Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Added Security Incidents Summary to Dashboard #4029

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
DonnieBLT merged 7 commits into from
Mar 22, 2025
Merged

Added Security Incidents Summary to Dashboard #4029

DonnieBLT merged 7 commits into from
Mar 22, 2025

Conversation

@cicada0007
Copy link
Contributor

@cicada0007 cicada0007 commented Mar 21, 2025
edited by coderabbitai bot
Loading

closes #2470

Screenshot 2025-03-21 120037
Screenshot 2025-03-21 120059
Screenshot 2025-03-21 120111

Summary by CodeRabbit

  • New Features
    • Enhanced the analytics page with a new security incidents section, featuring a dashboard card that displays total security issues and links to detailed insights, including recent incident counts, average resolution times, severity distribution, and top affected domains.

@coderabbitai
Copy link
Contributor

coderabbitai bot commented Mar 21, 2025
edited
Loading

Walkthrough

The changes modify the repository's Git configuration and enhance the company cyber dashboard. A new entry is added to the .gitignore file to ignore .qodo files. The analytics template now includes a card linking to a detailed security incidents summary section, which presents recent incident counts, average resolution times, severity distribution statistics, and the top affected domains. Correspondingly, the backend view is updated with a new method that queries the database for security incidents and prepares the necessary data for rendering.

Changes

File Change Summary
.gitignore Added a new .qodo entry to ignore related files.
website/.../organization_analytics.html Updated the template by adding a new card and section for security incidents summary. Displays recent incidents, average resolution time, severity counts, and top domains.
website/views/company.py Introduced get_security_incidents_summary method in OrganizationDashboardAnalyticsView and updated import statements. Integrated the new metrics computation into the get method.

Sequence Diagram(s)

sequenceDiagram
    participant User
    participant WebServer
    participant DashboardView as OrganizationDashboardAnalyticsView
    participant DB as Issue Model

    User->>WebServer: Request analytics page
    WebServer->>DashboardView: Call get() method
    DashboardView->>DashboardView: Execute get_security_incidents_summary()
    DashboardView->>DB: Query security-related issues (label=4)
    DB-->>DashboardView: Return security metrics (count, recent incidents, avg resolution, severity, top domains)
    DashboardView->>WebServer: Return context with security_incidents_summary
    WebServer->>User: Render analytics page with new security incidents card and details
Loading

Assessment against linked issues

Objective Addressed Explanation
Display security incidents summary on dashboard (#2470)
Calculate and provide security metrics (#2470)
📜 Recent review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between d582c1e and 5e35509.

📒 Files selected for processing (1)
  • website/templates/organization/organization_analytics.html (2 hunks)
🚧 Files skipped from review as they are similar to previous changes (1)
  • website/templates/organization/organization_analytics.html
⏰ Context from checks skipped due to timeout of 90000ms (3)
  • GitHub Check: Run Tests
  • GitHub Check: docker-test
  • GitHub Check: Analyze (javascript-typescript)
🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

  • Review comments: Directly reply to a review comment made by CodeRabbit. Example:
    • I pushed a fix in commit <commit_id>, please review it.
    • Generate unit testing code for this file.
    • Open a follow-up GitHub issue for this discussion.
  • Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
    • @coderabbitai generate unit testing code for this file.
    • @coderabbitai modularize this function.
  • PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
    • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
    • @coderabbitai read src/utils.ts and generate unit testing code.
    • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
    • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

  • @coderabbitai pause to pause the reviews on a PR.
  • @coderabbitai resume to resume the paused reviews.
  • @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
  • @coderabbitai full review to do a full review from scratch and review all the files again.
  • @coderabbitai summary to regenerate the summary of the PR.
  • @coderabbitai generate docstrings to generate docstrings for this PR.
  • @coderabbitai resolve resolve all the CodeRabbit review comments.
  • @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
  • @coderabbitai help to get help.

Other keywords and placeholders

  • Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
  • Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
  • Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

  • You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
  • Please see the configuration documentation for more information.
  • If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

  • Visit our Documentation for detailed information on how to use CodeRabbit.
  • Join our Discord Community to get help, request features, and share feedback.
  • Follow us on X/Twitter for updates and announcements.

coderabbitai[bot]
coderabbitai bot requested changes Mar 21, 2025
View reviewed changes
Copy link
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🧹 Nitpick comments (3)
website/templatetags/custom_tags.py (1)

207-210: Enhance docstring with parameter and return details

Improve the function documentation by adding parameter and return value details.

