Merge branch 'main' into CA-503-Duplicate-applied-controls

intuitem · Dec 4, 2024 · 2d6595d · 2d6595d
2 parents 0756134 + 427ceed
commit 2d6595d
Show file tree

Hide file tree

Showing 18 changed files with 1,580 additions and 70 deletions.
diff --git a/backend/ciso_assistant/settings.py b/backend/ciso_assistant/settings.py
@@ -140,6 +140,7 @@ def set_ciso_assistant_url(_, __, event_dict):
     "global_settings",
     "tprm",
     "core",
+    "ebios_rm",
     "cal",
     "django_filters",
     "library",

diff --git a/backend/core/migrations/0044_qualification.py b/backend/core/migrations/0044_qualification.py
@@ -0,0 +1,130 @@
+# Generated by Django 5.1.1 on 2024-12-02 17:01
+
+import django.db.models.deletion
+import iam.models
+import uuid
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+    dependencies = [
+        ("core", "0043_historicalmetric"),
+        ("iam", "0009_create_allauth_emailaddress_objects"),
+    ]
+
+    operations = [
+        migrations.CreateModel(
+            name="Qualification",
+            fields=[
+                (
+                    "id",
+                    models.UUIDField(
+                        default=uuid.uuid4,
+                        editable=False,
+                        primary_key=True,
+                        serialize=False,
+                    ),
+                ),
+                (
+                    "created_at",
+                    models.DateTimeField(auto_now_add=True, verbose_name="Created at"),
+                ),
+                (
+                    "updated_at",
+                    models.DateTimeField(auto_now=True, verbose_name="Updated at"),
+                ),
+                (
+                    "is_published",
+                    models.BooleanField(default=False, verbose_name="published"),
+                ),
+                (
+                    "urn",
+                    models.CharField(
+                        blank=True,
+                        max_length=255,
+                        null=True,
+                        unique=True,
+                        verbose_name="URN",
+                    ),
+                ),
+                (
+                    "ref_id",
+                    models.CharField(
+                        blank=True,
+                        max_length=100,
+                        null=True,
+                        verbose_name="Reference ID",
+                    ),
+                ),
+                (
+                    "provider",
+                    models.CharField(
+                        blank=True, max_length=200, null=True, verbose_name="Provider"
+                    ),
+                ),
+                (
+                    "name",
+                    models.CharField(max_length=200, null=True, verbose_name="Name"),
+                ),
+                (
+                    "description",
+                    models.TextField(blank=True, null=True, verbose_name="Description"),
+                ),
+                (
+                    "annotation",
+                    models.TextField(blank=True, null=True, verbose_name="Annotation"),
+                ),
+                (
+                    "translations",
+                    models.JSONField(
+                        blank=True, null=True, verbose_name="Translations"
+                    ),
+                ),
+                (
+                    "locale",
+                    models.CharField(
+                        default="en", max_length=100, verbose_name="Locale"
+                    ),
+                ),
+                (
+                    "default_locale",
+                    models.BooleanField(default=True, verbose_name="Default locale"),
+                ),
+                (
+                    "abbreviation",
+                    models.CharField(
+                        blank=True,
+                        max_length=20,
+                        null=True,
+                        verbose_name="Abbreviation",
+                    ),
+                ),
+                (
+                    "qualification_ordering",
+                    models.PositiveSmallIntegerField(
+                        default=0, verbose_name="Ordering"
+                    ),
+                ),
+                (
+                    "security_objective_ordering",
+                    models.PositiveSmallIntegerField(
+                        default=0, verbose_name="Security objective ordering"
+                    ),
+                ),
+                (
+                    "folder",
+                    models.ForeignKey(
+                        default=iam.models.Folder.get_root_folder_id,
+                        on_delete=django.db.models.deletion.CASCADE,
+                        related_name="%(class)s_folder",
+                        to="iam.folder",
+                    ),
+                ),
+            ],
+            options={
+                "verbose_name": "Qualification",
+                "verbose_name_plural": "Qualifications",
+                "ordering": ["qualification_ordering"],
+            },
+        ),
+    ]
diff --git a/backend/core/models.py b/backend/core/models.py
@@ -1191,6 +1191,108 @@ def coverage(self) -> str:
         return RequirementMapping.Coverage.PARTIAL
 
