Merge pull request #1238 from dradis/mappings-manager/add-uploaders

Mappings Manager for Upload Integrations Feature
dradis · Apr 25, 2024 · 4bad128 · 4bad128
2 parents 68970f3 + 4a70f36
commit 4bad128
Show file tree

Hide file tree

Showing 13 changed files with 303 additions and 96 deletions.
diff --git a/CHANGELOG b/CHANGELOG
@@ -1,6 +1,5 @@
 [v#.#.#] ([month] [YYYY])
-  - [entity]:
-    - [future tense verb] [feature]
+  - Mappings: Map fields from scanner integrations to Dradis fields
   - Upgraded gems:
     - nokogiri, rails
   - Bugs fixes:

diff --git a/Gemfile b/Gemfile
@@ -213,7 +213,7 @@ end
 #
 
 # Base framework classes required by other plugins
-gem 'dradis-plugins', github: 'dradis/dradis-plugins', branch: 'fix/template-caching'
+gem 'dradis-plugins', github: 'dradis/dradis-plugins'
 
 gem 'dradis-api', path: 'engines/dradis-api'
 
@@ -241,21 +241,21 @@ gem 'dradis-html_export', '~> 4.11.0'
 gem 'dradis-csv', '~> 4.11.0'
 
 # ---------------------------------------------------------------------- Upload
-gem 'dradis-acunetix', '~> 4.11.0'
-gem 'dradis-brakeman', '~> 4.11.0'
-gem 'dradis-burp', '~> 4.11.0'
-gem 'dradis-coreimpact', '~> 4.11.0'
-gem 'dradis-metasploit', '~> 4.11.0'
-gem 'dradis-nessus', '~> 4.11.0'
-gem 'dradis-netsparker', '~> 4.11.0'
-gem 'dradis-nexpose', '~> 4.11.0'
-gem 'dradis-nikto', '~> 4.11.0'
-gem 'dradis-nipper', '~> 4.11.0'
-gem 'dradis-nmap', '~> 4.11.0'
-gem 'dradis-ntospider', '~> 4.11.0'
-gem 'dradis-openvas', '~> 4.11.0'
-gem 'dradis-qualys', '~> 4.11.0'
-gem 'dradis-saint', '~> 4.11.0'
-gem 'dradis-veracode', '~> 4.11.0'
-gem 'dradis-wpscan', '~> 4.11.0'
-gem 'dradis-zap', '~> 4.11.0'
+gem 'dradis-acunetix', github: 'dradis/dradis-acunetix'
+gem 'dradis-brakeman', github: 'dradis/dradis-brakeman'
+gem 'dradis-burp', github: 'dradis/dradis-burp'
+gem 'dradis-coreimpact', github: 'dradis/dradis-coreimpact'
+gem 'dradis-metasploit', github: 'dradis/dradis-metasploit'
+gem 'dradis-nessus', github: 'dradis/dradis-nessus'
+gem 'dradis-netsparker', github: 'dradis/dradis-netsparker'
+gem 'dradis-nexpose', github: 'dradis/dradis-nexpose'
+gem 'dradis-nikto', github: 'dradis/dradis-nikto'
+gem 'dradis-nipper', github: 'dradis/dradis-nipper'
+gem 'dradis-nmap', github: 'dradis/dradis-nmap'
+gem 'dradis-ntospider', github: 'dradis/dradis-ntospider'
+gem 'dradis-openvas', github: 'dradis/dradis-openvas'
+gem 'dradis-qualys', github: 'dradis/dradis-qualys'
+gem 'dradis-saint', github: 'dradis/dradis-saint'
+gem 'dradis-veracode', github: 'dradis/dradis-veracode'
+gem 'dradis-wpscan', github: 'dradis/dradis-wpscan'
+gem 'dradis-zap', github: 'dradis/dradis-zap'
diff --git a/Gemfile.lock b/Gemfile.lock
@@ -1,10 +1,150 @@
+GIT
+  remote: https://github.com/dradis/dradis-acunetix.git
