Merge pull request aboutcode-org#2314 from aboutcode-org/todo-curation-queue

feat: add UI to expose curation curation

Author: keshav-space

vulnerabilities/forms.py

@@ -12,6 +12,7 @@
 from django.core.validators import validate_email
 from django_altcha import AltchaField
 
+from vulnerabilities.models import ISSUE_TYPE_CHOICES
 from vulnerabilities.models import ApiUser
 
 
@@ -103,3 +104,32 @@ class PipelineSchedulePackageForm(forms.Form):
 
 class AdminLoginForm(AdminAuthenticationForm):
     captcha = AltchaField(floating=True, hidefooter=True)
+
+
+class AdvisoryToDoForm(forms.Form):
+    search = forms.CharField(
+        required=False,
+        label=False,
+        widget=forms.TextInput(
+            attrs={
+                "placeholder": "Search ToDos...",
+                "class": "input",
+            },
+        ),
+    )
+
+    resolved = forms.ChoiceField(
+        required=False,
+        choices=[
+            ("", "All"),
+            ("True", "Yes"),
+            ("False", "No"),
+        ],
+        widget=forms.Select(attrs={"class": "select"}),
+    )
+
+    issue_type = forms.ChoiceField(
+        required=False,
+        choices=[("", "All")] + ISSUE_TYPE_CHOICES,
+        widget=forms.Select(attrs={"class": "select"}),
+    )

vulnerabilities/pipelines/v2_importers/fireeye_importer_v2.py

@@ -43,6 +43,8 @@ class FireeyeImporterPipeline(VulnerableCodeBaseImporterPipelineV2):
 
     precedence = 200
 
+    exclude_from_package_todo = True
+
     @classmethod
     def steps(cls):
         return (

vulnerabilities/pipelines/v2_importers/linux_kernel_importer.py

@@ -35,6 +35,8 @@ class LinuxKernelPipeline(VulnerableCodeBaseImporterPipelineV2):
     license_url = "https://github.com/nluedtke/linux_kernel_cves/blob/master/LICENSE"
     run_once = True
 
+    exclude_from_package_todo = True
+
     @classmethod
     def steps(cls):
         return (

vulnerabilities/pipelines/v2_importers/vulnrichment_importer.py

@@ -35,6 +35,7 @@ class VulnrichImporterPipeline(VulnerableCodeBaseImporterPipelineV2):
     repo_url = "git+https://github.com/cisagov/vulnrichment.git"
 
     precedence = 100
+    exclude_from_package_todo = True
 
     @classmethod
     def steps(cls):

vulnerabilities/pipelines/v2_importers/xen_importer.py

@@ -57,6 +57,7 @@ class XenImporterPipeline(VulnerableCodeBaseImporterPipelineV2):
     """
 
     precedence = 200
+    exclude_from_package_todo = True
 
     _cached_data = None  # Class-level cache
 

vulnerabilities/templates/advisory_detail.html

@@ -12,7 +12,7 @@
 {% block content %}
 
 {% if advisory %}
-<section class="section pt-0">
+<section class="section pt-4">
     <div class="details-container">
         <article class="panel is-info panel-header-only">
             <div class="panel-heading py-2 is-size-6">

vulnerabilities/templates/advisory_package_details.html

@@ -12,7 +12,7 @@
 {% block content %}
 
 {% if advisoryv2 %}
-    <section class="section pt-0">
+    <section class="section pt-4">
         <div class="details-container">
             <article class="panel is-info panel-header-only">
                 <div class="panel-heading py-2 is-size-6">

