Commit fb2ffeb6 authored by Elger Jonker's avatar Elger Jonker

icons on buttons, improved listing to determine actions

parent caa97fc1
......@@ -773,11 +773,9 @@ def significant_times(organization=None, url=None):
# make sure the URL ratings are up to date, they will check endpoints and such.
# probably not used anymore
# def rate_organizations(organizations, when=""):
# # since a url can now have multiple organizations, you should rate each one separately
# for organization in organizations.all():
# rate_organization(organization, when)
def rate_selected_organizations(organizations, when=""):
for organization in organizations:
rate_organization(organization, when)
def rate_organization(organization, when=""):
......@@ -790,8 +788,8 @@ def rate_organization(organization, when=""):
total_rating = 0
# todo: closing off urls, after no relevant endpoints, but still resolvable.
urls = get_relevant_urls_at_timepoint(organization=organization,
when=when)
urls = get_relevant_urls_at_timepoint(organization=organization, when=when)
all_url_ratings = []
calculation_json = []
for url in urls:
......
from datetime import datetime # admin functions
from datetime import datetime
import pytz # admin functions
import pytz
import logging
from django.contrib import admin
from jet.admin import CompactInline
from ..app.models import Job
from ..map.determineratings import OrganizationRating, UrlRating, rate_organization, rate_urls
from ..scanners.models import Endpoint
from ..scanners.scanner_dns import brute_known_subdomains, certificate_transparency
from ..scanners.scanner_http import scan_urls_on_standard_ports
from ..scanners.scanner_plain_http import scan_urls as plain_http_scan_urls
from ..scanners.scanner_screenshot import screenshot_urls
from ..scanners.scanner_security_headers import scan_urls as security_headers_scan_urls
from ..scanners.scanner_tls_qualys import ScannerTlsQualys
from failmap_admin.map.determineratings import (OrganizationRating, UrlRating, rate_organization,
rate_selected_organizations, rate_urls)
from failmap_admin.scanners.models import Endpoint
from failmap_admin.scanners.scanner_dns import brute_known_subdomains, certificate_transparency
from failmap_admin.scanners.scanner_http import scan_urls_on_standard_ports
from failmap_admin.scanners.scanner_plain_http import scan_urls as plain_http_scan_urls
from failmap_admin.scanners.scanner_screenshot import screenshot_urls
from failmap_admin.scanners.scanner_security_headers import scan_urls as security_headers_scan_urls
from failmap_admin.scanners.scanner_tls_qualys import ScannerTlsQualys
from .models import Coordinate, Organization, OrganizationType, Url
# Solved: http://stackoverflow.com/questions/11754877/
# troubleshooting-related-field-has-invalid-lookup-icontains
# while correct, error should point to ModelAdmin.search fields documentation
logger = logging.getLogger(__name__)
class UrlAdminInline(CompactInline):
......@@ -97,14 +99,14 @@ class UrlAdmin(admin.ModelAdmin):
class Media:
js = ('js/action_buttons.js', )
list_display = ('url', 'is_dead_reason', 'not_resolvable', 'created_on')
list_display = ('url', 'endpoints', 'onboarded', 'uses_dns_wildcard', 'is_dead', 'not_resolvable')
search_fields = ('url', )
list_filter = ('url', 'is_dead', 'is_dead_since', 'is_dead_reason',
'not_resolvable', 'uses_dns_wildcard', 'organization')
fieldsets = (
(None, {
'fields': ('url', 'organization', 'created_on')
'fields': ('url', 'organization', 'created_on', 'onboarded')
}),
('DNS', {
'fields': ('uses_dns_wildcard', ),
......@@ -116,42 +118,56 @@ class UrlAdmin(admin.ModelAdmin):
'fields': ('is_dead', 'is_dead_since', 'is_dead_reason'),
}),
)
readonly_fields = ['created_on']
def is_dead(self):
if self.something == '1':
return True
return False
readonly_fields = ['created_on', 'onboarded']
is_dead.boolean = True
is_dead = property(is_dead)
def endpoints(self, obj: Url):
return obj.endpoint_set.count()
inlines = [EndpointAdminInline, UrlRatingAdminInline]
actions = []
def onboard(self, request, queryset):
