From 484d117629d9cccce1a775a4624ed93be014958c Mon Sep 17 00:00:00 2001 From: Nassim Tabchiche Date: Wed, 4 Dec 2024 15:05:26 +0100 Subject: [PATCH 1/8] Create RO/TO endpoints --- backend/ebios_rm/serializers.py | 20 ++++++++++++++++++-- backend/ebios_rm/urls.py | 3 ++- backend/ebios_rm/views.py | 6 +++++- 3 files changed, 25 insertions(+), 4 deletions(-) diff --git a/backend/ebios_rm/serializers.py b/backend/ebios_rm/serializers.py index 3507bf69f..7f64cea7a 100644 --- a/backend/ebios_rm/serializers.py +++ b/backend/ebios_rm/serializers.py @@ -1,10 +1,9 @@ from core.serializers import ( BaseModelSerializer, FieldsRelatedField, - AssessmentReadSerializer, ) from core.models import StoredLibrary, RiskMatrix -from .models import EbiosRMStudy, FearedEvent +from .models import EbiosRMStudy, FearedEvent, RoTo from rest_framework import serializers import logging @@ -72,3 +71,20 @@ class FearedEventReadSerializer(BaseModelSerializer): class Meta: model = FearedEvent fields = "__all__" + + +class RoToWriteSerializer(BaseModelSerializer): + class Meta: + model = RoTo + exclude = ["created_at", "updated_at", "folder"] + + +class RoToReadSerializer(BaseModelSerializer): + str = serializers.CharField(source="__str__") + ebios_rm_study = FieldsRelatedField() + folder = FieldsRelatedField() + fearead_events = FieldsRelatedField(many=True) + + class Meta: + model = RoTo + fields = "__all__" diff --git a/backend/ebios_rm/urls.py b/backend/ebios_rm/urls.py index 47ab37bcf..4037ddecf 100644 --- a/backend/ebios_rm/urls.py +++ b/backend/ebios_rm/urls.py @@ -1,12 +1,13 @@ from django.urls import include, path from rest_framework import routers -from ebios_rm.views import EbiosRMStudyViewSet, FearedEventViewSet +from ebios_rm.views import EbiosRMStudyViewSet, FearedEventViewSet, RoToViewSet router = routers.DefaultRouter() router.register(r"studies", EbiosRMStudyViewSet, basename="studies") router.register(r"feared-events", FearedEventViewSet, basename="feared-events") +router.register(r"ro-to", RoToViewSet, basename="ro-to") urlpatterns = [ path("", include(router.urls)), diff --git a/backend/ebios_rm/views.py b/backend/ebios_rm/views.py index 69676bf77..32377350d 100644 --- a/backend/ebios_rm/views.py +++ b/backend/ebios_rm/views.py @@ -1,5 +1,5 @@ from core.views import BaseModelViewSet as AbstractBaseModelViewSet -from .models import EbiosRMStudy, FearedEvent +from .models import EbiosRMStudy, FearedEvent, RoTo from django.utils.decorators import method_decorator from django.views.decorators.cache import cache_page from rest_framework.decorators import action @@ -27,3 +27,7 @@ def status(self, request): class FearedEventViewSet(BaseModelViewSet): model = FearedEvent + + +class RoToViewSet(BaseModelViewSet): + model = RoTo From e7c9cb87ff6e5f235943651f52e98a6d9eb712dc Mon Sep 17 00:00:00 2001 From: Nassim Tabchiche Date: Wed, 4 Dec 2024 15:05:42 +0100 Subject: [PATCH 2/8] Create endpoints for RO/TO choice fields --- backend/ebios_rm/views.py | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/backend/ebios_rm/views.py b/backend/ebios_rm/views.py index 32377350d..630ea25d2 100644 --- a/backend/ebios_rm/views.py +++ b/backend/ebios_rm/views.py @@ -31,3 +31,19 @@ class FearedEventViewSet(BaseModelViewSet): class RoToViewSet(BaseModelViewSet): model = RoTo + + @action(detail=False, name="Get risk origin choices", url_path="risk-origin") + def risk_origin(self, request): + return Response(dict(RoTo.RiskOrigin.choices)) + + @action(detail=False, name="Get motivation choices") + def motivation(self, request): + return Response(dict(RoTo.Motivation.choices)) + + @action(detail=False, name="Get resources choices") + def resources(self, request): + return Response(dict(RoTo.Resources.choices)) + + @action(detail=False, name="Get pertinence choices") + def pertinence(self, request): + return Response(dict(RoTo.Pertinence.choices)) From 6a91b2b31bcc9e241755696cbc808cfb2a245055 Mon Sep 17 00:00:00 2001 From: Nassim Tabchiche Date: Wed, 4 Dec 2024 15:15:32 +0100 Subject: [PATCH 3/8] Fix typo --- backend/ebios_rm/serializers.