nosu
/
security-c4po
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix: As a user I want to remove all related the findings and comments after deleting a project

This commit is contained in:
Marcel Haag 2023-03-13 11:59:26 +01:00 committed by Cel
parent a37e06f8ca
commit 9fddff7740
28 changed files with 793 additions and 300 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
security-c4po-angular/src/app/header/header.component.ts
View File

@ -100,9 +100,10 @@ export class HeaderComponent implements OnInit {
}
onClickLogOut(): void {
console.info('Logging out...');
// ToDo: Redirect user to Landing page from Issue #142 https://github.com/Marcel-Haag/security-c4po/issues/143
// ToDo: Fix Redirect URI in Keycloak Setting
this.keycloakService.logout(`http://auth-server/realms/${environment.keycloakclientId}/protocol/openid-connect/logout`).then(() => {
/*this.keycloakService.logout(`http://auth-server/realms/${environment.keycloakclientId}/protocol/openid-connect/logout`).then(() => {
// Route user back to default page
this.router.navigate([Route.HOME]).then(() => {
// Reset User props from store
@ -112,7 +113,7 @@ export class HeaderComponent implements OnInit {
});
}, err => {
console.error(err);
});
});*/
}
onClickLanguage(language: string): void {

4
security-c4po-angular/src/app/objective-overview/objective-categories/objective-categories.component.ts
View File

@ -53,8 +53,8 @@ export class ObjectiveCategoriesComponent implements OnInit, OnDestroy {
this.categories.forEach(category => {
category.selected = false;
});
menuBag.item.selected = true;
if (this.selectedCategory) {
if (this.selectedCategory >= 0) {
menuBag.item.selected = true;
this.store.dispatch(new ChangeCategory(this.selectedCategory));
}
});

4
security-c4po-angular/src/app/objective-overview/objective-table/objective-table.component.html
View File

@ -45,9 +45,9 @@
</th>
<td nbTreeGridCell *nbTreeGridCellDef="let pentest">
<div fxLayout="row" fxLayoutGap="0.5rem" fxLayoutAlign="start start">
<app-findig-widget [numberOfFindings]="pentest.data['findings']"></app-findig-widget>
<app-findig-widget [numberOfFindings]="pentest.data['findingIds'] ? pentest.data['findingIds'].length : 0"></app-findig-widget>
<span> / </span>
<app-comment-widget [numberOfComments]="pentest.data['comments']"></app-comment-widget>
<app-comment-widget [numberOfComments]="pentest.data['commentIds'] ? pentest.data['commentIds'].length : 0"></app-comment-widget>
</div>
</td>
</ng-container>

1
security-c4po-angular/src/app/objective-overview/objective-table/objective-table.component.ts
View File

@ -21,6 +21,7 @@ import {Route} from '@shared/models/route.enum';
export class ObjectiveTableComponent implements OnInit {
loading$: BehaviorSubject<boolean> = new BehaviorSubject<boolean>(true);
// tslint:disable-next-line:max-line-length
columns: Array<ObjectiveColumns> = [ObjectiveColumns.TEST_ID, ObjectiveColumns.TITLE, ObjectiveColumns.STATUS, ObjectiveColumns.FINDINGS_AND_COMMENTS];
dataSource: NbTreeGridDataSource<ObjectiveEntry>;

6
security-c4po-angular/src/app/pentest/pentest-content/pentest-findings/pentest-findings.component.html
View File

@ -19,10 +19,10 @@
<th nbTreeGridHeaderCell *nbTreeGridHeaderCellDef class="cell-severity">
{{ 'finding.severity' | translate }}
</th>
<td nbTreeGridCell *nbTreeGridCellDef="let finding" class="cell-severity border-style" fxLayoutAlign="center center">
<ng-container>
<td nbTreeGridCell *nbTreeGridCellDef="let finding" class="cell-severity border-style">
<div fxLayoutAlign="center center">
<app-severity-tag [currentSeverity]="finding.data['severity']"></app-severity-tag>
</ng-container>
</div>
</td>
</ng-container>
<!-- Description -->

6
security-c4po-angular/src/app/pentest/pentest-content/pentest-findings/pentest-findings.component.scss
View File

@ -17,11 +17,11 @@
}
.cell-severity {
width: 125px;
max-width: 125px;
//width: 125px;
// max-width: 125px;
// border-style: none;
// ToDo: Fix size issue on lower screen resolution
height: 4.5rem !important;
// height: 4.5rem !important;
}
.cell {

12
security-c4po-angular/src/shared/models/pentest.model.ts
View File

@ -41,6 +41,14 @@ export interface ObjectiveEntry {
expanded?: boolean;
}
export function isSubObjective(pentest: Pentest): boolean {
return pentest.refNumber.includes('_');
}
export function getObjectiveNumberObjective(pentest: Pentest): string {
return pentest.refNumber.split('_')[0];
}
export function transformPentestToRequestBody(pentest: Pentest): Pentest {
const transformedPentest = {
...pentest,
@ -65,8 +73,8 @@ export function transformPentestsToObjectiveEntries(pentests: Pentest[]): Object
objectiveEntries.push({
refNumber: value.refNumber,
status: value.status,
findings: value.findingIds ? value.findingIds.length : 0,
comments: value.commentIds ? value.commentIds.length : 0,
findingIds: value.findingIds,
commentIds: value.commentIds,
kind: value.childEntries ? 'dir' : 'cell',
childEntries: value.childEntries ? value.childEntries : null,
expanded: !!value.childEntries

53
security-c4po-angular/src/shared/services/api/pentest.service.ts
View File

@ -3,12 +3,11 @@ import {environment} from '../../../environments/environment';
import {HttpClient, HttpParams} from '@angular/common/http';
import {Observable, of} from 'rxjs';
import {Category} from '@shared/models/category.model';
import {Pentest} from '@shared/models/pentest.model';
import {getObjectiveNumberObjective, isSubObjective, Pentest} from '@shared/models/pentest.model';
import {Store} from '@ngxs/store';
import {ProjectState} from '@shared/stores/project-state/project-state';
import {catchError, map, switchMap} from 'rxjs/operators';
import {getTempPentestsForCategory} from '@shared/functions/categories/get-temp-pentests-for-category.function';
import {Finding} from '@shared/models/finding.model';
@Injectable({
providedIn: 'root'
@ -26,27 +25,59 @@ export class PentestService {
* Load Pentests
* @param category the categories of which the pentests should be requested
*/
// ToDo: Should be refactored to be less ugly fr
public loadPentests(category: Category): Observable<Pentest[]> {
return this.store.select(ProjectState.project).pipe(
switchMap(project => this.getPentestByProjectIdAndCategory(project.id, category)),
catchError(_ => of(null)),
map((response: Pentest[]) => {
// ToDo: Improve performance by only loading templates when not all pentests of category got returned
// Load template pentest
const templatePentests = getTempPentestsForCategory(category);
// The pentests that get returned to the component
let completePentests: Pentest[] = response;
let availablePentests: Pentest[] = response;
// Add pentest template to complete pentests if not included in request
if (completePentests) {
templatePentests.forEach((templatePentest: Pentest) => {
if (!completePentests.map(it => it.refNumber).includes(templatePentest.refNumber)) {
completePentests.push(templatePentest);
if (availablePentests) {
for (let i = 0; i < templatePentests.length; i++) {
if (!availablePentests.map(it => it.refNumber).includes(templatePentests[i].refNumber)) {
availablePentests.push(templatePentests[i]);
// Loads child entry from response in template when parent is still from template
if (isSubObjective(availablePentests[i])) {
const parentObjectiveNumber = getObjectiveNumberObjective(availablePentests[i]);
const parentTemplatePentestIndex = templatePentests.map(it => it.refNumber).indexOf(parentObjectiveNumber);
const parentTemplatePentest = templatePentests[parentTemplatePentestIndex];
parentTemplatePentest.childEntries.forEach((childEntry: Pentest) => {
if (childEntry.refNumber === availablePentests[i].refNumber) {
const unusedTemplateChildEntryIndex = parentTemplatePentest.childEntries.indexOf(childEntry);
// ToDo add the child entry from response here
parentTemplatePentest.childEntries[unusedTemplateChildEntryIndex] = availablePentests[i];
availablePentests.splice(i, 1);
}
});
}
} else if (templatePentests[i].childEntries && templatePentests[i].childEntries.length !== 0) {
const indexOfPentestWithChildEntries = availablePentests.map(it => it.refNumber).indexOf(templatePentests[i].refNumber);
availablePentests[indexOfPentestWithChildEntries].childEntries = [];
templatePentests[i]?.childEntries?.forEach((childEntry: Pentest) => {
// ToDo: Add only child entrys that are not included in response aka available pentests
if (!availablePentests.map(it => it.refNumber).includes(childEntry.refNumber)) {
console.log('Child entry from template: ', childEntry);
availablePentests[indexOfPentestWithChildEntries].childEntries.push(childEntry);
} else {
// Removes the pentest from availablePentests and add it as a child entry
const indexOfPentestThatsChildEntry = availablePentests.map(it => it.refNumber).indexOf(childEntry.refNumber);
const pentestThatIsChildEntry = availablePentests[indexOfPentestThatsChildEntry];
// Adds the child entry from response
availablePentests[indexOfPentestWithChildEntries].childEntries.push(pentestThatIsChildEntry);
availablePentests.splice(indexOfPentestThatsChildEntry, 1);
}
});
}
});
}
} else {
completePentests = templatePentests;
availablePentests = templatePentests;
}
return completePentests;
return availablePentests;
})
);
}

63
security-c4po-api/src/main/kotlin/com/securityc4po/api/pentest/PentestDeletionService.kt Normal file
View File

