-
Notifications
You must be signed in to change notification settings - Fork 189
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #1169 from dradis/methodologies-api
Methodologies api
- Loading branch information
Showing
70 changed files
with
2,866 additions
and
94 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,2 @@ | ||
v3 (Aug 2023) | ||
- Add Boards, Lists, Cards endpoints. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -51,7 +51,6 @@ def set_node | |
def evidence_params | ||
params.require(:evidence).permit(:content, :issue_id) | ||
end | ||
|
||
end | ||
end | ||
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -52,7 +52,6 @@ def set_node | |
def note_params | ||
params.require(:note).permit(:category_id, :text) | ||
end | ||
|
||
end | ||
end | ||
end |
85 changes: 85 additions & 0 deletions
85
engines/dradis-api/app/controllers/dradis/ce/api/v3/attachments_controller.rb
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,85 @@ | ||
module Dradis::CE::API | ||
module V3 | ||
class AttachmentsController < Dradis::CE::API::APIController | ||
include ActivityTracking | ||
include Dradis::CE::API::ProjectScoped | ||
|
||
before_action :set_node | ||
|
||
skip_before_action :json_required, only: [:create] | ||
|
||
def index | ||
@attachments = @node.attachments.each(&:close) | ||
end | ||
|
||
def show | ||
begin | ||
@attachment = Attachment.find(params[:filename], conditions: { node_id: @node.id }) | ||
rescue | ||
raise ActiveRecord::RecordNotFound, "Couldn't find attachment with filename '#{params[:filename]}'" | ||
end | ||
end | ||
|
||
def create | ||
uploaded_files = params.fetch(:files, []) | ||
|
||
@attachments = [] | ||
uploaded_files.each do |uploaded_file| | ||
attachment_name = NamingService.name_file( | ||
original_filename: uploaded_file.original_filename, | ||
pathname: Attachment.pwd.join(@node.id.to_s) | ||
) | ||
|
||
attachment = Attachment.new(attachment_name, node_id: @node.id) | ||
attachment << uploaded_file.read | ||
attachment.save | ||
|
||
@attachments << attachment | ||
end | ||
|
||
if @attachments.any? && @attachments.count == uploaded_files.count | ||
render status: 201 | ||
else | ||
render status: 422 | ||
end | ||
end | ||
|
||
def update | ||
attachment = Attachment.find(params[:filename], conditions: { node_id: @node.id }) | ||
attachment.close | ||
|
||
begin | ||
new_name = CGI::unescape(attachment_params[:filename]) | ||
destination = Attachment.pwd.join(@node.id.to_s, new_name).to_s | ||
|
||
if !File.exist?(destination) && !destination.match(/^#{Attachment.pwd}/).nil? | ||
File.rename attachment.fullpath, destination | ||
@attachment = Attachment.find(new_name, conditions: { node_id: @node.id }) | ||
else | ||
raise 'Destination file already exists' | ||
end | ||
rescue | ||
@attachment = attachment | ||
render status: 422 | ||
end | ||
end | ||
|
||
def destroy | ||
@attachment = Attachment.find(params[:filename], conditions: { node_id: @node.id }) | ||
@attachment.delete | ||
|
||
render_successful_destroy_message | ||
end | ||
|
||
private | ||
|
||
def set_node | ||
@node = current_project.nodes.find(params[:node_id]) | ||
end | ||
|
||
def attachment_params | ||
params.require(:attachment).permit(:filename) | ||
end | ||
end | ||
end | ||
end |
53 changes: 53 additions & 0 deletions
53
engines/dradis-api/app/controllers/dradis/ce/api/v3/boards_controller.rb
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,53 @@ | ||
module Dradis::CE::API | ||
module V3 | ||
class BoardsController < Dradis::CE::API::APIController | ||
include ActivityTracking | ||
include Dradis::CE::API::ProjectScoped | ||
|
||
def index | ||
@boards = current_project.boards.includes(:lists, lists: [:cards]).order('updated_at desc') | ||
@boards = @boards.page(params[:page].to_i) if params[:page] | ||
end | ||
|
||
def show | ||
@board = current_project.boards.includes(:lists, lists: [:cards]).find(params[:id]) | ||
end | ||
|
||
def create | ||
@board = current_project.boards.new(board_params) | ||
# we are mimicking the hidden_field used in the UI to set the node_id in CE | ||
@board.node_id = current_project.methodology_library.id if !params[:node_id] | ||
|
||
if @board.save | ||
track_created(@board) | ||
render status: 201, location: dradis_api.board_url(@board) | ||
else | ||
render_validation_errors(@board) | ||
end | ||
end | ||
|
||
def update | ||
@board = current_project.boards.find(params[:id]) | ||
if @board.update(board_params) | ||
track_updated(@board) | ||
render board: @board | ||
else | ||
render_validation_errors(@board) | ||
end | ||
end | ||
|
||
def destroy | ||
board = current_project.boards.find(params[:id]) | ||
board.destroy | ||
track_destroyed(board) | ||
render_successful_destroy_message | ||
end | ||
|
||
protected | ||
|
||
def board_params | ||
params.require(:board).permit(:name, :node_id) | ||
end | ||
end | ||
end | ||
end |
64 changes: 64 additions & 0 deletions
64
engines/dradis-api/app/controllers/dradis/ce/api/v3/cards_controller.rb
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,64 @@ | ||
module Dradis::CE::API | ||
module V3 | ||
class CardsController < Dradis::CE::API::APIController | ||
include ActivityTracking | ||
include Dradis::CE::API::ProjectScoped | ||
|
||
before_action :set_board | ||
before_action :set_list | ||
|
||
def index | ||
@cards = @list.cards.includes(:assignees).order('updated_at desc') | ||
@cards = @cards.page(params[:page].to_i) if params[:page] | ||
end | ||
|
||
def show | ||
@card = @list.cards.includes(:assignees).find(params[:id]) | ||
end | ||
|
||
def create | ||
@card = @list.cards.build(card_params) | ||
# Set the new card as the last card of the list | ||
@card.previous_id = @list.last_card.try(:id) | ||
|
||
if @card.save | ||
track_created(@card) | ||
render status: 201, location: board_list_card_path(@board, @list, @card) | ||
else | ||
render_validation_errors(@card) | ||
end | ||
end | ||
|
||
def update | ||
@card = @list.cards.find(params[:id]) | ||
if @card.update(card_params) | ||
track_updated(@card) | ||
render list: @card | ||
else | ||
render_validation_errors(@card) | ||
end | ||
end | ||
|
||
def destroy | ||
@card = @list.cards.find(params[:id]) | ||
@card.destroy | ||
track_destroyed(@card) | ||
render_successful_destroy_message | ||
end | ||
|
||
private | ||
|
||
def set_board | ||
@board = current_project.boards.includes(:lists).find(params[:board_id]) | ||
end | ||
|
||
def set_list | ||
@list = @board.lists.includes(:cards, cards: :assignees).find(params[:list_id]) | ||
end | ||
|
||
def card_params | ||
params.require(:card).permit(:name, :description, :due_date, assignee_ids: []) | ||
end | ||
end | ||
end | ||
end |
Oops, something went wrong.