feat: add custom qualifications

.github/workflows/backend-coverage.yaml

@@ -73,10 +73,10 @@ jobs:
       - name: Run coverage
         working-directory: ${{ env.backend-directory }}
         env:
-          DATABASE_URL: "postgres://postgres:postgres@localhost:${{ job.services.postgres.ports[5432] }}/postgres"
-        run: find . -path '*/tests/*' -and -name 'test*.py' -and -not -path "./venv/*" | xargs coverage run -m pytest
+          DATABASE_URL: "postgres://postgres:postgres@localhost:${{ job.services.postgres.ports['5432'] }}/postgres"
+        run: poetry run coverage run -m pytest
       - name: Display coverage report
         working-directory: ${{ env.backend-directory }}
         env:
-          DATABASE_URL: "postgres://postgres:postgres@localhost:${{ job.services.postgres.ports[5432] }}/postgres"
-        run: coverage report
+          DATABASE_URL: "postgres://postgres:postgres@localhost:${{ job.services.postgres.ports['5432'] }}/postgres"
+        run: poetry run coverage report

backend/core/migrations/0092_qualification_library_and_more.py

@@ -0,0 +1,29 @@
+# Generated by Django 5.1.10 on 2025-08-25 21:14
+
+import django.db.models.deletion
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+    dependencies = [
+        ("core", "0091_appliedcontrol_objectives_and_more"),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name="qualification",
+            name="library",
+            field=models.ForeignKey(
+                blank=True,
+                null=True,
+                on_delete=django.db.models.deletion.CASCADE,
+                related_name="qualifications",
+                to="core.loadedlibrary",
+            ),
+        ),
+        migrations.AlterField(
+            model_name="qualification",
+            name="is_published",
+            field=models.BooleanField(default=True, verbose_name="published"),
+        ),
+    ]

backend/core/models.py

@@ -884,6 +884,11 @@ def _objects(self):
                 update_translations_in_object(model_to_dict(reference_control))
                 for reference_control in self.reference_controls.all()
             ]
+        if self.qualifications.exists():
+            res["qualifications"] = [
+                update_translations_in_object(model_to_dict(qualification))
+                for qualification in self.qualifications.all()
+            ]
         if self.risk_matrices.exists():
             matrix = self.risk_matrices.first()
             res["risk_matrix"] = update_translations_in_object(model_to_dict(matrix))
@@ -900,6 +905,10 @@ def reference_count(self) -> int:
         """
         Returns the number of distinct dependent libraries and risk and compliance assessments that reference objects from this library
         """
+
+        from ebios_rm.models import FearedEvent
+        from resilience.models import EscalationThreshold
+
         return (
             RiskAssessment.objects.filter(
                 Q(risk_scenarios__threats__library=self)
@@ -916,6 +925,9 @@ def reference_count(self) -> int:
             )
             .distinct()
             .count()
+            + Incident.objects.filter(qualifications__library=self).count()
+            + FearedEvent.objects.filter(qualifications__library=self).count()
+            + EscalationThreshold.objects.filter(qualifications__library=self).count()
             + LoadedLibrary.objects.filter(dependencies=self).distinct().count()
         )
 
@@ -983,7 +995,7 @@ class Meta:
 
     def is_deletable(self) -> bool:
         """
-        Returns True if the framework can be deleted
+        Returns True if the threat can be deleted
         """
         if self.requirements.exists():
             return False
@@ -1049,7 +1061,7 @@ class Meta:
 
     def is_deletable(self) -> bool:
         """
-        Returns True if the framework can be deleted
+        Returns True if the refence control can be deleted
         """
         if self.requirements.exists() or self.appliedcontrol_set.exists():
             return False
@@ -1535,6 +1547,16 @@ class Qualification(ReferentialObjectMixin, I18nObjectMixin, PublishInRootFolder
         },
     ]
 
+    library = models.ForeignKey(
+        LoadedLibrary,
+        on_delete=models.CASCADE,
+        null=True,
+        blank=True,
+        related_name="qualifications",
+    )
+
+    is_published = models.BooleanField(_("published"), default=True)
+
     abbreviation = models.CharField(
         max_length=20, null=True, blank=True, verbose_name=_("Abbreviation")
     )
@@ -1550,6 +1572,20 @@ class Meta:
         verbose_name_plural = _("Qualifications")
         ordering = ["qualification_ordering"]
 
