Add applied control duplication

backend/core/models.py

@@ -1374,9 +1374,6 @@ def risk_assessments(self):
     def projects(self):
         return {risk_assessment.project for risk_assessment in self.risk_assessments}
 
-    def parent_project(self):
-        pass
-
     def __str__(self):
         return self.name
 

backend/core/serializers.py

@@ -317,6 +317,12 @@ class AppliedControlReadSerializer(AppliedControlWriteSerializer):
     owner = FieldsRelatedField(many=True)
 
 
+class AppliedControlDuplicateSerializer(BaseModelSerializer):
+    class Meta:
+        model = AppliedControl
+        fields = ["name", "description", "folder"]
+
+
 class PolicyWriteSerializer(AppliedControlWriteSerializer):
     class Meta:
         model = Policy

backend/core/views.py

@@ -914,6 +914,42 @@ def get_timeline_info(self, request):
             colorMap[domain.name] = next(color_cycle)
         return Response({"entries": entries, "colorMap": colorMap})
 
+    @action(
+        detail=True,
+        name="Duplicate applied control",
+        methods=["post"],
+        serializer_class=AppliedControlDuplicateSerializer,
+    )
+    def duplicate(self, request, pk):
+        (object_ids_view, _, _) = RoleAssignment.get_accessible_object_ids(
+            Folder.get_root_folder(), request.user, AppliedControl
+        )
+        if UUID(pk) in object_ids_view:
+            applied_control = self.get_object()
+            data = request.data
+            duplicate_applied_control = AppliedControl.objects.create(
+                reference_control=applied_control.reference_control,
+                name=data["name"],
+                description=data["description"],
+                folder=Folder.objects.get(id=data["folder"]),
+                category=applied_control.category,
+                csf_function=applied_control.csf_function,
+                status=applied_control.status,
+                start_date=applied_control.start_date,
+                eta=applied_control.eta,
+                expiry_date=applied_control.expiry_date,
+                link=applied_control.link,
+                effort=applied_control.effort,
+                cost=applied_control.cost,
+            )
+            # Should we duplicate the owners and evidences ?
+            # duplicate_applied_control.owner.set(applied_control.owner.all())
+            # The evidences must be cloned before being linked to the applied_control if they are not in the same scope (an applied_control with a scope FOLDER1/PROJECT1 must have evidences into FOLDER1/PROJECT1)
+            # duplicate_applied_control.evidences.set(applied_control.evidences.all())
+            # duplicate_applied_control.save() # This line must be used if one of the ManyToManyField of the applied_control is modified during this function execution.
+
+            return Response({"results": "applied control duplicated"})
+
 
 class PolicyViewSet(AppliedControlViewSet):
     model = Policy

frontend/messages/ar.json

@@ -624,6 +624,7 @@
 	"ssoSettingsDescription": "قم بتكوين إعدادات تسجيل الدخول الموحد هنا.",
 	"sso": "SSO",
 	"isSso": "هل هو SSO",
+	"duplicateAppliedControl": "تكرار عنصر التحكم المطبق",
 	"requirementMappingSets": "ربط الأطر",
 	"size": "الحجم",
 	"financial": "المالي",

frontend/messages/de.json

@@ -628,6 +628,7 @@
 	"back": "Zurückkehren",
 	"duplicate": "Duplikat",
 	"duplicateRiskAssessment": "Duplizieren Sie die Risikobewertung",
+	"duplicateAppliedControl": "Duplizieren Sie das angewendete kontrolle",
 	"size": "Größe",
 	"entity": "Juristische Person",
 	"entities": "Entitäten",

frontend/messages/en.json

@@ -675,6 +675,7 @@
 	"back": "Back",
 	"duplicate": "Duplicate",
 	"duplicateRiskAssessment": "Duplicate the risk assessment",
+	"duplicateAppliedControl": "Duplicate the applied control",
 	"size": "Size",
 	"favicon": "Favicon",
 	"logo": "Logo",

frontend/messages/es.json

@@ -628,6 +628,7 @@
 	"back": "Devolver",
 	"duplicate": "Duplicar",
 	"duplicateRiskAssessment": "Duplicar la evaluación de riesgo",
+	"duplicateAppliedControl": "Duplicar el control aplicado",
 	"size": "Tamaño",
 	"entity": "Entidad",
 	"entities": "Entidades",

frontend/messages/fr.json

@@ -628,6 +628,7 @@
 	"back": "Retour",
 	"duplicate": "Dupliquer",
 	"duplicateRiskAssessment": "Dupliquer l’évaluation de risque",
+	"duplicateAppliedControl": "Dupliquer la mesure appliquée",
 	"size": "Taille",
 	"entity": "Entité",
 	"entities": "Entités",

frontend/messages/hi.json

@@ -670,6 +670,7 @@
 	"back": "वापस",
 	"duplicate": "प्रतिलिपि",
 	"duplicateRiskAssessment": "जोखिम आकलन की प्रतिलिपि बनाएँ",
+	"duplicateAppliedControl": "लागू नियंत्रण की प्रतिलिपि बनाएँ",
 	"size": "आकार",
 	"financial": "वित्तीय",
 	"legal": "कानूनी",

frontend/messages/it.json

@@ -628,6 +628,7 @@
 	"back": "Ritorno",
 	"duplicate": "Duplicare",
 	"duplicateRiskAssessment": "Duplicare la valutazione del rischio",
+	"duplicateAppliedControl": "Duplica il controllo applicato",
 	"size": "Dimensione",
 	"entity": "Entità",
 	"entities": "Entità",

