Add endpoints for ValidAttributes, Todos, Nuggets.
Improve filtering capabilities for each endpoint, using django-filters.
Create dedicated classes for filtering objects: this allows more flexibility and customization.
Add missing fields (numchild, depth, path) to the /business_lines endpoint
Add missing field (date) to the /files endpoint.
Better check user permissions when serving or writing data
Rework pagination (use page= and page_size= in the query string, instead of offset=)
Make the fir_api plugin compliant with python black
This PR introduce breaking changes to some API endpoints:
Endpoints
Changes
/incidents
- Fields detection, actor, plan, confidentiality, severity, category, opened_by and concerned_business_lines are now strings instead of IDs. - Field status is now a full name instead of a short code (“Open” instead of “O”) - It is not possible to delete an incident via API anymore - Some fields are now optional when creating an incident. The only required fields are : subject, detection, severity, category and confidentiality - New fields are now available in the API response when getting details of a specific incident (/incident/\<id>): artifacts, attributes, files_set as well as todoitem_set and nugget_set (if modules are enabled)
/artifacts
When listing all artifacts, an incident count is now provided for each artifact (instead of each incident ID). This change was done for performance purpose. IDs of each incident having an artifact can still be retrieved by querying /artifacts/\<id>
/files
Fields files and descriptions are renamed to file and description.
/comments
Fields opened_by and action now take strings instead of ID
/labels
Field groups is now represented as a string instead of an ID
/attributes
When creating an attribute to an incident, the attribute's name must now match a previously declared valid attribute
/businesslines
The field name now returns the full business line path, separated by > if needed (eg, Demo BL 1 > Sub BL 2).
This PR:
django-filters.numchild,depth,path) to the/business_linesendpointdate) to the/filesendpoint.page=andpage_size=in the query string, instead ofoffset=)This PR introduce breaking changes to some API endpoints:
detection,actor,plan,confidentiality,severity,category,opened_byandconcerned_business_linesare now strings instead of IDs.- Field
statusis now a full name instead of a short code (“Open” instead of “O”)- It is not possible to delete an incident via API anymore
- Some fields are now optional when creating an incident. The only required fields are :
subject,detection,severity,categoryandconfidentiality- New fields are now available in the API response when getting details of a specific incident (/incident/\<id>):
artifacts,attributes,files_setas well astodoitem_setandnugget_set(if modules are enabled)filesanddescriptionsare renamed tofileanddescription.opened_byandactionnow take strings instead of IDgroupsis now represented as a string instead of an IDnamenow returns the full business line path, separated by>if needed (eg,Demo BL 1 > Sub BL 2).