benoit@0: {#
benoit@0: # Description:
benoit@0: # Web Template used in Farol Design
benoit@0: #
benoit@0: # Authors:
benoit@0: # Benoît Allard <benoit.allard@greenbone.net>
benoit@0: #
benoit@0: # Copyright:
benoit@0: # Copyright (C) 2014 Greenbone Networks GmbH
benoit@0: #
benoit@0: # This program is free software; you can redistribute it and/or
benoit@0: # modify it under the terms of the GNU General Public License
benoit@0: # as published by the Free Software Foundation; either version 2
benoit@0: # of the License, or (at your option) any later version.
benoit@0: #
benoit@0: # This program is distributed in the hope that it will be useful,
benoit@0: # but WITHOUT ANY WARRANTY; without even the implied warranty of
benoit@0: # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
benoit@0: # GNU General Public License for more details.
benoit@0: #
benoit@0: # You should have received a copy of the GNU General Public License
benoit@0: # along with this program; if not, write to the Free Software
benoit@0: # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
benoit@0: -#}
benoit@0: 
benoit@0: {% extends "base.j2" %}
benoit@105: {% from "macros.j2" import panel, modal, add_button, edit_button, delete_button %}
benoit@45: {% block title %}Product Tree{% endblock %}
benoit@0: 
benoit@45: {% set active = 'product' %}
benoit@7: 
benoit@0: {% block content %}
benoit@45: <div class='page-header'>
benoit@45:   <h1>Document's Product Tree<a href="#prodtree_modal" data-toggle="modal">?</a> <small>{{ producttree._products | length }} Products defined</small></h1>
benoit@0: </div>
benoit@45: {% call modal('prodtree_modal', "Product Tree") %}
benoit@45: <p>The <strong>Product Tree</strong> container contains all the fully qualified product names that can be referenced elsewhere in the document (specifically when describing the products that are affected by a vulnerability using the <strong>Product Statuses</strong>, <strong>Threats</strong>, <strong>CVSS Score Sets</strong>, and <strong>Remediation</strong> containers). The <strong>Product Tree</strong> can have as many branches as needed, but each endpoint of the tree must be terminated with a <strong>Full Product Name</strong> element, which represents a product that can be referenced elsewhere.</p>
benoit@45: <p>The <strong>Product Tree</strong> can be kept simple (flat) or made more detailed (branched out). It also supports concatenating products to describe relationships, such as components contained in a product or products installed on other products.</p>
benoit@45: <dl>
benoit@45:   <dt>Flat:</dt>
benoit@45:   <dd><p>In the simplest case, a flat <strong>Product TreeM</strong> would contain one or more <strong>Full Product Name</strong> elements at the root level, one for each product that needs to be described.</p></dd>
benoit@45:   <dt>Branched:</dt>
benoit@45:   <dd><p>In a more detailed <strong>Product Tree</strong>, the root element would contain one or more <strong>Branch</strong> elements at the root level, one for each class/type/category of product, each of which again contains one or more <strong>Branch</strong> elements until all desired categories and subcategories are described to the satisfaction of the document issuer. Then each open <strong>Branch</strong> element is terminated with the actual product item in the form of a <strong>Full Product Name</strong> element.</p></dd>
benoit@45:   <dt>Concatenated:</dt>
benoit@45:   <dd><p>No matter whether a flat or branched structure is chosen, you may need to be able to describe the combination of two <strong>Full Product Name</strong> elements, such as when a product is only vulnerable when installed together with another, or to describe operating system components. To do that, a <strong>Relationship</strong> element is inserted at the root of the <strong>Product Tree</strong>, with attributes establishing a link between two existing <strong>Full Product Name</strong> elements, allowing the document producer to define a combination of two products that form a new <strong>Full Product Name</strong> entry.</p></dd>
benoit@45:   <dt>Grouped:</dt>
benoit@45:   <dd><p>Once <strong>Full Product Name</strong> elements are defined, they may be freely added to logical groups, which may then be used to refer to a group of products. Given that it is possible for a product to be a member of more than one logical group, some areas of the CVRF document may not allow references to product groups to avoid ambiguity.</p></dd>
benoit@45: </dl>
benoit@0: {% endcall %}
benoit@45: {% call panel(heading="Branches", badge=producttree._branches | length, title=4, extended=True) %}
