ThreadFix Services

assets/scripts/application.js

@@ -1,7 +1,13 @@
 $(function () {
-  $(".alert-success").delay(3000).slideUp(400, function(){
+  $(".alert-success").delay(4000).slideUp(500, function(){
     $(this).alert('close');
   });
 
   $('[data-toggle="tooltip"]').tooltip();
+
+  $(".threadfix-test").click(function(event) {
+    var $this = $(this);
+    $this.hide()
+    $this.parent().append('<span class="fa fa-spinner fa-pulse"></span>');
+  });
 })

project/boh/forms.py

@@ -44,7 +44,11 @@ class Meta:
 class ThreadFixForm(forms.ModelForm):
     class Meta:
         model = ThreadFix
-        fields = ['name', 'host', 'api_key']
+        fields = ['name', 'host', 'api_key', 'verify_ssl']
+        labels = {
+            'api_key': 'API key',
+            'verify_ssl': 'Verify SSL certificate'
+        }
         widgets = {
             'api_key': forms.PasswordInput(render_value = True)
         }

project/boh/models.py

@@ -116,12 +116,13 @@ class Meta:
 class ThreadFix(models.Model):
     """ThreadFix server connection information."""
 
-    name = models.CharField(max_length=32, unique=True, help_text='A unique name describing the ThreadFix server.')
+    name = models.CharField(max_length=32, unique=True, help_text='A unique name describing the ThreadFix service.')
     host = models.URLField(help_text='The URL for the ThreadFix server. (e.g., http://localhost:8080/threadfix/)')
     api_key = models.CharField(max_length=50, help_text='The API key can be generated on the ThreadFix API Key page.') # https://github.com/denimgroup/threadfix/blob/dev/threadfix-main/src/main/java/com/denimgroup/threadfix/service/APIKeyServiceImpl.java#L103
+    verify_ssl = models.BooleanField(default=True, help_text='Specify if API requests will verify the host\'s SSL certificate. If disabled, API requests could be intercepted by third-parties.')
 
     def __str__(self):
-        return self.name
+        return self.name + ' - ' + self.host
 
     class Meta:
         verbose_name = "ThreadFix"
@@ -249,6 +250,17 @@ class Meta:
         get_latest_by = "modified_date"
         ordering = ['name']
 
+    def data_classification_level(self):
+        dsv = self.data_sensitivity_value()
+        if dsv < 15:
+            return Application.DCL_1
+        elif dsv >= 15 and dsv < 100:
+            return Application.DCL_2
+        elif dsv >= 100 and dsv < 150:
+            return Application.DCL_3
+        else:
+            return Application.DCL_4
+
     def data_sensitivity_value(self):
         """
         Calculates the data sensitivity value.
@@ -274,17 +286,6 @@ def data_sensitivity_value(self):
 
         return dsv
 
-    def data_classification_level(self):
-        dsv = self.data_sensitivity_value()
-        if dsv < 15:
-            return Application.DCL_1
-        elif dsv >= 15 and dsv < 100:
-            return Application.DCL_2
-        elif dsv >= 100 and dsv < 150:
-            return Application.DCL_3
-        else:
-            return Application.DCL_4
-
 
 class Relation(models.Model):
     """Associates a person with an application with a role."""

