Skip to content

Bug reports jun26 #136

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
summitt merged 8 commits into from
Jun 15, 2026
Merged

Bug reports jun26 #136

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
a4cce9e
Fix report sections, category create/rename, and docx rendering bugs
summitt Jun 9, 2026
85bc54d
Report added assessments, warnings, and errors on CSV upload
summitt Jun 9, 2026
bc8389f
remove warning about distribution list missing
summitt Jun 9, 2026
64f9948
Insert page breaks from ${pageBreak} placeholders in docx rendering
summitt Jun 9, 2026
34e3d73
Add Manager Dashboard vulnerabilities CSV export
summitt Jun 13, 2026
90f0fbf
Add vulnerabilities tab with detail panel to Manager Dashboard
summitt Jun 13, 2026
320c27f
Add mise.toml mirroring .zed task definitions
summitt Jun 15, 2026
809ecd1
Add Manager Dashboard assessment search and hot-reload dev setup
summitt Jun 15, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -56,3 +56,6 @@ vtrack-os/.project

.externalToolBuilders/
.claude/*

.zed/
logs/
26 changes: 26 additions & 0 deletions Dockerfile.dev-hotreload
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,26 @@
FROM tomcat:9-jre17 as dev_base
RUN apt-get update
RUN apt-get upgrade -y
RUN mkdir /opt/faction

# Fix issue with sending emails
RUN sed -i 's/^jdk.tls.disabledAlgorithms/# jdk.tls.disabledAlgorithms/' /opt/java/openjdk/conf/security/java.security

# Remove default Tomcat webapps
RUN rm -rf /usr/local/tomcat/webapps/manager
RUN rm -rf /usr/local/tomcat/webapps/host-manager
RUN rm -rf /usr/local/tomcat/webapps/docs
RUN rm -rf /usr/local/tomcat/webapps/examples
RUN rm -rf /usr/local/tomcat/webapps/ROOT

# Create the ROOT directory where we'll mount the exploded WAR
RUN mkdir -p /usr/local/tomcat/webapps/ROOT

# Enable context reloading by creating a context.xml for ROOT app
RUN mkdir -p /usr/local/tomcat/conf/Catalina/localhost
RUN echo '<?xml version="1.0" encoding="UTF-8"?>' > /usr/local/tomcat/conf/Catalina/localhost/ROOT.xml && \
echo '<Context reloadable="true">' >> /usr/local/tomcat/conf/Catalina/localhost/ROOT.xml && \
echo '</Context>' >> /usr/local/tomcat/conf/Catalina/localhost/ROOT.xml

EXPOSE 8080/tcp
CMD ["/usr/local/tomcat/bin/catalina.sh", "run"]
21 changes: 18 additions & 3 deletions WebContent/WEB-INF/jsp/assessment/AddVuln.jsp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -177,6 +177,18 @@ td:first-child {
#details {
background-color: white
}

.hideSection {
display:none;
}
.sectionName::after {
content: "\A";
white-space: pre;
}
.sectionName {
border: solid 1px;
padding: 0px 4px 0px 4px;
}
</style>

<div class="row">
Expand Down Expand Up @@ -488,9 +500,12 @@ td:first-child {
<td data-sort="${overall}">
</s:else>
<span class="vulnName"><s:property
value="name" /></span><br> <span class="category"> <s:property
value="category.name" /></span><BR> <span class="severity"><s:property
value="overallStr" /></span></td>
value="name" /></span><br>
<span class="category"> <s:property value="category.name" /></span><BR>
<span class="severity"><s:property
value="overallStr" /></span><br>
<span class="sectionName <s:if test="section == ''">hideSection</s:if>"><s:property value="sectionPretty"/></span>
</td>
<td><span class="vulnControl vulnControl-delete"
id="deleteVuln<s:property value="id"/>"
<s:if test="hideit">disabled</s:if>><i
Expand Down
157 changes: 144 additions & 13 deletions WebContent/WEB-INF/jsp/dashboard/ManagerDashboard.jsp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -637,12 +637,21 @@
</button>
</div>
</bs:mco>
<bs:mco colsize="4">
<bs:mco colsize="2">
<div class="form-group">
<label>&nbsp;</label>
<div class="btn btn-block btn-success btn-md" id="exportCsvBtn"
onclick="exportToCSV()">
<i class="fa fa-download"></i> Export to CSV
<div class="btn btn-block btn-success btn-md" id="exportAssessmentsCsvBtn"
onclick="exportAssessmentsToCSV()">
<i class="fa fa-download"></i> Export Assessments to CSV
</div>
</div>
</bs:mco>
<bs:mco colsize="2">
<div class="form-group">
<label>&nbsp;</label>
<div class="btn btn-block btn-info btn-md" id="exportVulnsCsvBtn"
onclick="exportVulnerabilitiesToCSV()">
<i class="fa fa-download"></i> Export Vulnerabilities to CSV
</div>
</div>
</bs:mco>
Expand Down Expand Up @@ -792,13 +801,19 @@
</bs:mco>
</bs:row>

