Merge pull request #22 from mpast/delete-scan

Delete scan

app/config/urls.py

@@ -45,6 +45,7 @@
     path('file/<int:id>', views.view_file, name='view_file'),
     path('scan/create', views.create_scan, name='create_scan'),
     path('scan/create/<int:app_id>', views.create_scan, name='create_scan'),
+    path('scan/delete/<int:scan_id>', views.delete_scan, name='delete_scan'),
     path('patterns/', views.patterns, name="patterns"),
     path('permissions/', views.permissions, name="permissions"),
     path('malware/', views.malware, name="malware"),

app/templates/app.html

@@ -1,6 +1,13 @@
 {% extends 'base.html' %} {% load fontawesome_5 %} {% block content %}
 <h4>App</h4>
 {% if app %}
+<ul class="messages">
+    {% for message in messages %}
+    <div class="alert alert-success">
+        <strong>{{ message | escape }}</strong>
+    </div>
+    {% endfor %}
+</ul>
 <table class="table table-striped table-bordered">
     <tr>
         <th>App name</th>
@@ -32,6 +39,9 @@ <h5>Scans</h5>
             {% endif %}
             <th style="width: 10%;">Findings</th>
             <th style="width: 30%;">By Severity</th>
+            {% if user.is_authenticated %}
+            <th style="width: 6%;">Delete</th>
+            {% endif %}
         </tr>
     </thead>
     <tbody>
@@ -70,9 +80,40 @@ <h5>Scans</h5>
                     {% endfor %}
                 </table>
             </td>
+            <td>
+                <form action="{% url 'delete_scan' scan.id %}" method="post" enctype="multipart/form-data">
+                    {% csrf_token %}
+                    <button type="submit" class="delete-scan btn btn-danger">{% fa5_icon 'trash-alt' color='white' %}</button>
+                </form>
+            </td>
             {% endif %} {% endfor %}
         </tr>
         {% endfor %}
     </tbody>
 </table>
+
+<script type="text/javascript">
+    function fade_alerts() {
+        alerts = document.getElementsByClassName("alert");
+        var i = alerts.length;
+        for (let elem of alerts) {
+            i--;
+            time = 3250+(1000*i);
+            setTimeout(function() {
+                $(elem).fadeOut("slow");
+            }, time);
+        }
+    }
+    window.addEventListener('DOMContentLoaded', (event) => {
+        fade_alerts();
+    });
+    $(document).ready(function() {
+        $('.delete-scan').on('click', function(e) {
+            if (!confirm('Do you really want to delete the scan?')) {
+                e.preventDefault();
+            }
+        });
+
+    });
+</script>
 {% endif %} {% endif %} {% endblock %}

app/templates/create_app.html

@@ -20,4 +20,21 @@
     </div>
     {% endfor %}
 </ul>
-{% endif %} {% endblock %}
+<script type="text/javascript">
+    function fade_alerts() {
+        alerts = document.getElementsByClassName("alert");
+        var i = alerts.length;
+        for (let elem of alerts) {
+            i--;
+            time = 3250+(1000*i);
+            setTimeout(function() {
+                $(elem).fadeOut("slow");
+            }, time);
+        }
+    }
+    window.addEventListener('DOMContentLoaded', (event) => {
+        fade_alerts();
+    });
+</script>
+{% endif %}
+{% endblock %}

app/templates/create_finding.html

@@ -23,4 +23,23 @@
 {% endif %} {% if finding %}
 <a class="btn btn-sm btn-outline-warning" href="{% url 'finding' id=finding %}">See finding {% fa5_icon 'chevron-right' %}</a>{% if scan %}
 <a class="btn btn-sm btn-outline-info" href="{% url 'create_finding' scan_id=scan %}">Create other finding {% fa5_icon 'redo-alt' %}</a> {% else %}
-<a class="btn btn-sm btn-outline-info" href="{% url 'create_finding' %}">Create other finding {% fa5_icon 'redo-alt' %}</a> {% endif %} {% endif %} {% endblock %}
+<a class="btn btn-sm btn-outline-info" href="{% url 'create_finding' %}">Create other finding {% fa5_icon 'redo-alt' %}</a> {% endif %} {% endif %} 
+
+<script type="text/javascript">
+    function fade_alerts() {
+        alerts = document.getElementsByClassName("alert");
+        var i = alerts.length;
+        for (let elem of alerts) {
+            i--;
+            time = 3250+(1000*i);
+            setTimeout(function() {
+                $(elem).fadeOut("slow");
+            }, time);
+        }
+    }
+    window.addEventListener('DOMContentLoaded', (event) => {
+        fade_alerts();
+    });
+</script>
+
+{% endblock %}