project/boh/templates/boh/application/overview.html

@@ -7,44 +7,68 @@
 {% block application_content %}
 <div class="row">
   <div class="col-md-8">
-    {% if application.description %}<p>{{ application.description }}</p>{% else %}<p class="text-muted">No description</p>{% endif %}
+    {% if application.description %}<p>{{ application.description }}</p>{% else %}<p class="text-muted"><small><em>There is no description.</em></small></p>{% endif %}
   </div>
   <div class="col-md-4">
-    <table class="table table-striped">
-      <tbody>
-        <tr>
-          <td><strong>Platform</strong></td>
-          <td>{{ application.get_platform_display }}</td>
-        </tr>
-        <tr>
-          <td><strong>Lifecycle</strong></td>
-          <td>{{ application.get_lifecycle_display }}</td>
-        </tr>
-        <tr>
-          <td><strong>Origin</strong></td>
-          <td>{{ application.get_origin_display }}</td>
-        </tr>
-        <tr>
-          <td><strong>Business Criticality</strong></td>
-          <td>{{ application.get_business_criticality_display }}</td>
-        </tr>
-        <tr>
-          <td><strong>User Records</strong></td>
-          <td>{{ application.user_records|intcomma }}</td>
-        </tr>
-        <tr>
-          <td><strong>Revenue</strong></td>
-          <td>{% if application.revenue < 1000000 %}{{ application.revenue|intcomma }}{% else %}{{ application.revenue|intword }}{% endif %}</td>
-        </tr>
-      </tbody>
-    </table>
+    <div class="panel panel-default">
+      <div class="panel-heading">
+        <h3 class="panel-title"><span class="fa fa-info-circle fa-fw" aria-hidden="true"></span> Metadata</h3>
+      </div>
+      <div class="table-responsive">
+        <table class="table table-striped">
+          <tbody>
+            <tr>
+              <td><strong>Platform</strong></td>
+              <td>{{ application.get_platform_display }}</td>
+            </tr>
+            <tr>
+              <td><strong>Lifecycle</strong></td>
+              <td>{{ application.get_lifecycle_display }}</td>
+            </tr>
+            <tr>
+              <td><strong>Origin</strong></td>
+              <td>{{ application.get_origin_display }}</td>
+            </tr>
+            <tr>
+              <td><strong>Business Criticality</strong></td>
+              <td>{{ application.get_business_criticality_display }}</td>
+            </tr>
+            <tr>
+              <td><strong>User Records</strong></td>
+              <td>{{ application.user_records|intcomma }}</td>
+            </tr>
+            <tr>
+              <td><strong>Revenue</strong></td>
+              <td>{% if application.revenue < 1000000 %}{{ application.revenue|intcomma }}{% else %}{{ application.revenue|intword }}{% endif %}</td>
+            </tr>
+          </tbody>
+        </table>
+      </div>
+    </div>
 
-    <h4><span class="fa fa-tags" aria-hidden="true"></span> Tags</h4>
-    {% for tag in application.tags.all %}
-    <a href="{% url 'boh:application.list' %}?tag={{ tag.id }}" class="label" style="background-color: #{{ tag.color }};">{{ tag.name }}</a>
-    {% empty %}
-    <p class="text-muted"><small><em>There are no tags.</em></small></p>
-    {% endfor %}
+    <div class="panel panel-default">
+      <div class="panel-heading">
+        <h3 class="panel-title"><span class="fa fa-link fa-fw" aria-hidden="true"></span> Resources</h3>
+      </div>
+      <div class="list-group">
+        {% if application.threadfix %}
+        <a href="{{ application.threadfix.host }}" target="_blank" class="list-group-item text-primary">ThreadFix ({{ application.threadfix.name }}) <span class="fa fa-external-link" aria-hidden="true"></span></a>
+        {% endif %}
+      </div>
+    </div>
+
+    <div class="panel panel-default">
+      <div class="panel-heading">
+        <h3 class="panel-title"><span class="fa fa-tags fa-fw" aria-hidden="true"></span> Tags</h3>
+      </div>
+      <div class="panel-body">
+        {% for tag in application.tags.all %}
+        <a href="{% url 'boh:application.list' %}?tag={{ tag.id }}" class="label" style="background-color: #{{ tag.color }};">{{ tag.name }}</a>
+        {% empty %}
+        <small class="text-muted"><em>There are no tags.</em></small>
+        {% endfor %}
+      </div>
+    </div>
   </div>
 </div>
 {% endblock application_content %}