# todo, sequentially doesn't matter if you only use tasks :)
# currently it might crash given there are no endpoints yet to process...
for url in queryset:
if url.is_top_level():
brute_known_subdomains([url])
certificate_transparency([url])
scan_urls_on_standard_ports([url]) # discover endpoints
plain_http_scan_urls([url]) # see if there is missing https
security_headers_scan_urls([url])
screenshot_urls([url])
url.onboarded = True
url.onboarded_on = datetime.now(pytz.utc)
url.save()
self.message_user(request, "Onboard: Done")
actions.append('onboard')
onboard.short_description = "🔮 Onboard (dns, endpoints, scans, screenshot)"
def dns_certificate_transparency(self, request, queryset):
certificate_transparency([url for url in queryset])
self.message_user(request, "URL(s) have been scanned on known subdomains: Done")
actions.append('dns_certificate_transparency')
dns_certificate_transparency.short_description = "Discover subdomains (using certificate transparency)"
dns_certificate_transparency.short_description = "🗺 Discover subdomains (using certificate transparency)"
def dns_known_subdomains(self, request, queryset):
brute_known_subdomains([url for url in queryset])
self.message_user(request, "Discover subdomains (using known subdomains): Done")
dns_known_subdomains.short_description = "Discover subdomains (using known subdomains)"
dns_known_subdomains.short_description = "🗺 Discover subdomains (using known subdomains)"
actions.append('dns_known_subdomains')
def discover_http_endpoints(self, request, queryset):
scan_urls_on_standard_ports([url for url in queryset])
self.message_user(request, "Discover http(s) endpoints: Done")
discover_http_endpoints.short_description = "Discover http(s) endpoints"
discover_http_endpoints.short_description = "🗺 Discover http(s) endpoints"
actions.append('discover_http_endpoints')
def scan_tls_qualys(self, request, queryset):
ScannerTlsQualys().scan([url.url for url in queryset])
self.message_user(request, "Scan TLS (qualys, slow): Scheduled with Priority")
scan_tls_qualys.short_description = "Scan TLS (qualys, slow)"
scan_tls_qualys.short_description = "🔬 Scan TLS (qualys, slow)"
actions.append('scan_tls_qualys')
def security_headers(self, request, queryset):
......@@ -161,31 +177,32 @@ class UrlAdmin(admin.ModelAdmin):
name = "Scan Security Headers (%s) " % str(urls)
job = Job.create(task, name, request)
self.message_user(request, "%s: job created, id:%s" % (name, str(job)))
security_headers.short_description = "Scan Security Headers"
security_headers.short_description = "🔬 Scan Security Headers"
actions.append('security_headers')
def plain_http_scan(self, request, queryset):
plain_http_scan_urls([url for url in queryset])
self.message_user(request, "Scan Plain Http: done")
plain_http_scan.short_description = "Scan Plain Http"
plain_http_scan.short_description = "🔬 Scan Plain Http"
actions.append('plain_http_scan')
def screenshots(self, request, queryset):
screenshot_urls([url for url in queryset])
self.message_user(request, "Create screenshot: Done")
screenshots.short_description = "Create screenshot"
screenshots.short_description = "📷 Create screenshot"
actions.append('screenshots')
def rate_url(self, request, queryset):
rate_urls([url for url in queryset])
self.message_user(request, "Rate Url: done")
rate_url.short_description = "Rate Url"
rate_url.short_description = "Rate Url"
actions.append('rate_url')
def rate_organization_(self, request, queryset):
rate_organization([url.organization for url in queryset])
print(list(url.organization.all()) for url in queryset)
rate_selected_organizations(list(url.organization.all()) for url in queryset)
self.message_user(request, "Rate Organization: done")
rate_organization_.short_description = "Rate Organization"
rate_organization_.short_description = "Rate Organization"
actions.append('rate_organization_')
def declare_dead(self, request, queryset):
......@@ -195,7 +212,7 @@ class UrlAdmin(admin.ModelAdmin):
url.is_dead_since = datetime.now(pytz.utc)
url.save()
self.message_user(request, "Declare dead: Done")
declare_dead.short_description = "Declare dead"
declare_dead.short_description = "🔪 Declare dead"
actions.append('declare_dead')
......
