feat(backend): sprint 2 — simulations + MITRE ATT&CK

- Simulation model with full field set (redteam + SOC sides) and cascade delete - Alembic migration 0002 for simulations table - simulation_workflow service: PATCH RBAC field-level + auto-transition pending→in_progress + state machine - mitre service: STIX bundle loader (boot-safe) + ranked search (exact-id > prefix-id > name) - 7 new API endpoints: list/create/get/patch/delete simulations, transition, MITRE autocomplete - serialize_simulation added to serializers.py - Makefile update-mitre target with real curl + optional docker restart - Dockerfile updated to copy backend/data/ into image - MITRE enterprise-attack.json bundle committed (~45 MB) - 67 new tests (total 130 passing), ruff clean, mypy introduces no new errors Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-05-26 10:59:14 +02:00
parent 7fc79cc5a6
commit 006c4c2c5f
17 changed files with 796686 additions and 4 deletions
--- a/backend/app/serializers.py
+++ b/backend/app/serializers.py
@@ -4,6 +4,7 @@ from __future__ import annotations
 from typing import Any

 from backend.app.models import Engagement, User
+from backend.app.models.simulation import Simulation


 def serialize_user(user: User) -> dict[str, Any]:
@@ -19,6 +20,31 @@ def serialize_user_brief(user: User) -> dict[str, Any]:
    return {"id": user.id, "username": user.username}


+def serialize_simulation(simulation: Simulation) -> dict[str, Any]:
+    return {
+        "id": simulation.id,
+        "engagement_id": simulation.engagement_id,
+        "name": simulation.name,
+        "mitre_technique_id": simulation.mitre_technique_id,
+        "mitre_technique_name": simulation.mitre_technique_name,
+        "description": simulation.description,
+        "commands": simulation.commands,
+        "prerequisites": simulation.prerequisites,
+        "executed_at": simulation.executed_at.isoformat() if simulation.executed_at else None,
+        "execution_result": simulation.execution_result,
+        "log_source": simulation.log_source,
+        "logs": simulation.logs,
+        "soc_comment": simulation.soc_comment,
+        "incident_number": simulation.incident_number,
+        "status": simulation.status.value,
+        "created_at": simulation.created_at.isoformat() if simulation.created_at else None,
+        "updated_at": simulation.updated_at.isoformat() if simulation.updated_at else None,
+        "created_by": serialize_user_brief(simulation.created_by)  # type: ignore[arg-type]
+        if simulation.created_by
+        else None,
+    }
+
+
 def serialize_engagement(engagement: Engagement) -> dict[str, Any]:
    return {
        "id": engagement.id,