Merge pull request #475 from GhostManager/hotfix/fixed-checkout-mutat…

…ions

Hotfix for Checkout Mutations

CHANGELOG.md

@@ -4,6 +4,26 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [v4.2.2] - 3 July 2024
+
+### Added
+
+* Added a check to the template linter to ensure the `CodeInline` and `CodeBlock` styles have the correct style type (PR #474)
+
+### Changed
+
+* Gave every optional field in the database a default value (a blank string) to help prevent errors when creating new entries via the GraphQL API (PR #469)
+
+### Fixed
+
+* Fixed extra fields on findings not being processed for report generation (PR #467)
+* Fixed project fields being processed twice when generating a report (PR #468)
+* Fixed syntax errors that weren't being caught properly and returning generic failure messages (PR #470)
+* Fixed observation tags missing from the linting data (PR #471)
+* Fixed uploading evidence and autocomplete on observations (PR #472)
+* Fixed a server error that could occur when using the `checkoutServer` and `checkoutDomain` mutations in the GraphQL API and providing a null value for the `note` field (PR #475)
+* Fixed the "My Active Projects" sidebar dropdown not showing the correct message if all projects are marked as complete (PR #475)
+
 ## [v4.2.1] - 18 June 2024
 
 ### Changed

VERSION

@@ -1,2 +1,2 @@
-v4.2.1
-20 June 2024
+v4.2.2
+3 July 2024

config/settings/base.py

@@ -11,9 +11,9 @@
 # 3rd Party Libraries
 import environ
 
-__version__ = "4.2.1"
+__version__ = "4.2.2"
 VERSION = __version__
-RELEASE_DATE = "20 June 2024"
+RELEASE_DATE = "3 July 2024"
 
 ROOT_DIR = Path(__file__).resolve(strict=True).parent.parent.parent
 APPS_DIR = ROOT_DIR / "ghostwriter"

ghostwriter/api/tests/test_views.py

@@ -638,7 +638,8 @@ def generate_server_data(
 
     def test_graphql_checkout_domain(self):
         _, token = utils.generate_jwt(self.user)
-        data = self.generate_domain_data(self.project.pk, self.domain.pk, self.activity.pk, note="Test note")
+        data = self.generate_domain_data(self.project.pk, self.domain.pk, self.activity.pk)
+        del data["input"]["note"]
         response = self.client.post(
             self.domain_uri,
             data=data,
@@ -657,9 +658,8 @@ def test_graphql_checkout_domain(self):
 
     def test_graphql_checkout_server(self):
         _, token = utils.generate_jwt(self.user)
-        data = self.generate_server_data(
-            self.project.pk, self.server.pk, self.activity.pk, self.server_role.pk, note="Test note"
-        )
+        data = self.generate_server_data(self.project.pk, self.server.pk, self.activity.pk, self.server_role.pk)
+        del data["input"]["note"]
         response = self.client.post(
             self.server_uri,
             data=data,

ghostwriter/api/views.py

@@ -592,6 +592,8 @@ def post(self, request, *args, **kwargs):
             return JsonResponse(utils.generate_hasura_error_payload("Domain is expired", "DomainExpired"), status=400)
 
         try:
+            if not self.note:
+                self.note = ""
             History.objects.create(
                 domain=self.object,
                 activity_type=self.activity_type,
@@ -647,6 +649,8 @@ def post(self, request, *args, **kwargs):
             )
 
         try:
+            if not self.note:
+                self.note = ""
             ServerHistory.objects.create(
                 server=self.object,
                 activity_type=self.activity_type,

ghostwriter/home/templatetags/custom_tags.py

@@ -68,24 +68,30 @@ def count_assignments(request):
 
 
 @register.simple_tag
-def get_reports(request):
+def get_assignment_data(request):
     """
-    Get a list of all :model:`reporting.Report` entries associated with
-    an individual :model:`users.User` via :model:`rolodex.Project` and
-    :model:`rolodex.ProjectAssignment`.
+    Get a list of :model:`rolodex.ProjectAssignment` entries associated
+    with an individual :model:`users.User` and return a list of unique
+    :model:`rolodex.Project` entries and a list of unique :model:`reporting.Report` entries.
     """
+    active_projects = []
     active_reports = []
-    active_projects = (
+
+    user_assignments = (
         ProjectAssignment.objects.select_related("project")
         .filter(Q(operator=request.user) & Q(project__complete=False))
         .order_by("project__end_date")
     )
+    for assignment in user_assignments:
+        if assignment.project not in active_projects:
+            active_projects.append(assignment.project)
+
     for active_project in active_projects:
-        reports = Report.objects.filter(Q(project=active_project.project) & Q(complete=False))
+        reports = Report.objects.filter(Q(project=active_project) & Q(complete=False))
         for report in reports:
-            active_reports.append(report)
-
-    return active_reports
+            if report not in active_reports:
+                active_reports.append(report)
+    return active_projects, active_reports
 
 
 @register.simple_tag

ghostwriter/home/tests/test_views.py

@@ -109,8 +109,11 @@ def test_tags(self):
         result = custom_tags.count_assignments(request)
         self.assertEqual(result, self.num_of_findings)
 
