fixes #331and other metrics quirtks and errors

grendel513 · grendel513 · commit 1cc257987d48 · 2017-08-02T10:18:13.000-05:00
diff --git a/dojo/filters.py b/dojo/filters.py
@@ -24,6 +24,7 @@
 
 EARLIEST_FINDING = None
 
+
 def now():
     return local_tz.localize(datetime.today())
 
@@ -236,7 +237,6 @@ def __init__(self, *args, **kwargs):
             (key, value[0]) for key, value in six.iteritems(self.options)]
         super(MetricsDateRangeFilter, self).__init__(*args, **kwargs)
 
-
     def filter(self, qs, value):
         if get_earliest_finding() is not None:
             start_date = local_tz.localize(datetime.combine(
@@ -635,7 +635,6 @@ def __init__(self, *args, **kwargs):
             (key, value[0]) for key, value in six.iteritems(self.options)]
         super(FindingStatusFilter, self).__init__(*args, **kwargs)
 
-
     def filter(self, qs, value):
         if get_earliest_finding() is not None:
             start_date = local_tz.localize(datetime.combine(
@@ -656,7 +655,7 @@ class MetricsFindingFilter(FilterSet):
         queryset=Product_Type.objects.all().order_by('name'),
         label="Product Type")
     severity = MultipleChoiceFilter(choices=[])
-    status = FindingStatusFilter()
+    status = FindingStatusFilter(label='Status')
 
     def __init__(self, *args, **kwargs):
         super(MetricsFindingFilter, self).__init__(*args, **kwargs)
@@ -665,7 +664,24 @@ def __init__(self, *args, **kwargs):
 
     class Meta:
         model = Finding
-        exclude = []
+        exclude = ['url',
+                   'description',
+                   'mitigation',
+                   'unsaved_endpoints',
+                   'unsaved_request',
+                   'unsaved_response',
+                   'unsaved_tags',
+                   'references',
+                   'review_requested_by',
+                   'reviewers',
+                   'defect_review_requested_by',
+                   'thread_id',
+                   'notes',
+                   'last_reviewed_by',
+                   'images',
+                   'endpoints',
+                   'is_template']
+
 
 class EndpointFilter(DojoFilter):
     product = ModelMultipleChoiceFilter(
diff --git a/dojo/forms.py b/dojo/forms.py
@@ -107,7 +107,7 @@ def render(self, name, value, attrs=None):
         if not (self.required and value):
             month_choices.append(self.none_value)
         month_choices.sort()
-        local_attrs = self.build_attrs(id=self.month_field % id_)
+        local_attrs = self.build_attrs({'id':self.month_field % id_})
         s = Select(choices=month_choices)
         select_html = s.render(self.month_field % name, month_val, local_attrs)
 
@@ -228,11 +228,13 @@ class Meta:
 
 
 class ImportScanForm(forms.Form):
-    SCAN_TYPE_CHOICES = (("Burp Scan", "Burp Scan"), ("Nessus Scan", "Nessus Scan"), ("Nmap Scan", "Nmap Scan"), ("Nexpose Scan", "Nexpose Scan"),
+    SCAN_TYPE_CHOICES = (("Burp Scan", "Burp Scan"), ("Nessus Scan", "Nessus Scan"), ("Nmap Scan", "Nmap Scan"),
+                         ("Nexpose Scan", "Nexpose Scan"),
                          ("AppSpider Scan", "AppSpider Scan"), ("Veracode Scan", "Veracode Scan"),
                          ("Checkmarx Scan", "Checkmarx Scan"), ("ZAP Scan", "ZAP Scan"),
                          ("Arachni Scan", "Arachni Scan"), ("VCG Scan", "VCG Scan"),
-                         ("Dependency Check Scan", "Dependency Check Scan"), ("Retire.js Scan", "Retire.js Scan"), ("Node Security Platform Scan", "Node Security Platform Scan"),
+                         ("Dependency Check Scan", "Dependency Check Scan"), ("Retire.js Scan", "Retire.js Scan"),
+                         ("Node Security Platform Scan", "Node Security Platform Scan"),
                          ("Qualys Scan", "Qualys Scan"),
                          ("Generic Findings Import", "Generic Findings Import"))
     scan_date = forms.DateTimeField(
@@ -474,7 +476,6 @@ def is_valid(self):
             return False
         return True
 
-
     class Meta:
         model = Engagement
         exclude = ('first_contacted', 'version', 'eng_type', 'real_start',
@@ -546,7 +547,7 @@ class TestForm(forms.ModelForm):
     test_type = forms.ModelChoiceField(queryset=Test_Type.objects.all().order_by('name'))
     environment = forms.ModelChoiceField(
         queryset=Development_Environment.objects.all().order_by('name'))
-    #credential = forms.ModelChoiceField(Cred_User.objects.all(), required=False)
+    # credential = forms.ModelChoiceField(Cred_User.objects.all(), required=False)
     target_start = forms.DateTimeField(widget=forms.TextInput(
         attrs={'class': 'datepicker'}))
     target_end = forms.DateTimeField(widget=forms.TextInput(
@@ -556,9 +557,8 @@ class TestForm(forms.ModelForm):
                            help_text="Add tags that help describe this test.  "
                                      "Choose from the list or add new tags.  Press TAB key to add.")
     lead = forms.ModelChoiceField(
-	queryset=User.objects.exclude(is_staff=False),
-	required=False, label="Testing Lead")
-
+        queryset=User.objects.exclude(is_staff=False),
+        required=False, label="Testing Lead")
 
     def __init__(self, *args, **kwargs):
         tags = Tag.objects.usage_for_model(Test)
@@ -667,6 +667,7 @@ class Meta:
         exclude = ('reporter', 'url', 'numerical_severity', 'endpoint', 'images', 'under_review', 'reviewers',
                    'review_requested_by')
 
