admin/39191-vm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
39191-vm/backend/src/db/api/assessment_scores.js
Flatlogic Bot 7092d06269 Initial version
2026-03-14 02:59:47 +00:00

844 lines
24 KiB
JavaScript
Raw Blame History

const db = require('../models');
const FileDBApi = require('./file');
const crypto = require('crypto');
const Utils = require('../utils');
const Sequelize = db.Sequelize;
const Op = Sequelize.Op;
module.exports = class Assessment_scoresDBApi {
static async create(data, options) {
const currentUser = (options && options.currentUser) || { id: null };
const transaction = (options && options.transaction) || undefined;
const assessment_scores = await db.assessment_scores.create(
{
id: data.id || undefined,
security_posture_score: data.security_posture_score
||
null
,
security_maturity_tier: data.security_maturity_tier
||
null
,
estimated_annual_breach_risk: data.estimated_annual_breach_risk
||
null
,
estimated_monthly_breach_risk: data.estimated_monthly_breach_risk
||
null
,
annual_breach_probability_percent: data.annual_breach_probability_percent
||
null
,
control_gap_score_normalized: data.control_gap_score_normalized
||
null
,
investment_progress_score_normalized: data.investment_progress_score_normalized
||
null
,
budget_adequacy_score: data.budget_adequacy_score
||
null
,
assessment_recency_score: data.assessment_recency_score
||
null
,
declared_gap_count: data.declared_gap_count
||
null
,
critical_security_gap: data.critical_security_gap
||
null
,
methodology_note: data.methodology_note
||
null
,
computed_at: data.computed_at
||
null
,
importHash: data.importHash || null,
createdById: currentUser.id,
updatedById: currentUser.id,
},
{ transaction },
);
await assessment_scores.setAssessment( data.assessment || null, {
transaction,
});
await assessment_scores.setOrganizations( data.organizations || null, {
transaction,
});
return assessment_scores;
}
static async bulkImport(data, options) {
const currentUser = (options && options.currentUser) || { id: null };
const transaction = (options && options.transaction) || undefined;
// Prepare data - wrapping individual data transformations in a map() method
const assessment_scoresData = data.map((item, index) => ({
id: item.id || undefined,
security_posture_score: item.security_posture_score
||
null
,
security_maturity_tier: item.security_maturity_tier
||
null
,
estimated_annual_breach_risk: item.estimated_annual_breach_risk
||
null
,
estimated_monthly_breach_risk: item.estimated_monthly_breach_risk
||
null
,
annual_breach_probability_percent: item.annual_breach_probability_percent
||
null
,
control_gap_score_normalized: item.control_gap_score_normalized
||
null
,
investment_progress_score_normalized: item.investment_progress_score_normalized
||
null
,
budget_adequacy_score: item.budget_adequacy_score
||
null
,
assessment_recency_score: item.assessment_recency_score
||
null
,
declared_gap_count: item.declared_gap_count
||
null
,
critical_security_gap: item.critical_security_gap
||
null
,
methodology_note: item.methodology_note
||
null
,
computed_at: item.computed_at
||
null
,
importHash: item.importHash || null,
createdById: currentUser.id,
updatedById: currentUser.id,
createdAt: new Date(Date.now() + index * 1000),
}));
// Bulk create items
const assessment_scores = await db.assessment_scores.bulkCreate(assessment_scoresData, { transaction });
// For each item created, replace relation files
return assessment_scores;
}
static async update(id, data, options) {
const currentUser = (options && options.currentUser) || {id: null};
const transaction = (options && options.transaction) || undefined;
const globalAccess = currentUser.app_role?.globalAccess;
const assessment_scores = await db.assessment_scores.findByPk(id, {}, {transaction});
