adebaumann/vgui-cicd
0
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

merge into: adebaumann:feature/comments
Branches Tags
adebaumann:development adebaumann:simplify adebaumann:feature/dateranges adebaumann:feature/comment-page adebaumann:fix/argocd-ingress_progressing adebaumann:feature/comments adebaumann:feature/nfs-storage adebaumann:improvements/frontend adebaumann:improvements/argocd-service-fix adebaumann:feature/login adebaumann:feature/oblique adebaumann:main adebaumann:feature/gitops adebaumann:feature/add-missing-tests adebaumann:cleanup/remove-diagram-proxy adebaumann:improvement/admin-tweaks adebaumann:improvement/better-design-pre-cdbund adebaumann:complete-refactor adebaumann:feature/json adebaumann:feature/list-of-incomplete-vorgaben adebaumann:improvement/search-in-title adebaumann:improve-dokument-admin adebaumann:helm-charts adebaumann:feature/vorgaben-table adebaumann:feature/textabschnitte-comprehensive-tests adebaumann:feature/dokumente-unit-tests adebaumann:rename_standards adebaumann:consolidate_search adebaumann:django-debug-toolbar
...
pull from: adebaumann:development
Branches Tags
adebaumann:development adebaumann:simplify adebaumann:feature/dateranges adebaumann:feature/comment-page adebaumann:fix/argocd-ingress_progressing adebaumann:feature/comments adebaumann:feature/nfs-storage adebaumann:improvements/frontend adebaumann:improvements/argocd-service-fix adebaumann:feature/login adebaumann:feature/oblique adebaumann:main adebaumann:feature/gitops adebaumann:feature/add-missing-tests adebaumann:cleanup/remove-diagram-proxy adebaumann:improvement/admin-tweaks adebaumann:improvement/better-design-pre-cdbund adebaumann:complete-refactor adebaumann:feature/json adebaumann:feature/list-of-incomplete-vorgaben adebaumann:improvement/search-in-title adebaumann:improve-dokument-admin adebaumann:helm-charts adebaumann:feature/vorgaben-table adebaumann:feature/textabschnitte-comprehensive-tests adebaumann:feature/dokumente-unit-tests adebaumann:rename_standards adebaumann:consolidate_search adebaumann:django-debug-toolbar

43 Commits
feature/co ... developmen

Author SHA1 Message Date
Adrian A. Baumann
29c1ad1dcf Tests for document import added
All checks were successful
SonarQube Scan / SonarQube Trigger (push) Successful in 4m14s
Details
2025-12-09 15:27:49 +01:00
Adrian A. Baumann
4504e8a2a5 Database updated with collaborators
All checks were successful
SonarQube Scan / SonarQube Trigger (push) Successful in 53s
Details
2025-12-08 16:26:25 +01:00
Adrian A. Baumann
502dd85efb Document import management command updated to work with changed structure 2025-12-08 16:26:03 +01:00
Adrian A. Baumann
9e6e2b5a03 Workflow: Changed description (old vs new was obsolete)
All checks were successful
Build containers when image tags change / build-if-image-changed (., web, containers, main container, git.baumann.gr/adebaumann/vui) (push) Successful in 4s
Details
Build containers when image tags change / build-if-image-changed (data-loader, loader, initContainers, init-container, git.baumann.gr/adebaumann/vui-data-loader) (push) Successful in 4s
Details
SonarQube Scan / SonarQube Trigger (push) Successful in 55s
Details
2025-12-08 16:01:07 +01:00
Adrian A. Baumann
c492b7bda6 New Preload-DB-image
All checks were successful
Build containers when image tags change / build-if-image-changed (., web, containers, main container, git.baumann.gr/adebaumann/vui) (push) Successful in 4s
Details
Build containers when image tags change / build-if-image-changed (data-loader, loader, initContainers, init-container, git.baumann.gr/adebaumann/vui-data-loader) (push) Successful in 11s
Details
SonarQube Scan / SonarQube Trigger (push) Successful in 55s
Details
2025-12-08 15:59:13 +01:00
Adrian A. Baumann
0d7e63d3a2 Changed "Historische Version..." to "Zukünftige Version..." when appropriate
All checks were successful
Build containers when image tags change / build-if-image-changed (., web, containers, main container, git.baumann.gr/adebaumann/vui) (push) Successful in 16s
Details
Build containers when image tags change / build-if-image-changed (data-loader, loader, initContainers, init-container, git.baumann.gr/adebaumann/vui-data-loader) (push) Successful in 4s
Details
SonarQube Scan / SonarQube Trigger (push) Successful in 55s
Details
2025-12-08 15:34:14 +01:00
Adrian A. Baumann
0866e604bc Documentation change regarding diagram cache
All checks were successful
SonarQube Scan / SonarQube Trigger (push) Successful in 55s
Details
2025-12-08 15:01:14 +01:00
Adrian A. Baumann
753c00bc45 Validation for 'Thema' on Vorgabe added
All checks were successful
Build containers when image tags change / build-if-image-changed (., web, containers, main container, git.baumann.gr/adebaumann/vui) (push) Successful in 14s
Details
Build containers when image tags change / build-if-image-changed (data-loader, loader, initContainers, init-container, git.baumann.gr/adebaumann/vui-data-loader) (push) Successful in 4s
Details
SonarQube Scan / SonarQube Trigger (push) Successful in 54s
Details
2025-12-08 14:41:02 +01:00
Adrian A. Baumann
74d2f15d6a Package versions lifted for urllib and django due to trivy scan
All checks were successful
Build containers when image tags change / build-if-image-changed (., web, containers, main container, git.baumann.gr/adebaumann/vui) (push) Successful in 39s
Details
Build containers when image tags change / build-if-image-changed (data-loader, loader, initContainers, init-container, git.baumann.gr/adebaumann/vui-data-loader) (push) Successful in 4s
Details
SonarQube Scan / SonarQube Trigger (push) Successful in 59s
Details
2025-12-08 14:23:37 +01:00
Adrian A. Baumann
615908e569 Password miminum length: 12
All checks were successful
Build containers when image tags change / build-if-image-changed (., web, containers, main container, git.baumann.gr/adebaumann/vui) (push) Successful in 20s
Details
Build containers when image tags change / build-if-image-changed (data-loader, loader, initContainers, init-container, git.baumann.gr/adebaumann/vui-data-loader) (push) Successful in 4s
Details
SonarQube Scan / SonarQube Trigger (push) Successful in 56s
Details
2025-12-08 12:34:09 +01:00
Adrian A. Baumann
55d467ee58 Deployment 963
All checks were successful
Build containers when image tags change / build-if-image-changed (., web, containers, main container, git.baumann.gr/adebaumann/vui) (push) Successful in 16s
Details
Build containers when image tags change / build-if-image-changed (data-loader, loader, initContainers, init-container, git.baumann.gr/adebaumann/vui-data-loader) (push) Successful in 4s
Details
SonarQube Scan / SonarQube Trigger (push) Successful in 56s
Details
2025-12-04 14:28:40 +01:00
Adrian A. Baumann
5a1df7345d UI element added
All checks were successful
SonarQube Scan / SonarQube Trigger (push) Successful in 55s
Details
2025-12-04 14:26:35 +01:00
Adrian A. Baumann
e3c5f6a9d7 Last date removed from array - tests adapted 2025-12-04 14:16:18 +01:00
Adrian A. Baumann
a26290fc92 Date array calculation for documents added
All checks were successful
SonarQube Scan / SonarQube Trigger (push) Successful in 57s
Details
2025-12-04 14:08:18 +01:00
Adrian A. Baumann
08d94a9269 Link to Autorenumgebung shortened, version bump
All checks were successful
Build containers when image tags change / build-if-image-changed (., web, containers, main container, git.baumann.gr/adebaumann/vui) (push) Successful in 5s
Details
Build containers when image tags change / build-if-image-changed (data-loader, loader, initContainers, init-container, git.baumann.gr/adebaumann/vui-data-loader) (push) Successful in 4s
Details
SonarQube Scan / SonarQube Trigger (push) Successful in 55s
Details
2025-12-04 13:37:30 +01:00
Adrian A. Baumann
6f8f273344 XSS prevention added (with tests)
All checks were successful
Build containers when image tags change / build-if-image-changed (., web, containers, main container, git.baumann.gr/adebaumann/vui) (push) Successful in 15s
Details
Build containers when image tags change / build-if-image-changed (data-loader, loader, initContainers, init-container, git.baumann.gr/adebaumann/vui-data-loader) (push) Successful in 4s
Details
SonarQube Scan / SonarQube Trigger (push) Successful in 55s
Details
2025-12-04 13:26:12 +01:00
Adrian A. Baumann
f96226170b Add staff-only all comments page and bump versions
All checks were successful
Build containers when image tags change / build-if-image-changed (., web, containers, main container, git.baumann.gr/adebaumann/vui) (push) Successful in 15s
Details
Build containers when image tags change / build-if-image-changed (data-loader, loader, initContainers, init-container, git.baumann.gr/adebaumann/vui-data-loader) (push) Successful in 4s
Details
SonarQube Scan / SonarQube Trigger (push) Successful in 47s
Details 
- Add new "alle-kommentare" (all comments) view for staff users only
  - Allows staff to view and manage all user comments across the system
  - Grouped by document with user information displayed
  - Staff can delete any comment via the dedicated delete button
  - Restricts access via user_passes_test decorator

