rename 'company' to 'organization' in templates and URLs (OWASP-BLT#3143

)
krrish-sehgal · Dec 21, 2024 · f5b655a · f5b655a
1 parent 42763fa
commit f5b655a
Show file tree

Hide file tree

Showing 22 changed files with 156 additions and 133 deletions.
diff --git a/blt/urls.py b/blt/urls.py
@@ -260,9 +260,9 @@
 urlpatterns = [
     path("", home, name="home"),
     path(
-        "api/v1/companies/",
+        "api/v1/organizations/",
         OrganizationViewSet.as_view({"get": "list", "post": "create"}),
-        name="company",
+        name="organization",
     ),
     path("invite-friend/", invite_friend, name="invite_friend"),
     path("referral/", referral_signup, name="referral_signup"),
@@ -290,7 +290,9 @@
     path("auth/google/url/", google_views.oauth2_login),
     path("auth/facebook/url/", facebook_views.oauth2_callback),
     path("socialaccounts/", SocialAccountListView.as_view(), name="social_account_list"),
-    path("add_domain_to_company/", add_domain_to_organization, name="add_domain_to_company"),
+    path(
+        "add_domain_to_organization/", add_domain_to_organization, name="add_domain_to_organization"
+    ),
     path(
         "socialaccounts/<int:pk>/disconnect/",
         SocialAccountDisconnectView.as_view(),
@@ -309,9 +311,9 @@
     re_path(r"^redoc/$", schema_view.with_ui("redoc", cache_timeout=0), name="schema-redoc"),
     re_path(r"^issues/$", newhome, name="issues"),
     re_path(
-        r"^dashboard/company/$",
+        r"^dashboard/organization/$",
         organization_dashboard,
-        name="company_dashboard_home",
+        name="organization_dashboard_home",
     ),
     re_path(
         r"^dashboard/user/profile/addbalance$",
@@ -325,29 +327,29 @@
         name="stripe_connected",
     ),
     re_path(
-        r"^dashboard/admin/company$",
+        r"^dashboard/admin/organization$",
         admin_organization_dashboard,
-        name="admin_company_dashboard",
+        name="admin_organization_dashboard",
     ),
     re_path(
-        r"^dashboard/admin/company/addorupdate$",
+        r"^dashboard/admin/organization/addorupdate$",
         add_or_update_organization,
-        name="add_or_update_company",
+        name="add_or_update_organization",
     ),
     re_path(
-        r"^dashboard/company/domain/addorupdate$",
+        r"^dashboard/organization/domain/addorupdate$",
         add_or_update_domain,
         name="add_or_update_domain",
     ),
     path(
-        "dashboard/company/domain/<int:pk>/",
+        "dashboard/organization/domain/<int:pk>/",
         organization_dashboard_domain_detail,
-        name="company_dashboard_domain_detail",
+        name="organization_dashboard_domain_detail",
     ),
     path(
-        "dashboard/company/hunt/<int:pk>/",
+        "dashboard/organization/hunt/<int:pk>/",
         organization_dashboard_hunt_detail,
-        name="company_dashboard_hunt_detail",
+        name="organization_dashboard_hunt_detail",
     ),
     path("dashboard/user/hunt/<int:pk>/", view_hunt, name="view_hunt"),
     path(
@@ -361,52 +363,52 @@
         name="hunt_results",
     ),
     path(
-        "dashboard/company/hunt/<int:pk>/edit",
+        "dashboard/organization/hunt/<int:pk>/edit",
         organization_dashboard_hunt_edit,
-        name="company_dashboard_hunt_edit",
+        name="organization_dashboard_hunt_edit",
     ),
     path(
-        "dashboard/admin/company/<int:pk>/",
+        "dashboard/admin/organization/<int:pk>/",
         admin_organization_dashboard_detail,
-        name="admin_company_dashboard_detail",
+        name="admin_organization_dashboard_detail",
     ),
-    re_path(r"^dashboard/company/hunt/create$", CreateHunt.as_view(), name="create_hunt"),
+    re_path(r"^dashboard/organization/hunt/create$", CreateHunt.as_view(), name="create_hunt"),
     path("hunt/<int:pk>", ShowBughuntView.as_view(), name="show_bughunt"),
-    re_path(r"^dashboard/company/hunt/drafts$", DraftHunts.as_view(), name="draft_hunts"),
+    re_path(r"^dashboard/organization/hunt/drafts$", DraftHunts.as_view(), name="draft_hunts"),
     re_path(
-        r"^dashboard/company/hunt/upcoming$",
+        r"^dashboard/organization/hunt/upcoming$",
         UpcomingHunts.as_view(),
         name="upcoming_hunts",
     ),
     re_path(
-        r"^dashboard/company/hunt/previous$",
+        r"^dashboard/organization/hunt/previous$",
         PreviousHunts.as_view(),
         name="previous_hunts",
     ),
     path(
-        "dashboard/company/hunt/previous/<int:pk>/",
+        "dashboard/organization/hunt/previous/<int:pk>/",
         organization_hunt_results,
-        name="company_hunt_results",
+        name="organization_hunt_results",
     ),
     re_path(
-        r"^dashboard/company/hunt/ongoing$",
+        r"^dashboard/organization/hunt/ongoing$",
         OngoingHunts.as_view(),
         name="ongoing_hunts",
     ),
-    re_path(r"^dashboard/company/domains$", DomainList.as_view(), name="domain_list"),
+    re_path(r"^dashboard/organization/domains$", DomainList.as_view(), name="domain_list"),
     re_path(
-        r"^dashboard/company/settings$",
+        r"^dashboard/organization/settings$",
         OrganizationSettings.as_view(),
-        name="company-settings",
+        name="organization-settings",
     ),