project/boh/templates/boh/application/settings/base_settings.html

@@ -8,16 +8,16 @@
         <h3 class="panel-title"><span class="fa fa-cogs" aria-hidden="true"></span> Application Settings</h3>
       </div>
       <div class="list-group">
-        <a href="{% url 'boh:application.settings.general' application.id %}" class="list-group-item{% if active_side == 'general' %} active{% endif %}"><span class="fa fa-book" aria-hidden="true"></span> General</a>
-        <a href="{% url 'boh:application.settings.metadata' application.id %}" class="list-group-item{% if active_side == 'metadata' %} active{% endif %}"><span class="fa fa-info-circle" aria-hidden="true"></span> Metadata</a>
-        <a href="{% url 'boh:application.settings.data-elements' application.id %}" class="list-group-item{% if active_side == 'data_elements' %} active{% endif %}"><span class="fa fa-cubes" aria-hidden="true"></span> Data Elements</a>
-        <a href="" class="list-group-item disabled{% if active_side == 'sla' %} active{% endif %}"><span class="fa fa-umbrella" aria-hidden="true"></span> Service Level Agreements</a>
-        <a href="{% url 'boh:application.settings.services' application.id %}" class="list-group-item{% if active_side == 'services' %} active{% endif %}"><span class="fa fa-plug" aria-hidden="true"></span> Services</a>
+        <a href="{% url 'boh:application.settings.general' application.id %}" class="list-group-item{% if active_side == 'general' %} active{% endif %}"><span class="fa fa-book fa-fw" aria-hidden="true"></span> General</a>
+        <a href="{% url 'boh:application.settings.metadata' application.id %}" class="list-group-item{% if active_side == 'metadata' %} active{% endif %}"><span class="fa fa-info-circle fa-fw" aria-hidden="true"></span> Metadata</a>
+        <a href="{% url 'boh:application.settings.data-elements' application.id %}" class="list-group-item{% if active_side == 'data_elements' %} active{% endif %}"><span class="fa fa-cubes fa-fw" aria-hidden="true"></span> Data Elements</a>
+        <a href="" class="list-group-item disabled{% if active_side == 'sla' %} active{% endif %}"><span class="fa fa-umbrella fa-fw" aria-hidden="true"></span> Service Level Agreements</a>
+        <a href="{% url 'boh:application.settings.services' application.id %}" class="list-group-item{% if active_side == 'services' %} active{% endif %}"><span class="fa fa-plug fa-fw" aria-hidden="true"></span> Services</a>
       </div>
     </div>
     <div class="panel panel-default">
       <div class="list-group">
-        <a href="{% url 'boh:application.settings.danger' application.id %}" class="list-group-item{% if active_side == 'danger' %} active{% endif %}"><span class="fa fa-bomb" aria-hidden="true"></span> Danger Zone</a>
+        <a href="{% url 'boh:application.settings.danger' application.id %}" class="list-group-item{% if active_side == 'danger' %} active{% endif %}"><span class="fa fa-bomb fa-fw" aria-hidden="true"></span> Danger Zone</a>
       </div>
     </div>
   </div>

