Skull-IT/ISO-27001-Risk-Management
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
ISO-27001-Risk-Management/templates/risks/item_risk.html
Kevin Heyer ab01841cf2 Add risk status and notification preferences 
- Introduced a new `status` field to the `Risk` model with choices for "open", "in_progress", "closed", and "review_required".
- Created a `NotificationPreference` model to manage user notification settings for various events related to risks, controls, residual risks, reviews, users, and incidents.
- Updated the admin interface to include `NotificationPreference` inline with the `User` admin.
- Enhanced signal handlers to send notifications based on user preferences for created, updated, and deleted events for users, risks, controls, and incidents.
- Modified the `check_risk_followups` utility function to update risk status and create notifications for follow-ups.
- Updated serializers and views to accommodate the new `status` field and improved risk listing functionality.
- Added a new section in the risk detail template to display related incidents.
- Removed the unused statistics view from URLs.
2025-09-10 11:54:08 +02:00

277 lines
No EOL
11 KiB
HTML
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

{% extends "base.html" %}
{% load i18n risk_extras %}
{% block crumbs %}
<li><a href="{% url 'risks:list_risks' %}">Risikoanalyse</a></li>
<li><a href="{% url 'risks:show_risk' risk.id %}">{{ risk.title }}</a></li>
{% endblock %}
{% block content %}
<div class="container">
<section class="hero is-small">
<div class="hero-body">
<p class="title">Risiko: {{ risk.title }}</p>
<p class="subtitle is-6">{{ risk.description }}</p>
</div>
</section>
<!-- Überblick-->
<div class="card">
<header class="card-header">
<p class="card-header-title">Überblick</p>
{% if request.user.is_staff %}
<a class="card-header-icon has-text-warning" href="{% url 'admin:risks_risk_change' risk.pk %}" title="Risiko bearbeiten">
<span class="icon"><i class="fas fa-edit" aria-hidden="true"></i></span>
</a>
<a class="card-header-icon has-text-danger" href="{% url 'admin:risks_risk_delete' risk.pk %}" title="Risiko Löschen (WARNUNG!)">
<span class="icon"><i class="fas fa-trash" aria-hidden="true"></i></span>
</a>
{% endif %}
</header>
<!-- Inhalt Überblick-->
<div class="card-content">
<div class="columns is-multiline">
<div class="column is-half">
<p><strong>Asset:</strong> {{ risk.asset|default:"-" }}</p>
<p><strong>Prozess:</strong> {{ risk.process|default:"-" }}</p>
<p><strong>Kategorie:</strong> {{ risk.category|default:"-" }}</p>
<p>
<strong>Schutzziele:</strong>
{% if risk.cia %}
{{ risk.get_cia_display }}
{% else %}
<span class="has-text-grey">Noch nicht zugewiesen</span>
{% endif %}
</p>
</div>
<div class="column is-half">
<p><strong>Risikoeigner:</strong> {{ risk.owner|user_display|default:"-" }}</p>
<p><strong>Erstellt am:</strong> {{ risk.created_at|date:'d.m.Y H:i' }}</p>
<p><strong>Aktualisiert am:</strong> {{ risk.updated_at|date:'d.m.Y H:i' }}</p>
<p><strong>Wiedervorlage am:</strong> {{ risk.follow_up|date:'d.m.Y' }}</p>
</div>
</div>
<!-- Risikobewertung -->
<section class="hero has-text-centered is-small">
<div class="hero-body">
<p class="title">Risikobewertung</p>
</div>
</section>
<div class="columns is-multiline">
<!-- Bruttorisiko -->
<div class="column is-full-mobile is-full-tablet is-half-desktop has-text-centered is-flex">
<div class="box is-flex is-flex-direction-column is-flex-grow-1">
<h4>Brutto (vor Maßnahmen)</h4>
<div class="columns is-multiline">
<!-- Eintrittswahrscheinlichkeit -->
<div class="column is-full-mobile is-full-tablet is-half-desktop has-text-centered">
<button class="risk-chip {{ risk.likelihood|likelihood_class }}" type="button" aria-label="{% trans 'Likelihood' as likelihood_long_name %}">
<span class="chip-head">Eintrittswahrscheinlichkeit</span>
<span class="chip-id">{{ risk.likelihood }}</span>
<span class="chip-label">{{ risk.get_likelihood_display }}</span>
</button>
</div>
<!-- Schadensausmaß -->
<div class="column is-full-mobile is-full-tablet is-half-desktop has-text-centered">
<button class="risk-chip {{ risk.impact|impact_class }}" type="button" aria-label="{% trans 'Impact' as impact_long_name %}">
<span class="chip-head">Schadensausmaß</span>
<span class="chip-id">{{ risk.impact }}</span>
<span class="chip-label">{{ risk.get_impact_display }}</span>
</button>
</div>
<!-- Stufe -->
<div class="column is-full-mobile is-full-tablet is-half-desktop has-text-centered">
<button class="risk-chip {{ risk.level|level_class }}" type="button" aria-label="{% trans 'Level' %}">
<span class="chip-head">Stufe</span>
<span class="chip-id">{{ risk.level|level_id }}</span>
<span class="chip-label">{{ risk.level }}</span>
</button>
</div>
<!-- Score -->
<div class="column is-full-mobile is-full-tablet is-half-desktop has-text-centered">
<button class="risk-chip {{ risk.score|score_class }}" type="button" aria-label="{% trans 'Score' %}">
