From c52f5ed71e958c91b4609d3ee844b649a5b8d791 Mon Sep 17 00:00:00 2001 From: monsieurswag Date: Tue, 4 Jun 2024 12:33:56 +0200 Subject: [PATCH 01/18] Handle invalid library storing exceptions --- .../management/commands/storelibraries.py | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) diff --git a/backend/library/management/commands/storelibraries.py b/backend/library/management/commands/storelibraries.py index 36e2d3288..5f7c88d4e 100644 --- a/backend/library/management/commands/storelibraries.py +++ b/backend/library/management/commands/storelibraries.py @@ -25,12 +25,18 @@ def handle(self, *args, **options): library_files = [path] for fname in library_files: # logger.info("Begin library file storage", filename=fname) - library = StoredLibrary.store_library_file(fname, True) - if library: - logger.info( - "Successfully stored library", - filename=fname, - library=library, + try : + library = StoredLibrary.store_library_file(fname, True) + if library: + logger.info( + "Successfully stored library", + filename=fname, + library=library, + ) + except : + logger.error( + "Invalid library file", + filename=fname ) # else: # logger.info("Library is up to date", filename=fname) From 7885a475871e4affc03676b7f7323f15bb83a935 Mon Sep 17 00:00:00 2001 From: monsieurswag Date: Tue, 4 Jun 2024 12:34:51 +0200 Subject: [PATCH 02/18] Formatter Remove useless comment --- backend/library/management/commands/storelibraries.py | 11 +++-------- 1 file changed, 3 insertions(+), 8 deletions(-) diff --git a/backend/library/management/commands/storelibraries.py b/backend/library/management/commands/storelibraries.py index 5f7c88d4e..4ac126240 100644 --- a/backend/library/management/commands/storelibraries.py +++ b/backend/library/management/commands/storelibraries.py @@ -25,7 +25,7 @@ def handle(self, *args, **options): library_files = [path] for fname in library_files: # logger.info("Begin library file storage", filename=fname) - try : + try: library = StoredLibrary.store_library_file(fname, True) if library: logger.info( @@ -33,10 +33,5 @@ def handle(self, *args, **options): filename=fname, library=library, ) - except : - logger.error( - "Invalid library file", - filename=fname - ) - # else: - # logger.info("Library is up to date", filename=fname) + except: + logger.error("Invalid library file", filename=fname) From fb8a92a22cffa13b62b24679500fcf8c62c3dc0c Mon Sep 17 00:00:00 2001 From: monsieurswag Date: Wed, 5 Jun 2024 10:44:06 +0200 Subject: [PATCH 03/18] A toast is now displayed in the frontend and some backend bugs has been fixed --- MUDA.yaml | 3 +++ backend/core/models.py | 2 ++ backend/library/views.py | 2 +- 3 files changed, 6 insertions(+), 1 deletion(-) create mode 100644 MUDA.yaml diff --git a/MUDA.yaml b/MUDA.yaml new file mode 100644 index 000000000..4c3cd1c69 --- /dev/null +++ b/MUDA.yaml @@ -0,0 +1,3 @@ +THIS IS NOT VALID YAML +WOWOWOWOOWOWOWOWOW +SWAGSWAGSWAGSWAG \ No newline at end of file diff --git a/backend/core/models.py b/backend/core/models.py index f3da6da5c..43bb9a888 100644 --- a/backend/core/models.py +++ b/backend/core/models.py @@ -135,6 +135,8 @@ def store_library_content( return None # We do not store the library if its hash checksum is in the database. try: library_data = yaml.safe_load(library_content) + if not isinstance(library_data,dict) : + raise yaml.YAMLError(f"The YAML content must be a dictionary but it's been interpreted as a {type(library_data).__name__} !") except yaml.YAMLError as e: logger.error("Error while loading library content", error=e) raise e diff --git a/backend/library/views.py b/backend/library/views.py index d587fd549..217135b05 100644 --- a/backend/library/views.py +++ b/backend/library/views.py @@ -1,4 +1,4 @@ -import json +import json, yaml from django.db import IntegrityError from rest_framework import viewsets, status from rest_framework.status import ( From edd951851ee4acdd5d7329b20a03feb2271b1735 Mon Sep 17 00:00:00 2001 From: monsieurswag Date: Wed, 5 Jun 2024 10:58:53 +0200 Subject: [PATCH 04/18] Remove POJO warning --- frontend/src/routes/(app)/libraries/+page.server.ts | 1 + 1 file changed, 1 insertion(+) diff --git a/frontend/src/routes/(app)/libraries/+page.server.ts b/frontend/src/routes/(app)/libraries/+page.server.ts index 774b4a5e7..ff1f1e1ca 100644 --- a/frontend/src/routes/(app)/libraries/+page.server.ts +++ b/frontend/src/routes/(app)/libraries/+page.server.ts @@ -103,6 +103,7 @@ export const actions: Actions = { translate_error ?? m.libraryLoadingError() + '(' + response.error + ')'; setFlash({ type: 'error', message: toast_error_message }, event); + delete form.data["file"]; // This removes a warning: Cannot stringify arbitrary non-POJOs (data..form.data.file) return fail(400, { form }); } setFlash({ type: 'success', message: m.librarySuccessfullyLoaded() }, event); From c19e0367c58ec267f59aaf224747689be517a045 Mon Sep 17 00:00:00 2001 From: monsieurswag Date: Wed, 5 Jun 2024 11:42:34 +0200 Subject: [PATCH 05/18] Formatter Remove useless test file --- MUDA.yaml | 3 --- backend/core/models.py | 6 ++++-- frontend/src/routes/(app)/libraries/+page.server.ts | 2 +- 3 files changed, 5 insertions(+), 6 deletions(-) delete mode 100644 MUDA.yaml diff --git a/MUDA.yaml b/MUDA.yaml deleted file mode 100644 index 4c3cd1c69..000000000 --- a/MUDA.yaml +++ /dev/null @@ -1,3 +0,0 @@ -THIS IS NOT VALID YAML -WOWOWOWOOWOWOWOWOW -SWAGSWAGSWAGSWAG \ No newline at end of file diff --git a/backend/core/models.py b/backend/core/models.py index 43bb9a888..bdbc1d14a 100644 --- a/backend/core/models.py +++ b/backend/core/models.py @@ -135,8 +135,10 @@ def store_library_content( return None # We do not store the library if its hash checksum is in the database. try: library_data = yaml.safe_load(library_content) - if not isinstance(library_data,dict) : - raise yaml.YAMLError(f"The YAML content must be a dictionary but it's been interpreted as a {type(library_data).__name__} !") + if not isinstance(library_data, dict): + raise yaml.YAMLError( + f"The YAML content must be a dictionary but it's been interpreted as a {type(library_data).