- Create all_comments.html template
  - Based on user_comments template with added username field
  - Shows comment author, creation time, and edit time
  - Provides delete functionality for comment management

- Update navigation menu
  - Add "Alle Kommentare" link in user dropdown menu
  - Link only visible to staff members

- Add URL route for alle-kommentare page
  - Path: /dokumente/alle-kommentare/
  - URL name: all_comments

- Bump application versions
  - Update footer version from 0.965 to 0.966
  - Update K8s deployment version from 0.917 to 0.918
  - ArgoCD deployment already at 0.966

All existing tests pass (148 tests total)
 2025-12-04 13:17:35 +01:00
Adrian A. Baumann
0783033c70 Titles on comment page; Deployment 965
All checks were successful
Build containers when image tags change / build-if-image-changed (., web, containers, main container, git.baumann.gr/adebaumann/vui) (push) Successful in 16s
Details
Build containers when image tags change / build-if-image-changed (data-loader, loader, initContainers, init-container, git.baumann.gr/adebaumann/vui-data-loader) (push) Successful in 4s
Details
SonarQube Scan / SonarQube Trigger (push) Successful in 47s
Details
2025-12-04 08:41:53 +01:00
Adrian A. Baumann
35fbfdccec Deployment 963
All checks were successful
Build containers when image tags change / build-if-image-changed (., web, containers, main container, git.baumann.gr/adebaumann/vui) (push) Successful in 41s
Details
Build containers when image tags change / build-if-image-changed (data-loader, loader, initContainers, init-container, git.baumann.gr/adebaumann/vui-data-loader) (push) Successful in 4s
Details
SonarQube Scan / SonarQube Trigger (push) Successful in 43s
Details
2025-12-04 01:35:01 +01:00
Adrian A. Baumann
1196d3cdd2 Merge pull request 'feature/comment-page' (#16) from feature/comment-page into development
All checks were successful
SonarQube Scan / SonarQube Trigger (push) Successful in 45s
Details 
Reviewed-on: #16
 2025-12-04 00:29:41 +00:00
Adrian A. Baumann
df67948efc All user comments on one page implemented, including tests
All checks were successful
SonarQube Scan / SonarQube Trigger (push) Successful in 49s
Details
SonarQube Scan / SonarQube Trigger (pull_request) Successful in 45s
Details
2025-12-03 13:26:19 +01:00
Adrian A. Baumann
a78f53f58e All user comments on one page implemented, including tests 2025-12-03 13:23:11 +01:00
Adrian A. Baumann
2c39db104e Simplified container building workflow - now only checks for presence of container tag on repo
Some checks failed
SonarQube Scan / SonarQube Trigger (push) Failing after 15m51s
Details
Build containers when image tags change / build-if-image-changed (., web, containers, main container, git.baumann.gr/adebaumann/vui) (push) Successful in 6s
Details
Build containers when image tags change / build-if-image-changed (data-loader, loader, initContainers, init-container, git.baumann.gr/adebaumann/vui-data-loader) (push) Successful in 4s
Details
2025-12-02 19:08:56 +01:00
Adrian A. Baumann
ad17b394a3 Dockerfile updated, deploy 0.963
Some checks failed
Build containers when image tags change / build-if-image-changed (data-loader, loader, initContainers, init-container, git.baumann.gr/adebaumann/vui-data-loader) (push) Successful in 9s
Details
SonarQube Scan / SonarQube Trigger (push) Has been cancelled
Details
Build containers when image tags change / build-if-image-changed (., web, containers, main container, git.baumann.gr/adebaumann/vui) (push) Successful in 5s
Details
2025-12-02 18:54:39 +01:00
Adrian A. Baumann
745ce4fabc Python and Django update
Some checks failed
Build containers when image tags change / build-if-image-changed (., web, containers, main container, git.baumann.gr/adebaumann/vui) (push) Failing after 53s
Details
Build containers when image tags change / build-if-image-changed (data-loader, loader, initContainers, init-container, git.baumann.gr/adebaumann/vui-data-loader) (push) Successful in 7s
Details
SonarQube Scan / SonarQube Trigger (push) Successful in 2m0s
Details
2025-12-02 16:49:00 +01:00
Adrian A. Baumann
b6fbe750a2 Python and Django update
Some checks failed
Build containers when image tags change / build-if-image-changed (., web, containers, main container, git.baumann.gr/adebaumann/vui) (push) Failing after 1m30s
Details
Build containers when image tags change / build-if-image-changed (data-loader, loader, initContainers, init-container, git.baumann.gr/adebaumann/vui-data-loader) (push) Successful in 7s
Details
SonarQube Scan / SonarQube Trigger (push) Has been cancelled
Details
2025-12-02 16:45:31 +01:00
Adrian A. Baumann
89d3eec5fb Python and Django update
Some checks failed
Build containers when image tags change / build-if-image-changed (., web, containers, main container, git.baumann.gr/adebaumann/vui) (push) Successful in 8s
Details
Build containers when image tags change / build-if-image-changed (data-loader, loader, initContainers, init-container, git.baumann.gr/adebaumann/vui-data-loader) (push) Successful in 8s
Details
SonarQube Scan / SonarQube Trigger (push) Has been cancelled
Details
2025-12-02 16:44:21 +01:00
Adrian A. Baumann
cd4783efc4 Python and Django update
Some checks failed
Build containers when image tags change / build-if-image-changed (., web, containers, main container, git.baumann.gr/adebaumann/vui) (push) Failing after 54s
Details
Build containers when image tags change / build-if-image-changed (data-loader, loader, initContainers, init-container, git.baumann.gr/adebaumann/vui-data-loader) (push) Successful in 7s
Details
SonarQube Scan / SonarQube Trigger (push) Has been cancelled
Details
2025-12-02 16:42:31 +01:00
Adrian A. Baumann
9efef2c5e2 Fixed an age-old unmatched bracket...
All checks were successful
SonarQube Scan / SonarQube Trigger (push) Successful in 2m15s
Details
2025-12-02 13:13:25 +01:00
Adrian A. Baumann
09010a117e Tests adjusted to reflect changes in comments (Full name instead of user name)
Some checks failed
SonarQube Scan / SonarQube Trigger (push) Failing after 1m9s
Details
2025-12-02 13:11:07 +01:00
Adrian A. Baumann
8ea0937ea4 Coverage added
Some checks failed
SonarQube Scan / SonarQube Trigger (push) Failing after 2m13s
Details
2025-12-02 13:02:27 +01:00
Adrian A. Baumann
5330493c85 Dockerfile changed to check SonarQube
All checks were successful
Build containers when image tags change / build-if-image-changed (., web, containers, main container, git.baumann.gr/adebaumann/vui) (push) Successful in 9s
Details
Build containers when image tags change / build-if-image-changed (data-loader, loader, initContainers, init-container, git.baumann.gr/adebaumann/vui-data-loader) (push) Successful in 8s
Details
SonarQube Scan / SonarQube Trigger (push) Successful in 57s
Details
2025-12-02 11:41:37 +01:00
Adrian A. Baumann
9e6e9e9830 Typo in secrets
All checks were successful
SonarQube Scan / SonarQube Trigger (push) Successful in 1m0s
Details
2025-12-02 11:35:15 +01:00
Adrian A. Baumann
f311050412 Typo in secrets
Some checks failed
SonarQube Scan / SonarQube Trigger (push) Failing after 11s
Details
2025-12-02 11:33:51 +01:00
Adrian A. Baumann
492b3c5a20 Java mismatch in workflow
Some checks failed
SonarQube Scan / SonarQube Trigger (push) Failing after 1m13s
Details
2025-12-02 11:22:43 +01:00
Adrian A. Baumann
a81b6eb9d5 Java mismatch in workflow
Some checks failed
SonarQube Scan / SonarQube Trigger (push) Failing after 1m17s
Details
2025-12-02 11:17:52 +01:00
Adrian A. Baumann
f6be6d6a02 SonarQube integration - fit the first
Some checks failed
SonarQube Scan / SonarQube Trigger (push) Failing after 28s
Details
2025-12-02 11:10:59 +01:00
Adrian A. Baumann
c8d3ef4631 Deployment 961
All checks were successful
Build containers when image tags change / build-if-image-changed (., web, containers, main container, git.baumann.gr/adebaumann/vui) (push) Successful in 28s
Details
Build containers when image tags change / build-if-image-changed (data-loader, loader, initContainers, init-container, git.baumann.gr/adebaumann/vui-data-loader) (push) Successful in 8s
Details
2025-12-01 14:40:28 +01:00
Adrian A. Baumann
46912cff8c Merge feature/comments into development
All checks were successful
Build containers when image tags change / build-if-image-changed (., web, containers, main container, git.baumann.gr/adebaumann/vui) (push) Successful in 8s
Details
Build containers when image tags change / build-if-image-changed (data-loader, loader, initContainers, init-container, git.baumann.gr/adebaumann/vui-data-loader) (push) Successful in 8s
Details
2025-12-01 14:35:41 +01:00
Adrian A. Baumann
1af50c45ff Testing new workflow
All checks were successful
Build containers when image tags change / build-if-image-changed (., web, containers, main container, git.baumann.gr/adebaumann/vui) (push) Successful in 13s
Details
Build containers when image tags change / build-if-image-changed (data-loader, loader, initContainers, init-container, git.baumann.gr/adebaumann/vui-data-loader) (push) Successful in 8s
Details
2025-12-01 14:29:10 +01:00
Adrian A. Baumann
40551094e6 New Workflow to check if image is present on gitea server
All checks were successful
Build containers when image tags change / build-if-image-changed (., web, containers, main container, git.baumann.gr/adebaumann/vui) (push) Successful in 10s
Details
Build containers when image tags change / build-if-image-changed (data-loader, loader, initContainers, init-container, git.baumann.gr/adebaumann/vui-data-loader) (push) Successful in 9s
Details
2025-12-01 14:28:02 +01:00
Adrian A. Baumann
4297c2d8bf Documentation of all models added 2025-12-01 14:15:42 +01:00
Adrian A. Baumann
07ba717de9 Display name changed from username to full name 2025-11-28 14:41:24 +01:00
23 changed files with 2758 additions and 55 deletions
Expand all files Collapse all files

