From 275699164f8fce4e909ac81fe41f9d36a24e83eb Mon Sep 17 00:00:00 2001
From: Tomas Kubla <tomas@kubla.sk>
Date: Wed, 21 Dec 2022 14:46:12 +0000
Subject: [PATCH 01/63] Add go-httpbin

---
 docker-compose.override.dev.yml             | 2 ++
 docker-compose.override.unit_tests.yml      | 2 ++
 docker-compose.override.unit_tests_cicd.yml | 2 ++
 3 files changed, 6 insertions(+)

diff --git a/docker-compose.override.dev.yml b/docker-compose.override.dev.yml
index f3a281af061..59c3ebdc857 100644
--- a/docker-compose.override.dev.yml
+++ b/docker-compose.override.dev.yml
@@ -53,3 +53,5 @@ services:
         published: 8025
         protocol: tcp
         mode: host
+  go-httpbin:
+    image: mccutchen/go-httpbin:v2.5.3@sha256:866e254ec9fc44cdba12e8e9f1730e666958ceedfa32d09787bc95f9d4d01679
diff --git a/docker-compose.override.unit_tests.yml b/docker-compose.override.unit_tests.yml
index 164d7a87084..beeff5f2174 100644
--- a/docker-compose.override.unit_tests.yml
+++ b/docker-compose.override.unit_tests.yml
@@ -51,6 +51,8 @@ services:
   redis:
     image: busybox:1.36.1-musl
     entrypoint: ['echo', 'skipping', 'redis']
+  go-httpbin:
+    image: mccutchen/go-httpbin:v2.5.3@sha256:866e254ec9fc44cdba12e8e9f1730e666958ceedfa32d09787bc95f9d4d01679
 volumes:
   defectdojo_postgres_unit_tests: {}
   defectdojo_media_unit_tests: {}
diff --git a/docker-compose.override.unit_tests_cicd.yml b/docker-compose.override.unit_tests_cicd.yml
index b39f4cf034d..03bd9c9f92b 100644
--- a/docker-compose.override.unit_tests_cicd.yml
+++ b/docker-compose.override.unit_tests_cicd.yml
@@ -50,6 +50,8 @@ services:
   redis:
     image: busybox:1.36.1-musl
     entrypoint: ['echo', 'skipping', 'redis']
+  go-httpbin:
+    image: mccutchen/go-httpbin:v2.5.3@sha256:866e254ec9fc44cdba12e8e9f1730e666958ceedfa32d09787bc95f9d4d01679
 volumes:
   defectdojo_postgres_unit_tests: {}
   defectdojo_media_unit_tests: {}

From 77e29cc7f32c3dd056f46c2d28929a2f7268713c Mon Sep 17 00:00:00 2001
From: Tomas Kubla <tomas@kubla.sk>
Date: Thu, 22 Dec 2022 19:37:10 +0000
Subject: [PATCH 02/63] First round of changes

---
 docs/content/en/integrations/notifications.md |   7 +-
 .../0169_add_webhooks_notifications.py        | 109 ++++++++++++++++++
 dojo/models.py                                |  11 ++
 dojo/notifications/helper.py                  |  77 +++++++++++++
 dojo/templates/dojo/notifications.html        |   3 +
 dojo/templates/dojo/system_settings.html      |   2 +-
 dojo/templates/dojo/view_product_details.html |   3 +
 tests/notifications_test.py                   |   5 +
 8 files changed, 215 insertions(+), 2 deletions(-)
 create mode 100644 dojo/db_migrations/0169_add_webhooks_notifications.py

diff --git a/docs/content/en/integrations/notifications.md b/docs/content/en/integrations/notifications.md
index d5af295f0eb..3d979dbbd64 100644
--- a/docs/content/en/integrations/notifications.md
+++ b/docs/content/en/integrations/notifications.md
@@ -18,6 +18,7 @@ The following notification methods currently exist:
  - Email
  - Slack
  - Microsoft Teams
+ - Webhooks
  - Alerts within DefectDojo (default)
 
 You can set these notifications on a global scope (if you have
@@ -124,4 +125,8 @@ However, there is a specific use-case when the user decides to disable notificat
 
 The scope of this setting is customizable (see environmental variable `DD_NOTIFICATIONS_SYSTEM_LEVEL_TRUMP`).
 
-For more information about this behavior see the [related pull request #9699](https://github.com/DefectDojo/django-DefectDojo/pull/9699/)
\ No newline at end of file
+For more information about this behavior see the [related pull request #9699](https://github.com/DefectDojo/django-DefectDojo/pull/9699/)
+
+### Webhooks
+
+# TODO
\ No newline at end of file
diff --git a/dojo/db_migrations/0169_add_webhooks_notifications.py b/dojo/db_migrations/0169_add_webhooks_notifications.py
new file mode 100644
index 00000000000..725545c117f
--- /dev/null
+++ b/dojo/db_migrations/0169_add_webhooks_notifications.py
@@ -0,0 +1,109 @@
+# Generated by Django 3.2.15 on 2022-12-22 19:19
+
+from django.db import migrations, models
+import multiselectfield.db.fields
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('dojo', '0168_alter_system_settings_time_zone'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='notifications',
+            name='auto_close_engagement',
+            field=multiselectfield.db.fields.MultiSelectField(blank=True, choices=[('slack', 'slack'), ('msteams', 'msteams'), ('mail', 'mail'), ('webhooks', 'webhooks'), ('alert', 'alert')], default=('alert', 'alert'), max_length=33),
+        ),
+        migrations.AlterField(
+            model_name='notifications',
+            name='close_engagement',
+            field=multiselectfield.db.fields.MultiSelectField(blank=True, choices=[('slack', 'slack'), ('msteams', 'msteams'), ('mail', 'mail'), ('webhooks', 'webhooks'), ('alert', 'alert')], default=('alert', 'alert'), max_length=33),
+        ),
+        migrations.AlterField(
+            model_name='notifications',
+            name='code_review',
+            field=multiselectfield.db.fields.MultiSelectField(blank=True, choices=[('slack', 'slack'), ('msteams', 'msteams'), ('mail', 'mail'), ('webhooks', 'webhooks'), ('alert', 'alert')], default=('alert', 'alert'), max_length=33),
+        ),
+        migrations.AlterField(
+            model_name='notifications',
+            name='engagement_added',
+            field=multiselectfield.db.fields.MultiSelectField(blank=True, choices=[('slack', 'slack'), ('msteams', 'msteams'), ('mail', 'mail'), ('webhooks', 'webhooks'), ('alert', 'alert')], default=('alert', 'alert'), max_length=33),
+        ),
+        migrations.AlterField(
+            model_name='notifications',
+            name='jira_update',
+            field=multiselectfield.db.fields.MultiSelectField(blank=True, choices=[('slack', 'slack'), ('msteams', 'msteams'), ('mail', 'mail'), ('webhooks', 'webhooks'), ('alert', 'alert')], default=('alert', 'alert'), help_text='JIRA sync happens in the background, errors will be shown as notifications/alerts so make sure to subscribe', max_length=33, verbose_name='JIRA problems'),
+        ),
+        migrations.AlterField(
+            model_name='notifications',
+            name='other',
+            field=multiselectfield.db.fields.MultiSelectField(blank=True, choices=[('slack', 'slack'), ('msteams', 'msteams'), ('mail', 'mail'), ('webhooks', 'webhooks'), ('alert', 'alert')], default=('alert', 'alert'), max_length=33),
+        ),
+        migrations.AlterField(
+            model_name='notifications',
+            name='product_added',
+            field=multiselectfield.db.fields.MultiSelectField(blank=True, choices=[('slack', 'slack'), ('msteams', 'msteams'), ('mail', 'mail'), ('webhooks', 'webhooks'), ('alert', 'alert')], default=('alert', 'alert'), max_length=33),
+        ),
+        migrations.AlterField(
+            model_name='notifications',
+            name='product_type_added',
+            field=multiselectfield.db.fields.MultiSelectField(blank=True, choices=[('slack', 'slack'), ('msteams', 'msteams'), ('mail', 'mail'), ('webhooks', 'webhooks'), ('alert', 'alert')], default=('alert', 'alert'), max_length=33),
+        ),
+        migrations.AlterField(
+            model_name='notifications',
+            name='review_requested',
+            field=multiselectfield.db.fields.MultiSelectField(blank=True, choices=[('slack', 'slack'), ('msteams', 'msteams'), ('mail', 'mail'), ('webhooks', 'webhooks'), ('alert', 'alert')], default=('alert', 'alert'), max_length=33),
+        ),
+        migrations.AlterField(
+            model_name='notifications',
+            name='risk_acceptance_expiration',
+            field=multiselectfield.db.fields.MultiSelectField(blank=True, choices=[('slack', 'slack'), ('msteams', 'msteams'), ('mail', 'mail'), ('webhooks', 'webhooks'), ('alert', 'alert')], default='alert', help_text='Get notified of (upcoming) Risk Acceptance expiries', max_length=33, verbose_name='Risk Acceptance Expiration'),
+        ),
+        migrations.AlterField(
+            model_name='notifications',
+            name='scan_added',
+            field=multiselectfield.db.fields.MultiSelectField(blank=True, choices=[('slack', 'slack'), ('msteams', 'msteams'), ('mail', 'mail'), ('webhooks', 'webhooks'), ('alert', 'alert')], default=('alert', 'alert'), help_text='Triggered whenever an (re-)import has been done that created/updated/closed findings.', max_length=33),
+        ),
+        migrations.AlterField(
+            model_name='notifications',
+            name='sla_breach',
+            field=multiselectfield.db.fields.MultiSelectField(blank=True, choices=[('slack', 'slack'), ('msteams', 'msteams'), ('mail', 'mail'), ('webhooks', 'webhooks'), ('alert', 'alert')], default=('alert', 'alert'), help_text='Get notified of (upcoming) SLA breaches', max_length=33, verbose_name='SLA breach'),
+        ),
+        migrations.AlterField(
+            model_name='notifications',
+            name='stale_engagement',
+            field=multiselectfield.db.fields.MultiSelectField(blank=True, choices=[('slack', 'slack'), ('msteams', 'msteams'), ('mail', 'mail'), ('webhooks', 'webhooks'), ('alert', 'alert')], default=('alert', 'alert'), max_length=33),
+        ),
+        migrations.AlterField(
+            model_name='notifications',
+            name='test_added',
+            field=multiselectfield.db.fields.MultiSelectField(blank=True, choices=[('slack', 'slack'), ('msteams', 'msteams'), ('mail', 'mail'), ('webhooks', 'webhooks'), ('alert', 'alert')], default=('alert', 'alert'), max_length=33),
+        ),
+        migrations.AlterField(
+            model_name='notifications',
+            name='upcoming_engagement',
+            field=multiselectfield.db.fields.MultiSelectField(blank=True, choices=[('slack', 'slack'), ('msteams', 'msteams'), ('mail', 'mail'), ('webhooks', 'webhooks'), ('alert', 'alert')], default=('alert', 'alert'), max_length=33),
+        ),
+        migrations.AlterField(
+            model_name='notifications',
+            name='user_mentioned',
+            field=multiselectfield.db.fields.MultiSelectField(blank=True, choices=[('slack', 'slack'), ('msteams', 'msteams'), ('mail', 'mail'), ('webhooks', 'webhooks'), ('alert', 'alert')], default=('alert', 'alert'), max_length=33),
+        ),
+        migrations.AddField(
+            model_name='system_settings',
+            name='enable_webhooks_notifications',
+            field=models.BooleanField(default=False, verbose_name='Enable Webhook notifications'),
+        ),
+        migrations.AddField(
+            model_name='system_settings',
+            name='webhooks_url',
+            field=models.CharField(blank=True, default='', help_text='The full URL of the incoming webhook', max_length=400),
+        ),
+        migrations.AddField(
+            model_name='system_settings',
+            name='webhooks_token',
+            field=models.CharField(blank=True, default='', help_text='Token required for interacting with Webhook endpoint', max_length=100),
+        ),
+    ]
diff --git a/dojo/models.py b/dojo/models.py
index 5048f30427f..9ccdb9a0b0f 100644
--- a/dojo/models.py
+++ b/dojo/models.py
@@ -353,6 +353,15 @@ class System_Settings(models.Model):
     mail_notifications_to = models.CharField(max_length=200, default="",
                                              blank=True)
 
+    enable_webhooks_notifications = \
+        models.BooleanField(default=False,
+                            verbose_name=_('Enable Webhook notifications'),
+                            blank=False)
+    webhooks_url = models.CharField(max_length=400, default='', blank=True,
+                                    help_text=_('The full URL of the incoming webhook'))
+    webhooks_token = models.CharField(max_length=100, default='', blank=True,
+                                   help_text=_('Token required for interacting with Webhook endpoint'))
+
     false_positive_history = models.BooleanField(
         default=False, help_text=_(
             "(EXPERIMENTAL) DefectDojo will automatically mark the finding as a "
@@ -4015,12 +4024,14 @@ def set_obj(self, obj):
 NOTIFICATION_CHOICE_SLACK = ("slack", "slack")
 NOTIFICATION_CHOICE_MSTEAMS = ("msteams", "msteams")
 NOTIFICATION_CHOICE_MAIL = ("mail", "mail")
+NOTIFICATION_CHOICE_WEBHOOKS = ("webhooks", "webhooks")
 NOTIFICATION_CHOICE_ALERT = ("alert", "alert")
 
 NOTIFICATION_CHOICES = (
     NOTIFICATION_CHOICE_SLACK,
     NOTIFICATION_CHOICE_MSTEAMS,
     NOTIFICATION_CHOICE_MAIL,
+    NOTIFICATION_CHOICE_WEBHOOKS,
     NOTIFICATION_CHOICE_ALERT,
 )
 
diff --git a/dojo/notifications/helper.py b/dojo/notifications/helper.py
index 5a7ccf0dc60..7acf7591c73 100644
--- a/dojo/notifications/helper.py
+++ b/dojo/notifications/helper.py
@@ -4,12 +4,14 @@
 from django.conf import settings
 from django.core.exceptions import FieldDoesNotExist
 from django.core.mail import EmailMessage
+from django.conf import settings
 from django.db.models import Count, Prefetch, Q
 from django.template import TemplateDoesNotExist
 from django.template.loader import render_to_string
 from django.urls import reverse
 from django.utils.translation import gettext as _
 
+from dojo import __version__ as dd_version
 from dojo.authorization.roles_permissions import Permissions
 from dojo.celery import app
 from dojo.decorators import dojo_async_task, we_want_async
@@ -170,6 +172,7 @@ def process_notifications(event, notifications=None, **kwargs):
     slack_enabled = get_system_setting("enable_slack_notifications")
     msteams_enabled = get_system_setting("enable_msteams_notifications")
     mail_enabled = get_system_setting("enable_mail_notifications")
+    webhooks_enabled = get_system_setting("enable_webhooks_notifications")
 
     if slack_enabled and "slack" in getattr(notifications, event, getattr(notifications, "other")):
         logger.debug("Sending Slack Notification")
@@ -183,6 +186,10 @@ def process_notifications(event, notifications=None, **kwargs):
         logger.debug("Sending Mail Notification")
         send_mail_notification(event, notifications.user, **kwargs)
 
+    if webhooks_enabled and 'webhooks' in getattr(notifications, event, getattr(notifications, 'other')):
+        logger.debug('Sending Webhooks Notification')
+        send_webhooks_notification(event, notifications.user, **kwargs)
+
     if "alert" in getattr(notifications, event, getattr(notifications, "other")):
         logger.debug(f"Sending Alert to {notifications.user}")
         send_alert_notification(event, notifications.user, **kwargs)
@@ -309,6 +316,76 @@ def send_mail_notification(event, user=None, *args, **kwargs):
         log_alert(e, "Email Notification", title=kwargs["title"], description=str(e), url=kwargs["url"])
 
 
+@dojo_async_task
+@app.task
+def send_webhooks_notification(event, user=None, *args, **kwargs):
+    from dojo.utils import get_system_setting
+
+    try:
+        if get_system_setting('webhooks_url') is not None:
+            logger.debug('sending webhook message')
+            headers={
+                "User-Agent": f"DefectDojo-{dd_version}",
+                "X-DefectDojo-Event": event,
+                "X-DefectDojo-Instance": settings.SITE_URL,
+            }
+            if get_system_setting('webhooks_token') is not None:
+                headers["X-DefectDojo-Token"] = get_system_setting('webhooks_token')
+            if user:
+                headers["X-DefectDojo-User"] = user
+            res = requests.request(
+                method='POST',
+                url=get_system_setting('webhooks_url'),
+                headers=headers,
+                data=create_notification_message(event, user, 'webhooks', *args, **kwargs))
+            if res.status_code != 200:
+                logger.error("Error when sending message to Webhooks")
+                logger.error(res.status_code)
+                logger.error(res.text)
+                raise RuntimeError('Error posting message to Webhooks: ' + res.text)
+        else:
+            logger.info('URL for Webhooks not configured: skipping system notification')
+    except Exception as e:
+        logger.exception(e)
+        log_alert(e, "Webhooks Notification", title=kwargs['title'], description=str(e), url=kwargs['url'])
+        pass
+
+
+@dojo_async_task
+@app.task
+def send_webhooks_notification(event, user=None, *args, **kwargs):
+    from dojo.utils import get_system_setting
+
+    try:
+        if get_system_setting('webhooks_url') is not None:
+            logger.debug('sending webhook message')
+            headers={
+                "User-Agent": f"DefectDojo-{dd_version}",
+                "X-DefectDojo-Event": event,
+                "X-DefectDojo-Instance": settings.SITE_URL,
+            }
+            if get_system_setting('webhooks_token') is not None:
+                headers["X-DefectDojo-Token"] = get_system_setting('webhooks_token')
+            if user:
+                headers["X-DefectDojo-User"] = user
+            res = requests.request(
+                method='POST',
+                url=get_system_setting('webhooks_url'),
+                headers=headers,
+                data=create_notification_message(event, user, 'webhooks', *args, **kwargs))
+            if res.status_code != 200:
+                logger.error("Error when sending message to Webhooks")
+                logger.error(res.status_code)
+                logger.error(res.text)
+                raise RuntimeError('Error posting message to Webhooks: ' + res.text)
+        else:
+            logger.info('URL for Webhooks not configured: skipping system notification')
+    except Exception as e:
+        logger.exception(e)
+        log_alert(e, "Webhooks Notification", title=kwargs['title'], description=str(e), url=kwargs['url'])
+        pass
+
+
 def send_alert_notification(event, user=None, *args, **kwargs):
     logger.debug("sending alert notification to %s", user)
     try:
diff --git a/dojo/templates/dojo/notifications.html b/dojo/templates/dojo/notifications.html
index 52d87393c45..81fac49d5cc 100644
--- a/dojo/templates/dojo/notifications.html
+++ b/dojo/templates/dojo/notifications.html
@@ -89,6 +89,9 @@ <h3>
                         {% if 'mail' in enabled_notifications %}
                             <th class="centered">{% trans "Mail" %}</th>
                         {% endif %}
+                        {% if 'webhooks' in enabled_notifications %}
+                        <th class="centered">{% trans "Webhooks" %}</th>
+                        {% endif %}
                         <th class="centered">{% trans "Alert" %}</th>
                     </tr>
                 </thead>
diff --git a/dojo/templates/dojo/system_settings.html b/dojo/templates/dojo/system_settings.html
index 693abe712f0..02510452e16 100644
--- a/dojo/templates/dojo/system_settings.html
+++ b/dojo/templates/dojo/system_settings.html
@@ -62,7 +62,7 @@ <h3> System Settings </h3>
         }
 
         $(function () {
-            $.each(['slack','msteams','mail', 'grade'], function (index, value) {
+            $.each(['slack','msteams','mail','webhooks','grade'], function (index, value) {
                 updatenotificationsgroup(value);
                 $('#id_enable_' + value + '_notifications').change(function() { updatenotificationsgroup(value)});
             });
diff --git a/dojo/templates/dojo/view_product_details.html b/dojo/templates/dojo/view_product_details.html
index 30dd863fc3c..301264524f4 100644
--- a/dojo/templates/dojo/view_product_details.html
+++ b/dojo/templates/dojo/view_product_details.html
@@ -658,6 +658,9 @@ <h3 class="panel-title"><span class="fa-solid fa-users fa-fw" aria-hidden="true"
               {% if "mail" in enabled_notifications %}
               <td class="centered">{% trans "Mail" %}</td>
               {% endif %}
+              {% if "webhooks" in enabled_notifications %}
+              <td class="centered">{% trans "Webhooks" %}</td>
+              {% endif %}
               <td class="centered">{% trans "Alert" %}</td>
           </tr>
           {% for field in personal_notifications_form.visible_fields %}
diff --git a/tests/notifications_test.py b/tests/notifications_test.py
index 8d2d5fbbefa..971e5a5cb82 100644
--- a/tests/notifications_test.py
+++ b/tests/notifications_test.py
@@ -159,24 +159,29 @@ def suite():
     suite.addTest(NotificationTest("test_disable_personal_notification", "mail"))
     suite.addTest(NotificationTest("test_disable_personal_notification", "slack"))
     suite.addTest(NotificationTest("test_disable_personal_notification", "msteams"))
+    suite.addTest(NotificationTest('test_disable_personal_notification', 'webhooks'))
     # now test when enabled
     suite.addTest(NotificationTest("test_enable_personal_notification", "mail"))
     suite.addTest(NotificationTest("test_enable_personal_notification", "slack"))
     suite.addTest(NotificationTest("test_enable_personal_notification", "msteams"))
+    suite.addTest(NotificationTest('test_enable_personal_notification', 'webhooks'))
     # Now switch to system notifications
     suite.addTest(NotificationTest("test_disable_system_notification", "mail"))
     suite.addTest(NotificationTest("test_disable_system_notification", "slack"))
     suite.addTest(NotificationTest("test_disable_system_notification", "msteams"))
+    suite.addTest(NotificationTest('test_disable_system_notification', 'webhooks'))
     # now test when enabled
     suite.addTest(NotificationTest("test_enable_system_notification", "mail"))
     suite.addTest(NotificationTest("test_enable_system_notification", "slack"))
     suite.addTest(NotificationTest("test_enable_system_notification", "msteams"))
+    suite.addTest(NotificationTest('test_enable_system_notification', 'webhooks'))
     # not really for the user we created, but still related to user settings
     suite.addTest(NotificationTest("test_user_mail_notifications_change", "mail"))
     # now do short test for the template
     suite.addTest(NotificationTest("test_enable_template_notification", "mail"))
     suite.addTest(NotificationTest("test_enable_template_notification", "slack"))
     suite.addTest(NotificationTest("test_enable_template_notification", "msteams"))
+    suite.addTest(NotificationTest('test_enable_template_notification', 'webhooks'))
 
     return suite
 

From 576e61ecc26fb46bcca6fc8e2dbcb6224d795422 Mon Sep 17 00:00:00 2001
From: Tomas Kubla <tomas@kubla.sk>
Date: Mon, 9 Jan 2023 22:38:21 +0000
Subject: [PATCH 03/63] move webhooks to separated model,fix err handliing

---
 ...tions.py => 0178_notificaition_webhook.py} |  37 ++++---
 dojo/models.py                                |  23 ++++
 dojo/notifications/helper.py                  | 100 ++++++++++++------
 dojo/templates/dojo/view_product_details.html |   5 +-
 4 files changed, 113 insertions(+), 52 deletions(-)
 rename dojo/db_migrations/{0169_add_webhooks_notifications.py => 0178_notificaition_webhook.py} (80%)

diff --git a/dojo/db_migrations/0169_add_webhooks_notifications.py b/dojo/db_migrations/0178_notificaition_webhook.py
similarity index 80%
rename from dojo/db_migrations/0169_add_webhooks_notifications.py
rename to dojo/db_migrations/0178_notificaition_webhook.py
index 725545c117f..3747c93f42c 100644
--- a/dojo/db_migrations/0169_add_webhooks_notifications.py
+++ b/dojo/db_migrations/0178_notificaition_webhook.py
@@ -1,4 +1,4 @@
-# Generated by Django 3.2.15 on 2022-12-22 19:19
+# Generated by Django 3.2.15 on 2022-12-29 15:47
 
 from django.db import migrations, models
 import multiselectfield.db.fields
@@ -7,10 +7,28 @@
 class Migration(migrations.Migration):
 
     dependencies = [
-        ('dojo', '0168_alter_system_settings_time_zone'),
+        ('dojo', '0177_alter_system_settings_time_zone'),
     ]
 
     operations = [
+        migrations.CreateModel(
+            name='Webhook_Endpoints',
+            fields=[
+                ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('status', models.CharField(choices=[('active', 'Active'), ('inactive_400', 'Inactive because of 4xx error'), ('active_500', 'Active but 5xx error detected'), ('inactive_500', 'Inactive because of 5xx error'), ('inactive_others', 'Inactive because of status code unsupported'), ('inactive_manual', 'Inactive because of manual deactivation')], default='active', max_length=20)),
+                ('name', models.CharField(default='', help_text='Name of the incoming webhook', max_length=100, unique=True)),
+                ('url', models.URLField(default='', help_text='The full URL of the incoming webhook')),
+                ('header_name', models.CharField(blank=True, default='', help_text='Name of the header required for interacting with Webhook endpoint', max_length=100, null=True)),
+                ('header_value', models.CharField(blank=True, default='', help_text='Content of the header required for interacting with Webhook endpoint', max_length=100, null=True)),
+                ('first_error', models.DateTimeField(help_text='If endpoint is active, when error happened first time')),
+                ('last_error', models.DateTimeField(help_text='If endpoint is active, when error happened last time')),
+            ],
+        ),
+        migrations.AddField(
+            model_name='system_settings',
+            name='enable_webhooks_notifications',
+            field=models.BooleanField(default=False, verbose_name='Enable Webhook notifications'),
+        ),
         migrations.AlterField(
             model_name='notifications',
             name='auto_close_engagement',
@@ -91,19 +109,4 @@ class Migration(migrations.Migration):
             name='user_mentioned',
             field=multiselectfield.db.fields.MultiSelectField(blank=True, choices=[('slack', 'slack'), ('msteams', 'msteams'), ('mail', 'mail'), ('webhooks', 'webhooks'), ('alert', 'alert')], default=('alert', 'alert'), max_length=33),
         ),
-        migrations.AddField(
-            model_name='system_settings',
-            name='enable_webhooks_notifications',
-            field=models.BooleanField(default=False, verbose_name='Enable Webhook notifications'),
-        ),
-        migrations.AddField(
-            model_name='system_settings',
-            name='webhooks_url',
-            field=models.CharField(blank=True, default='', help_text='The full URL of the incoming webhook', max_length=400),
-        ),
-        migrations.AddField(
-            model_name='system_settings',
-            name='webhooks_token',
-            field=models.CharField(blank=True, default='', help_text='Token required for interacting with Webhook endpoint', max_length=100),
-        ),
     ]
diff --git a/dojo/models.py b/dojo/models.py
index 9ccdb9a0b0f..33e00eed5cc 100644
--- a/dojo/models.py
+++ b/dojo/models.py
@@ -4120,6 +4120,28 @@ def get_list_display(self, request):
         return list_fields
 
 
+class Webhook_Endpoints(models.Model):
+    STATUS_CHOICES = (
+        ("active", "Active"),
+        ("inactive_400", "Inactive because of 4xx error"), 
+        ("active_500", "Active but 5xx error detected"), 
+        ("inactive_500", "Inactive because of 5xx error"), 
+        ("inactive_others", "Inactive because of status code unsupported"), 
+        ("inactive_manual", "Inactive because of manual deactivation"), 
+    )
+    status = models.CharField(max_length=20, choices=STATUS_CHOICES, default="active", blank=False)
+    name = models.CharField(max_length=100, default='', blank=False, unique=True,
+                                    help_text=_('Name of the incoming webhook'))
+    url = models.URLField(max_length=200, default='', blank=False,
+                                    help_text=_('The full URL of the incoming webhook'))
+    header_name = models.CharField(max_length=100, default='', blank=True, null=True,
+                                   help_text=_('Name of the header required for interacting with Webhook endpoint'))
+    header_value = models.CharField(max_length=100, default='', blank=True, null=True,
+                                   help_text=_('Content of the header required for interacting with Webhook endpoint'))
+    first_error = models.DateTimeField(help_text=_('If endpoint is active, when error happened first time'))
+    last_error = models.DateTimeField(help_text=_('If endpoint is active, when error happened last time'))
+
+
 class Tool_Product_Settings(models.Model):
     name = models.CharField(max_length=200, null=False)
     description = models.CharField(max_length=2000, null=True, blank=True)
@@ -4653,6 +4675,7 @@ def __str__(self):
 admin.site.register(GITHUB_Details_Cache)
 admin.site.register(GITHUB_PKey)
 admin.site.register(Tool_Configuration, Tool_Configuration_Admin)
+admin.site.register(Webhook_Endpoints)
 admin.site.register(Tool_Product_Settings)
 admin.site.register(Tool_Type)
 admin.site.register(Cred_User)
diff --git a/dojo/notifications/helper.py b/dojo/notifications/helper.py
index 7acf7591c73..34d01f70d64 100644
--- a/dojo/notifications/helper.py
+++ b/dojo/notifications/helper.py
@@ -15,7 +15,7 @@
 from dojo.authorization.roles_permissions import Permissions
 from dojo.celery import app
 from dojo.decorators import dojo_async_task, we_want_async
-from dojo.models import Alerts, Dojo_User, Notifications, System_Settings, UserContactInfo
+from dojo.models import Alerts, Dojo_User, Notifications, System_Settings, UserContactInfo, Webhook_Endpoints, get_current_datetime
 from dojo.user.queries import get_authorized_users_for_product_and_product_type, get_authorized_users_for_product_type
 
 logger = logging.getLogger(__name__)
@@ -353,37 +353,75 @@ def send_webhooks_notification(event, user=None, *args, **kwargs):
 
 @dojo_async_task
 @app.task
-def send_webhooks_notification(event, user=None, *args, **kwargs):
-    from dojo.utils import get_system_setting
-
-    try:
-        if get_system_setting('webhooks_url') is not None:
-            logger.debug('sending webhook message')
-            headers={
-                "User-Agent": f"DefectDojo-{dd_version}",
-                "X-DefectDojo-Event": event,
-                "X-DefectDojo-Instance": settings.SITE_URL,
-            }
-            if get_system_setting('webhooks_token') is not None:
-                headers["X-DefectDojo-Token"] = get_system_setting('webhooks_token')
-            if user:
-                headers["X-DefectDojo-User"] = user
-            res = requests.request(
-                method='POST',
-                url=get_system_setting('webhooks_url'),
-                headers=headers,
-                data=create_notification_message(event, user, 'webhooks', *args, **kwargs))
-            if res.status_code != 200:
-                logger.error("Error when sending message to Webhooks")
-                logger.error(res.status_code)
-                logger.error(res.text)
-                raise RuntimeError('Error posting message to Webhooks: ' + res.text)
+def send_webhooks_notification(event, *args, **kwargs):
+    for endpoint in Webhook_Endpoints.objects.all():
+        if endpoint.status.startswith('active'):
+            try:
+                if endpoint.url is not None:
+                    logger.debug(f"sending webhook message to endpoint {endpoint.name}")
+                    headers={
+                        "User-Agent": f"DefectDojo-{dd_version}",
+                        "X-DefectDojo-Event": event,
+                        "X-DefectDojo-Instance": settings.SITE_URL,
+                    }
+                    if endpoint.header_name is not None:
+                        headers[endpoint.header_name] = endpoint.header_value
+                    res = requests.request(
+                        method='POST',
+                        url=endpoint.url,
+                        headers=headers,
+                        data=create_notification_message(event, None, 'webhooks', *args, **kwargs))
+                    if res.status_code not in [200, 201]:
+                        now = get_current_datetime()
+
+                        # There is no reason to keep endpoint active if it is returning 4xx errors
+                        if 400 <= res.status_code < 500:
+                            endpoint.status = "inactive_400"
+                            endpoint.first_error = now
+
+                        # 5xx is also not OK
+                        elif 500 <= res.status_code < 600:
+                            # If there is only temporary outage (we detected 5xx first time or it was before more then one hour), we can keep endpoint active (but marked) 
+
+                            # First detection
+                            if endpoint.last_error is None or (now - endpoint.last_error).minutes > 60:
+                                endpoint.status = "active_500"
+                                endpoint.first_error = now  # Yes, if last fail happen before more then hour, we are considering it as a new error
+
+                            # Repleated detection
+                            else:
+
+                                # Error is repeating over more then hour
+                                if (now - endpoint.first_error).minutes > 60:
+                                    endpoint.status = "inactive_500"
+
+                                # This situation shouldn't happen - only if somebody was cleaning status and didn't clean first/last_error
+                                # But we should handle it
+                                else:
+                                    endpoint.status = "active_500"
+                                    endpoint.first_error = now
+
+                        # Well, we really accepts only 200 and 201
+                        else:
+                            endpoint.status = "inactive_others"
+                            endpoint.first_error = now
+
+                        endpoint.last_error = now
+                        endpoint.save()
+
+                        logger.error("Error when sending message to Webhooks")
+                        logger.error(res.status_code)
+                        logger.error(res.text)
+                        raise RuntimeError('Error posting message to Webhooks: ' + res.text)
+                else:
+                    logger.info(f"URL for Webhook {endpoint.name} not configured: skipping system notification")
+            except Exception as e:
+                logger.exception(e)
+                log_alert(e, "Webhooks Notification", title=kwargs['title'], description=str(e), url=kwargs['url'])
         else:
-            logger.info('URL for Webhooks not configured: skipping system notification')
-    except Exception as e:
-        logger.exception(e)
-        log_alert(e, "Webhooks Notification", title=kwargs['title'], description=str(e), url=kwargs['url'])
-        pass
+            logger.info(f"URL for Webhook '{endpoint.name}' is not active: {endpoint.get_status_display()} ({endpoint.status})")
+    else:
+        logger.info('URLs for Webhooks not configured: skipping system notification')
 
 
 def send_alert_notification(event, user=None, *args, **kwargs):
diff --git a/dojo/templates/dojo/view_product_details.html b/dojo/templates/dojo/view_product_details.html
index 301264524f4..076215121f5 100644
--- a/dojo/templates/dojo/view_product_details.html
+++ b/dojo/templates/dojo/view_product_details.html
@@ -658,9 +658,6 @@ <h3 class="panel-title"><span class="fa-solid fa-users fa-fw" aria-hidden="true"
               {% if "mail" in enabled_notifications %}
               <td class="centered">{% trans "Mail" %}</td>
               {% endif %}
-              {% if "webhooks" in enabled_notifications %}
-              <td class="centered">{% trans "Webhooks" %}</td>
-              {% endif %}
               <td class="centered">{% trans "Alert" %}</td>
           </tr>
           {% for field in personal_notifications_form.visible_fields %}
@@ -671,7 +668,7 @@ <h3 class="panel-title"><span class="fa-solid fa-users fa-fw" aria-hidden="true"
               {% endif %}
             </td>
             {% for pk,c in field.field.widget.choices %}
-            {% if c != "msteams" and c in enabled_notifications %}
+            {% if c != "msteams" and c != "webhooks" and c in enabled_notifications %}
             <td class="centered"><input id="{{ field.name }}_{{ c }}" type="checkbox" name="{{ field.name }}" {% if c in field.value %}checked{% endif %} value="{{ c }}"/></td>
             {% endif %}
             {% endfor %}

From 6b2b167aa9c0e1e04732cc87f3d60d49b2914788 Mon Sep 17 00:00:00 2001
From: Tomas Kubla <tomas@kubla.sk>
Date: Mon, 9 Jan 2023 22:59:59 +0000
Subject: [PATCH 04/63] flake8

---
 dojo/models.py               | 10 +++++-----
 dojo/notifications/helper.py |  4 ++--
 2 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/dojo/models.py b/dojo/models.py
index 33e00eed5cc..6c333358558 100644
--- a/dojo/models.py
+++ b/dojo/models.py
@@ -4123,11 +4123,11 @@ def get_list_display(self, request):
 class Webhook_Endpoints(models.Model):
     STATUS_CHOICES = (
         ("active", "Active"),
-        ("inactive_400", "Inactive because of 4xx error"), 
-        ("active_500", "Active but 5xx error detected"), 
-        ("inactive_500", "Inactive because of 5xx error"), 
-        ("inactive_others", "Inactive because of status code unsupported"), 
-        ("inactive_manual", "Inactive because of manual deactivation"), 
+        ("inactive_400", "Inactive because of 4xx error"),
+        ("active_500", "Active but 5xx error detected"),
+        ("inactive_500", "Inactive because of 5xx error"),
+        ("inactive_others", "Inactive because of status code unsupported"),
+        ("inactive_manual", "Inactive because of manual deactivation"),
     )
     status = models.CharField(max_length=20, choices=STATUS_CHOICES, default="active", blank=False)
     name = models.CharField(max_length=100, default='', blank=False, unique=True,
diff --git a/dojo/notifications/helper.py b/dojo/notifications/helper.py
index 34d01f70d64..b893d09ed5d 100644
--- a/dojo/notifications/helper.py
+++ b/dojo/notifications/helper.py
@@ -359,7 +359,7 @@ def send_webhooks_notification(event, *args, **kwargs):
             try:
                 if endpoint.url is not None:
                     logger.debug(f"sending webhook message to endpoint {endpoint.name}")
-                    headers={
+                    headers = {
                         "User-Agent": f"DefectDojo-{dd_version}",
                         "X-DefectDojo-Event": event,
                         "X-DefectDojo-Instance": settings.SITE_URL,
@@ -381,7 +381,7 @@ def send_webhooks_notification(event, *args, **kwargs):
 
                         # 5xx is also not OK
                         elif 500 <= res.status_code < 600:
-                            # If there is only temporary outage (we detected 5xx first time or it was before more then one hour), we can keep endpoint active (but marked) 
+                            # If there is only temporary outage (we detected 5xx first time or it was before more then one hour), we can keep endpoint active (but marked)
 
                             # First detection
                             if endpoint.last_error is None or (now - endpoint.last_error).minutes > 60:

From cf3faca5f26dde1a6729b50958a369c1bd743aec Mon Sep 17 00:00:00 2001
From: Tomas Kubla <tomas@kubla.sk>
Date: Tue, 10 Jan 2023 10:10:03 +0000
Subject: [PATCH 05/63] Uset contant instead of strings

---
 dojo/models.py               | 20 ++++++++++++++------
 dojo/notifications/helper.py | 12 ++++++------
 2 files changed, 20 insertions(+), 12 deletions(-)

diff --git a/dojo/models.py b/dojo/models.py
index 6c333358558..3edce190fa9 100644
--- a/dojo/models.py
+++ b/dojo/models.py
@@ -4121,13 +4121,21 @@ def get_list_display(self, request):
 
 
 class Webhook_Endpoints(models.Model):
+    _STATUS_ACTIVE = "active"
+    _STATUS_INACTIVE = "inactive"
+    STATUS_ACTIVE = f"{_STATUS_ACTIVE}"
+    STATUS_INACTIVE_400 = f"{_STATUS_INACTIVE}_400"
+    STATUS_ACTIVE_500 = f"{_STATUS_ACTIVE}_500"
+    STATUS_INACTIVE_500 = f"{_STATUS_INACTIVE}_500"
+    STATUS_INACTIVE_OTHERS = f"{_STATUS_INACTIVE}_others"
+    STATUS_INACTIVE_MANUAL = f"{_STATUS_INACTIVE}_manual"
     STATUS_CHOICES = (
-        ("active", "Active"),
-        ("inactive_400", "Inactive because of 4xx error"),
-        ("active_500", "Active but 5xx error detected"),
-        ("inactive_500", "Inactive because of 5xx error"),
-        ("inactive_others", "Inactive because of status code unsupported"),
-        ("inactive_manual", "Inactive because of manual deactivation"),
+        (STATUS_ACTIVE, "Active"),
+        (STATUS_INACTIVE_400, "Inactive because of 4xx error"),
+        (STATUS_ACTIVE_500, "Active but 5xx error detected"),
+        (STATUS_INACTIVE_500, "Inactive because of 5xx error"),
+        (STATUS_INACTIVE_OTHERS, "Inactive because of status code unsupported"),
+        (STATUS_INACTIVE_MANUAL, "Inactive because of manual deactivation"),
     )
     status = models.CharField(max_length=20, choices=STATUS_CHOICES, default="active", blank=False)
     name = models.CharField(max_length=100, default='', blank=False, unique=True,
diff --git a/dojo/notifications/helper.py b/dojo/notifications/helper.py
index b893d09ed5d..c735892059f 100644
--- a/dojo/notifications/helper.py
+++ b/dojo/notifications/helper.py
@@ -355,7 +355,7 @@ def send_webhooks_notification(event, user=None, *args, **kwargs):
 @app.task
 def send_webhooks_notification(event, *args, **kwargs):
     for endpoint in Webhook_Endpoints.objects.all():
-        if endpoint.status.startswith('active'):
+        if endpoint.status.startswith(Webhook_Endpoints._STATUS_ACTIVE):
             try:
                 if endpoint.url is not None:
                     logger.debug(f"sending webhook message to endpoint {endpoint.name}")
@@ -376,7 +376,7 @@ def send_webhooks_notification(event, *args, **kwargs):
 
                         # There is no reason to keep endpoint active if it is returning 4xx errors
                         if 400 <= res.status_code < 500:
-                            endpoint.status = "inactive_400"
+                            endpoint.status = Webhook_Endpoints.STATUS_INACTIVE_400
                             endpoint.first_error = now
 
                         # 5xx is also not OK
@@ -385,7 +385,7 @@ def send_webhooks_notification(event, *args, **kwargs):
 
                             # First detection
                             if endpoint.last_error is None or (now - endpoint.last_error).minutes > 60:
-                                endpoint.status = "active_500"
+                                endpoint.status = Webhook_Endpoints.STATUS_ACTIVE_500
                                 endpoint.first_error = now  # Yes, if last fail happen before more then hour, we are considering it as a new error
 
                             # Repleated detection
@@ -393,17 +393,17 @@ def send_webhooks_notification(event, *args, **kwargs):
 
                                 # Error is repeating over more then hour
                                 if (now - endpoint.first_error).minutes > 60:
-                                    endpoint.status = "inactive_500"
+                                    endpoint.status = Webhook_Endpoints.STATUS_INACTIVE_500
 
                                 # This situation shouldn't happen - only if somebody was cleaning status and didn't clean first/last_error
                                 # But we should handle it
                                 else:
-                                    endpoint.status = "active_500"
+                                    endpoint.status = Webhook_Endpoints.STATUS_ACTIVE_500
                                     endpoint.first_error = now
 
                         # Well, we really accepts only 200 and 201
                         else:
-                            endpoint.status = "inactive_others"
+                            endpoint.status = Webhook_Endpoints.STATUS_INACTIVE_OTHERS
                             endpoint.first_error = now
 
                         endpoint.last_error = now

From 38332488de83fcbe8a826021b7a645cd53062098 Mon Sep 17 00:00:00 2001
From: Tomas Kubla <tomas@kubla.sk>
Date: Mon, 23 Jan 2023 21:22:43 +0000
Subject: [PATCH 06/63] Add basic API endpoints

---
 dojo/api_v2/serializers.py |  7 +++++++
 dojo/api_v2/views.py       | 10 ++++++++++
 2 files changed, 17 insertions(+)

diff --git a/dojo/api_v2/serializers.py b/dojo/api_v2/serializers.py
index c9a87a8362d..ef343f69f57 100644
--- a/dojo/api_v2/serializers.py
+++ b/dojo/api_v2/serializers.py
@@ -107,6 +107,7 @@
     UserContactInfo,
     Vulnerability_Id,
     Vulnerability_Id_Template,
+    Webhook_Endpoints,
     get_current_date,
 )
 from dojo.risk_acceptance.helper import add_findings_to_risk_acceptance, remove_finding_from_risk_acceptance
@@ -3172,3 +3173,9 @@ def create(self, validated_data):
                 raise serializers.ValidationError(msg)
             else:
                 raise
+
+
+class WebhookEndpointsSerializer(serializers.ModelSerializer):
+    class Meta:
+        model = Webhook_Endpoints
+        fields = "__all__"
diff --git a/dojo/api_v2/views.py b/dojo/api_v2/views.py
index 05d16521069..c7db35c1ab1 100644
--- a/dojo/api_v2/views.py
+++ b/dojo/api_v2/views.py
@@ -136,6 +136,7 @@
     Tool_Type,
     User,
     UserContactInfo,
+    Webhook_Endpoints,
 )
 from dojo.product.queries import (
     get_authorized_app_analysis,
@@ -3332,3 +3333,12 @@ class AnnouncementViewSet(
 
     def get_queryset(self):
         return Announcement.objects.all().order_by("id")
+
+
+class WebhookEndpointsViewset(
+    DojoModelViewSet
+):
+    serializer_class = serializers.WebhookEndpointsSerializer
+    queryset = Webhook_Endpoints.objects.all()
+    filter_backends = (DjangoFilterBackend,)
+    permission_classes = (IsAuthenticated, DjangoModelPermissions)  # TODO

From 8e4e9496bd437d904663424ea5314f3ba1b712a2 Mon Sep 17 00:00:00 2001
From: Tomas Kubla <tomas@kubla.sk>
Date: Mon, 23 Jan 2023 21:22:57 +0000
Subject: [PATCH 07/63] Add owner of endpoint

---
 ...icaition_webhook.py => 0179_notificaition_webhook.py} | 4 +++-
 dojo/models.py                                           | 2 ++
 dojo/notifications/helper.py                             | 9 ++++++---
 3 files changed, 11 insertions(+), 4 deletions(-)
 rename dojo/db_migrations/{0178_notificaition_webhook.py => 0179_notificaition_webhook.py} (96%)

diff --git a/dojo/db_migrations/0178_notificaition_webhook.py b/dojo/db_migrations/0179_notificaition_webhook.py
similarity index 96%
rename from dojo/db_migrations/0178_notificaition_webhook.py
rename to dojo/db_migrations/0179_notificaition_webhook.py
index 3747c93f42c..45967d81e45 100644
--- a/dojo/db_migrations/0178_notificaition_webhook.py
+++ b/dojo/db_migrations/0179_notificaition_webhook.py
@@ -2,12 +2,13 @@
 
 from django.db import migrations, models
 import multiselectfield.db.fields
+import django.db.models.deletion
 
 
 class Migration(migrations.Migration):
 
     dependencies = [
-        ('dojo', '0177_alter_system_settings_time_zone'),
+        ('dojo', '0178_alter_answer_polymorphic_ctype_and_more'),
     ]
 
     operations = [
@@ -22,6 +23,7 @@ class Migration(migrations.Migration):
                 ('header_value', models.CharField(blank=True, default='', help_text='Content of the header required for interacting with Webhook endpoint', max_length=100, null=True)),
                 ('first_error', models.DateTimeField(help_text='If endpoint is active, when error happened first time')),
                 ('last_error', models.DateTimeField(help_text='If endpoint is active, when error happened last time')),
+                ('owner', models.ForeignKey(blank=True, help_text='Owner/receiver of notification, if empty processed as system notification', null=True, on_delete=django.db.models.deletion.CASCADE, to='dojo.dojo_user')),
             ],
         ),
         migrations.AddField(
diff --git a/dojo/models.py b/dojo/models.py
index 3edce190fa9..2a5d4951633 100644
--- a/dojo/models.py
+++ b/dojo/models.py
@@ -4148,6 +4148,8 @@ class Webhook_Endpoints(models.Model):
                                    help_text=_('Content of the header required for interacting with Webhook endpoint'))
     first_error = models.DateTimeField(help_text=_('If endpoint is active, when error happened first time'))
     last_error = models.DateTimeField(help_text=_('If endpoint is active, when error happened last time'))
+    owner = models.ForeignKey(Dojo_User, editable=True, null=True, blank=True, on_delete=models.CASCADE,
+                              help_text=_('Owner/receiver of notification, if empty processed as system notification'))
 
 
 class Tool_Product_Settings(models.Model):
diff --git a/dojo/notifications/helper.py b/dojo/notifications/helper.py
index c735892059f..36354818f73 100644
--- a/dojo/notifications/helper.py
+++ b/dojo/notifications/helper.py
@@ -353,8 +353,8 @@ def send_webhooks_notification(event, user=None, *args, **kwargs):
 
 @dojo_async_task
 @app.task
-def send_webhooks_notification(event, *args, **kwargs):
-    for endpoint in Webhook_Endpoints.objects.all():
+def send_webhooks_notification(event, user=None, *args, **kwargs):
+    for endpoint in Webhook_Endpoints.objects.filter(owner=user):
         if endpoint.status.startswith(Webhook_Endpoints._STATUS_ACTIVE):
             try:
                 if endpoint.url is not None:
@@ -421,7 +421,10 @@ def send_webhooks_notification(event, *args, **kwargs):
         else:
             logger.info(f"URL for Webhook '{endpoint.name}' is not active: {endpoint.get_status_display()} ({endpoint.status})")
     else:
-        logger.info('URLs for Webhooks not configured: skipping system notification')
+        if user:
+            logger.info(f"URLs for Webhooks not configured for user '{user}': skipping user notification")
+        else:
+            logger.info(f"URLs for Webhooks not configured: skipping system notification")
 
 
 def send_alert_notification(event, user=None, *args, **kwargs):

From 431894125f68af09d20f35fb5e9fe809cc594a16 Mon Sep 17 00:00:00 2001
From: kiblik <kiblik@gjh.sk>
Date: Thu, 9 Feb 2023 23:08:19 +0000
Subject: [PATCH 08/63] Update go-httpbin

---
 docker-compose.override.dev.yml             | 2 --
 docker-compose.override.unit_tests.yml      | 2 +-
 docker-compose.override.unit_tests_cicd.yml | 2 +-
 3 files changed, 2 insertions(+), 4 deletions(-)

diff --git a/docker-compose.override.dev.yml b/docker-compose.override.dev.yml
index 59c3ebdc857..f3a281af061 100644
--- a/docker-compose.override.dev.yml
+++ b/docker-compose.override.dev.yml
@@ -53,5 +53,3 @@ services:
         published: 8025
         protocol: tcp
         mode: host
-  go-httpbin:
-    image: mccutchen/go-httpbin:v2.5.3@sha256:866e254ec9fc44cdba12e8e9f1730e666958ceedfa32d09787bc95f9d4d01679
diff --git a/docker-compose.override.unit_tests.yml b/docker-compose.override.unit_tests.yml
index beeff5f2174..bf5518decac 100644
--- a/docker-compose.override.unit_tests.yml
+++ b/docker-compose.override.unit_tests.yml
@@ -52,7 +52,7 @@ services:
     image: busybox:1.36.1-musl
     entrypoint: ['echo', 'skipping', 'redis']
   go-httpbin:
-    image: mccutchen/go-httpbin:v2.5.3@sha256:866e254ec9fc44cdba12e8e9f1730e666958ceedfa32d09787bc95f9d4d01679
+    image: mccutchen/go-httpbin:v2.5.5@sha256:70682c4803caf113f0e6dbec2d656ba551e7779b5b5a09c6d041dc3917362cc7
 volumes:
   defectdojo_postgres_unit_tests: {}
   defectdojo_media_unit_tests: {}
diff --git a/docker-compose.override.unit_tests_cicd.yml b/docker-compose.override.unit_tests_cicd.yml
index 03bd9c9f92b..33d710a15c3 100644
--- a/docker-compose.override.unit_tests_cicd.yml
+++ b/docker-compose.override.unit_tests_cicd.yml
@@ -51,7 +51,7 @@ services:
     image: busybox:1.36.1-musl
     entrypoint: ['echo', 'skipping', 'redis']
   go-httpbin:
-    image: mccutchen/go-httpbin:v2.5.3@sha256:866e254ec9fc44cdba12e8e9f1730e666958ceedfa32d09787bc95f9d4d01679
+    image: mccutchen/go-httpbin:v2.5.5@sha256:70682c4803caf113f0e6dbec2d656ba551e7779b5b5a09c6d041dc3917362cc7
 volumes:
   defectdojo_postgres_unit_tests: {}
   defectdojo_media_unit_tests: {}

From d5c2db05bcf8ba7394261e1b5c187cbc6390c39d Mon Sep 17 00:00:00 2001
From: Tomas Kubla <tomas@kubla.sk>
Date: Tue, 21 Feb 2023 13:58:33 +0000
Subject: [PATCH 09/63] Basic GUI

---
 ...enable_webhooks_notifications_and_more.py} |  12 +-
 dojo/forms.py                                 |  23 ++++
 dojo/models.py                                |   9 +-
 dojo/notifications/helper.py                  |   1 +
 dojo/notifications/urls.py                    |   6 +
 dojo/notifications/views.py                   | 112 +++++++++++++++++-
 dojo/templates/base.html                      |   6 +
 .../dojo/add_notification_webhook.html        |  13 ++
 .../dojo/delete_notification_webhook.html     |  12 ++
 .../dojo/edit_notification_webhook.html       |  15 +++
 .../templates/dojo/notification_webhooks.html |  90 ++++++++++++++
 .../dojo/view_notification_webhooks.html      | 105 ++++++++++++++++
 12 files changed, 393 insertions(+), 11 deletions(-)
 rename dojo/db_migrations/{0179_notificaition_webhook.py => 0181_system_settings_enable_webhooks_notifications_and_more.py} (93%)
 create mode 100644 dojo/templates/dojo/add_notification_webhook.html
 create mode 100644 dojo/templates/dojo/delete_notification_webhook.html
 create mode 100644 dojo/templates/dojo/edit_notification_webhook.html
 create mode 100644 dojo/templates/dojo/notification_webhooks.html
 create mode 100644 dojo/templates/dojo/view_notification_webhooks.html

diff --git a/dojo/db_migrations/0179_notificaition_webhook.py b/dojo/db_migrations/0181_system_settings_enable_webhooks_notifications_and_more.py
similarity index 93%
rename from dojo/db_migrations/0179_notificaition_webhook.py
rename to dojo/db_migrations/0181_system_settings_enable_webhooks_notifications_and_more.py
index 45967d81e45..9fd53b7b7ad 100644
--- a/dojo/db_migrations/0179_notificaition_webhook.py
+++ b/dojo/db_migrations/0181_system_settings_enable_webhooks_notifications_and_more.py
@@ -1,14 +1,14 @@
-# Generated by Django 3.2.15 on 2022-12-29 15:47
+# Generated by Django 4.1.5 on 2023-02-17 09:52
 
 from django.db import migrations, models
-import multiselectfield.db.fields
 import django.db.models.deletion
+import multiselectfield.db.fields
 
 
 class Migration(migrations.Migration):
 
     dependencies = [
-        ('dojo', '0178_alter_answer_polymorphic_ctype_and_more'),
+        ('dojo', '0180_announcement_userannouncement'),
     ]
 
     operations = [
@@ -16,13 +16,13 @@ class Migration(migrations.Migration):
             name='Webhook_Endpoints',
             fields=[
                 ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
-                ('status', models.CharField(choices=[('active', 'Active'), ('inactive_400', 'Inactive because of 4xx error'), ('active_500', 'Active but 5xx error detected'), ('inactive_500', 'Inactive because of 5xx error'), ('inactive_others', 'Inactive because of status code unsupported'), ('inactive_manual', 'Inactive because of manual deactivation')], default='active', max_length=20)),
                 ('name', models.CharField(default='', help_text='Name of the incoming webhook', max_length=100, unique=True)),
                 ('url', models.URLField(default='', help_text='The full URL of the incoming webhook')),
                 ('header_name', models.CharField(blank=True, default='', help_text='Name of the header required for interacting with Webhook endpoint', max_length=100, null=True)),
                 ('header_value', models.CharField(blank=True, default='', help_text='Content of the header required for interacting with Webhook endpoint', max_length=100, null=True)),
-                ('first_error', models.DateTimeField(help_text='If endpoint is active, when error happened first time')),
-                ('last_error', models.DateTimeField(help_text='If endpoint is active, when error happened last time')),
+                ('status', models.CharField(choices=[('active', 'Active'), ('inactive_400', 'Inactive because of 4xx error'), ('active_500', 'Active but 5xx error detected'), ('inactive_500', 'Inactive because of 5xx error'), ('inactive_others', 'Inactive because of status code unsupported'), ('inactive_manual', 'Inactive because of manual deactivation')], default='active', help_text='Status of the incoming webhook', max_length=20)),
+                ('first_error', models.DateTimeField(blank=True, help_text='If endpoint is active, when error happened first time', null=True)),
+                ('last_error', models.DateTimeField(blank=True, help_text='If endpoint is active, when error happened last time', null=True)),
                 ('owner', models.ForeignKey(blank=True, help_text='Owner/receiver of notification, if empty processed as system notification', null=True, on_delete=django.db.models.deletion.CASCADE, to='dojo.dojo_user')),
             ],
         ),
diff --git a/dojo/forms.py b/dojo/forms.py
index dde58a38b61..b2ceb0f16b7 100644
--- a/dojo/forms.py
+++ b/dojo/forms.py
@@ -96,6 +96,7 @@
     Tool_Type,
     User,
     UserContactInfo,
+    Webhook_Endpoints,
 )
 from dojo.product.queries import get_authorized_products
 from dojo.product_type.queries import get_authorized_product_types
@@ -2778,6 +2779,28 @@ class Meta:
         exclude = ["template"]
 
 
+class NotificationsWebhookForm(forms.ModelForm):
+    class Meta:
+        model = Webhook_Endpoints
+        exclude = []
+    def __init__(self, *args, **kwargs):
+        super(NotificationsWebhookForm, self).__init__(*args, **kwargs)
+        self.fields['status'].disabled = True
+        self.fields['first_error'].disabled = True
+        self.fields['last_error'].disabled = True
+
+class DeleteNotificationsWebhookForm(forms.ModelForm):
+    id = forms.IntegerField(required=True,
+                            widget=forms.widgets.HiddenInput())
+    def __init__(self, *args, **kwargs):
+        super(DeleteNotificationsWebhookForm, self).__init__(*args, **kwargs)
+        self.fields['name'].disabled = True
+        self.fields['url'].disabled = True
+
+    class Meta:
+        model = Webhook_Endpoints
+        fields = ['id', 'name', 'url']
+
 class ProductNotificationsForm(forms.ModelForm):
 
     def __init__(self, *args, **kwargs):
diff --git a/dojo/models.py b/dojo/models.py
index 2a5d4951633..adbe4676f91 100644
--- a/dojo/models.py
+++ b/dojo/models.py
@@ -4120,7 +4120,7 @@ def get_list_display(self, request):
         return list_fields
 