vulnerabilities/templates/advisory_todos.html

@@ -0,0 +1,157 @@
+{% extends "base.html" %}
+{% load utils %}
+
+{% block title %}
+Advisory To-Dos
+{% endblock %}
+
+{% block extrahead %}
+<style>
+    thead th {
+        border-bottom: none !important;
+    }
+
+    tbody tr:hover {
+        background-color: #e0e0e0 !important;
+        cursor: pointer;
+    }
+
+    tbody tr:nth-child(even):hover {
+        background-color: #d3d3d3 !important;
+    }
+
+    .column {
+        word-break: break-word;
+    }
+</style>
+{% endblock %}
+
+
+{% block content %}
+<div class="columns mt-4">
+    <div class="column">
+    </div>
+
+    <div class="column is-four-fifths">
+        <div class="content is-normal">
+            <h1>Advisory To-Dos</h1>
+            <hr />
+        </div>
+            <form method="get" class="box px-6 mx-0">
+
+                <div class="field has-addons">
+                    <div class="control is-expanded has-icons-right">
+                        {{ form.search }}
+
+                        {% if form.search.value %}
+                        <a href="?{% querystring request search='' %}"
+                        class="icon is-right"
+                        style="pointer-events: auto; cursor: pointer;">
+                            ✕
+                        </a>
+                        {% endif %}
+                    </div>
+
+                    <div class="control">
+                        <button type="submit" class="button is-info">
+                            <i class="fa fa-search mx-1"></i>
+                        </button>
+                    </div>
+                </div>
+            </form>
+
+        <div class="box">
+    <table class="table is-striped is-hoverable is-fullwidth">
+        <thead>
+            <tr>
+                <th colspan="4">
+                    <div class="box is-small">
+                        <div class="columns is-vcentered">
+                            <div class="column has-text-left" style="flex: 0 0 20%; font-weight: bold;">Aliases</div>
+                            <div class="column has-text-left" style="flex: 0 0 20%; font-weight: bold;">Date</div>
+                            <div class="column has-text-left" style="flex: 0 0 10%; font-weight: bold;">Resolved</div>
+                            <div class="column has-text-left" style="flex: 0 0 10%; font-weight: bold;"># Advisories</div>
+                            <div class="column has-text-left" style="flex: 0 0 40%; font-weight: bold;">Issue Type</div>
+                        </div>
+                    </div>
+                </th>
+            </tr>
+            <tr>
+                <th colspan="4">
+                    <form method="get">
+                        <input type="hidden" name="search" value="{{ form.search.value|default:'' }}">
+
+                        <div class="columns is-vcentered px-1">
+                            <div class="column has-text-left" style="flex: 0 0 20%;"></div>
+                            <div class="column has-text-left" style="flex: 0 0 20%;"></div>
+
+                            <div class="column " style="flex: 0 0 10%;">
+                                <div class="select is-half">
+                                    <select name="resolved" onchange="this.form.submit()">
+                                        {% for val, label in form.fields.resolved.choices %}
+                                            <option value="{{ val }}"
+                                                {% if form.resolved.value == val %}selected{% endif %}>
+                                                {{ label }}
+                                            </option>
+                                        {% endfor %}
+                                    </select>
+                                </div>
+                            </div>
+
+                            <div class="column has-text-left" style="flex: 0 0 10%;"></div>
+
+                            <div class="column" style="flex: 0 0 40%;">
+                                <div class="select is-half">
+                                    <select name="issue_type" onchange="this.form.submit()">
+                                        {% for val, label in form.fields.issue_type.choices %}
+                                            <option value="{{ val }}"
+                                                {% if form.issue_type.value == val %}selected{% endif %}>
+                                                {{ label }}
+                                            </option>
+                                        {% endfor %}
+                                    </select>
+                                </div>
+                            </div>
+                        </div>
+                    </form>
+                </th>
+            </tr>
+        </thead>
+
+        <tbody>
+            {% for todo in todo_list %}
+            <tr>
+                <td colspan="4">
+                            <div class="columns px-1 is-vcentered">
+                                <div class="column has-text-left" style="flex: 0 0 20%;">
+                                    {{ todo.alias }}
+                                </div>
+                                <div class="column has-text-left" style="flex: 0 0 20%;">
+                                    {{ todo.oldest_advisory_date|default:"NA" }}
+                                </div>
+                                <div class="column has-text-centered has-text-grey" style="flex: 0 0 10%;">
+                                    {{ todo.is_resolved|yesno:"Yes,No" }}
+                                </div>
+                                <div class="column has-text-centered has-text-grey" style="flex: 0 0 10%;">
+                                    {{ todo.advisories_count }}
+                                </div>
+                                <div class="column has-text-left has-text-grey" style="flex: 0 0 40%;">
+                                    {{ todo.get_issue_type_display }}
+                                </div>
+                            </div>
+                </td>
+            </tr>
+            {% empty %}
+            <tr>
+                <td colspan="4" class="has-text-centered">No To-Dos found.</td>
+            </tr>
+            {% endfor %}
+        </tbody>
+    </table>
+        </div>
+            {% include "includes/pagination_v2.html" with page_obj=page_obj %}
+        </div>
+    <div class="column"></div>
+</div>
+{% endblock %}
+

vulnerabilities/templates/fixing_advisories.html

@@ -3,7 +3,7 @@
 {% load widget_tweaks %}
 
 {% block content %}
-<div class="is-max-desktop mb-3">
+<div class="is-max-desktop mb-3 mt-4">
     <section class="mx-5">
         <div class="is-flex" style="justify-content: space-between;">
             <div>

vulnerabilities/templates/includes/pagination_v2.html

@@ -0,0 +1,65 @@
+{% load utils %}
+
+{% if page_obj.has_other_pages %}
+<nav class="pagination is-centered px-5" role="navigation" aria-label="pagination">
+
+    {% if page_obj.has_previous %}
+        <a class="pagination-previous"
+           href="?{% querystring request page=page_obj.previous_page_number %}">
+            Previous
+        </a>
+    {% else %}
+        <a class="pagination-previous" disabled>Previous</a>
+    {% endif %}
+
+    {% if page_obj.has_next %}
+        <a class="pagination-next"
+           href="?{% querystring request page=page_obj.next_page_number %}">
+            Next
+        </a>
+    {% else %}
+        <a class="pagination-next" disabled>Next</a>
+    {% endif %}
+
+    <ul class="pagination-list">
+
+        {% if page_obj.number > 3 %}
+            <li>
+                <a class="pagination-link"
+                   href="?{% querystring request page=1 %}">1</a>
+            </li>
+            {% if page_obj.number > 4 %}
+                <li><span class="pagination-ellipsis">&hellip;</span></li>
+            {% endif %}
+        {% endif %}
+
+        {% for i in page_obj.paginator.page_range %}
+            {% if i >= page_obj.number|add:-2 and i <= page_obj.number|add:2 %}
+                {% if i == page_obj.number %}
+                    <li><a class="pagination-link is-current">{{ i }}</a></li>
+                {% else %}
+                    <li>
+                        <a class="pagination-link"
+                           href="?{% querystring request page=i %}">
+                            {{ i }}
+                        </a>
+                    </li>
+                {% endif %}
+            {% endif %}
+        {% endfor %}
+
+        {% if page_obj.number < page_obj.paginator.num_pages|add:-2 %}
+            {% if page_obj.number < page_obj.paginator.num_pages|add:-3 %}
+                <li><span class="pagination-ellipsis">&hellip;</span></li>
+            {% endif %}
+            <li>
+                <a class="pagination-link"
+                   href="?{% querystring request page=page_obj.paginator.num_pages %}">
+                    {{ page_obj.paginator.num_pages }}
+                </a>
+            </li>
+        {% endif %}
+
+    </ul>
+</nav>
+{% endif %}