@ -0,0 +1,63 @@
package com.securityc4po.api.pentest
import com.securityc4po.api.configuration.BC_BAD_CAST_TO_ABSTRACT_COLLECTION
import com.securityc4po.api.configuration.MESSAGE_BAD_CAST_TO_ABSTRACT_COLLECTION
import com.securityc4po.api.configuration.error.handler.Errorcode
import com.securityc4po.api.configuration.error.handler.TransactionInterruptedException
import com.securityc4po.api.extensions.getLoggerFor
import com.securityc4po.api.pentest.comment.CommentRepository
import com.securityc4po.api.pentest.finding.FindingRepository
import com.securityc4po.api.project.Project
import edu.umd.cs.findbugs.annotations.SuppressFBWarnings
import org.springframework.stereotype.Service
import reactor.core.publisher.Flux
import reactor.core.publisher.Mono
@Service
class PentestDeletionService(
private val pentestRepository: PentestRepository,
private val findingRepository: FindingRepository,
private val commentRepository: CommentRepository
) {
var logger = getLoggerFor<PentestDeletionService>()
@SuppressFBWarnings(BC_BAD_CAST_TO_ABSTRACT_COLLECTION, MESSAGE_BAD_CAST_TO_ABSTRACT_COLLECTION)
fun deletePentestsAndAllAssociatedFindingsAndComments(project: Project): Flux<Project> {
val pentestIds = project.projectPentests.map { it.pentestId }
return pentestRepository.findPentestsByIds(pentestIds).collectList()
.flatMapMany { pentestEntityList -> Flux.fromIterable(pentestEntityList) }.flatMap { pentestEntity ->
this.pentestRepository.deletePentestById(pentestEntity.data.id).flatMap {
// Delete all associated findings of the pentest
val findingsDeletionResult =
this.findingRepository.deleteFindingsByIds(pentestEntity.data.findingIds).onErrorMap {
TransactionInterruptedException(
"Finding could not be deleted.",
Errorcode.FindingDeletionFailed
)
}
// Delete all associated comments of the pentest
val commentsDeletionResult =
this.commentRepository.deleteCommentsByIds(pentestEntity.data.commentIds).onErrorMap {
TransactionInterruptedException(
"Comments could not be deleted.",
Errorcode.CommentDeletionFailed
)
}
// Hack to map result together
findingsDeletionResult.flatMap {
commentsDeletionResult.flatMap {
Mono.just(project)
}
}
}.onErrorMap {
TransactionInterruptedException(
"Pentest deletion failed",
Errorcode.PentestDeletionFailed
)
}
}.flatMap {
Mono.just(project)
}
}
}

7
security-c4po-api/src/main/kotlin/com/securityc4po/api/pentest/PentestRepository.kt
View File

@ -1,5 +1,6 @@
package com.securityc4po.api.pentest
import org.springframework.data.mongodb.repository.DeleteQuery
import org.springframework.data.mongodb.repository.Query
import org.springframework.data.mongodb.repository.ReactiveMongoRepository
import org.springframework.stereotype.Repository
@ -14,4 +15,10 @@ interface PentestRepository : ReactiveMongoRepository<PentestEntity, String> {
@Query("{'data._id' : ?0}")
fun findPentestById(id: String): Mono<PentestEntity>
@Query("{'data._id' :{\$in: ?0 }}")
fun findPentestsByIds(id: List<String>): Flux<PentestEntity>
@DeleteQuery("{'data._id' : ?0}")
fun deletePentestById(id: String): Mono<Long>
}

2
security-c4po-api/src/main/kotlin/com/securityc4po/api/pentest/PentestService.kt
View File

@ -6,8 +6,6 @@ import com.securityc4po.api.configuration.error.handler.*
import com.securityc4po.api.configuration.error.handler.InvalidModelException
import com.securityc4po.api.configuration.error.handler.TransactionInterruptedException
import com.securityc4po.api.extensions.getLoggerFor
import com.securityc4po.api.pentest.comment.CommentService
import com.securityc4po.api.pentest.finding.FindingService
import com.securityc4po.api.project.*
import edu.umd.cs.findbugs.annotations.SuppressFBWarnings
import org.springframework.stereotype.Service

3
security-c4po-api/src/main/kotlin/com/securityc4po/api/pentest/comment/CommentRepository.kt
View File

@ -18,4 +18,7 @@ interface CommentRepository : ReactiveMongoRepository<CommentEntity, String> {
@DeleteQuery("{'data._id' : ?0}")
fun deleteCommentById(id: String): Mono<Long>
@DeleteQuery("{'data._id' :{\$in: ?0 }}")
fun deleteCommentsByIds(id: List<String>): Mono<Long>
}

3
security-c4po-api/src/main/kotlin/com/securityc4po/api/pentest/finding/FindingRepository.kt
View File

@ -18,4 +18,7 @@ interface FindingRepository : ReactiveMongoRepository<FindingEntity, String> {
@DeleteQuery("{'data._id' : ?0}")
fun deleteFindingById(id: String): Mono<Long>
@DeleteQuery("{'data._id' :{\$in: ?0 }}")
fun deleteFindingsByIds(id: List<String>): Mono<Long>
}

16
security-c4po-api/src/main/kotlin/com/securityc4po/api/project/ProjectController.kt
View File

@ -4,6 +4,7 @@ import com.securityc4po.api.configuration.BC_BAD_CAST_TO_ABSTRACT_COLLECTION
import com.securityc4po.api.extensions.getLoggerFor
import edu.umd.cs.findbugs.annotations.SuppressFBWarnings
import com.securityc4po.api.ResponseBody
import com.securityc4po.api.pentest.PentestDeletionService
import org.springframework.http.ResponseEntity
import org.springframework.web.bind.annotation.*
import reactor.core.publisher.Mono
@ -18,7 +19,7 @@ import reactor.kotlin.core.publisher.switchIfEmpty
methods = [RequestMethod.GET, RequestMethod.DELETE, RequestMethod.POST, RequestMethod.PATCH]
)
@SuppressFBWarnings(BC_BAD_CAST_TO_ABSTRACT_COLLECTION)
class ProjectController(private val projectService: ProjectService) {
class ProjectController(private val projectService: ProjectService, private val pentestDeletionService: PentestDeletionService) {
var logger = getLoggerFor<ProjectController>()
@ -69,9 +70,16 @@ class ProjectController(private val projectService: ProjectService) {
@DeleteMapping("/{id}")
fun deleteProject(@PathVariable(value = "id") id: String): Mono<ResponseEntity<ResponseBody>> {
// ToDo: Delete all associated Pentests, Findings and Comments
return this.projectService.deleteProject(id).map{
ResponseEntity.ok().body(it.toProjectDeleteResponseBody())
return this.projectService.deleteProject(id).flatMap { project: Project ->
// If the project has pentest the will be deleted as well as all associated findings & comments
if (project.projectPentests.isNotEmpty()) {
this.pentestDeletionService.deletePentestsAndAllAssociatedFindingsAndComments(project).collectList()
.flatMap { prunedProject: Any ->
Mono.just(ResponseEntity.ok().body(project.toProjectDeleteResponseBody()))
}
} else {
Mono.just(ResponseEntity.ok().body(project.toProjectDeleteResponseBody()))
}
}.switchIfEmpty {
Mono.just(ResponseEntity.noContent().build<ResponseBody>())
}

8
security-c4po-api/src/test/resources/collections/comments.json
View File

@ -3,9 +3,7 @@
"$oid": "6405dbf113ae975803a09901"
},
"lastModified": {
"$date": {
"$numberLong": "1678105585081"
}
"$date": "2023-03-06T12:26:25.081Z"
},
"data": {
"_id": "85935303-e5b7-48ca-a504-910c1a94fb1f",
@ -19,9 +17,7 @@
"$oid": "6405dc0513ae975803a09902"
},
"lastModified": {
"$date": {
"$numberLong": "1678105605811"
}
"$date": "2023-03-06T12:26:45.811Z"
},
"data": {
"_id": "a785aaf0-1feb-429e-beb1-31bfcf70c404",

45
security-c4po-api/src/test/resources/collections/findings.json
View File

@ -1,32 +1,9 @@
[{
"_id": {
"$oid": "6405d88b13ae975803a098fb"
},
"lastModified": {
"$date": {
"$numberLong": "1678104715816"
}
},
"data": {
"_id": "a343150a-91c9-4564-9638-d0377eecc7c9",
"severity": "LOW",
"title": "Low Prio Finding",
"description": "This is Low Prio.",
"impact": "Impacts nothing.",
"affectedUrls": [],
"reproduction": "Open App.",
"mitigation": "",
"attachments": []
},
"_class": "com.securityc4po.api.pentest.finding.FindingEntity"
},{
"_id": {
"$oid": "6405db8a13ae975803a098fe"
},
"lastModified": {
"$date": {
"$numberLong": "1678105482494"
}
"$date": "2023-03-06T12:24:42.494Z"
},
"data": {
"_id": "5bf1b2e1-69b7-463b-a1ca-4ac6ac66b10f",
@ -45,9 +22,7 @@
"$oid": "6405dba513ae975803a098ff"
},
"lastModified": {
"$date": {
"$numberLong": "1678105509645"
}
"$date": "2023-03-06T12:25:09.645Z"
},
"data": {
"_id": "f6e6c632-ab34-479e-9584-565f61c5862a",
@ -66,9 +41,7 @@
"$oid": "6405dbcc13ae975803a09900"
},
"lastModified": {
"$date": {
"$numberLong": "1678105548815"
}
"$date": "2023-03-06T12:25:48.815Z"
},
"data": {
"_id": "176f5d93-0fe3-40b1-8a25-f11a6f760148",
@ -84,21 +57,19 @@
"_class": "com.securityc4po.api.pentest.finding.FindingEntity"
},{
"_id": {
"$oid": "640854a01d5b385d85c60ba7"
"$oid": "641d94fb28aed92b289a61c7"
},
"lastModified": {
"$date": {
"$numberLong": "1678267552968"
}
"$date": "2023-03-24T12:18:03.350Z"
},
"data": {
"_id": "1ffc2215-b8ae-43b7-bbb7-bfcfb414d534",
"_id": "82076448-7ec0-4d64-a75d-b9bf6f4920be",
"severity": "LOW",
"title": "Low Prio Title",
"title": "Low Prio Finding",
"description": "Low Prio Description",
"impact": "Low Prio Impact",
"affectedUrls": [],
"reproduction": "Do Nothing",
"reproduction": "Step 1: Do Nothing",
"mitigation": "",
"attachments": []
},