 
-class Webhook_Endpoints(models.Model):
+class Webhook_Endpoints(models.Model):  # TODO rename to Notification_Webhooks 
     _STATUS_ACTIVE = "active"
     _STATUS_INACTIVE = "inactive"
     STATUS_ACTIVE = f"{_STATUS_ACTIVE}"
@@ -4137,7 +4137,6 @@ class Webhook_Endpoints(models.Model):
         (STATUS_INACTIVE_OTHERS, "Inactive because of status code unsupported"),
         (STATUS_INACTIVE_MANUAL, "Inactive because of manual deactivation"),
     )
-    status = models.CharField(max_length=20, choices=STATUS_CHOICES, default="active", blank=False)
     name = models.CharField(max_length=100, default='', blank=False, unique=True,
                                     help_text=_('Name of the incoming webhook'))
     url = models.URLField(max_length=200, default='', blank=False,
@@ -4146,8 +4145,10 @@ class Webhook_Endpoints(models.Model):
                                    help_text=_('Name of the header required for interacting with Webhook endpoint'))
     header_value = models.CharField(max_length=100, default='', blank=True, null=True,
                                    help_text=_('Content of the header required for interacting with Webhook endpoint'))
-    first_error = models.DateTimeField(help_text=_('If endpoint is active, when error happened first time'))
-    last_error = models.DateTimeField(help_text=_('If endpoint is active, when error happened last time'))
+    status = models.CharField(max_length=20, choices=STATUS_CHOICES, default="active", blank=False,
+                              help_text=_('Status of the incoming webhook'))
+    first_error = models.DateTimeField(help_text=_('If endpoint is active, when error happened first time'), blank=True, null=True)
+    last_error = models.DateTimeField(help_text=_('If endpoint is active, when error happened last time'), blank=True, null=True)
     owner = models.ForeignKey(Dojo_User, editable=True, null=True, blank=True, on_delete=models.CASCADE,
                               help_text=_('Owner/receiver of notification, if empty processed as system notification'))
 
diff --git a/dojo/notifications/helper.py b/dojo/notifications/helper.py
index 36354818f73..39ab8d0ad38 100644
--- a/dojo/notifications/helper.py
+++ b/dojo/notifications/helper.py
@@ -354,6 +354,7 @@ def send_webhooks_notification(event, user=None, *args, **kwargs):
 @dojo_async_task
 @app.task
 def send_webhooks_notification(event, user=None, *args, **kwargs):
+    # TODO check sending notifications (in general) to inactive users
     for endpoint in Webhook_Endpoints.objects.filter(owner=user):
         if endpoint.status.startswith(Webhook_Endpoints._STATUS_ACTIVE):
             try:
diff --git a/dojo/notifications/urls.py b/dojo/notifications/urls.py
index dc91f7a04e2..1466fa8db19 100644
--- a/dojo/notifications/urls.py
+++ b/dojo/notifications/urls.py
@@ -7,4 +7,10 @@
     re_path(r"^notifications/system$", views.SystemNotificationsView.as_view(), name="system_notifications"),
     re_path(r"^notifications/personal$", views.PersonalNotificationsView.as_view(), name="personal_notifications"),
     re_path(r"^notifications/template$", views.TemplateNotificationsView.as_view(), name="template_notifications"),
+    re_path(r'^notifications/webhooks$', views.notification_webhooks, name='notification_webhooks'),
+    re_path(r'^notifications/webhooks/add$', views.add_notification_webhook, name='add_notification_webhook'),
+    re_path(r'^notifications/webhooks/(?P<nwhid>\d+)/edit$', views.edit_notification_webhook, name='edit_notification_webhook'),
+    re_path(r'^notifications/webhooks/(?P<nwhid>\d+)/delete$', views.delete_notification_webhook, name='delete_notification_webhook'),
+    # re_path(r'^notifications/webhooks/(?P<nwhid>\d+)/activate$', views.activate_notification_webhook, name='activate_notification_webhook'), # TODO finish
+    # re_path(r'^notifications/webhooks/(?P<nwhid>\d+)/deactivate$', views.deactivate_notification_webhook, name='deactivate_notification_webhook'),
 ]
diff --git a/dojo/notifications/views.py b/dojo/notifications/views.py
index 8a94d2ad7c5..7ee78a618f3 100644
--- a/dojo/notifications/views.py
+++ b/dojo/notifications/views.py
@@ -1,13 +1,23 @@
 import logging
+import requests
 
 from django.contrib import messages
 from django.core.exceptions import PermissionDenied
 from django.http import HttpRequest
-from django.shortcuts import render
+from django.shortcuts import render, get_object_or_404
 from django.utils.translation import gettext as _
 from django.views import View
 
 from dojo.forms import NotificationsForm
+
+from django.urls import reverse
+from django.http import HttpResponseRedirect, Http404
+
+from dojo.models import Notifications, Notification_Webhooks
+from dojo.utils import get_enabled_notifications_list, add_breadcrumb, get_system_setting
+from dojo.forms import NotificationsForm, NotificationsWebhookForm, DeleteNotificationsWebhookForm
+from dojo.authorization.authorization_decorators import user_is_configuration_authorized
+from dojo.notifications.helper import test_webhooks_notification
 from dojo.models import Notifications
 from dojo.utils import add_breadcrumb, get_enabled_notifications_list
 
@@ -129,3 +139,103 @@ def get_scope(self):
     def set_breadcrumbs(self, request: HttpRequest):
         add_breadcrumb(title=_("Template notification settings"), top_level=False, request=request)
         return request
+
+
+@user_is_configuration_authorized('dojo.view_notification_webhooks')
+def notification_webhooks(request):
+    nwhs = Webhook_Endpoints.objects.all().order_by('name')
+    # name_words = initial_queryset.values_list('name', flat=True)
+    # ntl = NoteTypesFilter(request.GET, queryset=initial_queryset)
+    # nwhs = get_page_items(request, initial_queryset.qs, 25)
+    # TODO finished pagination
+    # TODO restrict base on user
+    add_breadcrumb(title="Notification Webhook List", top_level=True, request=request)
+    return render(request, 'dojo/view_notification_webhooks.html', {
+        'name': 'Notification Webhook List',
+        'metric': False,
+        'user': request.user,
+        'nwhs': nwhs,
+        # 'ntl': ntl,
+        })
+
+
+@user_is_configuration_authorized('dojo.add_notification_webhook')
+def add_notification_webhook(request):
+    form = NotificationsWebhookForm()
+    if request.method == 'POST':
+        form = NotificationsWebhookForm(request.POST)
+        # TODO Allow edit owner on if superadmin
+        # TODO do not allow to change status, first_error, last_error
+        if form.is_valid():
+            form.save()
+            # TODO add check of connecticity
+            messages.add_message(request,
+                                 messages.SUCCESS,
+                                 'Notification Webhook added successfully.',
+                                 extra_tags='alert-success')
+            return HttpResponseRedirect(reverse('notification_webhooks'))
+    # TODO Disable Owner if not superadmin
+    add_breadcrumb(title="Add Notication Webhook", top_level=False, request=request)
+    return render(request, 'dojo/add_notification_webhook.html', {
+        'name': 'Add Notification Webhook',
+        'user': request.user,
+        'form': form,
+    })
+
+
+@user_is_configuration_authorized('dojo.change_notification_webhook')
+# TODO this could be better: @user_is_authorized(Finding, Permissions.Finding_Delete, 'fid')
+def edit_notification_webhook(request, nwhid):
+    nwh = get_object_or_404(Webhook_Endpoints, pk=nwhid)
+    nwh_form = NotificationsWebhookForm(instance=nwh)
+    if request.method == "POST": # TODO do we need this:? and request.POST.get('edit_note_type'):
+        nwh_form = NotificationsWebhookForm(request.POST, instance=nwh)
+        # TODO Allow edit owner on if superadmin
+        # TODO do not allow to change status, first_error, last_error
+        if nwh_form.is_valid():
+            nwh = nwh_form.save()
+            # TODO add check of connecticity
+            messages.add_message(
+                request,
+                messages.SUCCESS,
+                'Notification Webhook updated successfully.',
+                extra_tags="alert-success",
+            )
+            return HttpResponseRedirect(reverse("notification_webhooks"))
+    # TODO Disable Owner if not superadmin
+    add_breadcrumb(title="Edit Notication Webhook", top_level=False, request=request)
+    return render(request, 'dojo/edit_notification_webhook.html', {
+        'name': 'Edit Notication Webhook',
+        'user': request.user,
+        'form': nwh_form,
+        'nwh': nwh})
+
+
+@user_is_configuration_authorized('dojo.delete_notification_webhook')
+def delete_notification_webhook(request, nwhid):
+    nwh = get_object_or_404(Webhook_Endpoints, id=nwhid)
+    form = DeleteNotificationsWebhookForm(instance=nwh)
+
+    if request.method == 'POST':
+        form = DeleteNotificationsWebhookForm(request.POST, instance=nwh)
+        if form.is_valid():
+            nwh.delete()
+            messages.add_message(
+                request,
+                messages.SUCCESS,
+                'Notification Webhook deleted successfully.',
+                extra_tags='alert-success')
+            return HttpResponseRedirect(reverse("notification_webhooks"))
+        else:
+            messages.add_message(
+                request,
+                messages.ERROR,
+                'Unable to delete Notification Webhook, please try again.',
+                extra_tags='alert-danger')
+
+    return render(request, 'dojo/delete_notification_webhook.html',
+                  {
+                   'form': form,
+                   'nwh': nwh,
+                   })
+
diff --git a/dojo/templates/base.html b/dojo/templates/base.html
index 765ec10dc55..347abe14e59 100644
--- a/dojo/templates/base.html
+++ b/dojo/templates/base.html
@@ -541,6 +541,12 @@
                                                         {% trans "Notifications" %}
                                                     </a>
                                                 </li>
+                                                <!-- TODO show only if activated in settings -->
+                                                <li>
+                                                    <a href="{% url 'notification_webhooks' %}">
+                                                        {% trans "Notification Webhooks" %}
+                                                    </a>
+                                                </li>
                                                 <li>
                                                     <a href="{% url 'regulations' %}">
                                                         {% trans "Regulations" %}
diff --git a/dojo/templates/dojo/add_notification_webhook.html b/dojo/templates/dojo/add_notification_webhook.html
new file mode 100644
index 00000000000..12056373af4
--- /dev/null
+++ b/dojo/templates/dojo/add_notification_webhook.html
@@ -0,0 +1,13 @@
+{% extends "base.html" %}
+{% block content %}
+    {{ block.super }}
+    <h3> Add a new Notification Webhook</h3>
+    <form class="form-horizontal" action="{% url 'add_notification_webhook' %}" method="post">{% csrf_token %}
+        {% include "dojo/form_fields.html" with form=form %}
+        <div class="form-group">
+            <div class="col-sm-offset-2 col-sm-10">
+                <input class="btn btn-primary" type="submit" value="Submit" aria-label="Add Notification Webhook"/>
+            </div>
+        </div>
+    </form>
+{% endblock %}
diff --git a/dojo/templates/dojo/delete_notification_webhook.html b/dojo/templates/dojo/delete_notification_webhook.html
new file mode 100644
index 00000000000..f196ad94fc9
--- /dev/null
+++ b/dojo/templates/dojo/delete_notification_webhook.html
@@ -0,0 +1,12 @@
+{% extends "base.html" %}
+{% block content %}
+<h3> Delete Notification Webhook</h3>
+<form class="form-horizontal" action="{%  url 'delete_notification_webhook' nwh.id %}" method="post">{% csrf_token %}
+  {% include "dojo/form_fields.html" with form=form %}
+  <div class="form-group">
+    <div class="col-sm-offset-2 col-sm-10">
+      <input class="btn btn-danger" type="submit" value="Delete"/>
+    </div>
+  </div>
+</form>
+{% endblock %}
diff --git a/dojo/templates/dojo/edit_notification_webhook.html b/dojo/templates/dojo/edit_notification_webhook.html
new file mode 100644
index 00000000000..86d9871f091
--- /dev/null
+++ b/dojo/templates/dojo/edit_notification_webhook.html
@@ -0,0 +1,15 @@
+{% extends "base.html" %}
+ {% block content %}
+    {{ block.super }}
+     <h3> Edit Notification Webhook </h3>
+     <form class="form-horizontal" action="{%  url 'edit_notification_webhook' nwh.id %}" method="post">{% csrf_token %}
+         {% include "dojo/form_fields.html" with form=form %}
+         <div class="form-group">
+             <div class="col-sm-offset-2 col-sm-10">
+                 <input class="btn btn-primary" label="submit" type="submit" value="Submit"/>
+             </div>
+         </div>
+     </form>
+     TODO Activation and Deactivation button
+ {% endblock %}
+ 
\ No newline at end of file
diff --git a/dojo/templates/dojo/notification_webhooks.html b/dojo/templates/dojo/notification_webhooks.html
new file mode 100644
index 00000000000..1b4a40aff0a
--- /dev/null
+++ b/dojo/templates/dojo/notification_webhooks.html
@@ -0,0 +1,90 @@
+{% extends "base.html" %}
+{% load navigation_tags %}
+{% load authorization_tags %}
+{% block content %}
+    {{ block.super }}
+    <div class="row">
+        <div class="col-md-12">
+            <div class="panel panel-default">
+                <div class="panel-heading tight">
+                    <h3 class="has-filters">
+                        Notification Webhook List
+                        <div class="dropdown pull-right">
+                            <button id="show-filters" data-toggle="collapse" data-target="#the-filters" class="btn btn-primary toggle-filters"> <i class="fa-solid fa-filter"></i> <i class="caret"></i> </button>
+                            {% if "dojo.add_notification_webhook"|has_configuration_permission %}
+                            <button class="btn btn-primary dropdown-toggle" type="button" id="dropdownMenu1"
+                                  data-toggle="dropdown" aria-expanded="true">
+                              <span class="fa-solid fa-screwdriver-wrench"></span>
+                              <span class="caret"></span>
+                            </button>
+                            <ul class="dropdown-menu dropdown-menu-right" role="menu"
+                                aria-labelledby="dropdownMenu1">
+                                    <li role="presentation">
+                                        <a href="{% url 'add_notification_webhook' %}">
+                                            <i class="fa-solid fa-plus"></i> Add Notification Webhook
+                                        </a>
+                                    </li>
+                            </ul>
+                            {% endif %}
+                        </div>
+                    </h3>
+                </div>
+                <!-- <div id="the-filters" class="is-filters panel-body collapse {% if ntl.form.has_changed %}in{% endif %}">
+                    {% include "dojo/filter_snippet.html" with form=ntl.form %}
+                </div> -->
+            </div>
+            {% if nwhs %}
+
+                <div class="clearfix">
+                    {% include "dojo/paging_snippet.html" with page=nwhs page_size=True %}
+                </div>
+
+                <div class="panel panel-default table-responsive">
+                    <table id="note_types"
+                           class="tablesorter-bootstrap table table-condensed table-striped">
+                        <thead>
+                        <tr>
+                            <th>{% dojo_sort request 'Notification Webhook Name' 'name' 'asc' %}</th>
+                            <th>URL</th>
+                            <th>Status</th>
+                            <th>Owner</th>
+                        </tr>
+                        </thead>
+                        <tbody>
+                        {% for nwh in nwhs %}
+                            <tr>
+                              <td><a>{{ nwh.name }}</a></td>
+                              <td><a>{{ nwh.url }}</a></td>
+                              <td><a>{{ nwh.status }} TODO, show full text</a></td>
+                              <td><a>{{ nwh.owner }}</a></td>
+                              {% if "dojo.edit_notification_webhook"|has_configuration_permission %}
+                                    <td>
+                                        <div class="centered">
+                                            <div class="btn-group" role="group">
+                                                <a class="btn btn-sm btn-warning"
+                                                   href="{% url 'edit_notification_webhook' nwh.id %}">
+                                                    <i class="fa-solid fa-file"></i> Edit Notification Webhook
+                                                </a>
+                                            </div>
+                                        </div>
+                                    </td>
+                                {% endif %}
+
+                            </tr>
+                        {% endfor %}
+                        </tbody>
+                    </table>
+                </div>
+                <div class="clearfix">
+                    {% include "dojo/paging_snippet.html" with page=nwhs page_size=True %}
+                </div>
+            {% else %}
+                <p class="text-center">No Notification Webook found.</p>
+            {% endif %}
+        </div>
+    </div>
+{% endblock %}
+{% block postscript %}
+    {{ block.super }}
+    {% include "dojo/filter_js_snippet.html" %}
+{% endblock %}
diff --git a/dojo/templates/dojo/view_notification_webhooks.html b/dojo/templates/dojo/view_notification_webhooks.html
new file mode 100644
index 00000000000..ff6e1e5d5d0
--- /dev/null
+++ b/dojo/templates/dojo/view_notification_webhooks.html
@@ -0,0 +1,105 @@
+{% extends "base.html" %}
+{% load navigation_tags %}
+{% load i18n %}
+{% load authorization_tags %}
+{% block content %}
+    {{ block.super }}
+    <div class="row">
+        <div class="col-md-12">
+            <div class="panel panel-default">
+                <div class="panel-heading tight">
+                    <h3 class="has-filters">
+                        Notification Webhook List
+                        <div class="dropdown pull-right">
+                            <button id="show-filters" data-toggle="collapse" data-target="#the-filters" class="btn btn-primary toggle-filters"> <i class="fa-solid fa-filter"></i> <i class="caret"></i> </button>
+                            {% if "dojo.add_notification_webhook"|has_configuration_permission %}
+                            <button class="btn btn-primary dropdown-toggle" type="button" id="dropdownMenu1"
+                                  data-toggle="dropdown" aria-expanded="true">
+                              <span class="fa-solid fa-screwdriver-wrench"></span>
+                              <span class="caret"></span>
+                            </button>
+                            <ul class="dropdown-menu dropdown-menu-right" role="menu"
+                                aria-labelledby="dropdownMenu1">
+                                    <li role="presentation">
+                                        <a href="{% url 'add_notification_webhook' %}">
+                                            <i class="fa-solid fa-plus"></i> Add Notification Webhook
+                                        </a>
+                                    </li>
+                            </ul>
+                            {% endif %}
+                        </div>
+                    </h3>
+                </div>
+                <!-- <div id="the-filters" class="is-filters panel-body collapse {% if ntl.form.has_changed %}in{% endif %}">
+                    {% include "dojo/filter_snippet.html" with form=ntl.form %}
+                </div> -->
+            </div>
+            {% if nwhs %}
+
+                <div class="clearfix">
+                    {% include "dojo/paging_snippet.html" with page=nwhs page_size=True %}
+                </div>
+
+                <div class="panel panel-default table-responsive">
+                    <table id="note_types"
+                           class="tablesorter-bootstrap table table-condensed table-striped">
+                        <thead>
+                        <tr>
+                            <th>{% dojo_sort request 'Notification Webhook Name' 'name' 'asc' %}</th>
+                            <th>URL TODO trans</th>
+                            <th>Status</th>
+                            <th>Owner</th>
+                        </tr>
+                        </thead>
+                        <tbody>
+                        {% for nwh in nwhs %}
+                            <tr>
+                              <td><a>{{ nwh.name }}</a></td>
+                              <td><a>{{ nwh.url }}</a></td>
+                              <td><a>{{ nwh.status }} TODO, show full text</a></td>
+                              <td><a>{{ nwh.owner }}</a></td>
+                              {% if "dojo.edit_notification_webhook"|has_configuration_permission %}
+                                <td>
+                                    <div class="centered">
+                                        <div class="btn-group" role="group">
+                                            <a class="btn btn-sm btn-warning"
+                                               href="{% url 'edit_notification_webhook' nwh.id %}">
+                                                <i class="fa-solid fa-file"></i> Edit
+                                            </a>
+                                            {% if nwh.is_active %} TODO fix checker
+                                            <a class="btn btn-sm btn-danger"
+                                               href="{% url 'delete_notification_webhook' nwh.id %}">
+                                                <i class="fa-solid fa-xmark"></i> Disable TODO fix url
+                                            </a>
+                                            {% else %}
+                                            <a class="btn btn-sm btn-success"
+                                               href="{% url 'delete_notification_webhook' nwh.id %}">
+                                                <i class="fa-solid fa-check"></i> Enable TODO fix url
+                                            </a>
+                                            {% endif %}
+                                            <a class="btn btn-sm btn-danger"
+                                               href="{% url 'delete_notification_webhook' nwh.id %}">
+                                                <i class="fa-solid fa-trash"></i> Delete
+                                            </a>
+                                        </div>
+                                    </div>
+                                </td> 
+                                {% endif %}
+                            </tr>
+                        {% endfor %}
+                        </tbody>
+                    </table>
+                </div>
+                <div class="clearfix">
+                    {% include "dojo/paging_snippet.html" with page=nwhs page_size=True %}
+                </div>
+            {% else %}
+                <p class="text-center">No Notification Webook found.</p>
+            {% endif %}
+        </div>
+    </div>
+{% endblock %}
+{% block postscript %}
+    {{ block.super }}
+    {% include "dojo/filter_js_snippet.html" %}
+{% endblock %}

From 775b7f89528e02ce0a2604bb95387c308ac3b215 Mon Sep 17 00:00:00 2001
From: Tomas Kubla <tomas@kubla.sk>
Date: Wed, 8 Mar 2023 14:58:23 +0000
Subject: [PATCH 10/63] per line

---
 dojo/models.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/dojo/models.py b/dojo/models.py
index adbe4676f91..64418a74f48 100644
--- a/dojo/models.py
+++ b/dojo/models.py
@@ -4120,7 +4120,7 @@ def get_list_display(self, request):
         return list_fields
 
 
-class Webhook_Endpoints(models.Model):  # TODO rename to Notification_Webhooks 
+class Webhook_Endpoints(models.Model):  # TODO rename to Notification_Webhooks
     _STATUS_ACTIVE = "active"
     _STATUS_INACTIVE = "inactive"
     STATUS_ACTIVE = f"{_STATUS_ACTIVE}"

From 03bb0c45a9271c71cfdc55a3ddc4e69e9d729fac Mon Sep 17 00:00:00 2001
From: Tomas Kubla <tomas@kubla.sk>
Date: Thu, 9 Mar 2023 14:12:22 +0000
Subject: [PATCH 11/63] upgrade go-httpbin, move db_mig

---
 docker-compose.override.unit_tests.yml                          | 2 +-
 docker-compose.override.unit_tests_cicd.yml                     | 2 +-
 ...3_system_settings_enable_webhooks_notifications_and_more.py} | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)
 rename dojo/db_migrations/{0181_system_settings_enable_webhooks_notifications_and_more.py => 0183_system_settings_enable_webhooks_notifications_and_more.py} (99%)

diff --git a/docker-compose.override.unit_tests.yml b/docker-compose.override.unit_tests.yml
index bf5518decac..0b1c3e9b711 100644
--- a/docker-compose.override.unit_tests.yml
+++ b/docker-compose.override.unit_tests.yml
@@ -52,7 +52,7 @@ services:
     image: busybox:1.36.1-musl
     entrypoint: ['echo', 'skipping', 'redis']
   go-httpbin:
-    image: mccutchen/go-httpbin:v2.5.5@sha256:70682c4803caf113f0e6dbec2d656ba551e7779b5b5a09c6d041dc3917362cc7
+    image: mccutchen/go-httpbin:v2.5.6@sha256:a4babede455abf478581df8a9712a49eb93cd1f703db9d80dac0da40b174586a
 volumes:
   defectdojo_postgres_unit_tests: {}
   defectdojo_media_unit_tests: {}
diff --git a/docker-compose.override.unit_tests_cicd.yml b/docker-compose.override.unit_tests_cicd.yml
index 33d710a15c3..8bad6be6110 100644
--- a/docker-compose.override.unit_tests_cicd.yml
+++ b/docker-compose.override.unit_tests_cicd.yml
@@ -51,7 +51,7 @@ services:
     image: busybox:1.36.1-musl
     entrypoint: ['echo', 'skipping', 'redis']
   go-httpbin:
-    image: mccutchen/go-httpbin:v2.5.5@sha256:70682c4803caf113f0e6dbec2d656ba551e7779b5b5a09c6d041dc3917362cc7
+    image: mccutchen/go-httpbin:v2.5.6@sha256:a4babede455abf478581df8a9712a49eb93cd1f703db9d80dac0da40b174586a
 volumes:
   defectdojo_postgres_unit_tests: {}
   defectdojo_media_unit_tests: {}
diff --git a/dojo/db_migrations/0181_system_settings_enable_webhooks_notifications_and_more.py b/dojo/db_migrations/0183_system_settings_enable_webhooks_notifications_and_more.py
similarity index 99%
rename from dojo/db_migrations/0181_system_settings_enable_webhooks_notifications_and_more.py
rename to dojo/db_migrations/0183_system_settings_enable_webhooks_notifications_and_more.py
index 9fd53b7b7ad..b40ae2f42b9 100644
--- a/dojo/db_migrations/0181_system_settings_enable_webhooks_notifications_and_more.py
+++ b/dojo/db_migrations/0183_system_settings_enable_webhooks_notifications_and_more.py
@@ -8,7 +8,7 @@
 class Migration(migrations.Migration):
 
     dependencies = [
-        ('dojo', '0180_announcement_userannouncement'),
+        ('dojo', '0182_alter_jira_instance_default_issue_type'),
     ]
 
     operations = [

From 1ac2b0e61d4d4c1ecdc892c6dd80dbadc5a50625 Mon Sep 17 00:00:00 2001
From: Tomas Kubla <tomas@kubla.sk>
Date: Thu, 9 Mar 2023 14:58:43 +0000
Subject: [PATCH 12/63] Disable view and changes if not enabled in setting

---
 dojo/api_v2/serializers.py  |  8 +++++++-
 dojo/api_v2/views.py        |  3 +++
 dojo/notifications/views.py | 18 +++++++++++++++++-
 dojo/templates/base.html    |  3 ++-
 dojo/urls.py                |  2 ++
 5 files changed, 31 insertions(+), 3 deletions(-)

diff --git a/dojo/api_v2/serializers.py b/dojo/api_v2/serializers.py
index ef343f69f57..227dfac5c35 100644
--- a/dojo/api_v2/serializers.py
+++ b/dojo/api_v2/serializers.py
@@ -12,6 +12,7 @@
 from django.contrib.auth.password_validation import validate_password
 from django.core.exceptions import PermissionDenied, ValidationError
 from django.db.utils import IntegrityError
+from django.http import Http404
 from django.urls import reverse
 from django.utils import timezone
 from django.utils.translation import gettext_lazy as _
@@ -117,7 +118,7 @@
     requires_tool_type,
 )
 from dojo.user.utils import get_configuration_permissions_codenames
-from dojo.utils import is_scan_file_too_large
+from dojo.utils import is_scan_file_too_large, get_system_setting
 
 logger = logging.getLogger(__name__)
 deduplicationLogger = logging.getLogger("dojo.specific-loggers.deduplication")
@@ -3179,3 +3180,8 @@ class WebhookEndpointsSerializer(serializers.ModelSerializer):
     class Meta:
         model = Webhook_Endpoints
         fields = "__all__"
+
+    def __init__(self, *args, **kwargs):
+        if not get_system_setting('enable_webhooks_notifications'):
+            raise Http404()  # TODO maybe not 404 but other 4xx
+        super().__init__(*args, **kwargs)
diff --git a/dojo/api_v2/views.py b/dojo/api_v2/views.py
index c7db35c1ab1..a4c35d7881f 100644
--- a/dojo/api_v2/views.py
+++ b/dojo/api_v2/views.py
@@ -3336,9 +3336,12 @@ def get_queryset(self):
 
 
 class WebhookEndpointsViewset(
+    prefetch.PrefetchListMixin,
+    prefetch.PrefetchRetrieveMixin,
     DojoModelViewSet
 ):
     serializer_class = serializers.WebhookEndpointsSerializer
     queryset = Webhook_Endpoints.objects.all()
     filter_backends = (DjangoFilterBackend,)
+    filterset_fields = ('__all__')
     permission_classes = (IsAuthenticated, DjangoModelPermissions)  # TODO
diff --git a/dojo/notifications/views.py b/dojo/notifications/views.py
index 7ee78a618f3..f4aec452f48 100644
--- a/dojo/notifications/views.py
+++ b/dojo/notifications/views.py
@@ -14,7 +14,7 @@
 from django.http import HttpResponseRedirect, Http404
 
 from dojo.models import Notifications, Notification_Webhooks
-from dojo.utils import get_enabled_notifications_list, add_breadcrumb, get_system_setting
+from dojo.utils import get_enabled_notifications_list, get_page_items, add_breadcrumb, get_system_setting
 from dojo.forms import NotificationsForm, NotificationsWebhookForm, DeleteNotificationsWebhookForm
 from dojo.authorization.authorization_decorators import user_is_configuration_authorized
 from dojo.notifications.helper import test_webhooks_notification
@@ -143,6 +143,10 @@ def set_breadcrumbs(self, request: HttpRequest):
 
 @user_is_configuration_authorized('dojo.view_notification_webhooks')
 def notification_webhooks(request):
+    
+    if not get_system_setting('enable_webhooks_notifications'):
+        raise Http404()
+    
     nwhs = Webhook_Endpoints.objects.all().order_by('name')
     # name_words = initial_queryset.values_list('name', flat=True)
     # ntl = NoteTypesFilter(request.GET, queryset=initial_queryset)
@@ -161,6 +165,10 @@ def notification_webhooks(request):
 
 @user_is_configuration_authorized('dojo.add_notification_webhook')
 def add_notification_webhook(request):
+
+    if not get_system_setting('enable_webhooks_notifications'):
+        raise Http404()
+    
     form = NotificationsWebhookForm()
     if request.method == 'POST':
         form = NotificationsWebhookForm(request.POST)
@@ -186,6 +194,10 @@ def add_notification_webhook(request):
 @user_is_configuration_authorized('dojo.change_notification_webhook')
 # TODO this could be better: @user_is_authorized(Finding, Permissions.Finding_Delete, 'fid')
 def edit_notification_webhook(request, nwhid):
+
+    if not get_system_setting('enable_webhooks_notifications'):
+        raise Http404()
+
     nwh = get_object_or_404(Webhook_Endpoints, pk=nwhid)
     nwh_form = NotificationsWebhookForm(instance=nwh)
     if request.method == "POST": # TODO do we need this:? and request.POST.get('edit_note_type'):
@@ -213,6 +225,10 @@ def edit_notification_webhook(request, nwhid):
 
 @user_is_configuration_authorized('dojo.delete_notification_webhook')
 def delete_notification_webhook(request, nwhid):
+
+    if not get_system_setting('enable_webhooks_notifications'):
+        raise Http404()
+
     nwh = get_object_or_404(Webhook_Endpoints, id=nwhid)
     form = DeleteNotificationsWebhookForm(instance=nwh)
 
diff --git a/dojo/templates/base.html b/dojo/templates/base.html
index 347abe14e59..13b50e54ee8 100644
--- a/dojo/templates/base.html
+++ b/dojo/templates/base.html
@@ -541,12 +541,13 @@
                                                         {% trans "Notifications" %}
                                                     </a>
                                                 </li>
-                                                <!-- TODO show only if activated in settings -->
+                                                {% if system_settings.enable_webhooks_notifications %}
                                                 <li>
                                                     <a href="{% url 'notification_webhooks' %}">
                                                         {% trans "Notification Webhooks" %}
                                                     </a>
                                                 </li>
+                                                {% endif %}
                                                 <li>
                                                     <a href="{% url 'regulations' %}">
                                                         {% trans "Regulations" %}
diff --git a/dojo/urls.py b/dojo/urls.py
index 084e6a96fdf..ab32b976ac7 100644
--- a/dojo/urls.py
+++ b/dojo/urls.py
@@ -70,6 +70,7 @@
     UserContactInfoViewSet,
     UserProfileView,
     UsersViewSet,
+    WebhookEndpointsViewset,
 )
 from dojo.api_v2.views import DojoSpectacularAPIView as SpectacularAPIView
 from dojo.banner.urls import urlpatterns as banner_urls
@@ -170,6 +171,7 @@
 v2_api.register(r"tool_types", ToolTypesViewSet, basename="tool_type")
 v2_api.register(r"users", UsersViewSet, basename="user")
 v2_api.register(r"user_contact_infos", UserContactInfoViewSet, basename="usercontactinfo")
+v2_api.register(r'notification_webhook_endpoints', WebhookEndpointsViewset)
 v2_api.register(r"questionnaire_answers", QuestionnaireAnswerViewSet, basename="answer")
 v2_api.register(r"questionnaire_answered_questionnaires", QuestionnaireAnsweredSurveyViewSet, basename="answered_survey")
 v2_api.register(r"questionnaire_engagement_questionnaires", QuestionnaireEngagementSurveyViewSet, basename="engagement_survey")

From da32d89a1ec800893fba151830b546b84d2094ca Mon Sep 17 00:00:00 2001
From: Tomas Kubla <tomas@kubla.sk>
Date: Thu, 9 Mar 2023 15:32:37 +0000
Subject: [PATCH 13/63] Fix full text of status

---
 dojo/templates/dojo/view_notification_webhooks.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/dojo/templates/dojo/view_notification_webhooks.html b/dojo/templates/dojo/view_notification_webhooks.html
index ff6e1e5d5d0..2a92d4a52be 100644
--- a/dojo/templates/dojo/view_notification_webhooks.html
+++ b/dojo/templates/dojo/view_notification_webhooks.html
@@ -56,7 +56,7 @@ <h3 class="has-filters">
                             <tr>
                               <td><a>{{ nwh.name }}</a></td>
                               <td><a>{{ nwh.url }}</a></td>
-                              <td><a>{{ nwh.status }} TODO, show full text</a></td>
+                              <td><a>{{ nwh.get_status_display }}</a></td>
                               <td><a>{{ nwh.owner }}</a></td>
                               {% if "dojo.edit_notification_webhook"|has_configuration_permission %}
                                 <td>

From 1e135446aeec4c5f2fd48354e1452371be6df104 Mon Sep 17 00:00:00 2001
From: Tomas Kubla <tomas@kubla.sk>
Date: Tue, 9 May 2023 18:15:40 +0000
Subject: [PATCH 14/63] Update go-httpbin

---
 docker-compose.override.unit_tests.yml      | 2 +-
 docker-compose.override.unit_tests_cicd.yml | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/docker-compose.override.unit_tests.yml b/docker-compose.override.unit_tests.yml
index 0b1c3e9b711..a77ca5b2432 100644
--- a/docker-compose.override.unit_tests.yml
+++ b/docker-compose.override.unit_tests.yml
@@ -52,7 +52,7 @@ services:
     image: busybox:1.36.1-musl
     entrypoint: ['echo', 'skipping', 'redis']
   go-httpbin:
-    image: mccutchen/go-httpbin:v2.5.6@sha256:a4babede455abf478581df8a9712a49eb93cd1f703db9d80dac0da40b174586a
+    image: mccutchen/go-httpbin:v2.6.0@sha256:bb9ac3657d1c9a380d13586f69a380856db5c21f3f5e877f0d33b88b3bbf8d1e
 volumes:
   defectdojo_postgres_unit_tests: {}
   defectdojo_media_unit_tests: {}
diff --git a/docker-compose.override.unit_tests_cicd.yml b/docker-compose.override.unit_tests_cicd.yml
index 8bad6be6110..12f2a488e89 100644
--- a/docker-compose.override.unit_tests_cicd.yml
+++ b/docker-compose.override.unit_tests_cicd.yml
@@ -51,7 +51,7 @@ services:
     image: busybox:1.36.1-musl
     entrypoint: ['echo', 'skipping', 'redis']
   go-httpbin:
-    image: mccutchen/go-httpbin:v2.5.6@sha256:a4babede455abf478581df8a9712a49eb93cd1f703db9d80dac0da40b174586a
+    image: mccutchen/go-httpbin:v2.6.0@sha256:bb9ac3657d1c9a380d13586f69a380856db5c21f3f5e877f0d33b88b3bbf8d1e
 volumes:
   defectdojo_postgres_unit_tests: {}
   defectdojo_media_unit_tests: {}

From 7f0fe368e5de9bc74d75e61728fdf8f72488b90c Mon Sep 17 00:00:00 2001
From: Tomas Kubla <tomas@kubla.sk>
Date: Tue, 9 May 2023 18:16:17 +0000
Subject: [PATCH 15/63] Move migration

---
 ...6_system_settings_enable_webhooks_notifications_and_more.py} | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 rename dojo/db_migrations/{0183_system_settings_enable_webhooks_notifications_and_more.py => 0186_system_settings_enable_webhooks_notifications_and_more.py} (99%)

diff --git a/dojo/db_migrations/0183_system_settings_enable_webhooks_notifications_and_more.py b/dojo/db_migrations/0186_system_settings_enable_webhooks_notifications_and_more.py
similarity index 99%
rename from dojo/db_migrations/0183_system_settings_enable_webhooks_notifications_and_more.py
rename to dojo/db_migrations/0186_system_settings_enable_webhooks_notifications_and_more.py
index b40ae2f42b9..579c2b61dc6 100644
--- a/dojo/db_migrations/0183_system_settings_enable_webhooks_notifications_and_more.py
+++ b/dojo/db_migrations/0186_system_settings_enable_webhooks_notifications_and_more.py
@@ -8,7 +8,7 @@
 class Migration(migrations.Migration):
 
     dependencies = [
-        ('dojo', '0182_alter_jira_instance_default_issue_type'),
+        ('dojo', '0185_product_disable_sla_breach_notifications_and_more'),
     ]
 
     operations = [

From f498fc2c6b0376ce8b31b3a5941065652e6d9b4f Mon Sep 17 00:00:00 2001
From: Tomas Kubla <tomas@kubla.sk>
Date: Tue, 9 May 2023 18:44:27 +0000
Subject: [PATCH 16/63] Rename model + flake8

---
 dojo/api_v2/serializers.py                     |  4 ++--
 dojo/api_v2/views.py                           | 14 ++++++++++----
 ...s_enable_webhooks_notifications_and_more.py |  2 +-
 dojo/forms.py                                  |  9 ++++++---
 dojo/models.py                                 |  4 ++--
 dojo/notifications/helper.py                   | 18 +++++++++---------
 dojo/notifications/views.py                    | 11 +++++------
 dojo/urls.py                                   |  2 +-
 8 files changed, 36 insertions(+), 28 deletions(-)

diff --git a/dojo/api_v2/serializers.py b/dojo/api_v2/serializers.py
index 227dfac5c35..d654890c2b9 100644
--- a/dojo/api_v2/serializers.py
+++ b/dojo/api_v2/serializers.py
@@ -108,7 +108,7 @@
     UserContactInfo,
     Vulnerability_Id,
     Vulnerability_Id_Template,
-    Webhook_Endpoints,
+    Notification_Webhooks,
     get_current_date,
 )
 from dojo.risk_acceptance.helper import add_findings_to_risk_acceptance, remove_finding_from_risk_acceptance
@@ -3178,7 +3178,7 @@ def create(self, validated_data):
 
 class WebhookEndpointsSerializer(serializers.ModelSerializer):
     class Meta:
-        model = Webhook_Endpoints
+        model = Notification_Webhooks
         fields = "__all__"
 
     def __init__(self, *args, **kwargs):
diff --git a/dojo/api_v2/views.py b/dojo/api_v2/views.py
index a4c35d7881f..b71d3989c4b 100644
--- a/dojo/api_v2/views.py
+++ b/dojo/api_v2/views.py
@@ -136,7 +136,7 @@
     Tool_Type,
     User,
     UserContactInfo,
-    Webhook_Endpoints,
+    Notification_Webhooks,
 )
 from dojo.product.queries import (
     get_authorized_app_analysis,
@@ -3335,13 +3335,19 @@ def get_queryset(self):
         return Announcement.objects.all().order_by("id")
 
 
-class WebhookEndpointsViewset(
+class NotificationWebhooksViewset(
     prefetch.PrefetchListMixin,
     prefetch.PrefetchRetrieveMixin,
     DojoModelViewSet
 ):
-    serializer_class = serializers.WebhookEndpointsSerializer
-    queryset = Webhook_Endpoints.objects.all()
+    serializer_class = serializers.NotificationWebhooksSerializer
+    queryset = Notification_Webhooks.objects.all()
     filter_backends = (DjangoFilterBackend,)
     filterset_fields = ('__all__')
     permission_classes = (IsAuthenticated, DjangoModelPermissions)  # TODO
+    swagger_schema = prefetch.get_prefetch_schema(
+        [
+            "notification_webhooks_list", 
+            "notification_webhooks_read",
+        ], serializers.NotificationWebhooksSerializer,
+    ).to_schema()
diff --git a/dojo/db_migrations/0186_system_settings_enable_webhooks_notifications_and_more.py b/dojo/db_migrations/0186_system_settings_enable_webhooks_notifications_and_more.py
index 579c2b61dc6..32383d1f299 100644
--- a/dojo/db_migrations/0186_system_settings_enable_webhooks_notifications_and_more.py
+++ b/dojo/db_migrations/0186_system_settings_enable_webhooks_notifications_and_more.py
@@ -13,7 +13,7 @@ class Migration(migrations.Migration):
 
     operations = [
         migrations.CreateModel(
-            name='Webhook_Endpoints',
+            name='Notification_Webhooks',
             fields=[
                 ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
                 ('name', models.CharField(default='', help_text='Name of the incoming webhook', max_length=100, unique=True)),
diff --git a/dojo/forms.py b/dojo/forms.py
index b2ceb0f16b7..de7b6b105ab 100644
--- a/dojo/forms.py
+++ b/dojo/forms.py
@@ -96,7 +96,7 @@
     Tool_Type,
     User,
     UserContactInfo,
-    Webhook_Endpoints,
+    Notification_Webhooks,
 )
 from dojo.product.queries import get_authorized_products
 from dojo.product_type.queries import get_authorized_product_types
@@ -2781,14 +2781,16 @@ class Meta:
 
 class NotificationsWebhookForm(forms.ModelForm):
     class Meta:
-        model = Webhook_Endpoints
+        model = Notification_Webhooks
         exclude = []
+
     def __init__(self, *args, **kwargs):
         super(NotificationsWebhookForm, self).__init__(*args, **kwargs)
         self.fields['status'].disabled = True
         self.fields['first_error'].disabled = True
         self.fields['last_error'].disabled = True
 
+
 class DeleteNotificationsWebhookForm(forms.ModelForm):
     id = forms.IntegerField(required=True,
                             widget=forms.widgets.HiddenInput())
@@ -2798,9 +2800,10 @@ def __init__(self, *args, **kwargs):
         self.fields['url'].disabled = True
 
     class Meta:
-        model = Webhook_Endpoints
+        model = Notification_Webhooks
         fields = ['id', 'name', 'url']
 
+
 class ProductNotificationsForm(forms.ModelForm):
 
     def __init__(self, *args, **kwargs):
diff --git a/dojo/models.py b/dojo/models.py
index 64418a74f48..6c35ef8f302 100644
--- a/dojo/models.py
+++ b/dojo/models.py
@@ -4120,7 +4120,7 @@ def get_list_display(self, request):
         return list_fields
 
 
-class Webhook_Endpoints(models.Model):  # TODO rename to Notification_Webhooks
+class Notification_Webhooks(models.Model):
     _STATUS_ACTIVE = "active"
     _STATUS_INACTIVE = "inactive"
     STATUS_ACTIVE = f"{_STATUS_ACTIVE}"
@@ -4686,7 +4686,7 @@ def __str__(self):
 admin.site.register(GITHUB_Details_Cache)
 admin.site.register(GITHUB_PKey)
 admin.site.register(Tool_Configuration, Tool_Configuration_Admin)
-admin.site.register(Webhook_Endpoints)
+admin.site.register(Notification_Webhooks)
 admin.site.register(Tool_Product_Settings)
 admin.site.register(Tool_Type)
 admin.site.register(Cred_User)
diff --git a/dojo/notifications/helper.py b/dojo/notifications/helper.py
index 39ab8d0ad38..6e0d8a9925d 100644
--- a/dojo/notifications/helper.py
+++ b/dojo/notifications/helper.py
@@ -15,7 +15,7 @@
 from dojo.authorization.roles_permissions import Permissions
 from dojo.celery import app
 from dojo.decorators import dojo_async_task, we_want_async
-from dojo.models import Alerts, Dojo_User, Notifications, System_Settings, UserContactInfo, Webhook_Endpoints, get_current_datetime
+from dojo.models import Alerts, Dojo_User, Notifications, System_Settings, UserContactInfo, Notification_Webhooks, get_current_datetime
 from dojo.user.queries import get_authorized_users_for_product_and_product_type, get_authorized_users_for_product_type
 
 logger = logging.getLogger(__name__)
@@ -355,8 +355,8 @@ def send_webhooks_notification(event, user=None, *args, **kwargs):
 @app.task
 def send_webhooks_notification(event, user=None, *args, **kwargs):
     # TODO check sending notifications (in general) to inactive users
-    for endpoint in Webhook_Endpoints.objects.filter(owner=user):
-        if endpoint.status.startswith(Webhook_Endpoints._STATUS_ACTIVE):
+    for endpoint in Notification_Webhooks.objects.filter(owner=user):
+        if endpoint.status.startswith(Notification_Webhooks._STATUS_ACTIVE):
             try:
                 if endpoint.url is not None:
                     logger.debug(f"sending webhook message to endpoint {endpoint.name}")
@@ -377,7 +377,7 @@ def send_webhooks_notification(event, user=None, *args, **kwargs):
 
                         # There is no reason to keep endpoint active if it is returning 4xx errors
                         if 400 <= res.status_code < 500:
-                            endpoint.status = Webhook_Endpoints.STATUS_INACTIVE_400
+                            endpoint.status = Notification_Webhooks.STATUS_INACTIVE_400
                             endpoint.first_error = now
 
                         # 5xx is also not OK
@@ -386,7 +386,7 @@ def send_webhooks_notification(event, user=None, *args, **kwargs):
 
                             # First detection
                             if endpoint.last_error is None or (now - endpoint.last_error).minutes > 60:
-                                endpoint.status = Webhook_Endpoints.STATUS_ACTIVE_500
+                                endpoint.status = Notification_Webhooks.STATUS_ACTIVE_500
                                 endpoint.first_error = now  # Yes, if last fail happen before more then hour, we are considering it as a new error
 
                             # Repleated detection
@@ -394,17 +394,17 @@ def send_webhooks_notification(event, user=None, *args, **kwargs):
 
                                 # Error is repeating over more then hour
                                 if (now - endpoint.first_error).minutes > 60:
-                                    endpoint.status = Webhook_Endpoints.STATUS_INACTIVE_500
+                                    endpoint.status = Notification_Webhooks.STATUS_INACTIVE_500
 
                                 # This situation shouldn't happen - only if somebody was cleaning status and didn't clean first/last_error
                                 # But we should handle it
                                 else:
-                                    endpoint.status = Webhook_Endpoints.STATUS_ACTIVE_500
+                                    endpoint.status = Notification_Webhooks.STATUS_ACTIVE_500
                                     endpoint.first_error = now
 
                         # Well, we really accepts only 200 and 201
                         else:
-                            endpoint.status = Webhook_Endpoints.STATUS_INACTIVE_OTHERS
+                            endpoint.status = Notification_Webhooks.STATUS_INACTIVE_OTHERS
                             endpoint.first_error = now
 
                         endpoint.last_error = now
@@ -425,7 +425,7 @@ def send_webhooks_notification(event, user=None, *args, **kwargs):
         if user:
             logger.info(f"URLs for Webhooks not configured for user '{user}': skipping user notification")
         else:
-            logger.info(f"URLs for Webhooks not configured: skipping system notification")
+            logger.info("URLs for Webhooks not configured: skipping system notification")
 
 
 def send_alert_notification(event, user=None, *args, **kwargs):
diff --git a/dojo/notifications/views.py b/dojo/notifications/views.py
index f4aec452f48..bd943cf7744 100644
--- a/dojo/notifications/views.py
+++ b/dojo/notifications/views.py
@@ -143,11 +143,11 @@ def set_breadcrumbs(self, request: HttpRequest):
 
 @user_is_configuration_authorized('dojo.view_notification_webhooks')
 def notification_webhooks(request):
-    
+
     if not get_system_setting('enable_webhooks_notifications'):
         raise Http404()
-    
-    nwhs = Webhook_Endpoints.objects.all().order_by('name')
+
+    nwhs = Notification_Webhooks.objects.all().order_by('name')
     # name_words = initial_queryset.values_list('name', flat=True)
     # ntl = NoteTypesFilter(request.GET, queryset=initial_queryset)
     # nwhs = get_page_items(request, initial_queryset.qs, 25)
@@ -198,7 +198,7 @@ def edit_notification_webhook(request, nwhid):
     if not get_system_setting('enable_webhooks_notifications'):
         raise Http404()
 
-    nwh = get_object_or_404(Webhook_Endpoints, pk=nwhid)
+    nwh = get_object_or_404(Notification_Webhooks, pk=nwhid)
     nwh_form = NotificationsWebhookForm(instance=nwh)
     if request.method == "POST": # TODO do we need this:? and request.POST.get('edit_note_type'):
         nwh_form = NotificationsWebhookForm(request.POST, instance=nwh)
@@ -229,7 +229,7 @@ def delete_notification_webhook(request, nwhid):
     if not get_system_setting('enable_webhooks_notifications'):
         raise Http404()
 
-    nwh = get_object_or_404(Webhook_Endpoints, id=nwhid)
+    nwh = get_object_or_404(Notification_Webhooks, id=nwhid)
     form = DeleteNotificationsWebhookForm(instance=nwh)
 
     if request.method == 'POST':
@@ -254,4 +254,3 @@ def delete_notification_webhook(request, nwhid):
                    'form': form,
                    'nwh': nwh,
                    })
-
diff --git a/dojo/urls.py b/dojo/urls.py
index ab32b976ac7..943e32d0129 100644
--- a/dojo/urls.py
+++ b/dojo/urls.py
@@ -171,7 +171,7 @@
 v2_api.register(r"tool_types", ToolTypesViewSet, basename="tool_type")
 v2_api.register(r"users", UsersViewSet, basename="user")
 v2_api.register(r"user_contact_infos", UserContactInfoViewSet, basename="usercontactinfo")
-v2_api.register(r'notification_webhook_endpoints', WebhookEndpointsViewset)
+v2_api.register(r'notification_webhooks', NotificationWebhooksViewset)
 v2_api.register(r"questionnaire_answers", QuestionnaireAnswerViewSet, basename="answer")
 v2_api.register(r"questionnaire_answered_questionnaires", QuestionnaireAnsweredSurveyViewSet, basename="answered_survey")
 v2_api.register(r"questionnaire_engagement_questionnaires", QuestionnaireEngagementSurveyViewSet, basename="engagement_survey")

From 84a7d7a5ad395749ab944e1033d6c5dd8ad8d7c9 Mon Sep 17 00:00:00 2001
From: Tomas Kubla <tomas@kubla.sk>
Date: Thu, 8 Jun 2023 12:27:05 +0000
Subject: [PATCH 17/63] Rebase db mig

---
 ...1_system_settings_enable_webhooks_notifications_and_more.py} | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 rename dojo/db_migrations/{0186_system_settings_enable_webhooks_notifications_and_more.py => 0191_system_settings_enable_webhooks_notifications_and_more.py} (99%)

diff --git a/dojo/db_migrations/0186_system_settings_enable_webhooks_notifications_and_more.py b/dojo/db_migrations/0191_system_settings_enable_webhooks_notifications_and_more.py
similarity index 99%
rename from dojo/db_migrations/0186_system_settings_enable_webhooks_notifications_and_more.py
rename to dojo/db_migrations/0191_system_settings_enable_webhooks_notifications_and_more.py
index 32383d1f299..527edc811c2 100644
--- a/dojo/db_migrations/0186_system_settings_enable_webhooks_notifications_and_more.py
+++ b/dojo/db_migrations/0191_system_settings_enable_webhooks_notifications_and_more.py
@@ -8,7 +8,7 @@
 class Migration(migrations.Migration):
 
     dependencies = [
-        ('dojo', '0185_product_disable_sla_breach_notifications_and_more'),
+        ('dojo', '0190_system_settings_experimental_fp_history'),
     ]
 
     operations = [

From 6f78c7e49c6b9b00d9e4ba063e46fbdb19b8dded Mon Sep 17 00:00:00 2001
From: Tomas Kubla <tomas@kubla.sk>
Date: Sat, 22 Jul 2023 22:14:15 +0000
Subject: [PATCH 18/63] Rearange setting buttons, add connectivity validator

---
 docker-compose.override.unit_tests.yml        |  4 +-
 docker-compose.override.unit_tests_cicd.yml   |  4 +-
 dojo/api_v2/serializers.py                    |  6 +-
 dojo/forms.py                                 |  6 +-
 dojo/models.py                                | 16 +++-
 dojo/notifications/helper.py                  | 41 ++++++---
 dojo/notifications/views.py                   | 86 ++++++++++++------
 .../dojo/edit_notification_webhook.html       |  6 +-
 .../templates/dojo/notification_webhooks.html | 90 -------------------
 dojo/templates/dojo/system_settings.html      |  2 +-
 .../dojo/view_notification_webhooks.html      | 21 ++---
 .../notifications/webhooks/other.tpl          |  3 +
 12 files changed, 122 insertions(+), 163 deletions(-)
 delete mode 100644 dojo/templates/dojo/notification_webhooks.html
 create mode 100644 dojo/templates/notifications/webhooks/other.tpl

diff --git a/docker-compose.override.unit_tests.yml b/docker-compose.override.unit_tests.yml
index a77ca5b2432..d26dc741cc8 100644
--- a/docker-compose.override.unit_tests.yml
+++ b/docker-compose.override.unit_tests.yml
@@ -51,8 +51,8 @@ services:
   redis:
     image: busybox:1.36.1-musl
     entrypoint: ['echo', 'skipping', 'redis']
-  go-httpbin:
-    image: mccutchen/go-httpbin:v2.6.0@sha256:bb9ac3657d1c9a380d13586f69a380856db5c21f3f5e877f0d33b88b3bbf8d1e
+  "webhook.endpoint":
+    image: mccutchen/go-httpbin:v2.10.0@sha256:c4b6cb9c0fb347f8ab1fdcdfbb4ed391ed64e32e698cbfafa09507736cfe412a
 volumes:
   defectdojo_postgres_unit_tests: {}
   defectdojo_media_unit_tests: {}
diff --git a/docker-compose.override.unit_tests_cicd.yml b/docker-compose.override.unit_tests_cicd.yml
index 12f2a488e89..0617aa2f2ac 100644
--- a/docker-compose.override.unit_tests_cicd.yml
+++ b/docker-compose.override.unit_tests_cicd.yml
@@ -50,8 +50,8 @@ services:
   redis:
     image: busybox:1.36.1-musl
     entrypoint: ['echo', 'skipping', 'redis']
-  go-httpbin:
-    image: mccutchen/go-httpbin:v2.6.0@sha256:bb9ac3657d1c9a380d13586f69a380856db5c21f3f5e877f0d33b88b3bbf8d1e
+  "webhook.endpoint":
+    image: mccutchen/go-httpbin:v2.10.0@sha256:c4b6cb9c0fb347f8ab1fdcdfbb4ed391ed64e32e698cbfafa09507736cfe412a
 volumes:
   defectdojo_postgres_unit_tests: {}
   defectdojo_media_unit_tests: {}
diff --git a/dojo/api_v2/serializers.py b/dojo/api_v2/serializers.py
index d654890c2b9..a184566e1f4 100644
--- a/dojo/api_v2/serializers.py
+++ b/dojo/api_v2/serializers.py
@@ -3176,12 +3176,12 @@ def create(self, validated_data):
                 raise
 
 
-class WebhookEndpointsSerializer(serializers.ModelSerializer):
+class NotificationWebhooksSerializer(serializers.ModelSerializer):
     class Meta:
         model = Notification_Webhooks
         fields = "__all__"
 
     def __init__(self, *args, **kwargs):
-        if not get_system_setting('enable_webhooks_notifications'):
-            raise Http404()  # TODO maybe not 404 but other 4xx
+        # if not get_system_setting('enable_webhooks_notifications'):
+        #     raise Http404()  # TODO maybe not 404 but other 4xx, not in init but on request
         super().__init__(*args, **kwargs)
diff --git a/dojo/forms.py b/dojo/forms.py
index de7b6b105ab..f839825d034 100644
--- a/dojo/forms.py
+++ b/dojo/forms.py
@@ -2785,10 +2785,14 @@ class Meta:
         exclude = []
 
     def __init__(self, *args, **kwargs):
+        is_superuser = kwargs.pop('is_superuser', False)
+        logger.debug(f"is_superuser: {is_superuser}")
         super(NotificationsWebhookForm, self).__init__(*args, **kwargs)
-        self.fields['status'].disabled = True
+        self.fields['status'].disabled = True  # TODO - same for API
         self.fields['first_error'].disabled = True
         self.fields['last_error'].disabled = True
+        if not is_superuser:  # Only superadmins can edit owner
+            self.fields['owner'].disabled = True  # TODO needs to be tested
 
 
 class DeleteNotificationsWebhookForm(forms.ModelForm):
diff --git a/dojo/models.py b/dojo/models.py
index 6c35ef8f302..ae62a06850f 100644
--- a/dojo/models.py
+++ b/dojo/models.py
@@ -357,10 +357,6 @@ class System_Settings(models.Model):
         models.BooleanField(default=False,
                             verbose_name=_('Enable Webhook notifications'),
                             blank=False)
-    webhooks_url = models.CharField(max_length=400, default='', blank=True,
-                                    help_text=_('The full URL of the incoming webhook'))
-    webhooks_token = models.CharField(max_length=100, default='', blank=True,
-                                   help_text=_('Token required for interacting with Webhook endpoint'))
 
     false_positive_history = models.BooleanField(
         default=False, help_text=_(
@@ -4152,6 +4148,18 @@ class Notification_Webhooks(models.Model):
     owner = models.ForeignKey(Dojo_User, editable=True, null=True, blank=True, on_delete=models.CASCADE,
                               help_text=_('Owner/receiver of notification, if empty processed as system notification'))
 
+    def can_be_activated(self):
+        # Cleaning of state (from STATUS_ACTIVE_500 to STATUS_ACTIVE) is Activation in this context
+        # So all non-STATUS_ACTIVE statuses are activatable
+        return self.status != self.STATUS_ACTIVE
+
+    def can_be_deactivated(self):
+        # Even if status is any "_STATUS_INACTIVE", user might want to force status to STATUS_INACTIVE_MANUAL
+        # So all non-STATUS_INACTIVE_MANUAL statuses are deactivatable
+        return self.status != self.STATUS_INACTIVE_MANUAL
+
+    # Yes, webhook can be activatable and deactivable in the same time
+
 
 class Tool_Product_Settings(models.Model):
     name = models.CharField(max_length=200, null=False)
diff --git a/dojo/notifications/helper.py b/dojo/notifications/helper.py
index 6e0d8a9925d..74e09ce45db 100644
--- a/dojo/notifications/helper.py
+++ b/dojo/notifications/helper.py
@@ -351,6 +351,28 @@ def send_webhooks_notification(event, user=None, *args, **kwargs):
         pass
 
 
+def webhooks_notification_request(endpoint, event, *args, **kwargs):
+    headers = {
+        "User-Agent": f"DefectDojo-{dd_version}",
+        "X-DefectDojo-Event": event,
+        "X-DefectDojo-Instance": settings.SITE_URL,
+    }
+    if endpoint.header_name is not None:
+        headers[endpoint.header_name] = endpoint.header_value
+    res = requests.request(
+        method='POST',
+        url=endpoint.url,
+        headers=headers,
+        data=create_notification_message(event, endpoint.owner, 'webhooks', *args, **kwargs))
+    return res
+
+def test_webhooks_notification(endpoint):
+    res = webhooks_notification_request(endpoint, 'ping', {"description": "Test webhook notification"})
+    res.raise_for_status() # in "send_webhooks_notification", we are doing deeper analysis, why it failed
+                           # for now, "raise_for_status" should be enough
+    logger.debug(f"res: {res.json()}")
+    
+
 @dojo_async_task
 @app.task
 def send_webhooks_notification(event, user=None, *args, **kwargs):
@@ -359,20 +381,11 @@ def send_webhooks_notification(event, user=None, *args, **kwargs):
         if endpoint.status.startswith(Notification_Webhooks._STATUS_ACTIVE):
             try:
                 if endpoint.url is not None:
-                    logger.debug(f"sending webhook message to endpoint {endpoint.name}")
-                    headers = {
-                        "User-Agent": f"DefectDojo-{dd_version}",
-                        "X-DefectDojo-Event": event,
-                        "X-DefectDojo-Instance": settings.SITE_URL,
-                    }
-                    if endpoint.header_name is not None:
-                        headers[endpoint.header_name] = endpoint.header_value
-                    res = requests.request(
-                        method='POST',
-                        url=endpoint.url,
-                        headers=headers,
-                        data=create_notification_message(event, None, 'webhooks', *args, **kwargs))
-                    if res.status_code not in [200, 201]:
+                    logger.debug(f"Sending webhook message to endpoint {endpoint.name}")
+                    res = webhooks_notification_request(endpoint, event, *args, **kwargs)
+                    if res.status_code in [200, 201]:
+                        logger.debug(f"Message sent to endpoint {endpoint.name} sucessfully.")
+                    else:
                         now = get_current_datetime()
 
                         # There is no reason to keep endpoint active if it is returning 4xx errors
diff --git a/dojo/notifications/views.py b/dojo/notifications/views.py
index bd943cf7744..76348643232 100644
--- a/dojo/notifications/views.py
+++ b/dojo/notifications/views.py
@@ -11,7 +11,9 @@
 from dojo.forms import NotificationsForm
 
 from django.urls import reverse
-from django.http import HttpResponseRedirect, Http404
+from django.http import HttpResponseRedirect, HttpResponseForbidden, Http404
+from django.contrib.admin.utils import NestedObjects
+from django.db import DEFAULT_DB_ALIAS
 
 from dojo.models import Notifications, Notification_Webhooks
 from dojo.utils import get_enabled_notifications_list, get_page_items, add_breadcrumb, get_system_setting
@@ -169,25 +171,34 @@ def add_notification_webhook(request):
     if not get_system_setting('enable_webhooks_notifications'):
         raise Http404()
     
