diff --git a/app/Http/Controllers/RiskScoringConfigController.php b/app/Http/Controllers/RiskScoringConfigController.php index b9441a43..99c5b786 100644 --- a/app/Http/Controllers/RiskScoringConfigController.php +++ b/app/Http/Controllers/RiskScoringConfigController.php @@ -15,13 +15,14 @@ */ class RiskScoringConfigController extends Controller { + public function __construct(private readonly RiskScoringService $scoringService) { } private function checkAdmin(): void { - if (Auth::user()->role !== 1) { + if (!Auth::user()->isAdmin()) { abort(403); } } @@ -44,24 +45,35 @@ public function create(): View $config = new RiskScoringConfig([ 'formula' => 'probability_x_impact', 'probability_levels' => [ - ['value' => 1, 'label' => 'Rare', 'description' => ''], - ['value' => 2, 'label' => 'Peu probable', 'description' => ''], - ['value' => 3, 'label' => 'Possible', 'description' => ''], - ['value' => 4, 'label' => 'Probable', 'description' => ''], - ['value' => 5, 'label' => 'Très probable', 'description' => ''], + ['value' => 1, 'label' => __('cruds.risk_scoring.defaults.probability_levels.rare'), 'description' => ''], + ['value' => 2, 'label' => __('cruds.risk_scoring.defaults.probability_levels.unlikely'), 'description' => ''], + ['value' => 3, 'label' => __('cruds.risk_scoring.defaults.probability_levels.possible'), 'description' => ''], + ['value' => 4, 'label' => __('cruds.risk_scoring.defaults.probability_levels.likely'), 'description' => ''], + ['value' => 5, 'label' => __('cruds.risk_scoring.defaults.probability_levels.very_likely'), 'description' => ''], + ], + 'exposure_levels' => [ + ['value' => 0, 'label' => __('cruds.risk_scoring.defaults.exposure_levels.offline'), 'description' => ''], + ['value' => 1, 'label' => __('cruds.risk_scoring.defaults.exposure_levels.internal'), 'description' => ''], + ['value' => 2, 'label' => __('cruds.risk_scoring.defaults.exposure_levels.internet'), 'description' => ''], + ], + 'vulnerability_levels' => [ + ['value' => 1, 'label' => __('cruds.risk_scoring.defaults.vulnerability_levels.none'), 'description' => ''], + ['value' => 2, 'label' => __('cruds.risk_scoring.defaults.vulnerability_levels.known'), 'description' => ''], + ['value' => 3, 'label' => __('cruds.risk_scoring.defaults.vulnerability_levels.exploitable_int'), 'description' => ''], + ['value' => 4, 'label' => __('cruds.risk_scoring.defaults.vulnerability_levels.exploitable_ext'), 'description' => ''], ], 'impact_levels' => [ - ['value' => 1, 'label' => 'Négligeable', 'description' => ''], - ['value' => 2, 'label' => 'Faible', 'description' => ''], - ['value' => 3, 'label' => 'Modéré', 'description' => ''], - ['value' => 4, 'label' => 'Élevé', 'description' => ''], - ['value' => 5, 'label' => 'Critique', 'description' => ''], + ['value' => 1, 'label' => __('cruds.risk_scoring.defaults.impact_levels.negligible'), 'description' => ''], + ['value' => 2, 'label' => __('cruds.risk_scoring.defaults.impact_levels.low'), 'description' => ''], + ['value' => 3, 'label' => __('cruds.risk_scoring.defaults.impact_levels.moderate'), 'description' => ''], + ['value' => 4, 'label' => __('cruds.risk_scoring.defaults.impact_levels.high'), 'description' => ''], + ['value' => 5, 