gezondleven
sporen
waarmerk
offwa
acc.piwik
gatekeeper
sociaalplein
rislittens
autodiscover.iba
cag
water
acc.web.secure
tloket
awmag
ro
t2.datapunt
flexiprint
hub
webaccess
www.bekendmakingen
gwpprod
www.portal.edu
app2
oogst
halcloud
spijktest
s2got
drugs
www.noord
zorg-cert
centrumgebied
docs
www.vga
vpn.secure
milieucentrum
economie
geo1
api.secure
mailcamp
gemeentelijkbelastingkantoor
testportal
klic
klantportaaltest
www.gemeentearchief
portal.ggd
bestuur
www.participatiewebshop
alsb
secure-test
fileshare
werkplek
jcc
conference
mo-acc
byod
sbvz.ggd
szc
melding
aanmelding-voormelding
lsweb-ext
spin
acc.kibana.parkeren.data
iwriter
subsidieaanvraag
veenkolonien
ib-timetellweb
www.ondernemen
werknemersportaal
smtp2
www.duurzaam
werkenbij
cmszaanzoeker
medezeggenschap
mks.brievenbus
mobile-test
t1.datapunt
concern
ares
wonenwelzijnenzorg
www.buurthuisvandetoekomst
pmb-timetellweb
prod-digikoppeling
maakcentrumoost
planonselfservice
rss
lvolo-prod
hulp
harmony
geopoort
acc.t2.data
www.portal.edu
adw
petear
webxs
voormeldingen
grafana.datapunt
zorgwijzer
eformulieren
adviesraden
smc
civieleprojecten
zec
afspraken2
g-rooster
hob
www.gemeente
devisie2020
winkel-ot
formulieren1.ir
autodiscover.ggd
webportaalvdi
campus
mymobile-test
oorlogsarchief
vogelweide
acceptatie-siam
www.wij
webportal
simsite
autorisatie
www.mijnwerkplek
pmb-timetellapp
sharepoint.pbbodem
rproxy20
tickets.bibliotheek
wozportaal
www.datatoegang
webwerk
ftps
www.burgemeester
ras
demo2.atlas
hub
vluchtelingen
leerpleinburgerzaken
tma
mijnwerkplek
uitwisseling
cms.insite
westerwolde
mymobile
extern
makkelijkemarkt-dashboard
kaarten
websiteacc
uitwijk
mobility
hob
begraafplaatsreservering
apps
wolk
wozloket
handhavingacc
autodiscover.noord
parkeerhandhaving
snelbalie
afspraken2
sso
www.werkenbij
www.rekenkamer
diogenes
e-loket
stadsarchief.accpwww
sp4
www.hnw
klicwion
portal.pmb
spamfilter
dial-lv-wion
gir
www.oogst
buga
allegro
klantmodule-centric-ot.extranet
gt-loket
wijkteam
onlineformulieren
accommodatieverhuur
maandtegendearmoede
mobilemailtest
cloud
huisstijl
oost
water
www.ibo
www.parkeerhandhaving
naheffingsaanslag
welstandsnota
mksacc
wandelen
acc.t3.data
www.acc.piwik
gen1
oma
edienstenburgerzaken-test
loket2
ucatest
geocheck.datapunt
www.buurthuisvandetoekomst
t1.data
www.maakkogerveldwijk
upload
eformulieren
grafana.secure
nieuws
profilemanager
grafana-faalkaart.nl.faalserver
anva.vga
swarm.secure
nedwion
raad.acceptatie
esb
recycleservice
woz-test
rosstz
kibana.secure
rancher.secure
kennisbankkcc
afspraken.accp
bhg.bba
parkeerbelasting
waterplan
dagbesteding
xentialpreprod
flexigeo
kc
www.bruggen
geoservices
handhavingtest
cdst
wlc01
traveler
www.ruimtevoorjou
suppliers
eigenkracht
en
services
wijkmakelaars
awm
open-data
t2.data
geoweb
www.bekendmakingen
ois
services-test
ice
parkeervergunningen
kollumerland
langparkeren
phpmyadmin
handhaving-rembrandtplein
secure1
www.woz.gemeentebelastingen
ingenieursbureau
samenwijzer
mag
webappstest
login2
rproxy21
varen
bouwdossiers
crm
ibo
kim3
bibliotheek
kaart
mdapp
adfstest
kim.ivv
nlwmowsw
autodiscover.sp
ptb
wegwijzer
opa