-    form = NotificationsWebhookForm()
+    nwh_form = NotificationsWebhookForm()
     if request.method == 'POST':
-        form = NotificationsWebhookForm(request.POST)
-        # TODO Allow edit owner on if superadmin
-        # TODO do not allow to change status, first_error, last_error
-        if form.is_valid():
-            form.save()
-            # TODO add check of connecticity
-            messages.add_message(request,
-                                 messages.SUCCESS,
-                                 'Notification Webhook added successfully.',
-                                 extra_tags='alert-success')
-            return HttpResponseRedirect(reverse('notification_webhooks'))
+        nwh_form = NotificationsWebhookForm(request.POST)
+        if nwh_form.is_valid():
+            try:
+                test_webhooks_notification(nwh_form.instance)
+            except requests.exceptions.HTTPError as e:
+                messages.add_message(
+                    request,
+                    messages.ERROR,
+                    f'Test of endpoint was not sucessful: {e}',
+                    extra_tags='alert-danger')                    
+            else:
+                nwh_form.instance.status = Notification_Webhooks.STATUS_ACTIVE
+                nwh_form.save()
+                messages.add_message(
+                    request,
+                    messages.SUCCESS,
+                    'Notification Webhook added successfully.',
+                    extra_tags="alert-success",
+                )
+                return HttpResponseRedirect(reverse("notification_webhooks"))
     # TODO Disable Owner if not superadmin
     add_breadcrumb(title="Add Notication Webhook", top_level=False, request=request)
     return render(request, 'dojo/add_notification_webhook.html', {
         'name': 'Add Notification Webhook',
         'user': request.user,
-        'form': form,
+        'form': nwh_form,
     })
 
 
@@ -199,22 +210,41 @@ def edit_notification_webhook(request, nwhid):
         raise Http404()
 
     nwh = get_object_or_404(Notification_Webhooks, pk=nwhid)
-    nwh_form = NotificationsWebhookForm(instance=nwh)
-    if request.method == "POST": # TODO do we need this:? and request.POST.get('edit_note_type'):
-        nwh_form = NotificationsWebhookForm(request.POST, instance=nwh)
-        # TODO Allow edit owner on if superadmin
-        # TODO do not allow to change status, first_error, last_error
-        if nwh_form.is_valid():
-            nwh = nwh_form.save()
-            # TODO add check of connecticity
+    nwh_form = NotificationsWebhookForm(instance=nwh, is_superuser = request.user.is_superuser)
+    if request.method == "POST":
+        if 'deactivate_webhook' in request.POST: # TODO add this to API as well
+            nwh.status = Notification_Webhooks.STATUS_INACTIVE_MANUAL
+            nwh.first_error = None
+            nwh.last_error = None
+            nwh.save()
             messages.add_message(
-                request,
-                messages.SUCCESS,
-                'Notification Webhook updated successfully.',
-                extra_tags="alert-success",
-            )
+                    request,
+                    messages.SUCCESS,
+                    'Notification Webhook deactivated successfully.',
+                    extra_tags="alert-success",
+                )
             return HttpResponseRedirect(reverse("notification_webhooks"))
-    # TODO Disable Owner if not superadmin
+        else:
+            nwh_form = NotificationsWebhookForm(request.POST, instance=nwh)
+            if nwh_form.is_valid():
+                try:
+                    test_webhooks_notification(nwh_form.instance)
+                except requests.exceptions.HTTPError as e:
+                    messages.add_message(
+                        request,
+                        messages.ERROR,
+                        f'Test of endpoint was not sucessful: {e}',
+                        extra_tags='alert-danger')                    
+                else:
+                    nwh_form.instance.status = Notification_Webhooks.STATUS_ACTIVE
+                    nwh = nwh_form.save()
+                    messages.add_message(
+                        request,
+                        messages.SUCCESS,
+                        'Notification Webhook updated successfully.',
+                        extra_tags="alert-success",
+                    )
+                    return HttpResponseRedirect(reverse("notification_webhooks"))
     add_breadcrumb(title="Edit Notication Webhook", top_level=False, request=request)
     return render(request, 'dojo/edit_notification_webhook.html', {
         'name': 'Edit Notication Webhook',
diff --git a/dojo/templates/dojo/edit_notification_webhook.html b/dojo/templates/dojo/edit_notification_webhook.html
index 86d9871f091..3ef8f26d848 100644
--- a/dojo/templates/dojo/edit_notification_webhook.html
+++ b/dojo/templates/dojo/edit_notification_webhook.html
@@ -6,10 +6,12 @@ <h3> Edit Notification Webhook </h3>
          {% include "dojo/form_fields.html" with form=form %}
          <div class="form-group">
              <div class="col-sm-offset-2 col-sm-10">
-                 <input class="btn btn-primary" label="submit" type="submit" value="Submit"/>
+                 <input class="btn btn-primary" label="submit" type="submit" value="Submit and activate webhook"/>
+                 {% if nwh.can_be_deactivated %}
+                     <input class="btn btn-danger" type="submit" label="deactivate_webhook" name="deactivate_webhook" value="Deactivate Webhook" />
+                 {% endif %} 
              </div>
          </div>
      </form>
-     TODO Activation and Deactivation button
  {% endblock %}
  
\ No newline at end of file
diff --git a/dojo/templates/dojo/notification_webhooks.html b/dojo/templates/dojo/notification_webhooks.html
deleted file mode 100644
index 1b4a40aff0a..00000000000
--- a/dojo/templates/dojo/notification_webhooks.html
+++ /dev/null
@@ -1,90 +0,0 @@
-{% extends "base.html" %}
-{% load navigation_tags %}
-{% load authorization_tags %}
-{% block content %}
-    {{ block.super }}
-    <div class="row">
-        <div class="col-md-12">
-            <div class="panel panel-default">
-                <div class="panel-heading tight">
-                    <h3 class="has-filters">
-                        Notification Webhook List
-                        <div class="dropdown pull-right">
-                            <button id="show-filters" data-toggle="collapse" data-target="#the-filters" class="btn btn-primary toggle-filters"> <i class="fa-solid fa-filter"></i> <i class="caret"></i> </button>
-                            {% if "dojo.add_notification_webhook"|has_configuration_permission %}
-                            <button class="btn btn-primary dropdown-toggle" type="button" id="dropdownMenu1"
-                                  data-toggle="dropdown" aria-expanded="true">
-                              <span class="fa-solid fa-screwdriver-wrench"></span>
-                              <span class="caret"></span>
-                            </button>
-                            <ul class="dropdown-menu dropdown-menu-right" role="menu"
-                                aria-labelledby="dropdownMenu1">
-                                    <li role="presentation">
-                                        <a href="{% url 'add_notification_webhook' %}">
-                                            <i class="fa-solid fa-plus"></i> Add Notification Webhook
-                                        </a>
-                                    </li>
-                            </ul>
-                            {% endif %}
-                        </div>
-                    </h3>
-                </div>
-                <!-- <div id="the-filters" class="is-filters panel-body collapse {% if ntl.form.has_changed %}in{% endif %}">
-                    {% include "dojo/filter_snippet.html" with form=ntl.form %}
-                </div> -->
-            </div>
-            {% if nwhs %}
-
-                <div class="clearfix">
-                    {% include "dojo/paging_snippet.html" with page=nwhs page_size=True %}
-                </div>
-
-                <div class="panel panel-default table-responsive">
-                    <table id="note_types"
-                           class="tablesorter-bootstrap table table-condensed table-striped">
-                        <thead>
-                        <tr>
-                            <th>{% dojo_sort request 'Notification Webhook Name' 'name' 'asc' %}</th>
-                            <th>URL</th>
-                            <th>Status</th>
-                            <th>Owner</th>
-                        </tr>
-                        </thead>
-                        <tbody>
-                        {% for nwh in nwhs %}
-                            <tr>
-                              <td><a>{{ nwh.name }}</a></td>
-                              <td><a>{{ nwh.url }}</a></td>
-                              <td><a>{{ nwh.status }} TODO, show full text</a></td>
-                              <td><a>{{ nwh.owner }}</a></td>
-                              {% if "dojo.edit_notification_webhook"|has_configuration_permission %}
-                                    <td>
-                                        <div class="centered">
-                                            <div class="btn-group" role="group">
-                                                <a class="btn btn-sm btn-warning"
-                                                   href="{% url 'edit_notification_webhook' nwh.id %}">
-                                                    <i class="fa-solid fa-file"></i> Edit Notification Webhook
-                                                </a>
-                                            </div>
-                                        </div>
-                                    </td>
-                                {% endif %}
-
-                            </tr>
-                        {% endfor %}
-                        </tbody>
-                    </table>
-                </div>
-                <div class="clearfix">
-                    {% include "dojo/paging_snippet.html" with page=nwhs page_size=True %}
-                </div>
-            {% else %}
-                <p class="text-center">No Notification Webook found.</p>
-            {% endif %}
-        </div>
-    </div>
-{% endblock %}
-{% block postscript %}
-    {{ block.super }}
-    {% include "dojo/filter_js_snippet.html" %}
-{% endblock %}
diff --git a/dojo/templates/dojo/system_settings.html b/dojo/templates/dojo/system_settings.html
index 02510452e16..ff230cb8301 100644
--- a/dojo/templates/dojo/system_settings.html
+++ b/dojo/templates/dojo/system_settings.html
@@ -62,7 +62,7 @@ <h3> System Settings </h3>
         }
 
         $(function () {
-            $.each(['slack','msteams','mail','webhooks','grade'], function (index, value) {
+            $.each(['slack','msteams','mail','grade'], function (index, value) {
                 updatenotificationsgroup(value);
                 $('#id_enable_' + value + '_notifications').change(function() { updatenotificationsgroup(value)});
             });
diff --git a/dojo/templates/dojo/view_notification_webhooks.html b/dojo/templates/dojo/view_notification_webhooks.html
index 2a92d4a52be..8074c9380bf 100644
--- a/dojo/templates/dojo/view_notification_webhooks.html
+++ b/dojo/templates/dojo/view_notification_webhooks.html
@@ -12,7 +12,7 @@ <h3 class="has-filters">
                         Notification Webhook List
                         <div class="dropdown pull-right">
                             <button id="show-filters" data-toggle="collapse" data-target="#the-filters" class="btn btn-primary toggle-filters"> <i class="fa-solid fa-filter"></i> <i class="caret"></i> </button>
-                            {% if "dojo.add_notification_webhook"|has_configuration_permission %}
+                            {% if "dojo.add_notification_webhook"|has_configuration_permission:request %}
                             <button class="btn btn-primary dropdown-toggle" type="button" id="dropdownMenu1"
                                   data-toggle="dropdown" aria-expanded="true">
                               <span class="fa-solid fa-screwdriver-wrench"></span>
@@ -31,7 +31,7 @@ <h3 class="has-filters">
                     </h3>
                 </div>
                 <!-- <div id="the-filters" class="is-filters panel-body collapse {% if ntl.form.has_changed %}in{% endif %}">
-                    {% include "dojo/filter_snippet.html" with form=ntl.form %}
+                    {% include "dojo/filter_snippet.html" with form=ntl.form %} TODO
                 </div> -->
             </div>
             {% if nwhs %}
@@ -57,26 +57,15 @@ <h3 class="has-filters">
                               <td><a>{{ nwh.name }}</a></td>
                               <td><a>{{ nwh.url }}</a></td>
                               <td><a>{{ nwh.get_status_display }}</a></td>
-                              <td><a>{{ nwh.owner }}</a></td>
-                              {% if "dojo.edit_notification_webhook"|has_configuration_permission %}
+                              <td><a>{% if nwh.owner %}<a class="" href="{% url 'view_user' nwh.owner.id %}">{{ nwh.owner }}</a>{% else %}System Webhook{% endif %}</a></td>
+                              {% if "dojo.edit_notification_webhook"|has_configuration_permission:request %}
                                 <td>
                                     <div class="centered">
                                         <div class="btn-group" role="group">
                                             <a class="btn btn-sm btn-warning"
                                                href="{% url 'edit_notification_webhook' nwh.id %}">
-                                                <i class="fa-solid fa-file"></i> Edit
+                                                <i class="fa-solid fa-file"></i> Edit / activate / deactivate
                                             </a>
-                                            {% if nwh.is_active %} TODO fix checker
-                                            <a class="btn btn-sm btn-danger"
-                                               href="{% url 'delete_notification_webhook' nwh.id %}">
-                                                <i class="fa-solid fa-xmark"></i> Disable TODO fix url
-                                            </a>
-                                            {% else %}
-                                            <a class="btn btn-sm btn-success"
-                                               href="{% url 'delete_notification_webhook' nwh.id %}">
-                                                <i class="fa-solid fa-check"></i> Enable TODO fix url
-                                            </a>
-                                            {% endif %}
                                             <a class="btn btn-sm btn-danger"
                                                href="{% url 'delete_notification_webhook' nwh.id %}">
                                                 <i class="fa-solid fa-trash"></i> Delete
diff --git a/dojo/templates/notifications/webhooks/other.tpl b/dojo/templates/notifications/webhooks/other.tpl
new file mode 100644
index 00000000000..a10e054f61e
--- /dev/null
+++ b/dojo/templates/notifications/webhooks/other.tpl
@@ -0,0 +1,3 @@
+---
+description: {{ description }}
+user: {{ user }}
\ No newline at end of file

From a9e4a7f59d83fa15216fc7c4358e3f58d539335e Mon Sep 17 00:00:00 2001
From: Tomas Kubla <tomas@kubla.sk>
Date: Thu, 17 Aug 2023 21:22:49 +0200
Subject: [PATCH 19/63] Handle more generic errors from 'requests'

---
 dojo/notifications/views.py | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/dojo/notifications/views.py b/dojo/notifications/views.py
index 76348643232..8faac87e6fc 100644
--- a/dojo/notifications/views.py
+++ b/dojo/notifications/views.py
@@ -1,5 +1,6 @@
 import logging
 import requests
+import urllib3
 
 from django.contrib import messages
 from django.core.exceptions import PermissionDenied
@@ -177,7 +178,7 @@ def add_notification_webhook(request):
         if nwh_form.is_valid():
             try:
                 test_webhooks_notification(nwh_form.instance)
-            except requests.exceptions.HTTPError as e:
+            except requests.exceptions.RequestException as e:
                 messages.add_message(
                     request,
                     messages.ERROR,
@@ -229,7 +230,7 @@ def edit_notification_webhook(request, nwhid):
             if nwh_form.is_valid():
                 try:
                     test_webhooks_notification(nwh_form.instance)
-                except requests.exceptions.HTTPError as e:
+                except requests.exceptions.RequestException as e:
                     messages.add_message(
                         request,
                         messages.ERROR,

From f9e897fc54f77d6b6bee7dd12bdc2cfb00fb267f Mon Sep 17 00:00:00 2001
From: Tomas Kubla <tomas@kubla.sk>
Date: Thu, 17 Aug 2023 21:24:51 +0200
Subject: [PATCH 20/63] flake8

---
 dojo/api_v2/serializers.py   |  2 +-
 dojo/api_v2/views.py         |  2 +-
 dojo/forms.py                |  1 +
 dojo/notifications/helper.py |  8 ++++---
 dojo/notifications/views.py  | 44 ++++++++++++++++++------------------
 5 files changed, 30 insertions(+), 27 deletions(-)

diff --git a/dojo/api_v2/serializers.py b/dojo/api_v2/serializers.py
index a184566e1f4..765fa9475b0 100644
--- a/dojo/api_v2/serializers.py
+++ b/dojo/api_v2/serializers.py
@@ -118,7 +118,7 @@
     requires_tool_type,
 )
 from dojo.user.utils import get_configuration_permissions_codenames
-from dojo.utils import is_scan_file_too_large, get_system_setting
+from dojo.utils import is_scan_file_too_large
 
 logger = logging.getLogger(__name__)
 deduplicationLogger = logging.getLogger("dojo.specific-loggers.deduplication")
diff --git a/dojo/api_v2/views.py b/dojo/api_v2/views.py
index b71d3989c4b..bb122cb9a0f 100644
--- a/dojo/api_v2/views.py
+++ b/dojo/api_v2/views.py
@@ -3347,7 +3347,7 @@ class NotificationWebhooksViewset(
     permission_classes = (IsAuthenticated, DjangoModelPermissions)  # TODO
     swagger_schema = prefetch.get_prefetch_schema(
         [
-            "notification_webhooks_list", 
+            "notification_webhooks_list",
             "notification_webhooks_read",
         ], serializers.NotificationWebhooksSerializer,
     ).to_schema()
diff --git a/dojo/forms.py b/dojo/forms.py
index f839825d034..5e37ad0c3b2 100644
--- a/dojo/forms.py
+++ b/dojo/forms.py
@@ -2798,6 +2798,7 @@ def __init__(self, *args, **kwargs):
 class DeleteNotificationsWebhookForm(forms.ModelForm):
     id = forms.IntegerField(required=True,
                             widget=forms.widgets.HiddenInput())
+
     def __init__(self, *args, **kwargs):
         super(DeleteNotificationsWebhookForm, self).__init__(*args, **kwargs)
         self.fields['name'].disabled = True
diff --git a/dojo/notifications/helper.py b/dojo/notifications/helper.py
index 74e09ce45db..4d40cebefd3 100644
--- a/dojo/notifications/helper.py
+++ b/dojo/notifications/helper.py
@@ -366,12 +366,14 @@ def webhooks_notification_request(endpoint, event, *args, **kwargs):
         data=create_notification_message(event, endpoint.owner, 'webhooks', *args, **kwargs))
     return res
 
+
 def test_webhooks_notification(endpoint):
     res = webhooks_notification_request(endpoint, 'ping', {"description": "Test webhook notification"})
-    res.raise_for_status() # in "send_webhooks_notification", we are doing deeper analysis, why it failed
-                           # for now, "raise_for_status" should be enough
+    res.raise_for_status()
+    # in "send_webhooks_notification", we are doing deeper analysis, why it failed
+    # for now, "raise_for_status" should be enough
     logger.debug(f"res: {res.json()}")
-    
+
 
 @dojo_async_task
 @app.task
diff --git a/dojo/notifications/views.py b/dojo/notifications/views.py
index 8faac87e6fc..d7d1d21444a 100644
--- a/dojo/notifications/views.py
+++ b/dojo/notifications/views.py
@@ -1,6 +1,5 @@
 import logging
 import requests
-import urllib3
 
 from django.contrib import messages
 from django.core.exceptions import PermissionDenied
@@ -17,7 +16,7 @@
 from django.db import DEFAULT_DB_ALIAS
 
 from dojo.models import Notifications, Notification_Webhooks
-from dojo.utils import get_enabled_notifications_list, get_page_items, add_breadcrumb, get_system_setting
+from dojo.utils import get_enabled_notifications_list, add_breadcrumb, get_system_setting
 from dojo.forms import NotificationsForm, NotificationsWebhookForm, DeleteNotificationsWebhookForm
 from dojo.authorization.authorization_decorators import user_is_configuration_authorized
 from dojo.notifications.helper import test_webhooks_notification
@@ -158,12 +157,12 @@ def notification_webhooks(request):
     # TODO restrict base on user
     add_breadcrumb(title="Notification Webhook List", top_level=True, request=request)
     return render(request, 'dojo/view_notification_webhooks.html', {
-        'name': 'Notification Webhook List',
-        'metric': False,
-        'user': request.user,
-        'nwhs': nwhs,
-        # 'ntl': ntl,
-        })
+                    'name': 'Notification Webhook List',
+                    'metric': False,
+                    'user': request.user,
+                    'nwhs': nwhs,
+                    # 'ntl': ntl,
+                })
 
 
 @user_is_configuration_authorized('dojo.add_notification_webhook')
@@ -171,7 +170,7 @@ def add_notification_webhook(request):
 
     if not get_system_setting('enable_webhooks_notifications'):
         raise Http404()
-    
+
     nwh_form = NotificationsWebhookForm()
     if request.method == 'POST':
         nwh_form = NotificationsWebhookForm(request.POST)
@@ -183,7 +182,7 @@ def add_notification_webhook(request):
                     request,
                     messages.ERROR,
                     f'Test of endpoint was not sucessful: {e}',
-                    extra_tags='alert-danger')                    
+                    extra_tags='alert-danger')
             else:
                 nwh_form.instance.status = Notification_Webhooks.STATUS_ACTIVE
                 nwh_form.save()
@@ -211,19 +210,19 @@ def edit_notification_webhook(request, nwhid):
         raise Http404()
 
     nwh = get_object_or_404(Notification_Webhooks, pk=nwhid)
-    nwh_form = NotificationsWebhookForm(instance=nwh, is_superuser = request.user.is_superuser)
+    nwh_form = NotificationsWebhookForm(instance=nwh, is_superuser=request.user.is_superuser)
     if request.method == "POST":
-        if 'deactivate_webhook' in request.POST: # TODO add this to API as well
+        if 'deactivate_webhook' in request.POST:  # TODO add this to API as well
             nwh.status = Notification_Webhooks.STATUS_INACTIVE_MANUAL
             nwh.first_error = None
             nwh.last_error = None
             nwh.save()
             messages.add_message(
-                    request,
-                    messages.SUCCESS,
-                    'Notification Webhook deactivated successfully.',
-                    extra_tags="alert-success",
-                )
+                                    request,
+                                    messages.SUCCESS,
+                                    'Notification Webhook deactivated successfully.',
+                                    extra_tags="alert-success",
+                                )
             return HttpResponseRedirect(reverse("notification_webhooks"))
         else:
             nwh_form = NotificationsWebhookForm(request.POST, instance=nwh)
@@ -235,7 +234,7 @@ def edit_notification_webhook(request, nwhid):
                         request,
                         messages.ERROR,
                         f'Test of endpoint was not sucessful: {e}',
-                        extra_tags='alert-danger')                    
+                        extra_tags='alert-danger')
                 else:
                     nwh_form.instance.status = Notification_Webhooks.STATUS_ACTIVE
                     nwh = nwh_form.save()
@@ -281,7 +280,8 @@ def delete_notification_webhook(request, nwhid):
                 extra_tags='alert-danger')
 
     return render(request, 'dojo/delete_notification_webhook.html',
-                  {
-                   'form': form,
-                   'nwh': nwh,
-                   })
+                    {
+                        'form': form,
+                        'nwh': nwh,
+                    }
+                  )

From 3956710829da5abbea51e2569940adfcd05dc567 Mon Sep 17 00:00:00 2001
From: Tomas Kubla <tomas@kubla.sk>
Date: Fri, 25 Aug 2023 12:07:24 +0200
Subject: [PATCH 21/63] Rewrite YAML template to JSON request body

---
 dojo/notifications/helper.py | 9 ++++++++-
 requirements.txt             | 1 +
 2 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/dojo/notifications/helper.py b/dojo/notifications/helper.py
index 4d40cebefd3..f9975e2452f 100644
--- a/dojo/notifications/helper.py
+++ b/dojo/notifications/helper.py
@@ -1,6 +1,8 @@
 import logging
 
 import requests
+import json
+import yaml
 from django.conf import settings
 from django.core.exceptions import FieldDoesNotExist
 from django.core.mail import EmailMessage
@@ -356,14 +358,19 @@ def webhooks_notification_request(endpoint, event, *args, **kwargs):
         "User-Agent": f"DefectDojo-{dd_version}",
         "X-DefectDojo-Event": event,
         "X-DefectDojo-Instance": settings.SITE_URL,
+        "Accept": "application/json",
+        "Contenct-Type": "application/json",
     }
     if endpoint.header_name is not None:
         headers[endpoint.header_name] = endpoint.header_value
+    yaml_data = create_notification_message(event, endpoint.owner, 'webhooks', *args, **kwargs)
+    json_data = json.dumps(yaml.safe_load(yaml_data))
     res = requests.request(
         method='POST',
         url=endpoint.url,
         headers=headers,
-        data=create_notification_message(event, endpoint.owner, 'webhooks', *args, **kwargs))
+        data=json_data,
+    )
     return res
 
 
diff --git a/requirements.txt b/requirements.txt
index a6f7cd79296..cbd1341bcc5 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -73,3 +73,4 @@ boto3==1.35.16  # Required for Celery Broker AWS (SQS) support
 netaddr==1.3.0
 vulners==2.2.1
 fontawesomefree==6.6.0
+PyYAML==6.0.1

From 6c274eea3ea6eda5a29106dfbcdc9456ca7c5e91 Mon Sep 17 00:00:00 2001
From: Tomas Kubla <tomas@kubla.sk>
Date: Tue, 10 Oct 2023 12:08:48 +0200
Subject: [PATCH 22/63] update go-httpbin

---
 docker-compose.override.unit_tests.yml      | 2 +-
 docker-compose.override.unit_tests_cicd.yml | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/docker-compose.override.unit_tests.yml b/docker-compose.override.unit_tests.yml
index d26dc741cc8..e7f764ac8a7 100644
--- a/docker-compose.override.unit_tests.yml
+++ b/docker-compose.override.unit_tests.yml
@@ -52,7 +52,7 @@ services:
     image: busybox:1.36.1-musl
     entrypoint: ['echo', 'skipping', 'redis']
   "webhook.endpoint":
-    image: mccutchen/go-httpbin:v2.10.0@sha256:c4b6cb9c0fb347f8ab1fdcdfbb4ed391ed64e32e698cbfafa09507736cfe412a
+    image: mccutchen/go-httpbin:v2.11.1@sha256:0632334b5123a2a100fc811e90e6986fc776b26086619f7
 volumes:
   defectdojo_postgres_unit_tests: {}
   defectdojo_media_unit_tests: {}
diff --git a/docker-compose.override.unit_tests_cicd.yml b/docker-compose.override.unit_tests_cicd.yml
index 0617aa2f2ac..40de29bbe3c 100644
--- a/docker-compose.override.unit_tests_cicd.yml
+++ b/docker-compose.override.unit_tests_cicd.yml
@@ -51,7 +51,7 @@ services:
     image: busybox:1.36.1-musl
     entrypoint: ['echo', 'skipping', 'redis']
   "webhook.endpoint":
-    image: mccutchen/go-httpbin:v2.10.0@sha256:c4b6cb9c0fb347f8ab1fdcdfbb4ed391ed64e32e698cbfafa09507736cfe412a
+    image: mccutchen/go-httpbin:v2.11.1@sha256:0632334b5123a2a100fc811e90e6986fc776b26086619f7
 volumes:
   defectdojo_postgres_unit_tests: {}
   defectdojo_media_unit_tests: {}

From 966087f1d4613b806f515c1593ad35f4a6c9cb2a Mon Sep 17 00:00:00 2001
From: Tomas Kubla <tomas@kubla.sk>
Date: Tue, 5 Dec 2023 22:25:09 +0100
Subject: [PATCH 23/63] Update go-httpbin

---
 docker-compose.override.unit_tests.yml      | 2 +-
 docker-compose.override.unit_tests_cicd.yml | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/docker-compose.override.unit_tests.yml b/docker-compose.override.unit_tests.yml
index e7f764ac8a7..c25c37614ab 100644
--- a/docker-compose.override.unit_tests.yml
+++ b/docker-compose.override.unit_tests.yml
@@ -52,7 +52,7 @@ services:
     image: busybox:1.36.1-musl
     entrypoint: ['echo', 'skipping', 'redis']
   "webhook.endpoint":
-    image: mccutchen/go-httpbin:v2.11.1@sha256:0632334b5123a2a100fc811e90e6986fc776b26086619f7
+    image: mccutchen/go-httpbin:v2.12.0@sha256:4b8bfbbdfb23845e9ae4bfd5c21abf96ee948cc83bd735db7e861654bf0f173d
 volumes:
   defectdojo_postgres_unit_tests: {}
   defectdojo_media_unit_tests: {}
diff --git a/docker-compose.override.unit_tests_cicd.yml b/docker-compose.override.unit_tests_cicd.yml
index 40de29bbe3c..fc1c1ffaee0 100644
--- a/docker-compose.override.unit_tests_cicd.yml
+++ b/docker-compose.override.unit_tests_cicd.yml
@@ -51,7 +51,7 @@ services:
     image: busybox:1.36.1-musl
     entrypoint: ['echo', 'skipping', 'redis']
   "webhook.endpoint":
-    image: mccutchen/go-httpbin:v2.11.1@sha256:0632334b5123a2a100fc811e90e6986fc776b26086619f7
+    image: mccutchen/go-httpbin:v2.12.0@sha256:4b8bfbbdfb23845e9ae4bfd5c21abf96ee948cc83bd735db7e861654bf0f173d
 volumes:
   defectdojo_postgres_unit_tests: {}
   defectdojo_media_unit_tests: {}

From e860440027ef4cc022ad0c442f1506db52666c08 Mon Sep 17 00:00:00 2001
From: Tomas Kubla <tomas@kubla.sk>
Date: Wed, 13 Dec 2023 15:00:27 +0100
Subject: [PATCH 24/63] Inc db_mig

---
 ...4_system_settings_enable_webhooks_notifications_and_more.py} | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 rename dojo/db_migrations/{0191_system_settings_enable_webhooks_notifications_and_more.py => 0194_system_settings_enable_webhooks_notifications_and_more.py} (99%)

diff --git a/dojo/db_migrations/0191_system_settings_enable_webhooks_notifications_and_more.py b/dojo/db_migrations/0194_system_settings_enable_webhooks_notifications_and_more.py
similarity index 99%
rename from dojo/db_migrations/0191_system_settings_enable_webhooks_notifications_and_more.py
rename to dojo/db_migrations/0194_system_settings_enable_webhooks_notifications_and_more.py
index 527edc811c2..a66318911f9 100644
--- a/dojo/db_migrations/0191_system_settings_enable_webhooks_notifications_and_more.py
+++ b/dojo/db_migrations/0194_system_settings_enable_webhooks_notifications_and_more.py
@@ -8,7 +8,7 @@
 class Migration(migrations.Migration):
 
     dependencies = [
-        ('dojo', '0190_system_settings_experimental_fp_history'),
+        ('dojo', '0193_remove_system_settings_enable_auditlog'),
     ]
 
     operations = [

From af5951a5a60974e00ee3b9788b36a9977ddc1fb0 Mon Sep 17 00:00:00 2001
From: Tomas Kubla <tomas@kubla.sk>
Date: Sat, 16 Mar 2024 16:11:40 +0100
Subject: [PATCH 25/63] Upgrade

---
 docker-compose.override.unit_tests.yml        |  2 +-
 docker-compose.override.unit_tests_cicd.yml   |  2 +-
 dojo/api_v2/views.py                          |  6 ----
 ...enable_webhooks_notifications_and_more.py} |  2 +-
 ...ons_risk_acceptance_expiration_and_more.py | 29 +++++++++++++++++++
 dojo/notifications/helper.py                  |  1 -
 dojo/notifications/views.py                   | 10 +++----
 dojo/urls.py                                  |  2 +-
 8 files changed, 37 insertions(+), 17 deletions(-)
 rename dojo/db_migrations/{0194_system_settings_enable_webhooks_notifications_and_more.py => 0205_system_settings_enable_webhooks_notifications_and_more.py} (99%)
 create mode 100644 dojo/db_migrations/0206_alter_notifications_risk_acceptance_expiration_and_more.py

diff --git a/docker-compose.override.unit_tests.yml b/docker-compose.override.unit_tests.yml
index c25c37614ab..5beef1243a3 100644
--- a/docker-compose.override.unit_tests.yml
+++ b/docker-compose.override.unit_tests.yml
@@ -52,7 +52,7 @@ services:
     image: busybox:1.36.1-musl
     entrypoint: ['echo', 'skipping', 'redis']
   "webhook.endpoint":
-    image: mccutchen/go-httpbin:v2.12.0@sha256:4b8bfbbdfb23845e9ae4bfd5c21abf96ee948cc83bd735db7e861654bf0f173d
+    image: mccutchen/go-httpbin:v2.13.4@sha256:bb66e5c7ae2c18950c438d445fc10e2603ee58c4e0ef54cc8d95078ac51015c2
 volumes:
   defectdojo_postgres_unit_tests: {}
   defectdojo_media_unit_tests: {}
diff --git a/docker-compose.override.unit_tests_cicd.yml b/docker-compose.override.unit_tests_cicd.yml
index fc1c1ffaee0..fed49fa18f7 100644
--- a/docker-compose.override.unit_tests_cicd.yml
+++ b/docker-compose.override.unit_tests_cicd.yml
@@ -51,7 +51,7 @@ services:
     image: busybox:1.36.1-musl
     entrypoint: ['echo', 'skipping', 'redis']
   "webhook.endpoint":
-    image: mccutchen/go-httpbin:v2.12.0@sha256:4b8bfbbdfb23845e9ae4bfd5c21abf96ee948cc83bd735db7e861654bf0f173d
+    image: mccutchen/go-httpbin:v2.13.4@sha256:bb66e5c7ae2c18950c438d445fc10e2603ee58c4e0ef54cc8d95078ac51015c2
 volumes:
   defectdojo_postgres_unit_tests: {}
   defectdojo_media_unit_tests: {}
diff --git a/dojo/api_v2/views.py b/dojo/api_v2/views.py
index bb122cb9a0f..20bb43fccdd 100644
--- a/dojo/api_v2/views.py
+++ b/dojo/api_v2/views.py
@@ -3345,9 +3345,3 @@ class NotificationWebhooksViewset(
     filter_backends = (DjangoFilterBackend,)
     filterset_fields = ('__all__')
     permission_classes = (IsAuthenticated, DjangoModelPermissions)  # TODO
-    swagger_schema = prefetch.get_prefetch_schema(
-        [
-            "notification_webhooks_list",
-            "notification_webhooks_read",
-        ], serializers.NotificationWebhooksSerializer,
-    ).to_schema()
diff --git a/dojo/db_migrations/0194_system_settings_enable_webhooks_notifications_and_more.py b/dojo/db_migrations/0205_system_settings_enable_webhooks_notifications_and_more.py
similarity index 99%
rename from dojo/db_migrations/0194_system_settings_enable_webhooks_notifications_and_more.py
rename to dojo/db_migrations/0205_system_settings_enable_webhooks_notifications_and_more.py
index a66318911f9..0bad23cd5b0 100644
--- a/dojo/db_migrations/0194_system_settings_enable_webhooks_notifications_and_more.py
+++ b/dojo/db_migrations/0205_system_settings_enable_webhooks_notifications_and_more.py
@@ -8,7 +8,7 @@
 class Migration(migrations.Migration):
 
     dependencies = [
-        ('dojo', '0193_remove_system_settings_enable_auditlog'),
+        ('dojo', '0204_jira_project_epic_issue_type_name'),
     ]
 
     operations = [
diff --git a/dojo/db_migrations/0206_alter_notifications_risk_acceptance_expiration_and_more.py b/dojo/db_migrations/0206_alter_notifications_risk_acceptance_expiration_and_more.py
new file mode 100644
index 00000000000..ccba3bd0519
--- /dev/null
+++ b/dojo/db_migrations/0206_alter_notifications_risk_acceptance_expiration_and_more.py
@@ -0,0 +1,29 @@
+# Generated by Django 4.1.13 on 2024-03-16 15:22
+
+from django.db import migrations
+import multiselectfield.db.fields
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('dojo', '0205_system_settings_enable_webhooks_notifications_and_more'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='notifications',
+            name='risk_acceptance_expiration',
+            field=multiselectfield.db.fields.MultiSelectField(blank=True, choices=[('slack', 'slack'), ('msteams', 'msteams'), ('mail', 'mail'), ('webhooks', 'webhooks'), ('alert', 'alert')], default=('alert', 'alert'), help_text='Get notified of (upcoming) Risk Acceptance expiries', max_length=33, verbose_name='Risk Acceptance Expiration'),
+        ),
+        migrations.AlterField(
+            model_name='notifications',
+            name='scan_added_empty',
+            field=multiselectfield.db.fields.MultiSelectField(blank=True, choices=[('slack', 'slack'), ('msteams', 'msteams'), ('mail', 'mail'), ('webhooks', 'webhooks'), ('alert', 'alert')], default=[], help_text='Triggered whenever an (re-)import has been done (even if that created/updated/closed no findings).', max_length=33),
+        ),
+        migrations.AlterField(
+            model_name='notifications',
+            name='sla_breach_combined',
+            field=multiselectfield.db.fields.MultiSelectField(blank=True, choices=[('slack', 'slack'), ('msteams', 'msteams'), ('mail', 'mail'), ('webhooks', 'webhooks'), ('alert', 'alert')], default=('alert', 'alert'), help_text='Get notified of (upcoming) SLA breaches (a message per project)', max_length=33, verbose_name='SLA breach (combined)'),
+        ),
+    ]
diff --git a/dojo/notifications/helper.py b/dojo/notifications/helper.py
index f9975e2452f..88fad8f9ac6 100644
--- a/dojo/notifications/helper.py
+++ b/dojo/notifications/helper.py
@@ -6,7 +6,6 @@
 from django.conf import settings
 from django.core.exceptions import FieldDoesNotExist
 from django.core.mail import EmailMessage
-from django.conf import settings
 from django.db.models import Count, Prefetch, Q
 from django.template import TemplateDoesNotExist
 from django.template.loader import render_to_string
diff --git a/dojo/notifications/views.py b/dojo/notifications/views.py
index d7d1d21444a..8b147652ed9 100644
--- a/dojo/notifications/views.py
+++ b/dojo/notifications/views.py
@@ -11,13 +11,11 @@
 from dojo.forms import NotificationsForm
 
 from django.urls import reverse
-from django.http import HttpResponseRedirect, HttpResponseForbidden, Http404
-from django.contrib.admin.utils import NestedObjects
-from django.db import DEFAULT_DB_ALIAS
+from django.http import HttpResponseRedirect, Http404
 
-from dojo.models import Notifications, Notification_Webhooks
-from dojo.utils import get_enabled_notifications_list, add_breadcrumb, get_system_setting
-from dojo.forms import NotificationsForm, NotificationsWebhookForm, DeleteNotificationsWebhookForm
+from dojo.models import Notification_Webhooks
+from dojo.utils import get_system_setting
+from dojo.forms import NotificationsWebhookForm, DeleteNotificationsWebhookForm
 from dojo.authorization.authorization_decorators import user_is_configuration_authorized
 from dojo.notifications.helper import test_webhooks_notification
 from dojo.models import Notifications
diff --git a/dojo/urls.py b/dojo/urls.py
index 943e32d0129..93789d21bbb 100644
--- a/dojo/urls.py
+++ b/dojo/urls.py
@@ -70,7 +70,7 @@
     UserContactInfoViewSet,
     UserProfileView,
     UsersViewSet,
-    WebhookEndpointsViewset,
+    NotificationWebhooksViewset,
 )
 from dojo.api_v2.views import DojoSpectacularAPIView as SpectacularAPIView
 from dojo.banner.urls import urlpatterns as banner_urls

From 5119b5c80686fce3b872df386caaa5dd345a1223 Mon Sep 17 00:00:00 2001
From: kiblik <5609770+kiblik@users.noreply.github.com>
Date: Sat, 18 May 2024 10:10:13 +0200
Subject: [PATCH 26/63] Ruff

---
 dojo/api_v2/serializers.py   |  3 +--
 dojo/api_v2/views.py         |  2 +-
 dojo/forms.py                |  6 +++---
 dojo/notifications/helper.py | 12 ++++++++++--
 dojo/notifications/views.py  | 20 +++++++-------------
 dojo/urls.py                 |  2 +-
 6 files changed, 23 insertions(+), 22 deletions(-)

diff --git a/dojo/api_v2/serializers.py b/dojo/api_v2/serializers.py
index 765fa9475b0..25161075a5d 100644
--- a/dojo/api_v2/serializers.py
+++ b/dojo/api_v2/serializers.py
@@ -12,7 +12,6 @@
 from django.contrib.auth.password_validation import validate_password
 from django.core.exceptions import PermissionDenied, ValidationError
 from django.db.utils import IntegrityError
-from django.http import Http404
 from django.urls import reverse
 from django.utils import timezone
 from django.utils.translation import gettext_lazy as _
@@ -78,6 +77,7 @@
     Note_Type,
     NoteHistory,
     Notes,
+    Notification_Webhooks,
     Notifications,
     Product,
     Product_API_Scan_Configuration,
@@ -108,7 +108,6 @@
     UserContactInfo,
     Vulnerability_Id,
     Vulnerability_Id_Template,
-    Notification_Webhooks,
     get_current_date,
 )
 from dojo.risk_acceptance.helper import add_findings_to_risk_acceptance, remove_finding_from_risk_acceptance
diff --git a/dojo/api_v2/views.py b/dojo/api_v2/views.py
index 20bb43fccdd..fe0872dfee5 100644
--- a/dojo/api_v2/views.py
+++ b/dojo/api_v2/views.py
@@ -111,6 +111,7 @@
     Network_Locations,
     Note_Type,
     Notes,
+    Notification_Webhooks,
     Notifications,
     Product,
     Product_API_Scan_Configuration,
@@ -136,7 +137,6 @@
     Tool_Type,
     User,
     UserContactInfo,
-    Notification_Webhooks,
 )
 from dojo.product.queries import (
     get_authorized_app_analysis,
diff --git a/dojo/forms.py b/dojo/forms.py
index 5e37ad0c3b2..4cefe3dd089 100644
--- a/dojo/forms.py
+++ b/dojo/forms.py
@@ -72,6 +72,7 @@
     JIRA_Project,
     Note_Type,
     Notes,
+    Notification_Webhooks,
     Notifications,
     Objects_Product,
     Product,
@@ -96,7 +97,6 @@
     Tool_Type,
     User,
     UserContactInfo,
-    Notification_Webhooks,
 )
 from dojo.product.queries import get_authorized_products
 from dojo.product_type.queries import get_authorized_product_types
@@ -2787,7 +2787,7 @@ class Meta:
     def __init__(self, *args, **kwargs):
         is_superuser = kwargs.pop('is_superuser', False)
         logger.debug(f"is_superuser: {is_superuser}")
-        super(NotificationsWebhookForm, self).__init__(*args, **kwargs)
+        super().__init__(*args, **kwargs)
         self.fields['status'].disabled = True  # TODO - same for API
         self.fields['first_error'].disabled = True
         self.fields['last_error'].disabled = True
@@ -2800,7 +2800,7 @@ class DeleteNotificationsWebhookForm(forms.ModelForm):
                             widget=forms.widgets.HiddenInput())
 
     def __init__(self, *args, **kwargs):
-        super(DeleteNotificationsWebhookForm, self).__init__(*args, **kwargs)
+        super().__init__(*args, **kwargs)
         self.fields['name'].disabled = True
         self.fields['url'].disabled = True
 
diff --git a/dojo/notifications/helper.py b/dojo/notifications/helper.py
index 88fad8f9ac6..6353e6932fc 100644
--- a/dojo/notifications/helper.py
+++ b/dojo/notifications/helper.py
@@ -1,7 +1,7 @@
+import json
 import logging
 
 import requests
-import json
 import yaml
 from django.conf import settings
 from django.core.exceptions import FieldDoesNotExist
@@ -16,7 +16,15 @@
 from dojo.authorization.roles_permissions import Permissions
 from dojo.celery import app
 from dojo.decorators import dojo_async_task, we_want_async
-from dojo.models import Alerts, Dojo_User, Notifications, System_Settings, UserContactInfo, Notification_Webhooks, get_current_datetime
+from dojo.models import (
+    Alerts,
+    Dojo_User,
+    Notification_Webhooks,
+    Notifications,
+    System_Settings,
+    UserContactInfo,
+    get_current_datetime,
+)
 from dojo.user.queries import get_authorized_users_for_product_and_product_type, get_authorized_users_for_product_type
 
 logger = logging.getLogger(__name__)
diff --git a/dojo/notifications/views.py b/dojo/notifications/views.py
index 8b147652ed9..96b39d0322f 100644
--- a/dojo/notifications/views.py
+++ b/dojo/notifications/views.py
@@ -1,25 +1,19 @@
 import logging
-import requests
 
+import requests
 from django.contrib import messages
 from django.core.exceptions import PermissionDenied
-from django.http import HttpRequest
-from django.shortcuts import render, get_object_or_404
+from django.http import Http404, HttpRequest, HttpResponseRedirect
+from django.shortcuts import get_object_or_404, render
+from django.urls import reverse
 from django.utils.translation import gettext as _
 from django.views import View
 
-from dojo.forms import NotificationsForm
-
-from django.urls import reverse
-from django.http import HttpResponseRedirect, Http404
-
-from dojo.models import Notification_Webhooks
-from dojo.utils import get_system_setting
-from dojo.forms import NotificationsWebhookForm, DeleteNotificationsWebhookForm
 from dojo.authorization.authorization_decorators import user_is_configuration_authorized
+from dojo.forms import DeleteNotificationsWebhookForm, NotificationsForm, NotificationsWebhookForm
+from dojo.models import Notification_Webhooks, Notifications
 from dojo.notifications.helper import test_webhooks_notification
-from dojo.models import Notifications
-from dojo.utils import add_breadcrumb, get_enabled_notifications_list
+from dojo.utils import add_breadcrumb, get_enabled_notifications_list, get_system_setting
 
 logger = logging.getLogger(__name__)
 
diff --git a/dojo/urls.py b/dojo/urls.py
index 93789d21bbb..8981d16b859 100644
--- a/dojo/urls.py
+++ b/dojo/urls.py
@@ -40,6 +40,7 @@
     NotesViewSet,
     NoteTypeViewSet,
     NotificationsViewSet,
+    NotificationWebhooksViewset,
     ProductAPIScanConfigurationViewSet,
     ProductGroupViewSet,
     ProductMemberViewSet,
@@ -70,7 +71,6 @@
     UserContactInfoViewSet,
     UserProfileView,
     UsersViewSet,
-    NotificationWebhooksViewset,
 )
 from dojo.api_v2.views import DojoSpectacularAPIView as SpectacularAPIView
 from dojo.banner.urls import urlpatterns as banner_urls

From 9f4b3f198ef07a3cc5f8eb4c8dff489da8dee339 Mon Sep 17 00:00:00 2001
From: kiblik <5609770+kiblik@users.noreply.github.com>
Date: Tue, 28 May 2024 21:22:31 +0200
Subject: [PATCH 27/63] Update httpbin, move db_mig, use as_view

---
 docker-compose.override.unit_tests.yml        |   2 +-
 docker-compose.override.unit_tests_cicd.yml   |   2 +-
 ...ons_risk_acceptance_expiration_and_more.py |  29 --
 ...enable_webhooks_notifications_and_more.py} |  44 ++-
 dojo/notifications/helper.py                  |  10 +-
 dojo/notifications/urls.py                    |  10 +-
 dojo/notifications/views.py                   | 353 ++++++++++++------
 7 files changed, 287 insertions(+), 163 deletions(-)
 delete mode 100644 dojo/db_migrations/0206_alter_notifications_risk_acceptance_expiration_and_more.py
 rename dojo/db_migrations/{0205_system_settings_enable_webhooks_notifications_and_more.py => 0213_system_settings_enable_webhooks_notifications_and_more.py} (87%)

diff --git a/docker-compose.override.unit_tests.yml b/docker-compose.override.unit_tests.yml
index 5beef1243a3..ccf3c84030a 100644
--- a/docker-compose.override.unit_tests.yml
+++ b/docker-compose.override.unit_tests.yml
@@ -52,7 +52,7 @@ services:
     image: busybox:1.36.1-musl
     entrypoint: ['echo', 'skipping', 'redis']
   "webhook.endpoint":
-    image: mccutchen/go-httpbin:v2.13.4@sha256:bb66e5c7ae2c18950c438d445fc10e2603ee58c4e0ef54cc8d95078ac51015c2
+    image: mccutchen/go-httpbin:v2.14.0@sha256:e0f398a0a29e7cf00a2467326344d70b4d89d0786d8f9a3287c2a0371c804823
 volumes:
   defectdojo_postgres_unit_tests: {}
   defectdojo_media_unit_tests: {}
diff --git a/docker-compose.override.unit_tests_cicd.yml b/docker-compose.override.unit_tests_cicd.yml
index fed49fa18f7..141ad7227dc 100644
--- a/docker-compose.override.unit_tests_cicd.yml
+++ b/docker-compose.override.unit_tests_cicd.yml
@@ -51,7 +51,7 @@ services:
     image: busybox:1.36.1-musl
     entrypoint: ['echo', 'skipping', 'redis']
   "webhook.endpoint":
-    image: mccutchen/go-httpbin:v2.13.4@sha256:bb66e5c7ae2c18950c438d445fc10e2603ee58c4e0ef54cc8d95078ac51015c2
+    image: mccutchen/go-httpbin:v2.14.0@sha256:e0f398a0a29e7cf00a2467326344d70b4d89d0786d8f9a3287c2a0371c804823
 volumes:
   defectdojo_postgres_unit_tests: {}
   defectdojo_media_unit_tests: {}
diff --git a/dojo/db_migrations/0206_alter_notifications_risk_acceptance_expiration_and_more.py b/dojo/db_migrations/0206_alter_notifications_risk_acceptance_expiration_and_more.py
deleted file mode 100644
index ccba3bd0519..00000000000
--- a/dojo/db_migrations/0206_alter_notifications_risk_acceptance_expiration_and_more.py
+++ /dev/null
@@ -1,29 +0,0 @@
-# Generated by Django 4.1.13 on 2024-03-16 15:22
-
-from django.db import migrations
-import multiselectfield.db.fields
-
-
-class Migration(migrations.Migration):
-
-    dependencies = [
-        ('dojo', '0205_system_settings_enable_webhooks_notifications_and_more'),
-    ]
-
-    operations = [
-        migrations.AlterField(
-            model_name='notifications',
-            name='risk_acceptance_expiration',
-            field=multiselectfield.db.fields.MultiSelectField(blank=True, choices=[('slack', 'slack'), ('msteams', 'msteams'), ('mail', 'mail'), ('webhooks', 'webhooks'), ('alert', 'alert')], default=('alert', 'alert'), help_text='Get notified of (upcoming) Risk Acceptance expiries', max_length=33, verbose_name='Risk Acceptance Expiration'),
-        ),
-        migrations.AlterField(
-            model_name='notifications',
-            name='scan_added_empty',
-            field=multiselectfield.db.fields.MultiSelectField(blank=True, choices=[('slack', 'slack'), ('msteams', 'msteams'), ('mail', 'mail'), ('webhooks', 'webhooks'), ('alert', 'alert')], default=[], help_text='Triggered whenever an (re-)import has been done (even if that created/updated/closed no findings).', max_length=33),
-        ),
-        migrations.AlterField(
-            model_name='notifications',
-            name='sla_breach_combined',
-            field=multiselectfield.db.fields.MultiSelectField(blank=True, choices=[('slack', 'slack'), ('msteams', 'msteams'), ('mail', 'mail'), ('webhooks', 'webhooks'), ('alert', 'alert')], default=('alert', 'alert'), help_text='Get notified of (upcoming) SLA breaches (a message per project)', max_length=33, verbose_name='SLA breach (combined)'),
-        ),
-    ]
diff --git a/dojo/db_migrations/0205_system_settings_enable_webhooks_notifications_and_more.py b/dojo/db_migrations/0213_system_settings_enable_webhooks_notifications_and_more.py
similarity index 87%
rename from dojo/db_migrations/0205_system_settings_enable_webhooks_notifications_and_more.py
rename to dojo/db_migrations/0213_system_settings_enable_webhooks_notifications_and_more.py
index 0bad23cd5b0..395211339d7 100644
--- a/dojo/db_migrations/0205_system_settings_enable_webhooks_notifications_and_more.py
+++ b/dojo/db_migrations/0213_system_settings_enable_webhooks_notifications_and_more.py
@@ -1,4 +1,4 @@
-# Generated by Django 4.1.5 on 2023-02-17 09:52
+# Generated by Django 4.1.13 on 2024-05-27 16:23
 
 from django.db import migrations, models
 import django.db.models.deletion
@@ -8,24 +8,10 @@
 class Migration(migrations.Migration):
 
     dependencies = [
-        ('dojo', '0204_jira_project_epic_issue_type_name'),
+        ('dojo', '0212_sla_configuration_enforce_critical_and_more'),
     ]
 
     operations = [
-        migrations.CreateModel(
-            name='Notification_Webhooks',
-            fields=[
-                ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
-                ('name', models.CharField(default='', help_text='Name of the incoming webhook', max_length=100, unique=True)),
-                ('url', models.URLField(default='', help_text='The full URL of the incoming webhook')),
-                ('header_name', models.CharField(blank=True, default='', help_text='Name of the header required for interacting with Webhook endpoint', max_length=100, null=True)),
-                ('header_value', models.CharField(blank=True, default='', help_text='Content of the header required for interacting with Webhook endpoint', max_length=100, null=True)),
-                ('status', models.CharField(choices=[('active', 'Active'), ('inactive_400', 'Inactive because of 4xx error'), ('active_500', 'Active but 5xx error detected'), ('inactive_500', 'Inactive because of 5xx error'), ('inactive_others', 'Inactive because of status code unsupported'), ('inactive_manual', 'Inactive because of manual deactivation')], default='active', help_text='Status of the incoming webhook', max_length=20)),
-                ('first_error', models.DateTimeField(blank=True, help_text='If endpoint is active, when error happened first time', null=True)),
-                ('last_error', models.DateTimeField(blank=True, help_text='If endpoint is active, when error happened last time', null=True)),
-                ('owner', models.ForeignKey(blank=True, help_text='Owner/receiver of notification, if empty processed as system notification', null=True, on_delete=django.db.models.deletion.CASCADE, to='dojo.dojo_user')),
-            ],
-        ),
         migrations.AddField(
             model_name='system_settings',
             name='enable_webhooks_notifications',
@@ -79,18 +65,28 @@ class Migration(migrations.Migration):
         migrations.AlterField(
             model_name='notifications',
             name='risk_acceptance_expiration',
-            field=multiselectfield.db.fields.MultiSelectField(blank=True, choices=[('slack', 'slack'), ('msteams', 'msteams'), ('mail', 'mail'), ('webhooks', 'webhooks'), ('alert', 'alert')], default='alert', help_text='Get notified of (upcoming) Risk Acceptance expiries', max_length=33, verbose_name='Risk Acceptance Expiration'),
+            field=multiselectfield.db.fields.MultiSelectField(blank=True, choices=[('slack', 'slack'), ('msteams', 'msteams'), ('mail', 'mail'), ('webhooks', 'webhooks'), ('alert', 'alert')], default=('alert', 'alert'), help_text='Get notified of (upcoming) Risk Acceptance expiries', max_length=33, verbose_name='Risk Acceptance Expiration'),
         ),
         migrations.AlterField(
             model_name='notifications',
             name='scan_added',
             field=multiselectfield.db.fields.MultiSelectField(blank=True, choices=[('slack', 'slack'), ('msteams', 'msteams'), ('mail', 'mail'), ('webhooks', 'webhooks'), ('alert', 'alert')], default=('alert', 'alert'), help_text='Triggered whenever an (re-)import has been done that created/updated/closed findings.', max_length=33),
         ),
+        migrations.AlterField(
+            model_name='notifications',
+            name='scan_added_empty',
+            field=multiselectfield.db.fields.MultiSelectField(blank=True, choices=[('slack', 'slack'), ('msteams', 'msteams'), ('mail', 'mail'), ('webhooks', 'webhooks'), ('alert', 'alert')], default=[], help_text='Triggered whenever an (re-)import has been done (even if that created/updated/closed no findings).', max_length=33),
+        ),
         migrations.AlterField(
             model_name='notifications',
             name='sla_breach',
             field=multiselectfield.db.fields.MultiSelectField(blank=True, choices=[('slack', 'slack'), ('msteams', 'msteams'), ('mail', 'mail'), ('webhooks', 'webhooks'), ('alert', 'alert')], default=('alert', 'alert'), help_text='Get notified of (upcoming) SLA breaches', max_length=33, verbose_name='SLA breach'),
         ),
+        migrations.AlterField(
+            model_name='notifications',
+            name='sla_breach_combined',
+            field=multiselectfield.db.fields.MultiSelectField(blank=True, choices=[('slack', 'slack'), ('msteams', 'msteams'), ('mail', 'mail'), ('webhooks', 'webhooks'), ('alert', 'alert')], default=('alert', 'alert'), help_text='Get notified of (upcoming) SLA breaches (a message per project)', max_length=33, verbose_name='SLA breach (combined)'),
+        ),
         migrations.AlterField(
             model_name='notifications',
             name='stale_engagement',
@@ -111,4 +107,18 @@ class Migration(migrations.Migration):
             name='user_mentioned',
             field=multiselectfield.db.fields.MultiSelectField(blank=True, choices=[('slack', 'slack'), ('msteams', 'msteams'), ('mail', 'mail'), ('webhooks', 'webhooks'), ('alert', 'alert')], default=('alert', 'alert'), max_length=33),
         ),
+        migrations.CreateModel(
+            name='Notification_Webhooks',
+            fields=[
+                ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('name', models.CharField(default='', help_text='Name of the incoming webhook', max_length=100, unique=True)),
+                ('url', models.URLField(default='', help_text='The full URL of the incoming webhook')),
+                ('header_name', models.CharField(blank=True, default='', help_text='Name of the header required for interacting with Webhook endpoint', max_length=100, null=True)),
+                ('header_value', models.CharField(blank=True, default='', help_text='Content of the header required for interacting with Webhook endpoint', max_length=100, null=True)),
+                ('status', models.CharField(choices=[('active', 'Active'), ('inactive_400', 'Inactive because of 4xx error'), ('active_500', 'Active but 5xx error detected'), ('inactive_500', 'Inactive because of 5xx error'), ('inactive_others', 'Inactive because of status code unsupported'), ('inactive_manual', 'Inactive because of manual deactivation')], default='active', help_text='Status of the incoming webhook', max_length=20)),
+                ('first_error', models.DateTimeField(blank=True, help_text='If endpoint is active, when error happened first time', null=True)),
+                ('last_error', models.DateTimeField(blank=True, help_text='If endpoint is active, when error happened last time', null=True)),
+                ('owner', models.ForeignKey(blank=True, help_text='Owner/receiver of notification, if empty processed as system notification', null=True, on_delete=django.db.models.deletion.CASCADE, to='dojo.dojo_user')),
+            ],
+        ),
     ]
diff --git a/dojo/notifications/helper.py b/dojo/notifications/helper.py
index 6353e6932fc..3143486a28d 100644
--- a/dojo/notifications/helper.py
+++ b/dojo/notifications/helper.py
@@ -1,6 +1,6 @@
 import json
 import logging
-
+import pprint
 import requests
 import yaml
 from django.conf import settings
@@ -366,18 +366,19 @@ def webhooks_notification_request(endpoint, event, *args, **kwargs):
         "X-DefectDojo-Event": event,
         "X-DefectDojo-Instance": settings.SITE_URL,
         "Accept": "application/json",
-        "Contenct-Type": "application/json",
     }
     if endpoint.header_name is not None:
         headers[endpoint.header_name] = endpoint.header_value
     yaml_data = create_notification_message(event, endpoint.owner, 'webhooks', *args, **kwargs)
-    json_data = json.dumps(yaml.safe_load(yaml_data))
+    data = yaml.safe_load(yaml_data)
     res = requests.request(
         method='POST',
         url=endpoint.url,
         headers=headers,
-        data=json_data,
+        json=data,
     )
+    logger.debug(f"Webhook notification response:")
+    logger.debug(pprint.pformat(res.json()))
     return res
 
 
@@ -386,7 +387,6 @@ def test_webhooks_notification(endpoint):
     res.raise_for_status()
     # in "send_webhooks_notification", we are doing deeper analysis, why it failed
     # for now, "raise_for_status" should be enough
-    logger.debug(f"res: {res.json()}")
 