__name__} !" + ) except yaml.YAMLError as e: logger.error("Error while loading library content", error=e) raise e diff --git a/frontend/src/routes/(app)/libraries/+page.server.ts b/frontend/src/routes/(app)/libraries/+page.server.ts index ff1f1e1ca..79c029389 100644 --- a/frontend/src/routes/(app)/libraries/+page.server.ts +++ b/frontend/src/routes/(app)/libraries/+page.server.ts @@ -103,7 +103,7 @@ export const actions: Actions = { translate_error ?? m.libraryLoadingError() + '(' + response.error + ')'; setFlash({ type: 'error', message: toast_error_message }, event); - delete form.data["file"]; // This removes a warning: Cannot stringify arbitrary non-POJOs (data..form.data.file) + delete form.data['file']; // This removes a warning: Cannot stringify arbitrary non-POJOs (data..form.data.file) return fail(400, { form }); } setFlash({ type: 'success', message: m.librarySuccessfullyLoaded() }, event); From 357aaf8d1dc5d74aed8e300cb2949db6bfb3ae77 Mon Sep 17 00:00:00 2001 From: monsieurswag Date: Wed, 5 Jun 2024 12:37:54 +0200 Subject: [PATCH 06/18] Fix error toast not showing with invalid extensions --- backend/library/views.py | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/backend/library/views.py b/backend/library/views.py index 217135b05..cf6efce07 100644 --- a/backend/library/views.py +++ b/backend/library/views.py @@ -1,4 +1,4 @@ -import json, yaml +import json from django.db import IntegrityError from rest_framework import viewsets, status from rest_framework.status import ( @@ -181,13 +181,12 @@ def upload_library(self, request): json.dumps({"error": "libraryAlreadyLoadedError"}), status=HTTP_400_BAD_REQUEST, ) - except yaml.YAMLError: + except: return HttpResponse( json.dumps({"error": "invalidLibraryFileError"}), status=HTTP_400_BAD_REQUEST, ) - class LoadedLibraryViewSet(viewsets.ModelViewSet): # serializer_class = LoadedLibrarySerializer # parser_classes = [FileUploadParser] From e815e58bf432642b2e717a81717e4147a4bba7bd Mon Sep 17 00:00:00 2001 From: monsieurswag Date: Wed, 5 Jun 2024 14:10:09 +0200 Subject: [PATCH 07/18] Formatter --- backend/library/views.py | 1 + 1 file changed, 1 insertion(+) diff --git a/backend/library/views.py b/backend/library/views.py index cf6efce07..ee918145d 100644 --- a/backend/library/views.py +++ b/backend/library/views.py @@ -187,6 +187,7 @@ def upload_library(self, request): status=HTTP_400_BAD_REQUEST, ) + class LoadedLibraryViewSet(viewsets.ModelViewSet): # serializer_class = LoadedLibrarySerializer # parser_classes = [FileUploadParser] From 366f9a6e2c614f7b8d65a02cdfaf8e385b254b5d Mon Sep 17 00:00:00 2001 From: Mohamed-Hacene <90701924+Mohamed-Hacene@users.noreply.github.com> Date: Wed, 5 Jun 2024 17:52:55 +0200 Subject: [PATCH 08/18] =?UTF-8?q?chore:=20update=20translations=20with=20F?= =?UTF-8?q?ink=20=F0=9F=90=A6?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- frontend/messages/de.json | 8 ++++---- frontend/messages/en.json | 2 +- frontend/messages/es.json | 14 +++++++------- frontend/messages/fr.json | 2 +- frontend/messages/it.json | 8 ++++---- frontend/messages/nl.json | 8 ++++---- frontend/messages/pt.json | 2 +- 7 files changed, 22 insertions(+), 22 deletions(-) diff --git a/frontend/messages/de.json b/frontend/messages/de.json index 4fac1d0f2..3ad2af7f5 100644 --- a/frontend/messages/de.json +++ b/frontend/messages/de.json @@ -460,7 +460,7 @@ "domainManager": "Domänen-Manager", "analyst": "Analyst", "successfullyCreatedObject": "Das {object} Objekt wurde erfolgreich erstellt", - "successfullyUpdatedObject": "Das {object} Objekt: {name} wurde erfolgreich aktualisiert", + "successfullyUpdatedObject": "Das {object} Objekt wurde erfolgreich aktualisiert", "successfullySavedObject": "Das {object} Objekt wurde erfolgreich gespeichert", "successfullyDeletedObject": "Das {object} Objekt wurde erfolgreich gelöscht", "successfullyDeletedLibrary": "Die Bibliothek wurde erfolgreich gelöscht", @@ -474,7 +474,6 @@ "attachmentDeleted": "Der Anhang wurde erfolgreich gelöscht", "librarySuccessfullyLoaded": "Die Bibliothek wurde erfolgreich geladen", "noLibraryDetected": "Keine Bibliothek erkannt", - "errorImportingLibrary": "Fehler beim Importieren der Bibliothek", "passwordSuccessfullyChanged": "Ihr Passwort wurde erfolgreich geändert", "passwordSuccessfullyReset": "Ihr Passwort wurde erfolgreich zurückgesetzt", "passwordSuccessfullySet": "Ihr Passwort wurde erfolgreich festgelegt", @@ -498,7 +497,6 @@ "lowSOK": "Die Wissensstärke zur Unterstützung der Bewertung ist niedrig", "mediumSOK": "Die Wissensstärke zur Unterstützung der Bewertung ist mittel", "highSOK": "Die Wissensstärke zur Unterstützung der Bewertung ist hoch", - "libraryImportError": "Beim Importieren Ihrer Bibliothek ist ein Fehler aufgetreten.", "libraryAlreadyLoadedError": "Diese Bibliothek wurde bereits geladen.", "invalidLibraryFileError": "Ungültige Bibliotheksdatei. Stellen Sie sicher, dass das Format korrekt ist.", "taintedFormMessage": "Möchten Sie diese Seite verlassen? Änderungen, die Sie vorgenommen haben, werden möglicherweise nicht gespeichert.", @@ -554,5 +552,7 @@ "appliedControlNoReferenceControl": "Für die angewandte Steuerung ist keine Referenzsteuerung ausgewählt", "evidenceNoFile": "Für den Beweis wurde keine Datei hochgeladen", "requirementAppliedControlHelpText": "Mit den ausgewählten Maßnahmen verknüpfte Nachweise werden automatisch der Anforderung zugeordnet.", - "requirementEvidenceHelpText": "Über diese Registerkarte können Sie der Anforderung weitere Nachweise hinzufügen." + "requirementEvidenceHelpText": "Über diese Registerkarte können Sie der Anforderung weitere Nachweise hinzufügen.", + "errorImportingLibrary": "Fehler beim Importieren der Bibliothek", + "libraryImportError": "Beim Importieren Ihrer Bibliothek ist ein Fehler aufgetreten." } diff --git a/frontend/messages/en.json b/frontend/messages/en.json index 86a0394c4..14bfeda40 100644 --- a/frontend/messages/en.json +++ b/frontend/messages/en.json @@ -460,7 +460,7 @@ "domainManager": "Domain manager", "analyst": "Analyst", "successfullyCreatedObject": "The {object} object has been successfully created", - "successfullyUpdatedObject": "The {object} object: {name} has been successfully updated", + "successfullyUpdatedObject": "The {object} object has been successfully updated", "successfullySavedObject": "The {object} object has been successfully saved", "successfullyDeletedObject": "The {object} object has been successfully deleted", "successfullyDeletedLibrary": "The library has been successfully deleted", diff --git a/frontend/messages/es.json b/frontend/messages/es.json index 5857d54b0..0f3d938ed 100644 --- a/frontend/messages/es.json +++ b/frontend/messages/es.json @@ -460,7 +460,7 @@ "domainManager": "Gerente de dominio", "analyst": "Analista", "successfullyCreatedObject": "El objeto {object} se ha creado con éxito", - "successfullyUpdatedObject": "El objeto {object}: {name} se ha actualizado con éxito", + "successfullyUpdatedObject": "El objeto se ha actualizado con éxito", "successfullySavedObject": "El objeto {object} se ha guardado con éxito", "successfullyDeletedObject": "El objeto {object} se ha eliminado con éxito", "successfullyDeletedLibrary": "La biblioteca se ha eliminado con éxito", @@ -474,7 +474,6 @@ "attachmentDeleted": "El adjunto se ha eliminado con éxito", "librarySuccessfullyLoaded": "La biblioteca se ha cargado con éxito", "noLibraryDetected": "No se detectó ninguna biblioteca", - "errorImportingLibrary": "Error al importar la biblioteca", "passwordSuccessfullyChanged": "Su contraseña se ha cambiado con éxito", "passwordSuccessfullyReset": "Su contraseña se ha restablecido con