From eab9f4275894724b8c9cf5481e1cda0cf4f66062 Mon Sep 17 00:00:00 2001 From: BenediktMKuehne Date: Wed, 6 Dec 2023 12:13:43 +0000 Subject: [PATCH 1/4] turn off debugging --- embark/embark/settings/deploy.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/embark/embark/settings/deploy.py b/embark/embark/settings/deploy.py index 35a1078e..933d14ac 100644 --- a/embark/embark/settings/deploy.py +++ b/embark/embark/settings/deploy.py @@ -24,7 +24,7 @@ SECRET_KEY = os.environ.get('SECRET_KEY') # SECURITY WARNING: don't run with debug turned on in production! -DEBUG = True +DEBUG = False ALLOWED_HOSTS = ['*'] From 5388a4d626e148698e19eced0ca4eef7a4366a05 Mon Sep 17 00:00:00 2001 From: BenediktMKuehne Date: Wed, 6 Dec 2023 12:19:41 +0000 Subject: [PATCH 2/4] add first-interaction-workflow from emba --- .github/workflows/first-interaction.yml | 42 +++++++++++++++++++++++++ 1 file changed, 42 insertions(+) create mode 100644 .github/workflows/first-interaction.yml diff --git a/.github/workflows/first-interaction.yml b/.github/workflows/first-interaction.yml new file mode 100644 index 00000000..d1520b67 --- /dev/null +++ b/.github/workflows/first-interaction.yml @@ -0,0 +1,42 @@ +name: First interaction + +on: + - pull_request_target + - issues + +jobs: + build: + runs-on: ubuntu-latest + permissions: + pull-requests: write + issues: write + + steps: + - uses: actions/first-interaction@v1 + with: + repo-token: "${{ secrets.GITHUB_TOKEN }}" + issue-message: | + Thank you for contributing an issue! + + **Welcome to the EMBA firmware analysis community!** + + We are glad you are here and appreciate your contribution. Please keep in mind our contributing guidelines [here](https://github.com/e-m-b-a/embark/blob/master/CONTRIBUTING.md) and [here](https://github.com/e-m-b-a/embark/blob/master/CONTRIBUTORS.md). + Also, please check [existing open issues](https://github.com/e-m-b-a/embark/issues) and consider to open a discussion in the dedicated [discussion area](https://github.com/e-m-b-a/embark/discussions). + Additionally, we have collected a lot of details around EMBArk, the installation and the usage of EMBArk in our [Wiki](https://github.com/e-m-b-a/embark/wiki). + + If you like _EMBA_ you have the chance to support us by becoming a [Sponsor](https://github.com/sponsors/e-m-b-a) or buying some beer [here](https://www.buymeacoffee.com/securefirmware). + + This is an automatic message. Allow for time for the EMBA community to be able to read the issue and comment on it. + + pr-message: | + Thank you for contributing a pull request! + + **Welcome to the EMBA firmware analysis community!** + + We are glad you are here and appreciate your contribution. Please keep in mind our contributing guidelines [here](https://github.com/e-m-b-a/embark/blob/master/CONTRIBUTING.md) and [here](https://github.com/e-m-b-a/embark/blob/master/CONTRIBUTORS.md). + Also, please check [existing open issues](https://github.com/e-m-b-a/embark/issues) and consider to open a discussion in the dedicated [discussion area](https://github.com/e-m-b-a/embark/discussions). + Additionally, we have collected a lot of details around EMBArk, the installation and the usage of EMBArk in our [Wiki](https://github.com/e-m-b-a/embark/wiki). + + If you like _EMBA_ you have the chance to support us by becoming a [Sponsor](https://github.com/sponsors/e-m-b-a) or buying some beer [here](https://www.buymeacoffee.com/securefirmware). + + This is an automatic message. Allow for time for the EMBA community to be able to read the pull request and comment on it. \ No newline at end of file From 3142e43f1a2c374ed61b4159a705981041ae3e64 Mon Sep 17 00:00:00 2001 From: BenediktMKuehne Date: Fri, 8 Dec 2023 12:28:20 +0000 Subject: [PATCH 3/4] clean-up user-app messages --- embark/users/views.py | 75 +++++++++++++++++++++---------------------- 1 file changed, 36 insertions(+), 39 deletions(-) diff --git a/embark/users/views.py b/embark/users/views.py index 945dfe57..fe6cdb1d 100644 --- a/embark/users/views.py +++ b/embark/users/views.py @@ -36,37 +36,25 @@ def register(request): username = body['username'] password = body['password'] confirm_password = body['confirm_password'] - - if password == confirm_password: - logger.debug('Passwords match. Creating user') - user = User.objects.create(username=username) - user.set_password(password) - user.save() - logger.debug('User created') - else: + if password != confirm_password: logger.debug('Passwords do not match') - return render( - request, - 'user/register.html', - {'error_message': True, 'message': 'Passwords do not match.'} - ) - - return render( - request, - 'user/login.html', - {'success_message': True, 'message': 'Registration successful.'} - ) - + messages.success(request, 'Passwords do not match.') + return render(request, 'user/register.html') + logger.debug('Passwords match. Creating user') + user = User.objects.create(username=username) + user.set_password(password) + user.save() + logger.debug('User created') + messages.success(request, 'Registration successful.') + return redirect('../../') except KeyError: logger.exception('Missing keys from data- Username, password, password_confirm') - return render(request, 'user/register.html', {'error_message': True, 'message': 'User data is invalid.'