From 85abe8b8218a624374396c1ffa4a8d58c59adf76 Mon Sep 17 00:00:00 2001
From: Mohamed-Hacene <mohamedhacene.b@gmail.com>
Date: Fri, 20 Sep 2024 12:19:20 +0200
Subject: [PATCH 01/26] feat: add entity assessment author help text

---
 frontend/messages/en.json                          | 3 ++-
 frontend/src/lib/components/Forms/ModelForm.svelte | 1 +
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/frontend/messages/en.json b/frontend/messages/en.json
index 16217e94c..a33e5a16e 100644
--- a/frontend/messages/en.json
+++ b/frontend/messages/en.json
@@ -729,5 +729,6 @@
 	"createUser": "Create user",
 	"createUserHelpText": "Create or link a third party user to the representative based on the email",
 	"nameDuplicate": "Name already exists",
-	"noAnswer": "No answer"
+	"noAnswer": "No answer",
+	"entityAssessmentAuthorHelpText": "The representative who is responsible for questionnaire completion"
 }
diff --git a/frontend/src/lib/components/Forms/ModelForm.svelte b/frontend/src/lib/components/Forms/ModelForm.svelte
index b3d18a1a0..b6c4fcc59 100644
--- a/frontend/src/lib/components/Forms/ModelForm.svelte
+++ b/frontend/src/lib/components/Forms/ModelForm.svelte
@@ -890,6 +890,7 @@
 			multiple
 			options={getOptions({ objects: model.foreignKeys['authors'], label: 'email' })}
 			field="authors"
+			helpText={m.entityAssessmentAuthorHelpText()}
 			cacheLock={cacheLocks['authors']}
 			bind:cachedValue={formDataCache['authors']}
 			label={m.authors()}

From d915a21a9cda4a59e6561612721139b732aca7d9 Mon Sep 17 00:00:00 2001
From: Mohamed-Hacene <mohamedhacene.b@gmail.com>
Date: Mon, 23 Sep 2024 12:54:08 +0200
Subject: [PATCH 02/26] feat: add send mail button for questionnaire

---
 backend/core/views.py                         | 29 +++++++--
 backend/tprm/serializers.py                   | 17 ------
 frontend/messages/en.json                     |  6 +-
 .../components/DetailView/DetailView.svelte   | 59 ++++++++++++++++---
 .../[id=uuid]/+page.server.ts                 | 35 ++++++++++-
 .../entity-assessments/[id=uuid]/+page.svelte |  6 +-
 6 files changed, 121 insertions(+), 31 deletions(-)

diff --git a/backend/core/views.py b/backend/core/views.py
index ba1358b78..06f104fd4 100644
--- a/backend/core/views.py
+++ b/backend/core/views.py
@@ -11,10 +11,7 @@
 from datetime import date, timedelta
 
 import django_filters as df
-from ciso_assistant.settings import (
-    BUILD,
-    VERSION,
-)
+from ciso_assistant.settings import BUILD, VERSION, EMAIL_HOST, EMAIL_HOST_RESCUE
 from django.contrib.auth.models import Permission
 from django.core.files.storage import default_storage
 from django.db import models
@@ -27,6 +24,7 @@
 from django_filters.rest_framework import DjangoFilterBackend
 from iam.models import Folder, RoleAssignment, User, UserGroup
 from rest_framework import filters, permissions, status, viewsets
+from django.utils.translation import gettext_lazy as _
 from rest_framework.decorators import (
     action,
     api_view,
@@ -1591,6 +1589,29 @@ def action_plan_pdf(self, request, pk):
         else:
             return Response({"error": "Permission denied"})
 
+    @action(
+        detail=True,
+        methods=["post"],
+        name="Send compliance assessment by mail to authors",
+    )
+    def mailing(self, request, pk):
+        instance = self.get_object()
+        if EMAIL_HOST or EMAIL_HOST_RESCUE:
+            for author in instance.authors.all():
+                try:
+                    author.mailing(
+                        email_template_name="tprm/third_party_email.html",
+                        subject=_(
+                            "CISO Assistant: A questionnaire has been assigned to you"
+                        ),
+                        object="compliance-assessments",
+                        object_id=instance.id,
+                    )
+                except Exception as e:
+                    print(f"Failed to send email to {author}: {e}")
+            return Response({"results": "mail sent"})
+        return Response({"results": "mail not sent"})
+
     def perform_create(self, serializer):
         """
         Create RequirementAssessment objects for the newly created ComplianceAssessment
diff --git a/backend/tprm/serializers.py b/backend/tprm/serializers.py
index a5218959f..398b8ab19 100644
--- a/backend/tprm/serializers.py
+++ b/backend/tprm/serializers.py
@@ -120,27 +120,11 @@ def _assign_third_party_respondents(
                     logger.warning("User is not a third-party", user=user)
                 user.user_groups.add(respondents)
 
-    def _send_author_emails(self, instance, authors_to_email: set):
-        if EMAIL_HOST or EMAIL_HOST_RESCUE:
-            for author in authors_to_email:
-                try:
-                    author.mailing(
-                        email_template_name="tprm/third_party_email.html",
-                        subject=_(
-                            "CISO Assistant: A questionnaire has been assigned to you"
-                        ),
-                        object="compliance-assessments",
-                        object_id=instance.compliance_assessment.id,
-                    )
-                except Exception as e:
-                    print(f"Failed to send email to {author}: {e}")
-
     def create(self, validated_data):
         audit_data = self._extract_audit_data(validated_data)
         instance = super().create(validated_data)
         self._create_or_update_audit(instance, audit_data)
         self._assign_third_party_respondents(instance, set(instance.authors.all()))
-        self._send_author_emails(instance, set(instance.authors.all()))
         return instance
 
     def update(self, instance: EntityAssessment, validated_data):
@@ -154,7 +138,6 @@ def update(self, instance: EntityAssessment, validated_data):
             self._create_or_update_audit(instance, audit_data)
 
         self._assign_third_party_respondents(instance, new_authors)
-        self._send_author_emails(instance, new_authors)
         return instance
 
     class Meta:
diff --git a/frontend/messages/en.json b/frontend/messages/en.json
index a33e5a16e..0fe80eb21 100644
--- a/frontend/messages/en.json
+++ b/frontend/messages/en.json
@@ -730,5 +730,9 @@
 	"createUserHelpText": "Create or link a third party user to the representative based on the email",
 	"nameDuplicate": "Name already exists",
 	"noAnswer": "No answer",
-	"entityAssessmentAuthorHelpText": "The representative who is responsible for questionnaire completion"
+	"entityAssessmentAuthorHelpText": "The representative who is responsible for questionnaire completion",
+	"sendQuestionnaire": "Send questionnaire",
+	"sureToSendMail": "Are you sure you want to send the mail?",
+	"mailSuccessfullySent": "The mail has been successfully sent",
+	"mailFailedToSend": "The mail failed to be sent"
 }
diff --git a/frontend/src/lib/components/DetailView/DetailView.svelte b/frontend/src/lib/components/DetailView/DetailView.svelte
index ec59b9440..506d96545 100644
--- a/frontend/src/lib/components/DetailView/DetailView.svelte
+++ b/frontend/src/lib/components/DetailView/DetailView.svelte
@@ -28,6 +28,7 @@
 	const defaultExcludes = ['id', 'is_published', 'localization_dict'];
 
 	export let data;
+	export let mailing = false;
 	export let fields: string[] = [];
 	export let exclude: string[] = [];
 
@@ -107,6 +108,27 @@
 		modalStore.trigger(modal);
 	}
 
+	function modalMailConfirm(id: string, name: string, action: string): void {
+		const modalComponent: ModalComponent = {
+			ref: ConfirmModal,
+			props: {
+				_form: data.form,
+				id: id,
+				debug: false,
+				URLModel: getModelInfo('compliance-assessments').urlModel,
+				formAction: action
+			}
+		};
+		const modal: ModalSettings = {
+			type: 'component',
+			component: modalComponent,
+			// Data
+			title: m.confirmModalTitle(),
+			body: m.sureToSendMail()
+		};
+		modalStore.trigger(modal);
+	}
+
 	function getForms(model: Record<string, any>) {
 		let { form: createForm, message: createMessage } = superForm(model.createForm, {
 			onUpdated: ({ form }) =>
@@ -254,13 +276,36 @@
 				</div>
 			{/each}
 		</div>
-		{#if displayEditButton()}
-			<a
-				href={`${$page.url.pathname}/edit?next=${$page.url.pathname}`}
-				class="btn variant-filled-primary h-fit"
-				><i class="fa-solid fa-pen-to-square mr-2" data-testid="edit-button" />{m.edit()}</a
-			>
-		{/if}
+		<div class="">
+			{#if mailing}
+				<button
+					class="btn variant-filled-primary h-fit"
+					on:click={(_) => {
+						modalMailConfirm(
+							data.data.compliance_assessment.id,
+							data.data.compliance_assessment.name,
+							'?/mailing'
+						);
+					}}
+					on:keydown={(_) =>
+						modalMailConfirm(
+							data.data.compliance_assessment.id,
+							data.data.compliance_assessment.name,
+							'?/mailing'
+						)}
+				>
+					<i class="fas fa-paper-plane mr-2" />
+					{m.sendQuestionnaire()}
+				</button>
+			{/if}
+			{#if displayEditButton()}
+				<a
+					href={`${$page.url.pathname}/edit?next=${$page.url.pathname}`}
+					class="btn variant-filled-primary h-fit"
+					><i class="fa-solid fa-pen-to-square mr-2" data-testid="edit-button" />{m.edit()}</a
+				>
+			{/if}
+		</div>
 	</div>
 </div>
 
diff --git a/frontend/src/routes/(app)/(internal)/entity-assessments/[id=uuid]/+page.server.ts b/frontend/src/routes/(app)/(internal)/entity-assessments/[id=uuid]/+page.server.ts
index 877881e67..2628a6ebb 100644
--- a/frontend/src/routes/(app)/(internal)/entity-assessments/[id=uuid]/+page.server.ts
+++ b/frontend/src/routes/(app)/(internal)/entity-assessments/[id=uuid]/+page.server.ts
@@ -1,7 +1,40 @@
+import { BASE_API_URL } from '$lib/utils/constants';
 import { getModelInfo } from '$lib/utils/crud';
 import { loadDetail } from '$lib/utils/load';
-import type { PageServerLoad } from './$types';
+import { fail, superValidate } from 'sveltekit-superforms';
+import type { Actions, PageServerLoad } from './$types';
+import { z } from 'zod';
+import { zod } from 'sveltekit-superforms/adapters';
+import * as m from '$paraglide/messages';
+import { setFlash } from 'sveltekit-flash-message/server';
 
 export const load: PageServerLoad = async (event) => {
 	return loadDetail({ event, model: getModelInfo('entity-assessments'), id: event.params.id });
 };
+
+export const actions: Actions = {
+	mailing: async ({ request, fetch, cookies }) => {
+		const formData = await request.formData();
+		const schema = z.object({ urlmodel: z.string(), id: z.string().uuid() });
+		const ComplianceAssessmentForm = await superValidate(formData, zod(schema));
+
+		const urlmodel = ComplianceAssessmentForm.data.urlmodel;
+		const id = ComplianceAssessmentForm.data.id;
+		const endpoint = `${BASE_API_URL}/${urlmodel}/${id}/mailing/`;
+
+		if (!ComplianceAssessmentForm.valid) {
+			return fail(400, { form: ComplianceAssessmentForm });
+		}
+
+		const requestInitOptions: RequestInit = {
+			method: 'POST'
+		};
+		const res = await fetch(endpoint, requestInitOptions);
+		if (!res.ok) {
+			setFlash({ type: 'error', message: m.mailFailedToSend() }, cookies);
+			return fail(400, { form: ComplianceAssessmentForm });
+		}
+		setFlash({ type: 'success', message: m.mailSuccessfullySent() }, cookies);
+		return { ComplianceAssessmentForm };
+	}
+};
diff --git a/frontend/src/routes/(app)/(internal)/entity-assessments/[id=uuid]/+page.svelte b/frontend/src/routes/(app)/(internal)/entity-assessments/[id=uuid]/+page.svelte
index 221006076..ff43763c8 100644
--- a/frontend/src/routes/(app)/(internal)/entity-assessments/[id=uuid]/+page.svelte
+++ b/frontend/src/routes/(app)/(internal)/entity-assessments/[id=uuid]/+page.svelte
@@ -12,11 +12,14 @@
 
 	import { breadcrumbObject } from '$lib/utils/stores';
 	breadcrumbObject.set(data.data);
+
+	const mailing = Boolean(data.data.compliance_assessment) && Boolean(data.data.authors.length);
 </script>
 
 <div class="flex flex-col space-y-4 whitespace-pre-line">
 	<DetailView
 		{data}
+		{mailing}
 		exclude={['criticality', 'penetration', 'dependency', 'maturity', 'trust', 'evidence']}
 	/>
 	{#if data.data.compliance_assessment}
@@ -34,7 +37,8 @@
 							goto(href);
 						}
 					}}
-					><span class="font-semibold text-lg select-none">{m.questionnaire()}</span>
+				>
+					<span class="font-semibold text-lg select-none">{m.questionnaire()}</span>
 					<svelte:fragment slot="children">
 						{#if Object.hasOwn($page.state, 'auditTableMode')}
 							<div class="max-h-[48rem] overflow-y-scroll">

From 62121913c90d14e0436e02a4b52e15f8860f579b Mon Sep 17 00:00:00 2001
From: Mohamed-Hacene <mohamedhacene.b@gmail.com>
Date: Mon, 23 Sep 2024 13:11:05 +0200
Subject: [PATCH 03/26] style: make assessment/questionnaire mode sticky top

---
 .../[id=uuid]/table-mode/+page.svelte         | 36 ++++++++++---------
 1 file changed, 19 insertions(+), 17 deletions(-)

diff --git a/frontend/src/routes/(app)/(third-party)/compliance-assessments/[id=uuid]/table-mode/+page.svelte b/frontend/src/routes/(app)/(third-party)/compliance-assessments/[id=uuid]/table-mode/+page.svelte
index 63d2aef92..3d26dad7c 100644
--- a/frontend/src/routes/(app)/(third-party)/compliance-assessments/[id=uuid]/table-mode/+page.svelte
+++ b/frontend/src/routes/(app)/(third-party)/compliance-assessments/[id=uuid]/table-mode/+page.svelte
@@ -157,26 +157,28 @@
 		class="card px-6 py-4 bg-white flex flex-col justify-between shadow-lg w-full h-full space-y-2"
 	>
 		{#if !(questionnaireOnly ? !assessmentOnly : assessmentOnly)}
-			<div class="flex items-center justify-center space-x-4">
-				{#if questionnaireMode}
-					<p class="font-bold text-sm">{m.assessmentMode()}</p>
-				{:else}
-					<p class="font-bold text-sm text-green-500">{m.assessmentMode()}</p>
-				{/if}
-				<SlideToggle
-					name="questionnaireToggle"
-					class="flex flex-row items-center justify-center"
-					active="bg-primary-500"
-					background="bg-green-500"
-					bind:checked={questionnaireMode}
-					on:click={() => (questionnaireMode = !questionnaireMode)}
-				>
+			<div class="sticky top-0 p-2 z-10 card bg-white">
+				<div class="flex items-center justify-center space-x-4">
 					{#if questionnaireMode}
-						<p class="font-bold text-sm text-primary-500">{m.questionnaireMode()}</p>
+						<p class="font-bold text-sm">{m.assessmentMode()}</p>
 					{:else}
-						<p class="font-bold text-sm">{m.questionnaireMode()}</p>
+						<p class="font-bold text-sm text-green-500">{m.assessmentMode()}</p>
 					{/if}
-				</SlideToggle>
+					<SlideToggle
+						name="questionnaireToggle"
+						class="flex flex-row items-center justify-center"
+						active="bg-primary-500"
+						background="bg-green-500"
+						bind:checked={questionnaireMode}
+						on:click={() => (questionnaireMode = !questionnaireMode)}
+					>
+						{#if questionnaireMode}
+							<p class="font-bold text-sm text-primary-500">{m.questionnaireMode()}</p>
+						{:else}
+							<p class="font-bold text-sm">{m.questionnaireMode()}</p>
+						{/if}
+					</SlideToggle>
+				</div>
 			</div>
 		{/if}
 		{#each data.requirements as requirementAssessment}

From 59cf03b8ee94d8bc415a7b155bf51a84d738014d Mon Sep 17 00:00:00 2001
From: Mohamed-Hacene <mohamedhacene.b@gmail.com>
Date: Wed, 25 Sep 2024 15:12:01 +0200
Subject: [PATCH 04/26] feat: allow assessment mode for third party

---
 .../compliance-assessments/[id=uuid]/table-mode/+page.svelte    | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/frontend/src/routes/(app)/(third-party)/compliance-assessments/[id=uuid]/table-mode/+page.svelte b/frontend/src/routes/(app)/(third-party)/compliance-assessments/[id=uuid]/table-mode/+page.svelte
index 3d26dad7c..b7072ca5e 100644
--- a/frontend/src/routes/(app)/(third-party)/compliance-assessments/[id=uuid]/table-mode/+page.svelte
+++ b/frontend/src/routes/(app)/(third-party)/compliance-assessments/[id=uuid]/table-mode/+page.svelte
@@ -31,7 +31,7 @@
 	export let shallow = false;
 
 	export let actionPath: string = '';
-	export let questionnaireOnly: boolean = $page.data.user.is_third_party;
+	export let questionnaireOnly: boolean = false;
 	export let assessmentOnly: boolean = false;
 	export let invalidateAll: boolean = true;
 

From 1918317807c9918cd58391d973f760e4c474476a Mon Sep 17 00:00:00 2001
From: Mohamed-Hacene <mohamedhacene.b@gmail.com>
Date: Wed, 25 Sep 2024 15:25:49 +0200
Subject: [PATCH 05/26] feat: allow requirement assessments for third party

---
 backend/core/startup.py                       |   1 +
 .../[id=uuid]/+page.svelte                    | 131 +++++++++---------
 .../[id=uuid]/+page.server.ts                 |   0
 .../[id=uuid]/+page.svelte                    |   0
 .../[id=uuid]/edit/+page.server.ts            |   0
 .../[id=uuid]/edit/+page.svelte               |  12 +-
 6 files changed, 72 insertions(+), 72 deletions(-)
 rename frontend/src/routes/(app)/{(internal) => (third-party)}/requirement-assessments/[id=uuid]/+page.server.ts (100%)
 rename frontend/src/routes/(app)/{(internal) => (third-party)}/requirement-assessments/[id=uuid]/+page.svelte (100%)
 rename frontend/src/routes/(app)/{(internal) => (third-party)}/requirement-assessments/[id=uuid]/edit/+page.server.ts (100%)
 rename frontend/src/routes/(app)/{(internal) => (third-party)}/requirement-assessments/[id=uuid]/edit/+page.svelte (97%)

diff --git a/backend/core/startup.py b/backend/core/startup.py
index 8c2deb181..f6755dffd 100644
--- a/backend/core/startup.py
+++ b/backend/core/startup.py
@@ -284,6 +284,7 @@
     "view_complianceassessment",
     "view_requirementassessment",
     "change_requirementassessment",
+    "view_requirementnode",
     "view_evidence",
     "add_evidence",
     "change_evidence",
diff --git a/frontend/src/routes/(app)/(third-party)/compliance-assessments/[id=uuid]/+page.svelte b/frontend/src/routes/(app)/(third-party)/compliance-assessments/[id=uuid]/+page.svelte
index aad68ae6e..c74c5af59 100644
--- a/frontend/src/routes/(app)/(third-party)/compliance-assessments/[id=uuid]/+page.svelte
+++ b/frontend/src/routes/(app)/(third-party)/compliance-assessments/[id=uuid]/+page.svelte
@@ -242,51 +242,47 @@
 				</div>
 			{/each}
 		</div>
-		{#if !$page.data.user.is_third_party}
-			<div class="flex w-1/3 relative">
-				{#if data.global_score.score >= 0}
-					<div class="absolute font-bold text-sm">{m.maturity()}</div>
-					<div class="flex justify-center items-center w-full">
-						<ProgressRadial
-							stroke={100}
-							meter={displayScoreColor(data.global_score.score, data.global_score.max_score)}
-							font={125}
-							value={(data.global_score.score * 100) / data.global_score.max_score}
-							width={'w-52'}
-						>
-							{data.global_score.score}
-						</ProgressRadial>
-					</div>
-				{/if}
-			</div>
-
-			<div class="w-1/3">
-				<DonutChart
-					s_label="Result"
-					name="compliance_result"
-					title={m.compliance()}
-					orientation="horizontal"
-					values={compliance_assessment_donut_values.result.values}
-					colors={compliance_assessment_donut_values.result.values.map(
-						(object) => object.itemStyle.color
-					)}
-				/>
-			</div>
-			<div class="w-1/3">
-				<DonutChart
-					s_label="Status"
-					name="compliance_status"
-					title={m.progress()}
-					orientation="horizontal"
-					values={compliance_assessment_donut_values.status.values}
-					colors={compliance_assessment_donut_values.status.values.map(
-						(object) => object.itemStyle.color
-					)}
-				/>
-			</div>
-		{/if}
+		<div class="flex w-1/3 relative">
+			{#if data.global_score.score >= 0}
+				<div class="absolute font-bold text-sm">{m.maturity()}</div>
+				<div class="flex justify-center items-center w-full">
+					<ProgressRadial
+						stroke={100}
+						meter={displayScoreColor(data.global_score.score, data.global_score.max_score)}
+						font={125}
+						value={(data.global_score.score * 100) / data.global_score.max_score}
+						width={'w-52'}
+					>
+						{data.global_score.score}
+					</ProgressRadial>
+				</div>
+			{/if}
+		</div>
+		<div class="w-1/3">
+			<DonutChart
+				s_label="Result"
+				name="compliance_result"
+				title={m.compliance()}
+				orientation="horizontal"
+				values={compliance_assessment_donut_values.result.values}
+				colors={compliance_assessment_donut_values.result.values.map(
+					(object) => object.itemStyle.color
+				)}
+			/>
+		</div>
+		<div class="w-1/3">
+			<DonutChart
+				s_label="Status"
+				name="compliance_status"
+				title={m.progress()}
+				orientation="horizontal"
+				values={compliance_assessment_donut_values.status.values}
+				colors={compliance_assessment_donut_values.status.values.map(
+					(object) => object.itemStyle.color
+				)}
+			/>
+		</div>
 		<div class="flex flex-col space-y-2 ml-4">
-			{#if !$page.data.user.is_third_party}
 				<div class="flex flex-row space-x-2">
 					<button class="btn variant-filled-primary w-full" use:popup={popupDownload}
 						><i class="fa-solid fa-download mr-2" />{m.exportButton()}</button
@@ -305,11 +301,13 @@
 							href="/compliance-assessments/{data.compliance_assessment.id}/export"
 							class="block px-4 py-2 text-sm text-gray-800 hover:bg-gray-200">... {m.asZIP()}</a
 						>
-						<p class="block px-4 py-2 text-sm text-gray-800">{m.actionPlan()}</p>
-						<a
-							href="/compliance-assessments/{data.compliance_assessment.id}/action-plan/export/pdf"
-							class="block px-4 py-2 text-sm text-gray-800 hover:bg-gray-200">... {m.asPDF()}</a
-						>
+						{#if !$page.data.user.is_third_party}
+							<p class="block px-4 py-2 text-sm text-gray-800">{m.actionPlan()}</p>
+							<a
+								href="/compliance-assessments/{data.compliance_assessment.id}/action-plan/export/pdf"
+								class="block px-4 py-2 text-sm text-gray-800 hover:bg-gray-200">... {m.asPDF()}</a
+							>
+						{/if}
 					</div>
 					{#if canEditObject}
 						<a
@@ -319,10 +317,11 @@
 						>
 					{/if}
 				</div>
-				<a href={`${$page.url.pathname}/action-plan`} class="btn variant-filled-primary h-fit"
-					><i class="fa-solid fa-heart-pulse mr-2" />{m.actionPlan()}</a
-				>
-			{/if}
+				{#if !$page.data.user.is_third_party}
+					<a href={`${$page.url.pathname}/action-plan`} class="btn variant-filled-primary h-fit"
+						><i class="fa-solid fa-heart-pulse mr-2" />{m.actionPlan()}</a
+					>
+				{/if}	
 			<span class="pt-4 font-light text-sm">Power-ups:</span>
 			{#if !$page.data.user.is_third_party}
 				<a
@@ -345,19 +344,17 @@
 			{/if}
 		</div>
 	</div>
-	{#if !$page.data.user.is_third_party}
-		<div class="card px-6 py-4 bg-white flex flex-col shadow-lg">
-			<h4 class="h4 flex items-center font-semibold">
-				{m.associatedRequirements()}
-				<span class="badge variant-soft-primary ml-1">
-					{assessableNodesCount(treeViewNodes)}
-				</span>
-			</h4>
-			<div class="flex items-center my-2 text-xs space-x-2 text-gray-500">
-				<i class="fa-solid fa-diagram-project" />
-				<p>{m.mappingInferenceTip()}</p>
-			</div>
-			<RecursiveTreeView nodes={treeViewNodes} bind:expandedNodes hover="hover:bg-initial" />
+	<div class="card px-6 py-4 bg-white flex flex-col shadow-lg">
+		<h4 class="h4 flex items-center font-semibold">
+			{m.associatedRequirements()}
+			<span class="badge variant-soft-primary ml-1">
+				{assessableNodesCount(treeViewNodes)}
+			</span>
+		</h4>
+		<div class="flex items-center my-2 text-xs space-x-2 text-gray-500">
+			<i class="fa-solid fa-diagram-project" />
+			<p>{m.mappingInferenceTip()}</p>
 		</div>
-	{/if}
+		<RecursiveTreeView nodes={treeViewNodes} bind:expandedNodes hover="hover:bg-initial" />
+	</div>
 </div>
diff --git a/frontend/src/routes/(app)/(internal)/requirement-assessments/[id=uuid]/+page.server.ts b/frontend/src/routes/(app)/(third-party)/requirement-assessments/[id=uuid]/+page.server.ts
similarity index 100%
rename from frontend/src/routes/(app)/(internal)/requirement-assessments/[id=uuid]/+page.server.ts
rename to frontend/src/routes/(app)/(third-party)/requirement-assessments/[id=uuid]/+page.server.ts
diff --git a/frontend/src/routes/(app)/(internal)/requirement-assessments/[id=uuid]/+page.svelte b/frontend/src/routes/(app)/(third-party)/requirement-assessments/[id=uuid]/+page.svelte
similarity index 100%
rename from frontend/src/routes/(app)/(internal)/requirement-assessments/[id=uuid]/+page.svelte
rename to frontend/src/routes/(app)/(third-party)/requirement-assessments/[id=uuid]/+page.svelte
diff --git a/frontend/src/routes/(app)/(internal)/requirement-assessments/[id=uuid]/edit/+page.server.ts b/frontend/src/routes/(app)/(third-party)/requirement-assessments/[id=uuid]/edit/+page.server.ts
similarity index 100%
rename from frontend/src/routes/(app)/(internal)/requirement-assessments/[id=uuid]/edit/+page.server.ts
rename to frontend/src/routes/(app)/(third-party)/requirement-assessments/[id=uuid]/edit/+page.server.ts
diff --git a/frontend/src/routes/(app)/(internal)/requirement-assessments/[id=uuid]/edit/+page.svelte b/frontend/src/routes/(app)/(third-party)/requirement-assessments/[id=uuid]/edit/+page.svelte
similarity index 97%
rename from frontend/src/routes/(app)/(internal)/requirement-assessments/[id=uuid]/edit/+page.svelte
rename to frontend/src/routes/(app)/(third-party)/requirement-assessments/[id=uuid]/edit/+page.svelte
index 926160ef4..447fa4d48 100644
--- a/frontend/src/routes/(app)/(internal)/requirement-assessments/[id=uuid]/edit/+page.svelte
+++ b/frontend/src/routes/(app)/(third-party)/requirement-assessments/[id=uuid]/edit/+page.svelte
@@ -182,7 +182,7 @@
 	$: classesText =
 		complianceResultColorMap[mappingInference.result] === '#000000' ? 'text-white' : '';
 
-	let tabSet = 0;
+	let tabSet = $page.data.user.is_third_party ? 1: 0;
 </script>
 
 <div class="card space-y-2 p-4 bg-white shadow">
@@ -326,12 +326,14 @@
 		>
 			<div class="card shadow-lg bg-white">
 				<TabGroup>
-					<Tab bind:group={tabSet} name="compliance_assessments_tab" value={0}
-						>{m.appliedControls()}
-					</Tab>
+					{#if !$page.data.user.is_third_party}
+						<Tab bind:group={tabSet} name="compliance_assessments_tab" value={0}
+							>{m.appliedControls()}
+						</Tab>
+					{/if}
 					<Tab bind:group={tabSet} name="risk_assessments_tab" value={1}>{m.evidences()}</Tab>
 					<svelte:fragment slot="panel">
-						{#if tabSet === 0}
+						{#if tabSet === 0 && !$page.data.user.is_third_party}
 							<div class="flex items-center mb-2 px-2 text-xs space-x-2">
 								<i class="fa-solid fa-info-circle" />
 								<p>{m.requirementAppliedControlHelpText()}</p>

From 65f1bd75cae634abaf5c0014a0b834408dfbf10d Mon Sep 17 00:00:00 2001
From: Mohamed-Hacene <mohamedhacene.b@gmail.com>
Date: Wed, 25 Sep 2024 16:13:56 +0200
Subject: [PATCH 06/26] feat: add question tag in audit tree view