éxito", "passwordSuccessfullySet": "Su contraseña se ha establecido con éxito", @@ -498,7 +497,6 @@ "lowSOK": "La fortaleza del conocimiento que respalda la evaluación es baja", "mediumSOK": "La fortaleza del conocimiento que respalda la evaluación es media", "highSOK": "La fortaleza del conocimiento que respalda la evaluación es alta", - "libraryImportError": "Ocurrió un error durante la importación de su biblioteca.", "libraryAlreadyLoadedError": "Esta biblioteca ya está cargada.", "invalidLibraryFileError": "Archivo de biblioteca no válido. Asegúrese de que el formato sea correcto.", "taintedFormMessage": "¿Desea abandonar esta página? Es posible que no se guarden los cambios que haya realizado.", @@ -529,6 +527,9 @@ "asZIP": "como ZIP", "incoming": "Entrante", "outdated": "Desactualizado", + "goBackToAudit": "Volver a la auditoría", + "exportBackupDescription": "Esto serializará y creará una copia de seguridad de la base de datos, incluidos los usuarios y RBAC. Las pruebas y otros archivos no se incluyen en la copia de seguridad.", + "importBackupDescription": "Esto deserializará y restaurará la base de datos desde una copia de seguridad. Esto sobrescribirá todos los datos existentes, incluidos los usuarios y RBAC, y no se puede deshacer.", "riskAssessmentInProgress": "La evaluación de riesgos aún está en progreso", "riskAssessmentNoAuthor": "Ningún autor asignado a esta evaluación de riesgos", "riskAssessmentEmpty": "La evaluación de riesgos está vacía. Aún no se ha declarado ningún escenario de riesgo", @@ -550,9 +551,8 @@ "requirementAssessmentNoAppliedControl": "El estado de la evaluación de requisitos es conforme o parcialmente conforme sin que se haya aplicado ningún control.", "appliedControlNoReferenceControl": "El control aplicado no tiene ningún control de referencia seleccionado", "evidenceNoFile": "La evidencia no tiene ningún archivo subido", - "goBackToAudit": "Volver a la auditoría", - "exportBackupDescription": "Esto serializará y creará una copia de seguridad de la base de datos, incluidos los usuarios y RBAC. Las pruebas y otros archivos no se incluyen en la copia de seguridad.", - "importBackupDescription": "Esto deserializará y restaurará la base de datos desde una copia de seguridad. Esto sobrescribirá todos los datos existentes, incluidos los usuarios y RBAC, y no se puede deshacer.", "requirementAppliedControlHelpText": "Las evidencias vinculadas a las medidas seleccionadas se asociarán automáticamente al requisito.", - "requirementEvidenceHelpText": "Esta pestaña le permite agregar evidencias adicionales al requisito." + "requirementEvidenceHelpText": "Esta pestaña le permite agregar evidencias adicionales al requisito.", + "errorImportingLibrary": "Error al importar la biblioteca", + "libraryImportError": "Ocurrió un error durante la importación de su biblioteca." } diff --git a/frontend/messages/fr.json b/frontend/messages/fr.json index 3a5c3ed91..3b7053c16 100644 --- a/frontend/messages/fr.json +++ b/frontend/messages/fr.json @@ -460,7 +460,7 @@ "domainManager": "Gestionnaire de domaine", "analyst": "Analyste", "successfullyCreatedObject": "L'objet {object} a été créé avec succès", - "successfullyUpdatedObject": "L'objet {object}: {name} a été mis à jour avec succès", + "successfullyUpdatedObject": "L'objet {object} a été mis à jour avec succès", "successfullySavedObject": "L'objet {object} a été enregistré avec succès", "successfullyDeletedObject": "L'objet {object} a été supprimé avec succès", "successfullyDeletedLibrary": "La librairie a été supprimée avec succès", diff --git a/frontend/messages/it.json b/frontend/messages/it.json index 9cd9f51e7..f69780295 100644 --- a/frontend/messages/it.json +++ b/frontend/messages/it.json @@ -460,7 +460,7 @@ "domainManager": "Manager di dominio", "analyst": "Analista", "successfullyCreatedObject": "L'oggetto {object} è stato creato con successo", - "successfullyUpdatedObject": "L'oggetto {object}: {name} è stato aggiornato con successo", + "successfullyUpdatedObject": "L'oggetto {object} è stato aggiornato con successo", "successfullySavedObject": "L'oggetto {object} è stato salvato con successo", "successfullyDeletedObject": "L'oggetto {object} è stato eliminato con successo", "successfullyDeletedLibrary": "La biblioteca è stata eliminata con successo", @@ -474,7 +474,6 @@ "attachmentDeleted": "L'allegato è stato eliminato con successo", "librarySuccessfullyLoaded": "La biblioteca è stata caricata con successo", "noLibraryDetected": "Nessuna biblioteca rilevata", - "errorImportingLibrary": "Errore durante l'importazione della biblioteca", "passwordSuccessfullyChanged": "La tua password è stata cambiata con successo", "passwordSuccessfullyReset": "La tua password è stata reimpostata con successo", "passwordSuccessfullySet": "La tua password è stata impostata con successo", @@ -498,7 +497,6 @@ "lowSOK": "La forza della conoscenza che supporta la valutazione è bassa", "mediumSOK": "La forza della conoscenza che supporta la valutazione è media", "highSOK": "La forza della conoscenza che supporta la valutazione è alta", - "libraryImportError": "Si è verificato un errore durante l'importazione della tua biblioteca.", "libraryAlreadyLoadedError": "Questa biblioteca è già stata caricata.", "invalidLibraryFileError": "File di biblioteca non valido. Assicurati che il formato sia corretto.", "taintedFormMessage": "Vuoi lasciare questa pagina? Le modifiche apportate potrebbero non essere salvate.", @@ -554,5 +552,7 @@ "appliedControlNoReferenceControl": "Per il controllo applicato non è selezionato alcun controllo di riferimento", "evidenceNoFile": "Nessun file è stato caricato nelle prove", "requirementAppliedControlHelpText": "Le evidenze legate alle misure selezionate verranno automaticamente associate al requisito.", - "requirementEvidenceHelpText": "Questa scheda ti consente di aggiungere ulteriori prove al requisito." + "requirementEvidenceHelpText": "Questa scheda ti consente di aggiungere ulteriori prove al requisito.", + "errorImportingLibrary": "Errore durante l'importazione della biblioteca", + "libraryImportError": "Si è verificato un errore durante l'importazione della tua biblioteca." } diff --git a/frontend/messages/nl.json b/frontend/messages/nl.json index dd4b1553a..ef7b95d4f 100644 --- a/frontend/messages/nl.json +++ b/frontend/messages/nl.json @@ -460,7 +460,7 @@ "domainManager": "Domeinbeheerder", "analyst": "Analist", "successfullyCreatedObject": "Het {object} object is succesvol aangemaakt", - "successfullyUpdatedObject": "Het {object} object: {name} is succesvol bijgewerkt", + "successfullyUpdatedObject": "Het {object} object is succesvol bijgewerkt", "successfullySavedObject": "Het {object} object is succesvol opgeslagen", "successfullyDeletedObject": "Het {object} object is succesvol verwijderd", "successfullyDeletedLibrary": "De bibliotheek is succesvol verwijderd", @@ -474,7 +474,6 @@ "attachmentDeleted": "De bijlage is succesvol verwijderd", "librarySuccessfullyLoaded": "De bibliotheek is succesvol geladen", "noLibraryDetected": "Geen bibliotheek gedetecteerd", - "errorImportingLibrary": "Fout bij het importeren van de bibliotheek", "passwordSuccessfullyChanged": "Je wachtwoord is succesvol gewijzigd", "passwordSuccessfullyReset": "Je wachtwoord is succesvol gereset", "passwordSuccessfullySet": "Je wachtwoord is succesvol ingesteld", @@ -498,7 +497,6 @@ "lowSOK": "De sterkte van de kennis die de beoordeling ondersteunt is laag", "mediumSOK": "De sterkte van de kennis die de beoordeling ondersteunt is medium", "highSOK": "De sterkte van de kennis die de beoordeling ondersteunt is hoog", - "libraryImportError": "Er is een fout opgetreden tijdens het importeren van je bibliotheek.", "libraryAlreadyLoadedError": "Deze bibliotheek is al geladen.", "invalidLibraryFileError": "Ongeldig bibliotheekbestand. Zorg ervoor dat het formaat correct is.", "taintedFormMessage": "Wil je deze pagina verlaten? Wijzigingen die je hebt aangebracht, worden mogelijk niet opgeslagen.", @@ -554,5 +552,7 @@ "appliedControlNoReferenceControl": "Voor de toegepaste regeling is geen referentieregeling geselecteerd", "evidenceNoFile": "Er is geen bestand geüpload voor bewijsmateriaal", "requirementAppliedControlHelpText": "Bewijsstukken die verband houden met de geselecteerde maatregelen worden automatisch aan de eis gekoppeld.", - "requirementEvidenceHelpText": "Op dit tabblad kunt u extra bewijsstukken aan de eis toevoegen." + "requirementEvidenceHelpText": "Op dit tabblad kunt u extra bewijsstukken aan de eis toevoegen.", + "errorImportingLibrary": "Fout bij het importeren van de bibliotheek", + "libraryImportError": "Er is een fout opgetreden tijdens het importeren van je bibliotheek." } diff --git a/frontend/messages/pt.json b/frontend/messages/pt.json index e299d4f16..34dc93f79 100644 --- a/frontend/messages/pt.json +++ b/frontend/messages/pt.json @@ -460,7 +460,7 @@ "domainManager": "Gerente de domínio", "analyst": "Analista", "successfullyCreatedObject": "O objeto {object} foi criado com sucesso", - "successfullyUpdatedObject": "O objeto {object}: {name} foi atualizado com sucesso", + "successfullyUpdatedObject": "O objeto {object} foi atualizado com sucesso", "successfullySavedObject": "O objeto {object} foi salvo com sucesso", "successfullyDeletedObject": "O objeto {object} foi excluído com sucesso", "successfullyDeletedLibrary": "A biblioteca foi excluída com sucesso", From b5df860337281327e08c6fa8e6deb9b98b3df8c2 Mon Sep 17 00:00:00 2001 From: Mohamed-Hacene Date: Wed, 5 Jun 2024 17:56:37 +0200 Subject: [PATCH 09/18] chore: remove object name from toast update --- frontend/src/lib/utils/helpers.ts | 13 +++++++++++++ .../[model=urlmodel]/[id=uuid]/edit/+page.server.ts | 3 +-- .../[id=uuid]/+page.server.ts | 2 +- .../risk-scenarios/[id=uuid]/edit/+page.server.ts | 4 ++-- 4 files changed, 17 insertions(+), 5 deletions(-) diff --git a/frontend/src/lib/utils/helpers.ts b/frontend/src/lib/utils/helpers.ts index 6cedab306..f9765afe2 100644 --- a/frontend/src/lib/utils/helpers.ts +++ b/frontend/src/lib/utils/helpers.ts @@ -7,6 +7,19 @@ export function formatStringToDate(inputString: string, locale: string = 'en') { }); } +export const escapeHTML = (str: string) => + str.replace( + /[&<>'"]/g, + tag => + ({ + '&': '&', + '<': '<', + '>': '>', + "'": ''', + '"': '"' + }[tag] || tag) + ); + export const isURL = (url: string) => { try { new URL(url); diff --git a/frontend/src/routes/(app)/[model=urlmodel]/[id=uuid]/edit/+page.server.ts b/frontend/src/routes/(app)/[model=urlmodel]/[id=uuid]/edit/+page.server.ts index acf9a9b47..5bedf83e4 100644 --- a/frontend/src/routes/(app)/[model=urlmodel]/[id=uuid]/edit/+page.server.ts +++ b/frontend/src/routes/(app)/[model=urlmodel]/[id=uuid]/edit/+page.server.ts @@ -93,8 +93,7 @@ export const actions: Actions = { { type: 'success', message: m.successfullyUpdatedObject({ - object: localItems()[toCamelCase(modelVerboseName.toLowerCase())].toLowerCase(), - name: form.data.name + object: localItems()[toCamelCase(modelVerboseName.toLowerCase())].toLowerCase() }) }, event diff --git a/frontend/src/routes/(app)/requirement-assessments/[id=uuid]/+page.server.ts b/frontend/src/routes/(app)/requirement-assessments/[id=uuid]/+page.server.ts index e9ea2f7e2..4e6f7af51 100644 --- a/frontend/src/routes/(app)/requirement-assessments/[id=uuid]/+page.server.ts +++ b/frontend/src/routes/(app)/requirement-assessments/[id=uuid]/+page.server.ts @@ -318,7 +318,7 @@ export const actions: Actions = { setFlash( { type: 'success', - message: m.successfullyUpdatedObject({ object: model, name: form.data.name }) + message: m.successfullyUpdatedObject({ object: model }) }, event ); diff --git a/frontend/src/routes/(app)/risk-scenarios/[id=uuid]/edit/+page.server.ts b/frontend/src/routes/(app)/risk-scenarios/[id=uuid]/edit/+page.server.ts index 4613d49bd..0624aad3b 100644 --- a/frontend/src/routes/(app)/risk-scenarios/[id=uuid]/edit/+page.server.ts +++ b/frontend/src/routes/(app)/risk-scenarios/[id=uuid]/edit/+page.server.ts @@ -223,7 +223,7 @@ export const actions: Actions = { setFlash( { type: 'success', - message: m.successfullyUpdatedObject({ object: modelVerboseName, name: form.data.name }) + message: m.successfullyUpdatedObject({ object: modelVerboseName }) }, event ); @@ -284,7 +284,7 @@ export const actions: Actions = { setFlash( { type: 'success', - message: m.successfullyUpdatedObject({ object: model, name: form.data.name }) + message: m.successfullyUpdatedObject({ object: model }) }, event ); From d92acababd8cf7df011aba82a6b3f307909b302b Mon Sep 17 00:00:00 2001 From: Mohamed-Hacene Date: Wed, 5 Jun 2024 17:58:35 +0200 Subject: [PATCH 10/18] chore: run format --- frontend/src/lib/utils/helpers.ts | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/frontend/src/lib/utils/helpers.ts b/frontend/src/lib/utils/helpers.ts index f9765afe2..0d7a4818f 100644 --- a/frontend/src/lib/utils/helpers.ts +++ b/frontend/src/lib/utils/helpers.ts @@ -8,17 +8,17 @@ export function formatStringToDate(inputString: string, locale: string = 'en') { } export const escapeHTML = (str: string) => - str.replace( - /[&<>'"]/g, - tag => - ({ - '&': '&', - '<': '<', - '>': '>', - "'": ''', - '"': '"' - }[tag] || tag) - ); + str.replace( + /[&<>'"]/g, + (tag) => + ({ + '&': '&', + '<': '<', + '>': '>', + "'": ''', + '"': '"' + }[tag] || tag) + ); export const isURL = (url: string) => { try { From 9a73662e6bf7e854d0b42c2a6f40792c99b5b2bb Mon Sep 17 00:00:00 2001 From: Mohamed-Hacene <90701924+Mohamed-Hacene@users.noreply.github.com> Date: Wed, 5 Jun 2024 18:01:08 +0200 Subject: [PATCH 11/18] =?UTF-8?q?chore:=20update=20translations=20with=20F?= =?UTF-8?q?ink=20=F0=9F=90=A6?