<span class="chip-head">Score</span>
<span class="chip-id">{{ risk.score }}</span>
<span class="chip-label">Score (max. 20)</span>
</button>
</div>
</div>
</div>
</div> <!-- Ende Bruttorisiko -->
<!-- Nettorisiko -->
<div class="column is-full-mobile is-full-tablet is-half-desktop has-text-centered is-flex">
<div class="box is-flex is-flex-direction-column is-flex-grow-1">
<h4>Netto (nach Maßnahmen)</h4>
<div class="columns is-multiline">
{% if risk.residual_risk %}
<!-- Eintrittswahrscheinlichkeit -->
<div class="column is-full-mobile is-full-tablet is-half-desktop has-text-centered">
<button class="risk-chip {{ risk.residual_risk.likelihood|likelihood_class }}" type="button" aria-label="{% trans 'Likelihood' as likelihood_long_name %}">
<span class="chip-head">Eintrittswahrscheinlichkeit</span>
<span class="chip-id">{{ risk.residual_risk.likelihood }}</span>
<span class="chip-label">{{ risk.residual_risk.get_likelihood_display }}</span>
</button>
</div>
<!-- Schadensausmaß -->
<div class="column is-full-mobile is-full-tablet is-half-desktop has-text-centered">
<button class="risk-chip {{ risk.residual_risk.impact|impact_class }}" type="button" aria-label="{% trans 'Impact' as impact_long_name %}">
<span class="chip-head">Schadensausmaß</span>
<span class="chip-id">{{ risk.residual_risk.impact }}</span>
<span class="chip-label">{{ risk.residual_risk.get_impact_display }}</span>
</button>
</div>
<!-- Stufe -->
<div class="column is-full-mobile is-full-tablet is-half-desktop has-text-centered">
<button class="risk-chip {{ risk.residual_risk.level|level_class }}" type="button" aria-label="{% trans 'Level' %}">
<span class="chip-head">Stufe</span>
<span class="chip-id">{{ risk.residual_risk.level|level_id }}</span>
<span class="chip-label">{{ risk.residual_risk.level }}</span>
</button>
</div>
<!-- Score -->
<div class="column is-full-mobile is-full-tablet is-half-desktop has-text-centered" aria-label="{% trans 'Score' %}">
<button class="risk-chip {{ risk.residual_risk.score|score_class }}" type="button">
<span class="chip-head">Score</span>
<span class="chip-id">{{ risk.residual_risk.score }}</span>
<span class="chip-label">(max. 20)</span>
</button>
</div>
{% else %}
<p class="has-text-grey">Noch kein Nettorisiko erfasst.</p>
{% endif %}
</div>
</div>
</div> <!-- Ende Nettorisiko -->
</div> <!-- Ende Risikobewertung -->
</div> <!-- Ende Inhalt Überblick -->
</div> <!-- Ende Überblick -->
<!-- Maßnahmen -->
<div class="card">
<header class="card-header">
<p class="card-header-title">Maßnahmen</p>
</header>
<div class="card-content">
{% if risk.controls.exists %}
<table class="table is-striped is-hoverable is-fullwidth">
<thead>
<tr>
<th>Titel</th>
<th>Status</th>
<th>Frist</th>
<th>Verantwortlicher</th>
<th>Link</th>
</tr>
</thead>
<tbody>
{% for control in risk.controls.all %}
<tr onclick="window.location.href='/risks/controls/{{ control.id }}';" style="cursor:pointer;">
<td>{{ control.title }}</td>
<td>{{ control.get_status_display }}</td>
<td>
{% if control.due_date %}
{{ control.due_date|date:"d.m.Y" }}
{% else %}
{% endif %}
</td>
<td>
{% if control.responsible %}
{{ control.responsible.get_full_name|default:control.responsible.username }}
{% else %}
{% endif %}
</td>
<td>
{% if control.wiki_link %}
<a href="{{ control.wiki_link }}" target="_blank">🔗</a>
{% else %}
{% endif %}
</td>
</tr>
{% endfor %}
</tbody>
</table>
{% else %}
<p class="has-text-grey">Keine Maßnahmen erfasst.</p>
{% endif %}
</div>
</div>
<!-- Ende Maßnahmen -->
<!-- Vorfälle -->
<div class="card">
<header class="card-header">
<p class="card-header-title">Vorfälle</p>
</header>
<div class="card-content">
{% if risk.incidents.exists %}
<table class="table is-striped is-fullwidth">
<thead>
<tr>
<th>Vorfall</th>
<th>Status</th>
<th>gemeldet am</th>
</tr>
</thead>
<tbody>
{% for i in risk.incidents.all %}
<tr onclick="window.location.href='/risks/incidents/{{ i.id }}';" style="cursor:pointer;">
<td>{{ i.title }}</td>
<td>{{ i.status }}</td>
<td>{{ i.created_at|date:"d.m.Y H:i" }}</td>
</tr>
{% endfor %}
</tbody>
</table>
{% else %}
<p class="has-text-grey">Keine Vorfälle bekannt.</p>
{% endif %}
</div>
</div> <!-- Ende Vorfälle -->
<!-- Historie -->
<div class="card">
<header class="card-header">
<p class="card-header-title">Historie</p>
</header>
<div class="card-content">
{% if logs %}
<table class="table is-striped is-fullwidth">
<thead>
<tr>
<th>Zeitpunkt</th>
<th>Benutzer</th>
<th>Aktion</th>
</tr>
</thead>
<tbody>
{% for log in logs %}
<tr>
<td>{{ log.action_time|date:"d.m.Y H:i" }}</td>
<td>{{ log.user.get_full_name|default:log.user.username }}</td>
<td>{{ log.get_change_message }}</td>
</tr>
{% endfor %}
</tbody>
</table>
{% else %}
<p class="has-text-grey">Keine Historie vorhanden.</p>
{% endif %}
</div>
</div> <!-- Ende Historie -->
<br><br>
</div>
{% endblock %}
Reference in a new issue View git blame Copy permalink