Add support for pushing tags to jira (DefectDojo#5476)

CrackerCat · Nov 21, 2021 · 310f5d4 · 310f5d4
1 parent 0d499ee
commit 310f5d4
Show file tree

Hide file tree

Showing 5 changed files with 5,462 additions and 367 deletions.
diff --git a/dojo/jira_link/helper.py b/dojo/jira_link/helper.py
@@ -478,18 +478,26 @@ def get_labels(obj):
     labels = []
     system_settings = System_Settings.objects.get()
     system_labels = system_settings.jira_labels
-    if system_labels is None:
-        return
-    else:
+    if system_labels:
         system_labels = system_labels.split()
-    if len(system_labels) > 0:
         for system_label in system_labels:
             labels.append(system_label)
-    # Update the label with the product name (underscore)
-    labels.append(prod_name(obj).replace(" ", "_"))
+        # Update the label with the product name (underscore)
+        labels.append(prod_name(obj).replace(" ", "_"))
     return labels
 
 
+def get_tags(obj):
+    # Update Label with system setttings label
+    tags = []
+    if isinstance(obj, Finding) or isinstance(obj, Engagement):
+        obj_tags = obj.tags.all()
+        if obj_tags:
+            for tag in obj_tags:
+                tags.append(str(tag.name))
+    return tags
+
+
 def jira_summary(obj):
     summary = ''
 
@@ -649,9 +657,11 @@ def add_jira_issue(obj, *args, **kwargs):
                                 }
 
         labels = get_labels(obj)
-        if labels:
+        tags = get_tags(obj)
+        jira_labels = labels + tags
+        if jira_labels:
             if 'labels' in meta['projects'][0]['issuetypes'][0]['fields']:
-                fields['labels'] = labels
+                fields['labels'] = jira_labels
 
         if System_Settings.objects.get().enable_finding_sla:
 
@@ -776,9 +786,11 @@ def update_jira_issue(obj, *args, **kwargs):
             meta = get_jira_meta(jira, jira_project)
 
         labels = get_labels(obj)
-        if labels:
+        tags = get_tags(obj)
+        jira_labels = labels + tags
+        if jira_labels:
             if 'labels' in meta['projects'][0]['issuetypes'][0]['fields']:
-                fields['labels'] = labels
+                fields['labels'] = jira_labels
 
         if 'environment' in meta['projects'][0]['issuetypes'][0]['fields']:
             fields['environment'] = jira_environment(obj)

diff --git a/dojo/unittests/test_jira_import_and_pushing_api.py b/dojo/unittests/test_jira_import_and_pushing_api.py
@@ -41,7 +41,7 @@ def __init__(self, *args, **kwargs):
         DojoVCRAPITestCase.__init__(self, *args, **kwargs)
 
     def assert_cassette_played(self):
-        if False:  # set to True when committing. set to False when recording new test cassettes
+        if True:  # set to True when committing. set to False when recording new test cassettes
             self.assertTrue(self.cassette.all_played)
 
     def _get_vcr(self, **kwargs):
@@ -496,6 +496,71 @@ def test_import_with_push_to_jira_add_comment(self):
         finding_id = findings['results'][0]['id']
 
         response = self.post_finding_notes_api(finding_id, 'testing note. creating it and pushing it to JIRA')
+        self.patch_finding_api(finding_id, {"push_to_jira": True})
+
+        # by asserting full cassette is played we know all calls to JIRA have been made as expected
+        self.assert_cassette_played()
+        return test_id
+
+    def test_import_with_push_to_jira_add_tags(self):
+        import0 = self.import_scan_with_params(self.zap_sample5_filename, push_to_jira=True)
+        test_id = import0['test']
+        self.assert_jira_issue_count_in_test(test_id, 2)
+        self.assert_jira_group_issue_count_in_test(test_id, 0)
+
+        findings = self.get_test_findings_api(test_id)
+
+        finding = Finding.objects.get(id=findings['results'][0]['id'])
+
+        tags = ['tag1', 'tag2']
+        response = self.post_finding_tags_api(finding.id, tags)
+        self.patch_finding_api(finding.id, {"push_to_jira": True})
+
+        # Connect to jira to get the new issue
+        jira_instance = jira_helper.get_jira_instance(finding)
+        jira = jira_helper.get_jira_connection(jira_instance)
+        issue = jira.issue(finding.jira_issue.jira_id)
+
+        # Assert that the tags match
+        self.assertEqual(issue.fields.labels, tags)
+
+        # by asserting full cassette is played we know all calls to JIRA have been made as expected
+        self.assert_cassette_played()
+        return test_id
+
+    def test_import_with_push_to_jira_update_tags(self):
+        import0 = self.import_scan_with_params(self.zap_sample5_filename, push_to_jira=True)
+        test_id = import0['test']
+        self.assert_jira_issue_count_in_test(test_id, 2)
+        self.assert_jira_group_issue_count_in_test(test_id, 0)
+
+        findings = self.get_test_findings_api(test_id)
+
+        finding = Finding.objects.get(id=findings['results'][0]['id'])
+
+        tags = ['tag1', 'tag2']
+        response = self.post_finding_tags_api(finding.id, tags)
+        self.patch_finding_api(finding.id, {"push_to_jira": True})
+
+        # Connect to jira to get the new issue
+        jira_instance = jira_helper.get_jira_instance(finding)
+        jira = jira_helper.get_jira_connection(jira_instance)
+        issue = jira.issue(finding.jira_issue.jira_id)
+
+        # Assert that the tags match
+        self.assertEqual(issue.fields.labels, tags)
+
+        tags_new = tags + ['tag3', 'tag4']
+        response = self.post_finding_tags_api(finding.id, tags_new)
+        self.patch_finding_api(finding.id, {"push_to_jira": True})
+
+        # Connect to jira to get the new issue
+        jira_instance = jira_helper.get_jira_instance(finding)
+        jira = jira_helper.get_jira_connection(jira_instance)
+        issue = jira.issue(finding.jira_issue.jira_id)
+
+        # Assert that the tags match
+        self.assertEqual(issue.fields.labels, tags_new)
 
         # by asserting full cassette is played we know all calls to JIRA have been made as expected
         self.assert_cassette_played()