senaduka/old-riskletpy
1
0
Fork 0
Code Issues 5 Pull Requests 1 Actions Packages Projects Releases Wiki Activity

#10 AI bira controle,dodate je dummy payment page

Browse Source
This commit is contained in:
Amir
2025-02-17 20:36:59 +01:00
parent a097590b62
commit 5ed323140f
11 changed files with 204 additions and 90 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
backend/core/templates/document_detail.html Normal file
View File

@@ -0,0 +1,19 @@
{% extends "base.html" %}
{% block content %}
<div class="container">
<h1>Document Preview</h1>
<h2>Organization: {{ organization.name }}</h2>
<p>{{ created_at }}</p>
<h3>Identified Risks and Controls</h3>
<ul>
{% for risk, controls in risks_with_controls.items %}
<li>
<h2>{{ risk.risk_name }}:</h2>
<p>{{ controls }} </p>
</li>
{% endfor %}
</ul>
</div>
{% endblock %}

17
backend/core/templates/payment.html
View File

@@ -1,11 +1,14 @@
{% extends 'base.html' %}
{% block content %}
<h2>Payment</h2>
<p>Click the button below to pay and access your document.</p>
<form method="post">
{% csrf_token %}
<button type="submit">Pay</button>
</form>
<div class="out-risk-management">
<div class="risk-management">
<h2>Payment</h2>
<p>Click the button below to pay and access your document.</p>
<form method="post">
{% csrf_token %}
<button class="btn-bl" type="submit">Pay</button>
</form>
</div>
</div>
{% endblock %}

2
backend/core/urls.py
View File

@@ -12,5 +12,5 @@ urlpatterns = [
path('document/<uuid:document_id>/', v.document, name='document'),
path('preview/<str:name>/', v.template_preview, name='template_preview'),
path("payment/", v.payment_page, name="payment_page"),
path('documentview/<uuid:document_id>/', v.docprew, name='generate_document_view'),
]

