diff --git a/dojo/forms.py b/dojo/forms.py index 810acb880b..61a8be824c 100644 --- a/dojo/forms.py +++ b/dojo/forms.py @@ -847,7 +847,7 @@ class RiskAcceptanceForm(EditRiskAcceptanceForm): help_text=("Active, verified findings listed, please select to add findings.")) notes = forms.CharField(required=False, max_length=2400, widget=forms.Textarea, - label="Notes") # TODO: here as well? + label="Notes") class Meta: model = Risk_Acceptance @@ -863,6 +863,8 @@ def __init__(self, *args, **kwargs): self.fields["expiration_date"].initial = expiration_date # self.fields['path'].help_text = 'Existing proof uploaded: %s' % self.instance.filename() if self.instance.filename() else 'None' self.fields["accepted_findings"].queryset = get_authorized_findings(Permissions.Risk_Acceptance) + if disclaimer := get_system_setting("disclaimer_notes"): + self.disclaimer = disclaimer.strip() class BaseManageFileFormSet(forms.BaseModelFormSet): @@ -1565,13 +1567,15 @@ class FindingBulkUpdateForm(forms.ModelForm): # unlink_from_jira = forms.BooleanField(required=False) push_to_github = forms.BooleanField(required=False) tags = TagField(required=False, autocomplete_tags=Finding.tags.tag_model.objects.all().order_by("name")) - notes = forms.CharField(required=False, max_length=1024, widget=forms.TextInput(attrs={"class": "form-control"})) # TODO: Here as well? + notes = forms.CharField(required=False, max_length=1024, widget=forms.TextInput(attrs={"class": "form-control"})) def __init__(self, *args, **kwargs): super().__init__(*args, **kwargs) self.fields["severity"].required = False # we need to defer initialization to prevent multiple initializations if other forms are shown self.fields["tags"].widget.tag_options = tagulous.models.options.TagOptions(autocomplete_settings={"width": "200px", "defer": True}) + if disclaimer := get_system_setting("disclaimer_notes"): + self.disclaimer = disclaimer.strip() def clean(self): cleaned_data = super().clean() @@ -1709,7 +1713,7 @@ class Meta: class NoteForm(forms.ModelForm): entry = forms.CharField(max_length=2400, widget=forms.Textarea(attrs={"rows": 4, "cols": 15}), - label="Notes:") # TODO: Here + label="Notes:") class Meta: model = Notes @@ -1748,7 +1752,7 @@ class CloseFindingForm(forms.ModelForm): widget=forms.Textarea, label="Notes:", error_messages={"required": ("The reason for closing a finding is " "required, please use the text area " - "below to provide documentation.")}) # TODO: here as well + "below to provide documentation.")}) mitigated = forms.DateField(required=False, help_text="Date and time when the flaw has been fixed", widget=forms.TextInput(attrs={"class": "datepicker", "autocomplete": "off"})) mitigated_by = forms.ModelChoiceField(required=False, queryset=Dojo_User.objects.none()) @@ -1771,6 +1775,8 @@ def __init__(self, *args, **kwargs): self.fields["mitigated_by"].queryset = get_authorized_users(Permissions.Test_Edit) self.fields["mitigated"].initial = self.instance.mitigated self.fields["mitigated_by"].initial = self.instance.mitigated_by + if disclaimer := get_system_setting("disclaimer_notes"): + self.disclaimer = disclaimer.strip() def _post_clean(self): super()._post_clean() @@ -1817,12 +1823,17 @@ class DefectFindingForm(forms.ModelForm): widget=forms.Textarea, label="Notes:", error_messages={"required": ("The reason for closing a finding is " "required, please use the text area " - "below to provide documentation.")}) # TODO: Here as well + "below to provide documentation.")}) class Meta: model = Notes fields = ["entry"] + def __init__(self, *args, **kwargs): + super().__init__(*args, **kwargs) + if disclaimer := get_system_setting("disclaimer_notes"): + self.disclaimer = disclaimer.strip() + class ClearFindingReviewForm(forms.ModelForm): entry = forms.CharField( @@ -1831,12 +1842,17 @@ class ClearFindingReviewForm(forms.ModelForm): widget=forms.Textarea, label="Notes:", error_messages={"required": ("The reason for clearing a review is " "required, please use the text area " - "below to provide documentation.")}) # TODO: here as well? + "below to provide documentation.")}) class Meta: model = Finding fields = ["active", "verified", "false_p", "out_of_scope", "duplicate", "is_mitigated"] + def __init__(self, *args, **kwargs): + super().__init__(*args, **kwargs) + if disclaimer := get_system_setting("disclaimer_notes"): + self.disclaimer = disclaimer.strip() + class ReviewFindingForm(forms.Form): reviewers = forms.MultipleChoiceField( @@ -1851,7 +1867,7 @@ class ReviewFindingForm(forms.Form): widget=forms.Textarea, label="Notes:", error_messages={"required": ("The reason for requesting a review is " "required, please use the text area " - "below to provide documentation.")}) # TODO: here as well? + "below to provide documentation.")}) allow_all_reviewers = forms.BooleanField( required=False, label="Allow All Eligible Reviewers", @@ -1874,6 +1890,8 @@ def __init__(self, *args, **kwargs): self.reviewer_queryset = users # Set the users in the form self.fields["reviewers"].choices = self._get_choices(self.reviewer_queryset) + if disclaimer := get_system_setting("disclaimer_notes"): + self.disclaimer = disclaimer.strip() @staticmethod def _get_choices(queryset): @@ -2746,7 +2764,7 @@ class Meta: class EngagementPresetsForm(forms.ModelForm): notes = forms.CharField(widget=forms.Textarea(attrs={}), - required=False, help_text="Description of what needs to be tested or setting up environment for testing") # TODO: here as well? + required=False, help_text="Description of what needs to be tested or setting up environment for testing") scope = forms.CharField(widget=forms.Textarea(attrs={}), required=False, help_text="Scope of Engagement testing, IP's/Resources/URL's)") @@ -2755,6 +2773,11 @@ class Meta: model = Engagement_Presets exclude = ["product"] + def __init__(self, *args, **kwargs): + super().__init__(*args, **kwargs) + if disclaimer := get_system_setting("disclaimer_notes"): + self.disclaimer = disclaimer.strip() + class DeleteEngagementPresetsForm(forms.ModelForm): id = forms.IntegerField(required=True, diff --git a/dojo/templates/dojo/findings_list_snippet.html b/dojo/templates/dojo/findings_list_snippet.html index 51e85ab8d1..c83ba1f22f 100644 --- a/dojo/templates/dojo/findings_list_snippet.html +++ b/dojo/templates/dojo/findings_list_snippet.html @@ -253,6 +253,12 @@

