Merge branch 'main' into CA-826-make-score-read-only-in-entity-assess…

…ment-questionnaire
intuitem · Feb 4, 2025 · 08cebca · 08cebca
2 parents 03541ef + 805d408
commit 08cebca
Show file tree

Hide file tree

Showing 5 changed files with 20 additions and 10 deletions.
diff --git a/.github/workflows/frontend-coverage.yaml b/.github/workflows/frontend-coverage.yaml
@@ -5,6 +5,7 @@ on:
     branches: ["main"]
     paths:
       - "frontend/**"
+  workflow_dispatch:
 
 env:
   GITHUB_WORKFLOW: github_actions
@@ -37,6 +38,9 @@ jobs:
       - name: Install dependencies
         working-directory: ${{env.working-directory}}
         run: pnpm i --frozen-lockfile
+      - name: Prepare sveltekit
+        working-directory: ${{env.working-directory}}
+        run: pnpm run prepare
       - name: Run coverage
         working-directory: ${{env.working-directory}}
         run: pnpm run coverage
diff --git a/.github/workflows/frontend-unit-tests.yml b/.github/workflows/frontend-unit-tests.yml
@@ -4,6 +4,7 @@ on:
   push:
     paths:
       - "frontend/**"
+  workflow_dispatch:
 
 env:
   GITHUB_WORKFLOW: github_actions
@@ -36,6 +37,9 @@ jobs:
       - name: Install dependencies
         working-directory: ${{env.working-directory}}
         run: pnpm i --frozen-lockfile
+      - name: Prepare sveltekit
+        working-directory: ${{env.working-directory}}
+        run: pnpm run prepare
       - name: Run tests
         working-directory: ${{env.working-directory}}
         run: pnpm run test:ci
diff --git a/README.md b/README.md
@@ -487,12 +487,13 @@ The goal of the test harness is to prevent any regression, i.e. all the tests sh
 
 ## API and Swagger
 
-- The API documentation is available in dev mode on the `<backend_endpoint>/api/schema/swagger/`, for instance <http://127.0.0.1:8000/api/schema/swagger/>
+- The API is available only on dev mode. To get that, you need to switch on the backend, for instance, `export DJANGO_DEBUG=True`
+- The API documentation will be available on `<backend_endpoint>/api/schema/swagger/`, for instance <http://127.0.0.1:8000/api/schema/swagger/>
 
 To interact with it:
 
 - call `/api/iam/login/` with your credentials in the body to get the token
-- pass it then as a header `Authorization: Token {token}` for your next calls. Notice it's Token not Bearer.
+- pass it then as a header `Authorization: Token {token}` for your next calls. Notice it's `Token` not `Bearer`.
 
 ## Setting CISO Assistant for production
 

diff --git a/frontend/package.json b/frontend/package.json
@@ -3,6 +3,7 @@
 	"version": "0.0.1",
 	"private": true,
 	"scripts": {
+		"prepare": "svelte-kit sync",
 		"dev": "vite dev",
 		"build": "paraglide-js compile --project ./project.inlang && vite build",
 		"preview": "vite preview",

diff --git a/frontend/src/lib/utils/schemas.ts b/frontend/src/lib/utils/schemas.ts
@@ -63,7 +63,7 @@ const NameDescriptionMixin = {
 
 export const FolderSchema = z.object({
 	...NameDescriptionMixin,
-	ref_id: z.string().optional().nullable(),
+	ref_id: z.string().optional(),
 	parent_folder: z.string().optional()
 });
 
@@ -78,7 +78,7 @@ export const FolderImportSchema = z.object({
 export const ProjectSchema = z.object({
 	...NameDescriptionMixin,
 	folder: z.string(),
-	ref_id: z.string().optional().nullable(),
+	ref_id: z.string().optional(),
 	lc_status: z.string().optional().default('in_design')
 });
 
@@ -98,7 +98,7 @@ export const RiskAssessmentSchema = z.object({
 	version: z.string().optional().default('0.1'),
 	project: z.string(),
 	status: z.string().optional().nullable(),
-	ref_id: z.string().optional().nullable(),
+	ref_id: z.string().optional(),
 	risk_matrix: z.string(),
 	eta: z.union([z.literal('').transform(() => null), z.string().date()]).nullish(),
 	due_date: z.union([z.literal('').transform(() => null), z.string().date()]).nullish(),
@@ -112,7 +112,7 @@ export const ThreatSchema = z.object({
 	...NameDescriptionMixin,
 	folder: z.string(),
 	provider: z.string().optional().nullable(),
-	ref_id: z.string().optional().nullable(),
+	ref_id: z.string().optional(),
 	annotation: z.string().optional().nullable()
 });
 
@@ -134,12 +134,12 @@ export const RiskScenarioSchema = z.object({
 	assets: z.string().uuid().optional().array().optional(),
 	vulnerabilities: z.string().uuid().optional().array().optional(),
 	owner: z.string().uuid().optional().array().optional(),
-	ref_id: z.string().max(8).optional().nullable()
+	ref_id: z.string().max(8).optional()
 });
 
 export const AppliedControlSchema = z.object({
 	...NameDescriptionMixin,
-	ref_id: z.string().optional().nullable(),
+	ref_id: z.string().optional(),
 	category: z.string().optional().nullable(),
 	csf_function: z.string().optional().nullable(),
 	priority: z.number().optional().nullable(),
@@ -179,7 +179,7 @@ export const ReferenceControlSchema = z.object({
 	category: z.string().optional().nullable(),
 	csf_function: z.string().optional().nullable(),
 	folder: z.string(),
-	ref_id: z.string().optional().nullable(),
+	ref_id: z.string().optional(),
 	annotation: z.string().optional().nullable()
 });
 
@@ -268,7 +268,7 @@ export const SetPasswordSchema = z.object({
 export const ComplianceAssessmentSchema = z.object({
 	...NameDescriptionMixin,
 	version: z.string().optional().default('0.1'),
-	ref_id: z.string().optional().nullable(),
+	ref_id: z.string().optional(),
 	project: z.string(),
 	status: z.string().optional().nullable(),
 	selected_implementation_groups: z.array(z.string().optional()).optional(),