Progress on the notification content and rendering #106

Signed-off-by: tdruez <[email protected]>
aboutcode-org · Dec 30, 2024 · 9c8f88a · 9c8f88a
1 parent c20c636
commit 9c8f88a
Show file tree

Hide file tree

Showing 4 changed files with 54 additions and 31 deletions.
diff --git a/dejacode/settings.py b/dejacode/settings.py
@@ -658,6 +658,9 @@ def get_fake_redis_connection(config, use_strict_redis):
 # Provide context variables to the `Webhook` values such as `extra_headers`.
 HOOK_ENV = env.dict("HOOK_ENV", default={})
 
+# Internal notifications
+DJANGO_NOTIFICATIONS_CONFIG = {"USE_JSONFIELD": True}
+
 # Django-axes
 # Enable or disable Axes plugin functionality
 AXES_ENABLED = env.bool("AXES_ENABLED", default=False)

diff --git a/dje/templates/notifications/notice.html b/dje/templates/notifications/notice.html
@@ -1,26 +1,13 @@
 {% with notice.action_object.get_absolute_url as action_object_url %}
-  <a href="{{ action_object_url }}{% if action_object_content_type|slugify == 'package' %}#scan{% endif %}" class="list-group-item list-group-item-action flex-column align-items-start{% if not action_object_url %} disabled{% endif %}">
-    <div class="d-flex w-100 justify-content-between">
-      <div class="h6 mb-1">
-        {% if notice.actor != request.user %}
-          {{ notice.actor }}
-        {% endif %}
-        {{ notice.verb }}
-        {% if notice.action_object %}
-          {{ notice.action_object }}
-        {% else %}
-          <i>(object not found)</i>
-        {% endif %}
-        {% if notice.target %}
-          of {{ notice.target }}
-        {% endif %}
-      </div>
-      <small class="text-muted">
-        {{ notice.timesince }} ago
-      </small>
+  {% if action_object_url %}
+    <a href="{{ action_object_url }}{% if action_object_content_type|slugify == 'package' %}#scan{% endif %}" class="list-group-item list-group-item-action flex-column align-items-start">
+  {% else %}
+    <div class="list-group-item list-group-item-action flex-column align-items-start">
+  {% endif %}
+  {% include 'notifications/notice_content.html' %}
+  {% if action_object_url %}
+    </a>
+  {% else %}
     </div>
-    {% if notice.description %}
-      <small class="mb-0 text-muted">{{ notice.description|linebreaksbr }}</small>
-    {% endif %}
-  </a>
+  {% endif %}
 {% endwith %}
diff --git a/dje/templates/notifications/notice_content.html b/dje/templates/notifications/notice_content.html
@@ -0,0 +1,24 @@
+<div class="d-flex w-100 justify-content-between">
+  <div class="h6 mb-1">
+    {% if notice.actor != request.user %}
+      {{ notice.actor }}
+    {% endif %}
+    {{ notice.verb }}
+    {% if notice.action_object %}
+      {{ notice.action_object }}
+    {% elif action_object_content_type|slugify == 'package' %}
+      <i>(object not found)</i>
+    {% endif %}
+    {% if notice.target %}
+      of {{ notice.target }}
+    {% endif %}
+  </div>
+  <small class="text-muted">
+    {{ notice.timesince }} ago
+  </small>
+</div>
+{% if notice.description %}
+  <small class="mb-0 text-muted">
+    {{ notice.description|safe|linebreaksbr }}
+  </small>
+{% endif %}
diff --git a/vulnerabilities/fetch.py b/vulnerabilities/fetch.py
@@ -9,6 +9,7 @@
 from timeit import default_timer as timer
 
 from django.contrib.auth import get_user_model
+from django.contrib.contenttypes.models import ContentType
 from django.contrib.humanize.templatetags.humanize import intcomma
 from django.core.management.base import CommandError
 from django.urls import reverse
@@ -109,7 +110,7 @@ def fetch_for_packages(
 
         product_package_qs = ProductPackage.objects.filter(package__in=batch_affected_packages)
         product_package_qs.update_weighted_risk_score()
-        break
+        break  # TODO: Remove
 
     return results
 
@@ -145,8 +146,10 @@ def notify_vulnerability_data_update(dataspace):
     Trigger the notifications related to fetching vulnerability data from
     VulnerableCode.
     """
-    today = timezone.now().date()
-    vulnerability_qs = Vulnerability.objects.scope(dataspace)  #.filter(last_modified_date__date=today)
+    # today = timezone.now().date()
+    vulnerability_qs = Vulnerability.objects.scope(
+        dataspace
+    )  # .filter(last_modified_date__date=today)
     package_qs = Package.objects.scope(dataspace).filter(
         affected_by_vulnerabilities__in=vulnerability_qs
     )
@@ -159,15 +162,20 @@ def notify_vulnerability_data_update(dataspace):
     package_count = package_qs.count()
     subject = "[DejaCode] New vulnerabilities detected!"
 
+    # TODO: Add filter by ?last_modified_date=today
     package_list_url = reverse("component_catalog:package_list")
+    package_link = (
+        f'<a href="{package_list_url}?is_vulnerable=yes" target="_blank">'
+        f"{package_count} packages</a>"
+    )
     vulnerability_list_url = reverse("vulnerabilities:vulnerability_list")
-
-    # TODO: Add filter by ?last_modified_date=today
-    message = (
-        f"{vulnerability_count} vulnerabilities at {vulnerability_list_url}\n"
-        f"{package_count} packages affected at {package_list_url}?is_vulnerable=yes\n"
+    vulnerability_link = (
+        f'<a href="{vulnerability_list_url}" target="_blank">{vulnerability_count} '
+        f"vulnerabilities</a>"
     )
 
+    message = f"{vulnerability_link} affecting {package_link}"
+
     # 1. Webhooks
     find_and_fire_hook(
         "vulnerability.data_update",
@@ -183,4 +191,5 @@ def notify_vulnerability_data_update(dataspace):
         verb="New vulnerabilities detected",
         recipient=users_to_notify,
         description=f"{message}",
+        action_object_content_type=ContentType.objects.get_for_model(Vulnerability),
     )