Skull-IT/ISO-27001-Risk-Management
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
ISO-27001-Risk-Management/risks/migrations/0001_initial.py

208 lines
16 KiB
Python
Raw Normal View History

refactor risks models
2025-09-22 08:35:11 +02:00
# Generated by Django 5.2.6 on 2025-09-22 06:32
Add custom User model, OIDC backend, DB flexibility (SQLite/Postgres/MySQL), secured API endpoints, and initial Risk/Control models with enums, score calculation, and groups seeding.
2025-09-07 20:52:19 +02:00
import django.contrib.auth.models
import django.contrib.auth.validators
import django.db.models.deletion
import django.utils.timezone
refactor risks models
2025-09-22 08:35:11 +02:00
import multiselectfield.db.fields
import risks.models.auditlog
Add custom User model, OIDC backend, DB flexibility (SQLite/Postgres/MySQL), secured API endpoints, and initial Risk/Control models with enums, score calculation, and groups seeding.
2025-09-07 20:52:19 +02:00
from django.conf import settings
from django.db import migrations, models
class Migration(migrations.Migration):
initial = True
dependencies = [
('auth', '0012_alter_user_first_name_max_length'),
refactor risks models
2025-09-22 08:35:11 +02:00
('contenttypes', '0002_remove_content_type_name'),
Add custom User model, OIDC backend, DB flexibility (SQLite/Postgres/MySQL), secured API endpoints, and initial Risk/Control models with enums, score calculation, and groups seeding.
2025-09-07 20:52:19 +02:00
]
operations = [
refactor risks models
2025-09-22 08:35:11 +02:00
migrations.CreateModel(
name='NotificationRule',
fields=[
('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
('kind', models.CharField(choices=[('risk.created', 'Risk created'), ('risk.updated', 'Risk updated'), ('risk.deleted', 'Risk deleted'), ('risk.review_required', 'Risk review required'), ('risk.review_completed', 'Risk review completed'), ('control.created', 'Control created'), ('control.updated', 'Control updated'), ('control.deleted', 'Control deleted'), ('residual.created', 'Residual created'), ('residual.updated', 'Residual updated'), ('residual.deleted', 'Residual deleted'), ('residual.review_required', 'Residual review required'), ('residual.review_completed', 'Residual review completed'), ('incident.created', 'Incident created'), ('incident.updated', 'Incident updated'), ('incident.deleted', 'Incident deleted'), ('user.created', 'User created'), ('user.deleted', 'User deleted')], max_length=40, unique=True, verbose_name='Event')),
('enabled_in_app', models.BooleanField(default=True, verbose_name='Show in app')),
('enabled_email', models.BooleanField(default=False, verbose_name='Send via email')),
('to_owner', models.BooleanField(default=True, verbose_name='Send to owner/responsible/reporter (if available)')),
('to_staff', models.BooleanField(default=False, verbose_name='Send to all staff')),
('extra_recipients', models.TextField(blank=True, verbose_name='Extra recipients (emails, comma or newline separated)')),
],
options={
'verbose_name': 'Notification rule',
'verbose_name_plural': 'Notification rules',
},
),
Add custom User model, OIDC backend, DB flexibility (SQLite/Postgres/MySQL), secured API endpoints, and initial Risk/Control models with enums, score calculation, and groups seeding.
