Add user-defined fields to static servers

GhostManager · Oct 17, 2023 · 1b826f4 · 1b826f4
1 parent 28cafd1
commit 1b826f4
Show file tree

Hide file tree

Showing 10 changed files with 71 additions and 2 deletions.
diff --git a/ghostwriter/commandcenter/fixtures/initial.json b/ghostwriter/commandcenter/fixtures/initial.json
@@ -33,5 +33,12 @@
     "fields": {
       "model_display_name": "Domains"
     }
+  },
+  {
+    "model": "commandcenter.ExtraFieldModel",
+    "pk": "shepherd.StaticServer",
+    "fields": {
+      "model_display_name": "Servers"
+    }
   }
 ]
diff --git a/ghostwriter/modules/custom_serializers.py b/ghostwriter/modules/custom_serializers.py
@@ -122,6 +122,7 @@ def bind(self, field_name, parent):
         self.root_ser = root_ser
 
     def to_representation(self, value):
+        print("DEBUG", self.model_name, repr(value))
         if value is None:
             value = {}
 
@@ -540,6 +541,7 @@ class StaticServerSerializer(TaggitSerializer, CustomModelSerializer):
     status = serializers.CharField(source="server_status")
     last_used_by = StringRelatedField()
     tags = TagListSerializerField()
+    extra_fields = ExtraFieldsSerField(StaticServer._meta.label)
 
     class Meta:
         model = StaticServer
@@ -564,6 +566,11 @@ class ServerHistorySerializer(CustomModelSerializer):
         exclude=["id", "project", "static_server", "transient_server"],
     )
 
+    extra_fields = ExtraFieldsSerField(
+        StaticServer._meta.label,
+        source="server.extra_fields"
+    )
+
     class Meta:
         model = ServerHistory
         exclude = [

diff --git a/ghostwriter/modules/linting_utils.py b/ghostwriter/modules/linting_utils.py
@@ -276,6 +276,7 @@
                 "dns": [{"domain": "ghostwriter.wiki", "endpoint": "", "subdomain": "www"}],
                 "note": "<p>Long-haul C2 server</p>",
                 "note_rt": "",
+                "extra_fields": {},
             },
             {
                 "name": "CC-02",
@@ -294,6 +295,7 @@
                 ],
                 "note": "<p>Short-haul C2 server for phishing</p>",
                 "note_rt": "",
+                "extra_fields": {},
             },
         ],
         "cloud": [

diff --git a/ghostwriter/modules/reportwriter.py b/ghostwriter/modules/reportwriter.py
@@ -51,7 +51,7 @@
 from ghostwriter.modules.linting_utils import LINTER_CONTEXT
 from ghostwriter.reporting.models import Evidence, Finding
 from ghostwriter.rolodex.models import Client, Project
-from ghostwriter.shepherd.models import Domain
+from ghostwriter.shepherd.models import Domain, StaticServer
 
 # Using __name__ resolves to ghostwriter.modules.reporting
 logger = logging.getLogger(__name__)
@@ -2273,6 +2273,9 @@ def lint_docx(self):
                     for field in ExtraFieldSpec.objects.filter(target_model=Domain._meta.label):
                         for domain in context["infrastructure"]["domains"]:
                             domain["extra_fields"][field.internal_name] = field.default_value()
+                    for field in ExtraFieldSpec.objects.filter(target_model=StaticServer._meta.label):
+                        for server in context["infrastructure"]["servers"]:
+                            server["extra_fields"][field.internal_name] = field.default_value()
 
                     # Step 4: Test rendering the document
                     try:

diff --git a/ghostwriter/shepherd/forms_server.py b/ghostwriter/shepherd/forms_server.py
@@ -25,6 +25,7 @@
 
 # Ghostwriter Libraries
 from ghostwriter.api.utils import get_client_list
+from ghostwriter.commandcenter.forms import ExtraFieldsField
 from ghostwriter.modules.custom_layout_object import CustomTab, Formset, SwitchToggle
 from ghostwriter.rolodex.models import Project
 from ghostwriter.shepherd.models import (
@@ -195,6 +196,8 @@ class ServerForm(forms.ModelForm):
     Save an individual :model:`shepherd.StaticServer`.
     """
 
