Merge pull request #656 from aaronweaver/dev

severity and environment

Author: aaronweaver

dojo/development_environment/views.py

@@ -23,9 +23,9 @@ def dev_env(request):
                   initial_queryset]
     devs = DevelopmentEnvironmentFilter(request.GET, queryset=initial_queryset)
     dev_page = get_page_items(request, devs.qs, 25)
-    add_breadcrumb(title="Development Environment List", top_level=True, request=request)
+    add_breadcrumb(title="Environment List", top_level=True, request=request)
     return render(request, 'dojo/dev_env.html', {
-        'name': 'Development Environment List',
+        'name': 'Environment',
         'metric': False,
         'user': request.user,
         'devs': dev_page,
@@ -42,12 +42,12 @@ def add_dev_env(request):
             form.save()
             messages.add_message(request,
                                  messages.SUCCESS,
-                                 'Development environment added successfully.',
+                                 'Environment added successfully.',
                                  extra_tags='alert-success')
             return HttpResponseRedirect(reverse('dev_env'))
-    add_breadcrumb(title="Add Development Environment", top_level=False, request=request)
+    add_breadcrumb(title="Add Environment", top_level=False, request=request)
     return render(request, 'dojo/new_dev_env.html', {
-        'name': 'Add Development Environment',
+        'name': 'Add Environment',
         'metric': False,
         'user': request.user,
         'form': form,
@@ -65,12 +65,12 @@ def edit_dev_env(request, deid):
             messages.add_message(
                 request,
                 messages.SUCCESS,
-                'Development environment updated successfully.',
+                'Environment updated successfully.',
                 extra_tags='alert-success')
             return HttpResponseRedirect(reverse('dev_env'))
-    add_breadcrumb(title="Edit Development Environment", top_level=False, request=request)
+    add_breadcrumb(title="Edit Environment", top_level=False, request=request)
     return render(request, 'dojo/edit_dev_env.html', {
-        'name': 'Edit Development Environment',
+        'name': 'Edit Environment',
         'metric': False,
         'user': request.user,
         'form': form,

dojo/models.py

@@ -180,6 +180,27 @@ class System_Settings(models.Model):
         verbose_name="Engagement Auto-Close Days",
         help_text="Closes an engagement after the specified number of days past due date including last update.")
 
+    enable_finding_sla = models.BooleanField(
+        default=True,
+        blank=False,
+        verbose_name="Enable Finding SLA's",
+        help_text="Enables Finding SLA's for time to remediate.")
+
+    sla_critical = models.IntegerField(default=7,
+                                          verbose_name="Crital Finding SLA Days",
+                                          help_text="# of days to remediate a critical finding.")
+
+    sla_high = models.IntegerField(default=30,
+                                          verbose_name="High Finding SLA Days",
+                                          help_text="# of days to remediate a high finding.")
+    sla_medium = models.IntegerField(default=90,
+                                          verbose_name="Medium Finding SLA Days",
+                                          help_text="# of days to remediate a medium finding.")
+
+    sla_low = models.IntegerField(default=120,
+                                          verbose_name="Low Finding SLA Days",
+                                          help_text="# of days to remediate a low finding.")
+
 
 class SystemSettingsFormAdmin(forms.ModelForm):
     product_grade = forms.CharField(widget=forms.Textarea)
@@ -1064,6 +1085,12 @@ def age(self):
 
         return days if days > 0 else 0
 
+    def sla(self):
+        severity = self.severity
+        from dojo.utils import get_system_setting
+        sla_age = get_system_setting('sla_' + self.severity.lower())
+        return sla_age - self.age()
+
     def jira(self):
         try:
             jissue = JIRA_Issue.objects.get(finding=self)
@@ -1675,9 +1702,6 @@ def __unicode__(self):
 
         return name
 
-    class Meta:
-        unique_together = [('product', 'path')]
-
 
 class Objects_Engagement(models.Model):
     engagement = models.ForeignKey(Engagement)
@@ -1895,6 +1919,7 @@ class FieldRule(models.Model):
     update_type = models.CharField(max_length=30, choices=update_options)
     text = models.CharField(max_length=200)
 
+
 # Register for automatic logging to database
 auditlog.register(Dojo_User)
 auditlog.register(Endpoint)

dojo/static/dojo/css/dojo.css

@@ -543,6 +543,14 @@ form ul#id_accepted_findings input {
     background-color: #d9534f;
 }
 
+.age-red {
+    background-color: #d9534f;
+}
+
+.age-green {
+    background-color: green;
+}
+
 .dojo-search {
     clear: right !important;
     display: inline-block !important;

dojo/templates/base.html

@@ -166,7 +166,7 @@
                                             <a href="{% url 'test_type' %}">Test Types</a>
                                         </li>
                                         <li>
-                                            <a href="{% url 'dev_env' %}">Development Environments</a>
+                                            <a href="{% url 'dev_env' %}">Environments</a>
                                         </li>
                                     </ul>
                                     <!-- /.nav-second-level -->