+
 class PromoteFindingForm(forms.ModelForm):
     title = forms.CharField(max_length=1000)
     date = forms.DateField(required=True,
@@ -1047,6 +1048,7 @@ class Meta:
         model = Notes
         fields = ['entry']
 
+
 class DefectFindingForm(forms.ModelForm):
     CLOSE_CHOICES = (("Close Finding", "Close Finding"), ("Not Fixed", "Not Fixed"))
     defect_choice = forms.ChoiceField(required=True, choices=CLOSE_CHOICES)
@@ -1062,6 +1064,7 @@ class Meta:
         model = Notes
         fields = ['entry']
 
+
 class ClearFindingReviewForm(forms.ModelForm):
     entry = forms.CharField(
         required=True, max_length=2400,
@@ -1269,26 +1272,30 @@ class Meta:
 
 FindingImageFormSet = modelformset_factory(FindingImage, extra=3, max_num=10, exclude=[''], can_delete=True)
 
+
 class JIRAForm(forms.ModelForm):
     password = forms.CharField(widget=forms.PasswordInput, required=True)
 
     class Meta:
         model = JIRA_Conf
         exclude = ['product']
 
-class ToolTypeForm(forms.ModelForm):
 
+class ToolTypeForm(forms.ModelForm):
     class Meta:
         model = Tool_Type
         exclude = ['product']
 
+
 class ToolConfigForm(forms.ModelForm):
     tool_type = forms.ModelChoiceField(queryset=Tool_Type.objects.all(), label='Tool Type')
     ssh = forms.CharField(widget=forms.Textarea(attrs={}), required=False, label='SSH Key')
+
     class Meta:
         model = Tool_Configuration
         exclude = ['product']
 
+
 class DeleteToolProductSettingsForm(forms.ModelForm):
     id = forms.IntegerField(required=True,
                             widget=forms.widgets.HiddenInput())
@@ -1297,6 +1304,7 @@ class Meta:
         model = Tool_Product_Settings
         exclude = ['tool_type']
 
+
 class ToolProductSettingsForm(forms.ModelForm):
     tool_configuration = forms.ModelChoiceField(queryset=Tool_Configuration.objects.all(), label='Tool Configuration')
 
@@ -1306,40 +1314,44 @@ class Meta:
         exclude = ['tool_type']
         order = ['name']
 
+
 class CredMappingForm(forms.ModelForm):
-    cred_user = forms.ModelChoiceField(queryset=Cred_Mapping.objects.all().select_related('cred_id'), required=False, label='Select a Credential')
+    cred_user = forms.ModelChoiceField(queryset=Cred_Mapping.objects.all().select_related('cred_id'), required=False,
+                                       label='Select a Credential')
 
     class Meta:
         model = Cred_Mapping
         fields = ['cred_user']
         exclude = ['product', 'finding', 'engagement', 'test', 'url', 'is_authn_provider']
 
-class CredMappingFormProd(forms.ModelForm):
 
+class CredMappingFormProd(forms.ModelForm):
     class Meta:
         model = Cred_Mapping
         fields = ['cred_id', 'url', 'is_authn_provider']
         exclude = ['product', 'finding', 'engagement', 'test']
 
-class SystemSettingsForm(forms.ModelForm):
 
+class SystemSettingsForm(forms.ModelForm):
     class Meta:
         model = System_Settings
         exclude = ['']
 
 
 class CredUserForm(forms.ModelForm):
-    #selenium_script = forms.FileField(widget=forms.widgets.FileInput(
+    # selenium_script = forms.FileField(widget=forms.widgets.FileInput(
     #    attrs={"accept": ".py"}),
     #    label="Select a Selenium Script", required=False)
 
     class Meta:
         model = Cred_User
         exclude = ['']
-        #fields = ['selenium_script']
+        # fields = ['selenium_script']
+
 
 class JIRAPKeyForm(forms.ModelForm):
     conf = forms.ModelChoiceField(queryset=JIRA_Conf.objects.all(), label='JIRA Configuration')
+
     class Meta:
         model = JIRA_PKey
         exclude = ['product']
@@ -1350,6 +1362,6 @@ def __init__(self, *args, **kwargs):
         self.enabled = kwargs.pop('enabled')
         super(JIRAFindingForm, self).__init__(*args, **kwargs)
         self.fields['push_to_jira'] = forms.BooleanField(initial=self.enabled)
-        self.fields['push_to_jira'].required=False
+        self.fields['push_to_jira'].required = False
 
     push_to_jira = forms.BooleanField(required=False)
diff --git a/dojo/metrics/views.py b/dojo/metrics/views.py
@@ -306,8 +306,7 @@ def metrics(request, mtype):
         'name': page_name,
         'start_date': start_date,
         'end_date': end_date,
-        'findings': findings.qs,
-        'find_object': findings,
+        'findings': findings,
         'opened_per_month': monthly_counts['opened_per_period'],
         'active_per_month': monthly_counts['active_per_period'],
         'opened_per_week': weekly_counts['opened_per_period'],
@@ -366,6 +365,7 @@ def simple_metrics(request):
                                        false_p=False,
                                        duplicate=False,
                                        out_of_scope=False,
+                                       date=now,
                                        ).distinct()
 
         for f in total.all():
diff --git a/dojo/templates/dojo/metrics.html b/dojo/templates/dojo/metrics.html
