Skip to content

Commit

Permalink
Merge pull request #128 from sei-vsarvepalli/version-2.1.6
Browse files Browse the repository at this point in the history
VINCE upgrade to 2.1.6
  • Loading branch information
sei-vsarvepalli authored Oct 25, 2023
2 parents b71081b + d28726f commit c7f5391
Show file tree
Hide file tree
Showing 31 changed files with 611 additions and 405 deletions.
12 changes: 12 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
@@ -1,5 +1,17 @@
# VINCE Changelog

Version 2.1.6 2023-10-25

* Fixed bug that interfered in certain circumstances with the operation of the vendor filter button on the VINCEComm case page
* Dependabot update recommendations: `urllib3` 1.26.12 to 1.26.18
* Fixed bug that obstrcuted case assignment process for VINCETrack users with identical preferred usernames
* Adjusted code for asynchronous loading on ticket page to ensure it works on all ticket pages, including case request tickets
* Set up periodic autorefresh feature for VINCE Track ticket page
* Reformulated misleading UI labels for case transfer request process
* Resolved Issue by simpifying/correcting search code & disambiguating labels in report views
* Added AI/ML systems checkbox to public & VINCE Comm vul report form, routing of AI/ML-related tickets


Version 2.1.5 2023-09-21

* Enhanced operation of VINCEComm case discussion section, moving focus to editable div when the user chooses to edit a post
Expand Down
2 changes: 1 addition & 1 deletion bigvince/settings_.py
Original file line number Diff line number Diff line change
Expand Up @@ -56,7 +56,7 @@
ROOT_DIR = environ.Path(__file__) - 3

# any change that requires database migrations is a minor release
VERSION = "2.1.5"
VERSION = "2.1.6"

# Quick-start development settings - unsuitable for production
# See https://docs.djangoproject.com/en/2.1/howto/deployment/checklist/
Expand Down
4 changes: 2 additions & 2 deletions requirements.txt
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ chardet==5.0.0
charset-normalizer==2.1.1
click==8.1.3
colorama==0.4.4
cryptography==41.0.4
cryptography==41.0.3
cvelib==1.1.0
Deprecated==1.2.13
dictdiffer==0.9.0
Expand Down Expand Up @@ -75,7 +75,7 @@ six==1.16.0
soupsieve==2.3.2.post1
sqlparse==0.4.4
typing_extensions==4.4.0
urllib3==1.26.12
urllib3==1.26.18
vine==5.0.0
watchtower==3.0.0
webencodings==0.5.1
Expand Down
5 changes: 3 additions & 2 deletions vince/lib.py
Original file line number Diff line number Diff line change
Expand Up @@ -397,6 +397,7 @@ def update_vinny_cr(instance):
vtcr.vendor_communication = cr.vendor_communication
vtcr.product_name = cr.product_name
vtcr.ics_impact = cr.ics_impact
vtcr.metadata = cr.metadata
vtcr.product_version = cr.product_version
vtcr.vul_description = cr.vul_description
vtcr.vul_exploit = cr.vul_exploit
Expand Down Expand Up @@ -1678,7 +1679,7 @@ def parse_attachment(message_part):

def create_ticket_for_error_email(filename, bucket, queue=None, from_email=None, body=None, cert_id=None, case=None):
if queue == None:
queue = TicketQueue.objects.filter(queue_type=1, from_email=bucket).first()
queue = TicketQueue.objects.filter(queue_type=TicketQueue.GENERAL_TICKET_QUEUE, from_email=bucket).first()

if len(body) > 5000:
#truncate long bodies
Expand Down Expand Up @@ -2176,7 +2177,7 @@ def create_ticket_from_email(filename, body, bucket):
logger.debug(rq)

#this is the default queue - the general queue for this bucket
queue = TicketQueue.objects.filter(from_email=bucket, queue_type=1).first()
queue = TicketQueue.objects.filter(from_email=bucket, queue_type=TicketQueue.GENERAL_TICKET_QUEUE).first()
if queue == None:
# this is misconfigured!
send_error_sns("ticket queues", "misconfiguration",
Expand Down
2 changes: 1 addition & 1 deletion vince/mailer.py
Original file line number Diff line number Diff line change
Expand Up @@ -516,7 +516,7 @@ def send_updatecase_mail(action, new_user=None):
# cut a new ticket to alert
if case.team_owner:
tq = get_team_queues(case.team_owner)
queue = tq.filter(queue_type=2).first()
queue = tq.filter(queue_type=TicketQueue.CASE_REQUEST_QUEUE).first()
else:
queue = get_case_case_queue(case)

Expand Down
29 changes: 17 additions & 12 deletions vince/models.py
Original file line number Diff line number Diff line change
Expand Up @@ -55,17 +55,6 @@

logger.setLevel(logging.DEBUG)

