;
diff --git a/security-c4po-angular/src/app/pentest/pentest-content/pentest-findings/pentest-findings.component.html b/security-c4po-angular/src/app/pentest/pentest-content/pentest-findings/pentest-findings.component.html
index e38ac19..e221a97 100644
--- a/security-c4po-angular/src/app/pentest/pentest-content/pentest-findings/pentest-findings.component.html
+++ b/security-c4po-angular/src/app/pentest/pentest-content/pentest-findings/pentest-findings.component.html
@@ -19,10 +19,10 @@
|
{{ 'finding.severity' | translate }}
|
-
-
+ |
+
|
diff --git a/security-c4po-angular/src/app/pentest/pentest-content/pentest-findings/pentest-findings.component.scss b/security-c4po-angular/src/app/pentest/pentest-content/pentest-findings/pentest-findings.component.scss
index fc4b47e..38ed17b 100644
--- a/security-c4po-angular/src/app/pentest/pentest-content/pentest-findings/pentest-findings.component.scss
+++ b/security-c4po-angular/src/app/pentest/pentest-content/pentest-findings/pentest-findings.component.scss
@@ -17,11 +17,11 @@
}
.cell-severity {
- width: 125px;
- max-width: 125px;
+ //width: 125px;
+ // max-width: 125px;
// border-style: none;
// ToDo: Fix size issue on lower screen resolution
- height: 4.5rem !important;
+ // height: 4.5rem !important;
}
.cell {
diff --git a/security-c4po-angular/src/shared/models/pentest.model.ts b/security-c4po-angular/src/shared/models/pentest.model.ts
index 79ef392..c01d205 100644
--- a/security-c4po-angular/src/shared/models/pentest.model.ts
+++ b/security-c4po-angular/src/shared/models/pentest.model.ts
@@ -41,6 +41,14 @@ export interface ObjectiveEntry {
expanded?: boolean;
}
+export function isSubObjective(pentest: Pentest): boolean {
+ return pentest.refNumber.includes('_');
+}
+
+export function getObjectiveNumberObjective(pentest: Pentest): string {
+ return pentest.refNumber.split('_')[0];
+}
+
export function transformPentestToRequestBody(pentest: Pentest): Pentest {
const transformedPentest = {
...pentest,
@@ -65,8 +73,8 @@ export function transformPentestsToObjectiveEntries(pentests: Pentest[]): Object
objectiveEntries.push({
refNumber: value.refNumber,
status: value.status,
- findings: value.findingIds ? value.findingIds.length : 0,
- comments: value.commentIds ? value.commentIds.length : 0,
+ findingIds: value.findingIds,
+ commentIds: value.commentIds,
kind: value.childEntries ? 'dir' : 'cell',
childEntries: value.childEntries ? value.childEntries : null,
expanded: !!value.childEntries
diff --git a/security-c4po-angular/src/shared/services/api/pentest.service.ts b/security-c4po-angular/src/shared/services/api/pentest.service.ts
index 7b88e55..02cdc99 100644
--- a/security-c4po-angular/src/shared/services/api/pentest.service.ts
+++ b/security-c4po-angular/src/shared/services/api/pentest.service.ts
@@ -3,12 +3,11 @@ import {environment} from '../../../environments/environment';
import {HttpClient, HttpParams} from '@angular/common/http';
import {Observable, of} from 'rxjs';
import {Category} from '@shared/models/category.model';
-import {Pentest} from '@shared/models/pentest.model';
+import {getObjectiveNumberObjective, isSubObjective, Pentest} from '@shared/models/pentest.model';
import {Store} from '@ngxs/store';
import {ProjectState} from '@shared/stores/project-state/project-state';
import {catchError, map, switchMap} from 'rxjs/operators';
import {getTempPentestsForCategory} from '@shared/functions/categories/get-temp-pentests-for-category.function';
-import {Finding} from '@shared/models/finding.model';
@Injectable({
providedIn: 'root'
@@ -26,27 +25,59 @@ export class PentestService {
* Load Pentests
* @param category the categories of which the pentests should be requested
*/
+ // ToDo: Should be refactored to be less ugly fr
public loadPentests(category: Category): Observable {
return this.store.select(ProjectState.project).pipe(
switchMap(project => this.getPentestByProjectIdAndCategory(project.id, category)),
catchError(_ => of(null)),
map((response: Pentest[]) => {
- // ToDo: Improve performance by only loading templates when not all pentests of category got returned
// Load template pentest
const templatePentests = getTempPentestsForCategory(category);
// The pentests that get returned to the component
- let completePentests: Pentest[] = response;
+ let availablePentests: Pentest[] = response;
// Add pentest template to complete pentests if not included in request
- if (completePentests) {
- templatePentests.forEach((templatePentest: Pentest) => {
- if (!completePentests.map(it => it.refNumber).includes(templatePentest.refNumber)) {
- completePentests.push(templatePentest);
+ if (availablePentests) {
+ for (let i = 0; i < templatePentests.length; i++) {
+ if (!availablePentests.map(it => it.refNumber).includes(templatePentests[i].refNumber)) {
+ availablePentests.push(templatePentests[i]);
+ // Loads child entry from response in template when parent is still from template
+ if (isSubObjective(availablePentests[i])) {
+ const parentObjectiveNumber = getObjectiveNumberObjective(availablePentests[i]);
+ const parentTemplatePentestIndex = templatePentests.map(it => it.refNumber).indexOf(parentObjectiveNumber);
+ const parentTemplatePentest = templatePentests[parentTemplatePentestIndex];
+ parentTemplatePentest.childEntries.forEach((childEntry: Pentest) => {
+ if (childEntry.refNumber === availablePentests[i].refNumber) {
+ const unusedTemplateChildEntryIndex = parentTemplatePentest.childEntries.indexOf(childEntry);
+ // ToDo add the child entry from response here
+ parentTemplatePentest.childEntries[unusedTemplateChildEntryIndex] = availablePentests[i];
+ availablePentests.splice(i, 1);
+ }
+ });
+ }
+ } else if (templatePentests[i].childEntries && templatePentests[i].childEntries.length !== 0) {
+ const indexOfPentestWithChildEntries = availablePentests.map(it => it.refNumber).indexOf(templatePentests[i].refNumber);
+ availablePentests[indexOfPentestWithChildEntries].childEntries = [];
+
+ templatePentests[i]?.childEntries?.forEach((childEntry: Pentest) => {
+ // ToDo: Add only child entrys that are not included in response aka available pentests