securetest
transactieacc
www.stadsarchief
autorisatie
kaderbrief
kibana.parkeren.data
abgt
reservering
gisweb
www.uit
prod.digikoppeling
www.afval
parkeren-test
acc.admin.datapunt
tidigikoppeling
pre.atlas
afspraak
gasten
bedrijfsafval
sentry3
www.eformulieren
www.duurzaamheidscentrum
sharepoint
inzagenp
planning
geluid
gkb
lyncweb-ext2
www.klik
www.loketwelzijnenzorg
hembrugterrein
www.toerisme
prefill
www.begroting
mobiel-test
sharepoint.pbbodem
www.eemsdelta
eoffice
deurwaardersloketws.sozawe
maakkogerveldwijk
autodiscover.leefbaar
toegang
leveranciers
wsus
kim.acc
conf
oc
handhaving
intern
grafana
adiko
aalsmeer
tekeningbeheer
bouwtekeningen
gemeentesecretaris
web1
owas.ggd
beslisboom
autodiscover.cbk
grafana.datapunt
roosteronline.bba
vianen-adfs
noord
test.services
www.cjg
portal2
beheer.data
inprocessecure
startpagina
flex5
balie2
sbcg
youpp
webservices
religieuserfgoed
conference
beekplaza
s2got
www.centrumzaandam
ws101
raad
begraafplaatsen
testwebmail
gateway
app2-acc
avoi
informatix.gem
iamdigid
leerplein.dbi
e-formulieren
access
mobiel2
koppeling
ibacas02.iba
async
portal-so
adfs
meet.ggd
www.taxatieverslag
naheffingsaanslag
wow
www.bedrijven
burgerloket.test
taxatieverslagenwozloket
nieuws
acc.t1.data
mymeeting
trace
web-ext
acronis
testdigid
join
email
college
www.maakcentrumoost
corsanxt
omgevingswet
isis
webcams
vergaderingen
autodiscover.christenunie-sgp
os
autodiscover.gl
www.genieten
mijnmobiel
aanvraagparkeren
woonlastenmeter
testeloket
datapunt
campus
autodiscover.cdvp
mobile-o365-test
telewerken
authenticatie
platformamsterdam
www.maakkogerveldwijk
rekenkamer
rpl3
formulierna
acis005.ise
tuinenmarkt
klic-online
kaartviewer
discussie
zaken
evergunning
een
www.aolws
svn.sgi
gd
acc.parkeren.data
webmail.rmf
www.gemeentesecretaris
test.afspraakmaken
cryptshare
vergaderen.acc
hybrid
www.afspraak
topsport
concern.ir
medewerkers.topscore.acc
deutsch
afvalstoffendienst.accpwww
hetgeldvan
omgevingsvisie
mailbackup
lync-externalweb.ggd
screening
youpp-test
kredietbank
voorjaarsnota
mattermost.secure
cfapps
mijnuitkering
mobiel-test
matchpoint
autodiscover.forza
sec
testplannen
webservices-acc.gw
mobielbeek
thuiswerken
vianl
gemeentesecretaris
uat.intranet
www4
mobilemail5
mijnwijkteam
xziyipt
snelbalievergunningen
webcon
wmoned
www.hartvanheemskerk
milieuzone
obsurv
digitaalerfgoed
hgvcsg1
acc-intranet
mail
nexus.secure
melding
derdenws.sozawe
zaaksysteem-accept
ticnet
sharefile
mail1
www.voorjaarsnota
macmini
ro-online
webmail.dmb
office.oso
www.datatoegang1
webkassa.wsr
webreserveren
dkp
ruimtevoorjou
sentry.data
digitaalloket
pveopenbareruimte
digitaalvergaderen
zaalhuur
antivirus
e-plaza
mail.noord
academie
www.ris
t2.datapunt
smartdocuments
www.werk
prod
digikoppelingtest
parking
ibor
rt
digbel
ondernemen
inclusievestad
ftp
intens-acc
busstation
webmail.dict
kim3
flex6
afvalkalender-test
infoplein
gezond
datatoegang1
www.crp
www.socialegids
noord
kidsactiviteiten
timetell.pmb
verhuisformulieren
veilige-toegang.dwi
sentry.datapunt
globalprotect
autodiscover.forza
marktportaal
flexiprint
koppelvlakken
handboekdibor
securegw
portal