 
 @dojo_async_task
diff --git a/dojo/notifications/urls.py b/dojo/notifications/urls.py
index 1466fa8db19..48fd88e1396 100644
--- a/dojo/notifications/urls.py
+++ b/dojo/notifications/urls.py
@@ -7,10 +7,8 @@
     re_path(r"^notifications/system$", views.SystemNotificationsView.as_view(), name="system_notifications"),
     re_path(r"^notifications/personal$", views.PersonalNotificationsView.as_view(), name="personal_notifications"),
     re_path(r"^notifications/template$", views.TemplateNotificationsView.as_view(), name="template_notifications"),
-    re_path(r'^notifications/webhooks$', views.notification_webhooks, name='notification_webhooks'),
-    re_path(r'^notifications/webhooks/add$', views.add_notification_webhook, name='add_notification_webhook'),
-    re_path(r'^notifications/webhooks/(?P<nwhid>\d+)/edit$', views.edit_notification_webhook, name='edit_notification_webhook'),
-    re_path(r'^notifications/webhooks/(?P<nwhid>\d+)/delete$', views.delete_notification_webhook, name='delete_notification_webhook'),
-    # re_path(r'^notifications/webhooks/(?P<nwhid>\d+)/activate$', views.activate_notification_webhook, name='activate_notification_webhook'), # TODO finish
-    # re_path(r'^notifications/webhooks/(?P<nwhid>\d+)/deactivate$', views.deactivate_notification_webhook, name='deactivate_notification_webhook'),
+    re_path(r'^notifications/webhooks$', views.ListNotificationWebhooksView.as_view(), name='notification_webhooks'),
+    re_path(r'^notifications/webhooks/add$', views.AddNotificationWebhooksView.as_view(), name='add_notification_webhook'),
+    re_path(r'^notifications/webhooks/(?P<nwhid>\d+)/edit$', views.EditNotificationWebhooksView.as_view(), name='edit_notification_webhook'),
+    re_path(r'^notifications/webhooks/(?P<nwhid>\d+)/delete$', views.DeleteNotificationWebhooksView.as_view(), name='delete_notification_webhook'),
 ]
diff --git a/dojo/notifications/views.py b/dojo/notifications/views.py
index 96b39d0322f..26d5d364983 100644
--- a/dojo/notifications/views.py
+++ b/dojo/notifications/views.py
@@ -9,7 +9,7 @@
 from django.utils.translation import gettext as _
 from django.views import View
 
-from dojo.authorization.authorization_decorators import user_is_configuration_authorized
+from dojo.authorization.authorization_decorators import user_has_configuration_permission
 from dojo.forms import DeleteNotificationsWebhookForm, NotificationsForm, NotificationsWebhookForm
 from dojo.models import Notification_Webhooks, Notifications
 from dojo.notifications.helper import test_webhooks_notification
@@ -135,75 +135,162 @@ def set_breadcrumbs(self, request: HttpRequest):
         return request
 
 
-@user_is_configuration_authorized('dojo.view_notification_webhooks')
-def notification_webhooks(request):
+class NotificationWebhooksView(View):
 
-    if not get_system_setting('enable_webhooks_notifications'):
-        raise Http404()
+    def check_webhooks_enabled(self):
+        if not get_system_setting('enable_webhooks_notifications'):
+            raise Http404()
 
-    nwhs = Notification_Webhooks.objects.all().order_by('name')
-    # name_words = initial_queryset.values_list('name', flat=True)
-    # ntl = NoteTypesFilter(request.GET, queryset=initial_queryset)
-    # nwhs = get_page_items(request, initial_queryset.qs, 25)
-    # TODO finished pagination
-    # TODO restrict base on user
-    add_breadcrumb(title="Notification Webhook List", top_level=True, request=request)
-    return render(request, 'dojo/view_notification_webhooks.html', {
-                    'name': 'Notification Webhook List',
-                    'metric': False,
-                    'user': request.user,
-                    'nwhs': nwhs,
-                    # 'ntl': ntl,
-                })
+    def check_user_permissions(self, request: HttpRequest):
+        if not user_has_configuration_permission(request.user, self.permission):
+            raise PermissionDenied()
+
+    def set_breadcrumbs(self, request: HttpRequest):
+        add_breadcrumb(title=self.breadcrumb, top_level=False, request=request)
+        return request
+
+    def get_form(
+        self,
+        request: HttpRequest,
+        **kwargs: dict,
+    ) -> NotificationsWebhookForm:
+        if request.method == "POST":
+            return NotificationsWebhookForm(request.POST, **kwargs)
+        else:
+            return NotificationsWebhookForm(**kwargs)
+
+    def get(self, request: HttpRequest):
+        # Check Webhook notifications are enabled
+        self.check_webhooks_enabled()
+        # Check permissions
+        self.check_user_permissions(request)
+
+
+class ListNotificationWebhooksView(NotificationWebhooksView):
+    template = "dojo/view_notification_webhooks.html"
+    permission = 'dojo.view_notification_webhooks'
+    breadcrumb = "Notification Webhook List"
+
+    def get_initial_context(self, request: HttpRequest, nwhs: Notification_Webhooks):
+        return {
+            'name': 'Notification Webhook List',
+            'metric': False,
+            'user': request.user,
+            'nwhs': nwhs,
+            # 'ntl': ntl,
+        }
 
+    def get_notification_webhooks(self, request: HttpRequest):
+        nwhs = Notification_Webhooks.objects.all().order_by('name')
+        # name_words = initial_queryset.values_list('name', flat=True)
+        # ntl = NoteTypesFilter(request.GET, queryset=initial_queryset)
+        # nwhs = get_page_items(request, initial_queryset.qs, 25)
+        # TODO finished pagination
+        # TODO restrict base on user
+        return nwhs
 
-@user_is_configuration_authorized('dojo.add_notification_webhook')
-def add_notification_webhook(request):
+    def get(self, request: HttpRequest):
+        # Run common checks
+        super().get(request)
+        # Get Notification Webhooks
+        nwhs = self.get_notification_webhooks(request)
+        # Set up the initial context
+        context = self.get_initial_context(request, nwhs)
+        # Add any breadcrumbs
+        request = self.set_breadcrumbs(request)
+        # Render the page
+        return render(request, self.template, context)
 
-    if not get_system_setting('enable_webhooks_notifications'):
-        raise Http404()
 
-    nwh_form = NotificationsWebhookForm()
-    if request.method == 'POST':
-        nwh_form = NotificationsWebhookForm(request.POST)
-        if nwh_form.is_valid():
+class AddNotificationWebhooksView(NotificationWebhooksView):
+    template = 'dojo/add_notification_webhook.html'
+    permission = 'dojo.add_notification_webhooks'
+    breadcrumb = "Add Notification Webhook"
+
+    # TODO Disable Owner if not superadmin
+
+    def get_initial_context(self, request: HttpRequest):
+        return {
+            'name': 'Add Notification Webhook',
+            'user': request.user,
+            'form': self.get_form(request),
+        }
+
+    def process_form(self, request: HttpRequest, context: dict):
+        form = context["form"]
+        if form.is_valid():
             try:
-                test_webhooks_notification(nwh_form.instance)
+                test_webhooks_notification(form.instance)
             except requests.exceptions.RequestException as e:
                 messages.add_message(
                     request,
                     messages.ERROR,
-                    f'Test of endpoint was not sucessful: {e}',
-                    extra_tags='alert-danger')
+                    _('Test of endpoint was not successful: %(error)s') % {'error': str(e)},
+                    extra_tags='alert-danger',
+                )
+                return request, False
             else:
-                nwh_form.instance.status = Notification_Webhooks.STATUS_ACTIVE
-                nwh_form.save()
+                # User can put here what ever he want, these are only valid defaults
+                nwh = form.save(commit=False)
+                nwh.status = Notification_Webhooks.STATUS_ACTIVE
+                nwh.first_error = None
+                nwh.last_error = None
+                nwh.save()
                 messages.add_message(
                     request,
                     messages.SUCCESS,
-                    'Notification Webhook added successfully.',
+                    _('Notification Webhook added successfully.'),
                     extra_tags="alert-success",
                 )
-                return HttpResponseRedirect(reverse("notification_webhooks"))
-    # TODO Disable Owner if not superadmin
-    add_breadcrumb(title="Add Notication Webhook", top_level=False, request=request)
-    return render(request, 'dojo/add_notification_webhook.html', {
-        'name': 'Add Notification Webhook',
-        'user': request.user,
-        'form': nwh_form,
-    })
+                return request, True
+        return request, False
+
+    def get(self, request: HttpRequest):
+        # Run common checks
+        super().get(request)
+        # Set up the initial context
+        context = self.get_initial_context(request)
+        # Add any breadcrumbs
+        request = self.set_breadcrumbs(request)
+        # Render the page
+        return render(request, self.template, context)
+
+    def post(self, request: HttpRequest):
+        # POST needs to pass same common checks as GET
+        super().get(request)
+        # Set up the initial context
+        context = self.get_initial_context(request)
+        # Determine the validity of the form
+        request, success = self.process_form(request, context)
+        if success:
+            return HttpResponseRedirect(reverse("notification_webhooks"))
+        # Add any breadcrumbs
+        request = self.set_breadcrumbs(request)
+        # Render the page
+        return render(request, self.template, context)
 
 
-@user_is_configuration_authorized('dojo.change_notification_webhook')
-# TODO this could be better: @user_is_authorized(Finding, Permissions.Finding_Delete, 'fid')
-def edit_notification_webhook(request, nwhid):
+class EditNotificationWebhooksView(NotificationWebhooksView):
+    template = 'dojo/edit_notification_webhook.html'
+    permission = 'dojo.change_notification_webhooks'
+    # TODO this could be better: @user_is_authorized(Finding, Permissions.Finding_Delete, 'fid')
+    breadcrumb = "Edit Notification Webhook"
 
-    if not get_system_setting('enable_webhooks_notifications'):
-        raise Http404()
+    def get_notification_webhook(self, nwhid: int):
+        return get_object_or_404(Notification_Webhooks, id=nwhid)
 
-    nwh = get_object_or_404(Notification_Webhooks, pk=nwhid)
-    nwh_form = NotificationsWebhookForm(instance=nwh, is_superuser=request.user.is_superuser)
-    if request.method == "POST":
+    # TODO Disable Owner if not superadmin
+
+    def get_initial_context(self, request: HttpRequest, nwh: Notification_Webhooks):
+        return {
+            'name': 'Edit Notification Webhook',
+            'user': request.user,
+            'form': self.get_form(request, instance=nwh),
+            'nwh': nwh
+        }
+
+    def process_form(self, request: HttpRequest, nwh: Notification_Webhooks, context: dict):
+        form = context["form"]
         if 'deactivate_webhook' in request.POST:  # TODO add this to API as well
             nwh.status = Notification_Webhooks.STATUS_INACTIVE_MANUAL
             nwh.first_error = None
@@ -212,68 +299,126 @@ def edit_notification_webhook(request, nwhid):
             messages.add_message(
                                     request,
                                     messages.SUCCESS,
-                                    'Notification Webhook deactivated successfully.',
+                                    _('Notification Webhook deactivated successfully.'),
                                     extra_tags="alert-success",
                                 )
+            return request, True
+
+        if form.is_valid():
+            try:
+                test_webhooks_notification(form.instance)
+            except requests.exceptions.RequestException as e:
+                messages.add_message(
+                    request,
+                    messages.ERROR,
+                    _('Test of endpoint was not successful: %(error)s') % {'error': str(e)},
+                    extra_tags='alert-danger')
+                return request, False
+            else:
+                # correct definition reset defaults
+                nwh = form.save(commit=False)
+                nwh.status = Notification_Webhooks.STATUS_ACTIVE
+                nwh.first_error = None
+                nwh.last_error = None
+                nwh.save()
+                messages.add_message(
+                    request,
+                    messages.SUCCESS,
+                    _('Notification Webhook updated successfully.'),
+                    extra_tags="alert-success",
+                )
+                return request, True
+        return request, False
+
+    def get(self, request: HttpRequest, nwhid: int):
+        # Run common checks
+        super().get(request)
+        nwh = self.get_notification_webhook(nwhid)
+        # Set up the initial context
+        context = self.get_initial_context(request, nwh)
+        # Add any breadcrumbs
+        request = self.set_breadcrumbs(request)
+        # Render the page
+        return render(request, self.template, context)
+
+    def post(self, request: HttpRequest, nwhid: int):
+        # POST needs to pass same common checks as GET
+        super().get(request)
+        nwh = self.get_notification_webhook(nwhid)
+        # Set up the initial context
+        context = self.get_initial_context(request, nwh)
+        # Determine the validity of the form
+        request, success = self.process_form(request, nwh, context)
+        if success:
             return HttpResponseRedirect(reverse("notification_webhooks"))
+        # Add any breadcrumbs
+        request = self.set_breadcrumbs(request)
+        # Render the page
+        return render(request, self.template, context)
+
+
+class DeleteNotificationWebhooksView(NotificationWebhooksView):
+    template = 'dojo/delete_notification_webhook.html'
+    permission = 'dojo.delete_notification_webhooks'
+    # TODO this could be better: @user_is_authorized(Finding, Permissions.Finding_Delete, 'fid')
+    breadcrumb = "Edit Notification Webhook"
+
+    def get_notification_webhook(self, nwhid: int):
+        return get_object_or_404(Notification_Webhooks, id=nwhid)
+
+    # TODO Disable Owner if not superadmin
+
+    def get_form(
+        self,
+        request: HttpRequest,
+        **kwargs: dict,
+    ) -> NotificationsWebhookForm:
+        if request.method == "POST":
+            return DeleteNotificationsWebhookForm(request.POST, **kwargs)
         else:
-            nwh_form = NotificationsWebhookForm(request.POST, instance=nwh)
-            if nwh_form.is_valid():
-                try:
-                    test_webhooks_notification(nwh_form.instance)
-                except requests.exceptions.RequestException as e:
-                    messages.add_message(
-                        request,
-                        messages.ERROR,
-                        f'Test of endpoint was not sucessful: {e}',
-                        extra_tags='alert-danger')
-                else:
-                    nwh_form.instance.status = Notification_Webhooks.STATUS_ACTIVE
-                    nwh = nwh_form.save()
-                    messages.add_message(
-                        request,
-                        messages.SUCCESS,
-                        'Notification Webhook updated successfully.',
-                        extra_tags="alert-success",
-                    )
-                    return HttpResponseRedirect(reverse("notification_webhooks"))
-    add_breadcrumb(title="Edit Notication Webhook", top_level=False, request=request)
-    return render(request, 'dojo/edit_notification_webhook.html', {
-        'name': 'Edit Notication Webhook',
-        'user': request.user,
-        'form': nwh_form,
-        'nwh': nwh})
-
-
-@user_is_configuration_authorized('dojo.delete_notification_webhook')
-def delete_notification_webhook(request, nwhid):
-
-    if not get_system_setting('enable_webhooks_notifications'):
-        raise Http404()
-
-    nwh = get_object_or_404(Notification_Webhooks, id=nwhid)
-    form = DeleteNotificationsWebhookForm(instance=nwh)
-
-    if request.method == 'POST':
-        form = DeleteNotificationsWebhookForm(request.POST, instance=nwh)
+            return DeleteNotificationsWebhookForm(**kwargs)
+
+    def get_initial_context(self, request: HttpRequest, nwh: Notification_Webhooks):
+        return {
+            'form': self.get_form(request, instance=nwh),
+            'nwh': nwh
+        }
+
+    def process_form(self, request: HttpRequest, nwh: Notification_Webhooks, context: dict):
+        form = context["form"]
         if form.is_valid():
             nwh.delete()
             messages.add_message(
                 request,
                 messages.SUCCESS,
-                'Notification Webhook deleted successfully.',
-                extra_tags='alert-success')
+                _('Notification Webhook deleted successfully.'),
+                extra_tags="alert-success",
+            )
+            return request, True
+        return request, False
+
+    def get(self, request: HttpRequest, nwhid: int):
+        # Run common checks
+        super().get(request)
+        nwh = self.get_notification_webhook(nwhid)
+        # Set up the initial context
+        context = self.get_initial_context(request, nwh)
+        # Add any breadcrumbs
+        request = self.set_breadcrumbs(request)
+        # Render the page
+        return render(request, self.template, context)
+
+    def post(self, request: HttpRequest, nwhid: int):
+        # POST needs to pass same common checks as GET
+        super().get(request)
+        nwh = self.get_notification_webhook(nwhid)
+        # Set up the initial context
+        context = self.get_initial_context(request, nwh)
+        # Determine the validity of the form
+        request, success = self.process_form(request, nwh, context)
+        if success:
             return HttpResponseRedirect(reverse("notification_webhooks"))
-        else:
-            messages.add_message(
-                request,
-                messages.ERROR,
-                'Unable to delete Notification Webhook, please try again.',
-                extra_tags='alert-danger')
-
-    return render(request, 'dojo/delete_notification_webhook.html',
-                    {
-                        'form': form,
-                        'nwh': nwh,
-                    }
-                  )
+        # Add any breadcrumbs
+        request = self.set_breadcrumbs(request)
+        # Render the page
+        return render(request, self.template, context)

From 6095fb2f94b0d9abf44d68a799fe491882aa1fb8 Mon Sep 17 00:00:00 2001
From: kiblik <5609770+kiblik@users.noreply.github.com>
Date: Wed, 5 Jun 2024 12:16:31 +0200
Subject: [PATCH 28/63] Fix nones, more verbose "missing template"

---
 dojo/notifications/helper.py                  | 120 +++++++++---------
 .../notifications/webhooks/other.tpl          |   4 +-
 .../notifications/webhooks/scan_added.tpl     |   7 +
 3 files changed, 71 insertions(+), 60 deletions(-)
 create mode 100644 dojo/templates/notifications/webhooks/scan_added.tpl

diff --git a/dojo/notifications/helper.py b/dojo/notifications/helper.py
index 3143486a28d..46c661b76b1 100644
--- a/dojo/notifications/helper.py
+++ b/dojo/notifications/helper.py
@@ -155,8 +155,8 @@ def create_notification_message(event, user, notification_type, *args, **kwargs)
     try:
         notification_message = render_to_string(template, kwargs)
         logger.debug("Rendering from the template %s", template)
-    except TemplateDoesNotExist:
-        logger.debug("template not found or not implemented yet: %s", template)
+    except TemplateDoesNotExist as e:
+        logger.debug(f'template not found or not implemented yet: {template} (specifically: {e.args})')
     except Exception as e:
         logger.error("error during rendering of template %s exception is %s", template, e)
     finally:
@@ -383,7 +383,7 @@ def webhooks_notification_request(endpoint, event, *args, **kwargs):
 
 
 def test_webhooks_notification(endpoint):
-    res = webhooks_notification_request(endpoint, 'ping', {"description": "Test webhook notification"})
+    res = webhooks_notification_request(endpoint, 'ping', description="Test webhook notification")
     res.raise_for_status()
     # in "send_webhooks_notification", we are doing deeper analysis, why it failed
     # for now, "raise_for_status" should be enough
@@ -394,62 +394,66 @@ def test_webhooks_notification(endpoint):
 def send_webhooks_notification(event, user=None, *args, **kwargs):
     # TODO check sending notifications (in general) to inactive users
     for endpoint in Notification_Webhooks.objects.filter(owner=user):
-        if endpoint.status.startswith(Notification_Webhooks._STATUS_ACTIVE):
-            try:
-                if endpoint.url is not None:
-                    logger.debug(f"Sending webhook message to endpoint {endpoint.name}")
-                    res = webhooks_notification_request(endpoint, event, *args, **kwargs)
-                    if res.status_code in [200, 201]:
-                        logger.debug(f"Message sent to endpoint {endpoint.name} sucessfully.")
-                    else:
-                        now = get_current_datetime()
-
-                        # There is no reason to keep endpoint active if it is returning 4xx errors
-                        if 400 <= res.status_code < 500:
-                            endpoint.status = Notification_Webhooks.STATUS_INACTIVE_400
-                            endpoint.first_error = now
-
-                        # 5xx is also not OK
-                        elif 500 <= res.status_code < 600:
-                            # If there is only temporary outage (we detected 5xx first time or it was before more then one hour), we can keep endpoint active (but marked)
-
-                            # First detection
-                            if endpoint.last_error is None or (now - endpoint.last_error).minutes > 60:
-                                endpoint.status = Notification_Webhooks.STATUS_ACTIVE_500
-                                endpoint.first_error = now  # Yes, if last fail happen before more then hour, we are considering it as a new error
-
-                            # Repleated detection
-                            else:
-
-                                # Error is repeating over more then hour
-                                if (now - endpoint.first_error).minutes > 60:
-                                    endpoint.status = Notification_Webhooks.STATUS_INACTIVE_500
-
-                                # This situation shouldn't happen - only if somebody was cleaning status and didn't clean first/last_error
-                                # But we should handle it
-                                else:
-                                    endpoint.status = Notification_Webhooks.STATUS_ACTIVE_500
-                                    endpoint.first_error = now
-
-                        # Well, we really accepts only 200 and 201
-                        else:
-                            endpoint.status = Notification_Webhooks.STATUS_INACTIVE_OTHERS
-                            endpoint.first_error = now
-
-                        endpoint.last_error = now
-                        endpoint.save()
-
-                        logger.error("Error when sending message to Webhooks")
-                        logger.error(res.status_code)
-                        logger.error(res.text)
-                        raise RuntimeError('Error posting message to Webhooks: ' + res.text)
-                else:
-                    logger.info(f"URL for Webhook {endpoint.name} not configured: skipping system notification")
-            except Exception as e:
-                logger.exception(e)
-                log_alert(e, "Webhooks Notification", title=kwargs['title'], description=str(e), url=kwargs['url'])
-        else:
+        if not endpoint.status.startswith(Notification_Webhooks._STATUS_ACTIVE):
             logger.info(f"URL for Webhook '{endpoint.name}' is not active: {endpoint.get_status_display()} ({endpoint.status})")
+            continue
+
+        if endpoint.url is None:
+            logger.info(f"URL for Webhook {endpoint.name} not configured: skipping system notification")
+            continue
+
+        try:
+            logger.debug(f"Sending webhook message to endpoint {endpoint.name}")
+            res = webhooks_notification_request(endpoint, event, *args, **kwargs)
+
+            if res.status_code in [200, 201]:
+                logger.debug(f"Message sent to endpoint {endpoint.name} sucessfully.")
+                continue
+
+            now = get_current_datetime()
+
+            # There is no reason to keep endpoint active if it is returning 4xx errors
+            if 400 <= res.status_code < 500:
+                endpoint.status = Notification_Webhooks.STATUS_INACTIVE_400
+                endpoint.first_error = now
+
+            # 5xx is also not OK
+            elif 500 <= res.status_code < 600:
+                # If there is only temporary outage (we detected 5xx first time or it was before more then one hour), we can keep endpoint active (but marked)
+
+                # First detection
+                if endpoint.last_error is None or (now - endpoint.last_error).minutes > 60:
+                    endpoint.status = Notification_Webhooks.STATUS_ACTIVE_500
+                    endpoint.first_error = now  # Yes, if last fail happen before more then hour, we are considering it as a new error
+
+                # Repleated detection
+                else:
+                    # Error is repeating over more then hour
+                    if (now - endpoint.first_error).minutes > 60:
+                        endpoint.status = Notification_Webhooks.STATUS_INACTIVE_500
+
+                    # This situation shouldn't happen - only if somebody was cleaning status and didn't clean first/last_error
+                    # But we should handle it
+                    else:
+                        endpoint.status = Notification_Webhooks.STATUS_ACTIVE_500
+                        endpoint.first_error = now
+
+            # Well, we really accepts only 200 and 201
+            else:
+                endpoint.status = Notification_Webhooks.STATUS_INACTIVE_OTHERS
+                endpoint.first_error = now
+
+            endpoint.last_error = now
+            endpoint.save()
+
+            # TODO remove this
+            logger.error("Error when sending message to Webhooks")
+            logger.error(res.status_code)
+            logger.error(res.text)
+            raise RuntimeError('Error posting message to Webhooks: ' + res.text)
+        except Exception as e:
+            logger.exception(e)
+            log_alert(e, "Webhooks Notification", title=kwargs['title'], description=str(e), url=kwargs['url'])
     else:
         if user:
             logger.info(f"URLs for Webhooks not configured for user '{user}': skipping user notification")
diff --git a/dojo/templates/notifications/webhooks/other.tpl b/dojo/templates/notifications/webhooks/other.tpl
index a10e054f61e..8640bdd5170 100644
--- a/dojo/templates/notifications/webhooks/other.tpl
+++ b/dojo/templates/notifications/webhooks/other.tpl
@@ -1,3 +1,3 @@
 ---
-description: {{ description }}
-user: {{ user }}
\ No newline at end of file
+description: {{ description | default_if_none:'' }}
+user: {{ user | default_if_none:'' }}
\ No newline at end of file
diff --git a/dojo/templates/notifications/webhooks/scan_added.tpl b/dojo/templates/notifications/webhooks/scan_added.tpl
new file mode 100644
index 00000000000..ba3c4acc8a3
--- /dev/null
+++ b/dojo/templates/notifications/webhooks/scan_added.tpl
@@ -0,0 +1,7 @@
+{% load display_tags %}
+{% include 'notifications/webhooks/other.tpl' %}
+test: {{ test }}
+url: {{ url|full_url }}    
+{% if system_settings.disclaimer and system_settings.disclaimer.strip %}
+disclaimer:  {{ system_settings.disclaimer }}
+{% endif %}

From 3ee409e20c76d98ecc74d925a4b7099b8b72eee9 Mon Sep 17 00:00:00 2001
From: kiblik <5609770+kiblik@users.noreply.github.com>
Date: Fri, 14 Jun 2024 20:19:21 +0200
Subject: [PATCH 29/63] Prepare templates

---
 .../webhooks/engagement_added.tpl             |  2 ++
 .../notifications/webhooks/other.tpl          |  4 +---
 .../notifications/webhooks/product_added.tpl  |  2 ++
 .../webhooks/product_type_added.tpl           |  2 ++
 .../notifications/webhooks/scan_added.tpl     | 19 ++++++++++++-------
 .../webhooks/scan_added_empty.tpl             |  1 +
 .../webhooks/subtemplates/base.tpl            | 10 ++++++++++
 .../webhooks/subtemplates/engagement.tpl      |  7 +++++++
 .../webhooks/subtemplates/findings_list.tpl   |  8 ++++++++
 .../webhooks/subtemplates/product.tpl         |  7 +++++++
 .../webhooks/subtemplates/product_type.tpl    |  2 ++
 .../webhooks/subtemplates/test.tpl            |  7 +++++++
 .../notifications/webhooks/test_added.tpl     |  2 ++
 13 files changed, 63 insertions(+), 10 deletions(-)
 create mode 100644 dojo/templates/notifications/webhooks/engagement_added.tpl
 create mode 100644 dojo/templates/notifications/webhooks/product_added.tpl
 create mode 100644 dojo/templates/notifications/webhooks/product_type_added.tpl
 create mode 120000 dojo/templates/notifications/webhooks/scan_added_empty.tpl
 create mode 100644 dojo/templates/notifications/webhooks/subtemplates/base.tpl
 create mode 100644 dojo/templates/notifications/webhooks/subtemplates/engagement.tpl
 create mode 100644 dojo/templates/notifications/webhooks/subtemplates/findings_list.tpl
 create mode 100644 dojo/templates/notifications/webhooks/subtemplates/product.tpl
 create mode 100644 dojo/templates/notifications/webhooks/subtemplates/product_type.tpl
 create mode 100644 dojo/templates/notifications/webhooks/subtemplates/test.tpl
 create mode 100644 dojo/templates/notifications/webhooks/test_added.tpl

diff --git a/dojo/templates/notifications/webhooks/engagement_added.tpl b/dojo/templates/notifications/webhooks/engagement_added.tpl
new file mode 100644
index 00000000000..a8110965e35
--- /dev/null
+++ b/dojo/templates/notifications/webhooks/engagement_added.tpl
@@ -0,0 +1,2 @@
+{% include 'notifications/webhooks/subtemplates/base.tpl' %}
+{% include 'notifications/webhooks/subtemplates/engagement.tpl' %}
diff --git a/dojo/templates/notifications/webhooks/other.tpl b/dojo/templates/notifications/webhooks/other.tpl
index 8640bdd5170..40947ead3a8 100644
--- a/dojo/templates/notifications/webhooks/other.tpl
+++ b/dojo/templates/notifications/webhooks/other.tpl
@@ -1,3 +1 @@
----
-description: {{ description | default_if_none:'' }}
-user: {{ user | default_if_none:'' }}
\ No newline at end of file
+{% include 'notifications/webhooks/subtemplates/base.tpl' %}
diff --git a/dojo/templates/notifications/webhooks/product_added.tpl b/dojo/templates/notifications/webhooks/product_added.tpl
new file mode 100644
index 00000000000..f2994c18756
--- /dev/null
+++ b/dojo/templates/notifications/webhooks/product_added.tpl
@@ -0,0 +1,2 @@
+{% include 'notifications/webhooks/subtemplates/base.tpl' %}
+{% include 'notifications/webhooks/subtemplates/product.tpl' %}
diff --git a/dojo/templates/notifications/webhooks/product_type_added.tpl b/dojo/templates/notifications/webhooks/product_type_added.tpl
new file mode 100644
index 00000000000..d0790400ad6
--- /dev/null
+++ b/dojo/templates/notifications/webhooks/product_type_added.tpl
@@ -0,0 +1,2 @@
+{% include 'notifications/webhooks/subtemplates/base.tpl' %}
+{% include 'notifications/webhooks/subtemplates/product_type.tpl' %}
diff --git a/dojo/templates/notifications/webhooks/scan_added.tpl b/dojo/templates/notifications/webhooks/scan_added.tpl
index ba3c4acc8a3..b42096bfba2 100644
--- a/dojo/templates/notifications/webhooks/scan_added.tpl
+++ b/dojo/templates/notifications/webhooks/scan_added.tpl
@@ -1,7 +1,12 @@
-{% load display_tags %}
-{% include 'notifications/webhooks/other.tpl' %}
-test: {{ test }}
-url: {{ url|full_url }}    
-{% if system_settings.disclaimer and system_settings.disclaimer.strip %}
-disclaimer:  {{ system_settings.disclaimer }}
-{% endif %}
+{% include 'notifications/webhooks/subtemplates/base.tpl' %}
+{% include 'notifications/webhooks/subtemplates/test.tpl' %}
+finding_count: {{ finding_count }}
+findings:
+  new: 
+{% include 'notifications/webhooks/subtemplates/findings_list.tpl' with findings=findings_new %}
+  reactivated: 
+{% include 'notifications/webhooks/subtemplates/findings_list.tpl' with findings=findings_reactivated %}
+  mitigated: 
+{% include 'notifications/webhooks/subtemplates/findings_list.tpl' with findings=findings_mitigated %}
+  untouched: 
+{% include 'notifications/webhooks/subtemplates/findings_list.tpl' with findings=findings_untouched %}
diff --git a/dojo/templates/notifications/webhooks/scan_added_empty.tpl b/dojo/templates/notifications/webhooks/scan_added_empty.tpl
new file mode 120000
index 00000000000..4efb291e005
--- /dev/null
+++ b/dojo/templates/notifications/webhooks/scan_added_empty.tpl
@@ -0,0 +1 @@
+scan_added.tpl
\ No newline at end of file
diff --git a/dojo/templates/notifications/webhooks/subtemplates/base.tpl b/dojo/templates/notifications/webhooks/subtemplates/base.tpl
new file mode 100644
index 00000000000..efea85f87a9
--- /dev/null
+++ b/dojo/templates/notifications/webhooks/subtemplates/base.tpl
@@ -0,0 +1,10 @@
+{% load display_tags %}
+---
+description: {{ description | default_if_none:'' }}  # TODO add "quote or none" - to all strings
+user: {{ user | default_if_none:'' }}
+{% if url %}
+url:  {{ url|full_url }}
+{% endif %}
+{% if system_settings.disclaimer and system_settings.disclaimer.strip %}
+disclaimer:  {{ system_settings.disclaimer }}
+{% endif %}
diff --git a/dojo/templates/notifications/webhooks/subtemplates/engagement.tpl b/dojo/templates/notifications/webhooks/subtemplates/engagement.tpl
new file mode 100644
index 00000000000..3e25c96c313
--- /dev/null
+++ b/dojo/templates/notifications/webhooks/subtemplates/engagement.tpl
@@ -0,0 +1,7 @@
+{% if product %}
+{% include 'notifications/webhooks/subtemplates/product.tpl' with product=product %}
+{% else %}
+{% include 'notifications/webhooks/subtemplates/product.tpl' with product=engagement.product %}
+{% endif %}
+engagement: {{ engagement.name }}
+engagement_id: {{ engagement.pk }}
diff --git a/dojo/templates/notifications/webhooks/subtemplates/findings_list.tpl b/dojo/templates/notifications/webhooks/subtemplates/findings_list.tpl
new file mode 100644
index 00000000000..0680d01f312
--- /dev/null
+++ b/dojo/templates/notifications/webhooks/subtemplates/findings_list.tpl
@@ -0,0 +1,8 @@
+{% load display_tags %}
+{% for finding in findings %}
+{% url 'view_finding' finding.id as finding_url %}
+    - id: {{ finding.pk }}
+      title: {{ finding.title }}
+      severity: {{ finding.severity }}
+      url: {{ finding_url|full_url }}
+{% endfor %}
diff --git a/dojo/templates/notifications/webhooks/subtemplates/product.tpl b/dojo/templates/notifications/webhooks/subtemplates/product.tpl
new file mode 100644
index 00000000000..56f5ad3e542
--- /dev/null
+++ b/dojo/templates/notifications/webhooks/subtemplates/product.tpl
@@ -0,0 +1,7 @@
+{% if product_type %}
+{% include 'notifications/webhooks/subtemplates/product_type.tpl' with product_type=product_type %}
+{% else %}
+{% include 'notifications/webhooks/subtemplates/product_type.tpl' with product_type=product.prod_type %}
+{% endif %}
+product: {{ product.name }}
+product_id: {{ product.pk }}
diff --git a/dojo/templates/notifications/webhooks/subtemplates/product_type.tpl b/dojo/templates/notifications/webhooks/subtemplates/product_type.tpl
new file mode 100644
index 00000000000..77b8d0744ba
--- /dev/null
+++ b/dojo/templates/notifications/webhooks/subtemplates/product_type.tpl
@@ -0,0 +1,2 @@
+product_type: {{ product_type.name }}
+product_type_id: {{ product_type.pk }}
diff --git a/dojo/templates/notifications/webhooks/subtemplates/test.tpl b/dojo/templates/notifications/webhooks/subtemplates/test.tpl
new file mode 100644
index 00000000000..77d999a3803
--- /dev/null
+++ b/dojo/templates/notifications/webhooks/subtemplates/test.tpl
@@ -0,0 +1,7 @@
+{% if engagement %}
+{% include 'notifications/webhooks/subtemplates/engagement.tpl' with engagement=engagement %}
+{% else %}
+{% include 'notifications/webhooks/subtemplates/engagement.tpl' with engagement=test.engagement %}
+{% endif %}
+test: {{ test.title }}
+test_id: {{ test.pk }}
diff --git a/dojo/templates/notifications/webhooks/test_added.tpl b/dojo/templates/notifications/webhooks/test_added.tpl
new file mode 100644
index 00000000000..a1b719b6d33
--- /dev/null
+++ b/dojo/templates/notifications/webhooks/test_added.tpl
@@ -0,0 +1,2 @@
+{% include 'notifications/webhooks/subtemplates/base.tpl' %}
+{% include 'notifications/webhooks/subtemplates/test.tpl' %}

From 1bf75ff7cfa8b8994f06e5327fe2fc39ac476785 Mon Sep 17 00:00:00 2001
From: kiblik <5609770+kiblik@users.noreply.github.com>
Date: Fri, 14 Jun 2024 20:19:31 +0200
Subject: [PATCH 30/63] Usable by admins only

---
 dojo/api_v2/serializers.py       | 5 -----
 dojo/api_v2/views.py             | 4 ++--
 dojo/notifications/helper.py     | 5 ++---
 dojo/notifications/views.py      | 8 +++++---
 unittests/test_notifications.py  | 1 +
 unittests/test_rest_framework.py | 1 +
 6 files changed, 11 insertions(+), 13 deletions(-)

diff --git a/dojo/api_v2/serializers.py b/dojo/api_v2/serializers.py
index 25161075a5d..dc8acb40285 100644
--- a/dojo/api_v2/serializers.py
+++ b/dojo/api_v2/serializers.py
@@ -3179,8 +3179,3 @@ class NotificationWebhooksSerializer(serializers.ModelSerializer):
     class Meta:
         model = Notification_Webhooks
         fields = "__all__"
-
-    def __init__(self, *args, **kwargs):
-        # if not get_system_setting('enable_webhooks_notifications'):
-        #     raise Http404()  # TODO maybe not 404 but other 4xx, not in init but on request
-        super().__init__(*args, **kwargs)
diff --git a/dojo/api_v2/views.py b/dojo/api_v2/views.py
index fe0872dfee5..8a76122031b 100644
--- a/dojo/api_v2/views.py
+++ b/dojo/api_v2/views.py
@@ -3343,5 +3343,5 @@ class NotificationWebhooksViewset(
     serializer_class = serializers.NotificationWebhooksSerializer
     queryset = Notification_Webhooks.objects.all()
     filter_backends = (DjangoFilterBackend,)
-    filterset_fields = ('__all__')
-    permission_classes = (IsAuthenticated, DjangoModelPermissions)  # TODO
+    filterset_fields = "__all__"
+    permission_classes = (permissions.IsSuperUser, DjangoModelPermissions)  # TODO add permission also for other users
diff --git a/dojo/notifications/helper.py b/dojo/notifications/helper.py
index 46c661b76b1..b7a19dc7d17 100644
--- a/dojo/notifications/helper.py
+++ b/dojo/notifications/helper.py
@@ -1,6 +1,6 @@
-import json
 import logging
 import pprint
+
 import requests
 import yaml
 from django.conf import settings
@@ -377,7 +377,7 @@ def webhooks_notification_request(endpoint, event, *args, **kwargs):
         headers=headers,
         json=data,
     )
-    logger.debug(f"Webhook notification response:")
+    logger.debug("Webhook notification response:")
     logger.debug(pprint.pformat(res.json()))
     return res
 
@@ -487,7 +487,6 @@ def send_alert_notification(event, user=None, *args, **kwargs):
 
 
 def get_slack_user_id(user_email):
-    import json
 
     from dojo.utils import get_system_setting
 
diff --git a/dojo/notifications/views.py b/dojo/notifications/views.py
index 26d5d364983..279a90d5260 100644
--- a/dojo/notifications/views.py
+++ b/dojo/notifications/views.py
@@ -9,7 +9,6 @@
 from django.utils.translation import gettext as _
 from django.views import View
 
-from dojo.authorization.authorization_decorators import user_has_configuration_permission
 from dojo.forms import DeleteNotificationsWebhookForm, NotificationsForm, NotificationsWebhookForm
 from dojo.models import Notification_Webhooks, Notifications
 from dojo.notifications.helper import test_webhooks_notification
@@ -142,8 +141,11 @@ def check_webhooks_enabled(self):
             raise Http404()
 
     def check_user_permissions(self, request: HttpRequest):
-        if not user_has_configuration_permission(request.user, self.permission):
+        if not request.user.is_superuser:
             raise PermissionDenied()
+        # TODO finished access for other users
+        # if not user_has_configuration_permission(request.user, self.permission):
+        #     raise PermissionDenied()
 
     def set_breadcrumbs(self, request: HttpRequest):
         add_breadcrumb(title=self.breadcrumb, top_level=False, request=request)
@@ -186,7 +188,7 @@ def get_notification_webhooks(self, request: HttpRequest):
         # ntl = NoteTypesFilter(request.GET, queryset=initial_queryset)
         # nwhs = get_page_items(request, initial_queryset.qs, 25)
         # TODO finished pagination
-        # TODO restrict base on user
+        # TODO restrict based on user
         return nwhs
 
     def get(self, request: HttpRequest):
diff --git a/unittests/test_notifications.py b/unittests/test_notifications.py
index 02dcb31494b..4942ac5c7b0 100644
--- a/unittests/test_notifications.py
+++ b/unittests/test_notifications.py
@@ -7,6 +7,7 @@
 from rest_framework.authtoken.models import Token
 from rest_framework.test import APIClient, APITestCase
 
+# TODO add webHook notifications here
 from dojo.models import (
     DEFAULT_NOTIFICATION,
     Alerts,
diff --git a/unittests/test_rest_framework.py b/unittests/test_rest_framework.py
index aa9318ba8f6..880b62d3e5a 100644
--- a/unittests/test_rest_framework.py
+++ b/unittests/test_rest_framework.py
@@ -53,6 +53,7 @@
     NotesViewSet,
     NoteTypeViewSet,
     NotificationsViewSet,
+    # TODO add Webhook notification tests here
     ProductAPIScanConfigurationViewSet,
     ProductGroupViewSet,
     ProductMemberViewSet,

From 3b32e2c14eeb56bef4ac17408f5c05acf3c2251d Mon Sep 17 00:00:00 2001
From: kiblik <5609770+kiblik@users.noreply.github.com>
Date: Sat, 15 Jun 2024 11:37:50 +0200
Subject: [PATCH 31/63] API tests

---
 dojo/api_v2/views.py             |  2 +-
 dojo/fixtures/dojo_testdata.json | 14 ++++++++++++++
 dojo/urls.py                     |  4 ++--
 unittests/test_rest_framework.py | 24 +++++++++++++++++++++++-
 4 files changed, 40 insertions(+), 4 deletions(-)

diff --git a/dojo/api_v2/views.py b/dojo/api_v2/views.py
index 8a76122031b..6e106f7a1b0 100644
--- a/dojo/api_v2/views.py
+++ b/dojo/api_v2/views.py
@@ -3335,7 +3335,7 @@ def get_queryset(self):
         return Announcement.objects.all().order_by("id")
 
 
-class NotificationWebhooksViewset(
+class NotificationWebhooksViewSet(
     prefetch.PrefetchListMixin,
     prefetch.PrefetchRetrieveMixin,
     DojoModelViewSet
diff --git a/dojo/fixtures/dojo_testdata.json b/dojo/fixtures/dojo_testdata.json
index 62486cb90cf..0be4d134151 100644
--- a/dojo/fixtures/dojo_testdata.json
+++ b/dojo/fixtures/dojo_testdata.json
@@ -3045,5 +3045,19 @@
       "dismissable": true,
       "style": "danger"
     }
+  },
+  {
+    "model": "dojo.notification_webhooks",
+    "pk": 1,
+    "fields": {
+      "name": "My webhook endpoint",
+      "url": "http://webhook.endpoint:8080/post",
+      "header_name": "Auth",
+      "header_value": "Token xxx",
+      "status": "active",
+      "first_error": null,
+      "last_error": null,
+      "owner": null
+    }
   }
 ]
\ No newline at end of file
diff --git a/dojo/urls.py b/dojo/urls.py
index 8981d16b859..a25864b6482 100644
--- a/dojo/urls.py
+++ b/dojo/urls.py
@@ -40,7 +40,7 @@
     NotesViewSet,
     NoteTypeViewSet,
     NotificationsViewSet,
-    NotificationWebhooksViewset,
+    NotificationWebhooksViewSet,
     ProductAPIScanConfigurationViewSet,
     ProductGroupViewSet,
     ProductMemberViewSet,
@@ -146,6 +146,7 @@
 v2_api.register(r"notes", NotesViewSet, basename="notes")
 v2_api.register(r"note_type", NoteTypeViewSet, basename="note_type")
 v2_api.register(r"notifications", NotificationsViewSet, basename="notifications")
+v2_api.register(r'notification_webhooks', NotificationWebhooksViewSet)
 v2_api.register(r"products", ProductViewSet, basename="product")
 v2_api.register(r"product_api_scan_configurations", ProductAPIScanConfigurationViewSet, basename="product_api_scan_configuration")
 v2_api.register(r"product_groups", ProductGroupViewSet, basename="product_group")
@@ -171,7 +172,6 @@
 v2_api.register(r"tool_types", ToolTypesViewSet, basename="tool_type")
 v2_api.register(r"users", UsersViewSet, basename="user")
 v2_api.register(r"user_contact_infos", UserContactInfoViewSet, basename="usercontactinfo")
-v2_api.register(r'notification_webhooks', NotificationWebhooksViewset)
 v2_api.register(r"questionnaire_answers", QuestionnaireAnswerViewSet, basename="answer")
 v2_api.register(r"questionnaire_answered_questionnaires", QuestionnaireAnsweredSurveyViewSet, basename="answered_survey")
 v2_api.register(r"questionnaire_engagement_questionnaires", QuestionnaireEngagementSurveyViewSet, basename="engagement_survey")
diff --git a/unittests/test_rest_framework.py b/unittests/test_rest_framework.py
index 880b62d3e5a..de2737e87c4 100644
--- a/unittests/test_rest_framework.py
+++ b/unittests/test_rest_framework.py
@@ -31,6 +31,7 @@
 from dojo.api_v2.views import (
     AnnouncementViewSet,
     AppAnalysisViewSet,
+    NotificationWebhooksViewSet,
     ConfigurationPermissionViewSet,
     CredentialsMappingViewSet,
     CredentialsViewSet,
@@ -53,7 +54,6 @@
     NotesViewSet,
     NoteTypeViewSet,
     NotificationsViewSet,
-    # TODO add Webhook notification tests here
     ProductAPIScanConfigurationViewSet,
     ProductGroupViewSet,
     ProductMemberViewSet,
@@ -103,6 +103,7 @@
     Global_Role,
     JIRA_Instance,
     JIRA_Issue,
+    Notification_Webhooks,
     JIRA_Project,
     Language_Type,
     Languages,
@@ -2998,3 +2999,24 @@ def __init__(self, *args, **kwargs):
 
     def test_create(self):
         self.skipTest("Only one Announcement can exists")
+
+
+class NotificationWebhooksTest(BaseClass.BaseClassTest):
+    fixtures = ['dojo_testdata.json']
+
+    def __init__(self, *args, **kwargs):
+        self.endpoint_model = Notification_Webhooks
+        self.endpoint_path = 'notification_webhooks'
+        self.viewname = 'notification_webhooks'
+        self.viewset = NotificationWebhooksViewSet
+        self.payload = {
+            "name": "My endpoint",
+            "url": "http://webhook.endpoint:8080/post",
+        }
+        self.update_fields = {
+            "header_name": "Auth",
+            "header_value": "token x",
+        }
+        self.test_type = TestType.STANDARD
+        self.deleted_objects = 1
+        BaseClass.RESTEndpointTest.__init__(self, *args, **kwargs)

From b043b9ccb932912507415124f134b4f0ab0f2063 Mon Sep 17 00:00:00 2001
From: kiblik <5609770+kiblik@users.noreply.github.com>
Date: Thu, 20 Jun 2024 11:00:16 +0200
Subject: [PATCH 32/63] Add main unittests

---
 dojo/api_v2/views.py                          |   4 +-
 dojo/fixtures/dojo_testdata.json              |  41 ++-
 dojo/notifications/helper.py                  |  43 ++-
 .../webhooks/subtemplates/engagement.tpl      |   5 +-
 .../webhooks/subtemplates/product.tpl         |   5 +-
 .../webhooks/subtemplates/product_type.tpl    |   5 +-
 .../webhooks/subtemplates/test.tpl            |   5 +-
 unittests/test_notifications.py               | 265 +++++++++++++++++-
 unittests/test_rest_framework.py              |   4 +-
 9 files changed, 333 insertions(+), 44 deletions(-)

diff --git a/dojo/api_v2/views.py b/dojo/api_v2/views.py
index 6e106f7a1b0..c7278a06037 100644
--- a/dojo/api_v2/views.py
+++ b/dojo/api_v2/views.py
@@ -3336,9 +3336,7 @@ def get_queryset(self):
 
 
 class NotificationWebhooksViewSet(
-    prefetch.PrefetchListMixin,
-    prefetch.PrefetchRetrieveMixin,
-    DojoModelViewSet
+    PrefetchDojoModelViewSet
 ):
     serializer_class = serializers.NotificationWebhooksSerializer
     queryset = Notification_Webhooks.objects.all()
diff --git a/dojo/fixtures/dojo_testdata.json b/dojo/fixtures/dojo_testdata.json
index 0be4d134151..71fe0a9c73e 100644
--- a/dojo/fixtures/dojo_testdata.json
+++ b/dojo/fixtures/dojo_testdata.json
@@ -227,6 +227,7 @@
       "url_prefix": "",
       "enable_slack_notifications": false,
       "enable_mail_notifications": false,
+      "enable_webhooks_notifications": true,
       "email_from": "no-reply@example.com",
       "false_positive_history": false,
       "msteams_url": "",
@@ -2926,11 +2927,27 @@
     "pk": 1,
     "model": "dojo.notifications",
     "fields": {
-      "product": 1,
-      "user": 2,
-      "product_type_added": [
-        "slack"
-      ]
+      "product": null,
+      "user": null,
+      "template": false,
+      "product_type_added": "webhooks,alert",
+      "product_added": "webhooks,alert",
+      "engagement_added": "webhooks,alert",
+      "test_added": "webhooks,alert",
+      "scan_added": "webhooks,alert",
+      "scan_added_empty": "webhooks",
+      "jira_update": "alert",
+      "upcoming_engagement": "alert",
+      "stale_engagement": "alert",
+      "auto_close_engagement": "alert",
+      "close_engagement": "alert",
+      "user_mentioned": "alert",
+      "code_review": "alert",
+      "review_requested": "alert",
+      "other": "alert",
+      "sla_breach": "alert",
+      "risk_acceptance_expiration": "alert",
+      "sla_breach_combined": "alert"
     }
   },
   {
@@ -3059,5 +3076,19 @@
       "last_error": null,
       "owner": null
     }
+  },
+  {
+    "model": "dojo.notification_webhooks",
+    "pk": 2,
+    "fields": {
+      "name": "My personal webhook endpoint",
+      "url": "http://webhook.endpoint:8080/post",
+      "header_name": "Auth",
+      "header_value": "Token secret",
+      "status": "active",
+      "first_error": null,
+      "last_error": null,
+      "owner": 2
+    }
   }
 ]
\ No newline at end of file
diff --git a/dojo/notifications/helper.py b/dojo/notifications/helper.py
index b7a19dc7d17..1876ed76e0e 100644
--- a/dojo/notifications/helper.py
+++ b/dojo/notifications/helper.py
@@ -1,5 +1,4 @@
 import logging
-import pprint
 
 import requests
 import yaml
@@ -376,9 +375,8 @@ def webhooks_notification_request(endpoint, event, *args, **kwargs):
         url=endpoint.url,
         headers=headers,
         json=data,
+        timeout=60,
     )
-    logger.debug("Webhook notification response:")
-    logger.debug(pprint.pformat(res.json()))
     return res
 
 
@@ -392,22 +390,26 @@ def test_webhooks_notification(endpoint):
 @dojo_async_task
 @app.task
 def send_webhooks_notification(event, user=None, *args, **kwargs):
-    # TODO check sending notifications (in general) to inactive users
-    for endpoint in Notification_Webhooks.objects.filter(owner=user):
+    endpoints = Notification_Webhooks.objects.filter(owner=user)
+
+    if not endpoints:
+        if user:
+            logger.info(f"URLs for Webhooks not configured for user '{user}': skipping user notification")
+        else:
+            logger.info("URLs for Webhooks not configured: skipping system notification")
+        return
+
+    for endpoint in endpoints:
         if not endpoint.status.startswith(Notification_Webhooks._STATUS_ACTIVE):
             logger.info(f"URL for Webhook '{endpoint.name}' is not active: {endpoint.get_status_display()} ({endpoint.status})")
             continue
 
-        if endpoint.url is None:
-            logger.info(f"URL for Webhook {endpoint.name} not configured: skipping system notification")
-            continue
-
         try:
-            logger.debug(f"Sending webhook message to endpoint {endpoint.name}")
+            logger.debug(f"Sending webhook message to endpoint '{endpoint.name}'")
             res = webhooks_notification_request(endpoint, event, *args, **kwargs)
 
             if res.status_code in [200, 201]:
-                logger.debug(f"Message sent to endpoint {endpoint.name} sucessfully.")
+                logger.debug(f"Message sent to endpoint '{endpoint.name}' sucessfully.")
                 continue
 
             now = get_current_datetime()
@@ -421,12 +423,13 @@ def send_webhooks_notification(event, user=None, *args, **kwargs):
             elif 500 <= res.status_code < 600:
                 # If there is only temporary outage (we detected 5xx first time or it was before more then one hour), we can keep endpoint active (but marked)
 
-                # First detection
+                # First detected
+                # or first detected more then one hour ago
                 if endpoint.last_error is None or (now - endpoint.last_error).minutes > 60:
                     endpoint.status = Notification_Webhooks.STATUS_ACTIVE_500
                     endpoint.first_error = now  # Yes, if last fail happen before more then hour, we are considering it as a new error
 
-                # Repleated detection
+                # Repeated detection
                 else:
                     # Error is repeating over more then hour
                     if (now - endpoint.first_error).minutes > 60:
@@ -446,19 +449,11 @@ def send_webhooks_notification(event, user=None, *args, **kwargs):
             endpoint.last_error = now
             endpoint.save()
 
-            # TODO remove this
-            logger.error("Error when sending message to Webhooks")
-            logger.error(res.status_code)
-            logger.error(res.text)
-            raise RuntimeError('Error posting message to Webhooks: ' + res.text)
+            logger.error("Error when sending message to Webhooks (status: {res.status_code}): {res.text}")
+
         except Exception as e:
             logger.exception(e)
-            log_alert(e, "Webhooks Notification", title=kwargs['title'], description=str(e), url=kwargs['url'])
-    else:
-        if user:
-            logger.info(f"URLs for Webhooks not configured for user '{user}': skipping user notification")
-        else:
-            logger.info("URLs for Webhooks not configured: skipping system notification")
+            log_alert(e, "Webhooks Notification")
 
 
 def send_alert_notification(event, user=None, *args, **kwargs):
diff --git a/dojo/templates/notifications/webhooks/subtemplates/engagement.tpl b/dojo/templates/notifications/webhooks/subtemplates/engagement.tpl
index 3e25c96c313..c4d2074dd59 100644
--- a/dojo/templates/notifications/webhooks/subtemplates/engagement.tpl
+++ b/dojo/templates/notifications/webhooks/subtemplates/engagement.tpl
@@ -3,5 +3,6 @@
 {% else %}
 {% include 'notifications/webhooks/subtemplates/product.tpl' with product=engagement.product %}
 {% endif %}
-engagement: {{ engagement.name }}
-engagement_id: {{ engagement.pk }}
+engagement:
+    name: {{ engagement.name }}
+    id: {{ engagement.pk }}
diff --git a/dojo/templates/notifications/webhooks/subtemplates/product.tpl b/dojo/templates/notifications/webhooks/subtemplates/product.tpl
index 56f5ad3e542..f875586c6f9 100644
--- a/dojo/templates/notifications/webhooks/subtemplates/product.tpl
+++ b/dojo/templates/notifications/webhooks/subtemplates/product.tpl
@@ -3,5 +3,6 @@
 {% else %}
 {% include 'notifications/webhooks/subtemplates/product_type.tpl' with product_type=product.prod_type %}
 {% endif %}
-product: {{ product.name }}
-product_id: {{ product.pk }}
+product:
+    name: {{ product.name }}
+    id: {{ product.pk }}
diff --git a/dojo/templates/notifications/webhooks/subtemplates/product_type.tpl b/dojo/templates/notifications/webhooks/subtemplates/product_type.tpl
index 77b8d0744ba..3aa71ce9f54 100644
--- a/dojo/templates/notifications/webhooks/subtemplates/product_type.tpl
+++ b/dojo/templates/notifications/webhooks/subtemplates/product_type.tpl
@@ -1,2 +1,3 @@
-product_type: {{ product_type.name }}
-product_type_id: {{ product_type.pk }}
+product_type:
+    name: {{ product_type.name }}
+    id: {{ product_type.pk }}
diff --git a/dojo/templates/notifications/webhooks/subtemplates/test.tpl b/dojo/templates/notifications/webhooks/subtemplates/test.tpl
index 77d999a3803..26c4b4bc2c7 100644
--- a/dojo/templates/notifications/webhooks/subtemplates/test.tpl
+++ b/dojo/templates/notifications/webhooks/subtemplates/test.tpl
@@ -3,5 +3,6 @@
 {% else %}
 {% include 'notifications/webhooks/subtemplates/engagement.tpl' with engagement=test.engagement %}
 {% endif %}
-test: {{ test.title }}
-test_id: {{ test.pk }}
+test:
+    title: {{ test.title }}
+    id: {{ test.pk }}
diff --git a/unittests/test_notifications.py b/unittests/test_notifications.py
index 4942ac5c7b0..a2efe149cc4 100644
--- a/unittests/test_notifications.py
+++ b/unittests/test_notifications.py
@@ -1,20 +1,25 @@
+import logging
 from unittest.mock import patch
 
 from auditlog.context import set_actor
+from crum import impersonate
 from django.test import override_settings
 from django.urls import reverse
 from django.utils import timezone
 from rest_framework.authtoken.models import Token
 from rest_framework.test import APIClient, APITestCase
 
