Merge pull request #112 from dbarzin/dev

Dev
dbarzin · Jul 29, 2024 · 0099bce · 0099bce
2 parents e15ec79 + 7cbd5be
commit 0099bce
Show file tree

Hide file tree

Showing 14 changed files with 281 additions and 140 deletions.
diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
@@ -2,13 +2,13 @@ name: Continuous Integration
 
 on:
   push:
-    branches: 
+    branches:
       - main
 
 jobs:
 
   deploy:
-    runs-on: ubuntu-latest 
+    runs-on: ubuntu-latest
 
     services:
       mysql:
@@ -53,20 +53,12 @@ jobs:
 
       - name: Migrate and seed the database
         run: |
-          php artisan migrate --seed 
+          php artisan migrate --seed
 
       - name: Seed Attributes
         run: |
           php artisan db:seed --class=AttributeSeeder
 
-      - name: Seed Domains
-        run: |
-          php artisan db:seed --class=DomainSeeder
-
-      - name: Seed Measures
-        run: |
-          php artisan db:seed --class=MeasureSeeder
-
       - name: Generate Test Data
         run: |
           php artisan deming:generateTests

diff --git a/app/Calendar.php b/app/Calendar.php
@@ -116,6 +116,6 @@ public function __toString()
     public function addEvent($txt, $date, $days = 1, $color = '', $id = null)
     {
         $color = $color ? ' ' . $color : $color;
-        $this->events[] = [$txt === null ? '&nbsp' : $txt, $date, $days, $color, $id];
+        $this->events[] = [($txt === null) || (strlen($txt) === 0) ? '&nbsp' : $txt, $date, $days, $color, $id];
     }
 }
diff --git a/app/Exports/AttributesExport.php b/app/Exports/AttributesExport.php
@@ -24,6 +24,9 @@ public function headings(): array
 
     public function styles(Worksheet $sheet)
     {
+        // Fix unused
+        $sheet;
+        // Return
         return [
             // Style the first row as bold text.
             1 => ['font' => ['bold' => true]],

diff --git a/app/Exports/ControlsExport.php b/app/Exports/ControlsExport.php
@@ -34,6 +34,9 @@ public function headings(): array
 
     public function styles(Worksheet $sheet)
     {
+        // fix unused
+        $sheet;
+        // return
         return [
             // Style the first row as bold text.
             1 => ['font' => ['bold' => true],

diff --git a/app/Http/Controllers/ActionplanController.php b/app/Http/Controllers/ActionplanController.php
@@ -45,15 +45,12 @@ public function index()
 
         // filter on not yet realised next control
         $actions = $actions
-            // ->whereNull('c2.realisation_date');
             ->whereIn('c2.status', [0,1]);
 
         // Query DB
         $actions = $actions->select(
             [
                 'c1.id',
-//                'control_measure.measure_id',
-//                'c1.clause',
                 'c1.action_plan',
                 'c1.score',
                 'c1.name',
@@ -116,9 +113,13 @@ public function save(Request $request)
 
         // save next control
         $next_id = $control->next_id;
-        $next_control = Control::find($next_id);
-        $next_control->plan_date = request('plan_date');
-        $next_control->update();
+        if ($next_id !== null) {
+            $next_control = Control::find($next_id);
+            if ($next_control !== null) {
+                $next_control->plan_date = request('plan_date');
+                $next_control->update();
+            }
+        }
 
         return redirect('/actions');
     }
@@ -143,8 +144,6 @@ public function show(int $id)
         $action = DB::table('controls as c1')
             ->select(
                 'c1.id',
-//                'c1.measure_id',
-//                'c1.clause',
                 'c1.name',
                 'c1.scope',
                 'c1.objective',

diff --git a/app/Http/Controllers/ControlController.php b/app/Http/Controllers/ControlController.php
@@ -157,14 +157,14 @@ public function index(Request $request)
         // Build query
         $controls = DB::table('controls as c1')
             ->leftjoin('controls as c2', 'c1.next_id', '=', 'c2.id')
-            ->join(
+            ->leftjoin(
                 'control_measure',
                 'control_measure.control_id',
                 '=',
                 'c1.id'
             )
-            ->join('measures', 'control_measure.measure_id', '=', 'measures.id')
-            ->join('domains', 'measures.domain_id', '=', 'domains.id');
+            ->leftjoin('measures', 'control_measure.measure_id', '=', 'measures.id')
+            ->leftjoin('domains', 'measures.domain_id', '=', 'domains.id');
 
