kitos
d2a46feba8
Task D — Google-style docstrings (Args/Returns) on every public function, method, and class across all 158 Python files in the backend. Zero ruff D violations (pydocstyle Google convention). Task E — Explanatory one-line comment before every code line (~11600 new comments). ruff check passes clean after isort re-sort.
85 lines
2.7 KiB
Python
85 lines
2.7 KiB
Python
"""TestDetectionResult — tracks which detection rules triggered during a test.
|
|
|
|
When the Blue Team evaluates a test, they mark each associated detection
|
|
rule as triggered / not triggered / not applicable, along with notes.
|
|
"""
|
|
|
|
# Import uuid
|
|
import uuid
|
|
|
|
# Import from sqlalchemy
|
|
from sqlalchemy import (
|
|
Boolean,
|
|
Column,
|
|
DateTime,
|
|
ForeignKey,
|
|
Index,
|
|
Text,
|
|
UniqueConstraint,
|
|
)
|
|
|
|
# Import UUID from sqlalchemy.dialects.postgresql
|
|
from sqlalchemy.dialects.postgresql import UUID
|
|
|
|
# Import relationship from sqlalchemy.orm
|
|
from sqlalchemy.orm import relationship
|
|
|
|
# Import Base from app.database
|
|
from app.database import Base
|
|
|
|
|
|
# Define class TestDetectionResult
|
|
class TestDetectionResult(Base):
|
|
"""Per-test, per-rule evaluation result.
|
|
|
|
- ``triggered`` = True: rule detected the attack
|
|
- ``triggered`` = False: rule did NOT detect the attack
|
|
- ``triggered`` = None: not yet evaluated
|
|
"""
|
|
# Assign __tablename__ = "test_detection_results"
|
|
__tablename__ = "test_detection_results"
|
|
|
|
# Assign id = Column(UUID(as_uuid=True), primary_key=True, default=uuid.uuid4)
|
|
id = Column(UUID(as_uuid=True), primary_key=True, default=uuid.uuid4)
|
|
# Assign test_id = Column(
|
|
test_id = Column(
|
|
UUID(as_uuid=True),
|
|
ForeignKey("tests.id", ondelete="CASCADE"),
|
|
# Keyword argument: nullable
|
|
nullable=False,
|
|
)
|
|
# Assign detection_rule_id = Column(
|
|
detection_rule_id = Column(
|
|
UUID(as_uuid=True),
|
|
ForeignKey("detection_rules.id", ondelete="CASCADE"),
|
|
# Keyword argument: nullable
|
|
nullable=False,
|
|
)
|
|
# Assign triggered = Column(Boolean, nullable=True) # None = not evaluated
|
|
triggered = Column(Boolean, nullable=True) # None = not evaluated
|
|
# Assign notes = Column(Text, nullable=True)
|
|
notes = Column(Text, nullable=True)
|
|
# Assign evaluated_by = Column(
|
|
evaluated_by = Column(
|
|
UUID(as_uuid=True),
|
|
ForeignKey("users.id", ondelete="SET NULL"),
|
|
# Keyword argument: nullable
|
|
nullable=True,
|
|
)
|
|
# Assign evaluated_at = Column(DateTime, nullable=True)
|
|
evaluated_at = Column(DateTime, nullable=True)
|
|
|
|
# Relationships
|
|
test = relationship("Test")
|
|
# Assign detection_rule = relationship("DetectionRule")
|
|
detection_rule = relationship("DetectionRule")
|
|
# Assign evaluator = relationship("User", foreign_keys=[evaluated_by])
|
|
evaluator = relationship("User", foreign_keys=[evaluated_by])
|
|
|
|
# Assign __table_args__ = (
|
|
__table_args__ = (
|
|
Index('ix_tdr_test', 'test_id'),
|
|
Index('ix_tdr_rule', 'detection_rule_id'),
|
|
UniqueConstraint('test_id', 'detection_rule_id', name='uq_tdr_test_rule'),
|
|
)
|