-# TODO add webHook notifications here
+import dojo.notifications.helper as notifications_helper
+from dojo import __version__ as dd_version
 from dojo.models import (
     DEFAULT_NOTIFICATION,
     Alerts,
     Dojo_User,
     Endpoint,
     Engagement,
+    Finding,
     Finding_Group,
+    Notification_Webhooks,
     Notifications,
     Product,
     Product_Type,
@@ -22,10 +27,12 @@
     Test_Type,
     User,
 )
-from dojo.notifications.helper import create_notification, send_alert_notification
+from dojo.notifications.helper import create_notification, send_alert_notification, send_webhooks_notification
 
 from .dojo_test_case import DojoTestCase
 
+logger = logging.getLogger(__name__)
+
 
 class TestNotifications(DojoTestCase):
     fixtures = ["dojo_testdata.json"]
@@ -387,3 +394,257 @@ def test_auditlog_on(self, mock):
         prod_type = Product_Type.objects.create(name="notif prod type API")
         self.client.delete(reverse("product_type-detail", args=(prod_type.pk,)), format="json")
         self.assertEqual(mock.call_args_list[-1].kwargs["description"], 'The product type "notif prod type API" was deleted by admin')
+
+
+class TestNotificationWebhooks(DojoTestCase):
+    fixtures = ['dojo_testdata.json']
+
+    def run(self, result=None):
+        testuser = User.objects.get(username='admin')
+        testuser.usercontactinfo.block_execution = True
+        testuser.save()
+
+        # unit tests are running without any user, which will result in actions like dedupe happening in the celery process
+        # this doesn't work in unittests as unittests are using an in memory sqlite database and celery can't see the data
+        # so we're running the test under the admin user context and set block_execution to True
+        with impersonate(testuser):
+            super().run(result)
+
+    def setUp(self):
+        self.sys_wh = Notification_Webhooks.objects.filter(owner=None).first()
+        self.url_base = "http://webhook.endpoint:8080"
+
+    def test_missing_system_webhook(self):
+        # test data contains 2 entries but we need to test missing definition
+        Notification_Webhooks.objects.all().delete()
+        with self.assertLogs('dojo.notifications.helper', level='INFO') as cm:
+            send_webhooks_notification(event='dummy')
+        self.assertIn('URLs for Webhooks not configured: skipping system notification', cm.output[0])
+
+    def test_missing_personal_webhook(self):
+        # test data contains 2 entries but we need to test missing definition
+        Notification_Webhooks.objects.all().delete()
+        with self.assertLogs('dojo.notifications.helper', level='INFO') as cm:
+            send_webhooks_notification(event='dummy', user=Dojo_User.objects.get(username="admin"))
+        self.assertIn("URLs for Webhooks not configured for user '(admin)': skipping user notification", cm.output[0])
+
+    def test_system_webhook_inactive(self):
+        self.sys_wh.status = Notification_Webhooks.STATUS_INACTIVE_400
+        self.sys_wh.save()
+        with self.assertLogs('dojo.notifications.helper', level='INFO') as cm:
+            send_webhooks_notification(event='dummy')
+        self.assertIn("URL for Webhook 'My webhook endpoint' is not active: Inactive because of 4xx error (inactive_400)", cm.output[0])
+
+    def test_system_webhook_sucessful(self):
+        with self.assertLogs('dojo.notifications.helper', level='DEBUG') as cm:
+            send_webhooks_notification(event='dummy')
+        self.assertIn("Message sent to endpoint 'My webhook endpoint' sucessfully.", cm.output[-1])
+
+        updated_wh = Notification_Webhooks.objects.filter(owner=None).first()
+        self.assertEqual(updated_wh.status, Notification_Webhooks.STATUS_ACTIVE)
+        self.assertIsNone(updated_wh.first_error)
+        self.assertIsNone(updated_wh.last_error)
+
+    # def test_system_webhook_4xx(self):
+    #     self.sys_wh.url = f"{self.url_base}/status/400"
+    #     self.sys_wh.save()
+    #     with self.assertLogs('dojo.notifications.helper', level='DEBUG'):
+    #         send_webhooks_notification(event='dummy', title='Dummy event')
+
+    #     updated_wh = Notification_Webhooks.objects.all().filter(owner=None).first()
+    #     self.assertEqual(updated_wh.status, Notification_Webhooks.STATUS_INACTIVE_400)
+    #     self.assertIsNotNone(updated_wh.first_error)
+    #     self.assertEqual(updated_wh.first_error, updated_wh.last_error)
+
+    # def test_system_webhook_first_5xx(self):
+    #     self.sys_wh.url = f"{self.url_base}/status/500"
+    #     self.sys_wh.save()
+    #     with self.assertLogs('dojo.notifications.helper', level='DEBUG'):
+    #         send_webhooks_notification(event='dummy', title='Dummy event')
+
+    #     updated_wh = Notification_Webhooks.objects.filter(owner=None).first()
+    #     self.assertEqual(updated_wh.status, Notification_Webhooks.STATUS_ACTIVE_500)
+    #     self.assertIsNotNone(updated_wh.first_error)
+    #     self.assertEqual(updated_wh.first_error, updated_wh.last_error)
+
+    # def test_system_webhook_second_5xx_within_hour(self):
+    #     ten_mins_ago = get_current_datetime() - datetime.timedelta(minutes=10)
+    #     self.sys_wh.url = f"{self.url_base}/status/500"
+    #     self.sys_wh.status = Notification_Webhooks.STATUS_ACTIVE_500
+    #     self.sys_wh.first_error = ten_mins_ago
+    #     self.sys_wh.last_error = ten_mins_ago
+    #     self.sys_wh.save()
+    #     with self.assertLogs('dojo.notifications.helper', level='DEBUG') as cm:
+    #         send_webhooks_notification(event='dummy', title='Dummy event')
+
+    #     updated_wh = Notification_Webhooks.objects.filter(owner=None).first()
+    #     self.assertEquals(updated_wh.status, Notification_Webhooks.STATUS_ACTIVE_500)
+    #     self.assertIsNotNone(updated_wh.first_error)
+    #     self.assertEquals(updated_wh.first_error, updated_wh.last_error)
+
+    @patch('requests.request')
+    def test_headers(self, mock):
+        Product_Type.objects.create(name='notif prod type')
+        self.assertEqual(mock.call_args.kwargs['headers'], {
+            'User-Agent': f"DefectDojo-{dd_version}",
+            'X-DefectDojo-Event': 'product_type_added',
+            'X-DefectDojo-Instance': 'http://localhost:8080',
+            'Accept': 'application/json',
+            'Auth': 'Token xxx'
+        })
+
+    @patch('requests.request')
+    def test_events_messages(self, mock):
+        with self.subTest('product_type_added'):
+            prod_type = Product_Type.objects.create(name='notif prod type')
+            self.assertEqual(mock.call_args.kwargs['headers']['X-DefectDojo-Event'], 'product_type_added')
+            self.assertEqual(mock.call_args.kwargs['json'], {
+                'description': None,
+                'user': None,
+                'url': 'http://localhost:8080/product/type/4',
+                'product_type': {
+                    'id': 4,
+                    'name': 'notif prod type',
+                },
+            })
+
+        with self.subTest('product_added'):
+            prod = Product.objects.create(name='notif prod', prod_type=prod_type)
+            self.assertEqual(mock.call_args.kwargs['headers']['X-DefectDojo-Event'], 'product_added')
+            self.assertEqual(mock.call_args.kwargs['json'], {
+                'description': None,
+                'user': None,
+                'url': 'http://localhost:8080/product/4',
+                'product_type': {
+                    'id': 4,
+                    'name': 'notif prod type',
+                },
+                'product': {
+                    'id': 4,
+                    'name': 'notif prod',
+                },
+            })
+
+        with self.subTest('engagement_added'):
+            eng = Engagement.objects.create(name='notif eng', product=prod, target_start=timezone.now(), target_end=timezone.now())
+            self.assertEqual(mock.call_args.kwargs['headers']['X-DefectDojo-Event'], 'engagement_added')
+            self.assertEqual(mock.call_args.kwargs['json'], {
+                'description': None,
+                'user': None,
+                'url': 'http://localhost:8080/engagement/7',
+                'product_type': {
+                    'id': 4,
+                    'name': 'notif prod type',
+                },
+                'product': {
+                    'id': 4,
+                    'name': 'notif prod',
+                },
+                'engagement': {
+                    'id': 7,
+                    'name': 'notif eng',
+                },
+            })
+
+        with self.subTest('test_added'):
+            test = Test.objects.create(title='notif test', engagement=eng, target_start=timezone.now(), target_end=timezone.now(), test_type_id=Test_Type.objects.first().id)
+            notifications_helper.notify_test_created(test)
+            self.assertEqual(mock.call_args.kwargs['headers']['X-DefectDojo-Event'], 'test_added')
+            self.assertEqual(mock.call_args.kwargs['json'], {
+                'description': None,
+                'user': None,
+                'url': 'http://localhost:8080/test/90',
+                'product_type': {
+                    'id': 4,
+                    'name': 'notif prod type',
+                },
+                'product': {
+                    'id': 4,
+                    'name': 'notif prod',
+                },
+                'engagement': {
+                    'id': 7,
+                    'name': 'notif eng',
+                },
+                'test': {
+                    'id': 90,
+                    'title': 'notif test',
+                },
+            })
+
+        with self.subTest('scan_added_empty'):
+            notifications_helper.notify_scan_added(test, updated_count=0)
+            self.assertEqual(mock.call_args.kwargs['headers']['X-DefectDojo-Event'], 'scan_added_empty')
+            self.assertEqual(mock.call_args.kwargs['json'], {
+                'description': None,
+                'user': None,
+                'url': 'http://localhost:8080/test/90',
+                'product_type': {
+                    'id': 4,
+                    'name': 'notif prod type',
+                },
+                'product': {
+                    'id': 4,
+                    'name': 'notif prod',
+                },
+                'engagement': {
+                    'id': 7,
+                    'name': 'notif eng',
+                },
+                'test': {
+                    'id': 90,
+                    'title': 'notif test',
+                },
+                'finding_count': 0,
+                'findings': {
+                    'mitigated': None,
+                    'new': None,
+                    'reactivated': None,
+                    'untouched': None,
+                },
+            })
+
+        with self.subTest('scan_added'):
+            notifications_helper.notify_scan_added(test,
+                updated_count=4,
+                new_findings=[
+                    Finding.objects.create(test=test, title='New Finding', severity='Critical')
+                ],
+                findings_mitigated=[
+                    Finding.objects.create(test=test, title='Mitigated Finding', severity='Medium')
+                ],
+                findings_reactivated=[
+                    Finding.objects.create(test=test, title='Reactivated Finding', severity='Low')
+                ],
+                findings_untouched=[
+                    Finding.objects.create(test=test, title='Untouched Finding', severity='Info')
+                ],
+            )
+            self.assertEqual(mock.call_args.kwargs['headers']['X-DefectDojo-Event'], 'scan_added')
+            self.maxDiff = None
+            self.assertEqual(mock.call_args.kwargs['json']['findings'], {
+                'new': [{
+                    'id': 232,
+                    'title': 'New Finding',
+                    'severity': 'Critical',
+                    'url': 'http://localhost:8080/finding/232'
+                }],
+                'mitigated': [{
+                    'id': 233,
+                    'title': 'Mitigated Finding',
+                    'severity': 'Medium',
+                    'url': 'http://localhost:8080/finding/233'
+                }],
+                'reactivated': [{
+                    'id': 234,
+                    'title': 'Reactivated Finding',
+                    'severity': 'Low',
+                    'url': 'http://localhost:8080/finding/234'
+                }],
+                'untouched': [{
+                    'id': 235,
+                    'title': 'Untouched Finding',
+                    'severity': 'Info',
+                    'url': 'http://localhost:8080/finding/235'
+                }],
+            })
diff --git a/unittests/test_rest_framework.py b/unittests/test_rest_framework.py
index de2737e87c4..3051919adc3 100644
--- a/unittests/test_rest_framework.py
+++ b/unittests/test_rest_framework.py
@@ -31,7 +31,6 @@
 from dojo.api_v2.views import (
     AnnouncementViewSet,
     AppAnalysisViewSet,
-    NotificationWebhooksViewSet,
     ConfigurationPermissionViewSet,
     CredentialsMappingViewSet,
     CredentialsViewSet,
@@ -54,6 +53,7 @@
     NotesViewSet,
     NoteTypeViewSet,
     NotificationsViewSet,
+    NotificationWebhooksViewSet,
     ProductAPIScanConfigurationViewSet,
     ProductGroupViewSet,
     ProductMemberViewSet,
@@ -103,12 +103,12 @@
     Global_Role,
     JIRA_Instance,
     JIRA_Issue,
-    Notification_Webhooks,
     JIRA_Project,
     Language_Type,
     Languages,
     Note_Type,
     Notes,
+    Notification_Webhooks,
     Notifications,
     Product,
     Product_API_Scan_Configuration,

From 48ab8ea832e815e2fcbc0c8b01b39c2ab9c26144 Mon Sep 17 00:00:00 2001
From: kiblik <5609770+kiblik@users.noreply.github.com>
Date: Thu, 20 Jun 2024 12:18:26 +0200
Subject: [PATCH 33/63] Update 4xx test

---
 dojo/notifications/helper.py    |  7 +--
 unittests/test_notifications.py | 76 +++++++++++++++++----------------
 2 files changed, 44 insertions(+), 39 deletions(-)

diff --git a/dojo/notifications/helper.py b/dojo/notifications/helper.py
index 1876ed76e0e..02ffeae96b5 100644
--- a/dojo/notifications/helper.py
+++ b/dojo/notifications/helper.py
@@ -1,3 +1,4 @@
+import json
 import logging
 
 import requests
@@ -425,14 +426,14 @@ def send_webhooks_notification(event, user=None, *args, **kwargs):
 
                 # First detected
                 # or first detected more then one hour ago
-                if endpoint.last_error is None or (now - endpoint.last_error).minutes > 60:
+                if endpoint.last_error is None or (now - endpoint.last_error).seconds > 60 * 60:
                     endpoint.status = Notification_Webhooks.STATUS_ACTIVE_500
                     endpoint.first_error = now  # Yes, if last fail happen before more then hour, we are considering it as a new error
 
                 # Repeated detection
                 else:
                     # Error is repeating over more then hour
-                    if (now - endpoint.first_error).minutes > 60:
+                    if (now - endpoint.first_error).seconds > 60 * 60:
                         endpoint.status = Notification_Webhooks.STATUS_INACTIVE_500
 
                     # This situation shouldn't happen - only if somebody was cleaning status and didn't clean first/last_error
@@ -449,7 +450,7 @@ def send_webhooks_notification(event, user=None, *args, **kwargs):
             endpoint.last_error = now
             endpoint.save()
 
-            logger.error("Error when sending message to Webhooks (status: {res.status_code}): {res.text}")
+            logger.error(f"Error when sending message to Webhooks (status: {res.status_code}): {res.text}")
 
         except Exception as e:
             logger.exception(e)
diff --git a/unittests/test_notifications.py b/unittests/test_notifications.py
index a2efe149cc4..54865fb84b0 100644
--- a/unittests/test_notifications.py
+++ b/unittests/test_notifications.py
@@ -1,3 +1,4 @@
+import datetime
 import logging
 from unittest.mock import patch
 
@@ -26,6 +27,7 @@
     Test,
     Test_Type,
     User,
+    get_current_datetime,
 )
 from dojo.notifications.helper import create_notification, send_alert_notification, send_webhooks_notification
 
@@ -445,42 +447,44 @@ def test_system_webhook_sucessful(self):
         self.assertIsNone(updated_wh.first_error)
         self.assertIsNone(updated_wh.last_error)
 
-    # def test_system_webhook_4xx(self):
-    #     self.sys_wh.url = f"{self.url_base}/status/400"
-    #     self.sys_wh.save()
-    #     with self.assertLogs('dojo.notifications.helper', level='DEBUG'):
-    #         send_webhooks_notification(event='dummy', title='Dummy event')
-
-    #     updated_wh = Notification_Webhooks.objects.all().filter(owner=None).first()
-    #     self.assertEqual(updated_wh.status, Notification_Webhooks.STATUS_INACTIVE_400)
-    #     self.assertIsNotNone(updated_wh.first_error)
-    #     self.assertEqual(updated_wh.first_error, updated_wh.last_error)
-
-    # def test_system_webhook_first_5xx(self):
-    #     self.sys_wh.url = f"{self.url_base}/status/500"
-    #     self.sys_wh.save()
-    #     with self.assertLogs('dojo.notifications.helper', level='DEBUG'):
-    #         send_webhooks_notification(event='dummy', title='Dummy event')
-
-    #     updated_wh = Notification_Webhooks.objects.filter(owner=None).first()
-    #     self.assertEqual(updated_wh.status, Notification_Webhooks.STATUS_ACTIVE_500)
-    #     self.assertIsNotNone(updated_wh.first_error)
-    #     self.assertEqual(updated_wh.first_error, updated_wh.last_error)
-
-    # def test_system_webhook_second_5xx_within_hour(self):
-    #     ten_mins_ago = get_current_datetime() - datetime.timedelta(minutes=10)
-    #     self.sys_wh.url = f"{self.url_base}/status/500"
-    #     self.sys_wh.status = Notification_Webhooks.STATUS_ACTIVE_500
-    #     self.sys_wh.first_error = ten_mins_ago
-    #     self.sys_wh.last_error = ten_mins_ago
-    #     self.sys_wh.save()
-    #     with self.assertLogs('dojo.notifications.helper', level='DEBUG') as cm:
-    #         send_webhooks_notification(event='dummy', title='Dummy event')
-
-    #     updated_wh = Notification_Webhooks.objects.filter(owner=None).first()
-    #     self.assertEquals(updated_wh.status, Notification_Webhooks.STATUS_ACTIVE_500)
-    #     self.assertIsNotNone(updated_wh.first_error)
-    #     self.assertEquals(updated_wh.first_error, updated_wh.last_error)
+    def test_system_webhook_4xx(self):
+        self.sys_wh.url = f"{self.url_base}/status/400"
+        self.sys_wh.save()
+
+        with self.assertLogs('dojo.notifications.helper', level='ERROR') as cm:
+            send_webhooks_notification(event='dummy', title='Dummy event')
+        self.assertIn("Error when sending message to Webhooks (status: 400)", cm.output[-1])
+
+        updated_wh = Notification_Webhooks.objects.all().filter(owner=None).first()
+        self.assertEqual(updated_wh.status, Notification_Webhooks.STATUS_INACTIVE_400)
+        self.assertIsNotNone(updated_wh.first_error)
+        self.assertEqual(updated_wh.first_error, updated_wh.last_error)
+
+    def test_system_webhook_first_5xx(self):
+        self.sys_wh.url = f"{self.url_base}/status/500"
+        self.sys_wh.save()
+
+        send_webhooks_notification(event='dummy', title='Dummy event')
+
+        updated_wh = Notification_Webhooks.objects.filter(owner=None).first()
+        self.assertEqual(updated_wh.status, Notification_Webhooks.STATUS_ACTIVE_500)
+        self.assertIsNotNone(updated_wh.first_error)
+        self.assertEqual(updated_wh.first_error, updated_wh.last_error)
+
+    def test_system_webhook_second_5xx_within_hour(self):
+        ten_mins_ago = get_current_datetime() - datetime.timedelta(minutes=10)
+        self.sys_wh.url = f"{self.url_base}/status/500"
+        self.sys_wh.status = Notification_Webhooks.STATUS_ACTIVE_500
+        self.sys_wh.first_error = ten_mins_ago
+        self.sys_wh.last_error = ten_mins_ago
+        self.sys_wh.save()
+
+        send_webhooks_notification(event='dummy', title='Dummy event')
+
+        updated_wh = Notification_Webhooks.objects.filter(owner=None).first()
+        self.assertEqual(updated_wh.status, Notification_Webhooks.STATUS_ACTIVE_500)
+        self.assertEqual(updated_wh.first_error, ten_mins_ago)
+        self.assertGreater(updated_wh.last_error, ten_mins_ago)
 
     @patch('requests.request')
     def test_headers(self, mock):

From a8abc6161073001615a3acda6bdd1d5cf7615552 Mon Sep 17 00:00:00 2001
From: kiblik <5609770+kiblik@users.noreply.github.com>
Date: Wed, 3 Jul 2024 16:43:30 +0200
Subject: [PATCH 34/63] Docs: add Transition graph

---
 docs/content/en/integrations/burp-plugin.md   |  2 +-
 docs/content/en/integrations/exporting.md     |  2 +-
 .../en/integrations/google-sheets-sync.md     |  2 +-
 docs/content/en/integrations/languages.md     |  2 +-
 .../notification_webhooks/_index.md           | 33 +++++++++++++++++++
 docs/content/en/integrations/rate_limiting.md |  2 +-
 6 files changed, 38 insertions(+), 5 deletions(-)
 create mode 100644 docs/content/en/integrations/notification_webhooks/_index.md

diff --git a/docs/content/en/integrations/burp-plugin.md b/docs/content/en/integrations/burp-plugin.md
index 400b37c0f2a..ab3285ceda4 100644
--- a/docs/content/en/integrations/burp-plugin.md
+++ b/docs/content/en/integrations/burp-plugin.md
@@ -2,7 +2,7 @@
 title: "Defect Dojo Burp plugin"
 description: "Export findings directly from Burp to DefectDojo."
 draft: false
-weight: 8
+weight: 9
 ---
 
 **Please note: The DefectDojo Burp Plugin has been sunset and is no longer a supported feature.**
diff --git a/docs/content/en/integrations/exporting.md b/docs/content/en/integrations/exporting.md
index da17df7d93b..7a42d27b17e 100644
--- a/docs/content/en/integrations/exporting.md
+++ b/docs/content/en/integrations/exporting.md
@@ -2,7 +2,7 @@
 title: "Exporting"
 description: "DefectDojo has the ability to export findings."
 draft: false
-weight: 11
+weight: 12
 ---
 
 
diff --git a/docs/content/en/integrations/google-sheets-sync.md b/docs/content/en/integrations/google-sheets-sync.md
index b6e97f72f84..456a694fc6e 100644
--- a/docs/content/en/integrations/google-sheets-sync.md
+++ b/docs/content/en/integrations/google-sheets-sync.md
@@ -2,7 +2,7 @@
 title: "Google Sheets synchronisation"
 description: "Export finding details to Google Sheets and upload changes from Google Sheets."
 draft: false
-weight: 7
+weight: 8
 ---
 
 **Please note - the Google Sheets feature has been deprecated as of DefectDojo version 2.21.0 - these documents are for reference only.**
diff --git a/docs/content/en/integrations/languages.md b/docs/content/en/integrations/languages.md
index 17a322c8f90..a78ed137e69 100644
--- a/docs/content/en/integrations/languages.md
+++ b/docs/content/en/integrations/languages.md
@@ -2,7 +2,7 @@
 title: "Languages and lines of code"
 description: "You can import an analysis of languages used in a project, including lines of code."
 draft: false
-weight: 9
+weight: 10
 ---
 
 ## Import of languages for a project
diff --git a/docs/content/en/integrations/notification_webhooks/_index.md b/docs/content/en/integrations/notification_webhooks/_index.md
new file mode 100644
index 00000000000..795c37d354f
--- /dev/null
+++ b/docs/content/en/integrations/notification_webhooks/_index.md
@@ -0,0 +1,33 @@
+---
+title: "Notification Webhooks"
+description: "..."
+weight: 7
+chapter: true
+---
+
+
+## Transition graph:
+
+```mermaid
+flowchart TD
+
+    START{START}
+    STATUS_ACTIVE([STATUS_ACTIVE])
+    STATUS_INACTIVE_TMP
+    STATUS_INACTIVE_400
+    STATUS_ACTIVE_500([STATUS_ACTIVE_500])
+    STATUS_INACTIVE_500
+    STATUS_INACTIVE_OTHERS
+    STATUS_INACTIVE_MANUAL
+
+    START --> STATUS_ACTIVE
+    STATUS_ACTIVE --HTTP 200 or 201 --> STATUS_ACTIVE
+    STATUS_ACTIVE --HTTP 5xx, 429, timeout or other non-HTTP error<br> within one day from the first error--> STATUS_INACTIVE_TMP
+    STATUS_INACTIVE_TMP --After 60s--> STATUS_ACTIVE_500
+    STATUS_ACTIVE_500 --HTTP 5xx, 429, timeout or other non-HTTP error<br> within one day from the first error-->STATUS_INACTIVE_TMP
+    STATUS_ACTIVE_500 --HTTP 5xx, 429, timeout or other non-HTTP error<br> within one day from the first error-->STATUS_INACTIVE_500
+    STATUS_ACTIVE_500 --After 24h--> STATUS_ACTIVE
+    STATUS_ACTIVE --Any HTTP 4xx response--> STATUS_INACTIVE_400
+    STATUS_ACTIVE --Any other HTTP response--> STATUS_INACTIVE_OTHERS
+    STATUS_ACTIVE --Manual deactivation by user--> STATUS_INACTIVE_MANUAL
+```
\ No newline at end of file
diff --git a/docs/content/en/integrations/rate_limiting.md b/docs/content/en/integrations/rate_limiting.md
index 0cac784c5f5..1ea76ace5b3 100644
--- a/docs/content/en/integrations/rate_limiting.md
+++ b/docs/content/en/integrations/rate_limiting.md
@@ -2,7 +2,7 @@
 title: "Rate Limiting"
 description: "Configurable rate limiting on the login page to mitigate brute force attacks"
 draft: false
-weight: 9
+weight: 11
 ---
 
 

From 140c2af6d0cccf7013ec7bd11ec50061e7c28fee Mon Sep 17 00:00:00 2001
From: kiblik <5609770+kiblik@users.noreply.github.com>
Date: Fri, 5 Jul 2024 13:36:40 +0200
Subject: [PATCH 35/63] ruff

---
 dojo/api_v2/views.py            |  2 +-
 dojo/notifications/views.py     |  8 ++++----
 unittests/test_notifications.py | 18 +++++++++---------
 3 files changed, 14 insertions(+), 14 deletions(-)

diff --git a/dojo/api_v2/views.py b/dojo/api_v2/views.py
index c7278a06037..b43b056dd2b 100644
--- a/dojo/api_v2/views.py
+++ b/dojo/api_v2/views.py
@@ -3336,7 +3336,7 @@ def get_queryset(self):
 
 
 class NotificationWebhooksViewSet(
-    PrefetchDojoModelViewSet
+    PrefetchDojoModelViewSet,
 ):
     serializer_class = serializers.NotificationWebhooksSerializer
     queryset = Notification_Webhooks.objects.all()
diff --git a/dojo/notifications/views.py b/dojo/notifications/views.py
index 279a90d5260..34e125773f2 100644
--- a/dojo/notifications/views.py
+++ b/dojo/notifications/views.py
@@ -138,11 +138,11 @@ class NotificationWebhooksView(View):
 
     def check_webhooks_enabled(self):
         if not get_system_setting('enable_webhooks_notifications'):
-            raise Http404()
+            raise Http404
 
     def check_user_permissions(self, request: HttpRequest):
         if not request.user.is_superuser:
-            raise PermissionDenied()
+            raise PermissionDenied
         # TODO finished access for other users
         # if not user_has_configuration_permission(request.user, self.permission):
         #     raise PermissionDenied()
@@ -288,7 +288,7 @@ def get_initial_context(self, request: HttpRequest, nwh: Notification_Webhooks):
             'name': 'Edit Notification Webhook',
             'user': request.user,
             'form': self.get_form(request, instance=nwh),
-            'nwh': nwh
+            'nwh': nwh,
         }
 
     def process_form(self, request: HttpRequest, nwh: Notification_Webhooks, context: dict):
@@ -383,7 +383,7 @@ def get_form(
     def get_initial_context(self, request: HttpRequest, nwh: Notification_Webhooks):
         return {
             'form': self.get_form(request, instance=nwh),
-            'nwh': nwh
+            'nwh': nwh,
         }
 
     def process_form(self, request: HttpRequest, nwh: Notification_Webhooks, context: dict):
diff --git a/unittests/test_notifications.py b/unittests/test_notifications.py
index 54865fb84b0..1314c45e285 100644
--- a/unittests/test_notifications.py
+++ b/unittests/test_notifications.py
@@ -494,7 +494,7 @@ def test_headers(self, mock):
             'X-DefectDojo-Event': 'product_type_added',
             'X-DefectDojo-Instance': 'http://localhost:8080',
             'Accept': 'application/json',
-            'Auth': 'Token xxx'
+            'Auth': 'Token xxx',
         })
 
     @patch('requests.request')
@@ -612,16 +612,16 @@ def test_events_messages(self, mock):
             notifications_helper.notify_scan_added(test,
                 updated_count=4,
                 new_findings=[
-                    Finding.objects.create(test=test, title='New Finding', severity='Critical')
+                    Finding.objects.create(test=test, title='New Finding', severity='Critical'),
                 ],
                 findings_mitigated=[
-                    Finding.objects.create(test=test, title='Mitigated Finding', severity='Medium')
+                    Finding.objects.create(test=test, title='Mitigated Finding', severity='Medium'),
                 ],
                 findings_reactivated=[
-                    Finding.objects.create(test=test, title='Reactivated Finding', severity='Low')
+                    Finding.objects.create(test=test, title='Reactivated Finding', severity='Low'),
                 ],
                 findings_untouched=[
-                    Finding.objects.create(test=test, title='Untouched Finding', severity='Info')
+                    Finding.objects.create(test=test, title='Untouched Finding', severity='Info'),
                 ],
             )
             self.assertEqual(mock.call_args.kwargs['headers']['X-DefectDojo-Event'], 'scan_added')
@@ -631,24 +631,24 @@ def test_events_messages(self, mock):
                     'id': 232,
                     'title': 'New Finding',
                     'severity': 'Critical',
-                    'url': 'http://localhost:8080/finding/232'
+                    'url': 'http://localhost:8080/finding/232',
                 }],
                 'mitigated': [{
                     'id': 233,
                     'title': 'Mitigated Finding',
                     'severity': 'Medium',
-                    'url': 'http://localhost:8080/finding/233'
+                    'url': 'http://localhost:8080/finding/233',
                 }],
                 'reactivated': [{
                     'id': 234,
                     'title': 'Reactivated Finding',
                     'severity': 'Low',
-                    'url': 'http://localhost:8080/finding/234'
+                    'url': 'http://localhost:8080/finding/234',
                 }],
                 'untouched': [{
                     'id': 235,
                     'title': 'Untouched Finding',
                     'severity': 'Info',
-                    'url': 'http://localhost:8080/finding/235'
+                    'url': 'http://localhost:8080/finding/235',
                 }],
             })

From a99e661c4bcd26bad813d0a2c004dcd4187fb613 Mon Sep 17 00:00:00 2001
From: kiblik <5609770+kiblik@users.noreply.github.com>
Date: Fri, 5 Jul 2024 20:56:57 +0200
Subject: [PATCH 36/63] Rewrite

---
 .../notification_webhooks/_index.md           |  46 +++++---
 ..._enable_webhooks_notifications_and_more.py |  10 +-
 dojo/fixtures/dojo_testdata.json              |   2 +
 dojo/models.py                                |  20 ++--
 dojo/notifications/helper.py                  | 108 ++++++++++++------
 dojo/settings/settings.dist.py                |   5 +-
 unittests/test_notifications.py               |  78 +++++++++++--
 7 files changed, 195 insertions(+), 74 deletions(-)

diff --git a/docs/content/en/integrations/notification_webhooks/_index.md b/docs/content/en/integrations/notification_webhooks/_index.md
index 795c37d354f..ac66bc6564c 100644
--- a/docs/content/en/integrations/notification_webhooks/_index.md
+++ b/docs/content/en/integrations/notification_webhooks/_index.md
@@ -5,29 +5,41 @@ weight: 7
 chapter: true
 ---
 