+    extra_fields = ExtraFieldsField(StaticServer._meta.label)
+
     class Meta:
         model = StaticServer
         exclude = ("last_used_by",)
@@ -236,6 +239,7 @@ def __init__(self, *args, **kwargs):
                         css_class="form-row",
                     ),
                     "tags",
+                    "extra_fields",
                     "note",
                     link_css_class="icon server-icon",
                     css_id="server",

diff --git a/ghostwriter/shepherd/migrations/0046_staticserver_extra_fields.py b/ghostwriter/shepherd/migrations/0046_staticserver_extra_fields.py
@@ -0,0 +1,18 @@
+# Generated by Django 3.2.19 on 2023-10-16 13:53
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('shepherd', '0045_domain_extra_fields'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='staticserver',
+            name='extra_fields',
+            field=models.JSONField(default=dict),
+        ),
+    ]
diff --git a/ghostwriter/shepherd/models.py b/ghostwriter/shepherd/models.py
@@ -436,6 +436,7 @@ class StaticServer(models.Model):
         help_text="Enter the server's name (typically hostname)",
     )
     tags = TaggableManager(blank=True)
+    extra_fields = models.JSONField(default=dict)
     # Foreign Keys
     server_status = models.ForeignKey(
         ServerStatus,

diff --git a/ghostwriter/shepherd/templates/shepherd/server_detail.html b/ghostwriter/shepherd/templates/shepherd/server_detail.html
@@ -1,6 +1,6 @@
 {% extends "base_generic.html" %}
 
-{% load bleach_tags custom_tags %}
+{% load bleach_tags custom_tags extra_fields %}
 
 {% block pagetitle %}{{ primary_address }}{% endblock %}
 
@@ -202,6 +202,25 @@ <h4 class="icon history-icon">Server History</h4>
         {% endif %}
       </div>
 
+      {% comment %} Extra Fields Tab {% endcomment %}
+      {% if server_extra_fields_spec %}
+        <div id="extra_fields" class="tab-pane">
+          <h4>Extra Fields</h4>
+          <hr/>
+
+          <table class="table table-borderless table-centered project-details-table">
+            {% for field_spec in server_extra_fields_spec %}
+              <tr>
+                <td class="text-left bold">{{ field_spec.display_name }}</td>
+                <td class="text-left">
+                  {{ staticserver.extra_fields|display_extra_field:field_spec }}
+                </td>
+              </tr>
+            {% endfor %}
+          </table>
+        </div>
+      {% endif %}
+
       <!-- Notes Tab -->
       <div id="notes" class="tab-pane">
         <h4>Server Notes</h4>

diff --git a/ghostwriter/shepherd/templates/snippets/server_nav_tabs.html b/ghostwriter/shepherd/templates/snippets/server_nav_tabs.html
@@ -11,6 +11,13 @@
         <span class="badge badge-pill badge-light">{{ staticserver.serverhistory_set.all.count }}</span>
     </a>
 </li>
+{% if server_extra_fields_spec %}
+    <li class="nav-item">
+        <a id="id_extra_fields" class="nav-link tab-icon info-icon" data-toggle="tab" href="#extra_fields">
+            Extra Fields
+        </a>
+    </li>
+{% endif %}
 <li class="nav-item">
     <a class="nav-link icon comment-icon" data-toggle="tab" href="#notes">
         Notes

diff --git a/ghostwriter/shepherd/views.py b/ghostwriter/shepherd/views.py
@@ -1334,6 +1334,7 @@ def get_context_data(self, **kwargs):
         for address in aux_addresses:
             if address.primary:
                 ctx["primary_address"] = address.ip_address
+        ctx["server_extra_fields_spec"] = ExtraFieldSpec.objects.filter(target_model=StaticServer._meta.label)
         return ctx