---
 backend/core/helpers.py                             |  2 ++
 frontend/messages/en.json                           |  3 ++-
 .../[id=uuid]/TreeViewItemContent.svelte            |  5 +++++
 .../requirement-assessments/[id=uuid]/+page.svelte  | 13 ++++++++-----
 4 files changed, 17 insertions(+), 6 deletions(-)

diff --git a/backend/core/helpers.py b/backend/core/helpers.py
index d139eeefe..6745f371b 100644
--- a/backend/core/helpers.py
+++ b/backend/core/helpers.py
@@ -286,6 +286,7 @@ def get_sorted_requirement_nodes_rec(start: list) -> dict:
                 "is_scored": req_as.is_scored if req_as else None,
                 "score": req_as.score if req_as else None,
                 "max_score": max_score if req_as else None,
+                "question": req_as.answer if req_as else None,
                 "mapping_inference": req_as.mapping_inference if req_as else None,
                 "status_display": req_as.get_status_display() if req_as else None,
                 "status_i18n": camel_case(req_as.status) if req_as else None,
@@ -323,6 +324,7 @@ def get_sorted_requirement_nodes_rec(start: list) -> dict:
                     "is_scored": child_req_as.is_scored if child_req_as else None,
                     "score": child_req_as.score if child_req_as else None,
                     "max_score": max_score if child_req_as else None,
+                    "question": child_req_as.answer if child_req_as else None,
                     "mapping_inference": child_req_as.mapping_inference
                     if child_req_as
                     else None,
diff --git a/frontend/messages/en.json b/frontend/messages/en.json
index 0fe80eb21..105885750 100644
--- a/frontend/messages/en.json
+++ b/frontend/messages/en.json
@@ -734,5 +734,6 @@
 	"sendQuestionnaire": "Send questionnaire",
 	"sureToSendMail": "Are you sure you want to send the mail?",
 	"mailSuccessfullySent": "The mail has been successfully sent",
-	"mailFailedToSend": "The mail failed to be sent"
+	"mailFailedToSend": "The mail failed to be sent",
+	"questionOrQuestions": "Question(s)"
 }
diff --git a/frontend/src/routes/(app)/(third-party)/compliance-assessments/[id=uuid]/TreeViewItemContent.svelte b/frontend/src/routes/(app)/(third-party)/compliance-assessments/[id=uuid]/TreeViewItemContent.svelte
index 292f849bf..35493c800 100644
--- a/frontend/src/routes/(app)/(third-party)/compliance-assessments/[id=uuid]/TreeViewItemContent.svelte
+++ b/frontend/src/routes/(app)/(third-party)/compliance-assessments/[id=uuid]/TreeViewItemContent.svelte
@@ -7,6 +7,7 @@
 	import { displayScoreColor, formatScoreValue } from '$lib/utils/helpers';
 	import { safeTranslate } from '$lib/utils/i18n';
 	import type { z } from 'zod';
+	import * as m from '$paraglide/messages';
 
 	export let ref_id: string;
 	export let name: string;
@@ -152,6 +153,10 @@
 						{/if}
 					{/each}
 				{/if}
+				{#if node.question.questions}
+					<span class="badge"
+					style="background-color: pink; color: {darkenColor("#FFC0CB", 0.5)}">{node.question.questions.length} {m.questionOrQuestions()}</span>
+				{/if}
 			</div>
 		</div>
 		{#if (threats && threats.length > 0) || (reference_controls && reference_controls.length > 0)}
diff --git a/frontend/src/routes/(app)/(third-party)/requirement-assessments/[id=uuid]/+page.svelte b/frontend/src/routes/(app)/(third-party)/requirement-assessments/[id=uuid]/+page.svelte
index b896c16e1..9d5df5109 100644
--- a/frontend/src/routes/(app)/(third-party)/requirement-assessments/[id=uuid]/+page.svelte
+++ b/frontend/src/routes/(app)/(third-party)/requirement-assessments/[id=uuid]/+page.svelte
@@ -9,6 +9,7 @@
 	import ModelTable from '$lib/components/ModelTable/ModelTable.svelte';
 	import { ProgressRadial, Tab, TabGroup } from '@skeletonlabs/skeleton';
 	import { displayScoreColor, formatScoreValue, getSecureRedirect } from '$lib/utils/helpers';
+	import { page } from '$app/stores';
 
 	export let data: PageData;
 	const threats = data.requirement.threats;
@@ -65,7 +66,7 @@
 	const max_score = data.complianceAssessmentScore.max_score;
 	const value = data.requirementAssessment.score;
 
-	let tabSet = 0;
+	let tabSet = $page.data.user.is_third_party ? 1: 0;
 </script>
 
 <div class="card space-y-2 p-4 bg-white shadow">
@@ -222,12 +223,14 @@
 	{/if}
 	<div>
 		<TabGroup>
-			<Tab bind:group={tabSet} name="compliance_assessments_tab" value={0}
-				>{m.appliedControls()}
-			</Tab>
+			{#if !$page.data.user.is_third_party}
+				<Tab bind:group={tabSet} name="compliance_assessments_tab" value={0}
+					>{m.appliedControls()}
+				</Tab>
+			{/if}
 			<Tab bind:group={tabSet} name="risk_assessments_tab" value={1}>{m.evidences()}</Tab>
 			<svelte:fragment slot="panel">
-				{#if tabSet === 0}
+				{#if tabSet === 0 && !$page.data.user.is_third_party}
 					<div class="flex items-center mb-2 px-2 text-xs space-x-2">
 						<i class="fa-solid fa-info-circle" />
 						<p>{m.requirementAppliedControlHelpText()}</p>

From 622222b82477e8ff8762aab5cd47e915fe471743 Mon Sep 17 00:00:00 2001
From: Mohamed-Hacene <mohamedhacene.b@gmail.com>
Date: Wed, 25 Sep 2024 16:14:35 +0200
Subject: [PATCH 07/26] chore: run format

---
 .../[id=uuid]/+page.svelte                    | 64 +++++++++----------
 .../[id=uuid]/TreeViewItemContent.svelte      |  5 +-
 .../[id=uuid]/+page.svelte                    |  2 +-
 .../[id=uuid]/edit/+page.svelte               |  2 +-
 4 files changed, 37 insertions(+), 36 deletions(-)

diff --git a/frontend/src/routes/(app)/(third-party)/compliance-assessments/[id=uuid]/+page.svelte b/frontend/src/routes/(app)/(third-party)/compliance-assessments/[id=uuid]/+page.svelte
index c74c5af59..f8f4d9887 100644
--- a/frontend/src/routes/(app)/(third-party)/compliance-assessments/[id=uuid]/+page.svelte
+++ b/frontend/src/routes/(app)/(third-party)/compliance-assessments/[id=uuid]/+page.svelte
@@ -283,45 +283,45 @@
 			/>
 		</div>
 		<div class="flex flex-col space-y-2 ml-4">
-				<div class="flex flex-row space-x-2">
-					<button class="btn variant-filled-primary w-full" use:popup={popupDownload}
-						><i class="fa-solid fa-download mr-2" />{m.exportButton()}</button
+			<div class="flex flex-row space-x-2">
+				<button class="btn variant-filled-primary w-full" use:popup={popupDownload}
+					><i class="fa-solid fa-download mr-2" />{m.exportButton()}</button
+				>
+				<div
+					class="card whitespace-nowrap bg-white py-2 w-fit shadow-lg space-y-1 z-10"
+					data-popup="popupDownload"
+				>
+					<p class="block px-4 py-2 text-sm text-gray-800">{m.complianceAssessment()}</p>
+
+					<a
+						href="/compliance-assessments/{data.compliance_assessment.id}/export/csv"
+						class="block px-4 py-2 text-sm text-gray-800 hover:bg-gray-200">... {m.asCSV()}</a
 					>
-					<div
-						class="card whitespace-nowrap bg-white py-2 w-fit shadow-lg space-y-1 z-10"
-						data-popup="popupDownload"
+					<a
+						href="/compliance-assessments/{data.compliance_assessment.id}/export"
+						class="block px-4 py-2 text-sm text-gray-800 hover:bg-gray-200">... {m.asZIP()}</a
 					>
-						<p class="block px-4 py-2 text-sm text-gray-800">{m.complianceAssessment()}</p>
-
-						<a
-							href="/compliance-assessments/{data.compliance_assessment.id}/export/csv"
-							class="block px-4 py-2 text-sm text-gray-800 hover:bg-gray-200">... {m.asCSV()}</a
-						>
+					{#if !$page.data.user.is_third_party}
+						<p class="block px-4 py-2 text-sm text-gray-800">{m.actionPlan()}</p>
 						<a
-							href="/compliance-assessments/{data.compliance_assessment.id}/export"
-							class="block px-4 py-2 text-sm text-gray-800 hover:bg-gray-200">... {m.asZIP()}</a
-						>
-						{#if !$page.data.user.is_third_party}
-							<p class="block px-4 py-2 text-sm text-gray-800">{m.actionPlan()}</p>
-							<a
-								href="/compliance-assessments/{data.compliance_assessment.id}/action-plan/export/pdf"
-								class="block px-4 py-2 text-sm text-gray-800 hover:bg-gray-200">... {m.asPDF()}</a
-							>
-						{/if}
-					</div>
-					{#if canEditObject}
-						<a
-							href={`${$page.url.pathname}/edit?next=${$page.url.pathname}`}
-							class="btn variant-filled-primary h-fit"
-							data-testid="edit-button"><i class="fa-solid fa-pen-to-square mr-2" /> {m.edit()}</a
+							href="/compliance-assessments/{data.compliance_assessment.id}/action-plan/export/pdf"
+							class="block px-4 py-2 text-sm text-gray-800 hover:bg-gray-200">... {m.asPDF()}</a
 						>
 					{/if}
 				</div>
-				{#if !$page.data.user.is_third_party}
-					<a href={`${$page.url.pathname}/action-plan`} class="btn variant-filled-primary h-fit"
-						><i class="fa-solid fa-heart-pulse mr-2" />{m.actionPlan()}</a
+				{#if canEditObject}
+					<a
+						href={`${$page.url.pathname}/edit?next=${$page.url.pathname}`}
+						class="btn variant-filled-primary h-fit"
+						data-testid="edit-button"><i class="fa-solid fa-pen-to-square mr-2" /> {m.edit()}</a
 					>
-				{/if}	
+				{/if}
+			</div>
+			{#if !$page.data.user.is_third_party}
+				<a href={`${$page.url.pathname}/action-plan`} class="btn variant-filled-primary h-fit"
+					><i class="fa-solid fa-heart-pulse mr-2" />{m.actionPlan()}</a
+				>
+			{/if}
 			<span class="pt-4 font-light text-sm">Power-ups:</span>
 			{#if !$page.data.user.is_third_party}
 				<a
diff --git a/frontend/src/routes/(app)/(third-party)/compliance-assessments/[id=uuid]/TreeViewItemContent.svelte b/frontend/src/routes/(app)/(third-party)/compliance-assessments/[id=uuid]/TreeViewItemContent.svelte
index 35493c800..4ab50040b 100644
--- a/frontend/src/routes/(app)/(third-party)/compliance-assessments/[id=uuid]/TreeViewItemContent.svelte
+++ b/frontend/src/routes/(app)/(third-party)/compliance-assessments/[id=uuid]/TreeViewItemContent.svelte
@@ -154,8 +154,9 @@
 					{/each}
 				{/if}
 				{#if node.question.questions}
-					<span class="badge"
-					style="background-color: pink; color: {darkenColor("#FFC0CB", 0.5)}">{node.question.questions.length} {m.questionOrQuestions()}</span>
+					<span class="badge" style="background-color: pink; color: {darkenColor('#FFC0CB', 0.5)}"
+						>{node.question.questions.length} {m.questionOrQuestions()}</span
+					>
 				{/if}
 			</div>
 		</div>
diff --git a/frontend/src/routes/(app)/(third-party)/requirement-assessments/[id=uuid]/+page.svelte b/frontend/src/routes/(app)/(third-party)/requirement-assessments/[id=uuid]/+page.svelte
index 9d5df5109..f1a4b46d9 100644
--- a/frontend/src/routes/(app)/(third-party)/requirement-assessments/[id=uuid]/+page.svelte
+++ b/frontend/src/routes/(app)/(third-party)/requirement-assessments/[id=uuid]/+page.svelte
@@ -66,7 +66,7 @@
 	const max_score = data.complianceAssessmentScore.max_score;
 	const value = data.requirementAssessment.score;
 
-	let tabSet = $page.data.user.is_third_party ? 1: 0;
+	let tabSet = $page.data.user.is_third_party ? 1 : 0;
 </script>
 
 <div class="card space-y-2 p-4 bg-white shadow">
diff --git a/frontend/src/routes/(app)/(third-party)/requirement-assessments/[id=uuid]/edit/+page.svelte b/frontend/src/routes/(app)/(third-party)/requirement-assessments/[id=uuid]/edit/+page.svelte
index 447fa4d48..b3dec230d 100644
--- a/frontend/src/routes/(app)/(third-party)/requirement-assessments/[id=uuid]/edit/+page.svelte
+++ b/frontend/src/routes/(app)/(third-party)/requirement-assessments/[id=uuid]/edit/+page.svelte
@@ -182,7 +182,7 @@
 	$: classesText =
 		complianceResultColorMap[mappingInference.result] === '#000000' ? 'text-white' : '';
 
-	let tabSet = $page.data.user.is_third_party ? 1: 0;
+	let tabSet = $page.data.user.is_third_party ? 1 : 0;
 </script>
 
 <div class="card space-y-2 p-4 bg-white shadow">

From 773e52c722937b87fe593b94c757a9176342f0f6 Mon Sep 17 00:00:00 2001
From: Mohamed-Hacene <mohamedhacene.b@gmail.com>
Date: Wed, 25 Sep 2024 16:30:37 +0200
Subject: [PATCH 08/26] feat: add questions in audit report

---
 backend/core/locale/fr/LC_MESSAGES/django.po  | 326 +++++++++---------
 backend/core/templates/snippets/req_node.html |  11 +
 backend/locale/fr/LC_MESSAGES/django.po       |  11 +-
 3 files changed, 185 insertions(+), 163 deletions(-)

diff --git a/backend/core/locale/fr/LC_MESSAGES/django.po b/backend/core/locale/fr/LC_MESSAGES/django.po
index 4c182e090..061ba6e20 100644
--- a/backend/core/locale/fr/LC_MESSAGES/django.po
+++ b/backend/core/locale/fr/LC_MESSAGES/django.po
@@ -8,7 +8,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: PACKAGE VERSION\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2024-09-13 19:22+0000\n"
+"POT-Creation-Date: 2024-09-25 14:29+0000\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"
@@ -52,7 +52,7 @@ msgstr "Nom"
 msgid "Description"
 msgstr "Description"
 
-#: core/base_models.py:126 core/models.py:1309
+#: core/base_models.py:126 core/models.py:1310
 #: core/templates/core/action_plan_pdf.html:46
 #: core/templates/snippets/mp_data.html:62
 msgid "ETA"
@@ -232,7 +232,7 @@ msgstr "Locale par défaut"
 msgid "Copyright"
 msgstr "Copyright"
 
-#: core/models.py:189 core/models.py:1443
+#: core/models.py:189 core/models.py:1444
 msgid "Version"
 msgstr "Version"
 
@@ -252,11 +252,11 @@ msgstr "Dépendances"
 msgid "Threat"
 msgstr "Menace"
 
-#: core/models.py:709 core/models.py:960 core/models.py:1849
+#: core/models.py:709 core/models.py:960 core/models.py:1850
 msgid "Threats"
 msgstr "Menaces"
 
-#: core/models.py:729 core/models.py:1414
+#: core/models.py:729 core/models.py:1415
 msgid "Policy"
 msgstr "Politique"
 
@@ -296,12 +296,12 @@ msgstr ""
 msgid "Recover"
 msgstr ""
 
-#: core/models.py:757 core/models.py:1283
+#: core/models.py:757 core/models.py:1284
 #: core/templates/core/action_plan_pdf.html:44
 msgid "Category"
 msgstr "Catégorie"
 
-#: core/models.py:765 core/models.py:1290
+#: core/models.py:765 core/models.py:1291
 #, fuzzy
 #| msgid "Search function..."
 msgid "CSF Function"
@@ -343,15 +343,15 @@ msgstr ""
 "Si la matrice de risque est désactivée, elle ne sera pas disponible pour la "
 "sélection lors de nouvelles évaluations de risque."
 
-#: core/models.py:891 core/models.py:2065
+#: core/models.py:891 core/models.py:2066
 msgid "Minimum score"
 msgstr "Score minimum"
 
-#: core/models.py:892 core/models.py:2066
+#: core/models.py:892 core/models.py:2067
 msgid "Maximum score"
 msgstr "Score maximum"
 
-#: core/models.py:894 core/models.py:2068
+#: core/models.py:894 core/models.py:2069
 msgid "Score definition"
 msgstr "Définition du score"
 
@@ -359,7 +359,7 @@ msgstr "Définition du score"
 msgid "Implementation groups definition"
 msgstr "Définition des groupes d'implémentation"
 
-#: core/models.py:908 core/models.py:974 core/models.py:2059
+#: core/models.py:908 core/models.py:974 core/models.py:2060
 #: core/templates/core/action_plan_pdf.html:20
 msgid "Framework"
 msgstr "Référentiel"
@@ -486,7 +486,7 @@ msgstr "Exigence source"
 msgid "Strength of relationship"
 msgstr ""
 
-#: core/models.py:1103 core/models.py:1251
+#: core/models.py:1103 core/models.py:1252
 msgid "Undefined"
 msgstr "Non défini"
 
@@ -514,13 +514,13 @@ msgstr "Abandonné"
 msgid "Internal reference"
 msgstr "Référence interne"
 
-#: core/models.py:1117 core/models.py:1297 core/models.py:1450
-#: core/models.py:2497 core/templates/snippets/mp_data.html:66
+#: core/models.py:1117 core/models.py:1298 core/models.py:1451
+#: core/models.py:2498 core/templates/snippets/mp_data.html:66
 #: core/templates/snippets/ri_list_nested.html:31
 msgid "Status"
 msgstr "Statut"
 
-#: core/models.py:1122 core/models.py:1436 core/models.py:1929
+#: core/models.py:1122 core/models.py:1437 core/models.py:1930
 #: core/templates/core/action_plan_pdf.html:16
 #: core/templates/snippets/mp_data.html:7
 msgid "Project"
@@ -550,7 +550,7 @@ msgstr "type"
 msgid "parent assets"
 msgstr "actifs parents"
 
-#: core/models.py:1172 core/models.py:1836
+#: core/models.py:1172 core/models.py:1837
 msgid "Assets"
 msgstr "Actifs"
 
@@ -567,181 +567,181 @@ msgstr ""
 msgid "Attachment"
 msgstr "Pièce jointe"
 
-#: core/models.py:1210
+#: core/models.py:1211
 msgid "Link to the evidence (eg. Jira ticket, etc.)"
 msgstr "Lien vers la preuve (par ex. billet Jira, etc.)"
 
-#: core/models.py:1211 core/models.py:1322
+#: core/models.py:1212 core/models.py:1323
 #: core/templates/snippets/mp_data.html:65
 msgid "Link"
 msgstr "Lien"
 
-#: core/models.py:1217
+#: core/models.py:1218
 msgid "Evidence"
 msgstr "Preuve"
 
-#: core/models.py:1218 core/models.py:1275 core/models.py:2517
+#: core/models.py:1219 core/models.py:1276 core/models.py:2518
 msgid "Evidences"
 msgstr "Preuves"
 
-#: core/models.py:1246 core/models.py:2481
+#: core/models.py:1247 core/models.py:2482
 msgid "To do"
 msgstr "À faire"
 
-#: core/models.py:1247 core/models.py:1430 core/models.py:2482
+#: core/models.py:1248 core/models.py:1431 core/models.py:2483
 msgid "In progress"
 msgstr "En cours"
 
-#: core/models.py:1248
+#: core/models.py:1249
 msgid "On hold"
 msgstr ""
 
-#: core/models.py:1249
+#: core/models.py:1250
 msgid "Active"
 msgstr "Actif"
 
-#: core/models.py:1250 core/models.py:1433
+#: core/models.py:1251 core/models.py:1434
 msgid "Deprecated"
 msgstr "Déprécié"
 
-#: core/models.py:1257
+#: core/models.py:1258
 msgid "Small"
 msgstr "Petit"
 
-#: core/models.py:1258 core/models.py:1813 core/tests/test_helpers.py:77
+#: core/models.py:1259 core/models.py:1814 core/tests/test_helpers.py:77
 #: core/tests/test_helpers.py:142
 msgid "Medium"
 msgstr "Moyen"
 
-#: core/models.py:1259
+#: core/models.py:1260
 msgid "Large"
 msgstr "Grand"
 
-#: core/models.py:1260
+#: core/models.py:1261
 msgid "Extra Large"
 msgstr "Extra large"
 
-#: core/models.py:1270
+#: core/models.py:1271
 msgid "Reference Control"
 msgstr "Mesure de référence"
 
-#: core/models.py:1302 core/models.py:1865
+#: core/models.py:1303 core/models.py:1866
 msgid "Owner"
 msgstr "Propriétaire"
 
-#: core/models.py:1308
+#: core/models.py:1309
 msgid "Estimated Time of Arrival"
 msgstr "Heure d'arrivée estimée"
 
-#: core/models.py:1314
+#: core/models.py:1315
 msgid "Date after which the applied control is no longer valid"
 msgstr "Date à partir de laquelle la mesure appliquée n'est plus valide"
 
-#: core/models.py:1315 core/models.py:2625
+#: core/models.py:1316 core/models.py:2626
 #: core/templates/core/action_plan_pdf.html:47
 msgid "Expiry date"
 msgstr "Date d'expiration"
 
-#: core/models.py:1321
+#: core/models.py:1322
 msgid "External url for action follow-up (eg. Jira ticket)"
 msgstr "URL externe pour le suivi de l'action (par ex. billet Jira)"
 
-#: core/models.py:1329
+#: core/models.py:1330
 msgid "Relative effort of the measure (using T-Shirt sizing)"
 msgstr "Effort relatif de la mesure (en utilisant la taille des T-shirts)"
 
-#: core/models.py:1330 core/templates/core/action_plan_pdf.html:48
+#: core/models.py:1331 core/templates/core/action_plan_pdf.html:48
 #: core/templates/snippets/mp_data.html:63
 msgid "Effort"
 msgstr "Effort"
 
-#: core/models.py:1334
+#: core/models.py:1335
 msgid "Cost of the measure (using globally-chosen currency)"
 msgstr ""
 
-#: core/models.py:1335 core/templates/core/action_plan_pdf.html:49
+#: core/models.py:1336 core/templates/core/action_plan_pdf.html:49
 #: core/templates/snippets/mp_data.html:64
 msgid "Cost"
 msgstr ""
 
-#: core/models.py:1341
+#: core/models.py:1342
 msgid "Applied control"
 msgstr "Mesure appliqué"
 
-#: core/models.py:1342 core/models.py:1843 core/models.py:2533
+#: core/models.py:1343 core/models.py:1844 core/models.py:2534
 msgid "Applied controls"
 msgstr "Mesures appliquées"
 
-#: core/models.py:1415
+#: core/models.py:1416
 msgid "Policies"
 msgstr "Politiques"
 
-#: core/models.py:1429
+#: core/models.py:1430
 msgid "Planned"
 msgstr "Planifié"
 
-#: core/models.py:1431 core/models.py:2483
+#: core/models.py:1432 core/models.py:2484
 msgid "In review"
 msgstr "En examen"
 
-#: core/models.py:1432 core/models.py:2484
+#: core/models.py:1433 core/models.py:2485
 msgid "Done"
 msgstr "Terminé"
 
-#: core/models.py:1442
+#: core/models.py:1443
 msgid "Version of the compliance assessment (eg. 1.0, 2.0, etc.)"
 msgstr "Version de l'évaluation de conformité (par ex. 1.0, 2.0, etc.)"
 
-#: core/models.py:1457
+#: core/models.py:1458
 msgid "Authors"
 msgstr "Auteurs"
 
-#: core/models.py:1463 core/templates/core/audit_report.html:35
+#: core/models.py:1464 core/templates/core/audit_report.html:35
 msgid "Reviewers"
 msgstr "Relecteurs"
 
-#: core/models.py:1466 core/models.py:2520
+#: core/models.py:1467 core/models.py:2521
 msgid "Observation"
 msgstr "Observation"
 
-#: core/models.py:1483
+#: core/models.py:1484
 msgid "WARNING! After choosing it, you will not be able to change it"
 msgstr ""
 "ATTENTION ! Une fois que vous l'aurez choisi, vous ne pourrez plus le "
 "modifier."
 
-#: core/models.py:1484
+#: core/models.py:1485
 msgid "Risk matrix"
 msgstr "Matrice de risque"
 
-#: core/models.py:1488 core/templates/snippets/mp_data.html:9
+#: core/models.py:1489 core/templates/snippets/mp_data.html:9
 #: core/templates/snippets/ra_data.html:8
 msgid "Risk assessment"
 msgstr "Évaluation de risque"
 
-#: core/models.py:1489
+#: core/models.py:1490
 msgid "Risk assessments"
 msgstr "Évaluations de risque"
 
-#: core/models.py:1513
+#: core/models.py:1514
 msgid "{}: Risk assessment is still in progress"
 msgstr "{} : L'évaluation des risques est toujours en cours"
 
-#: core/models.py:1524
+#: core/models.py:1525
 msgid "{}: No author assigned to this risk assessment"
 msgstr "{} : Aucun auteur n'a été affecté à cette évaluation des risques"
 
-#: core/models.py:1536
+#: core/models.py:1537
 msgid "{}: RiskAssessment is empty. No risk scenario declared yet"
 msgstr ""
 "{} : L'évaluation des risques est vide. Aucun scénario de risque n'a encore "
 "été déclaré."
 
-#: core/models.py:1557
+#: core/models.py:1558
 msgid "{} current risk level has not been assessed"
 msgstr "{} : Le niveau de risque actuel n'a pas été évalué"
 
-#: core/models.py:1570
+#: core/models.py:1571
 msgid ""
 "{} residual risk level has not been assessed. If no additional measures are "
 "applied, it should be at the same level as the current risk"
@@ -750,43 +750,43 @@ msgstr ""
 "mesures supplémentaires appliquées, il devrait être au même niveau que le "
 "risque actuel."
 
-#: core/models.py:1581
+#: core/models.py:1582
 msgid "{} residual risk level is higher than the current one"
 msgstr "{} : Le niveau de risque résiduel est supérieur à l'actuel"
 
-#: core/models.py:1593
+#: core/models.py:1594
 msgid "{} residual risk probability is higher than the current one"
 msgstr "{} : La probabilité de risque résiduel est supérieure à l'actuelle"
 
-#: core/models.py:1605
+#: core/models.py:1606
 msgid "{} residual risk impact is higher than the current one"
 msgstr "{} : L'impact du risque résiduel est supérieur à l'actuel"
 
-#: core/models.py:1626
+#: core/models.py:1627
 msgid "{}: residual risk level has been lowered without any specific measure"
 msgstr ""
 "{} : Le niveau de risque résiduel a été réduit sans aucune mesure spécifique"
 
-#: core/models.py:1640
+#: core/models.py:1641
 msgid "{} risk accepted but no risk acceptance attached"
 msgstr "{} : Risque accepté mais aucune acceptation de risque jointe"
 
-#: core/models.py:1663
+#: core/models.py:1664
 msgid "{} does not have an ETA"
 msgstr "{} : Pas d'ETA"
 
-#: core/models.py:1675
+#: core/models.py:1676
 msgid "{} ETA is in the past now. Consider updating its status or the date"
 msgstr ""
 "{} : L'ETA est dans le passé maintenant. Envisagez de mettre à jour son "
 "statut ou la date."
 
-#: core/models.py:1688
+#: core/models.py:1689
 msgid ""
 "{} does not have an estimated effort. This will help you for prioritization"
 msgstr "{} : Pas d'effort estimé. Cela vous aidera pour la prioritisation"
 
-#: core/models.py:1701
+#: core/models.py:1702
 #, fuzzy
 #| msgid ""
 #| "{} does not have an estimated effort. This will help you for "
@@ -795,7 +795,7 @@ msgid ""
 "{} does not have an estimated cost. This will help you for prioritization"
 msgstr "{} : Pas d'effort estimé. Cela vous aidera pour la prioritisation"
 
-#: core/models.py:1714
+#: core/models.py:1715
 msgid ""
 "{}: Applied control does not have an external link attached. This will help "
 "you for follow-up"
@@ -803,112 +803,112 @@ msgstr ""
 "{} : La mesure appliquée ne comporte pas de lien externe joint. Cela vous "
 "aidera pour le suivi"
 
-#: core/models.py:1737
+#: core/models.py:1738
 msgid "{}: Acceptance has no expiry date"
 msgstr "{} : L'acceptation n'a pas de date d'expiration"
 
-#: core/models.py:1751
+#: core/models.py:1752
 msgid "{}: Acceptance has expired. Consider updating the status or the date"
 msgstr ""
 "{} : L'acceptation a expiré. Envisagez de mettre à jour le statut ou la date."
 