+ if (!availablePentests.map(it => it.refNumber).includes(childEntry.refNumber)) {
+ console.log('Child entry from template: ', childEntry);
+ availablePentests[indexOfPentestWithChildEntries].childEntries.push(childEntry);
+ } else {
+ // Removes the pentest from availablePentests and add it as a child entry
+ const indexOfPentestThatsChildEntry = availablePentests.map(it => it.refNumber).indexOf(childEntry.refNumber);
+ const pentestThatIsChildEntry = availablePentests[indexOfPentestThatsChildEntry];
+ // Adds the child entry from response
+ availablePentests[indexOfPentestWithChildEntries].childEntries.push(pentestThatIsChildEntry);
+ availablePentests.splice(indexOfPentestThatsChildEntry, 1);
+ }
+ });
}
- });
+ }
} else {
- completePentests = templatePentests;
+ availablePentests = templatePentests;
}
- return completePentests;
+ return availablePentests;
})
);
}
diff --git a/security-c4po-api/src/main/kotlin/com/securityc4po/api/pentest/PentestDeletionService.kt b/security-c4po-api/src/main/kotlin/com/securityc4po/api/pentest/PentestDeletionService.kt
new file mode 100644
index 0000000..8daa8d4
--- /dev/null
+++ b/security-c4po-api/src/main/kotlin/com/securityc4po/api/pentest/PentestDeletionService.kt
@@ -0,0 +1,63 @@
+package com.securityc4po.api.pentest
+
+import com.securityc4po.api.configuration.BC_BAD_CAST_TO_ABSTRACT_COLLECTION
+import com.securityc4po.api.configuration.MESSAGE_BAD_CAST_TO_ABSTRACT_COLLECTION
+import com.securityc4po.api.configuration.error.handler.Errorcode
+import com.securityc4po.api.configuration.error.handler.TransactionInterruptedException
+import com.securityc4po.api.extensions.getLoggerFor
+import com.securityc4po.api.pentest.comment.CommentRepository
+import com.securityc4po.api.pentest.finding.FindingRepository
+import com.securityc4po.api.project.Project
+import edu.umd.cs.findbugs.annotations.SuppressFBWarnings
+import org.springframework.stereotype.Service
+import reactor.core.publisher.Flux
+import reactor.core.publisher.Mono
+
+@Service
+class PentestDeletionService(
+ private val pentestRepository: PentestRepository,
+ private val findingRepository: FindingRepository,
+ private val commentRepository: CommentRepository
+) {
+ var logger = getLoggerFor()
+
+ @SuppressFBWarnings(BC_BAD_CAST_TO_ABSTRACT_COLLECTION, MESSAGE_BAD_CAST_TO_ABSTRACT_COLLECTION)
+ fun deletePentestsAndAllAssociatedFindingsAndComments(project: Project): Flux {
+ val pentestIds = project.projectPentests.map { it.pentestId }
+ return pentestRepository.findPentestsByIds(pentestIds).collectList()
+ .flatMapMany { pentestEntityList -> Flux.fromIterable(pentestEntityList) }.flatMap { pentestEntity ->
+ this.pentestRepository.deletePentestById(pentestEntity.data.id).flatMap {
+ // Delete all associated findings of the pentest
+ val findingsDeletionResult =
+ this.findingRepository.deleteFindingsByIds(pentestEntity.data.findingIds).onErrorMap {
+ TransactionInterruptedException(
+ "Finding could not be deleted.",
+ Errorcode.FindingDeletionFailed
+ )
+ }
+ // Delete all associated comments of the pentest
+ val commentsDeletionResult =
+ this.commentRepository.deleteCommentsByIds(pentestEntity.data.commentIds).onErrorMap {
+ TransactionInterruptedException(
+ "Comments could not be deleted.",
+ Errorcode.CommentDeletionFailed
+ )
+ }
+ // Hack to map result together
+ findingsDeletionResult.flatMap {
+ commentsDeletionResult.flatMap {
+ Mono.just(project)
+ }
+ }
+
+ }.onErrorMap {
+ TransactionInterruptedException(
+ "Pentest deletion failed",
+ Errorcode.PentestDeletionFailed
+ )
+ }
+ }.flatMap {
+ Mono.just(project)
+ }
+ }
+}
diff --git a/security-c4po-api/src/main/kotlin/com/securityc4po/api/pentest/PentestRepository.kt b/security-c4po-api/src/main/kotlin/com/securityc4po/api/pentest/PentestRepository.kt
index 5650256..45970ef 100644
--- a/security-c4po-api/src/main/kotlin/com/securityc4po/api/pentest/PentestRepository.kt
+++ b/security-c4po-api/src/main/kotlin/com/securityc4po/api/pentest/PentestRepository.kt
@@ -1,5 +1,6 @@
package com.securityc4po.api.pentest
+import org.springframework.data.mongodb.repository.DeleteQuery
import org.springframework.data.mongodb.repository.Query
import org.springframework.data.mongodb.repository.ReactiveMongoRepository
import org.springframework.stereotype.Repository
@@ -14,4 +15,10 @@ interface PentestRepository : ReactiveMongoRepository {
@Query("{'data._id' : ?0}")
fun findPentestById(id: String): Mono
+
+ @Query("{'data._id' :{\$in: ?0 }}")
+ fun findPentestsByIds(id: List): Flux
+
+ @DeleteQuery("{'data._id' : ?0}")
+ fun deletePentestById(id: String): Mono
}
\ No newline at end of file
diff --git a/security-c4po-api/src/main/kotlin/com/securityc4po/api/pentest/PentestService.kt b/security-c4po-api/src/main/kotlin/com/securityc4po/api/pentest/PentestService.kt
index 958b0a9..490beec 100644
--- a/security-c4po-api/src/main/kotlin/com/securityc4po/api/pentest/PentestService.kt
+++ b/security-c4po-api/src/main/kotlin/com/securityc4po/api/pentest/PentestService.kt
@@ -6,8 +6,6 @@ import com.securityc4po.api.configuration.error.handler.*
import com.securityc4po.api.configuration.error.handler.InvalidModelException
import com.securityc4po.api.configuration.error.handler.TransactionInterruptedException
import com.securityc4po.api.extensions.getLoggerFor
-import com.securityc4po.api.pentest.comment.CommentService
-import com.securityc4po.api.pentest.finding.FindingService
import com.securityc4po.api.project.*
import edu.umd.cs.findbugs.annotations.SuppressFBWarnings
import org.springframework.stereotype.Service
diff --git a/security-c4po-api/src/main/kotlin/com/securityc4po/api/pentest/comment/CommentRepository.kt b/security-c4po-api/src/main/kotlin/com/securityc4po/api/pentest/comment/CommentRepository.kt
index 02dd8eb..62f8b20 100644
--- a/security-c4po-api/src/main/kotlin/com/securityc4po/api/pentest/comment/CommentRepository.kt
+++ b/security-c4po-api/src/main/kotlin/com/securityc4po/api/pentest/comment/CommentRepository.kt
@@ -18,4 +18,7 @@ interface CommentRepository : ReactiveMongoRepository {
@DeleteQuery("{'data._id' : ?0}")
fun deleteCommentById(id: String): Mono
+
+ @DeleteQuery("{'data._id' :{\$in: ?0 }}")