+    fields_to_check = ["ref_id", "name"]
+
+    def is_deletable(self) -> bool:
+        """
+        Returns True if the qualification can be deleted
+        """
+        return not any(
+            [
+                self.incidents.exists(),
+                self.feared_events.exists(),
+                self.escalation_thresholds.exists(),
+            ]
+        )
+
     @classmethod
     def create_default_qualifications(cls):
         for qualification in cls.DEFAULT_QUALIFICATIONS:

backend/core/serializers.py

@@ -1564,14 +1564,18 @@ class Meta:
         exclude = ["folder", "is_published"]
 
 
-class QualificationReadSerializer(ReferentialSerializer):
+class QualificationWriteSerializer(BaseModelSerializer):
     class Meta:
         model = Qualification
         exclude = ["translations"]
 
 
-class QualificationWriteSerializer(QualificationReadSerializer):
-    pass
+class QualificationReadSerializer(ReferentialSerializer):
+    library = FieldsRelatedField(["name", "id"])
+
+    class Meta:
+        model = Qualification
+        exclude = ["translations"]
 
 
 class SecurityExceptionWriteSerializer(BaseModelSerializer):

backend/library/utils.py

@@ -19,6 +19,7 @@
     RiskMatrix,
     ReferenceControl,
     Threat,
+    Qualification,
 )
 from django.db import transaction
 from iam.models import Folder
@@ -341,7 +342,6 @@ class ThreatImporter:
 
     def __init__(self, threat_data: dict):
         self.threat_data = threat_data
-        self._object = None
 
     def is_valid(self) -> Union[str, None]:
         if missing_fields := self.REQUIRED_FIELDS - set(self.threat_data.keys()):
@@ -411,6 +411,38 @@ def import_reference_control(self, library_object: LoadedLibrary):
         )
 
 
+class QualificationImporter:
+    REQUIRED_FIELDS = {"ref_id", "urn", "name"}
+
+    def __init__(self, qualification_data: dict):
+        self.qualification_data = qualification_data
+
+    def is_valid(self) -> Union[str, None]:
+        if missing_fields := self.REQUIRED_FIELDS - set(self.qualification_data.keys()):
+            return "Missing the following fields : {}".format(", ".join(missing_fields))
+
+    def import_qualification(self, library_object: LoadedLibrary):
+        Qualification.objects.create(
+            library=library_object,
+            urn=self.qualification_data["urn"].lower(),
+            ref_id=self.qualification_data["ref_id"],
+            name=self.qualification_data["name"],
+            description=self.qualification_data.get("description"),
+            abbreviation=self.qualification_data.get("abbreviation"),
+            qualification_ordering=self.qualification_data.get(
+                "qualification_ordering", 0
+            ),
+            security_objective_ordering=self.qualification_data.get(
+                "security_objective_ordering", 0
+            ),
+            provider=library_object.provider,
+            is_published=True,
+            locale=library_object.locale,
+            translations=self.qualification_data.get("translations", {}),
+            default_locale=library_object.default_locale,  # Change this in the future ?
+        )
+
+
 # The couple (URN, locale) is unique. ===> Check this in the future
 class RiskMatrixImporter:
     REQUIRED_FIELDS = {"ref_id", "urn", "json_definition"}
@@ -463,6 +495,7 @@ class LibraryImporter:
     OBJECT_FIELDS = [
         "threats",
         "reference_controls",
+        "qualifications",
         "risk_matrix",  # This field name is deprecated
         "risk_matrices",
         "framework",  # This field name is deprecated
@@ -480,6 +513,7 @@ def __init__(self, library: StoredLibrary):
         self._library = library
         self._frameworks = []
         self._threats = []
+        self._qualifications = []
         self._reference_controls = []
         self._risk_matrices = []
         self._requirement_mapping_sets = []
@@ -538,6 +572,28 @@ def init_reference_controls(
                 invalid_reference_control_error,
             )
 