-        result = custom_tags.get_reports(request)
-        self.assertEqual(len(result), 1)
+        projects, reports = custom_tags.get_assignment_data(request)
+        self.assertEqual(len(projects), 1)
+        self.assertEqual(projects[0], self.project)
+        self.assertEqual(len(reports), 1)
+        self.assertEqual(reports[0], self.report)
 
         result = custom_tags.settings_value("DATE_FORMAT")
         self.assertEqual(result, settings.DATE_FORMAT)

ghostwriter/templates/base_generic.html

@@ -131,9 +131,9 @@
               <div class="expand_caret caret"></div>
             </a>
             <ul class="collapse list-unstyled text-left" id="activeReportsSubmenu">
-              {% get_reports request as reports %}
-              {% if reports %}
-                {% for report in reports %}
+              {% get_assignment_data request as user_project_data %}
+              {% if user_project_data.1 %}
+                {% for report in user_project_data.1 %}
                   <li>
                     <a title="Set this report as your active report"
                        class="js-activate-report icon toggle-off-icon
@@ -147,7 +147,8 @@
                   </li>
                 {% endfor %}
               {% else %}
-                <li><a href="{% url 'reporting:reports' %}">You have no active reports; click to visit the library.</a>
+                <li><a href="{% url 'reporting:reports' %}">You do not have any active reports; click here to visit the
+                  library.</a>
                 </li>
               {% endif %}
             </ul>
@@ -160,15 +161,14 @@
               <div class="expand_caret caret"></div>
             </a>
             <ul class="collapse list-unstyled text-left" id="activeProjectsSubmenu">
-              {% if request.user.projectassignment_set.all %}
-                {% for assignment in request.user.projectassignment_set.all %}
-                  {% if not assignment.project.complete %}
-                    <li><a href="{% url 'rolodex:project_detail' assignment.project.id %}">{{ assignment.project }}</a>
-                    </li>
-                  {% endif %}
+              {% if user_project_data.0 %}
+                {% for assignment in user_project_data.0 %}
+                  <li><a href="{% url 'rolodex:project_detail' assignment.id %}">{{ assignment }}</a>
+                  </li>
                 {% endfor %}
               {% else %}
-                <li><a href="{% url 'rolodex:projects' %}">You have no assignments; click to visit the library.</a></li>
+                <li><a href="{% url 'rolodex:projects' %}">You do not have any active assignments; click here to visit
+                  the library.</a></li>
               {% endif %}
             </ul>
           </li>
@@ -226,7 +226,8 @@
               {% comment %} observations Submenu Items {% endcomment %}
               <li><a class="icon list-icon" href="{% url 'reporting:observations' %}">Observation Library</a></li>
               {% if request.user|can_create_observation %}
-                <li><a class="icon plus-icon" href="{% url 'reporting:observation_create' %}">Add New Observation</a></li>
+                <li><a class="icon plus-icon" href="{% url 'reporting:observation_create' %}">Add New Observation</a>
+                </li>
               {% endif %}
             </ul>
           </li>
@@ -246,7 +247,8 @@
             <ul class="collapse list-unstyled text-left" id="projectSubmenu">
               <li><a class="icon list-icon" href="{% url 'rolodex:projects' %}">Projects Library</a></li>
               {% if request.user|is_privileged %}
-                <li><a class="icon plus-icon" href="{% url 'rolodex:project_create_no_client' %}">Add New Project</a></li>
+                <li><a class="icon plus-icon" href="{% url 'rolodex:project_create_no_client' %}">Add New Project</a>
+                </li>
               {% endif %}
             </ul>
           </li>
@@ -356,7 +358,8 @@
                 <hr>
                 <li><a class="icon import-icon" href="{% url 'admin:reporting_observation_import' %}">Upload Bulk
                   Observations</a></li>
-                <li><a class="icon export-icon" href="{% url 'reporting:export_observations_to_csv' %}">Export Observations to
+                <li><a class="icon export-icon" href="{% url 'reporting:export_observations_to_csv' %}">Export
+                  Observations to
                   CSV</a></li>
                 <hr>
                 <li><a class="icon import-icon" href="{% url 'admin:shepherd_domain_import' %}">Upload Bulk Domains</a>
@@ -413,7 +416,7 @@
         <a href="{% url 'users:user_detail' request.user.username %}">
           <img class="navbar-avatar"
                data-toggle="tooltip" data-placement="top" title="Logged-in as {{ request.user.username }}"
-               src="{%  url 'users:avatar_download' slug=request.user.username %}"
+               src="{% url 'users:avatar_download' slug=request.user.username %}"
                alt="Avatar">
         </a>
       </div>
@@ -431,13 +434,13 @@
 {% comment %} Scripts included on ALL pages {% endcomment %}
 <script>
   {% comment %} Handle AJAX errors {% endcomment %}
-  (function($){
-    $(document).on('ajaxError', function(event, xhr) {
+  (function ($) {
+    $(document).on('ajaxError', function (event, xhr) {
       if (xhr.status === 401 || xhr.status === 403) {
         if (xhr.hasOwnProperty('responseJSON')) {
           let errorData = xhr.responseJSON;
           if (errorData['message']) {
-            displayToastTop({type:errorData['result'], string:errorData['message'], title:'Error'});
+            displayToastTop({type: errorData['result'], string: errorData['message'], title: 'Error'});
           }
         }
       }