 @register.filter
 def format_security_timedelta(td):
-    """Convert a timedelta object into a human-readable string."""
+    """Convert a timedelta object into a human-readable string.
+    
+    Args:
+        td (timedelta): The timedelta object to format
+    
+    Returns:
+        str: A formatted string like "X days, Y hours, Z minutes" or "N/A" if td is None
+    """
     if not td:
         return "N/A"
website/templates/organization/organization_analytics.html (1)

282-329: Add error handling for potentially missing data

The security incidents summary section should handle the case where security_incidents_summary might be None or any of its properties might be missing.

Add checks before accessing potentially missing properties:

 <div id="security-incidents" class="w-full px-8 mt-8">
     <div class="bg-white rounded-xl p-6 shadow-sm">
         <h2 class="text-2xl font-bold text-gray-900 mb-6">Security Incidents Summary</h2>
+        {% if security_incidents_summary %}
         <div class="grid grid-cols-1 md:grid-cols-2 lg:grid-cols-3 gap-6">
             <!-- Recent Incidents -->
             <div class="bg-gray-50 p-4 rounded-lg">
                 <h3 class="text-lg font-semibold text-gray-800 mb-2">Recent Incidents (30 days)</h3>
                 <p class="text-3xl font-bold text-red-600">{{ security_incidents_summary.recent_incidents }}</p>
             </div>
             <!-- Other sections... -->
         </div>
+        {% else %}
+        <div class="bg-gray-50 p-4 rounded-lg">
+            <p class="text-gray-600">No security incidents data available</p>
+        </div>
+        {% endif %}
     </div>
 </div>
website/views/company.py (1)

214-216: Potential database compatibility issue with timedelta calculation

Using database-level subtraction with F("closed_date") - F("created") might work for PostgreSQL, but could cause issues with other database backends. Consider performing this calculation in Python after fetching the data.

     # Calculate average resolution time
     resolved_issues = security_issues.filter(status="resolved")
     resolved_issues = resolved_issues.filter(closed_date__isnull=False)
-    avg_resolution_time = resolved_issues.aggregate(avg_time=Avg(F("closed_date") - F("created")))["avg_time"]
+    # Fetch the issues and calculate average timedelta in Python
+    resolved_issues_list = resolved_issues.values('closed_date', 'created')
+    if resolved_issues_list:
+        total_timedelta = timedelta()
+        count = 0
+        for issue in resolved_issues_list:
+            if issue['closed_date'] and issue['created']:
+                total_timedelta += issue['closed_date'] - issue['created']
+                count += 1
+        avg_resolution_time = total_timedelta / count if count > 0 else None
+    else:
+        avg_resolution_time = None
📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between fefbf5e and e1ec9a8.

📒 Files selected for processing (4)
  • .gitignore (1 hunks)
  • website/templates/organization/organization_analytics.html (2 hunks)
  • website/templatetags/custom_tags.py (1 hunks)
  • website/views/company.py (3 hunks)
🧰 Additional context used
🧬 Code Definitions (1)
website/views/company.py (1)
website/models.py (1) (1)
  • Issue (443-546)
⏰ Context from checks skipped due to timeout of 90000ms (2)
  • GitHub Check: Run Tests
  • GitHub Check: docker-test
🔇 Additional comments (4)
.gitignore (1)

22-22: LGTM: Added .qodo to .gitignore

Adding .qodo files to .gitignore is a good practice to avoid tracking project-specific configuration files.

website/templates/organization/organization_analytics.html (1)

73-85: LGTM: Security issues card implements consistent design pattern

The new card for security issues follows the same design pattern as the existing cards, maintaining UI consistency.

website/views/company.py (2)

414-414: LGTM: Context variable integration

Good job including the security incidents summary in the template context. This properly connects the backend data with the frontend template.

195-226:

Details

❓ Verification inconclusive

Handle potential missing severity field more robustly

The try-except block suggests that the severity field might not exist in the Issue model, which is concerning for a new feature. Consider checking if the model field exists before deployment or ensuring the field is added if needed.