+  revision: f3670e475bf3e6d171d43fb061d3c9e7185a18a5
+  specs:
+    dradis-acunetix (4.12.0)
+      dradis-plugins (~> 4.0)
+      nokogiri (~> 1.3)
+
+GIT
+  remote: https://github.com/dradis/dradis-brakeman.git
+  revision: a59ef3403d3ad596941382990d53956b535b6442
+  specs:
+    dradis-brakeman (4.12.0)
+      dradis-plugins (~> 4.0)
+
+GIT
+  remote: https://github.com/dradis/dradis-burp.git
+  revision: 21eb812ea839d1f556938709dbfc25f78559ded4
+  specs:
+    dradis-burp (4.12.0)
+      dradis-plugins (~> 4.0)
+      nokogiri (~> 1.3)
+
+GIT
+  remote: https://github.com/dradis/dradis-coreimpact.git
+  revision: c50f9270dd49859e5d3ee147af87f9b75fe4082d
+  specs:
+    dradis-coreimpact (4.12.0)
+      dradis-plugins (~> 4.0)
+
+GIT
+  remote: https://github.com/dradis/dradis-metasploit.git
+  revision: 95556559e765c89155c8cf2185cd8a2946f096c5
+  specs:
+    dradis-metasploit (4.12.0)
+      dradis-plugins (~> 4.0)
+      nokogiri (~> 1.3)
+
+GIT
+  remote: https://github.com/dradis/dradis-nessus.git
+  revision: e11829da4241922bfd26136b0011b2909aaf3144
+  specs:
+    dradis-nessus (4.12.0)
+      dradis-plugins (~> 4.0)
+      nokogiri
+
+GIT
+  remote: https://github.com/dradis/dradis-netsparker.git
+  revision: 8e1ee7b0790bb935263dd8711de08300d6d91d5e
+  specs:
+    dradis-netsparker (4.12.0)
+      dradis-plugins (~> 4.0)
+      nokogiri (>= 1.12.5)
+
+GIT
+  remote: https://github.com/dradis/dradis-nexpose.git
+  revision: b44222b335af3d608f43deb8d4806fd77e7d08ee
+  specs:
+    dradis-nexpose (4.12.0)
+      dradis-plugins (~> 4.0)
+      nokogiri (~> 1.3)
+
+GIT
+  remote: https://github.com/dradis/dradis-nikto.git
+  revision: bca8bc1954e74c8702f009c7a6b2cd8ef6845c8b
+  specs:
+    dradis-nikto (4.12.0)
+      dradis-plugins (~> 4.0)
+      nokogiri (~> 1.3)
+
+GIT
+  remote: https://github.com/dradis/dradis-nipper.git
+  revision: 92c98a8a200ec056b10fbed4dba9fbfaa8dc8932
+  specs:
+    dradis-nipper (4.12.0)
+      dradis-plugins (~> 4.0)
+
+GIT
+  remote: https://github.com/dradis/dradis-nmap.git
+  revision: 10c1fa773e4c46ba34c5e75d5bb806512671b49a
+  specs:
+    dradis-nmap (4.12.0)
+      dradis-plugins (~> 4.0)
+      ruby-nmap (~> 0.7)
+
+GIT
+  remote: https://github.com/dradis/dradis-ntospider.git
+  revision: 0884791fdb57d89927c383e84d4d81c4d115e7f4
+  specs:
+    dradis-ntospider (4.12.0)
+      dradis-plugins (~> 4.0)
+
+GIT
+  remote: https://github.com/dradis/dradis-openvas.git
+  revision: ceaef202911f8073fcf99dc0fa9717fb729078d9
+  specs:
+    dradis-openvas (4.11.0)
+      dradis-plugins (~> 4.0)
+
 GIT
   remote: https://github.com/dradis/dradis-plugins.git
-  revision: e69d1f42c85f647662307019b8b492152a5c3c29
-  branch: fix/template-caching
+  revision: 35efe7b19670d7c75a0594a464080a8c46652f24
   specs:
     dradis-plugins (4.11.0)
 
