Kitos
6ab950ec42
Expose GET endpoints for quarterly-summary and technique reports with PDF, DOCX, and HTML formats.
108 lines
3.4 KiB
Python
108 lines
3.4 KiB
Python
"""Professional report generation endpoints — PDF, DOCX, HTML output."""
|
|
|
|
from uuid import UUID
|
|
|
|
from fastapi import APIRouter, Depends, Query
|
|
from fastapi.responses import FileResponse
|
|
from sqlalchemy.orm import Session
|
|
|
|
from app.database import get_db
|
|
from app.dependencies.auth import get_current_user, require_any_role
|
|
from app.models.user import User
|
|
from app.services import report_generation_service
|
|
|
|
router = APIRouter(prefix="/reports/generate", tags=["professional-reports"])
|
|
|
|
_MEDIA_TYPES = {
|
|
"pdf": "application/pdf",
|
|
"docx": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
|
|
"html": "text/html",
|
|
}
|
|
|
|
|
|
@router.get("/purple-campaign/{campaign_id}")
|
|
def generate_purple_report(
|
|
campaign_id: UUID,
|
|
format: str = Query("pdf", pattern="^(pdf|docx|html)$"),
|
|
db: Session = Depends(get_db),
|
|
user: User = Depends(require_any_role("red_lead", "blue_lead", "viewer")),
|
|
):
|
|
"""Generate a Purple Team campaign assessment report."""
|
|
filepath = report_generation_service.generate_purple_campaign_report(
|
|
db, str(campaign_id), output_format=format,
|
|
)
|
|
return FileResponse(
|
|
filepath,
|
|
media_type=_MEDIA_TYPES[format],
|
|
filename=f"purple_report.{format}",
|
|
)
|
|
|
|
|
|
@router.get("/coverage-summary")
|
|
def generate_coverage_report(
|
|
format: str = Query("pdf", pattern="^(pdf|docx|html)$"),
|
|
db: Session = Depends(get_db),
|
|
user: User = Depends(require_any_role("red_lead", "blue_lead", "viewer")),
|
|
):
|
|
"""Generate an organization-wide MITRE ATT&CK coverage report."""
|
|
filepath = report_generation_service.generate_coverage_report(
|
|
db, output_format=format,
|
|
)
|
|
return FileResponse(
|
|
filepath,
|
|
media_type=_MEDIA_TYPES[format],
|
|
filename=f"coverage_report.{format}",
|
|
)
|
|
|
|
|
|
@router.get("/executive-summary")
|
|
def generate_executive_report(
|
|
format: str = Query("pdf", pattern="^(pdf|docx|html)$"),
|
|
db: Session = Depends(get_db),
|
|
user: User = Depends(require_any_role("red_lead", "blue_lead", "viewer")),
|
|
):
|
|
"""Generate an executive security summary report."""
|
|
filepath = report_generation_service.generate_executive_summary(
|
|
db, output_format=format,
|
|
)
|
|
return FileResponse(
|
|
filepath,
|
|
media_type=_MEDIA_TYPES[format],
|
|
filename=f"executive_summary.{format}",
|
|
)
|
|
|
|
|
|
@router.get("/quarterly-summary")
|
|
def generate_quarterly_report(
|
|
format: str = Query("pdf", pattern="^(pdf|docx|html)$"),
|
|
db: Session = Depends(get_db),
|
|
user: User = Depends(require_any_role("red_lead", "blue_lead", "viewer")),
|
|
):
|
|
"""Generate a quarterly security summary report."""
|
|
filepath = report_generation_service.generate_quarterly_summary(
|
|
db, output_format=format,
|
|
)
|
|
return FileResponse(
|
|
filepath,
|
|
media_type=_MEDIA_TYPES[format],
|
|
filename=f"quarterly_summary.{format}",
|
|
)
|
|
|
|
|
|
@router.get("/technique/{technique_id}")
|
|
def generate_technique_report(
|
|
technique_id: UUID,
|
|
format: str = Query("pdf", pattern="^(pdf|docx|html)$"),
|
|
db: Session = Depends(get_db),
|
|
user: User = Depends(get_current_user),
|
|
):
|
|
"""Generate a detailed report for one MITRE technique."""
|
|
filepath = report_generation_service.generate_technique_detail_report(
|
|
db, str(technique_id), output_format=format,
|
|
)
|
|
return FileResponse(
|
|
filepath,
|
|
media_type=_MEDIA_TYPES[format],
|
|
filename=f"technique_{technique_id}.{format}",
|
|
)
|