Merge branch 'main' into feature/iac-scaffolding

Author: nishkersh

.github/workflows/check-pr-issue.yaml

@@ -0,0 +1,28 @@
+name: Check PR linked issue and assignee
+
+on:
+  pull_request:
+    types:
+      - opened
+      - synchronize
+
+permissions:
+  contents: read
+  issues: write
+  pull-requests: write
+
+jobs:
+  check-pr-issue:
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v5
+
+      - name: Check PR linked issue and assignee
+        uses: arkid15r/check-pr-issue-action@a3635191c798f111aae577759b579dc37bb13e02
+        with:
+          close_pr_on_failure: 'false'
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+          no_assignee_message: 'Test: The linked issue must be assigned to the PR author.'
+          no_issue_message: 'Test: This PR must be linked to an issue.'
+          require_assignee: 'true'

.github/workflows/run-ci-cd.yaml

@@ -71,7 +71,7 @@ jobs:
         uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8
 
       - name: Install pnpm
-        uses: pnpm/action-setup@a7487c7e89a18df4991f7f222e4898a00d66ddda
+        uses: pnpm/action-setup@41ff72655975bd51cab0327fa583b6e92b6d3061
         with:
           version: 10
           run_install: true
@@ -557,7 +557,7 @@ jobs:
         uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8
 
       - name: Install pnpm
-        uses: pnpm/action-setup@a7487c7e89a18df4991f7f222e4898a00d66ddda
+        uses: pnpm/action-setup@41ff72655975bd51cab0327fa583b6e92b6d3061
         with:
           run_install: true
           version: 10

.github/workflows/run-code-ql.yaml

@@ -31,12 +31,12 @@ jobs:
         uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8
 
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@3599b3baa15b485a2e49ef411a7a4bb2452e7f93
+        uses: github/codeql-action/init@e296a935590eb16afc0c0108289f68c87e2a89a5
         with:
           languages: ${{ matrix.language }}
 
       - name: Install pnpm
-        uses: pnpm/action-setup@a7487c7e89a18df4991f7f222e4898a00d66ddda
+        uses: pnpm/action-setup@41ff72655975bd51cab0327fa583b6e92b6d3061
         with:
           version: 10
           run_install: false
@@ -55,6 +55,6 @@ jobs:
         run: pnpm install --frozen-lockfile
 
       - name: Perform CodeQL analysis
-        uses: github/codeql-action/analyze@3599b3baa15b485a2e49ef411a7a4bb2452e7f93
+        uses: github/codeql-action/analyze@e296a935590eb16afc0c0108289f68c87e2a89a5
         with:
           category: /language:${{ matrix.language }}

.pre-commit-config.yaml

@@ -10,7 +10,7 @@ repos:
         exclude: (.github|pnpm-lock.yaml)
 
   - repo: https://github.com/astral-sh/ruff-pre-commit
-    rev: v0.13.2
+    rev: v0.14.0
     hooks:
       - id: ruff
         args:
@@ -83,7 +83,7 @@ repos:
         exclude: pnpm-lock.yaml
 
   - repo: https://github.com/tox-dev/pyproject-fmt
-    rev: v2.7.0
+    rev: v2.10.0
     hooks:
       - id: pyproject-fmt
 

LEARN.md

@@ -7,11 +7,11 @@
 
 # [OWASP Nest](https://nest.owasp.org/)
 
-[![OWASP](https://img.shields.io/badge/OWASP-Incubator-blue?style=for-the-badge)](https://owasp.org/www-project-nest/) [![OWASP](https://img.shields.io/badge/OWASP-Code-blue?style=for-the-badge)](https://owasp.org/www-project-nest/) [![project-nest](https://img.shields.io/badge/OWASP-%23project--nest-blue?logo=slack&logoColor=white&style=for-the-badge)](https://owasp.slack.com/messages/project-nest)
+[![OWASP](https://img.shields.io/badge/Lab-blue?&label=owasp%20level&style=for-the-badge)](https://owasp.org/www-project-nest/) [![OWASP](https://img.shields.io/badge/Code-blue?label=OWASP%20Type&style=for-the-badge)](https://owasp.org/www-project-nest/) [![project-nest](https://img.shields.io/badge/%23project--nest-blue?label=OWASP%20Slack&logoColor=white&style=for-the-badge)](https://owasp.slack.com/messages/project-nest)
 