         // filter on auditee controls
         if (Auth::User()->role === 5) {
@@ -308,8 +308,49 @@ public function index(Request $request)
      */
     public function create()
     {
-        // does not exists in that way
-        return redirect('/bob/index');
+        // Only for admin and users
+        abort_if(
+            (Auth::User()->role !== 1) && (Auth::User()->role !== 2),
+            Response::HTTP_FORBIDDEN,
+            '403 Forbidden'
+        );
+
+        // get all clauses
+        $all_measures = DB::table('measures')
+            ->select('id', 'clause')
+            ->orderBy('id')
+            ->get();
+
+        // get all scopes
+        $scopes = DB::table('controls')
+            ->select('scope')
+            ->whereNotNull('scope')
+            ->where('scope', '<>', '')
+            ->whereIn('status', [0, 1])
+            ->distinct()
+            ->orderBy('scope')
+            ->get()
+            ->pluck('scope')
+            ->toArray();
+
+        // get all attributes
+        $values = [];
+        $attributes = DB::table('measures')->select('attributes')->get();
+        foreach ($attributes as $key) {
+            foreach (explode(' ', $key->attributes) as $value) {
+                array_push($values, $value);
+            }
+        }
+        sort($values);
+        $values = array_unique($values);
+
+        $users = User::orderBy('name')->get();
+
+        return view('controls.create')
+            ->with('scopes', $scopes)
+            ->with('all_measures', $all_measures)
+            ->with('attributes', $values)
+            ->with('users', $users);
     }
 
     /**
@@ -319,10 +360,52 @@ public function create()
      *
      * @return \Illuminate\Http\Response
      */
-    public function store()
+    public function store(Request $request)
     {
-        // does not exist in that way
-        return redirect('/control');
+        // Only for admin and users
+        abort_if(
+            (Auth::User()->role !== 1) && (Auth::User()->role !== 2),
+            Response::HTTP_FORBIDDEN,
+            '403 Forbidden'
+        );
+
+        $this->validate(
+            $request,
+            [
+                'name' => 'required|min:3|max:255',
+                'scope' => 'max:32',
+                'objective' => 'required',
+                'plan_date' => 'required',
+                'periodicity' => 'required|integer',
+            ]
+        );
+
+        // Create control
+        $control = new Control();
+        // Fill fields
+        $control->name = request('name');
+        $control->scope = request('scope');
+        $control->objective = request('objective');
+        $control->attributes =
+            request('attributes') !== null
+                ? implode(' ', request('attributes'))
+                : null;
+        $control->input = request('input');
+        $control->model = request('model');
+        $control->plan_date = request('plan_date');
+        $control->action_plan = request('action_plan');
+        $control->periodicity = request('periodicity');
+        // Save it
+        $control->save();
+
+        // Sync onwers
+        $control->owners()->sync($request->input('owners', []));
+
+        // Sync measures
+        $control->measures()->sync($request->input('measures', []));
+
+        // Redirect to index
+        return redirect('/bob/index');
     }
 
     /**
@@ -663,6 +746,7 @@ public function domains(Request $request)
         $active_controls = DB::table('controls as c1');
 
         if ($group === '1') {
+            // Group by measurements
             $active_controls = $active_controls->select([
                 'domains.title',
                 'measures.id as measure_id',
@@ -673,6 +757,7 @@ public function domains(Request $request)
                 DB::raw('min(c1.score) as score'),
             ]);
         } else {
+            // All controls
             $active_controls = $active_controls->select([
                 'domains.title',
                 'measures.id as measure_id',
@@ -696,6 +781,7 @@ public function domains(Request $request)
             ->join('domains', 'domains.id', '=', 'measures.domain_id')
             ->whereIn('c2.status', [0, 1]);
 
+        // Filter on framework
         if ($framework !== null) {
             $active_controls = $active_controls->where(
                 'domains.framework',
@@ -704,10 +790,12 @@ public function domains(Request $request)
             );
         }
 
+        // Filter on scope
         if ($scope !== null) {
             $active_controls = $active_controls->where('c1.scope', '=', $scope);
         }
 
+        // Group by measures
         if ($group === '1') {
             $active_controls = $active_controls->groupBy([
                 'domains.title',
@@ -716,7 +804,11 @@ public function domains(Request $request)
             ]);
         }
 
-        $active_controls = $active_controls->orderBy('domains.title')->get();
+        // Sort result
+        $active_controls = $active_controls
+            ->orderBy('domains.title')
+            ->orderBy('clause')
+            ->get();
 
         // return
         return view('radar.domains')
@@ -804,7 +896,7 @@ public function measures(Request $request)
             ->with('domains', $domains);
     }
 
-    public function attributes(Request $request)
+    public function attributes()
     {
         // Not API and auditee
         abort_if(

diff --git a/app/Http/Controllers/MeasureController.php b/app/Http/Controllers/MeasureController.php
@@ -139,7 +139,7 @@ public function store(Request $request)
             [
                 'domain_id' => 'required',
                 'clause' => 'required|min:3|max:30',
-                'name' => 'required|min:5',
+                'name' => 'required|min:5|max:255',
                 'objective' => 'required',
             ]
         );
@@ -401,6 +401,17 @@ public function plan(Request $request)
             '403 Forbidden'
         );
 
+        $this->validate(
+            $request,
+            [
+                'name' => 'required|min:3|max:255',
+                'scope' => 'max:32',
+                'objective' => 'required',
+                'plan_date' => 'required',
+                'periodicity' => 'required|integer',
+            ]
+        );
+
         $measure = Measure::find($request->id);
 
         // Control not found