Kitos
a4a2adccee
Some checks failed
Aegis CI / lint-and-test (push) Has been cancelled
- Add must_change_password field to User model with migration b023 - Add POST /auth/change-password endpoint with password policy validation - Add require_password_changed dependency to block requests until password is changed - Add ChangePasswordModal with live password policy checklist (forced on first login) - Show password policy in CreateUserModal and EditUserModal - Fix backend permissions: tests, campaigns, templates, reports, evidence, worklogs - red_tech/blue_tech: execute only, cannot create tests/campaigns/templates - red_lead/blue_lead: create/edit tests/campaigns/templates, generate reports, no system access - viewer: read-only everywhere, can generate reports - Fix frontend role checks across TestDetailPage, TestDetailHeader, TeamTabs, TestsPage, CampaignsPage, CampaignDetailPage, Sidebar
73 lines
2.3 KiB
Python
73 lines
2.3 KiB
Python
"""Professional report generation endpoints — PDF, DOCX, HTML output."""
|
|
|
|
from uuid import UUID
|
|
|
|
from fastapi import APIRouter, Depends, Query
|
|
from fastapi.responses import FileResponse
|
|
from sqlalchemy.orm import Session
|
|
|
|
from app.database import get_db
|
|
from app.dependencies.auth import get_current_user, require_any_role
|
|
from app.models.user import User
|
|
from app.services import report_generation_service
|
|
|
|
router = APIRouter(prefix="/reports/generate", tags=["professional-reports"])
|
|
|
|
_MEDIA_TYPES = {
|
|
"pdf": "application/pdf",
|
|
"docx": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
|
|
"html": "text/html",
|
|
}
|
|
|
|
|
|
@router.get("/purple-campaign/{campaign_id}")
|
|
def generate_purple_report(
|
|
campaign_id: UUID,
|
|
format: str = Query("pdf", pattern="^(pdf|docx|html)$"),
|
|
db: Session = Depends(get_db),
|
|
user: User = Depends(require_any_role("red_lead", "blue_lead", "viewer")),
|
|
):
|
|
"""Generate a Purple Team campaign assessment report."""
|
|
filepath = report_generation_service.generate_purple_campaign_report(
|
|
db, str(campaign_id), output_format=format,
|
|
)
|
|
return FileResponse(
|
|
filepath,
|
|
media_type=_MEDIA_TYPES[format],
|
|
filename=f"purple_report.{format}",
|
|
)
|
|
|
|
|
|
@router.get("/coverage-summary")
|
|
def generate_coverage_report(
|
|
format: str = Query("pdf", pattern="^(pdf|docx|html)$"),
|
|
db: Session = Depends(get_db),
|
|
user: User = Depends(require_any_role("red_lead", "blue_lead", "viewer")),
|
|
):
|
|
"""Generate an organization-wide MITRE ATT&CK coverage report."""
|
|
filepath = report_generation_service.generate_coverage_report(
|
|
db, output_format=format,
|
|
)
|
|
return FileResponse(
|
|
filepath,
|
|
media_type=_MEDIA_TYPES[format],
|
|
filename=f"coverage_report.{format}",
|
|
)
|
|
|
|
|
|
@router.get("/executive-summary")
|
|
def generate_executive_report(
|
|
format: str = Query("pdf", pattern="^(pdf|docx|html)$"),
|
|
db: Session = Depends(get_db),
|
|
user: User = Depends(require_any_role("red_lead", "blue_lead", "viewer")),
|
|
):
|
|
"""Generate an executive security summary report."""
|
|
filepath = report_generation_service.generate_executive_summary(
|
|
db, output_format=format,
|
|
)
|
|
return FileResponse(
|
|
filepath,
|
|
media_type=_MEDIA_TYPES[format],
|
|
filename=f"executive_summary.{format}",
|
|
)
|