-#: core/models.py:1780
+#: core/models.py:1781
 msgid "Open"
 msgstr "Ouvert"
 
-#: core/models.py:1781
+#: core/models.py:1782
 msgid "Mitigate"
 msgstr "Atténuer"
 
-#: core/models.py:1782
+#: core/models.py:1783
 msgid "Accept"
 msgstr "Accepter"
 
-#: core/models.py:1783
+#: core/models.py:1784
 msgid "Avoid"
 msgstr "Éviter"
 
-#: core/models.py:1784
+#: core/models.py:1785
 msgid "Transfer"
 msgstr "Transférer"
 
-#: core/models.py:1788
+#: core/models.py:1789
 msgid "Financial"
 msgstr ""
 
-#: core/models.py:1789
+#: core/models.py:1790
 msgid "Legal"
 msgstr ""
 
-#: core/models.py:1790
+#: core/models.py:1791
 #, fuzzy
 #| msgid "Rationale"
 msgid "Reputation"
 msgstr "Raison"
 
-#: core/models.py:1791
+#: core/models.py:1792
 #, fuzzy
 #| msgid "Observation"
 msgid "Operational"
 msgstr "Observation"
 
-#: core/models.py:1792
+#: core/models.py:1793
 msgid "Confidentiality"
 msgstr ""
 
-#: core/models.py:1793
+#: core/models.py:1794
 msgid "Integrity"
 msgstr ""
 
-#: core/models.py:1794
+#: core/models.py:1795
 #, fuzzy
 #| msgid "Probability"
 msgid "Availability"
 msgstr "Probabilité"
 
-#: core/models.py:1795
+#: core/models.py:1796
 msgid "Authenticity"
 msgstr ""
 
-#: core/models.py:1800
+#: core/models.py:1801
 msgid "--"
 msgstr "--"
 
-#: core/models.py:1802
+#: core/models.py:1803
 msgid "The strength of the knowledge supporting the assessment is undefined"
 msgstr "La force de la connaissance soutenant l'évaluation est indéfinie"
 
-#: core/models.py:1806 core/tests/test_helpers.py:76
+#: core/models.py:1807 core/tests/test_helpers.py:76
 #: core/tests/test_helpers.py:141
 msgid "Low"
 msgstr "Faible"
 
-#: core/models.py:1808
+#: core/models.py:1809
 msgid "The strength of the knowledge supporting the assessment is low"
 msgstr "La force de la connaissance soutenant l'évaluation est faible"
 
-#: core/models.py:1815
+#: core/models.py:1816
 msgid "The strength of the knowledge supporting the assessment is medium"
 msgstr "La force de la connaissance soutenant l'évaluation est moyenne"
 
-#: core/models.py:1820 core/tests/test_helpers.py:78
+#: core/models.py:1821 core/tests/test_helpers.py:78
 #: core/tests/test_helpers.py:143
 msgid "High"
 msgstr "Élevé"
 
-#: core/models.py:1822
+#: core/models.py:1823
 msgid "The strength of the knowledge supporting the assessment is high"
 msgstr "La force de la connaissance soutenant l'évaluation est élevée"
 
-#: core/models.py:1831
+#: core/models.py:1832
 msgid "RiskAssessment"
 msgstr "ÉvaluationDesRisques"
 
-#: core/models.py:1838
+#: core/models.py:1839
 msgid "Assets impacted by the risk scenario"
 msgstr "Actifs impactés par le scénario de risque"
 
-#: core/models.py:1856
+#: core/models.py:1857
 msgid ""
 "The existing controls to manage this risk. Edit the risk scenario to add "
 "extra applied controls."
@@ -916,24 +916,24 @@ msgstr ""
 "Les mesures existantes pour gérer ce risque. Modifiez le scénario de risque "
 "pour ajouter des mesures appliquées supplémentaires."
 
-#: core/models.py:1858 core/templates/snippets/mp_data.html:48
+#: core/models.py:1859 core/templates/snippets/mp_data.html:48
 #: core/templates/snippets/ri_list_nested.html:22
 msgid "Existing controls"
 msgstr "Mesures existantes"
 
-#: core/models.py:1870
+#: core/models.py:1871
 msgid "Current probability"
 msgstr "Probabilité actuelle"
 
-#: core/models.py:1873
+#: core/models.py:1874
 msgid "Current impact"
 msgstr "Impact actuel"
 
-#: core/models.py:1877
+#: core/models.py:1878
 msgid "Current level"
 msgstr "Niveau actuel"
 
-#: core/models.py:1879
+#: core/models.py:1880
 msgid ""
 "The risk level given the current measures. Automatically updated on Save, "
 "based on the chosen risk matrix"
@@ -942,19 +942,19 @@ msgstr ""
 "automatiquement lors de l'enregistrement, sur la base de la matrice de "
 "risque choisie."
 
-#: core/models.py:1885
+#: core/models.py:1886
 msgid "Residual probability"
 msgstr "Probabilité résiduelle"
 
-#: core/models.py:1888
+#: core/models.py:1889
 msgid "Residual impact"
 msgstr "Impact résiduel"
 
-#: core/models.py:1892
+#: core/models.py:1893
 msgid "Residual level"
 msgstr "Niveau résiduel"
 
-#: core/models.py:1894
+#: core/models.py:1895
 msgid ""
 "The risk level when all the extra measures are done. Automatically updated "
 "on Save, based on the chosen risk matrix"
@@ -963,61 +963,61 @@ msgstr ""
 "œuvre. Mis à jour automatiquement lors de l'enregistrement, sur la base de "
 "la matrice de risque choisie."
 
-#: core/models.py:1902
+#: core/models.py:1903
 msgid "Treatment status"
 msgstr "Statut de traitement"
 
-#: core/models.py:1905
+#: core/models.py:1906
 #, fuzzy
 #| msgid "Justification"
 msgid "Qualifications"
 msgstr "Justification"
 
-#: core/models.py:1909
+#: core/models.py:1910
 msgid "Strength of Knowledge"
 msgstr "Force de la connaissance"
 
-#: core/models.py:1910
+#: core/models.py:1911
 msgid "The strength of the knowledge supporting the assessment"
 msgstr "La force de la connaissance soutenant l'évaluation"
 
-#: core/models.py:1913 core/models.py:2637
+#: core/models.py:1914 core/models.py:2638
 msgid "Justification"
 msgstr "Justification"
 
-#: core/models.py:1919
+#: core/models.py:1920
 msgid "Risk scenario"
 msgstr "Scénario de risque"
 
-#: core/models.py:1920 core/models.py:2602
+#: core/models.py:1921 core/models.py:2603
 msgid "Risk scenarios"
 msgstr "Scénarios de risque"
 
-#: core/models.py:2030
+#: core/models.py:2031
 msgid ": "
 msgstr ": "
 
-#: core/models.py:2062 core/templates/core/audit_report.html:43
+#: core/models.py:2063 core/templates/core/audit_report.html:43
 msgid "Selected implementation groups"
 msgstr "Groupes d'implémentation sélectionnés"
 
-#: core/models.py:2072 core/models.py:2524
+#: core/models.py:2073 core/models.py:2525
 msgid "Compliance assessment"
 msgstr "Évaluation de conformité"
 
-#: core/models.py:2073
+#: core/models.py:2074
 msgid "Compliance assessments"
 msgstr "Évaluations de conformité"
 
-#: core/models.py:2310
+#: core/models.py:2311
 msgid "{}: Compliance assessment is still in progress"
 msgstr "{} : L'évaluation de la conformité est toujours en cours"
 
-#: core/models.py:2323
+#: core/models.py:2324
 msgid "{}: No author assigned to this compliance assessment"
 msgstr "{} : Aucun auteur n'a été affecté à cette évaluation de conformité"
 
-#: core/models.py:2350
+#: core/models.py:2351
 #, fuzzy
 #| msgid ""
 #| "{}: Requirement assessment status is compliant or partially compliant "
@@ -1029,94 +1029,94 @@ msgstr ""
 "{} : Le statut de l'évaluation de l'exigence est conforme ou partiellement "
 "conforme, sans aucun mesure appliquée"
 
-#: core/models.py:2375
+#: core/models.py:2376
 msgid "{}: Applied control has no reference control selected"
 msgstr ""
 "{} : La mesure appliquée ne comporte pas de mesure de référence sélectionné"
 
-#: core/models.py:2401
+#: core/models.py:2402
 msgid "{}: Evidence has no file uploaded"
 msgstr "{} : La preuve ne comporte pas de fichier téléchargé"
 
-#: core/models.py:2487
+#: core/models.py:2488
 msgid "Not assessed"
 msgstr "Non évalué"
 
-#: core/models.py:2488
+#: core/models.py:2489
 msgid "Partially compliant"
 msgstr "Partiellement conforme"
 
-#: core/models.py:2489
+#: core/models.py:2490
 #, fuzzy
 #| msgid "Non compliant"
 msgid "Non-compliant"
 msgstr "Non conforme"
 
-#: core/models.py:2490
+#: core/models.py:2491
 msgid "Compliant"
 msgstr "Conforme"
 
-#: core/models.py:2491
+#: core/models.py:2492
 msgid "Not applicable"
 msgstr "Non applicable"
 
-#: core/models.py:2502
+#: core/models.py:2503
 msgid "Result"
 msgstr "Résultat"
 
-#: core/models.py:2508
+#: core/models.py:2509
 msgid "Score"
 msgstr "Score"
 
-#: core/models.py:2512
+#: core/models.py:2513
 msgid "Is scored"
 msgstr "Est noté"
 
-#: core/models.py:2528
+#: core/models.py:2529
 msgid "Requirement"
 msgstr "Exigence"
 
-#: core/models.py:2538
+#: core/models.py:2539
 msgid "Selected"
 msgstr "Sélectionné"
 
-#: core/models.py:2542
+#: core/models.py:2543
 msgid "Mapping inference"
 msgstr "Inference de mapping"
 
-#: core/models.py:2547
+#: core/models.py:2548
 msgid "Answer"
 msgstr ""
 
-#: core/models.py:2584
+#: core/models.py:2585
 msgid "Requirement assessment"
 msgstr "Évaluation de l'exigence"
 
-#: core/models.py:2585
+#: core/models.py:2586
 msgid "Requirement assessments"
 msgstr "Évaluations de l'exigence"
 
-#: core/models.py:2593
+#: core/models.py:2594
 msgid "Created"
 msgstr "Créé"
 
-#: core/models.py:2594
+#: core/models.py:2595
 msgid "Submitted"
 msgstr "Soumis"
 
-#: core/models.py:2595
+#: core/models.py:2596
 msgid "Accepted"
 msgstr "Accepté"
 
-#: core/models.py:2596
+#: core/models.py:2597
 msgid "Rejected"
 msgstr "Rejeté"
 
-#: core/models.py:2597
+#: core/models.py:2598
 msgid "Revoked"
 msgstr "Révoqué"
 
-#: core/models.py:2604
+#: core/models.py:2605
 msgid ""
 "Select the risk scenarios to be accepted, attention they must be part of the "
 "chosen domain"
@@ -1124,39 +1124,39 @@ msgstr ""
 "Sélectionnez les scénarios de risque à accepter, faites attention, ils "
 "doivent faire partie du domaine choisi"
 
-#: core/models.py:2610
+#: core/models.py:2611
 msgid "Risk owner and approver identity"
 msgstr "Identité du propriétaire du risque et de l'approbateur"
 
-#: core/models.py:2611 core/utils.py:50 core/utils.py:57 core/utils.py:60
+#: core/models.py:2612 core/utils.py:52 core/utils.py:60 core/utils.py:63
 msgid "Approver"
 msgstr "Approbateur"
 
-#: core/models.py:2620
+#: core/models.py:2621
 msgid "State"
 msgstr "État"
 
-#: core/models.py:2623
+#: core/models.py:2624
 msgid "Specify when the risk acceptance will no longer apply"
 msgstr "Précisez quand l'acceptation du risque ne sera plus valable"
 
-#: core/models.py:2628
+#: core/models.py:2629
 msgid "Acceptance date"
 msgstr "Date d'acceptation"
 
-#: core/models.py:2631
+#: core/models.py:2632
 msgid "Rejection date"
 msgstr "Date de rejet"
 
-#: core/models.py:2634
+#: core/models.py:2635
 msgid "Revocation date"
 msgstr "Date de révocation"
 
-#: core/models.py:2646
+#: core/models.py:2647
 msgid "Risk acceptance"
 msgstr "Acceptation du risque"
 
-#: core/models.py:2647
+#: core/models.py:2648
 msgid "Risk acceptances"
 msgstr "Acceptations du risque"
 
@@ -1375,21 +1375,25 @@ msgstr "Actuel"
 msgid "Residual"
 msgstr "Résiduel"
 
-#: core/templates/snippets/req_node.html:27
+#: core/templates/snippets/req_node.html:32
+msgid "No answer"
+msgstr "Aucun réponse"
+
+#: core/templates/snippets/req_node.html:38
 #, fuzzy
 #| msgid "Observation"
 msgid "Observation:"
 msgstr "Observation"
 
-#: core/templates/snippets/req_node.html:36
+#: core/templates/snippets/req_node.html:47
 msgid "Associated evidence:"
 msgstr "Preuves associées :"
 
-#: core/templates/snippets/req_node.html:50
+#: core/templates/snippets/req_node.html:61
 msgid "Applied controls:"
 msgstr "Mesures appliquées :"
 
-#: core/templates/snippets/req_node.html:51
+#: core/templates/snippets/req_node.html:62
 msgid "Evidence of applied controls:"
 msgstr "Preuves des mesures appliquées :"
 
@@ -1443,30 +1447,38 @@ msgstr "Très faible"
 msgid "Very High"
 msgstr "Très élevé"
 
-#: core/utils.py:47 core/utils.py:55
+#: core/utils.py:49 core/utils.py:58
 msgid "Administrator"
 msgstr "Administrateur"
 
-#: core/utils.py:48 core/utils.py:58
+#: core/utils.py:50 core/utils.py:61
 msgid "Domain manager"
 msgstr "Gestionnaire de domaine"
 
-#: core/utils.py:49 core/utils.py:59
+#: core/utils.py:51 core/utils.py:62
 msgid "Analyst"
 msgstr "Analyste"
 
-#: core/utils.py:51 core/utils.py:56 core/utils.py:61
+#: core/utils.py:53 core/utils.py:59 core/utils.py:64
 msgid "Reader"
 msgstr "Lecteur"
 
-#: core/utils.py:70
+#: core/utils.py:54 core/utils.py:65
+msgid "Third-party respondent"
+msgstr ""
+
+#: core/utils.py:74
 msgid "French"
 msgstr "Français"
 
-#: core/utils.py:71
+#: core/utils.py:75
 msgid "English"
 msgstr "Anglais"
 
+#: core/views.py:1668
+msgid "CISO Assistant: A questionnaire has been assigned to you"
+msgstr ""
+
 #~ msgid "Inactive"
 #~ msgstr "Inactif"
 
diff --git a/backend/core/templates/snippets/req_node.html b/backend/core/templates/snippets/req_node.html
index 091e8439b..d90c910fe 100644
--- a/backend/core/templates/snippets/req_node.html
+++ b/backend/core/templates/snippets/req_node.html
@@ -23,6 +23,17 @@
             {% if node.assessments.requirement.description %}
                 <div class='text-left w-full'>{{ node.assessments.requirement.get_description_translated }}</div>
             {% endif %}
+            {% if node.assessments.answer %}
+                {% for question in node.assessments.answer.questions %}
+                    <div class='text-left w-full'><p class="font-semibold">{{ question.text }}</p>
+                        {% if question.answer %}
+                            <span style="color: indigo;">{{ question.answer }}</span>
+                        {% else %}
+                            <span style="color: gray;"> {% trans "No answer" %}</span>
+                        {% endif %}
+                    </div>
+                {% endfor %}
+            {% endif %}
             {% if node.assessments.observation %}
                 <div class='text-left w-full'><p class="font-semibold">{% trans "Observation:" %}<p> {{ node.assessments.observation }}</div>
             {% endif %}
diff --git a/backend/locale/fr/LC_MESSAGES/django.po b/backend/locale/fr/LC_MESSAGES/django.po
index 0f8fd93e6..01d714301 100644
--- a/backend/locale/fr/LC_MESSAGES/django.po
+++ b/backend/locale/fr/LC_MESSAGES/django.po
@@ -8,7 +8,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: PACKAGE VERSION\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2024-09-13 19:22+0000\n"
+"POT-Creation-Date: 2024-09-25 14:29+0000\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"
@@ -156,7 +156,7 @@ msgstr ""
 msgid "Key"
 msgstr ""
 
-#: iam/views.py:96
+#: iam/views.py:97
 msgid "CISO Assistant: Password Reset"
 msgstr ""
 
@@ -236,10 +236,9 @@ msgstr ""
 msgid "Solution"
 msgstr ""
 
-#: tprm/serializers.py:61 tprm/serializers.py:96
+#: tprm/serializers.py:73
 msgid "Framework required"
 msgstr ""
 
-#: tprm/serializers.py:116
-msgid "CISO Assistant: A questionnaire has been assigned to you"
-msgstr "CISO Assistant: Un questionnaire vous a été assigné"
+#~ msgid "CISO Assistant: A questionnaire has been assigned to you"
+#~ msgstr "CISO Assistant: Un questionnaire vous a été assigné"

From 4457da6eb89f06f6b3ec357f8b514b72221f68c2 Mon Sep 17 00:00:00 2001
From: Mohamed-Hacene <mohamedhacene.b@gmail.com>
Date: Wed, 25 Sep 2024 16:33:46 +0200
Subject: [PATCH 09/26] feat: hide csv export for third party

---
 .../compliance-assessments/[id=uuid]/+page.svelte     | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/frontend/src/routes/(app)/(third-party)/compliance-assessments/[id=uuid]/+page.svelte b/frontend/src/routes/(app)/(third-party)/compliance-assessments/[id=uuid]/+page.svelte
index f8f4d9887..f6571e628 100644
--- a/frontend/src/routes/(app)/(third-party)/compliance-assessments/[id=uuid]/+page.svelte
+++ b/frontend/src/routes/(app)/(third-party)/compliance-assessments/[id=uuid]/+page.svelte
@@ -292,11 +292,12 @@
 					data-popup="popupDownload"
 				>
 					<p class="block px-4 py-2 text-sm text-gray-800">{m.complianceAssessment()}</p>
-
-					<a
-						href="/compliance-assessments/{data.compliance_assessment.id}/export/csv"
-						class="block px-4 py-2 text-sm text-gray-800 hover:bg-gray-200">... {m.asCSV()}</a
-					>
+					{#if !$page.data.user.is_third_party}
+						<a
+							href="/compliance-assessments/{data.compliance_assessment.id}/export/csv"
+							class="block px-4 py-2 text-sm text-gray-800 hover:bg-gray-200">... {m.asCSV()}</a
+						>
+					{/if}
 					<a
 						href="/compliance-assessments/{data.compliance_assessment.id}/export"
 						class="block px-4 py-2 text-sm text-gray-800 hover:bg-gray-200">... {m.asZIP()}</a

From 2a2284cc13fabf40346dace2d826822166fb3a5a Mon Sep 17 00:00:00 2001
From: Mohamed-Hacene <mohamedhacene.b@gmail.com>
Date: Fri, 27 Sep 2024 10:51:06 +0200
Subject: [PATCH 10/26] feat: align tprm permissions with access control model

---
 backend/core/startup.py                                   | 1 +
 backend/iam/models.py                                     | 8 +++++++-
 backend/iam/views.py                                      | 1 +
 .../src/lib/components/SideBar/SideBarNavigation.svelte   | 6 +++++-
 frontend/src/lib/components/SideBar/navData.ts            | 3 ++-
 5 files changed, 16 insertions(+), 3 deletions(-)

diff --git a/backend/core/startup.py b/backend/core/startup.py
index f6755dffd..7d19b5120 100644
--- a/backend/core/startup.py
+++ b/backend/core/startup.py
@@ -289,6 +289,7 @@
     "add_evidence",
     "change_evidence",
     "delete_evidence",
+    "view_folder"
 ]
 
 
diff --git a/backend/iam/models.py b/backend/iam/models.py
index 08b21d686..788fe6cfc 100644
--- a/backend/iam/models.py
+++ b/backend/iam/models.py
@@ -469,6 +469,12 @@ def mailing(self, email_template_name, subject, object="", object_id="", pk=Fals
     def get_user_groups(self):
         """get the list of user groups containing the user in the form (group_name, builtin)"""
         return [(x.__str__(), x.builtin) for x in self.user_groups.all()]
+    
+    def get_roles(self):
+        """get the list of roles attached to the user"""
+        return list(self.user_groups.all()
+                .values_list('roleassignment__role__name', flat=True)
+                .distinct())
 
     @property
     def has_backup_permission(self) -> bool:
@@ -655,7 +661,7 @@ def get_accessible_object_ids(
         for ra in [
             x
             for x in RoleAssignment.get_role_assignments(user)
-            if ref_permission in x.role.permissions.all() or user.is_third_party
+            if ref_permission in x.role.permissions.all()
         ]:
             ra_permissions = ra.role.permissions.all()
             for my_folder in perimeter & set(ra.perimeter_folders.all()):
diff --git a/backend/iam/views.py b/backend/iam/views.py
index 72e4b2f9e..942ae18b5 100644
--- a/backend/iam/views.py
+++ b/backend/iam/views.py
@@ -75,6 +75,7 @@ def get(self, request) -> Response:
             "is_active": request.user.is_active,
             "date_joined": request.user.date_joined,
             "user_groups": request.user.get_user_groups(),
+            "roles": request.user.get_roles(),
             "permissions": request.user.permissions,
             "is_third_party": request.user.is_third_party,
         }
diff --git a/frontend/src/lib/components/SideBar/SideBarNavigation.svelte b/frontend/src/lib/components/SideBar/SideBarNavigation.svelte
index 3d01ba382..273771c29 100644
--- a/frontend/src/lib/components/SideBar/SideBarNavigation.svelte
+++ b/frontend/src/lib/components/SideBar/SideBarNavigation.svelte
@@ -27,7 +27,11 @@
 		.map((item) => {
 			// Check and filter the sub-items based on user permissions
 			const filteredSubItems = item.items.filter((subItem) => {
-				if (subItem.permissions) {
+				if (subItem.exclude){
+					return subItem.exclude.some((role) =>
+						!user.roles.includes(role)
+					);
+				} else if (subItem.permissions) {
 					return subItem.permissions.some((permission) =>
 						Object.hasOwn(user.permissions, permission)
 					);
diff --git a/frontend/src/lib/components/SideBar/navData.ts b/frontend/src/lib/components/SideBar/navData.ts
index baa13b253..5842e1417 100644
--- a/frontend/src/lib/components/SideBar/navData.ts
+++ b/frontend/src/lib/components/SideBar/navData.ts
@@ -127,7 +127,8 @@ export const navData = {
 				{
 					name: 'domains',
 					fa_icon: 'fa-solid fa-sitemap',
-					href: '/folders'
+					href: '/folders',
+					exclude: ['BI-RL-TPR']
 				},
 				{
 					name: 'projects',

From 4e9bce629396e44556524953f3bad11ec64e4497 Mon Sep 17 00:00:00 2001
From: Mohamed-Hacene <mohamedhacene.b@gmail.com>
Date: Fri, 27 Sep 2024 10:51:55 +0200
Subject: [PATCH 11/26] chore: run format

---
 backend/core/startup.py                                |  2 +-
 backend/iam/models.py                                  | 10 ++++++----
 .../lib/components/SideBar/SideBarNavigation.svelte    |  6 ++----
 3 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/backend/core/startup.py b/backend/core/startup.py
index 7d19b5120..ec5079096 100644
--- a/backend/core/startup.py
+++ b/backend/core/startup.py
@@ -289,7 +289,7 @@
     "add_evidence",
     "change_evidence",
     "delete_evidence",
-    "view_folder"
+    "view_folder",
 ]
 
 
diff --git a/backend/iam/models.py b/backend/iam/models.py
index 788fe6cfc..c0b6ccd8c 100644
--- a/backend/iam/models.py
+++ b/backend/iam/models.py
@@ -469,12 +469,14 @@ def mailing(self, email_template_name, subject, object="", object_id="", pk=Fals
     def get_user_groups(self):
         """get the list of user groups containing the user in the form (group_name, builtin)"""
         return [(x.__str__(), x.builtin) for x in self.user_groups.all()]
-    
+
     def get_roles(self):
         """get the list of roles attached to the user"""
-        return list(self.user_groups.all()
-                .values_list('roleassignment__role__name', flat=True)
-                .distinct())
+        return list(
+            self.user_groups.all()
+            .values_list("roleassignment__role__name", flat=True)
+            .distinct()
+        )
 
     @property
     def has_backup_permission(self) -> bool:
diff --git a/frontend/src/lib/components/SideBar/SideBarNavigation.svelte b/frontend/src/lib/components/SideBar/SideBarNavigation.svelte
index 273771c29..375fe0f5b 100644
--- a/frontend/src/lib/components/SideBar/SideBarNavigation.svelte
+++ b/frontend/src/lib/components/SideBar/SideBarNavigation.svelte
@@ -27,10 +27,8 @@
 		.map((item) => {
 			// Check and filter the sub-items based on user permissions
 			const filteredSubItems = item.items.filter((subItem) => {
-				if (subItem.exclude){
-					return subItem.exclude.some((role) =>
-						!user.roles.includes(role)
-					);
+				if (subItem.exclude) {
+					return subItem.exclude.some((role) => !user.roles.includes(role));
 				} else if (subItem.permissions) {
 					return subItem.permissions.some((permission) =>
 						Object.hasOwn(user.permissions, permission)

From 3b0b85b34b59a6c771181353c9994dc1aec0340c Mon Sep 17 00:00:00 2001
From: Mohamed-Hacene <mohamedhacene.b@gmail.com>
Date: Tue, 1 Oct 2024 12:27:29 +0200
Subject: [PATCH 12/26] feat: add representatives field in entity assessment

---
 .../0003_entityassessment_representatives.py  | 24 +++++++++
 backend/tprm/models.py                        |  6 +++
 backend/tprm/serializers.py                   | 54 ++++++++++++-------
 .../ModelForm/EntityAssessmentForm.svelte     | 11 +++-
 frontend/src/lib/utils/crud.ts                |  3 +-
 frontend/src/lib/utils/schemas.ts             |  3 +-
 6 files changed, 78 insertions(+), 23 deletions(-)
 create mode 100644 backend/tprm/migrations/0003_entityassessment_representatives.py

diff --git a/backend/tprm/migrations/0003_entityassessment_representatives.py b/backend/tprm/migrations/0003_entityassessment_representatives.py
new file mode 100644
index 000000000..66d0fb8e1
--- /dev/null
+++ b/backend/tprm/migrations/0003_entityassessment_representatives.py
@@ -0,0 +1,24 @@
+# Generated by Django 5.1 on 2024-10-01 09:14
+
+from django.conf import settings
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+    dependencies = [
+        ("tprm", "0002_alter_entity_reference_link"),
+        migrations.swappable_dependency(settings.AUTH_USER_MODEL),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name="entityassessment",
+            name="representatives",
+            field=models.ManyToManyField(
+                blank=True,
+                related_name="entity_assessments",
+                to=settings.AUTH_USER_MODEL,
+                verbose_name="Representative",
+            ),
+        ),
+    ]
diff --git a/backend/tprm/models.py b/backend/tprm/models.py
index 6fe6815bd..9a5063f65 100644
--- a/backend/tprm/models.py
+++ b/backend/tprm/models.py
@@ -40,6 +40,12 @@ class Conclusion(models.TextChoices):
     dependency = models.IntegerField(default=0, verbose_name=_("Dependency"))
     maturity = models.IntegerField(default=0, verbose_name=_("Maturity"))
     trust = models.IntegerField(default=0, verbose_name=_("Trust"))
+    representatives = models.ManyToManyField(
+        User,
+        blank=True,
+        verbose_name=_("Representative"),
+        related_name="entity_assessments",
+    )
     entity = models.ForeignKey(
         Entity,
         on_delete=models.CASCADE,
diff --git a/backend/tprm/serializers.py b/backend/tprm/serializers.py
index 398b8ab19..b5fd5dbda 100644
--- a/backend/tprm/serializers.py
+++ b/backend/tprm/serializers.py
@@ -8,7 +8,6 @@
 from django.contrib.auth import get_user_model
 from tprm.models import Entity, EntityAssessment, Representative, Solution
 from django.utils.translation import gettext_lazy as _
-from ciso_assistant.settings import EMAIL_HOST, EMAIL_HOST_RESCUE
 
 import structlog
 
@@ -39,7 +38,7 @@ class EntityAssessmentReadSerializer(BaseModelSerializer):
     entity = FieldsRelatedField()
     folder = FieldsRelatedField()
     solutions = FieldsRelatedField(many=True)
-    authors = FieldsRelatedField(many=True)
+    representatives = FieldsRelatedField(many=True)
     reviewers = FieldsRelatedField(many=True)
 
     class Meta:
@@ -48,7 +47,7 @@ class Meta:
 
 
 class EntityAssessmentWriteSerializer(BaseModelSerializer):
-    create_audit = serializers.BooleanField(default=True)
+    create_audit = serializers.BooleanField(default=False)
     framework = serializers.PrimaryKeyRelatedField(
         queryset=Framework.objects.all(), required=False
     )
@@ -82,23 +81,31 @@ def _create_or_update_audit(self, instance, audit_data):
                 ],
             )
 
-            if not instance.compliance_assessment:
-                enclave = Folder.objects.create(
-                    content_type=Folder.ContentType.ENCLAVE,
-                    name=f"{instance.project.name}/{instance.name}",
-                    parent_folder=instance.folder,
-                )
-                audit.folder = enclave
-                audit.save()
+            enclave = Folder.objects.create(
+                content_type=Folder.ContentType.ENCLAVE,
+                name=f"{instance.project.name}/{instance.name}",
+                parent_folder=instance.folder,
+            )
+            audit.folder = enclave
+            audit.save()
 
             audit.create_requirement_assessments()
-            audit.authors.set(instance.authors.all())
             audit.reviewers.set(instance.reviewers.all())
+            audit.authors.set(instance.representatives.all())
             instance.compliance_assessment = audit
             instance.save()
+        else:
+            if instance.compliance_assessment:
+                audit = instance.compliance_assessment
+                audit.reviewers.set(instance.reviewers.all())
+                audit.authors.set(instance.representatives.all())
+            instance.save()
 
     def _assign_third_party_respondents(
-        self, instance: EntityAssessment, third_party_users: set[User]
+        self,
+        instance: EntityAssessment,
+        third_party_users: set[User],
+        old_third_party_users: set[User] = set(),
     ):
         if instance.compliance_assessment:
             enclave = instance.compliance_assessment.folder
@@ -119,25 +126,32 @@ def _assign_third_party_respondents(
                 if not user.is_third_party:
                     logger.warning("User is not a third-party", user=user)
                 user.user_groups.add(respondents)
+            for user in old_third_party_users:
+                if not user.is_third_party:
+                    logger.warning("User is not a third-party", user=user)
+                user.user_groups.remove(respondents)
 
     def create(self, validated_data):
         audit_data = self._extract_audit_data(validated_data)
         instance = super().create(validated_data)
         self._create_or_update_audit(instance, audit_data)
-        self._assign_third_party_respondents(instance, set(instance.authors.all()))
+        self._assign_third_party_respondents(
+            instance, set(instance.representatives.all())
+        )
         return instance
 
     def update(self, instance: EntityAssessment, validated_data):
         audit_data = self._extract_audit_data(validated_data)
-        new_authors = set(validated_data.get("authors", [])) - set(
-            instance.authors.all()
+        representatives = set(validated_data.get("representatives", []))
+        old_representatives = set(instance.representatives.all()) - set(
+            validated_data.get("representatives", [])
         )
         instance = super().update(instance, validated_data)
 