{{ bulk_edit_form.media.js }} {% endcomment %} {{ bulk_edit_form.tags }} + {% if bulk_edit_form.disclaimer %} +
+
Disclaimer
+
{{ bulk_edit_form.disclaimer }}
+
+ {% endif %} diff --git a/dojo/templates/dojo/form_fields.html b/dojo/templates/dojo/form_fields.html index afe8e18f4e..6af19a96aa 100644 --- a/dojo/templates/dojo/form_fields.html +++ b/dojo/templates/dojo/form_fields.html @@ -16,13 +16,6 @@ {{ field }} {% endfor %} -{% if form.disclaimer %} -
- Disclaimer
-

{{ form.disclaimer }}

-
-{% endif %} - {% for field in form.visible_fields %}
{% if field|is_checkbox %} @@ -87,4 +80,11 @@
{% endif %} -{% endfor %} \ No newline at end of file +{% endfor %} + +{% if form.disclaimer %} +
+
Disclaimer
+
{{ form.disclaimer }}
+
+{% endif %} diff --git a/dojo/templates/dojo/view_test.html b/dojo/templates/dojo/view_test.html index a4e0390b91..e551c4858e 100644 --- a/dojo/templates/dojo/view_test.html +++ b/dojo/templates/dojo/view_test.html @@ -848,6 +848,12 @@

{{ bulk_edit_form.media.css }} {{ bulk_edit_form.media.js }} {{ bulk_edit_form.tags }} + {% if bulk_edit_form.disclaimer %} +
+
Disclaimer
+
{{ bulk_edit_form.disclaimer }}
+
+ {% endif %}