     re_path(r"^join$", Joinorganization.as_view(), name="join"),
     re_path(
-        r"^dashboard/company/settings/role/update$",
+        r"^dashboard/organization/settings/role/update$",
         update_role,
         name="update-role",
     ),
     re_path(
-        r"^dashboard/company/settings/role/add$",
+        r"^dashboard/organization/settings/role/add$",
         add_role,
         name="add-role",
     ),
@@ -652,68 +654,78 @@
     # users
     path("users/", users_view, name="users"),
     # company specific urls :
-    path("company/", RegisterOrganizationView.as_view(), name="register_company"),
-    path("company/dashboard/", Organization_view, name="company_view"),
+    path("organization/", RegisterOrganizationView.as_view(), name="register_organization"),
+    path("organization/dashboard/", Organization_view, name="organization_view"),
     path(
-        "company/<int:id>/dashboard/analytics/",
+        "organization/<int:id>/dashboard/analytics/",
         OrganizationDashboardAnalyticsView.as_view(),
-        name="company_analytics",
+        name="organization_analytics",
     ),
     path(
-        "company/<int:id>/dashboard/integrations/",
+        "organization/<int:id>/dashboard/integrations/",
         OrganizationDashboardIntegrations.as_view(),
-        name="company_manage_integrations",
+        name="organization_manage_integrations",
     ),
     path(
-        "company/<int:id>/dashboard/bugs/",
+        "organization/<int:id>/dashboard/bugs/",
         OrganizationDashboardManageBugsView.as_view(),
-        name="company_manage_bugs",
+        name="organization_manage_bugs",
     ),
     path(
-        "company/<int:id>/dashboard/domains/",
+        "organization/<int:id>/dashboard/domains/",
         OrganizationDashboardManageDomainsView.as_view(),
-        name="company_manage_domains",
+        name="organization_manage_domains",
     ),
     path(
-        "company/<int:id>/dashboard/roles/",
+        "organization/<int:id>/dashboard/roles/",
         OrganizationDashboardManageRolesView.as_view(),
-        name="company_manage_roles",
+        name="organization_manage_roles",
     ),
     path(
-        "company/<int:id>/dashboard/bughunts/",
+        "organization/<int:id>/dashboard/bughunts/",
         OrganizationDashboardManageBughuntView.as_view(),
-        name="company_manage_bughunts",
+        name="organization_manage_bughunts",
+    ),
+    path(
+        "organization/dashboard/end_bughunt/<int:pk>", EndBughuntView.as_view(), name="end_bughunt"
     ),
-    path("company/dashboard/end_bughunt/<int:pk>", EndBughuntView.as_view(), name="end_bughunt"),
-    path("company/<int:id>/dashboard/add_bughunt/", AddHuntView.as_view(), name="add_bughunt"),
-    path("company/<int:id>/dashboard/add_domain/", AddDomainView.as_view(), name="add_domain"),
+    path("organization/<int:id>/dashboard/add_bughunt/", AddHuntView.as_view(), name="add_bughunt"),
+    path("organization/<int:id>/dashboard/add_domain/", AddDomainView.as_view(), name="add_domain"),
     path(
-        "company/<int:id>/dashboard/add_slack_integration/",
+        "organization/<int:id>/dashboard/add_slack_integration/",
         AddSlackIntegrationView.as_view(),
         name="add_slack_integration",
     ),
     path(
-        "company/<int:id>/dashboard/edit_domain/<int:domain_id>/",
+        "organization/<int:id>/dashboard/edit_domain/<int:domain_id>/",
         AddDomainView.as_view(),
         name="edit_domain",
     ),
-    path("company/domain/<int:pk>/", login_required(DomainView.as_view()), name="view_domain"),
-    path("company/delete_prize/<int:prize_id>/<int:company_id>", delete_prize, name="delete_prize"),
-    path("company/edit_prize/<int:prize_id>/<int:company_id>", edit_prize, name="edit_prize"),
-    path("company/accept_bug/<int:issue_id>/<str:reward_id>/", accept_bug, name="accept_bug"),
+    path("organization/domain/<int:pk>/", login_required(DomainView.as_view()), name="view_domain"),
+    path(
+        "organization/delete_prize/<int:prize_id>/<int:organization_id>",
+        delete_prize,
+        name="delete_prize",
+    ),
+    path(
+        "organization/edit_prize/<int:prize_id>/<int:organization_id>",
+        edit_prize,
+        name="edit_prize",
+    ),
+    path("organization/accept_bug/<int:issue_id>/<str:reward_id>/", accept_bug, name="accept_bug"),
     path(
-        "company/accept_bug/<int:issue_id>/<str:no_reward>/",
+        "organization/accept_bug/<int:issue_id>/<str:no_reward>/",
         accept_bug,
         name="accept_bug_no_reward",
     ),
     path(
-        "company/delete_manager/<int:manager_id>/<int:domain_id>/",
+        "organization/delete_manager/<int:manager_id>/<int:domain_id>/",
         delete_manager,
         name="delete_manager",
     ),
     path("sponsor/", sponsor_view, name="sponsor"),
     path("donate/", donate_view, name="donate"),
-    path("companies/", DomainListView.as_view(), name="domain_lists"),
+    path("organizations/", DomainListView.as_view(), name="domain_lists"),
     path("trademarks/", trademark_search, name="trademark_search"),
     path("generate_bid_image/<int:bid_amount>/", generate_bid_image, name="generate_bid_image"),
     path("bidding/", SaveBiddingData, name="BiddingData"),