+GIT
+  remote: https://github.com/dradis/dradis-qualys.git
+  revision: 1c1f6ce6ba3348dc31f5f9567d20cee77a6004d8
+  specs:
+    dradis-qualys (4.12.0)
+      dradis-plugins (~> 4.0)
+      nokogiri (~> 1.3)
+
+GIT
+  remote: https://github.com/dradis/dradis-saint.git
+  revision: d36a55f129674ed90ab4e47b68f91bdbddd14fb3
+  specs:
+    dradis-saint (4.12.0)
+      combustion (~> 0.6.0)
+      dradis-plugins (~> 4.0)
+      nokogiri
+      rake (~> 13.0)
+      rspec-rails
+
+GIT
+  remote: https://github.com/dradis/dradis-veracode.git
+  revision: 5719028296d55632d5baaac4e9f369fab684ded8
+  specs:
+    dradis-veracode (4.12.0)
+      dradis-plugins (~> 4.0)
+
+GIT
+  remote: https://github.com/dradis/dradis-wpscan.git
+  revision: 8b036f1b1c6386381fd5b2e8301d4932e8ac23f4
+  specs:
+    dradis-wpscan (4.12.0)
+      dradis-plugins (~> 4.0)
+      multi_json
+
+GIT
+  remote: https://github.com/dradis/dradis-zap.git
+  revision: 05fb435b4ce26b879953a0459c9c988ad9f2739c
+  specs:
+    dradis-zap (4.12.0)
+      dradis-plugins (~> 4.0)
+      nokogiri (~> 1.3)
+
 PATH
   remote: engines/dradis-api
   specs:
@@ -132,20 +272,10 @@ GEM
     date (3.3.4)
     diff-lcs (1.5.0)
     differ (0.1.2)
-    dradis-acunetix (4.11.0)
-      dradis-plugins (~> 4.0)
-      nokogiri (~> 1.3)
-    dradis-brakeman (4.11.0)
-      dradis-plugins (~> 4.0)
-    dradis-burp (4.11.0)
-      dradis-plugins (~> 4.0)
-      nokogiri (~> 1.3)
     dradis-calculator_cvss (4.11.0)
       dradis-plugins (~> 4.0)
     dradis-calculator_dread (4.11.0)
       dradis-plugins (~> 4.0)
-    dradis-coreimpact (4.11.0)
-      dradis-plugins (~> 4.0)
     dradis-csv (4.11.0)
       dradis-plugins (~> 4.0)
     dradis-csv_export (4.11.0)
@@ -154,50 +284,9 @@ GEM
       RedCloth (~> 4.3.2)
       dradis-plugins (>= 4.8.0)
       rails_autolink (~> 1.1)
-    dradis-metasploit (4.11.0)
-      dradis-plugins (~> 4.0)
-      nokogiri (~> 1.3)
-    dradis-nessus (4.11.0)
-      dradis-plugins (~> 4.0)
-      nokogiri
-    dradis-netsparker (4.11.0)
-      dradis-plugins (~> 4.0)
-      nokogiri (>= 1.12.5)
-    dradis-nexpose (4.11.0)
-      dradis-plugins (~> 4.0)
-      nokogiri (~> 1.3)
-    dradis-nikto (4.11.0)
-      dradis-plugins (~> 4.0)
-      nokogiri (~> 1.3)
-    dradis-nipper (4.11.0)
-      dradis-plugins (~> 4.0)
-    dradis-nmap (4.11.0)
-      dradis-plugins (~> 4.0)
-      ruby-nmap (~> 0.7)
-    dradis-ntospider (4.11.0)
-      dradis-plugins (~> 4.0)
-    dradis-openvas (4.11.0)
-      dradis-plugins (~> 4.0)
     dradis-projects (4.11.0)
       dradis-plugins (>= 4.8.0)
       rubyzip
-    dradis-qualys (4.11.0)
-      dradis-plugins (~> 4.0)
-      nokogiri (~> 1.3)
-    dradis-saint (4.11.0)
-      combustion (~> 0.6.0)
-      dradis-plugins (~> 4.0)
-      nokogiri
-      rake (~> 13.0)
-      rspec-rails
-    dradis-veracode (4.11.0)
-      dradis-plugins (~> 4.0)
-    dradis-wpscan (4.11.0)
-      dradis-plugins (~> 4.0)
-      multi_json
-    dradis-zap (4.11.0)
-      dradis-plugins (~> 4.0)
-      nokogiri (~> 1.3)
     erubi (1.12.0)
     execjs (2.7.0)
     factory_bot (6.2.1)
@@ -531,32 +620,32 @@ DEPENDENCIES
   coffee-rails (~> 5.0)
   database_cleaner
   differ (~> 0.1.2)
-  dradis-acunetix (~> 4.11.0)
+  dradis-acunetix!
   dradis-api!
-  dradis-brakeman (~> 4.11.0)
-  dradis-burp (~> 4.11.0)
+  dradis-brakeman!
+  dradis-burp!
   dradis-calculator_cvss (~> 4.11.0)
   dradis-calculator_dread (~> 4.11.0)
-  dradis-coreimpact (~> 4.11.0)
+  dradis-coreimpact!
   dradis-csv (~> 4.11.0)
   dradis-csv_export (~> 4.11.0)
   dradis-html_export (~> 4.11.0)
-  dradis-metasploit (~> 4.11.0)
-  dradis-nessus (~> 4.11.0)
-  dradis-netsparker (~> 4.11.0)
-  dradis-nexpose (~> 4.11.0)
-  dradis-nikto (~> 4.11.0)
-  dradis-nipper (~> 4.11.0)
-  dradis-nmap (~> 4.11.0)
-  dradis-ntospider (~> 4.11.0)
-  dradis-openvas (~> 4.11.0)
+  dradis-metasploit!
+  dradis-nessus!
+  dradis-netsparker!
+  dradis-nexpose!
+  dradis-nikto!
+  dradis-nipper!
+  dradis-nmap!
+  dradis-ntospider!
+  dradis-openvas!
   dradis-plugins!
   dradis-projects (~> 4.11.0)
-  dradis-qualys (~> 4.11.0)
-  dradis-saint (~> 4.11.0)
-  dradis-veracode (~> 4.11.0)
-  dradis-wpscan (~> 4.11.0)
-  dradis-zap (~> 4.11.0)
+  dradis-qualys!
+  dradis-saint!
+  dradis-veracode!
+  dradis-wpscan!
+  dradis-zap!
   factory_bot_rails
   font-awesome-sass (~> 6.4.0)
   foreman