🏁 Script executed:

#!/bin/bash
# Check if the Issue model has a severity field
echo "Checking if the Issue model has a severity field..."
python -c "
from website.models import Issue
from django.db import models

issue_fields = [field.name for field in Issue._meta.get_fields()]
if 'severity' in issue_fields:
    print('✅ Severity field exists in Issue model')
else:
    print('❌ Severity field DOES NOT exist in Issue model')
    print('Available fields:', issue_fields)
"

Length of output: 715

Attention: Missing Dependency Affecting Severity Field Verification

  • The check for the severity field in the Issue model could not be completed because of a missing dependency (annoying). The error (ModuleNotFoundError: No module named 'annoying') prevented the Python-based verification from running successfully.
  • As the try/except strategy in website/views/company.py is intended to handle an absent severity field, it’s critical to confirm whether this field should exist. However, before that, the missing dependency must be resolved.
  • Action Items:
    • Ensure that the annoying package is installed (or consider an alternative) so that the model file can be imported without errors.
    • Manually verify whether the Issue model includes the severity field by checking website/models.py (e.g., searching for “severity =” within the Issue class).
    • Once confirmed, either add the missing field or adjust the handling in the code to match the intended model structure.

coderabbitai[bot]
coderabbitai bot previously approved these changes Mar 21, 2025
View reviewed changes
coderabbitai[bot]
coderabbitai bot reviewed Mar 21, 2025
View reviewed changes
Copy link
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 0

🧹 Nitpick comments (1)
website/views/company.py (1)

195-227: Nicely structured security incidents summary method with good error handling.

The method effectively:

  • Filters security-related issues (label=4)
  • Gracefully handles the possible absence of the severity field
  • Calculates recent incidents (last 30 days)
  • Computes average resolution time
  • Identifies top affected domains

However, there's potential for a None value in the average resolution time calculation if no issues are resolved.

Consider adding a fallback for the average resolution time when no issues are resolved:

    avg_resolution_time = resolved_issues.aggregate(avg_time=Avg(F("closed_date") - F("created")))["avg_time"]
+    # Provide default value when no resolved issues exist
+    if avg_resolution_time is None:
+        avg_resolution_time = timedelta(0)
📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 7af663d and 6856f89.

📒 Files selected for processing (1)
  • website/views/company.py (3 hunks)
🧰 Additional context used
🧬 Code Definitions (1)
website/views/company.py (1)
website/models.py (1) (1)
  • Issue (443-546)
⏰ Context from checks skipped due to timeout of 90000ms (3)
  • GitHub Check: Run Tests
  • GitHub Check: docker-test
  • GitHub Check: Analyze (python)
🔇 Additional comments (2)
website/views/company.py (2)

11-11: Import additions look appropriate for the new functionality.

The new imports (FieldError from django.core.exceptions and Avg, F from django.db.models) align well with the requirements of the new security incidents summary feature.

Also applies to: 14-14

414-414: The implementation correctly adds security data to the context.

The data provided by get_security_incidents_summary() is properly added to the template context.

coderabbitai[bot]
coderabbitai bot previously approved these changes Mar 21, 2025
View reviewed changes
coderabbitai[bot]
coderabbitai bot reviewed Mar 21, 2025
View reviewed changes
Copy link
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 0

🧹 Nitpick comments (1)
website/templatetags/custom_tags.py (1)

208-217: The timedelta formatter looks good, with a minor readability enhancement suggestion.

The implementation correctly calculates days, hours, and minutes from a timedelta object, properly extracting each time component. I see that the previous review comment about correctly handling days extraction has been addressed.

Consider handling pluralization for a more natural reading experience:

 @register.filter
 def format_security_timedelta(td):
     """Convert a timedelta object into a human-readable string."""
     if not td:
         return "N/A"
     total_seconds = int(td.total_seconds())
     days = total_seconds // (24 * 3600)  # Calculate days first
     hours = (total_seconds % (24 * 3600)) // 3600  # Get remaining hours after days
     minutes = (total_seconds % 3600) // 60  # Get remaining minutes
-    return f"{days} days, {hours} hours, {minutes} minutes"
+    day_label = "day" if days == 1 else "days"
+    hour_label = "hour" if hours == 1 else "hours"
+    minute_label = "minute" if minutes == 1 else "minutes"
+    return f"{days} {day_label}, {hours} {hour_label}, {minutes} {minute_label}"
📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 6856f89 and a698549.

