Skip to content

Commit

Permalink
Merge pull request #196 from mantiumai/AlexN/fix-policy-version-bug
Browse files Browse the repository at this point in the history 
Fix bug related to scan version and policy version
  • Loading branch information
@alex-nork
alex-nork authored Sep 8, 2023
2 parents 57bbadc + 4bf6b7a commit 852030a
Show file tree
Hide file tree
Showing 12 changed files with 164 additions and 132 deletions.
126 changes: 1 addition & 125 deletions chirps/policy/templates/policy/dashboard_policy_list.html
View file
Original file line number Diff line number Diff line change
@@ -1,127 +1,3 @@
{% load policy_filter %}
{% for policy in policy_list %}
<div class="accordion-item policy-row" , id="chirps-policy-{{policy.id}}" hx-target="closest .policy-row"
hx-swap="outerHTML">
<div class="accordion-header">
<button class="accordion-button collapsed" type="button" data-bs-toggle="collapse"
data-bs-target="#collapse-{{policy.id}}" aria-expanded="false" aria-controls="collapse-{{policy.id}}">
<div class="d-flex">
<h5 class="ml-0 mr-3 my-auto">{{policy.name}}</h5>
<small class="ml-0 mr-auto my-auto">{{policy.description}}</small>
</div>
</button>


</div>
<div id="collapse-{{policy.id}}" class="accordion-collapse collapse">
<div class="accordion-body">
{% with grouped_rules=policy.current_version.rules.all|group_by_rule_type %}
{% for rule_type, rules in grouped_rules.items %}
{% if rule_type == 'regex' and rules %}
<h5>Regex Rules</h5>
<table class="table">
<thead>
<tr>
<th scope="col">Name</th>
<th scope="col">Query</th>
<th scope="col">Test</th>
<th scope="col">Severity</th>
</tr>
</thead>
<tbody>
{% for rule in rules %}
<tr>
<td>
<span class="d-inline-block" tabindex="0" data-toggle="tooltip" title="{{rule.name}}">
{{rule.name|truncatechars:50}}
</span>
</td>
<td>
<span class="d-inline-block" tabindex="0" data-toggle="tooltip"
title="{{rule.query_string}}">
{{rule.query_string|truncatechars:50}}
</span>
</td>
<td>
<span class="d-inline-block" tabindex="0" data-toggle="tooltip" title="{{rule.regex_test}}">
{{rule.regex_test|truncatechars:50}}
</span>
</td>
<td>
<span class="d-inline-block" tabindex="0" data-toggle="tooltip" title="{{rule.severity}}">
{{rule.severity|truncatechars:50}}
</span>
</td>
</tr>
{% endfor %}
</tbody>
</table>

{% elif rule_type == 'multiquery' and rules %}
<h5>MultiQuery Rules</h5>
<table class="table">
<thead>
<tr>
<th scope="col">Name</th>
<th scope="col">Description</th>
<th scope="col">Success Outcome</th>
<th scope="col">Severity</th>
</tr>
</thead>
<tbody>
{% for rule in rules %}
<tr>
<td>
<span class="d-inline-block" tabindex="0" data-toggle="tooltip"
title="{{rule.name}}">
{{rule.name|truncatechars:50}}
</span>
</td>
<td>
<span class="d-inline-block" tabindex="0" data-toggle="tooltip"
title="{{rule.task_description}}">
{{rule.task_description|truncatechars:50}}
</span>
</td>
<td>
<span class="d-inline-block" tabindex="0" data-toggle="tooltip"
title="{{rule.success_outcome}}">
{{rule.success_outcome|truncatechars:50}}
</span>
</td>
<td>
<span class="d-inline-block" tabindex="0" data-toggle="tooltip"
title="{{rule.severity}}">
{{rule.severity|truncatechars:50}}
</span>
</td>
</tr>
{% endfor %}
</tbody>
</table>
{% endif %}
{% endfor %}
{% endwith %}
</div>

