diff --git a/backend/app/routers/tests.py b/backend/app/routers/tests.py index 0739791..3fc689b 100644 --- a/backend/app/routers/tests.py +++ b/backend/app/routers/tests.py @@ -820,7 +820,9 @@ def import_rt( parts.append(f"\n{entry.notes}") red_summary_text = "\n".join(parts) - # Create Test directly in validated state + # RT pre-validates the Red side (they ran it), but Blue Lead + # must still validate the detection result before it counts. + # State = in_review so it appears in the Blue Lead's validation queue. test = Test( technique_id=technique.id, name=test_name, @@ -828,18 +830,17 @@ def import_rt( platform=entry.platform, procedure_text=entry.notes, created_by=current_user.id, - state=TestState.validated, - # Red team fields + state=TestState.in_review, + # Red team — approved by the RT operator attack_success=entry.attack_success, red_summary=red_summary_text, red_validation_status="approved", red_validated_by=current_user.id, red_validated_at=datetime.utcnow(), - # Blue team fields + # Blue team — pre-fill the detection result but leave + # validation_status pending so Blue Lead must confirm detection_result=detection_result, - blue_validation_status="approved", - blue_validated_by=current_user.id, - blue_validated_at=datetime.utcnow(), + blue_validation_status=None, # Timing execution_date=exec_date_str, created_at=datetime.utcnow(), diff --git a/frontend/src/pages/ImportRTPage.tsx b/frontend/src/pages/ImportRTPage.tsx index c16587c..3a364da 100644 --- a/frontend/src/pages/ImportRTPage.tsx +++ b/frontend/src/pages/ImportRTPage.tsx @@ -145,8 +145,9 @@ export default function ImportRTPage() { Import Red Team Results

- Upload findings from a real Red Team engagement. Each technique becomes a validated test - with its detection result, maintaining full coverage history. + Upload findings from a real Red Team engagement. Each technique creates a test in + In Review state — Red side is pre-approved by the RT, + Blue Lead must still validate the detection result before it counts as coverage.