diff --git a/website/signals.py b/website/signals.py
@@ -74,9 +74,20 @@ def handle_post_save(sender, instance, created, **kwargs):
         assign_first_action_badge(instance.user, "First Bug Reported")
         create_activity(instance, "created")
 
-    elif sender == Hunt and created:  # Track first bid placed
-        assign_first_action_badge(instance.user, "First Bug Bounty")
-        create_activity(instance, "created")
+    elif sender == Hunt and created:  # Track first bug bounty
+        # Attempt to get the user from Domain managers or Organization
+        user = None
+        if instance.domain:
+            # Try managers of the domain
+            user = instance.domain.managers.first()
+            # Optionally, if Organization has a user, fetch it here
+            if not user and instance.domain.organization:
+                user = getattr(instance.domain.organization, "user", None)
+
+        # Assign badge and activity if a user is found
+        if user:
+            assign_first_action_badge(user, "First Bug Bounty")
+            create_activity(instance, "created")
 
     elif sender == Suggestion and created:  # Track first suggestion
         assign_first_action_badge(instance.user, "First Suggestion")

diff --git a/website/static/company/js/hunt_controller.js b/website/static/company/js/hunt_controller.js
@@ -221,7 +221,7 @@ function removePrize(event, prizeId, companyId) {
     prizeContainer.appendChild(loadingIndicator);
 
     // Make AJAX call to delete the prize with company_id
-    fetch(`/company/delete_prize/${prizeId}/${companyId}`, {
+    fetch(`/organization/delete_prize/${prizeId}/${companyId}`, {
         method: 'DELETE',
         headers: {
             'X-CSRFToken': getCookie('csrftoken')
@@ -284,7 +284,7 @@ function updatePrize(prizeId, companyId) {
     }
 