-        if not instance.compliance_assessment:
-            self._create_or_update_audit(instance, audit_data)
-
-        self._assign_third_party_respondents(instance, new_authors)
+        self._create_or_update_audit(instance, audit_data)
+        self._assign_third_party_respondents(
+            instance, representatives, old_representatives
+        )
         return instance
 
     class Meta:
diff --git a/frontend/src/lib/components/Forms/ModelForm/EntityAssessmentForm.svelte b/frontend/src/lib/components/Forms/ModelForm/EntityAssessmentForm.svelte
index c349a41ba..c49383b70 100644
--- a/frontend/src/lib/components/Forms/ModelForm/EntityAssessmentForm.svelte
+++ b/frontend/src/lib/components/Forms/ModelForm/EntityAssessmentForm.svelte
@@ -144,11 +144,20 @@
 	multiple
 	options={getOptions({ objects: model.foreignKeys['authors'], label: 'email' })}
 	field="authors"
-	helpText={m.entityAssessmentAuthorHelpText()}
 	cacheLock={cacheLocks['authors']}
 	bind:cachedValue={formDataCache['authors']}
 	label={m.authors()}
 />
+<AutocompleteSelect
+	{form}
+	multiple
+	options={getOptions({ objects: model.foreignKeys['representatives'], label: 'email' })}
+	field="representatives"
+	helpText={m.entityAssessmentAuthorHelpText()}
+	cacheLock={cacheLocks['representatives']}
+	bind:cachedValue={formDataCache['representatives']}
+	label={m.representatives()}
+/>
 <AutocompleteSelect
 	{form}
 	multiple
diff --git a/frontend/src/lib/utils/crud.ts b/frontend/src/lib/utils/crud.ts
index 69f532efe..99da36886 100644
--- a/frontend/src/lib/utils/crud.ts
+++ b/frontend/src/lib/utils/crud.ts
@@ -491,7 +491,8 @@ export const URL_MODEL_MAP: ModelMap = {
 			{ field: 'entity', urlModel: 'entities' },
 			{ field: 'solutions', urlModel: 'solutions' },
 			{ field: 'framework', urlModel: 'frameworks' },
-			{ field: 'authors', urlModel: 'users', urlParams: 'is_third_party=true' },
+			{ field: 'authors', urlModel: 'users', urlParams: 'is_third_party=false' },
+			{ field: 'representatives', urlModel: 'users', urlParams: 'is_third_party=true' },
 			{ field: 'reviewers', urlModel: 'users', urlParams: 'is_third_party=false' },
 			{ field: 'evidence', urlModel: 'evidences' },
 			{ field: 'compliance_assessment', urlModel: 'compliance-assessments' }
diff --git a/frontend/src/lib/utils/schemas.ts b/frontend/src/lib/utils/schemas.ts
index 9ae54d643..925ed0a09 100644
--- a/frontend/src/lib/utils/schemas.ts
+++ b/frontend/src/lib/utils/schemas.ts
@@ -285,7 +285,7 @@ export const EntitiesSchema = baseNamedObject({
 });
 
 export const EntityAssessmentSchema = baseNamedObject({
-	create_audit: z.boolean().optional().default(true),
+	create_audit: z.boolean().optional().default(false),
 	framework: z.string().optional(),
 	selected_implementation_groups: z.array(z.string().optional()).optional(),
 	version: z.string().optional().default('0.1'),
@@ -294,6 +294,7 @@ export const EntityAssessmentSchema = baseNamedObject({
 	eta: z.string().optional().nullable(),
 	due_date: z.string().optional().nullable(),
 	authors: z.array(z.string().optional()).optional(),
+	representatives: z.array(z.string().optional()).optional(),
 	reviewers: z.array(z.string().optional()).optional(),
 	entity: z.string(),
 	solutions: z.array(z.string().optional()).optional(),

From 9ea3cdc03c767948a93ddf57951ec3146ce1d4a6 Mon Sep 17 00:00:00 2001
From: Mohamed-Hacene <mohamedhacene.b@gmail.com>
Date: Thu, 3 Oct 2024 12:33:35 +0200
Subject: [PATCH 13/26] feat: improve layout

---
 frontend/messages/en.json                                    | 5 +++--
 .../components/Forms/ModelForm/EntityAssessmentForm.svelte   | 3 ++-
 .../(internal)/entity-assessments/[id=uuid]/+page.svelte     | 2 +-
 3 files changed, 6 insertions(+), 4 deletions(-)

diff --git a/frontend/messages/en.json b/frontend/messages/en.json
index 7be636d6b..8a047525b 100644
--- a/frontend/messages/en.json
+++ b/frontend/messages/en.json
@@ -739,7 +739,7 @@
 	"createUserHelpText": "Create or link a third party user to the representative based on the email",
 	"nameDuplicate": "Name already exists",
 	"noAnswer": "No answer",
-	"entityAssessmentAuthorHelpText": "The representative who is responsible for questionnaire completion",
+	"entityAssessmentRepresentativesHelpText": "The third party users who are responsible for questionnaire completion",
 	"sendQuestionnaire": "Send questionnaire",
 	"sureToSendMail": "Are you sure you want to send the mail?",
 	"mailSuccessfullySent": "The mail has been successfully sent",
@@ -755,5 +755,6 @@
 	"theFollowingControlsWillBeAddedColon": "The following controls will be added:",
 	"ShowAllNodesMessage": "Show all",
 	"ShowOnlyAssessable": "Only assessable",
-	"NoPreviewMessage": "No preview available."
+	"NoPreviewMessage": "No preview available.",
+	"entityAssessmentEvidenceHelpText": "An external questionnaire"
 }
diff --git a/frontend/src/lib/components/Forms/ModelForm/EntityAssessmentForm.svelte b/frontend/src/lib/components/Forms/ModelForm/EntityAssessmentForm.svelte
index c49383b70..dc8ed0042 100644
--- a/frontend/src/lib/components/Forms/ModelForm/EntityAssessmentForm.svelte
+++ b/frontend/src/lib/components/Forms/ModelForm/EntityAssessmentForm.svelte
@@ -153,7 +153,7 @@
 	multiple
 	options={getOptions({ objects: model.foreignKeys['representatives'], label: 'email' })}
 	field="representatives"
-	helpText={m.entityAssessmentAuthorHelpText()}
+	helpText={m.entityAssessmentRepresentativesHelpText()}
 	cacheLock={cacheLocks['representatives']}
 	bind:cachedValue={formDataCache['representatives']}
 	label={m.representatives()}
@@ -187,6 +187,7 @@
 	cacheLock={cacheLocks['evidence']}
 	bind:cachedValue={formDataCache['evidence']}
 	label={m.evidence()}
+	helpText={m.entityAssessmentEvidenceHelpText()}
 />
 <Select
 	{form}
diff --git a/frontend/src/routes/(app)/(internal)/entity-assessments/[id=uuid]/+page.svelte b/frontend/src/routes/(app)/(internal)/entity-assessments/[id=uuid]/+page.svelte
index ff43763c8..521c969f1 100644
--- a/frontend/src/routes/(app)/(internal)/entity-assessments/[id=uuid]/+page.svelte
+++ b/frontend/src/routes/(app)/(internal)/entity-assessments/[id=uuid]/+page.svelte
@@ -20,7 +20,7 @@
 	<DetailView
 		{data}
 		{mailing}
-		exclude={['criticality', 'penetration', 'dependency', 'maturity', 'trust', 'evidence']}
+		exclude={['criticality', 'penetration', 'dependency', 'maturity', 'trust']}
 	/>
 	{#if data.data.compliance_assessment}
 		<div class="card px-6 py-4 bg-white flex flex-row justify-between shadow-lg w-full">

From 45273d95da3ff5984ed18373d22dba41a6fd284c Mon Sep 17 00:00:00 2001
From: Mohamed-Hacene <mohamedhacene.b@gmail.com>
Date: Fri, 4 Oct 2024 10:14:56 +0200
Subject: [PATCH 14/26] fix: fix requirements tags layout

---
 frontend/messages/en.json                     |  2 +-
 .../[id=uuid]/TreeViewItemContent.svelte      | 25 ++++---------------
 2 files changed, 6 insertions(+), 21 deletions(-)

diff --git a/frontend/messages/en.json b/frontend/messages/en.json
index 8a047525b..bf8474f20 100644
--- a/frontend/messages/en.json
+++ b/frontend/messages/en.json
@@ -756,5 +756,5 @@
 	"ShowAllNodesMessage": "Show all",
 	"ShowOnlyAssessable": "Only assessable",
 	"NoPreviewMessage": "No preview available.",
-	"entityAssessmentEvidenceHelpText": "An external questionnaire"
+	"entityAssessmentEvidenceHelpText": "An external questionnaire",
 }
diff --git a/frontend/src/routes/(app)/(third-party)/compliance-assessments/[id=uuid]/TreeViewItemContent.svelte b/frontend/src/routes/(app)/(third-party)/compliance-assessments/[id=uuid]/TreeViewItemContent.svelte
index cf9f53c1e..b11818e9b 100644
--- a/frontend/src/routes/(app)/(third-party)/compliance-assessments/[id=uuid]/TreeViewItemContent.svelte
+++ b/frontend/src/routes/(app)/(third-party)/compliance-assessments/[id=uuid]/TreeViewItemContent.svelte
@@ -155,28 +155,13 @@
 							{/if}
 						{/each}
 					{/if}
+					{#if node.question.questions}
+						<span class="badge" style="background-color: pink; color: {darkenColor('#FFC0CB', 0.5)}"
+							>{node.question.questions.length} {m.questionOrQuestions()}</span
+						>
+					{/if}
 				</div>
 			</div>
-			<div>
-				{#if hasAssessableChildren}
-					{#each Object.entries(complianceStatusColorMap) as status}
-						{#if resultCounts[status[0]]}
-							<span
-								class="badge mr-1"
-								style="background-color: {status[1] + '44'}; color: {darkenColor(status[1], 0.3)}"
-							>
-								{resultCounts[status[0]]}
-								{safeTranslate(status[0])}
-							</span>
-						{/if}
-					{/each}
-				{/if}
-				{#if node.question.questions}
-					<span class="badge" style="background-color: pink; color: {darkenColor('#FFC0CB', 0.5)}"
-						>{node.question.questions.length} {m.questionOrQuestions()}</span
-					>
-				{/if}
-			</div>
 		</div>
 		{#if (threats && threats.length > 0) || (reference_controls && reference_controls.length > 0)}
 			<div

From 476ae1150f046b454f78cda1eb803ec55f674e9d Mon Sep 17 00:00:00 2001
From: Mohamed-Hacene <mohamedhacene.b@gmail.com>
Date: Fri, 4 Oct 2024 10:17:08 +0200
Subject: [PATCH 15/26] fix: comma in en.json

---
 frontend/messages/en.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/frontend/messages/en.json b/frontend/messages/en.json
index bf8474f20..8a047525b 100644
--- a/frontend/messages/en.json
+++ b/frontend/messages/en.json
@@ -756,5 +756,5 @@
 	"ShowAllNodesMessage": "Show all",
 	"ShowOnlyAssessable": "Only assessable",
 	"NoPreviewMessage": "No preview available.",
-	"entityAssessmentEvidenceHelpText": "An external questionnaire",
+	"entityAssessmentEvidenceHelpText": "An external questionnaire"
 }

From a3861c6d0961925863b8732aa4531533f0a543ad Mon Sep 17 00:00:00 2001
From: Mohamed-Hacene <mohamedhacene.b@gmail.com>
Date: Fri, 4 Oct 2024 10:27:44 +0200
Subject: [PATCH 16/26] feat: improve requirement assessment edit page server
 complexity

---
 .../[id=uuid]/edit/+page.server.ts            | 288 ++++++++----------
 1 file changed, 124 insertions(+), 164 deletions(-)

diff --git a/frontend/src/routes/(app)/(third-party)/requirement-assessments/[id=uuid]/edit/+page.server.ts b/frontend/src/routes/(app)/(third-party)/requirement-assessments/[id=uuid]/edit/+page.server.ts
index a6f9d3e3f..d4461a4c9 100644
--- a/frontend/src/routes/(app)/(third-party)/requirement-assessments/[id=uuid]/edit/+page.server.ts
+++ b/frontend/src/routes/(app)/(third-party)/requirement-assessments/[id=uuid]/edit/+page.server.ts
@@ -4,216 +4,176 @@ import { getModelInfo, urlParamModelVerboseName } from '$lib/utils/crud';
 import { getSecureRedirect } from '$lib/utils/helpers';
 import { modelSchema } from '$lib/utils/schemas';
 import { listViewFields } from '$lib/utils/table';
-import type { urlModel } from '$lib/utils/types';
 import * as m from '$paraglide/messages';
-import { tableSourceMapper, type TableSource } from '@skeletonlabs/skeleton';
+import { tableSourceMapper } from '@skeletonlabs/skeleton';
 import type { Actions } from '@sveltejs/kit';
 import { fail, redirect } from '@sveltejs/kit';
 import { setFlash } from 'sveltekit-flash-message/server';
-import { setError, superValidate } from 'sveltekit-superforms';
+import { superValidate } from 'sveltekit-superforms';
 import { zod } from 'sveltekit-superforms/adapters';
 import type { PageServerLoad } from './$types';
 import { z } from 'zod';
 
+
 export const load = (async ({ fetch, params }) => {
 	const URLModel = 'requirement-assessments';
-	const endpoint = `${BASE_API_URL}/${URLModel}/${params.id}/`;
-
-	const res = await fetch(endpoint);
-	const requirementAssessment = await res.json();
-
-	const compliance_assessment_score = await fetch(
-		`${BASE_API_URL}/compliance-assessments/${requirementAssessment.compliance_assessment.id}/global_score/`
-	).then((res) => res.json());
-	const requirement = await fetch(
-		`${BASE_API_URL}/requirement-nodes/${requirementAssessment.requirement}/`
-	).then((res) => res.json());
-	const parentRequirementNodeEndpoint = `${BASE_API_URL}/requirement-nodes/?urn=${requirement.parent_urn}`;
-	const parent = await fetch(parentRequirementNodeEndpoint)
-		.then((res) => res.json())
-		.then((res) => res.results[0]);
-
+	const baseUrl = BASE_API_URL;
+	const endpoint = `${baseUrl}/${URLModel}/${params.id}/`;
+  
+	async function fetchJson(url: string) {
+	  const res = await fetch(url);
+	  if (!res.ok) {
+		console.error(`Failed to fetch data from ${url}: ${res.statusText}`);
+		return null;
+	  }
+	  return res.json();
+	}
+  
+	const requirementAssessment = await fetchJson(endpoint);
+	const [compliance_assessment_score, requirement] = await Promise.all([
+	  fetchJson(`${baseUrl}/compliance-assessments/${requirementAssessment.compliance_assessment.id}/global_score/`),
+	  fetchJson(`${baseUrl}/requirement-nodes/${requirementAssessment.requirement}/`)
+	]);
+  
+	const parent = await fetchJson(`${baseUrl}/requirement-nodes/?urn=${requirement.parent_urn}`)
+	  .then(res => res.results[0]);
+  
 	const model = getModelInfo(URLModel);
-
 	const object = { ...requirementAssessment };
-	for (const key in object) {
-		if (object[key] instanceof Object && 'id' in object[key]) {
-			object[key] = object[key].id;
-		}
-	}
-
+	Object.keys(object).forEach(key => {
+	  if (object[key] instanceof Object && 'id' in object[key]) {
+		object[key] = object[key].id;
+	  }
+	});
+  
 	const schema = modelSchema(URLModel);
 	const form = await superValidate(object, zod(schema), { errors: true });
-
+  
 	const foreignKeys: Record<string, any> = {};
-
 	if (model.foreignKeyFields) {
-		for (const keyField of model.foreignKeyFields) {
-			const queryParams = keyField.urlParams ? `?${keyField.urlParams}` : '';
-			const url = `${BASE_API_URL}/${keyField.urlModel}/${queryParams}`;
-			const response = await fetch(url);
-			if (response.ok) {
-				foreignKeys[keyField.field] = await response.json().then((data) => data.results);
-			} else {
-				console.error(`Failed to fetch data for ${keyField.field}: ${response.statusText}`);
-			}
+	  await Promise.all(model.foreignKeyFields.map(async (keyField) => {
+		const queryParams = keyField.urlParams ? `?${keyField.urlParams}` : '';
+		const url = `${baseUrl}/${keyField.urlModel}/${queryParams}`;
+		const data = await fetchJson(url);
+		if (data) {
+		  foreignKeys[keyField.field] = data.results;
 		}
+	  }));
 	}
-
 	model.foreignKeys = foreignKeys;
-
+  
 	const selectOptions: Record<string, any> = {};
-
 	if (model.selectFields) {
-		for (const selectField of model.selectFields) {
-			const url = `${BASE_API_URL}/${URLModel}/${selectField.field}/`;
-			const response = await fetch(url);
-			if (response.ok) {
-				selectOptions[selectField.field] = await response.json().then((data) =>
-					Object.entries(data).map(([key, value]) => ({
-						label: value,
-						value: key
-					}))
-				);
-			} else {
-				console.error(`Failed to fetch data for ${selectField.field}: ${response.statusText}`);
-			}
+	  await Promise.all(model.selectFields.map(async (selectField) => {
+		const url = `${baseUrl}/${URLModel}/${selectField.field}/`;
+		const data = await fetchJson(url);
+		if (data) {
+		  selectOptions[selectField.field] = Object.entries(data).map(([key, value]) => ({
+			label: value,
+			value: key
+		  }));
 		}
+	  }));
 	}
-
-	model['selectOptions'] = selectOptions;
-
+	model.selectOptions = selectOptions;
+  
 	const measureCreateSchema = modelSchema('applied-controls');
-	const initialData = {
-		folder: requirementAssessment.folder.id
-	};
-
-	const measureCreateForm = await superValidate(initialData, zod(measureCreateSchema), {
-		errors: false
-	});
-
+	const measureCreateForm = await superValidate({ folder: requirementAssessment.folder.id }, zod(measureCreateSchema), { errors: false });
+  
 	const measureModel = getModelInfo('applied-controls');
+	
 	const measureSelectOptions: Record<string, any> = {};
-
 	if (measureModel.selectFields) {
-		for (const selectField of measureModel.selectFields) {
-			const url = `${BASE_API_URL}/applied-controls/${selectField.field}/`;
-			const response = await fetch(url);
-			if (response.ok) {
-				measureSelectOptions[selectField.field] = await response.json().then((data) =>
-					Object.entries(data).map(([key, value]) => ({
-						label: value,
-						value: key
-					}))
-				);
-			} else {
-				console.error(`Failed to fetch data for ${selectField.field}: ${response.statusText}`);
-			}
-		}
-	}
-
-	measureModel['selectOptions'] = measureSelectOptions;
-
-	const tables: Record<string, any> = {};
-
-	for (const key of ['applied-controls', 'evidences'] as urlModel[]) {
-		const keyEndpoint = `${BASE_API_URL}/${key}/?requirement_assessments=${params.id}`;
-		const response = await fetch(keyEndpoint);
-		if (response.ok) {
-			const data = await response.json().then((data) => data.results);
-
-			const bodyData = tableSourceMapper(data, listViewFields[key].body);
-
-			const table: TableSource = {
-				head: listViewFields[key].head,
-				body: bodyData,
-				meta: data
-			};
-			tables[key] = table;
-		} else {
-			console.error(`Failed to fetch data for ${key}: ${response.statusText}`);
+	  await Promise.all(measureModel.selectFields.map(async (selectField) => {
+		const url = `${baseUrl}/applied-controls/${selectField.field}/`;
+		const data = await fetchJson(url);
+		if (data) {
+		  measureSelectOptions[selectField.field] = Object.entries(data).map(([key, value]) => ({
+			label: value,
+			value: key
+		  }));
 		}
+	  }));
 	}
-
+	measureModel.selectOptions = measureSelectOptions;
+  
 	const measureForeignKeys: Record<string, any> = {};
-
 	if (measureModel.foreignKeyFields) {
-		for (const keyField of measureModel.foreignKeyFields) {
-			if (keyField.field === 'folder') {
-				measureForeignKeys[keyField.field] = [requirementAssessment.folder];
-				continue;
-			}
-			const queryParams = keyField.urlParams ? `?${keyField.urlParams}` : '';
-			const url = `${BASE_API_URL}/${keyField.urlModel}/${queryParams}`;
-			const response = await fetch(url);
-			if (response.ok) {
-				measureForeignKeys[keyField.field] = await response.json().then((data) => data.results);
-			} else {
-				console.error(`Failed to fetch data for ${keyField.field}: ${response.statusText}`);
-			}
+	  await Promise.all(measureModel.foreignKeyFields.map(async (keyField) => {
+		if (keyField.field === 'folder') {
+		  measureForeignKeys[keyField.field] = [requirementAssessment.folder];
+		} else {
+		  const queryParams = keyField.urlParams ? `?${keyField.urlParams}` : '';
+		  const url = `${baseUrl}/${keyField.urlModel}/${queryParams}`;
+		  const data = await fetchJson(url);
+		  if (data) {
+			measureForeignKeys[keyField.field] = data.results;
+		  }
 		}
+	  }));
 	}
-
 	measureModel.foreignKeys = measureForeignKeys;
-
+  
+	const tables: Record<string, any> = {};
+	await Promise.all(['applied-controls', 'evidences'].map(async (key) => {
+	  const data = await fetchJson(`${baseUrl}/${key}/?requirement_assessments=${params.id}`);
+	  if (data) {
+		tables[key] = {
+		  head: listViewFields[key].head,
+		  body: tableSourceMapper(data.results, listViewFields[key].body),
+		  meta: data.results
+		};
+	  }
+	}));
+  
 	const evidenceModel = getModelInfo('evidences');
 	const evidenceCreateSchema = modelSchema('evidences');
-	const evidenceInitialData = {
-		requirement_assessments: [params.id],
-		folder: requirementAssessment.folder.id
-	};
-	const evidenceCreateForm = await superValidate(evidenceInitialData, zod(evidenceCreateSchema), {
-		errors: false
-	});
-
+	const evidenceCreateForm = await superValidate(
+	  { requirement_assessments: [params.id], folder: requirementAssessment.folder.id },
+	  zod(evidenceCreateSchema),
+	  { errors: false }
+	);
+  
 	const evidenceSelectOptions: Record<string, any> = {};
-
 	if (evidenceModel.selectFields) {
-		for (const selectField of evidenceModel.selectFields) {
-			const url = `${BASE_API_URL}/evidences/${selectField.field}/`;
-			const response = await fetch(url);
-			if (response.ok) {
-				evidenceSelectOptions[selectField.field] = await response.json().then((data) =>
-					Object.entries(data).map(([key, value]) => ({
-						label: value,
-						value: key
-					}))
-				);
-			} else {
-				console.error(`Failed to fetch data for ${selectField.field}: ${response.statusText}`);
-			}
+	  await Promise.all(evidenceModel.selectFields.map(async (selectField) => {
+		const url = `${baseUrl}/evidences/${selectField.field}/`;
+		const data = await fetchJson(url);
+		if (data) {
+		  evidenceSelectOptions[selectField.field] = Object.entries(data).map(([key, value]) => ({
+			label: value,
+			value: key
+		  }));
 		}
+	  }));
 	}
-
-	evidenceModel['selectOptions'] = evidenceSelectOptions;
-
+	evidenceModel.selectOptions = evidenceSelectOptions;
+  
 	const evidenceForeignKeys: Record<string, any> = {};
-
 	if (evidenceModel.foreignKeyFields) {
-		for (const keyField of evidenceModel.foreignKeyFields) {
-			if (keyField.field === 'folder') {
-				evidenceForeignKeys[keyField.field] = [requirementAssessment.folder];
-				continue;
-			}
-			evidenceForeignKeys[keyField.field] = [];
+	  evidenceModel.foreignKeyFields.forEach((keyField) => {
+		if (keyField.field === 'folder') {
+		  evidenceForeignKeys[keyField.field] = [requirementAssessment.folder];
+		} else {
+		  evidenceForeignKeys[keyField.field] = [];
 		}
+	  });
 	}
-
 	evidenceModel.foreignKeys = evidenceForeignKeys;
-
+  
 	return {
-		URLModel,
-		requirementAssessment,
-		compliance_assessment_score,
-		requirement,
-		parent,
-		model,
-		form,
-		measureCreateForm,
-		measureModel,
-		evidenceModel,
-		evidenceCreateForm,
-		tables
+	  URLModel,
+	  requirementAssessment,
+	  compliance_assessment_score,
+	  requirement,
+	  parent,
+	  model,
+	  form,
+	  measureCreateForm,
+	  measureModel,
+	  evidenceModel,
+	  evidenceCreateForm,
+	  tables
 	};
 }) satisfies PageServerLoad;
 

From 98a3dda3dad5e96d4f4dbeb312ab4f98ef8afff0 Mon Sep 17 00:00:00 2001
From: Mohamed-Hacene <mohamedhacene.b@gmail.com>
Date: Fri, 4 Oct 2024 10:29:29 +0200
Subject: [PATCH 17/26] chore: format

---
 .../[id=uuid]/edit/+page.server.ts            | 246 ++++++++++--------
 1 file changed, 132 insertions(+), 114 deletions(-)

diff --git a/frontend/src/routes/(app)/(third-party)/requirement-assessments/[id=uuid]/edit/+page.server.ts b/frontend/src/routes/(app)/(third-party)/requirement-assessments/[id=uuid]/edit/+page.server.ts
index d4461a4c9..965b61acb 100644
--- a/frontend/src/routes/(app)/(third-party)/requirement-assessments/[id=uuid]/edit/+page.server.ts
+++ b/frontend/src/routes/(app)/(third-party)/requirement-assessments/[id=uuid]/edit/+page.server.ts
@@ -14,166 +14,184 @@ import { zod } from 'sveltekit-superforms/adapters';
 import type { PageServerLoad } from './$types';
 import { z } from 'zod';
 
