Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

jira push error reasons should not be propagated to all channels #11738

Open
wants to merge 3 commits into
base: bugfix
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 3 additions & 3 deletions dojo/finding/views.py
Original file line number Diff line number Diff line change
Expand Up @@ -2983,7 +2983,7 @@ def finding_bulk_update_all(request, pid=None):
) = jira_helper.can_be_pushed_to_jira(group)
if not can_be_pushed_to_jira:
error_counts[error_message] += 1
jira_helper.log_jira_alert(error_message, group)
jira_helper.log_jira_cannot_be_pushed_reason(error_message, group)
else:
logger.debug(
"pushing to jira from finding.finding_bulk_update_all()",
Expand Down Expand Up @@ -3033,10 +3033,10 @@ def finding_bulk_update_all(request, pid=None):
"finding already pushed as part of Finding Group"
)
error_counts[error_message] += 1
jira_helper.log_jira_alert(error_message, finding)
jira_helper.log_jira_cannot_be_pushed_reason(error_message, finding)
elif not can_be_pushed_to_jira:
error_counts[error_message] += 1
jira_helper.log_jira_alert(error_message, finding)
jira_helper.log_jira_cannot_be_pushed_reason(error_message, finding)
else:
logger.debug(
"pushing to jira from finding.finding_bulk_update_all()",
Expand Down
21 changes: 18 additions & 3 deletions dojo/jira_link/helper.py
Original file line number Diff line number Diff line change
Expand Up @@ -513,8 +513,8 @@ def get_jira_comments(finding):
return None


# Logs the error to the alerts table, which appears in the notification toolbar
def log_jira_generic_alert(title, description):
"""Creates a notification for JIRA errors happening outside the scope of a specific (finding/group/epic) object"""
create_notification(
event="jira_update",
title=title,
Expand All @@ -523,8 +523,8 @@ def log_jira_generic_alert(title, description):
source="JIRA")


# Logs the error to the alerts table, which appears in the notification toolbar
def log_jira_alert(error, obj):
"""Creates a notification for JIRA errors when handling a specific (finding/group/epic) object"""
create_notification(
event="jira_update",
title="Error pushing to JIRA " + "(" + truncate_with_dots(prod_name(obj), 25) + ")",
Expand All @@ -535,6 +535,19 @@ def log_jira_alert(error, obj):
obj=obj)


def log_jira_cannot_be_pushed_reason(error, obj):
"""Creates an Alert for GUI display when handling a specific (finding/group/epic) object"""
create_notification(
event="jira_update",
title="Error pushing to JIRA " + "(" + truncate_with_dots(prod_name(obj), 25) + ")",
description=obj.__class__.__name__ + ": " + error,
url=obj.get_absolute_url(),
icon="bullseye",
source="Push to JIRA",
obj=obj,
alert_only=True)


# Displays an alert for Jira notifications
def log_jira_message(text, finding):
create_notification(
Expand Down Expand Up @@ -787,10 +800,12 @@ def failure_to_add_message(message: str, exception: Exception, object: Any) -> b

obj_can_be_pushed_to_jira, error_message, _error_code = can_be_pushed_to_jira(obj)
if not obj_can_be_pushed_to_jira:
# not sure why this check is not part of can_be_pushed_to_jira, but afraid to change it
if isinstance(obj, Finding) and obj.duplicate and not obj.active:
logger.warning("%s will not be pushed to JIRA as it's a duplicate finding", to_str_typed(obj))
log_jira_cannot_be_pushed_reason(error_message + " and findis a duplicate", obj)
else:
log_jira_alert(error_message, obj)
log_jira_cannot_be_pushed_reason(error_message, obj)
logger.warning("%s cannot be pushed to JIRA: %s.", to_str_typed(obj), error_message)
logger.warning("The JIRA issue will NOT be created.")
return False
Expand Down
95 changes: 52 additions & 43 deletions dojo/notifications/helper.py
Original file line number Diff line number Diff line change
Expand Up @@ -54,6 +54,7 @@ def create_notification(
no_users: bool = False, # noqa: FBT001
url: str | None = None,
url_api: str | None = None,
alert_only: bool = False, # noqa: FBT001
**kwargs: dict,
) -> None:
"""Create an instance of a NotificationManager and dispatch the notification."""
Expand Down Expand Up @@ -86,6 +87,7 @@ def create_notification(
no_users=no_users,
url=url,
url_api=url_api,
alert_only=alert_only,
**kwargs,
)