-[![License](https://img.shields.io/github/license/owasp/nest?color=41BE4A&label=License&style=for-the-badge)](https://github.com/OWASP/Nest/blob/main/LICENSE) [![Last Commit](https://img.shields.io/github/last-commit/owasp/nest/main?style=for-the-badge&label=Last%20commit)](https://github.com/OWASP/Nest/commits/main/) [![Contributors](https://img.shields.io/github/contributors/owasp/nest?style=for-the-badge&label=Contributors)](https://github.com/OWASP/Nest/graphs/contributors)
+[![License](https://img.shields.io/github/license/owasp/nest?color=blue&label=License&style=for-the-badge)](https://github.com/OWASP/Nest/blob/main/LICENSE) [![Last Commit](https://img.shields.io/github/last-commit/owasp/nest/main?color=blue&style=for-the-badge&label=Last%20commit)](https://github.com/OWASP/Nest/commits/main/) [![Contributors](https://img.shields.io/github/contributors/owasp/nest?style=for-the-badge&label=Contributors&color=blue)](https://github.com/OWASP/Nest/graphs/contributors)
 
-[![CI/CD](https://img.shields.io/github/actions/workflow/status/owasp/nest/run-ci-cd.yaml?branch=main&label=Build&style=for-the-badge)](https://github.com/owasp/nest/actions/workflows/run-ci-cd.yaml?query=branch%3Amain) [![CodeQL](https://img.shields.io/github/actions/workflow/status/owasp/nest/run-code-ql.yaml?branch=main&label=CodeQL&style=for-the-badge)](https://github.com/owasp/nest/actions/workflows/run-code-ql.yaml?query=branch%3Amain) [![Sonarqube](https://img.shields.io/sonar/quality_gate/OWASP_Nest?server=https://sonarcloud.io&style=for-the-badge&label=Sonarqube)](https://sonarcloud.io/summary/new_code?id=OWASP_Nest&branch=main)
+[![CI/CD](https://img.shields.io/github/actions/workflow/status/owasp/nest/run-ci-cd.yaml?branch=main&color=blue&label=Build&style=for-the-badge)](https://github.com/owasp/nest/actions/workflows/run-ci-cd.yaml?query=branch%3Amain) [![CodeQL](https://img.shields.io/github/actions/workflow/status/owasp/nest/run-code-ql.yaml?branch=main&color=blue&label=CodeQL&style=for-the-badge)](https://github.com/owasp/nest/actions/workflows/run-code-ql.yaml?query=branch%3Amain) [![Sonarqube](https://img.shields.io/sonar/quality_gate/OWASP_Nest?color=blue&server=https://sonarcloud.io&style=for-the-badge&label=Sonarqube)](https://sonarcloud.io/summary/new_code?id=OWASP_Nest&branch=main)
 
 [![Issues](https://img.shields.io/github/issues/owasp/nest?color=blue&style=for-the-badge&label=Issues)](https://github.com/OWASP/Nest/issues) [![Pull Requests](https://img.shields.io/github/issues-pr/owasp/nest?color=blue&style=for-the-badge&label=Pull%20Requests)](https://github.com/OWASP/Nest/pulls)
 

README.md

@@ -0,0 +1,56 @@
+"""Decorator for API Cache."""
+
+from functools import wraps
+from http import HTTPStatus
+
+from django.conf import settings
+from django.core.cache import cache
+from django.http import HttpRequest
+
+
+def generate_key(
+    request: HttpRequest,
+    prefix: str,
+):
+    """Generate a cache key for a request."""
+    return f"{prefix}:{request.get_full_path()}"
+
+
+def cache_response(
+    ttl: int | None = None,
+    prefix: str | None = None,
+):
+    """Cache API responses for GET and HEAD requests.
+
+    Args:
+        ttl (int): The time-to-live for the cache entry in seconds.
+        prefix (str): A prefix for the cache key.
+
+    """
+    if ttl is None:
+        ttl = settings.API_CACHE_TIME_SECONDS
+
+    if prefix is None:
+        prefix = settings.API_CACHE_PREFIX
+
+    def decorator(view_func):
+        @wraps(view_func)
+        def _wrapper(request, *args, **kwargs):
+            if request.method not in ("GET", "HEAD"):
+                return view_func(request, *args, **kwargs)
+
+            cache_key = generate_key(
+                request=request,
+                prefix=prefix,
+            )
+            if response := cache.get(cache_key):
+                return response
+
+            response = view_func(request, *args, **kwargs)
+            if response.status_code == HTTPStatus.OK:
+                cache.set(cache_key, response, timeout=ttl)
+            return response
+
+        return _wrapper
+
+    return decorator

backend/apps/api/decorators/__init__.py

@@ -2,9 +2,11 @@
 
 from django.conf import settings
 from ninja import NinjaAPI, Swagger
+from ninja.pagination import RouterPaginated
 from ninja.throttling import AuthRateThrottle
 
 from apps.api.rest.auth.api_key import ApiKey as ApiKey
+from apps.api.rest.v0.chapter import router as chapter_router
 from apps.api.rest.v0.committee import router as committee_router
 from apps.api.rest.v0.event import router as event_router
 from apps.api.rest.v0.issue import router as issue_router
@@ -15,8 +17,6 @@
 from apps.api.rest.v0.repository import router as repository_router
 from apps.api.rest.v0.sponsor import router as sponsor_router
 