234
security-c4po-api/src/test/resources/collections/pentests.json
View File

@ -3,9 +3,7 @@
"$oid": "6405da3b13ae975803a098fc"
},
"lastModified": {
"$date": {
"$numberLong": "1678107542446"
}
"$date": "2023-03-24T12:18:06.611Z"
},
"data": {
"_id": "54f3ce12-784a-4e44-b9b3-0a986119ec50",
@ -14,16 +12,16 @@
"refNumber": "OTG-INFO-001",
"status": "COMPLETED",
"findingIds": [
"54a168cd-aa4c-452b-8935-c6d22391994e",
"5bf1b2e1-69b7-463b-a1ca-4ac6ac66b10f",
"f6e6c632-ab34-479e-9584-565f61c5862a",
"176f5d93-0fe3-40b1-8a25-f11a6f760148"
"176f5d93-0fe3-40b1-8a25-f11a6f760148",
"82076448-7ec0-4d64-a75d-b9bf6f4920be"
],
"commentIds": [
"85935303-e5b7-48ca-a504-910c1a94fb1f",
"a785aaf0-1feb-429e-beb1-31bfcf70c404"
],
"timeSpent": 16748
"timeSpent": 16790
},
"_class": "com.securityc4po.api.pentest.PentestEntity"
},{
@ -31,9 +29,7 @@
"$oid": "6405df1013ae975803a09904"
},
"lastModified": {
"$date": {
"$numberLong": "1678107569518"
}
"$date": "2023-03-06T12:59:29.518Z"
},
"data": {
"_id": "d724df75-e85a-4124-a5be-bccadc78beaf",
@ -51,9 +47,7 @@
"$oid": "6405e93413ae975803a09906"
},
"lastModified": {
"$date": {
"$numberLong": "1678108986365"
}
"$date": "2023-03-06T13:23:06.365Z"
},
"data": {
"_id": "c9c1c2f4-14dd-43f4-bc0d-bac03755f798",
@ -71,9 +65,7 @@
"$oid": "6405e93c13ae975803a09907"
},
"lastModified": {
"$date": {
"$numberLong": "1678109005173"
}
"$date": "2023-03-06T13:23:25.173Z"
},
"data": {
"_id": "288599c2-c295-4825-b1ff-db20e99f45ba",
@ -91,9 +83,7 @@
"$oid": "6405e95113ae975803a09908"
},
"lastModified": {
"$date": {
"$numberLong": "1678109019438"
}
"$date": "2023-03-06T13:23:39.438Z"
},
"data": {
"_id": "7c1c1d64-000d-461b-b60f-50bfc70868e6",
@ -111,9 +101,7 @@
"$oid": "6405e96113ae975803a09909"
},
"lastModified": {
"$date": {
"$numberLong": "1678109030965"
}
"$date": "2023-03-06T13:23:50.965Z"
},
"data": {
"_id": "415528d1-a92c-4e14-adf1-2846b2ce0f70",
@ -131,9 +119,7 @@
"$oid": "6405e96d13ae975803a0990a"
},
"lastModified": {
"$date": {
"$numberLong": "1678109047972"
}
"$date": "2023-03-06T13:24:07.972Z"
},
"data": {
"_id": "8d91e25f-eaeb-42f6-800c-4e7113656321",
@ -151,9 +137,7 @@
"$oid": "6405e98213ae975803a0990b"
},
"lastModified": {
"$date": {
"$numberLong": "1678109061933"
}
"$date": "2023-03-06T13:24:21.933Z"
},
"data": {
"_id": "ed9595bb-cc80-4daa-873e-e7470fc0b7d1",
@ -171,9 +155,7 @@
"$oid": "6405ea1313ae975803a0990c"
},
"lastModified": {
"$date": {
"$numberLong": "1678109313610"
}
"$date": "2023-03-06T13:28:33.610Z"
},
"data": {
"_id": "35481ca5-5672-4a11-a2b8-38ece069ca70",
@ -191,9 +173,7 @@
"$oid": "6405ea6a13ae975803a0990d"
},
"lastModified": {
"$date": {
"$numberLong": "1678109300993"
}
"$date": "2023-03-06T13:28:20.993Z"
},
"data": {
"_id": "538f8e15-8d0e-43ac-b7a6-d6b5959581eb",
@ -211,9 +191,7 @@
"$oid": "6405ea7813ae975803a0990e"
},
"lastModified": {
"$date": {
"$numberLong": "1678109307441"
}
"$date": "2023-03-06T13:28:27.441Z"
},
"data": {
"_id": "3bff597e-d680-4b87-8352-be32f40db074",
@ -231,9 +209,7 @@
"$oid": "6405ea8813ae975803a0990f"
},
"lastModified": {
"$date": {
"$numberLong": "1678109324740"
}
"$date": "2023-03-06T13:28:44.740Z"
},
"data": {
"_id": "27ca5852-aa9f-44ed-b2fe-c46c31b415f4",
@ -251,9 +227,7 @@
"$oid": "6405ea9013ae975803a09910"
},
"lastModified": {
"$date": {
"$numberLong": "1678109332350"
}
"$date": "2023-03-06T13:28:52.350Z"
},
"data": {
"_id": "60cf0cf9-f62a-4669-87a7-f519e7be0613",
@ -271,9 +245,7 @@
"$oid": "6405ea9613ae975803a09911"
},
"lastModified": {
"$date": {
"$numberLong": "1678109337580"
}
"$date": "2023-03-06T13:28:57.580Z"
},
"data": {
"_id": "05251dfd-a382-47af-85d5-798dd1a6171a",
@ -291,9 +263,7 @@
"$oid": "6405ea9c13ae975803a09912"
},
"lastModified": {
"$date": {
"$numberLong": "1678109343733"
}
"$date": "2023-03-06T13:29:03.733Z"
},
"data": {
"_id": "be6780a2-b66e-42a6-a725-805633589921",
@ -311,9 +281,7 @@
"$oid": "6405eaa113ae975803a09913"
},
"lastModified": {
"$date": {
"$numberLong": "1678109350660"
}
"$date": "2023-03-06T13:29:10.660Z"
},
"data": {
"_id": "192b9fed-596b-4345-b33d-ca3882ba9bdd",
@ -331,9 +299,7 @@
"$oid": "6405eaa913ae975803a09914"
},
"lastModified": {
"$date": {
"$numberLong": "1678109357114"
}
"$date": "2023-03-06T13:29:17.114Z"
},
"data": {
"_id": "6d3f0b58-b311-465e-9f01-e3e45d165902",
@ -351,9 +317,7 @@
"$oid": "6405eabf13ae975803a09915"
},
"lastModified": {
"$date": {
"$numberLong": "1678109378116"
}
"$date": "2023-03-06T13:29:38.116Z"
},
"data": {
"_id": "058dd5c7-63a5-40cb-a4ed-46e5cdcb87ff",
@ -371,9 +335,7 @@
"$oid": "6405eac713ae975803a09916"
},
"lastModified": {
"$date": {
"$numberLong": "1678109388342"
}
"$date": "2023-03-06T13:29:48.342Z"
},
"data": {
"_id": "36e1c198-d425-4a38-ad0b-2f9d6759931e",
@ -391,9 +353,7 @@
"$oid": "6405eacd13ae975803a09917"
},
"lastModified": {
"$date": {
"$numberLong": "1678109393844"
}
"$date": "2023-03-06T13:29:53.844Z"
},
"data": {
"_id": "b3063d09-237f-493e-b0db-603a11829d88",
@ -411,9 +371,7 @@
"$oid": "6405ead413ae975803a09918"
},
"lastModified": {
"$date": {
"$numberLong": "1678109402037"
}
"$date": "2023-03-06T13:30:02.037Z"
},
"data": {
"_id": "6ae89321-678f-4191-b008-8abfc42401c3",
@ -431,9 +389,7 @@
"$oid": "6405eae013ae975803a09919"
},
"lastModified": {
"$date": {
"$numberLong": "1678109414821"
}
"$date": "2023-03-06T13:30:14.821Z"
},
"data": {
"_id": "3334d254-87bf-4115-8d88-e2fed022ad06",
@ -451,9 +407,7 @@
"$oid": "6405eae813ae975803a0991a"
},
"lastModified": {
"$date": {
"$numberLong": "1678109418622"
}
"$date": "2023-03-06T13:30:18.622Z"
},
"data": {
"_id": "8e97f1e0-b02c-4be2-b30e-372d09614038",
@ -471,9 +425,7 @@
"$oid": "6405eaeb13ae975803a0991b"
},
"lastModified": {
"$date": {
"$numberLong": "1678109421900"
}
"$date": "2023-03-06T13:30:21.900Z"
},
"data": {
"_id": "e9c9eecb-116b-4a8c-ac8c-4a279f77e1f4",
@ -491,9 +443,7 @@
"$oid": "6405eaf313ae975803a0991c"
},
"lastModified": {
"$date": {
"$numberLong": "1678109431028"
}
"$date": "2023-03-06T13:30:31.028Z"
},
"data": {
"_id": "f0531d71-18d3-41a7-a37a-2c15f6b26dcb",
@ -511,9 +461,7 @@
"$oid": "6405eaf813ae975803a0991d"
},
"lastModified": {
"$date": {
"$numberLong": "1678109437415"
}
"$date": "2023-03-06T13:30:37.415Z"
},
"data": {
"_id": "d73543ef-a66f-4878-9ecb-ab5207ed734f",
@ -531,9 +479,7 @@
"$oid": "6405eaff13ae975803a0991e"
},
"lastModified": {
"$date": {
"$numberLong": "1678109442635"
}
"$date": "2023-03-06T13:30:42.635Z"
},
"data": {
"_id": "22130f1e-53c2-404b-8f77-750e82d12768",
@ -551,9 +497,7 @@