{% if edit_mode %}
{% if policy.is_template == False %}
<div class="row">
<div class="col">
<a class="btn btn-outline-primary m-3" href="{% url 'policy_edit' policy.id %}"><i
class="fa-solid fa-pen-to-square"></i> Edit</a>
<a href="{% url 'policy_archive' policy.id %}" class="btn btn-outline-danger m-3"><i
class="fa-solid fa-trash"></i> Archive</a>
</div>
<div class="col align-self-end">
<p class="text-right m-3">version: {{policy.current_version.number}}</p>
</div>
</div>
{% else %}
<a class="btn btn-outline-primary m-3" href="{% url 'policy_clone' policy.id %}"><i
class="fa-solid fa-clone"></i> Clone</a>
{% endif %}
{% endif %}
</div>
</div>
{% include 'policy/policy_list_item.html' with policy=policy policy_rules=policy.current_version.rules.all edit_mode=edit_mode %}
{% endfor %}
35 changes: 35 additions & 0 deletions chirps/policy/templates/policy/policy_list_item.html
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,35 @@
{% load policy_filter %}
<div class="accordion-item policy-row" id="chirps-policy-{{policy.id}}" hx-target="closest .policy-row" hx-swap="outerHTML">
<div class="accordion-header">
<button class="accordion-button collapsed" type="button" data-bs-toggle="collapse"
data-bs-target="#collapse-{{policy.id}}" aria-expanded="false" aria-controls="collapse-{{policy.id}}">
<div class="d-flex">
<h5 class="ml-0 mr-3 my-auto">{{policy.name}}</h5>
<small class="ml-0 mr-auto my-auto">{{policy.description}}</small>
</div>
</button>
</div>
<div id="collapse-{{policy.id}}" class="accordion-collapse collapse">
<div class="accordion-body">
{% include 'policy/policy_rules_grouped.html' with policy_rules=policy_rules %}
</div>
{% if edit_mode %}
{% if policy.is_template == False %}
<div class="row">
<div class="col">
<a class="btn btn-outline-primary m-3" href="{% url 'policy_edit' policy.id %}"><i
class="fa-solid fa-pen-to-square"></i> Edit</a>
<a href="{% url 'policy_archive' policy.id %}" class="btn btn-outline-danger m-3"><i
class="fa-solid fa-trash"></i> Archive</a>
</div>
<div class="col align-self-end">
<p class="text-right m-3">version: {{policy.current_version.number}}</p>
</div>
</div>
{% else %}
<a class="btn btn-outline-primary m-3" href="{% url 'policy_clone' policy.id %}"><i
class="fa-solid fa-clone"></i> Clone</a>
{% endif %}
{% endif %}
</div>
</div>
83 changes: 83 additions & 0 deletions chirps/policy/templates/policy/policy_rules_grouped.html
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,83 @@
{% load policy_filter %}
{% with grouped_rules=policy_rules|group_by_rule_type %}
{% for rule_type, rules in grouped_rules.items %}
{% if rule_type == 'regex' and rules %}
<h5>Regex Rules</h5>
<table class="table">
<thead>
<tr>
<th scope="col">Name</th>
<th scope="col">Query</th>
<th scope="col">Test</th>
<th scope="col">Severity</th>
</tr>
</thead>
<tbody>
{% for rule in rules %}
<tr>
<td>
<span class="d-inline-block" tabindex="0" data-toggle="tooltip" title="{{rule.name}}">
{{rule.name|truncatechars:50}}
</span>
</td>
<td>
<span class="d-inline-block" tabindex="0" data-toggle="tooltip" title="{{rule.query_string}}">
{{rule.query_string|truncatechars:50}}
</span>
</td>
<td>
<span class="d-inline-block" tabindex="0" data-toggle="tooltip" title="{{rule.regex_test}}">
{{rule.regex_test|truncatechars:50}}
</span>
</td>
<td>
<span class="d-inline-block" tabindex="0" data-toggle="tooltip" title="{{rule.severity}}">
{{rule.severity|truncatechars:50}}
</span>
</td>
</tr>
{% endfor %}
</tbody>
</table>

{% elif rule_type == 'multiquery' and rules %}
<h5>MultiQuery Rules</h5>
<table class="table">
<thead>
<tr>
<th scope="col">Name</th>
<th scope="col">Description</th>
<th scope="col">Success Outcome</th>
<th scope="col">Severity</th>
</tr>
</thead>
<tbody>
{% for rule in rules %}
<tr>
<td>
<span class="d-inline-block" tabindex="0" data-toggle="tooltip" title="{{rule.name}}">
{{rule.name|truncatechars:50}}
</span>
</td>
<td>
<span class="d-inline-block" tabindex="0" data-toggle="tooltip" title="{{rule.task_description}}">
{{rule.task_description|truncatechars:50}}
</span>
</td>
<td>
<span class="d-inline-block" tabindex="0" data-toggle="tooltip" title="{{rule.success_outcome}}">
{{rule.success_outcome|truncatechars:50}}
</span>
</td>
<td>
<span class="d-inline-block" tabindex="0" data-toggle="tooltip" title="{{rule.severity}}">
{{rule.severity|truncatechars:50}}
</span>
</td>
</tr>
{% endfor %}
</tbody>
</table>
{% endif %}
{% endfor %}
{% endwith %}
18 changes: 18 additions & 0 deletions chirps/scan/migrations/0012_scanversion_policy_versions.py
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
# Generated by Django 4.2.3 on 2023-09-06 18:24

from django.db import migrations, models


class Migration(migrations.Migration):
dependencies = [
('policy', '0009_multiqueryrule_attack_count'),
('scan', '0011_merge_20230828_1433'),
]

operations = [
migrations.AddField(
model_name='scanversion',
name='policy_versions',
field=models.ManyToManyField(to='policy.policyversion'),
),
]
3 changes: 2 additions & 1 deletion chirps/scan/models.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ def __str__(self) -> str:

def policy_count(self):
"""Fetch the number of policies associated with this scan."""
return self.current_version.policies.count()
return self.current_version.policy_versions.count()

def asset_count(self):
"""Fetch the number of assets associated with this scan."""
Expand Down Expand Up @@ -76,6 +76,7 @@ class ScanVersion(models.Model):
number = models.IntegerField(default=1)
scan = models.ForeignKey(ScanTemplate, on_delete=models.CASCADE, related_name='versions')
policies = models.ManyToManyField('policy.Policy')
policy_versions = models.ManyToManyField('policy.PolicyVersion')
assets = models.ManyToManyField(BaseAsset, related_name='scan_assets')


