Merge branch 'develop' into ecs_deploy

Author: tabletcorry

.gitignore

@@ -1,4 +1,7 @@
 *.py[cod]
+.*.swp
+
+# ECS deploy env files
 secmonkey.local.env
 secmonkey.push.env
 

.travis.yml

@@ -29,7 +29,8 @@ matrix:
       - pip install pip --upgrade
       - pip install setuptools --upgrade
       - pip install google-compute-engine
-      - pip install openstacksdk
+      - pip install "os-client-config==1.28.0"
+      - pip install "openstacksdk==0.9.18"
       - pip install cloudaux\[gcp\]
       - pip install cloudaux\[openstack\]
       - pip install -e .
@@ -57,6 +58,7 @@ matrix:
         - coverage run -a -m py.test security_monkey/tests/views || exit 1
         - coverage run -a -m py.test security_monkey/tests/interface || exit 1
         - coverage run -a -m py.test security_monkey/tests/utilities || exit 1
+        - coverage run -a -m py.test security_monkey/tests/sso/header_auth.py || exit 1
         - bandit -r -ll -ii -x security_monkey/tests .
         - pylint -E -d E1101,E0611,F0401 --ignore=service.py,datastore.py,datastore_utils.py,watcher.py,test_celery_scheduler.py security_monkey
         - flake8 . --count --select=E901,E999,F821,F822,F823 --show-source --statistics

Dockerfile

@@ -15,7 +15,7 @@
 FROM ubuntu:xenial
 MAINTAINER Netflix Open Source Development <talent@netflix.com>
 
-ENV SECURITY_MONKEY_VERSION=v1.0 \
+ENV SECURITY_MONKEY_VERSION=v1.1.3 \
     SECURITY_MONKEY_SETTINGS=/usr/local/src/security_monkey/env-config/config-docker.py
 
 SHELL ["/bin/bash", "-c"]

dart/lib/component/dashboard_component/dashboard_component.dart

@@ -92,15 +92,15 @@ class DashboardComponent {
         for (var item in selectedItems) {
             // Add item score to technology map
             if (techScoreMap.containsKey(item.technology)) {
-                techScoreMap[item.technology] = techScoreMap[item.technology] + item.totalScore();
+                techScoreMap[item.technology] = techScoreMap[item.technology] + item.unjustifiedScore();
             } else {
-                techScoreMap[item.technology] = item.totalScore();
+                techScoreMap[item.technology] = item.unjustifiedScore();
             }
             // Add item score to account score map
             if (accountScoreMap.containsKey(item.account)) {
-                accountScoreMap[item.account] = accountScoreMap[item.account] + item.totalScore();
+                accountScoreMap[item.account] = accountScoreMap[item.account] + item.unjustifiedScore();
             } else {
-                accountScoreMap[item.account] = item.totalScore();
+                accountScoreMap[item.account] = item.unjustifiedScore();
             }
         }
         // angular.dart does not support iterating over hash map so convert to array

dart/lib/component/dashboard_component/dashboard_component.html

@@ -97,11 +97,11 @@ <h3 class="panel-title">High Score Items</h3>
             </tr>
           </thead>
           <tbody>
-            <tr ng-repeat="highScoreItem in selectedItems | orderBy:'-totalScore()' | limitTo:10">
+            <tr ng-repeat="highScoreItem in selectedItems | orderBy:'-unjustifiedScore()' | limitTo:10">
               <td>{{highScoreItem.account}}</td>
               <td>{{highScoreItem.technology}}</td>
               <td><a href="#/viewitem/{{highScoreItem.id}}">{{highScoreItem.name}}</a></td>
-              <td>{{highScoreItem.totalScore()}}</td>
+              <td>{{highScoreItem.unjustifiedScore()}}</td>
             </tr>
           </tbody>
         </table>

dart/lib/component/item_table_component/item_table_component.dart

@@ -53,8 +53,8 @@ class ItemTableComponent extends PaginatedTable implements DetachAware {
 
     /// Case 1 - Item has no issues or scoreless issues. Return "";
     /// Case 2 - Item has all justified issues. Return "success";
-    /// Case 3 - Item has unjustified issues w/score <=3. Return "warning";
-    /// Case 4 - Item has unjustified issues w/score >3. Return "danger";
+    /// Case 3 - Item has unjustified issues w/score <=8. Return "warning";
+    /// Case 4 - Item has unjustified issues w/score >8. Return "danger";
     String classForItem(Item item) {
         if (item.number_issues == 0 || item.totalScore() == 0) {
             return "";
@@ -64,7 +64,7 @@ class ItemTableComponent extends PaginatedTable implements DetachAware {
             return "success";
         }
 