2025-09-07 20:52:19 +02:00
migrations.CreateModel(
name='User',
fields=[
('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
('password', models.CharField(max_length=128, verbose_name='password')),
('last_login', models.DateTimeField(blank=True, null=True, verbose_name='last login')),
('is_superuser', models.BooleanField(default=False, help_text='Designates that this user has all permissions without explicitly assigning them.', verbose_name='superuser status')),
('username', models.CharField(error_messages={'unique': 'A user with that username already exists.'}, help_text='Required. 150 characters or fewer. Letters, digits and @/./+/-/_ only.', max_length=150, unique=True, validators=[django.contrib.auth.validators.UnicodeUsernameValidator()], verbose_name='username')),
('first_name', models.CharField(blank=True, max_length=150, verbose_name='first name')),
('last_name', models.CharField(blank=True, max_length=150, verbose_name='last name')),
('email', models.EmailField(blank=True, max_length=254, verbose_name='email address')),
('is_staff', models.BooleanField(default=False, help_text='Designates whether the user can log into this admin site.', verbose_name='staff status')),
('is_active', models.BooleanField(default=True, help_text='Designates whether this user should be treated as active. Unselect this instead of deleting accounts.', verbose_name='active')),
('date_joined', models.DateTimeField(default=django.utils.timezone.now, verbose_name='date joined')),
('is_sso_user', models.BooleanField(default=False)),
('groups', models.ManyToManyField(blank=True, help_text='The groups this user belongs to. A user will get all permissions granted to each of their groups.', related_name='user_set', related_query_name='user', to='auth.group', verbose_name='groups')),
('user_permissions', models.ManyToManyField(blank=True, help_text='Specific permissions for this user.', related_name='user_set', related_query_name='user', to='auth.permission', verbose_name='user permissions')),
],
options={
'verbose_name': 'user',
'verbose_name_plural': 'users',
'abstract': False,
},
managers=[
('objects', django.contrib.auth.models.UserManager()),
],
),
refactor risks models
2025-09-22 08:35:11 +02:00
migrations.CreateModel(
name='AuditLog',
fields=[
('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
('action', models.CharField(choices=[('create', 'Created'), ('update', 'Updated'), ('delete', 'Deleted')], max_length=10)),
('model', models.CharField(max_length=100)),
('object_id', models.CharField(max_length=50)),
('changes', models.JSONField(blank=True, encoder=risks.models.auditlog.SafeJSONEncoder, null=True)),
('timestamp', models.DateTimeField(auto_now_add=True)),
('user', models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.SET_NULL, related_name='audit_logs', to=settings.AUTH_USER_MODEL)),
],
options={
'verbose_name': 'Auditlog',
'verbose_name_plural': 'Auditlogs',
},
),
migrations.CreateModel(
name='Notification',
fields=[
('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
('message', models.TextField()),
('kind', models.CharField(choices=[('risk.created', 'Risk created'), ('risk.updated', 'Risk updated'), ('risk.deleted', 'Risk deleted'), ('risk.review_required', 'Risk review required'), ('risk.review_completed', 'Risk review completed'), ('control.created', 'Control created'), ('control.updated', 'Control updated'), ('control.deleted', 'Control deleted'), ('residual.created', 'Residual created'), ('residual.updated', 'Residual updated'), ('residual.deleted', 'Residual deleted'), ('residual.review_required', 'Residual review required'), ('residual.review_completed', 'Residual review completed'), ('incident.created', 'Incident created'), ('incident.updated', 'Incident updated'), ('incident.deleted', 'Incident deleted'), ('user.created', 'User created'), ('user.deleted', 'User deleted')], default='', max_length=40)),
('created_at', models.DateTimeField(auto_now_add=True)),
('read', models.BooleanField(default=False)),
('sent', models.BooleanField(default=False)),
('object_id', models.PositiveIntegerField(blank=True, null=True)),
('target_url', models.CharField(blank=True, max_length=500, null=True)),
('content_type', models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.CASCADE, to='contenttypes.contenttype')),
('user', models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.SET_NULL, related_name='notifications', to=settings.AUTH_USER_MODEL)),
],
options={
'verbose_name': 'Notification',
'verbose_name_plural': 'Notifications',
},
),
migrations.CreateModel(
name='NotificationPreference',
fields=[
('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
('risk_created', models.BooleanField(default=True)),
('risk_updated', models.BooleanField(default=True)),
('risk_deleted', models.BooleanField(default=True)),
('control_created', models.BooleanField(default=True)),
('control_updated', models.BooleanField(default=True)),
('control_deleted', models.BooleanField(default=True)),
('residual_created', models.BooleanField(default=True)),
('residual_updated', models.BooleanField(default=True)),
('residual_deleted', models.BooleanField(default=True)),
('review_required', models.BooleanField(default=True)),
('review_completed', models.BooleanField(default=True)),
('user_created', models.BooleanField(default=False)),
('user_deleted', models.BooleanField(default=False)),
('incident_created', models.BooleanField(default=True)),
('incident_updated', models.BooleanField(default=True)),
('incident_deleted', models.BooleanField(default=True)),
('created_at', models.DateTimeField(auto_now_add=True)),
('updated_at', models.DateTimeField(auto_now=True)),
('user', models.OneToOneField(on_delete=django.db.models.deletion.CASCADE, related_name='notification_preference', to=settings.AUTH_USER_MODEL, verbose_name='User')),
],
),
Add custom User model, OIDC backend, DB flexibility (SQLite/Postgres/MySQL), secured API endpoints, and initial Risk/Control models with enums, score calculation, and groups seeding.