-
 ## Transition graph:
 
 ```mermaid
 flowchart TD
 
-    START{START}
+    START{{Endpoint created}}
+    ALL{All states}
     STATUS_ACTIVE([STATUS_ACTIVE])
     STATUS_INACTIVE_TMP
-    STATUS_INACTIVE_400
-    STATUS_ACTIVE_500([STATUS_ACTIVE_500])
-    STATUS_INACTIVE_500
-    STATUS_INACTIVE_OTHERS
-    STATUS_INACTIVE_MANUAL
+    STATUS_INACTIVE_PERMANENT
+    STATUS_ACTIVE_TMP([STATUS_ACTIVE_TMP])
+    END{{Endpoint removed}}
 
-    START --> STATUS_ACTIVE
+    START ==> STATUS_ACTIVE
     STATUS_ACTIVE --HTTP 200 or 201 --> STATUS_ACTIVE
-    STATUS_ACTIVE --HTTP 5xx, 429, timeout or other non-HTTP error<br> within one day from the first error--> STATUS_INACTIVE_TMP
-    STATUS_INACTIVE_TMP --After 60s--> STATUS_ACTIVE_500
-    STATUS_ACTIVE_500 --HTTP 5xx, 429, timeout or other non-HTTP error<br> within one day from the first error-->STATUS_INACTIVE_TMP
-    STATUS_ACTIVE_500 --HTTP 5xx, 429, timeout or other non-HTTP error<br> within one day from the first error-->STATUS_INACTIVE_500
-    STATUS_ACTIVE_500 --After 24h--> STATUS_ACTIVE
-    STATUS_ACTIVE --Any HTTP 4xx response--> STATUS_INACTIVE_400
-    STATUS_ACTIVE --Any other HTTP response--> STATUS_INACTIVE_OTHERS
-    STATUS_ACTIVE --Manual deactivation by user--> STATUS_INACTIVE_MANUAL
-```
\ No newline at end of file
+    STATUS_ACTIVE --HTTP 5xx <br>or HTTP 429 <br>or Timeout--> STATUS_INACTIVE_TMP
+    STATUS_ACTIVE --Any HTTP 4xx response<br>or any other HTTP responsee<br>or non-HTTP error--> STATUS_INACTIVE_PERMANENT
+    STATUS_INACTIVE_TMP -.After 60s.-> STATUS_ACTIVE_TMP
+    STATUS_ACTIVE_TMP --HTTP 5xx <br>or HTTP 429 <br>or Timeout <br>within 24h<br>from the first error-->STATUS_INACTIVE_TMP
+    STATUS_ACTIVE_TMP -.After 24h.-> STATUS_ACTIVE
+    STATUS_ACTIVE_TMP --HTTP 200 or 201 --> STATUS_ACTIVE_TMP
+    STATUS_ACTIVE_TMP --HTTP 5xx <br>or HTTP 429 <br>or Timeout <br>within 24h from the first error<br>or any other HTTP respons or error--> STATUS_INACTIVE_PERMANENT
+    ALL ==Activation by user==> STATUS_ACTIVE
+    ALL ==Deactivation by user==> STATUS_INACTIVE_PERMANENT
+    ALL ==Removal of endpoint by user==> END
+```
+
+Notes: 
+
+1. Transitions:
+    - bold: manual changes by user
+    - dotted: automated by celery
+    - others: based on responses on webhooks
+1. Nodes:
+    - Stadium-shaped: Active - following webhook can be send
+    - Rectangles: Inactive - performing of webhook will fail (and not retried)
+    - Hexagonal: Initial and final states
+    - Rhombus: All states (meta node to make graph more readable)
diff --git a/dojo/db_migrations/0213_system_settings_enable_webhooks_notifications_and_more.py b/dojo/db_migrations/0213_system_settings_enable_webhooks_notifications_and_more.py
index 395211339d7..8a610859982 100644
--- a/dojo/db_migrations/0213_system_settings_enable_webhooks_notifications_and_more.py
+++ b/dojo/db_migrations/0213_system_settings_enable_webhooks_notifications_and_more.py
@@ -1,4 +1,4 @@
-# Generated by Django 4.1.13 on 2024-05-27 16:23
+# Generated by Django 4.2.13 on 2024-07-05 18:54
 
 from django.db import migrations, models
 import django.db.models.deletion
@@ -17,6 +17,11 @@ class Migration(migrations.Migration):
             name='enable_webhooks_notifications',
             field=models.BooleanField(default=False, verbose_name='Enable Webhook notifications'),
         ),
+        migrations.AddField(
+            model_name='system_settings',
+            name='webhooks_notifications_timeout',
+            field=models.IntegerField(default=60, help_text='How many seconds will DefectDojo waits for response from webhook endpoint'),
+        ),
         migrations.AlterField(
             model_name='notifications',
             name='auto_close_engagement',
@@ -115,9 +120,10 @@ class Migration(migrations.Migration):
                 ('url', models.URLField(default='', help_text='The full URL of the incoming webhook')),
                 ('header_name', models.CharField(blank=True, default='', help_text='Name of the header required for interacting with Webhook endpoint', max_length=100, null=True)),
                 ('header_value', models.CharField(blank=True, default='', help_text='Content of the header required for interacting with Webhook endpoint', max_length=100, null=True)),
-                ('status', models.CharField(choices=[('active', 'Active'), ('inactive_400', 'Inactive because of 4xx error'), ('active_500', 'Active but 5xx error detected'), ('inactive_500', 'Inactive because of 5xx error'), ('inactive_others', 'Inactive because of status code unsupported'), ('inactive_manual', 'Inactive because of manual deactivation')], default='active', help_text='Status of the incoming webhook', max_length=20)),
+                ('status', models.CharField(choices=[('active', 'Active'), ('active_tmp', 'Active but 5xx (or similar) error detected'), ('inactive_tmp', 'Temporary inactive because of 5xx (or similar) error'), ('inactive_permanent', 'Permanently inactive')], default='active', help_text='Status of the incoming webhook', max_length=20)),
                 ('first_error', models.DateTimeField(blank=True, help_text='If endpoint is active, when error happened first time', null=True)),
                 ('last_error', models.DateTimeField(blank=True, help_text='If endpoint is active, when error happened last time', null=True)),
+                ('note', models.CharField(blank=True, default='', help_text='Description of the latest error', null=True)),
                 ('owner', models.ForeignKey(blank=True, help_text='Owner/receiver of notification, if empty processed as system notification', null=True, on_delete=django.db.models.deletion.CASCADE, to='dojo.dojo_user')),
             ],
         ),
diff --git a/dojo/fixtures/dojo_testdata.json b/dojo/fixtures/dojo_testdata.json
index 71fe0a9c73e..ae550f8bf81 100644
--- a/dojo/fixtures/dojo_testdata.json
+++ b/dojo/fixtures/dojo_testdata.json
@@ -3074,6 +3074,7 @@
       "status": "active",
       "first_error": null,
       "last_error": null,
+      "note": null,
       "owner": null
     }
   },
@@ -3088,6 +3089,7 @@
       "status": "active",
       "first_error": null,
       "last_error": null,
+      "note": null,
       "owner": 2
     }
   }
diff --git a/dojo/models.py b/dojo/models.py
index ae62a06850f..c463328293b 100644
--- a/dojo/models.py
+++ b/dojo/models.py
@@ -357,6 +357,8 @@ class System_Settings(models.Model):
         models.BooleanField(default=False,
                             verbose_name=_('Enable Webhook notifications'),
                             blank=False)
+    webhooks_notifications_timeout = models.IntegerField(default=60,
+                                          help_text=_("How many seconds will DefectDojo waits for response from webhook endpoint"))
 
     false_positive_history = models.BooleanField(
         default=False, help_text=_(
@@ -4120,18 +4122,14 @@ class Notification_Webhooks(models.Model):
     _STATUS_ACTIVE = "active"
     _STATUS_INACTIVE = "inactive"
     STATUS_ACTIVE = f"{_STATUS_ACTIVE}"
-    STATUS_INACTIVE_400 = f"{_STATUS_INACTIVE}_400"
-    STATUS_ACTIVE_500 = f"{_STATUS_ACTIVE}_500"
-    STATUS_INACTIVE_500 = f"{_STATUS_INACTIVE}_500"
-    STATUS_INACTIVE_OTHERS = f"{_STATUS_INACTIVE}_others"
-    STATUS_INACTIVE_MANUAL = f"{_STATUS_INACTIVE}_manual"
+    STATUS_ACTIVE_TMP = f"{_STATUS_ACTIVE}_tmp"
+    STATUS_INACTIVE_TMP = f"{_STATUS_INACTIVE}_tmp"
+    STATUS_INACTIVE_PERMANENT = f"{_STATUS_INACTIVE}_permanent"
     STATUS_CHOICES = (
         (STATUS_ACTIVE, "Active"),
-        (STATUS_INACTIVE_400, "Inactive because of 4xx error"),
-        (STATUS_ACTIVE_500, "Active but 5xx error detected"),
-        (STATUS_INACTIVE_500, "Inactive because of 5xx error"),
-        (STATUS_INACTIVE_OTHERS, "Inactive because of status code unsupported"),
-        (STATUS_INACTIVE_MANUAL, "Inactive because of manual deactivation"),
+        (STATUS_ACTIVE_TMP, "Active but 5xx (or similar) error detected"),
+        (STATUS_INACTIVE_TMP, "Temporary inactive because of 5xx (or similar) error"),
+        (STATUS_INACTIVE_PERMANENT, "Permanently inactive"),
     )
     name = models.CharField(max_length=100, default='', blank=False, unique=True,
                                     help_text=_('Name of the incoming webhook'))
@@ -4145,6 +4143,7 @@ class Notification_Webhooks(models.Model):
                               help_text=_('Status of the incoming webhook'))
     first_error = models.DateTimeField(help_text=_('If endpoint is active, when error happened first time'), blank=True, null=True)
     last_error = models.DateTimeField(help_text=_('If endpoint is active, when error happened last time'), blank=True, null=True)
+    note = models.CharField(default='', blank=True, null=True, help_text=_('Description of the latest error'))
     owner = models.ForeignKey(Dojo_User, editable=True, null=True, blank=True, on_delete=models.CASCADE,
                               help_text=_('Owner/receiver of notification, if empty processed as system notification'))
 
@@ -4633,6 +4632,7 @@ def __str__(self):
     auditlog.register(Risk_Acceptance)
     auditlog.register(Finding_Template)
     auditlog.register(Cred_User, exclude_fields=["password"])
+    auditlog.register(Notification_Webhooks, exclude_fields=['header_name', 'header_value'])
 
 from dojo.utils import calculate_grade, to_str_typed  # noqa: E402  # there is issue due to a circular import
 
diff --git a/dojo/notifications/helper.py b/dojo/notifications/helper.py
index 02ffeae96b5..bf3aba076c3 100644
--- a/dojo/notifications/helper.py
+++ b/dojo/notifications/helper.py
@@ -361,6 +361,8 @@ def send_webhooks_notification(event, user=None, *args, **kwargs):
 
 
 def webhooks_notification_request(endpoint, event, *args, **kwargs):
+    from dojo.utils import get_system_setting
+
     headers = {
         "User-Agent": f"DefectDojo-{dd_version}",
         "X-DefectDojo-Event": event,
@@ -371,12 +373,15 @@ def webhooks_notification_request(endpoint, event, *args, **kwargs):
         headers[endpoint.header_name] = endpoint.header_value
     yaml_data = create_notification_message(event, endpoint.owner, 'webhooks', *args, **kwargs)
     data = yaml.safe_load(yaml_data)
+
+    timeout = get_system_setting('webhooks_notifications_timeout')
+
     res = requests.request(
         method='POST',
         url=endpoint.url,
         headers=headers,
         json=data,
-        timeout=60,
+        timeout=timeout,
     )
     return res
 
@@ -388,9 +393,39 @@ def test_webhooks_notification(endpoint):
     # for now, "raise_for_status" should be enough
 
 
+@app.task(ignore_result=True)
+def webhook_reactivation(*args, **kwargs):
+    endpoint = Notification_Webhooks.objects.get(pk=kwargs.get('endpoint_id'))
+
+    # User already changed status of endpoint
+    if endpoint.status != Notification_Webhooks.STATUS_INACTIVE_TMP:
+        return
+
+    endpoint.status = Notification_Webhooks.STATUS_ACTIVE_TMP
+    endpoint.save()
+
+
+@app.task(ignore_result=True)
+def webhook_status_cleanup(*args, **kwargs):
+
+    Notification_Webhooks.objects.filter(
+        status=Notification_Webhooks.STATUS_ACTIVE_TMP,
+        last_error__le=get_current_datetime() - timedelta(hours=24),
+    ).update(
+        status=Notification_Webhooks.STATUS_ACTIVE,
+        first_error=None,
+        last_error=None,
+        note=f'Reactivation from {Notification_Webhooks.STATUS_ACTIVE_TMP}',
+    )
+
+
 @dojo_async_task
 @app.task
 def send_webhooks_notification(event, user=None, *args, **kwargs):
+
+    ERROR_PERMANENT = 'permanent'
+    ERROR_TEMPORARY = 'temporary'
+
     endpoints = Notification_Webhooks.objects.filter(owner=user)
 
     if not endpoints:
@@ -401,7 +436,9 @@ def send_webhooks_notification(event, user=None, *args, **kwargs):
         return
 
     for endpoint in endpoints:
-        if not endpoint.status.startswith(Notification_Webhooks._STATUS_ACTIVE):
+
+        error = None
+        if endpoint.status not in [Notification_Webhooks.STATUS_ACTIVE, Notification_Webhooks.STATUS_ACTIVE_TMP]:
             logger.info(f"URL for Webhook '{endpoint.name}' is not active: {endpoint.get_status_display()} ({endpoint.status})")
             continue
 
@@ -413,48 +450,51 @@ def send_webhooks_notification(event, user=None, *args, **kwargs):
                 logger.debug(f"Message sent to endpoint '{endpoint.name}' sucessfully.")
                 continue
 
-            now = get_current_datetime()
+            # HTTP request passed successfully but we still need to check status code
+            if 500 <= res.status_code < 600 or res.status_code == 429:
+                error = ERROR_TEMPORARY
+            else:
+                error = ERROR_PERMANENT
 
-            # There is no reason to keep endpoint active if it is returning 4xx errors
-            if 400 <= res.status_code < 500:
-                endpoint.status = Notification_Webhooks.STATUS_INACTIVE_400
-                endpoint.first_error = now
+            endpoint.note = f"Response status code: {res.status_code}"
+            logger.error(f"Error when sending message to Webhooks '{endpoint.name}' (status: {res.status_code}): {res.text}")
 
-            # 5xx is also not OK
-            elif 500 <= res.status_code < 600:
-                # If there is only temporary outage (we detected 5xx first time or it was before more then one hour), we can keep endpoint active (but marked)
+        except requests.exceptions.Timeout as e:
+            error = ERROR_TEMPORARY
+            endpoint.note = f"Requests exception: {e}"
+            logger.error(f"Timeout when sending message to Webhook '{endpoint.name}'")
 
-                # First detected
-                # or first detected more then one hour ago
-                if endpoint.last_error is None or (now - endpoint.last_error).seconds > 60 * 60:
-                    endpoint.status = Notification_Webhooks.STATUS_ACTIVE_500
-                    endpoint.first_error = now  # Yes, if last fail happen before more then hour, we are considering it as a new error
+        except Exception as e:
+            error = ERROR_PERMANENT
+            endpoint.note = f"Exception: {e}"
+            logger.exception(e)
+            log_alert(e, "Webhooks Notification")
 
-                # Repeated detection
-                else:
-                    # Error is repeating over more then hour
-                    if (now - endpoint.first_error).seconds > 60 * 60:
-                        endpoint.status = Notification_Webhooks.STATUS_INACTIVE_500
+        now = get_current_datetime()
 
-                    # This situation shouldn't happen - only if somebody was cleaning status and didn't clean first/last_error
-                    # But we should handle it
-                    else:
-                        endpoint.status = Notification_Webhooks.STATUS_ACTIVE_500
-                        endpoint.first_error = now
+        if error == ERROR_TEMPORARY:
+
+            # If endpoint is unstable for more then one day, it needs to be deactivated
+            if endpoint.first_error is not None and (now - endpoint.first_error).total_seconds() > 60 * 60 * 24:
+                endpoint.status = Notification_Webhooks.STATUS_INACTIVE_PERMANENT
 
-            # Well, we really accepts only 200 and 201
             else:
-                endpoint.status = Notification_Webhooks.STATUS_INACTIVE_OTHERS
-                endpoint.first_error = now
+                # We need to monitor when outage started
+                if endpoint.status == Notification_Webhooks.STATUS_ACTIVE:
+                    endpoint.first_error = now
 
-            endpoint.last_error = now
-            endpoint.save()
+                endpoint.status = Notification_Webhooks.STATUS_INACTIVE_TMP
 
-            logger.error(f"Error when sending message to Webhooks (status: {res.status_code}): {res.text}")
+                # In case of failure within one day, endpoint can be deactivated temporally only for one minute
+                # webhook_reactivation.apply_async(kwargs={'endpoint_id': endpoint.pk}, countdown=60)
 
-        except Exception as e:
-            logger.exception(e)
-            log_alert(e, "Webhooks Notification")
+        # There is no reason to keep endpoint active if it is returning 4xx errors
+        else:
+            endpoint.status = Notification_Webhooks.STATUS_INACTIVE_PERMANENT
+            endpoint.first_error = now
+
+        endpoint.last_error = now
+        endpoint.save()
 
 
 def send_alert_notification(event, user=None, *args, **kwargs):
diff --git a/dojo/settings/settings.dist.py b/dojo/settings/settings.dist.py
index ebf0283dd6a..5e3a8dde126 100644
--- a/dojo/settings/settings.dist.py
+++ b/dojo/settings/settings.dist.py
@@ -1142,6 +1142,10 @@ def saml2_attrib_map_format(dict):
         "task": "dojo.risk_acceptance.helper.expiration_handler",
         "schedule": crontab(minute=0, hour="*/3"),  # every 3 hours
     },
+    'notification_webhook_status_cleanup': {
+        'task': 'dojo.notifications.helper.webhook_status_cleanup',
+        'schedule': timedelta(minutes=1),
+    },
     # 'jira_status_reconciliation': {
     #     'task': 'dojo.tasks.jira_status_reconciliation_task',
     #     'schedule': timedelta(hours=12),
@@ -1152,7 +1156,6 @@ def saml2_attrib_map_format(dict):
     #     'schedule': timedelta(hours=12)
     # },
 
-
 }
 
 # ------------------------------------
diff --git a/unittests/test_notifications.py b/unittests/test_notifications.py
index 1314c45e285..97da018def4 100644
--- a/unittests/test_notifications.py
+++ b/unittests/test_notifications.py
@@ -24,6 +24,7 @@
     Notifications,
     Product,
     Product_Type,
+    System_Settings,
     Test,
     Test_Type,
     User,
@@ -431,11 +432,11 @@ def test_missing_personal_webhook(self):
         self.assertIn("URLs for Webhooks not configured for user '(admin)': skipping user notification", cm.output[0])
 
     def test_system_webhook_inactive(self):
-        self.sys_wh.status = Notification_Webhooks.STATUS_INACTIVE_400
+        self.sys_wh.status = Notification_Webhooks.STATUS_INACTIVE_PERMANENT
         self.sys_wh.save()
         with self.assertLogs('dojo.notifications.helper', level='INFO') as cm:
             send_webhooks_notification(event='dummy')
-        self.assertIn("URL for Webhook 'My webhook endpoint' is not active: Inactive because of 4xx error (inactive_400)", cm.output[0])
+        self.assertIn("URL for Webhook 'My webhook endpoint' is not active: Permanently inactive (inactive_permanent)", cm.output[0])
 
     def test_system_webhook_sucessful(self):
         with self.assertLogs('dojo.notifications.helper', level='DEBUG') as cm:
@@ -453,10 +454,10 @@ def test_system_webhook_4xx(self):
 
         with self.assertLogs('dojo.notifications.helper', level='ERROR') as cm:
             send_webhooks_notification(event='dummy', title='Dummy event')
-        self.assertIn("Error when sending message to Webhooks (status: 400)", cm.output[-1])
+        self.assertIn("Error when sending message to Webhooks 'My webhook endpoint' (status: 400)", cm.output[-1])
 
         updated_wh = Notification_Webhooks.objects.all().filter(owner=None).first()
-        self.assertEqual(updated_wh.status, Notification_Webhooks.STATUS_INACTIVE_400)
+        self.assertEqual(updated_wh.status, Notification_Webhooks.STATUS_INACTIVE_PERMANENT)
         self.assertIsNotNone(updated_wh.first_error)
         self.assertEqual(updated_wh.first_error, updated_wh.last_error)
 
@@ -467,14 +468,20 @@ def test_system_webhook_first_5xx(self):
         send_webhooks_notification(event='dummy', title='Dummy event')
 
         updated_wh = Notification_Webhooks.objects.filter(owner=None).first()
-        self.assertEqual(updated_wh.status, Notification_Webhooks.STATUS_ACTIVE_500)
+        self.assertEqual(updated_wh.status, Notification_Webhooks.STATUS_INACTIVE_TMP)
         self.assertIsNotNone(updated_wh.first_error)
         self.assertEqual(updated_wh.first_error, updated_wh.last_error)
 
-    def test_system_webhook_second_5xx_within_hour(self):
+    def test_system_webhook_second_5xx_within_one_day(self):
+
+        # For proper testing, block_execution needs to be disabled for this task
+        testuser = User.objects.get(username='admin')
+        testuser.usercontactinfo.block_execution = False
+        testuser.save()
+
         ten_mins_ago = get_current_datetime() - datetime.timedelta(minutes=10)
         self.sys_wh.url = f"{self.url_base}/status/500"
-        self.sys_wh.status = Notification_Webhooks.STATUS_ACTIVE_500
+        self.sys_wh.status = Notification_Webhooks.STATUS_ACTIVE_TMP
         self.sys_wh.first_error = ten_mins_ago
         self.sys_wh.last_error = ten_mins_ago
         self.sys_wh.save()
@@ -482,11 +489,62 @@ def test_system_webhook_second_5xx_within_hour(self):
         send_webhooks_notification(event='dummy', title='Dummy event')
 
         updated_wh = Notification_Webhooks.objects.filter(owner=None).first()
-        self.assertEqual(updated_wh.status, Notification_Webhooks.STATUS_ACTIVE_500)
+        self.assertEqual(updated_wh.status, Notification_Webhooks.STATUS_INACTIVE_TMP)
         self.assertEqual(updated_wh.first_error, ten_mins_ago)
         self.assertGreater(updated_wh.last_error, ten_mins_ago)
 
-    @patch('requests.request')
+    def test_system_webhook_third_5xx_after_more_then_day(self):
+
+        # For proper testing, block_execution needs to be disabled for this task
+        testuser = User.objects.get(username='admin')
+        testuser.usercontactinfo.block_execution = False
+        testuser.save()
+
+        now = get_current_datetime()
+        day_ago = now - datetime.timedelta(hours=24, minutes=10)
+        ten_minutes_ago = now - datetime.timedelta(minutes=10)
+        self.sys_wh.url = f"{self.url_base}/status/500"
+        self.sys_wh.status = Notification_Webhooks.STATUS_ACTIVE_TMP
+        self.sys_wh.first_error = day_ago
+        self.sys_wh.last_error = ten_minutes_ago
+        self.sys_wh.save()
+
+        send_webhooks_notification(event='dummy', title='Dummy event')
+
+        updated_wh = Notification_Webhooks.objects.filter(owner=None).first()
+        self.assertEqual(updated_wh.status, Notification_Webhooks.STATUS_INACTIVE_PERMANENT)
+        self.assertEqual(updated_wh.first_error, day_ago)
+        self.assertGreater(updated_wh.last_error, ten_minutes_ago)
+
+    def test_system_webhook_timeout(self):
+
+        self.sys_wh.url = f"{self.url_base}/delay/10"
+        self.sys_wh.save()
+
+        system_settings = System_Settings.objects.get()
+        system_settings.webhooks_notifications_timeout = 3
+        system_settings.save()
+
+        send_webhooks_notification(event='dummy', title='Dummy event')
+
+        updated_wh = Notification_Webhooks.objects.filter(owner=None).first()
+        self.assertEqual(updated_wh.status, Notification_Webhooks.STATUS_INACTIVE_TMP)
+        self.assertIsNotNone(updated_wh.first_error)
+        self.assertEqual(updated_wh.first_error, updated_wh.last_error)
+
+    def test_system_webhook_wrong_fqdn(self):
+
+        self.sys_wh.url = "http://non.existing.place"
+        self.sys_wh.save()
+
+        send_webhooks_notification(event='dummy', title='Dummy event')
+
+        updated_wh = Notification_Webhooks.objects.filter(owner=None).first()
+        self.assertEqual(updated_wh.status, Notification_Webhooks.STATUS_INACTIVE_PERMANENT)
+        self.assertIsNotNone(updated_wh.first_error)
+        self.assertEqual(updated_wh.first_error, updated_wh.last_error)
+
+    @patch('requests.request', **{'return_value.status_code': 200})
     def test_headers(self, mock):
         Product_Type.objects.create(name='notif prod type')
         self.assertEqual(mock.call_args.kwargs['headers'], {
@@ -497,7 +555,7 @@ def test_headers(self, mock):
             'Auth': 'Token xxx',
         })
 
-    @patch('requests.request')
+    @patch('requests.request', **{'return_value.status_code': 200})
     def test_events_messages(self, mock):
         with self.subTest('product_type_added'):
             prod_type = Product_Type.objects.create(name='notif prod type')

From dbbd7ed9ac59b6d2d0df786d6a1df82860e11b1c Mon Sep 17 00:00:00 2001
From: kiblik <5609770+kiblik@users.noreply.github.com>
Date: Fri, 5 Jul 2024 21:44:37 +0200
Subject: [PATCH 37/63] Start "webhook.endpoint" in unit-tests

---
 .github/workflows/rest-framework-tests.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/rest-framework-tests.yml b/.github/workflows/rest-framework-tests.yml
index 907ecf92968..8c80b846402 100644
--- a/.github/workflows/rest-framework-tests.yml
+++ b/.github/workflows/rest-framework-tests.yml
@@ -35,7 +35,7 @@ jobs:
 
       # phased startup so we can use the exit code from unit test container
       - name: Start Postgres
-        run: docker compose up -d postgres
+        run: docker compose up -d postgres webhook.endpoint
 
       # no celery or initializer needed for unit tests
       - name: Unit tests

From 6a1b37860b71d949a441c1aac3993d4a7593df3c Mon Sep 17 00:00:00 2001
From: kiblik <5609770+kiblik@users.noreply.github.com>
Date: Mon, 8 Jul 2024 18:59:01 +0200
Subject: [PATCH 38/63] Extend webhook_status_cleanup, add note to related
 places

---
 dojo/forms.py                                 |  1 +
 dojo/models.py                                | 12 -------
 dojo/notifications/helper.py                  | 33 ++++++++++++++-----
 dojo/notifications/views.py                   |  5 ++-
 .../dojo/edit_notification_webhook.html       |  4 +--
 dojo/templates/dojo/system_settings.html      |  2 +-
 .../dojo/view_notification_webhooks.html      |  4 ++-
 7 files changed, 34 insertions(+), 27 deletions(-)

diff --git a/dojo/forms.py b/dojo/forms.py
index 4cefe3dd089..0520ac3101e 100644
--- a/dojo/forms.py
+++ b/dojo/forms.py
@@ -2791,6 +2791,7 @@ def __init__(self, *args, **kwargs):
         self.fields['status'].disabled = True  # TODO - same for API
         self.fields['first_error'].disabled = True
         self.fields['last_error'].disabled = True
+        self.fields['note'].disabled = True
         if not is_superuser:  # Only superadmins can edit owner
             self.fields['owner'].disabled = True  # TODO needs to be tested
 
diff --git a/dojo/models.py b/dojo/models.py
index c463328293b..da86024510b 100644
--- a/dojo/models.py
+++ b/dojo/models.py
@@ -4147,18 +4147,6 @@ class Notification_Webhooks(models.Model):
     owner = models.ForeignKey(Dojo_User, editable=True, null=True, blank=True, on_delete=models.CASCADE,
                               help_text=_('Owner/receiver of notification, if empty processed as system notification'))
 
-    def can_be_activated(self):
-        # Cleaning of state (from STATUS_ACTIVE_500 to STATUS_ACTIVE) is Activation in this context
-        # So all non-STATUS_ACTIVE statuses are activatable
-        return self.status != self.STATUS_ACTIVE
-
-    def can_be_deactivated(self):
-        # Even if status is any "_STATUS_INACTIVE", user might want to force status to STATUS_INACTIVE_MANUAL
-        # So all non-STATUS_INACTIVE_MANUAL statuses are deactivatable
-        return self.status != self.STATUS_INACTIVE_MANUAL
-
-    # Yes, webhook can be activatable and deactivable in the same time
-
 
 class Tool_Product_Settings(models.Model):
     name = models.CharField(max_length=200, null=False)
diff --git a/dojo/notifications/helper.py b/dojo/notifications/helper.py
index bf3aba076c3..3eb8afff14d 100644
--- a/dojo/notifications/helper.py
+++ b/dojo/notifications/helper.py
@@ -1,5 +1,6 @@
 import json
 import logging
+from datetime import timedelta
 
 import requests
 import yaml
@@ -403,20 +404,34 @@ def webhook_reactivation(*args, **kwargs):
 
     endpoint.status = Notification_Webhooks.STATUS_ACTIVE_TMP
     endpoint.save()
+    logger.debug(f"Webhook endpoint '{endpoint.name}' reactivated to '{Notification_Webhooks.STATUS_ACTIVE_TMP}'")
 
 
 @app.task(ignore_result=True)
 def webhook_status_cleanup(*args, **kwargs):
-
-    Notification_Webhooks.objects.filter(
+    # If some endpoint was affected by some outage (5xx, 429, Timeout) but it was clean during last 24 hours,
+    # we consider this endpoint as healthy so need to reset it
+    endpoints = Notification_Webhooks.objects.filter(
         status=Notification_Webhooks.STATUS_ACTIVE_TMP,
-        last_error__le=get_current_datetime() - timedelta(hours=24),
-    ).update(
-        status=Notification_Webhooks.STATUS_ACTIVE,
-        first_error=None,
-        last_error=None,
-        note=f'Reactivation from {Notification_Webhooks.STATUS_ACTIVE_TMP}',
+        last_error__lt=get_current_datetime() - timedelta(hours=24),
+    )
+    for endpoint in endpoints:
+        endpoint.status = Notification_Webhooks.STATUS_ACTIVE
+        endpoint.first_error = None
+        endpoint.last_error = None
+        endpoint.note = f'Reactivation from {Notification_Webhooks.STATUS_ACTIVE_TMP}'
+        endpoint.save()
+        logger.debug(f"Webhook endpoint '{endpoints.pk}' reactivated to '{Notification_Webhooks.STATUS_ACTIVE_TMP}'")
+
+    # Reactivation of STATUS_INACTIVE_TMP endpoints.
+    # They should reactive automatically in 60s, however in case of some unexpected event (e.g. start of whole stack),
+    # endpoints should not be left in STATUS_INACTIVE_TMP state
+    broken_endpoints = Notification_Webhooks.objects.filter(
+        status=Notification_Webhooks.STATUS_INACTIVE_TMP,
+        last_error__lt=get_current_datetime() - timedelta(minutes=5),
     )
+    for endpoint in broken_endpoints:
+        webhook_reactivation(endpoint_id=endpoint.pk)
 
 
 @dojo_async_task
@@ -486,7 +501,7 @@ def send_webhooks_notification(event, user=None, *args, **kwargs):
                 endpoint.status = Notification_Webhooks.STATUS_INACTIVE_TMP
 
                 # In case of failure within one day, endpoint can be deactivated temporally only for one minute
-                # webhook_reactivation.apply_async(kwargs={'endpoint_id': endpoint.pk}, countdown=60)
+                webhook_reactivation.apply_async(kwargs={'endpoint_id': endpoint.pk}, countdown=60)
 
         # There is no reason to keep endpoint active if it is returning 4xx errors
         else:
diff --git a/dojo/notifications/views.py b/dojo/notifications/views.py
index 34e125773f2..eb1e2e184a9 100644
--- a/dojo/notifications/views.py
+++ b/dojo/notifications/views.py
@@ -237,6 +237,7 @@ def process_form(self, request: HttpRequest, context: dict):
                 nwh.status = Notification_Webhooks.STATUS_ACTIVE
                 nwh.first_error = None
                 nwh.last_error = None
+                nwh.note = None
                 nwh.save()
                 messages.add_message(
                     request,
@@ -294,9 +295,10 @@ def get_initial_context(self, request: HttpRequest, nwh: Notification_Webhooks):
     def process_form(self, request: HttpRequest, nwh: Notification_Webhooks, context: dict):
         form = context["form"]
         if 'deactivate_webhook' in request.POST:  # TODO add this to API as well
-            nwh.status = Notification_Webhooks.STATUS_INACTIVE_MANUAL
+            nwh.status = Notification_Webhooks.STATUS_INACTIVE_PERMANENT
             nwh.first_error = None
             nwh.last_error = None
+            nwh.note = 'Deactivate from UI'
             nwh.save()
             messages.add_message(
                                     request,
@@ -322,6 +324,7 @@ def process_form(self, request: HttpRequest, nwh: Notification_Webhooks, context
                 nwh.status = Notification_Webhooks.STATUS_ACTIVE
                 nwh.first_error = None
                 nwh.last_error = None
+                nwh.note = None
                 nwh.save()
                 messages.add_message(
                     request,
diff --git a/dojo/templates/dojo/edit_notification_webhook.html b/dojo/templates/dojo/edit_notification_webhook.html
index 3ef8f26d848..94bd56c2307 100644
--- a/dojo/templates/dojo/edit_notification_webhook.html
+++ b/dojo/templates/dojo/edit_notification_webhook.html
@@ -7,9 +7,7 @@ <h3> Edit Notification Webhook </h3>
          <div class="form-group">
              <div class="col-sm-offset-2 col-sm-10">
                  <input class="btn btn-primary" label="submit" type="submit" value="Submit and activate webhook"/>
-                 {% if nwh.can_be_deactivated %}
-                     <input class="btn btn-danger" type="submit" label="deactivate_webhook" name="deactivate_webhook" value="Deactivate Webhook" />
-                 {% endif %} 
+                 <input class="btn btn-danger" type="submit" label="deactivate_webhook" name="deactivate_webhook" value="Deactivate Webhook" />
              </div>
          </div>
      </form>
diff --git a/dojo/templates/dojo/system_settings.html b/dojo/templates/dojo/system_settings.html
index ff230cb8301..02510452e16 100644
--- a/dojo/templates/dojo/system_settings.html
+++ b/dojo/templates/dojo/system_settings.html
@@ -62,7 +62,7 @@ <h3> System Settings </h3>
         }
 
         $(function () {
-            $.each(['slack','msteams','mail','grade'], function (index, value) {
+            $.each(['slack','msteams','mail','webhooks','grade'], function (index, value) {
                 updatenotificationsgroup(value);
                 $('#id_enable_' + value + '_notifications').change(function() { updatenotificationsgroup(value)});
             });
diff --git a/dojo/templates/dojo/view_notification_webhooks.html b/dojo/templates/dojo/view_notification_webhooks.html
index 8074c9380bf..6bc0b153530 100644
--- a/dojo/templates/dojo/view_notification_webhooks.html
+++ b/dojo/templates/dojo/view_notification_webhooks.html
@@ -46,8 +46,9 @@ <h3 class="has-filters">
                         <thead>
                         <tr>
                             <th>{% dojo_sort request 'Notification Webhook Name' 'name' 'asc' %}</th>
-                            <th>URL TODO trans</th>
+                            <th>URL</th>
                             <th>Status</th>
+                            <th>Note</th>
                             <th>Owner</th>
                         </tr>
                         </thead>
@@ -57,6 +58,7 @@ <h3 class="has-filters">
                               <td><a>{{ nwh.name }}</a></td>
                               <td><a>{{ nwh.url }}</a></td>
                               <td><a>{{ nwh.get_status_display }}</a></td>
+                              <td><a>{{ nwh.note }}</a></td>
                               <td><a>{% if nwh.owner %}<a class="" href="{% url 'view_user' nwh.owner.id %}">{{ nwh.owner }}</a>{% else %}System Webhook{% endif %}</a></td>
                               {% if "dojo.edit_notification_webhook"|has_configuration_permission:request %}
                                 <td>

From 7b8d6bf1800b6a1287dfc07dd7ce3655969d13d8 Mon Sep 17 00:00:00 2001
From: kiblik <5609770+kiblik@users.noreply.github.com>
Date: Tue, 9 Jul 2024 01:17:05 +0200
Subject: [PATCH 39/63] More tests

---
 dojo/notifications/helper.py    |   4 +-
 unittests/test_notifications.py | 202 +++++++++++++++++++++++++-------
 2 files changed, 163 insertions(+), 43 deletions(-)

diff --git a/dojo/notifications/helper.py b/dojo/notifications/helper.py
index 3eb8afff14d..67fa5a0575b 100644
--- a/dojo/notifications/helper.py
+++ b/dojo/notifications/helper.py
@@ -421,7 +421,7 @@ def webhook_status_cleanup(*args, **kwargs):
         endpoint.last_error = None
         endpoint.note = f'Reactivation from {Notification_Webhooks.STATUS_ACTIVE_TMP}'
         endpoint.save()
-        logger.debug(f"Webhook endpoint '{endpoints.pk}' reactivated to '{Notification_Webhooks.STATUS_ACTIVE_TMP}'")
+        logger.debug(f"Webhook endpoint '{endpoint.name}' reactivated from '{Notification_Webhooks.STATUS_ACTIVE_TMP}' to '{Notification_Webhooks.STATUS_ACTIVE}'")
 
     # Reactivation of STATUS_INACTIVE_TMP endpoints.
     # They should reactive automatically in 60s, however in case of some unexpected event (e.g. start of whole stack),
@@ -462,7 +462,7 @@ def send_webhooks_notification(event, user=None, *args, **kwargs):
             res = webhooks_notification_request(endpoint, event, *args, **kwargs)
 
             if res.status_code in [200, 201]:
-                logger.debug(f"Message sent to endpoint '{endpoint.name}' sucessfully.")
+                logger.debug(f"Message sent to endpoint '{endpoint.name}' successfully.")
                 continue
 
             # HTTP request passed successfully but we still need to check status code
diff --git a/unittests/test_notifications.py b/unittests/test_notifications.py
index 97da018def4..028593f2025 100644
--- a/unittests/test_notifications.py
+++ b/unittests/test_notifications.py
@@ -30,7 +30,13 @@
     User,
     get_current_datetime,
 )
-from dojo.notifications.helper import create_notification, send_alert_notification, send_webhooks_notification
+from dojo.notifications.helper import (
+    create_notification,
+    send_alert_notification,
+    send_webhooks_notification,
+    webhook_reactivation,
+    webhook_status_cleanup,
+)
 
 from .dojo_test_case import DojoTestCase
 
@@ -441,7 +447,7 @@ def test_system_webhook_inactive(self):
     def test_system_webhook_sucessful(self):
         with self.assertLogs('dojo.notifications.helper', level='DEBUG') as cm:
             send_webhooks_notification(event='dummy')
-        self.assertIn("Message sent to endpoint 'My webhook endpoint' sucessfully.", cm.output[-1])
+        self.assertIn("Message sent to endpoint 'My webhook endpoint' successfully.", cm.output[-1])
 
         updated_wh = Notification_Webhooks.objects.filter(owner=None).first()
         self.assertEqual(updated_wh.status, Notification_Webhooks.STATUS_ACTIVE)
@@ -465,20 +471,17 @@ def test_system_webhook_first_5xx(self):
         self.sys_wh.url = f"{self.url_base}/status/500"
         self.sys_wh.save()
 
-        send_webhooks_notification(event='dummy', title='Dummy event')
+        with self.assertLogs('dojo.notifications.helper', level='ERROR') as cm:
+            send_webhooks_notification(event='dummy', title='Dummy event')
 
         updated_wh = Notification_Webhooks.objects.filter(owner=None).first()
         self.assertEqual(updated_wh.status, Notification_Webhooks.STATUS_INACTIVE_TMP)
         self.assertIsNotNone(updated_wh.first_error)
         self.assertEqual(updated_wh.first_error, updated_wh.last_error)
+        self.assertEqual('Response status code: 500', updated_wh.note)
+        self.assertIn("Error when sending message to Webhooks 'My webhook endpoint' (status: 500)", cm.output[-1])
 
     def test_system_webhook_second_5xx_within_one_day(self):
-
-        # For proper testing, block_execution needs to be disabled for this task
-        testuser = User.objects.get(username='admin')
-        testuser.usercontactinfo.block_execution = False
-        testuser.save()
-
         ten_mins_ago = get_current_datetime() - datetime.timedelta(minutes=10)
         self.sys_wh.url = f"{self.url_base}/status/500"
         self.sys_wh.status = Notification_Webhooks.STATUS_ACTIVE_TMP
@@ -486,20 +489,17 @@ def test_system_webhook_second_5xx_within_one_day(self):
         self.sys_wh.last_error = ten_mins_ago
         self.sys_wh.save()
 
-        send_webhooks_notification(event='dummy', title='Dummy event')
+        with self.assertLogs('dojo.notifications.helper', level='ERROR') as cm:
+            send_webhooks_notification(event='dummy', title='Dummy event')
 
         updated_wh = Notification_Webhooks.objects.filter(owner=None).first()
         self.assertEqual(updated_wh.status, Notification_Webhooks.STATUS_INACTIVE_TMP)
         self.assertEqual(updated_wh.first_error, ten_mins_ago)
         self.assertGreater(updated_wh.last_error, ten_mins_ago)
+        self.assertEqual('Response status code: 500', updated_wh.note)
+        self.assertIn("Error when sending message to Webhooks 'My webhook endpoint' (status: 500)", cm.output[-1])
 
     def test_system_webhook_third_5xx_after_more_then_day(self):
-
-        # For proper testing, block_execution needs to be disabled for this task
-        testuser = User.objects.get(username='admin')
-        testuser.usercontactinfo.block_execution = False
-        testuser.save()
-
         now = get_current_datetime()
         day_ago = now - datetime.timedelta(hours=24, minutes=10)
         ten_minutes_ago = now - datetime.timedelta(minutes=10)
@@ -509,40 +509,160 @@ def test_system_webhook_third_5xx_after_more_then_day(self):
         self.sys_wh.last_error = ten_minutes_ago
         self.sys_wh.save()
 
-        send_webhooks_notification(event='dummy', title='Dummy event')
+        with self.assertLogs('dojo.notifications.helper', level='ERROR') as cm:
+            send_webhooks_notification(event='dummy', title='Dummy event')
 
         updated_wh = Notification_Webhooks.objects.filter(owner=None).first()
         self.assertEqual(updated_wh.status, Notification_Webhooks.STATUS_INACTIVE_PERMANENT)
         self.assertEqual(updated_wh.first_error, day_ago)
         self.assertGreater(updated_wh.last_error, ten_minutes_ago)
+        self.assertEqual('Response status code: 500', updated_wh.note)
+        self.assertIn("Error when sending message to Webhooks 'My webhook endpoint' (status: 500)", cm.output[-1])
+
+    def test_webhook_reactivation(self):
+        with self.subTest('active'):
+            wh = Notification_Webhooks.objects.filter(owner=None).first()
+            webhook_reactivation(endpoint_id=wh.pk)
+
+            updated_wh = Notification_Webhooks.objects.filter(owner=None).first()
+            self.assertEqual(updated_wh.status, Notification_Webhooks.STATUS_ACTIVE)
+            self.assertIsNone(updated_wh.first_error)
+            self.assertIsNone(updated_wh.last_error)
+            self.assertIsNone(updated_wh.note)
+
+        with self.subTest('inactive'):
+            now = get_current_datetime()
+            wh = Notification_Webhooks.objects.filter(owner=None).first()
+            wh.status = Notification_Webhooks.STATUS_INACTIVE_TMP
+            wh.first_error = now
+            wh.last_error = now
+            wh.note = "Response status code: 418"
+            wh.save()
+
+            with self.assertLogs('dojo.notifications.helper', level='DEBUG') as cm:
+                webhook_reactivation(endpoint_id=wh.pk)
+
+            updated_wh = Notification_Webhooks.objects.filter(owner=None).first()
+            self.assertEqual(updated_wh.status, Notification_Webhooks.STATUS_ACTIVE_TMP)
+            self.assertIsNotNone(updated_wh.first_error)
+            self.assertEqual(updated_wh.first_error, updated_wh.last_error)
+            self.assertEqual(updated_wh.note, "Response status code: 418")
+            self.assertIn("Webhook endpoint 'My webhook endpoint' reactivated to 'active_tmp'", cm.output[-1])
+
+    def test_webhook_status_cleanup(self):
+        with self.subTest('active'):
+            webhook_status_cleanup()
+
+            updated_wh = Notification_Webhooks.objects.filter(owner=None).first()
+            self.assertEqual(updated_wh.status, Notification_Webhooks.STATUS_ACTIVE)
+            self.assertIsNone(updated_wh.first_error)
+            self.assertIsNone(updated_wh.last_error)
+            self.assertIsNone(updated_wh.note)
+
+        with self.subTest('active_tmp_new'):
+            now = get_current_datetime()
+            wh = Notification_Webhooks.objects.filter(owner=None).first()
+            wh.status = Notification_Webhooks.STATUS_ACTIVE_TMP
+            wh.first_error = now
+            wh.last_error = now
+            wh.note = "Response status code: 503"
+            wh.save()
+
+            webhook_status_cleanup()
+
+            updated_wh = Notification_Webhooks.objects.filter(owner=None).first()
+            self.assertEqual(updated_wh.status, Notification_Webhooks.STATUS_ACTIVE_TMP)
+            self.assertIsNotNone(updated_wh.first_error)
+            self.assertEqual(updated_wh.first_error, updated_wh.last_error)
+            self.assertEqual(updated_wh.note, "Response status code: 503")
+
+        with self.subTest('active_tmp_old'):
+            day_ago = get_current_datetime() - datetime.timedelta(hours=24, minutes=10)
+            wh = Notification_Webhooks.objects.filter(owner=None).first()
+            wh.status = Notification_Webhooks.STATUS_ACTIVE_TMP
+            wh.first_error = day_ago
+            wh.last_error = day_ago
+            wh.note = "Response status code: 503"
+            wh.save()
+
+            with self.assertLogs('dojo.notifications.helper', level='DEBUG') as cm:
+                webhook_status_cleanup()
+
+            updated_wh = Notification_Webhooks.objects.filter(owner=None).first()
+            self.assertEqual(updated_wh.status, Notification_Webhooks.STATUS_ACTIVE)
+            self.assertIsNone(updated_wh.first_error)
+            self.assertIsNone(updated_wh.last_error)
+            self.assertEqual(updated_wh.note, 'Reactivation from active_tmp')
+            self.assertIn("Webhook endpoint 'My webhook endpoint' reactivated from 'active_tmp' to 'active'", cm.output[-1])
+
+        with self.subTest('inactive_tmp_new'):
+            minute_ago = get_current_datetime() - datetime.timedelta(minutes=1)
+            wh = Notification_Webhooks.objects.filter(owner=None).first()
+            wh.status = Notification_Webhooks.STATUS_INACTIVE_TMP
+            wh.first_error = minute_ago
+            wh.last_error = minute_ago
+            wh.note = "Response status code: 503"
+            wh.save()
+
+            webhook_status_cleanup()
+
+            updated_wh = Notification_Webhooks.objects.filter(owner=None).first()
+            self.assertEqual(updated_wh.status, Notification_Webhooks.STATUS_INACTIVE_TMP)
+            self.assertEqual(updated_wh.first_error, minute_ago)
+            self.assertEqual(updated_wh.last_error, minute_ago)
+            self.assertEqual(updated_wh.note, "Response status code: 503")
+
+        with self.subTest('inactive_tmp_old'):
+            ten_minutes_ago = get_current_datetime() - datetime.timedelta(minutes=10)
+            wh = Notification_Webhooks.objects.filter(owner=None).first()
+            wh.status = Notification_Webhooks.STATUS_INACTIVE_TMP
+            wh.first_error = ten_minutes_ago
+            wh.last_error = ten_minutes_ago
+            wh.note = "Response status code: 503"
+            wh.save()
+
+            with self.assertLogs('dojo.notifications.helper', level='DEBUG') as cm:
+                webhook_status_cleanup()
+
+            updated_wh = Notification_Webhooks.objects.filter(owner=None).first()
+            self.assertEqual(updated_wh.status, Notification_Webhooks.STATUS_ACTIVE_TMP)
+            self.assertEqual(updated_wh.first_error, ten_minutes_ago)
+            self.assertEqual(updated_wh.last_error, ten_minutes_ago)
+            self.assertEqual(updated_wh.note, "Response status code: 503")
+            self.assertIn("Webhook endpoint 'My webhook endpoint' reactivated to 'active_tmp'", cm.output[-1])
 
     def test_system_webhook_timeout(self):
-
-        self.sys_wh.url = f"{self.url_base}/delay/10"
+        self.sys_wh.url = f"{self.url_base}/delay/3"
         self.sys_wh.save()
 
         system_settings = System_Settings.objects.get()
-        system_settings.webhooks_notifications_timeout = 3
+        system_settings.webhooks_notifications_timeout = 1
         system_settings.save()
 
-        send_webhooks_notification(event='dummy', title='Dummy event')
+        with self.assertLogs('dojo.notifications.helper', level='ERROR') as cm:
+            send_webhooks_notification(event='dummy', title='Dummy event')
 
         updated_wh = Notification_Webhooks.objects.filter(owner=None).first()
         self.assertEqual(updated_wh.status, Notification_Webhooks.STATUS_INACTIVE_TMP)
         self.assertIsNotNone(updated_wh.first_error)
         self.assertEqual(updated_wh.first_error, updated_wh.last_error)
+        self.assertIn("HTTPConnectionPool(host='webhook.endpoint', port=8080): Read timed out.", updated_wh.note)
+        self.assertIn("Timeout when sending message to Webhook 'My webhook endpoint'", cm.output[-1])
 
     def test_system_webhook_wrong_fqdn(self):
 
         self.sys_wh.url = "http://non.existing.place"
         self.sys_wh.save()
 
-        send_webhooks_notification(event='dummy', title='Dummy event')
+        with self.assertLogs('dojo.notifications.helper', level='ERROR') as cm:
+            send_webhooks_notification(event='dummy', title='Dummy event')
 
         updated_wh = Notification_Webhooks.objects.filter(owner=None).first()
         self.assertEqual(updated_wh.status, Notification_Webhooks.STATUS_INACTIVE_PERMANENT)
         self.assertIsNotNone(updated_wh.first_error)
         self.assertEqual(updated_wh.first_error, updated_wh.last_error)
+        self.assertIn("HTTPConnectionPool(host='non.existing.place', port=80): Max retries exceeded with url: /", updated_wh.note)
+        self.assertIn("HTTPConnectionPool(host='non.existing.place', port=80): Max retries exceeded with url: /", cm.output[-1])
 
     @patch('requests.request', **{'return_value.status_code': 200})
     def test_headers(self, mock):
@@ -563,9 +683,9 @@ def test_events_messages(self, mock):
             self.assertEqual(mock.call_args.kwargs['json'], {
                 'description': None,
                 'user': None,
-                'url': 'http://localhost:8080/product/type/4',
+                'url': f'http://localhost:8080/product/type/{prod_type.pk}',
                 'product_type': {
-                    'id': 4,
+                    'id': prod_type.pk,
                     'name': 'notif prod type',
                 },
             })
@@ -576,13 +696,13 @@ def test_events_messages(self, mock):
             self.assertEqual(mock.call_args.kwargs['json'], {
                 'description': None,
                 'user': None,
-                'url': 'http://localhost:8080/product/4',
+                'url': f'http://localhost:8080/product/{prod.pk}',
                 'product_type': {
-                    'id': 4,
+                    'id': prod_type.pk,
                     'name': 'notif prod type',
                 },
                 'product': {
-                    'id': 4,
+                    'id': prod.pk,
                     'name': 'notif prod',
                 },
             })
@@ -593,17 +713,17 @@ def test_events_messages(self, mock):
             self.assertEqual(mock.call_args.kwargs['json'], {
                 'description': None,
                 'user': None,
-                'url': 'http://localhost:8080/engagement/7',
+                'url': f'http://localhost:8080/engagement/{eng.pk}',
                 'product_type': {
-                    'id': 4,
+                    'id': prod_type.pk,
                     'name': 'notif prod type',
                 },
                 'product': {
-                    'id': 4,
+                    'id': prod.pk,
                     'name': 'notif prod',
                 },
                 'engagement': {
-                    'id': 7,
+                    'id': eng.pk,
                     'name': 'notif eng',
                 },
             })
@@ -615,21 +735,21 @@ def test_events_messages(self, mock):
             self.assertEqual(mock.call_args.kwargs['json'], {
                 'description': None,
                 'user': None,
-                'url': 'http://localhost:8080/test/90',
+                'url': f'http://localhost:8080/test/{test.pk}',
                 'product_type': {
-                    'id': 4,
+                    'id': prod_type.pk,
                     'name': 'notif prod type',
                 },
                 'product': {
-                    'id': 4,
+                    'id': prod.pk,
                     'name': 'notif prod',
                 },
                 'engagement': {
-                    'id': 7,
+                    'id': eng.pk,
                     'name': 'notif eng',
                 },
                 'test': {
-                    'id': 90,
+                    'id': test.pk,
                     'title': 'notif test',
                 },
             })
@@ -640,21 +760,21 @@ def test_events_messages(self, mock):
             self.assertEqual(mock.call_args.kwargs['json'], {
                 'description': None,
                 'user': None,
-                'url': 'http://localhost:8080/test/90',
+                'url': f'http://localhost:8080/test/{test.pk}',
                 'product_type': {
-                    'id': 4,
+                    'id': prod_type.pk,
                     'name': 'notif prod type',
                 },
                 'product': {
-                    'id': 4,
+                    'id': prod.pk,
                     'name': 'notif prod',
                 },
                 'engagement': {
-                    'id': 7,
+                    'id': eng.pk,
                     'name': 'notif eng',
                 },
                 'test': {
-                    'id': 90,
+                    'id': test.pk,
                     'title': 'notif test',
                 },
                 'finding_count': 0,

From 50b45622ca991ad12bddd2884b5306ab26c06074 Mon Sep 17 00:00:00 2001
From: kiblik <5609770+kiblik@users.noreply.github.com>
Date: Tue, 9 Jul 2024 22:31:44 +0200
Subject: [PATCH 40/63] Small adjustments

---
 dojo/notifications/helper.py                             | 1 +
 dojo/notifications/views.py                              | 9 +++------
 .../webhooks/subtemplates/findings_list.tpl              | 2 ++
 unittests/test_notifications.py                          | 8 ++++----
 4 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/dojo/notifications/helper.py b/dojo/notifications/helper.py
index 67fa5a0575b..1c6d9984825 100644
--- a/dojo/notifications/helper.py
+++ b/dojo/notifications/helper.py
@@ -157,6 +157,7 @@ def create_notification_message(event, user, notification_type, *args, **kwargs)
         notification_message = render_to_string(template, kwargs)
         logger.debug("Rendering from the template %s", template)
     except TemplateDoesNotExist as e:
+        # In some cases, template includes another templates, if the interior one is missing, we will see it in "specifically" section
         logger.debug(f'template not found or not implemented yet: {template} (specifically: {e.args})')
     except Exception as e:
         logger.error("error during rendering of template %s exception is %s", template, e)
diff --git a/dojo/notifications/views.py b/dojo/notifications/views.py
index eb1e2e184a9..65f6350c8ba 100644
--- a/dojo/notifications/views.py
+++ b/dojo/notifications/views.py
@@ -179,16 +179,12 @@ def get_initial_context(self, request: HttpRequest, nwhs: Notification_Webhooks)
             'metric': False,
             'user': request.user,
             'nwhs': nwhs,
-            # 'ntl': ntl,
         }
 
     def get_notification_webhooks(self, request: HttpRequest):
         nwhs = Notification_Webhooks.objects.all().order_by('name')
-        # name_words = initial_queryset.values_list('name', flat=True)
-        # ntl = NoteTypesFilter(request.GET, queryset=initial_queryset)
-        # nwhs = get_page_items(request, initial_queryset.qs, 25)
         # TODO finished pagination
-        # TODO restrict based on user
+        # TODO restrict based on user - not only superadmins have access and they see everything
         return nwhs
 
     def get(self, request: HttpRequest):
@@ -232,7 +228,8 @@ def process_form(self, request: HttpRequest, context: dict):
                 )
                 return request, False
             else:
-                # User can put here what ever he want, these are only valid defaults
+                # User can put here what ever he want
+                # we override it with our only valid defaults
                 nwh = form.save(commit=False)
                 nwh.status = Notification_Webhooks.STATUS_ACTIVE
                 nwh.first_error = None
diff --git a/dojo/templates/notifications/webhooks/subtemplates/findings_list.tpl b/dojo/templates/notifications/webhooks/subtemplates/findings_list.tpl
index 0680d01f312..5a84d696abf 100644
--- a/dojo/templates/notifications/webhooks/subtemplates/findings_list.tpl
+++ b/dojo/templates/notifications/webhooks/subtemplates/findings_list.tpl
@@ -5,4 +5,6 @@
       title: {{ finding.title }}
       severity: {{ finding.severity }}
       url: {{ finding_url|full_url }}
+{% else %}
+    []
 {% endfor %}
diff --git a/unittests/test_notifications.py b/unittests/test_notifications.py
index 028593f2025..c9629883b64 100644
--- a/unittests/test_notifications.py
+++ b/unittests/test_notifications.py
@@ -779,10 +779,10 @@ def test_events_messages(self, mock):
                 },
                 'finding_count': 0,
                 'findings': {
-                    'mitigated': None,
-                    'new': None,
-                    'reactivated': None,
-                    'untouched': None,
+                    'mitigated': [],
+                    'new': [],
+                    'reactivated': [],
+                    'untouched': [],
                 },
             })
 

From 503ebbde381bfcdca4e1308e7dbedf1fbff81859 Mon Sep 17 00:00:00 2001
From: kiblik <5609770+kiblik@users.noreply.github.com>
Date: Wed, 10 Jul 2024 10:05:45 +0200
Subject: [PATCH 41/63] Set max_length

---
 ...tifications_and_more.py => 0213_webhooks_notifications.py} | 4 ++--
 dojo/models.py                                                | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)
 rename dojo/db_migrations/{0213_system_settings_enable_webhooks_notifications_and_more.py => 0213_webhooks_notifications.py} (98%)

diff --git a/dojo/db_migrations/0213_system_settings_enable_webhooks_notifications_and_more.py b/dojo/db_migrations/0213_webhooks_notifications.py
similarity index 98%
rename from dojo/db_migrations/0213_system_settings_enable_webhooks_notifications_and_more.py
rename to dojo/db_migrations/0213_webhooks_notifications.py
index 8a610859982..0e1d3a7eb42 100644
--- a/dojo/db_migrations/0213_system_settings_enable_webhooks_notifications_and_more.py
+++ b/dojo/db_migrations/0213_webhooks_notifications.py
@@ -1,4 +1,4 @@
-# Generated by Django 4.2.13 on 2024-07-05 18:54
+# Generated by Django 4.2.13 on 2024-07-10 08:04
 
 from django.db import migrations, models
 import django.db.models.deletion
@@ -123,7 +123,7 @@ class Migration(migrations.Migration):
                 ('status', models.CharField(choices=[('active', 'Active'), ('active_tmp', 'Active but 5xx (or similar) error detected'), ('inactive_tmp', 'Temporary inactive because of 5xx (or similar) error'), ('inactive_permanent', 'Permanently inactive')], default='active', help_text='Status of the incoming webhook', max_length=20)),
                 ('first_error', models.DateTimeField(blank=True, help_text='If endpoint is active, when error happened first time', null=True)),
                 ('last_error', models.DateTimeField(blank=True, help_text='If endpoint is active, when error happened last time', null=True)),
-                ('note', models.CharField(blank=True, default='', help_text='Description of the latest error', null=True)),
+                ('note', models.CharField(blank=True, default='', help_text='Description of the latest error', max_length=1000, null=True)),
                 ('owner', models.ForeignKey(blank=True, help_text='Owner/receiver of notification, if empty processed as system notification', null=True, on_delete=django.db.models.deletion.CASCADE, to='dojo.dojo_user')),
             ],
         ),
diff --git a/dojo/models.py b/dojo/models.py
index da86024510b..7e060351cf7 100644
--- a/dojo/models.py
+++ b/dojo/models.py
@@ -4143,7 +4143,7 @@ class Notification_Webhooks(models.Model):
                               help_text=_('Status of the incoming webhook'))
     first_error = models.DateTimeField(help_text=_('If endpoint is active, when error happened first time'), blank=True, null=True)
     last_error = models.DateTimeField(help_text=_('If endpoint is active, when error happened last time'), blank=True, null=True)
-    note = models.CharField(default='', blank=True, null=True, help_text=_('Description of the latest error'))
+    note = models.CharField(max_length=1000, default='', blank=True, null=True, help_text=_('Description of the latest error'))
     owner = models.ForeignKey(Dojo_User, editable=True, null=True, blank=True, on_delete=models.CASCADE,
                               help_text=_('Owner/receiver of notification, if empty processed as system notification'))
 

From 5d97a21b35aafdca0716e903cad00ec431fa6bc3 Mon Sep 17 00:00:00 2001
From: kiblik <5609770+kiblik@users.noreply.github.com>
Date: Wed, 10 Jul 2024 20:49:17 +0200
Subject: [PATCH 42/63] Better handle nones

---
 dojo/templates/notifications/webhooks/subtemplates/base.tpl   | 2 +-
 .../notifications/webhooks/subtemplates/engagement.tpl        | 2 +-
 .../notifications/webhooks/subtemplates/findings_list.tpl     | 4 ++--
 .../templates/notifications/webhooks/subtemplates/product.tpl | 2 +-
 .../notifications/webhooks/subtemplates/product_type.tpl      | 2 +-
 dojo/templates/notifications/webhooks/subtemplates/test.tpl   | 2 +-
 6 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/dojo/templates/notifications/webhooks/subtemplates/base.tpl b/dojo/templates/notifications/webhooks/subtemplates/base.tpl
index efea85f87a9..b5f1152e12c 100644
--- a/dojo/templates/notifications/webhooks/subtemplates/base.tpl
+++ b/dojo/templates/notifications/webhooks/subtemplates/base.tpl
@@ -1,6 +1,6 @@
 {% load display_tags %}
 ---
-description: {{ description | default_if_none:'' }}  # TODO add "quote or none" - to all strings
+description: {{ description | default_if_none:'' }}
 user: {{ user | default_if_none:'' }}
 {% if url %}
 url:  {{ url|full_url }}
diff --git a/dojo/templates/notifications/webhooks/subtemplates/engagement.tpl b/dojo/templates/notifications/webhooks/subtemplates/engagement.tpl
index c4d2074dd59..57b95068d9c 100644
--- a/dojo/templates/notifications/webhooks/subtemplates/engagement.tpl
+++ b/dojo/templates/notifications/webhooks/subtemplates/engagement.tpl
@@ -4,5 +4,5 @@
 {% include 'notifications/webhooks/subtemplates/product.tpl' with product=engagement.product %}
 {% endif %}
 engagement:
-    name: {{ engagement.name }}
+    name: {{ engagement.name | default_if_none:'' }}
     id: {{ engagement.pk }}
diff --git a/dojo/templates/notifications/webhooks/subtemplates/findings_list.tpl b/dojo/templates/notifications/webhooks/subtemplates/findings_list.tpl
index 5a84d696abf..d2aba725d19 100644
--- a/dojo/templates/notifications/webhooks/subtemplates/findings_list.tpl
+++ b/dojo/templates/notifications/webhooks/subtemplates/findings_list.tpl
@@ -2,8 +2,8 @@
 {% for finding in findings %}
 {% url 'view_finding' finding.id as finding_url %}
     - id: {{ finding.pk }}
-      title: {{ finding.title }}
-      severity: {{ finding.severity }}
+      title: {{ finding.title | default_if_none:'' }}
+      severity: {{ finding.severity | default_if_none:'' }}
       url: {{ finding_url|full_url }}
 {% else %}
     []
diff --git a/dojo/templates/notifications/webhooks/subtemplates/product.tpl b/dojo/templates/notifications/webhooks/subtemplates/product.tpl
index f875586c6f9..b1d4d0355f9 100644
--- a/dojo/templates/notifications/webhooks/subtemplates/product.tpl
+++ b/dojo/templates/notifications/webhooks/subtemplates/product.tpl
@@ -4,5 +4,5 @@
 {% include 'notifications/webhooks/subtemplates/product_type.tpl' with product_type=product.prod_type %}
 {% endif %}
 product:
-    name: {{ product.name }}
+    name: {{ product.name | default_if_none:'' }}
     id: {{ product.pk }}
diff --git a/dojo/templates/notifications/webhooks/subtemplates/product_type.tpl b/dojo/templates/notifications/webhooks/subtemplates/product_type.tpl
index 3aa71ce9f54..49cdd4c508d 100644
--- a/dojo/templates/notifications/webhooks/subtemplates/product_type.tpl
+++ b/dojo/templates/notifications/webhooks/subtemplates/product_type.tpl
@@ -1,3 +1,3 @@
 product_type:
-    name: {{ product_type.name }}
+    name: {{ product_type.name | default_if_none:'' }}
     id: {{ product_type.pk }}
diff --git a/dojo/templates/notifications/webhooks/subtemplates/test.tpl b/dojo/templates/notifications/webhooks/subtemplates/test.tpl
index 26c4b4bc2c7..9cea22d0481 100644
--- a/dojo/templates/notifications/webhooks/subtemplates/test.tpl
+++ b/dojo/templates/notifications/webhooks/subtemplates/test.tpl
@@ -4,5 +4,5 @@
 {% include 'notifications/webhooks/subtemplates/engagement.tpl' with engagement=test.engagement %}
 {% endif %}
 test:
-    title: {{ test.title }}
+    title: {{ test.title | default_if_none:'' }}
     id: {{ test.pk }}

From b630f909556157651615d20082204f7e4732c473 Mon Sep 17 00:00:00 2001
From: kiblik <5609770+kiblik@users.noreply.github.com>
Date: Wed, 10 Jul 2024 21:27:25 +0200
Subject: [PATCH 43/63] Add basic doc + fix findings_list

---
 .../notification_webhooks/engagement_added.md | 31 ++++++++
 .../notification_webhooks/product_added.md    | 27 +++++++
 .../product_type_added.md                     | 23 ++++++
 .../notification_webhooks/scan_added.md       | 75 +++++++++++++++++++
 .../notification_webhooks/test_added.md       | 35 +++++++++
 .../webhooks/subtemplates/findings_list.tpl   |  2 +-
 6 files changed, 192 insertions(+), 1 deletion(-)
 create mode 100644 docs/content/en/integrations/notification_webhooks/engagement_added.md
 create mode 100644 docs/content/en/integrations/notification_webhooks/product_added.md
 create mode 100644 docs/content/en/integrations/notification_webhooks/product_type_added.md
 create mode 100644 docs/content/en/integrations/notification_webhooks/scan_added.md
 create mode 100644 docs/content/en/integrations/notification_webhooks/test_added.md

diff --git a/docs/content/en/integrations/notification_webhooks/engagement_added.md b/docs/content/en/integrations/notification_webhooks/engagement_added.md
new file mode 100644
index 00000000000..2d69d4bf299
--- /dev/null
+++ b/docs/content/en/integrations/notification_webhooks/engagement_added.md
@@ -0,0 +1,31 @@
+---
+title: "Event: engagement_added"
+weight: 3
+chapter: true
+---
+
+## Event HTTP header
+```yaml
+X-DefectDojo-Event: engagement_added
+```
+
+## Event HTTP body
+```json
+{
+    "description": null,
+    "engagement": {
+        "id": 7,
+        "name": "notif eng"
+    },
+    "product": {
+        "id": 4,
+        "name": "notif prod"
+    },
+    "product_type": {
+        "id": 4,
+        "name": "notif prod type"
+    },
+    "url": "http://localhost:8080/engagement/7",
+    "user": null
+}
+```
\ No newline at end of file
diff --git a/docs/content/en/integrations/notification_webhooks/product_added.md b/docs/content/en/integrations/notification_webhooks/product_added.md
new file mode 100644
index 00000000000..1c0ace44def
--- /dev/null
+++ b/docs/content/en/integrations/notification_webhooks/product_added.md
@@ -0,0 +1,27 @@
+---
+title: "Event: product_added"
+weight: 2
+chapter: true
+---
+
+## Event HTTP header
+```yaml
+X-DefectDojo-Event: product_added
+```
+
+## Event HTTP body
+```json
+{
+    "description": null,
+    "product": {
+        "id": 4,
+        "name": "notif prod"
+    },
+    "product_type": {
+        "id": 4,
+        "name": "notif prod type"
+    },
+    "url": "http://localhost:8080/product/4",
+    "user": null
+}
+```
\ No newline at end of file
diff --git a/docs/content/en/integrations/notification_webhooks/product_type_added.md b/docs/content/en/integrations/notification_webhooks/product_type_added.md
new file mode 100644
index 00000000000..5b5168002e9
--- /dev/null
+++ b/docs/content/en/integrations/notification_webhooks/product_type_added.md
@@ -0,0 +1,23 @@
+---
+title: "Event: product_type_added"
+weight: 1
+chapter: true
+---
+
+## Event HTTP header
+```yaml
+X-DefectDojo-Event: product_type_added
+```
+
+## Event HTTP body
+```json
+{
+    "description": null,
+    "product_type": {
+        "id": 4,
+        "name": "notif prod type"
+    },
+    "url": "http://localhost:8080/product/type/4",
+    "user": null
+}
+```
\ No newline at end of file
diff --git a/docs/content/en/integrations/notification_webhooks/scan_added.md b/docs/content/en/integrations/notification_webhooks/scan_added.md
new file mode 100644
index 00000000000..7a5fc0d4766
--- /dev/null
+++ b/docs/content/en/integrations/notification_webhooks/scan_added.md
@@ -0,0 +1,75 @@
+---
+title: "Event: scan_added and scan_added_empty"
+weight: 5
+chapter: true
+---
+
+## Event HTTP header for scan_added
+```yaml
+X-DefectDojo-Event: scan_added
+```
+
+## Event HTTP header for scan_added_empty
+```yaml
+X-DefectDojo-Event: scan_added_empty
+```
+
+## Event HTTP body
+```json
+{
+    "description": null,
+    "engagement": {
+        "id": 7,
+        "name": "notif eng"
+    },
+    "finding_count": 4,
+    "findings": {
+        "mitigated": [
+            {
+                "id": 233,
+                "severity": "Medium",
+                "title": "Mitigated Finding",
+                "url": "http://localhost:8080/finding/233"
+            }
+        ],
+        "new": [
+            {
+                "id": 232,
+                "severity": "Critical",
+                "title": "New Finding",
+                "url": "http://localhost:8080/finding/232"
+            }
+        ],
+        "reactivated": [
+            {
+                "id": 234,
+                "severity": "Low",
+                "title": "Reactivated Finding",
+                "url": "http://localhost:8080/finding/234"
+            }
+        ],
+        "untouched": [
+            {
+                "id": 235,
+                "severity": "Info",
+                "title": "Untouched Finding",
+                "url": "http://localhost:8080/finding/235"
+            }
+        ]
+    },
+    "product": {
+        "id": 4,
+        "name": "notif prod"
+    },
+    "product_type": {
+        "id": 4,
+        "name": "notif prod type"
+    },
+    "test": {
+        "id": 90,
+        "title": "notif test"
+    },
+    "url": "http://localhost:8080/test/90",
+    "user": null
+}
+```
\ No newline at end of file
diff --git a/docs/content/en/integrations/notification_webhooks/test_added.md b/docs/content/en/integrations/notification_webhooks/test_added.md
new file mode 100644
index 00000000000..6295d513535
--- /dev/null
+++ b/docs/content/en/integrations/notification_webhooks/test_added.md
@@ -0,0 +1,35 @@
+---
+title: "Event: test_added"
+weight: 4
+chapter: true
+---
+
+## Event HTTP header
+```yaml
+X-DefectDojo-Event: test_added
+```
+
+## Event HTTP body
+```json
+{
+    "description": null,
+    "engagement": {
+        "id": 7,
+        "name": "notif eng"
+    },
+    "product": {
+        "id": 4,
+        "name": "notif prod"
+    },
+    "product_type": {
+        "id": 4,
+        "name": "notif prod type"
+    },
+    "test": {
+        "id": 90,
+        "title": "notif test"
+    },
+    "url": "http://localhost:8080/test/90",
+    "user": null
+}
+```
\ No newline at end of file
diff --git a/dojo/templates/notifications/webhooks/subtemplates/findings_list.tpl b/dojo/templates/notifications/webhooks/subtemplates/findings_list.tpl
index d2aba725d19..298113362f6 100644
--- a/dojo/templates/notifications/webhooks/subtemplates/findings_list.tpl
+++ b/dojo/templates/notifications/webhooks/subtemplates/findings_list.tpl
@@ -5,6 +5,6 @@
       title: {{ finding.title | default_if_none:'' }}
       severity: {{ finding.severity | default_if_none:'' }}
       url: {{ finding_url|full_url }}
-{% else %}
+{% empty %}
     []
 {% endfor %}

From 6427496b06aa0ba0bb3cd14a22ead3147b4831b1 Mon Sep 17 00:00:00 2001
From: kiblik <5609770+kiblik@users.noreply.github.com>
Date: Fri, 12 Jul 2024 12:44:24 +0200
Subject: [PATCH 44/63] Update docs

---
 .github/workflows/rest-framework-tests.yml    |  2 +-
 .../notification_webhooks/_index.md           | 46 ++++++++++++++++---
 .../notification_webhooks/scan_added.md       |  2 +
 docs/content/en/integrations/notifications.md |  4 +-
 4 files changed, 45 insertions(+), 9 deletions(-)

diff --git a/.github/workflows/rest-framework-tests.yml b/.github/workflows/rest-framework-tests.yml
index 8c80b846402..f153a368ba9 100644
--- a/.github/workflows/rest-framework-tests.yml
+++ b/.github/workflows/rest-framework-tests.yml
@@ -34,7 +34,7 @@ jobs:
         run: docker/setEnv.sh unit_tests_cicd
 
       # phased startup so we can use the exit code from unit test container
-      - name: Start Postgres
+      - name: Start Postgres and webhook.endpoint
         run: docker compose up -d postgres webhook.endpoint
 
       # no celery or initializer needed for unit tests
diff --git a/docs/content/en/integrations/notification_webhooks/_index.md b/docs/content/en/integrations/notification_webhooks/_index.md
index ac66bc6564c..d8fe606cffa 100644
--- a/docs/content/en/integrations/notification_webhooks/_index.md
+++ b/docs/content/en/integrations/notification_webhooks/_index.md
@@ -1,12 +1,16 @@
 ---
-title: "Notification Webhooks"
-description: "..."
+title: "Notification Webhooks (experimental)"
+description: "How to setup and use webhooks"
 weight: 7
 chapter: true
 ---
 
+Webhooks are HTTP requests coming from the DefectDojo instance towards user-defined webserver which expects this kind of incoming traffic.
+
 ## Transition graph:
 
+It is not unusual that in some cases webhook can not be performed. It is usually connected to network issues, server misconfiguration, or running upgrades on the server. DefectDojo needs to react to these outages. It might temporarily or permanently disable related endpoints. The following graph shows how it might change the status of the webhook definition based on HTTP responses (or manual user interaction).
+
 ```mermaid
 flowchart TD
 
@@ -21,12 +25,12 @@ flowchart TD
     START ==> STATUS_ACTIVE
     STATUS_ACTIVE --HTTP 200 or 201 --> STATUS_ACTIVE
     STATUS_ACTIVE --HTTP 5xx <br>or HTTP 429 <br>or Timeout--> STATUS_INACTIVE_TMP
-    STATUS_ACTIVE --Any HTTP 4xx response<br>or any other HTTP responsee<br>or non-HTTP error--> STATUS_INACTIVE_PERMANENT
+    STATUS_ACTIVE --Any HTTP 4xx response<br>or any other HTTP response<br>or non-HTTP error--> STATUS_INACTIVE_PERMANENT
     STATUS_INACTIVE_TMP -.After 60s.-> STATUS_ACTIVE_TMP
     STATUS_ACTIVE_TMP --HTTP 5xx <br>or HTTP 429 <br>or Timeout <br>within 24h<br>from the first error-->STATUS_INACTIVE_TMP
     STATUS_ACTIVE_TMP -.After 24h.-> STATUS_ACTIVE
     STATUS_ACTIVE_TMP --HTTP 200 or 201 --> STATUS_ACTIVE_TMP
-    STATUS_ACTIVE_TMP --HTTP 5xx <br>or HTTP 429 <br>or Timeout <br>within 24h from the first error<br>or any other HTTP respons or error--> STATUS_INACTIVE_PERMANENT
+    STATUS_ACTIVE_TMP --HTTP 5xx <br>or HTTP 429 <br>or Timeout <br>within 24h from the first error<br>or any other HTTP response or error--> STATUS_INACTIVE_PERMANENT
     ALL ==Activation by user==> STATUS_ACTIVE
     ALL ==Deactivation by user==> STATUS_INACTIVE_PERMANENT
     ALL ==Removal of endpoint by user==> END
@@ -39,7 +43,37 @@ Notes:
     - dotted: automated by celery
     - others: based on responses on webhooks
 1. Nodes:
-    - Stadium-shaped: Active - following webhook can be send
+    - Stadium-shaped: Active - following webhook can be sent
     - Rectangles: Inactive - performing of webhook will fail (and not retried)
     - Hexagonal: Initial and final states
-    - Rhombus: All states (meta node to make graph more readable)
+    - Rhombus: All states (meta node to make the graph more readable)
+
+## Body and Headers
+
+The body of each request is JSON which contains data about related events like names and IDs of affected elements.
+Examples of bodies are on pages related to each event (see below).
+
+Each request contains the following headers. They might be useful for better handling of events by server this process events.
+
+```yaml
+User-Agent: DefectDojo-<version of DD>
+X-DefectDojo-Event: <name of the event>
+X-DefectDojo-Instance: <Base URL for DD instance>
+```
+## Disclaimer
+
+This functionality is new and in experimental mode. This means Functionality might generate breaking changes in following DefectDojo releases and might not be considered final.
+
+However, the community is open to feedback to make this functionality better and transform it stable as soon as possible.
+
+## Roadmap
+
+There are a couple of known issues that are expected to be implemented as soon as core functionality is considered ready.
+
+- Support events - Not only adding products, product types, engagements, tests, or upload of new scans but also events around SLA
+- User webhook - right now only admins can define webhooks; in the future also users will be able to define their own
+- Improvement in UI - add filtering and pagination of webhook endpoints
+
+## Events
+
+<!-- Hugo automatically renders list of subpages here -->
\ No newline at end of file
diff --git a/docs/content/en/integrations/notification_webhooks/scan_added.md b/docs/content/en/integrations/notification_webhooks/scan_added.md
index 7a5fc0d4766..d02146932da 100644
--- a/docs/content/en/integrations/notification_webhooks/scan_added.md
+++ b/docs/content/en/integrations/notification_webhooks/scan_added.md
@@ -4,6 +4,8 @@ weight: 5
 chapter: true
 ---
 
