Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Report Observations #358

Closed
wants to merge 3 commits into from
Closed

Report Observations #358

wants to merge 3 commits into from

Conversation

ColonelThirtyTwo
Copy link
Collaborator

Issue

Internal suggestion by Christopher

Description of the Change

This adds "observations", which work like stripped down versions of findings for more flexible uses. Pre-written observations are stored in a library, and can be attached then edited to reports, or can be added to reports ad-hoc. Unlike findings, they don't have a concept of assignment, evidence, scores, or other things - they are just a title and description, though extra fields support may be added soon.

An example use of this is documenting positive findings - things that the system under test did well, or common issues that the system defended against.

Alternate Designs

I also have a branch that adds a positive/negative field to the findings model, however the team decided that it was not the design they had in mind.

Possible Drawbacks

This duplicates quite a bit of code from the findings,

Verification Process

I've tested all added pages and forms, as well as report generation. I've also added unit tests for the pages, copied from the findings tests.

Release Notes

  • Add Observations: reporting objects that work like slimmed down findings, but can be used for more generic purposes

@codecov Codecov
Copy link

codecov bot commented Nov 3, 2023
edited
Loading

Codecov Report

Attention: 83 lines in your changes are missing coverage. Please review.

Files Coverage Δ
ghostwriter/reporting/forms.py 100.00% <100.00%> (ø)
...ostwriter/reporting/migrations/0043_observation.py 100.00% <100.00%> (ø)
...reporting/migrations/0044_reportobservationlink.py 100.00% <100.00%> (ø)
ghostwriter/reporting/models.py 99.11% <100.00%> (ø)
ghostwriter/reporting/tests/test_forms.py 100.00% <100.00%> (ø)
ghostwriter/reporting/tests/test_views.py 100.00% <100.00%> (ø)
ghostwriter/reporting/views.py 70.86% <41.54%> (ø)

📢 Thoughts on this report? Let us know!.

@ColonelThirtyTwo
Add observations
13a3935 
These work like findings, but are more generic and slimmed down. For
example, they can be used to describe positive aspects of the system
under test.

This patch adds the model and CRUD operations on the observations -
linking to reports is not yet added.
@ColonelThirtyTwo
Add observation report linking
0b833e4
@ColonelThirtyTwo
Add tests and docstrings to observation-related items
2976208
@chrismaddalena chrismaddalena added this to the v4.1.0 milestone Nov 6, 2023
@chrismaddalena chrismaddalena self-assigned this Nov 9, 2023
@chrismaddalena chrismaddalena added the enhancement New feature or request label Nov 9, 2023
@ColonelThirtyTwo
Copy link
Collaborator Author

Merged into the v4-1-dev branch

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@chrismaddalena chrismaddalena

Labels
enhancement New feature or request
Projects
None yet
Milestone
v4.1.0
Development

Successfully merging this pull request may close these issues.
2 participants
@ColonelThirtyTwo @chrismaddalena