Skip to content

Reusable templates feature desktop#1510

Open
Ajith-Penmatsa-GGL wants to merge 28 commits intoOWASP:mainfrom
GallagherSecurity:AjithP/ReusableTemplatesFeatureDesktop
Open

Reusable templates feature desktop#1510
Ajith-Penmatsa-GGL wants to merge 28 commits intoOWASP:mainfrom
GallagherSecurity:AjithP/ReusableTemplatesFeatureDesktop

Conversation

@Ajith-Penmatsa-GGL
Copy link
Copy Markdown
Collaborator

@Ajith-Penmatsa-GGL Ajith-Penmatsa-GGL commented Mar 19, 2026
edited
Loading

Summary:

This pr closes #1500

Templates feature extended to desktop

Created a template module that interacts with the local filesystem to store templates. All other workflows are essentially the same as the web version. The key difference is that when the frontend/Vuex store makes an API call, the desktop provider checks the current environment and routes the call via IPC (Inter-Process Communication) to the Node.js process running inside Electron, rather than hitting the Express REST API.

Read-only mode for manage templates portal is added and it is useful for teams sharing templates via a network folder or SharePoint where write access may be restricted. Users can point the app to an existing templates folder, set a custom location, or use the default path. This configuration is documented in the usage guide.

functionality to export templates onto local file system is now available for desktop users

Admin middleware

Previously, admin checks were being handled individually at the controller level on each endpoint. Extracted this into a dedicated adminMiddleware function and applied it centrally in the route configuration, so authorisation is enforced in one place.

Normalised template states

With the addition of desktop templates, the status model needed to work across both the filesystem (desktop) and GitHub repositories (web). Unified the status states (NOT_CONFIGURED, NOT_INITIALIZED, NOT_FOUND, ) across ManageTemplates.vue, TemplateGallery.vue, and templateController.js. A separate canWrite flag handles read-only state rather than a distinct status code.

Test coverage

Added unit tests for TemplateGallery, ManageTemplates, ExportTemplate, templateApi, and the template Vuex module.

i18n strings

Reorganised i18n strings into clearly named objects. Removed redundant unused definitions and renamed keys for clarity.

Description for the changelog:

Extended templates feature to be compatible with desktop deployment, including local filesystem storage, read-only mode, and IPC-based communication between the frontend and Electron main process.

Declaration:

Thanks for submitting a pull request, please make sure:

  • content meets the license for this project
  • appropriate unit tests have been created and/or modified
    (need to add unit tests for the template module that communicates with local file system)
  • you have considered any changes required for the functional tests
  • you have read the contribution guide and agree to the Code of Conduct
  • either no AI-generated content has been used in this pull request
  • or any use of AI in this pull request has been disclosed below:
    • AI Tools: Claude
    • LLMs and versions: Claude sonnet 4.6
    • Prompts:
    • mainly to understand how Vue.js works within an Electron sandboxed app architecture
    • Identified the appropriate layer for making IPC calls, as no clear pattern was established in the existing code.
    • Scaffolded unit test mocks with AI assistance.

@Ajith-Penmatsa-GGL
feat(fetchAllTemplates) implemented user authentication and authorisa…
2f72b46 
…tion and setup the backend for the feature
@Ajith-Penmatsa-GGL
feat(dashboard): implement conditional 'Create model from Template' a…
8fda325 
…ction
@Ajith-Penmatsa-GGL
feat: Fetched templates from metadata objects and rendered in ui
edb981a
@Ajith-Penmatsa-GGL
feat: added to feature to export templates from a model
aabfb4d
@Ajith-Penmatsa-GGL
added crud functionality for the admin
202e650
@Ajith-Penmatsa-GGL
feat: add template bootstrapping and unified search
83a2048 
- Add admin-only template repository initialization
- Implement unified search across name, description, and tags
- Handle repository states (NOT_CONFIGURED, NOT_INITIALIZED, REPO_NOT_FOUND)
- Simplify search architecture by removing separate tag filtering
- Update template schema to align with V2 model schema
@Ajith-Penmatsa-GGL
refactored templates controller
009ee3c
@Ajith-Penmatsa-GGL
added documentation and fixed eslint errors
58273da
@Ajith-Penmatsa-GGL
cleaning up docs and fetch all tempaltes logic
be46058
@Ajith-Penmatsa-GGL
cleaned up some unnecessary commetns
1901286
@Ajith-Penmatsa-GGL
write main process functions to set template folder path
2cf4959
@Ajith-Penmatsa-GGL
changed main process operations to empalte and wired up round trip
85d7f0f
@Ajith-Penmatsa-GGL
added a feature to save a tempalte path in desktop
57b90ee
@Ajith-Penmatsa-GGL
mvp of templates feature for desktop
ba2af06
@Ajith-Penmatsa-GGL
custom dialog box for setting up template folder
2f64606
@Ajith-Penmatsa-GGL
made changes in status's for template gallery and manage tempaltes so…
2fbed21 
… that they are unified to 3 status' and added clarity to the module that lets user pick the location of tempalte storage
@Ajith-Penmatsa-GGL
removed admin checks from endpoints and added it to middleware
da8e8b7
@Ajith-Penmatsa-GGL
removed unused i8n strings
0766e45
@Ajith-Penmatsa-GGL
synced up branch with origin main
489ce4e
@Ajith-Penmatsa-GGL
added documentation for desktop version of the tempaltes feature
6437c5b
@Ajith-Penmatsa-GGL
added test suites to increase coverage
baad334
@Ajith-Penmatsa-GGL
added new test suits
2549421
@Ajith-Penmatsa-GGL
synced with owasp main branch
f828598
@Ajith-Penmatsa-GGL
renamed ipcMain listner to ipcMainAPI
5c53b33
@Ajith-Penmatsa-GGL Ajith-Penmatsa-GGL self-assigned this Mar 19, 2026
@Ajith-Penmatsa-GGL Ajith-Penmatsa-GGL added the enhancement New feature or request label Mar 19, 2026
@Ajith-Penmatsa-GGL Ajith-Penmatsa-GGL marked this pull request as draft March 19, 2026 02:01
@Ajith-Penmatsa-GGL Ajith-Penmatsa-GGL marked this pull request as ready for review March 22, 2026 22:23
@Ajith-Penmatsa-GGL
Copy link
Copy Markdown
Collaborator Author

Ajith-Penmatsa-GGL commented Mar 22, 2026

2 checks failing (desktop e2e and trivy scan):

fixed spell checks and markdown lint errors

jgadsden
jgadsden reviewed Mar 23, 2026
View reviewed changes
docs/assets/images/local-tempalte.png Outdated
Copy link
Copy Markdown
Collaborator

@jgadsden jgadsden Mar 23, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

possible typo in the file name?

Copy link
Copy Markdown
Collaborator Author

@Ajith-Penmatsa-GGL Ajith-Penmatsa-GGL Mar 25, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yep I might’ve forgotten to delete that. There’s another file with the correct name that’s actually being used in the code, so the misspelled one is redundant. I’ll clean it up 🙂

@jgadsden
Copy link
Copy Markdown
Collaborator

jgadsden commented Mar 24, 2026

I have added to the discussion on uses cases
my concern is that we are implementing a more complex solution than the very first soution proposed by @Ajith-Penmatsa-GGL

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jgadsden jgadsden jgadsden left review comments

@lreading lreading Awaiting requested review from lreading lreading is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

@Ajith-Penmatsa-GGL Ajith-Penmatsa-GGL

Labels

enhancement New feature or request

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Reusable templates for desktop app

2 participants

@Ajith-Penmatsa-GGL @jgadsden