-from .chapter import router as chapter_router
-
 ROUTERS = {
     # Chapters.
     "/chapters": chapter_router,
@@ -42,11 +42,12 @@
 
 api_settings = {
     "auth": ApiKey(),  # The `api_key` param name is based on the ApiKey class name.
+    "default_router": RouterPaginated(),
     "description": "Open Worldwide Application Security Project API",
     "docs": Swagger(settings={"persistAuthorization": True}),
     "throttle": [AuthRateThrottle("10/s")],
     "title": "OWASP Nest",
-    "version": "0.2.3",
+    "version": "0.2.4",
 }
 
 api_settings_customization = {}

backend/apps/api/decorators/cache.py

@@ -4,81 +4,92 @@
 from http import HTTPStatus
 from typing import Literal
 
-from django.conf import settings
 from django.http import HttpRequest
-from django.views.decorators.cache import cache_page
-from ninja import Field, FilterSchema, Path, Query, Router, Schema
+from ninja import Field, FilterSchema, Path, Query, Schema
 from ninja.decorators import decorate_view
-from ninja.pagination import PageNumberPagination, paginate
+from ninja.pagination import RouterPaginated
 from ninja.responses import Response
 
-from apps.owasp.models.chapter import Chapter
+from apps.api.decorators.cache import cache_response
+from apps.owasp.models.chapter import Chapter as ChapterModel
 
-router = Router()
+router = RouterPaginated(tags=["Chapters"])
 
 
-class ChapterErrorResponse(Schema):
-    """Chapter error response schema."""
+class ChapterBase(Schema):
+    """Base schema for Chapter (used in list endpoints)."""
 
-    message: str
+    created_at: datetime
+    key: str
+    name: str
+    updated_at: datetime
 
+    @staticmethod
+    def resolve_key(obj):
+        """Resolve key."""
+        return obj.nest_key
 
-class ChapterFilterSchema(FilterSchema):
-    """Filter schema for Chapter."""
 
-    country: str | None = Field(None, description="Country of the chapter")
-    region: str | None = Field(None, description="Region of the chapter")
+class Chapter(ChapterBase):
+    """Schema for Chapter (minimal fields for list display)."""
 
 
-class ChapterSchema(Schema):
-    """Schema for Chapter."""
+class ChapterDetail(ChapterBase):
+    """Detail schema for Chapter (used in single item endpoints)."""
 
     country: str
-    created_at: datetime
-    name: str
     region: str
-    updated_at: datetime
+
+
+class ChapterError(Schema):
+    """Chapter error schema."""
+
+    message: str
+
+
+class ChapterFilter(FilterSchema):
+    """Filter for Chapter."""
+
+    country: str | None = Field(None, description="Country of the chapter")
 
 
 @router.get(
     "/",
     description="Retrieve a paginated list of OWASP chapters.",
     operation_id="list_chapters",
-    response={200: list[ChapterSchema]},
+    response=list[Chapter],
     summary="List chapters",
-    tags=["Chapters"],
 )
-@decorate_view(cache_page(settings.API_CACHE_TIME_SECONDS))
-@paginate(PageNumberPagination, page_size=settings.API_PAGE_SIZE)
+@decorate_view(cache_response())
 def list_chapters(
     request: HttpRequest,
-    filters: ChapterFilterSchema = Query(...),
+    filters: ChapterFilter = Query(...),
     ordering: Literal["created_at", "-created_at", "updated_at", "-updated_at"] | None = Query(
         None,
         description="Ordering field",
     ),
-) -> list[ChapterSchema]:
+) -> list[Chapter]:
     """Get chapters."""
-    return filters.filter(Chapter.active_chapters.order_by(ordering or "-created_at"))
+    return filters.filter(ChapterModel.active_chapters.order_by(ordering or "-created_at"))
 
 
 @router.get(
     "/{str:chapter_id}",
     description="Retrieve chapter details.",
     operation_id="get_chapter",
     response={
-        HTTPStatus.NOT_FOUND: ChapterErrorResponse,
-        HTTPStatus.OK: ChapterSchema,
+        HTTPStatus.NOT_FOUND: ChapterError,
+        HTTPStatus.OK: ChapterDetail,
     },
     summary="Get chapter",
-    tags=["Chapters"],
 )
+@decorate_view(cache_response())
 def get_chapter(
     request: HttpRequest,
     chapter_id: str = Path(example="London"),
-) -> ChapterSchema | ChapterErrorResponse:
+) -> ChapterDetail | ChapterError:
     """Get chapter."""
-    if chapter := Chapter.active_chapters.filter(
+    if chapter := ChapterModel.active_chapters.filter(
         key__iexact=(
             chapter_id if chapter_id.startswith("www-chapter-") else f"www-chapter-{chapter_id}"
         )