Expand Down
3 changes: 2 additions & 1 deletion chirps/scan/tasks.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -67,7 +67,8 @@ def scan_task(scan_asset_id):

# Build a complete list of all the rules, across policies, that need to be evaluated
policy_rules = []
for policy in scan_run.scan_version.policies.all():
for policy_version in scan_run.scan_version.policy_versions.all():
policy = policy_version.policy
for rule in policy.current_version.rules.all():
policy_rules.append((policy, rule))

Expand Down
2 changes: 2 additions & 0 deletions chirps/scan/templates/scan/create.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,9 @@ <h1 class="text-success">New Scan</h1>
<select class="selectpicker form-control" id="{{ form.policies.auto_id }}"
name="{{ form.policies.html_name }}" multiple data-actions-box="true" data-live-search="true">
{% for policy in form.policies.field.queryset %}
{% if policy.archived == False %}
<option value="{{ policy.id }}">{{ policy }}</option>
{% endif %}
{% endfor %}
</select>
</div>
Expand Down
2 changes: 1 addition & 1 deletion chirps/scan/templates/scan/scan_history.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,7 @@ <h3 class="display-3 text-center">No scan history found</h3>
<td>{{ scan_run.duration }}</td>
<td>{{ scan_run.status }} </td>
<td>{{ scan_run.scan_version.assets.count }}</td>
<td>{{ scan_run.scan_version.policies.count }}</td>
<td>{{ scan_run.scan_version.policy_versions.count }}</td>
<td>{{ scan.current_version.number }}</td>
<td>
<a class="btn btn-primary" href="{% url 'view_scan_run' scan_run.id %}"><i class="fa-solid fa-magnifying-glass"></i></a>
Expand Down
6 changes: 4 additions & 2 deletions chirps/scan/templates/scan/scan_run.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ <h1 class="my-auto ml-0 mr-auto text-success">Scan Result</h1>
<li class="nav-item" role="presentation">
<a class="nav-link" id="tab-2" data-bs-toggle="tab" href="#tabs-2" role="tab" aria-controls="tabs-2"
aria-selected="false">
Policies <span class="badge bg-primary text-white">{{scan_run.scan_version.policies.count}}</span>
Policies <span class="badge bg-primary text-white">{{scan_run.scan_version.policy_versions.count}}</span>
</a>
</li>
<li class="nav-item" role="presentation">
Expand Down Expand Up @@ -76,7 +76,9 @@ <h5 class="my-auto ml-0 text-right">

<div class="tab-pane fade" id="tabs-2" role="tabpanel" aria-labelledby="tab-2">
<div class="accordion" id="template-panel-accordion">
{% include 'policy/dashboard_policy_list.html' with policy_list=scan_run.scan_version.policies.all edit_mode=False %}
{% with policy_list=scan_run.scan_version.policy_versions.all|policies_by_rule %}
{% include 'scan/scan_run_policy_list.html' with policy_list=policy_list edit_mode=False %}
{% endwith %}
</div>
</div>

Expand Down
3 changes: 3 additions & 0 deletions chirps/scan/templates/scan/scan_run_policy_list.html
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
{% for policy in policy_list %}
{% include 'policy/policy_list_item.html' with policy=policy policy_rules=policy.rules.all edit_mode=edit_mode %}
{% endfor %}
11 changes: 11 additions & 0 deletions chirps/scan/templatetags/scan_filters.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,3 +39,14 @@ def surrounding_conversation_text(finding):
"""
formatted_conversation = finding.surrounding_conversation_text()
return mark_safe('<br />'.join([line['text'] for line in formatted_conversation]))


@register.filter
def policies_by_rule(policy_versions):
"""Build a list of policies containing the rules associated with each policy version."""
policies = []
for policy_version in policy_versions:
policy = policy_version.policy
policy.rules = policy_version.rules.all()
policies.append(policy)
return policies
4 changes: 2 additions & 2 deletions chirps/scan/views.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -183,7 +183,7 @@ def create(request):
)

# Set the foreign keys to the selected policies and assets
new_scan_version.policies.set(selected_policies)
new_scan_version.policy_versions.set([policy.current_version for policy in selected_policies])
new_scan_version.assets.set(selected_assets)
new_scan_version.save()

Expand Down Expand Up @@ -266,7 +266,7 @@ def edit(request, scan_id):
new_scan_version = ScanVersion.objects.create(scan=scan, number=scan.current_version.number + 1)

# Set the foreign keys to the selected policies and assets
new_scan_version.policies.set(selected_policies)
new_scan_version.policy_versions.set([policy.current_version for policy in selected_policies])
new_scan_version.assets.set(selected_assets)
new_scan_version.save()

Expand Down

0 comments on commit 852030a

Please sign in to comment.