"$oid": "6405eb0313ae975803a0991f"
},
"lastModified": {
"$date": {
"$numberLong": "1678109447207"
}
"$date": "2023-03-06T13:30:47.207Z"
},
"data": {
"_id": "54db12f1-1fdc-48f9-9b1d-b6b1fb39bc07",
@ -571,9 +515,7 @@
"$oid": "6405eb0813ae975803a09920"
},
"lastModified": {
"$date": {
"$numberLong": "1678109451358"
}
"$date": "2023-03-06T13:30:51.358Z"
},
"data": {
"_id": "7853a95c-7ee3-4b31-af18-401c104efc7e",
@ -591,9 +533,7 @@
"$oid": "6405eb1513ae975803a09921"
},
"lastModified": {
"$date": {
"$numberLong": "1678109464318"
}
"$date": "2023-03-06T13:31:04.318Z"
},
"data": {
"_id": "7ca78e39-7d4c-46c5-a9c3-ba58c7fba844",
@ -611,9 +551,7 @@
"$oid": "6405eb1913ae975803a09922"
},
"lastModified": {
"$date": {
"$numberLong": "1678109468545"
}
"$date": "2023-03-06T13:31:08.545Z"
},
"data": {
"_id": "dca5b8b3-e994-4d5c-8740-b21ee806a4e5",
@ -631,9 +569,7 @@
"$oid": "6405eb2013ae975803a09923"
},
"lastModified": {
"$date": {
"$numberLong": "1678109476264"
}
"$date": "2023-03-06T13:31:16.264Z"
},
"data": {
"_id": "5e7b999c-e878-4d48-9ce8-9b65ef578dae",
@ -651,9 +587,7 @@
"$oid": "6405eb2513ae975803a09924"
},
"lastModified": {
"$date": {
"$numberLong": "1678109480769"
}
"$date": "2023-03-06T13:31:20.769Z"
},
"data": {
"_id": "8bc131f4-b9c8-4dd5-927b-0675dff6344e",
@ -671,9 +605,7 @@
"$oid": "6405eb2913ae975803a09925"
},
"lastModified": {
"$date": {
"$numberLong": "1678109484038"
}
"$date": "2023-03-06T13:31:24.038Z"
},
"data": {
"_id": "ed134842-6578-4d22-af57-282161c5306b",
@ -691,9 +623,7 @@
"$oid": "6405eb2c13ae975803a09926"
},
"lastModified": {
"$date": {
"$numberLong": "1678109487490"
}
"$date": "2023-03-06T13:31:27.490Z"
},
"data": {
"_id": "f35f30fb-f246-4a1f-ae26-ce864647a341",
@ -711,9 +641,7 @@
"$oid": "6405eb3213ae975803a09927"
},
"lastModified": {
"$date": {
"$numberLong": "1678109492740"
}
"$date": "2023-03-06T13:31:32.740Z"
},
"data": {
"_id": "47021e69-95ab-4d93-ac13-aac0379ca809",
@ -731,9 +659,7 @@
"$oid": "6405eb3513ae975803a09928"
},
"lastModified": {
"$date": {
"$numberLong": "1678109496150"
}
"$date": "2023-03-06T13:31:36.150Z"
},
"data": {
"_id": "f19a5176-64bc-452b-aa63-8861aab75059",
@ -751,9 +677,7 @@
"$oid": "6405eb3913ae975803a09929"
},
"lastModified": {
"$date": {
"$numberLong": "1678109499621"
}
"$date": "2023-03-06T13:31:39.621Z"
},
"data": {
"_id": "c60ac6e5-39e8-4fae-8d65-d71ea69a2404",
@ -771,9 +695,7 @@
"$oid": "6405eb3e13ae975803a0992a"
},
"lastModified": {
"$date": {
"$numberLong": "1678109505221"
}
"$date": "2023-03-06T13:31:45.221Z"
},
"data": {
"_id": "2764e64b-0a7e-456c-9999-cdd05c5ef50b",
@ -791,9 +713,7 @@
"$oid": "6405eb4113ae975803a0992b"
},
"lastModified": {
"$date": {
"$numberLong": "1678109508028"
}
"$date": "2023-03-06T13:31:48.028Z"
},
"data": {
"_id": "1247dd20-2986-4887-9c17-74806ce56eef",
@ -811,9 +731,7 @@
"$oid": "6405eb4413ae975803a0992c"
},
"lastModified": {
"$date": {
"$numberLong": "1678109510833"
}
"$date": "2023-03-06T13:31:50.833Z"
},
"data": {
"_id": "e01d1a34-15fa-4f29-8054-8209a422e505",
@ -831,9 +749,7 @@
"$oid": "6405eb4913ae975803a0992d"
},
"lastModified": {
"$date": {
"$numberLong": "1678109515433"
}
"$date": "2023-03-06T13:31:55.433Z"
},
"data": {
"_id": "c55343b0-c99c-4bfd-8f30-b8464b442dad",
@ -851,9 +767,7 @@
"$oid": "6405eb5013ae975803a0992e"
},
"lastModified": {
"$date": {
"$numberLong": "1678109523051"
}
"$date": "2023-03-06T13:32:03.051Z"
},
"data": {
"_id": "47ff61bb-2e4f-45e3-9630-136f9d704882",
@ -871,9 +785,7 @@
"$oid": "6405eb5413ae975803a0992f"
},
"lastModified": {
"$date": {
"$numberLong": "1678109528338"
}
"$date": "2023-03-06T13:32:08.338Z"
},
"data": {
"_id": "0b353e67-3092-4586-9558-172354beaf8b",
@ -891,9 +803,7 @@
"$oid": "6405eb5913ae975803a09930"
},
"lastModified": {
"$date": {
"$numberLong": "1678109532951"
}
"$date": "2023-03-06T13:32:12.951Z"
},
"data": {
"_id": "5804e2ce-8c5b-4f3d-8674-433042e61a7f",
@ -911,9 +821,7 @@
"$oid": "6405eb5f13ae975803a09931"
},
"lastModified": {
"$date": {
"$numberLong": "1678109537656"
}
"$date": "2023-03-06T13:32:17.656Z"
},
"data": {
"_id": "4fc1260b-8b5b-47a7-bdee-61261e23919d",
@ -931,9 +839,7 @@
"$oid": "6405eb6d13ae975803a09932"
},
"lastModified": {
"$date": {
"$numberLong": "1678109552061"
}
"$date": "2023-03-06T13:32:32.061Z"
},
"data": {
"_id": "39dfbf25-e97d-4bd8-9943-a9eec183bfcf",
@ -951,9 +857,7 @@
"$oid": "6405eb7113ae975803a09933"
},
"lastModified": {
"$date": {
"$numberLong": "1678109555238"
}
"$date": "2023-03-06T13:32:35.238Z"
},
"data": {
"_id": "53668fb6-471d-4363-9e47-8f73e4f1a7d4",
@ -971,9 +875,7 @@
"$oid": "6405eb7413ae975803a09934"
},
"lastModified": {
"$date": {
"$numberLong": "1678109558674"
}
"$date": "2023-03-06T13:32:38.674Z"
},
"data": {
"_id": "86637ffd-8e6e-4e00-9179-42f52780427a",
@ -991,9 +893,7 @@
"$oid": "6405eb7a13ae975803a09935"
},
"lastModified": {
"$date": {
"$numberLong": "1678109564423"
}
"$date": "2023-03-06T13:32:44.423Z"
},
"data": {
"_id": "04f9532e-3c05-4eff-9e9f-b2d733a14a77",
@ -1011,9 +911,7 @@
"$oid": "6405eb8a13ae975803a09936"
},
"lastModified": {
"$date": {
"$numberLong": "1678109580934"
}
"$date": "2023-03-06T13:33:00.934Z"
},
"data": {
"_id": "1e58f29e-81fb-48d2-94bf-7b89e227f590",
@ -1031,9 +929,7 @@
"$oid": "6405eb8e13ae975803a09937"
},
"lastModified": {
"$date": {
"$numberLong": "1678109584323"
}
"$date": "2023-03-06T13:33:04.323Z"
},
"data": {
"_id": "2c78589b-558e-4b99-a182-df4df3c1439b",
@ -1051,9 +947,7 @@
"$oid": "6405eb9113ae975803a09938"
},
"lastModified": {
"$date": {
"$numberLong": "1678109587493"
}
"$date": "2023-03-06T13:33:07.493Z"
},
"data": {
"_id": "9383b9c1-6c2e-422b-b16f-31a9640d1647",
@ -1071,9 +965,7 @@
"$oid": "6405eb9f13ae975803a09939"
},
"lastModified": {
"$date": {
"$numberLong": "1678109602022"
}
"$date": "2023-03-06T13:33:22.022Z"
},
"data": {
"_id": "2f87faf9-611f-40ae-9c0e-412d0bfd0481",
@ -1091,9 +983,7 @@
"$oid": "6405eba313ae975803a0993a"
},
"lastModified": {
"$date": {
"$numberLong": "1678109605807"
}
"$date": "2023-03-06T13:33:25.807Z"
},
"data": {
"_id": "0f47fcbc-f567-4009-ae56-a894cf17cc46",
@ -1111,9 +1001,7 @@
"$oid": "6405eba613ae975803a0993b"
},
"lastModified": {
"$date": {
"$numberLong": "1678109609296"
}
"$date": "2023-03-06T13:33:29.296Z"
},
"data": {
"_id": "ba0fa19c-5533-4be8-8169-9ffa7d449ab0",
@ -1131,9 +1019,7 @@
"$oid": "6405ebaa13ae975803a0993c"
},
"lastModified": {
"$date": {
"$numberLong": "1678109612469"
}
"$date": "2023-03-06T13:33:32.469Z"
},
"data": {
"_id": "0f47ac3b-d19a-4115-9ddf-dc9b2f11abae",