+ fun deleteCommentsByIds(id: List): Mono
}
\ No newline at end of file
diff --git a/security-c4po-api/src/main/kotlin/com/securityc4po/api/pentest/finding/FindingRepository.kt b/security-c4po-api/src/main/kotlin/com/securityc4po/api/pentest/finding/FindingRepository.kt
index 7580352..800b7da 100644
--- a/security-c4po-api/src/main/kotlin/com/securityc4po/api/pentest/finding/FindingRepository.kt
+++ b/security-c4po-api/src/main/kotlin/com/securityc4po/api/pentest/finding/FindingRepository.kt
@@ -18,4 +18,7 @@ interface FindingRepository : ReactiveMongoRepository {
@DeleteQuery("{'data._id' : ?0}")
fun deleteFindingById(id: String): Mono
+
+ @DeleteQuery("{'data._id' :{\$in: ?0 }}")
+ fun deleteFindingsByIds(id: List): Mono
}
diff --git a/security-c4po-api/src/main/kotlin/com/securityc4po/api/project/ProjectController.kt b/security-c4po-api/src/main/kotlin/com/securityc4po/api/project/ProjectController.kt
index 117a600..48fe89b 100644
--- a/security-c4po-api/src/main/kotlin/com/securityc4po/api/project/ProjectController.kt
+++ b/security-c4po-api/src/main/kotlin/com/securityc4po/api/project/ProjectController.kt
@@ -4,6 +4,7 @@ import com.securityc4po.api.configuration.BC_BAD_CAST_TO_ABSTRACT_COLLECTION
import com.securityc4po.api.extensions.getLoggerFor
import edu.umd.cs.findbugs.annotations.SuppressFBWarnings
import com.securityc4po.api.ResponseBody
+import com.securityc4po.api.pentest.PentestDeletionService
import org.springframework.http.ResponseEntity
import org.springframework.web.bind.annotation.*
import reactor.core.publisher.Mono
@@ -18,7 +19,7 @@ import reactor.kotlin.core.publisher.switchIfEmpty
methods = [RequestMethod.GET, RequestMethod.DELETE, RequestMethod.POST, RequestMethod.PATCH]
)
@SuppressFBWarnings(BC_BAD_CAST_TO_ABSTRACT_COLLECTION)
-class ProjectController(private val projectService: ProjectService) {
+class ProjectController(private val projectService: ProjectService, private val pentestDeletionService: PentestDeletionService) {
var logger = getLoggerFor()
@@ -69,9 +70,16 @@ class ProjectController(private val projectService: ProjectService) {
@DeleteMapping("/{id}")
fun deleteProject(@PathVariable(value = "id") id: String): Mono> {
- // ToDo: Delete all associated Pentests, Findings and Comments
- return this.projectService.deleteProject(id).map{
- ResponseEntity.ok().body(it.toProjectDeleteResponseBody())
+ return this.projectService.deleteProject(id).flatMap { project: Project ->
+ // If the project has pentest the will be deleted as well as all associated findings & comments
+ if (project.projectPentests.isNotEmpty()) {
+ this.pentestDeletionService.deletePentestsAndAllAssociatedFindingsAndComments(project).collectList()
+ .flatMap { prunedProject: Any ->
+ Mono.just(ResponseEntity.ok().body(project.toProjectDeleteResponseBody()))
+ }
+ } else {
+ Mono.just(ResponseEntity.ok().body(project.toProjectDeleteResponseBody()))
+ }
}.switchIfEmpty {
Mono.just(ResponseEntity.noContent().build())
}
diff --git a/security-c4po-api/src/test/resources/collections/comments.json b/security-c4po-api/src/test/resources/collections/comments.json
index 5b247eb..74fd1e3 100644
--- a/security-c4po-api/src/test/resources/collections/comments.json
+++ b/security-c4po-api/src/test/resources/collections/comments.json
@@ -3,9 +3,7 @@
"$oid": "6405dbf113ae975803a09901"
},
"lastModified": {
- "$date": {
- "$numberLong": "1678105585081"
- }
+ "$date": "2023-03-06T12:26:25.081Z"
},
"data": {
"_id": "85935303-e5b7-48ca-a504-910c1a94fb1f",
@@ -19,9 +17,7 @@
"$oid": "6405dc0513ae975803a09902"
},
"lastModified": {
- "$date": {
- "$numberLong": "1678105605811"
- }
+ "$date": "2023-03-06T12:26:45.811Z"
},
"data": {
"_id": "a785aaf0-1feb-429e-beb1-31bfcf70c404",
diff --git a/security-c4po-api/src/test/resources/collections/findings.json b/security-c4po-api/src/test/resources/collections/findings.json
index f614558..b316dbb 100644
--- a/security-c4po-api/src/test/resources/collections/findings.json
+++ b/security-c4po-api/src/test/resources/collections/findings.json
@@ -1,32 +1,9 @@
[{
- "_id": {
- "$oid": "6405d88b13ae975803a098fb"
- },
- "lastModified": {
- "$date": {
- "$numberLong": "1678104715816"
- }
- },
- "data": {
- "_id": "a343150a-91c9-4564-9638-d0377eecc7c9",
- "severity": "LOW",
- "title": "Low Prio Finding",
- "description": "This is Low Prio.",
- "impact": "Impacts nothing.",
- "affectedUrls": [],
- "reproduction": "Open App.",
- "mitigation": "",
- "attachments": []
- },
- "_class": "com.securityc4po.api.pentest.finding.FindingEntity"
-},{
"_id": {
"$oid": "6405db8a13ae975803a098fe"
},
"lastModified": {
- "$date": {
- "$numberLong": "1678105482494"
- }
+ "$date": "2023-03-06T12:24:42.494Z"
},
"data": {
"_id": "5bf1b2e1-69b7-463b-a1ca-4ac6ac66b10f",
@@ -45,9 +22,7 @@
"$oid": "6405dba513ae975803a098ff"
},
"lastModified": {
- "$date": {
- "$numberLong": "1678105509645"
- }
+ "$date": "2023-03-06T12:25:09.645Z"
},
"data": {
"_id": "f6e6c632-ab34-479e-9584-565f61c5862a",
@@ -66,9 +41,7 @@
"$oid": "6405dbcc13ae975803a09900"
},
"lastModified": {
- "$date": {
- "$numberLong": "1678105548815"
- }
+ "$date": "2023-03-06T12:25:48.815Z"
},
"data": {
"_id": "176f5d93-0fe3-40b1-8a25-f11a6f760148",
@@ -84,21 +57,19 @@
"_class": "com.securityc4po.api.pentest.finding.FindingEntity"
},{
"_id": {
- "$oid": "640854a01d5b385d85c60ba7"
+ "$oid": "641d94fb28aed92b289a61c7"
},
"lastModified": {
- "$date": {
- "$numberLong": "1678267552968"
- }
+ "$date": "2023-03-24T12:18:03.350Z"
},
"data": {
- "_id": "1ffc2215-b8ae-43b7-bbb7-bfcfb414d534",
+ "_id": "82076448-7ec0-4d64-a75d-b9bf6f4920be",
"severity": "LOW",
- "title": "Low Prio Title",
+ "title": "Low Prio Finding",
"description": "Low Prio Description",
"impact": "Low Prio Impact",
"affectedUrls": [],
- "reproduction": "Do Nothing",
+ "reproduction": "Step 1: Do Nothing",
"mitigation": "",
"attachments": []
},
diff --git a/security-c4po-api/src/test/resources/collections/pentests.json b/security-c4po-api/src/test/resources/collections/pentests.json
index 87645c9..25c3dee 100644
--- a/security-c4po-api/src/test/resources/collections/pentests.json
+++ b/security-c4po-api/src/test/resources/collections/pentests.json