+    def init_qualifications(self, qualifications: List[dict]) -> Union[str, None]:
+        qualification_importers = []
+        import_errors = []
+        for index, qualification_data in enumerate(qualifications):
+            qualification_importer = QualificationImporter(qualification_data)
+            qualification_importers.append(qualification_importer)
+            if (qualification_error := qualification_importer.is_valid()) is not None:
+                import_errors.append((index, qualification_error))
+
+        self._qualifications = qualification_importers
+
+        if import_errors:
+            # We will have to think about error message internationalization later
+            invalid_qualification_index, invalid_qualification_error = import_errors[0]
+            return "[QUALIFICATION_ERROR] {} invalid qualification{} detected, the {}{} qualification has the following error : {}".format(
+                len(import_errors),
+                "s" if len(import_errors) > 1 else "",
+                invalid_qualification_index + 1,
+                {1: "st", 2: "nd", 3: "rd"}.get(invalid_qualification_index + 1, "th"),
+                invalid_qualification_error,
+            )
+
     def init_risk_matrices(self, risk_matrices: List[dict]) -> Union[str, None]:
         risk_matrix_importers = []
         import_errors = []
@@ -676,6 +732,16 @@ def init(self) -> Union[str, None]:
                 logger.error("Threat import error", error=threat_import_error)
                 return threat_import_error
 
+        if "qualifications" in library_objects:
+            qualification_data = library_objects["qualifications"]
+            if (
+                qualification_import_error := self.init_qualifications(
+                    qualification_data
+                )
+            ) is not None:
+                logger.error("Threat import error", error=qualification_import_error)
+                return qualification_import_error
+
         if "risk_matrix" in library_objects and "risk_matrices" in library_objects:
             return "A library can't have both 'risk_matrix' and 'risk_matrices' objects fields."
 
@@ -767,6 +833,9 @@ def import_objects(self, library_object: LoadedLibrary):
         for reference_control in self._reference_controls:
             reference_control.import_reference_control(library_object)
 
+        for qualification in self._qualifications:
+            qualification.import_qualification(library_object)
+
         for risk_matrix in self._risk_matrices:
             risk_matrix.import_risk_matrix(library_object)
 

backend/resilience/migrations/0003_alter_escalationthreshold_qualifications.py

@@ -0,0 +1,22 @@
+# Generated by Django 5.1.10 on 2025-08-25 21:14
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+    dependencies = [
+        ("core", "0092_qualification_library_and_more"),
+        ("resilience", "0002_businessimpactanalysis_is_locked"),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name="escalationthreshold",
+            name="qualifications",
+            field=models.ManyToManyField(
+                blank=True,
+                related_name="escalation_thresholds",
+                to="core.qualification",
+            ),
+        ),
+    ]

backend/resilience/models.py

@@ -187,6 +187,7 @@ class EscalationThreshold(AbstractBaseModel, FolderMixin):
     qualifications = models.ManyToManyField(
         Qualification,
         blank=True,
+        related_name="escalation_thresholds",
     )
     quanti_impact = FloatField(default=0)
     quanti_impact_unit = CharField(

enterprise/frontend/src/lib/components/Forms/ModelForm/EbiosRmForm.svelte

@@ -66,6 +66,7 @@
 		{form}
 		optionsEndpoint="folders?content_type=DO"
 		field="folder"
+	  	pathField="path"
 		cacheLock={cacheLocks['folder']}
 		bind:cachedValue={formDataCache['folder']}
 		label={m.domain()}

enterprise/frontend/src/lib/components/Forms/ModelForm/FolderForm.svelte

@@ -48,6 +48,7 @@
 		optionsEndpoint="folders?content_type=DO&content_type=GL"
 		optionsSelf={object}
 		field="parent_folder"
+		pathField="path"
 		cacheLock={cacheLocks['parent_folder']}
 		bind:cachedValue={formDataCache['parent_folder']}
 		label={m.parentDomain()}