project/boh/templates/boh/management/base_management.html

@@ -10,18 +10,18 @@
         <h3 class="panel-title">Manage Settings</h3>
       </div>
       <div class="list-group">
-        <a href="#" class="list-group-item{% if active == 'organizations' %} active{% endif %} disabled"><span class="fa fa-building" aria-hidden="true"></span> Organizations</a>
-        <a href="#" class="list-group-item{% if active == 'tags' %} active{% endif %} disabled"><span class="fa fa-tags" aria-hidden="true"></span> Application Tags</a>
-        <a href="#" class="list-group-item{% if active == 'tags' %} active{% endif %} disabled"><span class="fa fa-clock-o" aria-hidden="true"></span> Activity Types</a>
-        <a href="#" class="list-group-item{% if active == 'tags' %} active{% endif %} disabled"><span class="fa fa-cubes" aria-hidden="true"></span> Data Elements</a>
-        <a href="#" class="list-group-item{% if active == 'tags' %} active{% endif %} disabled"><span class="fa fa-umbrella" aria-hidden="true"></span> Service Levels</a>
-        <a href="{% url 'boh:management.services' %}" class="list-group-item{% if active == 'services' %} active{% endif %}"><span class="fa fa-plug" aria-hidden="true"></span> Services</a>
-        <a href="{% url 'boh:management.users' %}" class="list-group-item{% if active == 'users' %} active{% endif %}"><span class="fa fa-users" aria-hidden="true"></span> Users</a>
+        <a href="#" class="list-group-item{% if active == 'organizations' %} active{% endif %} disabled"><span class="fa fa-building fa-fw" aria-hidden="true"></span> Organizations</a>
+        <a href="#" class="list-group-item{% if active == 'tags' %} active{% endif %} disabled"><span class="fa fa-tags fa-fw" aria-hidden="true"></span> Application Tags</a>
+        <a href="#" class="list-group-item{% if active == 'tags' %} active{% endif %} disabled"><span class="fa fa-clock-o fa-fw" aria-hidden="true"></span> Activity Types</a>
+        <a href="#" class="list-group-item{% if active == 'tags' %} active{% endif %} disabled"><span class="fa fa-cubes fa-fw" aria-hidden="true"></span> Data Elements</a>
+        <a href="#" class="list-group-item{% if active == 'tags' %} active{% endif %} disabled"><span class="fa fa-umbrella fa-fw" aria-hidden="true"></span> Service Levels</a>
+        <a href="{% url 'boh:management.services' %}" class="list-group-item{% if active == 'services' %} active{% endif %}"><span class="fa fa-plug fa-fw" aria-hidden="true"></span> Services</a>
+        <a href="{% url 'boh:management.users' %}" class="list-group-item{% if active == 'users' %} active{% endif %}"><span class="fa fa-users fa-fw" aria-hidden="true"></span> Users</a>
       </div>
     </div>
     <div class="panel panel-default">
       <div class="list-group">
-        <a href="{% url 'admin:index' %}" target="_blank" class="list-group-item"><span class="fa fa-user-secret" aria-hidden="true"></span> Django Site Admin</a>
+        <a href="{% url 'admin:index' %}" target="_blank" class="list-group-item"><span class="fa fa-user-secret fa-fw" aria-hidden="true"></span> Django Site Admin</a>
       </div>
     </div>
   </div>

project/boh/templates/boh/management/services.html

@@ -13,7 +13,7 @@ <h3 class="panel-title">ThreadFix Services</h3>
         <tr>
           <th>Name</th>
           <th>Host</th>
-          <th>Applications</th>
+          <th>Verify SSL</th>
           <th colspan="3">Actions</th>
         </tr>
       </thead>
@@ -22,9 +22,9 @@ <h3 class="panel-title">ThreadFix Services</h3>
         <tr>
           <td>{{ threadfix.name }}</td>
           <td><a href="{{ threadfix.host }}" target="_blank">{{ threadfix.host }} <span class="fa fa-external-link" aria-hidden="true"></span></a></td>
-          <td>{{ threadfix.application_set.count }}</td>
+          <td>{% if threadfix.verify_ssl %}<span class="fa fa-check text-success" aria-hidden="true"></span>{% else %}<span class="fa fa-times text-danger" aria-hidden="true"></span>{% endif %}</td>
           <td><a href="{% url 'boh:management.services.threadfix.edit' threadfix.id %}">Edit</a></td>
-          <td class="text-muted">Test</td>
+          <td><a class="threadfix-test" href="{% url 'boh:management.services.threadfix.test' threadfix.id %}">Test</a></td>
           <td class="text-muted">Import</td>
         </tr>
         {% endfor %}

project/boh/templates/boh/management/threadfix/add.html

@@ -13,6 +13,7 @@ <h3 class="panel-title">Add ThreadFix Service</h3>
       {% include "boh/snippets/form/_general.html" with control=threadfix_form.name %}
       {% include "boh/snippets/form/_general.html" with control=threadfix_form.host %}
       {% include "boh/snippets/form/_general.html" with control=threadfix_form.api_key %}
+      {% include "boh/snippets/form/_checkbox.html" with control=threadfix_form.verify_ssl %}
     </div>
     <div class="panel-footer">
       <button class="btn btn-primary" type="submit">Add ThreadFix Service</button>

