Merge branch 'fix-blog-editor' of https://github.com/harsh3dev/BLT in…

…to fix-blog-editor

.env.example

@@ -22,3 +22,7 @@ DATABASE_URL=postgres://user:password@localhost:5432/dbname
 
 #Sentry DSN
 SENTRY_DSN=https://[email protected]/0
+
+
+SLACK_CLIENT_ID=
+SLACK_CLIENT_SECRET=

.gitignore

@@ -18,3 +18,4 @@ requirements.txt
 *.code-workspace
 *.log
 *.exe
+.vs

README.md

@@ -6,5 +6,4 @@
 
 <img alt="Views" src="https://blt.owasp.org/projects/blt/badge"></a>
 
-------
 Everything is on our <a href="https://blt.owasp.org">homepage</a>

blog/migrations/0004_alter_post_slug_alter_post_title.py

@@ -0,0 +1,22 @@
+# Generated by Django 5.1.3 on 2024-11-24 02:43
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+    dependencies = [
+        ("blog", "0003_post_image"),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name="post",
+            name="slug",
+            field=models.SlugField(blank=True, max_length=255, unique=True),
+        ),
+        migrations.AlterField(
+            model_name="post",
+            name="title",
+            field=models.CharField(max_length=255),
+        ),
+    ]

blog/migrations/0005_alter_post_image.py

@@ -0,0 +1,17 @@
+# Generated by Django 5.1.3 on 2024-11-24 18:26
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+    dependencies = [
+        ("blog", "0004_alter_post_slug_alter_post_title"),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name="post",
+            name="image",
+            field=models.ImageField(upload_to="blog_posts"),
+        ),
+    ]

blog/models.py

@@ -1,19 +1,37 @@
 from django.contrib.auth.models import User
+from django.core.exceptions import ValidationError
 from django.db import models
+from django.db.models.signals import post_save
+from django.dispatch import receiver
 from django.urls import reverse
 
 
 class Post(models.Model):
-    title = models.CharField(max_length=200)
-    slug = models.SlugField(unique=True, blank=True)
+    title = models.CharField(max_length=255)
+    slug = models.SlugField(unique=True, blank=True, max_length=255)
     author = models.ForeignKey(User, on_delete=models.CASCADE)
     content = models.TextField()
     created_at = models.DateTimeField(auto_now_add=True)
     updated_at = models.DateTimeField(auto_now=True)
-    image = models.ImageField()
+    image = models.ImageField(upload_to="blog_posts")
 
     def __str__(self):
         return self.title
 
     def get_absolute_url(self):
         return reverse("post_detail", kwargs={"slug": self.slug})
+
+
+@receiver(post_save, sender=Post)
+def verify_file_upload(sender, instance, **kwargs):
+    from django.core.files.storage import default_storage
+
+    print("Verifying file upload...")
+    print(f"Default storage backend: {default_storage.__class__.__name__}")
+    if instance.image:
+        print(f"Checking if image '{instance.image.name}' exists in the storage backend...")
+        if not default_storage.exists(instance.image.name):
+            print(f"Image '{instance.image.name}' was not uploaded to the storage backend.")
+            raise ValidationError(
+                f"Image '{instance.image.name}' was not uploaded to the storage backend."
+            )

blt/settings.py

@@ -8,12 +8,14 @@
 """
 
 # from google.oauth2 import service_account
+import json
 import os
 import sys
 
 import dj_database_url
 import environ
 from django.utils.translation import gettext_lazy as _
+from google.oauth2 import service_account
 
 # reading .env file
 environ.Env.read_env()
@@ -105,6 +107,7 @@
     "dj_rest_auth",
     "dj_rest_auth.registration",
     "blog",
+    "storages",
 )
 
 
@@ -263,8 +266,10 @@
 
 REPORT_EMAIL = os.environ.get("REPORT_EMAIL", "blank")
 REPORT_EMAIL_PASSWORD = os.environ.get("REPORT_PASSWORD", "blank")
-DEFAULT_FILE_STORAGE = "django.core.files.storage.FileSystemStorage"
-if "DATABASE_URL" in os.environ:
+
+# these settings are only for production / Heroku
+if "DYNO" in os.environ:
+    print("database url detected in settings")
     DEBUG = False
     EMAIL_HOST = "smtp.sendgrid.net"
     EMAIL_HOST_USER = os.environ.get("SENDGRID_USERNAME", "blank")
@@ -274,15 +279,54 @@
     if not TESTING:
         SECURE_SSL_REDIRECT = True
 