📒 Files selected for processing (1)
  • website/templatetags/custom_tags.py (1 hunks)
⏰ Context from checks skipped due to timeout of 90000ms (2)
  • GitHub Check: Run Tests
  • GitHub Check: docker-test

coderabbitai[bot]
coderabbitai bot previously approved these changes Mar 21, 2025
View reviewed changes
coderabbitai[bot]
coderabbitai bot reviewed Mar 21, 2025
View reviewed changes
Copy link
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 0

🧹 Nitpick comments (1)
website/templatetags/custom_tags.py (1)

208-217: Clean implementation of the time formatter filter!

The implementation correctly calculates days, hours, and minutes from a timedelta object, addressing the previous feedback about hours calculation. This will provide a consistent and readable time format for security incidents in the dashboard.

Here are a few minor suggestions to make the function even more robust:

  1. Consider handling negative timedeltas (perhaps with an absolute value conversion)
  2. The function could be enhanced to display only non-zero components (e.g., "2 hours, 30 minutes" instead of "0 days, 2 hours, 30 minutes")
  3. Expand the docstring to include parameter and return value descriptions
 @register.filter
 def format_security_timedelta(td):
-    """Convert a timedelta object into a human-readable string."""
+    """
+    Convert a timedelta object into a human-readable string.
+    
+    Args:
+        td (timedelta): The timedelta object to format
+        
+    Returns:
+        str: A human-readable string representation (e.g., "2 days, 5 hours, 30 minutes")
+              or "N/A" if the input is None/empty
+    """
     if not td:
         return "N/A"
-    total_seconds = int(td.total_seconds())
+    # Handle negative timedeltas by taking absolute value
+    total_seconds = int(abs(td.total_seconds()))
     days = total_seconds // (24 * 3600)  # Calculate days first
     hours = (total_seconds % (24 * 3600)) // 3600  # Get remaining hours after days
     minutes = (total_seconds % 3600) // 60  # Get remaining minutes
-    return f"{days} days, {hours} hours, {minutes} minutes"
+    # Build parts of the string, including only non-zero components
+    parts = []
+    if days > 0:
+        parts.append(f"{days} days")
+    if hours > 0 or days > 0:
+        parts.append(f"{hours} hours")
+    if minutes > 0 or hours > 0 or days > 0:
+        parts.append(f"{minutes} minutes")
+    if not parts:
+        return "0 minutes"  # Handle case where all values are zero
+    return ", ".join(parts)
📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between a698549 and d582c1e.

📒 Files selected for processing (1)
  • website/templatetags/custom_tags.py (1 hunks)
⏰ Context from checks skipped due to timeout of 90000ms (2)
  • GitHub Check: Run Tests
  • GitHub Check: docker-test

coderabbitai[bot]
coderabbitai bot previously approved these changes Mar 21, 2025
View reviewed changes
@cicada0007
Copy link
Contributor Author

cicada0007 commented Mar 21, 2025

@DonnieBLT Hello sir please review this PR

DonnieBLT
DonnieBLT requested changes Mar 21, 2025
View reviewed changes
Copy link
Collaborator

@DonnieBLT DonnieBLT left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You can use the timesince filter instead

@cicada0007 cicada0007 requested a review from DonnieBLT March 21, 2025 13:37
@cicada0007
Copy link
Contributor Author

cicada0007 commented Mar 21, 2025

@DonnieBLT The changes have been implemented. Requesting a PR review.

@DonnieBLT DonnieBLT merged commit b7d0fff into OWASP-BLT:main Mar 22, 2025
10 checks passed
@DonnieBLT
Copy link
Collaborator

DonnieBLT commented Mar 22, 2025

/giphy nice work

@github-actions
Copy link
Contributor

github-actions bot commented Mar 22, 2025

Giphy GIF

@coderabbitai coderabbitai bot mentioned this pull request Mar 23, 2025
Merged
mahii-17 pushed a commit to mahii-17/BLT that referenced this pull request Mar 27, 2025
@cicada0007 @mahii-17
Added Security Incidents Summary to Dashboard (OWASP-BLT#4029)
9b9a883 
* added Security Issue

* fix

* fix isort

* ruff format fix

* ruff fix

* fix
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@DonnieBLT DonnieBLT DonnieBLT approved these changes

@coderabbitai coderabbitai[bot] coderabbitai[bot] approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Add to company cyber dashboard: Summary of security incidents

2 participants

@cicada0007 @DonnieBLT