Add jquery

Add basic implementation for vote view
Add create comment form , review status form
Add review list page , review-list view
Add login , logout functionality
Add a basic ui for review , review list , create review pages
Edit model.py ( use a many-to-many relationship instead of json field )
Add test
Add support for webfinger
Add pytest run doctests
Edit Actor model , Edit create_git_repo and view function
Try to make Reputation model more general
Add bulma static folders
Add create git function
Add basic UI, security_team_profile, database_admin_profile
Remove the extra relations ( many-to-many ,..) and use JSONField instead
Add test for following and follower actors
Edit basic django model
Add support for pytest, black, isort
Add django model test
Add missing fields in GitRepo
Add basic Implementation for ER diagram
Initial config for purl-sync project

Signed-off-by: ziadhany <[email protected]>

.gitignore

@@ -103,3 +103,4 @@ Pipfile
 *.bak
 /.cache/
 /tmp/
+/purl_sync/venv_purl/

purl_sync/manage.py

@@ -0,0 +1,22 @@
+#!/usr/bin/env python
+"""Django's command-line utility for administrative tasks."""
+import os
+import sys
+
+
+def main():
+    """Run administrative tasks."""
+    os.environ.setdefault("DJANGO_SETTINGS_MODULE", "purl_sync.settings")
+    try:
+        from django.core.management import execute_from_command_line
+    except ImportError as exc:
+        raise ImportError(
+            "Couldn't import Django. Are you sure it's installed and "
+            "available on your PYTHONPATH environment variable? Did you "
+            "forget to activate a virtual environment?"
+        ) from exc
+    execute_from_command_line(sys.argv)
+
+
+if __name__ == "__main__":
+    main()

purl_sync/purl_sync/asgi.py

@@ -0,0 +1,16 @@
+"""
+ASGI config for purl_sync project.
+
+It exposes the ASGI callable as a module-level variable named ``application``.
+
+For more information on this file, see
+https://docs.djangoproject.com/en/4.1/howto/deployment/asgi/
+"""
+
+import os
+
+from django.core.asgi import get_asgi_application
+
+os.environ.setdefault("DJANGO_SETTINGS_MODULE", "purl_sync.settings")
+
+application = get_asgi_application()