54
.gitea/workflows/build-containers-on-demand.yml
View File

@@ -60,7 +60,7 @@ jobs:
chmod +x /usr/local/bin/yq
yq --version
- name: Read ${{ matrix.description }} image from deployment (old vs new)
- name: Read ${{ matrix.description }} image from deployment
id: img
shell: bash
run: |
@@ -211,32 +211,60 @@ jobs:
echo "ERROR: Found $ctype \"$cname\" image repo is \"$new_repo\" but expected \"$expected_repo\""
exit 1
fi
if [ -n "${old_image:-}" ]; then
old_tag="${old_image##*:}"
else
old_tag=""
fi
registry="$(echo "$new_repo" | awk -F/ '{print $1}')"
{
echo "changed=$([ "$old_tag" != "$new_tag" ] && echo true || echo false)"
echo "new_image=$new_image"
echo "new_repo=$new_repo"
echo "new_tag=$new_tag"
echo "registry=$registry"
} >> "$GITHUB_OUTPUT"
- name: Skip if tag unchanged
if: steps.img.outputs.changed != 'true'
run: echo "${{ matrix.description }} image tag unchanged; skipping build."
- name: Check if image exists on registry
id: check_image
shell: bash
run: |
set -euo pipefail
new_repo="${{ steps.img.outputs.new_repo }}"
new_tag="${{ steps.img.outputs.new_tag }}"
registry_user="${{ secrets.REGISTRY_USER }}"
registry_password="${{ secrets.REGISTRY_PASSWORD }}"
# Extract registry host and image name
registry_host=$(echo "$new_repo" | cut -d/ -f1)
image_path=$(echo "$new_repo" | cut -d/ -f2-)
echo "Checking if $new_repo:$new_tag exists on registry $registry_host"
# Use Docker Registry API v2 to check manifest
# Format: https://registry/v2/{image_path}/manifests/{tag}
manifest_url="https://${registry_host}/v2/${image_path}/manifests/${new_tag}"
# Check with authentication
http_code=$(curl -s -o /dev/null -w "%{http_code}" \
-u "${registry_user}:${registry_password}" \
-H "Accept: application/vnd.docker.distribution.manifest.v2+json,application/vnd.docker.distribution.manifest.list.v2+json" \
"$manifest_url" || echo "000")
if [ "$http_code" = "200" ]; then
echo "Image already exists on registry (HTTP $http_code)"
echo "exists=true" >> "$GITHUB_OUTPUT"
else
echo "Image does not exist on registry (HTTP $http_code)"
echo "exists=false" >> "$GITHUB_OUTPUT"
fi
- name: Skip if image already exists
if: steps.check_image.outputs.exists == 'true'
run: echo "${{ matrix.description }} image ${{ steps.img.outputs.new_image }} already exists on registry; skipping build."
- name: Set up Buildx
if: steps.img.outputs.changed == 'true'
if: steps.check_image.outputs.exists == 'false'
uses: docker/setup-buildx-action@v3
- name: Log in to registry
if: steps.img.outputs.changed == 'true'
if: steps.check_image.outputs.exists == 'false'
uses: docker/login-action@v3
with:
registry: ${{ steps.img.outputs.registry }}
@@ -244,7 +272,7 @@ jobs:
password: ${{ secrets.REGISTRY_PASSWORD }}
- name: Build and push ${{ matrix.description }} (exact tag from deployment)
if: steps.img.outputs.changed == 'true'
if: steps.check_image.outputs.exists == 'false'
uses: docker/build-push-action@v6
with:
context: ${{ matrix.build_context }}

67
.gitea/workflows/check_code_in_sonarqube.yaml Normal file
View File

@@ -0,0 +1,67 @@
on:
push:
# branches:
# - main
# - development
pull_request:
types: [opened, synchronize, reopened]
name: SonarQube Scan
jobs:
sonarqube:
name: SonarQube Trigger
runs-on: ubuntu-latest
steps:
- name: Checking out
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Set up Python
uses: actions/setup-python@v4
with:
python-version: '3.11'
- name: Install dependencies
run: |
pip install -r requirements.txt
- name: Run tests with coverage
run: |
coverage run --source='.' manage.py test
coverage xml
- name: Set up JDK 17
uses: actions/setup-java@v3
with:
java-version: '17'
distribution: 'temurin'
- name: Cache SonarQube packages
uses: actions/cache@v3
with:
path: ~/.sonar/cache
key: ${{ runner.os }}-sonar
restore-keys: ${{ runner.os }}-sonar
- name: Download and setup SonarScanner
run: |
mkdir -p $HOME/.sonar
wget -q https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-5.0.1.3006-linux.zip
unzip -q sonar-scanner-cli-5.0.1.3006-linux.zip -d $HOME/.sonar/
echo "$HOME/.sonar/sonar-scanner-5.0.1.3006-linux/bin" >> $GITHUB_PATH
- name: Verify Java version
run: java -version
- name: SonarQube Scan
env:
SONAR_HOST_URL: ${{ secrets.SONARQUBE_HOST }}
SONAR_TOKEN: ${{ secrets.SONARQUBE_TOKEN }}
run: |
sonar-scanner \
-Dsonar.projectKey=${{ github.event.repository.name }} \
-Dsonar.sources=. \
-Dsonar.host.url=${SONAR_HOST_URL} \
-Dsonar.token=${SONAR_TOKEN} \
-Dsonar.python.coverage.reportPaths=coverage.xml