frontend/messages/nl.json

@@ -628,6 +628,7 @@
 	"back": "Opbrengst",
 	"duplicate": "Duplicaat",
 	"duplicateRiskAssessment": "Dupliceer de risicobeoordeling",
+	"duplicateAppliedControl": "Dupliceer de toegepaste controle",
 	"size": "Grootte",
 	"entity": "Entiteit",
 	"entities": "Entiteiten",

frontend/messages/pl.json

@@ -665,6 +665,7 @@
 	"back": "Powrót",
 	"duplicate": "Duplikować",
 	"duplicateRiskAssessment": "Powielić ocenę ryzyka",
+	"duplicateAppliedControl": "Duplikuj zastosowaną kontrolę",
 	"size": "Rozmiar",
 	"entity": "Podmiot",
 	"entities": "Podmioty",

frontend/messages/pt.json

@@ -628,6 +628,7 @@
 	"back": "Retornar",
 	"duplicate": "Duplicado",
 	"duplicateRiskAssessment": "Duplicar a avaliação de risco",
+	"duplicateAppliedControl": "Duplicar o controle aplicado",
 	"size": "Tamanho",
 	"entity": "Entidade",
 	"entities": "Entidades",

frontend/messages/ro.json

@@ -667,6 +667,7 @@
 	"back": "Înapoi",
 	"duplicate": "Dublică",
 	"duplicateRiskAssessment": "Dublarea evaluării riscului",
+	"duplicateAppliedControl": "Duplicați control aplicat",
 	"size": "Mărime",
 	"financial": "Finanțe",
 	"legal": "Juridic",

frontend/messages/ur.json

@@ -670,6 +670,7 @@
 	"back": "واپس",
 	"duplicate": "نقل کریں",
 	"duplicateRiskAssessment": "خطرے کی تشخیص کو نقل کریں",
+	"duplicateAppliedControl": "لاگو کنٹرول کی نقل تیار کریں۔",
 	"size": "سائز",
 	"financial": "مالیاتی",
 	"legal": "قانونی",

frontend/src/lib/components/DetailView/DetailView.svelte

@@ -124,6 +124,26 @@
 		modalStore.trigger(modal);
 	}
 
+	function modalAppliedControlDuplicateForm(): void {
+		const modalComponent: ModalComponent = {
+			ref: CreateModal,
+			props: {
+				form: data.duplicateForm,
+				model: data.model,
+				debug: false,
+				duplicate: true,
+				formAction: '?/duplicate'
+			}
+		};
+
+		const modal: ModalSettings = {
+			type: 'component',
+			component: modalComponent,
+			title: m.duplicateAppliedControl()
+		};
+		modalStore.trigger(modal);
+	}
+
 	function modalMailConfirm(id: string, name: string, action: string): void {
 		const modalComponent: ModalComponent = {
 			ref: ConfirmModal,
@@ -321,11 +341,24 @@
 				</button>
 			{/if}
 			{#if displayEditButton()}
-				<a
-					href={`${$page.url.pathname}/edit?next=${$page.url.pathname}`}
-					class="btn variant-filled-primary h-fit"
-					><i class="fa-solid fa-pen-to-square mr-2" data-testid="edit-button" />{m.edit()}</a
-				>
+				<div class="flex flex-col space-y-2 ml-4">
+					<a
+						href={`${$page.url.pathname}/edit?next=${$page.url.pathname}`}
+						class="btn variant-filled-primary h-fit"
+						><i class="fa-solid fa-pen-to-square mr-2" data-testid="edit-button" />{m.edit()}</a
+					>
+					{#if data.urlModel === 'applied-controls'}
+						<span class="pt-4 font-light text-sm">Power-ups:</span>
+						<button
+							class="btn text-gray-100 bg-gradient-to-l from-sky-500 to-green-600"
+							on:click={(_) => modalAppliedControlDuplicateForm()}
+							data-testid="duplicate-button"
+						>
+							<i class="fa-solid fa-copy mr-2"></i>
+							{m.duplicate()}</button
+						>
+					{/if}
+				</div>
 			{/if}
 		</div>
 	</div>

frontend/src/lib/components/Forms/ModelForm.svelte

@@ -48,7 +48,7 @@
 	export let parent: any;
 	export let suggestions: { [key: string]: any } = {};
 	export let cancelButton = true;
-	export let riskAssessmentDuplication = false;
+	export let duplicate = false;
 
 	const URLModel = model.urlModel as urlModel;
 	export let schema = modelSchema(URLModel);
@@ -119,7 +119,7 @@
 	<input type="hidden" name="urlmodel" value={model.urlModel} />
 	<!--NOTE: Not the cleanest pattern, will refactor-->
 	<!--TODO: Refactor-->
-	{#if shape.reference_control}
+	{#if shape.reference_control && !duplicate}
 		<AutocompleteSelect
 			{form}
 			options={getOptions({
@@ -178,11 +178,11 @@
 		<ProjectForm {form} {model} {cacheLocks} {formDataCache} {initialData} />
 	{:else if URLModel === 'folders'}
 		<FolderForm {form} {model} {cacheLocks} {formDataCache} {initialData} />
-	{:else if URLModel === 'risk-assessments' || URLModel === 'risk-assessment-duplicate'}
+	{:else if URLModel === 'risk-assessments'}
 		<RiskAssessmentForm
 			{form}
 			{model}
-			{riskAssessmentDuplication}
+			{duplicate}
 			{cacheLocks}
 			{formDataCache}
 			{initialData}
@@ -198,6 +198,7 @@
 		<AppliedControlsPoliciesForm
 			{form}
 			{model}
+			{duplicate}
 			{cacheLocks}
 			{formDataCache}
 			{schema}