Skip to content

feat: DORA ROI report and multiple new concepts for third parties #2854

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 48 commits into from
Nov 15, 2025
Merged

feat: DORA ROI report and multiple new concepts for third parties #2854

Show file tree
Hide file tree
Changes from 7 commits
Commits
Show all changes
48 commits
Select commit Hold shift + click to select a range
3a03b02
migration
ab-smith Nov 7, 2025
679a3f3
frontend
ab-smith Nov 7, 2025
8fe8f0b
is critical and associated filter for assets
ab-smith Nov 7, 2025
7d3da20
legal identifiers
ab-smith Nov 7, 2025
be5d0cb
fixup
ab-smith Nov 7, 2025
56df9de
feat: contracts management
ab-smith Nov 7, 2025
6b01138
make Main editable
ab-smith Nov 7, 2025
2b8b256
wip for report generation
ab-smith Nov 8, 2025
1458c80
fixup for tiles
ab-smith Nov 8, 2025
b9fb505
fix icon
ab-smith Nov 9, 2025
6f00d65
update countries list
ab-smith Nov 10, 2025
d3de3a2
extra fields on Entity, Solution and Contract
ab-smith Nov 10, 2025
a0cc4e3
fixup
ab-smith Nov 10, 2025
e299cad
update migration
ab-smith Nov 10, 2025
7d45a7d
fixup
ab-smith Nov 10, 2025
6dc8721
limit contract form for now
ab-smith Nov 10, 2025
31a7cf0
merge migrations
ab-smith Nov 10, 2025
006104e
more constants
ab-smith Nov 10, 2025
eeb408e
covering all exports
ab-smith Nov 11, 2025
442cc3e
refactor exports
ab-smith Nov 11, 2025
6d21f23
add linter for dora export
ab-smith Nov 12, 2025
9f8a527
support explicit beneficiary field on contract
ab-smith Nov 12, 2025
c99882d
add entities graph
ab-smith Nov 12, 2025
aaf7b0b
more rules and nesting the zip
ab-smith Nov 12, 2025
4707558
default ebios attributes
ab-smith Nov 13, 2025
c256f47
manage default criticality
ab-smith Nov 13, 2025
56e221b
sortable entities criticality
ab-smith Nov 13, 2025
203edff
data wizard for ecosystem
ab-smith Nov 13, 2025
1011bc8
Merge branch 'main' into dora_reports
ab-smith Nov 13, 2025
104ce4c
fix migrations
ab-smith Nov 13, 2025
e361f75
fixup
ab-smith Nov 13, 2025
8055de9
feature flags
ab-smith Nov 13, 2025
d9bc599
breathing room for FF
ab-smith Nov 13, 2025
ba4ac46
minor fixes
ab-smith Nov 13, 2025
9193ed6
fixup
ab-smith Nov 13, 2025
4e87cf6
fixup
ab-smith Nov 13, 2025
e34b921
fix for data wizard
ab-smith Nov 14, 2025
ccb77e0
preset ebios entity assessment from default
ab-smith Nov 14, 2025
a084192
fix filters
ab-smith Nov 14, 2025
c858aee
wip
ab-smith Nov 14, 2025
9598a6d
merge migrations
ab-smith Nov 14, 2025
ff2dc43
be able to remove the parent entity and prevent setting itself
ab-smith Nov 14, 2025
1abfe41
prevent loops on overarching contract
ab-smith Nov 14, 2025
9d9bb9e
simplify menu for now
ab-smith Nov 14, 2025
931c419
cover solutions and contracts of supporting assets
ab-smith Nov 14, 2025
79a9405
autolink documents to contracts when created from it
ab-smith Nov 14, 2025
d5cfdc8
missing fr translations
ab-smith Nov 14, 2025
aa5f112
fix test for nested menus that are hidden by default
ab-smith Nov 14, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
17 changes: 17 additions & 0 deletions backend/core/migrations/0112_asset_is_critical.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
# Generated by Django 5.2.7 on 2025-11-07 17:17

from django.db import migrations, models


class Migration(migrations.Migration):
dependencies = [
("core", "0111_finding_priority"),
]