@@ -3,9 +3,7 @@
"$oid": "6405da3b13ae975803a098fc"
},
"lastModified": {
- "$date": {
- "$numberLong": "1678107542446"
- }
+ "$date": "2023-03-24T12:18:06.611Z"
},
"data": {
"_id": "54f3ce12-784a-4e44-b9b3-0a986119ec50",
@@ -14,16 +12,16 @@
"refNumber": "OTG-INFO-001",
"status": "COMPLETED",
"findingIds": [
- "54a168cd-aa4c-452b-8935-c6d22391994e",
"5bf1b2e1-69b7-463b-a1ca-4ac6ac66b10f",
"f6e6c632-ab34-479e-9584-565f61c5862a",
- "176f5d93-0fe3-40b1-8a25-f11a6f760148"
+ "176f5d93-0fe3-40b1-8a25-f11a6f760148",
+ "82076448-7ec0-4d64-a75d-b9bf6f4920be"
],
"commentIds": [
"85935303-e5b7-48ca-a504-910c1a94fb1f",
"a785aaf0-1feb-429e-beb1-31bfcf70c404"
],
- "timeSpent": 16748
+ "timeSpent": 16790
},
"_class": "com.securityc4po.api.pentest.PentestEntity"
},{
@@ -31,9 +29,7 @@
"$oid": "6405df1013ae975803a09904"
},
"lastModified": {
- "$date": {
- "$numberLong": "1678107569518"
- }
+ "$date": "2023-03-06T12:59:29.518Z"
},
"data": {
"_id": "d724df75-e85a-4124-a5be-bccadc78beaf",
@@ -51,9 +47,7 @@
"$oid": "6405e93413ae975803a09906"
},
"lastModified": {
- "$date": {
- "$numberLong": "1678108986365"
- }
+ "$date": "2023-03-06T13:23:06.365Z"
},
"data": {
"_id": "c9c1c2f4-14dd-43f4-bc0d-bac03755f798",
@@ -71,9 +65,7 @@
"$oid": "6405e93c13ae975803a09907"
},
"lastModified": {
- "$date": {
- "$numberLong": "1678109005173"
- }
+ "$date": "2023-03-06T13:23:25.173Z"
},
"data": {
"_id": "288599c2-c295-4825-b1ff-db20e99f45ba",
@@ -91,9 +83,7 @@
"$oid": "6405e95113ae975803a09908"
},
"lastModified": {
- "$date": {
- "$numberLong": "1678109019438"
- }
+ "$date": "2023-03-06T13:23:39.438Z"
},
"data": {
"_id": "7c1c1d64-000d-461b-b60f-50bfc70868e6",
@@ -111,9 +101,7 @@
"$oid": "6405e96113ae975803a09909"
},
"lastModified": {
- "$date": {
- "$numberLong": "1678109030965"
- }
+ "$date": "2023-03-06T13:23:50.965Z"
},
"data": {
"_id": "415528d1-a92c-4e14-adf1-2846b2ce0f70",
@@ -131,9 +119,7 @@
"$oid": "6405e96d13ae975803a0990a"
},
"lastModified": {
- "$date": {
- "$numberLong": "1678109047972"
- }
+ "$date": "2023-03-06T13:24:07.972Z"
},
"data": {
"_id": "8d91e25f-eaeb-42f6-800c-4e7113656321",
@@ -151,9 +137,7 @@
"$oid": "6405e98213ae975803a0990b"
},
"lastModified": {
- "$date": {
- "$numberLong": "1678109061933"
- }
+ "$date": "2023-03-06T13:24:21.933Z"
},
"data": {
"_id": "ed9595bb-cc80-4daa-873e-e7470fc0b7d1",
@@ -171,9 +155,7 @@
"$oid": "6405ea1313ae975803a0990c"
},
"lastModified": {
- "$date": {
- "$numberLong": "1678109313610"
- }
+ "$date": "2023-03-06T13:28:33.610Z"
},
"data": {
"_id": "35481ca5-5672-4a11-a2b8-38ece069ca70",
@@ -191,9 +173,7 @@
"$oid": "6405ea6a13ae975803a0990d"
},
"lastModified": {
- "$date": {
- "$numberLong": "1678109300993"
- }
+ "$date": "2023-03-06T13:28:20.993Z"
},
"data": {
"_id": "538f8e15-8d0e-43ac-b7a6-d6b5959581eb",
@@ -211,9 +191,7 @@
"$oid": "6405ea7813ae975803a0990e"
},
"lastModified": {
- "$date": {
- "$numberLong": "1678109307441"
- }
+ "$date": "2023-03-06T13:28:27.441Z"
},
"data": {
"_id": "3bff597e-d680-4b87-8352-be32f40db074",
@@ -231,9 +209,7 @@
"$oid": "6405ea8813ae975803a0990f"
},
"lastModified": {
- "$date": {
- "$numberLong": "1678109324740"
- }
+ "$date": "2023-03-06T13:28:44.740Z"
},
"data": {
"_id": "27ca5852-aa9f-44ed-b2fe-c46c31b415f4",
@@ -251,9 +227,7 @@
"$oid": "6405ea9013ae975803a09910"
},
"lastModified": {
- "$date": {
- "$numberLong": "1678109332350"
- }
+ "$date": "2023-03-06T13:28:52.350Z"
},
"data": {
"_id": "60cf0cf9-f62a-4669-87a7-f519e7be0613",
@@ -271,9 +245,7 @@
"$oid": "6405ea9613ae975803a09911"
},
"lastModified": {
- "$date": {
- "$numberLong": "1678109337580"
- }
+ "$date": "2023-03-06T13:28:57.580Z"
},
"data": {
"_id": "05251dfd-a382-47af-85d5-798dd1a6171a",
@@ -291,9 +263,7 @@
"$oid": "6405ea9c13ae975803a09912"
},
"lastModified": {
- "$date": {
- "$numberLong": "1678109343733"
- }
+ "$date": "2023-03-06T13:29:03.733Z"
},
"data": {
"_id": "be6780a2-b66e-42a6-a725-805633589921",
@@ -311,9 +281,7 @@
"$oid": "6405eaa113ae975803a09913"
},
"lastModified": {
- "$date": {
- "$numberLong": "1678109350660"
- }
+ "$date": "2023-03-06T13:29:10.660Z"
},
"data": {
"_id": "192b9fed-596b-4345-b33d-ca3882ba9bdd",
@@ -331,9 +299,7 @@
"$oid": "6405eaa913ae975803a09914"
},
"lastModified": {
- "$date": {
- "$numberLong": "1678109357114"
- }
+ "$date": "2023-03-06T13:29:17.114Z"
},
"data": {
"_id": "6d3f0b58-b311-465e-9f01-e3e45d165902",
@@ -351,9 +317,7 @@
"$oid": "6405eabf13ae975803a09915"
},
"lastModified": {
- "$date": {
- "$numberLong": "1678109378116"
- }
+ "$date": "2023-03-06T13:29:38.116Z"
},
"data": {
"_id": "058dd5c7-63a5-40cb-a4ed-46e5cdcb87ff",
@@ -371,9 +335,7 @@
"$oid": "6405eac713ae975803a09916"
},
"lastModified": {
- "$date": {
- "$numberLong": "1678109388342"
- }
+ "$date": "2023-03-06T13:29:48.342Z"
},
"data": {
"_id": "36e1c198-d425-4a38-ad0b-2f9d6759931e",
@@ -391,9 +353,7 @@
"$oid": "6405eacd13ae975803a09917"
},
"lastModified": {
- "$date": {
- "$numberLong": "1678109393844"
- }
+ "$date": "2023-03-06T13:29:53.844Z"
},
"data": {
"_id": "b3063d09-237f-493e-b0db-603a11829d88",
@@ -411,9 +371,7 @@
"$oid": "6405ead413ae975803a09918"
},
"lastModified": {
- "$date": {
- "$numberLong": "1678109402037"
- }
+ "$date": "2023-03-06T13:30:02.037Z"
},
"data": {
"_id": "6ae89321-678f-4191-b008-8abfc42401c3",
@@ -431,9 +389,7 @@
"$oid": "6405eae013ae975803a09919"
},
"lastModified": {
- "$date": {
- "$numberLong": "1678109414821"
- }
+ "$date": "2023-03-06T13:30:14.821Z"
},
"data": {
"_id": "3334d254-87bf-4115-8d88-e2fed022ad06",
@@ -451,9 +407,7 @@
"$oid": "6405eae813ae975803a0991a"
},
"lastModified": {
- "$date": {
- "$numberLong": "1678109418622"
- }
+ "$date": "2023-03-06T13:30:18.622Z"
},
"data": {
"_id": "8e97f1e0-b02c-4be2-b30e-372d09614038",
@@ -471,9 +425,7 @@
"$oid": "6405eaeb13ae975803a0991b"
},
"lastModified": {
- "$date": {
- "$numberLong": "1678109421900"
- }
+ "$date": "2023-03-06T13:30:21.900Z"
},
"data": {
"_id": "e9c9eecb-116b-4a8c-ac8c-4a279f77e1f4",
@@ -491,9 +443,7 @@
"$oid": "6405eaf313ae975803a0991c"
},
"lastModified": {
- "$date": {
- "$numberLong": "1678109431028"
- }
+ "$date": "2023-03-06T13:30:31.028Z"
},
"data": {
"_id": "f0531d71-18d3-41a7-a37a-2c15f6b26dcb",
