Merge pull request #1220 from devEricA/dev

Enhancement #1120

Author: devGregA

dojo/benchmark/views.py

@@ -41,19 +41,15 @@ def return_score(queryset):
 def score_asvs(product, benchmark_type):
     # Compliant to ASVS level 1 benchmarks
     asvs_level_1 = Benchmark_Product.objects.filter(enabled=True, control__enabled=True, product=product, control__category__type=benchmark_type, control__category__enabled=True, control__level_1=True).values('pass_fail').annotate(Count('pass_fail')).order_by()
-
     asvs_level_1_benchmark, asvs_level_1_score = return_score(asvs_level_1)
 
     # Compliant to ASVS level 2 benchmarks
     asvs_level_2 = Benchmark_Product.objects.filter(~Q(control__level_1=True), enabled=True, control__enabled=True, product=product, control__category__type=benchmark_type, control__category__enabled=True, control__level_2=True).values('pass_fail').annotate(Count('pass_fail')).order_by()
-
     asvs_level_2_benchmark, asvs_level_2_score = return_score(asvs_level_2)
 
     # Compliant to ASVS level 3 benchmarks
     asvs_level_3 = Benchmark_Product.objects.filter(~Q(control__level_1=True), ~Q(control__level_2=True), enabled=True, control__enabled=True, control__category__enabled=True, product=product, control__category__type=benchmark_type, control__level_3=True).values('pass_fail').annotate(Count('pass_fail')).order_by()
-
     asvs_level_3_benchmark, asvs_level_3_score = return_score(asvs_level_3)
-
     benchmark_product_summary = Benchmark_Product_Summary.objects.get(product=product, benchmark_type=benchmark_type)
 
     benchmark_product_summary.asvs_level_1_benchmark = asvs_level_1_benchmark

dojo/product/views.py

@@ -16,6 +16,7 @@
 from django.db.models import Sum, Count, Q
 from django.contrib.admin.utils import NestedObjects
 from django.db import DEFAULT_DB_ALIAS
+from dojo.templatetags.display_tags import get_level
 from dojo.filters import ProductFilter, ProductFindingFilter, EngagementFilter
 from dojo.forms import ProductForm, EngForm, DeleteProductForm, DojoMetaDataForm, JIRAPKeyForm, JIRAFindingForm, AdHocFindingForm, \
                        EngagementPresetsForm, DeleteEngagementPresetsForm
@@ -26,6 +27,7 @@
 from custom_field.models import CustomFieldValue, CustomField
 from dojo.tasks import add_epic_task, add_issue_task
 from tagging.models import Tag
+
 from tagging.utils import get_tag_list
 
 logger = logging.getLogger(__name__)
@@ -83,6 +85,10 @@ def view_product(request, pid):
     app_analysis = App_Analysis.objects.filter(product=prod).order_by('name')
     benchmark_type = Benchmark_Type.objects.filter(enabled=True).order_by('name')
     benchmarks = Benchmark_Product_Summary.objects.filter(product=prod, publish=True, benchmark_type__enabled=True).order_by('benchmark_type__name')
+    benchAndPercent = []
+    for i in range(0, len(benchmarks)):
+        benchAndPercent.append([benchmark_type[i], get_level(benchmarks[i])])
+
     system_settings = System_Settings.objects.get()
 
     product_metadata = dict(prod.product_meta.order_by('name').values_list('name', 'value'))
@@ -115,7 +121,6 @@ def view_product(request, pid):
     total = critical + high + medium + low + info
 
     product_tab = Product_Tab(pid, title="Product", tab="overview")
-
     return render(request, 'dojo/view_product_details.html', {
                   'prod': prod,
                   'product_tab': product_tab,
@@ -131,6 +136,8 @@ def view_product(request, pid):
                   'langSummary': langSummary,
                   'app_analysis': app_analysis,
                   'system_settings': system_settings,
+                  'benchmarks_percents': benchAndPercent,
+                  'benchmarks': benchmarks,
                   'authorized': auth})
 
 

dojo/templates/dojo/view_product_details.html

@@ -145,7 +145,29 @@ <h3 class="panel-title"><span class="fa fa-gavel" aria-hidden="true"></span> Reg
   </div>
 </div>
 </div>
-
+  <!-- Benchmark Tab -->
+  <div class="row">
+  <div class="col-md-8">
+    <div class="panel panel-default">
+      <div class="panel-heading">
+        <h3 class="panel-title"><span class ="fa fa-balance-scale" aria-hidden="true"></span> Benchmark Progress </h3>
+      </div>
+        <ul class="list-group">
+          {% for Abenchpercent in benchmarks_percents %}
+          <li class="list-group-item"><strong>{{Abenchpercent.0}}</strong></li>
+            <div class="progress">
+              <div class="progress-bar" role="progressbar" aria-valuenow="{{Abenchpercent.1}}"
+                aria-valuemin="0" aria-valuemax="100" style="width:{{Abenchpercent.1}}">
+                <span class="sr-only">{{Abenchpercent.1}} Complete</span>
+              </div>
+            </div>
+          {% empty %}
+            <li class="list-group-item"><small class = "text-muted"><em>There are no benchmarks</em></small></li>
+          {% endfor %}
+        </ul>
+    </div>
+  </div>
+</div>
 <!-- Meta Data -->
 <div class="col-md-4">
   <div class="panel panel-default panel-default-secondary">

dojo/templatetags/display_tags.py

@@ -158,6 +158,11 @@ def asvs_calc_level(benchmark_score):
     return benchmark_score.desired_level, level, str(total_pass), str(total)
 
 
+def get_level(benchmark_score):
+    benchmark_score.desired_level, level, total_pass, total = asvs_calc_level(benchmark_score)
+    level = percentage(total_pass, total)
+    return level
+
 @register.filter(name='asvs_level')
 def asvs_level(benchmark_score):
     benchmark_score.desired_level, level, total_pass, total = asvs_calc_level(