-
 export const load = (async ({ fetch, params }) => {
 	const URLModel = 'requirement-assessments';
 	const baseUrl = BASE_API_URL;
 	const endpoint = `${baseUrl}/${URLModel}/${params.id}/`;
-  
+
 	async function fetchJson(url: string) {
-	  const res = await fetch(url);
-	  if (!res.ok) {
-		console.error(`Failed to fetch data from ${url}: ${res.statusText}`);
-		return null;
-	  }
-	  return res.json();
+		const res = await fetch(url);
+		if (!res.ok) {
+			console.error(`Failed to fetch data from ${url}: ${res.statusText}`);
+			return null;
+		}
+		return res.json();
 	}
-  
+
 	const requirementAssessment = await fetchJson(endpoint);
 	const [compliance_assessment_score, requirement] = await Promise.all([
-	  fetchJson(`${baseUrl}/compliance-assessments/${requirementAssessment.compliance_assessment.id}/global_score/`),
-	  fetchJson(`${baseUrl}/requirement-nodes/${requirementAssessment.requirement}/`)
+		fetchJson(
+			`${baseUrl}/compliance-assessments/${requirementAssessment.compliance_assessment.id}/global_score/`
+		),
+		fetchJson(`${baseUrl}/requirement-nodes/${requirementAssessment.requirement}/`)
 	]);
-  
-	const parent = await fetchJson(`${baseUrl}/requirement-nodes/?urn=${requirement.parent_urn}`)
-	  .then(res => res.results[0]);
-  
+
+	const parent = await fetchJson(
+		`${baseUrl}/requirement-nodes/?urn=${requirement.parent_urn}`
+	).then((res) => res.results[0]);
+
 	const model = getModelInfo(URLModel);
 	const object = { ...requirementAssessment };
-	Object.keys(object).forEach(key => {
-	  if (object[key] instanceof Object && 'id' in object[key]) {
-		object[key] = object[key].id;
-	  }
+	Object.keys(object).forEach((key) => {
+		if (object[key] instanceof Object && 'id' in object[key]) {
+			object[key] = object[key].id;
+		}
 	});
-  
+
 	const schema = modelSchema(URLModel);
 	const form = await superValidate(object, zod(schema), { errors: true });
-  
+
 	const foreignKeys: Record<string, any> = {};
 	if (model.foreignKeyFields) {
-	  await Promise.all(model.foreignKeyFields.map(async (keyField) => {
-		const queryParams = keyField.urlParams ? `?${keyField.urlParams}` : '';
-		const url = `${baseUrl}/${keyField.urlModel}/${queryParams}`;
-		const data = await fetchJson(url);
-		if (data) {
-		  foreignKeys[keyField.field] = data.results;
-		}
-	  }));
+		await Promise.all(
+			model.foreignKeyFields.map(async (keyField) => {
+				const queryParams = keyField.urlParams ? `?${keyField.urlParams}` : '';
+				const url = `${baseUrl}/${keyField.urlModel}/${queryParams}`;
+				const data = await fetchJson(url);
+				if (data) {
+					foreignKeys[keyField.field] = data.results;
+				}
+			})
+		);
 	}
 	model.foreignKeys = foreignKeys;
-  
+
 	const selectOptions: Record<string, any> = {};
 	if (model.selectFields) {
-	  await Promise.all(model.selectFields.map(async (selectField) => {
-		const url = `${baseUrl}/${URLModel}/${selectField.field}/`;
-		const data = await fetchJson(url);
-		if (data) {
-		  selectOptions[selectField.field] = Object.entries(data).map(([key, value]) => ({
-			label: value,
-			value: key
-		  }));
-		}
-	  }));
+		await Promise.all(
+			model.selectFields.map(async (selectField) => {
+				const url = `${baseUrl}/${URLModel}/${selectField.field}/`;
+				const data = await fetchJson(url);
+				if (data) {
+					selectOptions[selectField.field] = Object.entries(data).map(([key, value]) => ({
+						label: value,
+						value: key
+					}));
+				}
+			})
+		);
 	}
 	model.selectOptions = selectOptions;
-  
+
 	const measureCreateSchema = modelSchema('applied-controls');
-	const measureCreateForm = await superValidate({ folder: requirementAssessment.folder.id }, zod(measureCreateSchema), { errors: false });
-  
+	const measureCreateForm = await superValidate(
+		{ folder: requirementAssessment.folder.id },
+		zod(measureCreateSchema),
+		{ errors: false }
+	);
+
 	const measureModel = getModelInfo('applied-controls');
-	
+
 	const measureSelectOptions: Record<string, any> = {};
 	if (measureModel.selectFields) {
-	  await Promise.all(measureModel.selectFields.map(async (selectField) => {
-		const url = `${baseUrl}/applied-controls/${selectField.field}/`;
-		const data = await fetchJson(url);
-		if (data) {
-		  measureSelectOptions[selectField.field] = Object.entries(data).map(([key, value]) => ({
-			label: value,
-			value: key
-		  }));
-		}
-	  }));
+		await Promise.all(
+			measureModel.selectFields.map(async (selectField) => {
+				const url = `${baseUrl}/applied-controls/${selectField.field}/`;
+				const data = await fetchJson(url);
+				if (data) {
+					measureSelectOptions[selectField.field] = Object.entries(data).map(([key, value]) => ({
+						label: value,
+						value: key
+					}));
+				}
+			})
+		);
 	}
 	measureModel.selectOptions = measureSelectOptions;
-  
+
 	const measureForeignKeys: Record<string, any> = {};
 	if (measureModel.foreignKeyFields) {
-	  await Promise.all(measureModel.foreignKeyFields.map(async (keyField) => {
-		if (keyField.field === 'folder') {
-		  measureForeignKeys[keyField.field] = [requirementAssessment.folder];
-		} else {
-		  const queryParams = keyField.urlParams ? `?${keyField.urlParams}` : '';
-		  const url = `${baseUrl}/${keyField.urlModel}/${queryParams}`;
-		  const data = await fetchJson(url);
-		  if (data) {
-			measureForeignKeys[keyField.field] = data.results;
-		  }
-		}
-	  }));
+		await Promise.all(
+			measureModel.foreignKeyFields.map(async (keyField) => {
+				if (keyField.field === 'folder') {
+					measureForeignKeys[keyField.field] = [requirementAssessment.folder];
+				} else {
+					const queryParams = keyField.urlParams ? `?${keyField.urlParams}` : '';
+					const url = `${baseUrl}/${keyField.urlModel}/${queryParams}`;
+					const data = await fetchJson(url);
+					if (data) {
+						measureForeignKeys[keyField.field] = data.results;
+					}
+				}
+			})
+		);
 	}
 	measureModel.foreignKeys = measureForeignKeys;
-  
+
 	const tables: Record<string, any> = {};
-	await Promise.all(['applied-controls', 'evidences'].map(async (key) => {
-	  const data = await fetchJson(`${baseUrl}/${key}/?requirement_assessments=${params.id}`);
-	  if (data) {
-		tables[key] = {
-		  head: listViewFields[key].head,
-		  body: tableSourceMapper(data.results, listViewFields[key].body),
-		  meta: data.results
-		};
-	  }
-	}));
-  
+	await Promise.all(
+		['applied-controls', 'evidences'].map(async (key) => {
+			const data = await fetchJson(`${baseUrl}/${key}/?requirement_assessments=${params.id}`);
+			if (data) {
+				tables[key] = {
+					head: listViewFields[key].head,
+					body: tableSourceMapper(data.results, listViewFields[key].body),
+					meta: data.results
+				};
+			}
+		})
+	);
+
 	const evidenceModel = getModelInfo('evidences');
 	const evidenceCreateSchema = modelSchema('evidences');
 	const evidenceCreateForm = await superValidate(
-	  { requirement_assessments: [params.id], folder: requirementAssessment.folder.id },
-	  zod(evidenceCreateSchema),
-	  { errors: false }
+		{ requirement_assessments: [params.id], folder: requirementAssessment.folder.id },
+		zod(evidenceCreateSchema),
+		{ errors: false }
 	);
-  
+
 	const evidenceSelectOptions: Record<string, any> = {};
 	if (evidenceModel.selectFields) {
-	  await Promise.all(evidenceModel.selectFields.map(async (selectField) => {
-		const url = `${baseUrl}/evidences/${selectField.field}/`;
-		const data = await fetchJson(url);
-		if (data) {
-		  evidenceSelectOptions[selectField.field] = Object.entries(data).map(([key, value]) => ({
-			label: value,
-			value: key
-		  }));
-		}
-	  }));
+		await Promise.all(
+			evidenceModel.selectFields.map(async (selectField) => {
+				const url = `${baseUrl}/evidences/${selectField.field}/`;
+				const data = await fetchJson(url);
+				if (data) {
+					evidenceSelectOptions[selectField.field] = Object.entries(data).map(([key, value]) => ({
+						label: value,
+						value: key
+					}));
+				}
+			})
+		);
 	}
 	evidenceModel.selectOptions = evidenceSelectOptions;
-  
+
 	const evidenceForeignKeys: Record<string, any> = {};
 	if (evidenceModel.foreignKeyFields) {
-	  evidenceModel.foreignKeyFields.forEach((keyField) => {
-		if (keyField.field === 'folder') {
-		  evidenceForeignKeys[keyField.field] = [requirementAssessment.folder];
-		} else {
-		  evidenceForeignKeys[keyField.field] = [];
-		}
-	  });
+		evidenceModel.foreignKeyFields.forEach((keyField) => {
+			if (keyField.field === 'folder') {
+				evidenceForeignKeys[keyField.field] = [requirementAssessment.folder];
+			} else {
+				evidenceForeignKeys[keyField.field] = [];
+			}
+		});
 	}
 	evidenceModel.foreignKeys = evidenceForeignKeys;
-  
+
 	return {
-	  URLModel,
-	  requirementAssessment,
-	  compliance_assessment_score,
-	  requirement,
-	  parent,
-	  model,
-	  form,
-	  measureCreateForm,
-	  measureModel,
-	  evidenceModel,
-	  evidenceCreateForm,
-	  tables
+		URLModel,
+		requirementAssessment,
+		compliance_assessment_score,
+		requirement,
+		parent,
+		model,
+		form,
+		measureCreateForm,
+		measureModel,
+		evidenceModel,
+		evidenceCreateForm,
+		tables
 	};
 }) satisfies PageServerLoad;
 

From 788fccf4e0ddbbe6ee2976d9e1332d08170234d1 Mon Sep 17 00:00:00 2001
From: Mohamed-Hacene <mohamedhacene.b@gmail.com>
Date: Tue, 8 Oct 2024 11:11:13 +0200
Subject: [PATCH 18/26] merge: main

---
 backend/app_tests/api/test_utils.py           |    6 +-
 backend/core/helpers.py                       |   43 +-
 backend/core/startup.py                       |  239 +--
 backend/core/views.py                         |   30 +-
 .../management/commands/storelibraries.py     |    4 +-
 .../src/lib/components/Forms/ModelForm.svelte | 1418 -----------------
 .../Forms/ModelForm/FolderForm.svelte         |   23 +
 frontend/messages/ar.json                     |    1 +
 frontend/messages/de.json                     |    1 +
 frontend/messages/en.json                     |    1 +
 frontend/messages/es.json                     |    1 +
 frontend/messages/fr.json                     |    1 +
 frontend/messages/hi.json                     |    1 +
 frontend/messages/it.json                     |    1 +
 frontend/messages/nl.json                     |    1 +
 frontend/messages/pl.json                     |    1 +
 frontend/messages/pt.json                     |    1 +
 frontend/messages/ro.json                     |    1 +
 frontend/messages/ur.json                     |    1 +
 .../src/lib/components/Chart/TreeChart.svelte |    1 -
 .../components/DetailView/DetailView.svelte   |   18 +-
 .../src/lib/components/Forms/ModelForm.svelte |    3 +
 .../Forms/ModelForm/FolderForm.svelte         |    4 +
 .../src/lib/components/Forms/Score.svelte     |    2 -
 frontend/src/lib/utils/crud.ts                |    2 +-
 frontend/src/lib/utils/helpers.ts             |    2 +-
 frontend/src/lib/utils/table.ts               |   32 +-
 .../evidences/[id=uuid]/attachment/+server.ts |    7 +
 .../[id=uuid]/edit/+page.server.ts            |   49 +-
 frontend/tests/utils/page-content.ts          |   15 +-
 frontend/tests/utils/test-data.ts             |  243 +--
 31 files changed, 464 insertions(+), 1689 deletions(-)
 delete mode 100644 enterprise/frontend/src/lib/components/Forms/ModelForm.svelte
 create mode 100644 enterprise/frontend/src/lib/components/Forms/ModelForm/FolderForm.svelte
 create mode 100644 frontend/src/lib/components/Forms/ModelForm/FolderForm.svelte

diff --git a/backend/app_tests/api/test_utils.py b/backend/app_tests/api/test_utils.py
index 448c5073b..a973ebb6c 100644
--- a/backend/app_tests/api/test_utils.py
+++ b/backend/app_tests/api/test_utils.py
@@ -100,7 +100,7 @@ def expected_request_response(
                 # User has access to the domain
                 return False, expected_status, "ok"
             else:
-                return False, expected_status, "outside_scope"
+                return True, expected_status, "outside_scope"
         else:
             # User has not permission to perform the action
             if (
@@ -771,7 +771,7 @@ def update_object(
                         ), f"{verbose_name} object detail can not be accessed with permission"
             else:
                 assert (
-                    response.status_code == status.HTTP_403_FORBIDDEN
+                    response.status_code == status.HTTP_404_NOT_FOUND
                 ), f"{verbose_name} object detail can be accessed without permission"
 
             if not (fails or user_perm_fails):
@@ -911,7 +911,7 @@ def delete_object(
                         ), f"{verbose_name} object detail can not be accessed with permission"
             else:
                 assert (
-                    response.status_code == status.HTTP_403_FORBIDDEN
+                    response.status_code == status.HTTP_404_NOT_FOUND
                 ), f"{verbose_name} object detail can be accessed without permission"
 
             # Asserts that the object was deleted successfully
diff --git a/backend/core/helpers.py b/backend/core/helpers.py
index 6745f371b..4b4afd492 100644
--- a/backend/core/helpers.py
+++ b/backend/core/helpers.py
@@ -1,25 +1,22 @@
+import json
 from collections.abc import MutableMapping
 from datetime import date, timedelta
+from typing import Optional
 
+from django.core.exceptions import NON_FIELD_ERRORS as DJ_NON_FIELD_ERRORS
+from django.core.exceptions import ValidationError as DjValidationError
 from django.db.models import Count
 from django.shortcuts import get_object_or_404
-from iam.models import Folder, Permission, RoleAssignment, User
+from rest_framework.exceptions import ValidationError as DRFValidationError
+from rest_framework.views import api_settings
+from rest_framework.views import exception_handler as drf_exception_handler
 
+from iam.models import Folder, Permission, RoleAssignment, User
 from library.helpers import get_referential_translation
 
 from .models import *
 from .utils import camel_case
 
-from typing import List, Dict, Optional
-
-import json
-
-from django.core.exceptions import NON_FIELD_ERRORS as DJ_NON_FIELD_ERRORS
-from django.core.exceptions import ValidationError as DjValidationError
-from rest_framework.exceptions import ValidationError as DRFValidationError
-from rest_framework.views import api_settings
-from rest_framework.views import exception_handler as drf_exception_handler
-
 DRF_NON_FIELD_ERRORS = api_settings.NON_FIELD_ERRORS_KEY
 
 
@@ -1142,6 +1139,30 @@ def threats_count_per_name(user: User):
     return {"labels": labels, "values": values}
 
 
+def get_folder_content(folder: Folder):
+    content = []
+    for f in Folder.objects.filter(parent_folder=folder).distinct():
+        content.append({"name": f.name, "children": get_folder_content(f)})
+    for p in Project.objects.filter(folder=folder).distinct():
+        content.append(
+            {
+                "name": p.name,
+                "children": [
+                    {
+                        "name": "audits",
+                        "value": ComplianceAssessment.objects.filter(project=p).count(),
+                    },
+                    {
+                        "name": "risk assessments",
+                        "value": RiskAssessment.objects.filter(project=p).count(),
+                    },
+                ],
+            }
+        )
+
+    return content
+
+
 def handle(exc, context):
     # translate django validation error which ...
     # .. causes HTTP 500 status ==> DRF validation which will cause 400 HTTP status
diff --git a/backend/core/startup.py b/backend/core/startup.py
index ec5079096..e87468a4c 100644
--- a/backend/core/startup.py
+++ b/backend/core/startup.py
@@ -11,28 +11,32 @@
 logger = get_logger(__name__)
 
 READER_PERMISSIONS_LIST = [
-    "view_project",
-    "view_riskassessment",
     "view_appliedcontrol",
-    "view_policy",
-    "view_riskscenario",
-    "view_riskacceptance",
     "view_asset",
-    "view_threat",
-    "view_referencecontrol",
-    "view_folder",
-    "view_usergroup",
-    "view_riskmatrix",
     "view_complianceassessment",
-    "view_requirementassessment",
-    "view_requirementnode",
+    "view_entity",
+    "view_entityassessment",
     "view_evidence",
+    "view_folder",
     "view_framework",
     "view_loadedlibrary",
+    "view_policy",
+    "view_project",
+    "view_referencecontrol",
+    "view_representative",
+    "view_requirementassessment",
+    "view_requirementmapping",
+    "view_requirementmappingset",
+    "view_requirementnode",
+    "view_riskacceptance",
+    "view_riskassessment",
+    "view_riskmatrix",
+    "view_riskscenario",
+    "view_solution",
     "view_storedlibrary",
+    "view_threat",
     "view_user",
-    "view_requirementmappingset",
-    "view_requirementmapping",
+    "view_usergroup",
 ]
 
 APPROVER_PERMISSIONS_LIST = [
@@ -62,120 +66,153 @@
 ]
 
 ANALYST_PERMISSIONS_LIST = [
+    "add_appliedcontrol",
+    "add_asset",
+    "add_complianceassessment",
+    "add_evidence",
+    "add_policy",
     "add_project",
-    "view_project",
-    "change_project",
-    "delete_project",
+    "add_riskacceptance",
     "add_riskassessment",
-    "view_riskassessment",
-    "change_riskassessment",
-    "delete_riskassessment",
-    "add_appliedcontrol",
-    "view_appliedcontrol",
+    "add_riskscenario",
+    "add_solution",
+    "add_threat",
     "change_appliedcontrol",
-    "delete_appliedcontrol",
-    "add_policy",
-    "view_policy",
+    "change_asset",
+    "change_complianceassessment",
+    "change_entity",
+    "change_entityassessment",
+    "change_evidence",
     "change_policy",
-    "delete_policy",
-    "add_riskscenario",
-    "view_riskscenario",
-    "change_riskscenario",
-    "delete_riskscenario",
-    "add_riskacceptance",
-    "view_riskacceptance",
+    "change_project",
+    "change_referencecontrol",
+    "change_representative",
+    "change_requirementassessment",
     "change_riskacceptance",
-    "delete_riskacceptance",
-    "add_complianceassessment",
-    "view_complianceassessment",
-    "change_complianceassessment",
+    "change_riskassessment",
+    "change_riskscenario",
+    "change_solution",
+    "change_threat",
+    "delete_appliedcontrol",
+    "delete_asset",
     "delete_complianceassessment",
-    "view_requirementassessment",
-    "change_requirementassessment",
-    "add_evidence",
-    "view_evidence",
-    "change_evidence",
+    "delete_entity",
+    "delete_entityassessment",
     "delete_evidence",
-    "add_asset",
-    "view_asset",
-    "change_asset",
-    "delete_asset",
-    "add_threat",
-    "view_threat",
-    "change_threat",
+    "delete_policy",
+    "delete_project",
+    "delete_referencecontrol",
+    "delete_representative",
+    "delete_riskacceptance",
+    "delete_riskassessment",
+    "delete_riskscenario",
+    "delete_solution",
     "delete_threat",
-    "view_referencecontrol",
+    "view_appliedcontrol",
+    "view_asset",
+    "view_complianceassessment",
+    "view_entity",
+    "view_entityassessment",
+    "view_evidence",
     "view_folder",
-    "view_usergroup",
-    "view_riskmatrix",
-    "view_requirementnode",
     "view_framework",
-    "view_storedlibrary",
     "view_loadedlibrary",
-    "view_user",
-    "view_requirementmappingset",
+    "view_policy",
+    "view_project",
+    "view_referencecontrol",
+    "view_representative",
+    "view_requirementassessment",
     "view_requirementmapping",
+    "view_requirementmappingset",
+    "view_requirementnode",
+    "view_riskacceptance",
+    "view_riskassessment",
+    "view_riskmatrix",
+    "view_riskscenario",
+    "view_solution",
+    "view_storedlibrary",
+    "view_threat",
+    "view_user",
+    "view_usergroup",
 ]
 
 DOMAIN_MANAGER_PERMISSIONS_LIST = [
-    "change_usergroup",
-    "view_usergroup",
-    "add_project",
-    "change_project",
-    "delete_project",
-    "view_project",
-    "add_riskassessment",
-    "view_riskassessment",
-    "change_riskassessment",
-    "delete_riskassessment",
     "add_appliedcontrol",
-    "view_appliedcontrol",
-    "change_appliedcontrol",
-    "delete_appliedcontrol",
+    "add_asset",
+    "add_complianceassessment",
+    "add_entity",
+    "add_entityassessment",
+    "add_evidence",
+    "add_folder",
     "add_policy",
-    "view_policy",
-    "change_policy",
-    "delete_policy",
-    "add_riskscenario",
-    "view_riskscenario",
-    "change_riskscenario",
-    "delete_riskscenario",
+    "add_project",
     "add_riskacceptance",
-    "view_riskacceptance",
-    "change_riskacceptance",
-    "delete_riskacceptance",
-    "add_asset",
-    "view_asset",
-    "change_asset",
-    "delete_asset",
+    "add_riskassessment",
+    "add_riskmatrix",
+    "add_riskscenario",
+    "add_solution",
     "add_threat",
-    "view_threat",
-    "change_threat",
-    "delete_threat",
-    "view_referencecontrol",
-    "view_folder",
+    "change_appliedcontrol",
+    "change_asset",
+    "change_complianceassessment",
+    "change_entity",
+    "change_entityassessment",
+    "change_evidence",
     "change_folder",
-    "add_riskmatrix",
-    "view_riskmatrix",
+    "change_policy",
+    "change_project",
+    "change_referencecontrol",
+    "change_representative",
+    "change_requirementassessment",
+    "change_riskacceptance",
+    "change_riskassessment",
     "change_riskmatrix",
+    "change_riskscenario",
+    "change_solution",
+    "change_threat",
+    "delete_appliedcontrol",
+    "delete_asset",
+    "delete_complianceassessment",
+    "delete_entity",
+    "delete_entityassessment",
+    "delete_evidence",
+    "delete_folder",
+    "delete_policy",
+    "delete_project",
+    "delete_referencecontrol",
+    "delete_representative",
+    "delete_riskacceptance",
+    "delete_riskassessment",
     "delete_riskmatrix",
-    "add_complianceassessment",
+    "delete_riskscenario",
+    "delete_solution",
+    "delete_threat",
+    "view_appliedcontrol",
+    "view_asset",
     "view_complianceassessment",
-    "change_complianceassessment",
-    "delete_complianceassessment",
-    "view_requirementassessment",
-    "change_requirementassessment",
-    "add_evidence",
+    "view_entity",
+    "view_entityassessment",
     "view_evidence",
-    "change_evidence",
-    "delete_evidence",
-    "view_requirementnode",
+    "view_folder",
     "view_framework",
-    "view_storedlibrary",
     "view_loadedlibrary",
-    "view_user",
-    "view_requirementmappingset",
+    "view_policy",
+    "view_project",
+    "view_referencecontrol",
+    "view_representative",
+    "view_requirementassessment",
     "view_requirementmapping",
+    "view_requirementmappingset",
+    "view_requirementnode",
+    "view_riskacceptance",
+    "view_riskassessment",
+    "view_riskmatrix",
+    "view_riskscenario",
+    "view_solution",
+    "view_storedlibrary",
+    "view_threat",
+    "view_user",
+    "view_usergroup",
 ]
 
 ADMINISTRATOR_PERMISSIONS_LIST = [
diff --git a/backend/core/views.py b/backend/core/views.py
index 892264fee..b5f901bee 100644
--- a/backend/core/views.py
+++ b/backend/core/views.py
@@ -1156,32 +1156,12 @@ def org_tree(self, request):
             object_type=Folder,
         )
         folders_list = list()
-        for folder in Folder.objects.exclude(content_type="GL").filter(
-            id__in=viewable_objects
+        for folder in (
+            Folder.objects.exclude(content_type="GL")
+            .filter(id__in=viewable_objects, parent_folder=Folder.get_root_folder())
+            .distinct()
         ):
-            entry = {"name": folder.name}
-            children = []
-            for project in Project.objects.filter(folder=folder):
-                children.append(
-                    {
-                        "name": project.name,
-                        "children": [
-                            {
-                                "name": "audits",
-                                "value": ComplianceAssessment.objects.filter(
-                                    project=project
-                                ).count(),
-                            },
-                            {
-                                "name": "risk assessments",
-                                "value": RiskAssessment.objects.filter(
-                                    project=project
-                                ).count(),
-                            },
-                        ],
-                    }
-                )
-            entry.update({"children": children})
+            entry = {"name": folder.name, "children": get_folder_content(folder)}
             folders_list.append(entry)
         tree.update({"children": folders_list})
 
diff --git a/backend/library/management/commands/storelibraries.py b/backend/library/management/commands/storelibraries.py
index 4ac126240..617c74877 100644
--- a/backend/library/management/commands/storelibraries.py
+++ b/backend/library/management/commands/storelibraries.py
@@ -1,12 +1,14 @@
 from pathlib import Path
 
-import structlog
+import structlog, signal
 from ciso_assistant.settings import LIBRARIES_PATH
 from core.models import StoredLibrary
 from django.core.management.base import BaseCommand
 
 logger = structlog.getLogger(__name__)
 
