feat(phase-16): enhanced Tests view, Red/Blue dashboard metrics, and Template admin panel (T-122, T-123, T-124)

2026-02-09 13:00:07 +01:00
parent fd7f855008
commit a95defcee4
12 changed files with 1769 additions and 159 deletions
--- a/backend/app/routers/metrics.py
+++ b/backend/app/routers/metrics.py
@@ -1,21 +1,30 @@
 """Coverage-metrics endpoints.

 Provides aggregated views of MITRE ATT&CK technique coverage for
-dashboards and reporting.
+dashboards and reporting.  V2 adds pipeline, team-activity, and
+validation-rate endpoints for the Red/Blue workflow.
 """

 from collections import defaultdict

 from fastapi import APIRouter, Depends
 from sqlalchemy import func
-from sqlalchemy.orm import Session
+from sqlalchemy.orm import Session, joinedload

 from app.database import get_db
 from app.dependencies.auth import get_current_user
-from app.models.enums import TechniqueStatus
+from app.models.enums import TechniqueStatus, TestState
 from app.models.technique import Technique
+from app.models.test import Test
 from app.models.user import User
-from app.schemas.metrics import CoverageSummary, TacticCoverage
+from app.schemas.metrics import (
+    CoverageSummary,
+    RecentTestItem,
+    TacticCoverage,
+    TeamActivity,
+    TestPipelineCounts,
+    ValidationRate,
+)

 router = APIRouter(prefix="/metrics", tags=["metrics"])

@@ -117,3 +126,190 @@ def coverage_by_tactic(
        )

    return result
+
+
+# ---------------------------------------------------------------------------
+# GET /metrics/test-pipeline  —  counters per pipeline state
+# ---------------------------------------------------------------------------
+
+
+@router.get("/test-pipeline", response_model=TestPipelineCounts)
+def test_pipeline(
+    db: Session = Depends(get_db),
+    current_user: User = Depends(get_current_user),
+):
+    """Return how many tests are in each pipeline state."""
+
+    rows = (
+        db.query(Test.state, func.count(Test.id).label("cnt"))
+        .group_by(Test.state)
+        .all()
+    )
+
+    state_counts: dict[str, int] = {s.value: 0 for s in TestState}
+    for state, cnt in rows:
+        state_counts[state.value] = cnt
+
+    total = sum(state_counts.values())
+
+    return TestPipelineCounts(
+        draft=state_counts["draft"],
+        red_executing=state_counts["red_executing"],
+        blue_evaluating=state_counts["blue_evaluating"],
+        in_review=state_counts["in_review"],
+        validated=state_counts["validated"],
+        rejected=state_counts["rejected"],
+        total=total,
+    )
+
+
+# ---------------------------------------------------------------------------
+# GET /metrics/team-activity  —  activity per team
+# ---------------------------------------------------------------------------
+
+
+@router.get("/team-activity", response_model=list[TeamActivity])
+def team_activity(
+    db: Session = Depends(get_db),
+    current_user: User = Depends(get_current_user),
+):
+    """Return activity summary for Red and Blue teams."""
+
+    # Red Team: completed = tests past red_executing; pending = draft + red_executing
+    red_completed = (
+        db.query(func.count(Test.id))
+        .filter(Test.state.in_([
+            TestState.blue_evaluating,
+            TestState.in_review,
+            TestState.validated,
+            TestState.rejected,
+        ]))
+        .scalar()
+    ) or 0
+
+    red_pending = (
+        db.query(func.count(Test.id))
+        .filter(Test.state.in_([TestState.draft, TestState.red_executing]))
+        .scalar()
+    ) or 0
+
+    # Blue Team: completed = tests past blue_evaluating; pending = blue_evaluating
+    blue_completed = (
+        db.query(func.count(Test.id))
+        .filter(Test.state.in_([
+            TestState.in_review,
+            TestState.validated,
+            TestState.rejected,
+        ]))
+        .scalar()
+    ) or 0
+
+    blue_pending = (
+        db.query(func.count(Test.id))
+        .filter(Test.state == TestState.blue_evaluating)
+        .scalar()
+    ) or 0
+
+    return [
+        TeamActivity(
+            team="Red Team",
+            tests_completed=red_completed,
+            tests_pending=red_pending,
+        ),
+        TeamActivity(
+            team="Blue Team",
+            tests_completed=blue_completed,
+            tests_pending=blue_pending,
+        ),
+    ]
+
+
+# ---------------------------------------------------------------------------
+# GET /metrics/validation-rate  —  approval / rejection rates
+# ---------------------------------------------------------------------------
+
+
+@router.get("/validation-rate", response_model=list[ValidationRate])
+def validation_rate(
+    db: Session = Depends(get_db),
+    current_user: User = Depends(get_current_user),
+):
+    """Return approval and rejection rates for Red Lead and Blue Lead."""
+
+    # Red Lead validations
+    red_approved = (
+        db.query(func.count(Test.id))
+        .filter(Test.red_validation_status == "approved")
+        .scalar()
+    ) or 0
+    red_rejected = (
+        db.query(func.count(Test.id))
+        .filter(Test.red_validation_status == "rejected")
+        .scalar()
+    ) or 0
+    red_total = red_approved + red_rejected
+    red_rate = round(red_approved / red_total * 100, 1) if red_total > 0 else 0.0
+
+    # Blue Lead validations
+    blue_approved = (
+        db.query(func.count(Test.id))
+        .filter(Test.blue_validation_status == "approved")
+        .scalar()
+    ) or 0
+    blue_rejected = (
+        db.query(func.count(Test.id))
+        .filter(Test.blue_validation_status == "rejected")
+        .scalar()
+    ) or 0
+    blue_total = blue_approved + blue_rejected
+    blue_rate = round(blue_approved / blue_total * 100, 1) if blue_total > 0 else 0.0
+
+    return [
+        ValidationRate(
+            role="red_lead",
+            total_reviewed=red_total,
+            approved=red_approved,
+            rejected=red_rejected,
+            approval_rate=red_rate,
+        ),
+        ValidationRate(
+            role="blue_lead",
+            total_reviewed=blue_total,
+            approved=blue_approved,
+            rejected=blue_rejected,
+            approval_rate=blue_rate,
+        ),
+    ]
+
+
+# ---------------------------------------------------------------------------
+# GET /metrics/recent-tests  —  latest 10 updated tests
+# ---------------------------------------------------------------------------
+
+
+@router.get("/recent-tests", response_model=list[RecentTestItem])
+def recent_tests(
+    db: Session = Depends(get_db),
+    current_user: User = Depends(get_current_user),
+):
+    """Return the 10 most recently created tests."""
+
+    tests = (
+        db.query(Test)
+        .options(joinedload(Test.technique))
+        .order_by(Test.created_at.desc())
+        .limit(10)
+        .all()
+    )
+
+    return [
+        RecentTestItem(
+            id=str(t.id),
+            name=t.name,
+            state=t.state.value,
+            technique_mitre_id=t.technique.mitre_id if t.technique else None,
+            technique_name=t.technique.name if t.technique else None,
+            created_at=t.created_at,
+        )
+        for t in tests
+    ]