43e86d0357
- Updated Risk model to include description, created_at, and updated_at fields. - Modified RiskSerializer to include created_at and updated_at in serialized output. - Improved logging in signals for Risk and Control models, including serialization of values. - Added new template tags for CIA label mapping. - Refactored URL patterns for better clarity and added detail views for risks, controls, and incidents. - Implemented list and detail views for risks, controls, and incidents with filtering options. - Enhanced CSS for better UI/UX, including breadcrumbs and table styling. - Created new templates for displaying individual risks, controls, and incidents with detailed information.
107 lines
No EOL
2.6 KiB
Python
107 lines
No EOL
2.6 KiB
Python
from django.contrib.auth import get_user_model
|
|
from rest_framework import serializers
|
|
from .models import Risk, Control, ResidualRisk, AuditLog, Incident
|
|
|
|
class ResidualRiskSerializer(serializers.ModelSerializer):
|
|
class Meta:
|
|
model = ResidualRisk
|
|
fields = [
|
|
"id",
|
|
"risk",
|
|
"likelihood",
|
|
"impact",
|
|
"score",
|
|
"level",
|
|
"review_required",
|
|
]
|
|
read_only_fields = ["score", "level"]
|
|
|
|
|
|
class ControlSerializer(serializers.ModelSerializer):
|
|
class Meta:
|
|
model = Control
|
|
fields = [
|
|
"id",
|
|
"title",
|
|
"status",
|
|
"due_date",
|
|
"responsible",
|
|
"description",
|
|
"wiki_link",
|
|
"risk",
|
|
]
|
|
|
|
class RiskSerializer(serializers.ModelSerializer):
|
|
# Nested representation of related controls
|
|
controls = ControlSerializer(many=True, read_only=True)
|
|
|
|
class Meta:
|
|
model = Risk
|
|
fields = [
|
|
"id",
|
|
"title",
|
|
"asset",
|
|
"process",
|
|
"category",
|
|
"created_at",
|
|
"updatet_at",
|
|
"likelihood",
|
|
"impact",
|
|
"score",
|
|
"level",
|
|
"owner",
|
|
"follow_up",
|
|
"confidentiality",
|
|
"integrity",
|
|
"availability",
|
|
"controls",
|
|
]
|
|
|
|
class AuditSerializer(serializers.ModelSerializer):
|
|
class Meta:
|
|
model = AuditLog
|
|
fields = [
|
|
"id",
|
|
"user",
|
|
"action",
|
|
"model",
|
|
"object_id",
|
|
"changes",
|
|
"timestamp",
|
|
]
|
|
|
|
User = get_user_model()
|
|
|
|
class UserSerializer(serializers.ModelSerializer):
|
|
risks_owned = serializers.PrimaryKeyRelatedField(many=True, read_only=True)
|
|
controls_responsible = serializers.PrimaryKeyRelatedField(many=True, read_only=True)
|
|
|
|
class Meta:
|
|
model = User
|
|
fields = [
|
|
"id",
|
|
"username",
|
|
"email",
|
|
"is_sso_user",
|
|
"risks_owned",
|
|
"controls_responsible",
|
|
]
|
|
|
|
class RiskSummarySerializer(serializers.ModelSerializer):
|
|
class Meta:
|
|
model = Risk
|
|
fields = ["id", "title", "score", "level"]
|
|
|
|
class IncidentSerializer(serializers.ModelSerializer):
|
|
related_risks = RiskSummarySerializer(many=True, read_only=True)
|
|
|
|
class Meta:
|
|
model = Incident
|
|
fields = [
|
|
"id",
|
|
"title",
|
|
"description",
|
|
"date_reported",
|
|
"status",
|
|
"related_risks",
|
|
] |