'label' => __('cruds.risk_scoring.defaults.impact_levels.critical'), 'description' => ''], ], 'risk_thresholds' => [ - ['level' => 'low', 'label' => 'Faible', 'max' => 4, 'color' => '#27ae60'], - ['level' => 'medium', 'label' => 'Moyen', 'max' => 9, 'color' => '#f39c12'], - ['level' => 'high', 'label' => 'Élevé', 'max' => 16, 'color' => '#e74c3c'], - ['level' => 'critical', 'label' => 'Critique', 'max' => null, 'color' => '#c0392b'], + ['level' => 'low', 'label' => __('cruds.risk_scoring.defaults.risk_thresholds.low'), 'max' => 4, 'color' => '#27ae60'], + ['level' => 'medium', 'label' => __('cruds.risk_scoring.defaults.risk_thresholds.medium'), 'max' => 9, 'color' => '#f39c12'], + ['level' => 'high', 'label' => __('cruds.risk_scoring.defaults.risk_thresholds.high'), 'max' => 16, 'color' => '#e74c3c'], + ['level' => 'critical', 'label' => __('cruds.risk_scoring.defaults.risk_thresholds.critical'), 'max' => null, 'color' => '#c0392b'], ], ]); @@ -198,14 +210,14 @@ private function validateConfig(Request $request): array // Helpers couleurs : migration legacy (noms de classes MetroUI) → hex // ------------------------------------------------------------------------- -/* - private const COLOR_MAP = [ - 'success' => '#27ae60', - 'warning' => '#f39c12', - 'danger' => '#e74c3c', - 'alert' => '#c0392b', - 'info' => '#2980b9', - 'secondary' => '#7f8c8d', - ]; -*/ + /* + private const COLOR_MAP = [ + 'success' => '#27ae60', + 'warning' => '#f39c12', + 'danger' => '#e74c3c', + 'alert' => '#c0392b', + 'info' => '#2980b9', + 'secondary' => '#7f8c8d', + ]; + */ } \ No newline at end of file diff --git a/resources/lang/de/cruds.php b/resources/lang/de/cruds.php index f778dcfc..cb4b07cf 100644 --- a/resources/lang/de/cruds.php +++ b/resources/lang/de/cruds.php @@ -335,4 +335,165 @@ ], ], ], + // ------------------------------------------------------------------------- + // Risikoregister + // ------------------------------------------------------------------------- + 'risk' => [ + + // Seitentitel + 'list' => 'Risikoliste', + 'create' => 'Neues Risiko', + 'edit' => 'Risiko bearbeiten', + 'matrix' => 'Risikomatrix', + 'singular' => 'Risiko', + 'plural' => 'Risiken', + 'export' => 'Risiken', + + // Risikostufen (in Badges und Zählern angezeigt) + 'levels' => [ + 'low' => 'Gering', + 'medium' => 'Mittel', + 'high' => 'Hoch', + 'critical' => 'Kritisch', + ], + + // Formular- und Listenfelder + 'fields' => [ + 'name' => 'Name', + 'description' => 'Beschreibung', + 'owner' => 'Verantwortlicher', + 'no_owner' => 'Nicht zugewiesen', + 'choose_owner' => 'Verantwortlichen wählen', + 'choose_status' => 'Status wählen', + + // Bewertung + 'probability' => 'Wahrscheinlichkeit', + 'probability_comment' => 'Kommentar Wahrscheinlichkeit', + 'impact' => 'Auswirkung', + 'impact_comment' => 'Kommentar Auswirkung', + 'exposure' => 'Exposition', + 'vulnerability' => 'Verwundbarkeit', + 'likelihood' => 'Eintrittswahrscheinlichkeit', + 'score' => 'Punktzahl', + + // Behandlung + 'status' => 'Behandlungsstatus', + 'status_comment' => 'Kommentar Status', + 'measures' => 'Verknüpfte Kontrollen', + 'measures_hint' => 'Erforderlich bei Status = Gemindert', + 'action_plan' => 'Verknüpfte Aktionspläne', + 'actions_hint' => 