intuitem · eric-intuitem · Dec 21, 2024 · Dec 21, 2024 · Dec 21, 2024 · Dec 21, 2024
diff --git a/backend/ebios_rm/migrations/0010_alter_ebiosrmstudy_risk_matrix.py b/backend/ebios_rm/migrations/0010_alter_ebiosrmstudy_risk_matrix.py
@@ -0,0 +1,26 @@
+# Generated by Django 5.1.4 on 2024-12-21 18:37
+
+import django.db.models.deletion
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+    dependencies = [
+        ("core", "0046_riskassessment_ebios_rm_study"),
+        ("ebios_rm", "0009_alter_roto_activity"),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name="ebiosrmstudy",
+            name="risk_matrix",
+            field=models.ForeignKey(
+                blank=True,
+                help_text="Risk matrix used as a reference for the study",
+                on_delete=django.db.models.deletion.PROTECT,
+                related_name="ebios_rm_studies",
+                to="core.riskmatrix",
+                verbose_name="Risk matrix",
+            ),
+        ),
+    ]
diff --git a/backend/ebios_rm/models.py b/backend/ebios_rm/models.py
@@ -97,9 +97,7 @@ class Status(models.TextChoices):
         on_delete=models.PROTECT,
         verbose_name=_("Risk matrix"),
         related_name="ebios_rm_studies",
-        help_text=_(
-            "Risk matrix used as a reference for the study. Defaults to `urn:intuitem:risk:library:risk-matrix-4x4-ebios-rm`"
-        ),
+        help_text=_("Risk matrix used as a reference for the study"),
         blank=True,
     )
     assets = models.ManyToManyField(

diff --git a/backend/ebios_rm/serializers.py b/backend/ebios_rm/serializers.py
@@ -21,28 +21,6 @@ class EbiosRMStudyWriteSerializer(BaseModelSerializer):
         queryset=RiskMatrix.objects.all(), required=False
     )
 
-    def create(self, validated_data):
-        if not validated_data.get("risk_matrix"):
-            try:
-                ebios_matrix = RiskMatrix.objects.filter(
-                    urn="urn:intuitem:risk:matrix:risk-matrix-4x4-ebios-rm"
-                ).first()
-                if not ebios_matrix:
-                    ebios_matrix_library = StoredLibrary.objects.get(
-                        urn="urn:intuitem:risk:library:risk-matrix-4x4-ebios-rm"
-                    )
-                    ebios_matrix_library.load()
-                    ebios_matrix = RiskMatrix.objects.get(
-                        urn="urn:intuitem:risk:matrix:risk-matrix-4x4-ebios-rm"
-                    )
-                validated_data["risk_matrix"] = ebios_matrix
-            except (StoredLibrary.DoesNotExist, RiskMatrix.DoesNotExist) as e:
-                logging.error(f"Error loading risk matrix: {str(e)}")
-                raise serializers.ValidationError(
-                    "An error occurred while loading the risk matrix."
-                )
-        return super().create(validated_data)
-
     class Meta:
         model = EbiosRMStudy
         exclude = ["created_at", "updated_at"]
@@ -110,6 +88,13 @@ class StakeholderWriteSerializer(BaseModelSerializer):
     current_criticality = serializers.IntegerField(read_only=True)
     residual_criticality = serializers.IntegerField(read_only=True)
 
+    def create(self, validated_data):
+        validated_data["residual_dependency"] = validated_data["current_dependency"]
+        validated_data["residual_penetration"] = validated_data["current_penetration"]
+        validated_data["residual_maturity"] = validated_data["current_maturity"]
+        validated_data["residual_trust"] = validated_data["current_trust"]
+        return super().create(validated_data)
+
     class Meta:
         model = Stakeholder
         exclude = ["created_at", "updated_at", "folder"]

diff --git a/backend/library/libraries/risk-matrix-4x4-ebios-rm.yaml b/backend/library/libraries/risk-matrix-4x4-ebios-rm.yaml
@@ -4,7 +4,7 @@ ref_id: risk-matrix-4x4-ebios-rm
 name: 4x4 risk matrix from EBIOS-RM
 description: based on the official guide of the EBIOS RM approach
 copyright: public domain
-version: 2
+version: 3
 provider: intuitem
 packager: intuitem
 translations:
@@ -171,4 +171,5 @@ objects:
       - 2
     translations:
       fr:
+        name: Matrice 4x4 EBIOS-RM
         description: "Bas\xE9e sur le guide officiel de la m\xE9thode EBIOS RM"
diff --git a/enterprise/frontend/src/lib/components/Forms/ModelForm/EbiosRmForm.svelte b/enterprise/frontend/src/lib/components/Forms/ModelForm/EbiosRmForm.svelte
@@ -76,7 +76,7 @@
 		cacheLock={cacheLocks['risk_matrix']}
 		bind:cachedValue={formDataCache['risk_matrix']}
 		label={m.riskMatrix()}
-		placeholder={m.ebiosRmRiskMatrix()}
+		placeholder={m.riskAssessmentMatrixHelpText()}
 		helpText={m.ebiosRmMatrixHelpText()}
 	/>
 {:else if context === 'ebiosRmStudy'}