2025-09-07 20:52:19 +02:00
migrations.CreateModel(
name='Risk',
fields=[
('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
refactor risks models
2025-09-22 08:35:11 +02:00
('title', models.CharField(max_length=255, verbose_name='Title')),
('description', models.TextField(blank=True, max_length=225, null=True, verbose_name='Description')),
('asset', models.CharField(blank=True, max_length=255, null=True, verbose_name='Asset')),
('process', models.CharField(blank=True, max_length=255, null=True, verbose_name='Process')),
('category', models.CharField(blank=True, max_length=255, null=True, verbose_name='Category')),
('created_at', models.DateTimeField(auto_now_add=True, verbose_name='Created at')),
('updated_at', models.DateTimeField(auto_now=True, verbose_name='Updated at')),
('effects', models.TextField(blank=True, null=True, verbose_name='Effects')),
('status', models.CharField(choices=[('open', 'Open'), ('in_progress', 'In Progress'), ('closed', 'Closed'), ('review_required', 'Review required')], db_index=True, default='open', max_length=20, verbose_name='Status')),
('cia', multiselectfield.db.fields.MultiSelectField(blank=True, choices=[('1', 'Confidentiality'), ('2', 'Integrity'), ('3', 'Availability')], max_length=100, null=True)),
Add custom User model, OIDC backend, DB flexibility (SQLite/Postgres/MySQL), secured API endpoints, and initial Risk/Control models with enums, score calculation, and groups seeding.
2025-09-07 20:52:19 +02:00
('likelihood', models.IntegerField(choices=[(1, 'Very low occurs less than once every 5 years'), (2, 'Low once every 15 years'), (3, 'Likely once per year or more'), (4, 'Very likely multiple times per year/monthly')], default=1)),
refactor risks models
2025-09-22 08:35:11 +02:00
('impact', models.IntegerField(choices=[(1, 'Very Low (< 1,000 € minor operational impact)'), (2, 'Low (1,0005,000 € local impact)'), (3, 'High (5,00015,000 € team-level impact)'), (4, 'Severe (50,000100,000 € regional impact)'), (5, 'Critical (> 100,000 € existential threat)')], default=1)),
Add custom User model, OIDC backend, DB flexibility (SQLite/Postgres/MySQL), secured API endpoints, and initial Risk/Control models with enums, score calculation, and groups seeding.