+signal.signal(signal.SIGINT, signal.SIG_DFL)
+
 
 class Command(BaseCommand):
     help = "Store libraries in the database"
diff --git a/enterprise/frontend/src/lib/components/Forms/ModelForm.svelte b/enterprise/frontend/src/lib/components/Forms/ModelForm.svelte
deleted file mode 100644
index 1ca3994eb..000000000
--- a/enterprise/frontend/src/lib/components/Forms/ModelForm.svelte
+++ /dev/null
@@ -1,1418 +0,0 @@
-<script lang="ts">
-	import { onDestroy } from 'svelte';
-
-	import Checkbox from '$lib/components/Forms/Checkbox.svelte';
-	import SuperForm from '$lib/components/Forms/Form.svelte';
-	import TextArea from '$lib/components/Forms/TextArea.svelte';
-	import TextField from '$lib/components/Forms/TextField.svelte';
-	import NumberField from '$lib/components/Forms/NumberField.svelte';
-
-	import AutocompleteSelect from './AutocompleteSelect.svelte';
-	import Select from './Select.svelte';
-
-	import { getOptions } from '$lib/utils/crud';
-	import { modelSchema } from '$lib/utils/schemas';
-	import type { ModelInfo, urlModel, CacheLock } from '$lib/utils/types';
-	import type { SuperValidated } from 'sveltekit-superforms';
-	import type { AnyZodObject } from 'zod';
-	import HiddenInput from './HiddenInput.svelte';
-	import FileInput from './FileInput.svelte';
-	import { browser } from '$app/environment';
-	import { page } from '$app/stores';
-	import * as m from '$paraglide/messages.js';
-	import { zod } from 'sveltekit-superforms/adapters';
-	import { getSecureRedirect } from '$lib/utils/helpers';
-	import { Accordion, AccordionItem } from '@skeletonlabs/skeleton';
-	import { createModalCache } from '$lib/utils/stores';
-	import Score from './Score.svelte';
-	export let form: SuperValidated<AnyZodObject>;
-	export let invalidateAll = true; // set to false to keep form data using muliple forms on a page
-	export let model: ModelInfo;
-	export let context = 'default';
-	export let caching: boolean = false;
-	export let closeModal = false;
-	export let parent: any;
-	export let suggestions: { [key: string]: any } = {};
-	export let cancelButton = true;
-	export let riskAssessmentDuplication = false;
-
-	const URLModel = model.urlModel as urlModel;
-	export let schema = modelSchema(URLModel);
-	export let object: Record<string, any> = {};
-
-	function cancel(): void {
-		if (browser) {
-			var currentUrl = window.location.href;
-			var url = new URL(currentUrl);
-			var nextValue = getSecureRedirect(url.searchParams.get('next'));
-			if (nextValue) window.location.href = nextValue;
-		}
-	}
-	$: shape = schema.shape || schema._def.schema.shape;
-	let updated_fields = new Set();
-
-	function makeCacheLock(): CacheLock {
-		let resolve: (_: any) => any = (_) => _;
-		const promise = new Promise((res) => {
-			resolve = res;
-		});
-		return { resolve, promise };
-	}
-
-	let cacheLocks = {};
-	$: if (shape)
-		cacheLocks = Object.keys(shape).reduce((acc, field) => {
-			acc[field] = makeCacheLock();
-			return acc;
-		}, {});
-
-	let formDataCache = {};
-	let urlModelFromPage;
-
-	$: if ($page) {
-		urlModelFromPage = `${$page.url}`.replace(/^.*:\/\/[^/]+/, '');
-		createModalCache.setModelName(urlModelFromPage);
-		if (caching) {
-			createModalCache.data[model.urlModel] ??= {};
-			formDataCache = createModalCache.data[model.urlModel];
-		}
-	}
-
-	$: if (caching) {
-		for (const key of Object.keys(cacheLocks)) {
-			cacheLocks[key].resolve(formDataCache[key]);
-		}
-	}
-
-	onDestroy(() => {
-		createModalCache.garbageCollect();
-	});
-</script>
-
-<SuperForm
-	class="flex flex-col space-y-3"
-	dataType={shape.attachment ? 'form' : 'json'}
-	enctype={shape.attachment ? 'multipart/form-data' : 'application/x-www-form-urlencoded'}
-	data={form}
-	{invalidateAll}
-	let:form
-	let:data
-	let:initialData
-	validators={zod(schema)}
-	onUpdated={() => createModalCache.deleteCache(model.urlModel)}
-	{...$$restProps}
->
-	<input type="hidden" name="urlmodel" value={model.urlModel} />
-	<!--NOTE: Not the cleanest pattern, will refactor-->
-	<!--TODO: Refactor-->
-	{#if shape.reference_control}
-		<AutocompleteSelect
-			{form}
-			options={getOptions({
-				objects: model.foreignKeys['reference_control'],
-				extra_fields: [['folder', 'str']],
-				suggestions: suggestions['reference_control'],
-				label: 'auto' // convention for automatic label calculation
-			})}
-			field="reference_control"
-			cacheLock={cacheLocks['reference_control']}
-			bind:cachedValue={formDataCache['reference_control']}
-			label={m.referenceControl()}
-			nullable={true}
-			on:change={async (e) => {
-				if (e.detail) {
-					await fetch(`/reference-controls/${e.detail}`)
-						.then((r) => r.json())
-						.then((r) => {
-							form.form.update((currentData) => {
-								if (
-									context === 'edit' &&
-									currentData['reference_control'] === initialData['reference_control'] &&
-									!updated_fields.has('reference_control')
-								) {
-									return currentData; // Keep the current values in the edit form.
-								}
-								updated_fields.add('reference_control');
-								return { ...currentData, category: r.category, csf_function: r.csf_function };
-							});
-						});
-				}
-			}}
-		/>
-	{/if}
-	{#if shape.name}
-		<TextField
-			{form}
-			field="name"
-			label={m.name()}
-			cacheLock={cacheLocks['name']}
-			bind:cachedValue={formDataCache['name']}
-			data-focusindex="0"
-		/>
-	{/if}
-	{#if shape.description}
-		<TextArea
-			{form}
-			field="description"
-			label={m.description()}
-			cacheLock={cacheLocks['description']}
-			bind:cachedValue={formDataCache['description']}
-			data-focusindex="1"
-		/>
-	{/if}
-	{#if URLModel === 'projects'}
-		<AutocompleteSelect
-			{form}
-			options={getOptions({ objects: model.foreignKeys['folder'] })}
-			field="folder"
-			cacheLock={cacheLocks['folder']}
-			bind:cachedValue={formDataCache['folder']}
-			label={m.domain()}
-			hidden={initialData.folder}
-		/>
-		<TextField
-			{form}
-			field="internal_reference"
-			label={m.internalReference()}
-			cacheLock={cacheLocks['internal_reference']}
-			bind:cachedValue={formDataCache['internal_reference']}
-		/>
-		<Select
-			{form}
-			options={model.selectOptions['lc_status']}
-			field="lc_status"
-			label={m.lcStatus()}
-			cacheLock={cacheLocks['lc_status']}
-			bind:cachedValue={formDataCache['lc_status']}
-		/>
-	{:else if URLModel === 'folders'}
-		<AutocompleteSelect
-			{form}
-			options={getOptions({ objects: model.foreignKeys['parent_folder'] })}
-			field="parent_folder"
-			cacheLock={cacheLocks['parent_folder']}
-			bind:cachedValue={formDataCache['parent_folder']}
-			label={m.parentDomain()}
-			hide={initialData.parent_folder}
-		/>
-	{:else if URLModel === 'risk-assessments' || URLModel === 'risk-assessment-duplicate'}
-		<AutocompleteSelect
-			{form}
-			options={getOptions({
-				objects: model.foreignKeys['project'],
-				extra_fields: [['folder', 'str']]
-			})}
-			field="project"
-			cacheLock={cacheLocks['project']}
-			bind:cachedValue={formDataCache['project']}
-			label={m.project()}
-			hidden={initialData.project}
-		/>
-		<TextField
-			{form}
-			field="version"
-			label={m.version()}
-			cacheLock={cacheLocks['version']}
-			bind:cachedValue={formDataCache['version']}
-		/>
-		{#if !riskAssessmentDuplication}
-			<Select
-				{form}
-				options={model.selectOptions['status']}
-				field="status"
-				hide
-				label={m.status()}
-				cacheLock={cacheLocks['status']}
-				bind:cachedValue={formDataCache['status']}
-			/>
-			<AutocompleteSelect
-				{form}
-				disabled={object.id}
-				options={getOptions({ objects: model.foreignKeys['risk_matrix'] })}
-				field="risk_matrix"
-				cacheLock={cacheLocks['risk_matrix']}
-				bind:cachedValue={formDataCache['risk_matrix']}
-				label={m.riskMatrix()}
-				helpText={m.riskAssessmentMatrixHelpText()}
-			/>
-			<AutocompleteSelect
-				{form}
-				multiple
-				options={getOptions({ objects: model.foreignKeys['authors'], label: 'email' })}
-				field="authors"
-				cacheLock={cacheLocks['authors']}
-				bind:cachedValue={formDataCache['authors']}
-				label={m.authors()}
-			/>
-			<AutocompleteSelect
-				{form}
-				multiple
-				options={getOptions({ objects: model.foreignKeys['reviewers'], label: 'email' })}
-				field="reviewers"
-				cacheLock={cacheLocks['reviewers']}
-				bind:cachedValue={formDataCache['reviewers']}
-				label={m.reviewers()}
-			/>
-			<TextField
-				type="date"
-				{form}
-				field="eta"
-				label={m.eta()}
-				helpText={m.etaHelpText()}
-				cacheLock={cacheLocks['eta']}
-				bind:cachedValue={formDataCache['eta']}
-			/>
-			<TextField
-				type="date"
-				{form}
-				field="due_date"
-				label={m.dueDate()}
-				helpText={m.dueDateHelpText()}
-				cacheLock={cacheLocks['due_date']}
-				bind:cachedValue={formDataCache['due_date']}
-			/>
-			<TextArea
-				{form}
-				field="observation"
-				label={m.observation()}
-				cacheLock={cacheLocks['observation']}
-				bind:cachedValue={formDataCache['observation']}
-			/>
-		{/if}
-	{:else if URLModel === 'threats'}
-		<AutocompleteSelect
-			{form}
-			options={getOptions({ objects: model.foreignKeys['folder'] })}
-			field="folder"
-			cacheLock={cacheLocks['folder']}
-			bind:cachedValue={formDataCache['folder']}
-			label={m.domain()}
-			hidden={initialData.folder}
-		/>
-		<TextField
-			{form}
-			field="ref_id"
-			label={m.ref()}
-			cacheLock={cacheLocks['ref_id']}
-			bind:cachedValue={formDataCache['ref_id']}
-		/>
-		<TextArea
-			{form}
-			field="annotation"
-			label={m.annotation()}
-			cacheLock={cacheLocks['annotation']}
-			bind:cachedValue={formDataCache['annotation']}
-		/>
-		<TextField
-			{form}
-			field="provider"
-			label={m.provider()}
-			cacheLock={cacheLocks['provider']}
-			bind:cachedValue={formDataCache['provider']}
-		/>
-	{:else if URLModel === 'risk-scenarios'}
-		<AutocompleteSelect
-			{form}
-			options={getOptions({
-				objects: model.foreignKeys['risk_assessment'],
-				label: 'str',
-				extra_fields: [['project', 'str']]
-			})}
-			field="risk_assessment"
-			cacheLock={cacheLocks['risk_assessment']}
-			bind:cachedValue={formDataCache['risk_assessment']}
-			label={m.riskAssessment()}
-			hidden={initialData.risk_assessment}
-		/>
-		<AutocompleteSelect
-			{form}
-			multiple
-			options={getOptions({
-				objects: model.foreignKeys['threats'],
-				extra_fields: [['folder', 'str']],
-				label: 'auto' // convention for automatic label calculation
-			})}
-			field="threats"
-			cacheLock={cacheLocks['threats']}
-			bind:cachedValue={formDataCache['threats']}
-			label={m.threats()}
-		/>
-	{:else if URLModel === 'applied-controls' || URLModel === 'policies'}
-		{#if schema.shape.category}
-			<Select
-				{form}
-				options={model.selectOptions['category']}
-				field="category"
-				label={m.category()}
-				cacheLock={cacheLocks['category']}
-				bind:cachedValue={formDataCache['category']}
-			/>
-		{/if}
-		<Select
-			{form}
-			options={model.selectOptions['csf_function']}
-			field="csf_function"
-			label={m.csfFunction()}
-			cacheLock={cacheLocks['csf_function']}
-			bind:cachedValue={formDataCache['csf_function']}
-		/>
-		<AutocompleteSelect
-			{form}
-			multiple
-			options={getOptions({ objects: model.foreignKeys['owner'], label: 'email' })}
-			field="owner"
-			cacheLock={cacheLocks['owner']}
-			bind:cachedValue={formDataCache['owner']}
-			label={m.owner()}
-		/>
-		<Select
-			{form}
-			options={model.selectOptions['status']}
-			field="status"
-			label={m.status()}
-			cacheLock={cacheLocks['status']}
-			bind:cachedValue={formDataCache['status']}
-		/>
-		<AutocompleteSelect
-			{form}
-			multiple
-			options={getOptions({
-				objects: model.foreignKeys['evidences'],
-				extra_fields: [['folder', 'str']]
-			})}
-			field="evidences"
-			cacheLock={cacheLocks['evidences']}
-			bind:cachedValue={formDataCache['evidences']}
-			label={m.evidences()}
-		/>
-		<TextField
-			type="date"
-			{form}
-			field="eta"
-			label={m.eta()}
-			helpText={m.etaHelpText()}
-			cacheLock={cacheLocks['eta']}
-			bind:cachedValue={formDataCache['eta']}
-		/>
-		<TextField
-			type="date"
-			{form}
-			field="expiry_date"
-			label={m.expiryDate()}
-			helpText={m.expiryDateHelpText()}
-			cacheLock={cacheLocks['expiry_date']}
-			bind:cachedValue={formDataCache['expiry_date']}
-		/>
-		<TextField
-			{form}
-			field="link"
-			label={m.link()}
-			helpText={m.linkHelpText()}
-			cacheLock={cacheLocks['link']}
-			bind:cachedValue={formDataCache['link']}
-		/>
-		<Select
-			{form}
-			options={model.selectOptions['effort']}
-			field="effort"
-			label={m.effort()}
-			helpText={m.effortHelpText()}
-			cacheLock={cacheLocks['effort']}
-			bind:cachedValue={formDataCache['effort']}
-		/>
-		<NumberField
-			{form}
-			field="cost"
-			label={m.cost()}
-			helpText={m.costHelpText()}
-			cacheLock={cacheLocks['cost']}
-			bind:cachedValue={formDataCache['cost']}
-		/>
-		<AutocompleteSelect
-			{form}
-			options={getOptions({ objects: model.foreignKeys['folder'] })}
-			field="folder"
-			cacheLock={cacheLocks['folder']}
-			bind:cachedValue={formDataCache['folder']}
-			label={m.domain()}
-			hidden={initialData.folder}
-		/>
-	{:else if URLModel === 'risk-acceptances'}
-		<TextField
-			{form}
-			type="date"
-			field="expiry_date"
-			label={m.expiryDate()}
-			helpText={m.expiryDateHelpText()}
-			cacheLock={cacheLocks['expiry_date']}
-			bind:cachedValue={formDataCache['expiry_date']}
-		/>
-		{#if object.id && $page.data.user.id === object.approver}
-			<TextArea
-				disabled={$page.data.user.id !== object.approver}
-				{form}
-				field="justification"
-				label={m.justification()}
-				helpText={m.riskAcceptanceJusitficationHelpText()}
-				cacheLock={cacheLocks['justification']}
-				bind:cachedValue={formDataCache['justification']}
-			/>
-		{/if}
-		<AutocompleteSelect
-			{form}
-			options={getOptions({ objects: model.foreignKeys['folder'] })}
-			field="folder"
-			cacheLock={cacheLocks['folder']}
-			bind:cachedValue={formDataCache['folder']}
-			label={m.domain()}
-			hidden={initialData.folder}
-		/>
-		<AutocompleteSelect
-			{form}
-			options={getOptions({ objects: model.foreignKeys['approver'], label: 'email' })}
-			field="approver"
-			cacheLock={cacheLocks['approver']}
-			bind:cachedValue={formDataCache['approver']}
-			label={m.approver()}
-			helpText={m.approverHelpText()}
-		/>
-		<AutocompleteSelect
-			{form}
-			options={getOptions({
-				objects: model.foreignKeys['risk_scenarios'],
-				extra_fields: [
-					['project', 'str'],
-					['risk_assessment', 'str']
-				]
-			})}
-			field="risk_scenarios"
-			cacheLock={cacheLocks['risk_scenarios']}
-			bind:cachedValue={formDataCache['risk_scenarios']}
-			label={m.riskScenarios()}
-			helpText={m.riskAcceptanceRiskScenariosHelpText()}
-			multiple
-		/>
-	{:else if URLModel === 'reference-controls'}
-		<TextField
-			{form}
-			field="ref_id"
-			label={m.ref()}
-			cacheLock={cacheLocks['ref_id']}
-			bind:cachedValue={formDataCache['ref_id']}
-		/>
-		<Select
-			{form}
-			options={model.selectOptions['category']}
-			field="category"
-			label={m.category()}
-			cacheLock={cacheLocks['category']}
-			bind:cachedValue={formDataCache['category']}
-		/>
-		<Select
-			{form}
-			options={model.selectOptions['csf_function']}
-			field="csf_function"
-			label={m.csfFunction()}
-			cacheLock={cacheLocks['csf_function']}
-			bind:cachedValue={formDataCache['csf_function']}
-		/>
-		<TextArea
-			{form}
-			field="annotation"
-			label={m.annotation()}
-			cacheLock={cacheLocks['annotation']}
-			bind:cachedValue={formDataCache['annotation']}
-		/>
-		<TextField
-			{form}
-			field="provider"
-			label={m.provider()}
-			cacheLock={cacheLocks['provider']}
-			bind:cachedValue={formDataCache['provider']}
-		/>
-		<AutocompleteSelect
-			{form}
-			options={getOptions({ objects: model.foreignKeys['folder'] })}
-			field="folder"
-			cacheLock={cacheLocks['folder']}
-			bind:cachedValue={formDataCache['folder']}
-			label={m.domain()}
-			hidden={initialData.folder}
-		/>
-	{:else if URLModel === 'evidences'}
-		<HiddenInput {form} field="applied_controls" />
-		<HiddenInput {form} field="requirement_assessments" />
-		<FileInput
-			{form}
-			allowPaste={true}
-			helpText={object.attachment
-				? `${m.attachmentWarningText()}: ${object.attachment}`
-				: m.attachmentHelpText()}
-			field="attachment"
-			label={m.attachment()}
-		/>
-		{#if !(initialData.applied_controls || initialData.requirement_assessments)}
-			<AutocompleteSelect
-				{form}
-				options={getOptions({ objects: model.foreignKeys['folder'] })}
-				field="folder"
-				cacheLock={cacheLocks['folder']}
-				bind:cachedValue={formDataCache['folder']}
-				label={m.domain()}
-				hidden={initialData.applied_controls || initialData.requirement_assessments}
-			/>
-		{:else}
-			<HiddenInput {form} field="folder" />
-		{/if}
-		<TextField
-			{form}
-			field="link"
-			label={m.link()}
-			helpText={m.linkHelpText()}
-			cacheLock={cacheLocks['link']}
-			bind:cachedValue={formDataCache['link']}
-		/>
-	{:else if URLModel === 'compliance-assessments'}
-		{#if context === 'fromBaseline' && initialData.baseline}
-			<AutocompleteSelect
-				{form}
-				field="baseline"
-				cacheLock={cacheLocks['baseline']}
-				bind:cachedValue={formDataCache['baseline']}
-				label={m.baseline()}
-				options={getOptions({ objects: model.foreignKeys['baseline'] })}
-			/>
-		{/if}
-		<AutocompleteSelect
-			{form}
-			options={getOptions({
-				objects: model.foreignKeys['project'],
-				extra_fields: [['folder', 'str']]
-			})}
-			field="project"
-			cacheLock={cacheLocks['project']}
-			bind:cachedValue={formDataCache['project']}
-			label={m.project()}
-			hidden={initialData.project}
-		/>
-		<TextField
-			{form}
-			field="version"
-			label={m.version()}
-			cacheLock={cacheLocks['version']}
-			bind:cachedValue={formDataCache['version']}
-		/>
-		<Select
-			{form}
-			options={model.selectOptions['status']}
-			field="status"
-			label={m.status()}
-			cacheLock={cacheLocks['status']}
-			bind:cachedValue={formDataCache['status']}
-		/>
-		<AutocompleteSelect
-			{form}
-			disabled={object.id}
-			options={getOptions({ objects: model.foreignKeys['framework'] })}
-			field="framework"
-			cacheLock={cacheLocks['framework']}
-			bind:cachedValue={formDataCache['framework']}
-			label={m.framework()}
-			on:change={async (e) => {
-				if (e.detail) {
-					await fetch(`/frameworks/${e.detail}`)
-						.then((r) => r.json())
-						.then((r) => {
-							const implementation_groups = r['implementation_groups_definition'] || [];
-							model.selectOptions['selected_implementation_groups'] = implementation_groups.map(
-								(group) => ({ label: group.name, value: group.ref_id })
-							);
-						});
-				}
-			}}
-		/>
-		{#if model.selectOptions['selected_implementation_groups'] && model.selectOptions['selected_implementation_groups'].length}
-			<AutocompleteSelect
-				multiple
-				translateOptions={false}
-				{form}
-				options={model.selectOptions['selected_implementation_groups']}
-				field="selected_implementation_groups"
-				cacheLock={cacheLocks['selected_implementation_groups']}
-				bind:cachedValue={formDataCache['selected_implementation_groups']}
-				label={m.selectedImplementationGroups()}
-			/>
-		{/if}
-		<AutocompleteSelect
-			{form}
-			multiple
-			options={getOptions({ objects: model.foreignKeys['authors'], label: 'email' })}
-			field="authors"
-			cacheLock={cacheLocks['authors']}
-			bind:cachedValue={formDataCache['authors']}
-			label={m.authors()}
-		/>
-		<AutocompleteSelect
-			{form}
-			multiple
-			options={getOptions({ objects: model.foreignKeys['reviewers'], label: 'email' })}
-			field="reviewers"
-			cacheLock={cacheLocks['reviewers']}
-			bind:cachedValue={formDataCache['reviewers']}
-			label={m.reviewers()}
-		/>
-		<TextField
-			type="date"
-			{form}
-			field="eta"
-			label={m.eta()}
-			helpText={m.etaHelpText()}
-			cacheLock={cacheLocks['eta']}
-			bind:cachedValue={formDataCache['eta']}
-		/>
-		<TextField
-			type="date"
-			{form}
-			field="due_date"
-			label={m.dueDate()}
-			helpText={m.dueDateHelpText()}
-			cacheLock={cacheLocks['due_date']}
-			bind:cachedValue={formDataCache['due_date']}
-		/>
-		<TextArea
-			{form}
-			field="observation"
-			label={m.observation()}
-			cacheLock={cacheLocks['observation']}
-			bind:cachedValue={formDataCache['observation']}
-		/>
-	{:else if URLModel === 'assets'}
-		<TextArea
-			{form}
-			field="business_value"
-			label={m.businessValue()}
-			cacheLock={cacheLocks['business_value']}
-			bind:cachedValue={formDataCache['business_value']}
-		/>
-		<AutocompleteSelect
-			{form}
-			options={getOptions({ objects: model.foreignKeys['folder'] })}
-			field="folder"
-			cacheLock={cacheLocks['folder']}
-			bind:cachedValue={formDataCache['folder']}
-			label={m.domain()}
-			hidden={initialData.folder}
-		/>
-		<Select
-			{form}
-			options={model.selectOptions['type']}
-			field="type"
-			label="Type"
-			cacheLock={cacheLocks['type']}
-			bind:cachedValue={formDataCache['type']}
-		/>
-		<AutocompleteSelect
-			disabled={data.type === 'PR'}
-			multiple
-			{form}
-			options={getOptions({ objects: model.foreignKeys['parent_assets'], self: object })}
-			field="parent_assets"
-			cacheLock={cacheLocks['parent_assets']}
-			bind:cachedValue={formDataCache['parent_assets']}
-			label={m.parentAssets()}
-		/>
-	{:else if URLModel === 'requirement-assessments'}
-		<Select
-			{form}
-			options={model.selectOptions['status']}
-			field="status"
-			label={m.status()}
-			cacheLock={cacheLocks['status']}
-			bind:cachedValue={formDataCache['status']}
-		/>
-		<Select
-			{form}
-			options={model.selectOptions['result']}
-			field="result"
-			label={m.result()}
-			cacheLock={cacheLocks['result']}
-			bind:cachedValue={formDataCache['result']}
-		/>
-		<TextArea
-			{form}
-			field="observation"
-			label={m.observation()}
-			cacheLock={cacheLocks['observation']}
-			bind:cachedValue={formDataCache['observation']}
-		/>
-		<HiddenInput {form} field="folder" />
-		<HiddenInput {form} field="requirement" />
-		<HiddenInput {form} field="compliance_assessment" />
-	{:else if URLModel === 'entities'}
-		<TextArea
-			{form}
-			field="mission"
-			label={m.mission()}
-			cacheLock={cacheLocks['mission']}
-			bind:cachedValue={formDataCache['mission']}
-		/>
-		<TextField
-			{form}
-			field="reference_link"
-			label={m.referenceLink()}
-			helpText={m.linkHelpText()}
-			cacheLock={cacheLocks['reference_link']}
-			bind:cachedValue={formDataCache['reference_link']}
-		/>
-		<AutocompleteSelect
-			{form}
-			options={getOptions({ objects: model.foreignKeys['folder'] })}
-			field="folder"
-			cacheLock={cacheLocks['folder']}
-			bind:cachedValue={formDataCache['folder']}
-			label={m.domain()}
-			hidden={initialData.folder}
-		/>
-	{:else if URLModel === 'entity-assessments'}
-		<AutocompleteSelect
-			{form}
-			options={getOptions({ objects: model.foreignKeys['project'] })}
-			field="project"
-			cacheLock={cacheLocks['project']}
-			bind:cachedValue={formDataCache['project']}
-			label={m.project()}
-			hidden={initialData.project}
-		/>
-		{#if !data.compliance_assessment}
-			<Checkbox
-				{form}
-				field="create_audit"
-				label={m.createAudit()}
-				helpText={m.createAuditHelpText()}
-			/>
-			<AutocompleteSelect
-				{form}
-				disabled={!data.create_audit}
-				mandatory
-				hidden={!data.create_audit}
-				options={getOptions({ objects: model.foreignKeys['framework'] })}
-				field="framework"
-				cacheLock={cacheLocks['framework']}
-				bind:cachedValue={formDataCache['framework']}
-				label={m.framework()}
-				on:change={async (e) => {
-					if (e.detail) {
-						await fetch(`/frameworks/${e.detail}`)
-							.then((r) => r.json())
-							.then((r) => {
-								const implementation_groups = r['implementation_groups_definition'] || [];
-								model.selectOptions['selected_implementation_groups'] = implementation_groups.map(
-									(group) => ({ label: group.name, value: group.ref_id })
-								);
-							});
-					}
-				}}
-			/>
-			{#if model.selectOptions['selected_implementation_groups'] && model.selectOptions['selected_implementation_groups'].length}
-				<AutocompleteSelect
-					multiple
-					translateOptions={false}
-					{form}
-					options={model.selectOptions['selected_implementation_groups']}
-					field="selected_implementation_groups"
-					cacheLock={cacheLocks['selected_implementation_groups']}
-					bind:cachedValue={formDataCache['selected_implementation_groups']}
-					label={m.selectedImplementationGroups()}
-				/>
-			{/if}
-		{/if}
-		<AutocompleteSelect
-			{form}
-			options={getOptions({ objects: model.foreignKeys['entity'] })}
-			field="entity"
-			cacheLock={cacheLocks['entity']}
-			bind:cachedValue={formDataCache['entity']}
-			label={m.entity()}
-			hidden={initialData.entity}
-		/>
-		<AutocompleteSelect
-			{form}
-			multiple
-			options={getOptions({ objects: model.foreignKeys['solutions'] })}
-			field="solutions"
-			cacheLock={cacheLocks['solutions']}
-			bind:cachedValue={formDataCache['solutions']}
-			label={m.solutions()}
-		/>
-		<Score
-			{form}
-			label={m.criticality()}
-			field="criticality"
-			always_enabled={true}
-			inversedColors
-			fullDonut
-			min_score={1}
-			max_score={4}
-		/>
-		<Select
-			{form}
-			options={model.selectOptions['status']}
-			field="status"
-			label={m.status()}
-			cacheLock={cacheLocks['status']}
-			bind:cachedValue={formDataCache['status']}
-		/>
-		<TextField
-			{form}
-			field="version"
-			label={m.version()}
-			cacheLock={cacheLocks['version']}
-			bind:cachedValue={formDataCache['version']}
-		/>
-		<TextField
-			{form}
-			field="reference_link"
-			label={m.referenceLink()}
-			helpText={m.linkHelpText()}
-			cacheLock={cacheLocks['reference_link']}
-			bind:cachedValue={formDataCache['reference_link']}
-		/>
-		<TextField
-			type="date"
-			{form}
-			field="eta"
-			label={m.eta()}
-			helpText={m.etaHelpText()}
-			cacheLock={cacheLocks['eta']}
-			bind:cachedValue={formDataCache['eta']}
-		/>
-		<TextField
-			type="date"
-			{form}
-			field="due_date"
-			label={m.dueDate()}
-			helpText={m.dueDateHelpText()}
-			cacheLock={cacheLocks['due_date']}
-			bind:cachedValue={formDataCache['due_date']}
-		/>
-		<AutocompleteSelect
-			{form}
-			multiple
-			options={getOptions({ objects: model.foreignKeys['authors'], label: 'email' })}
-			field="authors"
-			cacheLock={cacheLocks['authors']}
-			bind:cachedValue={formDataCache['authors']}
-			label={m.authors()}
-		/>
-		<AutocompleteSelect
-			{form}
-			multiple
-			options={getOptions({ objects: model.foreignKeys['reviewers'], label: 'email' })}
-			field="reviewers"
-			cacheLock={cacheLocks['reviewers']}
-			bind:cachedValue={formDataCache['reviewers']}
-			label={m.reviewers()}
-		/>
-		<AutocompleteSelect
-			{form}
-			options={getOptions({ objects: model.foreignKeys['compliance_assessment'] })}
-			field="compliance_assessment"
-			cacheLock={cacheLocks['compliance_assessment']}
-			bind:cachedValue={formDataCache['compliance_assessment']}
-			label={m.complianceAssessment()}
-			disabled={data.create_audit}
-			hidden={data.create_audit}
-		/>
-		<AutocompleteSelect
-			{form}
-			options={getOptions({
-				objects: model.foreignKeys['evidence'],
-				extra_fields: [['folder', 'str']]
-			})}
-			field="evidence"
-			cacheLock={cacheLocks['evidence']}
-			bind:cachedValue={formDataCache['evidence']}
-			label={m.evidence()}
-		/>
-		<Select
-			{form}
-			options={model.selectOptions['conclusion']}
-			field="conclusion"
-			label={m.conclusion()}
-			cacheLock={cacheLocks['conclusion']}
-			bind:cachedValue={formDataCache['conclusion']}
-		/>
-		<TextArea
-			{form}
-			field="observation"
-			label={m.observation()}
-			cacheLock={cacheLocks['observation']}
-			bind:cachedValue={formDataCache['observation']}
-		/>
-		<!-- <Score {form} label={m.penetration()} field="penetration" always_enabled={true} inversedColors fullDonut max_score={5} />
-		<Score {form} label={m.dependency()} field="dependency" always_enabled={true} inversedColors fullDonut max_score={5} />
-		<Score {form} label={m.maturity()} field="maturity" always_enabled={true} inversedColors fullDonut max_score={5} />
-		<Score {form} label={m.trust()} field="trust" always_enabled={true} inversedColors fullDonut max_score={5} /> -->
-	{:else if URLModel === 'solutions'}
-		<AutocompleteSelect
-			{form}
-			options={getOptions({ objects: model.foreignKeys['provider_entity'] })}
-			field="provider_entity"
-			cacheLock={cacheLocks['provider_entity']}
-			bind:cachedValue={formDataCache['provider_entity']}
-			label={m.providerEntity()}
-			hidden={initialData.provider_entity}
-		/>
-		<TextField
-			{form}
-			field="ref_id"
-			label={m.ref()}
-			cacheLock={cacheLocks['ref_id']}
-			bind:cachedValue={formDataCache['ref_id']}
-		/>
-		<Score
-			{form}
-			label={m.criticality()}
-			field="criticality"
-			always_enabled={true}
-			inversedColors
-			fullDonut
-			min_score={1}
-			max_score={4}
-		/>
-	{:else if URLModel === 'representatives'}
-		<TextField
-			{form}
-			field="email"
-			label={m.email()}
-			cacheLock={cacheLocks['email']}
-			bind:cachedValue={formDataCache['email']}
-			data-focusindex="2"
-		/>
-		{#if !data.user}
-			<Checkbox
-				{form}
-				field="create_user"
-				label={m.createUser()}
-				helpText={m.createUserHelpText()}
-			/>
-		{/if}
-		<AutocompleteSelect
-			{form}
-			options={getOptions({ objects: model.foreignKeys['entity'] })}
-			field="entity"
-			cacheLock={cacheLocks['entity']}
-			bind:cachedValue={formDataCache['entity']}
-			label={m.entity()}
-		/>
-		<TextField
-			{form}
-			field="first_name"
-			label={m.firstName()}
-			cacheLock={cacheLocks['first_name']}
-			bind:cachedValue={formDataCache['first_name']}
-		/>
-		<TextField
-			{form}
-			field="last_name"
-			label={m.lastName()}
-			cacheLock={cacheLocks['last_name']}
-			bind:cachedValue={formDataCache['last_name']}
-		/>
-		<TextField
-			{form}
-			field="phone"
-			label={m.phone()}
-			cacheLock={cacheLocks['phone']}
-			bind:cachedValue={formDataCache['phone']}
-		/>
-		<TextField
-			{form}
-			field="role"
-			label={m.role()}
-			cacheLock={cacheLocks['role']}
-			bind:cachedValue={formDataCache['role']}
-		/>
-	{:else if URLModel === 'frameworks'}
-		<TextField
-			{form}
-			field="ref_id"
-			label={m.ref()}
-			cacheLock={cacheLocks['ref_id']}
-			bind:cachedValue={formDataCache['ref_id']}
-		/>
-		<Select
-			{form}
-			options={model.selectOptions['category']}
-			field="category"
-			label={m.category()}
-			cacheLock={cacheLocks['category']}
-			bind:cachedValue={formDataCache['category']}
-		/>
-	{:else if URLModel === 'users'}
-		<TextField
-			{form}
-			field="email"
-			label={m.email()}
-			cacheLock={cacheLocks['email']}
-			bind:cachedValue={formDataCache['email']}
-			data-focusindex="2"
-		/>
-		{#if shape.first_name && shape.last_name}
-			<TextField
-				{form}
-				field="first_name"
-				label={m.firstName()}
-				cacheLock={cacheLocks['first_name']}
-				bind:cachedValue={formDataCache['first_name']}
-			/>
-			<TextField
-				{form}
-				field="last_name"
-				label={m.lastName()}
-				cacheLock={cacheLocks['last_name']}
-				bind:cachedValue={formDataCache['last_name']}
-			/>
-		{/if}
-		{#if shape.user_groups}
-			<AutocompleteSelect
-				{form}
-				multiple
-				options={getOptions({ objects: model.foreignKeys['user_groups'] })}
-				field="user_groups"
-				cacheLock={cacheLocks['user_groups']}
-				bind:cachedValue={formDataCache['user_groups']}
-				label={m.userGroups()}
-			/>
-		{/if}
-		{#if shape.is_active}
-			<Checkbox {form} field="is_active" label={m.isActive()} helpText={m.isActiveHelpText()} />
-		{/if}
-	{:else if URLModel === 'sso-settings'}
-		<Accordion>
-			<Checkbox {form} field="is_enabled" label={m.enableSSO()} />
-			<AutocompleteSelect
-				{form}
-				hidden={model.selectOptions['provider'].length < 2}
-				field="provider"
-				cacheLock={cacheLocks['provider']}
-				bind:cachedValue={formDataCache['provider']}
-				options={model.selectOptions['provider']}
-				label={m.provider()}
-				disabled={!data.is_enabled}
-			/>
-			{#if data.provider !== 'saml'}
-				<AccordionItem open>
-					<svelte:fragment slot="summary">{m.IdPConfiguration()}</svelte:fragment>
-					<svelte:fragment slot="content">
-						<TextField
-							{form}
-							field="provider_name"
-							label={m.name()}
-							disabled={!data.is_enabled}
-							cacheLock={cacheLocks['provider_name']}
-							bind:cachedValue={formDataCache['provider_name']}
-						/>
-						<TextField
-							hidden
-							{form}
-							field="provider_id"
-							label={m.providerID()}
-							disabled={!data.is_enabled}
-							cacheLock={cacheLocks['provider_id']}
-							bind:cachedValue={formDataCache['provider_id']}
-						/>
-						<TextField
-							{form}
-							field="client_id"
-							label={m.clientID()}
-							helpText={m.clientIDHelpText()}
-							disabled={!data.is_enabled}
-							cacheLock={cacheLocks['client_id']}
-							bind:cachedValue={formDataCache['client_id']}
-						/>
-						{#if data.provider !== 'saml'}
-							<TextField
-								{form}
-								field="secret"
-								label={m.secret()}
-								helpText={m.secretHelpText()}
-								disabled={!data.is_enabled}
-								cacheLock={cacheLocks['secret']}
-								bind:cachedValue={formDataCache['secret']}
-							/>
-							<TextField
-								{form}
-								field="key"
-								label={m.key()}
-								disabled={!data.is_enabled}
-								cacheLock={cacheLocks['key']}
-								bind:cachedValue={formDataCache['key']}
-							/>
-						{/if}
-					</svelte:fragment>
-				</AccordionItem>
-			{/if}
-			{#if data.provider === 'saml'}
-				<AccordionItem open>
-					<svelte:fragment slot="summary"
-						><span class="font-semibold">{m.SAMLIdPConfiguration()}</span></svelte:fragment
-					>
-					<svelte:fragment slot="content">
-						<TextField
-							{form}
-							field="idp_entity_id"
-							label={m.IdPEntityID()}
-							required={data.provider === 'saml'}
-							disabled={!data.is_enabled}
-							cacheLock={cacheLocks['idp_entity_id']}
-							bind:cachedValue={formDataCache['idp_entity_id']}
-						/>
-						<p class="text-gray-600 text-sm">Option 1: Fill the metadata url</p>
-						<TextField
-							{form}
-							field="metadata_url"
-							label={m.metadataURL()}
-							disabled={!data.is_enabled}
-							cacheLock={cacheLocks['metadata_url']}
-							bind:cachedValue={formDataCache['metadata_url']}
-						/>
-						<div class="flex items-center justify-center w-full space-x-2">
-							<hr class="w-1/2 items-center bg-gray-200 border-0" />
-							<span class="flex items-center text-gray-600 text-sm">{m.or()}</span>
-							<hr class="w-1/2 items-center bg-gray-200 border-0" />
-						</div>
-						<p class="text-gray-600 text-sm">Option 2: Fill the SSO URL, SLO URL and x509cert</p>
-						<TextField
-							{form}
-							field="sso_url"
-							label={m.SSOURL()}
-							disabled={!data.is_enabled}
-							cacheLock={cacheLocks['sso_url']}
-							bind:cachedValue={formDataCache['sso_url']}
-						/>
-						<TextField
-							{form}
-							field="slo_url"
-							label={m.SLOURL()}
-							disabled={!data.is_enabled}
-							cacheLock={cacheLocks['slo_url']}
-							bind:cachedValue={formDataCache['slo_url']}
-						/>
-						<TextArea
-							{form}
-							field="x509cert"
-							label={m.x509Cert()}
-							disabled={!data.is_enabled}
-							cacheLock={cacheLocks['x509cert']}
-							bind:cachedValue={formDataCache['x509cert']}
-						/>
-					</svelte:fragment>
-				</AccordionItem>
-
-				<AccordionItem>
-					<svelte:fragment slot="summary"
-						><span class="font-semibold">{m.SPConfiguration()}</span></svelte:fragment
-					>
-					<svelte:fragment slot="content">
-						<TextField
-							{form}
-							field="sp_entity_id"
-							label={m.SPEntityID()}
-							required={data.provider === 'saml'}
-							disabled={!data.is_enabled}
-							cacheLock={cacheLocks['sp_entity_id']}
-							bind:cachedValue={formDataCache['sp_entity_id']}
-						/>
-					</svelte:fragment>
-				</AccordionItem>
-
-				<AccordionItem
-					><svelte:fragment slot="summary"
-						><span class="font-semibold">{m.advancedSettings()}</span></svelte:fragment
-					>
-					<svelte:fragment slot="content">
-						<TextField
-							{form}
-							field="attribute_mapping_uid"
-							label={m.attributeMappingUID()}
-							disabled={!data.is_enabled}
-							cacheLock={cacheLocks['attribute_mapping_uid']}
-							bind:cachedValue={formDataCache['attribute_mapping_uid']}
-						/>
-						<TextField
-							{form}
-							field="attribute_mapping_email_verified"
-							label={m.attributeMappingEmailVerified()}
-							disabled={!data.is_enabled}
-							cacheLock={cacheLocks['attribute_mapping_email_verified']}
-							bind:cachedValue={formDataCache['attribute_mapping_email_verified']}
-						/>
-						<TextField
-							{form}
-							field="attribute_mapping_email"
-							label={m.attributeMappingEmail()}
-							disabled={!data.is_enabled}
-							cacheLock={cacheLocks['attribute_mapping_email']}
-							bind:cachedValue={formDataCache['attribute_mapping_email']}
-						/>
-
-						<Checkbox
-							{form}
-							field="allow_repeat_attribute_name"
-							label={m.allowRepeatAttributeName()}
-							disabled={!data.is_enabled}
-						/>
-						<Checkbox
-							{form}
-							field="allow_single_label_domains"
-							label={m.allowSingleLabelDomains()}
-							disabled={!data.is_enabled}
-						/>
-						<Checkbox
-							{form}
-							field="authn_request_signed"
-							hidden
-							label={m.authnRequestSigned()}
-							disabled={!data.is_enabled}
-						/>
-						<TextField
-							{form}
-							field="digest_algorithm"
-							hidden
-							label={m.digestAlgorithm()}
-							disabled={!data.is_enabled}
-							cacheLock={cacheLocks['digest_algorithm']}
-							bind:cachedValue={formDataCache['digest_algorithm']}
-						/>
-						<Checkbox
-							{form}
-							field="logout_request_signed"
-							hidden
-							label={m.logoutRequestSigned()}
-							disabled={!data.is_enabled}
-						/>
-						<Checkbox
-							{form}
-							field="logout_response_signed"
-							hidden
-							label={m.logoutResponseSigned()}
-							disabled={!data.is_enabled}
-						/>
-						<Checkbox
-							{form}
-							field="metadata_signed"
-							hidden
-							label={m.metadataSigned()}
-							disabled={!data.is_enabled}
-						/>
-						<Checkbox
-							{form}
-							field="name_id_encrypted"
-							hidden
-							label={m.nameIDEncrypted()}
-							disabled={!data.is_enabled}
-						/>
-						<Checkbox
-							{form}
-							hidden
-							field="reject_deprecated_algorithm"
-							label={m.rejectDeprecatedAlgorithm()}
-							disabled={!data.is_enabled}
-						/>
-						<Checkbox
-							{form}
-							field="reject_idp_initiated_sso"
-							label={m.rejectIdPInitiatedSSO()}
-							disabled={!data.is_enabled}
-						/>
-						<TextField
-							{form}
-							field="signature_algorithm"
-							hidden
-							label={m.signatureAlgorithm()}
-							disabled={!data.is_enabled}
-							cacheLock={cacheLocks['signature_algorithm']}
-							bind:cachedValue={formDataCache['signature_algorithm']}
-						/>
-						<Checkbox
-							{form}
-							field="want_assertion_encrypted"
-							hidden
-							label={m.wantAssertionEncrypted()}
-							disabled={!data.is_enabled}
-						/>
-						<Checkbox
-							{form}
-							field="want_assertion_signed"
-							hidden
-							label={m.wantAssertionSigned()}
-							disabled={!data.is_enabled}
-						/>
-						<Checkbox
-							{form}
-							field="want_attribute_statement"
-							label={m.wantAttributeStatement()}
-							disabled={!data.is_enabled}
-						/>
-						<Checkbox
-							{form}
-							field="want_message_signed"
-							hidden
-							label={m.wantMessageSigned()}
-							disabled={!data.is_enabled}
-						/>
-						<Checkbox
-							{form}
-							field="want_name_id"
-							label={m.wantNameID()}
-							disabled={!data.is_enabled}
-						/>
-						<Checkbox
-							{form}
-							field="want_name_id_encrypted"
-							hidden
-							label={m.wantNameIDEncrypted()}
-							disabled={!data.is_enabled}
-						/>
-					</svelte:fragment>
-				</AccordionItem>
-			{/if}
-		</Accordion>
-	{/if}
-	<div class="flex flex-row justify-between space-x-4">
-		{#if closeModal}
-			<button
-				class="btn bg-gray-400 text-white font-semibold w-full"
-				data-testid="cancel-button"
-				type="button"
-				on:click={(event) => {
-					parent.onClose(event);
-					createModalCache.deleteCache(model.urlModel);
-				}}>{m.cancel()}</button
-			>
-			<button
-				class="btn variant-filled-primary font-semibold w-full"
-				data-testid="save-button"
-				type="submit"
-				on:click={(event) => {
-					createModalCache.deleteCache(model.urlModel);
-				}}>{m.save()}</button
-			>
-		{:else}
-			{#if cancelButton}
-				<button
-					class="btn bg-gray-400 text-white font-semibold w-full"
-					data-testid="cancel-button"
-					type="button"
-					on:click={cancel}>{m.cancel()}</button
-				>
-			{/if}
-			<button
-				class="btn variant-filled-primary font-semibold w-full"
-				data-testid="save-button"
-				type="submit">{m.save()}</button
-			>
-		{/if}
-	</div>
-</SuperForm>
diff --git a/enterprise/frontend/src/lib/components/Forms/ModelForm/FolderForm.svelte b/enterprise/frontend/src/lib/components/Forms/ModelForm/FolderForm.svelte
new file mode 100644
index 000000000..f9123d39a
--- /dev/null
+++ b/enterprise/frontend/src/lib/components/Forms/ModelForm/FolderForm.svelte
@@ -0,0 +1,23 @@
+<script lang="ts">
+	import { getOptions } from '$lib/utils/crud';
+	import type { CacheLock, ModelInfo } from '$lib/utils/types';
+	import * as m from '$paraglide/messages.js';
+	import type { SuperValidated } from 'sveltekit-superforms';
+	import AutocompleteSelect from '../AutocompleteSelect.svelte';
+
+	export let form: SuperValidated<any>;
+	export let model: ModelInfo;
+	export let cacheLocks: Record<string, CacheLock> = {};
+	export let formDataCache: Record<string, any> = {};
+	export let initialData: Record<string, any> = {};
+</script>
+
+<AutocompleteSelect
+	{form}
+	options={getOptions({ objects: model.foreignKeys['parent_folder'] })}
+	field="parent_folder"
+	cacheLock={cacheLocks['parent_folder']}
+	bind:cachedValue={formDataCache['parent_folder']}
+	label={m.parentDomain()}
+	hide={initialData.parent_folder}
+/>
diff --git a/frontend/messages/ar.json b/frontend/messages/ar.json
index e7c14d304..8ff33880a 100644
--- a/frontend/messages/ar.json
+++ b/frontend/messages/ar.json
@@ -145,6 +145,7 @@
 	"justification": "التبرير",
 	"parentFolder": "المجلد الرئيسي",
 	"contentType": "نوع المحتوى",
+	"objectType": "نوع الكائن",
 	"type": "النوع",
 	"lcStatus": "حالة LC",
 	"internalReference": "المرجع الداخلي",
diff --git a/frontend/messages/de.json b/frontend/messages/de.json
index 16dba3009..ba2b3b7d3 100644
--- a/frontend/messages/de.json
+++ b/frontend/messages/de.json
@@ -156,6 +156,7 @@
 	"justification": "Begründung",
 	"parentFolder": "Übergeordneter Ordner",
 	"contentType": "Inhaltstyp",
+	"objectType": "Objekttyp",
 	"type": "Typ",
 	"lcStatus": "Status",
 	"internalReference": "Interne Referenz",
diff --git a/frontend/messages/en.json b/frontend/messages/en.json
index 8a047525b..1558fdb8a 100644
--- a/frontend/messages/en.json
+++ b/frontend/messages/en.json
@@ -157,6 +157,7 @@
 	"justification": "Justification",
 	"parentFolder": "Parent folder",
 	"contentType": "Content type",
+	"objectType": "Object type",
 	"type": "Type",
 	"lcStatus": "Status",
 	"internalReference": "Internal reference",
diff --git a/frontend/messages/es.json b/frontend/messages/es.json
index df0cc23e1..3ab1f6881 100644
--- a/frontend/messages/es.json
+++ b/frontend/messages/es.json
@@ -156,6 +156,7 @@
 	"justification": "Justificación",
 	"parentFolder": "Carpeta principal",
 	"contentType": "Tipo de contenido",
+	"objectType": "abcdef",
 	"type": "Tipo",
 	"lcStatus": "Estado",
 	"internalReference": "Referencia interna",
diff --git a/frontend/messages/fr.json b/frontend/messages/fr.json
index 64c376308..5155a3894 100644
--- a/frontend/messages/fr.json
+++ b/frontend/messages/fr.json
@@ -156,6 +156,7 @@
 	"justification": "Justification",
 	"parentFolder": "Domaine parent",
 	"contentType": "Type de contenu",
+	"objectType": "Type d'objet",
 	"type": "Type",
 	"lcStatus": "Statut",
 	"internalReference": "Référence interne",
diff --git a/frontend/messages/hi.json b/frontend/messages/hi.json
index 9effdf8e8..f1db6f897 100644
--- a/frontend/messages/hi.json
+++ b/frontend/messages/hi.json
@@ -154,6 +154,7 @@
 	"justification": "औचित्य",
 	"parentFolder": "अभिभावक फ़ोल्डर",
 	"contentType": "सामग्री प्रकार",
+	"objectType": "ऑब्जेक्ट प्रकार",
 	"type": "प्रकार",
 	"lcStatus": "स्थिति",
 	"internalReference": "आंतरिक संदर्भ",
diff --git a/frontend/messages/it.json b/frontend/messages/it.json
index 1f5981730..c425d66ea 100644
--- a/frontend/messages/it.json
+++ b/frontend/messages/it.json
@@ -156,6 +156,7 @@
 	"justification": "Giustificazione",
 	"parentFolder": "Cartella principale",
 	"contentType": "Tipo di contenuto",
+	"objectType": "Tipo di oggetto",
 	"type": "Tipo",
 	"lcStatus": "Stato",
 	"internalReference": "Riferimento interno",
diff --git a/frontend/messages/nl.json b/frontend/messages/nl.json
index 73a343c28..462af7c6b 100644
--- a/frontend/messages/nl.json
+++ b/frontend/messages/nl.json
@@ -156,6 +156,7 @@
 	"justification": "Rechtvaardiging",
 	"parentFolder": "Bovenliggende map",
 	"contentType": "Inhoudstype",
+	"objectType": "Objecttype",
 	"type": "Type",
 	"lcStatus": "Status",
 	"internalReference": "Interne referentie",
diff --git a/frontend/messages/pl.json b/frontend/messages/pl.json
index 7047be37e..d1112f001 100644
--- a/frontend/messages/pl.json
+++ b/frontend/messages/pl.json
@@ -156,6 +156,7 @@
 	"justification": "Uzasadnienie",
 	"parentFolder": "Folder nadrzędny",
 	"contentType": "Rodzaj treści",
+	"objectType": "Typ obiektu",
 	"type": "Typ",
 	"lcStatus": "Status LC",
 	"internalReference": "Referencja wewnętrzna",
diff --git a/frontend/messages/pt.json b/frontend/messages/pt.json
index 9f4836ab8..e72d39de5 100644
--- a/frontend/messages/pt.json
+++ b/frontend/messages/pt.json
@@ -156,6 +156,7 @@
 	"justification": "Justificativa",
 	"parentFolder": "Pasta pai",
 	"contentType": "Tipo de conteúdo",
+	"objectType": "Tipo de objeto",
 	"type": "Tipo",
 	"lcStatus": "Status",
 	"internalReference": "Referência interna",
diff --git a/frontend/messages/ro.json b/frontend/messages/ro.json
index 4a5226b39..1a1522311 100644
--- a/frontend/messages/ro.json
+++ b/frontend/messages/ro.json
@@ -152,6 +152,7 @@
 	"justification": "Justificare",
 	"parentFolder": "Dosar părinte",
 	"contentType": "Tip conținut",
+	"objectType": "Tipul obiectului",
 	"type": "Tip",
 	"lcStatus": "Stare LC",
 	"internalReference": "Referință internă",
diff --git a/frontend/messages/ur.json b/frontend/messages/ur.json
index a3020efaf..973b9d377 100644
--- a/frontend/messages/ur.json
+++ b/frontend/messages/ur.json
@@ -154,6 +154,7 @@
 	"justification": "جواز",
 	"parentFolder": "مرکزی فولڈر",
 	"contentType": "مواد کی قسم",
+	"objectType": "آبجیکٹ کی قسم",
 	"type": "قسم",
 	"lcStatus": "حیثیت",
 	"internalReference": "داخلی حوالہ",
diff --git a/frontend/src/lib/components/Chart/TreeChart.svelte b/frontend/src/lib/components/Chart/TreeChart.svelte
index d94357e52..957da77f3 100644
--- a/frontend/src/lib/components/Chart/TreeChart.svelte
+++ b/frontend/src/lib/components/Chart/TreeChart.svelte
@@ -1,6 +1,5 @@
 <script lang="ts">
 	import { onMount } from 'svelte';
-	export let s_label = '';
 
