Skip to content

DRAFT: Remove finding evidence, move to report evidence #790

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
ColonelThirtyTwo wants to merge 1 commit into
base: master
Choose a base branch
from
+298 −813
Open

DRAFT: Remove finding evidence, move to report evidence #790

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
17 changes: 3 additions & 14 deletions ghostwriter/api/forms.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -112,15 +112,13 @@ class ApiEvidenceForm(forms.ModelForm):

class Meta:
model = Evidence
fields = ("friendly_name", "description", "caption", "tags", "finding", "report")
fields = ("friendly_name", "description", "caption", "tags", "report")

def __init__(self, *args, **kwargs):
self.user_obj = kwargs.pop("user_obj")
report_queryset = kwargs.pop("report_queryset")
finding_queryset = ReportFindingLink.objects.filter(report__in=report_queryset)
super().__init__(*args, **kwargs)
self.fields["report"].queryset = report_queryset
self.fields["finding"].queryset = finding_queryset

def clean_filename(self):
_, ext = splitext(self.cleaned_data["filename"])
Expand All @@ -132,22 +130,13 @@ def clean(self):
cleaned_data = super().clean()

report = None
if "finding" in cleaned_data and "report" in cleaned_data:
# Ensure only one of `finding` or `report` is specified
finding = cleaned_data["finding"]
if "report" in cleaned_data:
report = cleaned_data["report"]
if (finding is None) == (report is None):
# Above is effectively XOR.
msg = _("Must specify only one of either 'finding' or 'report'")
self.add_error("finding", msg)
self.add_error("report", msg)
elif finding is not None:
report = finding.report

if report is not None and "friendly_name" in cleaned_data:
# Validate that evidence name is unique
name = cleaned_data["friendly_name"]
if report.all_evidences().filter(friendly_name=name).exists():
if report.evidence_set.filter(friendly_name=name).exists():
self.add_error(
"friendly_name",
ValidationError(
Expand Down
40 changes: 2 additions & 38 deletions ghostwriter/api/tests/test_forms.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@
ClientFactory,
ClientInviteFactory,
DocTypeFactory,
EvidenceOnReportFactory,
EvidenceFactory,
ProjectAssignmentFactory,
ReportFactory,
ReportFindingLinkFactory,
Expand Down Expand Up @@ -91,7 +91,6 @@ def form_data(
description=None,
caption=None,
tags=None,
finding=None,
report=None,
filename=None,
file_base64=None,
Expand All @@ -105,7 +104,6 @@ def form_data(
"description": description,
"caption": caption,
"tags": tags,
"finding": finding,
"report": report,
"file_base64": file_base64,
"filename": filename,
Expand All @@ -120,7 +118,6 @@ def test_valid_data(self):
description="Test Description",
caption="Test Caption",
tags="Test, Tag",
finding=None,
report=self.report,
filename="test.txt",
file_base64="dGVzdA==",
Expand All @@ -129,39 +126,6 @@ def test_valid_data(self):
)
self.assertTrue(form.is_valid())

def test_finding_and_report(self):
form = self.form_data(
friendly_name="Test Finding & Report",
description="Test Description",
caption="Test Caption",
tags="Test, Tag",
finding=None,
report=None,
filename="test.txt",
file_base64="dGVzdA==",
user_obj=self.user,
report_queryset=get_reports_list(self.user),
)
errors = form.errors.as_data()
self.assertFalse(form.is_valid())
self.assertEqual(len(errors), 2)

form = self.form_data(
friendly_name="Test Finding & Report",
description="Test Description",
caption="Test Caption",
tags="Test, Tag",
finding=self.finding,
report=self.report,
filename="test.txt",
file_base64="dGVzdA==",
user_obj=self.user,
report_queryset=get_reports_list(self.user),
)
errors = form.errors.as_data()
self.assertFalse(form.is_valid())
self.assertEqual(len(errors), 1)

def test_invalid_extension(self):
form = self.form_data(
friendly_name="Test Finding & Report",
Expand Down Expand Up @@ -198,7 +162,7 @@ def test_invalid_report_and_finding(self):
self.assertEqual(len(errors), 1)

def test_duplicate_friendly_name(self):
evidence = EvidenceOnReportFactory(report=self.report, friendly_name="Duplicate Test")
evidence = EvidenceFactory(report=self.report, friendly_name="Duplicate Test")
form = self.form_data(
friendly_name="Duplicate Test",
description="Test Description",
Expand Down
Loading
Loading