Skip to content

Commit

Permalink
update reporter view functions
Browse files Browse the repository at this point in the history
  • Loading branch information
@BenediktMKuehne
BenediktMKuehne committed Jul 8, 2024
1 parent f262e3c commit d17f674
Show file tree
Hide file tree
Showing 4 changed files with 45 additions and 39 deletions.
3 changes: 2 additions & 1 deletion embark/reporter/urls.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,9 +10,10 @@

# view routing
urlpatterns = [
# TODO get rid of the emba log paths
path(settings.EMBA_LOG_URL + '<uuid:analysis_id>/emba_logs/html-report/<str:html_file>', views.html_report, name='embark-html-report-index'),
path(settings.EMBA_LOG_URL + '<uuid:analysis_id>/emba_logs/html-report/style/<str:img_file>', views.html_report_resource, name='embark-html-report-resource'),
path(settings.EMBA_LOG_URL + '<uuid:analysis_id>/emba_logs/html-report/<path:html_path>/<str:file>', views.html_report_path, name='embark-html-report-path'),

path('get_load/', views.get_load, name='embark-get-load'),
path('get_individual_report/<uuid:analysis_id>/', views.get_individual_report, name='embark-get-individual-report'),
path('get_accumulated_reports/', views.get_accumulated_reports, name='embark-get-accumulated-reports'),
Expand Down
77 changes: 41 additions & 36 deletions embark/reporter/views.py
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
# pylint: disable=W0613,C0206
# pylint: disable=C0206
__copyright__ = 'Copyright 2021-2024 Siemens Energy AG'
__author__ = 'Benedikt Kuehne'
__license__ = 'MIT'
Expand All @@ -11,6 +11,7 @@

from operator import itemgetter
from http import HTTPStatus
import re
from shutil import move
import codecs
from uuid import UUID
Expand Down Expand Up @@ -47,14 +48,17 @@ def reports(request):
@require_http_methods(["GET"])
@login_required(login_url='/' + settings.LOGIN_URL)
def html_report(request, analysis_id, html_file):
report_path = Path(f'{settings.EMBA_LOG_ROOT}{request.path[10:]}')
if FirmwareAnalysis.objects.filter(id=analysis_id).exists():
analysis = FirmwareAnalysis.objects.get(id=analysis_id)
if analysis.hidden is False or analysis.user == request.user or request.user.is_superuser:
html_body = get_template(report_path)
logger.debug("html_report - analysis_id: %s html_file: %s", analysis_id, html_file)
return HttpResponse(html_body.render({'embarkBackUrl': reverse('embark-ReportDashboard')}))
messages.error(request, "User not authorized")
# make sure the html file is valid
html_file_pattern = re.compile(r'^[\w,\s-]+\.html$')
if html_file.endswith('.html') and bool(re.match(html_file_pattern, html_file)):
report_path = Path(f'{settings.EMBA_LOG_ROOT}/{analysis_id}/emba_logs/html-report/{html_file}')
if FirmwareAnalysis.objects.filter(id=analysis_id).exists():
analysis = FirmwareAnalysis.objects.get(id=analysis_id)
if analysis.hidden is False or analysis.user == request.user or request.user.is_superuser:
html_body = get_template(report_path)
logger.debug("html_report - analysis_id: %s html_file: %s", analysis_id, html_file)
return HttpResponse(html_body.render({'embarkBackUrl': reverse('embark-ReportDashboard')}))
messages.error(request, "User not authorized")
logger.error("could not get template - %s", request)
return redirect("..")