operations = [
migrations.AddField(
model_name="asset",
name="is_critical",
field=models.BooleanField(default=False, verbose_name="is_critical"),
),
]
2 changes: 2 additions & 0 deletions backend/core/models.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2149,6 +2149,8 @@ class Type(models.TextChoices):
is_published = models.BooleanField(_("published"), default=True)
observation = models.TextField(null=True, blank=True, verbose_name=_("Observation"))

is_critical = models.BooleanField("is_critical", default=False)

fields_to_check = ["name"]

class Meta:
Expand Down
7 changes: 7 additions & 0 deletions backend/core/serializers.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@
)
from core.utils import time_state
from ebios_rm.models import EbiosRMStudy, Stakeholder
from tprm.models import Solution
from global_settings.utils import ff_is_enabled
from iam.models import *
from django.contrib.auth.models import Permission
Expand Down Expand Up @@ -390,6 +391,11 @@ class AssetWriteSerializer(BaseModelSerializer):
queryset=Asset.objects.all(),
required=False,
)
solutions = serializers.PrimaryKeyRelatedField(
many=True,
queryset=Solution.objects.all(),
required=False,
)

class Meta:
model = Asset
Expand Down Expand Up @@ -454,6 +460,7 @@ class AssetReadSerializer(AssetWriteSerializer):
personal_data = FieldsRelatedField(many=True)
asset_class = FieldsRelatedField(["name"])
overridden_children_capabilities = FieldsRelatedField(many=True)
solutions = FieldsRelatedField(many=True)

children_assets = serializers.SerializerMethodField()
security_objectives = serializers.SerializerMethodField()
Expand Down
13 changes: 13 additions & 0 deletions backend/core/startup.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,7 @@
"view_riskmatrix",
"view_riskscenario",
"view_solution",
"view_contract",
"view_storedlibrary",
"view_threat",
"view_vulnerability",
Expand Down Expand Up @@ -175,6 +176,7 @@
"add_riskassessment",
"add_riskscenario",
"add_solution",
"add_contract",
"add_threat",
"add_vulnerability",
"change_appliedcontrol",
Expand All @@ -193,6 +195,7 @@
"change_riskassessment",
"change_riskscenario",
"change_solution",
"change_contract",
"change_threat",
"delete_appliedcontrol",
"delete_asset",
Expand All @@ -209,6 +212,7 @@
"delete_riskassessment",
"delete_riskscenario",
"delete_solution",
"delete_contract",
"delete_threat",
"view_appliedcontrol",
"view_asset",
Expand All @@ -233,6 +237,7 @@
"view_riskmatrix",
"view_riskscenario",
"view_solution",
"view_contract",
"view_storedlibrary",
"view_threat",
"view_user",
Expand Down Expand Up @@ -414,6 +419,7 @@
"add_riskmatrix",
"add_riskscenario",
"add_solution",
"add_contract",
"add_threat",
"change_appliedcontrol",
"change_asset",
Expand All @@ -432,6 +438,7 @@
"change_riskmatrix",
"change_riskscenario",
"change_solution",
"change_contract",
"change_threat",
"delete_appliedcontrol",
"delete_asset",
Expand All @@ -453,6 +460,7 @@
"delete_vulnerability",
"delete_riskscenario",
"delete_solution",
"delete_contract",
"delete_threat",
"view_appliedcontrol",
"view_asset",
Expand All @@ -476,6 +484,7 @@
"view_riskmatrix",
"view_riskscenario",
"view_solution",
"view_contract",
"view_storedlibrary",
"view_threat",
"view_user",
Expand Down Expand Up @@ -770,6 +779,10 @@
"change_solution",
"view_solution",
"delete_solution",
"add_contract",
"change_contract",
"view_contract",
"delete_contract",
"add_entityassessment",
"change_entityassessment",
"view_entityassessment",
Expand Down
2 changes: 2 additions & 0 deletions backend/core/urls.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@
RepresentativeViewSet,
SolutionViewSet,
EntityAssessmentViewSet,
ContractViewSet,
)
from library.views import StoredLibraryViewSet, LoadedLibraryViewSet
import importlib
Expand All @@ -23,6 +24,7 @@
)
router.register(r"solutions", SolutionViewSet, basename="solutions")
router.register(r"representatives", RepresentativeViewSet, basename="representatives")
router.register(r"contracts", ContractViewSet, basename="contracts")
router.register(r"perimeters", PerimeterViewSet, basename="perimeters")
router.register(r"risk-matrices", RiskMatrixViewSet, basename="risk-matrices")
router.register(r"vulnerabilities", VulnerabilityViewSet, basename="vulnerabilities")
Expand Down
2 changes: 2 additions & 0 deletions backend/core/views.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -675,6 +675,7 @@ class Meta:
"filtering_labels",
"asset_class",
"personal_data",
"is_critical",
]