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/backend/ebios_rm/serializers.py b/backend/ebios_rm/serializers.py index 7f64cea7a..fe5d3aedc 100644 --- a/backend/ebios_rm/serializers.py +++ b/backend/ebios_rm/serializers.py @@ -83,7 +83,7 @@ class RoToReadSerializer(BaseModelSerializer): str = serializers.CharField(source="__str__") ebios_rm_study = FieldsRelatedField() folder = FieldsRelatedField() - fearead_events = FieldsRelatedField(many=True) + feared_events = FieldsRelatedField(many=True) class Meta: model = RoTo From face6c4e0413618a680dca474879528686995284 Mon Sep 17 00:00:00 2001 From: Nassim Tabchiche Date: Wed, 4 Dec 2024 15:15:18 +0100 Subject: [PATCH 4/8] Create serializers for Stakeholder model --- backend/ebios_rm/serializers.py | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/backend/ebios_rm/serializers.py b/backend/ebios_rm/serializers.py index fe5d3aedc..e19dd2c2a 100644 --- a/backend/ebios_rm/serializers.py +++ b/backend/ebios_rm/serializers.py @@ -88,3 +88,21 @@ class RoToReadSerializer(BaseModelSerializer): class Meta: model = RoTo fields = "__all__" + + +class StakeholderWriteSerializer(BaseModelSerializer): + class Meta: + model = Stakeholder + exclude = ["created_at", "updated_at", "folder"] + + +class StakeholderReadSerializer(BaseModelSerializer): + str = serializers.CharField(source="__str__") + ebios_rm_study = FieldsRelatedField() + folder = FieldsRelatedField() + entity = FieldsRelatedField() + applied_controls = FieldsRelatedField(many=True) + + class Meta: + model = Stakeholder + fields = "__all__" From ce82e67c059a34c0348ff3d9cffb6589497d3fb4 Mon Sep 17 00:00:00 2001 From: Nassim Tabchiche Date: Wed, 4 Dec 2024 15:25:04 +0100 Subject: [PATCH 5/8] Create Stakeholder endpoints --- backend/ebios_rm/urls.py | 8 +++++++- backend/ebios_rm/views.py | 10 +++++++++- 2 files changed, 16 insertions(+), 2 deletions(-) diff --git a/backend/ebios_rm/urls.py b/backend/ebios_rm/urls.py index 4037ddecf..9e5ec6454 100644 --- a/backend/ebios_rm/urls.py +++ b/backend/ebios_rm/urls.py @@ -1,13 +1,19 @@ from django.urls import include, path from rest_framework import routers -from ebios_rm.views import EbiosRMStudyViewSet, FearedEventViewSet, RoToViewSet +from ebios_rm.views import ( + EbiosRMStudyViewSet, + FearedEventViewSet, + RoToViewSet, + StakeholderViewSet, +) router = routers.DefaultRouter() router.register(r"studies", EbiosRMStudyViewSet, basename="studies") router.register(r"feared-events", FearedEventViewSet, basename="feared-events") router.register(r"ro-to", RoToViewSet, basename="ro-to") +router.register(r"stakeholders", StakeholderViewSet, basename="stakeholders") urlpatterns = [ path("", include(router.urls)), diff --git a/backend/ebios_rm/views.py b/backend/ebios_rm/views.py index 630ea25d2..f7e01ddaf 100644 --- a/backend/ebios_rm/views.py +++ b/backend/ebios_rm/views.py @@ -1,5 +1,5 @@ from core.views import BaseModelViewSet as AbstractBaseModelViewSet -from .models import EbiosRMStudy, FearedEvent, RoTo +from .models import EbiosRMStudy, FearedEvent, RoTo, Stakeholder from django.utils.decorators import method_decorator from django.views.decorators.cache import cache_page from rest_framework.decorators import action @@ -47,3 +47,11 @@ def resources(self, request): @action(detail=False, name="Get pertinence choices") def pertinence(self, request): return