8
security-c4po-api/src/test/resources/collections/projects.json
View File

@ -3,9 +3,7 @@
"$oid": "6405d84a13ae975803a098fa"
},
"lastModified": {
"$date": {
"$numberLong": "1678109612474"
}
"$date": "2023-03-24T12:18:06.619Z"
},
"data": {
"_id": "575dd9d4-cb3c-4df3-981e-8a18bf8dc1d2",
@ -252,9 +250,7 @@
"$oid": "6405e92813ae975803a09905"
},
"lastModified": {
"$date": {
"$numberLong": "1678108968564"
}
"$date": "2023-03-06T13:22:48.564Z"
},
"data": {
"_id": "d6e83738-4251-44ac-ad40-21b360780c98",

25
security-c4po-reporting/src/main/kotlin/com/securityc4po/reporting/report/ReportController.kt
View File

@ -32,14 +32,7 @@ class ReportController(private val apiService: APIService, private val reportSer
produces = [MediaType.APPLICATION_PDF_VALUE]
)
fun downloadPentestReportPDF(@PathVariable(value = "projectId") projectId: String, @AuthenticationPrincipal user: Appuser): Mono<ResponseEntity<ByteArray>> {
// Todo: Create Report with Jasper
return this.apiService.requestProjectReportDataById(projectId, user.token).flatMap {projectReport ->
/* ToDo: remove if jsonProjectReportCollection not needed for report generation */
val jsonProjectReportString: String =
File("./src/test/resources/ProjectReportData.json").readText(Charsets.UTF_8)
val jsonProjectReportCollection: ProjectReport =
jacksonObjectMapper().readValue<ProjectReport>(jsonProjectReportString)
/* jsonProjectReportCollection */
this.reportService.createReport(projectReport, "pdf").map { reportClassLoaderFilePath ->
ResponseEntity.ok().body(reportClassLoaderFilePath)
}.switchIfEmpty {
@ -56,7 +49,14 @@ class ReportController(private val apiService: APIService, private val reportSer
"/{projectId}/csv",
produces = ["text/csv"]
)
fun downloadPentestReportCSV() {}
fun downloadPentestReportCSV() {
/* ToDo: remove if jsonProjectReportCollection not needed for report generation */
val jsonProjectReportString: String =
File("./src/test/resources/ProjectReportData.json").readText(Charsets.UTF_8)
val jsonProjectReportCollection: ProjectReport =
jacksonObjectMapper().readValue<ProjectReport>(jsonProjectReportString)
/* jsonProjectReportCollection */
}
*/
// ToDo: Add download API for html report
/*
@ -64,6 +64,13 @@ class ReportController(private val apiService: APIService, private val reportSer
"/{projectId}/html",
produces = ["text/html"]
)
fun downloadPentestReportHTML() {}
fun downloadPentestReportHTML() {
/* ToDo: remove if jsonProjectReportCollection not needed for report generation */
val jsonProjectReportString: String =
File("./src/test/resources/ProjectReportData.json").readText(Charsets.UTF_8)
val jsonProjectReportCollection: ProjectReport =
jacksonObjectMapper().readValue<ProjectReport>(jsonProjectReportString)
/* jsonProjectReportCollection */
}
*/
}

36
security-c4po-reporting/src/main/kotlin/com/securityc4po/reporting/report/ReportService.kt
View File

@ -32,7 +32,9 @@ class ReportService {
"./src/main/resources/jasper/reports/c4po_state_of_confidentiality.jrxml"
private val reportExecutiveSummaryDesignTemplate =
"./src/main/resources/jasper/reports/c4po_executive_summary.jrxml"
private val reportPentestsDesignTemplate = "./src/main/resources/jasper/reports/c4po_pentests.jrxml"
private val reportPentestsFindingsAndCommentsDesignTemplate = "./src/main/resources/jasper/reports/c4po_pentests_findings_and_comments.jrxml"
private val reportPentestsFindingsOnlyDesignTemplate = "./src/main/resources/jasper/reports/c4po_pentests_findings_only.jrxml"
private val reportPentestsCommentsOnlyDesignTemplate = "./src/main/resources/jasper/reports/c4po_pentests_comments_only.jrxml"
private val reportAppendenciesDesignTemplate = "./src/main/resources/jasper/reports/c4po_appendencies.jrxml"
// Path to default pdf file
@ -321,9 +323,13 @@ class ReportService {
// Create List of Files
var finalFiles: List<File> = emptyList()
// Load Jasper Files
val filePentests: File = ResourceUtils.getFile(reportPentestsDesignTemplate)
val filePentestsFindingsAndComments: File = ResourceUtils.getFile(reportPentestsFindingsAndCommentsDesignTemplate)
val filePentestsFindingsOnly: File = ResourceUtils.getFile(reportPentestsFindingsOnlyDesignTemplate)
val filePentestsCommentsOnly: File = ResourceUtils.getFile(reportPentestsCommentsOnlyDesignTemplate)
// Compile Jasper Reports
val jasperReportPentests: JasperReport = JasperCompileManager.compileReport(filePentests.absolutePath)
val jasperReportPentestsFindingsAndComments: JasperReport = JasperCompileManager.compileReport(filePentestsFindingsAndComments.absolutePath)
val jasperReportPentestsFindingsOnly: JasperReport = JasperCompileManager.compileReport(filePentestsFindingsOnly.absolutePath)
val jasperReportPentestsCommentsOnly: JasperReport = JasperCompileManager.compileReport(filePentestsCommentsOnly.absolutePath)
// Create pentestReport content for every objective
for (i in 0 until projectReportCollection.projectPentestReport.size) {
val projectSinglePentestReportDataSource: JRBeanCollectionDataSource =
@ -331,23 +337,18 @@ class ReportService {
// Setup Parameter & add Sub-datasets
val parameters = HashMap<String, Any>()
// Setup Sub-dataset for Findings of Pentest
parameters["PentestFindingsDataSource"] =
if (projectReportCollection.projectPentestReport[i].findings.isNotEmpty()) {
JRBeanCollectionDataSource(projectReportCollection.projectPentestReport[i].findings)
} else {
JRBeanCollectionDataSource(emptyList<Finding>())
}
parameters["PentestFindingsDataSource"] = JRBeanCollectionDataSource(projectReportCollection.projectPentestReport[i].findings)
// Setup Sub-dataset for Comments of Pentest
parameters["PentestCommentsDataSource"] =
if (projectReportCollection.projectPentestReport[i].comments.isNotEmpty()) {
JRBeanCollectionDataSource(projectReportCollection.projectPentestReport[i].comments)
} else {
JRBeanCollectionDataSource(emptyList<Comment>())
}
parameters["PentestCommentsDataSource"] = JRBeanCollectionDataSource(projectReportCollection.projectPentestReport[i].comments)
// Fill Reports
// Print one report for each objective and merge them together afterwards
val jasperPrintPentests: JasperPrint =
JasperFillManager.fillReport(jasperReportPentests, parameters, projectSinglePentestReportDataSource)
val jasperPrintPentests: JasperPrint = if (projectReportCollection.projectPentestReport[i].findings.isEmpty()) {
JasperFillManager.fillReport(jasperReportPentestsCommentsOnly, parameters, projectSinglePentestReportDataSource)
} else if (projectReportCollection.projectPentestReport[i].comments.isEmpty()) {
JasperFillManager.fillReport(jasperReportPentestsFindingsOnly, parameters, projectSinglePentestReportDataSource)
} else {
JasperFillManager.fillReport(jasperReportPentestsFindingsAndComments, parameters, projectSinglePentestReportDataSource)
}
// Create File
var finalFile: File = File(reportDefaultPdf)
if (reportFormat.equals("pdf")) {
@ -358,6 +359,7 @@ class ReportService {
finalFile = File(reportDestination + "E" + i.toString() + "_Pentestreport.pdf")
finalFiles += (finalFile)
} else {
println("NONONO")
// ToDo: Implement different report formats
finalFiles += (finalFile)
}

2
security-c4po-reporting/src/main/resources/jasper/reports/c4po_cover.jrxml
View File

@ -153,7 +153,7 @@
<rectangle>
<reportElement x="-20" y="30" width="595" height="30" forecolor="#232B44" backcolor="#232B44" uuid="1ed47e2d-9d46-44b9-bad7-8eeb1143c83c"/>
<graphicElement>
<pen lineWidth="0.0"/>
<pen lineWidth="1.0"/>
</graphicElement>
</rectangle>
<staticText>

227
security-c4po-reporting/src/main/resources/jasper/reports/c4po_pentests_comments_only.jrxml Normal file
View File