purl_sync/purl_sync/settings.py

@@ -0,0 +1,147 @@
+import os
+from pathlib import Path
+
+import environ
+
+PROJECT_DIR = Path(__file__).resolve().parent
+ROOT_DIR = PROJECT_DIR.parent
+# Environment
+
+ENV_FILE = "/etc/purl_sync/.env"
+if not Path(ENV_FILE).exists():
+    ENV_FILE = ROOT_DIR / ".env"
+
+env = environ.Env()
+environ.Env.read_env(str(ENV_FILE))
+
+DOMAIN = env.str("DOMAIN", "127.0.0.1")
+PUBLIC_KEY = env.str("PUBLIC_KEY")
+
+# Build paths inside the project like this: BASE_DIR / 'subdir'.
+BASE_DIR = Path(__file__).resolve().parent.parent
+
+# Quick-start development settings - unsuitable for production
+# See https://docs.djangoproject.com/en/4.1/howto/deployment/checklist/
+
+# SECURITY WARNING: keep the secret key used in production secret!
+SECRET_KEY = "django-insecure-uoc-dv7+6%dy7c6(hc$6*z_m-#4y*jp1%-^*5)y&+i9-@j7zup"
+
+# SECURITY WARNING: don't run with debug turned on in production!
+DEBUG = True
+
+ALLOWED_HOSTS = []
+
+# Application definition
+
+INSTALLED_APPS = [
+    "django.contrib.admin",
+    "django.contrib.auth",
+    "django.contrib.contenttypes",
+    "django.contrib.sessions",
+    "django.contrib.messages",
+    "django.contrib.staticfiles",
+    "review",
+    "oauth2_provider",
+]
+
+MIDDLEWARE = [
+    "django.middleware.security.SecurityMiddleware",
+    "django.contrib.sessions.middleware.SessionMiddleware",
+    "django.middleware.common.CommonMiddleware",
+    "django.middleware.csrf.CsrfViewMiddleware",
+    "django.contrib.auth.middleware.AuthenticationMiddleware",
+    "django.contrib.messages.middleware.MessageMiddleware",
+    "django.middleware.clickjacking.XFrameOptionsMiddleware",
+]
+
+ROOT_URLCONF = "purl_sync.urls"
+
+TEMPLATES = [
+    {
+        "BACKEND": "django.template.backends.django.DjangoTemplates",
+        "DIRS": [],
+        "APP_DIRS": True,
+        "OPTIONS": {
+            "context_processors": [
+                "django.template.context_processors.debug",
+                "django.template.context_processors.request",
+                "django.contrib.auth.context_processors.auth",
+                "django.contrib.messages.context_processors.messages",
+            ],
+        },
+    },
+]
+
+WSGI_APPLICATION = "purl_sync.wsgi.application"
+
+# Database
+# https://docs.djangoproject.com/en/4.1/ref/settings/#databases
+
+
+# DATABASES = {
+#     "default": {
+#         "ENGINE": env.str("PURL_SYNC_DB_ENGINE", "django.db.backends.postgresql"),
+#         "HOST": env.str("PURL_SYNC_DB_HOST", "localhost"),
+#         "NAME": env.str("PURL_SYNC_DB_NAME", "purl-sync"),
+#         "USER": env.str("PURL_SYNC_DB_USER", "vulnerablecode"),
+#         "PASSWORD": env.str("PURL_SYNC_DB_PASSWORD", "vulnerablecode"),
+#         "PORT": env.str("PURL_SYNC_DB_PORT", "5432"),
+#     }
+# }
+
+DATABASES = {
+    "default": {
+        "ENGINE": "django.db.backends.sqlite3",
+        "NAME": "mydatabase.db",
+    }
+}
+
+# Password validation
+# https://docs.djangoproject.com/en/4.1/ref/settings/#auth-password-validators
+
+AUTH_PASSWORD_VALIDATORS = [
+    {
+        "NAME": "django.contrib.auth.password_validation.UserAttributeSimilarityValidator",
+    },
+    {
+        "NAME": "django.contrib.auth.password_validation.MinimumLengthValidator",
+    },
+    {
+        "NAME": "django.contrib.auth.password_validation.CommonPasswordValidator",
+    },
+    {
+        "NAME": "django.contrib.auth.password_validation.NumericPasswordValidator",
+    },
+]
+
+REST_FRAMEWORK = {
+    "DEFAULT_AUTHENTICATION_CLASSES": [
+        "oauth2_provider.contrib.rest_framework.OAuth2Authentication",
+    ]
+}
+
+# Internationalization
+# https://docs.djangoproject.com/en/4.1/topics/i18n/
+
+LANGUAGE_CODE = "en-us"
+
+TIME_ZONE = "UTC"
+
+USE_I18N = True
+
+USE_TZ = True
+
+# Static files (CSS, JavaScript, Images)
+# https://docs.djangoproject.com/en/4.1/howto/static-files/
+
+STATIC_URL = "static/"
+
+# Default primary key field type
+# https://docs.djangoproject.com/en/4.1/ref/settings/#default-auto-field
+
+DEFAULT_AUTO_FIELD = "django.db.models.BigAutoField"
+
+MEDIA_URL = "/media/"
+MEDIA_ROOT = os.path.join(BASE_DIR, "media")
+GIT_PATH = os.path.join(MEDIA_ROOT, "git")
+ACTIVITYPUB_CONTENT_TYPE = "application/activity+json"

purl_sync/purl_sync/urls.py

@@ -0,0 +1,66 @@
+"""purl_sync URL Configuration
+
+The `urlpatterns` list routes URLs to views. For more information please see:
+    https://docs.djangoproject.com/en/4.1/topics/http/urls/
+Examples:
+Function views
+    1. Add an import:  from my_app import views
+    2. Add a URL to urlpatterns:  path('', views.home, name='home')
+Class-based views
+    1. Add an import:  from other_app.views import Home
+    2. Add a URL to urlpatterns:  path('', Home.as_view(), name='home')
+Including another URLconf
+    1. Import the include() function: from django.urls import include, path
+    2. Add a URL to urlpatterns:  path('blog/', include('blog.urls'))
+"""
+from django.conf import settings
+from django.conf.urls.static import static
+from django.contrib import admin
+from django.contrib.auth.views import LogoutView
+from django.urls import include
+from django.urls import path
+
+from review.views import CreatGitView
+from review.views import DatabaseAdminView
+from review.views import GitRepoListView
+from review.views import ReviewListView
+from review.views import ReviewView
+from review.views import SecurityTeamInbox
+from review.views import SecurityTeamOutbox
+from review.views import SecurityTeamSignUp
+from review.views import SecurityTeamView
+from review.views import UserLogin
+from review.views import WebfingerView
+from review.views import create_review
+from review.views import database_admin_inbox
+from review.views import database_admin_outbox
+from review.views import note_vote
+from review.views import review_vote
+
+urlpatterns = [
+    path("admin/", admin.site.urls),
+    path(".well-known/webfinger", WebfingerView.as_view(), name="web-finger"),
+    path("security-team/@<str:slug>", SecurityTeamView.as_view(), name="security-team-profile"),
+    path("database-admin/@<str:slug>", DatabaseAdminView.as_view(), name="database-admin-profile"),
+    path("accounts/sign-up", SecurityTeamSignUp.as_view(), name="signup"),
+    path("accounts/login", UserLogin.as_view(), name="login"),
+    path("accounts/logout", LogoutView.as_view(next_page="login"), name="logout"),
+    path("create-repo", CreatGitView.as_view(), name="repo-create"),
+    path("create-review", create_review),
+    path("review/<uuid:id>/", ReviewView.as_view(), name="review-page"),
+    path("review-list", ReviewListView.as_view()),
+    path("repo-list", GitRepoListView.as_view()),
+    path("review/<uuid:review_id>/votes/", review_vote, name="vote-review"),
+    path("note/<uuid:note_id>/votes/", note_vote, name="vote-note"),
+    path("security-team/<str:username>/inbox/", SecurityTeamInbox.as_view()),
+    path("security-team/<str:username>/outbox/", SecurityTeamOutbox.as_view()),
+    path("database-admin/<str:username>/outbox/", database_admin_outbox),
+    path("database-admin/<str:username>/inbox/", database_admin_inbox),
+    # path("security-team/@<str:username>/edit-followers/", database_admin_profile_view),
+    # path("database-admin/<str:username>/followers/", ),
+    # path("security-team/<str:username>/following/", ),
+    path("o/", include("oauth2_provider.urls", namespace="oauth2_provider")),
+]
+
+if settings.DEBUG:
+    urlpatterns += static(settings.MEDIA_URL, document_root=settings.MEDIA_ROOT)