+Event `scan_added_empty` describes a situation when reimport did not affect the existing test (no finding has been created or closed). 
+
 ## Event HTTP header for scan_added
 ```yaml
 X-DefectDojo-Event: scan_added
diff --git a/docs/content/en/integrations/notifications.md b/docs/content/en/integrations/notifications.md
index 3d979dbbd64..803388797cd 100644
--- a/docs/content/en/integrations/notifications.md
+++ b/docs/content/en/integrations/notifications.md
@@ -127,6 +127,6 @@ The scope of this setting is customizable (see environmental variable `DD_NOTIFI
 
 For more information about this behavior see the [related pull request #9699](https://github.com/DefectDojo/django-DefectDojo/pull/9699/)
 
-### Webhooks
+## Webhooks (experimental)
 
-# TODO
\ No newline at end of file
+DefectDojo also supports webhooks that follow the same events as other notifications (you can be notified in the same situations). Details about setup are described in [related page](../notification_webhooks/).

From f4f43efacfcb7dbddff08318ce165b8d1fd99ab0 Mon Sep 17 00:00:00 2001
From: kiblik <5609770+kiblik@users.noreply.github.com>
Date: Sat, 13 Jul 2024 00:58:34 +0200
Subject: [PATCH 45/63] Clean ruff

---
 dojo/forms.py                    |  18 +-
 dojo/models.py                   |  30 +--
 dojo/notifications/helper.py     |  59 ++----
 dojo/notifications/urls.py       |   8 +-
 dojo/notifications/views.py      |  64 +++----
 dojo/settings/settings.dist.py   |   6 +-
 dojo/urls.py                     |   2 +-
 tests/notifications_test.py      |  10 +-
 unittests/test_notifications.py  | 310 +++++++++++++++----------------
 unittests/test_rest_framework.py |   6 +-
 10 files changed, 239 insertions(+), 274 deletions(-)

diff --git a/dojo/forms.py b/dojo/forms.py
index 0520ac3101e..8c56c45edac 100644
--- a/dojo/forms.py
+++ b/dojo/forms.py
@@ -2785,15 +2785,15 @@ class Meta:
         exclude = []
 
     def __init__(self, *args, **kwargs):
-        is_superuser = kwargs.pop('is_superuser', False)
+        is_superuser = kwargs.pop("is_superuser", False)
         logger.debug(f"is_superuser: {is_superuser}")
         super().__init__(*args, **kwargs)
-        self.fields['status'].disabled = True  # TODO - same for API
-        self.fields['first_error'].disabled = True
-        self.fields['last_error'].disabled = True
-        self.fields['note'].disabled = True
+        self.fields["status"].disabled = True  # TODO - same for API
+        self.fields["first_error"].disabled = True
+        self.fields["last_error"].disabled = True
+        self.fields["note"].disabled = True
         if not is_superuser:  # Only superadmins can edit owner
-            self.fields['owner'].disabled = True  # TODO needs to be tested
+            self.fields["owner"].disabled = True  # TODO needs to be tested
 
 
 class DeleteNotificationsWebhookForm(forms.ModelForm):
@@ -2802,12 +2802,12 @@ class DeleteNotificationsWebhookForm(forms.ModelForm):
 
     def __init__(self, *args, **kwargs):
         super().__init__(*args, **kwargs)
-        self.fields['name'].disabled = True
-        self.fields['url'].disabled = True
+        self.fields["name"].disabled = True
+        self.fields["url"].disabled = True
 
     class Meta:
         model = Notification_Webhooks
-        fields = ['id', 'name', 'url']
+        fields = ["id", "name", "url"]
 
 
 class ProductNotificationsForm(forms.ModelForm):
diff --git a/dojo/models.py b/dojo/models.py
index 7e060351cf7..2bff5988a82 100644
--- a/dojo/models.py
+++ b/dojo/models.py
@@ -355,7 +355,7 @@ class System_Settings(models.Model):
 
     enable_webhooks_notifications = \
         models.BooleanField(default=False,
-                            verbose_name=_('Enable Webhook notifications'),
+                            verbose_name=_("Enable Webhook notifications"),
                             blank=False)
     webhooks_notifications_timeout = models.IntegerField(default=60,
                                           help_text=_("How many seconds will DefectDojo waits for response from webhook endpoint"))
@@ -4131,21 +4131,21 @@ class Notification_Webhooks(models.Model):
         (STATUS_INACTIVE_TMP, "Temporary inactive because of 5xx (or similar) error"),
         (STATUS_INACTIVE_PERMANENT, "Permanently inactive"),
     )
-    name = models.CharField(max_length=100, default='', blank=False, unique=True,
-                                    help_text=_('Name of the incoming webhook'))
-    url = models.URLField(max_length=200, default='', blank=False,
-                                    help_text=_('The full URL of the incoming webhook'))
-    header_name = models.CharField(max_length=100, default='', blank=True, null=True,
-                                   help_text=_('Name of the header required for interacting with Webhook endpoint'))
-    header_value = models.CharField(max_length=100, default='', blank=True, null=True,
-                                   help_text=_('Content of the header required for interacting with Webhook endpoint'))
+    name = models.CharField(max_length=100, default="", blank=False, unique=True,
+                                    help_text=_("Name of the incoming webhook"))
+    url = models.URLField(max_length=200, default="", blank=False,
+                                    help_text=_("The full URL of the incoming webhook"))
+    header_name = models.CharField(max_length=100, default="", blank=True, null=True,
+                                   help_text=_("Name of the header required for interacting with Webhook endpoint"))
+    header_value = models.CharField(max_length=100, default="", blank=True, null=True,
+                                   help_text=_("Content of the header required for interacting with Webhook endpoint"))
     status = models.CharField(max_length=20, choices=STATUS_CHOICES, default="active", blank=False,
-                              help_text=_('Status of the incoming webhook'))
-    first_error = models.DateTimeField(help_text=_('If endpoint is active, when error happened first time'), blank=True, null=True)
-    last_error = models.DateTimeField(help_text=_('If endpoint is active, when error happened last time'), blank=True, null=True)
-    note = models.CharField(max_length=1000, default='', blank=True, null=True, help_text=_('Description of the latest error'))
+                              help_text=_("Status of the incoming webhook"))
+    first_error = models.DateTimeField(help_text=_("If endpoint is active, when error happened first time"), blank=True, null=True)
+    last_error = models.DateTimeField(help_text=_("If endpoint is active, when error happened last time"), blank=True, null=True)
+    note = models.CharField(max_length=1000, default="", blank=True, null=True, help_text=_("Description of the latest error"))
     owner = models.ForeignKey(Dojo_User, editable=True, null=True, blank=True, on_delete=models.CASCADE,
-                              help_text=_('Owner/receiver of notification, if empty processed as system notification'))
+                              help_text=_("Owner/receiver of notification, if empty processed as system notification"))
 
 
 class Tool_Product_Settings(models.Model):
@@ -4620,7 +4620,7 @@ def __str__(self):
     auditlog.register(Risk_Acceptance)
     auditlog.register(Finding_Template)
     auditlog.register(Cred_User, exclude_fields=["password"])
-    auditlog.register(Notification_Webhooks, exclude_fields=['header_name', 'header_value'])
+    auditlog.register(Notification_Webhooks, exclude_fields=["header_name", "header_value"])
 
 from dojo.utils import calculate_grade, to_str_typed  # noqa: E402  # there is issue due to a circular import
 
diff --git a/dojo/notifications/helper.py b/dojo/notifications/helper.py
index 1c6d9984825..bfa93c7efd7 100644
--- a/dojo/notifications/helper.py
+++ b/dojo/notifications/helper.py
@@ -158,7 +158,7 @@ def create_notification_message(event, user, notification_type, *args, **kwargs)
         logger.debug("Rendering from the template %s", template)
     except TemplateDoesNotExist as e:
         # In some cases, template includes another templates, if the interior one is missing, we will see it in "specifically" section
-        logger.debug(f'template not found or not implemented yet: {template} (specifically: {e.args})')
+        logger.debug(f"template not found or not implemented yet: {template} (specifically: {e.args})")
     except Exception as e:
         logger.error("error during rendering of template %s exception is %s", template, e)
     finally:
@@ -197,8 +197,8 @@ def process_notifications(event, notifications=None, **kwargs):
         logger.debug("Sending Mail Notification")
         send_mail_notification(event, notifications.user, **kwargs)
 
-    if webhooks_enabled and 'webhooks' in getattr(notifications, event, getattr(notifications, 'other')):
-        logger.debug('Sending Webhooks Notification')
+    if webhooks_enabled and "webhooks" in getattr(notifications, event, getattr(notifications, "other")):
+        logger.debug("Sending Webhooks Notification")
         send_webhooks_notification(event, notifications.user, **kwargs)
 
     if "alert" in getattr(notifications, event, getattr(notifications, "other")):
@@ -327,41 +327,6 @@ def send_mail_notification(event, user=None, *args, **kwargs):
         log_alert(e, "Email Notification", title=kwargs["title"], description=str(e), url=kwargs["url"])
 
 
-@dojo_async_task
-@app.task
-def send_webhooks_notification(event, user=None, *args, **kwargs):
-    from dojo.utils import get_system_setting
-
-    try:
-        if get_system_setting('webhooks_url') is not None:
-            logger.debug('sending webhook message')
-            headers={
-                "User-Agent": f"DefectDojo-{dd_version}",
-                "X-DefectDojo-Event": event,
-                "X-DefectDojo-Instance": settings.SITE_URL,
-            }
-            if get_system_setting('webhooks_token') is not None:
-                headers["X-DefectDojo-Token"] = get_system_setting('webhooks_token')
-            if user:
-                headers["X-DefectDojo-User"] = user
-            res = requests.request(
-                method='POST',
-                url=get_system_setting('webhooks_url'),
-                headers=headers,
-                data=create_notification_message(event, user, 'webhooks', *args, **kwargs))
-            if res.status_code != 200:
-                logger.error("Error when sending message to Webhooks")
-                logger.error(res.status_code)
-                logger.error(res.text)
-                raise RuntimeError('Error posting message to Webhooks: ' + res.text)
-        else:
-            logger.info('URL for Webhooks not configured: skipping system notification')
-    except Exception as e:
-        logger.exception(e)
-        log_alert(e, "Webhooks Notification", title=kwargs['title'], description=str(e), url=kwargs['url'])
-        pass
-
-
 def webhooks_notification_request(endpoint, event, *args, **kwargs):
     from dojo.utils import get_system_setting
 
@@ -373,13 +338,13 @@ def webhooks_notification_request(endpoint, event, *args, **kwargs):
     }
     if endpoint.header_name is not None:
         headers[endpoint.header_name] = endpoint.header_value
-    yaml_data = create_notification_message(event, endpoint.owner, 'webhooks', *args, **kwargs)
+    yaml_data = create_notification_message(event, endpoint.owner, "webhooks", *args, **kwargs)
     data = yaml.safe_load(yaml_data)
 
-    timeout = get_system_setting('webhooks_notifications_timeout')
+    timeout = get_system_setting("webhooks_notifications_timeout")
 
     res = requests.request(
-        method='POST',
+        method="POST",
         url=endpoint.url,
         headers=headers,
         json=data,
@@ -389,7 +354,7 @@ def webhooks_notification_request(endpoint, event, *args, **kwargs):
 
 
 def test_webhooks_notification(endpoint):
-    res = webhooks_notification_request(endpoint, 'ping', description="Test webhook notification")
+    res = webhooks_notification_request(endpoint, "ping", description="Test webhook notification")
     res.raise_for_status()
     # in "send_webhooks_notification", we are doing deeper analysis, why it failed
     # for now, "raise_for_status" should be enough
@@ -397,7 +362,7 @@ def test_webhooks_notification(endpoint):
 
 @app.task(ignore_result=True)
 def webhook_reactivation(*args, **kwargs):
-    endpoint = Notification_Webhooks.objects.get(pk=kwargs.get('endpoint_id'))
+    endpoint = Notification_Webhooks.objects.get(pk=kwargs.get("endpoint_id"))
 
     # User already changed status of endpoint
     if endpoint.status != Notification_Webhooks.STATUS_INACTIVE_TMP:
@@ -420,7 +385,7 @@ def webhook_status_cleanup(*args, **kwargs):
         endpoint.status = Notification_Webhooks.STATUS_ACTIVE
         endpoint.first_error = None
         endpoint.last_error = None
-        endpoint.note = f'Reactivation from {Notification_Webhooks.STATUS_ACTIVE_TMP}'
+        endpoint.note = f"Reactivation from {Notification_Webhooks.STATUS_ACTIVE_TMP}"
         endpoint.save()
         logger.debug(f"Webhook endpoint '{endpoint.name}' reactivated from '{Notification_Webhooks.STATUS_ACTIVE_TMP}' to '{Notification_Webhooks.STATUS_ACTIVE}'")
 
@@ -439,8 +404,8 @@ def webhook_status_cleanup(*args, **kwargs):
 @app.task
 def send_webhooks_notification(event, user=None, *args, **kwargs):
 
-    ERROR_PERMANENT = 'permanent'
-    ERROR_TEMPORARY = 'temporary'
+    ERROR_PERMANENT = "permanent"
+    ERROR_TEMPORARY = "temporary"
 
     endpoints = Notification_Webhooks.objects.filter(owner=user)
 
@@ -502,7 +467,7 @@ def send_webhooks_notification(event, user=None, *args, **kwargs):
                 endpoint.status = Notification_Webhooks.STATUS_INACTIVE_TMP
 
                 # In case of failure within one day, endpoint can be deactivated temporally only for one minute
-                webhook_reactivation.apply_async(kwargs={'endpoint_id': endpoint.pk}, countdown=60)
+                webhook_reactivation.apply_async(kwargs={"endpoint_id": endpoint.pk}, countdown=60)
 
         # There is no reason to keep endpoint active if it is returning 4xx errors
         else:
diff --git a/dojo/notifications/urls.py b/dojo/notifications/urls.py
index 48fd88e1396..6f4cba7bb64 100644
--- a/dojo/notifications/urls.py
+++ b/dojo/notifications/urls.py
@@ -7,8 +7,8 @@
     re_path(r"^notifications/system$", views.SystemNotificationsView.as_view(), name="system_notifications"),
     re_path(r"^notifications/personal$", views.PersonalNotificationsView.as_view(), name="personal_notifications"),
     re_path(r"^notifications/template$", views.TemplateNotificationsView.as_view(), name="template_notifications"),
-    re_path(r'^notifications/webhooks$', views.ListNotificationWebhooksView.as_view(), name='notification_webhooks'),
-    re_path(r'^notifications/webhooks/add$', views.AddNotificationWebhooksView.as_view(), name='add_notification_webhook'),
-    re_path(r'^notifications/webhooks/(?P<nwhid>\d+)/edit$', views.EditNotificationWebhooksView.as_view(), name='edit_notification_webhook'),
-    re_path(r'^notifications/webhooks/(?P<nwhid>\d+)/delete$', views.DeleteNotificationWebhooksView.as_view(), name='delete_notification_webhook'),
+    re_path(r"^notifications/webhooks$", views.ListNotificationWebhooksView.as_view(), name="notification_webhooks"),
+    re_path(r"^notifications/webhooks/add$", views.AddNotificationWebhooksView.as_view(), name="add_notification_webhook"),
+    re_path(r"^notifications/webhooks/(?P<nwhid>\d+)/edit$", views.EditNotificationWebhooksView.as_view(), name="edit_notification_webhook"),
+    re_path(r"^notifications/webhooks/(?P<nwhid>\d+)/delete$", views.DeleteNotificationWebhooksView.as_view(), name="delete_notification_webhook"),
 ]
diff --git a/dojo/notifications/views.py b/dojo/notifications/views.py
index 65f6350c8ba..84c6b9700c1 100644
--- a/dojo/notifications/views.py
+++ b/dojo/notifications/views.py
@@ -137,7 +137,7 @@ def set_breadcrumbs(self, request: HttpRequest):
 class NotificationWebhooksView(View):
 
     def check_webhooks_enabled(self):
-        if not get_system_setting('enable_webhooks_notifications'):
+        if not get_system_setting("enable_webhooks_notifications"):
             raise Http404
 
     def check_user_permissions(self, request: HttpRequest):
@@ -170,19 +170,19 @@ def get(self, request: HttpRequest):
 
 class ListNotificationWebhooksView(NotificationWebhooksView):
     template = "dojo/view_notification_webhooks.html"
-    permission = 'dojo.view_notification_webhooks'
+    permission = "dojo.view_notification_webhooks"
     breadcrumb = "Notification Webhook List"
 
     def get_initial_context(self, request: HttpRequest, nwhs: Notification_Webhooks):
         return {
-            'name': 'Notification Webhook List',
-            'metric': False,
-            'user': request.user,
-            'nwhs': nwhs,
+            "name": "Notification Webhook List",
+            "metric": False,
+            "user": request.user,
+            "nwhs": nwhs,
         }
 
     def get_notification_webhooks(self, request: HttpRequest):
-        nwhs = Notification_Webhooks.objects.all().order_by('name')
+        nwhs = Notification_Webhooks.objects.all().order_by("name")
         # TODO finished pagination
         # TODO restrict based on user - not only superadmins have access and they see everything
         return nwhs
@@ -201,17 +201,17 @@ def get(self, request: HttpRequest):
 
 
 class AddNotificationWebhooksView(NotificationWebhooksView):
-    template = 'dojo/add_notification_webhook.html'
-    permission = 'dojo.add_notification_webhooks'
+    template = "dojo/add_notification_webhook.html"
+    permission = "dojo.add_notification_webhooks"
     breadcrumb = "Add Notification Webhook"
 
     # TODO Disable Owner if not superadmin
 
     def get_initial_context(self, request: HttpRequest):
         return {
-            'name': 'Add Notification Webhook',
-            'user': request.user,
-            'form': self.get_form(request),
+            "name": "Add Notification Webhook",
+            "user": request.user,
+            "form": self.get_form(request),
         }
 
     def process_form(self, request: HttpRequest, context: dict):
@@ -223,8 +223,8 @@ def process_form(self, request: HttpRequest, context: dict):
                 messages.add_message(
                     request,
                     messages.ERROR,
-                    _('Test of endpoint was not successful: %(error)s') % {'error': str(e)},
-                    extra_tags='alert-danger',
+                    _("Test of endpoint was not successful: %(error)s") % {"error": str(e)},
+                    extra_tags="alert-danger",
                 )
                 return request, False
             else:
@@ -239,7 +239,7 @@ def process_form(self, request: HttpRequest, context: dict):
                 messages.add_message(
                     request,
                     messages.SUCCESS,
-                    _('Notification Webhook added successfully.'),
+                    _("Notification Webhook added successfully."),
                     extra_tags="alert-success",
                 )
                 return request, True
@@ -271,8 +271,8 @@ def post(self, request: HttpRequest):
 
 
 class EditNotificationWebhooksView(NotificationWebhooksView):
-    template = 'dojo/edit_notification_webhook.html'
-    permission = 'dojo.change_notification_webhooks'
+    template = "dojo/edit_notification_webhook.html"
+    permission = "dojo.change_notification_webhooks"
     # TODO this could be better: @user_is_authorized(Finding, Permissions.Finding_Delete, 'fid')
     breadcrumb = "Edit Notification Webhook"
 
@@ -283,24 +283,24 @@ def get_notification_webhook(self, nwhid: int):
 
     def get_initial_context(self, request: HttpRequest, nwh: Notification_Webhooks):
         return {
-            'name': 'Edit Notification Webhook',
-            'user': request.user,
-            'form': self.get_form(request, instance=nwh),
-            'nwh': nwh,
+            "name": "Edit Notification Webhook",
+            "user": request.user,
+            "form": self.get_form(request, instance=nwh),
+            "nwh": nwh,
         }
 
     def process_form(self, request: HttpRequest, nwh: Notification_Webhooks, context: dict):
         form = context["form"]
-        if 'deactivate_webhook' in request.POST:  # TODO add this to API as well
+        if "deactivate_webhook" in request.POST:  # TODO add this to API as well
             nwh.status = Notification_Webhooks.STATUS_INACTIVE_PERMANENT
             nwh.first_error = None
             nwh.last_error = None
-            nwh.note = 'Deactivate from UI'
+            nwh.note = "Deactivate from UI"
             nwh.save()
             messages.add_message(
                                     request,
                                     messages.SUCCESS,
-                                    _('Notification Webhook deactivated successfully.'),
+                                    _("Notification Webhook deactivated successfully."),
                                     extra_tags="alert-success",
                                 )
             return request, True
@@ -312,8 +312,8 @@ def process_form(self, request: HttpRequest, nwh: Notification_Webhooks, context
                 messages.add_message(
                     request,
                     messages.ERROR,
-                    _('Test of endpoint was not successful: %(error)s') % {'error': str(e)},
-                    extra_tags='alert-danger')
+                    _("Test of endpoint was not successful: %(error)s") % {"error": str(e)},
+                    extra_tags="alert-danger")
                 return request, False
             else:
                 # correct definition reset defaults
@@ -326,7 +326,7 @@ def process_form(self, request: HttpRequest, nwh: Notification_Webhooks, context
                 messages.add_message(
                     request,
                     messages.SUCCESS,
-                    _('Notification Webhook updated successfully.'),
+                    _("Notification Webhook updated successfully."),
                     extra_tags="alert-success",
                 )
                 return request, True
@@ -360,8 +360,8 @@ def post(self, request: HttpRequest, nwhid: int):
 
 
 class DeleteNotificationWebhooksView(NotificationWebhooksView):
-    template = 'dojo/delete_notification_webhook.html'
-    permission = 'dojo.delete_notification_webhooks'
+    template = "dojo/delete_notification_webhook.html"
+    permission = "dojo.delete_notification_webhooks"
     # TODO this could be better: @user_is_authorized(Finding, Permissions.Finding_Delete, 'fid')
     breadcrumb = "Edit Notification Webhook"
 
@@ -382,8 +382,8 @@ def get_form(
 
     def get_initial_context(self, request: HttpRequest, nwh: Notification_Webhooks):
         return {
-            'form': self.get_form(request, instance=nwh),
-            'nwh': nwh,
+            "form": self.get_form(request, instance=nwh),
+            "nwh": nwh,
         }
 
     def process_form(self, request: HttpRequest, nwh: Notification_Webhooks, context: dict):
@@ -393,7 +393,7 @@ def process_form(self, request: HttpRequest, nwh: Notification_Webhooks, context
             messages.add_message(
                 request,
                 messages.SUCCESS,
-                _('Notification Webhook deleted successfully.'),
+                _("Notification Webhook deleted successfully."),
                 extra_tags="alert-success",
             )
             return request, True
diff --git a/dojo/settings/settings.dist.py b/dojo/settings/settings.dist.py
index 5e3a8dde126..3a01d935431 100644
--- a/dojo/settings/settings.dist.py
+++ b/dojo/settings/settings.dist.py
@@ -1142,9 +1142,9 @@ def saml2_attrib_map_format(dict):
         "task": "dojo.risk_acceptance.helper.expiration_handler",
         "schedule": crontab(minute=0, hour="*/3"),  # every 3 hours
     },
-    'notification_webhook_status_cleanup': {
-        'task': 'dojo.notifications.helper.webhook_status_cleanup',
-        'schedule': timedelta(minutes=1),
+    "notification_webhook_status_cleanup": {
+        "task": "dojo.notifications.helper.webhook_status_cleanup",
+        "schedule": timedelta(minutes=1),
     },
     # 'jira_status_reconciliation': {
     #     'task': 'dojo.tasks.jira_status_reconciliation_task',
diff --git a/dojo/urls.py b/dojo/urls.py
index a25864b6482..1e36b67d4f8 100644
--- a/dojo/urls.py
+++ b/dojo/urls.py
@@ -146,7 +146,7 @@
 v2_api.register(r"notes", NotesViewSet, basename="notes")
 v2_api.register(r"note_type", NoteTypeViewSet, basename="note_type")
 v2_api.register(r"notifications", NotificationsViewSet, basename="notifications")
-v2_api.register(r'notification_webhooks', NotificationWebhooksViewSet)
+v2_api.register(r"notification_webhooks", NotificationWebhooksViewSet)
 v2_api.register(r"products", ProductViewSet, basename="product")
 v2_api.register(r"product_api_scan_configurations", ProductAPIScanConfigurationViewSet, basename="product_api_scan_configuration")
 v2_api.register(r"product_groups", ProductGroupViewSet, basename="product_group")
diff --git a/tests/notifications_test.py b/tests/notifications_test.py
index 971e5a5cb82..e64527cec9c 100644
--- a/tests/notifications_test.py
+++ b/tests/notifications_test.py
@@ -159,29 +159,29 @@ def suite():
     suite.addTest(NotificationTest("test_disable_personal_notification", "mail"))
     suite.addTest(NotificationTest("test_disable_personal_notification", "slack"))
     suite.addTest(NotificationTest("test_disable_personal_notification", "msteams"))
-    suite.addTest(NotificationTest('test_disable_personal_notification', 'webhooks'))
+    suite.addTest(NotificationTest("test_disable_personal_notification", "webhooks"))
     # now test when enabled
     suite.addTest(NotificationTest("test_enable_personal_notification", "mail"))
     suite.addTest(NotificationTest("test_enable_personal_notification", "slack"))
     suite.addTest(NotificationTest("test_enable_personal_notification", "msteams"))
-    suite.addTest(NotificationTest('test_enable_personal_notification', 'webhooks'))
+    suite.addTest(NotificationTest("test_enable_personal_notification", "webhooks"))
     # Now switch to system notifications
     suite.addTest(NotificationTest("test_disable_system_notification", "mail"))
     suite.addTest(NotificationTest("test_disable_system_notification", "slack"))
     suite.addTest(NotificationTest("test_disable_system_notification", "msteams"))
-    suite.addTest(NotificationTest('test_disable_system_notification', 'webhooks'))
+    suite.addTest(NotificationTest("test_disable_system_notification", "webhooks"))
     # now test when enabled
     suite.addTest(NotificationTest("test_enable_system_notification", "mail"))
     suite.addTest(NotificationTest("test_enable_system_notification", "slack"))
     suite.addTest(NotificationTest("test_enable_system_notification", "msteams"))
-    suite.addTest(NotificationTest('test_enable_system_notification', 'webhooks'))
+    suite.addTest(NotificationTest("test_enable_system_notification", "webhooks"))
     # not really for the user we created, but still related to user settings
     suite.addTest(NotificationTest("test_user_mail_notifications_change", "mail"))
     # now do short test for the template
     suite.addTest(NotificationTest("test_enable_template_notification", "mail"))
     suite.addTest(NotificationTest("test_enable_template_notification", "slack"))
     suite.addTest(NotificationTest("test_enable_template_notification", "msteams"))
-    suite.addTest(NotificationTest('test_enable_template_notification', 'webhooks'))
+    suite.addTest(NotificationTest("test_enable_template_notification", "webhooks"))
 
     return suite
 
diff --git a/unittests/test_notifications.py b/unittests/test_notifications.py
index c9629883b64..4045e7473a9 100644
--- a/unittests/test_notifications.py
+++ b/unittests/test_notifications.py
@@ -406,10 +406,10 @@ def test_auditlog_on(self, mock):
 
 
 class TestNotificationWebhooks(DojoTestCase):
-    fixtures = ['dojo_testdata.json']
+    fixtures = ["dojo_testdata.json"]
 
     def run(self, result=None):
-        testuser = User.objects.get(username='admin')
+        testuser = User.objects.get(username="admin")
         testuser.usercontactinfo.block_execution = True
         testuser.save()
 
@@ -426,27 +426,27 @@ def setUp(self):
     def test_missing_system_webhook(self):
         # test data contains 2 entries but we need to test missing definition
         Notification_Webhooks.objects.all().delete()
-        with self.assertLogs('dojo.notifications.helper', level='INFO') as cm:
-            send_webhooks_notification(event='dummy')
-        self.assertIn('URLs for Webhooks not configured: skipping system notification', cm.output[0])
+        with self.assertLogs("dojo.notifications.helper", level="INFO") as cm:
+            send_webhooks_notification(event="dummy")
+        self.assertIn("URLs for Webhooks not configured: skipping system notification", cm.output[0])
 
     def test_missing_personal_webhook(self):
         # test data contains 2 entries but we need to test missing definition
         Notification_Webhooks.objects.all().delete()
-        with self.assertLogs('dojo.notifications.helper', level='INFO') as cm:
-            send_webhooks_notification(event='dummy', user=Dojo_User.objects.get(username="admin"))
+        with self.assertLogs("dojo.notifications.helper", level="INFO") as cm:
+            send_webhooks_notification(event="dummy", user=Dojo_User.objects.get(username="admin"))
         self.assertIn("URLs for Webhooks not configured for user '(admin)': skipping user notification", cm.output[0])
 
     def test_system_webhook_inactive(self):
         self.sys_wh.status = Notification_Webhooks.STATUS_INACTIVE_PERMANENT
         self.sys_wh.save()
-        with self.assertLogs('dojo.notifications.helper', level='INFO') as cm:
-            send_webhooks_notification(event='dummy')
+        with self.assertLogs("dojo.notifications.helper", level="INFO") as cm:
+            send_webhooks_notification(event="dummy")
         self.assertIn("URL for Webhook 'My webhook endpoint' is not active: Permanently inactive (inactive_permanent)", cm.output[0])
 
     def test_system_webhook_sucessful(self):
-        with self.assertLogs('dojo.notifications.helper', level='DEBUG') as cm:
-            send_webhooks_notification(event='dummy')
+        with self.assertLogs("dojo.notifications.helper", level="DEBUG") as cm:
+            send_webhooks_notification(event="dummy")
         self.assertIn("Message sent to endpoint 'My webhook endpoint' successfully.", cm.output[-1])
 
         updated_wh = Notification_Webhooks.objects.filter(owner=None).first()
@@ -458,8 +458,8 @@ def test_system_webhook_4xx(self):
         self.sys_wh.url = f"{self.url_base}/status/400"
         self.sys_wh.save()
 
-        with self.assertLogs('dojo.notifications.helper', level='ERROR') as cm:
-            send_webhooks_notification(event='dummy', title='Dummy event')
+        with self.assertLogs("dojo.notifications.helper", level="ERROR") as cm:
+            send_webhooks_notification(event="dummy", title="Dummy event")
         self.assertIn("Error when sending message to Webhooks 'My webhook endpoint' (status: 400)", cm.output[-1])
 
         updated_wh = Notification_Webhooks.objects.all().filter(owner=None).first()
@@ -471,14 +471,14 @@ def test_system_webhook_first_5xx(self):
         self.sys_wh.url = f"{self.url_base}/status/500"
         self.sys_wh.save()
 
-        with self.assertLogs('dojo.notifications.helper', level='ERROR') as cm:
-            send_webhooks_notification(event='dummy', title='Dummy event')
+        with self.assertLogs("dojo.notifications.helper", level="ERROR") as cm:
+            send_webhooks_notification(event="dummy", title="Dummy event")
 
         updated_wh = Notification_Webhooks.objects.filter(owner=None).first()
         self.assertEqual(updated_wh.status, Notification_Webhooks.STATUS_INACTIVE_TMP)
         self.assertIsNotNone(updated_wh.first_error)
         self.assertEqual(updated_wh.first_error, updated_wh.last_error)
-        self.assertEqual('Response status code: 500', updated_wh.note)
+        self.assertEqual("Response status code: 500", updated_wh.note)
         self.assertIn("Error when sending message to Webhooks 'My webhook endpoint' (status: 500)", cm.output[-1])
 
     def test_system_webhook_second_5xx_within_one_day(self):
@@ -489,14 +489,14 @@ def test_system_webhook_second_5xx_within_one_day(self):
         self.sys_wh.last_error = ten_mins_ago
         self.sys_wh.save()
 
-        with self.assertLogs('dojo.notifications.helper', level='ERROR') as cm:
-            send_webhooks_notification(event='dummy', title='Dummy event')
+        with self.assertLogs("dojo.notifications.helper", level="ERROR") as cm:
+            send_webhooks_notification(event="dummy", title="Dummy event")
 
         updated_wh = Notification_Webhooks.objects.filter(owner=None).first()
         self.assertEqual(updated_wh.status, Notification_Webhooks.STATUS_INACTIVE_TMP)
         self.assertEqual(updated_wh.first_error, ten_mins_ago)
         self.assertGreater(updated_wh.last_error, ten_mins_ago)
-        self.assertEqual('Response status code: 500', updated_wh.note)
+        self.assertEqual("Response status code: 500", updated_wh.note)
         self.assertIn("Error when sending message to Webhooks 'My webhook endpoint' (status: 500)", cm.output[-1])
 
     def test_system_webhook_third_5xx_after_more_then_day(self):
@@ -509,18 +509,18 @@ def test_system_webhook_third_5xx_after_more_then_day(self):
         self.sys_wh.last_error = ten_minutes_ago
         self.sys_wh.save()
 
-        with self.assertLogs('dojo.notifications.helper', level='ERROR') as cm:
-            send_webhooks_notification(event='dummy', title='Dummy event')
+        with self.assertLogs("dojo.notifications.helper", level="ERROR") as cm:
+            send_webhooks_notification(event="dummy", title="Dummy event")
 
         updated_wh = Notification_Webhooks.objects.filter(owner=None).first()
         self.assertEqual(updated_wh.status, Notification_Webhooks.STATUS_INACTIVE_PERMANENT)
         self.assertEqual(updated_wh.first_error, day_ago)
         self.assertGreater(updated_wh.last_error, ten_minutes_ago)
-        self.assertEqual('Response status code: 500', updated_wh.note)
+        self.assertEqual("Response status code: 500", updated_wh.note)
         self.assertIn("Error when sending message to Webhooks 'My webhook endpoint' (status: 500)", cm.output[-1])
 
     def test_webhook_reactivation(self):
-        with self.subTest('active'):
+        with self.subTest("active"):
             wh = Notification_Webhooks.objects.filter(owner=None).first()
             webhook_reactivation(endpoint_id=wh.pk)
 
@@ -530,7 +530,7 @@ def test_webhook_reactivation(self):
             self.assertIsNone(updated_wh.last_error)
             self.assertIsNone(updated_wh.note)
 
-        with self.subTest('inactive'):
+        with self.subTest("inactive"):
             now = get_current_datetime()
             wh = Notification_Webhooks.objects.filter(owner=None).first()
             wh.status = Notification_Webhooks.STATUS_INACTIVE_TMP
@@ -539,7 +539,7 @@ def test_webhook_reactivation(self):
             wh.note = "Response status code: 418"
             wh.save()
 
-            with self.assertLogs('dojo.notifications.helper', level='DEBUG') as cm:
+            with self.assertLogs("dojo.notifications.helper", level="DEBUG") as cm:
                 webhook_reactivation(endpoint_id=wh.pk)
 
             updated_wh = Notification_Webhooks.objects.filter(owner=None).first()
@@ -550,7 +550,7 @@ def test_webhook_reactivation(self):
             self.assertIn("Webhook endpoint 'My webhook endpoint' reactivated to 'active_tmp'", cm.output[-1])
 
     def test_webhook_status_cleanup(self):
-        with self.subTest('active'):
+        with self.subTest("active"):
             webhook_status_cleanup()
 
             updated_wh = Notification_Webhooks.objects.filter(owner=None).first()
@@ -559,7 +559,7 @@ def test_webhook_status_cleanup(self):
             self.assertIsNone(updated_wh.last_error)
             self.assertIsNone(updated_wh.note)
 
-        with self.subTest('active_tmp_new'):
+        with self.subTest("active_tmp_new"):
             now = get_current_datetime()
             wh = Notification_Webhooks.objects.filter(owner=None).first()
             wh.status = Notification_Webhooks.STATUS_ACTIVE_TMP
@@ -576,7 +576,7 @@ def test_webhook_status_cleanup(self):
             self.assertEqual(updated_wh.first_error, updated_wh.last_error)
             self.assertEqual(updated_wh.note, "Response status code: 503")
 
-        with self.subTest('active_tmp_old'):
+        with self.subTest("active_tmp_old"):
             day_ago = get_current_datetime() - datetime.timedelta(hours=24, minutes=10)
             wh = Notification_Webhooks.objects.filter(owner=None).first()
             wh.status = Notification_Webhooks.STATUS_ACTIVE_TMP
@@ -585,17 +585,17 @@ def test_webhook_status_cleanup(self):
             wh.note = "Response status code: 503"
             wh.save()
 
-            with self.assertLogs('dojo.notifications.helper', level='DEBUG') as cm:
+            with self.assertLogs("dojo.notifications.helper", level="DEBUG") as cm:
                 webhook_status_cleanup()
 
             updated_wh = Notification_Webhooks.objects.filter(owner=None).first()
             self.assertEqual(updated_wh.status, Notification_Webhooks.STATUS_ACTIVE)
             self.assertIsNone(updated_wh.first_error)
             self.assertIsNone(updated_wh.last_error)
-            self.assertEqual(updated_wh.note, 'Reactivation from active_tmp')
+            self.assertEqual(updated_wh.note, "Reactivation from active_tmp")
             self.assertIn("Webhook endpoint 'My webhook endpoint' reactivated from 'active_tmp' to 'active'", cm.output[-1])
 
-        with self.subTest('inactive_tmp_new'):
+        with self.subTest("inactive_tmp_new"):
             minute_ago = get_current_datetime() - datetime.timedelta(minutes=1)
             wh = Notification_Webhooks.objects.filter(owner=None).first()
             wh.status = Notification_Webhooks.STATUS_INACTIVE_TMP
@@ -612,7 +612,7 @@ def test_webhook_status_cleanup(self):
             self.assertEqual(updated_wh.last_error, minute_ago)
             self.assertEqual(updated_wh.note, "Response status code: 503")
 
-        with self.subTest('inactive_tmp_old'):
+        with self.subTest("inactive_tmp_old"):
             ten_minutes_ago = get_current_datetime() - datetime.timedelta(minutes=10)
             wh = Notification_Webhooks.objects.filter(owner=None).first()
             wh.status = Notification_Webhooks.STATUS_INACTIVE_TMP
@@ -621,7 +621,7 @@ def test_webhook_status_cleanup(self):
             wh.note = "Response status code: 503"
             wh.save()
 
-            with self.assertLogs('dojo.notifications.helper', level='DEBUG') as cm:
+            with self.assertLogs("dojo.notifications.helper", level="DEBUG") as cm:
                 webhook_status_cleanup()
 
             updated_wh = Notification_Webhooks.objects.filter(owner=None).first()
@@ -639,8 +639,8 @@ def test_system_webhook_timeout(self):
         system_settings.webhooks_notifications_timeout = 1
         system_settings.save()
 
-        with self.assertLogs('dojo.notifications.helper', level='ERROR') as cm:
-            send_webhooks_notification(event='dummy', title='Dummy event')
+        with self.assertLogs("dojo.notifications.helper", level="ERROR") as cm:
+            send_webhooks_notification(event="dummy", title="Dummy event")
 
         updated_wh = Notification_Webhooks.objects.filter(owner=None).first()
         self.assertEqual(updated_wh.status, Notification_Webhooks.STATUS_INACTIVE_TMP)
@@ -654,8 +654,8 @@ def test_system_webhook_wrong_fqdn(self):
         self.sys_wh.url = "http://non.existing.place"
         self.sys_wh.save()
 
-        with self.assertLogs('dojo.notifications.helper', level='ERROR') as cm:
-            send_webhooks_notification(event='dummy', title='Dummy event')
+        with self.assertLogs("dojo.notifications.helper", level="ERROR") as cm:
+            send_webhooks_notification(event="dummy", title="Dummy event")
 
         updated_wh = Notification_Webhooks.objects.filter(owner=None).first()
         self.assertEqual(updated_wh.status, Notification_Webhooks.STATUS_INACTIVE_PERMANENT)
@@ -664,169 +664,169 @@ def test_system_webhook_wrong_fqdn(self):
         self.assertIn("HTTPConnectionPool(host='non.existing.place', port=80): Max retries exceeded with url: /", updated_wh.note)
         self.assertIn("HTTPConnectionPool(host='non.existing.place', port=80): Max retries exceeded with url: /", cm.output[-1])
 
-    @patch('requests.request', **{'return_value.status_code': 200})
+    @patch("requests.request", **{"return_value.status_code": 200})
     def test_headers(self, mock):
-        Product_Type.objects.create(name='notif prod type')
-        self.assertEqual(mock.call_args.kwargs['headers'], {
-            'User-Agent': f"DefectDojo-{dd_version}",
-            'X-DefectDojo-Event': 'product_type_added',
-            'X-DefectDojo-Instance': 'http://localhost:8080',
-            'Accept': 'application/json',
-            'Auth': 'Token xxx',
+        Product_Type.objects.create(name="notif prod type")
+        self.assertEqual(mock.call_args.kwargs["headers"], {
+            "User-Agent": f"DefectDojo-{dd_version}",
+            "X-DefectDojo-Event": "product_type_added",
+            "X-DefectDojo-Instance": "http://localhost:8080",
+            "Accept": "application/json",
+            "Auth": "Token xxx",
         })
 
-    @patch('requests.request', **{'return_value.status_code': 200})
+    @patch("requests.request", **{"return_value.status_code": 200})
     def test_events_messages(self, mock):
-        with self.subTest('product_type_added'):
-            prod_type = Product_Type.objects.create(name='notif prod type')
-            self.assertEqual(mock.call_args.kwargs['headers']['X-DefectDojo-Event'], 'product_type_added')
-            self.assertEqual(mock.call_args.kwargs['json'], {
-                'description': None,
-                'user': None,
-                'url': f'http://localhost:8080/product/type/{prod_type.pk}',
-                'product_type': {
-                    'id': prod_type.pk,
-                    'name': 'notif prod type',
+        with self.subTest("product_type_added"):
+            prod_type = Product_Type.objects.create(name="notif prod type")
+            self.assertEqual(mock.call_args.kwargs["headers"]["X-DefectDojo-Event"], "product_type_added")
+            self.assertEqual(mock.call_args.kwargs["json"], {
+                "description": None,
+                "user": None,
+                "url": f"http://localhost:8080/product/type/{prod_type.pk}",
+                "product_type": {
+                    "id": prod_type.pk,
+                    "name": "notif prod type",
                 },
             })
 
-        with self.subTest('product_added'):
-            prod = Product.objects.create(name='notif prod', prod_type=prod_type)
-            self.assertEqual(mock.call_args.kwargs['headers']['X-DefectDojo-Event'], 'product_added')
-            self.assertEqual(mock.call_args.kwargs['json'], {
-                'description': None,
-                'user': None,
-                'url': f'http://localhost:8080/product/{prod.pk}',
-                'product_type': {
-                    'id': prod_type.pk,
-                    'name': 'notif prod type',
+        with self.subTest("product_added"):
+            prod = Product.objects.create(name="notif prod", prod_type=prod_type)
+            self.assertEqual(mock.call_args.kwargs["headers"]["X-DefectDojo-Event"], "product_added")
+            self.assertEqual(mock.call_args.kwargs["json"], {
+                "description": None,
+                "user": None,
+                "url": f"http://localhost:8080/product/{prod.pk}",
+                "product_type": {
+                    "id": prod_type.pk,
+                    "name": "notif prod type",
                 },
-                'product': {
-                    'id': prod.pk,
-                    'name': 'notif prod',
+                "product": {
+                    "id": prod.pk,
+                    "name": "notif prod",
                 },
             })
 
-        with self.subTest('engagement_added'):
-            eng = Engagement.objects.create(name='notif eng', product=prod, target_start=timezone.now(), target_end=timezone.now())
-            self.assertEqual(mock.call_args.kwargs['headers']['X-DefectDojo-Event'], 'engagement_added')
-            self.assertEqual(mock.call_args.kwargs['json'], {
-                'description': None,
-                'user': None,
-                'url': f'http://localhost:8080/engagement/{eng.pk}',
-                'product_type': {
-                    'id': prod_type.pk,
-                    'name': 'notif prod type',
+        with self.subTest("engagement_added"):
+            eng = Engagement.objects.create(name="notif eng", product=prod, target_start=timezone.now(), target_end=timezone.now())
+            self.assertEqual(mock.call_args.kwargs["headers"]["X-DefectDojo-Event"], "engagement_added")
+            self.assertEqual(mock.call_args.kwargs["json"], {
+                "description": None,
+                "user": None,
+                "url": f"http://localhost:8080/engagement/{eng.pk}",
+                "product_type": {
+                    "id": prod_type.pk,
+                    "name": "notif prod type",
                 },
-                'product': {
-                    'id': prod.pk,
-                    'name': 'notif prod',
+                "product": {
+                    "id": prod.pk,
+                    "name": "notif prod",
                 },
-                'engagement': {
-                    'id': eng.pk,
-                    'name': 'notif eng',
+                "engagement": {
+                    "id": eng.pk,
+                    "name": "notif eng",
                 },
             })
 
-        with self.subTest('test_added'):
-            test = Test.objects.create(title='notif test', engagement=eng, target_start=timezone.now(), target_end=timezone.now(), test_type_id=Test_Type.objects.first().id)
+        with self.subTest("test_added"):
+            test = Test.objects.create(title="notif test", engagement=eng, target_start=timezone.now(), target_end=timezone.now(), test_type_id=Test_Type.objects.first().id)
             notifications_helper.notify_test_created(test)
-            self.assertEqual(mock.call_args.kwargs['headers']['X-DefectDojo-Event'], 'test_added')
-            self.assertEqual(mock.call_args.kwargs['json'], {
-                'description': None,
-                'user': None,
-                'url': f'http://localhost:8080/test/{test.pk}',
-                'product_type': {
-                    'id': prod_type.pk,
-                    'name': 'notif prod type',
+            self.assertEqual(mock.call_args.kwargs["headers"]["X-DefectDojo-Event"], "test_added")
+            self.assertEqual(mock.call_args.kwargs["json"], {
+                "description": None,
+                "user": None,
+                "url": f"http://localhost:8080/test/{test.pk}",
+                "product_type": {
+                    "id": prod_type.pk,
+                    "name": "notif prod type",
                 },
-                'product': {
-                    'id': prod.pk,
-                    'name': 'notif prod',
+                "product": {
+                    "id": prod.pk,
+                    "name": "notif prod",
                 },
-                'engagement': {
-                    'id': eng.pk,
-                    'name': 'notif eng',
+                "engagement": {
+                    "id": eng.pk,
+                    "name": "notif eng",
                 },
-                'test': {
-                    'id': test.pk,
-                    'title': 'notif test',
+                "test": {
+                    "id": test.pk,
+                    "title": "notif test",
                 },
             })
 
-        with self.subTest('scan_added_empty'):
+        with self.subTest("scan_added_empty"):
             notifications_helper.notify_scan_added(test, updated_count=0)
-            self.assertEqual(mock.call_args.kwargs['headers']['X-DefectDojo-Event'], 'scan_added_empty')
-            self.assertEqual(mock.call_args.kwargs['json'], {
-                'description': None,
-                'user': None,
-                'url': f'http://localhost:8080/test/{test.pk}',
-                'product_type': {
-                    'id': prod_type.pk,
-                    'name': 'notif prod type',
+            self.assertEqual(mock.call_args.kwargs["headers"]["X-DefectDojo-Event"], "scan_added_empty")
+            self.assertEqual(mock.call_args.kwargs["json"], {
+                "description": None,
+                "user": None,
+                "url": f"http://localhost:8080/test/{test.pk}",
+                "product_type": {
+                    "id": prod_type.pk,
+                    "name": "notif prod type",
                 },
-                'product': {
-                    'id': prod.pk,
-                    'name': 'notif prod',
+                "product": {
+                    "id": prod.pk,
+                    "name": "notif prod",
                 },
-                'engagement': {
-                    'id': eng.pk,
-                    'name': 'notif eng',
+                "engagement": {
+                    "id": eng.pk,
+                    "name": "notif eng",
                 },
-                'test': {
-                    'id': test.pk,
-                    'title': 'notif test',
+                "test": {
+                    "id": test.pk,
+                    "title": "notif test",
                 },
-                'finding_count': 0,
-                'findings': {
-                    'mitigated': [],
-                    'new': [],
-                    'reactivated': [],
-                    'untouched': [],
+                "finding_count": 0,
+                "findings": {
+                    "mitigated": [],
+                    "new": [],
+                    "reactivated": [],
+                    "untouched": [],
                 },
             })
 
-        with self.subTest('scan_added'):
+        with self.subTest("scan_added"):
             notifications_helper.notify_scan_added(test,
                 updated_count=4,
                 new_findings=[
-                    Finding.objects.create(test=test, title='New Finding', severity='Critical'),
+                    Finding.objects.create(test=test, title="New Finding", severity="Critical"),
                 ],
                 findings_mitigated=[
-                    Finding.objects.create(test=test, title='Mitigated Finding', severity='Medium'),
+                    Finding.objects.create(test=test, title="Mitigated Finding", severity="Medium"),
                 ],
                 findings_reactivated=[
-                    Finding.objects.create(test=test, title='Reactivated Finding', severity='Low'),
+                    Finding.objects.create(test=test, title="Reactivated Finding", severity="Low"),
                 ],
                 findings_untouched=[
-                    Finding.objects.create(test=test, title='Untouched Finding', severity='Info'),
+                    Finding.objects.create(test=test, title="Untouched Finding", severity="Info"),
                 ],
             )
-            self.assertEqual(mock.call_args.kwargs['headers']['X-DefectDojo-Event'], 'scan_added')
+            self.assertEqual(mock.call_args.kwargs["headers"]["X-DefectDojo-Event"], "scan_added")
             self.maxDiff = None
-            self.assertEqual(mock.call_args.kwargs['json']['findings'], {
-                'new': [{
-                    'id': 232,
-                    'title': 'New Finding',
-                    'severity': 'Critical',
-                    'url': 'http://localhost:8080/finding/232',
+            self.assertEqual(mock.call_args.kwargs["json"]["findings"], {
+                "new": [{
+                    "id": 232,
+                    "title": "New Finding",
+                    "severity": "Critical",
+                    "url": "http://localhost:8080/finding/232",
                 }],
-                'mitigated': [{
-                    'id': 233,
-                    'title': 'Mitigated Finding',
-                    'severity': 'Medium',
-                    'url': 'http://localhost:8080/finding/233',
+                "mitigated": [{
+                    "id": 233,
+                    "title": "Mitigated Finding",
+                    "severity": "Medium",
+                    "url": "http://localhost:8080/finding/233",
                 }],
-                'reactivated': [{
-                    'id': 234,
-                    'title': 'Reactivated Finding',
-                    'severity': 'Low',
-                    'url': 'http://localhost:8080/finding/234',
+                "reactivated": [{
+                    "id": 234,
+                    "title": "Reactivated Finding",
+                    "severity": "Low",
+                    "url": "http://localhost:8080/finding/234",
                 }],
-                'untouched': [{
-                    'id': 235,
-                    'title': 'Untouched Finding',
-                    'severity': 'Info',
-                    'url': 'http://localhost:8080/finding/235',
+                "untouched": [{
+                    "id": 235,
+                    "title": "Untouched Finding",
+                    "severity": "Info",
+                    "url": "http://localhost:8080/finding/235",
                 }],
             })
diff --git a/unittests/test_rest_framework.py b/unittests/test_rest_framework.py
index 3051919adc3..e4c4ef361e6 100644
--- a/unittests/test_rest_framework.py
+++ b/unittests/test_rest_framework.py
@@ -3002,12 +3002,12 @@ def test_create(self):
 
 
 class NotificationWebhooksTest(BaseClass.BaseClassTest):
-    fixtures = ['dojo_testdata.json']
+    fixtures = ["dojo_testdata.json"]
 
     def __init__(self, *args, **kwargs):
         self.endpoint_model = Notification_Webhooks
-        self.endpoint_path = 'notification_webhooks'
-        self.viewname = 'notification_webhooks'
+        self.endpoint_path = "notification_webhooks"
+        self.viewname = "notification_webhooks"
         self.viewset = NotificationWebhooksViewSet
         self.payload = {
             "name": "My endpoint",

From fb501014bf7516b758e0517c4e24595db68ef979 Mon Sep 17 00:00:00 2001
From: kiblik <5609770+kiblik@users.noreply.github.com>
Date: Mon, 5 Aug 2024 11:33:03 +0200
Subject: [PATCH 46/63] Fix db_mig

---
 ...webhooks_notifications.py => 0214_webhooks_notifications.py} | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 rename dojo/db_migrations/{0213_webhooks_notifications.py => 0214_webhooks_notifications.py} (99%)

diff --git a/dojo/db_migrations/0213_webhooks_notifications.py b/dojo/db_migrations/0214_webhooks_notifications.py
similarity index 99%
rename from dojo/db_migrations/0213_webhooks_notifications.py
rename to dojo/db_migrations/0214_webhooks_notifications.py
index 0e1d3a7eb42..191115a3373 100644
--- a/dojo/db_migrations/0213_webhooks_notifications.py
+++ b/dojo/db_migrations/0214_webhooks_notifications.py
@@ -8,7 +8,7 @@
 class Migration(migrations.Migration):
 
     dependencies = [
-        ('dojo', '0212_sla_configuration_enforce_critical_and_more'),
+        ('dojo', '0213_system_settings_enable_ui_table_based_searching'),
     ]
 
     operations = [

From 416d040fc84d6b1399319e7f063588cf61301852 Mon Sep 17 00:00:00 2001
From: kiblik <5609770+kiblik@users.noreply.github.com>
Date: Fri, 9 Aug 2024 20:25:30 +0200
Subject: [PATCH 47/63] Fix long notes

---
 dojo/notifications/helper.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/dojo/notifications/helper.py b/dojo/notifications/helper.py
index bfa93c7efd7..0b1c2eb22b2 100644
--- a/dojo/notifications/helper.py
+++ b/dojo/notifications/helper.py
@@ -447,7 +447,7 @@ def send_webhooks_notification(event, user=None, *args, **kwargs):
 
         except Exception as e:
             error = ERROR_PERMANENT
-            endpoint.note = f"Exception: {e}"
+            endpoint.note = f"Exception: {e}"[:1000]
             logger.exception(e)
             log_alert(e, "Webhooks Notification")
 

From fb103103103a7f03177cb19f22c2e9253529c0e9 Mon Sep 17 00:00:00 2001
From: kiblik <5609770+kiblik@users.noreply.github.com>
Date: Tue, 13 Aug 2024 18:45:34 +0200
Subject: [PATCH 48/63] Clean ruff

---
 dojo/api_v2/views.py        |  2 +-
 dojo/forms.py               |  4 ++--
 dojo/notifications/views.py | 18 +++++++++---------
 3 files changed, 12 insertions(+), 12 deletions(-)

diff --git a/dojo/api_v2/views.py b/dojo/api_v2/views.py
index b43b056dd2b..7ae9925479a 100644
--- a/dojo/api_v2/views.py
+++ b/dojo/api_v2/views.py
@@ -3342,4 +3342,4 @@ class NotificationWebhooksViewSet(
     queryset = Notification_Webhooks.objects.all()
     filter_backends = (DjangoFilterBackend,)
     filterset_fields = "__all__"
-    permission_classes = (permissions.IsSuperUser, DjangoModelPermissions)  # TODO add permission also for other users
+    permission_classes = (permissions.IsSuperUser, DjangoModelPermissions)  # TODO: add permission also for other users
diff --git a/dojo/forms.py b/dojo/forms.py
index 8c56c45edac..d4ccabbafce 100644
--- a/dojo/forms.py
+++ b/dojo/forms.py
@@ -2788,12 +2788,12 @@ def __init__(self, *args, **kwargs):
         is_superuser = kwargs.pop("is_superuser", False)
         logger.debug(f"is_superuser: {is_superuser}")
         super().__init__(*args, **kwargs)
-        self.fields["status"].disabled = True  # TODO - same for API
+        self.fields["status"].disabled = True  # TODO: - same for API
         self.fields["first_error"].disabled = True
         self.fields["last_error"].disabled = True
         self.fields["note"].disabled = True
         if not is_superuser:  # Only superadmins can edit owner
-            self.fields["owner"].disabled = True  # TODO needs to be tested
+            self.fields["owner"].disabled = True  # TODO: needs to be tested
 
 
 class DeleteNotificationsWebhookForm(forms.ModelForm):
diff --git a/dojo/notifications/views.py b/dojo/notifications/views.py
index 84c6b9700c1..19521f7c51b 100644
--- a/dojo/notifications/views.py
+++ b/dojo/notifications/views.py
@@ -143,7 +143,7 @@ def check_webhooks_enabled(self):
     def check_user_permissions(self, request: HttpRequest):
         if not request.user.is_superuser:
             raise PermissionDenied
-        # TODO finished access for other users
+        # TODO: finished access for other users
         # if not user_has_configuration_permission(request.user, self.permission):
         #     raise PermissionDenied()
 
@@ -183,8 +183,8 @@ def get_initial_context(self, request: HttpRequest, nwhs: Notification_Webhooks)
 
     def get_notification_webhooks(self, request: HttpRequest):
         nwhs = Notification_Webhooks.objects.all().order_by("name")
-        # TODO finished pagination
-        # TODO restrict based on user - not only superadmins have access and they see everything
+        # TODO: finished pagination
+        # TODO: restrict based on user - not only superadmins have access and they see everything
         return nwhs
 
     def get(self, request: HttpRequest):
@@ -205,7 +205,7 @@ class AddNotificationWebhooksView(NotificationWebhooksView):
     permission = "dojo.add_notification_webhooks"
     breadcrumb = "Add Notification Webhook"
 
-    # TODO Disable Owner if not superadmin
+    # TODO: Disable Owner if not superadmin
 
     def get_initial_context(self, request: HttpRequest):
         return {
@@ -273,13 +273,13 @@ def post(self, request: HttpRequest):
 class EditNotificationWebhooksView(NotificationWebhooksView):
     template = "dojo/edit_notification_webhook.html"
     permission = "dojo.change_notification_webhooks"
-    # TODO this could be better: @user_is_authorized(Finding, Permissions.Finding_Delete, 'fid')
+    # TODO: this could be better: @user_is_authorized(Finding, Permissions.Finding_Delete, 'fid')
     breadcrumb = "Edit Notification Webhook"
 
     def get_notification_webhook(self, nwhid: int):
         return get_object_or_404(Notification_Webhooks, id=nwhid)
 
-    # TODO Disable Owner if not superadmin
+    # TODO: Disable Owner if not superadmin
 
     def get_initial_context(self, request: HttpRequest, nwh: Notification_Webhooks):
         return {
@@ -291,7 +291,7 @@ def get_initial_context(self, request: HttpRequest, nwh: Notification_Webhooks):
 
     def process_form(self, request: HttpRequest, nwh: Notification_Webhooks, context: dict):
         form = context["form"]
-        if "deactivate_webhook" in request.POST:  # TODO add this to API as well
+        if "deactivate_webhook" in request.POST:  # TODO: add this to API as well
             nwh.status = Notification_Webhooks.STATUS_INACTIVE_PERMANENT
             nwh.first_error = None
             nwh.last_error = None
@@ -362,13 +362,13 @@ def post(self, request: HttpRequest, nwhid: int):
 class DeleteNotificationWebhooksView(NotificationWebhooksView):
     template = "dojo/delete_notification_webhook.html"
     permission = "dojo.delete_notification_webhooks"
-    # TODO this could be better: @user_is_authorized(Finding, Permissions.Finding_Delete, 'fid')
+    # TODO: this could be better: @user_is_authorized(Finding, Permissions.Finding_Delete, 'fid')
     breadcrumb = "Edit Notification Webhook"
 
     def get_notification_webhook(self, nwhid: int):
         return get_object_or_404(Notification_Webhooks, id=nwhid)
 
-    # TODO Disable Owner if not superadmin
+    # TODO: Disable Owner if not superadmin
 
     def get_form(
         self,

From 5e1877b23ebfb015d50cbd69a7292f2a752113e0 Mon Sep 17 00:00:00 2001
From: kiblik <5609770+kiblik@users.noreply.github.com>
Date: Fri, 16 Aug 2024 18:24:46 +0200
Subject: [PATCH 49/63] Move "webhook.endpoint" from debug docker to dev

---
 docker-compose.override.dev.yml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/docker-compose.override.dev.yml b/docker-compose.override.dev.yml
index f3a281af061..cf60d8d00a3 100644
--- a/docker-compose.override.dev.yml
+++ b/docker-compose.override.dev.yml
@@ -53,3 +53,5 @@ services:
         published: 8025
         protocol: tcp
         mode: host
+  "webhook.endpoint":
+    image: mccutchen/go-httpbin:v2.14.0@sha256:e0f398a0a29e7cf00a2467326344d70b4d89d0786d8f9a3287c2a0371c804823

From f69dcdde2aafb532eb9d628cc9b211932db0d13f Mon Sep 17 00:00:00 2001
From: kiblik <5609770+kiblik@users.noreply.github.com>
Date: Fri, 16 Aug 2024 19:35:33 +0200
Subject: [PATCH 50/63] Make fields "editable=False"

---
 dojo/db_migrations/0214_webhooks_notifications.py | 12 ++++++------
 dojo/forms.py                                     |  4 ----
 dojo/models.py                                    |  9 +++++----
 3 files changed, 11 insertions(+), 14 deletions(-)

diff --git a/dojo/db_migrations/0214_webhooks_notifications.py b/dojo/db_migrations/0214_webhooks_notifications.py
index 191115a3373..89c769cc216 100644
--- a/dojo/db_migrations/0214_webhooks_notifications.py
+++ b/dojo/db_migrations/0214_webhooks_notifications.py
@@ -1,8 +1,8 @@
-# Generated by Django 4.2.13 on 2024-07-10 08:04
+# Generated by Django 5.0.8 on 2024-08-16 17:07
 
-from django.db import migrations, models
 import django.db.models.deletion
 import multiselectfield.db.fields
+from django.db import migrations, models
 
 
 class Migration(migrations.Migration):
@@ -120,10 +120,10 @@ class Migration(migrations.Migration):
                 ('url', models.URLField(default='', help_text='The full URL of the incoming webhook')),
                 ('header_name', models.CharField(blank=True, default='', help_text='Name of the header required for interacting with Webhook endpoint', max_length=100, null=True)),
                 ('header_value', models.CharField(blank=True, default='', help_text='Content of the header required for interacting with Webhook endpoint', max_length=100, null=True)),
-                ('status', models.CharField(choices=[('active', 'Active'), ('active_tmp', 'Active but 5xx (or similar) error detected'), ('inactive_tmp', 'Temporary inactive because of 5xx (or similar) error'), ('inactive_permanent', 'Permanently inactive')], default='active', help_text='Status of the incoming webhook', max_length=20)),
-                ('first_error', models.DateTimeField(blank=True, help_text='If endpoint is active, when error happened first time', null=True)),
-                ('last_error', models.DateTimeField(blank=True, help_text='If endpoint is active, when error happened last time', null=True)),
-                ('note', models.CharField(blank=True, default='', help_text='Description of the latest error', max_length=1000, null=True)),
+                ('status', models.CharField(choices=[('active', 'Active'), ('active_tmp', 'Active but 5xx (or similar) error detected'), ('inactive_tmp', 'Temporary inactive because of 5xx (or similar) error'), ('inactive_permanent', 'Permanently inactive')], default='active', editable=False, help_text='Status of the incoming webhook', max_length=20)),
+                ('first_error', models.DateTimeField(blank=True, editable=False, help_text='If endpoint is active, when error happened first time', null=True)),
+                ('last_error', models.DateTimeField(blank=True, editable=False, help_text='If endpoint is active, when error happened last time', null=True)),
+                ('note', models.CharField(blank=True, default='', editable=False, help_text='Description of the latest error', max_length=1000, null=True)),
                 ('owner', models.ForeignKey(blank=True, help_text='Owner/receiver of notification, if empty processed as system notification', null=True, on_delete=django.db.models.deletion.CASCADE, to='dojo.dojo_user')),
             ],
         ),
diff --git a/dojo/forms.py b/dojo/forms.py
index d4ccabbafce..4c0f07a7870 100644
--- a/dojo/forms.py
+++ b/dojo/forms.py
@@ -2788,10 +2788,6 @@ def __init__(self, *args, **kwargs):
         is_superuser = kwargs.pop("is_superuser", False)
         logger.debug(f"is_superuser: {is_superuser}")
         super().__init__(*args, **kwargs)
-        self.fields["status"].disabled = True  # TODO: - same for API
-        self.fields["first_error"].disabled = True
-        self.fields["last_error"].disabled = True
-        self.fields["note"].disabled = True
         if not is_superuser:  # Only superadmins can edit owner
             self.fields["owner"].disabled = True  # TODO: needs to be tested
 
diff --git a/dojo/models.py b/dojo/models.py
index 2bff5988a82..77808ffb82c 100644
--- a/dojo/models.py
+++ b/dojo/models.py
@@ -4140,12 +4140,13 @@ class Notification_Webhooks(models.Model):
     header_value = models.CharField(max_length=100, default="", blank=True, null=True,
                                    help_text=_("Content of the header required for interacting with Webhook endpoint"))
     status = models.CharField(max_length=20, choices=STATUS_CHOICES, default="active", blank=False,
-                              help_text=_("Status of the incoming webhook"))
-    first_error = models.DateTimeField(help_text=_("If endpoint is active, when error happened first time"), blank=True, null=True)
-    last_error = models.DateTimeField(help_text=_("If endpoint is active, when error happened last time"), blank=True, null=True)
-    note = models.CharField(max_length=1000, default="", blank=True, null=True, help_text=_("Description of the latest error"))
+                              help_text=_("Status of the incoming webhook"), editable=False)
+    first_error = models.DateTimeField(help_text=_("If endpoint is active, when error happened first time"), blank=True, null=True, editable=False)
+    last_error = models.DateTimeField(help_text=_("If endpoint is active, when error happened last time"), blank=True, null=True, editable=False)
+    note = models.CharField(max_length=1000, default="", blank=True, null=True, help_text=_("Description of the latest error"), editable=False)
     owner = models.ForeignKey(Dojo_User, editable=True, null=True, blank=True, on_delete=models.CASCADE,
                               help_text=_("Owner/receiver of notification, if empty processed as system notification"))
+    # TODO: Test that `editable` will block editing via API
 
 
 class Tool_Product_Settings(models.Model):

From 47fd8c1be717e42f766ff6b9488a7f143bd6d3f5 Mon Sep 17 00:00:00 2001
From: kiblik <5609770+kiblik@users.noreply.github.com>
Date: Fri, 16 Aug 2024 19:39:28 +0200
Subject: [PATCH 51/63] Try to fix accesslint

---
 dojo/templates/dojo/view_notification_webhooks.html | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/dojo/templates/dojo/view_notification_webhooks.html b/dojo/templates/dojo/view_notification_webhooks.html
index 6bc0b153530..52a74f3214c 100644
--- a/dojo/templates/dojo/view_notification_webhooks.html
+++ b/dojo/templates/dojo/view_notification_webhooks.html
@@ -11,9 +11,9 @@
                     <h3 class="has-filters">
                         Notification Webhook List
                         <div class="dropdown pull-right">
-                            <button id="show-filters" data-toggle="collapse" data-target="#the-filters" class="btn btn-primary toggle-filters"> <i class="fa-solid fa-filter"></i> <i class="caret"></i> </button>
+                            <button id="show-filters" name="show filter" data-toggle="collapse" data-target="#the-filters" class="btn btn-primary toggle-filters"> <i class="fa-solid fa-filter"></i> <i class="caret"></i> </button>
                             {% if "dojo.add_notification_webhook"|has_configuration_permission:request %}
-                            <button class="btn btn-primary dropdown-toggle" type="button" id="dropdownMenu1"
+                            <button class="btn btn-primary dropdown-toggle" type="button" id="dropdownMenu1" name="show filter"
                                   data-toggle="dropdown" aria-expanded="true">
                               <span class="fa-solid fa-screwdriver-wrench"></span>
                               <span class="caret"></span>

From 82d16527bcfde6d80b4a92285f54f8100c88b3ba Mon Sep 17 00:00:00 2001
From: kiblik <5609770+kiblik@users.noreply.github.com>
Date: Fri, 16 Aug 2024 19:40:51 +0200
Subject: [PATCH 52/63] Use class-based choices

---
 dojo/models.py                  | 22 +++++++----------
 dojo/notifications/helper.py    | 26 +++++++++----------
 dojo/notifications/views.py     |  6 ++---
 unittests/test_notifications.py | 44 ++++++++++++++++-----------------
 4 files changed, 47 insertions(+), 51 deletions(-)

diff --git a/dojo/models.py b/dojo/models.py
index 77808ffb82c..15deab21895 100644
--- a/dojo/models.py
+++ b/dojo/models.py
@@ -4119,18 +4119,14 @@ def get_list_display(self, request):
 
 
 class Notification_Webhooks(models.Model):
-    _STATUS_ACTIVE = "active"
-    _STATUS_INACTIVE = "inactive"
-    STATUS_ACTIVE = f"{_STATUS_ACTIVE}"
-    STATUS_ACTIVE_TMP = f"{_STATUS_ACTIVE}_tmp"
-    STATUS_INACTIVE_TMP = f"{_STATUS_INACTIVE}_tmp"
-    STATUS_INACTIVE_PERMANENT = f"{_STATUS_INACTIVE}_permanent"
-    STATUS_CHOICES = (
-        (STATUS_ACTIVE, "Active"),
-        (STATUS_ACTIVE_TMP, "Active but 5xx (or similar) error detected"),
-        (STATUS_INACTIVE_TMP, "Temporary inactive because of 5xx (or similar) error"),
-        (STATUS_INACTIVE_PERMANENT, "Permanently inactive"),
-    )
+    class Status(models.TextChoices):
+        __STATUS_ACTIVE = "active"
+        __STATUS_INACTIVE = "inactive"
+        STATUS_ACTIVE = f"{__STATUS_ACTIVE}", _("Active")
+        STATUS_ACTIVE_TMP = f"{__STATUS_ACTIVE}_tmp", _("Active but 5xx (or similar) error detected")
+        STATUS_INACTIVE_TMP = f"{__STATUS_INACTIVE}_tmp", _("Temporary inactive because of 5xx (or similar) error")
+        STATUS_INACTIVE_PERMANENT = f"{__STATUS_INACTIVE}_permanent", _("Permanently inactive")
+
     name = models.CharField(max_length=100, default="", blank=False, unique=True,
                                     help_text=_("Name of the incoming webhook"))
     url = models.URLField(max_length=200, default="", blank=False,
@@ -4139,7 +4135,7 @@ class Notification_Webhooks(models.Model):
                                    help_text=_("Name of the header required for interacting with Webhook endpoint"))
     header_value = models.CharField(max_length=100, default="", blank=True, null=True,
                                    help_text=_("Content of the header required for interacting with Webhook endpoint"))
-    status = models.CharField(max_length=20, choices=STATUS_CHOICES, default="active", blank=False,
+    status = models.CharField(max_length=20, choices=Status, default="active", blank=False,
                               help_text=_("Status of the incoming webhook"), editable=False)
     first_error = models.DateTimeField(help_text=_("If endpoint is active, when error happened first time"), blank=True, null=True, editable=False)
     last_error = models.DateTimeField(help_text=_("If endpoint is active, when error happened last time"), blank=True, null=True, editable=False)
diff --git a/dojo/notifications/helper.py b/dojo/notifications/helper.py
index 0b1c2eb22b2..409e9f8ca45 100644
--- a/dojo/notifications/helper.py
+++ b/dojo/notifications/helper.py
@@ -365,12 +365,12 @@ def webhook_reactivation(*args, **kwargs):
     endpoint = Notification_Webhooks.objects.get(pk=kwargs.get("endpoint_id"))
 
     # User already changed status of endpoint
-    if endpoint.status != Notification_Webhooks.STATUS_INACTIVE_TMP:
+    if endpoint.status != Notification_Webhooks.Status.STATUS_INACTIVE_TMP:
         return
 
-    endpoint.status = Notification_Webhooks.STATUS_ACTIVE_TMP
+    endpoint.status = Notification_Webhooks.Status.STATUS_ACTIVE_TMP
     endpoint.save()
-    logger.debug(f"Webhook endpoint '{endpoint.name}' reactivated to '{Notification_Webhooks.STATUS_ACTIVE_TMP}'")
+    logger.debug(f"Webhook endpoint '{endpoint.name}' reactivated to '{Notification_Webhooks.Status.STATUS_ACTIVE_TMP}'")
 
 
 @app.task(ignore_result=True)
@@ -378,22 +378,22 @@ def webhook_status_cleanup(*args, **kwargs):
     # If some endpoint was affected by some outage (5xx, 429, Timeout) but it was clean during last 24 hours,
     # we consider this endpoint as healthy so need to reset it
     endpoints = Notification_Webhooks.objects.filter(
-        status=Notification_Webhooks.STATUS_ACTIVE_TMP,
+        status=Notification_Webhooks.Status.STATUS_ACTIVE_TMP,
         last_error__lt=get_current_datetime() - timedelta(hours=24),
     )
     for endpoint in endpoints:
-        endpoint.status = Notification_Webhooks.STATUS_ACTIVE
+        endpoint.status = Notification_Webhooks.Status.STATUS_ACTIVE
         endpoint.first_error = None
         endpoint.last_error = None
-        endpoint.note = f"Reactivation from {Notification_Webhooks.STATUS_ACTIVE_TMP}"
+        endpoint.note = f"Reactivation from {Notification_Webhooks.Status.STATUS_ACTIVE_TMP}"
         endpoint.save()
-        logger.debug(f"Webhook endpoint '{endpoint.name}' reactivated from '{Notification_Webhooks.STATUS_ACTIVE_TMP}' to '{Notification_Webhooks.STATUS_ACTIVE}'")
+        logger.debug(f"Webhook endpoint '{endpoint.name}' reactivated from '{Notification_Webhooks.Status.STATUS_ACTIVE_TMP}' to '{Notification_Webhooks.Status.STATUS_ACTIVE}'")
 
     # Reactivation of STATUS_INACTIVE_TMP endpoints.
     # They should reactive automatically in 60s, however in case of some unexpected event (e.g. start of whole stack),
     # endpoints should not be left in STATUS_INACTIVE_TMP state
     broken_endpoints = Notification_Webhooks.objects.filter(
-        status=Notification_Webhooks.STATUS_INACTIVE_TMP,
+        status=Notification_Webhooks.Status.STATUS_INACTIVE_TMP,
         last_error__lt=get_current_datetime() - timedelta(minutes=5),
     )
     for endpoint in broken_endpoints:
@@ -419,7 +419,7 @@ def send_webhooks_notification(event, user=None, *args, **kwargs):
     for endpoint in endpoints:
 
         error = None
-        if endpoint.status not in [Notification_Webhooks.STATUS_ACTIVE, Notification_Webhooks.STATUS_ACTIVE_TMP]:
+        if endpoint.status not in [Notification_Webhooks.Status.STATUS_ACTIVE, Notification_Webhooks.Status.STATUS_ACTIVE_TMP]:
             logger.info(f"URL for Webhook '{endpoint.name}' is not active: {endpoint.get_status_display()} ({endpoint.status})")
             continue
 
@@ -457,21 +457,21 @@ def send_webhooks_notification(event, user=None, *args, **kwargs):
 
             # If endpoint is unstable for more then one day, it needs to be deactivated
             if endpoint.first_error is not None and (now - endpoint.first_error).total_seconds() > 60 * 60 * 24:
-                endpoint.status = Notification_Webhooks.STATUS_INACTIVE_PERMANENT
+                endpoint.status = Notification_Webhooks.Status.STATUS_INACTIVE_PERMANENT
 
             else:
                 # We need to monitor when outage started
-                if endpoint.status == Notification_Webhooks.STATUS_ACTIVE:
+                if endpoint.status == Notification_Webhooks.Status.STATUS_ACTIVE:
                     endpoint.first_error = now
 
-                endpoint.status = Notification_Webhooks.STATUS_INACTIVE_TMP
+                endpoint.status = Notification_Webhooks.Status.STATUS_INACTIVE_TMP
 
                 # In case of failure within one day, endpoint can be deactivated temporally only for one minute
                 webhook_reactivation.apply_async(kwargs={"endpoint_id": endpoint.pk}, countdown=60)
 
         # There is no reason to keep endpoint active if it is returning 4xx errors
         else:
-            endpoint.status = Notification_Webhooks.STATUS_INACTIVE_PERMANENT
+            endpoint.status = Notification_Webhooks.Status.STATUS_INACTIVE_PERMANENT
             endpoint.first_error = now
 
         endpoint.last_error = now
diff --git a/dojo/notifications/views.py b/dojo/notifications/views.py
index 19521f7c51b..bd34876a007 100644
--- a/dojo/notifications/views.py
+++ b/dojo/notifications/views.py
@@ -231,7 +231,7 @@ def process_form(self, request: HttpRequest, context: dict):
                 # User can put here what ever he want
                 # we override it with our only valid defaults
                 nwh = form.save(commit=False)
-                nwh.status = Notification_Webhooks.STATUS_ACTIVE
+                nwh.status = Notification_Webhooks.Status.STATUS_ACTIVE
                 nwh.first_error = None
                 nwh.last_error = None
                 nwh.note = None
@@ -292,7 +292,7 @@ def get_initial_context(self, request: HttpRequest, nwh: Notification_Webhooks):
     def process_form(self, request: HttpRequest, nwh: Notification_Webhooks, context: dict):
         form = context["form"]
         if "deactivate_webhook" in request.POST:  # TODO: add this to API as well
-            nwh.status = Notification_Webhooks.STATUS_INACTIVE_PERMANENT
+            nwh.status = Notification_Webhooks.Status.STATUS_INACTIVE_PERMANENT
             nwh.first_error = None
             nwh.last_error = None
             nwh.note = "Deactivate from UI"
@@ -318,7 +318,7 @@ def process_form(self, request: HttpRequest, nwh: Notification_Webhooks, context
             else:
                 # correct definition reset defaults
                 nwh = form.save(commit=False)
-                nwh.status = Notification_Webhooks.STATUS_ACTIVE
+                nwh.status = Notification_Webhooks.Status.STATUS_ACTIVE
                 nwh.first_error = None
                 nwh.last_error = None
                 nwh.note = None
diff --git a/unittests/test_notifications.py b/unittests/test_notifications.py
index 4045e7473a9..4f188dbafe4 100644
--- a/unittests/test_notifications.py
+++ b/unittests/test_notifications.py
@@ -438,7 +438,7 @@ def test_missing_personal_webhook(self):
         self.assertIn("URLs for Webhooks not configured for user '(admin)': skipping user notification", cm.output[0])
 
     def test_system_webhook_inactive(self):
-        self.sys_wh.status = Notification_Webhooks.STATUS_INACTIVE_PERMANENT
+        self.sys_wh.status = Notification_Webhooks.Status.STATUS_INACTIVE_PERMANENT
         self.sys_wh.save()
         with self.assertLogs("dojo.notifications.helper", level="INFO") as cm:
             send_webhooks_notification(event="dummy")
@@ -450,7 +450,7 @@ def test_system_webhook_sucessful(self):
         self.assertIn("Message sent to endpoint 'My webhook endpoint' successfully.", cm.output[-1])
 
         updated_wh = Notification_Webhooks.objects.filter(owner=None).first()
-        self.assertEqual(updated_wh.status, Notification_Webhooks.STATUS_ACTIVE)
+        self.assertEqual(updated_wh.status, Notification_Webhooks.Status.STATUS_ACTIVE)
         self.assertIsNone(updated_wh.first_error)
         self.assertIsNone(updated_wh.last_error)
 
@@ -463,7 +463,7 @@ def test_system_webhook_4xx(self):
         self.assertIn("Error when sending message to Webhooks 'My webhook endpoint' (status: 400)", cm.output[-1])
 
         updated_wh = Notification_Webhooks.objects.all().filter(owner=None).first()
-        self.assertEqual(updated_wh.status, Notification_Webhooks.STATUS_INACTIVE_PERMANENT)
+        self.assertEqual(updated_wh.status, Notification_Webhooks.Status.STATUS_INACTIVE_PERMANENT)
         self.assertIsNotNone(updated_wh.first_error)
         self.assertEqual(updated_wh.first_error, updated_wh.last_error)
 
@@ -475,7 +475,7 @@ def test_system_webhook_first_5xx(self):
             send_webhooks_notification(event="dummy", title="Dummy event")
 
         updated_wh = Notification_Webhooks.objects.filter(owner=None).first()
-        self.assertEqual(updated_wh.status, Notification_Webhooks.STATUS_INACTIVE_TMP)
+        self.assertEqual(updated_wh.status, Notification_Webhooks.Status.STATUS_INACTIVE_TMP)
         self.assertIsNotNone(updated_wh.first_error)
         self.assertEqual(updated_wh.first_error, updated_wh.last_error)
         self.assertEqual("Response status code: 500", updated_wh.note)
@@ -484,7 +484,7 @@ def test_system_webhook_first_5xx(self):
     def test_system_webhook_second_5xx_within_one_day(self):
         ten_mins_ago = get_current_datetime() - datetime.timedelta(minutes=10)
         self.sys_wh.url = f"{self.url_base}/status/500"
-        self.sys_wh.status = Notification_Webhooks.STATUS_ACTIVE_TMP
+        self.sys_wh.status = Notification_Webhooks.Status.STATUS_ACTIVE_TMP
         self.sys_wh.first_error = ten_mins_ago
         self.sys_wh.last_error = ten_mins_ago
         self.sys_wh.save()
@@ -493,7 +493,7 @@ def test_system_webhook_second_5xx_within_one_day(self):
             send_webhooks_notification(event="dummy", title="Dummy event")
 
         updated_wh = Notification_Webhooks.objects.filter(owner=None).first()
-        self.assertEqual(updated_wh.status, Notification_Webhooks.STATUS_INACTIVE_TMP)
+        self.assertEqual(updated_wh.status, Notification_Webhooks.Status.STATUS_INACTIVE_TMP)
         self.assertEqual(updated_wh.first_error, ten_mins_ago)
         self.assertGreater(updated_wh.last_error, ten_mins_ago)
         self.assertEqual("Response status code: 500", updated_wh.note)
@@ -504,7 +504,7 @@ def test_system_webhook_third_5xx_after_more_then_day(self):
         day_ago = now - datetime.timedelta(hours=24, minutes=10)
         ten_minutes_ago = now - datetime.timedelta(minutes=10)
         self.sys_wh.url = f"{self.url_base}/status/500"
-        self.sys_wh.status = Notification_Webhooks.STATUS_ACTIVE_TMP
+        self.sys_wh.status = Notification_Webhooks.Status.STATUS_ACTIVE_TMP
         self.sys_wh.first_error = day_ago
         self.sys_wh.last_error = ten_minutes_ago
         self.sys_wh.save()
@@ -513,7 +513,7 @@ def test_system_webhook_third_5xx_after_more_then_day(self):
             send_webhooks_notification(event="dummy", title="Dummy event")
 
         updated_wh = Notification_Webhooks.objects.filter(owner=None).first()
-        self.assertEqual(updated_wh.status, Notification_Webhooks.STATUS_INACTIVE_PERMANENT)
+        self.assertEqual(updated_wh.status, Notification_Webhooks.Status.STATUS_INACTIVE_PERMANENT)
         self.assertEqual(updated_wh.first_error, day_ago)
         self.assertGreater(updated_wh.last_error, ten_minutes_ago)
         self.assertEqual("Response status code: 500", updated_wh.note)
@@ -525,7 +525,7 @@ def test_webhook_reactivation(self):
             webhook_reactivation(endpoint_id=wh.pk)
 
             updated_wh = Notification_Webhooks.objects.filter(owner=None).first()
-            self.assertEqual(updated_wh.status, Notification_Webhooks.STATUS_ACTIVE)
+            self.assertEqual(updated_wh.status, Notification_Webhooks.Status.STATUS_ACTIVE)
             self.assertIsNone(updated_wh.first_error)
             self.assertIsNone(updated_wh.last_error)
             self.assertIsNone(updated_wh.note)
@@ -533,7 +533,7 @@ def test_webhook_reactivation(self):
         with self.subTest("inactive"):
             now = get_current_datetime()
             wh = Notification_Webhooks.objects.filter(owner=None).first()
-            wh.status = Notification_Webhooks.STATUS_INACTIVE_TMP
+            wh.status = Notification_Webhooks.Status.STATUS_INACTIVE_TMP
             wh.first_error = now
             wh.last_error = now
             wh.note = "Response status code: 418"
@@ -543,7 +543,7 @@ def test_webhook_reactivation(self):
                 webhook_reactivation(endpoint_id=wh.pk)
 
             updated_wh = Notification_Webhooks.objects.filter(owner=None).first()
-            self.assertEqual(updated_wh.status, Notification_Webhooks.STATUS_ACTIVE_TMP)
+            self.assertEqual(updated_wh.status, Notification_Webhooks.Status.STATUS_ACTIVE_TMP)
             self.assertIsNotNone(updated_wh.first_error)
             self.assertEqual(updated_wh.first_error, updated_wh.last_error)
             self.assertEqual(updated_wh.note, "Response status code: 418")
@@ -554,7 +554,7 @@ def test_webhook_status_cleanup(self):
             webhook_status_cleanup()
 
             updated_wh = Notification_Webhooks.objects.filter(owner=None).first()
-            self.assertEqual(updated_wh.status, Notification_Webhooks.STATUS_ACTIVE)
+            self.assertEqual(updated_wh.status, Notification_Webhooks.Status.STATUS_ACTIVE)
             self.assertIsNone(updated_wh.first_error)
             self.assertIsNone(updated_wh.last_error)
             self.assertIsNone(updated_wh.note)
@@ -562,7 +562,7 @@ def test_webhook_status_cleanup(self):
         with self.subTest("active_tmp_new"):
             now = get_current_datetime()
             wh = Notification_Webhooks.objects.filter(owner=None).first()
-            wh.status = Notification_Webhooks.STATUS_ACTIVE_TMP
+            wh.status = Notification_Webhooks.Status.STATUS_ACTIVE_TMP
             wh.first_error = now
             wh.last_error = now
             wh.note = "Response status code: 503"
@@ -571,7 +571,7 @@ def test_webhook_status_cleanup(self):
             webhook_status_cleanup()
 
             updated_wh = Notification_Webhooks.objects.filter(owner=None).first()
-            self.assertEqual(updated_wh.status, Notification_Webhooks.STATUS_ACTIVE_TMP)
+            self.assertEqual(updated_wh.status, Notification_Webhooks.Status.STATUS_ACTIVE_TMP)
             self.assertIsNotNone(updated_wh.first_error)
             self.assertEqual(updated_wh.first_error, updated_wh.last_error)
             self.assertEqual(updated_wh.note, "Response status code: 503")
@@ -579,7 +579,7 @@ def test_webhook_status_cleanup(self):
         with self.subTest("active_tmp_old"):
             day_ago = get_current_datetime() - datetime.timedelta(hours=24, minutes=10)
             wh = Notification_Webhooks.objects.filter(owner=None).first()
-            wh.status = Notification_Webhooks.STATUS_ACTIVE_TMP
+            wh.status = Notification_Webhooks.Status.STATUS_ACTIVE_TMP
             wh.first_error = day_ago
             wh.last_error = day_ago
             wh.note = "Response status code: 503"
@@ -589,7 +589,7 @@ def test_webhook_status_cleanup(self):
                 webhook_status_cleanup()
 
             updated_wh = Notification_Webhooks.objects.filter(owner=None).first()
-            self.assertEqual(updated_wh.status, Notification_Webhooks.STATUS_ACTIVE)
+            self.assertEqual(updated_wh.status, Notification_Webhooks.Status.STATUS_ACTIVE)
             self.assertIsNone(updated_wh.first_error)
             self.assertIsNone(updated_wh.last_error)
             self.assertEqual(updated_wh.note, "Reactivation from active_tmp")
@@ -598,7 +598,7 @@ def test_webhook_status_cleanup(self):
         with self.subTest("inactive_tmp_new"):
             minute_ago = get_current_datetime() - datetime.timedelta(minutes=1)
             wh = Notification_Webhooks.objects.filter(owner=None).first()
-            wh.status = Notification_Webhooks.STATUS_INACTIVE_TMP
+            wh.status = Notification_Webhooks.Status.STATUS_INACTIVE_TMP
             wh.first_error = minute_ago
             wh.last_error = minute_ago
             wh.note = "Response status code: 503"
@@ -607,7 +607,7 @@ def test_webhook_status_cleanup(self):
             webhook_status_cleanup()
 
             updated_wh = Notification_Webhooks.objects.filter(owner=None).first()
-            self.assertEqual(updated_wh.status, Notification_Webhooks.STATUS_INACTIVE_TMP)
+            self.assertEqual(updated_wh.status, Notification_Webhooks.Status.STATUS_INACTIVE_TMP)
             self.assertEqual(updated_wh.first_error, minute_ago)
             self.assertEqual(updated_wh.last_error, minute_ago)
             self.assertEqual(updated_wh.note, "Response status code: 503")
@@ -615,7 +615,7 @@ def test_webhook_status_cleanup(self):
         with self.subTest("inactive_tmp_old"):
             ten_minutes_ago = get_current_datetime() - datetime.timedelta(minutes=10)
             wh = Notification_Webhooks.objects.filter(owner=None).first()
-            wh.status = Notification_Webhooks.STATUS_INACTIVE_TMP
+            wh.status = Notification_Webhooks.Status.STATUS_INACTIVE_TMP
             wh.first_error = ten_minutes_ago
             wh.last_error = ten_minutes_ago
             wh.note = "Response status code: 503"
@@ -625,7 +625,7 @@ def test_webhook_status_cleanup(self):
                 webhook_status_cleanup()
 
             updated_wh = Notification_Webhooks.objects.filter(owner=None).first()
-            self.assertEqual(updated_wh.status, Notification_Webhooks.STATUS_ACTIVE_TMP)
+            self.assertEqual(updated_wh.status, Notification_Webhooks.Status.STATUS_ACTIVE_TMP)
             self.assertEqual(updated_wh.first_error, ten_minutes_ago)
             self.assertEqual(updated_wh.last_error, ten_minutes_ago)
             self.assertEqual(updated_wh.note, "Response status code: 503")
@@ -643,7 +643,7 @@ def test_system_webhook_timeout(self):
             send_webhooks_notification(event="dummy", title="Dummy event")
 
         updated_wh = Notification_Webhooks.objects.filter(owner=None).first()
-        self.assertEqual(updated_wh.status, Notification_Webhooks.STATUS_INACTIVE_TMP)
+        self.assertEqual(updated_wh.status, Notification_Webhooks.Status.STATUS_INACTIVE_TMP)
         self.assertIsNotNone(updated_wh.first_error)
         self.assertEqual(updated_wh.first_error, updated_wh.last_error)
         self.assertIn("HTTPConnectionPool(host='webhook.endpoint', port=8080): Read timed out.", updated_wh.note)
@@ -658,7 +658,7 @@ def test_system_webhook_wrong_fqdn(self):
             send_webhooks_notification(event="dummy", title="Dummy event")
 
         updated_wh = Notification_Webhooks.objects.filter(owner=None).first()
-        self.assertEqual(updated_wh.status, Notification_Webhooks.STATUS_INACTIVE_PERMANENT)
+        self.assertEqual(updated_wh.status, Notification_Webhooks.Status.STATUS_INACTIVE_PERMANENT)
         self.assertIsNotNone(updated_wh.first_error)
         self.assertEqual(updated_wh.first_error, updated_wh.last_error)
         self.assertIn("HTTPConnectionPool(host='non.existing.place', port=80): Max retries exceeded with url: /", updated_wh.note)

From ad3beb250633f89b1cd371d0eae0814125d2bf49 Mon Sep 17 00:00:00 2001
From: kiblik <5609770+kiblik@users.noreply.github.com>
Date: Fri, 16 Aug 2024 19:41:05 +0200
Subject: [PATCH 53/63] Shorter default timeout

---
 dojo/db_migrations/0214_webhooks_notifications.py | 2 +-
 dojo/models.py                                    | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/dojo/db_migrations/0214_webhooks_notifications.py b/dojo/db_migrations/0214_webhooks_notifications.py
index 89c769cc216..5bb7ccc5f3c 100644
--- a/dojo/db_migrations/0214_webhooks_notifications.py
+++ b/dojo/db_migrations/0214_webhooks_notifications.py
@@ -20,7 +20,7 @@ class Migration(migrations.Migration):
         migrations.AddField(
             model_name='system_settings',
             name='webhooks_notifications_timeout',
-            field=models.IntegerField(default=60, help_text='How many seconds will DefectDojo waits for response from webhook endpoint'),
+            field=models.IntegerField(default=10, help_text='How many seconds will DefectDojo waits for response from webhook endpoint'),
         ),
         migrations.AlterField(
             model_name='notifications',
diff --git a/dojo/models.py b/dojo/models.py
index 15deab21895..308db965228 100644
--- a/dojo/models.py
+++ b/dojo/models.py
@@ -357,7 +357,7 @@ class System_Settings(models.Model):
         models.BooleanField(default=False,
                             verbose_name=_("Enable Webhook notifications"),
                             blank=False)
-    webhooks_notifications_timeout = models.IntegerField(default=60,
+    webhooks_notifications_timeout = models.IntegerField(default=10,
                                           help_text=_("How many seconds will DefectDojo waits for response from webhook endpoint"))
 
     false_positive_history = models.BooleanField(

From 3198e81fa63584df12dbb8d67e58c07e3444f8d7 Mon Sep 17 00:00:00 2001
From: kiblik <5609770+kiblik@users.noreply.github.com>
Date: Fri, 16 Aug 2024 17:55:23 +0000
Subject: [PATCH 54/63] Update dojo/notifications/views.py

Co-authored-by: Cody Maffucci <46459665+Maffooch@users.noreply.github.com>
---
 dojo/notifications/views.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/dojo/notifications/views.py b/dojo/notifications/views.py
index bd34876a007..bd69033238f 100644
--- a/dojo/notifications/views.py
+++ b/dojo/notifications/views.py
@@ -161,7 +161,7 @@ def get_form(
         else:
             return NotificationsWebhookForm(**kwargs)
 
-    def get(self, request: HttpRequest):
+    def preprocess_request(self, request: HttpRequest):
         # Check Webhook notifications are enabled
         self.check_webhooks_enabled()
         # Check permissions

From a1868e5f0506fce7e0cd974557d98b72b22c28b2 Mon Sep 17 00:00:00 2001
From: kiblik <5609770+kiblik@users.noreply.github.com>
Date: Fri, 16 Aug 2024 19:57:10 +0200
Subject: [PATCH 55/63] Finish preprocess_request

---
 dojo/notifications/views.py | 20 ++++++++++----------
 1 file changed, 10 insertions(+), 10 deletions(-)

diff --git a/dojo/notifications/views.py b/dojo/notifications/views.py
index bd69033238f..033a560821b 100644
--- a/dojo/notifications/views.py
+++ b/dojo/notifications/views.py
@@ -189,7 +189,7 @@ def get_notification_webhooks(self, request: HttpRequest):
 
     def get(self, request: HttpRequest):
         # Run common checks
-        super().get(request)
+        super().preprocess_request(request)
         # Get Notification Webhooks
         nwhs = self.get_notification_webhooks(request)
         # Set up the initial context
@@ -247,7 +247,7 @@ def process_form(self, request: HttpRequest, context: dict):
 
     def get(self, request: HttpRequest):
         # Run common checks
-        super().get(request)
+        super().preprocess_request(request)
         # Set up the initial context
         context = self.get_initial_context(request)
         # Add any breadcrumbs
@@ -256,8 +256,8 @@ def get(self, request: HttpRequest):
         return render(request, self.template, context)
 
     def post(self, request: HttpRequest):
-        # POST needs to pass same common checks as GET
-        super().get(request)
+        # Run common checks
+        super().preprocess_request(request)
         # Set up the initial context
         context = self.get_initial_context(request)
         # Determine the validity of the form
@@ -334,7 +334,7 @@ def process_form(self, request: HttpRequest, nwh: Notification_Webhooks, context
 
     def get(self, request: HttpRequest, nwhid: int):
         # Run common checks
-        super().get(request)
+        super().preprocess_request(request)
         nwh = self.get_notification_webhook(nwhid)
         # Set up the initial context
         context = self.get_initial_context(request, nwh)
@@ -344,8 +344,8 @@ def get(self, request: HttpRequest, nwhid: int):
         return render(request, self.template, context)
 
     def post(self, request: HttpRequest, nwhid: int):
-        # POST needs to pass same common checks as GET
-        super().get(request)
+        # Run common checks
+        super().preprocess_request(request)
         nwh = self.get_notification_webhook(nwhid)
         # Set up the initial context
         context = self.get_initial_context(request, nwh)
@@ -401,7 +401,7 @@ def process_form(self, request: HttpRequest, nwh: Notification_Webhooks, context
 
     def get(self, request: HttpRequest, nwhid: int):
         # Run common checks
-        super().get(request)
+        super().preprocess_request(request)
         nwh = self.get_notification_webhook(nwhid)
         # Set up the initial context
         context = self.get_initial_context(request, nwh)
@@ -411,8 +411,8 @@ def get(self, request: HttpRequest, nwhid: int):
         return render(request, self.template, context)
 
     def post(self, request: HttpRequest, nwhid: int):
-        # POST needs to pass same common checks as GET
-        super().get(request)
+        # Run common checks
+        super().preprocess_request(request)
         nwh = self.get_notification_webhook(nwhid)
         # Set up the initial context
         context = self.get_initial_context(request, nwh)

From 219886d4a802e8706f269954e735e33b397c445f Mon Sep 17 00:00:00 2001
From: kiblik <5609770+kiblik@users.noreply.github.com>
Date: Fri, 16 Aug 2024 19:08:56 +0000
Subject: [PATCH 56/63] Update dojo/notifications/helper.py

Co-authored-by: Cody Maffucci <46459665+Maffooch@users.noreply.github.com>
---
 dojo/notifications/helper.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/dojo/notifications/helper.py b/dojo/notifications/helper.py
index 409e9f8ca45..afddffec4d9 100644
--- a/dojo/notifications/helper.py
+++ b/dojo/notifications/helper.py
@@ -361,8 +361,8 @@ def test_webhooks_notification(endpoint):
 
 
 @app.task(ignore_result=True)
-def webhook_reactivation(*args, **kwargs):
-    endpoint = Notification_Webhooks.objects.get(pk=kwargs.get("endpoint_id"))
+def webhook_reactivation(endpoint_id: int, *args, **kwargs):
+    endpoint = Notification_Webhooks.objects.get(pk=endpoint_id)
 
     # User already changed status of endpoint
     if endpoint.status != Notification_Webhooks.Status.STATUS_INACTIVE_TMP:

From 454e76d35a5cc65bfd50a6e4f30958e51cac07a5 Mon Sep 17 00:00:00 2001
From: kiblik <5609770+kiblik@users.noreply.github.com>
Date: Fri, 16 Aug 2024 21:10:41 +0200
Subject: [PATCH 57/63] Show error-times as hint

---
 dojo/templates/dojo/view_notification_webhooks.html | 7 ++++++-
 dojo/templatetags/display_tags.py                   | 5 +++++
 2 files changed, 11 insertions(+), 1 deletion(-)

diff --git a/dojo/templates/dojo/view_notification_webhooks.html b/dojo/templates/dojo/view_notification_webhooks.html
index 52a74f3214c..d63903cb144 100644
--- a/dojo/templates/dojo/view_notification_webhooks.html
+++ b/dojo/templates/dojo/view_notification_webhooks.html
@@ -1,5 +1,6 @@
 {% extends "base.html" %}
 {% load navigation_tags %}
+{% load display_tags %}
 {% load i18n %}
 {% load authorization_tags %}
 {% block content %}
@@ -57,7 +58,11 @@ <h3 class="has-filters">
                             <tr>
                               <td><a>{{ nwh.name }}</a></td>
                               <td><a>{{ nwh.url }}</a></td>
-                              <td><a>{{ nwh.get_status_display }}</a></td>
+                              <td><a>{{ nwh.get_status_display }}
+                                {% if nwh.first_error or nwh.last_error %}
+                                    <i class="fa-solid fa-circle-question has-popover" data-trigger="hover" data-content="First error: {{ nwh.first_error | display_date_with_secs }}, Last error: {{ nwh.last_error | display_date_with_secs }}" data-placement="right" data-container="body" data-original-title="" title=""></i>
+                                {% endif %}    
+                              </a></td>
                               <td><a>{{ nwh.note }}</a></td>
                               <td><a>{% if nwh.owner %}<a class="" href="{% url 'view_user' nwh.owner.id %}">{{ nwh.owner }}</a>{% else %}System Webhook{% endif %}</a></td>
                               {% if "dojo.edit_notification_webhook"|has_configuration_permission:request %}
diff --git a/dojo/templatetags/display_tags.py b/dojo/templatetags/display_tags.py
index 19a63541d38..bd0497a6f38 100644
--- a/dojo/templatetags/display_tags.py
+++ b/dojo/templatetags/display_tags.py
@@ -140,6 +140,11 @@ def display_date():
     return timezone.localtime(timezone.now()).strftime("%b %d, %Y")
 
 
+@register.filter
+def display_date_with_secs(obj):
+    return obj.strftime("%c")
+
+
 @register.simple_tag
 def dojo_docs_url():
     from dojo import __docs__

From f2e5bd1c49b4c7f41b8a766270f946da8a2facf3 Mon Sep 17 00:00:00 2001
From: kiblik <5609770+kiblik@users.noreply.github.com>
Date: Thu, 22 Aug 2024 16:14:01 +0200
Subject: [PATCH 58/63] Try to fix accesslint

---
 dojo/templates/dojo/view_notification_webhooks.html | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/dojo/templates/dojo/view_notification_webhooks.html b/dojo/templates/dojo/view_notification_webhooks.html
index d63903cb144..6b02c0888d3 100644
--- a/dojo/templates/dojo/view_notification_webhooks.html
+++ b/dojo/templates/dojo/view_notification_webhooks.html
@@ -12,9 +12,9 @@
                     <h3 class="has-filters">
                         Notification Webhook List
                         <div class="dropdown pull-right">
-                            <button id="show-filters" name="show filter" data-toggle="collapse" data-target="#the-filters" class="btn btn-primary toggle-filters"> <i class="fa-solid fa-filter"></i> <i class="caret"></i> </button>
+                            <button id="show-filters" name="show filter" aria-label="show filter" data-toggle="collapse" data-target="#the-filters" class="btn btn-primary toggle-filters"> <i class="fa-solid fa-filter"></i> <i class="caret"></i> </button>
                             {% if "dojo.add_notification_webhook"|has_configuration_permission:request %}
-                            <button class="btn btn-primary dropdown-toggle" type="button" id="dropdownMenu1" name="show filter"
+                            <button class="btn btn-primary dropdown-toggle" type="button" id="dropdownMenu1" name="show filter" aria-label="show filter"
                                   data-toggle="dropdown" aria-expanded="true">
                               <span class="fa-solid fa-screwdriver-wrench"></span>
                               <span class="caret"></span>

From 6dbbe25c736b5e837efc361f8dc428e4dd45c5ad Mon Sep 17 00:00:00 2001
From: kiblik <5609770+kiblik@users.noreply.github.com>
Date: Fri, 23 Aug 2024 16:44:28 +0200
Subject: [PATCH 59/63] Rename `url` to `url_ui` and add `url_api`

---
 .../notification_webhooks/engagement_added.md | 15 +++--
 .../notification_webhooks/product_added.md    | 11 +++-
 .../product_type_added.md                     |  7 ++-
 .../notification_webhooks/scan_added.md       | 31 ++++++++---
 .../notification_webhooks/test_added.md       | 19 +++++--
 dojo/engagement/signals.py                    |  2 +-
 dojo/notifications/helper.py                  |  4 +-
 dojo/product/signals.py                       |  4 +-
 dojo/product_type/signals.py                  |  4 +-
 dojo/settings/.settings.dist.py.sha256sum     |  2 +-
 .../webhooks/subtemplates/base.tpl            |  5 +-
 .../webhooks/subtemplates/engagement.tpl      |  5 ++
 .../webhooks/subtemplates/findings_list.tpl   |  6 +-
 .../webhooks/subtemplates/product.tpl         |  5 ++
 .../webhooks/subtemplates/product_type.tpl    |  5 ++
 .../webhooks/subtemplates/test.tpl            |  5 ++
 unittests/test_notifications.py               | 55 ++++++++++++++++---
 17 files changed, 144 insertions(+), 41 deletions(-)

diff --git a/docs/content/en/integrations/notification_webhooks/engagement_added.md b/docs/content/en/integrations/notification_webhooks/engagement_added.md
index 2d69d4bf299..64fd7746ec2 100644
--- a/docs/content/en/integrations/notification_webhooks/engagement_added.md
+++ b/docs/content/en/integrations/notification_webhooks/engagement_added.md
@@ -15,17 +15,24 @@ X-DefectDojo-Event: engagement_added
     "description": null,
     "engagement": {
         "id": 7,
-        "name": "notif eng"
+        "name": "notif eng",
+        "url_api": "http://localhost:8080/api/v2/engagements/7/",
+        "url_ui": "http://localhost:8080/engagement/7"
     },
     "product": {
         "id": 4,
-        "name": "notif prod"
+        "name": "notif prod",
+        "url_api": "http://localhost:8080/api/v2/products/4/",
+        "url_ui": "http://localhost:8080/product/4"
     },
     "product_type": {
         "id": 4,
-        "name": "notif prod type"
+        "name": "notif prod type",
+        "url_api": "http://localhost:8080/api/v2/product_types/4/",
+        "url_ui": "http://localhost:8080/product/type/4"
     },
-    "url": "http://localhost:8080/engagement/7",
+    "url_api": "http://localhost:8080/api/v2/engagements/7/",
+    "url_ui": "http://localhost:8080/engagement/7",
     "user": null
 }
 ```
\ No newline at end of file
diff --git a/docs/content/en/integrations/notification_webhooks/product_added.md b/docs/content/en/integrations/notification_webhooks/product_added.md
index 1c0ace44def..2d90a6a681f 100644
--- a/docs/content/en/integrations/notification_webhooks/product_added.md
+++ b/docs/content/en/integrations/notification_webhooks/product_added.md
@@ -15,13 +15,18 @@ X-DefectDojo-Event: product_added
     "description": null,
     "product": {
         "id": 4,
-        "name": "notif prod"
+        "name": "notif prod",
+        "url_api": "http://localhost:8080/api/v2/products/4/",
+        "url_ui": "http://localhost:8080/product/4"
     },
     "product_type": {
         "id": 4,
-        "name": "notif prod type"
+        "name": "notif prod type",
+        "url_api": "http://localhost:8080/api/v2/product_types/4/",
+        "url_ui": "http://localhost:8080/product/type/4"
     },
-    "url": "http://localhost:8080/product/4",
+    "url_api": "http://localhost:8080/api/v2/products/4/",
+    "url_ui": "http://localhost:8080/product/4",
     "user": null
 }
 ```
\ No newline at end of file
diff --git a/docs/content/en/integrations/notification_webhooks/product_type_added.md b/docs/content/en/integrations/notification_webhooks/product_type_added.md
index 5b5168002e9..1171f513831 100644
--- a/docs/content/en/integrations/notification_webhooks/product_type_added.md
+++ b/docs/content/en/integrations/notification_webhooks/product_type_added.md
@@ -15,9 +15,12 @@ X-DefectDojo-Event: product_type_added
     "description": null,
     "product_type": {
         "id": 4,
-        "name": "notif prod type"
+        "name": "notif prod type",
+        "url_api": "http://localhost:8080/api/v2/product_types/4/",
+        "url_ui": "http://localhost:8080/product/type/4"
     },
-    "url": "http://localhost:8080/product/type/4",
+    "url_api": "http://localhost:8080/api/v2/product_types/4/",
+    "url_ui": "http://localhost:8080/product/type/4",
     "user": null
 }
 ```
\ No newline at end of file
diff --git a/docs/content/en/integrations/notification_webhooks/scan_added.md b/docs/content/en/integrations/notification_webhooks/scan_added.md
index d02146932da..27a40e6cab1 100644
--- a/docs/content/en/integrations/notification_webhooks/scan_added.md
+++ b/docs/content/en/integrations/notification_webhooks/scan_added.md
@@ -22,7 +22,9 @@ X-DefectDojo-Event: scan_added_empty
     "description": null,
     "engagement": {
         "id": 7,
-        "name": "notif eng"
+        "name": "notif eng",
+        "url_api": "http://localhost:8080/api/v2/engagements/7/",
+        "url_ui": "http://localhost:8080/engagement/7"
     },
     "finding_count": 4,
     "findings": {
@@ -31,7 +33,8 @@ X-DefectDojo-Event: scan_added_empty
                 "id": 233,
                 "severity": "Medium",
                 "title": "Mitigated Finding",
-                "url": "http://localhost:8080/finding/233"
+                "url_api": "http://localhost:8080/api/v2/findings/233/",
+                "url_ui": "http://localhost:8080/finding/233"
             }
         ],
         "new": [
@@ -39,7 +42,8 @@ X-DefectDojo-Event: scan_added_empty
                 "id": 232,
                 "severity": "Critical",
                 "title": "New Finding",
-                "url": "http://localhost:8080/finding/232"
+                "url_api": "http://localhost:8080/api/v2/findings/232/",
+                "url_ui": "http://localhost:8080/finding/232"
             }
         ],
         "reactivated": [
@@ -47,7 +51,8 @@ X-DefectDojo-Event: scan_added_empty
                 "id": 234,
                 "severity": "Low",
                 "title": "Reactivated Finding",
-                "url": "http://localhost:8080/finding/234"
+                "url_api": "http://localhost:8080/api/v2/findings/234/",
+                "url_ui": "http://localhost:8080/finding/234"
             }
         ],
         "untouched": [
@@ -55,23 +60,31 @@ X-DefectDojo-Event: scan_added_empty
                 "id": 235,
                 "severity": "Info",
                 "title": "Untouched Finding",
-                "url": "http://localhost:8080/finding/235"
+                "url_api": "http://localhost:8080/api/v2/findings/235/",
+                "url_ui": "http://localhost:8080/finding/235"
             }
         ]
     },
     "product": {
         "id": 4,
-        "name": "notif prod"
+        "name": "notif prod",
+        "url_api": "http://localhost:8080/api/v2/products/4/",
+        "url_ui": "http://localhost:8080/product/4"
     },
     "product_type": {
         "id": 4,
-        "name": "notif prod type"
+        "name": "notif prod type",
+        "url_api": "http://localhost:8080/api/v2/product_types/4/",
+        "url_ui": "http://localhost:8080/product/type/4"
     },
     "test": {
         "id": 90,
-        "title": "notif test"
+        "title": "notif test",
+        "url_api": "http://localhost:8080/api/v2/tests/90/",
+        "url_ui": "http://localhost:8080/test/90"
     },
-    "url": "http://localhost:8080/test/90",
+    "url_api": "http://localhost:8080/api/v2/tests/90/",
+    "url_ui": "http://localhost:8080/test/90",
     "user": null
 }
 ```
\ No newline at end of file
diff --git a/docs/content/en/integrations/notification_webhooks/test_added.md b/docs/content/en/integrations/notification_webhooks/test_added.md
index 6295d513535..8614a80e0a6 100644
--- a/docs/content/en/integrations/notification_webhooks/test_added.md
+++ b/docs/content/en/integrations/notification_webhooks/test_added.md
@@ -15,21 +15,30 @@ X-DefectDojo-Event: test_added
     "description": null,
     "engagement": {
         "id": 7,
-        "name": "notif eng"
+        "name": "notif eng",
+        "url_api": "http://localhost:8080/api/v2/engagements/7/",
+        "url_ui": "http://localhost:8080/engagement/7"
     },
     "product": {
         "id": 4,
-        "name": "notif prod"
+        "name": "notif prod",
+        "url_api": "http://localhost:8080/api/v2/products/4/",
+        "url_ui": "http://localhost:8080/product/4"
     },
     "product_type": {
         "id": 4,
-        "name": "notif prod type"
+        "name": "notif prod type",
+        "url_api": "http://localhost:8080/api/v2/product_types/4/",
+        "url_ui": "http://localhost:8080/product/type/4"
     },
     "test": {
         "id": 90,
-        "title": "notif test"
+        "title": "notif test",
+        "url_api": "http://localhost:8080/api/v2/tests/90/",
+        "url_ui": "http://localhost:8080/test/90"
     },
-    "url": "http://localhost:8080/test/90",
+    "url_api": "http://localhost:8080/api/v2/tests/90/",
+    "url_ui": "http://localhost:8080/test/90",
     "user": null
 }
 ```
\ No newline at end of file
diff --git a/dojo/engagement/signals.py b/dojo/engagement/signals.py
index c2f09c9abbd..7b95d6fe87b 100644
--- a/dojo/engagement/signals.py
+++ b/dojo/engagement/signals.py
@@ -16,7 +16,7 @@ def engagement_post_save(sender, instance, created, **kwargs):
     if created:
         title = _('Engagement created for "%(product)s": %(name)s') % {"product": instance.product, "name": instance.name}
         create_notification(event="engagement_added", title=title, engagement=instance, product=instance.product,
-                            url=reverse("view_engagement", args=(instance.id,)))
+                            url=reverse("view_engagement", args=(instance.id,)), url_api=reverse("engagement-detail", args=(instance.id,)))
 