@ -0,0 +1,227 @@
<?xml version="1.0" encoding="UTF-8"?>
<!-- Created with Jaspersoft Studio version 6.20.0.final using JasperReports Library version 6.20.0-2bc7ab61c56f459e8176eb05c7705e145cd400ad -->
<jasperReport xmlns="http://jasperreports.sourceforge.net/jasperreports" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://jasperreports.sourceforge.net/jasperreports http://jasperreports.sourceforge.net/xsd/jasperreport.xsd" name="C4PO_Pentest" pageWidth="595" pageHeight="842" columnWidth="555" leftMargin="20" rightMargin="20" topMargin="20" bottomMargin="20" uuid="d4d219cb-f6cb-4f7b-9d33-c00b82eaa1b7">
<property name="com.jaspersoft.studio.data.defaultdataadapter" value="ProjectPentestReportJasperData Template JSON Adapter"/>
<style name="Table_TH" mode="Opaque" backcolor="#232B44">
<box>
<pen lineWidth="0.5" lineColor="#151B2E"/>
<topPen lineWidth="0.5" lineColor="#151B2E"/>
<leftPen lineWidth="0.5" lineColor="#151B2E"/>
<bottomPen lineWidth="0.5" lineColor="#151B2E"/>
<rightPen lineWidth="0.5" lineColor="#151B2E"/>
</box>
</style>
<style name="Table_CH" mode="Opaque" backcolor="#FFFFFF">
<box>
<pen lineWidth="0.5" lineColor="#151B2E"/>
<topPen lineWidth="0.5" lineColor="#151B2E"/>
<leftPen lineWidth="0.5" lineColor="#151B2E"/>
<bottomPen lineWidth="0.5" lineColor="#151B2E"/>
<rightPen lineWidth="0.5" lineColor="#151B2E"/>
</box>
</style>
<style name="Table_TD" mode="Opaque" backcolor="#FFFFFF">
<box>
<pen lineWidth="0.5" lineColor="#151B2E"/>
<topPen lineWidth="0.5" lineColor="#151B2E"/>
<leftPen lineWidth="0.5" lineColor="#151B2E"/>
<bottomPen lineWidth="0.5" lineColor="#151B2E"/>
<rightPen lineWidth="0.5" lineColor="#151B2E"/>
</box>
</style>
<style name="Table 1_TH" mode="Opaque" backcolor="#232B44">
<box>
<pen lineWidth="0.5" lineColor="#232B44"/>
<topPen lineWidth="0.5" lineColor="#232B44"/>
<leftPen lineWidth="0.5" lineColor="#232B44"/>
<bottomPen lineWidth="0.5" lineColor="#232B44"/>
<rightPen lineWidth="0.5" lineColor="#232B44"/>
</box>
</style>
<style name="Table 1_CH" mode="Opaque" backcolor="#FFFFFF">
<box>
<pen lineWidth="0.5" lineColor="#232B44"/>
<topPen lineWidth="0.5" lineColor="#232B44"/>
<leftPen lineWidth="0.5" lineColor="#232B44"/>
<bottomPen lineWidth="0.5" lineColor="#232B44"/>
<rightPen lineWidth="0.5" lineColor="#232B44"/>
</box>
</style>
<style name="Table 1_TD" mode="Opaque" backcolor="#FFFFFF">
<box>
<pen lineWidth="0.5" lineColor="#232B44"/>
<topPen lineWidth="0.5" lineColor="#232B44"/>
<leftPen lineWidth="0.5" lineColor="#232B44"/>
<bottomPen lineWidth="0.5" lineColor="#232B44"/>
<rightPen lineWidth="0.5" lineColor="#232B44"/>
</box>
</style>
<subDataset name="projectPentestReport Sub Datasource" uuid="f4b3a379-ea17-4640-8dfc-e04d6c738694">
<property name="com.jaspersoft.studio.data.defaultdataadapter" value="ProjectReportData JSON Adapter"/>
<queryString language="json">
<![CDATA[projectPentestReport]]>
</queryString>
<field name="id" class="java.lang.String">
<property name="net.sf.jasperreports.json.field.expression" value="id"/>
<fieldDescription><![CDATA[id]]></fieldDescription>
</field>
<field name="category" class="java.lang.String">
<property name="net.sf.jasperreports.json.field.expression" value="category"/>
<fieldDescription><![CDATA[category]]></fieldDescription>
</field>
<field name="refNumber" class="java.lang.String">
<property name="net.sf.jasperreports.json.field.expression" value="refNumber"/>
<fieldDescription><![CDATA[refNumber]]></fieldDescription>
</field>
<field name="findings" class="java.lang.String">
<property name="net.sf.jasperreports.json.field.expression" value="findings"/>
<fieldDescription><![CDATA[findings]]></fieldDescription>
</field>
<field name="comments" class="java.lang.String">
<property name="net.sf.jasperreports.json.field.expression" value="comments"/>
<fieldDescription><![CDATA[comments]]></fieldDescription>
</field>
<field name="status" class="java.lang.String">
<property name="net.sf.jasperreports.json.field.expression" value="status"/>
<fieldDescription><![CDATA[status]]></fieldDescription>
</field>
<group name="id">
<groupExpression><![CDATA[$F{id}]]></groupExpression>
</group>
<group name="category">
<groupExpression><![CDATA[$F{category}]]></groupExpression>
</group>
<group name="refNumber">
<groupExpression><![CDATA[$F{refNumber}]]></groupExpression>
</group>
<group name="findings">
<groupExpression><![CDATA[$F{findings}]]></groupExpression>
</group>
<group name="comments">
<groupExpression><![CDATA[$F{comments}]]></groupExpression>
</group>
<group name="status">
<groupExpression><![CDATA[$F{status}]]></groupExpression>
</group>
</subDataset>
<subDataset name="comments Sub Datasource" uuid="797bf326-f0eb-4f3c-b5a5-3113f7320b18">
<property name="com.jaspersoft.studio.data.defaultdataadapter" value="ProjectReportData JSON Adapter"/>
<queryString language="json">
<![CDATA[projectPentestReport.comments]]>
</queryString>
<field name="id" class="java.lang.String">
<property name="net.sf.jasperreports.json.field.expression" value="id"/>
<fieldDescription><![CDATA[id]]></fieldDescription>
</field>
<field name="title" class="java.lang.String">
<property name="net.sf.jasperreports.json.field.expression" value="title"/>
<fieldDescription><![CDATA[title]]></fieldDescription>
</field>
<field name="description" class="java.lang.String">
<property name="net.sf.jasperreports.json.field.expression" value="description"/>
<fieldDescription><![CDATA[description]]></fieldDescription>
</field>
<field name="relatedFindings" class="java.lang.String">
<property name="net.sf.jasperreports.json.field.expression" value="relatedFindings"/>
<fieldDescription><![CDATA[relatedFindings]]></fieldDescription>
</field>
<group name="id">
<groupExpression><![CDATA[$F{id}]]></groupExpression>
</group>
<group name="title">
<groupExpression><![CDATA[$F{title}]]></groupExpression>
</group>
<group name="description">
<groupExpression><![CDATA[$F{description}]]></groupExpression>
</group>
<group name="relatedFindings">
<groupExpression><![CDATA[$F{relatedFindings}]]></groupExpression>
</group>
</subDataset>
<subDataset name="Commentstable" uuid="f301d27e-9489-4007-8675-68f5bcb787c4">
<queryString>
<![CDATA[]]>
</queryString>
<field name="id" class="java.lang.String"/>
<field name="title" class="java.lang.String"/>
<field name="description" class="java.lang.String"/>
<field name="relatedFindings" class="java.lang.String"/>
</subDataset>
<parameter name="PentestCommentsDataSource" class="net.sf.jasperreports.engine.data.JRBeanCollectionDataSource"/>
<queryString language="JSON">
<![CDATA[projectPentestReport]]>
</queryString>
<field name="id" class="java.lang.String">
<property name="net.sf.jasperreports.json.field.expression" value="id"/>
<fieldDescription><![CDATA[id]]></fieldDescription>
</field>
<field name="category" class="java.lang.String">
<property name="net.sf.jasperreports.json.field.expression" value="category"/>
<fieldDescription><![CDATA[category]]></fieldDescription>
</field>
<field name="refNumber" class="java.lang.String">
<property name="net.sf.jasperreports.json.field.expression" value="refNumber"/>
<fieldDescription><![CDATA[refNumber]]></fieldDescription>
</field>
<field name="findings" class="java.lang.String">
<property name="net.sf.jasperreports.json.field.expression" value="findings"/>
<fieldDescription><![CDATA[findings]]></fieldDescription>
</field>
<field name="comments" class="java.lang.String">
<property name="net.sf.jasperreports.json.field.expression" value="comments"/>
<fieldDescription><![CDATA[comments]]></fieldDescription>
</field>
<field name="status" class="java.lang.String">
<property name="net.sf.jasperreports.json.field.expression" value="status"/>
<fieldDescription><![CDATA[status]]></fieldDescription>
</field>
<title>
<band height="72" splitType="Stretch">
<rectangle>
<reportElement x="-20" y="25" width="556" height="27" forecolor="#151B2E" backcolor="#151B2E" uuid="9ca6f826-bc92-47ff-a80a-ad682e7d8329"/>
<graphicElement>
<pen lineWidth="0.0"/>
</graphicElement>
</rectangle>
<textField>
<reportElement x="0" y="29" width="526" height="20" forecolor="#FFFFFF" uuid="44b9e926-60c6-4b1c-9af9-9b67947b3082"/>
<textElement verticalAlignment="Middle">
<font fontName="SansSerif" size="14" isBold="false"/>
</textElement>
<textFieldExpression><![CDATA[$F{refNumber}]]></textFieldExpression>
</textField>
<rectangle>
<reportElement x="-20" y="0" width="556" height="27" forecolor="#232B44" backcolor="#232B44" uuid="df8f27a6-eae9-4855-8133-95ee17f92440"/>
<graphicElement>
<pen lineWidth="0.0"/>
</graphicElement>
</rectangle>
<textField>
<reportElement x="0" y="3" width="526" height="20" forecolor="#FFFFFF" uuid="f7c64c89-0142-47c8-8b5d-4b4c4380758f"/>
<textElement verticalAlignment="Middle">
<font fontName="SansSerif" size="14" isBold="true"/>
</textElement>
<textFieldExpression><![CDATA[$F{category}]]></textFieldExpression>
</textField>
<ellipse>
<reportElement x="512" y="0" width="48" height="52" backcolor="#232B44" uuid="3eff32ef-9011-450d-8359-4d9ae097d4ce"/>
<graphicElement>
<pen lineWidth="0.0" lineColor="#232B44"/>
</graphicElement>
</ellipse>
<image>
<reportElement x="524" y="13" width="24" height="27" uuid="c8f8490d-ab26-47e3-811f-c3a70a633fd0"/>
<imageExpression><![CDATA["/Users/mhg/Documents/Projects/security-c4po/security-c4po-reporting/src/main/resources/jasper/Watermark.png"]]></imageExpression>
</image>
</band>
</title>
<detail>
<band height="611" splitType="Stretch">
<subreport isUsingCache="false" runToBottom="false">
<reportElement x="0" y="0" width="554" height="610" isRemoveLineWhenBlank="true" uuid="48da877f-cf38-4fc2-9104-934c8a528d6e"/>
<dataSourceExpression><![CDATA[$P{PentestCommentsDataSource}]]></dataSourceExpression>
<subreportExpression><![CDATA["./src/main/resources/jasper/subreports/"+"CommentsSubreport.jasper"]]></subreportExpression>
</subreport>
</band>
</detail>
</jasperReport>

42
security-c4po-reporting/src/main/resources/jasper/reports/c4po_pentests.jrxml → security-c4po-reporting/src/main/resources/jasper/reports/c4po_pentests_findings_and_comments.jrxml
View File