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- frontend/messages/de.json | 2 +- frontend/messages/en.json | 2 +- frontend/messages/es.json | 2 +- frontend/messages/fr.json | 2 +- frontend/messages/it.json | 2 +- frontend/messages/nl.json | 2 +- frontend/messages/pt.json | 2 +- 7 files changed, 7 insertions(+), 7 deletions(-) diff --git a/frontend/messages/de.json b/frontend/messages/de.json index 3ad2af7f5..cf21b2510 100644 --- a/frontend/messages/de.json +++ b/frontend/messages/de.json @@ -480,7 +480,7 @@ "passwordSuccessfullySetWelcome": "Ihr Passwort wurde erfolgreich festgelegt. Willkommen bei CISO Assistant!", "waitBeforeRequestingResetLink": "Warten Sie {timing} Sekunden, bevor Sie einen neuen Zurücksetzungslink anfordern", "resetLinkSent": "Die Anfrage wurde erhalten, Sie sollten einen Zurücksetzungslink an die folgende Adresse erhalten: {email}", - "riskAcceptanceStateDoesntAllowEdit": "Der Status der Risikoakzeptanz: {riskAcceptance} erlaubt keine Bearbeitung", + "riskAcceptanceStateDoesntAllowEdit": "Der Status der Risikoakzeptanz erlaubt keine Bearbeitung", "associatedRequirements": "Zugehörige Anforderungen", "isPublished": "Ist veröffentlicht", "suggestedReferenceControls": "Vorgeschlagene Referenzkontrollen", diff --git a/frontend/messages/en.json b/frontend/messages/en.json index 14bfeda40..b99941bf5 100644 --- a/frontend/messages/en.json +++ b/frontend/messages/en.json @@ -487,7 +487,7 @@ "passwordSuccessfullySetWelcome": "Your password has been successfully set. Welcome to CISO Assistant!", "waitBeforeRequestingResetLink": "Please wait {timing}sec before requesting a new reset link", "resetLinkSent": "The request has been received, you should receive a reset link at the following address: {email}", - "riskAcceptanceStateDoesntAllowEdit": "The state of risk acceptance: {riskAcceptance} doesn't allow it to be edited", + "riskAcceptanceStateDoesntAllowEdit": "The state of risk acceptance doesn't allow it to be edited", "associatedRequirements": "Associated requirements", "isPublished": "Is published", "suggestedReferenceControls": "Suggested reference controls", diff --git a/frontend/messages/es.json b/frontend/messages/es.json index 0f3d938ed..f4f8623f2 100644 --- a/frontend/messages/es.json +++ b/frontend/messages/es.json @@ -480,7 +480,7 @@ "passwordSuccessfullySetWelcome": "Su contraseña se ha establecido con éxito. ¡Bienvenido a CISO Assistant!", "waitBeforeRequestingResetLink": "Espere {timing} segundos antes de solicitar un nuevo enlace de restablecimiento", "resetLinkSent": "Se ha recibido la solicitud, debe recibir un enlace de restablecimiento en la siguiente dirección: {email}", - "riskAcceptanceStateDoesntAllowEdit": "El estado de aceptación de riesgos: {riskAcceptance} no permite editarlo", + "riskAcceptanceStateDoesntAllowEdit": "El estado de aceptación de riesgos no permite editarlo", "associatedRequirements": "Requisitos asociados", "isPublished": "Está publicado", "suggestedReferenceControls": "Controles de referencia sugeridos", diff --git a/frontend/messages/fr.json b/frontend/messages/fr.json index 3b7053c16..1123a1729 100644 --- a/frontend/messages/fr.json +++ b/frontend/messages/fr.json @@ -487,7 +487,7 @@ "passwordSuccessfullySetWelcome": "Votre mot de passe a été défini avec succès. Bienvenue sur CISO Assistant !", "waitBeforeRequestingResetLink": "Veuillez patienter {timing}sec avant de demander un nouveau lien de réinitialisation.", "resetLinkSent": "La demande a été reçue, vous devriez recevoir un lien de réinitialisation à l'adresse suivante : {email}", - "riskAcceptanceStateDoesntAllowEdit": "L'état d'acceptation du risque : {riskAcceptance} ne permet pas de le modifier", + "riskAcceptanceStateDoesntAllowEdit": "L'état d'acceptation du risque ne permet pas de le modifier", "associatedRequirements": "Exigences associées", "isPublished": "Publié", "suggestedReferenceControls": "Mesures de référence suggérées", diff --git a/frontend/messages/it.json b/frontend/messages/it.json index f69780295..9ed5622e9 100644 --- a/frontend/messages/it.json +++ b/frontend/messages/it.json @@ -480,7 +480,7 @@ "passwordSuccessfullySetWelcome": "La tua password è stata impostata con successo. Benvenuto in CISO Assistant!", "waitBeforeRequestingResetLink": "Attendi {timing} secondi prima di richiedere un nuovo link di reimpostazione", "resetLinkSent": "La richiesta è stata ricevuta, dovresti ricevere un link di reimpostazione al seguente indirizzo: {email}", - "riskAcceptanceStateDoesntAllowEdit": "Lo stato di accettazione del rischio: {riskAcceptance} non consente la modifica", + "riskAcceptanceStateDoesntAllowEdit": "Lo stato di accettazione del rischio non consente la modifica", "associatedRequirements": "Requisiti associati", "isPublished": "È pubblicato", "suggestedReferenceControls": "Controlli di riferimento suggeriti", diff --git a/frontend/messages/nl.json b/frontend/messages/nl.json index ef7b95d4f..95aac26c7 100644 --- a/frontend/messages/nl.json +++ b/frontend/messages/nl.json @@ -480,7 +480,7 @@ "passwordSuccessfullySetWelcome": "Je wachtwoord is succesvol ingesteld. Welkom bij CISO Assistant!", "waitBeforeRequestingResetLink": "Wacht {timing}sec voordat je een nieuwe resetlink aanvraagt", "resetLinkSent": "Het verzoek is ontvangen, je zou een resetlink moeten ontvangen op het volgende adres: {email}", - "riskAcceptanceStateDoesntAllowEdit": "De staat van risicoacceptatie: {riskAcceptance} staat het niet toe om bewerkt te worden", + "riskAcceptanceStateDoesntAllowEdit": "De staat van risicoacceptatie staat het niet toe om bewerkt te worden", "associatedRequirements": "Geassocieerde eisen", "isPublished": "Is gepubliceerd", "suggestedReferenceControls": "Voorgestelde referentiecontroles", diff --git a/frontend/messages/pt.json b/frontend/messages/pt.json index 34dc93f79..9b9f91a0c 100644 --- a/frontend/messages/pt.json +++ b/frontend/messages/pt.json @@ -487,7 +487,7 @@ "passwordSuccessfullySetWelcome": "Sua senha foi definida com sucesso. Bem-vindo ao CISO Assistant!", "waitBeforeRequestingResetLink": "Aguarde {timing} segundos antes de solicitar um novo link de redefinição", "resetLinkSent": "A solicitação foi recebida, você deve receber um link de redefinição no seguinte endereço: {email}", - "riskAcceptanceStateDoesntAllowEdit": "O estado da aceitação de risco: {riskAcceptance} não permite que ele seja editado", + "riskAcceptanceStateDoesntAllowEdit": "O estado da aceitação de risco não permite que ele seja editado", "associatedRequirements": "Requisitos associados", "isPublished": "Está publicado", "suggestedReferenceControls": "Controles de referência sugeridos", From bd64507326e459f8d137741f9390adf8b2905795 Mon Sep 17 00:00:00 2001 From: Mohamed-Hacene Date: Wed, 5 Jun 2024 18:01:50 +0200 Subject: [PATCH 12/18] chore: remove risk acceptance name in toast --- .../(app)/[model=urlmodel]/[id=uuid]/edit/+layout.server.