diff --git a/frontend/messages/en.json b/frontend/messages/en.json
@@ -924,7 +924,7 @@
 	"ebiosWs5_4": "Assess and document residual risks",
 	"ebiosWs5_5": "Establish risk monitoring framework",
 	"activity": "Step",
-	"ebiosRmMatrixHelpText": "Risk matrix used as a reference for the study. Defaults to `urn:intuitem:risk:library:risk-matrix-4x4-ebios-rm`",
+	"ebiosRmMatrixHelpText": "Risk matrix used as a reference for the study",
 	"activityOne": "Step 1",
 	"activityTwo": "Step 2",
 	"activityThree": "Step 3",
@@ -1014,12 +1014,12 @@
 	"addStrategicScenario": "Add strategic scenario",
 	"markAsDone": "Mark as done",
 	"markAsInProgress": "Mark as in progress",
-	"ebiosRmRiskMatrix": "4x4 risk matrix from EBIOS-RM",
 	"riskAnalyses": "Risk analyses",
 	"client": "Client",
 	"partner": "Partner",
 	"supplier": "Supplier",
 	"referenceEntity": "Reference entity",
 	"referenceEntitySemiColon": "Reference entity:",
-	"moderate": "Moderate"
+	"moderate": "Moderate",
+	"associatedAttackPaths": "Associated Attack Paths"
 }
diff --git a/frontend/messages/fr.json b/frontend/messages/fr.json
@@ -18,7 +18,7 @@
 	"addVulnerability": "Ajouter une vulnérabilité",
 	"addReferenceControl": "Ajouter une mesure de référence",
 	"addAppliedControl": "Ajouter une mesure appliquée",
-	"addAsset": "Ajouter un bien sensible",
+	"addAsset": "Ajouter un actif",
 	"addRiskAssessment": "Ajouter une évaluation de risque",
 	"addRiskScenario": "Ajouter un scénario de risque",
 	"addRiskAcceptance": "Ajouter une acceptation de risque",
@@ -155,7 +155,7 @@
 	"annotation": "Annotation",
 	"library": "Bibliothèque",
 	"typicalEvidence": "Preuve typique",
-	"parentAsset": "Bien sensible parent",
+	"parentAsset": "Actif parent",
 	"parentAssets": "Actifs parents",
 	"approver": "Approbateur",
 	"state": "État",
@@ -904,7 +904,7 @@
 	"ebiosWs1": "Atelier 1 : Cadrage et Socle de sécurité",
 	"ebiosWs2": "Atelier 2 : Sources de risque",
 	"ebiosWs3": "Atelier 3 : Scénarios stratégiques",
-	"ebiosWs4": "Atelier 4 : Scenarios opértionnels",
+	"ebiosWs4": "Atelier 4 : Scenarios opérationnels",
 	"ebiosWs5": "Atelier 5 : Traitement du risque",
 	"ebiosWs1_1": "Définir le cadre de l’étude",
 	"ebiosWs1_2": "Définir le périmètre métier et technique",
@@ -924,7 +924,7 @@
 	"ebiosWs5_4": "Évaluer et documenter les risques résiduels",
 	"ebiosWs5_5": "Mettre en place le cadre de suivi des risques",
 	"activity": "Activité",
-	"ebiosRmMatrixHelpText": "Matrice de risque utilisée pour l'étude. La valeur par défaut est `urn:intuitem:risk:library:risk-matrix-4x4-ebios-rm`",
+	"ebiosRmMatrixHelpText": "Matrice de risque utilisée pour l'étude.",
 	"activityOne": "Activité 1",
 	"activityTwo": "Activité 2",
 	"activityThree": "Activité 3",
@@ -1012,10 +1012,13 @@
 	"strategicScenarios": "Scénarios stratégiques",
 	"goBackToEbiosRmStudy": "Retour à l'étude",
 	"addStrategicScenario": "Ajouter un scénario stratégique",
+	"markAsDone": "C'est fait",
+	"markAsInProgress": "Reprendre",
 	"client": "Client",
 	"partner": "Partenaire",
 	"supplier": "Fournisseur",
 	"referenceEntity": "Entité de référence",
 	"referenceEntitySemiColon": "Entité de référence :",
-	"moderate": "Modérée"
+	"moderate": "Modérée",
+	"associatedAttackPaths": "Chemins d'attaque associés"
 }
diff --git a/frontend/src/lib/components/DetailView/DetailView.svelte b/frontend/src/lib/components/DetailView/DetailView.svelte
@@ -309,7 +309,7 @@
 																	>{val.str}</Anchor
 																>
 															{:else if val.str}
-																{val.str}
+																{safeTranslate(val.str)}
 															{:else}
 																{value}
 															{/if}