@ -265,50 +265,60 @@
<fieldDescription><![CDATA[status]]></fieldDescription>
</field>
<title>
<band height="42" splitType="Stretch">
<band height="72" splitType="Stretch">
<rectangle>
<reportElement x="-20" y="0" width="573" height="30" forecolor="#232B44" backcolor="#232B44" uuid="d90debc9-13dd-404a-a1d1-d227e0a208a5"/>
<reportElement x="-20" y="25" width="556" height="27" forecolor="#151B2E" backcolor="#151B2E" uuid="33a23a53-0e80-4c2e-b381-6116d6fa79cd"/>
<graphicElement>
<pen lineWidth="0.0"/>
</graphicElement>
</rectangle>
<ellipse>
<reportElement x="537" y="0" width="30" height="30" backcolor="#232B44" uuid="e6ecfe00-ba27-44b0-ad8c-82d2b15657e6"/>
<textField>
<reportElement x="0" y="29" width="526" height="20" forecolor="#FFFFFF" uuid="1b1f20bc-6ca3-4d7a-9af7-f297a9f3096f"/>
<textElement verticalAlignment="Middle">
<font fontName="SansSerif" size="14" isBold="false"/>
</textElement>
<textFieldExpression><![CDATA[$F{refNumber}]]></textFieldExpression>
</textField>
<rectangle>
<reportElement x="-20" y="0" width="556" height="27" forecolor="#232B44" backcolor="#232B44" uuid="540caccf-a660-48d9-8e83-7e82223b97c5"/>
<graphicElement>
<pen lineWidth="0.0"/>
</graphicElement>
</ellipse>
</rectangle>
<textField>
<reportElement x="0" y="5" width="553" height="20" forecolor="#FFFFFF" uuid="b91211d3-616c-40d7-9836-7884989c270f"/>
<reportElement x="0" y="3" width="526" height="20" forecolor="#FFFFFF" uuid="b91211d3-616c-40d7-9836-7884989c270f"/>
<textElement verticalAlignment="Middle">
<font fontName="SansSerif" size="16" isBold="true"/>
<font fontName="SansSerif" size="14" isBold="true"/>
</textElement>
<textFieldExpression><![CDATA[$F{category} + ": " + $F{refNumber}]]></textFieldExpression>
<textFieldExpression><![CDATA[$F{category}]]></textFieldExpression>
</textField>
<ellipse>
<reportElement x="512" y="0" width="48" height="52" backcolor="#232B44" uuid="43ab5511-6409-4735-9bb5-1d4e5074ef8b"/>
<graphicElement>
<pen lineWidth="0.0" lineColor="#232B44"/>
</graphicElement>
</ellipse>
<image>
<reportElement x="539" y="3" width="23" height="24" uuid="110809ac-8a68-486d-93f4-35a583bd1759"/>
<reportElement x="524" y="13" width="24" height="27" uuid="afa875b3-5bda-4192-8094-7810edcf25ec"/>
<imageExpression><![CDATA["/Users/mhg/Documents/Projects/security-c4po/security-c4po-reporting/src/main/resources/jasper/Watermark.png"]]></imageExpression>
</image>
</band>
</title>
<detail>
<band height="699" splitType="Stretch">
<subreport>
<reportElement positionType="Float" x="0" y="0" width="554" height="349" isRemoveLineWhenBlank="true" uuid="5b74c6df-2b20-462b-bfbb-be7d3efee10f"/>
<subreport isUsingCache="false" runToBottom="true">
<reportElement positionType="Float" x="0" y="0" width="554" height="340" isRemoveLineWhenBlank="true" uuid="5b74c6df-2b20-462b-bfbb-be7d3efee10f"/>
<subreportParameter name="PentestFindingsDataSource">
<subreportParameterExpression><![CDATA[]]></subreportParameterExpression>
</subreportParameter>
<dataSourceExpression><![CDATA[$P{PentestFindingsDataSource}]]></dataSourceExpression>
<subreportExpression><![CDATA["./src/main/resources/jasper/subreports/"+"FindingsSubreport.jasper"]]></subreportExpression>
</subreport>
<subreport>
<reportElement positionType="Float" x="0" y="360" width="554" height="334" isRemoveLineWhenBlank="true" uuid="48da877f-cf38-4fc2-9104-934c8a528d6e"/>
<subreport isUsingCache="false" runToBottom="true">
<reportElement positionType="Float" x="0" y="350" width="554" height="339" isRemoveLineWhenBlank="true" uuid="48da877f-cf38-4fc2-9104-934c8a528d6e"/>
<dataSourceExpression><![CDATA[$P{PentestCommentsDataSource}]]></dataSourceExpression>
<subreportExpression><![CDATA["./src/main/resources/jasper/subreports/"+"CommentsSubreport.jasper"]]></subreportExpression>
</subreport>
</band>
</detail>
<pageFooter>
<band height="29" splitType="Stretch"/>
</pageFooter>
</jasperReport>

275
security-c4po-reporting/src/main/resources/jasper/reports/c4po_pentests_findings_only.jrxml Normal file
View File