const updatePayload = {};
if (data.security_posture_score !== undefined) updatePayload.security_posture_score = data.security_posture_score;
if (data.security_maturity_tier !== undefined) updatePayload.security_maturity_tier = data.security_maturity_tier;
if (data.estimated_annual_breach_risk !== undefined) updatePayload.estimated_annual_breach_risk = data.estimated_annual_breach_risk;
if (data.estimated_monthly_breach_risk !== undefined) updatePayload.estimated_monthly_breach_risk = data.estimated_monthly_breach_risk;
if (data.annual_breach_probability_percent !== undefined) updatePayload.annual_breach_probability_percent = data.annual_breach_probability_percent;
if (data.control_gap_score_normalized !== undefined) updatePayload.control_gap_score_normalized = data.control_gap_score_normalized;
if (data.investment_progress_score_normalized !== undefined) updatePayload.investment_progress_score_normalized = data.investment_progress_score_normalized;
if (data.budget_adequacy_score !== undefined) updatePayload.budget_adequacy_score = data.budget_adequacy_score;
if (data.assessment_recency_score !== undefined) updatePayload.assessment_recency_score = data.assessment_recency_score;
if (data.declared_gap_count !== undefined) updatePayload.declared_gap_count = data.declared_gap_count;
if (data.critical_security_gap !== undefined) updatePayload.critical_security_gap = data.critical_security_gap;
if (data.methodology_note !== undefined) updatePayload.methodology_note = data.methodology_note;
if (data.computed_at !== undefined) updatePayload.computed_at = data.computed_at;
updatePayload.updatedById = currentUser.id;
await assessment_scores.update(updatePayload, {transaction});
if (data.assessment !== undefined) {
await assessment_scores.setAssessment(
data.assessment,
{ transaction }
);
}
if (data.organizations !== undefined) {
await assessment_scores.setOrganizations(
data.organizations,
{ transaction }
);
}
return assessment_scores;
}
static async deleteByIds(ids, options) {
const currentUser = (options && options.currentUser) || { id: null };
const transaction = (options && options.transaction) || undefined;
const assessment_scores = await db.assessment_scores.findAll({
where: {
id: {
[Op.in]: ids,
},
},
transaction,
});
await db.sequelize.transaction(async (transaction) => {
for (const record of assessment_scores) {
await record.update(
{deletedBy: currentUser.id},
{transaction}
);
}
for (const record of assessment_scores) {
await record.destroy({transaction});
}
});
return assessment_scores;
}
static async remove(id, options) {
const currentUser = (options && options.currentUser) || {id: null};
const transaction = (options && options.transaction) || undefined;
const assessment_scores = await db.assessment_scores.findByPk(id, options);
await assessment_scores.update({
deletedBy: currentUser.id
}, {
transaction,
});
await assessment_scores.destroy({
transaction
});
return assessment_scores;
}
static async findBy(where, options) {
const transaction = (options && options.transaction) || undefined;
const assessment_scores = await db.assessment_scores.findOne(
{ where },
{ transaction },
);
if (!assessment_scores) {
return assessment_scores;
}
const output = assessment_scores.get({plain: true});
output.assessment = await assessment_scores.getAssessment({
transaction
});
output.organizations = await assessment_scores.getOrganizations({
transaction
});
return output;
}
static async findAll(
filter,
globalAccess, options
) {
const limit = filter.limit || 0;
let offset = 0;
let where = {};
const currentPage = +filter.page;
const user = (options && options.currentUser) || null;
const userOrganizations = (user && user.organizations?.id) || null;
if (userOrganizations) {
