security: Move security report to new page

Signed-off-by: James Valleroy <jvalleroy@mailbox.org> [sunil@medhas.org Remove status header similar to other toolbars] [sunil@medhas.org Add icon to 'show security report' button] [sunil@medhas.org Handle error retrieving past CVE counts] Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org> Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
2026-01-21 07:55:00 +00:00 · 2019-10-02 22:31:13 -04:00 · 2019-10-02 22:31:13 -04:00 · 03f5ca0b05
commit 03f5ca0b05
parent 5fe84bf395
4 changed files with 76 additions and 45 deletions
--- a/plinth/modules/security/templates/security.html
+++ b/plinth/modules/security/templates/security.html
@ -22,44 +22,9 @@
 {% load i18n %}

 {% block status %}
-  <h3>{% trans "Status" %}</h3>
-  <p>
-    {% blocktrans trimmed with count=freedombox_vulns.count %}
-      The installed version of FreedomBox has {{ count }} reported security
-      vulnerabilities.
-    {% endblocktrans %}
-  </p>
-  <p>
-    {% blocktrans trimmed %}
-      The following table lists the reported number of security vulnerabilities
-      for each installed app.
-    {% endblocktrans %}
-  </p>
-  <a class="btn btn-default collapsed collapsible-button" role="button"
-     data-toggle="collapse" href="#collapse-vulns" aria-expanded="false"
-     aria-controls="collapse-vulns">
-    <span class="fa fa-chevron-right fa-fw" aria-hidden="true"></span>
-    {% trans "Show security vulnerabilities" %}
+  <a class="btn btn-default" role="button" href="{% url 'security:report' %}"
+     title="{% trans 'Show security report' %}">
+    <span class="fa fa-line-chart" aria-hidden="true"></span>
+    {% trans "Show security report" %}
  </a>
-
-  <div class="collapse" id="collapse-vulns">
-    <table class="table table-bordered table-condensed table-striped">
-      <thead>
-        <tr>
-          <th>{% trans "App Name" %}</th>
-          <th>{% trans "Current Vulnerabilities" %}</th>
-          <th>{% trans "Past Vulnerabilities" %}</th>
-        </tr>
-      </thead>
-      <tbody>
-        {% for app in apps_vulns %}
-          <tr>
-            <td>{{ app.name }}</td>
-            <td>{{ app.count }}</td>
-            <td>{{ app.past_count }}</td>
-          </tr>
-        {% endfor %}
-      </tbody>
-    </table>
-  </div>
 {% endblock %}
--- a/plinth/modules/security/templates/security_report.html
+++ b/plinth/modules/security/templates/security_report.html
@ -0,0 +1,56 @@
+{% extends "base.html" %}
+{% comment %}
+#
+# This file is part of FreedomBox.
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as
+# published by the Free Software Foundation, either version 3 of the
+# License, or (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+{% endcomment %}
+
+{% load bootstrap %}
+{% load i18n %}
+
+{% block content %}
+  <h3>{% trans "Security Report" %}</h3>
+  <p>
+    {% blocktrans trimmed with count=freedombox_vulns.count %}
+      The installed version of FreedomBox has {{ count }} reported security
+      vulnerabilities.
+    {% endblocktrans %}
+  </p>
+  <p>
+    {% blocktrans trimmed %}
+      The following table lists the current reported number, and historical
+      count, of security vulnerabilities for each installed app.
+    {% endblocktrans %}
+  </p>
+  <table class="table table-bordered table-condensed table-striped">
+    <thead>
+      <tr>
+        <th>{% trans "App Name" %}</th>
+        <th>{% trans "Current Vulnerabilities" %}</th>
+        <th>{% trans "Past Vulnerabilities" %}</th>
+      </tr>
+    </thead>
+    <tbody>
+      {% for app in apps_vulns %}
+        <tr>
+          <td>{{ app.name }}</td>
+          <td>{{ app.count }}</td>
+          <td>{{ app.past_count|default_if_none:"❗"}}</td>
+        </tr>
+      {% endfor %}
+    </tbody>
+  </table>
+{% endblock %}
--- a/plinth/modules/security/urls.py
+++ b/plinth/modules/security/urls.py
@ -26,4 +26,5 @@ from . import views

 urlpatterns = [
    url(r'^sys/security/$', views.index, name='index'),
+    url(r'^sys/security/report$', views.report, name='report'),
 ]
--- a/plinth/modules/security/views.py
+++ b/plinth/modules/security/views.py
@ -43,7 +43,6 @@ def index(request):
    else:
        form = SecurityForm(initial=status, prefix='security')

-    vulnerability_counts = security.get_vulnerability_counts()
    return TemplateResponse(
        request, 'security.html', {
            'name':
@ -52,11 +51,6 @@ def index(request):
                security.manual_page,
            'form':
                form,
-            'freedombox_vulns':
-                vulnerability_counts.pop('freedombox'),
-            'apps_vulns':
-                sorted(vulnerability_counts.values(),
-                       key=lambda app: app['name']),
        })


@ -86,3 +80,18 @@ def _apply_changes(request, old_status, new_status):
            actions.superuser_run('service', ['enable', 'fail2ban'])
        else:
            actions.superuser_run('service', ['disable', 'fail2ban'])
+
+
+def report(request):
+    """Serve the security report page"""
+    vulnerability_counts = security.get_vulnerability_counts()
+    return TemplateResponse(
+        request, 'security_report.html', {
+            'title':
+                _('Security Report'),
+            'freedombox_vulns':
+                vulnerability_counts.pop('freedombox'),
+            'apps_vulns':
+                sorted(vulnerability_counts.values(),
+                       key=lambda app: app['name']),
+        })