Added setting uploaded_by to forms

GhostManager · Aug 29, 2024 · dc7b314 · dc7b314
1 parent 342abb0
commit dc7b314
Show file tree

Hide file tree

Showing 2 changed files with 17 additions and 13 deletions.
diff --git a/ghostwriter/api/forms.py b/ghostwriter/api/forms.py
@@ -97,16 +97,10 @@ class ApiEvidenceForm(forms.ModelForm):
 
     class Meta:
         model = Evidence
-        fields = (
-            "friendly_name",
-            "description",
-            "caption",
-            "tags",
-            "finding",
-            "report",
-        )
+        fields = ("friendly_name", "description", "caption", "tags", "finding", "report")
 
     def __init__(self, *args, **kwargs):
+        self.user_obj = kwargs.pop("user_obj")
         report_queryset = kwargs.pop("report_queryset")
         finding_queryset = ReportFindingLink.objects.filter(report__in=report_queryset)
         super().__init__(*args, **kwargs)
@@ -133,17 +127,21 @@ def clean(self):
             # Validate that evidence name is unique
             name = cleaned_data["friendly_name"]
             if report.all_evidences().filter(friendly_name=name).exists():
-                self.add_error("friendly_name", ValidationError(
-                    _("This friendly name has already been used for a file attached to this report."),
-                    "duplicate",
-                ))
+                self.add_error(
+                    "friendly_name",
+                    ValidationError(
+                        _("This friendly name has already been used for a file attached to this report."),
+                        "duplicate",
+                    ),
+                )
 
         return cleaned_data
 
     def save(self, commit=True):
         instance = super().save(False)
         blob = ContentFile(self.cleaned_data["file_base64"], name=self.cleaned_data["filename"])
         instance.document = blob
+        instance.uploaded_by = self.user_obj
         if commit:
             instance.save()
             self.save_m2m()
@@ -158,10 +156,15 @@ class Meta:
         model = ReportTemplate
         exclude = ("document", "upload_date", "last_update", "lint_result", "uploaded_by")
 
+    def __init__(self, *args, **kwargs):
+        self.user_obj = kwargs.pop("user_obj")
+        super().__init__(*args, **kwargs)
+
     def save(self, commit=True):
         instance = super().save(False)
         blob = ContentFile(self.cleaned_data["file_base64"], name=self.cleaned_data["filename"])
         instance.document = blob
+        instance.uploaded_by = self.user_obj
         if commit:
             instance.save()
             self.save_m2m()

diff --git a/ghostwriter/api/views.py b/ghostwriter/api/views.py
@@ -791,6 +791,7 @@ def post(self, request):
 
         form = ApiEvidenceForm(
             self.input,
+            user_obj=self.user_obj,
             report_queryset=utils.get_reports_list(self.user_obj),
         )
         if form.is_valid():
@@ -805,7 +806,7 @@ def post(self, request):
         if self.user_obj is None or not self.user_obj.is_active:
             return JsonResponse(utils.generate_hasura_error_payload("Unauthorized access", "Unauthorized"), status=401)
 
-        form = ApiReportTemplateForm(self.input)
+        form = ApiReportTemplateForm(self.input, user_obj=self.user_obj)
         if form.is_valid():
             instance = form.save()
             return JsonResponse({"id": instance.pk}, status=201)