ISO-27001-Risk-Management/risks/models/user.py

from django.contrib.auth.models import AbstractUser
from django.db import models

# ---------------------------------------------------------------------------
# User
# ---------------------------------------------------------------------------
class User(AbstractUser):
    """Custom user model to support both local and SSO users."""
    is_sso_user = models.BooleanField(default=False)

    @property
    def risks_owned(self):
        """All risks where the user is the risk owner."""
        return self.owned_risks.all()

    @property
    def controls_responsible(self):
        """All controls where the user is responsible."""
        return self.responsible_controls.all()