diff --git a/frontend/src/lib/components/Forms/ModelForm/EbiosRmForm.svelte b/frontend/src/lib/components/Forms/ModelForm/EbiosRmForm.svelte
@@ -67,7 +67,6 @@
 		cacheLock={cacheLocks['risk_matrix']}
 		bind:cachedValue={formDataCache['risk_matrix']}
 		label={m.riskMatrix()}
-		placeholder={m.ebiosRmRiskMatrix()}
 		helpText={m.ebiosRmMatrixHelpText()}
 	/>
 {:else if context === 'ebiosRmStudy'}

diff --git a/frontend/src/lib/components/Forms/ModelForm/EntityAssessmentForm.svelte b/frontend/src/lib/components/Forms/ModelForm/EntityAssessmentForm.svelte
@@ -204,7 +204,3 @@
 	cacheLock={cacheLocks['observation']}
 	bind:cachedValue={formDataCache['observation']}
 />
-<!-- <Score {form} label={m.penetration()} field="penetration" always_enabled={true} inversedColors fullDonut max_score={5} />
-<Score {form} label={m.dependency()} field="dependency" always_enabled={true} inversedColors fullDonut max_score={5} />
-<Score {form} label={m.maturity()} field="maturity" always_enabled={true} inversedColors fullDonut max_score={5} />
-<Score {form} label={m.trust()} field="trust" always_enabled={true} inversedColors fullDonut max_score={5} /> -->
diff --git a/frontend/src/lib/utils/i18n.ts b/frontend/src/lib/utils/i18n.ts
@@ -11,6 +11,12 @@ export function unsafeTranslate(key: string, params = {}, options = {}): string
 	if (Object.hasOwn(m, key)) {
 		return m[key](params, options);
 	}
+	if (typeof key === 'string' && key) {
+		let res = key.match('^([^:]+):([^:]+)$');
+		if (res) {
+			return (Object.hasOwn(m, res[1]) ? m[res[1]](params, options) : res[1]) + ':' + res[2];
+		}
+	}
 	if (Object.hasOwn(m, toCamelCase(key))) {
 		return m[toCamelCase(key)](params, options);
 	}

diff --git a/frontend/src/lib/utils/schemas.ts b/frontend/src/lib/utils/schemas.ts
@@ -396,7 +396,7 @@ export const ebiosRMSchema = z.object({
 	...NameDescriptionMixin,
 	version: z.string().optional().default('0.1'),
 	ref_id: z.string().optional().default(''),
-	risk_matrix: z.string().optional(),
+	risk_matrix: z.string(),
 	authors: z.array(z.string().optional()).optional(),
 	reviewers: z.array(z.string().optional()).optional(),
 	observation: z.string().optional().nullable(),

diff --git a/frontend/src/routes/(app)/(internal)/entity-assessments/[id=uuid]/+page.svelte b/frontend/src/routes/(app)/(internal)/entity-assessments/[id=uuid]/+page.svelte
@@ -15,11 +15,7 @@
 </script>
 
 <div class="flex flex-col space-y-4 whitespace-pre-line">
-	<DetailView
-		{data}
-		{mailing}
-		exclude={['criticality', 'penetration', 'dependency', 'maturity', 'trust']}
-	/>
+	<DetailView {data} {mailing} />
 	{#if data.data.compliance_assessment}
 		<div class="card px-6 py-4 bg-white flex flex-row justify-between shadow-lg w-full">
 			<TreeView>

diff --git a/frontend/src/routes/(app)/(internal)/operational-scenarios/[id=uuid]/+page.svelte b/frontend/src/routes/(app)/(internal)/operational-scenarios/[id=uuid]/+page.svelte
@@ -5,6 +5,7 @@
 	import { pageTitle } from '$lib/utils/stores';
 	import ModelTable from '$lib/components/ModelTable/ModelTable.svelte';
 	import { popup, type PopupSettings } from '@skeletonlabs/skeleton';
+	import { safeTranslate } from '$lib/utils/i18n';
 
 	export let data: PageData;
 
@@ -114,7 +115,7 @@
 						<h4 class="font-semibold text-gray-600">{m.riskOrigin()}</h4>
 						<i class="fa-solid fa-skull-crossbones text-3xl"></i>
 						<p class="badge text-white bg-red-500 capitalize">
-							{operationalScenario.ro_to.risk_origin}
+							{safeTranslate(operationalScenario.ro_to.risk_origin)}
 						</p>
 					</div>
 					<div

diff --git a/tools/matrix/risk-matrix-4x4-ebios-rm.xlsx b/tools/matrix/risk-matrix-4x4-ebios-rm.xlsx