Skull-IT/ISO-27001-Risk-Management
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
ISO-27001-Risk-Management/templates/risks/item_risk.html
Kevin Heyer 686030e4cb feat: Enhance risk management application with user auditing and improved incident handling 
- Added AuditUserMiddleware to track the current user for auditing purposes.
- Introduced audit_context for managing the current user in thread-local storage.
- Updated Control and Incident models to include created_at and updated_at timestamps.
- Refactored Control and Incident serializers to handle related risks and timestamps.
- Modified views to set the _changed_by attribute for user actions.
- Enhanced incident listing and detail views to display related risks and user actions.
- Updated templates for better presentation of risks and incidents.
- Added migrations for new fields and relationships in the database.
- Improved filtering options in the incident list view.
2025-09-09 12:00:29 +02:00

224 lines
No EOL
7.5 KiB
HTML
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

{% extends "base.html" %}
{% load risk_extras %}
{% block crumbs %}
<li><a href="{% url 'risks:list_risks' %}">Risikoanalyse</a></li>
<li><a href="{% url 'risks:show_risk' risk.id %}">{{ risk.title }}</a></li>
{% endblock %}
{% block content %}
<div class="container">
<section class="hero is-small">
<div class="hero-body">
<p class="title">Risiko: {{ risk.title }}</p>
<p class="subtitle is-6">{{ risk.description }}</p>
</div>
</section>
<!-- Überblick-->
<div class="card">
<header class="card-header">
<p class="card-header-title">Überblick</p>
</header>
<!-- Inhalt Überblick-->
<div class="card-content">
<div class="columns is-multiline">
<div class="column is-half">
<p><strong>Asset:</strong> {{ risk.asset|default:"-" }}</p>
<p><strong>Prozess:</strong> {{ risk.process|default:"-" }}</p>
<p>
<strong>Schutzziele:</strong>
{% if risk.cia %}
<ul>
{% for label in risk.cia %}
<li>{{ label|cia_label }}</li>
{% endfor %}
</ul>
{% else %}
<p>Noch nicht zugewiesen</p>
{% endif %}
</p>
</div>
<div class="column is-half">
<p><strong>Kategorie:</strong> {{ risk.category|default:"-" }}</p>
<p><strong>Risikoeigner:</strong> {{ risk.owner|default:"-" }}</p>
<p><strong>Erstellt am:</strong> {{ risk.created_at|date:'d.m.Y H:i' }}</p>
<p><strong>Aktualisiert am:</strong> {{ risk.updated_at|date:'d.m.Y H:i' }}</p>
</div>
</div>
<!-- Risikobewertung -->
<h3>Risikobewertung</h3>
<div class="columns is-multiline">
<!-- Bruttorisiko -->
<div class="column is-half">
<div class="box">
<h4>Brutto (vor Maßnahmen)</h4>
<div class="columns is-multiline">
<div class="column is-half has-text-centered">
<p class="heading">Eintrittswahrscheinlichkeit</p>
<button class="button is-small is-info">
{{ risk.get_likelihood_display }}
</button>
</div>
<div class="column is-half has-text-centered">
<p class="heading">Schadensausmaß</p>
<button class="button is-small is-danger">
{{ risk.get_impact_display }}
</button>
</div>
<div class="column is-half has-text-centered">
<p class="heading">Stufe</p>
<button class="button is-small is-info">
{{ risk.level }}
</button>
</div>
<div class="column is-half has-text-centered">
<p class="heading">Score</p>
<button class="button is-small is-danger">
{{ risk.score }} / 25
</button>
</div>
</div>
</div>
</div> <!-- Ende Bruttorisiko -->
<!-- Nettorisiko -->
<div class="column is-half">
<div class="box">
<h4>Netto (nach Maßnahmen)</h4>
{% if risk.residualrisk %}
<div class="columns is-multiline">
<div class="column is-half has-text-centered">
<p class="heading">Eintrittswahrscheinlichkeit</p>
<button class="button is-small is-info">
{{ risk.residualrisk.get_likelihood_display }}
</button>
</div>
<div class="column is-half has-text-centered">
<p class="heading">Schadensausmaß</p>
<button class="button is-small is-danger">
{{ risk.residualrisk.get_impact_display }}
</button>
</div>
<div class="column is-half has-text-centered">
<p class="heading">Stufe</p>
<button class="button is-small is-info">
{{ risk.residualrisk.level }}
</button>
</div>
<div class="column is-half has-text-centered">
<p class="heading">Score</p>
<button class="button is-small is-danger">
{{ risk.residualrisk.score }} / 25
</button>
</div>
</div>
{% else %}
<p class="has-text-grey">Noch kein Nettorisiko erfasst.</p>
{% endif %}
</div>
</div> <!-- Ende Nettorisiko -->
</div> <!-- Ende Risikobewertung -->
</div> <!-- Ende Inhalt Überblick -->
</div> <!-- Ende Überblick -->
<!-- Maßnahmen -->
<div class="card">
<header class="card-header">
<p class="card-header-title">Maßnahmen</p>
</header>
<div class="card-content">
{% if risk.controls.all %}
<table class="table is-striped is-hoverable is-fullwidth">
<thead>
<tr>
<th>Titel</th>
<th>Status</th>
<th>Frist</th>
<th>Verantwortlicher</th>
<th>Link</th>
</tr>
</thead>
<tbody>
{% for control in risk.controls.all %}
<tr onclick="window.location.href='/risks/controls/{{ control.id }}';" style="cursor:pointer;">
<td>{{ control.title }}</td>
<td>{{ control.get_status_display }}</td>
<td>
{% if control.due_date %}
{{ control.due_date|date:"d.m.Y" }}
{% else %}
{% endif %}
</td>
<td>
{% if control.responsible %}
{{ control.responsible.get_full_name|default:control.responsible.username }}
{% else %}
{% endif %}
</td>
<td>
{% if control.wiki_link %}
<a href="{{ control.wiki_link }}" target="_blank">🔗</a>
{% else %}
{% endif %}
</td>
</tr>
{% endfor %}
</tbody>
</table>
{% else %}
<p class="has-text-grey">Keine Maßnahmen erfasst.</p>
{% endif %}
</div>
</div>
<!-- Ende Maßnahmen -->
<!-- Historie -->
<div class="card">
<header class="card-header">
<p class="card-header-title">Historie</p>
</header>
<div class="card-content">
{% if logs %}
<table class="table is-striped is-fullwidth">
<thead>
<tr>
<th>Zeitpunkt</th>
<th>Benutzer</th>
<th>Aktion</th>
</tr>
</thead>
<tbody>
{% for log in logs %}
<tr>
<td>{{ log.action_time|date:"d.m.Y H:i" }}</td>
<td>{{ log.user.get_full_name|default:log.user.username }}</td>
<td>{{ log.get_change_message }}</td>
</tr>
{% endfor %}
</tbody>
</table>
{% else %}
<p class="has-text-grey">Keine Historie vorhanden.</p>
{% endif %}
</div>
</div> <!-- Ende Historie -->
<br><br>
</div>
{% endblock %}
Reference in a new issue View git blame Copy permalink