<!-- Assessments Table (Always shown) -->
<!-- Results Tables (tabbed) -->
<bs:row>
<bs:mco colsize="12">
<bs:box type="primary" title="Assessments">
<bs:datatable
columns="Action,AppId,Name,Type,Team,Assessor,Start,End,Completed,Status,Findings"
classname="table-striped" id="searchResults">
<div class="nav-tabs-custom">
<ul class="nav nav-tabs">
<li class="active"><a href="#tab_assessments" data-toggle="tab"><i class="fa fa-tasks"></i> Assessments</a></li>
<li><a href="#tab_vulnerabilities" data-toggle="tab"><i class="fa fa-bug"></i> Vulnerabilities</a></li>
</ul>
<div class="tab-content">
<div class="tab-pane active" id="tab_assessments">
<bs:datatable
columns="Action,AppId,Name,Type,Team,Assessor,Start,End,Completed,Status,Findings"
classname="table-striped" id="searchResults">
<s:iterator value="searchResults" status="stat" var="asmt">
<tr>
<td>
Expand Down Expand Up @@ -855,8 +870,42 @@
</td>
</tr>
</s:iterator>
</bs:datatable>
</bs:box>
</bs:datatable>
</div><!-- /#tab_assessments -->
<div class="tab-pane" id="tab_vulnerabilities">
<bs:datatable
columns="Action,Vulnerability,Assessment,AppId,Severity,CVSS,Category,Opened,Closed,Status,Tracking"
classname="table-striped" id="vulnResults">
<s:iterator value="vulnerabilityResults" var="vrow">
<tr class="vuln-detail-row" data-vulnid="<s:property value='vulnId'/>" style="cursor: pointer;">
<td>
<a target="_blank"
href="EditAssessment?action=get&aid=<s:property value='assessmentId'/>"
title="Open Assessment">
<i class="fa fa-pencil"></i>
</a>
</td>
<td><s:property value="name" /></td>
<td><s:property value="assessmentName" /></td>
<td><s:property value="appId" /></td>
<td>
<span class="badge"
style="background-color: <s:property value='severityColorMap[#vrow.severity]'/>; color: white; padding: 3px 8px; font-weight: bold; font-size: 12px;">
<s:property value="severity" />
</span>
</td>
<td><s:property value="cvssScore" /></td>
<td><s:property value="category" /></td>
<td><s:date name="opened" format="yyyy-MM-dd" /></td>
<td><s:date name="closed" format="yyyy-MM-dd" /></td>
<td><s:property value="status" /></td>
<td><s:property value="tracking" /></td>
</tr>
</s:iterator>
</bs:datatable>
</div><!-- /#tab_vulnerabilities -->
</div><!-- /.tab-content -->
</div><!-- /.nav-tabs-custom -->
</bs:mco>
</bs:row>

Expand All @@ -865,10 +914,59 @@
</div>
<!-- /.content-wrapper -->

<!-- Slide-out panel showing full vulnerability details for the clicked row -->
<style>
.vuln-detail-overlay {
position: fixed; top: 0; left: 0; width: 100%; height: 100%;
background: rgba(0,0,0,0.4); z-index: 1040; display: none;
}
.vuln-detail-panel {
position: fixed; top: 0; right: 0; height: 100%;
width: 640px; max-width: 95%;
background: #fff; z-index: 1050;
box-shadow: -2px 0 12px rgba(0,0,0,0.3);
transform: translateX(100%); transition: transform .25s ease;
display: flex; flex-direction: column;
}
.vuln-detail-panel.open { transform: translateX(0); }
.vuln-detail-panel .vuln-detail-topbar {
padding: 12px 18px; border-bottom: 1px solid rgba(255,255,255,0.15);
display: flex; justify-content: space-between; align-items: center;
background: #225080;
}
.vuln-detail-panel .vuln-detail-topbar h4 { margin: 0; font-size: 18px; color: #fff; }
.vuln-detail-panel .vuln-detail-topbar .btn-box-tool { color: #fff; }
.vuln-detail-panel .vuln-detail-body {
padding: 18px; overflow-y: auto; flex: 1;
background: #0f1522; color: #c9d3e0;
}
.vuln-detail-panel .vuln-detail-body a { color: #6fb0ff; }
.vuln-detail-panel .vuln-detail-section-title {
margin-top: 20px; padding-bottom: 5px; border-bottom: 1px solid rgba(255,255,255,0.15);
font-weight: bold; color: #fff;
}
.vuln-detail-panel .vuln-detail-content { word-wrap: break-word; }
.vuln-detail-panel .vuln-detail-content img { max-width: 100%; height: auto; }
.vuln-detail-panel .vuln-detail-body table { color: #c9d3e0; }
.vuln-detail-panel .vuln-detail-body table td,
.vuln-detail-panel .vuln-detail-body table th { border-color: rgba(255,255,255,0.12); }
.vuln-detail-panel .vuln-detail-meta th { color: #8a97a8; }
</style>
<div id="vulnDetailOverlay" class="vuln-detail-overlay"></div>
<div id="vulnDetailPanel" class="vuln-detail-panel">
<div class="vuln-detail-topbar">
<h4>Vulnerability Details</h4>
<button type="button" id="vulnDetailClose" class="btn btn-box-tool" aria-label="Close">
<i class="fa fa-times fa-lg"></i>
</button>
</div>
<div id="vulnDetailBody" class="vuln-detail-body"></div>
</div>

