Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Improve generate report #2633

Merged
merged 33 commits into from
Mar 26, 2024
Merged

Improve generate report #2633

merged 33 commits into from
Mar 26, 2024

Conversation

madelondohmen
Copy link
Contributor

@madelondohmen madelondohmen commented Mar 12, 2024
edited
Loading

Changes

This PR makes a lot of changes to (mostly) the HTML of the Generate Reports.

The following changes are made to meet the design :

  • Add a table of contents
  • Update the header
  • Add chapter numbers
  • Update the download report button
  • Change "Summary" to "Asset overview"

Other changes that have been made to the Generate Report:

  • Add the human readable OOI to the titles of the reports (instead of the full OOI name)
  • Add text to the report when no data has been found (insead of showing nothing/an empty report)
  • Add "-" to some tables when no data has been found (instead of showing an empty field)
  • Fix some headings that were too big
  • Add "nowrap" class to TTL column in DNS report
  • Add introductory text at the beginning of each section
  • Change the order of the reports
  • Fix styling of Risk Levels (severity_level)

Issue link

Closes #2588
Closes #2422

Demo

Before

afbeelding

After

afbeelding

Opens

This PR opens some new issues:
#2671 and #2655

Code Checklist

  • All the commits in this PR are properly PGP-signed and verified.
  • This PR only contains functionality relevant to the issue; tickets have been created for newly discovered issues.
  • I have written unit tests for the changes or fixes I made.
  • For any non-trivial functionality, I have added integration and/or end-to-end tests.
  • I have performed a self-review of my code and refactored it to the best of my abilities.

Communication

  • I have informed others of any required .env changes files if required and changed the .env-dist accordingly.
  • I have made corresponding changes to the documentation, if necessary.
  • I have included comments in the code to elaborate on what is not self-evident from the code itself, including references to issues and discussions online, or implicit behavior of an interface.

Checklist for code reviewers:

Copy-paste the checklist from the docs/source/templates folder into your comment.

Checklist for QA:

Copy-paste the checklist from the docs/source/templates folder into your comment.

@madelondohmen madelondohmen self-assigned this Mar 12, 2024
@madelondohmen madelondohmen marked this pull request as ready for review March 18, 2024 16:58
@madelondohmen madelondohmen requested a review from a team as a code owner March 18, 2024 16:58
@madelondohmen madelondohmen changed the title Update generate report design Improve generate report Mar 18, 2024
ammar92
ammar92 reviewed Mar 19, 2024
View reviewed changes
Copy link
Contributor

@ammar92 ammar92 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good in general; just a few tips to improve it even more. There are probably more use cases of joins and blocktranslate vs translate calls that I haven't seen

rocky/reports/report_types/systems_report/report.html Outdated Show resolved Hide resolved
rocky/reports/report_types/ipv6_report/report.html Outdated Show resolved Hide resolved
rocky/reports/report_types/systems_report/report.html Outdated Show resolved Hide resolved
rocky/reports/report_types/tls_report/report.html Outdated Show resolved Hide resolved
rocky/reports/report_types/dns_report/report.html Outdated Show resolved Hide resolved
rocky/reports/report_types/rpki_report/report.html Outdated Show resolved Hide resolved
ammar92
ammar92 previously approved these changes Mar 21, 2024
View reviewed changes
Copy link
Contributor

@ammar92 ammar92 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me 👍

@stephanie0x00
Copy link
Contributor

stephanie0x00 commented Mar 21, 2024
edited
Loading

Checklist for QA:

  • I have checked out this branch, and successfully ran a fresh make reset.
  • I confirmed that there are no unintended functional regressions in this branch:
    • I have managed to pass the onboarding flow
    • Objects and Findings are created properly
    • Tasks are created and completed properly
  • I confirmed that the PR's advertised feature or hotfix works as intended.

What works:

Looks good! I did find some things we could improve to make it better. I've added them to the last section. I expect some/maybe all things can be picked up in different tickets.