if (options?.currentUser?.organizationsId) {
where.organizationsId = options.currentUser.organizationsId;
}
}
offset = currentPage * limit;
const orderBy = null;
const transaction = (options && options.transaction) || undefined;
let include = [
{
model: db.diagnostic_assessments,
as: 'assessment',
where: filter.assessment ? {
[Op.or]: [
{ id: { [Op.in]: filter.assessment.split('|').map(term => Utils.uuid(term)) } },
{
assessment_code: {
[Op.or]: filter.assessment.split('|').map(term => ({ [Op.iLike]: `%${term}%` }))
}
},
]
} : {},
},
{
model: db.organizations,
as: 'organizations',
},
];
if (filter) {
if (filter.id) {
where = {
...where,
['id']: Utils.uuid(filter.id),
};
}
if (filter.critical_security_gap) {
where = {
...where,
[Op.and]: Utils.ilike(
'assessment_scores',
'critical_security_gap',
filter.critical_security_gap,
),
};
}
if (filter.methodology_note) {
where = {
...where,
[Op.and]: Utils.ilike(
'assessment_scores',
'methodology_note',
filter.methodology_note,
),
};
}
if (filter.security_posture_scoreRange) {
const [start, end] = filter.security_posture_scoreRange;
if (start !== undefined && start !== null && start !== '') {
where = {
...where,
security_posture_score: {
...where.security_posture_score,
[Op.gte]: start,
},
};
}
if (end !== undefined && end !== null && end !== '') {
where = {
...where,
security_posture_score: {
...where.security_posture_score,
[Op.lte]: end,
},
};
}
}
if (filter.estimated_annual_breach_riskRange) {
const [start, end] = filter.estimated_annual_breach_riskRange;
if (start !== undefined && start !== null && start !== '') {
where = {
...where,
estimated_annual_breach_risk: {
...where.estimated_annual_breach_risk,
[Op.gte]: start,
},
};
}
if (end !== undefined && end !== null && end !== '') {
where = {
...where,
estimated_annual_breach_risk: {
...where.estimated_annual_breach_risk,
[Op.lte]: end,
},
};
}
}
if (filter.estimated_monthly_breach_riskRange) {
const [start, end] = filter.estimated_monthly_breach_riskRange;
if (start !== undefined && start !== null && start !== '') {
where = {
...where,
estimated_monthly_breach_risk: {
...where.estimated_monthly_breach_risk,
[Op.gte]: start,
},
};
}
if (end !== undefined && end !== null && end !== '') {
where = {
...where,
estimated_monthly_breach_risk: {
...where.estimated_monthly_breach_risk,
[Op.lte]: end,
},
};
}
}
if (filter.annual_breach_probability_percentRange) {
const [start, end] = filter.annual_breach_probability_percentRange;
if (start !== undefined && start !== null && start !== '') {
where = {
...where,
annual_breach_probability_percent: {
...where.annual_breach_probability_percent,
[Op.gte]: start,
},
};
}
if (end !== undefined && end !== null && end !== '') {
where = {
...where,
annual_breach_probability_percent: {
...where.annual_breach_probability_percent,
[Op.lte]: end,
},
};
}
}
if (filter.control_gap_score_normalizedRange) {
const [start, end] = filter.control_gap_score_normalizedRange;
if (start !== undefined && start !== null && start !== '') {
where = {
...where,
control_gap_score_normalized: {
...where.control_gap_score_normalized,
[Op.gte]: start,
},
};
}
if (end !== undefined && end !== null && end !== '') {
where = {
...where,
control_gap_score_normalized: {
...where.control_gap_score_normalized,
[Op.lte]: end,
},
};
}
}
if (filter.investment_progress_score_normalizedRange) {
const [start, end] = filter.investment_progress_score_normalizedRange;
if (start !== undefined && start !== null && start !== '') {
where = {
...where,
investment_progress_score_normalized: {
...where.investment_progress_score_normalized,
[Op.gte]: start,
},
};
}
if (end !== undefined && end !== null && end !== '') {
where = {
...where,
investment_progress_score_normalized: {
...where.investment_progress_score_normalized,