GENERAL_TICKET_QUEUE = 1
CASE_REQUEST_QUEUE = 2
CASE_TASK_QUEUE = 3
OTHER_QUEUE = 4
QUEUE_TYPE = (
(GENERAL_TICKET_QUEUE, _('General Ticket')),
(CASE_REQUEST_QUEUE, _('Case Request Queue')),
(CASE_TASK_QUEUE, _('Case Task Queue')),
(OTHER_QUEUE, _('Other Queue'))
)

class OldJSONField(JSONField):
""" This was due to legacy support in Django 2.2. from_db_value
should be explicitily sepcified when extending JSONField """
Expand Down Expand Up @@ -161,7 +150,7 @@ class GroupSettings(models.Model):

def _get_triage(self):
#get cr wueue
queue = TicketQueue.objects.filter(queue_type=2, team=self.group).first()
queue = TicketQueue.objects.filter(queue_type=TicketQueue.CASE_REQUEST_QUEUE, team=self.group).first()
return queue

triage = property(_get_triage)
Expand Down Expand Up @@ -539,6 +528,17 @@ class TicketQueue(models.Model):
a queue for each of Accounts, Pre-Sales, and Support.
"""

GENERAL_TICKET_QUEUE = 1
CASE_REQUEST_QUEUE = 2
CASE_TASK_QUEUE = 3
OTHER_QUEUE = 4
QUEUE_TYPE = (
(GENERAL_TICKET_QUEUE, _('General Ticket')),
(CASE_REQUEST_QUEUE, _('Case Request Queue')),
(CASE_TASK_QUEUE, _('Case Task Queue')),
(OTHER_QUEUE, _('Other Queue'))
)

title = models.CharField(_('Title'),
max_length=100)

Expand Down Expand Up @@ -1924,6 +1924,11 @@ class CaseRequest(Ticket):
vendor_communication = models.TextField(blank=True, null=True)
product_name = models.CharField(max_length=500)
product_version = models.CharField(max_length=100, blank=True, null=True)
metadata = OldJSONField(
help_text=_('Extensible, currently used to specify relevance to AI/ML systems'),
blank=True,
null=True
)
ics_impact = models.BooleanField(default=False)
vul_description = models.TextField(blank=True, null=True)
vul_exploit = models.TextField(blank=True, null=True)
Expand Down
22 changes: 13 additions & 9 deletions vince/permissions.py
Original file line number Diff line number Diff line change
Expand Up @@ -79,23 +79,27 @@ def get_r_queues(user):
queues = QueuePermissions.objects.filter(group__in=user_groups, group_read=True).values_list('queue', flat=True)
return queues

def get_case_case_queue(case):
groups = CasePermissions.objects.filter(case=case, group_write=True).exclude(group__groupsettings__contact__isnull=True).values_list('group', flat=True)
qperm = QueuePermissions.objects.filter(group__in=groups, group_write=True, queue__queue_type=3).first()
if qperm:
return qperm.queue
def get_case_case_queue(case, user=None):
if user:
groups = CasePermissions.objects.filter(case=case, group_write=True,group__in=user.groups.all()).exclude(group__groupsettings__contact__isnull=True).values_list('group', flat=True)
else:
groups = CasePermissions.objects.filter(case=case, group_write=True).exclude(group__groupsettings__contact__isnull=True).values_list('group', flat=True)
if groups:
qperm = QueuePermissions.objects.filter(group__in=groups, group_write=True, queue__queue_type=TicketQueue.CASE_TASK_QUEUE).first()
if qperm:
return qperm.queue
return TicketQueue.objects.get(slug='case')

def get_user_case_queue(user):
user_groups = user.groups.exclude(groupsettings__contact__isnull=True)
perms = QueuePermissions.objects.filter(group__in=user_groups, group_read=True, group_write=True, queue__queue_type=3).first()
perms = QueuePermissions.objects.filter(group__in=user_groups, group_read=True, group_write=True, queue__queue_type=TicketQueue.CASE_TASK_QUEUE).first()
if perms:
return perms.queue
return TicketQueue.objects.get(slug='case')

def get_user_gen_queue(user):
user_groups = user.groups.exclude(groupsettings__contact__isnull=True)
perms = QueuePermissions.objects.filter(group__in=user_groups, group_read=True, group_write=True, queue__queue_type=1).first()
perms = QueuePermissions.objects.filter(group__in=user_groups, group_read=True, group_write=True, queue__queue_type=TicketQueue.GENERAL_TICKET_QUEUE).first()
if perms:
return perms.queue
return TicketQueue.objects.get(slug='gen')
Expand All @@ -112,14 +116,14 @@ def get_vendor_queue(user):

def get_user_cr_queue(user):
user_groups = user.groups.exclude(groupsettings__contact__isnull=True)
perms = QueuePermissions.objects.filter(group__in=user_groups, group_read=True, group_write=True, queue__queue_type=2).first()
perms = QueuePermissions.objects.filter(group__in=user_groups, group_read=True, group_write=True, queue__queue_type=TicketQueue.CASE_REQUEST_QUEUE).first()
if perms:
return perms.queue
return TicketQueue.objects.get(slug='cr')

def get_all_cr_queue(user):
user_groups = user.groups.exclude(groupsettings__contact__isnull=True)
perms = QueuePermissions.objects.filter(group__in=user_groups, group_read=True, group_write=True, queue__queue_type=2).values_list('queue', flat=True)
perms = QueuePermissions.objects.filter(group__in=user_groups, group_read=True, group_write=True, queue__queue_type=TicketQueue.CASE_REQUEST_QUEUE).values_list('queue', flat=True)
if perms:
return TicketQueue.objects.filter(id__in=perms)
return None
Expand Down
Loading

0 comments on commit c7f5391

Please sign in to comment.