Expand All @@ -63,7 +67,7 @@ def html_report(request, analysis_id, html_file):
@login_required(login_url='/' + settings.LOGIN_URL)
def html_report_path(request, analysis_id, html_path, file):
"""
The functions needs to either server html files or provide download
The functions needs to either server html files or provide download
"""
if FirmwareAnalysis.objects.filter(id=analysis_id).exists():
analysis = FirmwareAnalysis.objects.get(id=analysis_id)
Expand Down Expand Up @@ -118,32 +122,33 @@ def html_report_path(request, analysis_id, html_path, file):
@require_http_methods(["GET"])
@login_required(login_url='/' + settings.LOGIN_URL)
def html_report_resource(request, analysis_id, img_file):
if FirmwareAnalysis.objects.filter(id=analysis_id).exists():
analysis = FirmwareAnalysis.objects.get(id=analysis_id)
if analysis.hidden is False or analysis.user == request.user or request.user.is_superuser:
content_type = "text/plain"

if img_file.endswith(".css"):
content_type = "text/css"
elif img_file.endswith(".svg"):
content_type = "image/svg+xml"
elif img_file.endswith(".png"):
content_type = "image/png"

resource_path = Path(f'{settings.EMBA_LOG_ROOT}{request.path[10:]}')
logger.info("html_report_resource - analysis_id: %s request.path: %s", analysis_id, request.path)

try:
# CodeQL issue is not relevant as the urls are defined via urls.py
with open(resource_path, "rb") as file_:
return HttpResponse(file_.read(), content_type=content_type)
except IOError as error:
logger.error(error)
logger.error(request.path)
# just in case -> back to report intro
report_path = Path(f'{settings.EMBA_LOG_ROOT}{request.path[10:]}')
html_body = get_template(report_path)
return HttpResponse(html_body.render())
# make sure the html file is valid
img_file_pattern = re.compile(r'^[\w,\s-]+\.+(css|svg|png)$')
if bool(re.match(img_file_pattern, img_file)):
if FirmwareAnalysis.objects.filter(id=analysis_id).exists():
analysis = FirmwareAnalysis.objects.get(id=analysis_id)
if analysis.hidden is False or analysis.user == request.user or request.user.is_superuser:
content_type = "text/plain"

if img_file.endswith(".css"):
content_type = "text/css"
elif img_file.endswith(".svg"):
content_type = "image/svg+xml"
elif img_file.endswith(".png"):
content_type = "image/png"

resource_path = Path(f'{settings.EMBA_LOG_ROOT}/{analysis_id}/emba_logs/html-report/style/{img_file}')
logger.info("html_report_resource - analysis_id: %s request.path: %s", analysis_id, request.path)

try:
# CodeQL issue is not relevant as the urls are defined via urls.py
with open(resource_path, "rb") as file_:
return HttpResponse(file_.read(), content_type=content_type)
except IOError as error:
logger.error(error)
logger.error(request.path)
logger.error("could not get path - %s", request)
return redirect("..")


@require_http_methods(["GET"])
Expand Down
2 changes: 1 addition & 1 deletion embark/templates/dashboard/individualReportDashboard.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@ <h1><center>Firmware security scanning details</center></h1>
<table class="table table-striped table-borderless table-individualrep">
<div class="buttonRow d-flex">
<!-- Quick and dirty JS solution. Need to fix the report id for using django mechanisms -->
<form action={% url 'embark-html-report' analysis_id 'index.html' %} method='get'>
<form action={% url 'embark-html-report-index' analysis_id 'index.html' %} method='get'>
<button class="btn buttonRowElem" type="submit">Open Report</button>
</form>
<form action={% url 'embark-download' analysis_id %} method='get'>
Expand Down
2 changes: 1 addition & 1 deletion embark/templates/dashboard/reportDashboard.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -115,7 +115,7 @@
<button type="submit" class="btn buttonRowElem" >Make Zip of EMBA-logs</button>
</form>
{% endif %}
<form action={% url 'embark-html-report' firmware.id 'index.html' %} method='get'>
<form action={% url 'embark-html-report-index' firmware.id 'index.html' %} method='get'>
<button type="submit" class="btn buttonRowElem" >Open Report</button>
</form>
<form action={% url 'embark-IndividualReportDashboard' firmware.id %} method='get'>
Expand Down

0 comments on commit d17f674

Please sign in to comment.