From c71a428c5cd9d202650846ec9da327bf2aeb0c4b Mon Sep 17 00:00:00 2001 From: Yogesh Ojha Date: Sat, 2 Dec 2023 05:24:58 +0530 Subject: [PATCH 1/4] Added initiated_by, aborted_by in model Signed-off-by: Yogesh Ojha --- .../migrations/0056_auto_20231201_2354.py | 26 +++++++++++++++++++ web/startScan/models.py | 4 +++ 2 files changed, 30 insertions(+) create mode 100644 web/startScan/migrations/0056_auto_20231201_2354.py diff --git a/web/startScan/migrations/0056_auto_20231201_2354.py b/web/startScan/migrations/0056_auto_20231201_2354.py new file mode 100644 index 000000000..6ca840c1e --- /dev/null +++ b/web/startScan/migrations/0056_auto_20231201_2354.py @@ -0,0 +1,26 @@ +# Generated by Django 3.2.4 on 2023-12-01 23:54 + +from django.conf import settings +from django.db import migrations, models +import django.db.models.deletion + + +class Migration(migrations.Migration): + + dependencies = [ + migrations.swappable_dependency(settings.AUTH_USER_MODEL), + ('startScan', '0055_remove_dork_description'), + ] + + operations = [ + migrations.AddField( + model_name='scanhistory', + name='aborted_by', + field=models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.SET_NULL, related_name='aborted_scans', to=settings.AUTH_USER_MODEL), + ), + migrations.AddField( + model_name='scanhistory', + name='initiated_by', + field=models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.CASCADE, related_name='initiated_scans', to=settings.AUTH_USER_MODEL), + ), + ] diff --git a/web/startScan/models.py b/web/startScan/models.py index 5423a28a6..2f09de7fd 100644 --- a/web/startScan/models.py +++ b/web/startScan/models.py @@ -1,5 +1,6 @@ from urllib.parse import urlparse from django.apps import apps +from django.contrib.auth.models import User from django.contrib.postgres.fields import ArrayField from django.db import models from django.utils import timezone @@ -45,6 +46,9 @@ class ScanHistory(models.Model): employees = models.ManyToManyField('Employee', related_name='employees', blank=True) buckets = models.ManyToManyField('S3Bucket', related_name='buckets', blank=True) dorks = models.ManyToManyField('Dork', related_name='dorks', blank=True) + initiated_by = models.ForeignKey(User, on_delete=models.CASCADE, related_name='initiated_scans', blank=True, null=True) + aborted_by = models.ForeignKey(User, on_delete=models.SET_NULL, null=True, blank=True, related_name='aborted_scans') + def __str__(self): return self.domain.name From f76de49cb40f74a36409ec28eddb6cdf966adab9 Mon Sep 17 00:00:00 2001 From: Yogesh Ojha Date: Mon, 4 Dec 2023 07:48:53 +0530 Subject: [PATCH 2/4] Added initiated by on start scan create_scan_object --- web/startScan/views.py | 21 +++++++++++++++++---- 1 file changed, 17 insertions(+), 4 deletions(-) diff --git a/web/startScan/views.py b/web/startScan/views.py index 182aaffb6..734943600 100644 --- a/web/startScan/views.py +++ b/web/startScan/views.py @@ -270,7 +270,11 @@ def start_scan_ui(request, slug, domain_id): engine_id = request.POST['scan_mode'] # Create ScanHistory object - scan_history_id = create_scan_object(domain_id, engine_id) + scan_history_id = create_scan_object( + domain_id, + engine_id, + request.user + ) scan = ScanHistory.objects.get(pk=scan_history_id) # Start the celery task @@ -323,7 +327,11 @@ def start_multiple_scan(request, slug): for domain_id in list_of_domains.split(","): # Start the celery task - scan_history_id = create_scan_object(domain_id, engine_id) + scan_history_id = create_scan_object( + domain_id, + engine_id, + request.user + ) # domain = get_object_or_404(Domain, id=domain_id) kwargs = { @@ -621,7 +629,7 @@ def change_vuln_status(request, id): return HttpResponse('') -def create_scan_object(host_id, engine_id): +def create_scan_object(host_id, engine_id, initiated_by): ''' create task with pending status so that celery task will execute when threads are free @@ -636,6 +644,7 @@ def create_scan_object(host_id, engine_id): scan.domain = domain scan.scan_type = engine scan.start_scan_date = current_scan_time + scan.initiated_by = initiated_by scan.save() # save last scan date for domain model domain.start_scan_date = current_scan_time @@ -684,7 +693,11 @@ def start_organization_scan(request, id, slug): # Start Celery task for each organization's domains for domain in organization.get_domains(): - scan_history_id = create_scan_object(domain.id, engine_id) + scan_history_id = create_scan_object( + domain.id, + engine_id, + request.user + ) scan = ScanHistory.objects.get(pk=scan_history_id) kwargs = { From fee82119da058cfa3da405a14cfed36851433a33 Mon Sep 17 00:00:00 2001 From: Yogesh Ojha Date: Mon, 4 Dec 2023 07:49:15 +0530 Subject: [PATCH 3/4] Added aborted user details --- web/api/views.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/web/api/views.py b/web/api/views.py index 8bcf46a84..10a3d6719 100644 --- a/web/api/views.py +++ b/web/api/views.py @@ -712,6 +712,7 @@ def post(self, request): task_ids = scan.celery_ids scan.scan_status = ABORTED_TASK scan.stop_scan_date = timezone.now() + scan.aborted_by = request.user scan.save() create_scan_activity( scan.id, @@ -958,7 +959,7 @@ def get(self, request): return Response({'status': False, 'message': 'Not Found'}) elif not response: return Response({'status': False, 'message': 'Not Found'}) - + # only send latest release response = response[0] From d4318f76ba946c66ff0889185268d1e49ffa1278 Mon Sep 17 00:00:00 2001 From: Yogesh Ojha Date: Mon, 4 Dec 2023 07:49:31 +0530 Subject: [PATCH 4/4] show user details on scan history --- web/startScan/templates/startScan/history.html | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/web/startScan/templates/startScan/history.html b/web/startScan/templates/startScan/history.html index 4af7877e6..3221c800b 100644 --- a/web/startScan/templates/startScan/history.html +++ b/web/startScan/templates/startScan/history.html @@ -80,6 +80,7 @@

Filters

Summary Scan Engine Used Last Scan + Initiated By Status Progress Action @@ -108,6 +109,9 @@

Filters

{{scan_history.start_scan_date|naturaltime}} + + {{scan_history.initiated_by.username}} + {% if scan_history.scan_status == -1 %} Pending @@ -120,6 +124,8 @@

Filters

Successful {% elif scan_history.scan_status == 3 %} Aborted +
+ Aborted by: {{scan_history.aborted_by}} {% else %} Unknown {% endif %}