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/frontend/src/routes/(app)/[model=urlmodel]/[id=uuid]/edit/+layout.server.ts b/frontend/src/routes/(app)/[model=urlmodel]/[id=uuid]/edit/+layout.server.ts index 063d5075f..d35adbfed 100644 --- a/frontend/src/routes/(app)/[model=urlmodel]/[id=uuid]/edit/+layout.server.ts +++ b/frontend/src/routes/(app)/[model=urlmodel]/[id=uuid]/edit/+layout.server.ts @@ -29,7 +29,7 @@ export const load: LayoutServerLoad = async (event) => { setFlash( { type: 'error', - message: m.riskAcceptanceStateDoesntAllowEdit({ riskAcceptance: riskAcceptance.name }) + message: m.riskAcceptanceStateDoesntAllowEdit() }, event ); From 3549bfd5180e3a846f27d3a91ce116d32193deb8 Mon Sep 17 00:00:00 2001 From: eric-intuitem <71850047+eric-intuitem@users.noreply.github.com> Date: Wed, 5 Jun 2024 18:26:34 +0200 Subject: [PATCH 13/18] =?UTF-8?q?Revert=20"chore:=20update=20translations?= =?UTF-8?q?=20with=20Fink=20=F0=9F=90=A6"?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This reverts commit 366f9a6e2c614f7b8d65a02cdfaf8e385b254b5d. --- frontend/messages/de.json | 8 ++++---- frontend/messages/en.json | 2 +- frontend/messages/es.json | 14 +++++++------- frontend/messages/fr.json | 2 +- frontend/messages/it.json | 8 ++++---- frontend/messages/nl.json | 8 ++++---- frontend/messages/pt.json | 2 +- 7 files changed, 22 insertions(+), 22 deletions(-) diff --git a/frontend/messages/de.json b/frontend/messages/de.json index 3ad2af7f5..4fac1d0f2 100644 --- a/frontend/messages/de.json +++ b/frontend/messages/de.json @@ -460,7 +460,7 @@ "domainManager": "Domänen-Manager", "analyst": "Analyst", "successfullyCreatedObject": "Das {object} Objekt wurde erfolgreich erstellt", - "successfullyUpdatedObject": "Das {object} Objekt wurde erfolgreich aktualisiert", + "successfullyUpdatedObject": "Das {object} Objekt: {name} wurde erfolgreich aktualisiert", "successfullySavedObject": "Das {object} Objekt wurde erfolgreich gespeichert", "successfullyDeletedObject": "Das {object} Objekt wurde erfolgreich gelöscht", "successfullyDeletedLibrary": "Die Bibliothek wurde erfolgreich gelöscht", @@ -474,6 +474,7 @@ "attachmentDeleted": "Der Anhang wurde erfolgreich gelöscht", "librarySuccessfullyLoaded": "Die Bibliothek wurde erfolgreich geladen", "noLibraryDetected": "Keine Bibliothek erkannt", + "errorImportingLibrary": "Fehler beim Importieren der Bibliothek", "passwordSuccessfullyChanged": "Ihr Passwort wurde erfolgreich geändert", "passwordSuccessfullyReset": "Ihr Passwort wurde erfolgreich zurückgesetzt", "passwordSuccessfullySet": "Ihr Passwort wurde erfolgreich festgelegt", @@ -497,6 +498,7 @@ "lowSOK": "Die Wissensstärke zur Unterstützung der Bewertung ist niedrig", "mediumSOK": "Die Wissensstärke zur Unterstützung der Bewertung ist mittel", "highSOK": "Die Wissensstärke zur Unterstützung der Bewertung ist hoch", + "libraryImportError": "Beim Importieren Ihrer Bibliothek ist ein Fehler aufgetreten.", "libraryAlreadyLoadedError": "Diese Bibliothek wurde bereits geladen.", "invalidLibraryFileError": "Ungültige Bibliotheksdatei. Stellen Sie sicher, dass das Format korrekt ist.", "taintedFormMessage": "Möchten Sie diese Seite verlassen? Änderungen, die Sie vorgenommen haben, werden möglicherweise nicht gespeichert.", @@ -552,7 +554,5 @@ "appliedControlNoReferenceControl": "Für die angewandte Steuerung ist keine Referenzsteuerung ausgewählt", "evidenceNoFile": "Für den Beweis wurde keine Datei hochgeladen", "requirementAppliedControlHelpText": "Mit den ausgewählten Maßnahmen verknüpfte Nachweise werden automatisch der Anforderung zugeordnet.", - "requirementEvidenceHelpText": "Über diese Registerkarte können Sie der Anforderung weitere Nachweise hinzufügen.", - "errorImportingLibrary": "Fehler beim Importieren der Bibliothek", - "libraryImportError": "Beim Importieren Ihrer Bibliothek ist ein Fehler aufgetreten." + "requirementEvidenceHelpText": "Über diese Registerkarte können Sie der Anforderung weitere Nachweise hinzufügen." } diff --git a/frontend/messages/en.json b/frontend/messages/en.json index 14bfeda40..86a0394c4 100644 --- a/frontend/messages/en.json +++ b/frontend/messages/en.json @@ -460,7 +460,7 @@ "domainManager": "Domain manager", "analyst": "Analyst", "successfullyCreatedObject": "The {object} object has been successfully created", - "successfullyUpdatedObject": "The {object} object has been successfully updated", + "successfullyUpdatedObject": "The {object} object: {name} has been successfully updated", "successfullySavedObject": "The {object} object has been successfully saved", "successfullyDeletedObject": "The {object} object has been successfully deleted", "successfullyDeletedLibrary": "The library has been successfully deleted", diff --git a/frontend/messages/es.json b/frontend/messages/es.json index 0f3d938ed..5857d54b0 100644 --- a/frontend/messages/es.json +++ b/frontend/messages/es.json @@ -460,7 +460,7 @@ "domainManager": "Gerente de dominio", "analyst": "Analista", "successfullyCreatedObject": "El objeto {object} se ha creado con éxito", - "successfullyUpdatedObject": "El objeto se ha actualizado con éxito", + "successfullyUpdatedObject": "El objeto {object}: {name} se ha actualizado con éxito", "successfullySavedObject": "El objeto {object} se ha guardado con éxito", "successfullyDeletedObject": "El objeto {object} se ha eliminado con éxito", "successfullyDeletedLibrary": "La biblioteca se ha eliminado con éxito", @@ -474,6 +474,7 @@ "attachmentDeleted": "El adjunto se ha eliminado con éxito", "librarySuccessfullyLoaded": "La biblioteca se ha cargado con éxito", "noLibraryDetected": "No se detectó ninguna biblioteca", + "errorImportingLibrary": "Error al importar la biblioteca", "passwordSuccessfullyChanged": "Su contraseña se ha cambiado con éxito", "passwordSuccessfullyReset": "Su contraseña se ha restablecido con éxito", "passwordSuccessfullySet": "Su contraseña se ha establecido con éxito", @@ -497,6 +498,7 @@ "lowSOK": "La fortaleza del conocimiento que respalda la evaluación es baja", "mediumSOK": "La fortaleza del conocimiento que respalda la evaluación es media", "highSOK": "La fortaleza del conocimiento que respalda la evaluación es alta", + "libraryImportError": "Ocurrió un error durante la importación de su biblioteca.", "libraryAlreadyLoadedError": "Esta biblioteca ya está cargada.", "invalidLibraryFileError": "Archivo de biblioteca no válido. Asegúrese de que el formato sea correcto.", "taintedFormMessage": "¿Desea abandonar esta página? Es posible que no se guarden los cambios que haya realizado.", @@ -527,9 +529,6 @@ "asZIP": "como ZIP", "incoming": "Entrante", "outdated": "Desactualizado", - "goBackToAudit": "Volver a la auditoría", - "exportBackupDescription": "Esto serializará y creará una copia de seguridad de la base de datos, incluidos los usuarios y RBAC. Las pruebas y otros archivos no se incluyen en la copia de seguridad.", - "importBackupDescription": "Esto deserializará