project/boh/templates/boh/management/threadfix/edit.html

@@ -13,20 +13,19 @@ <h3 class="panel-title">Edit ThreadFix Service</h3>
       {% include "boh/snippets/form/_general.html" with control=threadfix_form.name %}
       {% include "boh/snippets/form/_general.html" with control=threadfix_form.host %}
       {% include "boh/snippets/form/_general.html" with control=threadfix_form.api_key %}
+      {% include "boh/snippets/form/_checkbox.html" with control=threadfix_form.verify_ssl %}
     </div>
-    <div class="panel-footer clearfix">
-      <div class="pull-right">
-        <form method="post" action="{% url 'boh:management.services.threadfix.delete' threadfix.id %}">
-          {% csrf_token %}
-          <button class="btn btn-danger" type="submit" onclick="return confirm('Are you sure want to delete this ThreadFix service?');">Delete</button>
-        </form>
-      </div>
-
+    <div class="panel-footer">
       <button class="btn btn-primary" type="submit">Update<span class="hidden-xs"> ThreadFix Service</span></button>
       <a href="{% url 'boh:management.services' %}" class="btn btn-default" role="button">Cancel</a>
     </div>
   </div>
 </form>
+<form method="post" action="{% url 'boh:management.services.threadfix.delete' threadfix.id %}">
+  {% csrf_token %}
+  <button class="btn btn-danger pull-right" type="submit" onclick="return confirm('Are you sure want to delete this ThreadFix service?');">Delete ThreadFix Service</button>
+</form>
+
 
 
 {% endblock manage_content %}

project/boh/templates/boh/organization/settings/base_settings.html

@@ -8,12 +8,12 @@
         <h3 class="panel-title"><span class="fa fa-cogs" aria-hidden="true"></span> Organization Settings</h3>
       </div>
       <div class="list-group">
-        <a href="{% url 'boh:organization.settings.general' organization.id %}" class="list-group-item{% if active_side == 'general' %} active{% endif %}"><span class="fa fa-book" aria-hidden="true"></span> General</a>
+        <a href="{% url 'boh:organization.settings.general' organization.id %}" class="list-group-item{% if active_side == 'general' %} active{% endif %}"><span class="fa fa-book fa-fw" aria-hidden="true"></span> General</a>
       </div>
     </div>
     <div class="panel panel-default">
       <div class="list-group">
-        <a href="{% url 'boh:organization.settings.danger' organization.id %}" class="list-group-item{% if active_side == 'danger' %} active{% endif %}"><span class="fa fa-bomb" aria-hidden="true"></span> Danger Zone</a>
+        <a href="{% url 'boh:organization.settings.danger' organization.id %}" class="list-group-item{% if active_side == 'danger' %} active{% endif %}"><span class="fa fa-bomb fa-fw" aria-hidden="true"></span> Danger Zone</a>
       </div>
     </div>
   </div>

project/boh/templatetags/icon_filters.py

@@ -6,7 +6,7 @@
 register = template.Library()
 
 def icon(name, tooltip):
-    return '<span class="fa fa-' + name + '" aria-hidden="true" data-toggle="tooltip" title="' + tooltip + '"></span>'
+    return '<span class="fa fa-' + name + ' fa-fw" aria-hidden="true" data-toggle="tooltip" title="' + tooltip + '"></span>'
 
 @register.filter
 def platform_icon(value):

project/boh/urls.py

@@ -14,6 +14,7 @@
     url(r'^manage/services/$', views.management_services, name='management.services'),
     url(r'^manage/services/threadfix/add', views.management_services_threadfix_add, name='management.services.threadfix.add'),
     url(r'^manage/services/threadfix/(?P<threadfix_id>\d+)/edit', views.management_services_threadfix_edit, name='management.services.threadfix.edit'),
+    url(r'^manage/services/threadfix/(?P<threadfix_id>\d+)/test', views.management_services_threadfix_test, name='management.services.threadfix.test'),
     url(r'^manage/services/threadfix/(?P<threadfix_id>\d+)/delete', views.management_services_threadfix_delete, name='management.services.threadfix.delete'),
     url(r'^manage/users/$', views.management_users, name='management.users'),