15
Dockerfile
View File

@@ -1,4 +1,4 @@
FROM python:3.13-slim AS baustelle
FROM python:3.14 AS baustelle
RUN mkdir /app
WORKDIR /app
ENV PYTHONDONTWRITEBYTECODE=1
@@ -7,22 +7,21 @@ RUN pip install --upgrade pip
COPY requirements.txt /app/
RUN pip install --no-cache-dir -r requirements.txt
FROM python:3.13-slim
FROM python:3.14-slim
RUN useradd -m -r appuser && \
mkdir /app && \
chown -R appuser /app
COPY --from=baustelle /usr/local/lib/python3.13/site-packages/ /usr/local/lib/python3.13/site-packages/
COPY --from=baustelle /usr/local/lib/python3.14/site-packages/ /usr/local/lib/python3.14/site-packages/
COPY --from=baustelle /usr/local/bin/ /usr/local/bin/
RUN rm /usr/bin/tar
RUN rm /usr/lib/x86_64-linux-gnu/libncur*
RUN rm /usr/bin/tar /usr/lib/x86_64-linux-gnu/libncur*
WORKDIR /app
COPY --chown=appuser:appuser . .
ENV PYTHONDONTWRITEBYTECODE=1
ENV PYTHONUNBUFFERED=1
USER appuser
EXPOSE 8000
RUN rm -rf /app/Dockerfile* \
RUN rm -rvf /app/Dockerfile* \
/app/README.md \
/app/argocd \
/app/k8s \
@@ -31,7 +30,7 @@ RUN rm -rf /app/Dockerfile* \
/app/requirements.txt \
/app/node_modules \
/app/*.json \
/app/test_*.py
RUN python3 manage.py collectstatic
/app/test_*.py && \
python3 /app/manage.py collectstatic --noinput
CMD ["gunicorn","--bind","0.0.0.0:8000","--workers","3","VorgabenUI.wsgi:application"]

2
Documentation/diagramm.md
View File

@@ -540,5 +540,5 @@ digraph {
Bei Fragen oder Problemen mit Diagrammen:
1. Code auf https://kroki.io/ testen
2. Syntax-Dokumentation des jeweiligen Diagrammtyps konsultieren
3. Diagramm-Cache leeren: `python manage.py clear_diagram_cache`
3. (Nur mit Shell-Zugriff auf Kubernetes-Pod möglich): Diagramm-Cache leeren: `python manage.py clear_diagram_cache`
4. Bei technischen Problemen: Information Security Management BIT kontaktieren