2025-09-07 20:52:19 +02:00
('score', models.IntegerField(editable=False)),
('level', models.CharField(editable=False, max_length=50)),
('follow_up', models.DateField(blank=True, null=True)),
('owner', models.ForeignKey(null=True, on_delete=django.db.models.deletion.SET_NULL, related_name='owned_risks', to=settings.AUTH_USER_MODEL)),
],
refactor risks models
2025-09-22 08:35:11 +02:00
options={
'verbose_name': 'Risk',
'verbose_name_plural': 'Risks',
},
),
migrations.CreateModel(
name='ResidualRisk',
fields=[
('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
('likelihood', models.IntegerField(choices=[(1, 'Very low occurs less than once every 5 years'), (2, 'Low once every 15 years'), (3, 'Likely once per year or more'), (4, 'Very likely multiple times per year/monthly')], default=1)),
('impact', models.IntegerField(choices=[(1, 'Very Low (< 1,000 € minor operational impact)'), (2, 'Low (1,0005,000 € local impact)'), (3, 'High (5,00015,000 € team-level impact)'), (4, 'Severe (50,000100,000 € regional impact)'), (5, 'Critical (> 100,000 € existential threat)')], default=1)),
('score', models.IntegerField(editable=False)),
('level', models.CharField(editable=False, max_length=50)),
('review_required', models.BooleanField(default=False)),
('created_at', models.DateTimeField(auto_now_add=True)),
('updated_at', models.DateTimeField(auto_now=True)),
('risk', models.OneToOneField(on_delete=django.db.models.deletion.CASCADE, related_name='residual_risk', to='risks.risk')),
],
options={
'verbose_name': 'Residual Risk',
'verbose_name_plural': 'Residual Risks',
},
),
migrations.CreateModel(
name='Incident',
fields=[
('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
('title', models.CharField(max_length=255, verbose_name='Title')),
('description', models.TextField(blank=True, null=True, verbose_name='Description')),
('date_reported', models.DateField(blank=True, null=True, verbose_name='Date reported')),
('status', models.CharField(choices=[('open', 'Opened'), ('in_progress', 'In Progress'), ('closed', 'Closed')], max_length=12)),
('created_at', models.DateTimeField(auto_now_add=True)),
('updated_at', models.DateTimeField(auto_now=True)),
('reported_by', models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.SET_NULL, related_name='incidents', to=settings.AUTH_USER_MODEL, verbose_name='Reported by')),
('related_risks', models.ManyToManyField(blank=True, related_name='incidents', to='risks.risk')),
],
options={
'verbose_name': 'Incident',
'verbose_name_plural': 'Incidents',
},
Add custom User model, OIDC backend, DB flexibility (SQLite/Postgres/MySQL), secured API endpoints, and initial Risk/Control models with enums, score calculation, and groups seeding.
2025-09-07 20:52:19 +02:00
),
migrations.CreateModel(
name='Control',
fields=[
('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
refactor risks models
2025-09-22 08:35:11 +02:00
('title', models.CharField(max_length=255, verbose_name='Title')),
Add custom User model, OIDC backend, DB flexibility (SQLite/Postgres/MySQL), secured API endpoints, and initial Risk/Control models with enums, score calculation, and groups seeding.
2025-09-07 20:52:19 +02:00
('status', models.CharField(choices=[('planned', 'Planned'), ('in_progress', 'In progress'), ('completed', 'Completed'), ('verified', 'Verified'), ('rejected', 'Rejected')], default='planned', max_length=20)),
('due_date', models.DateField(blank=True, null=True)),
('description', models.TextField(blank=True, null=True)),
('wiki_link', models.URLField(blank=True, null=True)),
refactor risks models
2025-09-22 08:35:11 +02:00
('created_at', models.DateTimeField(auto_now_add=True)),
('updated_at', models.DateTimeField(auto_now=True)),
Add custom User model, OIDC backend, DB flexibility (SQLite/Postgres/MySQL), secured API endpoints, and initial Risk/Control models with enums, score calculation, and groups seeding.
2025-09-07 20:52:19 +02:00
('responsible', models.ForeignKey(null=True, on_delete=django.db.models.deletion.SET_NULL, related_name='responsible_controls', to=settings.AUTH_USER_MODEL)),
refactor risks models
2025-09-22 08:35:11 +02:00
('risks', models.ManyToManyField(blank=True, related_name='controls', to='risks.risk')),
Add custom User model, OIDC backend, DB flexibility (SQLite/Postgres/MySQL), secured API endpoints, and initial Risk/Control models with enums, score calculation, and groups seeding.
2025-09-07 20:52:19 +02:00
],
refactor risks models
2025-09-22 08:35:11 +02:00
options={
'verbose_name': 'Control',
'verbose_name_plural': 'Controls',
},
Add custom User model, OIDC backend, DB flexibility (SQLite/Postgres/MySQL), secured API endpoints, and initial Risk/Control models with enums, score calculation, and groups seeding.
2025-09-07 20:52:19 +02:00
),
]
Reference in a new issue Copy permalink