     // Make AJAX call to update the prize with company_id
-    fetch(`/company/edit_prize/${prizeId}/${companyId}`, {
+    fetch(`/organization/edit_prize/${prizeId}/${companyId}`, {
         method: 'PUT',
         headers: {
             'Content-Type': 'application/json',

diff --git a/website/static/js/scripts.js b/website/static/js/scripts.js
@@ -20,7 +20,7 @@
       console.log(serializedData)
       $.ajax({
             type: 'POST',
-            url: "/dashboard/company/settings/role/update",
+            url: "/dashboard/organization/settings/role/update",
             data: serializedData,
             success: function (response) {
               window.location.reload();
@@ -46,7 +46,7 @@
       var value = ($( this ).serializeArray())[1].value;
       $.ajax({
             type: 'POST',
-            url: "/dashboard/company/hunt/"+value+"/edit",
+            url: "/dashboard/organization/hunt/"+value+"/edit",
             data: serializedData,
             success: function (response) {
               window.location.reload();
@@ -113,7 +113,7 @@
       serializedData.push({name:"date2", value: date2});
       $.ajax({
             type: 'POST',
-            url: "/dashboard/company/hunt/create",
+            url: "/dashboard/organization/hunt/create",
             data: $.param(serializedData),
             success: function (response) {
               window.location.reload();
@@ -131,7 +131,7 @@
       console.log(serializedData)
       $.ajax({
             type: 'POST',
-            url: "/dashboard/company/settings/role/add",
+            url: "/dashboard/organization/settings/role/add",
             data: serializedData,
             success: function (response) {
               window.location.reload();
@@ -150,7 +150,7 @@
       console.log(serializedData)
       $.ajax({
             type: 'POST',
-            url: "/dashboard/admin/company/addorupdate",
+            url: "/dashboard/admin/organization/addorupdate",
             data: serializedData,
             success: function (response) {
               window.location.reload();
@@ -169,7 +169,7 @@
       console.log(serializedData)
       $.ajax({
             type: 'POST',
-            url: "/dashboard/company/domain/addorupdate",
+            url: "/dashboard/organization/domain/addorupdate",
             data: serializedData,
             success: function (response) {
               console.log(response)

diff --git a/website/templates/admin_dashboard_company.html b/website/templates/admin_dashboard_company.html
@@ -26,10 +26,10 @@
                     <a href="#" class="list-group-item active">Organization</a>
                     {% for company in companys %}
                         {% if company.is_active %}
-                            <a href="{% url 'admin_company_dashboard_detail' pk=company.pk %}"
+                            <a href="{% url 'admin_organization_dashboard_detail' pk=company.pk %}"
                                class="list-group-item">{{ company.name }}</a>
                         {% else %}
-                            <a href="{% url 'admin_company_dashboard_detail' pk=company.pk %}"
+                            <a href="{% url 'admin_organization_dashboard_detail' pk=company.pk %}"
                                class="list-group-item list-group-item-danger ">{{ company.name }}</a>
                         {% endif %}
                     {% endfor %}

diff --git a/website/templates/company/bughunt/company_manage_bughunts.html b/website/templates/company/bughunt/company_manage_bughunts.html
@@ -51,19 +51,19 @@ <h2 class="mt-1 text-xl font-extrabold text-gray-500">Bughunts</h2>
                                 <ul class="py-2 text-sm text-gray-700 dark:text-gray-200"
                                     aria-labelledby="dropdownDefaultButton">
                                     <li>
-                                        <a href="{% url 'company_manage_bughunts' company %}"
+                                        <a href="{% url 'organization_manage_bughunts' company %}"
                                            class="block px-4 py-2 hover:bg-gray-100 dark:hover:bg-gray-600 dark:hover:text-white">All</a>
                                     </li>
                                     <li>
-                                        <a href="{% url 'company_manage_bughunts' company %}?filter=ongoing"
+                                        <a href="{% url 'organization_manage_bughunts' company %}?filter=ongoing"
                                            class="block px-4 py-2 hover:bg-gray-100 dark:hover:bg-gray-600 dark:hover:text-white">Ongoing</a>
                                     </li>
                                     <li>
-                                        <a href="{% url 'company_manage_bughunts' company %}?filter=draft"
+                                        <a href="{% url 'organization_manage_bughunts' company %}?filter=draft"
                                            class="block px-4 py-2 hover:bg-gray-100 dark:hover:bg-gray-600 dark:hover:text-white">Draft</a>
                                     </li>
                                     <li>
-                                        <a href="{% url 'company_manage_bughunts' company %}?filter=ended"
+                                        <a href="{% url 'organization_manage_bughunts' company %}?filter=ended"
                                            class="block px-4 py-2 hover:bg-gray-100 dark:hover:bg-gray-600 dark:hover:text-white">Ended</a>
                                     </li>
                                 </ul>