110
backend/core/utils.py
View File

@@ -1,7 +1,7 @@
from openai import OpenAI
from django.conf import settings
from .models import Risk, Control, Document, DocumentRiskControl
from django.shortcuts import get_object_or_404
import time
def extract_risk_factors(organization):
excluded_fields={"name","email"}
@@ -44,59 +44,101 @@ def get_top_risk(organization):
"""
response = client.chat.completions.create(
model="gpt-4",
model="gpt-4o-mini",
messages=[{"role": "system", "content": prompt}]
)
risk_ids = response.choices[0].message.content.strip().split(",")
print(f"Risks: {risk_ids}")
return [int(risk_id) for risk_id in risk_ids if risk_id.isdigit()]
def get_controls_for_risk(risk):
def get_controls_for_risk(risk, organization):
client = OpenAI(api_key=settings.OPENAI_API_KEY)
all_controls = Control.objects.all()
control_list = []
risk_factors = extract_risk_factors(organization)
valid_control_ids = {control.id for control in all_controls}
for control in all_controls:
control_list.append(f"Control ID: {control.id}, Control Name: {control.name}")
prompt = f"""
You are a cyber security expert. For the risk '{risk.risk_name}', select 10 relevant controls
from the following list and assign a weight (1-10) based on how much they reduce risks.
Available Controls (only respond with control IDs and weights):
You are an expert in cybersecurity risk management. Given the risk "{risk.risk_name}" and its associated factors "{risk_factors}",
your task is to select **exactly 10 unique controls** from the provided list that best mitigate this risk. Each control should be assigned a weight between **1 and 10** based on its effectiveness in reducing the risk.
### Rules:
1. **Each control ID must be unique** (no duplicates).
2. **Only return control IDs and weights** in the exact format below.
3. **Weights must be between 1 and 10** (1 = low impact, 10 = high impact).
4. **Do NOT add explanations, descriptions, or extra text.**
5. **Ensure that control IDs are randomly distributed and diverse across different categories.**
### Available Controls:
{control_list}
Respond only with control IDs (numbers) and their corresponding weights (1-10).
Format:
ID: <control_id> Weight: <weight>
Example:
1: 9
2: 6
3: 4
### Expected Response Format (STRICTLY FOLLOW THIS FORMAT):
```
<control_id> : <weight>
<control_id> : <weight>
```
### Example Correct Response (NO DUPLICATES):
```
12 : 8
45 : 7
```
⚠️ **If you provide duplicate control IDs, your response will be rejected. Ensure all control IDs are unique.**
⚠️ **Follow the response format exactly. Any deviation will be considered invalid.**
"""
response = client.chat.completions.create(
model="gpt-4",
messages=[{"role": "system", "content": prompt}]
)
for attempt in range(5):
response = client.chat.completions.create(
model="gpt-4o-mini",
messages=[{"role": "system", "content": prompt}]
)
result = response.choices[0].message.content.strip()
print(f"AI Response (Attempt {attempt+1}):\n{result}")
result = response.choices[0].message.content.strip()
selected_controls = []
selected_controls = []
valid = True
control_ids_seen = set()
for line in result.split("\n"):
line = line.strip()
for line in result.split("\n"):
line = line.strip()
parts = line.split(":")
if len(parts) == 2:
control_id_str = parts[0].replace("ID:", "").replace("id:", "").replace("Id:", "").strip()
weight_str = parts[1].strip().replace("Weight:", "").replace("weight:", "").strip()
control_id_str = ''.join(filter(str.isdigit, control_id_str))
weight_str = ''.join(filter(str.isdigit, weight_str))
if control_id_str and weight_str:
control_id = int(control_id_str)
weight = int(weight_str)
if control_id in valid_control_ids and 1 <= weight <= 10:
if control_id in control_ids_seen:
valid = False
break
selected_controls.append((control_id, weight))
control_ids_seen.add(control_id)
else:
valid = False
break
if valid and len(selected_controls) == 10:
return selected_controls
print("Invalid response or duplicate control IDs found, retrying...\n")
time.sleep(2)
print("Failed to get a valid response after multiple attempts.")
return []
parts = line.split("Weight:")
if len(parts) == 2:
control_id_str = parts[0].replace("ID:", "").replace("id:", "").replace("Id:", "").strip()
weight_str = parts[1].strip().replace("Weight:", "").replace("weight:","").strip()
control_id_str = ''.join(filter(str.isdigit, control_id_str))
weight_str = ''.join(filter(str.isdigit, weight_str))
control_id = int(control_id_str)
weight = int(weight_str)
print(f"ID: {control_id}, Weight: {weight}")
control = Control.objects.filter(id=control_id).first()
if control:
selected_controls.append((control_id, weight))
return selected_controls[:10]

32
backend/core/views.py
View File

@@ -1,13 +1,13 @@
import logging
import yaml
from django.shortcuts import render, redirect , get_object_or_404
from .forms import OrganizationForm
from .models import Organization,Document,Risk, DocumentTemplate
from backend.core.utils import get_top_risk
from django.urls import reverse
from .models import Organization,Document,Risk, DocumentTemplate,DocumentRiskControl
from backend.accounts.utils import send_confirmation_email,send_document_email
from django.contrib.admin.views.decorators import staff_member_required
# @login_required
# def index(request):
# return HttpResponse('<h1>Django</h1><p>Página simples.</p>')
@@ -26,7 +26,6 @@ def signup(request):
if form.is_valid():
form.save()
send_confirmation_email(form.data['email'])
return render(request, 'thankyou.html', {
'email': form.data['email'],
})
@@ -69,3 +68,28 @@ def payment_page(request):
return redirect(document_link)
return render(request, "payment.html", {"email": email})
def docprew(request, document_id):
doc = get_object_or_404(Document, id=document_id)
org = doc.organization
document_risk_controls = DocumentRiskControl.objects.filter(document=doc)
unique_risks = Risk.objects.filter(id__in=document_risk_controls.values('risk_id')).distinct()
risks_with_controls = {}
for risk in unique_risks:
related_controls = DocumentRiskControl.objects.filter(risk=risk)
risk_controls = [control.control.name for control in related_controls]
risks_with_controls[risk] = ", ".join(risk_controls)
return render(request, 'document_detail.html', {
'document': doc,
'organization': org,
'created_at': doc.created_at,
'risks_with_controls': risks_with_controls,
})