 
+class Qualification(ReferentialObjectMixin, I18nObjectMixin):
+    DEFAULT_QUALIFICATIONS = [
+        {
+            "abbreviation": "C",
+            "qualification_ordering": 1,
+            "security_objective_ordering": 1,
+            "name": "Confidentiality",
+            "urn": "urn:intuitem:risk:qualification:confidentiality",
+        },
+        {
+            "abbreviation": "I",
+            "qualification_ordering": 2,
+            "security_objective_ordering": 2,
+            "name": "Integrity",
+            "urn": "urn:intuitem:risk:qualification:integrity",
+        },
+        {
+            "abbreviation": "A",
+            "qualification_ordering": 3,
+            "security_objective_ordering": 3,
+            "name": "Availability",
+            "urn": "urn:intuitem:risk:qualification:availability",
+        },
+        {
+            "abbreviation": "P",
+            "qualification_ordering": 4,
+            "security_objective_ordering": 4,
+            "name": "Proof",
+            "urn": "urn:intuitem:risk:qualification:proof",
+        },
+        {
+            "abbreviation": "Aut",
+            "qualification_ordering": 5,
+            "security_objective_ordering": 5,
+            "name": "Authenticity",
+            "urn": "urn:intuitem:risk:qualification:authenticity",
+        },
+        {
+            "abbreviation": "Priv",
+            "qualification_ordering": 6,
+            "security_objective_ordering": 6,
+            "name": "Privacy",
+            "urn": "urn:intuitem:risk:qualification:privacy",
+        },
+        {
+            "abbreviation": "Safe",
+            "qualification_ordering": 7,
+            "security_objective_ordering": 7,
+            "name": "Safety",
+            "urn": "urn:intuitem:risk:qualification:safety",
+        },
+        {
+            "abbreviation": "Rep",
+            "qualification_ordering": 8,
+            "name": "Reputation",
+            "urn": "urn:intuitem:risk:qualification:reputation",
+        },
+        {
+            "abbreviation": "Ope",
+            "qualification_ordering": 9,
+            "name": "Operational",
+            "urn": "urn:intuitem:risk:qualification:operational",
+        },
+        {
+            "abbreviation": "Leg",
+            "qualification_ordering": 10,
+            "name": "Legal",
+            "urn": "urn:intuitem:risk:qualification:legal",
+        },
+        {
+            "abbreviation": "Fin",
+            "qualification_ordering": 11,
+            "name": "Financial",
+            "urn": "urn:intuitem:risk:qualification:financial",
+        },
+    ]
+
+    abbreviation = models.CharField(
+        max_length=20, null=True, blank=True, verbose_name=_("Abbreviation")
+    )
+    qualification_ordering = models.PositiveSmallIntegerField(
+        verbose_name=_("Ordering"), default=0
+    )
+    security_objective_ordering = models.PositiveSmallIntegerField(
+        verbose_name=_("Security objective ordering"), default=0
+    )
+
+    class Meta:
+        verbose_name = _("Qualification")
+        verbose_name_plural = _("Qualifications")
+        ordering = ["qualification_ordering"]
+
+    @classmethod
+    def create_default_qualifications(cls):
+        for qualification in cls.DEFAULT_QUALIFICATIONS:
+            Qualification.objects.update_or_create(
+                urn=qualification["urn"],
+                defaults=qualification,
+                create_defaults=qualification,
+            )
+
+
 ########################### Domain objects #########################
 
 

diff --git a/backend/core/startup.py b/backend/core/startup.py
@@ -361,6 +361,7 @@ def startup(sender: AppConfig, **kwargs):
     """
     from django.contrib.auth.models import Permission
 
+    from core.models import Qualification
     from iam.models import Folder, Role, RoleAssignment, User, UserGroup
     from tprm.models import Entity
 
@@ -490,7 +491,13 @@ def startup(sender: AppConfig, **kwargs):
                 email=CISO_ASSISTANT_SUPERUSER_EMAIL, is_superuser=True
             )
         except Exception as e:
-            print(e)  # NOTE: Add this exception in the logger
+            logger.error("Error creating superuser", exc_info=e)
+
+    # Create default Qualifications
+    try:
+        Qualification.create_default_qualifications()
+    except Exception as e:
+        logger.error("Error creating default qualifications", exc_info=e)
 
     call_command("storelibraries")
 

diff --git a/backend/ebios_rm/__init__.py b/backend/ebios_rm/__init__.py
diff --git a/backend/ebios_rm/apps.py b/backend/ebios_rm/apps.py
@@ -0,0 +1,6 @@
+from django.apps import AppConfig
+
+
+class EbiosRmConfig(AppConfig):
+    default_auto_field = "django.db.models.BigAutoField"
+    name = "ebios_rm"