-    GS_ACCESS_KEY_ID = os.environ.get("GS_ACCESS_KEY_ID", "blank")
-    GS_SECRET_ACCESS_KEY = os.environ.get("GS_SECRET_ACCESS_KEY", "blank")
-    GOOGLE_APPLICATION_CREDENTIALS = "/app/google-credentials.json"
+    import logging
+
+    logging.basicConfig(level=logging.DEBUG)
+    # GS_ACCESS_KEY_ID = os.environ.get("GS_ACCESS_KEY_ID", "blank")
+    # GS_SECRET_ACCESS_KEY = os.environ.get("GS_SECRET_ACCESS_KEY", "blank")
+    # GOOGLE_APPLICATION_CREDENTIALS = "/app/google-credentials.json"
 
     GS_BUCKET_NAME = "bhfiles"
-    DEFAULT_FILE_STORAGE = "storages.backends.gcloud.GoogleCloudStorage"
+    # DEFAULT_FILE_STORAGE = "storages.backends.gcloud.GoogleCloudStorage"
+
+    # GS_CREDENTIALS = None
+
+    # # Ensure credentials file is valid
+    # try:
+    #     GS_CREDENTIALS = service_account.Credentials.from_service_account_file(
+    #         GOOGLE_APPLICATION_CREDENTIALS
+    #     )
+    #     print("Google Cloud Storage credentials loaded successfully.")
+    # except Exception as e:
+    #     print(f"Error loading Google Cloud Storage credentials: {e}")
+
+    GOOGLE_CREDENTIALS = os.getenv("GOOGLE_CREDENTIALS")
+
+    if not GOOGLE_CREDENTIALS:
+        raise Exception("GOOGLE_CREDENTIALS environment variable is not set.")
+
+    GS_CREDENTIALS = service_account.Credentials.from_service_account_info(
+        json.loads(GOOGLE_CREDENTIALS)
+    )
+
+    STORAGES = {
+        "default": {
+            "BACKEND": "storages.backends.gcloud.GoogleCloudStorage",
+            "OPTIONS": {
+                "credentials": GS_CREDENTIALS,
+                "bucket_name": GS_BUCKET_NAME,
+            },
+        },
+        "staticfiles": {
+            "BACKEND": "django.contrib.staticfiles.storage.ManifestStaticFilesStorage",
+        },
+    }
+
     GS_FILE_OVERWRITE = False
     GS_QUERYSTRING_AUTH = False
+    GS_DEFAULT_ACL = None
     MEDIA_URL = "https://bhfiles.storage.googleapis.com/"
+    # add debugging info for google storage
 
     import sentry_sdk
     from sentry_sdk.integrations.django import DjangoIntegration
@@ -297,6 +341,17 @@
     )
 
 else:
+    STORAGES = {
+        "default": {
+            "BACKEND": "django.core.files.storage.FileSystemStorage",
+        },
+        "staticfiles": {
+            "BACKEND": "django.contrib.staticfiles.storage.ManifestStaticFilesStorage",
+        },
+    }
+    DEFAULT_FILE_STORAGE = "storages.backends.gcloud.GoogleCloudStorage"
+    # DEFAULT_FILE_STORAGE = "django.core.files.storage.FileSystemStorage"
+    print("no database url detected in settings, using sqlite")
     if not TESTING:
         DEBUG = True
 
@@ -340,7 +395,7 @@
 
 # Simplified static file serving.
 # https://warehouse.python.org/project/whitenoise/
-STATICFILES_STORAGE = "whitenoise.storage.CompressedStaticFilesStorage"
+# STATICFILES_STORAGE = "whitenoise.storage.CompressedStaticFilesStorage"
 