dojo/templates/dojo/dev_env.html

@@ -6,7 +6,7 @@
             <div class="panel panel-default">
                 <div class="panel-heading tight">
                     <h3 class="has-filters">
-                        Development Environment List
+                        Environment List
                         <div class="dropdown pull-right">
                             <button class="btn btn-primary dropdown-toggle" type="button" id="dropdownMenu1"
                                     data-toggle="dropdown" aria-expanded="true">
@@ -18,7 +18,7 @@ <h3 class="has-filters">
                                 {% if request.user.is_staff %}
                                     <li role="presentation">
                                         <a href="{%  url 'add_dev_env' %}">
-                                            <i class="fa fa-plus"></i> New Dev Environment </a>
+                                            <i class="fa fa-plus"></i> New Environment </a>
                                     </li>
                                 {% endif %}
                             </ul>
@@ -38,7 +38,7 @@ <h3 class="has-filters">
                            class="tablesorter-bootstrap table table-bordered table-condensed table-striped">
                         <thead>
                         <tr>
-                            <th>{% dojo_sort request 'Development Environment' 'name' 'asc' %}</th>
+                            <th>{% dojo_sort request 'Environment' 'name' 'asc' %}</th>
                         </tr>
                         </thead>
                         <tbody>
@@ -58,7 +58,7 @@ <h3 class="has-filters">
                     {% include "dojo/paging_snippet.html" with page=devs page_size=True%}
                 </div>
             {% else %}
-                <p class="text-center">No development environments found.</p>
+                <p class="text-center">No environments found.</p>
             {% endif %}
         </div>
 
@@ -79,11 +79,3 @@ <h3 class="has-filters">
     </script>
     {% include "dojo/filter_js_snippet.html" %}
 {% endblock %}
-
-
-
-
-
-
-
-

dojo/templates/dojo/edit_dev_env.html

@@ -1,6 +1,6 @@
 {% extends "base.html" %}
 {% block content %}
-    <h3> Edit Development Environment {{ pt.name }}</h3>
+    <h3> Edit Environment {{ pt.name }}</h3>
     <form class="form-horizontal" action="{% url 'edit_dev_env' de.id %}" method="post">{% csrf_token %}
         {% include "dojo/form_fields.html" with form=form %}
         <div class="form-group">

dojo/templates/dojo/findings_list.html

@@ -114,6 +114,9 @@ <h3 class="has-filters">
                             <th>CWE</th>
                             <th class="nowrap">{% dojo_sort request 'Date' 'date'%}</th>
                             <th class="nowrap">Age</th>
+                            {% if 'enable_finding_sla'|fetch_system_setting %}
+                            <th>SLA</th>
+                            {% endif %}
                             <th>Reporter</th>
                             <th>Found By</th>
                             {% if "enable_jira"|get_system_setting %}
@@ -263,6 +266,11 @@ <h3 class="has-filters">
                                 </td>
                                 <td class="nowrap">{{ finding.date }}</td>
                                 <td>{{ finding.age }}</td>
+                                {% if 'enable_finding_sla'|fetch_system_setting %}
+                                <td>
+                                  {{ finding|finding_sla }}
+                                </td>
+                                {% endif %}
                                 <td>
                                   {% if finding.reporter.get_full_name and finding.reporter.get_full_name.strip %}
                                       {{ finding.reporter.get_full_name }}

dojo/templates/dojo/new_dev_env.html

@@ -1,6 +1,6 @@
 {% extends "base.html" %}
 {% block content %}
-    <h3> Register a new Development Environment </h3>
+    <h3> Register a new Environment </h3>
     <form class="form-horizontal" action="{% url 'add_dev_env' %}" method="post">{% csrf_token %}
         {% include "dojo/form_fields.html" with form=form %}
         <div class="form-group">

dojo/templates/dojo/view_finding.html

@@ -161,6 +161,9 @@ <h3 class="pull-left to_highlight finding-title">
                 {% endif %}
                 <tr>
                     <th>Severity</th>
+                    {% if 'enable_finding_sla'|fetch_system_setting %}
+                    <th>SLA</th>
+                    {% endif %}
                     {% if finding.scanner_confidence %}
                     <th>Scanner Confidence</th>
                     {% endif %}
@@ -194,6 +197,11 @@ <h3 class="pull-left to_highlight finding-title">
                             {% endif %}
                         </span>
                     </td>
+                    {% if 'enable_finding_sla'|fetch_system_setting %}
+                    <td>
+                      {{ finding|finding_sla }}
+                    </td>
+                    {% endif %}
                     {% if finding.scanner_confidence %}
                     <td> {{finding.get_scanner_confidence_text}}</td>
                     {% endif %}

dojo/templates/dojo/view_product_details.html

@@ -206,13 +206,11 @@ <h3 class="panel-title"><span class="fa fa-language" aria-hidden="true"></span>
     <div class="panel-body">
         <div class="chart" id="donut-lang"></div>
         <div style="text-align: center;padding-top: 10px;">
-            <strong>Total Files: </strong>
             {%  if langSummary.files__sum > 0 %}
-            {{ langSummary.files__sum|intcomma }}
+            <strong>{{ langSummary.files__sum|intcomma }}</strong> files {%  if langSummary.code__sum %} and {%endif%}
             {% endif %}
-            <strong>Lines of Code: </strong>
             {%  if langSummary.code__sum %}
-            {{ langSummary.code__sum|intcomma }}
+            <strong>{{ langSummary.code__sum|intcomma }}</strong> lines of code
             {% endif %}
         </div>
     </div>