y restaurará la base de datos desde una copia de seguridad. Esto sobrescribirá todos los datos existentes, incluidos los usuarios y RBAC, y no se puede deshacer.", "riskAssessmentInProgress": "La evaluación de riesgos aún está en progreso", "riskAssessmentNoAuthor": "Ningún autor asignado a esta evaluación de riesgos", "riskAssessmentEmpty": "La evaluación de riesgos está vacía. Aún no se ha declarado ningún escenario de riesgo", @@ -551,8 +550,9 @@ "requirementAssessmentNoAppliedControl": "El estado de la evaluación de requisitos es conforme o parcialmente conforme sin que se haya aplicado ningún control.", "appliedControlNoReferenceControl": "El control aplicado no tiene ningún control de referencia seleccionado", "evidenceNoFile": "La evidencia no tiene ningún archivo subido", + "goBackToAudit": "Volver a la auditoría", + "exportBackupDescription": "Esto serializará y creará una copia de seguridad de la base de datos, incluidos los usuarios y RBAC. Las pruebas y otros archivos no se incluyen en la copia de seguridad.", + "importBackupDescription": "Esto deserializará y restaurará la base de datos desde una copia de seguridad. Esto sobrescribirá todos los datos existentes, incluidos los usuarios y RBAC, y no se puede deshacer.", "requirementAppliedControlHelpText": "Las evidencias vinculadas a las medidas seleccionadas se asociarán automáticamente al requisito.", - "requirementEvidenceHelpText": "Esta pestaña le permite agregar evidencias adicionales al requisito.", - "errorImportingLibrary": "Error al importar la biblioteca", - "libraryImportError": "Ocurrió un error durante la importación de su biblioteca." + "requirementEvidenceHelpText": "Esta pestaña le permite agregar evidencias adicionales al requisito." } diff --git a/frontend/messages/fr.json b/frontend/messages/fr.json index 3b7053c16..3a5c3ed91 100644 --- a/frontend/messages/fr.json +++ b/frontend/messages/fr.json @@ -460,7 +460,7 @@ "domainManager": "Gestionnaire de domaine", "analyst": "Analyste", "successfullyCreatedObject": "L'objet {object} a été créé avec succès", - "successfullyUpdatedObject": "L'objet {object} a été mis à jour avec succès", + "successfullyUpdatedObject": "L'objet {object}: {name} a été mis à jour avec succès", "successfullySavedObject": "L'objet {object} a été enregistré avec succès", "successfullyDeletedObject": "L'objet {object} a été supprimé avec succès", "successfullyDeletedLibrary": "La librairie a été supprimée avec succès", diff --git a/frontend/messages/it.json b/frontend/messages/it.json index f69780295..9cd9f51e7 100644 --- a/frontend/messages/it.json +++ b/frontend/messages/it.json @@ -460,7 +460,7 @@ "domainManager": "Manager di dominio", "analyst": "Analista", "successfullyCreatedObject": "L'oggetto {object} è stato creato con successo", - "successfullyUpdatedObject": "L'oggetto {object} è stato aggiornato con successo", + "successfullyUpdatedObject": "L'oggetto {object}: {name} è stato aggiornato con successo", "successfullySavedObject": "L'oggetto {object} è stato salvato con successo", "successfullyDeletedObject": "L'oggetto {object} è stato eliminato con successo", "successfullyDeletedLibrary": "La biblioteca è stata eliminata con successo", @@ -474,6 +474,7 @@ "attachmentDeleted": "L'allegato è stato eliminato con successo", "librarySuccessfullyLoaded": "La biblioteca è stata caricata con successo", "noLibraryDetected": "Nessuna biblioteca rilevata", + "errorImportingLibrary": "Errore durante l'importazione della biblioteca", "passwordSuccessfullyChanged": "La tua password è stata cambiata con successo", "passwordSuccessfullyReset": "La tua password è stata reimpostata con successo", "passwordSuccessfullySet": "La tua password è stata impostata con successo", @@ -497,6 +498,7 @@ "lowSOK": "La forza della conoscenza che supporta la valutazione è bassa", "mediumSOK": "La forza della conoscenza che supporta la valutazione è media", "highSOK": "La forza della conoscenza che supporta la valutazione è alta", + "libraryImportError": "Si è verificato un errore durante l'importazione della tua biblioteca.", "libraryAlreadyLoadedError": "Questa biblioteca è già stata caricata.", "invalidLibraryFileError": "File di biblioteca non valido. Assicurati che il formato sia corretto.", "taintedFormMessage": "Vuoi lasciare questa pagina? Le modifiche apportate potrebbero non essere salvate.", @@ -552,7 +554,5 @@ "appliedControlNoReferenceControl": "Per il controllo applicato non è selezionato alcun controllo di riferimento", "evidenceNoFile": "Nessun file è stato caricato nelle prove", "requirementAppliedControlHelpText": "Le evidenze legate alle misure selezionate verranno automaticamente associate al requisito.", - "requirementEvidenceHelpText": "Questa scheda ti consente di aggiungere ulteriori prove al requisito.", - "errorImportingLibrary": "Errore durante l'importazione della biblioteca", - "libraryImportError": "Si è verificato un errore durante l'importazione della tua biblioteca." + "requirementEvidenceHelpText": "Questa scheda ti consente di aggiungere ulteriori prove al requisito." } diff --git a/frontend/messages/nl.json b/frontend/messages/nl.json index ef7b95d4f..dd4b1553a 100644 --- a/frontend/messages/nl.json +++ b/frontend/messages/nl.json @@ -460,7 +460,7 @@ "domainManager": "Domeinbeheerder", "analyst": "Analist", "successfullyCreatedObject": "Het {object} object is succesvol aangemaakt", - "successfullyUpdatedObject": "Het {object} object is succesvol bijgewerkt", + "successfullyUpdatedObject": "Het {object} object: {name} is succesvol bijgewerkt", "successfullySavedObject": "Het {object} object is succesvol opgeslagen", "successfullyDeletedObject": "Het {object} object is succesvol verwijderd", "successfullyDeletedLibrary": "De bibliotheek is succesvol verwijderd", @@ -474,6 +474,7 @@ "attachmentDeleted": "De bijlage is succesvol verwijderd", "librarySuccessfullyLoaded": "De bibliotheek is succesvol geladen", "noLibraryDetected": "Geen bibliotheek gedetecteerd", + "errorImportingLibrary": "Fout bij het importeren van de bibliotheek", "passwordSuccessfullyChanged": "Je wachtwoord is succesvol gewijzigd", "passwordSuccessfullyReset": "Je wachtwoord is succesvol gereset", "passwordSuccessfullySet": "Je wachtwoord is succesvol ingesteld", @@ -497,6 +498,7 @@ "lowSOK": "De sterkte van de kennis die de beoordeling ondersteunt is laag", "mediumSOK": "De sterkte van de kennis die de beoordeling ondersteunt is medium", "highSOK": "De sterkte van de kennis die de beoordeling ondersteunt is hoog", + "libraryImportError": "Er is een fout opgetreden tijdens het importeren van je bibliotheek.", "libraryAlreadyLoadedError": "Deze bibliotheek is al geladen.", "invalidLibraryFileError": "Ongeldig bibliotheekbestand. Zorg ervoor dat het formaat correct is.", "taintedFormMessage": "Wil je deze pagina verlaten? Wijzigingen die je hebt aangebracht, worden