From 1de2bf32f8b6f35d93671641f7cdbaa1b065774e Mon Sep 17 00:00:00 2001
From: Greg Elin <gregelin@govready.com>
Date: Wed, 13 Jul 2022 19:21:22 -0500
Subject: [PATCH] Feature/v0.10.0 (#1765)

* Update Django to 3.2.14 to address vulnerability

* Remove Opera from testing

* Use older selenium 4.2.0 for tests to work

* Remove statement edit from proposed system component;  Upgrade moment to 2.29.4 for security, other npm libs (#1764)

* Upgrade moment to 2.29.4 for security, other npm libs

* Remove edit action information from proposed component control statements.

* Re-release of v0.10.0 July 13

Co-authored-by: Greg Elin <greg.elin@govready.com>
---
 CHANGELOG.md                               | 33 ++-------
 VERSION                                    |  2 +-
 controls/views.py                          |  2 +-
 templates/systems/element_detail_tabs.html | 79 ++++++++--------------
 4 files changed, 38 insertions(+), 78 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 7cdcd00fa..ad056a232 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,33 +1,7 @@
 GovReady-Q Release Notes
 ========================
 
-v0.10.1.2-dev (June 29, 2022)
------------------------------
-
-**Developer changes**
-
-* Remove Opera from test options.
-
-**Bug fixes**
-
-* Upgrade to Django 3.2.14 to fix Django vulnerability.
-
-v0.10.1.1-dev (June 29, 2022)
------------------------------
-
-**Bug fixes**
-
-* Hot patch to fix OSCAL SSP generation by making sure security_sensitivity_level has value.
-
-v0.10.1-dev (June 28, 2022)
----------------------------
-
-**Security fixes**
-
-* Upgrade npm modules to address multiple vulnerabilities.
-
-
-v0.10.0 (June 24, 2022)
+v0.10.0 (July 13, 2022)
 -----------------------
 
 Welcome to GovReady-q v0.10.0 "Aspen".
@@ -110,6 +84,7 @@ and provides a solid foundation for even more exciting innovations to come.
 * Add a large set of sample components (150+) generated from STIGs.
 * Detect Apple ARM platform (e.g. 'M1 chip') and use alternate backend Dockerfile with Chromium install commented out.
 * Added SystemEvent object in controls to track system events.
+* Remove Opera from test options.
 
 **Bug fixes**
 
@@ -120,12 +95,16 @@ and provides a solid foundation for even more exciting innovations to come.
 * Assign owners to default components (elements) created during install first_run script.
 * Correctly display POA&M forms with left-side menu.
 * Refactor and OIDC authentication for proper testing of admin and not admin roles.
+* Upgrade to Django 3.2.14 to fix Django vulnerability.
+* Hot patch to fix OSCAL SSP generation by making sure security_sensitivity_level has value.
+* Remove edit action information from proposed component control statements.
 
 **Security fixes**
 
 * Upgrade npm modules to address multiple vulnerabilities.
 * Upgrade Python libraries to address multiple vulnerabilities.
 
+
 v0.9.13 (January 23, 2022)
 --------------------------
 
diff --git a/VERSION b/VERSION
index 312087ce2..bf057dbfd 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-v0.10.1.1-dev
+v0.10.0
diff --git a/controls/views.py b/controls/views.py
index d1ce2df2f..541d4428e 100644
--- a/controls/views.py
+++ b/controls/views.py
@@ -1356,7 +1356,7 @@ def system_element(request, system_id, element_id):
                 proposal = None
                 return HttpResponseRedirect("/controls/{}/components/selected".format(system_id))
 
-            #get all statements that are not component_approval_criteria
+            # Get all statements that are not component_approval_criteria
             impl_smts = element.statements_produced.filter(~Q(statement_type='COMPONENT_APPROVAL_CRITERIA'))
             # Retrieve used catalog_key
             catalog_key = impl_smts[0].sid_class
diff --git a/templates/systems/element_detail_tabs.html b/templates/systems/element_detail_tabs.html
index aa1b9168c..5d4dc7087 100644
--- a/templates/systems/element_detail_tabs.html
+++ b/templates/systems/element_detail_tabs.html
@@ -21,22 +21,6 @@
     margin-top: 20px;
   }
 
