Changed name of variable,added help_text for MML

2025-02-18 11:40:26 +01:00
parent 7151cd0c4d
commit dcb94e28ff
2 changed files with 31 additions and 29 deletions
--- a/backend/core/models.py
+++ b/backend/core/models.py
@@ -44,28 +44,28 @@ class CreatedBy(models.Model):
 class Organization(models.Model):
-    name = models.CharField(max_length=255)
+    name = models.CharField(max_length=255, help_text="What is the name of your organization?")
-    email = models.EmailField()
+    email = models.EmailField(help_text="What is your email?")
-    employee_headcount = models.CharField(max_length=20)
+    employee_headcount = models.CharField(max_length=20, help_text="What is your organization's current employee headcount?")
-    annual_revenue = models.CharField(max_length=20)
+    annual_revenue = models.CharField(max_length=20, help_text="What is your organization's annual revenue range?")
-    critical_applications = models.CharField(max_length=20)
+    critical_applications = models.CharField(max_length=20, help_text="How many critical business applications do your employees use daily?")
-    compliance_frameworks = models.JSONField()  # Stores selected compliance frameworks as a list
+    compliance_frameworks = models.JSONField(help_text="Which regulatory frameworks is your organization required to comply with?")  # Stores selected compliance frameworks as a list
-    industry_sector = models.CharField(max_length=255)
+    industry_sector = models.CharField(max_length=255,help_text="What is your primary industry sector?")
-    it_dependency = models.IntegerField()
+    it_dependency = models.IntegerField(help_text="On a scale from 1-10, how dependent is your business operations on technology?")
-    data_sensitivity = models.CharField(max_length=20)
+    data_sensitivity = models.CharField(max_length=20, help_text="What level of sensitive data does your organization process?")
-    network_infrastructure = models.CharField(max_length=20)
+    network_infrastructure = models.CharField(max_length=20, help_text="What best describes your organization's network infrastructure model?")
-    remote_workforce_percentage = models.CharField(max_length=20)
+    remote_workforce_percentage = models.CharField(max_length=20, help_text="What percentage of your workforce operates remotely?")
-    third_party_vendor_access = models.CharField(max_length=20)
+    third_party_vendor_access = models.CharField(max_length=20, help_text="How many third-party vendors have access to your systems?")
-    internal_software_development = models.CharField(max_length=20)
+    internal_software_development = models.CharField(max_length=20, help_text="What is the extent of your internal software development activities?")
-    geographic_scope = models.CharField(max_length=20, null=True, blank=True)
+    geographic_scope = models.CharField(max_length=20, null=True, blank=True, help_text="What is your organization's geographic operational scope?")
-    customer_base = models.CharField(max_length=20, null=True, blank=True)
+    customer_base = models.CharField(max_length=20, null=True, blank=True, help_text="How would you characterize your customer base distribution?")
-    customer_type = models.CharField(max_length=20, null=True, blank=True)
+    customer_type = models.CharField(max_length=20, null=True, blank=True, help_text="What is your primary customer type?")
-    product_portfolio = models.CharField(max_length=20, null=True, blank=True)
+    product_portfolio = models.CharField(max_length=20, null=True, blank=True, help_text="How diversified is your product/service portfolio?")
-    supplier_base = models.CharField(max_length=20, null=True, blank=True)
+    supplier_base = models.CharField(max_length=20, null=True, blank=True, help_text="What is your supplier base structure?")
-    it_infrastructure = models.JSONField(null=True, blank=True)  # Stores selected IT infrastructure types as a list
+    it_infrastructure = models.JSONField(null=True, blank=True, help_text="What is your primary IT infrastructure model?")  # Stores selected IT infrastructure types as a list
-    intellectual_property = models.JSONField(null=True, blank=True)  # Stores selected IP protection types as a list
+    intellectual_property = models.JSONField(null=True, blank=True, help_text="How does your organization protect and manage intellectual property?")  # Stores selected IP protection types as a list
-    sensitive_data = models.JSONField(null=True, blank=True)  # Stores selected sensitive data types as a list
+    sensitive_data = models.JSONField(null=True, blank=True, help_text="What type of sensitive data does your organization handle?")  # Stores selected sensitive data types as a list
-    integration_level = models.CharField(max_length=20, null=True, blank=True)
+    integration_level = models.CharField(max_length=20, null=True, blank=True, help_text="How integrated are your critical business systems?")
    risks = models.ManyToManyField('Risk', related_name='organizations', blank=True)
--- a/backend/core/utils.py
+++ b/backend/core/utils.py
@@ -3,15 +3,17 @@ from django.conf import settings
 from .models import Risk, Control
 import time
-def extract_risk_factors(organization):
+def extract_organization_details(organization):
-    excluded_fields={"name","email"}
+    excluded_fields = {"name", "email"}
    risk_data = {}
    for field in organization._meta.get_fields():
        if field.name not in excluded_fields and hasattr(organization, field.name):
            value = getattr(organization, field.name)
            if value:
-                risk_data[field.name] = value
+                help_text = getattr(field, 'help_text', '').strip()
                key = help_text if help_text else field.name
                risk_data[key] = value
    return risk_data
 def get_top_risk(organization):
@@ -33,14 +35,14 @@ def get_top_risk(organization):
        Business Impact Severity: {risk.businnes_impact_severity}
        """)
-    risk_factors = extract_risk_factors(organization)
+    organization_details = extract_organization_details(organization)
    prompt = f"""
    You are an AI risk assessor. Based on the following company details and list of known risks,
    identify the 10 most critical risks for this company. Respond only with risk IDs.
    Company Details:
-    {risk_factors}
+    {organization_details}
    List of Risks:
    {risk_list}
@@ -63,14 +65,14 @@ def get_controls_for_risk(risk, organization):
    all_controls = Control.objects.all()
    control_list = []
-    risk_factors = extract_risk_factors(organization)
+    organization_details = extract_organization_details(organization)
    valid_control_ids = {control.id for control in all_controls}
    for control in all_controls:
        control_list.append(f"Control ID: {control.id}, Control Name: {control.name}")
    prompt = f"""
-    You are an expert in cybersecurity risk management. Given the risk "{risk.risk_name}" and its associated factors "{risk_factors}",
+    You are an expert in cybersecurity risk management. Given the risk "{risk.risk_name}" and its associated factors "{organization_details}",
    your task is to select **exactly 10 unique controls** from the provided list that best mitigate this risk. Each control should be assigned a weight between **1 and 10** based on its effectiveness in reducing the risk.
    ### Rules:
    1. **Each control ID must be unique** (no duplicates).