@@ -511,9 +461,7 @@
"$oid": "6405eaf813ae975803a0991d"
},
"lastModified": {
- "$date": {
- "$numberLong": "1678109437415"
- }
+ "$date": "2023-03-06T13:30:37.415Z"
},
"data": {
"_id": "d73543ef-a66f-4878-9ecb-ab5207ed734f",
@@ -531,9 +479,7 @@
"$oid": "6405eaff13ae975803a0991e"
},
"lastModified": {
- "$date": {
- "$numberLong": "1678109442635"
- }
+ "$date": "2023-03-06T13:30:42.635Z"
},
"data": {
"_id": "22130f1e-53c2-404b-8f77-750e82d12768",
@@ -551,9 +497,7 @@
"$oid": "6405eb0313ae975803a0991f"
},
"lastModified": {
- "$date": {
- "$numberLong": "1678109447207"
- }
+ "$date": "2023-03-06T13:30:47.207Z"
},
"data": {
"_id": "54db12f1-1fdc-48f9-9b1d-b6b1fb39bc07",
@@ -571,9 +515,7 @@
"$oid": "6405eb0813ae975803a09920"
},
"lastModified": {
- "$date": {
- "$numberLong": "1678109451358"
- }
+ "$date": "2023-03-06T13:30:51.358Z"
},
"data": {
"_id": "7853a95c-7ee3-4b31-af18-401c104efc7e",
@@ -591,9 +533,7 @@
"$oid": "6405eb1513ae975803a09921"
},
"lastModified": {
- "$date": {
- "$numberLong": "1678109464318"
- }
+ "$date": "2023-03-06T13:31:04.318Z"
},
"data": {
"_id": "7ca78e39-7d4c-46c5-a9c3-ba58c7fba844",
@@ -611,9 +551,7 @@
"$oid": "6405eb1913ae975803a09922"
},
"lastModified": {
- "$date": {
- "$numberLong": "1678109468545"
- }
+ "$date": "2023-03-06T13:31:08.545Z"
},
"data": {
"_id": "dca5b8b3-e994-4d5c-8740-b21ee806a4e5",
@@ -631,9 +569,7 @@
"$oid": "6405eb2013ae975803a09923"
},
"lastModified": {
- "$date": {
- "$numberLong": "1678109476264"
- }
+ "$date": "2023-03-06T13:31:16.264Z"
},
"data": {
"_id": "5e7b999c-e878-4d48-9ce8-9b65ef578dae",
@@ -651,9 +587,7 @@
"$oid": "6405eb2513ae975803a09924"
},
"lastModified": {
- "$date": {
- "$numberLong": "1678109480769"
- }
+ "$date": "2023-03-06T13:31:20.769Z"
},
"data": {
"_id": "8bc131f4-b9c8-4dd5-927b-0675dff6344e",
@@ -671,9 +605,7 @@
"$oid": "6405eb2913ae975803a09925"
},
"lastModified": {
- "$date": {
- "$numberLong": "1678109484038"
- }
+ "$date": "2023-03-06T13:31:24.038Z"
},
"data": {
"_id": "ed134842-6578-4d22-af57-282161c5306b",
@@ -691,9 +623,7 @@
"$oid": "6405eb2c13ae975803a09926"
},
"lastModified": {
- "$date": {
- "$numberLong": "1678109487490"
- }
+ "$date": "2023-03-06T13:31:27.490Z"
},
"data": {
"_id": "f35f30fb-f246-4a1f-ae26-ce864647a341",
@@ -711,9 +641,7 @@
"$oid": "6405eb3213ae975803a09927"
},
"lastModified": {
- "$date": {
- "$numberLong": "1678109492740"
- }
+ "$date": "2023-03-06T13:31:32.740Z"
},
"data": {
"_id": "47021e69-95ab-4d93-ac13-aac0379ca809",
@@ -731,9 +659,7 @@
"$oid": "6405eb3513ae975803a09928"
},
"lastModified": {
- "$date": {
- "$numberLong": "1678109496150"
- }
+ "$date": "2023-03-06T13:31:36.150Z"
},
"data": {
"_id": "f19a5176-64bc-452b-aa63-8861aab75059",
@@ -751,9 +677,7 @@
"$oid": "6405eb3913ae975803a09929"
},
"lastModified": {
- "$date": {
- "$numberLong": "1678109499621"
- }
+ "$date": "2023-03-06T13:31:39.621Z"
},
"data": {
"_id": "c60ac6e5-39e8-4fae-8d65-d71ea69a2404",
@@ -771,9 +695,7 @@
"$oid": "6405eb3e13ae975803a0992a"
},
"lastModified": {
- "$date": {
- "$numberLong": "1678109505221"
- }
+ "$date": "2023-03-06T13:31:45.221Z"
},
"data": {
"_id": "2764e64b-0a7e-456c-9999-cdd05c5ef50b",
@@ -791,9 +713,7 @@
"$oid": "6405eb4113ae975803a0992b"
},
"lastModified": {
- "$date": {
- "$numberLong": "1678109508028"
- }
+ "$date": "2023-03-06T13:31:48.028Z"
},
"data": {
"_id": "1247dd20-2986-4887-9c17-74806ce56eef",
@@ -811,9 +731,7 @@
"$oid": "6405eb4413ae975803a0992c"
},
"lastModified": {
- "$date": {
- "$numberLong": "1678109510833"
- }
+ "$date": "2023-03-06T13:31:50.833Z"
},
"data": {
"_id": "e01d1a34-15fa-4f29-8054-8209a422e505",
@@ -831,9 +749,7 @@
"$oid": "6405eb4913ae975803a0992d"
},
"lastModified": {
- "$date": {
- "$numberLong": "1678109515433"
- }
+ "$date": "2023-03-06T13:31:55.433Z"
},
"data": {
"_id": "c55343b0-c99c-4bfd-8f30-b8464b442dad",
@@ -851,9 +767,7 @@
"$oid": "6405eb5013ae975803a0992e"
},
"lastModified": {
- "$date": {
- "$numberLong": "1678109523051"
- }
+ "$date": "2023-03-06T13:32:03.051Z"
},
"data": {
"_id": "47ff61bb-2e4f-45e3-9630-136f9d704882",
@@ -871,9 +785,7 @@
"$oid": "6405eb5413ae975803a0992f"
},
"lastModified": {
- "$date": {
- "$numberLong": "1678109528338"
- }
+ "$date": "2023-03-06T13:32:08.338Z"
},
"data": {
"_id": "0b353e67-3092-4586-9558-172354beaf8b",
@@ -891,9 +803,7 @@
"$oid": "6405eb5913ae975803a09930"
},
"lastModified": {
- "$date": {
- "$numberLong": "1678109532951"
- }
+ "$date": "2023-03-06T13:32:12.951Z"
},
"data": {
"_id": "5804e2ce-8c5b-4f3d-8674-433042e61a7f",
@@ -911,9 +821,7 @@
"$oid": "6405eb5f13ae975803a09931"
},
"lastModified": {
- "$date": {
- "$numberLong": "1678109537656"
- }
+ "$date": "2023-03-06T13:32:17.656Z"
},
"data": {
"_id": "4fc1260b-8b5b-47a7-bdee-61261e23919d",
@@ -931,9 +839,7 @@
"$oid": "6405eb6d13ae975803a09932"
},
"lastModified": {
- "$date": {
- "$numberLong": "1678109552061"
- }
+ "$date": "2023-03-06T13:32:32.061Z"
},
"data": {
"_id": "39dfbf25-e97d-4bd8-9943-a9eec183bfcf",
@@ -951,9 +857,7 @@
"$oid": "6405eb7113ae975803a09933"
},
"lastModified": {
- "$date": {
- "$numberLong": "1678109555238"
- }
+ "$date": "2023-03-06T13:32:35.238Z"
},
"data": {
"_id": "53668fb6-471d-4363-9e47-8f73e4f1a7d4",
@@ -971,9 +875,7 @@
"$oid": "6405eb7413ae975803a09934"
},
"lastModified": {
- "$date": {
- "$numberLong": "1678109558674"
- }
+ "$date": "2023-03-06T13:32:38.674Z"
},
"data": {
"_id": "86637ffd-8e6e-4e00-9179-42f52780427a",
@@ -991,9 +893,7 @@
"$oid": "6405eb7a13ae975803a09935"
},
"lastModified": {
- "$date": {
- "$numberLong": "1678109564423"
- }
+ "$date": "2023-03-06T13:32:44.423Z"
},
"data": {
"_id": "04f9532e-3c05-4eff-9e9f-b2d733a14a77",
@@ -1011,9 +911,7 @@
"$oid": "6405eb8a13ae975803a09936"
},
"lastModified": {
- "$date": {
- "$numberLong": "1678109580934"
- }
+ "$date": "2023-03-06T13:33:00.934Z"
},
"data": {
"_id": "1e58f29e-81fb-48d2-94bf-7b89e227f590",
@@ -1031,9 +929,7 @@
"$oid": "6405eb8e13ae975803a09937"
},
"lastModified": {
- "$date": {
- "$numberLong": "1678109584323"
- }
+ "$date": "2023-03-06T13:33:04.323Z"
},
"data": {
"_id": "2c78589b-558e-4b99-a182-df4df3c1439b",
@@ -1051,9 +947,7 @@
"$oid": "6405eb9113ae975803a09938"
},
"lastModified": {
- "$date": {