}) + messages.error(request, 'User data is missing/invalid.') + return render(request, 'user/register.html') except builtins.Exception as error: logger.exception('Wide exception in Signup: %s', error) - return render( - request, - 'user/register.html', - {'error_message': True, 'message': 'Something went wrong when signing up the user.'} - ) + messages.error(request, 'Something went wrong when signing up the user.') + return render(request, 'user/register.html') return render(request, 'user/register.html') @@ -83,7 +71,8 @@ def embark_login(request): password = body['password'] except KeyError: logger.exception('Missing keys from data- Username and password') - return render(request, 'user/login.html', {'error_message': True, 'message': 'Username or password are wrong.'}) + messages.error(request, 'Username or password are wrong.') + return render(request, 'user/login.html') logger.debug('Found user name and password') user = authenticate(request, username=username, password=password) @@ -96,12 +85,12 @@ def embark_login(request): return redirect('../../dashboard/main/') # else: logger.debug('User could not be authenticated') - messages.info(request, "Invalid user data") - return render(request, 'user/login.html', {'error_message': True, 'message': 'Invalid user data.'}) + messages.error(request, "Invalid user data") + return render(request, 'user/login.html') except builtins.Exception as error: logger.exception('Wide exception in Signup: %s', error) - messages.info(request, "Invalid user data") - return render(request, 'user/login.html', {'error_message': True, 'message': 'Something went wrong when logging in the user.'}) + messages.error(request, 'Something went wrong when logging in the user.') + return render(request, 'user/login.html') return render(request, 'user/login.html') @@ -110,7 +99,8 @@ def embark_login(request): def embark_logout(request): # FIXME this just flushes session_id??! logout(request=request) logger.debug("Logout user %s", request) - return render(request, 'user/login.html', {'success_message': True, 'message': 'Logout successful.'}) + messages.success(request, 'Logout successful.') + return render(request, 'user/login.html') @login_required(login_url='/' + settings.LOGIN_URL) @@ -132,26 +122,32 @@ def password_change(request): if user.check_password(old_password): if old_password == new_password: logger.debug('New password = old password') - return render(request, 'user/passwordChange.html', {'error_message': True, 'message': 'New password matches the old password'}) + messages.error(request, 'New password matches the old password') + return render(request, 'user/passwordChange.html') if new_password == confirm_password: user.set_password(new_password) user.save() authenticate(request, username=user.username, password=new_password) login(request, user) logger.debug('New password set, user authenticated') - return render(request, 'user/passwordChangeDone.html', {'success_message': True, 'message': 'Password change successful.'}) + messages.success(request, 'Password change successful.') + return render(request, 'user/passwordChangeDone.html') else: logger.debug('Passwords do not match') - return render(request, 'user/passwordChange.html', {'error_message': True, 'message': 'Passwords do not match.'}) + messages.error(request, 'Passwords do not match.') + return render(request, 'user/passwordChange.html') else: logger.debug('Old password is incorrect') - return render(request, 'user/passwordChange.html', {'error_message': True, 'message': 'Old password is incorrect.'}) + messages.error(request, 'Old password is incorrect.') + return render(request, 'user/passwordChange.html') except KeyError: logger.exception('Missing keys from data-passwords') - return render(request, 'user/passwordChange.html', {'error_message': True, 'message': 'Some fields are empty!'}) + messages.error(request, 'Some fields are empty!') + return render(request, 'user/passwordChange.html') except builtins.Exception as error: logger.exception('Wide exception in Password Change: %s', error) - return render(request, 'user/passwordChange.html', {'error_message': True, 'message': 'Something went wrong when changing the password for the user.'}) + messages.error(request, 'Something went wrong when changing the password for the user.') + return render(request, 'user/passwordChange.html') return render(request, 'user/passwordChange.html') @@ -167,7 +163,8 @@ def acc_delete(request): "%H:%M:%S") # workaround for not duplicating entry users_user.username user.is_active = False user.save() - return render(request, 'user/register.html', {'success_message': True, 'message': 'Account successfully deleted.'}) + messages.success(request, 'Account successfully deleted.') + return render(request, 'user/register.html') # TODO should be redirect return render(request, 'user/accountDelete.html') From 3e6d88b0802f3e00872798cd7ff6fb973195da78 Mon Sep 17 00:00:00 2001 From: BenediktMKuehne Date: Fri, 8 Dec 2023 12:28:38 +0000 Subject: [PATCH 4/4] rm non bootstrap messages --- embark/templates/user/login.html | 14 ++------------ 1 file changed, 2 insertions(+), 12 deletions(-) diff --git a/embark/templates/user/login.html b/embark/templates/user/login.html index d0e29bd1..82debb55 100644 --- a/embark/templates/user/login.html +++ b/embark/templates/user/login.html @@ -4,24 +4,14 @@ {% block title %}EMBArk login{% endblock title %} {% block maincontent %}