mimic

knacky/mimic

Fork 0

Commit Graph

Author	SHA1	Message	Date
Knacky	d5ab1fd26f	feat(backend): sprint 4 — tactic_ids + done guard + engagement auto-status - Simulation model: add tactic_ids JSON column (nullable=False, default=[]) - Migration 0004: ADD COLUMN tactic_ids (server_default='[]', no batch needed) - mitre.py: add _TACTIC_IDS map, lookup_tactic(), get_tactic_name() - simulation_workflow.py: done guard (409) before RBAC; SOC gate += tactic_ids; _resolve_tactic_ids() validates against hardcoded map; auto-transition += tactic_ids; transition done→review_required is Reopen (all 3 roles); _maybe_activate_engagement hook - serializers.py: _enrich_tactics() → serialize_simulation adds tactics:[{id,name}] - test_simulations_tactics.py: valid/invalid/dedup/SOC gate/auto-transition/no-bundle - test_simulations_done_readonly.py: 409 all roles, Reopen all roles, invalid transitions, after-reopen ok - test_engagement_lifecycle.py: planned→active on auto-transition, already active/closed unchanged, migration 0004 round-trip - Updated test_simulations_patch.py + test_simulations_workflow.py for AC-18 behavior Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-05-27 19:52:02 +02:00
Knacky	83bf60fb30	fix(backend): post-review fixes sprint 2 - test_simulations_patch: remove false dict return annotation on _patch helper - simulation_workflow: validate executed_at upfront before any setattr (prevents partial mutation on bad payload) - api/simulations: remove unreachable role check in update_simulation (all valid roles are admin/redteam/soc) - Dockerfile: remove redundant COPY backend/data/ (already covered by COPY backend/) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-05-26 11:21:32 +02:00
Knacky	006c4c2c5f	feat(backend): sprint 2 — simulations + MITRE ATT&CK - Simulation model with full field set (redteam + SOC sides) and cascade delete - Alembic migration 0002 for simulations table - simulation_workflow service: PATCH RBAC field-level + auto-transition pending→in_progress + state machine - mitre service: STIX bundle loader (boot-safe) + ranked search (exact-id > prefix-id > name) - 7 new API endpoints: list/create/get/patch/delete simulations, transition, MITRE autocomplete - serialize_simulation added to serializers.py - Makefile update-mitre target with real curl + optional docker restart - Dockerfile updated to copy backend/data/ into image - MITRE enterprise-attack.json bundle committed (~45 MB) - 67 new tests (total 130 passing), ruff clean, mypy introduces no new errors Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-05-26 10:59:14 +02:00

Author

SHA1

Message

Date

Knacky

d5ab1fd26f

feat(backend): sprint 4 — tactic_ids + done guard + engagement auto-status

- Simulation model: add tactic_ids JSON column (nullable=False, default=[])
- Migration 0004: ADD COLUMN tactic_ids (server_default='[]', no batch needed)
- mitre.py: add _TACTIC_IDS map, lookup_tactic(), get_tactic_name()
- simulation_workflow.py: done guard (409) before RBAC; SOC gate += tactic_ids;
  _resolve_tactic_ids() validates against hardcoded map; auto-transition += tactic_ids;
  transition done→review_required is Reopen (all 3 roles); _maybe_activate_engagement hook
- serializers.py: _enrich_tactics() → serialize_simulation adds tactics:[{id,name}]
- test_simulations_tactics.py: valid/invalid/dedup/SOC gate/auto-transition/no-bundle
- test_simulations_done_readonly.py: 409 all roles, Reopen all roles, invalid transitions, after-reopen ok
- test_engagement_lifecycle.py: planned→active on auto-transition, already active/closed unchanged, migration 0004 round-trip
- Updated test_simulations_patch.py + test_simulations_workflow.py for AC-18 behavior

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

2026-05-27 19:52:02 +02:00

Knacky

83bf60fb30

fix(backend): post-review fixes sprint 2

- test_simulations_patch: remove false dict return annotation on _patch helper
- simulation_workflow: validate executed_at upfront before any setattr (prevents partial mutation on bad payload)
- api/simulations: remove unreachable role check in update_simulation (all valid roles are admin/redteam/soc)
- Dockerfile: remove redundant COPY backend/data/ (already covered by COPY backend/)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

2026-05-26 11:21:32 +02:00

Knacky

006c4c2c5f

feat(backend): sprint 2 — simulations + MITRE ATT&CK

- Simulation model with full field set (redteam + SOC sides) and cascade delete
- Alembic migration 0002 for simulations table
- simulation_workflow service: PATCH RBAC field-level + auto-transition pending→in_progress + state machine
- mitre service: STIX bundle loader (boot-safe) + ranked search (exact-id > prefix-id > name)
- 7 new API endpoints: list/create/get/patch/delete simulations, transition, MITRE autocomplete
- serialize_simulation added to serializers.py
- Makefile update-mitre target with real curl + optional docker restart
- Dockerfile updated to copy backend/data/ into image
- MITRE enterprise-attack.json bundle committed (~45 MB)
- 67 new tests (total 130 passing), ruff clean, mypy introduces no new errors

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

2026-05-26 10:59:14 +02:00

3 Commits