'Erforderlich bei Status = Nicht akzeptiert', + + // Planung + 'review_frequency' => 'Überprüfungshäufigkeit', + 'next_review' => 'Nächste Überprüfung', + 'overdue' => 'Überprüfung überfällig', + 'overdue_all' => 'Alle', + 'overdue_only' => 'Überfällig', + + // Dashboard / Matrix + 'total' => 'Gesamt', + 'by_status' => 'Verteilung nach Status', + 'by_risks' => 'Verteilung nach Risiken', + ], + + // Behandlungsstatus + 'status' => [ + 'not_evaluated' => 'Nicht bewertet', + 'not_accepted' => 'Nicht akzeptiert', + 'temporarily_accepted' => 'Vorläufig akzeptiert', + 'accepted' => 'Akzeptiert', + 'mitigated' => 'Gemindert', + 'transferred' => 'Übertragen', + 'avoided' => 'Vermieden', + ], + ], + + // ------------------------------------------------------------------------- + // Konfiguration der Risikobewertung + // ------------------------------------------------------------------------- + 'risk_scoring' => [ + + // Seitentitel + 'list' => 'Risikoklassifizierungsmethoden', + 'create' => 'Neue Klassifizierung', + 'edit' => 'Klassifizierung bearbeiten', + 'activate' => 'Diese Konfiguration aktivieren', + + // Aktionen auf Stufen / Schwellenwerte + 'add_level' => 'Stufe hinzufügen', + 'add_threshold' => 'Schwellenwert hinzufügen', + + // Kontexthilfen + 'levels_hint' => 'Mindestens 2 Stufen. Der Wert muss eine eindeutige ganze Zahl sein.', + 'thresholds_hint' => 'Der letzte Schwellenwert hat keine Obergrenze (Auffangwert). Vom niedrigsten zum höchsten Score sortieren.', + + // Formularfelder + 'fields' => [ + 'name' => 'Konfiguration', + 'formula' => 'Berechnung', + 'levels' => 'Stufen', + 'thresholds' => 'Klassifizierungsschwellen', + 'value' => 'Wert', + 'label' => 'Bezeichnung', + 'description' => 'Beschreibung', + 'level_key' => 'Interner Schlüssel', + 'score_max' => 'Max. Punktzahl', + 'color' => 'Farbe', + ], + + // Verfügbare Farben für Schwellenwerte + 'colors' => [ + 'success' => 'Grün', + 'warning' => 'Orange', + 'danger' => 'Rot', + 'alert' => 'Dunkelrot', + 'info' => 'Blau', + 'secondary' => 'Grau', + ], + + // Verfügbare Formeln (Bezeichnungen) + 'formulas' => [ + 'probability_x_impact' => 'Wahrscheinlichkeit × Auswirkung', + 'likelihood_x_impact' => 'Eintrittswahrscheinlichkeit × Auswirkung (BSI 200-3)', + 'additive' => 'Wahrscheinlichkeit + Auswirkung', + 'max_pi' => 'max(Wahrscheinlichkeit, Auswirkung)', + ], + + // Standardwerte bei der Erstellung einer neuen Konfiguration + 'defaults' => [ + 'probability_levels' => [ + 'rare' => 'Selten', + 'unlikely' => 'Unwahrscheinlich', + 'possible' => 'Möglich', + 'likely' => 'Wahrscheinlich', + 'very_likely' => 'Sehr wahrscheinlich', + ], + 'exposure_levels' => [ + 'offline' => 'Offline', + 'internal' => 'Intern', + 'internet' => 'Internet', + ], + 'vulnerability_levels' => [ + 'none' => 'Keine', + 'known' => 'Bekannt', + 'exploitable_int' => 'Intern ausnutzbar', + 'exploitable_ext' => 'Extern ausnutzbar', + ], + 'impact_levels' => [ + 'negligible' => 'Vernachlässigbar', + 'low' => 'Gering', + 'moderate' => 'Mäßig', + 'high' => 'Hoch', + 'critical' => 'Kritisch', + ], + 'risk_thresholds' => [ + 'low' => 'Gering', + 'medium' => 'Mittel', + 'high' => 'Hoch', + 'critical' => 'Kritisch', + ], + ], + ], + ]; diff --git