 
 @receiver(pre_save, sender=Engagement)
diff --git a/dojo/notifications/helper.py b/dojo/notifications/helper.py
index afddffec4d9..7fa5b1d1c19 100644
--- a/dojo/notifications/helper.py
+++ b/dojo/notifications/helper.py
@@ -558,7 +558,7 @@ def log_alert(e, notification_type=None, *args, **kwargs):
 def notify_test_created(test):
     title = "Test created for " + str(test.engagement.product) + ": " + str(test.engagement.name) + ": " + str(test)
     create_notification(event="test_added", title=title, test=test, engagement=test.engagement, product=test.engagement.product,
-                        url=reverse("view_test", args=(test.id,)))
+                        url=reverse("view_test", args=(test.id,)), url_api=reverse("test-detail", args=(test.id,)))
 
 
 def notify_scan_added(test, updated_count, new_findings=[], findings_mitigated=[], findings_reactivated=[], findings_untouched=[]):
@@ -578,4 +578,4 @@ def notify_scan_added(test, updated_count, new_findings=[], findings_mitigated=[
 
     create_notification(event=event, title=title, findings_new=new_findings, findings_mitigated=findings_mitigated, findings_reactivated=findings_reactivated,
                         finding_count=updated_count, test=test, engagement=test.engagement, product=test.engagement.product, findings_untouched=findings_untouched,
-                        url=reverse("view_test", args=(test.id,)))
+                        url=reverse("view_test", args=(test.id,)), url_api=reverse("test-detail", args=(test.id,)))
diff --git a/dojo/product/signals.py b/dojo/product/signals.py
index 6871f5490d2..72e9771e82c 100644
--- a/dojo/product/signals.py
+++ b/dojo/product/signals.py
@@ -16,7 +16,9 @@ def product_post_save(sender, instance, created, **kwargs):
         create_notification(event="product_added",
                             title=instance.name,
                             product=instance,
-                            url=reverse("view_product", args=(instance.id,)))
+                            url=reverse("view_product", args=(instance.id,)),
+                            url_api=reverse("product-detail", args=(instance.id,)),
+                        )
 
 
 @receiver(post_delete, sender=Product)
diff --git a/dojo/product_type/signals.py b/dojo/product_type/signals.py
index dde3ff502cd..743995768eb 100644
--- a/dojo/product_type/signals.py
+++ b/dojo/product_type/signals.py
@@ -16,7 +16,9 @@ def product_type_post_save(sender, instance, created, **kwargs):
         create_notification(event="product_type_added",
                             title=instance.name,
                             product_type=instance,
-                            url=reverse("view_product_type", args=(instance.id,)))
+                            url=reverse("view_product_type", args=(instance.id,)),
+                            url_api=reverse("product_type-detail", args=(instance.id,)),
+                        )
 
 
 @receiver(post_delete, sender=Product_Type)
diff --git a/dojo/settings/.settings.dist.py.sha256sum b/dojo/settings/.settings.dist.py.sha256sum
index 878a104af54..4686d63afe2 100644
--- a/dojo/settings/.settings.dist.py.sha256sum
+++ b/dojo/settings/.settings.dist.py.sha256sum
@@ -1 +1 @@
-5adedc433a342d675492b86dc18786f72e167115f9718a397dc9b91c5fdc9c94
+8cd4668bdc4dec192dd5bd3fd767b87a4f6d5441ae8d4a001d2ba61c452e59aa
diff --git a/dojo/templates/notifications/webhooks/subtemplates/base.tpl b/dojo/templates/notifications/webhooks/subtemplates/base.tpl
index b5f1152e12c..44946cd8dd3 100644
--- a/dojo/templates/notifications/webhooks/subtemplates/base.tpl
+++ b/dojo/templates/notifications/webhooks/subtemplates/base.tpl
@@ -3,7 +3,10 @@
 description: {{ description | default_if_none:'' }}
 user: {{ user | default_if_none:'' }}
 {% if url %}
-url:  {{ url|full_url }}
+url_ui:  {{ url|full_url }}
+{% endif %}
+{% if url_api %}
+url_api:  {{ url_api|full_url }}
 {% endif %}
 {% if system_settings.disclaimer and system_settings.disclaimer.strip %}
 disclaimer:  {{ system_settings.disclaimer }}
diff --git a/dojo/templates/notifications/webhooks/subtemplates/engagement.tpl b/dojo/templates/notifications/webhooks/subtemplates/engagement.tpl
index 57b95068d9c..87504a1a479 100644
--- a/dojo/templates/notifications/webhooks/subtemplates/engagement.tpl
+++ b/dojo/templates/notifications/webhooks/subtemplates/engagement.tpl
@@ -1,8 +1,13 @@
+{% load display_tags %}
 {% if product %}
 {% include 'notifications/webhooks/subtemplates/product.tpl' with product=product %}
 {% else %}
 {% include 'notifications/webhooks/subtemplates/product.tpl' with product=engagement.product %}
 {% endif %}
+{% url 'view_engagement' engagement.id as engagement_url_ui %}
+{% url 'engagement-detail' engagement.id as engagement_url_api %}
 engagement:
     name: {{ engagement.name | default_if_none:'' }}
     id: {{ engagement.pk }}
+    url_ui: {{ engagement_url_ui|full_url }}
+    url_api: {{ engagement_url_api|full_url }}
diff --git a/dojo/templates/notifications/webhooks/subtemplates/findings_list.tpl b/dojo/templates/notifications/webhooks/subtemplates/findings_list.tpl
index 298113362f6..dea59ad1613 100644
--- a/dojo/templates/notifications/webhooks/subtemplates/findings_list.tpl
+++ b/dojo/templates/notifications/webhooks/subtemplates/findings_list.tpl
@@ -1,10 +1,12 @@
 {% load display_tags %}
 {% for finding in findings %}
-{% url 'view_finding' finding.id as finding_url %}
+{% url 'view_finding' finding.id as finding_url_ui %}
+{% url 'finding-detail' finding.id as finding_url_api %}
     - id: {{ finding.pk }}
       title: {{ finding.title | default_if_none:'' }}
       severity: {{ finding.severity | default_if_none:'' }}
-      url: {{ finding_url|full_url }}
+      url_ui: {{ finding_url_ui|full_url }}
+      url_api: {{ finding_url_api|full_url }}
 {% empty %}
     []
 {% endfor %}
diff --git a/dojo/templates/notifications/webhooks/subtemplates/product.tpl b/dojo/templates/notifications/webhooks/subtemplates/product.tpl
index b1d4d0355f9..dba5d7b1619 100644
--- a/dojo/templates/notifications/webhooks/subtemplates/product.tpl
+++ b/dojo/templates/notifications/webhooks/subtemplates/product.tpl
@@ -1,8 +1,13 @@
+{% load display_tags %}
 {% if product_type %}
 {% include 'notifications/webhooks/subtemplates/product_type.tpl' with product_type=product_type %}
 {% else %}
 {% include 'notifications/webhooks/subtemplates/product_type.tpl' with product_type=product.prod_type %}
 {% endif %}
+{% url 'view_product' product.id as product_url_ui %}
+{% url 'product-detail' product.id as product_url_api %}
 product:
     name: {{ product.name | default_if_none:'' }}
     id: {{ product.pk }}
+    url_ui: {{ product_url_ui|full_url }}
+    url_api: {{ product_url_api|full_url }}
diff --git a/dojo/templates/notifications/webhooks/subtemplates/product_type.tpl b/dojo/templates/notifications/webhooks/subtemplates/product_type.tpl
index 49cdd4c508d..9eb39e7b130 100644
--- a/dojo/templates/notifications/webhooks/subtemplates/product_type.tpl
+++ b/dojo/templates/notifications/webhooks/subtemplates/product_type.tpl
@@ -1,3 +1,8 @@
+{% load display_tags %}
+{% url 'view_product_type' product_type.id as product_type_url_ui %}
+{% url 'product_type-detail' product_type.id as product_type_url_api %}
 product_type:
     name: {{ product_type.name | default_if_none:'' }}
     id: {{ product_type.pk }}
+    url_ui: {{ product_type_url_ui|full_url }}
+    url_api: {{ product_type_url_api|full_url }}
diff --git a/dojo/templates/notifications/webhooks/subtemplates/test.tpl b/dojo/templates/notifications/webhooks/subtemplates/test.tpl
index 9cea22d0481..28df2b437ea 100644
--- a/dojo/templates/notifications/webhooks/subtemplates/test.tpl
+++ b/dojo/templates/notifications/webhooks/subtemplates/test.tpl
@@ -1,8 +1,13 @@
+{% load display_tags %}
 {% if engagement %}
 {% include 'notifications/webhooks/subtemplates/engagement.tpl' with engagement=engagement %}
 {% else %}
 {% include 'notifications/webhooks/subtemplates/engagement.tpl' with engagement=test.engagement %}
 {% endif %}
+{% url 'view_test' test.id as test_url_ui %}
+{% url 'test-detail' test.id as test_url_api %}
 test:
     title: {{ test.title | default_if_none:'' }}
     id: {{ test.pk }}
+    url_ui: {{ test_url_ui|full_url }}
+    url_api: {{ test_url_api|full_url }}
diff --git a/unittests/test_notifications.py b/unittests/test_notifications.py
index 4f188dbafe4..7f5a2b76a4c 100644
--- a/unittests/test_notifications.py
+++ b/unittests/test_notifications.py
@@ -683,10 +683,13 @@ def test_events_messages(self, mock):
             self.assertEqual(mock.call_args.kwargs["json"], {
                 "description": None,
                 "user": None,
-                "url": f"http://localhost:8080/product/type/{prod_type.pk}",
+                "url_api": f"http://localhost:8080/api/v2/product_types/{prod_type.pk}/",
+                "url_ui": f"http://localhost:8080/product/type/{prod_type.pk}",
                 "product_type": {
                     "id": prod_type.pk,
                     "name": "notif prod type",
+                    "url_api": f"http://localhost:8080/api/v2/product_types/{prod_type.pk}/",
+                    "url_ui": f"http://localhost:8080/product/type/{prod_type.pk}",
                 },
             })
 
@@ -696,14 +699,19 @@ def test_events_messages(self, mock):
             self.assertEqual(mock.call_args.kwargs["json"], {
                 "description": None,
                 "user": None,
-                "url": f"http://localhost:8080/product/{prod.pk}",
+                "url_api": f"http://localhost:8080/api/v2/products/{prod.pk}/",
+                "url_ui": f"http://localhost:8080/product/{prod.pk}",
                 "product_type": {
                     "id": prod_type.pk,
                     "name": "notif prod type",
+                    "url_api": f"http://localhost:8080/api/v2/product_types/{prod_type.pk}/",
+                    "url_ui": f"http://localhost:8080/product/type/{prod_type.pk}",
                 },
                 "product": {
                     "id": prod.pk,
                     "name": "notif prod",
+                    "url_api": f"http://localhost:8080/api/v2/products/{prod.pk}/",
+                    "url_ui": f"http://localhost:8080/product/{prod.pk}",
                 },
             })
 
@@ -713,18 +721,25 @@ def test_events_messages(self, mock):
             self.assertEqual(mock.call_args.kwargs["json"], {
                 "description": None,
                 "user": None,
-                "url": f"http://localhost:8080/engagement/{eng.pk}",
+                "url_api": f"http://localhost:8080/api/v2/engagements/{eng.pk}/",
+                "url_ui": f"http://localhost:8080/engagement/{eng.pk}",
                 "product_type": {
                     "id": prod_type.pk,
                     "name": "notif prod type",
+                    "url_api": f"http://localhost:8080/api/v2/product_types/{prod_type.pk}/",
+                    "url_ui": f"http://localhost:8080/product/type/{prod_type.pk}",
                 },
                 "product": {
                     "id": prod.pk,
                     "name": "notif prod",
+                    "url_api": f"http://localhost:8080/api/v2/products/{prod.pk}/",
+                    "url_ui": f"http://localhost:8080/product/{prod.pk}",
                 },
                 "engagement": {
                     "id": eng.pk,
                     "name": "notif eng",
+                    "url_api": f"http://localhost:8080/api/v2/engagements/{eng.pk}/",
+                    "url_ui": f"http://localhost:8080/engagement/{eng.pk}",
                 },
             })
 
@@ -735,22 +750,31 @@ def test_events_messages(self, mock):
             self.assertEqual(mock.call_args.kwargs["json"], {
                 "description": None,
                 "user": None,
-                "url": f"http://localhost:8080/test/{test.pk}",
+                "url_api": f"http://localhost:8080/api/v2/tests/{test.pk}/",
+                "url_ui": f"http://localhost:8080/test/{test.pk}",
                 "product_type": {
                     "id": prod_type.pk,
                     "name": "notif prod type",
+                    "url_api": f"http://localhost:8080/api/v2/product_types/{prod_type.pk}/",
+                    "url_ui": f"http://localhost:8080/product/type/{prod_type.pk}",
                 },
                 "product": {
                     "id": prod.pk,
                     "name": "notif prod",
+                    "url_api": f"http://localhost:8080/api/v2/products/{prod.pk}/",
+                    "url_ui": f"http://localhost:8080/product/{prod.pk}",
                 },
                 "engagement": {
                     "id": eng.pk,
                     "name": "notif eng",
+                    "url_api": f"http://localhost:8080/api/v2/engagements/{eng.pk}/",
+                    "url_ui": f"http://localhost:8080/engagement/{eng.pk}",
                 },
                 "test": {
                     "id": test.pk,
                     "title": "notif test",
+                    "url_api": f"http://localhost:8080/api/v2/tests/{test.pk}/",
+                    "url_ui": f"http://localhost:8080/test/{test.pk}",
                 },
             })
 
@@ -760,22 +784,31 @@ def test_events_messages(self, mock):
             self.assertEqual(mock.call_args.kwargs["json"], {
                 "description": None,
                 "user": None,
-                "url": f"http://localhost:8080/test/{test.pk}",
+                "url_api": f"http://localhost:8080/api/v2/tests/{test.pk}/",
+                "url_ui": f"http://localhost:8080/test/{test.pk}",
                 "product_type": {
                     "id": prod_type.pk,
                     "name": "notif prod type",
+                    "url_api": f"http://localhost:8080/api/v2/product_types/{prod_type.pk}/",
+                    "url_ui": f"http://localhost:8080/product/type/{prod_type.pk}",
                 },
                 "product": {
                     "id": prod.pk,
                     "name": "notif prod",
+                    "url_api": f"http://localhost:8080/api/v2/products/{prod.pk}/",
+                    "url_ui": f"http://localhost:8080/product/{prod.pk}",
                 },
                 "engagement": {
                     "id": eng.pk,
                     "name": "notif eng",
+                    "url_api": f"http://localhost:8080/api/v2/engagements/{eng.pk}/",
+                    "url_ui": f"http://localhost:8080/engagement/{eng.pk}",
                 },
                 "test": {
                     "id": test.pk,
                     "title": "notif test",
+                    "url_api": f"http://localhost:8080/api/v2/tests/{test.pk}/",
+                    "url_ui": f"http://localhost:8080/test/{test.pk}",
                 },
                 "finding_count": 0,
                 "findings": {
@@ -809,24 +842,28 @@ def test_events_messages(self, mock):
                     "id": 232,
                     "title": "New Finding",
                     "severity": "Critical",
-                    "url": "http://localhost:8080/finding/232",
+                    "url_api": "http://localhost:8080/api/v2/findings/232/",
+                    "url_ui": "http://localhost:8080/finding/232",
                 }],
                 "mitigated": [{
                     "id": 233,
                     "title": "Mitigated Finding",
                     "severity": "Medium",
-                    "url": "http://localhost:8080/finding/233",
+                    "url_api": "http://localhost:8080/api/v2/findings/233/",
+                    "url_ui": "http://localhost:8080/finding/233",
                 }],
                 "reactivated": [{
                     "id": 234,
                     "title": "Reactivated Finding",
                     "severity": "Low",
-                    "url": "http://localhost:8080/finding/234",
+                    "url_api": "http://localhost:8080/api/v2/findings/234/",
+                    "url_ui": "http://localhost:8080/finding/234",
                 }],
                 "untouched": [{
                     "id": 235,
                     "title": "Untouched Finding",
                     "severity": "Info",
-                    "url": "http://localhost:8080/finding/235",
+                    "url_api": "http://localhost:8080/api/v2/findings/235/",
+                    "url_ui": "http://localhost:8080/finding/235",
                 }],
             })

From f985040f630a4b7ace9762d0a361411eeb0b81dc Mon Sep 17 00:00:00 2001
From: kiblik <5609770+kiblik@users.noreply.github.com>
Date: Wed, 11 Sep 2024 22:57:26 +0200
Subject: [PATCH 60/63] inc db_mig

---
 ...webhooks_notifications.py => 0215_webhooks_notifications.py} | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 rename dojo/db_migrations/{0214_webhooks_notifications.py => 0215_webhooks_notifications.py} (99%)

diff --git a/dojo/db_migrations/0214_webhooks_notifications.py b/dojo/db_migrations/0215_webhooks_notifications.py
similarity index 99%
rename from dojo/db_migrations/0214_webhooks_notifications.py
rename to dojo/db_migrations/0215_webhooks_notifications.py
index 5bb7ccc5f3c..cc65ce43f1b 100644
--- a/dojo/db_migrations/0214_webhooks_notifications.py
+++ b/dojo/db_migrations/0215_webhooks_notifications.py
@@ -8,7 +8,7 @@
 class Migration(migrations.Migration):
 
     dependencies = [
-        ('dojo', '0213_system_settings_enable_ui_table_based_searching'),
+        ('dojo', '0214_test_type_dynamically_generated'),
     ]
 
     operations = [

From d641327da59264c03f7e4d0009eedb5f9813f404 Mon Sep 17 00:00:00 2001
From: kiblik <5609770+kiblik@users.noreply.github.com>
Date: Wed, 11 Sep 2024 22:57:48 +0200
Subject: [PATCH 61/63] Accept any 2xx as successful

---
 dojo/notifications/helper.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/dojo/notifications/helper.py b/dojo/notifications/helper.py
index 7fa5b1d1c19..9acbf94d215 100644
--- a/dojo/notifications/helper.py
+++ b/dojo/notifications/helper.py
@@ -427,7 +427,7 @@ def send_webhooks_notification(event, user=None, *args, **kwargs):
             logger.debug(f"Sending webhook message to endpoint '{endpoint.name}'")
             res = webhooks_notification_request(endpoint, event, *args, **kwargs)
 
-            if res.status_code in [200, 201]:
+            if 200 <= res.status_code < 300:
                 logger.debug(f"Message sent to endpoint '{endpoint.name}' successfully.")
                 continue
 

From 95453cc6571512bc692a7e117e600d28652030c9 Mon Sep 17 00:00:00 2001
From: kiblik <5609770+kiblik@users.noreply.github.com>
Date: Wed, 11 Sep 2024 23:16:29 +0200
Subject: [PATCH 62/63] Add permission checker for item in menu

---
 dojo/templates/base.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/dojo/templates/base.html b/dojo/templates/base.html
index 13b50e54ee8..722656ae6a9 100644
--- a/dojo/templates/base.html
+++ b/dojo/templates/base.html
@@ -541,7 +541,7 @@
                                                         {% trans "Notifications" %}
                                                     </a>
                                                 </li>
-                                                {% if system_settings.enable_webhooks_notifications %}
+                                                {% if system_settings.enable_webhooks_notifications and "dojo.view_notification_webhooks"|has_configuration_permission:request %}
                                                 <li>
                                                     <a href="{% url 'notification_webhooks' %}">
                                                         {% trans "Notification Webhooks" %}

From 3cc64f74edbd11e7ae43d3d7768ee427dde1c9c9 Mon Sep 17 00:00:00 2001
From: kiblik <5609770+kiblik@users.noreply.github.com>
Date: Thu, 12 Sep 2024 19:22:53 +0200
Subject: [PATCH 63/63] Fix editing for superadmin

---
 dojo/forms.py               | 1 -
 dojo/notifications/views.py | 4 ++--
 2 files changed, 2 insertions(+), 3 deletions(-)

diff --git a/dojo/forms.py b/dojo/forms.py
index 4c0f07a7870..acf3546285b 100644
--- a/dojo/forms.py
+++ b/dojo/forms.py
@@ -2786,7 +2786,6 @@ class Meta:
 
     def __init__(self, *args, **kwargs):
         is_superuser = kwargs.pop("is_superuser", False)
-        logger.debug(f"is_superuser: {is_superuser}")
         super().__init__(*args, **kwargs)
         if not is_superuser:  # Only superadmins can edit owner
             self.fields["owner"].disabled = True  # TODO: needs to be tested
diff --git a/dojo/notifications/views.py b/dojo/notifications/views.py
index 033a560821b..6a2495330d7 100644
--- a/dojo/notifications/views.py
+++ b/dojo/notifications/views.py
@@ -157,9 +157,9 @@ def get_form(
         **kwargs: dict,
     ) -> NotificationsWebhookForm:
         if request.method == "POST":
-            return NotificationsWebhookForm(request.POST, **kwargs)
+            return NotificationsWebhookForm(request.POST, is_superuser=request.user.is_superuser, **kwargs)
         else:
-            return NotificationsWebhookForm(**kwargs)
+            return NotificationsWebhookForm(is_superuser=request.user.is_superuser, **kwargs)
 
     def preprocess_request(self, request: HttpRequest):
         # Check Webhook notifications are enabled