 	export let width = 'w-auto';
 	export let height = 'h-full';
diff --git a/frontend/src/lib/components/DetailView/DetailView.svelte b/frontend/src/lib/components/DetailView/DetailView.svelte
index 948213110..598ba9f19 100644
--- a/frontend/src/lib/components/DetailView/DetailView.svelte
+++ b/frontend/src/lib/components/DetailView/DetailView.svelte
@@ -3,6 +3,7 @@
 	import { page } from '$app/stores';
 	import ConfirmModal from '$lib/components/Modals/ConfirmModal.svelte';
 	import CreateModal from '$lib/components/Modals/CreateModal.svelte';
+	import MissingConstraintsModal from '$lib/components/Modals/MissingConstraintsModal.svelte';
 	import ModelTable from '$lib/components/ModelTable/ModelTable.svelte';
 	import type {
 		ModalComponent,
@@ -17,6 +18,7 @@
 	import { URL_MODEL_MAP } from '$lib/utils/crud';
 	import { isURL } from '$lib/utils/helpers';
 	import { toCamelCase, capitalizeFirstLetter } from '$lib/utils/locales.js';
+	import { checkConstraints } from '$lib/utils/crud';
 	import { languageTag } from '$paraglide/runtime.js';
 	import * as m from '$paraglide/messages.js';
 	import { ISO_8601_REGEX } from '$lib/utils/constants';
@@ -70,7 +72,7 @@
 	}
 
 	function modalCreateForm(model: Record<string, any>): void {
-		const modalComponent: ModalComponent = {
+		let modalComponent: ModalComponent = {
 			ref: CreateModal,
 			props: {
 				form: model.createForm,
@@ -78,12 +80,24 @@
 				debug: false
 			}
 		};
-		const modal: ModalSettings = {
+		let modal: ModalSettings = {
 			type: 'component',
 			component: modalComponent,
 			// Data
 			title: safeTranslate('add' + capitalizeFirstLetter(model.info.localName))
 		};
+		if (checkConstraints(model.createForm.constraints, model.foreignKeys).length > 0) {
+			modalComponent = {
+				ref: MissingConstraintsModal
+			};
+			modal = {
+				type: 'component',
+				component: modalComponent,
+				title: m.warning(),
+				body: safeTranslate('add' + capitalizeFirstLetter(model.info.localName)).toLowerCase(),
+				value: checkConstraints(model.createForm.constraints, model.foreignKeys)
+			};
+		}
 		modalStore.trigger(modal);
 	}
 
diff --git a/frontend/src/lib/components/Forms/ModelForm.svelte b/frontend/src/lib/components/Forms/ModelForm.svelte
index 458849090..8b3099750 100644
--- a/frontend/src/lib/components/Forms/ModelForm.svelte
+++ b/frontend/src/lib/components/Forms/ModelForm.svelte
@@ -23,6 +23,7 @@
 	import FrameworksForm from './ModelForm/FrameworkForm.svelte';
 	import UsersForm from './ModelForm/UserForm.svelte';
 	import SsoSettingsForm from './ModelForm/SsoSettingForm.svelte';
+	import FolderForm from './ModelForm/FolderForm.svelte';
 
 	import AutocompleteSelect from './AutocompleteSelect.svelte';
 
@@ -175,6 +176,8 @@
 	{/if}
 	{#if URLModel === 'projects'}
 		<ProjectForm {form} {model} {cacheLocks} {formDataCache} {initialData} />
+	{:else if URLModel === 'folders'}
+		<FolderForm {form} {model} {cacheLocks} {formDataCache} {initialData} />
 	{:else if URLModel === 'risk-assessments' || URLModel === 'risk-assessment-duplicate'}
 		<RiskAssessmentForm
 			{form}
diff --git a/frontend/src/lib/components/Forms/ModelForm/FolderForm.svelte b/frontend/src/lib/components/Forms/ModelForm/FolderForm.svelte
new file mode 100644
index 000000000..493605a89
--- /dev/null
+++ b/frontend/src/lib/components/Forms/ModelForm/FolderForm.svelte
@@ -0,0 +1,4 @@
+<script lang="ts">
+	// NOTE: The community version of FolderForm does nothing special at the moment.
+	// It was created to simplify operations.
+</script>
diff --git a/frontend/src/lib/components/Forms/Score.svelte b/frontend/src/lib/components/Forms/Score.svelte
index d094e05b4..2a85457a8 100644
--- a/frontend/src/lib/components/Forms/Score.svelte
+++ b/frontend/src/lib/components/Forms/Score.svelte
@@ -26,8 +26,6 @@
 	export let form: SuperForm<Record<string, any>>;
 	const { value, errors, constraints } = formFieldProxy(form, field);
 
-	$value = $value ?? min_score;
-
 	let isScored = formFieldProxy(form, 'is_scored')['value'];
 
 	if (always_enabled) {
diff --git a/frontend/src/lib/utils/crud.ts b/frontend/src/lib/utils/crud.ts
index 99da36886..62bd8ad52 100644
--- a/frontend/src/lib/utils/crud.ts
+++ b/frontend/src/lib/utils/crud.ts
@@ -17,7 +17,7 @@ type GetOptionsParams = {
 	selfSelect?: boolean;
 };
 
-export function checkConstraints(constraints: { [key: string]: any }, foreignKeys: any) {
+export function checkConstraints(constraints: { [key: string]: any }, foreignKeys: any): string[] {
 	const emptyConstraintsList = [];
 	for (const [key, constraint] of Object.entries(constraints)) {
 		if (constraint.required && foreignKeys[key])
diff --git a/frontend/src/lib/utils/helpers.ts b/frontend/src/lib/utils/helpers.ts
index 367b679f1..e40ce9e98 100644
--- a/frontend/src/lib/utils/helpers.ts
+++ b/frontend/src/lib/utils/helpers.ts
@@ -60,7 +60,7 @@ export function formatScoreValue(value: number, max_score: number, fullDonut = f
 }
 
 export function getSecureRedirect(url: any): string {
-	const SECURE_REDIRECT_URL_REGEX = /^\/(?!.*\/\/)[^\s]*$/;
+	const SECURE_REDIRECT_URL_REGEX = /^\/[^/]/;
 	return typeof url === 'string' && SECURE_REDIRECT_URL_REGEX.test(url) ? url : '';
 }
 
diff --git a/frontend/src/lib/utils/table.ts b/frontend/src/lib/utils/table.ts
index e3bc7eb21..2e5994eb2 100644
--- a/frontend/src/lib/utils/table.ts
+++ b/frontend/src/lib/utils/table.ts
@@ -227,6 +227,31 @@ const OWNER_FILTER: ListViewFilterConfig = {
   }
 }; */
 
+const LIBRARY_TYPE_FILTER = {
+	component: SelectFilter,
+	getColumn: (row) => {
+		const overviewKeys = new Set(row.overview.map((overviewRow) => overviewRow.split(':')[0]));
+		const libraryDatatypeSet = new Set([
+			'framework',
+			'risk_matrix',
+			'threats',
+			'requirement_mapping_set',
+			'reference_controls'
+		]);
+		const datatypes = [...libraryDatatypeSet].filter((datatype) => overviewKeys.has(datatype));
+		return datatypes;
+	},
+	extraProps: {
+		defaultOptionName: 'objectType',
+		optionLabels: {
+			reference_controls: 'referenceControls',
+			requirement_mapping_set: 'requirementMappingSet',
+			risk_matrix: 'riskMatrix'
+		}
+	},
+	alwaysDisplay: true
+};
+
 export const listViewFields: ListViewFieldsConfig = {
 	folders: {
 		head: ['name', 'description', 'parentDomain'],
@@ -409,8 +434,8 @@ export const listViewFields: ListViewFieldsConfig = {
 		body: ['provider', 'name', 'description', 'locales', 'overview'],
 		filters: {
 			locales: LANGUAGE_FILTER,
-			provider: PROVIDER_FILTER_FOR_LIBRARIES
-			// has_risk_matrix: HAS_RISK_MATRIX_FILTER
+			provider: PROVIDER_FILTER_FOR_LIBRARIES,
+			objectType: LIBRARY_TYPE_FILTER
 		}
 	},
 	'loaded-libraries': {
@@ -418,7 +443,8 @@ export const listViewFields: ListViewFieldsConfig = {
 		body: ['provider', 'name', 'description', 'locales', 'overview'],
 		filters: {
 			locales: LANGUAGE_FILTER,
-			provider: PROVIDER_FILTER_FOR_LIBRARIES
+			provider: PROVIDER_FILTER_FOR_LIBRARIES,
+			objectType: LIBRARY_TYPE_FILTER
 		}
 	},
 	'sso-settings': {
diff --git a/frontend/src/routes/(app)/(third-party)/evidences/[id=uuid]/attachment/+server.ts b/frontend/src/routes/(app)/(third-party)/evidences/[id=uuid]/attachment/+server.ts
index ed87e123c..9ac07bd10 100644
--- a/frontend/src/routes/(app)/(third-party)/evidences/[id=uuid]/attachment/+server.ts
+++ b/frontend/src/routes/(app)/(third-party)/evidences/[id=uuid]/attachment/+server.ts
@@ -29,9 +29,13 @@ export const GET: RequestHandler = async ({ fetch, setHeaders, params }) => {
 		}
 
 		const reader = attachmentResponse.body.getReader();
+		let readerTerminated = false;
 		const stream = new ReadableStream({
 			start(controller) {
 				function push() {
+					if (readerTerminated) {
+						return;
+					}
 					reader.read().then(({ done, value }) => {
 						if (done) {
 							controller.close();
@@ -42,6 +46,9 @@ export const GET: RequestHandler = async ({ fetch, setHeaders, params }) => {
 					});
 				}
 				push();
+			},
+			cancel() {
+				readerTerminated = true;
 			}
 		});
 
diff --git a/frontend/src/routes/(app)/(third-party)/requirement-assessments/[id=uuid]/edit/+page.server.ts b/frontend/src/routes/(app)/(third-party)/requirement-assessments/[id=uuid]/edit/+page.server.ts
index 965b61acb..255d8ae8e 100644
--- a/frontend/src/routes/(app)/(third-party)/requirement-assessments/[id=uuid]/edit/+page.server.ts
+++ b/frontend/src/routes/(app)/(third-party)/requirement-assessments/[id=uuid]/edit/+page.server.ts
@@ -49,6 +49,7 @@ export const load = (async ({ fetch, params }) => {
 	});
 
 	const schema = modelSchema(URLModel);
+	object.evidences = object.evidences.map((evidence) => evidence.id);
 	const form = await superValidate(object, zod(schema), { errors: true });
 
 	const foreignKeys: Record<string, any> = {};
@@ -102,12 +103,40 @@ export const load = (async ({ fetch, params }) => {
 					measureSelectOptions[selectField.field] = Object.entries(data).map(([key, value]) => ({
 						label: value,
 						value: key
-					}));
+					}))
+				
+				} else {
+					console.error(`Failed to fetch data for ${selectField.field}: ${response.statusText}`);
 				}
 			})
-		);
+		)
 	}
-	measureModel.selectOptions = measureSelectOptions;
+
+	measureModel['selectOptions'] = measureSelectOptions;
+
+	const tables: Record<string, any> = {};
+
+	await Promise.all(
+		['applied-controls', 'evidences'].map(async (key) => {
+			const keyEndpoint = `${BASE_API_URL}/${key}/?requirement_assessments=${params.id}`;
+			const response = await fetch(keyEndpoint);
+
+			if (response.ok) {
+				const data = await response.json().then((data) => data.results);
+
+				const bodyData = tableSourceMapper(data, listViewFields[key].body);
+
+				const table: TableSource = {
+					head: listViewFields[key].head,
+					body: bodyData,
+					meta: data
+				};
+				tables[key] = table;
+			} else {
+				console.error(`Failed to fetch data for ${key}: ${response.statusText}`);
+			}
+		})
+	);
 
 	const measureForeignKeys: Record<string, any> = {};
 	if (measureModel.foreignKeyFields) {
@@ -128,20 +157,6 @@ export const load = (async ({ fetch, params }) => {
 	}
 	measureModel.foreignKeys = measureForeignKeys;
 