-        if (item.unjustifiedScore() <= 3) {
+        if (item.unjustifiedScore() <= 8) {
             return "warning";
         }
 

dart/lib/component/itemdetails/itemdetails.html

@@ -79,14 +79,12 @@
         <td ng-if="us.hasRole('Justify')"><div class="text-center"><input type="checkbox" ng-model="issue.selected_for_justification" /></div></td>
         <td>{{issue.issue}}</td>
         <td>{{issue.score}}</td>
-        <td ng-if="issue.has_sub_item">Related to:
-          <ul class="list-unstyled">
-            <li ng-repeat="link in issue.item_links">
-              <a href="#/viewitem/{{link.id}}">{{link.name}}
-            </li>
-          </ul>
+        <td>
+            <span ng-if="issue.has_sub_item">Related to:
+              <a ng-repeat="link in issue.item_links" href="#/viewitem/{{link.id}}">{{link.name}}</a>
+            </span>
+            {{issue.notes}}
         </td>
-        <td ng-if="!issue.has_sub_item">{{issue.notes}}</td>
       </tr>
     </table>
     <div ng-if="us.hasRole('Justify')" class="panel-footer">
@@ -120,14 +118,12 @@
         <td>{{issue.issue}}</td>
         <td>{{issue.justification}}</td>
         <td>{{issue.score}}</td>
-        <td ng-if="issue.has_sub_item">Related to:
-          <ul class="list-unstyled">
-            <li ng-repeat="link in issue.item_links">
-              <a href="#/viewitem/{{link.id}}">{{link.name}}
-            </li>
-          </ul>
+        <td>
+            <span ng-if="issue.has_sub_item">Related to:
+              <a ng-repeat="link in issue.item_links" href="#/viewitem/{{link.id}}">{{link.name}}</a>
+            </span>
+            {{issue.notes}}
         </td>
-        <td ng-if="!issue.has_sub_item">{{issue.notes}}</td>
         <td>
           <button ng-if="issue.justified_user==user"
               ng-click="removeJustification(issue.id)"

dart/web/js/sso.js

@@ -28,6 +28,15 @@ var create_url = function(provider) {
         if (provider.hd) {
             url += "&hd="+provider.hd;
         }
+    } else if (provider.name.toLowerCase() == "okta") { // Okta
+        url += "?";
+        url += "response_type="+provider.responseType;
+        url += "&client_id="+provider.clientId;
+        url += "&redirect_uri="+provider.redirectUri;
+        url += "&nonce="+provider.nonce;
+        url += "&scope="+provider.scope.join(provider.scopeDelimiter);
+        url += "&response_type="+provider.responseType;
+        url += "&state=clientId,"+provider.clientId+",redirectUri,"+provider.redirectUri+",return_to,"+next;
     } else { // google || ping
         url += "?";
         url += "response_type="+provider.responseType;

docker-compose.yml

@@ -14,6 +14,8 @@ services:
     image: postgres:10.1
     #volumes:
     #  - ./postgres-data/:/var/lib/postgresql/data
+    environment:
+      - POSTGRES_DB=secmonkey
 
   redis:
       container_name: secmonkey-redis

docker/api-init.sh

@@ -1,4 +1,4 @@
-#!/bin/bash
+#!/bin/bash -e
 
 # Wait the database
 sleep 10
@@ -19,17 +19,15 @@ mkdir -p /var/log/security_monkey/
 touch "/var/log/security_monkey/security_monkey-deploy.log"
 
 cd /usr/local/src/security_monkey
-source venv/bin/activate
 monkey db upgrade
 
-# -------------ADD ADDITIONAL MONKEY COMMANDS TO EXEUTE HERE-------------
+# -------------ADD ADDITIONAL MONKEY COMMANDS TO EXECUTE HERE-------------
 
 cat <<EOF | monkey create_user "admin@example.org" "Admin"
 ${SECURITY_MONKEY_PASSWORD:-admin}
 ${SECURITY_MONKEY_PASSWORD:-admin}
 EOF
 
-
 # -------------ADD MONKEY COMMANDS ABOVE TO ADD ACCOUNTS AND DO OTHER THINGS-------------
 
 echo "Completed API init on $( date )"