544
Documentation/modelle.md Normal file
View File

@@ -0,0 +1,544 @@
# Alle Modelle der vgui-cicd Django-Anwendung
Dieses Dokument beschreibt alle Datenmodelle in der vgui-cicd Anwendung mit ihren Eigenschaften, Beziehungen und Verwendungszwecken.
---
## App: dokumente
Die Hauptmodelle für die Verwaltung von Dokumenten, Vorgaben und deren Metadaten.
### Dokumententyp
**Zweck**: Kategorisierung von Dokumenten (z. B. Richtlinie, Standard).
**Wichtige Felder**:
- `name` (CharField, max_length=100, **PRIMARY KEY**)
- `verantwortliche_ve` (CharField, max_length=255): Die verantwortliche Verwaltungseinheit
**Besonderheiten**:
- `__str__()` gibt den Namen zurück
- Dient als Klassifizierungskategorie für Dokumente
**Meta**:
- `verbose_name = "Dokumententyp"`
- `verbose_name_plural = "Dokumententypen"`
---
### Person
**Zweck**: Repräsentiert Personen, die als Autoren, Prüfer oder in anderen Rollen tätig sind.
**Wichtige Felder**:
- `name` (CharField, max_length=100, **PRIMARY KEY**)
- `funktion` (CharField, max_length=255): Funktionsbezeichnung der Person
**Beziehungen**:
- Many-to-Many mit `Dokument` über `verfasste_dokumente` (Autoren)
- Many-to-Many mit `Dokument` über `gepruefte_dokumente` (Prüfer)
**Besonderheiten**:
- `__str__()` gibt den Namen zurück
- `ordering = ['name']`: Alphabetische Sortierung
**Meta**:
- `verbose_name_plural = "Personen"`
---
### Thema
**Zweck**: Thematische Einordnung und Kategorisierung von Vorgaben innerhalb von Dokumenten.
**Wichtige Felder**:
- `name` (CharField, max_length=100, **PRIMARY KEY**)
- `erklaerung` (TextField, blank=True): Optionale Erklärung des Themas
**Besonderheiten**:
- `__str__()` gibt den Namen zurück
- Der erste Buchstabe des Themas wird in Vorgabennummern verwendet
**Meta**:
- `verbose_name_plural = "Themen"`
---
### Dokument
**Zweck**: Hauptmodell für ein einzelnes Dokument mit allen zugehörigen Metadaten und Inhalten.
**Wichtige Felder**:
- `nummer` (CharField, max_length=50, **PRIMARY KEY**): Eindeutige Dokumentennummer
- `dokumententyp` (ForeignKey → Dokumententyp, on_delete=PROTECT): Klassifizierung
- `name` (CharField, max_length=255): Dokumenttitel
- `autoren` (ManyToManyField → Person, related_name='verfasste_dokumente')
- `pruefende` (ManyToManyField → Person, related_name='gepruefte_dokumente')
- `gueltigkeit_von` (DateField, null=True, blank=True): Gültig ab Datum
- `gueltigkeit_bis` (DateField, null=True, blank=True): Gültig bis Datum
- `signatur_cso` (CharField, max_length=255, blank=True): CSO-Signatur
- `anhaenge` (TextField, blank=True): Beschreibung von Anhängen
- `aktiv` (BooleanField, blank=True): Aktivierungsstatus
**Beziehungen**:
- 1-to-Many mit `Vorgabe` (über related_name='vorgaben')
- 1-to-Many mit `Geltungsbereich`
- 1-to-Many mit `Einleitung`
- 1-to-Many mit `Changelog`
**Besonderheiten**:
- `__str__()` formatiert als "nummer name"
**Meta**:
- `verbose_name = "Dokument"`
- `verbose_name_plural = "Dokumente"`
---
### Vorgabe
**Zweck**: Repräsentiert eine einzelne Vorgabe oder Anforderung innerhalb eines Dokuments.
**Wichtige Felder**:
- `order` (IntegerField): Sortierreihenfolge für die Darstellung
- `nummer` (IntegerField): Nummer innerhalb eines Themas/Dokuments. Muss nicht eindeutig sein (z.B. für geänderte Vorgaben)
- `dokument` (ForeignKey → Dokument, on_delete=CASCADE, related_name='vorgaben')
- `thema` (ForeignKey → Thema, on_delete=PROTECT): Thematische Einordnung
- `titel` (CharField, max_length=255): Titel der Vorgabe
- `referenzen` (ManyToManyField → Referenz, blank=True): Verweise auf externe Referenzen
- `gueltigkeit_von` (DateField): Gültig ab Datum
- `gueltigkeit_bis` (DateField, blank=True, null=True): Gültig bis Datum (offen = unbegrenzt)
- `stichworte` (ManyToManyField → Stichwort, blank=True): Tags zur Kategorisierung
- `relevanz` (ManyToManyField → Rolle, blank=True): Relevante Rollen
**Beziehungen**:
- Foreign Key zu `Dokument` und `Thema`
- Many-to-Many zu `Referenz`, `Stichwort`, `Rolle`
- 1-to-Many zu `VorgabeLangtext`, `VorgabeKurztext`
- 1-to-Many zu `Checklistenfrage`
**Wichtige Methoden**:
- `Vorgabennummer()` → str
- Generiert eine eindeutige, lesbare Kennummer
- Format: "{dokument.nummer}.{thema.name[0]}.{nummer}"
- Beispiel: "R0066.A.1"
- `get_status(check_date=None, verbose=False)` → str
- Bestimmt den Status einer Vorgabe zu einem gegebenen Datum
- Parameter: `check_date` (Default: heute), `verbose` (Deutsche Beschreibung ja/nein)
- Rückgabewerte:
- "future": Vorgabe ist noch nicht gültig
- "active": Vorgabe ist aktuell gültig
- "expired": Vorgabe ist nicht mehr gültig
- Verbose-Ausgaben enthalten Datumsangaben
- `sanity_check_vorgaben()` (statisch) → list
- Findet zeitliche Konflikte zwischen Vorgaben mit gleicher Nummer/Thema/Dokument
- Überprüft, ob sich Geltungszeiträume überschneiden
- Gibt Liste mit Konflikt-Dictionaries zurück
- `clean()`
- Validiert die Vorgabe vor dem Speichern
- Ruft `find_conflicts()` auf
- Wirft `ValidationError` bei erkannten Konflikten
- `find_conflicts()` → list
- Findet Konflikte mit bestehenden Vorgaben (ausgenommen self)
- Überprüft auf zeitliche Überschneidungen
- Gibt Liste mit Konflikt-Details zurück
- `_date_ranges_intersect(start1, end1, start2, end2)` (statisch) → bool
- Prüft, ob zwei Datumsbereiche sich überschneiden
- `None` als Enddatum = unbegrenzter Bereich
- Gibt `True` bei Überschneidung zurück
**Besonderheiten**:
- `__str__()` gibt "Vorgabennummer: titel" zurück
- Validierung von Gültigkeitszeiträumen ist implementiert
- Sehr wichtiges Modell im Geschäftslogik-Kontext
**Meta**:
- `ordering = ['order']`
- `verbose_name_plural = "Vorgaben"`
---
### VorgabeLangtext
**Zweck**: Speichert ausführliche Textinhalte (Langtext) einer Vorgabe.
**Wichtige Felder**:
- `abschnitt` (ForeignKey → Vorgabe, on_delete=CASCADE): Referenz zur Vorgabe
- Erbt von `Textabschnitt` (siehe App: abschnitte):
- `abschnitttyp` (ForeignKey → AbschnittTyp, optional)
- `inhalt` (TextField, blank=True, null=True)
- `order` (PositiveIntegerField, default=0)
**Meta**:
- `verbose_name = "Langtext-Abschnitt"`
- `verbose_name_plural = "Langtext"`
---
### VorgabeKurztext
**Zweck**: Speichert kurze Textinhalte (Kurztext) einer Vorgabe.
**Wichtige Felder**:
- `abschnitt` (ForeignKey → Vorgabe, on_delete=CASCADE): Referenz zur Vorgabe
- Erbt von `Textabschnitt` (siehe App: abschnitte):
- `abschnitttyp` (ForeignKey → AbschnittTyp, optional)
- `inhalt` (TextField, blank=True, null=True)
- `order` (PositiveIntegerField, default=0)
**Meta**:
- `verbose_name = "Kurztext-Abschnitt"`
- `verbose_name_plural = "Kurztext"`
---
### Geltungsbereich
**Zweck**: Speichert den Geltungsbereich-Abschnitt eines Dokuments.
**Wichtige Felder**:
- `geltungsbereich` (ForeignKey → Dokument, on_delete=CASCADE): Referenz zum Dokument
- Erbt von `Textabschnitt` (siehe App: abschnitte):
- `abschnitttyp` (ForeignKey → AbschnittTyp, optional)
- `inhalt` (TextField, blank=True, null=True)
- `order` (PositiveIntegerField, default=0)
**Meta**:
- `verbose_name = "Geltungsbereichs-Abschnitt"`
- `verbose_name_plural = "Geltungsbereich"`
---
### Einleitung
**Zweck**: Speichert die Einleitungs-Abschnitte eines Dokuments.
**Wichtige Felder**:
- `einleitung` (ForeignKey → Dokument, on_delete=CASCADE): Referenz zum Dokument
- Erbt von `Textabschnitt` (siehe App: abschnitte):
- `abschnitttyp` (ForeignKey → AbschnittTyp, optional)
- `inhalt` (TextField, blank=True, null=True)
- `order` (PositiveIntegerField, default=0)
**Meta**:
- `verbose_name = "Einleitungs-Abschnitt"`
- `verbose_name_plural = "Einleitung"`
---
### Checklistenfrage
**Zweck**: Repräsentiert eine Frage für die Checkliste zu einer Vorgabe.
**Wichtige Felder**:
- `vorgabe` (ForeignKey → Vorgabe, on_delete=CASCADE, related_name='checklistenfragen')
- `frage` (CharField, max_length=255): Text der Checklistenfrage
**Besonderheiten**:
- `__str__()` gibt den Fragetext zurück
**Meta**:
- `verbose_name = "Frage für Checkliste"`
- `verbose_name_plural = "Fragen für Checkliste"`
---
### VorgabenTable
**Zweck**: Proxy-Modell für `Vorgabe` für die Darstellung von Vorgaben in Tabellenform.
**Besonderheiten**:
- Proxy-Modell (kein eigenes Datenbankschema)
- Ermöglicht alternative Django-Admin-Ansicht
- Erbt alle Felder und Methoden von `Vorgabe`
**Meta**:
- `proxy = True`
- `verbose_name = "Vorgabe (Tabellenansicht)"`
- `verbose_name_plural = "Vorgaben (Tabellenansicht)"`
---