-	const tables: Record<string, any> = {};
-	await Promise.all(
-		['applied-controls', 'evidences'].map(async (key) => {
-			const data = await fetchJson(`${baseUrl}/${key}/?requirement_assessments=${params.id}`);
-			if (data) {
-				tables[key] = {
-					head: listViewFields[key].head,
-					body: tableSourceMapper(data.results, listViewFields[key].body),
-					meta: data.results
-				};
-			}
-		})
-	);
-
 	const evidenceModel = getModelInfo('evidences');
 	const evidenceCreateSchema = modelSchema('evidences');
 	const evidenceCreateForm = await superValidate(
diff --git a/frontend/tests/utils/page-content.ts b/frontend/tests/utils/page-content.ts
index b425aeced..90a34a935 100644
--- a/frontend/tests/utils/page-content.ts
+++ b/frontend/tests/utils/page-content.ts
@@ -66,7 +66,7 @@ export class PageContent extends BasePage {
 	}
 
 	async importLibrary(name: string, urn?: string, language = 'English') {
-		this.page.getByTestId('search-input').fill(name);
+		await this.page.getByTestId('search-input').fill(name);
 		if (
 			(await this.tab('Loaded libraries').isVisible()) &&
 			(await this.tab('Loaded libraries').getAttribute('aria-selected')) === 'true'
@@ -80,10 +80,12 @@ export class PageContent extends BasePage {
 		}
 		// If the library is not visible, it might have already been loaded
 		if (await this.importItemButton(name, language === 'any' ? undefined : language).isHidden()) {
-			await this.tab('Loaded libraries').click();
-			expect(this.tab('Loaded libraries').getAttribute('aria-selected')).toBeTruthy();
-			this.page.getByTestId('search-input').fill(name);
-			expect(this.getRow(name)).toBeVisible();
+			if (await this.tab('Loaded libraries').isVisible()) {
+				await this.tab('Loaded libraries').click();
+				expect(this.tab('Loaded libraries').getAttribute('aria-selected')).toBeTruthy();
+				await this.page.getByTestId('search-input').fill(name);
+			}
+			await expect(this.getRow(name)).toBeVisible();
 			return;
 		}
 		await this.importItemButton(name, language === 'any' ? undefined : language).click();
@@ -92,7 +94,8 @@ export class PageContent extends BasePage {
 		});
 		await this.tab('Loaded libraries').click();
 		expect(this.tab('Loaded libraries').getAttribute('aria-selected')).toBeTruthy();
-		expect(this.getRow(name)).toBeVisible();
+		await this.page.getByTestId('search-input').fill(name);
+		await expect(this.getRow(name)).toBeVisible();
 	}
 
 	async viewItemDetail(value?: string) {
diff --git a/frontend/tests/utils/test-data.ts b/frontend/tests/utils/test-data.ts
index 2d5725daf..3df5269f7 100644
--- a/frontend/tests/utils/test-data.ts
+++ b/frontend/tests/utils/test-data.ts
@@ -26,140 +26,186 @@ export default {
 		analyst: {
 			name: 'Analyst',
 			perms: [
+				'add_appliedcontrol',
+				'add_asset',
+				'add_complianceassessment',
+				'add_evidence',
+				'add_policy',
 				'add_project',
-				'view_project',
-				'change_project',
-				'delete_project',
+				'add_riskacceptance',
 				'add_riskassessment',
-				'view_riskassessment',
-				'change_riskassessment',
-				'delete_riskassessment',
-				'add_appliedcontrol',
-				'view_appliedcontrol',
+				'add_riskscenario',
+				'add_solution',
+				'add_threat',
 				'change_appliedcontrol',
-				'delete_appliedcontrol',
-				'add_policy',
-				'view_policy',
+				'change_asset',
+				'change_complianceassessment',
+				'change_entity',
+				'change_entityassessment',
+				'change_evidence',
 				'change_policy',
-				'delete_policy',
-				'add_riskscenario',
-				'view_riskscenario',
-				'change_riskscenario',
-				'delete_riskscenario',
-				'add_riskacceptance',
-				'view_riskacceptance',
+				'change_project',
+				'change_referencecontrol',
+				'change_representative',
+				'change_requirementassessment',
 				'change_riskacceptance',
-				'delete_riskacceptance',
-				'add_complianceassessment',
-				'view_complianceassessment',
-				'change_complianceassessment',
+				'change_riskassessment',
+				'change_riskscenario',
+				'change_solution',
+				'change_threat',
+				'delete_appliedcontrol',
+				'delete_asset',
 				'delete_complianceassessment',
-				'view_requirementassessment',
-				'change_requirementassessment',
-				'add_evidence',
-				'view_evidence',
-				'change_evidence',
+				'delete_entity',
+				'delete_entityassessment',
 				'delete_evidence',
-				'add_asset',
-				'view_asset',
-				'change_asset',
-				'delete_asset',
-				'add_threat',
-				'view_threat',
-				'change_threat',
+				'delete_policy',
+				'delete_project',
+				'delete_referencecontrol',
+				'delete_representative',
+				'delete_riskacceptance',
+				'delete_riskassessment',
+				'delete_riskscenario',
+				'delete_solution',
 				'delete_threat',
-				'view_referencecontrol',
+				'view_appliedcontrol',
+				'view_asset',
+				'view_complianceassessment',
+				'view_entity',
+				'view_entityassessment',
+				'view_evidence',
 				'view_folder',
-				'view_usergroup',
-				'view_riskmatrix',
-				'view_requirementnode',
 				'view_framework',
 				'view_loadedlibrary',
-				'view_user'
+				'view_policy',
+				'view_project',
+				'view_referencecontrol',
+				'view_representative',
+				'view_requirementassessment',
+				'view_requirementmapping',
+				'view_requirementmappingset',
+				'view_requirementnode',
+				'view_riskacceptance',
+				'view_riskassessment',
+				'view_riskmatrix',
+				'view_riskscenario',
+				'view_solution',
+				'view_storedlibrary',
+				'view_threat',
+				'view_user',
+				'view_usergroup'
 			]
 		},
 		reader: {
 			name: 'Reader',
 			perms: [
-				'view_project',
-				'view_riskassessment',
 				'view_appliedcontrol',
-				'view_policy',
-				'view_riskscenario',
-				'view_riskacceptance',
 				'view_asset',
-				'view_threat',
-				'view_referencecontrol',
-				'view_folder',
-				'view_usergroup',
-				'view_riskmatrix',
 				'view_complianceassessment',
-				'view_requirementassessment',
-				'view_requirementnode',
+				'view_entity',
+				'view_entityassessment',
 				'view_evidence',
+				'view_folder',
 				'view_framework',
 				'view_loadedlibrary',
-				'view_user'
+				'view_policy',
+				'view_project',
+				'view_referencecontrol',
+				'view_representative',
+				'view_requirementassessment',
+				'view_requirementmapping',
+				'view_requirementmappingset',
+				'view_requirementnode',
+				'view_riskacceptance',
+				'view_riskassessment',
+				'view_riskmatrix',
+				'view_riskscenario',
+				'view_solution',
+				'view_storedlibrary',
+				'view_threat',
+				'view_user',
+				'view_usergroup'
 			]
 		},
 		domainManager: {
 			name: 'Domain manager',
 			perms: [
-				'change_usergroup',
-				'view_usergroup',
-				'add_project',
-				'change_project',
-				'delete_project',
-				'view_project',
-				'add_riskassessment',
-				'view_riskassessment',
-				'change_riskassessment',
-				'delete_riskassessment',
 				'add_appliedcontrol',
-				'view_appliedcontrol',
-				'change_appliedcontrol',
-				'delete_appliedcontrol',
+				'add_asset',
+				'add_complianceassessment',
+				'add_entity',
+				'add_entityassessment',
+				'add_evidence',
+				'add_folder',
 				'add_policy',
-				'view_policy',
-				'change_policy',
-				'delete_policy',
-				'add_riskscenario',
-				'view_riskscenario',
-				'change_riskscenario',
-				'delete_riskscenario',
+				'add_project',
 				'add_riskacceptance',
-				'view_riskacceptance',
-				'change_riskacceptance',
-				'delete_riskacceptance',
-				'add_asset',
-				'view_asset',
-				'change_asset',
-				'delete_asset',
+				'add_riskassessment',
+				'add_riskmatrix',
+				'add_riskscenario',
+				'add_solution',
 				'add_threat',
-				'view_threat',
-				'change_threat',
-				'delete_threat',
-				'view_referencecontrol',
-				'view_folder',
+				'change_appliedcontrol',
+				'change_asset',
+				'change_complianceassessment',
+				'change_entity',
+				'change_entityassessment',
+				'change_evidence',
 				'change_folder',
-				'add_riskmatrix',
-				'view_riskmatrix',
+				'change_policy',
+				'change_project',
+				'change_referencecontrol',
+				'change_representative',
+				'change_requirementassessment',
+				'change_riskacceptance',
+				'change_riskassessment',
 				'change_riskmatrix',
+				'change_riskscenario',
+				'change_solution',
+				'change_threat',
+				'delete_appliedcontrol',
+				'delete_asset',
+				'delete_complianceassessment',
+				'delete_entity',
+				'delete_entityassessment',
+				'delete_evidence',
+				'delete_folder',
+				'delete_policy',
+				'delete_project',
+				'delete_referencecontrol',
+				'delete_representative',
+				'delete_riskacceptance',
+				'delete_riskassessment',
 				'delete_riskmatrix',
-				'add_complianceassessment',
+				'delete_riskscenario',
+				'delete_solution',
+				'delete_threat',
+				'view_appliedcontrol',
+				'view_asset',
 				'view_complianceassessment',
-				'change_complianceassessment',
-				'delete_complianceassessment',
-				'view_requirementassessment',
-				'change_requirementassessment',
-				'add_evidence',
+				'view_entity',
+				'view_entityassessment',
 				'view_evidence',
-				'change_evidence',
-				'delete_evidence',
-				'view_requirementnode',
+				'view_folder',
 				'view_framework',
 				'view_loadedlibrary',
-				'view_user'
+				'view_policy',
+				'view_project',
+				'view_referencecontrol',
+				'view_representative',
+				'view_requirementassessment',
+				'view_requirementmapping',
+				'view_requirementmappingset',
+				'view_requirementnode',
+				'view_riskacceptance',
+				'view_riskassessment',
+				'view_riskmatrix',
+				'view_riskscenario',
+				'view_solution',
+				'view_storedlibrary',
+				'view_threat',
+				'view_user',
+				'view_usergroup'
 			]
 		},
 		approver: {
@@ -183,8 +229,11 @@ export default {
 				'view_requirementnode',
 				'view_evidence',
 				'view_framework',
+				'view_storedlibrary',
 				'view_loadedlibrary',
-				'view_user'
+				'view_user',
+				'view_requirementmappingset',
+				'view_requirementmapping'
 			]
 		}
 	},

From 977eafa878f34caaf72d673a0b66c4496f173aa5 Mon Sep 17 00:00:00 2001
From: Mohamed-Hacene <mohamedhacene.b@gmail.com>
Date: Tue, 8 Oct 2024 11:16:18 +0200
Subject: [PATCH 19/26] chore: add missing semi colons

---
 .../requirement-assessments/[id=uuid]/edit/+page.server.ts   | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/frontend/src/routes/(app)/(third-party)/requirement-assessments/[id=uuid]/edit/+page.server.ts b/frontend/src/routes/(app)/(third-party)/requirement-assessments/[id=uuid]/edit/+page.server.ts
index 255d8ae8e..a3fd98236 100644
--- a/frontend/src/routes/(app)/(third-party)/requirement-assessments/[id=uuid]/edit/+page.server.ts
+++ b/frontend/src/routes/(app)/(third-party)/requirement-assessments/[id=uuid]/edit/+page.server.ts
@@ -103,13 +103,12 @@ export const load = (async ({ fetch, params }) => {
 					measureSelectOptions[selectField.field] = Object.entries(data).map(([key, value]) => ({
 						label: value,
 						value: key
-					}))
-				
+					}));
 				} else {
 					console.error(`Failed to fetch data for ${selectField.field}: ${response.statusText}`);
 				}
 			})
-		)
+		);
 	}
 
 	measureModel['selectOptions'] = measureSelectOptions;

From 628c5b9d8390e000be9188bafc8eb7d04cf3fd35 Mon Sep 17 00:00:00 2001
From: Mohamed-Hacene <mohamedhacene.b@gmail.com>
Date: Wed, 9 Oct 2024 10:43:16 +0200
Subject: [PATCH 20/26] fix: check not null before length

---
 .../[id=uuid]/table-mode/+page.svelte                     | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/frontend/src/routes/(app)/(third-party)/compliance-assessments/[id=uuid]/table-mode/+page.svelte b/frontend/src/routes/(app)/(third-party)/compliance-assessments/[id=uuid]/table-mode/+page.svelte
index f65be8f87..27d66bf9f 100644
--- a/frontend/src/routes/(app)/(third-party)/compliance-assessments/[id=uuid]/table-mode/+page.svelte
+++ b/frontend/src/routes/(app)/(third-party)/compliance-assessments/[id=uuid]/table-mode/+page.svelte
@@ -353,9 +353,11 @@
 										><p class="flex items-center space-x-2">
 											<span>{m.evidence()}</span>
 											{#key addedEvidence}
-												<span class="badge variant-soft-primary"
-													>{requirementAssessment.evidences.length}</span
-												>
+												{#if requirementAssessment.evidences != null}
+													<span class="badge variant-soft-primary"
+														>{requirementAssessment.evidences.length}</span
+													>
+												{/if}
 											{/key}
 										</p></svelte:fragment
 									>

From 316f89efbbc8f6126621866ab0dee47109027ed8 Mon Sep 17 00:00:00 2001
From: Mohamed-Hacene <mohamedhacene.b@gmail.com>
Date: Wed, 9 Oct 2024 11:14:33 +0200
Subject: [PATCH 21/26] fix: catch mail failure at user creation during
 representative creation

---
 backend/tprm/serializers.py | 33 ++++++++++++++++++++++++++++-----
 frontend/messages/en.json   |  3 ++-
 2 files changed, 30 insertions(+), 6 deletions(-)

diff --git a/backend/tprm/serializers.py b/backend/tprm/serializers.py
index b5fd5dbda..50c8a6215 100644
--- a/backend/tprm/serializers.py
+++ b/backend/tprm/serializers.py
@@ -1,4 +1,5 @@
 from rest_framework import serializers
+from ciso_assistant.settings import EMAIL_HOST, EMAIL_HOST_RESCUE
 from core.models import ComplianceAssessment, Framework
 
 from core.serializer_fields import FieldsRelatedField
@@ -178,11 +179,33 @@ def _create_or_update_user(self, instance, user):
             email=instance.email,
         ).first()
         if not user:
-            user = User.objects.create_user(
-                email=instance.email,
-                first_name=instance.first_name,
-                last_name=instance.last_name,
-            )
+            send_mail = EMAIL_HOST or EMAIL_HOST_RESCUE
+            try:
+                user = User.objects.create_user(
+                    email=instance.email,
+                    first_name=instance.first_name,
+                    last_name=instance.last_name,
+                )
+            except Exception as e:
+                logger.error(e)
+                user = User.objects.filter(email=instance.email).first()
+                if user and send_mail:
+                    user.is_third_party = True
+                    user.save()
+                    instance.user = user
+                    instance.save()
+                    logger.warning("mailing failed")
+                    raise serializers.ValidationError(
+                        {
+                            "warning": [
+                                "User created successfully but an error occurred while sending the email"
+                            ]
+                        }
+                    )
+                else:
+                    raise serializers.ValidationError(
+                        {"error": ["An error occurred while creating the user"]}
+                    )
             user.is_third_party = True
         user.save()
         instance.user = user
diff --git a/frontend/messages/en.json b/frontend/messages/en.json
index 1558fdb8a..ff4b6cc14 100644
--- a/frontend/messages/en.json
+++ b/frontend/messages/en.json
@@ -757,5 +757,6 @@
 	"ShowAllNodesMessage": "Show all",
 	"ShowOnlyAssessable": "Only assessable",
 	"NoPreviewMessage": "No preview available.",
-	"entityAssessmentEvidenceHelpText": "An external questionnaire"
+	"entityAssessmentEvidenceHelpText": "An external questionnaire",
+	"associatedEntities": "Associated entities"
 }

From 10590f3324b315db9850ed04cabba0f08fefc5aa Mon Sep 17 00:00:00 2001
From: Mohamed-Hacene <mohamedhacene.b@gmail.com>
Date: Wed, 9 Oct 2024 11:17:08 +0200
Subject: [PATCH 22/26] fix: typo

---
 .../(app)/(internal)/entity-assessments/[id=uuid]/+page.svelte  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/frontend/src/routes/(app)/(internal)/entity-assessments/[id=uuid]/+page.svelte b/frontend/src/routes/(app)/(internal)/entity-assessments/[id=uuid]/+page.svelte
index 521c969f1..7655789db 100644
--- a/frontend/src/routes/(app)/(internal)/entity-assessments/[id=uuid]/+page.svelte
+++ b/frontend/src/routes/(app)/(internal)/entity-assessments/[id=uuid]/+page.svelte
@@ -13,7 +13,7 @@
 	import { breadcrumbObject } from '$lib/utils/stores';
 	breadcrumbObject.set(data.data);
 
-	const mailing = Boolean(data.data.compliance_assessment) && Boolean(data.data.authors.length);
+	const mailing = Boolean(data.data.compliance_assessment) && Boolean(data.data.representatives.length);
 </script>
 
 <div class="flex flex-col space-y-4 whitespace-pre-line">

From 3609ba9f3b8eac2080e719a9391c7012f569710c Mon Sep 17 00:00:00 2001
From: Mohamed-Hacene <mohamedhacene.b@gmail.com>
Date: Wed, 9 Oct 2024 11:46:46 +0200
Subject: [PATCH 23/26] fix: modal mail confirm props form

---
 frontend/src/lib/components/DetailView/DetailView.svelte | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/frontend/src/lib/components/DetailView/DetailView.svelte b/frontend/src/lib/components/DetailView/DetailView.svelte
index 598ba9f19..53e257c0c 100644
--- a/frontend/src/lib/components/DetailView/DetailView.svelte
+++ b/frontend/src/lib/components/DetailView/DetailView.svelte
@@ -126,7 +126,7 @@
 		const modalComponent: ModalComponent = {
 			ref: ConfirmModal,
 			props: {
-				_form: data.form,
+				_form: {id: id, urlmodel: getModelInfo('compliance-assessments').urlModel},
 				id: id,
 				debug: false,
 				URLModel: getModelInfo('compliance-assessments').urlModel,

From 02bc8f306306ff9a6f1ca773af45d4a365df26b3 Mon Sep 17 00:00:00 2001
From: Mohamed-Hacene <mohamedhacene.b@gmail.com>
Date: Wed, 9 Oct 2024 12:05:51 +0200
Subject: [PATCH 24/26] feat: improve questionnaire mail error handling

---
 backend/core/views.py                          | 18 +++++++++++++++---
 frontend/messages/en.json                      |  3 ++-
 .../[id=uuid]/+page.server.ts                  |  9 +++++++++
 3 files changed, 26 insertions(+), 4 deletions(-)

diff --git a/backend/core/views.py b/backend/core/views.py
index b5f901bee..d807d00f6 100644
--- a/backend/core/views.py
+++ b/backend/core/views.py
@@ -57,6 +57,9 @@
 from .models import *
 from .serializers import *
 
+import structlog
+logger = structlog.get_logger(__name__)
+
 User = get_user_model()
 
 SHORT_CACHE_TTL = 2  # mn
@@ -1650,10 +1653,19 @@ def mailing(self, request, pk):
                         object="compliance-assessments",
                         object_id=instance.id,
                     )
-                except Exception as e:
-                    print(f"Failed to send email to {author}: {e}")
+                except Exception as primary_exception:
+                    logger.error(f"Failed to send email to {author}: {primary_exception}")
+                    raise ValidationError(
+                        {
+                            "error": [
+                                "An error occurred while sending the email"
+                            ]
+                        }
+                    )
             return Response({"results": "mail sent"})
-        return Response({"results": "mail not sent"})
+        raise ValidationError({"warning": [
+                                "noMailerConfigured"
+                            ]})
 
     def perform_create(self, serializer):
         """
diff --git a/frontend/messages/en.json b/frontend/messages/en.json
index ff4b6cc14..d149b53c4 100644
--- a/frontend/messages/en.json
+++ b/frontend/messages/en.json
@@ -758,5 +758,6 @@
 	"ShowOnlyAssessable": "Only assessable",
 	"NoPreviewMessage": "No preview available.",
 	"entityAssessmentEvidenceHelpText": "An external questionnaire",
-	"associatedEntities": "Associated entities"
+	"associatedEntities": "Associated entities",
+	"noMailerConfigured": "No mailer configured"
 }
diff --git a/frontend/src/routes/(app)/(internal)/entity-assessments/[id=uuid]/+page.server.ts b/frontend/src/routes/(app)/(internal)/entity-assessments/[id=uuid]/+page.server.ts
index 2628a6ebb..7ab8b7ff6 100644
--- a/frontend/src/routes/(app)/(internal)/entity-assessments/[id=uuid]/+page.server.ts
+++ b/frontend/src/routes/(app)/(internal)/entity-assessments/[id=uuid]/+page.server.ts
@@ -7,6 +7,7 @@ import { z } from 'zod';
 import { zod } from 'sveltekit-superforms/adapters';
 import * as m from '$paraglide/messages';
 import { setFlash } from 'sveltekit-flash-message/server';
+import { safeTranslate } from '$lib/utils/i18n';
 
 export const load: PageServerLoad = async (event) => {
 	return loadDetail({ event, model: getModelInfo('entity-assessments'), id: event.params.id });
@@ -31,6 +32,14 @@ export const actions: Actions = {
 		};
 		const res = await fetch(endpoint, requestInitOptions);
 		if (!res.ok) {
+			const response = await res.json();
+			console.log(response.warning);
+			if (response.warning) {
+				for (const warning of response.warning) {
+					setFlash({ type: 'warning', message: safeTranslate(warning) }, cookies);
+				}
+				return fail(400, { form: ComplianceAssessmentForm });
+			}
 			setFlash({ type: 'error', message: m.mailFailedToSend() }, cookies);
 			return fail(400, { form: ComplianceAssessmentForm });
 		}

From 1585af79fa35e2e04b8724d3dd8b2c638ab89414 Mon Sep 17 00:00:00 2001
From: Mohamed-Hacene <mohamedhacene.b@gmail.com>
Date: Wed, 9 Oct 2024 12:11:17 +0200
Subject: [PATCH 25/26] fix: authors field in entity assessment serializer

---
 backend/core/views.py                             | 15 ++++++---------
 backend/tprm/serializers.py                       |  1 +
 .../lib/components/DetailView/DetailView.svelte   |  2 +-
 .../entity-assessments/[id=uuid]/+page.svelte     |  3 ++-
 4 files changed, 10 insertions(+), 11 deletions(-)

diff --git a/backend/core/views.py b/backend/core/views.py
index d807d00f6..5afc334e0 100644
--- a/backend/core/views.py
+++ b/backend/core/views.py
@@ -58,6 +58,7 @@
 from .serializers import *
 
 import structlog
+
 logger = structlog.get_logger(__name__)
 
 User = get_user_model()
@@ -1654,18 +1655,14 @@ def mailing(self, request, pk):
                         object_id=instance.id,
                     )
                 except Exception as primary_exception:
-                    logger.error(f"Failed to send email to {author}: {primary_exception}")
+                    logger.error(
+                        f"Failed to send email to {author}: {primary_exception}"
+                    )
                     raise ValidationError(
-                        {
-                            "error": [
-                                "An error occurred while sending the email"
-                            ]
-                        }
+                        {"error": ["An error occurred while sending the email"]}
                     )
             return Response({"results": "mail sent"})
-        raise ValidationError({"warning": [
-                                "noMailerConfigured"
-                            ]})
+        raise ValidationError({"warning": ["noMailerConfigured"]})
 
     def perform_create(self, serializer):
         """
diff --git a/backend/tprm/serializers.py b/backend/tprm/serializers.py
index 50c8a6215..b2a2703cd 100644
--- a/backend/tprm/serializers.py
+++ b/backend/tprm/serializers.py
@@ -40,6 +40,7 @@ class EntityAssessmentReadSerializer(BaseModelSerializer):
     folder = FieldsRelatedField()
     solutions = FieldsRelatedField(many=True)
     representatives = FieldsRelatedField(many=True)
+    authors = FieldsRelatedField(many=True)
     reviewers = FieldsRelatedField(many=True)
 
     class Meta:
diff --git a/frontend/src/lib/components/DetailView/DetailView.svelte b/frontend/src/lib/components/DetailView/DetailView.svelte
index 53e257c0c..a8b6d4ae1 100644
--- a/frontend/src/lib/components/DetailView/DetailView.svelte
+++ b/frontend/src/lib/components/DetailView/DetailView.svelte
@@ -126,7 +126,7 @@
 		const modalComponent: ModalComponent = {
 			ref: ConfirmModal,
 			props: {
-				_form: {id: id, urlmodel: getModelInfo('compliance-assessments').urlModel},
+				_form: { id: id, urlmodel: getModelInfo('compliance-assessments').urlModel },
 				id: id,
 				debug: false,
 				URLModel: getModelInfo('compliance-assessments').urlModel,
diff --git a/frontend/src/routes/(app)/(internal)/entity-assessments/[id=uuid]/+page.svelte b/frontend/src/routes/(app)/(internal)/entity-assessments/[id=uuid]/+page.svelte
index 7655789db..997e8e059 100644
--- a/frontend/src/routes/(app)/(internal)/entity-assessments/[id=uuid]/+page.svelte
+++ b/frontend/src/routes/(app)/(internal)/entity-assessments/[id=uuid]/+page.svelte
@@ -13,7 +13,8 @@
 	import { breadcrumbObject } from '$lib/utils/stores';
 	breadcrumbObject.set(data.data);
 
-	const mailing = Boolean(data.data.compliance_assessment) && Boolean(data.data.representatives.length);
+	const mailing =
+		Boolean(data.data.compliance_assessment) && Boolean(data.data.representatives.length);
 </script>
 
 <div class="flex flex-col space-y-4 whitespace-pre-line">

From 3838eef79d2b9fa4935a3bb8089dad5121479445 Mon Sep 17 00:00:00 2001
From: Mohamed-Hacene <mohamedhacene.b@gmail.com>
Date: Thu, 10 Oct 2024 11:06:24 +0200
Subject: [PATCH 26/26] feat: improve questionnaire confrm modal message

---
 frontend/messages/en.json                          |  3 ++-
 .../lib/components/DetailView/DetailView.svelte    | 14 ++++++++++----
 2 files changed, 12 insertions(+), 5 deletions(-)

diff --git a/frontend/messages/en.json b/frontend/messages/en.json
index 7021445ea..e920eaf50 100644
--- a/frontend/messages/en.json
+++ b/frontend/messages/en.json
@@ -742,7 +742,8 @@
 	"noAnswer": "No answer",
 	"entityAssessmentRepresentativesHelpText": "The third party users who are responsible for questionnaire completion",
 	"sendQuestionnaire": "Send questionnaire",
-	"sureToSendMail": "Are you sure you want to send the mail?",
+	"sureToSendQuestionnaire": "Are you sure you want to send the questionnaire: {questionnaire}?",
+	"theFollowingRepresentativesWillReceiveTheQuestionnaireColon": "The following representatives will receive the questionnaire:",
 	"mailSuccessfullySent": "The mail has been successfully sent",
 	"mailFailedToSend": "The mail failed to be sent",
 	"questionOrQuestions": "Question(s)",
diff --git a/frontend/src/lib/components/DetailView/DetailView.svelte b/frontend/src/lib/components/DetailView/DetailView.svelte
index d16941a26..9f624b2b5 100644
--- a/frontend/src/lib/components/DetailView/DetailView.svelte
+++ b/frontend/src/lib/components/DetailView/DetailView.svelte
@@ -23,6 +23,7 @@
 	import * as m from '$paraglide/messages.js';
 	import { ISO_8601_REGEX } from '$lib/utils/constants';
 	import { formatDateOrDateTime } from '$lib/utils/datetime';
+	import List from '$lib/components/List/List.svelte';
 
 	const modalStore: ModalStore = getModalStore();
 	const toastStore: ToastStore = getToastStore();
@@ -131,7 +132,12 @@
 				id: id,
 				debug: false,
 				URLModel: getModelInfo('compliance-assessments').urlModel,
-				formAction: action
+				formAction: action,
+				bodyComponent: List,
+				bodyProps: {
+					items: data.data.representatives,
+					message: m.theFollowingRepresentativesWillReceiveTheQuestionnaireColon()
+				}
 			}
 		};
 		const modal: ModalSettings = {
@@ -139,7 +145,7 @@
 			component: modalComponent,
 			// Data
 			title: m.confirmModalTitle(),
-			body: m.sureToSendMail()
+			body: m.sureToSendQuestionnaire({ questionnaire: name })
 		};
 		modalStore.trigger(modal);
 	}
@@ -298,14 +304,14 @@
 					on:click={(_) => {
 						modalMailConfirm(
 							data.data.compliance_assessment.id,
-							data.data.compliance_assessment.name,
+							data.data.compliance_assessment.str,
 							'?/mailing'
 						);
 					}}
 					on:keydown={(_) =>
 						modalMailConfirm(
 							data.data.compliance_assessment.id,
-							data.data.compliance_assessment.name,
+							data.data.compliance_assessment.str,
 							'?/mailing'
 						)}
 				>