- "$numberLong": "1678109587493"
- }
+ "$date": "2023-03-06T13:33:07.493Z"
},
"data": {
"_id": "9383b9c1-6c2e-422b-b16f-31a9640d1647",
@@ -1071,9 +965,7 @@
"$oid": "6405eb9f13ae975803a09939"
},
"lastModified": {
- "$date": {
- "$numberLong": "1678109602022"
- }
+ "$date": "2023-03-06T13:33:22.022Z"
},
"data": {
"_id": "2f87faf9-611f-40ae-9c0e-412d0bfd0481",
@@ -1091,9 +983,7 @@
"$oid": "6405eba313ae975803a0993a"
},
"lastModified": {
- "$date": {
- "$numberLong": "1678109605807"
- }
+ "$date": "2023-03-06T13:33:25.807Z"
},
"data": {
"_id": "0f47fcbc-f567-4009-ae56-a894cf17cc46",
@@ -1111,9 +1001,7 @@
"$oid": "6405eba613ae975803a0993b"
},
"lastModified": {
- "$date": {
- "$numberLong": "1678109609296"
- }
+ "$date": "2023-03-06T13:33:29.296Z"
},
"data": {
"_id": "ba0fa19c-5533-4be8-8169-9ffa7d449ab0",
@@ -1131,9 +1019,7 @@
"$oid": "6405ebaa13ae975803a0993c"
},
"lastModified": {
- "$date": {
- "$numberLong": "1678109612469"
- }
+ "$date": "2023-03-06T13:33:32.469Z"
},
"data": {
"_id": "0f47ac3b-d19a-4115-9ddf-dc9b2f11abae",
diff --git a/security-c4po-api/src/test/resources/collections/projects.json b/security-c4po-api/src/test/resources/collections/projects.json
index 3aee87c..8e72b25 100644
--- a/security-c4po-api/src/test/resources/collections/projects.json
+++ b/security-c4po-api/src/test/resources/collections/projects.json
@@ -3,9 +3,7 @@
"$oid": "6405d84a13ae975803a098fa"
},
"lastModified": {
- "$date": {
- "$numberLong": "1678109612474"
- }
+ "$date": "2023-03-24T12:18:06.619Z"
},
"data": {
"_id": "575dd9d4-cb3c-4df3-981e-8a18bf8dc1d2",
@@ -252,9 +250,7 @@
"$oid": "6405e92813ae975803a09905"
},
"lastModified": {
- "$date": {
- "$numberLong": "1678108968564"
- }
+ "$date": "2023-03-06T13:22:48.564Z"
},
"data": {
"_id": "d6e83738-4251-44ac-ad40-21b360780c98",
diff --git a/security-c4po-reporting/src/main/kotlin/com/securityc4po/reporting/report/ReportController.kt b/security-c4po-reporting/src/main/kotlin/com/securityc4po/reporting/report/ReportController.kt
index d0034fd..cfca13e 100644
--- a/security-c4po-reporting/src/main/kotlin/com/securityc4po/reporting/report/ReportController.kt
+++ b/security-c4po-reporting/src/main/kotlin/com/securityc4po/reporting/report/ReportController.kt
@@ -32,14 +32,7 @@ class ReportController(private val apiService: APIService, private val reportSer
produces = [MediaType.APPLICATION_PDF_VALUE]
)
fun downloadPentestReportPDF(@PathVariable(value = "projectId") projectId: String, @AuthenticationPrincipal user: Appuser): Mono> {
- // Todo: Create Report with Jasper
return this.apiService.requestProjectReportDataById(projectId, user.token).flatMap {projectReport ->
- /* ToDo: remove if jsonProjectReportCollection not needed for report generation */
- val jsonProjectReportString: String =
- File("./src/test/resources/ProjectReportData.json").readText(Charsets.UTF_8)
- val jsonProjectReportCollection: ProjectReport =
- jacksonObjectMapper().readValue(jsonProjectReportString)
- /* jsonProjectReportCollection */
this.reportService.createReport(projectReport, "pdf").map { reportClassLoaderFilePath ->
ResponseEntity.ok().body(reportClassLoaderFilePath)
}.switchIfEmpty {
@@ -56,7 +49,14 @@ class ReportController(private val apiService: APIService, private val reportSer
"/{projectId}/csv",
produces = ["text/csv"]
)
- fun downloadPentestReportCSV() {}
+ fun downloadPentestReportCSV() {
+ /* ToDo: remove if jsonProjectReportCollection not needed for report generation */
+ val jsonProjectReportString: String =
+ File("./src/test/resources/ProjectReportData.json").readText(Charsets.UTF_8)
+ val jsonProjectReportCollection: ProjectReport =
+ jacksonObjectMapper().readValue(jsonProjectReportString)
+ /* jsonProjectReportCollection */
+ }
*/
// ToDo: Add download API for html report
/*
@@ -64,6 +64,13 @@ class ReportController(private val apiService: APIService, private val reportSer
"/{projectId}/html",
produces = ["text/html"]
)
- fun downloadPentestReportHTML() {}
+ fun downloadPentestReportHTML() {
+ /* ToDo: remove if jsonProjectReportCollection not needed for report generation */
+ val jsonProjectReportString: String =
+ File("./src/test/resources/ProjectReportData.json").readText(Charsets.UTF_8)
+ val jsonProjectReportCollection: ProjectReport =
+ jacksonObjectMapper().readValue(jsonProjectReportString)
+ /* jsonProjectReportCollection */
+ }
*/
}
diff --git a/security-c4po-reporting/src/main/kotlin/com/securityc4po/reporting/report/ReportService.kt b/security-c4po-reporting/src/main/kotlin/com/securityc4po/reporting/report/ReportService.kt
index 934b7c3..eb97733 100644
--- a/security-c4po-reporting/src/main/kotlin/com/securityc4po/reporting/report/ReportService.kt
+++ b/security-c4po-reporting/src/main/kotlin/com/securityc4po/reporting/report/ReportService.kt
@@ -32,7 +32,9 @@ class ReportService {
"./src/main/resources/jasper/reports/c4po_state_of_confidentiality.jrxml"
private val reportExecutiveSummaryDesignTemplate =
"./src/main/resources/jasper/reports/c4po_executive_summary.jrxml"
- private val reportPentestsDesignTemplate = "./src/main/resources/jasper/reports/c4po_pentests.jrxml"
+ private val reportPentestsFindingsAndCommentsDesignTemplate = "./src/main/resources/jasper/reports/c4po_pentests_findings_and_comments.jrxml"
+ private val reportPentestsFindingsOnlyDesignTemplate = "./src/main/resources/jasper/reports/c4po_pentests_findings_only.jrxml"
+ private val reportPentestsCommentsOnlyDesignTemplate = "./src/main/resources/jasper/reports/c4po_pentests_comments_only.jrxml"
private val reportAppendenciesDesignTemplate = "./src/main/resources/jasper/reports/c4po_appendencies.jrxml"
// Path to default pdf file
@@ -321,9 +323,13 @@ class ReportService {
// Create List of Files
var finalFiles: List = emptyList()
// Load Jasper Files
- val filePentests: File = ResourceUtils.getFile(reportPentestsDesignTemplate)
+ val filePentestsFindingsAndComments: File = ResourceUtils.getFile(reportPentestsFindingsAndCommentsDesignTemplate)
+ val filePentestsFindingsOnly: File = ResourceUtils.getFile(reportPentestsFindingsOnlyDesignTemplate)
+ val filePentestsCommentsOnly: File = ResourceUtils.getFile(reportPentestsCommentsOnlyDesignTemplate)