Expand Down Expand Up @@ -5796,6 +5797,7 @@ class EvidenceViewSet(BaseModelViewSet):
"owner",
"status",
"expiry_date",
"contracts",
]

@action(detail=False, name="Get all evidences owners")
Expand Down
22 changes: 22 additions & 0 deletions backend/tprm/migrations/0008_entity_legal_identifiers.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
# Generated by Django 5.2.7 on 2025-11-07 18:56

from django.db import migrations, models


class Migration(migrations.Migration):
dependencies = [
("tprm", "0007_entity_relationship"),
]

operations = [
migrations.AddField(
model_name="entity",
name="legal_identifiers",
field=models.JSONField(
blank=True,
default=dict,
help_text="Legal identifiers (LEI, EUID, VAT, DUNS, etc.)",
verbose_name="Legal identifiers",
),
),
]
139 changes: 139 additions & 0 deletions backend/tprm/migrations/0009_contract.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,139 @@
# Generated by Django 5.2.7 on 2025-11-07 20:57

import django.db.models.deletion
import iam.models
import uuid
from django.conf import settings
from django.db import migrations, models


class Migration(migrations.Migration):
dependencies = [
("core", "0112_asset_is_critical"),
("iam", "0016_folder_filtering_labels"),
("tprm", "0008_entity_legal_identifiers"),
migrations.swappable_dependency(settings.AUTH_USER_MODEL),
]

operations = [
migrations.CreateModel(
name="Contract",
fields=[
(
"id",
models.UUIDField(
default=uuid.uuid4,
editable=False,
primary_key=True,
serialize=False,
),
),
(
"created_at",
models.DateTimeField(auto_now_add=True, verbose_name="Created at"),
),
(
"updated_at",
models.DateTimeField(auto_now=True, verbose_name="Updated at"),
),
(
"is_published",
models.BooleanField(default=False, verbose_name="published"),
),
("name", models.CharField(max_length=200, verbose_name="Name")),
(
"description",
models.TextField(blank=True, null=True, verbose_name="Description"),
),
(
"status",
models.CharField(
choices=[
("draft", "Draft"),
("active", "Active"),
("expired", "Expired"),
("terminated", "Terminated"),
],
default="draft",
max_length=20,
verbose_name="Status",
),
),
(
"start_date",
models.DateField(blank=True, null=True, verbose_name="Start date"),
),
(
"end_date",
models.DateField(blank=True, null=True, verbose_name="End date"),
),
(
"ref_id",
models.CharField(
blank=True,
help_text="Contract reference number or identifier",
max_length=255,
verbose_name="Reference ID",
),
),
(
"entities",
models.ManyToManyField(
blank=True,
help_text="Entities involved in this contract",
related_name="contracts",
to="tprm.entity",
verbose_name="Entities",
),
),
(
"evidences",
models.ManyToManyField(
blank=True,
help_text="Supporting evidence for this contract",
related_name="contracts",
to="core.evidence",
verbose_name="Evidences",
),
),
(
"filtering_labels",
models.ManyToManyField(
blank=True, to="core.filteringlabel", verbose_name="Labels"
),
),
(
"folder",
models.ForeignKey(
default=iam.models.Folder.get_root_folder_id,
on_delete=django.db.models.deletion.CASCADE,
related_name="%(class)s_folder",
to="iam.folder",
),
),
(
"owner",
models.ManyToManyField(
blank=True,
related_name="contracts",
to=settings.AUTH_USER_MODEL,
verbose_name="Owner",
),
),
(
"solutions",
models.ManyToManyField(
blank=True,
help_text="Solutions covered by this contract",
related_name="contracts",
to="tprm.solution",
verbose_name="Solutions",
),
),
],
options={
"verbose_name": "Contract",
"verbose_name_plural": "Contracts",
},
),
]
Loading
Loading