mogelijk niet opgeslagen.", @@ -552,7 +554,5 @@ "appliedControlNoReferenceControl": "Voor de toegepaste regeling is geen referentieregeling geselecteerd", "evidenceNoFile": "Er is geen bestand geüpload voor bewijsmateriaal", "requirementAppliedControlHelpText": "Bewijsstukken die verband houden met de geselecteerde maatregelen worden automatisch aan de eis gekoppeld.", - "requirementEvidenceHelpText": "Op dit tabblad kunt u extra bewijsstukken aan de eis toevoegen.", - "errorImportingLibrary": "Fout bij het importeren van de bibliotheek", - "libraryImportError": "Er is een fout opgetreden tijdens het importeren van je bibliotheek." + "requirementEvidenceHelpText": "Op dit tabblad kunt u extra bewijsstukken aan de eis toevoegen." } diff --git a/frontend/messages/pt.json b/frontend/messages/pt.json index 34dc93f79..e299d4f16 100644 --- a/frontend/messages/pt.json +++ b/frontend/messages/pt.json @@ -460,7 +460,7 @@ "domainManager": "Gerente de domínio", "analyst": "Analista", "successfullyCreatedObject": "O objeto {object} foi criado com sucesso", - "successfullyUpdatedObject": "O objeto {object} foi atualizado com sucesso", + "successfullyUpdatedObject": "O objeto {object}: {name} foi atualizado com sucesso", "successfullySavedObject": "O objeto {object} foi salvo com sucesso", "successfullyDeletedObject": "O objeto {object} foi excluído com sucesso", "successfullyDeletedLibrary": "A biblioteca foi excluída com sucesso", From 3be9d84fde17f3a84b1e4b96e6237d94046a2792 Mon Sep 17 00:00:00 2001 From: Mohamed-Hacene Date: Wed, 5 Jun 2024 19:20:50 +0200 Subject: [PATCH 14/18] feat: sanitize name field with bleach --- backend/core/serializers.py | 9 ++++++++- backend/requirements.txt | 1 + 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/backend/core/serializers.py b/backend/core/serializers.py index da403d712..a22b77c93 100644 --- a/backend/core/serializers.py +++ b/backend/core/serializers.py @@ -1,6 +1,7 @@ from typing import Any from ciso_assistant.settings import EMAIL_HOST, EMAIL_HOST_RESCUE + from core.models import * from iam.models import * @@ -10,7 +11,7 @@ from django.db import models from core.serializer_fields import FieldsRelatedField -import structlog +import structlog, bleach logger = structlog.get_logger(__name__) @@ -51,6 +52,12 @@ def create(self, validated_data: Any): except Exception as e: logger.error(e) raise serializers.ValidationError(e.args[0]) + + def validate_name(self, value): + clean_value = bleach.clean(value, tags=[], attributes={}) + if clean_value != value: + raise serializers.ValidationError("The name must not contain characters from HTML tags or attributes.") + return value class Meta: model: models.Model diff --git a/backend/requirements.txt b/backend/requirements.txt index f019233cc..571f62f8c 100644 --- a/backend/requirements.txt +++ b/backend/requirements.txt @@ -19,3 +19,4 @@ python-dotenv==1.0.1 drf-spectacular==0.27.2 django-rest-knox==4.2.0 pre-commit==3.7.0 +bleach==6.1.0 \ No newline at end of file From 4362b0363be58ea55e88a964be722d7f0fea704e Mon Sep 17 00:00:00 2001 From: Mohamed-Hacene Date: Wed, 5 Jun 2024 19:23:18 +0200 Subject: [PATCH 15/18] chore: remove dead code --- frontend/src/routes/(app)/libraries/[id=urn]/+page.server.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/frontend/src/routes/(app)/libraries/[id=urn]/+page.server.ts b/frontend/src/routes/(app)/libraries/[id=urn]/+page.server.ts index 6e325042e..64f9bbfd0 100644 --- a/frontend/src/routes/(app)/libraries/[id=urn]/+page.server.ts +++ b/frontend/src/routes/(app)/libraries/[id=urn]/+page.server.ts @@ -32,7 +32,7 @@ export const actions: Actions = { setFlash( { type: 'error', - message: localItems(languageTag())[resText] + message: localItems()[resText] }, event ); From fd27915eee97ec3e9c0e945d5211b599a7ab9cdd Mon Sep 17 00:00:00 2001 From: Mohamed-Hacene Date: Wed, 5 Jun 2024 19:35:15 +0200 Subject: [PATCH 16/18] fix: toasts test --- frontend/tests/utils/page-detail.ts | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/frontend/tests/utils/page-detail.ts b/frontend/tests/utils/page-detail.ts index b022a5225..4fbc77d1c 100644 --- a/frontend/tests/utils/page-detail.ts +++ b/frontend/tests/utils/page-detail.ts @@ -33,8 +33,8 @@ export class PageDetail extends BasePage { await this.isToastVisible( 'The .+: ' + - ({ ...buildParams, ...editedValues }.name || { ...buildParams, ...editedValues }.email) + - ' has been successfully updated' + ({ ...buildParams, ...editedValues }.email) ?? '' + + 'object has been successfully updated' ); return editedValues; } From 349f93df22a57aff5081c2fe8c89a385cbf3cd43 Mon Sep 17 00:00:00 2001 From: Mohamed-Hacene Date: Wed, 5 Jun 2024 19:37:12 +0200 Subject: [PATCH 17/18] style: run format --- backend/core/serializers.py | 6 ++++-- frontend/tests/utils/page-detail.ts | 5 ++--- 2 files changed, 6 insertions(+), 5 deletions(-) diff --git a/backend/core/serializers.py b/backend/core/serializers.py index a22b77c93..f595ea25f 100644 --- a/backend/core/serializers.py +++ b/backend/core/serializers.py @@ -52,11 +52,13 @@ def create(self, validated_data: Any): except Exception as e: logger.error(e) raise serializers.ValidationError(e.args[0]) - + def validate_name(self, value): clean_value = bleach.clean(value, tags=[], attributes={}) if clean_value != value: - raise serializers.ValidationError("The name must not contain characters from HTML tags or attributes.") + raise serializers.ValidationError( + "The name must not contain characters from HTML tags or attributes." + ) return value class Meta: diff --git a/frontend/tests/utils/page-detail.ts b/frontend/tests/utils/page-detail.ts index 4fbc77d1c..6e0891cd4 100644 --- a/frontend/tests/utils/page-detail.ts +++ b/frontend/tests/utils/page-detail.ts @@ -32,9 +32,8 @@ export class PageDetail extends BasePage { await this.form.saveButton.click(); await this.isToastVisible( - 'The .+: ' + - ({ ...buildParams, ...editedValues }.email) ?? '' + - 'object has been successfully updated' + 'The .+: ' + { ...buildParams, ...editedValues }.email ?? + '' + 'object has been successfully updated' ); return editedValues; } From fa115eb640b8765fb8648b1acb02c8b15e5f17e2 Mon Sep 17 00:00:00 2001 From: Mohamed-Hacene Date: Wed, 5 Jun 2024 19:38:44 +0200 Subject: [PATCH 18/18] fix: typo in tests --- frontend/tests/utils/page-detail.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/frontend/tests/utils/page-detail.ts b/frontend/tests/utils/page-detail.ts index 6e0891cd4..e949e30a0 100644 --- a/frontend/tests/utils/page-detail.ts +++ b/frontend/tests/utils/page-detail.ts @@ -32,7 +32,7 @@ export class PageDetail extends BasePage { await this.form.saveButton.click(); await this.isToastVisible( - 'The .+: ' + { ...buildParams, ...editedValues }.email ?? + 'The .+' + { ...buildParams, ...editedValues }.email ?? '' + 'object has been successfully updated' ); return editedValues;