-/*
-  #above-tab-content {
-    max-width: 1250px;
-    margin: auto;
-  }
-
-  #component-detail-content {
-    border: 0px solid green;
-    max-width: 1250px;
-  }
-
-
-  .container { width: 90%; }
-
-*/
-
   .control-text {
     white-space: pre-wrap;
     font-size: 11pt;
@@ -80,31 +64,22 @@
 
   .control-id-text { font-weight: bold; }
 
-
   /* added */
-.component-status-alert { border: 1px solid #ffb523;background-color: #ffffe2; text-align:center; padding:5px; }
-#system-owner-proposal-steps { margin-top:2em; margin-bottom:3em; max-width:1000px;}
-#system-owner-proposal-steps h4 { font-size: 1em; font-family: 'Lato', sans-serif; font-weight:bold; margin:.3em 0 .5em 0; padding:0;}
-#system-owner-proposal-steps .dot { width:50px; height:50px;}
-#system-owner-proposal-steps button { margin:2em 2em 0 0;}
-#system-owner-proposal-steps .step-box { margin-left:10px; padding-top:10px; }
-
-p.step-box-content { font-size:.9em; }
-
-#component-detail-content { border:0;}
-.list-group-item { padding:0 0 15px 0;}
-
-
+  .component-status-alert { border: 1px solid #ffb523;background-color: #ffffe2; text-align:center; padding:5px; }
+  #system-owner-proposal-steps { margin-top:2em; margin-bottom:3em; max-width:1000px;}
+  #system-owner-proposal-steps h4 { font-size: 1em; font-family: 'Lato', sans-serif; font-weight:bold; margin:.3em 0 .5em 0; padding:0;}
+  #system-owner-proposal-steps .dot { width:50px; height:50px;}
+  #system-owner-proposal-steps button { margin:2em 2em 0 0;}
+  #system-owner-proposal-steps .step-box { margin-left:10px; padding-top:10px; }
 
+  p.step-box-content { font-size:.9em; }
 
+  #component-detail-content { border:0;}
+  .list-group-item { padding:0 0 15px 0;}
 
   </style>
   {% endblock %}
 
-  <!-- action buttons included from project-base.html -->
-
-  <!-- authoring_tool_enabled included from project-base.html -->
-
   {% block body_content %}
 
   <div>
@@ -119,7 +94,6 @@
     </div>
   {% endif %}
 
-
     <div class="systems-top">
         <div class="col-sm-10 ">
           <h2>{{ element.name }} System Component</h2>
@@ -132,11 +106,8 @@ <h3 id="catalog-key-display">{{ catalog.catalog_key_display }}</h3>
         <div class="col-sm-2">
           <div id="btn-edit-title"></div>
         </div>
-
     </div>
 
-
-
     <div id="component-detail-content">
       <!-- Tab panel: component_controls -->
       <div role="tabpanel" class="tab-pane active" id="component_controls">
@@ -163,28 +134,29 @@ <h3>About {{ element.name }}</h3>
             </div>
           </div>
 
-
-
-
           <div id="system-owner-proposal-steps"></div>
 
-
           <form  style="display:none;" id="send_request_message" name="send_request_message" method="post" action="{% url 'system_element' system_id=system.id element_id=element.id %}">
             {% csrf_token %}
             <input type="hidden" id="req_message_type" name="req_message_type" value="" />
             <input type="hidden" id="req_message" name="req_message" value="" />
           </form>
 