diff --git a/app/models/mapping.rb b/app/models/mapping.rb
@@ -0,0 +1,18 @@
+class Mapping < ApplicationRecord
+  # -- Relationships --------------------------------------------------------
+  has_many :mapping_fields, dependent: :destroy
+
+  # -- Callbacks ------------------------------------------------------------
+
+  # -- Validations ----------------------------------------------------------
+  validates :destination,
+    uniqueness: { scope: [:component, :source], case_sensitive: false }
+  validates :component, presence: true
+  validates :source, presence: true
+
+  # -- Scopes ---------------------------------------------------------------
+
+  # -- Class Methods --------------------------------------------------------
+
+  # -- Instance Methods -----------------------------------------------------
+end
diff --git a/app/models/mapping_field.rb b/app/models/mapping_field.rb
@@ -0,0 +1,19 @@
+class MappingField < ApplicationRecord
+  # -- Relationships --------------------------------------------------------
+  belongs_to :mapping
+
+  # -- Callbacks ------------------------------------------------------------
+  #
+  # -- Validations ----------------------------------------------------------
+  validates :content, presence: true
+  validates :destination_field,
+    presence: true,
+    uniqueness: { scope: [:mapping_id, :source_field], case_sensitive: false }
+  validates :source_field, presence: true
+
+  # -- Scopes ---------------------------------------------------------------
+
+  # -- Class Methods --------------------------------------------------------
+
+  # -- Instance Methods -----------------------------------------------------
+end
diff --git a/config/initializers/z_11_plugin_templates.rb b/config/initializers/z_11_plugin_templates.rb
@@ -11,14 +11,15 @@
     # ---------------------------------------------------------------- 3.1 Upload
     template_dir = Configuration.paths_templates_plugins
 
-    Dradis::Plugins::with_feature(:upload).each do |plugin|
-      plugin.copy_templates(to: template_dir)
+    Dradis::Plugins::with_feature(:upload).each do |integration|
+      integration.copy_samples(to: template_dir)
+      integration.migrate_templates_to_mappings(from: template_dir)
     end
 
     # ---------------------------------------------------------------- 3.2 Export
     template_dir = Configuration.paths_templates_reports
     Dradis::Plugins::with_feature(:export).each do |plugin|
-      plugin.copy_templates(to: template_dir)
+      plugin.copy_samples(to: template_dir)
     end
   end
 end