// Compile Jasper Reports
- val jasperReportPentests: JasperReport = JasperCompileManager.compileReport(filePentests.absolutePath)
+ val jasperReportPentestsFindingsAndComments: JasperReport = JasperCompileManager.compileReport(filePentestsFindingsAndComments.absolutePath)
+ val jasperReportPentestsFindingsOnly: JasperReport = JasperCompileManager.compileReport(filePentestsFindingsOnly.absolutePath)
+ val jasperReportPentestsCommentsOnly: JasperReport = JasperCompileManager.compileReport(filePentestsCommentsOnly.absolutePath)
// Create pentestReport content for every objective
for (i in 0 until projectReportCollection.projectPentestReport.size) {
val projectSinglePentestReportDataSource: JRBeanCollectionDataSource =
@@ -331,23 +337,18 @@ class ReportService {
// Setup Parameter & add Sub-datasets
val parameters = HashMap()
// Setup Sub-dataset for Findings of Pentest
- parameters["PentestFindingsDataSource"] =
- if (projectReportCollection.projectPentestReport[i].findings.isNotEmpty()) {
- JRBeanCollectionDataSource(projectReportCollection.projectPentestReport[i].findings)
- } else {
- JRBeanCollectionDataSource(emptyList())
- }
+ parameters["PentestFindingsDataSource"] = JRBeanCollectionDataSource(projectReportCollection.projectPentestReport[i].findings)
// Setup Sub-dataset for Comments of Pentest
- parameters["PentestCommentsDataSource"] =
- if (projectReportCollection.projectPentestReport[i].comments.isNotEmpty()) {
- JRBeanCollectionDataSource(projectReportCollection.projectPentestReport[i].comments)
- } else {
- JRBeanCollectionDataSource(emptyList())
- }
+ parameters["PentestCommentsDataSource"] = JRBeanCollectionDataSource(projectReportCollection.projectPentestReport[i].comments)
// Fill Reports
// Print one report for each objective and merge them together afterwards
- val jasperPrintPentests: JasperPrint =
- JasperFillManager.fillReport(jasperReportPentests, parameters, projectSinglePentestReportDataSource)
+ val jasperPrintPentests: JasperPrint = if (projectReportCollection.projectPentestReport[i].findings.isEmpty()) {
+ JasperFillManager.fillReport(jasperReportPentestsCommentsOnly, parameters, projectSinglePentestReportDataSource)
+ } else if (projectReportCollection.projectPentestReport[i].comments.isEmpty()) {
+ JasperFillManager.fillReport(jasperReportPentestsFindingsOnly, parameters, projectSinglePentestReportDataSource)
+ } else {
+ JasperFillManager.fillReport(jasperReportPentestsFindingsAndComments, parameters, projectSinglePentestReportDataSource)
+ }
// Create File
var finalFile: File = File(reportDefaultPdf)
if (reportFormat.equals("pdf")) {
@@ -358,6 +359,7 @@ class ReportService {
finalFile = File(reportDestination + "E" + i.toString() + "_Pentestreport.pdf")
finalFiles += (finalFile)
} else {
+ println("NONONO")
// ToDo: Implement different report formats
finalFiles += (finalFile)
}
diff --git a/security-c4po-reporting/src/main/resources/jasper/reports/c4po_cover.jrxml b/security-c4po-reporting/src/main/resources/jasper/reports/c4po_cover.jrxml
index 5b82a52..e5467eb 100644
--- a/security-c4po-reporting/src/main/resources/jasper/reports/c4po_cover.jrxml
+++ b/security-c4po-reporting/src/main/resources/jasper/reports/c4po_cover.jrxml
@@ -153,7 +153,7 @@
-
+
diff --git a/security-c4po-reporting/src/main/resources/jasper/reports/c4po_pentests_comments_only.jrxml b/security-c4po-reporting/src/main/resources/jasper/reports/c4po_pentests_comments_only.jrxml
new file mode 100644
index 0000000..89c0d64
--- /dev/null
+++ b/security-c4po-reporting/src/main/resources/jasper/reports/c4po_pentests_comments_only.jrxml
@@ -0,0 +1,227 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ <band height="72" splitType="Stretch">
+ <rectangle>
+ <reportElement x="-20" y="25" width="556" height="27" forecolor="#151B2E" backcolor="#151B2E" uuid="9ca6f826-bc92-47ff-a80a-ad682e7d8329"/>
+ <graphicElement>
+ <pen lineWidth="0.0"/>
+ </graphicElement>
+ </rectangle>
+ <textField>
+ <reportElement x="0" y="29" width="526" height="20" forecolor="#FFFFFF" uuid="44b9e926-60c6-4b1c-9af9-9b67947b3082"/>
+ <textElement verticalAlignment="Middle">
+ <font fontName="SansSerif" size="14" isBold="false"/>
+ </textElement>
+ <textFieldExpression><![CDATA[$F{refNumber}]]></textFieldExpression>
+ </textField>
+ <rectangle>
+ <reportElement x="-20" y="0" width="556" height="27" forecolor="#232B44" backcolor="#232B44" uuid="df8f27a6-eae9-4855-8133-95ee17f92440"/>
+ <graphicElement>
+ <pen lineWidth="0.0"/>
+ </graphicElement>
+ </rectangle>
+ <textField>
+ <reportElement x="0" y="3" width="526" height="20" forecolor="#FFFFFF" uuid="f7c64c89-0142-47c8-8b5d-4b4c4380758f"/>
+ <textElement verticalAlignment="Middle">
+ <font fontName="SansSerif" size="14" isBold="true"/>
+ </textElement>
+ <textFieldExpression><![CDATA[$F{category}]]></textFieldExpression>
+ </textField>
+ <ellipse>
+ <reportElement x="512" y="0" width="48" height="52" backcolor="#232B44" uuid="3eff32ef-9011-450d-8359-4d9ae097d4ce"/>
+ <graphicElement>
+ <pen lineWidth="0.0" lineColor="#232B44"/>
+ </graphicElement>
+ </ellipse>
+ <image>
+ <reportElement x="524" y="13" width="24" height="27" uuid="c8f8490d-ab26-47e3-811f-c3a70a633fd0"/>
+ <imageExpression><![CDATA["/Users/mhg/Documents/Projects/security-c4po/security-c4po-reporting/src/main/resources/jasper/Watermark.png"]]></imageExpression>
+ </image>
+ </band>
+
+
+
+
+
+
+
+
+
+
+
diff --git a/security-c4po-reporting/src/main/resources/jasper/reports/c4po_pentests.jrxml b/security-c4po-reporting/src/main/resources/jasper/reports/c4po_pentests_findings_and_comments.jrxml
similarity index 90%
rename from security-c4po-reporting/src/main/resources/jasper/reports/c4po_pentests.jrxml
rename to security-c4po-reporting/src/main/resources/jasper/reports/c4po_pentests_findings_and_comments.jrxml
index ecce774..13f16cf 100644
--- a/security-c4po-reporting/src/main/resources/jasper/reports/c4po_pentests.jrxml
+++ b/security-c4po-reporting/src/main/resources/jasper/reports/c4po_pentests_findings_and_comments.jrxml
@@ -265,50 +265,60 @@
- <band height="42" splitType="Stretch">
+ <band height="72" splitType="Stretch">
<rectangle>