app/templates/create_scan.html

@@ -20,4 +20,21 @@
     </div>
     {% endfor %}
 </ul>
-{% endif %} {% endblock %}
+{% endif %} 
+<script type="text/javascript">
+    function fade_alerts() {
+        alerts = document.getElementsByClassName("alert");
+        var i = alerts.length;
+        for (let elem of alerts) {
+            i--;
+            time = 3250+(1000*i);
+            setTimeout(function() {
+                $(elem).fadeOut("slow");
+            }, time);
+        }
+    }
+    window.addEventListener('DOMContentLoaded', (event) => {
+        fade_alerts();
+    });
+</script>  
+{% endblock %}

app/templates/edit_finding.html

@@ -21,4 +21,21 @@
     {% endfor %}
 </ul>
 {% endif %} {% if finding %}
-<a class="btn btn-sm btn-outline-warning" href="{% url 'finding' id=finding %}">See finding {% fa5_icon 'chevron-right' %}</a> {% endif %} {% endblock %}
+<a class="btn btn-sm btn-outline-warning" href="{% url 'finding' id=finding %}">See finding {% fa5_icon 'chevron-right' %}</a> {% endif %}
+<script type="text/javascript">
+    function fade_alerts() {
+        alerts = document.getElementsByClassName("alert");
+        var i = alerts.length;
+        for (let elem of alerts) {
+            i--;
+            time = 3250+(1000*i);
+            setTimeout(function() {
+                $(elem).fadeOut("slow");
+            }, time);
+        }
+    }
+    window.addEventListener('DOMContentLoaded', (event) => {
+        fade_alerts();
+    });
+</script>
+{% endblock %}

app/templates/findings.html

@@ -90,6 +90,20 @@
 <a class="btn btn-sm btn-outline-secondary" href="{% url 'scan' id=scan %}">{% fa5_icon 'chevron-left' %} Return to scan </a> {% endif %}
 
 <script type="text/javascript">
+    function fade_alerts() {
+        alerts = document.getElementsByClassName("alert");
+        var i = alerts.length;
+        for (let elem of alerts) {
+            i--;
+            time = 3250+(1000*i);
+            setTimeout(function() {
+                $(elem).fadeOut("slow");
+            }, time);
+        }
+    }
+    window.addEventListener('DOMContentLoaded', (event) => {
+        fade_alerts();
+    });
     $(document).ready(function() {
         $('#id_select_all').on('click', function() {
             $('.finding').prop('checked', this.checked);

app/templates/home.html

@@ -7,6 +7,13 @@ <h5>Apps</h5>
 <p id="alert-account" class="alert alert-danger" style="display: none;">To create apps, you must have and account</p>
 <a onclick="$('#alert-account').show()" class="btn btn-outline-primary">New App</a> {% endif %}
 <br> {% if apps %}
+<ul class="messages">
+    {% for message in messages %}
+    <div class="alert alert-success">
+        <strong>{{ message | escape }}</strong>
+    </div>
+    {% endfor %}
+</ul>
 <table class="table table-bordered">
     <thead>
         <tr>
@@ -41,6 +48,9 @@ <h5>Apps</h5>
                             {% endif %}
                             <th style="width: 10%;">Findings</th>
                             <th style="width: 30%;">By Severity</th>
+                            {% if user.is_authenticated %}
+                            <th style="width: 5%;">Delete</th>
+                            {% endif %}
                         </tr>
                     </thead>
                     <tbody>
@@ -78,6 +88,14 @@ <h5>Apps</h5>
                                     {% endfor %}
                                 </table>
                             </td>
+                                {% if user.is_authenticated %}
+                                <td>
+                                    <form action="{% url 'delete_scan' scan.id %}" method="post" enctype="multipart/form-data">
+                                        {% csrf_token %}
+                                        <button type="submit" class="delete-scan btn btn-danger">{% fa5_icon 'trash-alt' color='white' %}</button>
+                                    </form>
+                                </td>
+                                {% endif %}
                             {% endif %} {% endfor %}
                         </tr>
                         {% endif %} {% endfor %}</tbody>
@@ -90,4 +108,27 @@ <h5>Apps</h5>
         {% endfor %}
     </tbody>
 </table>
+<script type="text/javascript">
+    function fade_alerts() {
+        alerts = document.getElementsByClassName("alert");
+        var i = alerts.length;
+        for (let elem of alerts) {
+            i--;
+            time = 3250+(1000*i);
+            setTimeout(function() {
+                $(elem).fadeOut("slow");
+            }, time);
+        }
+    }
+    window.addEventListener('DOMContentLoaded', (event) => {
+        fade_alerts();
+    });
+    $(document).ready(function() {
+        $('.delete-scan').on('click', function(e) {
+            if (!confirm('Do you really want to delete the scan?')) {
+                e.preventDefault();
+            }
+        });
+    });
+</script>
 {% endif %} {% endblock %}