a/resources/lang/en/cruds.php b/resources/lang/en/cruds.php index 08c36f86..a71ef497 100644 --- a/resources/lang/en/cruds.php +++ b/resources/lang/en/cruds.php @@ -462,6 +462,42 @@ 'additive' => 'Probability + Impact', 'max_pi' => 'max(Probability, Impact)', ], + + + // Default values suggested when creating a configuration + 'defaults' => [ + 'probability_levels' => [ + 'rare' => 'Rare', + 'unlikely' => 'Unlikely', + 'possible' => 'Possible', + 'likely' => 'Probable', + 'very_likely' => 'Very Likely', + ], + 'exposure_levels' => [ + 'offline' => 'Offline', + 'internal' => 'Internal', + 'internet' => 'Internet', + ], + 'vulnerability_levels' => [ + 'none' => 'None', + 'known' => 'Known', + 'exploitable_int' => 'Internally exploitable', + 'exploitable_ext' => 'Externally exploitable', + ], + 'impact_levels' => [ + 'negligible' => 'Negligible', + 'low' => 'Low', + 'moderate' => 'Moderate', + 'high' => 'High', + 'critical' => 'Critical', + ], + 'risk_thresholds' => [ + 'low' => 'Low', + 'medium' => 'Medium', + 'high' => 'High', + 'critical' => 'Critical', + ], + ], ], ]; diff --git a/resources/lang/fr/cruds.php b/resources/lang/fr/cruds.php index f84e9d0d..a4a248a3 100644 --- a/resources/lang/fr/cruds.php +++ b/resources/lang/fr/cruds.php @@ -54,7 +54,7 @@ ], ], 'attribute' => [ - 'fields' => [ + 'fields' => [ 'name' => 'Nom', 'values' => 'Valeurs', ], @@ -64,7 +64,7 @@ 'index' => 'Liste des attributs', 'choose' => 'Choisir un attribut', 'title' => 'Attribut' - ], + ], 'control' => [ 'description' => '', 'fields' => [ @@ -248,7 +248,7 @@ 'action' => 'Plan d\'action', 'action_helper' => 'Le plan d\'action proposé', 'warning' => 'Cette action est irréversible. Veuillez effectuer une sauvegarde avant !' - ], + ], 'log' => [ 'index' => 'Liste des logs', 'title' => 'Log', @@ -335,7 +335,7 @@ 'month' => 'mois', 'months' => 'mois', ], - ] + ] ], // ------------------------------------------------------------------------- @@ -462,5 +462,40 @@ 'additive' => 'Probabilité + Impact', 'max_pi' => 'max(Probabilité, Impact)', ], + + // Valeurs par défaut proposées à la création d'une configuration + 'defaults' => [ + 'probability_levels' => [ + 'rare' => 'Rare', + 'unlikely' => 'Peu probable', + 'possible' => 'Possible', + 'likely' => 'Probable', + 'very_likely' => 'Très probable', + ], + 'exposure_levels' => [ + 'offline' => 'Hors réseau', + 'internal' => 'Interne', + 'internet' => 'Internet', + ], + 'vulnerability_levels' => [ + 'none' => 'Aucune', + 'known' => 'Connue', + 'exploitable_int' => 'Exploitable interne', + 'exploitable_ext' => 'Exploitable externe', + ], + 'impact_levels' => [ + 'negligible' => 'Négligeable', + 'low' => 'Faible', + 'moderate' => 'Modéré', + 'high' => 'Élevé', + 'critical' => 'Critique', + ], + 'risk_thresholds' => [ + 'low' => 'Faible', + 'medium' => 'Moyen', + 'high' => 'Élevé', + 'critical' => 'Critique', + ], + ], ], -]; +]; \ No newline at end of file diff --git a/resources/views/risks/scoring/form.blade.php b/resources/views/risks/scoring/form.blade.php index 5aecb97b..88c436d5 100644 --- a/resources/views/risks/scoring/form.blade.php +++ b/resources/views/risks/scoring/form.blade.php @@ -161,7 +161,7 @@ {{-- Vulnérabilité : pleine largeur, visible si likelihood --}}