2025-09-07 20:52:19 +02:00
|
|
|
from django.contrib.auth import get_user_model
|
|
|
|
|
from rest_framework import serializers
|
|
|
|
|
from .models import Risk, Control, ResidualRisk, AuditLog, Incident
|
|
|
|
|
|
|
|
|
|
class ResidualRiskSerializer(serializers.ModelSerializer):
|
|
|
|
|
class Meta:
|
|
|
|
|
model = ResidualRisk
|
|
|
|
|
fields = [
|
|
|
|
|
"id",
|
|
|
|
|
"risk",
|
|
|
|
|
"likelihood",
|
|
|
|
|
"impact",
|
|
|
|
|
"score",
|
|
|
|
|
"level",
|
|
|
|
|
"review_required",
|
|
|
|
|
]
|
|
|
|
|
read_only_fields = ["score", "level"]
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
class ControlSerializer(serializers.ModelSerializer):
|
|
|
|
|
class Meta:
|
|
|
|
|
model = Control
|
|
|
|
|
fields = [
|
|
|
|
|
"id",
|
|
|
|
|
"title",
|
|
|
|
|
"status",
|
|
|
|
|
"due_date",
|
|
|
|
|
"responsible",
|
|
|
|
|
"description",
|
|
|
|
|
"wiki_link",
|
|
|
|
|
"risk",
|
|
|
|
|
]
|
|
|
|
|
|
|
|
|
|
class RiskSerializer(serializers.ModelSerializer):
|
|
|
|
|
# Nested representation of related controls
|
|
|
|
|
controls = ControlSerializer(many=True, read_only=True)
|
|
|
|
|
|
|
|
|
|
class Meta:
|
|
|
|
|
model = Risk
|
|
|
|
|
fields = [
|
|
|
|
|
"id",
|
|
|
|
|
"title",
|
|
|
|
|
"asset",
|
|
|
|
|
"process",
|
|
|
|
|
"category",
|
feat: Enhance Risk Management Module
- Updated Risk model to include description, created_at, and updated_at fields.
- Modified RiskSerializer to include created_at and updated_at in serialized output.
- Improved logging in signals for Risk and Control models, including serialization of values.
- Added new template tags for CIA label mapping.
- Refactored URL patterns for better clarity and added detail views for risks, controls, and incidents.
- Implemented list and detail views for risks, controls, and incidents with filtering options.
- Enhanced CSS for better UI/UX, including breadcrumbs and table styling.
- Created new templates for displaying individual risks, controls, and incidents with detailed information.
2025-09-08 15:03:12 +02:00
|
|
|
"created_at",
|
|
|
|
|
"updatet_at",
|
2025-09-07 20:52:19 +02:00
|
|
|
"likelihood",
|
|
|
|
|
"impact",
|
|
|
|
|
"score",
|
|
|
|
|
"level",
|
|
|
|
|
"owner",
|
|
|
|
|
"follow_up",
|
|
|
|
|
"confidentiality",
|
|
|
|
|
"integrity",
|
|
|
|
|
"availability",
|
|
|
|
|
"controls",
|
|
|
|
|
]
|
|
|
|
|
|
|
|
|
|
class AuditSerializer(serializers.ModelSerializer):
|
|
|
|
|
class Meta:
|
|
|
|
|
model = AuditLog
|
|
|
|
|
fields = [
|
|
|
|
|
"id",
|
|
|
|
|
"user",
|
|
|
|
|
"action",
|
|
|
|
|
"model",
|
|
|
|
|
"object_id",
|
|
|
|
|
"changes",
|
|
|
|
|
"timestamp",
|
|
|
|
|
]
|
|
|
|
|
|
|
|
|
|
User = get_user_model()
|
|
|
|
|
|
|
|
|
|
class UserSerializer(serializers.ModelSerializer):
|
|
|
|
|
risks_owned = serializers.PrimaryKeyRelatedField(many=True, read_only=True)
|
|
|
|
|
controls_responsible = serializers.PrimaryKeyRelatedField(many=True, read_only=True)
|
|
|
|
|
|
|
|
|
|
class Meta:
|
|
|
|
|
model = User
|
|
|
|
|
fields = [
|
|
|
|
|
"id",
|
|
|
|
|
"username",
|
|
|
|
|
"email",
|
|
|
|
|
"is_sso_user",
|
|
|
|
|
"risks_owned",
|
|
|
|
|
"controls_responsible",
|
|
|
|
|
]
|
|
|
|
|
|
|
|
|
|
class RiskSummarySerializer(serializers.ModelSerializer):
|
|
|
|
|
class Meta:
|
|
|
|
|
model = Risk
|
|
|
|
|
fields = ["id", "title", "score", "level"]
|
|
|
|
|
|
|
|
|
|
class IncidentSerializer(serializers.ModelSerializer):
|
|
|
|
|
related_risks = RiskSummarySerializer(many=True, read_only=True)
|
|
|
|
|
|
|
|
|
|
class Meta:
|
|
|
|
|
model = Incident
|
|
|
|
|
fields = [
|
|
|
|
|
"id",
|
|
|
|
|
"title",
|
|
|
|
|
"description",
|
|
|
|
|
"date_reported",
|
|
|
|
|
"status",
|
|
|
|
|
"related_risks",
|
|
|
|
|
]
|