frontend/messages/ar.json

@@ -929,5 +929,10 @@
 	"matchingScenarios": "السيناريوهات المطابقة",
 	"select": "تحديد",
 	"deselect": "إلغاء التحديد",
-	"fearedEventAssetHelpText": "الأحداث المخيفة عادة ما تكون مرتبطة بقيم الأعمال (الأصول الأساسية). يُسمح بالأصول الداعمة هنا من أجل المرونة"
+	"fearedEventAssetHelpText": "الأحداث المخيفة عادة ما تكون مرتبطة بقيم الأعمال (الأصول الأساسية). يُسمح بالأصول الداعمة هنا من أجل المرونة",
+	"saveAndContinue": "حفظ ومتابعة",
+	"abbreviation": "اختصار",
+	"qualificationOrdering": "ترتيب المؤهلات",
+	"securityObjectiveOrdering": "ترتيب الأهداف الأمنية",
+	"addQualification": "إضافة تأهيل"
 }

frontend/messages/cs.json

@@ -949,5 +949,10 @@
 	"matchingScenarios": "Shodné scénáře",
 	"select": "Vybrat",
 	"deselect": "Zrušit výběr",
-	"fearedEventAssetHelpText": "Strašné události jsou obvykle spojeny s obchodními hodnotami (primární aktiva). Podporná aktiva jsou zde povolena pro větší flexibilitu."
+	"fearedEventAssetHelpText": "Strašné události jsou obvykle spojeny s obchodními hodnotami (primární aktiva). Podporná aktiva jsou zde povolena pro větší flexibilitu.",
+	"saveAndContinue": "Uložit a pokračovat",
+	"abbreviation": "Zkratka",
+	"qualificationOrdering": "Pořadí kvalifikace",
+	"securityObjectiveOrdering": "Pořadí bezpečnostního cíle",
+	"addQualification": "Přidat kvalifikaci"
 }

frontend/messages/da.json

@@ -1244,5 +1244,10 @@
 	],
 	"matchingScenarios": "Matchende scenarier",
 	"select": "Vælg",
-	"deselect": "Fravælg"
+	"deselect": "Fravælg",
+	"saveAndContinue": "Gem og fortsæt",
+	"abbreviation": "Forkortelse",
+	"qualificationOrdering": "Kvalifikationsrækkefølge",
+	"securityObjectiveOrdering": "Sikkerhedsmålsrækkefølge",
+	"addQualification": "Tilføj kvalifikation"
 }

frontend/messages/de.json

@@ -966,5 +966,10 @@
 	"matchingScenarios": "Übereinstimmende Szenarien",
 	"select": "Auswählen",
 	"deselect": "Abwählen",
-	"fearedEventAssetHelpText": "Angstereignisse sind in der Regel mit Geschäftswerten (primäre Vermögenswerte) verknüpft. Unterstützende Vermögenswerte sind hier aus Flexibilitätsgründen erlaubt."
+	"fearedEventAssetHelpText": "Angstereignisse sind in der Regel mit Geschäftswerten (primäre Vermögenswerte) verknüpft. Unterstützende Vermögenswerte sind hier aus Flexibilitätsgründen erlaubt.",
+	"saveAndContinue": "Speichern und fortfahren",
+	"abbreviation": "Abkürzung",
+	"qualificationOrdering": "Qualifikationsreihenfolge",
+	"securityObjectiveOrdering": "Reihenfolge der Sicherheitsziele",
+	"addQualification": "Qualifikation hinzufügen"
 }

frontend/messages/el.json

@@ -1663,5 +1663,10 @@
 	"dataWizardSelectFramework": "Επιλέξτε Πλαίσιο",
 	"dataWizardParsingResults": "Αποτελέσματα ανάλυσης:",
 	"dataWizardTemplatesAndGuidelines": "Πρότυπα και οδηγίες",
-	"dataWizardLoadExcelData": "Φόρτωση δεδομένων Excel"
+	"dataWizardLoadExcelData": "Φόρτωση δεδομένων Excel",
+	"saveAndContinue": "Αποθήκευση και συνέχιση",
+	"abbreviation": "Συντομογραφία",
+	"qualificationOrdering": "Σειρά κατάταξης προσόντων",
+	"securityObjectiveOrdering": "Σειρά στόχων ασφαλείας",
+	"addQualification": "Προσθήκη προσόντος"
 }