Response(dict(RoTo.Pertinence.choices)) + + +class StakeholderViewSet(BaseModelViewSet): + model = Stakeholder + + @action(detail=False, name="Get category choices") + def category(self, request): + return Response(dict(Stakeholder.Category.choices)) From fcb3cdc5a1cabb8862e05855db6b84ec4ea5afde Mon Sep 17 00:00:00 2001 From: Nassim Tabchiche Date: Wed, 4 Dec 2024 15:25:15 +0100 Subject: [PATCH 6/8] Serialize stakeholder criticality --- backend/ebios_rm/serializers.py | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/backend/ebios_rm/serializers.py b/backend/ebios_rm/serializers.py index e19dd2c2a..f60204853 100644 --- a/backend/ebios_rm/serializers.py +++ b/backend/ebios_rm/serializers.py @@ -3,7 +3,7 @@ FieldsRelatedField, ) from core.models import StoredLibrary, RiskMatrix -from .models import EbiosRMStudy, FearedEvent, RoTo +from .models import EbiosRMStudy, FearedEvent, RoTo, Stakeholder from rest_framework import serializers import logging @@ -91,6 +91,9 @@ class Meta: class StakeholderWriteSerializer(BaseModelSerializer): + current_criticality = serializers.IntegerField(read_only=True) + residual_criticality = serializers.IntegerField(read_only=True) + class Meta: model = Stakeholder exclude = ["created_at", "updated_at", "folder"] @@ -103,6 +106,9 @@ class StakeholderReadSerializer(BaseModelSerializer): entity = FieldsRelatedField() applied_controls = FieldsRelatedField(many=True) + current_criticality = serializers.IntegerField() + residual_criticality = serializers.IntegerField() + class Meta: model = Stakeholder fields = "__all__" From d7091197404810f43b4faaec3a0995fa919f52fd Mon Sep 17 00:00:00 2001 From: Nassim Tabchiche Date: Wed, 4 Dec 2024 15:45:10 +0100 Subject: [PATCH 7/8] Create AttackPath endpoints --- backend/ebios_rm/serializers.py | 20 +++++++++++++++++++- backend/ebios_rm/urls.py | 2 ++ backend/ebios_rm/views.py | 6 +++++- 3 files changed, 26 insertions(+), 2 deletions(-) diff --git a/backend/ebios_rm/serializers.py b/backend/ebios_rm/serializers.py index f60204853..462a35d75 100644 --- a/backend/ebios_rm/serializers.py +++ b/backend/ebios_rm/serializers.py @@ -3,7 +3,7 @@ FieldsRelatedField, ) from core.models import StoredLibrary, RiskMatrix -from .models import EbiosRMStudy, FearedEvent, RoTo, Stakeholder +from .models import EbiosRMStudy, FearedEvent, RoTo, Stakeholder, AttackPath from rest_framework import serializers import logging @@ -112,3 +112,21 @@ class StakeholderReadSerializer(BaseModelSerializer): class Meta: model = Stakeholder fields = "__all__" + + +class AttackPathWriteSerializer(BaseModelSerializer): + class Meta: + model = AttackPath + exclude = ["created_at", "updated_at", "folder"] + + +class AttackPathReadSerializer(BaseModelSerializer): + str = serializers.CharField(source="__str__") + ebios_rm_study = FieldsRelatedField() + folder = FieldsRelatedField() + ro_to_couple = FieldsRelatedField() + stakeholders = FieldsRelatedField(many=True) + + class Meta: + model = AttackPath + fields = "__all__" diff --git a/backend/ebios_rm/urls.py b/backend/ebios_rm/urls.py index 9e5ec6454..8214b799e 100644 --- a/backend/ebios_rm/urls.py +++ b/backend/ebios_rm/urls.py @@ -6,6 +6,7 @@ FearedEventViewSet, RoToViewSet, StakeholderViewSet, + AttackPathViewSet, ) router = routers.DefaultRouter() @@ -14,6 +15,7 @@ router.register(r"feared-events", FearedEventViewSet, basename="feared-events") router.register(r"ro-to", RoToViewSet, basename="ro-to") router.register(r"stakeholders", StakeholderViewSet, basename="stakeholders") +router.register(r"attack-paths", AttackPathViewSet, basename="attack-paths") urlpatterns = [ path("", include(router.urls)), diff --git a/backend/ebios_rm/views.py b/backend/ebios_rm/views.py index f7e01ddaf..6237f6c86 100644 --- a/backend/ebios_rm/views.py +++ b/backend/ebios_rm/views.py @@ -1,5 +1,5 @@ from core.views import BaseModelViewSet as AbstractBaseModelViewSet -from .models import EbiosRMStudy, FearedEvent, RoTo, Stakeholder +from .models import EbiosRMStudy, FearedEvent, RoTo, Stakeholder, AttackPath from django.utils.decorators import method_decorator from django.views.decorators.cache import cache_page from rest_framework.decorators import action @@ -55,3 +55,7 @@ class StakeholderViewSet(BaseModelViewSet): @action(detail=False, name="Get category choices") def category(self, request): return Response(dict(Stakeholder.Category.choices)) + + +class AttackPathViewSet(BaseModelViewSet): + model = AttackPath From e16a1f6a0156ae844cdad258226fa126b2a273c9 Mon Sep 17 00:00:00 2001 From: Nassim Tabchiche Date: Wed, 4 Dec 2024 15:51:55 +0100 Subject: [PATCH 8/8] Create OperationalScenario endpoints --- backend/ebios_rm/serializers.py | 27 ++++++++++++++++++++++++++- backend/ebios_rm/urls.py | 6 ++++++ backend/ebios_rm/views.py | 13 ++++++++++++- 3 files changed, 44 insertions(+), 2 deletions(-) diff --git a/backend/ebios_rm/serializers.py b/backend/ebios_rm/serializers.py index 462a35d75..e77c5c153 100644 --- a/backend/ebios_rm/serializers.py +++ b/backend/ebios_rm/serializers.py @@ -3,7 +3,14 @@ FieldsRelatedField, ) from core.models import StoredLibrary, RiskMatrix -from .models import EbiosRMStudy, FearedEvent, RoTo, Stakeholder, AttackPath +from .models import ( + EbiosRMStudy, + FearedEvent, + RoTo, + Stakeholder, + AttackPath, + OperationalScenario, +) from rest_framework import serializers import logging @@ -130,3 +137,21 @@ class AttackPathReadSerializer(BaseModelSerializer): class Meta: model = AttackPath fields = "__all__" + + +class OperationalScenarioWriteSerializer(BaseModelSerializer): + class Meta: + model = OperationalScenario + exclude = ["created_at", "updated_at", "folder"] + + +class OperationalScenarioReadSerializer(BaseModelSerializer): + str = serializers.CharField(source="__str__") + ebios_rm_study = FieldsRelatedField() + folder = FieldsRelatedField() + attack_paths = FieldsRelatedField(many=True) + threats = FieldsRelatedField(many=True) + + class Meta: + model = OperationalScenario + fields = "__all__" diff --git a/backend/ebios_rm/urls.py b/backend/ebios_rm/urls.py index 8214b799e..76f7b3e2e 100644 --- a/backend/ebios_rm/urls.py +++ b/backend/ebios_rm/urls.py @@ -7,6 +7,7 @@ RoToViewSet, StakeholderViewSet, AttackPathViewSet, + OperationalScenarioViewSet, ) router = routers.DefaultRouter() @@ -16,6 +17,11 @@ router.register(r"ro-to", RoToViewSet, basename="ro-to") router.register(r"stakeholders", StakeholderViewSet, basename="stakeholders") router.register(r"attack-paths", AttackPathViewSet, basename="attack-paths") +router.register( + r"operational-scenarios", + OperationalScenarioViewSet, + basename="operational-scenarios", +) urlpatterns = [ path("", include(router.urls)), diff --git a/backend/ebios_rm/views.py b/backend/ebios_rm/views.py index 6237f6c86..ca0d048dd 100644 --- a/backend/ebios_rm/views.py +++ b/backend/ebios_rm/views.py @@ -1,5 +1,12 @@ from core.views import BaseModelViewSet as AbstractBaseModelViewSet -from .models import EbiosRMStudy, FearedEvent, RoTo, Stakeholder, AttackPath +from .models import ( + EbiosRMStudy, + FearedEvent, + RoTo, + Stakeholder, + AttackPath, + OperationalScenario, +) from django.utils.decorators import method_decorator from django.views.decorators.cache import cache_page from rest_framework.decorators import action @@ -59,3 +66,7 @@ def category(self, request): class AttackPathViewSet(BaseModelViewSet): model = AttackPath + + +class OperationalScenarioViewSet(BaseModelViewSet): + model = OperationalScenario