### Changelog
**Zweck**: Dokumentiert Änderungen und Versionshistorie für Dokumente.
**Wichtige Felder**:
- `dokument` (ForeignKey → Dokument, on_delete=CASCADE, related_name='changelog'): Referenz zum Dokument
- `autoren` (ManyToManyField → Person): Personen, die die Änderung vorgenommen haben
- `datum` (DateField): Datum der Änderung
- `aenderung` (TextField): Beschreibung der Änderung
**Beziehungen**:
- Foreign Key zu `Dokument`
- Many-to-Many zu `Person`
**Besonderheiten**:
- `__str__()` formatiert als "datum dokumentnummer"
**Meta**:
- `verbose_name = "Changelog-Eintrag"`
- `verbose_name_plural = "Changelog"`
---
## App: abschnitte
Modelle für die Verwaltung von Textabschnitten, die von mehreren Modellen geerbt werden.
### AbschnittTyp
**Zweck**: Klassifizierung von Textabschnitten (z. B. "Beschreibung", "Erklärung", "Anleitung").
**Wichtige Felder**:
- `abschnitttyp` (CharField, max_length=100, **PRIMARY KEY**): Name des Abschnitttyps
**Besonderheiten**:
- `__str__()` gibt den Namen zurück
**Meta**:
- `verbose_name_plural = "Abschnitttypen"`
---
### Textabschnitt (abstrakt)
**Zweck**: Abstrakte Basisklasse für Textinhalte, die mit anderen Modellen verknüpft sind.
**Wichtige Felder**:
- `abschnitttyp` (ForeignKey → AbschnittTyp, on_delete=PROTECT, optional)
- `inhalt` (TextField, blank=True, null=True): Der Textinhalt
- `order` (PositiveIntegerField, default=0): Sortierreihenfolge
**Besonderheiten**:
- Abstrakte Klasse (wird nicht direkt in der Datenbank gespeichert)
- Wird von anderen Modellen geerbt: `VorgabeLangtext`, `VorgabeKurztext`, `Geltungsbereich`, `Einleitung`, `Referenzerklaerung`, `Stichworterklaerung`, `RollenBeschreibung`
**Meta**:
- `abstract = True`
- `verbose_name = "Abschnitt"`
- `verbose_name_plural = "Abschnitte"`
---
## App: referenzen
Modelle für die Verwaltung von Referenzen und Verweisen auf externe Standards.
### Referenz (MPTT-Tree)
**Zweck**: Hierarchische Verwaltung von Referenzen und externen Normen (z. B. ISO-Standards, Gesetze, übergeordnete Vorgaben).
**Wichtige Felder**:
- `id` (AutoField, **PRIMARY KEY**)
- `name_nummer` (CharField, max_length=100): Nummer/Kennung der Referenz (z. B. "ISO 27001")
- `name_text` (CharField, max_length=255, blank=True): Ausführlicher Name/Beschreibung
- `oberreferenz` (TreeForeignKey zu self, optional): Parent-Referenz für Hierarchien
- `url` (URLField, blank=True): Link zur Referenz
**Beziehungen**:
- Many-to-Many mit `Vorgabe`
- MPTT Tree-Struktur für hierarchische Referenzen
**Wichtige Methoden**:
- `Path()` → str
- Gibt die vollständige Pfad-Hierarchie als String zurück
- Format: "Referenz → Subreferenz → Unterreferenz (Beschreibung)"
- Beispiel: "ISO → 27000 → 27001 (Information Security Management)"
**Besonderheiten**:
- Verwendet MPPT (Modified Preorder Tree Traversal) für Baumoperationen
- `get_ancestors(include_self=True)`: Gibt alle Vorfahren zurück
- `unterreferenzen`: Related_name für Kindreferenzen
- Sortierung: Nach `name_nummer`
**Meta**:
- `verbose_name_plural = "Referenzen"`
- **MPTTMeta**:
- `parent_attr = 'oberreferenz'`
- `order_insertion_by = ['name_nummer']`
---
### Referenzerklaerung
**Zweck**: Speichert Erklärungen und zusätzliche Informationen zu einer Referenz.
**Wichtige Felder**:
- `erklaerung` (ForeignKey → Referenz, on_delete=CASCADE): Referenz zur Referenz
- Erbt von `Textabschnitt`:
- `abschnitttyp` (ForeignKey → AbschnittTyp, optional)
- `inhalt` (TextField, blank=True, null=True)
- `order` (PositiveIntegerField, default=0)
**Meta**:
- `verbose_name = "Erklärung"`
- `verbose_name_plural = "Erklärungen"`
---
## App: stichworte
Modelle für die Verwaltung von Stichworte und Tags.
### Stichwort
**Zweck**: Einfache Tag/Keyword-Modell zur Kategorisierung von Vorgaben.
**Wichtige Felder**:
- `stichwort` (CharField, max_length=50, **PRIMARY KEY**): Das Stichwort
**Beziehungen**:
- Many-to-Many mit `Vorgabe`
**Besonderheiten**:
- `__str__()` gibt das Stichwort zurück
**Meta**:
- `verbose_name_plural = "Stichworte"`
---
### Stichworterklaerung
**Zweck**: Speichert Erklärungen zu Stichworten.
**Wichtige Felder**:
- `erklaerung` (ForeignKey → Stichwort, on_delete=CASCADE): Referenz zum Stichwort
- Erbt von `Textabschnitt`:
- `abschnitttyp` (ForeignKey → AbschnittTyp, optional)
- `inhalt` (TextField, blank=True, null=True)
- `order` (PositiveIntegerField, default=0)
**Meta**:
- `verbose_name = "Erklärung"`
- `verbose_name_plural = "Erklärungen"`
---
## App: rollen
Modelle für die Verwaltung von Rollen und deren Beschreibungen.
### Rolle
**Zweck**: Definiert Rollen/Positionen im Unternehmen (z. B. "Geschäftsleiter", "IT-Sicherheit", "Datenschutzbeauftragter").
**Wichtige Felder**:
- `name` (CharField, max_length=100, **PRIMARY KEY**): Name der Rolle
**Beziehungen**:
- Many-to-Many mit `Vorgabe` (über `relevanz`)
**Besonderheiten**:
- `__str__()` gibt den Namen zurück
- Wird verwendet, um Rollen zu markieren, die von einer Vorgabe betroffen sind
**Meta**:
- `verbose_name_plural = "Rollen"`
---
### RollenBeschreibung
**Zweck**: Speichert detaillierte Beschreibungen und Informationen zu einer Rolle.
**Wichtige Felder**:
- `abschnitt` (ForeignKey → Rolle, on_delete=CASCADE): Referenz zur Rolle
- Erbt von `Textabschnitt`:
- `abschnitttyp` (ForeignKey → AbschnittTyp, optional)
- `inhalt` (TextField, blank=True, null=True)
- `order` (PositiveIntegerField, default=0)
**Meta**:
- `verbose_name = "Rollenbeschreibungs-Abschnitt"`
- `verbose_name_plural = "Rollenbeschreibung"`
---
## Allgemeine Hinweise zur Modellverwaltung
### Primärschlüssel-Strategie
- Viele Modelle verwenden CharField-basierte Primärschlüssel (`name`, `nummer`, `stichwort`)
- Dies ermöglicht direkte Verwendung von Strings als Identifikatoren
- Vorteil: Lesbarkeit; Nachteil: Umbenennungen sind kritisch
### On-Delete-Strategien
- **PROTECT**: Verwendet für wichtige Beziehungen (z. B. Dokumententyp, Thema, AbschnittTyp)
- Verhindert versehentliches Löschen von Daten, auf die verwiesen wird
- **CASCADE**: Verwendet für Unterkomponenten (z. B. Vorgabe → Dokument)
- Löscht abhängige Datensätze automatisch
- **SET_NULL**: Nur bei optionalen Referenzen (z. B. Oberreferenz in Referenz-Tree)
### Validierungsmechanismen
- **Vorgabe.clean()**: Validiert Gültigkeitszeiträume
- **Vorgabe.find_conflicts()**: Prüft zeitliche Überschneidungen
- Wird von Django-Admin automatisch aufgerufen vor dem Speichern
### MPTT (Modified Preorder Tree Traversal)
- Verwendet in `Referenz` für hierarchische Strukturen
- Ermöglicht effiziente Abfragen von Vorfahren und Nachkommen
- Zusätzliche Datenbank-Felder für Tree-Management (automatisch verwaltet)
### Textabschnitt-Vererbung
- Mehrere Modelle erben von `Textabschnitt`
- Wird verwendet für Lang-/Kurztexte, Erklärungen, Beschreibungen
- `order`-Feld ermöglicht Sortierung mehrerer Abschnitte
### Datumsverwaltung
- `gueltigkeit_von`: Immer erforderlich für Vorgaben
- `gueltigkeit_bis`: Optional; `None` bedeutet unbegrenzte Gültigkeit
- `_date_ranges_intersect()` prüft korrekt auf Überschneidungen mit None-Werten
### Many-to-Many-Beziehungen
- Vielfach verwendet für flexible Zuordnungen (Autoren, Stichworte, Rollen, Referenzen)
- `related_name`-Attribute ermöglichen rückwärts Zugriff
- Beispiel: `dokument.vorgaben.all()`, `person.verfasste_dokumente.all()`
---
## Zusammenfassung der Beziehungen
```
Dokumententyp ← Dokument
Person ← Dokument (Autoren/Prüfer)
Dokument → Vorgabe (1-to-Many)
Dokument → Geltungsbereich (1-to-Many)
Dokument → Einleitung (1-to-Many)
Dokument → Changelog (1-to-Many)
Thema ← Vorgabe
Vorgabe → VorgabeLangtext (1-to-Many)
Vorgabe → VorgabeKurztext (1-to-Many)
Vorgabe → Checklistenfrage (1-to-Many)
Vorgabe ← Referenz (Many-to-Many)
Vorgabe ← Stichwort (Many-to-Many)
Vorgabe ← Rolle (Many-to-Many)
Referenz → Referenz (Hierarchie via MPPT)
Referenz → Referenzerklaerung (1-to-Many)
Stichwort → Stichworterklaerung (1-to-Many)
Rolle → RollenBeschreibung (1-to-Many)
AbschnittTyp ← Textabschnitt (von verschiedenen Modellen geerbt)
```
---
## Entwicklungsrichtlinien
- Alle Modelle sollten aussagekräftige `__str__()`-Methoden haben
- `verbose_name` und `verbose_name_plural` sollten auf Deutsch sein (für Django-Admin)
- Validierungslogik (z. B. `clean()`) sollte implementiert werden für komplexe Business-Logic
- Related-Names sollten aussagekräftig und konsistent sein
- Textinhalte sollten die `Textabschnitt`-Basisklasse erben
- Datumsverwaltung: Immer auf None-Werte bei `gueltigkeit_bis` achten, wenn Vorgaben noch aktiv sind.