-
-
-
           <div id="control-description" class="">
-            <h3>{{ element.name }} contributes {{ impl_smts|length }} statements to controls</h3>
+            {% if proposal %}
+              <h3>{{ element.name }} will contribute {{ impl_smts|length }} statements to system controls when approved</h3>
+            {% else %}
+              <h3>{{ element.name }} contributes {{ impl_smts|length }} statements to system controls</h3>
+            {% endif %}
           </div>
           <div class="row statement-column-headings" style="">
             <div class="col-xs-3 col-sm-3 col-md-3 col-lg-3 col-xl-3">Control</div>
             <div class="col-xs-6 col-sm-6 col-md-6 col-lg-6 col-xl-6">Statement</div>
+            {% if proposal %}
+              <div class="col-xs-3 col-sm-3 col-md-3 col-lg-3 col-xl-3"><span class="pull-left">Remarks</span></div>
+            {% else %}
               <div class="col-xs-3 col-sm-3 col-md-3 col-lg-3 col-xl-3"><span class="pull-right">Action</span></div>
+            {% endif %}
           </div>
           <div id="smt-list" class="" style="width: 100%">
             <!-- Loop through existing component-control statements -->
@@ -206,17 +178,24 @@ <h3>{{ element.name }} contributes {{ impl_smts|length }} statements to controls
                         </div>
                         <div class="col-xs-6 col-sm-6 col-md-6 col-lg-6 col-xl-6 statement-text-block">{{ smt.body }}</div>
                         <div class="col-xs-3 col-sm-3 col-md-3 col-lg-3 col-xl-3 remark-text-block">{% spaceless %}
-                            {% if smt.prototype_synched == 'not_synched' %}
+                          {% if proposal %}
+
+                            <span style="font-size: 9pt; color: #999;cursor: pointer;" onclick="alert('A component statement can be edited only after the component is approved for the system.');return false;">Editable after approval</span>
+                          {% else %}
+                            {% if smt.prototype_synched == 'not_synched'%}
                                 <span id="diff_alert_{{ forloop.counter }}_notice">
-                                    <span href="#diff_{{ forloop.counter }}" class="" style="text-decoration: none;font-weight: normal; font-size: 9pt; color: firebrick;cursor: pointer;" onclick="alert('Your statement and component\'s reference statement have diverged.\n\nEdit statement for details.');return false;"><span class="glyphicon glyphicon-alert"></span> Differs from reference</span>
+                                    <span href="#diff_{{ forloop.counter }}" class="" style="font-size: 9pt; color: firebrick;cursor: pointer;" onclick="alert('Your statement and component\'s reference statement have diverged.\n\nEdit statement for details.');return false;"><span class="glyphicon glyphicon-alert"></span> Differs from reference</span>
                                 </span>
                             {% elif smt.prototype_synched == 'orphaned' %}
                                 <span id="diff_alert_{{ forloop.counter }}">
-                                    <a href="#diff_{{ forloop.counter }}" class="" data-toggle="collapse" style="text-decoration: none;font-weight: normal; font-size: 9pt; color: firebrick;"><span class="glyphicon glyphicon-alert"></span> No related statement for component in library</a>
+                                    <a href="#diff_{{ forloop.counter }}" class="" data-toggle="collapse" style="normal; font-size: 9pt; color: firebrick;"><span class="glyphicon glyphicon-alert"></span> No related statement for component in library</a>
                                 </span>
                             {% endif %}
+                          {% endif %}
                           <span class="pull-right">
+                            {% if not proposal %}
                             <a role="button" class="glyphicon glyphicon-pencil" style="color: #aaa;" data-toggle="collapse" data-parent="#accordion" href="#document-{{ forloop.counter }}-body" aria-expanded="false" aria-controls="document-{{ forloop.counter }}-body"onclick="$('#document-{{ forloop.counter }}-title').css('background-color','#f4f5f8');$('#document-{{ forloop.counter }}-title').css('display','none');"></a>
+                            {% endif %}
                           </span>
                           {% if smt.remarks %}
                             <details>
@@ -346,9 +325,11 @@ <h3>{{ element.name }} contributes {{ impl_smts|length }} statements to controls
             <div class="col-xs-3 col-sm-3 col-md-3 col-lg-3 col-xl-3">&nbsp;</div>
             <div class="col-xs-6 col-sm-6 col-md-6 col-lg-6 col-xl-6">
               <!-- Add component statement-->
+              {% if not proposal %}
               <div>
                   <button type="submit" id="new_component_statement" class="btn btn-xs btn-success" onclick="add_smt()">Add component statement</button>
               </div>
+              {% endif %}
             </div>
           </div>