- <reportElement x="-20" y="0" width="573" height="30" forecolor="#232B44" backcolor="#232B44" uuid="d90debc9-13dd-404a-a1d1-d227e0a208a5"/>
+ <reportElement x="-20" y="25" width="556" height="27" forecolor="#151B2E" backcolor="#151B2E" uuid="33a23a53-0e80-4c2e-b381-6116d6fa79cd"/>
<graphicElement>
<pen lineWidth="0.0"/>
</graphicElement>
</rectangle>
- <ellipse>
- <reportElement x="537" y="0" width="30" height="30" backcolor="#232B44" uuid="e6ecfe00-ba27-44b0-ad8c-82d2b15657e6"/>
+ <textField>
+ <reportElement x="0" y="29" width="526" height="20" forecolor="#FFFFFF" uuid="1b1f20bc-6ca3-4d7a-9af7-f297a9f3096f"/>
+ <textElement verticalAlignment="Middle">
+ <font fontName="SansSerif" size="14" isBold="false"/>
+ </textElement>
+ <textFieldExpression><![CDATA[$F{refNumber}]]></textFieldExpression>
+ </textField>
+ <rectangle>
+ <reportElement x="-20" y="0" width="556" height="27" forecolor="#232B44" backcolor="#232B44" uuid="540caccf-a660-48d9-8e83-7e82223b97c5"/>
<graphicElement>
<pen lineWidth="0.0"/>
</graphicElement>
- </ellipse>
+ </rectangle>
<textField>
- <reportElement x="0" y="5" width="553" height="20" forecolor="#FFFFFF" uuid="b91211d3-616c-40d7-9836-7884989c270f"/>
+ <reportElement x="0" y="3" width="526" height="20" forecolor="#FFFFFF" uuid="b91211d3-616c-40d7-9836-7884989c270f"/>
<textElement verticalAlignment="Middle">
- <font fontName="SansSerif" size="16" isBold="true"/>
+ <font fontName="SansSerif" size="14" isBold="true"/>
</textElement>
- <textFieldExpression><![CDATA[$F{category} + ": " + $F{refNumber}]]></textFieldExpression>
+ <textFieldExpression><![CDATA[$F{category}]]></textFieldExpression>
</textField>
+ <ellipse>
+ <reportElement x="512" y="0" width="48" height="52" backcolor="#232B44" uuid="43ab5511-6409-4735-9bb5-1d4e5074ef8b"/>
+ <graphicElement>
+ <pen lineWidth="0.0" lineColor="#232B44"/>
+ </graphicElement>
+ </ellipse>
<image>
- <reportElement x="539" y="3" width="23" height="24" uuid="110809ac-8a68-486d-93f4-35a583bd1759"/>
+ <reportElement x="524" y="13" width="24" height="27" uuid="afa875b3-5bda-4192-8094-7810edcf25ec"/>
<imageExpression><![CDATA["/Users/mhg/Documents/Projects/security-c4po/security-c4po-reporting/src/main/resources/jasper/Watermark.png"]]></imageExpression>
</image>
</band>
-
-
+
+
-
-
+
+
-
-
-
diff --git a/security-c4po-reporting/src/main/resources/jasper/reports/c4po_pentests_findings_only.jrxml b/security-c4po-reporting/src/main/resources/jasper/reports/c4po_pentests_findings_only.jrxml
new file mode 100644
index 0000000..7dc6bc1
--- /dev/null
+++ b/security-c4po-reporting/src/main/resources/jasper/reports/c4po_pentests_findings_only.jrxml
@@ -0,0 +1,275 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ <band height="72" splitType="Stretch">
+ <rectangle>
+ <reportElement x="-20" y="25" width="556" height="27" forecolor="#151B2E" backcolor="#151B2E" uuid="59b22cf7-d319-4712-8bc3-080a2dc98c07"/>
+ <graphicElement>
+ <pen lineWidth="0.0"/>
+ </graphicElement>
+ </rectangle>
+ <textField>
+ <reportElement x="0" y="29" width="526" height="20" forecolor="#FFFFFF" uuid="cf5ab715-1c59-49a9-a718-7f2ddcc75513"/>
+ <textElement verticalAlignment="Middle">
+ <font fontName="SansSerif" size="14" isBold="false"/>
+ </textElement>
+ <textFieldExpression><![CDATA[$F{refNumber}]]></textFieldExpression>
+ </textField>
+ <rectangle>
+ <reportElement x="-20" y="0" width="556" height="27" forecolor="#232B44" backcolor="#232B44" uuid="8939c5a8-c4d4-42e9-89ec-c5469a4219f2"/>
+ <graphicElement>
+ <pen lineWidth="0.0"/>
+ </graphicElement>
+ </rectangle>
+ <textField>
+ <reportElement x="0" y="3" width="526" height="20" forecolor="#FFFFFF" uuid="1b13855e-35d0-4dbd-8faf-a018bd43e6a4"/>
+ <textElement verticalAlignment="Middle">
+ <font fontName="SansSerif" size="14" isBold="true"/>
+ </textElement>
+ <textFieldExpression><![CDATA[$F{category}]]></textFieldExpression>
+ </textField>
+ <ellipse>
+ <reportElement x="512" y="0" width="48" height="52" backcolor="#232B44" uuid="311e91fb-e1e5-4846-99d7-59673c4de40f"/>
+ <graphicElement>
+ <pen lineWidth="0.0" lineColor="#232B44"/>
+ </graphicElement>
+ </ellipse>
+ <image>
+ <reportElement x="524" y="13" width="24" height="27" uuid="01ae010d-be6b-4696-b696-e27ba95164ae"/>
+ <imageExpression><![CDATA["/Users/mhg/Documents/Projects/security-c4po/security-c4po-reporting/src/main/resources/jasper/Watermark.png"]]></imageExpression>
+ </image>
+ </band>
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/security-c4po-reporting/src/main/resources/jasper/subReports/CommentsSubreport.jasper b/security-c4po-reporting/src/main/resources/jasper/subReports/CommentsSubreport.jasper
index 5c80b57..e373ebe 100644
Binary files a/security-c4po-reporting/src/main/resources/jasper/subReports/CommentsSubreport.jasper and b/security-c4po-reporting/src/main/resources/jasper/subReports/CommentsSubreport.jasper differ
diff --git a/security-c4po-reporting/src/main/resources/jasper/subReports/CommentsSubreport.jrxml b/security-c4po-reporting/src/main/resources/jasper/subReports/CommentsSubreport.jrxml
index 3a20039..9407796 100644
--- a/security-c4po-reporting/src/main/resources/jasper/subReports/CommentsSubreport.jrxml
+++ b/security-c4po-reporting/src/main/resources/jasper/subReports/CommentsSubreport.jrxml
@@ -34,7 +34,7 @@
-
+
diff --git a/security-c4po-reporting/src/main/resources/jasper/subReports/FindingsSubreport.jasper b/security-c4po-reporting/src/main/resources/jasper/subReports/FindingsSubreport.jasper
index 2f467c5..da76ae2 100644
Binary files a/security-c4po-reporting/src/main/resources/jasper/subReports/FindingsSubreport.jasper and b/security-c4po-reporting/src/main/resources/jasper/subReports/FindingsSubreport.jasper differ
diff --git a/security-c4po-reporting/src/main/resources/jasper/subReports/FindingsSubreport.jrxml b/security-c4po-reporting/src/main/resources/jasper/subReports/FindingsSubreport.jrxml
index 9f58b7a..019a19d 100644
--- a/security-c4po-reporting/src/main/resources/jasper/subReports/FindingsSubreport.jrxml
+++ b/security-c4po-reporting/src/main/resources/jasper/subReports/FindingsSubreport.jrxml
@@ -72,7 +72,7 @@
-
+
@@ -183,7 +183,7 @@
-
+
|