purl_sync/purl_sync/wsgi.py

@@ -0,0 +1,16 @@
+"""
+WSGI config for purl_sync project.
+
+It exposes the WSGI callable as a module-level variable named ``application``.
+
+For more information on this file, see
+https://docs.djangoproject.com/en/4.1/howto/deployment/wsgi/
+"""
+
+import os
+
+from django.core.wsgi import get_wsgi_application
+
+os.environ.setdefault("DJANGO_SETTINGS_MODULE", "purl_sync.settings")
+
+application = get_wsgi_application()

purl_sync/pyproject.toml

@@ -0,0 +1,31 @@
+[build-system]
+requires = ["setuptools", "wheel"]
+build-backend = "setuptools.build_meta"
+
+
+[tool.pytest.ini_options]
+DJANGO_SETTINGS_MODULE = "purl_sync.settings"
+python_files = "*.py"
+python_classes = "Test"
+python_functions = "test"
+addopts = "--doctest-modules"
+
+[tool.black]
+line-length = 100
+include = '\.pyi?$'
+skip_gitignore = true
+# 'extend-exclude' excludes files or directories in addition to the defaults
+extend-exclude = '''
+(
+  ^/venv/.*
+  | ^/purl_sync/migrations/.*
+)
+'''
+
+
+[tool.isort]
+profile = "black"
+line_length = 100
+force_single_line = true
+skip_gitignore = true
+skip_glob = "purl_sync/migrations/*"

purl_sync/requirements.txt

@@ -0,0 +1,13 @@
+asgiref==3.7.2
+Django==4.2.2
+django-environ==0.10.0
+exceptiongroup==1.1.1
+iniconfig==2.0.0
+packaging==23.1
+Pillow==9.5.0
+pluggy==1.0.0
+pytest==7.3.2
+pytest-django==4.5.2
+sqlparse==0.4.4
+tomli==2.0.1
+typing_extensions==4.6.3

purl_sync/review/admin.py

@@ -0,0 +1,28 @@
+from django.contrib import admin
+
+from review.models import DatabaseAdmin
+from review.models import Follow
+from review.models import GitRepo
+from review.models import Notes
+from review.models import PackageUrl
+from review.models import RemoteActor
+from review.models import RemoteDatabaseAdmin
+from review.models import RemoteSecurityTeam
+from review.models import Reputation
+from review.models import Review
+from review.models import SecurityTeam
+from review.models import Vulnerability
+
+admin.site.register(SecurityTeam)
+admin.site.register(DatabaseAdmin)
+
+admin.site.register(Reputation)
+admin.site.register(GitRepo)
+admin.site.register(Vulnerability)
+admin.site.register(PackageUrl)
+admin.site.register(Notes)
+admin.site.register(Review)
+admin.site.register(Follow)
+
+admin.site.register(RemoteSecurityTeam)
+admin.site.register(RemoteDatabaseAdmin)

purl_sync/review/apps.py

@@ -0,0 +1,6 @@
+from django.apps import AppConfig
+
+
+class ReviewConfig(AppConfig):
+    default_auto_field = "django.db.models.BigAutoField"
+    name = "review"