<jsp:include page="../footer.jsp" />

<script type="text/javascript">
function exportToCSV() {
function exportAssessmentsToCSV() {
// Get the current search parameters from the form
var form = document.querySelector('form[action="ManagerDashboard"]');
var formData = new FormData(form);
Expand Down Expand Up @@ -900,8 +998,41 @@
exportForm.submit();
document.body.removeChild(exportForm);
}

function exportVulnerabilitiesToCSV() {
// Get the current search parameters from the form
var form = document.querySelector('form[action="ManagerDashboard"]');
var formData = new FormData(form);

// Create a new form for CSV export
var exportForm = document.createElement('form');
exportForm.method = 'POST';
exportForm.action = 'ManagerDashboardExportVulnerabilitiesCSV';
exportForm.style.display = 'none';

// Copy all search parameters to the export form
for (var pair of formData.entries()) {
var input = document.createElement('input');
input.type = 'hidden';
input.name = pair[0];
input.value = pair[1];
exportForm.appendChild(input);
}

// Add search action to ensure export uses search logic
var searchActionInput = document.createElement('input');
searchActionInput.type = 'hidden';
searchActionInput.name = 'searchAction';
searchActionInput.value = 'search';
exportForm.appendChild(searchActionInput);

// Submit the form
document.body.appendChild(exportForm);
exportForm.submit();
document.body.removeChild(exportForm);
}
</script>

</body>

</html>
</html>
61 changes: 60 additions & 1 deletion WebContent/WEB-INF/jsp/engagement/assessmentUpload.jsp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,4 +16,63 @@
<bs:mco colsize="12">
<a href="../assessments.csv">Download Template</a>
</bs:mco>
</bs:row>
</bs:row>

<!-- Results: assessments successfully added from the uploaded CSV(s) -->
<bs:row>
<bs:mco colsize="12">
<div id="uploadAddedWrap" style="display:none; margin-top:15px;">
<h4>Added Assessments <span id="uploadAddedCount" class="badge bg-green"></span></h4>
<table class="table table-bordered table-striped">
<thead>
<tr>
<th>App ID</th>
<th>Name</th>
<th>Edit</th>
</tr>
</thead>
<tbody id="uploadAddedBody"></tbody>
</table>
</div>
</bs:mco>
</bs:row>

<!-- Results: assessments added but with non-fatal issues to fix (e.g. unknown assessor) -->
<bs:row>
<bs:mco colsize="12">
<div id="uploadWarningsWrap" style="display:none; margin-top:15px;">
<h4 class="text-yellow">Warnings <span id="uploadWarningsCount" class="badge bg-yellow"></span></h4>
<table class="table table-bordered table-striped">
<thead>
<tr>
<th>Row</th>
<th>App ID</th>
<th>Name</th>
<th>Issue</th>
</tr>
</thead>
<tbody id="uploadWarningsBody"></tbody>
</table>
</div>
</bs:mco>
</bs:row>

<!-- Results: rows from the CSV(s) that could not be processed -->
<bs:row>
<bs:mco colsize="12">
<div id="uploadErrorsWrap" style="display:none; margin-top:15px;">
<h4 class="text-red">Upload Errors <span id="uploadErrorsCount" class="badge bg-red"></span></h4>
<table class="table table-bordered table-striped">
<thead>
<tr>
<th>Row</th>
<th>App ID</th>
<th>Name</th>
<th>Error</th>
</tr>
</thead>
<tbody id="uploadErrorsBody"></tbody>
</table>
</div>
</bs:mco>
</bs:row>
2 changes: 1 addition & 1 deletion WebContent/dist/js/cms.js
View file
Open in desktop

Large diffs are not rendered by default.

2 changes: 1 addition & 1 deletion WebContent/dist/js/manager_dashboard.js
View file
Open in desktop

Large diffs are not rendered by default.

2 changes: 1 addition & 1 deletion WebContent/dist/js/scheduling.js
View file
Open in desktop

Large diffs are not rendered by default.

2 changes: 1 addition & 1 deletion WebContent/dist/js/vulnview.js
View file
Open in desktop

Large diffs are not rendered by default.

Loading
Loading