Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add Ordering to Test_Import API Endpoint #11448

Open
wants to merge 1 commit into
base: dev
Choose a base branch
from

Conversation

hblankenship
Copy link
Collaborator

Added the ability to order the Test_Imports from the API via id, created, modified, version, branch_tag, build_id, and commit_hash (similar to that ability in findings).

[sc-9470]

@github-actions github-actions bot added the apiv2 label Dec 20, 2024
Copy link

DryRun Security Summary

The pull request enhances the Defect Dojo application's filtering and search capabilities by introducing new filter classes for test imports, findings, and log entries, which can help security professionals analyze and investigate security-related data while maintaining proper access controls and secure coding practices.

Expand for full summary

Summary:

The code changes in this pull request focus on improving the filtering and search capabilities of the Defect Dojo application, particularly in the areas of test imports, findings, and log entries. These changes introduce new filter classes, such as TestImportAPIFilter, TestImportFilter, and LogEntryFilter, which allow users to search and filter data based on various attributes.

From an application security perspective, these changes do not introduce any obvious security risks. The filtering functionality can be valuable for security professionals to analyze and investigate security-related data within the application, such as test import data, findings, and user activities. However, it's important to ensure that proper access controls, data validation, and secure coding practices are in place to ensure the safe and secure handling of the filtered data.

Files Changed:

  1. dojo/api_v2/views.py:

    • The changes introduce a new filter class called TestImportAPIFilter to the TestImportViewSet class, which is responsible for handling the API endpoints related to test imports.
    • The addition of the TestImportAPIFilter class suggests that there are new filtering options available for the test import functionality.
    • As long as the filtering is implemented correctly and the API is not vulnerable to any injection attacks, this change does not seem to introduce any obvious security risks.
  2. dojo/filters.py:

    • The changes introduce new filter classes, such as TestImportFilter, TestImportFindingActionFilter, and LogEntryFilter, which provide filtering functionality for various modules in the Defect Dojo application.
    • The filters allow users to search and filter data based on attributes like version, branch/tag, build ID, commit hash, and user activities.
    • These filters can be valuable for security professionals to analyze and investigate security-related data, but it's important to ensure that proper access controls and secure coding practices are in place.

Code Analysis

We ran 9 analyzers against 2 files and 0 analyzers had findings. 9 analyzers had no findings.

View PR in the DryRun Dashboard.

@hblankenship hblankenship linked an issue Dec 20, 2024 that may be closed by this pull request
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Add date sort order for test_imports API
1 participant