@ -0,0 +1,275 @@
<?xml version="1.0" encoding="UTF-8"?>
<!-- Created with Jaspersoft Studio version 6.20.0.final using JasperReports Library version 6.20.0-2bc7ab61c56f459e8176eb05c7705e145cd400ad -->
<jasperReport xmlns="http://jasperreports.sourceforge.net/jasperreports" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://jasperreports.sourceforge.net/jasperreports http://jasperreports.sourceforge.net/xsd/jasperreport.xsd" name="C4PO_Pentest" pageWidth="595" pageHeight="842" columnWidth="555" leftMargin="20" rightMargin="20" topMargin="20" bottomMargin="20" uuid="d4d219cb-f6cb-4f7b-9d33-c00b82eaa1b7">
<property name="com.jaspersoft.studio.data.defaultdataadapter" value="ProjectPentestReportJasperData Template JSON Adapter"/>
<style name="Table_TH" mode="Opaque" backcolor="#232B44">
<box>
<pen lineWidth="0.5" lineColor="#151B2E"/>
<topPen lineWidth="0.5" lineColor="#151B2E"/>
<leftPen lineWidth="0.5" lineColor="#151B2E"/>
<bottomPen lineWidth="0.5" lineColor="#151B2E"/>
<rightPen lineWidth="0.5" lineColor="#151B2E"/>
</box>
</style>
<style name="Table_CH" mode="Opaque" backcolor="#FFFFFF">
<box>
<pen lineWidth="0.5" lineColor="#151B2E"/>
<topPen lineWidth="0.5" lineColor="#151B2E"/>
<leftPen lineWidth="0.5" lineColor="#151B2E"/>
<bottomPen lineWidth="0.5" lineColor="#151B2E"/>
<rightPen lineWidth="0.5" lineColor="#151B2E"/>
</box>
</style>
<style name="Table_TD" mode="Opaque" backcolor="#FFFFFF">
<box>
<pen lineWidth="0.5" lineColor="#151B2E"/>
<topPen lineWidth="0.5" lineColor="#151B2E"/>
<leftPen lineWidth="0.5" lineColor="#151B2E"/>
<bottomPen lineWidth="0.5" lineColor="#151B2E"/>
<rightPen lineWidth="0.5" lineColor="#151B2E"/>
</box>
</style>
<style name="Table 1_TH" mode="Opaque" backcolor="#232B44">
<box>
<pen lineWidth="0.5" lineColor="#232B44"/>
<topPen lineWidth="0.5" lineColor="#232B44"/>
<leftPen lineWidth="0.5" lineColor="#232B44"/>
<bottomPen lineWidth="0.5" lineColor="#232B44"/>
<rightPen lineWidth="0.5" lineColor="#232B44"/>
</box>
</style>
<style name="Table 1_CH" mode="Opaque" backcolor="#FFFFFF">
<box>
<pen lineWidth="0.5" lineColor="#232B44"/>
<topPen lineWidth="0.5" lineColor="#232B44"/>
<leftPen lineWidth="0.5" lineColor="#232B44"/>
<bottomPen lineWidth="0.5" lineColor="#232B44"/>
<rightPen lineWidth="0.5" lineColor="#232B44"/>
</box>
</style>
<style name="Table 1_TD" mode="Opaque" backcolor="#FFFFFF">
<box>
<pen lineWidth="0.5" lineColor="#232B44"/>
<topPen lineWidth="0.5" lineColor="#232B44"/>
<leftPen lineWidth="0.5" lineColor="#232B44"/>
<bottomPen lineWidth="0.5" lineColor="#232B44"/>
<rightPen lineWidth="0.5" lineColor="#232B44"/>
</box>
</style>
<subDataset name="projectPentestReport Sub Datasource" uuid="f4b3a379-ea17-4640-8dfc-e04d6c738694">
<property name="com.jaspersoft.studio.data.defaultdataadapter" value="ProjectReportData JSON Adapter"/>
<queryString language="json">
<![CDATA[projectPentestReport]]>
</queryString>
<field name="id" class="java.lang.String">
<property name="net.sf.jasperreports.json.field.expression" value="id"/>
<fieldDescription><![CDATA[id]]></fieldDescription>
</field>
<field name="category" class="java.lang.String">
<property name="net.sf.jasperreports.json.field.expression" value="category"/>
<fieldDescription><![CDATA[category]]></fieldDescription>
</field>
<field name="refNumber" class="java.lang.String">
<property name="net.sf.jasperreports.json.field.expression" value="refNumber"/>
<fieldDescription><![CDATA[refNumber]]></fieldDescription>
</field>
<field name="findings" class="java.lang.String">
<property name="net.sf.jasperreports.json.field.expression" value="findings"/>
<fieldDescription><![CDATA[findings]]></fieldDescription>
</field>
<field name="comments" class="java.lang.String">
<property name="net.sf.jasperreports.json.field.expression" value="comments"/>
<fieldDescription><![CDATA[comments]]></fieldDescription>
</field>
<field name="status" class="java.lang.String">
<property name="net.sf.jasperreports.json.field.expression" value="status"/>
<fieldDescription><![CDATA[status]]></fieldDescription>
</field>
<group name="id">
<groupExpression><![CDATA[$F{id}]]></groupExpression>
</group>
<group name="category">
<groupExpression><![CDATA[$F{category}]]></groupExpression>
</group>
<group name="refNumber">
<groupExpression><![CDATA[$F{refNumber}]]></groupExpression>
</group>
<group name="findings">
<groupExpression><![CDATA[$F{findings}]]></groupExpression>
</group>
<group name="comments">
<groupExpression><![CDATA[$F{comments}]]></groupExpression>
</group>
<group name="status">
<groupExpression><![CDATA[$F{status}]]></groupExpression>
</group>
</subDataset>
<subDataset name="findings Sub Datasource" uuid="ef4e1d36-83dd-461c-b31f-0c517e3f3da7">
<property name="com.jaspersoft.studio.data.defaultdataadapter" value="ProjectReportData JSON Adapter"/>
<queryString language="json">
<![CDATA[projectPentestReport.findings]]>
</queryString>
<field name="id" class="java.lang.String">
<property name="net.sf.jasperreports.json.field.expression" value="id"/>
<fieldDescription><![CDATA[id]]></fieldDescription>
</field>
<field name="severity" class="java.lang.String">
<property name="net.sf.jasperreports.json.field.expression" value="severity"/>
<fieldDescription><![CDATA[severity]]></fieldDescription>
</field>
<field name="title" class="java.lang.String">
<property name="net.sf.jasperreports.json.field.expression" value="title"/>
<fieldDescription><![CDATA[title]]></fieldDescription>
</field>
<field name="description" class="java.lang.String">
<property name="net.sf.jasperreports.json.field.expression" value="description"/>
<fieldDescription><![CDATA[description]]></fieldDescription>
</field>
<field name="impact" class="java.lang.String">
<property name="net.sf.jasperreports.json.field.expression" value="impact"/>
<fieldDescription><![CDATA[impact]]></fieldDescription>
</field>
<field name="affectedUrls" class="java.lang.String">
<property name="net.sf.jasperreports.json.field.expression" value="affectedUrls"/>
<fieldDescription><![CDATA[affectedUrls]]></fieldDescription>
</field>
<field name="reproduction" class="java.lang.String">
<property name="net.sf.jasperreports.json.field.expression" value="reproduction"/>
<fieldDescription><![CDATA[reproduction]]></fieldDescription>
</field>
<field name="mitigation" class="java.lang.String">
<property name="net.sf.jasperreports.json.field.expression" value="mitigation"/>
<fieldDescription><![CDATA[mitigation]]></fieldDescription>
</field>
<group name="id">
<groupExpression><![CDATA[$F{id}]]></groupExpression>
</group>
<group name="severity">
<groupExpression><![CDATA[$F{severity}]]></groupExpression>
</group>
<group name="title">
<groupExpression><![CDATA[$F{title}]]></groupExpression>
</group>
<group name="description">
<groupExpression><![CDATA[$F{description}]]></groupExpression>
</group>
<group name="impact">
<groupExpression><![CDATA[$F{impact}]]></groupExpression>
</group>
<group name="affectedUrls">
<groupExpression><![CDATA[$F{affectedUrls}]]></groupExpression>
</group>
<group name="reproduction">
<groupExpression><![CDATA[$F{reproduction}]]></groupExpression>
</group>
<group name="mitigation">
<groupExpression><![CDATA[$F{mitigation}]]></groupExpression>
</group>
</subDataset>
<subDataset name="Findingstable" uuid="a71c37db-6f21-464d-af41-45f08103128e">
<property name="com.jaspersoft.studio.data.defaultdataadapter" value="ProjectPentestReportJasperData Template JSON Adapter"/>
<queryString language="JSON">
<![CDATA[comments]]>
</queryString>
<field name="id" class="java.lang.String">
<property name="net.sf.jasperreports.json.field.expression" value="id"/>
<fieldDescription><![CDATA[id]]></fieldDescription>
</field>
<field name="severity" class="java.lang.String"/>
<field name="title" class="java.lang.String">
<property name="net.sf.jasperreports.json.field.expression" value="title"/>
<fieldDescription><![CDATA[title]]></fieldDescription>
</field>
<field name="description" class="java.lang.String">
<property name="net.sf.jasperreports.json.field.expression" value="description"/>
<fieldDescription><![CDATA[description]]></fieldDescription>
</field>
<field name="impact" class="java.lang.String"/>
<field name="affectedUrls" class="java.lang.String">
<property name="net.sf.jasperreports.json.field.expression" value="relatedFindings"/>
<fieldDescription><![CDATA[affectedUrls]]></fieldDescription>
</field>
<field name="reproduction" class="java.lang.String"/>
<field name="mitigation" class="java.lang.String"/>
</subDataset>
<parameter name="PentestFindingsDataSource" class="net.sf.jasperreports.engine.data.JRBeanCollectionDataSource"/>
<queryString language="JSON">
<![CDATA[projectPentestReport]]>
</queryString>
<field name="id" class="java.lang.String">
<property name="net.sf.jasperreports.json.field.expression" value="id"/>
<fieldDescription><![CDATA[id]]></fieldDescription>
</field>
<field name="category" class="java.lang.String">
<property name="net.sf.jasperreports.json.field.expression" value="category"/>
<fieldDescription><![CDATA[category]]></fieldDescription>
</field>
<field name="refNumber" class="java.lang.String">
<property name="net.sf.jasperreports.json.field.expression" value="refNumber"/>
<fieldDescription><![CDATA[refNumber]]></fieldDescription>
</field>
<field name="findings" class="java.lang.String">
<property name="net.sf.jasperreports.json.field.expression" value="findings"/>
<fieldDescription><![CDATA[findings]]></fieldDescription>
</field>
<field name="comments" class="java.lang.String">
<property name="net.sf.jasperreports.json.field.expression" value="comments"/>
<fieldDescription><![CDATA[comments]]></fieldDescription>
</field>
<field name="status" class="java.lang.String">
<property name="net.sf.jasperreports.json.field.expression" value="status"/>
<fieldDescription><![CDATA[status]]></fieldDescription>
</field>
<title>
<band height="72" splitType="Stretch">
<rectangle>
<reportElement x="-20" y="25" width="556" height="27" forecolor="#151B2E" backcolor="#151B2E" uuid="59b22cf7-d319-4712-8bc3-080a2dc98c07"/>
<graphicElement>
<pen lineWidth="0.0"/>
</graphicElement>
</rectangle>
<textField>
<reportElement x="0" y="29" width="526" height="20" forecolor="#FFFFFF" uuid="cf5ab715-1c59-49a9-a718-7f2ddcc75513"/>
<textElement verticalAlignment="Middle">
<font fontName="SansSerif" size="14" isBold="false"/>
</textElement>
<textFieldExpression><![CDATA[$F{refNumber}]]></textFieldExpression>
</textField>
<rectangle>
<reportElement x="-20" y="0" width="556" height="27" forecolor="#232B44" backcolor="#232B44" uuid="8939c5a8-c4d4-42e9-89ec-c5469a4219f2"/>
<graphicElement>
<pen lineWidth="0.0"/>
</graphicElement>
</rectangle>
<textField>
<reportElement x="0" y="3" width="526" height="20" forecolor="#FFFFFF" uuid="1b13855e-35d0-4dbd-8faf-a018bd43e6a4"/>
<textElement verticalAlignment="Middle">
<font fontName="SansSerif" size="14" isBold="true"/>
</textElement>
<textFieldExpression><![CDATA[$F{category}]]></textFieldExpression>
</textField>
<ellipse>
<reportElement x="512" y="0" width="48" height="52" backcolor="#232B44" uuid="311e91fb-e1e5-4846-99d7-59673c4de40f"/>
<graphicElement>
<pen lineWidth="0.0" lineColor="#232B44"/>
</graphicElement>
</ellipse>
<image>
<reportElement x="524" y="13" width="24" height="27" uuid="01ae010d-be6b-4696-b696-e27ba95164ae"/>
<imageExpression><![CDATA["/Users/mhg/Documents/Projects/security-c4po/security-c4po-reporting/src/main/resources/jasper/Watermark.png"]]></imageExpression>
</image>
</band>
</title>
<detail>
<band height="611" splitType="Stretch">
<subreport isUsingCache="false" runToBottom="false">
<reportElement x="0" y="0" width="554" height="611" isRemoveLineWhenBlank="true" uuid="5b74c6df-2b20-462b-bfbb-be7d3efee10f"/>
<subreportParameter name="PentestFindingsDataSource">
<subreportParameterExpression><![CDATA[]]></subreportParameterExpression>
</subreportParameter>
<dataSourceExpression><![CDATA[$P{PentestFindingsDataSource}]]></dataSourceExpression>
<subreportExpression><![CDATA["./src/main/resources/jasper/subreports/"+"FindingsSubreport.jasper"]]></subreportExpression>
</subreport>
</band>
</detail>
</jasperReport>

BIN
security-c4po-reporting/src/main/resources/jasper/subReports/CommentsSubreport.jasper
View File

Binary file not shown.

2
security-c4po-reporting/src/main/resources/jasper/subReports/CommentsSubreport.jrxml
View File

@ -34,7 +34,7 @@
<band splitType="Stretch"/>
</background>
<detail>
<band height="280" splitType="Stretch">
<band height="580" splitType="Stretch">
<staticText>
<reportElement x="0" y="50" width="100" height="19" forecolor="#232B44" uuid="27e653a4-f25c-4e14-a2dd-98639beaa958"/>
<textElement>

BIN
security-c4po-reporting/src/main/resources/jasper/subReports/FindingsSubreport.jasper
View File

Binary file not shown.

4
security-c4po-reporting/src/main/resources/jasper/subReports/FindingsSubreport.jrxml
View File

@ -72,7 +72,7 @@
<band splitType="Stretch"/>
</background>
<detail>
<band height="600" splitType="Stretch">
<band height="611" splitType="Stretch">
<ellipse>
<reportElement key="" style="SeverityStyles" mode="Opaque" x="445" y="45" width="30" height="30" uuid="5dfe3093-6943-446e-8126-d7230d895b0c"/>
<graphicElement>
@ -183,7 +183,7 @@
<textField textAdjust="StretchHeight">
<reportElement x="460" y="50" width="70" height="20" forecolor="#FEFEFF" uuid="c2c6ef50-1470-41aa-80a1-44db4bbc1b64"/>
<textElement textAlignment="Center" verticalAlignment="Middle">
<font size="12"/>
<font size="12" isBold="true"/>
</textElement>
<textFieldExpression><![CDATA[$F{severity}]]></textFieldExpression>
</textField>