[Op.lte]: end,
},
};
}
}
if (filter.budget_adequacy_scoreRange) {
const [start, end] = filter.budget_adequacy_scoreRange;
if (start !== undefined && start !== null && start !== '') {
where = {
...where,
budget_adequacy_score: {
...where.budget_adequacy_score,
[Op.gte]: start,
},
};
}
if (end !== undefined && end !== null && end !== '') {
where = {
...where,
budget_adequacy_score: {
...where.budget_adequacy_score,
[Op.lte]: end,
},
};
}
}
if (filter.assessment_recency_scoreRange) {
const [start, end] = filter.assessment_recency_scoreRange;
if (start !== undefined && start !== null && start !== '') {
where = {
...where,
assessment_recency_score: {
...where.assessment_recency_score,
[Op.gte]: start,
},
};
}
if (end !== undefined && end !== null && end !== '') {
where = {
...where,
assessment_recency_score: {
...where.assessment_recency_score,
[Op.lte]: end,
},
};
}
}
if (filter.declared_gap_countRange) {
const [start, end] = filter.declared_gap_countRange;
if (start !== undefined && start !== null && start !== '') {
where = {
...where,
declared_gap_count: {
...where.declared_gap_count,
[Op.gte]: start,
},
};
}
if (end !== undefined && end !== null && end !== '') {
where = {
...where,
declared_gap_count: {
...where.declared_gap_count,
[Op.lte]: end,
},
};
}
}
if (filter.computed_atRange) {
const [start, end] = filter.computed_atRange;
if (start !== undefined && start !== null && start !== '') {
where = {
...where,
computed_at: {
...where.computed_at,
[Op.gte]: start,
},
};
}
if (end !== undefined && end !== null && end !== '') {
where = {
...where,
computed_at: {
...where.computed_at,
[Op.lte]: end,
},
};
}
}
if (filter.active !== undefined) {
where = {
...where,
active: filter.active === true || filter.active === 'true'
};
}
if (filter.security_maturity_tier) {
where = {
...where,
security_maturity_tier: filter.security_maturity_tier,
};
}
if (filter.organizations) {
const listItems = filter.organizations.split('|').map(item => {
return Utils.uuid(item)
});
where = {
...where,
organizationsId: {[Op.or]: listItems}
};
}
if (filter.createdAtRange) {
const [start, end] = filter.createdAtRange;
if (start !== undefined && start !== null && start !== '') {
where = {
...where,
['createdAt']: {
...where.createdAt,
[Op.gte]: start,
},
};
}
if (end !== undefined && end !== null && end !== '') {
where = {
...where,
['createdAt']: {
...where.createdAt,
[Op.lte]: end,
},
};
}
}
}
if (globalAccess) {
delete where.organizationsId;
}
const queryOptions = {
where,
include,
distinct: true,
order: filter.field && filter.sort
? [[filter.field, filter.sort]]
: [['createdAt', 'desc']],
transaction: options?.transaction,
logging: console.log
};
if (!options?.countOnly) {
queryOptions.limit = limit ? Number(limit) : undefined;
queryOptions.offset = offset ? Number(offset) : undefined;
}
try {
const { rows, count } = await db.assessment_scores.findAndCountAll(queryOptions);
return {
rows: options?.countOnly ? [] : rows,
count: count
};
} catch (error) {
console.error('Error executing query:', error);
throw error;
}
}
static async findAllAutocomplete(query, limit, offset, globalAccess, organizationId,) {
let where = {};
if (!globalAccess && organizationId) {
where.organizationId = organizationId;
}
if (query) {
where = {
[Op.or]: [
{ ['id']: Utils.uuid(query) },
Utils.ilike(
'assessment_scores',
'critical_security_gap',
query,
),
],
};
}
const records = await db.assessment_scores.findAll({
attributes: [ 'id', 'critical_security_gap' ],
where,
limit: limit ? Number(limit) : undefined,
offset: offset ? Number(offset) : undefined,
orderBy: [['critical_security_gap', 'ASC']],
});
return records.map((record) => ({
id: record.id,
label: record.critical_security_gap,
}));
}
};
Reference in New Issue View Git Blame Copy Permalink