2
VorgabenUI/settings-docker.py
View File

@@ -24,7 +24,7 @@ BASE_DIR = Path(__file__).resolve().parent.parent
SECRET_KEY = os.environ.get("SECRET_KEY")
# SECURITY WARNING: don't run with debug turned on in production!
DEBUG = bool(os.environ.get("DEBUG", default=0)
DEBUG = bool(os.environ.get("DEBUG", default=0))
ALLOWED_HOSTS = os.environ.get("DJANGO_ALLOWED_HOSTS","127.0.0.1").split(",")

20
VorgabenUI/settings.py
View File

@@ -127,7 +127,7 @@ USE_TZ = True
STATIC_URL = '/static/'
#STATIC_ROOT="/home/adebaumann/VorgabenUI/staticfiles/"
STATIC_ROOT="/app/staticfiles/"
STATIC_ROOT="staticfiles/"
STATICFILES_DIRS= (
os.path.join(BASE_DIR,"static"),
)
@@ -151,6 +151,24 @@ LOGIN_URL = 'login'
LOGIN_REDIRECT_URL = '/'
LOGOUT_REDIRECT_URL = 'login'
AUTH_PASSWORD_VALIDATORS = [
{
"NAME": "django.contrib.auth.password_validation.UserAttributeSimilarityValidator",
},
{
"NAME": "django.contrib.auth.password_validation.MinimumLengthValidator",
"OPTIONS": {
"min_length": 12,
},
},
{
"NAME": "django.contrib.auth.password_validation.CommonPasswordValidator",
},
{
"NAME": "django.contrib.auth.password_validation.NumericPasswordValidator",
},
]
#LOGGING = {
# "version": 1,
# "handlers" :{

4
argocd/deployment.yaml
View File

@@ -18,14 +18,14 @@ spec:
fsGroupChangePolicy: "OnRootMismatch"
initContainers:
- name: loader
image: git.baumann.gr/adebaumann/vui-data-loader:0.10
image: git.baumann.gr/adebaumann/vui-data-loader:0.11
command: [ "sh","-c","cp -n preload/preload.sqlite3 /data/db.sqlite3; chown -R 999:999 /data; ls -la /data; sleep 10; exit 0" ]
volumeMounts:
- name: data
mountPath: /data
containers:
- name: web
image: git.baumann.gr/adebaumann/vui:0.960
image: git.baumann.gr/adebaumann/vui:0.973
imagePullPolicy: Always
ports:
- containerPort: 8000

BIN
data-loader/preload.sqlite3
View File

Binary file not shown.

BIN
data/db.sqlite3
View File

Binary file not shown.

8
dokumente/admin.py
View File

@@ -94,9 +94,17 @@ class EinleitungInline(NestedStackedInline):
class VorgabeForm(forms.ModelForm):
referenzen = TreeNodeMultipleChoiceField(queryset=Referenz.objects.all(), required=False)
class Meta:
model = Vorgabe
fields = '__all__'
def clean_thema(self):
"""Validate that thema is provided."""
thema = self.cleaned_data.get('thema')
if not thema:
raise forms.ValidationError('Thema ist ein Pflichtfeld. Bitte wählen Sie ein Thema aus.')
return thema
class VorgabeInline(SortableInlineAdminMixin, NestedStackedInline):
model = Vorgabe

2
dokumente/management/commands/import-document.py
View File

@@ -71,6 +71,7 @@ class Command(BaseCommand):
"name": name,
"gueltigkeit_von": options["gueltigkeit_von"],
"gueltigkeit_bis": options["gueltigkeit_bis"],
"aktiv":False,
},
)
if created:
@@ -319,6 +320,7 @@ class Command(BaseCommand):
thema=thema,
titel=v["titel"],
gueltigkeit_von=timezone.now().date(),
order=0,
)
# Stichworte

34
dokumente/models.py
View File

@@ -54,6 +54,34 @@ class Dokument(models.Model):
def __str__(self):
return f"{self.nummer} {self.name}"
@property
def dates(self):
"""
Returns an array of unique, chronologically sorted dates representing
state-change dates from all Vorgaben in this document.
These are dates where Vorgaben become active (gueltigkeit_von) or change state
(the day after gueltigkeit_bis). The very last date in the list is excluded
as it has no relevance (nothing changes after it).
"""
dates_set = set()
# Get all vorgaben for this document
for vorgabe in self.vorgaben.all():
# Add gueltigkeit_von (when vorgabe becomes active)
if vorgabe.gueltigkeit_von:
dates_set.add(vorgabe.gueltigkeit_von)
# Add the day after gueltigkeit_bis (when vorgabe expires/changes state)
# Only if gueltigkeit_bis is defined (not None)
if vorgabe.gueltigkeit_bis:
dates_set.add(vorgabe.gueltigkeit_bis + datetime.timedelta(days=1))
# Return sorted unique dates from oldest to newest, excluding the last date
# (but only if there are multiple dates; single dates are kept)
sorted_dates = sorted(list(dates_set))
return sorted_dates[:-1] if len(sorted_dates) > 1 else sorted_dates
class Meta:
verbose_name_plural="Dokumente"
verbose_name="Dokument"
@@ -141,6 +169,12 @@ class Vorgabe(models.Model):
"""
from django.core.exceptions import ValidationError
# Check that thema is provided
if not self.thema_id:
raise ValidationError({
'thema': 'Thema ist ein Pflichtfeld. Bitte wählen Sie ein Thema aus.'
})
# Check for conflicts with existing Vorgaben
conflicts = self.find_conflicts()
if conflicts:

67
dokumente/templates/standards/all_comments.html Normal file
View File

@@ -0,0 +1,67 @@
{% extends "base.html" %}
{% block content %}
<h1>Alle Kommentare</h1>
{% if total_comments == 0 %}
<div class="alert alert-info">
<p>Es gibt noch keine Kommentare zu Vorgaben.</p>
<p><a href="{% url 'standard_list' %}">Zu den Standards</a></p>
</div>
{% else %}
<p class="text-muted">Insgesamt {{ total_comments }} Kommentar{{ total_comments|pluralize:"e" }}</p>
{% for dokument, comments in comments_by_document.items %}
<div class="panel panel-default" style="margin-top: 2rem;">
<div class="panel-heading">
<h2 style="margin: 0;">
<a href="{% url 'standard_detail' nummer=dokument.nummer %}">
{{ dokument.nummer }} {{ dokument.name }}
</a>
</h2>
<p style="margin: 0; color: #666; font-size: 0.9rem;">
{{ comments|length }} Kommentar{{ comments|length|pluralize:"e" }}
</p>
</div>
<div class="panel-body">
<div class="list-group">
{% for comment in comments %}
<div class="list-group-item" style="border-left: 3px solid #007bff; padding: 1rem;">
<div style="display: flex; justify-content: space-between; align-items: flex-start;">
<div style="flex: 1;">
<h4 style="margin: 0 0 0.5rem 0;">
<a href="{% url 'standard_detail' nummer=comment.vorgabe.dokument.nummer %}#{{ comment.vorgabe.Vorgabennummer }}">
{{ comment.vorgabe.Vorgabennummer }}
</a> {{ comment.vorgabe.titel }}
</h4>
<p style="margin: 0 0 0.75rem 0; color: #666; font-size: 0.9rem;">
<strong>Benutzer:</strong> {{ comment.user.first_name }} {{ comment.user.last_name }}<br>
<strong>Erstellt:</strong> {{ comment.created_at|date:"d.m.Y H:i" }}
{% if comment.updated_at != comment.created_at %}
<br>
<strong>Bearbeitet:</strong> {{ comment.updated_at|date:"d.m.Y H:i" }}
{% endif %}
</p>
</div>
<form method="POST" action="{% url 'delete_vorgabe_comment' comment.id %}"
style="display: inline; margin-left: 1rem;"
onsubmit="return confirm('Sind Sie sicher, dass Sie diesen Kommentar löschen möchten?');">
{% csrf_token %}
<button type="submit" class="btn btn-sm btn-danger">Löschen</button>
</form>
</div>
<div style="background: #f8f9fa; padding: 0.75rem; border-radius: 4px; margin-top: 0.5rem; white-space: pre-wrap; word-wrap: break-word;">
{{ comment.text }}
</div>
</div>
{% endfor %}
</div>
</div>
</div>
{% endfor %}
{% endif %}
<div style="margin-top: 2rem; padding-top: 2rem; border-top: 1px solid #ddd;">
<a href="{% url 'standard_list' %}" class="btn btn-default">Zu den Standards</a>
</div>
{% endblock %}