 LOGIN_REDIRECT_URL = "/"
 

blt/urls.py

@@ -15,7 +15,7 @@
 
 import comments.views
 from blt import settings
-from company.views import ShowBughuntView
+from company.views import ShowBughuntView, SlackCallbackView
 from website.api.views import (
     ActivityLogViewSet,
     AuthApiViewset,
@@ -48,6 +48,7 @@
     add_suggestions,
     chatbot_conversation,
     check_status,
+    donate_view,
     facebook_callback,
     find_key,
     github_callback,
@@ -124,6 +125,7 @@
     company_dashboard_hunt_edit,
     company_hunt_results,
     delete_time_entry,
+    feed,
     get_scoreboard,
     hunt_results,
     sizzle,
@@ -155,6 +157,7 @@
     UserProfileDetailsView,
     UserProfileDetailView,
     addbalance,
+    assign_badge,
     contributors,
     contributors_view,
     create_wallet,
@@ -234,6 +237,7 @@
     re_path(r"^auth/github/connect/$", GithubConnect.as_view(), name="github_connect"),
     re_path(r"^auth/google/connect/$", GoogleConnect.as_view(), name="google_connect"),
     path("auth/github/url/", github_views.oauth2_login),
+    path("oauth/slack/callback/", SlackCallbackView.as_view(), name="slack_callback"),
     path("auth/google/url/", google_views.oauth2_login),
     path("auth/facebook/url/", facebook_views.oauth2_callback),
     path("socialaccounts/", SocialAccountListView.as_view(), name="social_account_list"),
@@ -525,6 +529,7 @@
     path("projects/<slug:slug>/badge/", ProjectBadgeView.as_view(), name="project-badge"),
     re_path(r"^report-ip/$", ReportIpView.as_view(), name="report_ip"),
     re_path(r"^reported-ips/$", ReportedIpListView.as_view(), name="reported_ips_list"),
+    re_path(r"^feed/$", feed, name="feed"),
     re_path(
         r"^api/v1/createissues/$",
         csrf_exempt(IssueCreate.as_view()),
@@ -586,6 +591,7 @@
     path("users/", users_view, name="users"),
     path("company/", include("company.urls")),
     path("sponsor/", sponsor_view, name="sponsor"),
+    path("donate/", donate_view, name="donate"),
     path("companies/", DomainListView.as_view(), name="domain_lists"),
     path("trademarks/", trademark_search, name="trademark_search"),
     path("generate_bid_image/<int:bid_amount>/", generate_bid_image, name="generate_bid_image"),
@@ -601,7 +607,7 @@
     path("suggestion/vote/", vote_suggestions, name="vote_suggestions"),
     path("suggestion/set-vote-status/", set_vote_status, name="set_vote_status"),
     re_path(
-        r"^trademarks/query=(?P<slug>[\w\s]+)",
+        r"^trademarks/query=(?P<slug>[\w\s\W]+)",
         trademark_detailview,
         name="trademark_detailview",
     ),
@@ -631,6 +637,7 @@
         name="user_sizzle_report",
     ),
     path("delete_time_entry/", delete_time_entry, name="delete_time_entry"),
+    path("assign-badge/<str:username>/", assign_badge, name="assign_badge"),
 ]
 
 if settings.DEBUG:

company/templates/company/add_slack_integration.html

@@ -0,0 +1,88 @@
+{% extends "company/company_dashboard_base.html" %}
+{% block title %}
+    Add Slack Integration
+{% endblock title %}
+{% block body %}
+    <div class="bg-[#F3F5F7] flex flex-col items-center">
+        <div class="w-full mt-5">
+            <p class="text-red-700 font-satoshi font-bold text-[35px] px-8">Add Slack Integration</p>
+        </div>
+        <form method='post'
+              action="#"
+              class="w-[96%] bg-white rounded-2xl p-10 my-10 shadow-md">
+            {% csrf_token %}
+            <div class="pb-12">
+                <h2 class="text-base font-semibold leading-7 text-gray-900">Configure Slack Bot:</h2>
+                <div class="mt-10 grid grid-cols-1 gap-x-6 gap-y-8 sm:grid-cols-6">
+                    <div class="sm:col-span-3">
+                        <label for="bot_token"
+                               class="block text-sm font-medium leading-6 text-gray-900">Bot Token</label>
+                        <div class="mt-2">
+                            <input type="text"
+                                   name="bot_token"
+                                   id="bot_token"
+                                   autocomplete="bot_token"
+                                   value="{{ slack_integration.bot_access_token }}"
+                                   disabled
+                                   class="block w-full rounded-md border-0 py-1.5 pl-3 text-gray-900 shadow-sm ring-1 ring-inset ring-gray-300 placeholder:text-gray-400 focus:ring-2 focus:ring-inset focus:ring-red-600 sm:text-sm sm:leading-6" />
+                        </div>
+                    </div>
+                </div>
+                <div class="mt-10 grid grid-cols-1 gap-x-6 gap-y-8 sm:grid-cols-6">
+                    <div class="sm:col-span-3">
+                        <label class="block text-sm font-medium leading-6 text-gray-900"
+                               for="target_channel">Select Channel to send messages to</label>
+                        <div class="mt-2 space-y-4">
+                            <select id="target_channel"
+                                    name="target_channel"
+                                    class="mt-1 block w-full px-3 py-2 border border-gray-300 rounded-md shadow-sm focus:outline-none focus:ring-indigo-500 focus:border-indigo-500 sm:text-sm">
+                                {% for channel_name in channels %}
+                                    <option value="{{ channel_name }}"
+                                            {% if slack_integration.default_channel_name == channel_name %}selected="selected"{% endif %}>
+                                        {{ channel_name }}
+                                    </option>
+                                {% endfor %}
+                            </select>
+                        </div>
+                    </div>
+                </div>
+            </div>
+            <div class=" grid grid-cols-1 gap-x-6 gap-y-8 sm:grid-cols-6">
+                <div class="sm:col-span-3">
+                    <label class="block text-sm font-medium leading-6 text-gray-900">Select Services</label>
+                    <div class="items-center flex">
+                        <input type="checkbox"
+                               id="daily_sizzle_timelogs_status"
+                               name="daily_sizzle_timelogs_status"
+                               class="h-4 w-4 text-indigo-600 focus:ring-indigo-500 border-gray-300 rounded"
+                               {% if slack_integration.daily_updates == True %}checked{% endif %}>
+                        <label for="daily_sizzle_timelogs_status"
+                               class="ml-3 block text-sm font-medium text-gray-900">
+                            Daily Sizzle Timelogs Status
+                        </label>
+                    </div>
+                </div>
+                <div class="sm:col-span-3 flex">
+                    <select id="daily_sizzle_timelogs_hour"
+                            name="daily_sizzle_timelogs_hour"
+                            class="mt-2 block pl-3 pr-10 py-2 text-base focus:outline-none focus:ring-indigo-500 focus:border-indigo-500 sm:text-sm rounded-md">
+                        <option value="" disabled>Select Hour in UTC</option>
+                        <!-- Loop to generate options from 0 to 23 -->
+                        {% for hour in hours %}
+                            <option value="{{ hour }}"
+                                    {% if slack_integration.daily_update_time == hour %}selected="selected"{% endif %}>
+                                {{ hour }}
+                            </option>
+                        {% endfor %}
+                    </select>
+                </div>
+            </div>
+            <div class="mt-6 flex items-center justify-end gap-x-6">
+                <button type="submit"
+                        class="rounded-md bg-red-600 px-11 py-3 text-md font-semibold text-white shadow-sm hover:bg-red-500 focus-visible:outline focus-visible:outline-2 focus-visible:outline-offset-2 focus-visible:outline-red-600">
+                    Save
+                </button>
+            </div>
+        </div>
+    </form>
+{% endblock body %}

company/templates/company/company_includes/sidebar.html

@@ -42,6 +42,12 @@ <h2 class="sidebar__logo-header font-bold">{{ company_obj.name | slice:":15" | c
                     <span>Roles</span>
                 </li>
             </a>
+            <a href="{% url 'company_manage_integrations' company %}">
+                <li id="domains" class="side-nav__item">
+                    <i class="fa fa-cog" aria-hidden="true"></i>
+                    <span>Integrations</span>
+                </li>
+            </a>
         </ul>
     </div>
     <ul class="side-nav">