app/templates/login.html

@@ -23,4 +23,20 @@
 </ul>
 {% endif %}
 </form>
+<script type="text/javascript">
+    function fade_alerts() {
+        alerts = document.getElementsByClassName("alert");
+        var i = alerts.length;
+        for (let elem of alerts) {
+            i--;
+            time = 3250+(1000*i);
+            setTimeout(function() {
+                $(elem).fadeOut("slow");
+            }, time);
+        }
+    }
+    window.addEventListener('DOMContentLoaded', (event) => {
+        fade_alerts();
+    });
+</script>
 {% endblock %}

app/templates/scan.html

@@ -80,9 +80,14 @@ <h4 class="card-title">Scan</h4>
                         {% endif %}
                     </div>
                 </div>
-                {% if scan.progress >= 40 %}
                 <br>
-                <a href="{% url 'export' id=scan.id %}" class="btn btn-outline-dark">Export {% fa5_icon 'download' %}</a> {% endif %}
+                <form action="{% url 'delete_scan' scan.id %}" method="post" enctype="multipart/form-data" style="display: inline-block;">
+                    {% csrf_token %}
+                    <button type="submit" class="delete-scan btn btn-danger">Delete {% fa5_icon 'trash-alt' color='white' %}</button>
+                </form>
+                {% if scan.progress >= 40 %}
+                    <a href="{% url 'export' id=scan.id %}" class="btn btn-outline-dark">Export {% fa5_icon 'download' %}</a> 
+                {% endif %}
             </div>
         </div>
         <br>
@@ -932,7 +937,28 @@ <h5 class="card-title">Databases</h5>
         }
         var progressUrl = '{% url "scan_state" scan.id %}';
         updateProgress(progressUrl);
+
+    });
+    function fade_alerts() {
+        alerts = document.getElementsByClassName("alert");
+        var i = alerts.length;
+        for (let elem of alerts) {
+            i--;
+            time = 3250+(1000*i);
+            setTimeout(function() {
+                $(elem).fadeOut("slow");
+            }, time);
+        }
+    }
+    window.addEventListener('DOMContentLoaded', (event) => {
+        fade_alerts();
+    });
+    $(document).ready(function() {
+        $('.delete-scan').on('click', function(e) {
+            if (!confirm('Do you really want to delete the scan?')) {
+                e.preventDefault();
+            }
+        });
     });
-
 </script>
 {% endblock %}

app/views.py

@@ -195,11 +195,21 @@ def create_scan(request, app_id = ''):
     return render(request, 'create_scan.html', {
         'form': form,
     })
+@login_required
+def delete_scan(request, scan_id=''):
+    if request.method == 'POST':
+        scan = Scan.objects.get(pk=scan_id)
+        if (scan.user == request.user):
+            scan.delete()
+            messages.success(request, 'Removed successfully')
+            return redirect('home')
+    messages.warning(request, 'Removed successfully')
+    return redirect('home')
 
 @login_required
 def app(request, id):
     app = Application.objects.get(pk=id)
-    scans = Scan.objects.filter(app=app.id)
+    scans = Scan.objects.filter(app=app.id).order_by('id')
     scans_data = {}
     for scan in scans:
         scans_data[scan.id] = {