Expand Down Expand Up @@ -802,61 +804,68 @@ def _process_notifications(
)
logger.debug("process notifications for %s", notifications.user)

if self.system_settings.enable_slack_notifications and "slack" in getattr(
notifications,
event,
getattr(notifications, "other"),
):
logger.debug("Sending Slack Notification")
self._get_manager_instance("slack").send_slack_notification(
alert_only = kwargs.get("alert_only", False)
if alert_only:
logger.debug("sending alert only")

if "alert" in getattr(notifications, event, getattr(notifications, "other")):
logger.debug(f"Sending Alert to {notifications.user}")
self._get_manager_instance("alert").send_alert_notification(
event,
user=notifications.user,
**kwargs,
)

if self.system_settings.enable_msteams_notifications and "msteams" in getattr(
notifications,
event,
getattr(notifications, "other"),
):
logger.debug("Sending MSTeams Notification")
self._get_manager_instance("msteams").send_msteams_notification(
# Some errors should not be pushed to all channels, only to alerts.
# For example reasons why JIRA Issues: https://github.com/DefectDojo/django-DefectDojo/issues/11575
if not alert_only:
if self.system_settings.enable_slack_notifications and "slack" in getattr(
notifications,
event,
user=notifications.user,
**kwargs,
)
getattr(notifications, "other"),
):
logger.debug("Sending Slack Notification")
self._get_manager_instance("slack").send_slack_notification(
event,
user=notifications.user,
**kwargs,
)

if self.system_settings.enable_mail_notifications and "mail" in getattr(
notifications,
event,
getattr(notifications, "other"),
):
logger.debug("Sending Mail Notification")
self._get_manager_instance("mail").send_mail_notification(
if self.system_settings.enable_msteams_notifications and "msteams" in getattr(
notifications,
event,
user=notifications.user,
**kwargs,
)
getattr(notifications, "other"),
):
logger.debug("Sending MSTeams Notification")
self._get_manager_instance("msteams").send_msteams_notification(
event,
user=notifications.user,
**kwargs,
)

if self.system_settings.enable_webhooks_notifications and "webhooks" in getattr(
notifications,
event,
getattr(notifications, "other"),
):
logger.debug("Sending Webhooks Notification")
self._get_manager_instance("webhooks").send_webhooks_notification(
if self.system_settings.enable_mail_notifications and "mail" in getattr(
notifications,
event,
user=notifications.user,
**kwargs,
)
getattr(notifications, "other"),
):
logger.debug("Sending Mail Notification")
self._get_manager_instance("mail").send_mail_notification(
event,
user=notifications.user,
**kwargs,
)

if "alert" in getattr(notifications, event, getattr(notifications, "other")):
logger.debug(f"Sending Alert to {notifications.user}")
self._get_manager_instance("alert").send_alert_notification(
if self.system_settings.enable_webhooks_notifications and "webhooks" in getattr(
notifications,
event,
user=notifications.user,
**kwargs,
)
getattr(notifications, "other"),
):
logger.debug("Sending Webhooks Notification")
self._get_manager_instance("webhooks").send_webhooks_notification(
event,
user=notifications.user,
**kwargs,
)


@app.task(ignore_result=True)
Expand Down
9 changes: 6 additions & 3 deletions dojo/templates/base.html
Original file line number Diff line number Diff line change
Expand Up @@ -159,7 +159,7 @@
{% if request.user.is_authenticated %}
<li>
<a href="{% url 'view_profile' %}">
<i class="fa-solid fa-user fa-fw"></i>
<i class="fa-solid fa-user fa-fw"></i>
{{ request.user.username }}
</a>
</li>
Expand Down Expand Up @@ -438,7 +438,7 @@
</a>
<ul class="nav nav-second-level">
{% if "auth.view_user"|has_configuration_permission:request %}
<li>
<li>
<a href="{% url 'users' %}">
{% trans "Users" %}
</a>
Expand Down Expand Up @@ -666,7 +666,7 @@ <h3 class="no-margin-top" style="padding-bottom: 5px;">
<a class="dropdown-toggle" data-toggle="dropdown" href="">
<span class="fa-solid fa-calendar-days" aria-hidden="true"></span>
<span class="hidden-xs">{% trans "Engagements" %}
{% if product_tab.engagements > 0 %}
{% if product_tab.engagements > 0 %}
<span class="badge">{{ product_tab.engagements }}</span>
{% endif %}
</span>
Expand Down Expand Up @@ -1136,6 +1136,9 @@ <h3 class="no-margin-top" style="padding-bottom: 5px;">
{% endif %}

function htmlEscape(str) {
if (!str) {
return '';
}
return str
.replace(/\n/g, " ")
.replace(/&/g, '&amp;')
Expand Down