Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Dojo_Group: Support for "RemoteUser" in model #9405

Merged
merged 3 commits into from
Feb 12, 2024

fix db_mig

4d55932
Select commit
Loading
Failed to load commit list.
Merged

Dojo_Group: Support for "RemoteUser" in model #9405

fix db_mig
4d55932
Select commit
Loading
Failed to load commit list.
DryRunSecurity / Sensitive Functions Analyzer succeeded Feb 5, 2024 in 0s

DryRun Security

Details

Potentially Sensitive Functions: 6 detected

⚠️ Sensitive Function dojo/db_migrations/0201_alter_dojo_group_social_provider.py (click for details)
Type Sensitive Function
Description This function alters the 'social_provider' field of the 'dojo_group' model, which is related to social authentication provider.
File Name dojo/db_migrations/0201_alter_dojo_group_social_provider.py
Function Name migrations.AlterField()
Code Link

django-DefectDojo/dojo/db_migrations/0201_alter_dojo_group_social_provider.py

Lines 14 to 18 in 4d55932

model_name='dojo_group',
name='social_provider',
field=models.CharField(blank=True, choices=[('AzureAD', 'AzureAD'), ('Remote', 'Remote')], help_text='Group imported from a social provider.', max_length=10, null=True, verbose_name='Social Authentication Provider'),
),
]
⚠️ Sensitive Function dojo/models.py (click for details)
Type Sensitive Function
Description This function modifies the 'social_provider' field of the 'Dojo_Group' model, which is related to social authentication provider.
File Name dojo/models.py
Function Name Dojo_Group.save()
Code Link

django-DefectDojo/dojo/models.py

Lines 23 to 32 in 4d55932

from django.utils.deconstruct import deconstructible
from django.utils.timezone import now
from django.utils.functional import cached_property
from django.utils import timezone
from django.utils.html import escape
from pytz import all_timezones
from polymorphic.models import PolymorphicModel
from multiselectfield import MultiSelectField
from django import forms
from django.utils.translation import gettext as _
⚠️ Sensitive Function dojo/pipeline.py (click for details)
Type Sensitive Function
Description This function assigns user to groups based on the social authentication provider.
File Name dojo/pipeline.py
Function Name dojo.pipeline.assign_user_to_groups()
Code Link

django-DefectDojo/dojo/pipeline.py

Line 2 in 4d55932

import re
⚠️ Sensitive Function dojo/remote_user.py (click for details)
Type Sensitive Function
Description This function reads authentication settings related to remote user authentication.
File Name dojo/remote_user.py
Function Name django.conf.settings
Code Link

django-DefectDojo/dojo/remote_user.py

Line 6 in 4d55932

from netaddr import IPAddress
⚠️ Sensitive Function dojo/remote_user.py (click for details)
Type Sensitive Function
Description This function assigns user to groups based on the remote authentication provider.
File Name dojo/remote_user.py
Function Name assign_user_to_groups()
Code Link

django-DefectDojo/dojo/remote_user.py

Line 77 in 4d55932

changed = True
⚠️ Sensitive Function unittests/test_remote_user.py (click for details)
Type Sensitive Function
Description This function creates new 'Dojo_Group' objects with a specific social authentication provider attribute value.
File Name unittests/test_remote_user.py
Function Name Dojo_Group.objects.get_or_create()
Code Link

django-DefectDojo/unittests/test_remote_user.py

Line 8 in 4d55932

View more details on DryRunSecurity