benoit@45:   {% for branch in producttree._branches recursive %}
benoit@45:     {% call panel() %}
benoit@105:       <div>
benoit@105:         {{ branch._type}}: <em>{{ branch._name }}</em>
benoit@105:         {{ edit_button(url_for('.edit_branch', path=branch.getPath() | join('/'))) }}
benoit@105:         {% if branch.isOrphaned() %}
benoit@105:           {{ delete_button(url_for('.del_branch', path=branch.getPath() | join('/'))) }}
benoit@105:         {% endif %}
benoit@105:       </div>
benoit@45:       {% if branch._product %}
benoit@76:         <p><strong><a href="{{ url_for('.view_product', productid=branch._product._productid) }}">{{ branch._product._name }}</a></strong></p>
benoit@0:       {% else %}
benoit@45:         {{ loop(branch._childs) }}
benoit@45:       {% endif %}
benoit@45:       {% if branch.isOrphaned() %}
benoit@76:         <p class="text-danger">This branch is <em>orphaned</em>. A <a href="{{ url_for('.add_product') }}">product</a> or a new <a href="{{ url_for('.add_branch') }}">branch</a> should be created as child of this one.</p>
benoit@0:       {% endif %}
benoit@0:     {% endcall %}
benoit@45:   {% endfor %}
benoit@105:   <div class="pull-right">{{ add_button(url_for('.add_branch')) }}</div>
benoit@45: {% endcall %}
benoit@45: {% call panel(heading="Products", badge=producttree.nbProducts(), title=4) %}
benoit@45:   {% for product in producttree._products if product._parent is sameas producttree %}
benoit@76:     <p><strong><a href="{{ url_for('.view_product', productid=product._productid) }}">{{ product._name }}</a></strong></p>
benoit@45:   {% endfor %}
benoit@105:   <div class="pull-right">{{ add_button(url_for('.add_product')) }}</div>
benoit@45: {% endcall %}
benoit@45: {% call panel(heading="Relationships", badge=producttree._relationships | length, title=4) %}
benoit@45:   {% for relationship in producttree._relationships %}
benoit@45:     {% call panel() %}
benoit@105:       <div>
benoit@105:         <em>{{ cvrf.getProductForID(relationship._productreference)._name }}</em> as {{ relationship._relationtype | lower }} <em>{{ cvrf.getProductForID(relationship._relatestoproductreference)._name }}</em>
benoit@105:         {{ edit_button(url_for('.edit_relationship', index=loop.index0)) }}
benoit@105:         {% if relationship.isOrphaned() %}
benoit@105:           {{ delete_button(url_for('.del_relationship', index=loop.index0)) }}
benoit@105:         {% endif %}
benoit@105:       </div>
benoit@105:       {% if relationship._product %}
benoit@105:         <p><strong><a href="{{ url_for('.view_product', productid=relationship._product._productid) }}">{{ relationship._product._name }}</a></strong></p>
benoit@105:       {% endif %}
benoit@45:       {% if relationship.isOrphaned() %}
benoit@76:         <p class="text-danger">This relationship is <em>orphaned</em>. A product should be <a href="{{ url_for('.add_product') }}">created</a> as child of this one.</p>
benoit@45:       {% endif %}
benoit@0:     {% endcall %}
benoit@45:   {% endfor %}
benoit@105:   <div class="pull-right">{{ add_button(url_for('.add_relationship')) }}</div>
benoit@45: {% endcall %}
benoit@45: {% call panel(heading="Groups", badge=producttree._groups | length, title=4) %}
benoit@45:   {% for group in producttree._groups %}
benoit@45:     {% call panel() %}
benoit@88:       <div class="pull-right">
benoit@105:         {{ edit_button(url_for('.edit_group', groupid=group._groupid)) }}
benoit@112:         {%if cvrf.isGroupOrphan(group._groupid) %}
benoit@112:           {{ delete_button(url_for('.del_group', groupid=group._groupid)) }}
benoit@112:         {% endif %}
benoit@88:       </div>
benoit@112:       {% if group._description %}<p class="small">{{ group._description }}</p>{% endif %}
benoit@45:       <ul>
benoit@45:         {% for productid in group._productids %}
benoit@45:           {% with product = cvrf.getProductForID(productid) %}
benoit@76:             <li><a href="{{ url_for('.view_product', productid=product._productid) }}">{{ product._name }}</a></li>
benoit@45:           {% endwith %}
benoit@45:         {% endfor %}
benoit@45:       </ul>
benoit@45:     {% endcall %}
benoit@45:   {% endfor %}
benoit@105:   <div class="pull-right">{{ add_button(url_for('.add_group')) }}</div>
benoit@45: {% endcall %}
benoit@110: <div class="pull-right">
benoit@110: {% if cvrf.isProductTreeOrphan() %}
benoit@110:   {{ delete_button(url_for('.delete'), text="delete whole Product Tree") }}
benoit@110: {% else %}
benoit@138:   <p class="text-danger"><small>The Product Tree cannot be deleted as some of its elements are referenced in the Document</small></p>
benoit@110: {% endif %}
benoit@110: </div>
benoit@0: {% endblock %}