What doesn't work:

n/a

Bug or feature?:

  • Takes a long time to generate the report for all 12 report types.

  • Asset Overview should be sorted based on type I think where Hostnames should appear before IP addresses.

    • The object primary key "IPService|internet||tcp|443|https" should drop the 'IPService|internet' part and only show IP address, port, service, protocol. Maybe this should be done through additional columns.
    • Selected report types should be sorted based on either the order of the reports or otherwise alphabetically (a-z). There are arguments for both. I think a-z is the easiest for implementation for now.

  • Change text from "No ciphers found for this IPService." to "No ciphers were found for this combination of IP address, port and service."

  • The order of all the reports is now based on IP/hostname, I think it become more organised to sort these based on report type and within that report show the output per OOI. Unsure if this is even possible in the current setup.

  • The primary key now is something like: "TLS Report for IPService|internet||tcp|443|https" it becomes more readable if this is something like: TLS Report for on port for .

    • Primary key in Safe Cnonections report for the section name of the compliance issues table is now "IPAddressV4|internet|" It becomes more readable if this just says: IP

    • Primary keys of sections: Is it possible to split the IP (and protocol) from the URL/Hostname? Thus instead of 'https://1.2.3.4:443/tcp' we show 'https://1.2.3.4' at 'port: 443/tcp'

@stephanie0x00 stephanie0x00 added the 😸 Review/QA feedback Review/QA feedback provided label Mar 25, 2024
@madelondohmen
Copy link
Contributor Author 

* Change text from "No ciphers found for this IPService." to "No ciphers were found for this combination of IP address, port and service."

* The order of all the reports is now based on IP/hostname, I think it become more organised to sort these based on report type and within that report show the output per OOI. Unsure if this is even possible in the current setup.

These two should now be resolved. I have created a new ticket for the other improvements and I will create another PR for those.

@madelondohmen madelondohmen mentioned this pull request Mar 25, 2024
Closed
3 tasks
@madelondohmen madelondohmen removed the 😸 Review/QA feedback Review/QA feedback provided label Mar 25, 2024
@stephanie0x00
Copy link
Contributor

Changes look good. Ready for merge.

@underdarknl underdarknl merged commit c0c8a62 into main Mar 26, 2024
10 checks passed
@underdarknl underdarknl deleted the feature/update-generate-report-design branch March 26, 2024 09:18
jpbruinsslot added a commit that referenced this pull request Apr 4, 2024
@jpbruinsslot
Merge branch 'main' into feature/mula/refactor-queue
652fc2c 
* main: (51 commits)
  Fix static files for container images/Debian packages when DEBUG is on (#2742)
  OOI selection at Aggregate report does not remember changed selection (#2619)
  fix schema errors on empty / missing schemas (#2744)
  Updated `phonenumbers` and `django-phonenumber-field` (#2757)
  Remove octopoes coverage workflow (#2755)
  Bump actions/configure-pages from 4 to 5 (#2745)
  Add xtdb-cli tool to Octopoes (#2733)
  Dont report vulnerabilities without version info of the software for snyk (#2730)
  Feature/boefjes to oci images (#2709)
  Query non-reference fields and subclass-specific fields through path queries (#2662)
  Fix in System Specific (#2732)
  Plugins overview in appendix not showing any plugins (#2694)
  Feat stepper design v2 (#2704)
  Undo project-directory in Rocky (#2734)
  Remove Docker Compose: "version" (#2718)
  Upgrade `pre-commit` hooks (#2729)
  Fix #1739 (#2705)
  Improve generate report (#2633)
  Fix critical vulnerability counter (#2712)
  Fix pdf alignment (#2674)
  ...
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@underdarknl underdarknl underdarknl approved these changes

@ammar92 ammar92 ammar92 left review comments

Assignees

@madelondohmen madelondohmen

Labels
report
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Update HTML of 'Generate Report' conform design Update the introduction text of the reports
4 participants
@madelondohmen @stephanie0x00 @underdarknl @ammar92