Create CRUD endpoints for RO/TO couples, stakeholders, attack paths, …

…operational scenarios (#1126)
intuitem · Dec 4, 2024 · 520e6e2 · 520e6e2
2 parents 09d652e + e16a1f6
commit 520e6e2
Show file tree

Hide file tree

Showing 3 changed files with 145 additions and 4 deletions.
diff --git a/backend/ebios_rm/serializers.py b/backend/ebios_rm/serializers.py
@@ -1,10 +1,16 @@
 from core.serializers import (
     BaseModelSerializer,
     FieldsRelatedField,
-    AssessmentReadSerializer,
 )
 from core.models import StoredLibrary, RiskMatrix
-from .models import EbiosRMStudy, FearedEvent
+from .models import (
+    EbiosRMStudy,
+    FearedEvent,
+    RoTo,
+    Stakeholder,
+    AttackPath,
+    OperationalScenario,
+)
 from rest_framework import serializers
 import logging
 
@@ -72,3 +78,80 @@ class FearedEventReadSerializer(BaseModelSerializer):
     class Meta:
         model = FearedEvent
         fields = "__all__"
+
+
+class RoToWriteSerializer(BaseModelSerializer):
+    class Meta:
+        model = RoTo
+        exclude = ["created_at", "updated_at", "folder"]
+
+
+class RoToReadSerializer(BaseModelSerializer):
+    str = serializers.CharField(source="__str__")
+    ebios_rm_study = FieldsRelatedField()
+    folder = FieldsRelatedField()
+    feared_events = FieldsRelatedField(many=True)
+
+    class Meta:
+        model = RoTo
+        fields = "__all__"
+
+
+class StakeholderWriteSerializer(BaseModelSerializer):
+    current_criticality = serializers.IntegerField(read_only=True)
+    residual_criticality = serializers.IntegerField(read_only=True)
+
+    class Meta:
+        model = Stakeholder
+        exclude = ["created_at", "updated_at", "folder"]
+
+
+class StakeholderReadSerializer(BaseModelSerializer):
+    str = serializers.CharField(source="__str__")
+    ebios_rm_study = FieldsRelatedField()
+    folder = FieldsRelatedField()
+    entity = FieldsRelatedField()
+    applied_controls = FieldsRelatedField(many=True)
+
+    current_criticality = serializers.IntegerField()
+    residual_criticality = serializers.IntegerField()
+
+    class Meta:
+        model = Stakeholder
+        fields = "__all__"
+
+
+class AttackPathWriteSerializer(BaseModelSerializer):
+    class Meta:
+        model = AttackPath
+        exclude = ["created_at", "updated_at", "folder"]
+
+
+class AttackPathReadSerializer(BaseModelSerializer):
+    str = serializers.CharField(source="__str__")
+    ebios_rm_study = FieldsRelatedField()
+    folder = FieldsRelatedField()
+    ro_to_couple = FieldsRelatedField()
+    stakeholders = FieldsRelatedField(many=True)
+
+    class Meta:
+        model = AttackPath
+        fields = "__all__"
+
+
+class OperationalScenarioWriteSerializer(BaseModelSerializer):
+    class Meta:
+        model = OperationalScenario
+        exclude = ["created_at", "updated_at", "folder"]
+
+
+class OperationalScenarioReadSerializer(BaseModelSerializer):
+    str = serializers.CharField(source="__str__")
+    ebios_rm_study = FieldsRelatedField()
+    folder = FieldsRelatedField()
+    attack_paths = FieldsRelatedField(many=True)
+    threats = FieldsRelatedField(many=True)
+
+    class Meta:
+        model = OperationalScenario
+        fields = "__all__"
diff --git a/backend/ebios_rm/urls.py b/backend/ebios_rm/urls.py
@@ -1,12 +1,27 @@
 from django.urls import include, path
 from rest_framework import routers
 
-from ebios_rm.views import EbiosRMStudyViewSet, FearedEventViewSet
+from ebios_rm.views import (
+    EbiosRMStudyViewSet,
+    FearedEventViewSet,
+    RoToViewSet,
+    StakeholderViewSet,
+    AttackPathViewSet,
+    OperationalScenarioViewSet,
+)
 
 router = routers.DefaultRouter()
 
 router.register(r"studies", EbiosRMStudyViewSet, basename="studies")
 router.register(r"feared-events", FearedEventViewSet, basename="feared-events")
+router.register(r"ro-to", RoToViewSet, basename="ro-to")
+router.register(r"stakeholders", StakeholderViewSet, basename="stakeholders")
+router.register(r"attack-paths", AttackPathViewSet, basename="attack-paths")
+router.register(
+    r"operational-scenarios",
+    OperationalScenarioViewSet,
+    basename="operational-scenarios",
+)
 
 urlpatterns = [
     path("", include(router.urls)),

diff --git a/backend/ebios_rm/views.py b/backend/ebios_rm/views.py
@@ -1,5 +1,12 @@
 from core.views import BaseModelViewSet as AbstractBaseModelViewSet
-from .models import EbiosRMStudy, FearedEvent
+from .models import (
+    EbiosRMStudy,
+    FearedEvent,
+    RoTo,
+    Stakeholder,
+    AttackPath,
+    OperationalScenario,
+)
 from django.utils.decorators import method_decorator
 from django.views.decorators.cache import cache_page
 from rest_framework.decorators import action
@@ -27,3 +34,39 @@ def status(self, request):
 
 class FearedEventViewSet(BaseModelViewSet):
     model = FearedEvent
+
+
+class RoToViewSet(BaseModelViewSet):
+    model = RoTo
+
+    @action(detail=False, name="Get risk origin choices", url_path="risk-origin")
+    def risk_origin(self, request):
+        return Response(dict(RoTo.RiskOrigin.choices))
+
+    @action(detail=False, name="Get motivation choices")
+    def motivation(self, request):
+        return Response(dict(RoTo.Motivation.choices))
+
+    @action(detail=False, name="Get resources choices")
+    def resources(self, request):
+        return Response(dict(RoTo.Resources.choices))
+
+    @action(detail=False, name="Get pertinence choices")
+    def pertinence(self, request):
+        return Response(dict(RoTo.Pertinence.choices))
+
+
+class StakeholderViewSet(BaseModelViewSet):
+    model = Stakeholder
+
+    @action(detail=False, name="Get category choices")
+    def category(self, request):
+        return Response(dict(Stakeholder.Category.choices))
+
+
+class AttackPathViewSet(BaseModelViewSet):
+    model = AttackPath
+
+
+class OperationalScenarioViewSet(BaseModelViewSet):
+    model = OperationalScenario