message}}</font> + <br> + {% endif %} + {% if report_type_list %} <hr> Report Type:<br> @@ -53,6 +59,12 @@ <hr> {% endif %} + {% if report_date_list %} + Date Range (mm/dd/yyyy):<br> + {{report_date_list|safe}} + <hr> + {% endif %} + {% if report_custom_list %} Page Specific Settings:<br> {{report_custom_list|safe}} @@ -68,6 +80,31 @@ </form> -<br> + <br> + <!-- <input type="submit" id="submit-report-button" class="btn btn-primary btn-lg" value="Generate and Download Report"/> --> + <!-- <button type="button" id="submit-report-button" class="btn btn-primary btn-lg"> Generate and Download Report </button> --> + <!-- <button id="select-these" class="btn btn-default" type="button">Select these</button> --> + + <!-- Javascript support --> + <script> + + $(document).ready(function() { + + /* Handle the post button */ + $('#test-submit-report-button').click(function(){ + document.getElementById("submit-report-button").innerText = " ... working ... "; + data = { + "action" : 'foo', + "pub" : $('#bar').is(':checked') ? "yes" : "no", + } + + $.post("wr/report/management", data, function(data, status){ + alert("Data: " + data + "\nStatus: " + status); + }); + }); + + }); + </script> + {% endblock %} diff --git a/lib/srtgui/templates/srtool_metadata_include.html b/lib/srtgui/templates/srtool_metadata_include.html index 7471f0f9..eb83c05f 100755 --- a/lib/srtgui/templates/srtool_metadata_include.html +++ b/lib/srtgui/templates/srtool_metadata_include.html @@ -9,15 +9,12 @@ <i>Status:</i> {{object.get_status_text}}, {% if default_category == "CVE" %} {% if request.user.is_creator %} - <i>Publish</i> = {{object.get_publish_text}}, <i>Publish Date</i> = {{object.publish_date}} + <i>Publish</i> = {{object.get_publish_text}}, <i>Publish Date</i> = {{object.publish_date}}, <i>Acknowledge Date</i> = {{object.acknowledge_date|date:'Y-m-d'}}, <i>Initial Release</i> = {{object.publishedDate}}, <i>Last Modified</i> = {{object.lastModifiedDate}} <!--<a class="btn btn-default navbar-btn " id="login-button" href="">Publish Now</a> --> {% else %} <i>Publish = {{object.get_publish_text}}</i> {% endif %} </LI> - <LI> - <i>Packages:</i> {{object.packages}} - </LI> {% else %} <i>Outcome:</i> {{object.get_outcome_text}} <p> @@ -26,9 +23,17 @@ <i>Public Notes:</i> {{object.comments}} </LI> {% if request.user.is_creator %} + <LI> + <i>Private Notes:</i> {{object.comments_private}} + </LI> + {% endif %} <LI> - <i>Private Notes:</i> {{object.comments_private}} + <i>Tags:</i> {{object.tags}} </LI> + {% if default_category == "CVE" %} + <LI> + <i>Affected Components:</i> {{object.packages}} + </LI> {% endif %} </UL> </fieldset> @@ -42,10 +47,10 @@ <p><i>Priority</i> = <select name="Priority" id="select-priority-state"> <option value="0" {% if 0 == object.priority %}selected{% endif %}>Undefined</option> - <option value="1" {% if 1 == object.priority %}selected{% endif %}>Minor</option> - <option value="2" {% if 2 == object.priority %}selected{% endif %}>Low</option> - <option value="3" {% if 3 == object.priority %}selected{% endif %}>Medium</option> - <option value="4" {% if 4 == object.priority %}selected{% endif %}>High</option> + <option value="1" {% if 1 == object.priority %}selected{% endif %}>Low</option> + <option value="2" {% if 2 == object.priority %}selected{% endif %}>Medium</option> + <option value="3" {% if 3 == object.priority %}selected{% endif %}>High</option> + <option value="4" {% if 4 == object.priority %}selected{% endif %}>Critical</option> </select> <i>Status</i> = @@ -56,6 +61,10 @@ <option value="3" {% if 3 == object.status %}selected{% endif %}>Investigate</option> <option value="4" {% if 4 == object.status %}selected{% endif %}>Vulnerable</option> <option value="5" {% if 5 == object.status %}selected{% endif %}>Not Vulnerable</option> + <option value="6" {% if 6 == object.status %}selected{% endif %}>(New)</option> + <option value="7" {% if 7 == object.status %}selected{% endif %}>(Investigate)</option> + <option value="8" {% if 8 == object.status %}selected{% endif %}>(Vulnerable)</option> + <option value="9" {% if 9 == object.status %}selected{% endif %}>(Not Vulnerable)</option> </select> <p> {% if default_category == "CVE" %} @@ -78,9 +87,14 @@ <option value="3" {% if 3 == object.outcome_state %}selected{% endif %}>Closed (Won't Fix)</option> </select> {% endif %} - <p>Note: <input type="text" placeholder="Edit Note" id="text-note" size="80" value="{{object.comments}}"></p> + <p>Comments: <input type="text" placeholder="Edit comments" id="text-note" size="80" value="{{object.comments}}"></p> {% if request.user.is_creator %} - <p>Private Note: <input type="text" placeholder="Edit Private Note" id="text-private-note" size="80" value="{{object.comments_private}}"></p> + <p>Private Comments: <input type="text" placeholder="Edit private comments" id="text-private-note" size="80" value="{{object.comments_private}}"></p> + {% endif %} + <p>Tags: <input type="text" placeholder="Edit tags" id="text-tags" size="80" value="{{object.tags}}"></p> + {% if default_category == "CVE" %} + <p>Affected Components: <input type="text" placeholder="Edit affected components" id="text-affected-components" size="80" value="{{object.packages}}"></p> + <i>Acknowledge Date</i> = <input type="text" placeholder="Acknowledge Date" id="text-acknowledge-date" size="40" value="{{object.acknowledge_date|date:'Y-m-d'}}"> (YYYY-MM-DD, or empty string for None)<p> {% endif %} <p><p> </fieldset> diff --git a/lib/srtgui/templates/toastertable.html b/lib/srtgui/templates/toastertable.html index 6882b394..99eb01e2 100644 --- a/lib/srtgui/templates/toastertable.html +++ b/lib/srtgui/templates/toastertable.html @@ -69,6 +69,7 @@ </div> </div> <button class="btn btn-default" id="search-submit-{{table_name}}" >Search</button> + <span class="glyphicon glyphicon-question-sign get-help" title="Default is to 'and' terms. Use 'OR' to 'or' terms. Use '-' to exclude terms. Example:abc OR 'def ghi' AND -jkl"></span> </form> <form class="navbar-form navbar-right"> <div clas="form-group"> diff --git a/lib/srtgui/templates/vulnerability.html b/lib/srtgui/templates/vulnerability.html index 35b2c0e6..9290a1ef 100644 --- a/lib/srtgui/templates/vulnerability.html +++ b/lib/srtgui/templates/vulnerability.html @@ -148,26 +148,41 @@ </tr> </thead> - {% if object.vulnerability_investigation.all %} - {% for investigation in object.vulnerability_investigation.all %} + <table class="table table-striped table-condensed" data-testid="vuln-hyperlinks-table"> + <thead> + <tr> + <th>Product Name</th> + <th>Investigation</th> + <th>Status</th> + <th>Outcome</th> + <th>Defect</th> + <th>Release Version</th> + {% if request.user.is_creator %} + <th>Manage</th> + {% endif %} + </tr> + </thead> + + {% if object.investigation_list %} + {% for v2i in object.investigation_list %} <tr> - <td><a href="{% url 'product' investigation.product.id %}">{{ investigation.product.long_name }}<a></td> - <td><a href="{% url 'investigation' investigation.id %}">{{ investigation.name }}<a></td> - <td>{{ investigation.get_status_text }}</td> - <td>{{ investigation.get_outcome_text }}</td> + <td><a href="{% url 'product' v2i.investigation.product.id %}">{{ v2i.investigation.product.long_name }}<a></td> + <td><a href="{% url 'investigation' v2i.investigation.id %}">{{ v2i.investigation.name }}<a></td> + <td>{{ v2i.investigation.get_status_text }}</td> + <td>{{ v2i.investigation.get_outcome_text }}</td> <td> - {% for ij in investigation.investigation_to_defect.all %} + {% for ij in v2i.investigation.investigation_to_defect.all %} {% if not forloop.first %}| {% endif %}<a href="{% url 'defect' ij.defect.id %}">{{ij.defect.name}} </a> {% endfor %} </td> <td> - {% for ij in investigation.investigation_to_defect.all %} + {% for ij in v2i.investigation.investigation_to_defect.all %} {% if not forloop.first %}| {% endif %}<a href="{% url 'defect' ij.defect.id %}">{{ij.defect.release_version}} </a> {% endfor %} </td> {% if request.user.is_creator %} <td> - <span class="glyphicon glyphicon-trash trash-investigation" id="affected_trash_'+{{investigation.id}}+'" x-data="{{investigation.id}}"></span> + <span class="glyphicon glyphicon-trash trash-investigation" id="affected_trash_'+{{v2i.investigation.id}}+'" x-data="{{v2i.investigation.id}}"></span> </td> {% endif %} </tr> @@ -268,10 +283,10 @@ <td>{{ u.author }}</td> <td> <span id="attachment_entry_'+{{u.id}}+'" class="js-config-var-name"></span> - <form id="downloadbanner" enctype="multipart/form-data" method="post" >{% csrf_token %} + <form id="downloadbanner-{{forloop.counter}}" enctype="multipart/form-data" method="post" >{% csrf_token %} <input type="hidden" id="action" name="action" value="download"> <input type="hidden" id="record_id" name="record_id" value={{u.id}}> - <span class="glyphicon glyphicon-download-alt submit-downloadattachment" id="attachment_download_'+{{u.id}}+'" x-data="{{u.id}}"></span> + <span class="glyphicon glyphicon-download-alt submit-downloadattachment" id="attachment_download_'+{{u.id}}+'" x-data="{{forloop.counter}}"></span> {% if request.user.is_creator %} <span class="glyphicon glyphicon-trash trash-attachment" id="attachment_trash_'+{{u.id}}+'" x-data="{{u.id}}"></span> {% endif %} @@ -440,6 +455,9 @@ </table> </div> +<HR ALIGN="center" WIDTH="100%"> +Created={{object.srt_created}} Updated={{object.srt_updated}} + <!-- Javascript support --> <script> var selected_addrelatedproduct=false; @@ -583,7 +601,7 @@ }); $('.submit-downloadattachment').click(function() { - $("#downloadbanner").submit(); + $("#downloadbanner-"+this.getAttribute("x-data")).submit(); }); $('.trash-attachment').click(function() { @@ -694,6 +712,7 @@ $('#submit-quickedit').click(function(){ var note=$('#text-note').val().trim() var private_note=$('#text-private-note').val().trim() + var tags=$('#text-tags').val().trim(); var priority=$('#select-priority-state').val(); var status=$('#select-status-state').val(); var outcome=$('#select-outcome-state').val(); @@ -701,6 +720,7 @@ "action" : 'submit-quickedit', "note" : note, "private_note" : private_note, + "tags" : tags, "status" : status, "outcome" : outcome, "priority" : priority, |