23
dokumente/templates/standards/standard_detail.html
View File

@@ -16,9 +16,32 @@
{% if standard.history == True %}
<div class="alert alert-warning" role="alert">
{% if standard.is_future %}
<strong>Zukünftige Version vom {{ standard.check_date }}</strong>
{% else %}
<strong>Historische Version vom {{ standard.check_date }}</strong>
{% endif %}
</div>
{% endif %}
<!-- History Dates Dropdown -->
{% if standard.dates %}
<div class="mb-3">
<div class="dropdown">
<a href="#" class="dropdown-toggle" data-toggle="dropdown" style="text-decoration: none;">
📅 Historische Versionen
</a>
<ul class="dropdown-menu" role="menu">
<li><a href="/dokumente/{{ standard.nummer }}/">Aktuelle Version</a></li>
<li class="divider"></li>
{% for date in standard.dates %}
<li><a href="/dokumente/{{ standard.nummer }}/history/{{ date|date:'Y-m-d' }}/">{{ date|date:'d.m.Y' }}</a></li>
{% endfor %}
</ul>
</div>
</div>
{% endif %}
<!-- Einleitung -->
{% if standard.einleitung_html %}
<div class="row mb-4">

66
dokumente/templates/standards/user_comments.html Normal file
View File

@@ -0,0 +1,66 @@
{% extends "base.html" %}
{% block content %}
<h1>Meine Kommentare</h1>
{% if total_comments == 0 %}
<div class="alert alert-info">
<p>Sie haben noch keine Kommentare zu Vorgaben hinterlassen.</p>
<p><a href="{% url 'standard_list' %}">Zu den Standards</a></p>
</div>
{% else %}
<p class="text-muted">Insgesamt {{ total_comments }} Kommentar{{ total_comments|pluralize:"e" }}</p>
{% for dokument, comments in comments_by_document.items %}
<div class="panel panel-default" style="margin-top: 2rem;">
<div class="panel-heading">
<h2 style="margin: 0;">
<a href="{% url 'standard_detail' nummer=dokument.nummer %}">
{{ dokument.nummer }} {{ dokument.name }}
</a>
</h2>
<p style="margin: 0; color: #666; font-size: 0.9rem;">
{{ comments|length }} Kommentar{{ comments|length|pluralize:"e" }}
</p>
</div>
<div class="panel-body">
<div class="list-group">
{% for comment in comments %}
<div class="list-group-item" style="border-left: 3px solid #007bff; padding: 1rem;">
<div style="display: flex; justify-content: space-between; align-items: flex-start;">
<div style="flex: 1;">
<h4 style="margin: 0 0 0.5rem 0;">
<a href="{% url 'standard_detail' nummer=comment.vorgabe.dokument.nummer %}#{{ comment.vorgabe.Vorgabennummer }}">
{{ comment.vorgabe.Vorgabennummer }}
</a> {{ comment.vorgabe.titel }}
</h4>
<p style="margin: 0 0 0.75rem 0; color: #666; font-size: 0.9rem;">
<strong>Erstellt:</strong> {{ comment.created_at|date:"d.m.Y H:i" }}
{% if comment.updated_at != comment.created_at %}
<br>
<strong>Bearbeitet:</strong> {{ comment.updated_at|date:"d.m.Y H:i" }}
{% endif %}
</p>
</div>
<form method="POST" action="{% url 'delete_vorgabe_comment' comment.id %}"
style="display: inline; margin-left: 1rem;"
onsubmit="return confirm('Sind Sie sicher, dass Sie diesen Kommentar löschen möchten?');">
{% csrf_token %}
<button type="submit" class="btn btn-sm btn-danger">Löschen</button>
</form>
</div>
<div style="background: #f8f9fa; padding: 0.75rem; border-radius: 4px; margin-top: 0.5rem; white-space: pre-wrap; word-wrap: break-word;">
{{ comment.text }}
</div>
</div>
{% endfor %}
</div>
</div>
</div>
{% endfor %}
{% endif %}
<div style="margin-top: 2rem; padding-top: 2rem; border-top: 1px solid #ddd;">
<a href="{% url 'standard_list' %}" class="btn btn-default">Zu den Standards</a>
</div>
{% endblock %}

960
dokumente/test_import_command.py Normal file
View File

@@ -0,0 +1,960 @@
"""
Tests for the import-document management command.
This test suite covers:
- Basic import functionality
- Dry-run mode
- Purge functionality
- Error handling (missing file, dokumententyp, thema, abschnitttyp)
- Context switching (einleitung → geltungsbereich → vorgabe)
- Header normalization
- Vorgaben with Kurztext, Langtext, Stichworte, Checklistenfragen
- Edge cases and malformed input
"""
import os
import tempfile
from io import StringIO
from pathlib import Path
from django.test import TestCase
from django.core.management import call_command
from django.core.management.base import CommandError
from dokumente.models import (
Dokumententyp,
Dokument,
Thema,
Vorgabe,
VorgabeKurztext,
VorgabeLangtext,
Geltungsbereich,
Einleitung,
Checklistenfrage,
)
from abschnitte.models import AbschnittTyp
from stichworte.models import Stichwort
class ImportDocumentCommandTestCase(TestCase):
"""Test cases for the import-document management command"""
def setUp(self):
"""Set up test fixtures"""
# Create required Dokumententyp
self.dokumententyp = Dokumententyp.objects.create(
name="IT-Sicherheit",
verantwortliche_ve="TEST-VE"
)
# Create required AbschnittTyp instances
self.text_typ = AbschnittTyp.objects.create(abschnitttyp="text")
self.liste_geordnet_typ = AbschnittTyp.objects.create(
abschnitttyp="liste geordnet"
)
self.liste_ungeordnet_typ = AbschnittTyp.objects.create(
abschnitttyp="liste ungeordnet"
)
# Create test Themen
self.thema_organisation = Thema.objects.create(
name="Organisation",
erklaerung="Organisatorische Anforderungen"
)
self.thema_technik = Thema.objects.create(
name="Technik",
erklaerung="Technische Anforderungen"
)
# Additional Themen for r009.txt example
self.thema_informationen = Thema.objects.create(
name="Informationen",
erklaerung="Informationssicherheit"
)
self.thema_systeme = Thema.objects.create(
name="Systeme",
erklaerung="Systemanforderungen"
)
self.thema_anwendungen = Thema.objects.create(
name="Anwendungen",
erklaerung="Anwendungsanforderungen"
)
self.thema_zonen = Thema.objects.create(
name="Zonen",
erklaerung="Zonenanforderungen"
)
def create_test_file(self, content):
"""Helper to create a temporary test file with given content"""
fd, path = tempfile.mkstemp(suffix=".txt", text=True)
with os.fdopen(fd, 'w', encoding='utf-8') as f:
f.write(content)
return path
def test_basic_import_creates_document(self):
"""Test that basic import creates a document"""
test_content = """>>>Einleitung
>>>text
This is the introduction.
>>>geltungsbereich
>>>text
This is the scope.
>>>Vorgabe Organisation
>>>Nummer 1
>>>Titel
Test Requirement
>>>Kurztext
>>>Text
Short description.
>>>Langtext
>>>Text
Long description.
"""
test_file = self.create_test_file(test_content)
try:
out = StringIO()
call_command(
'import-document',
test_file,
'--nummer', 'TEST-001',
'--name', 'Test Document',
'--dokumententyp', 'IT-Sicherheit',
stdout=out
)
# Check document was created
dokument = Dokument.objects.get(nummer='TEST-001')
self.assertEqual(dokument.name, 'Test Document')
self.assertEqual(dokument.dokumententyp, self.dokumententyp)
# Check output message
output = out.getvalue()
self.assertIn('Created Document TEST-001', output)
self.assertIn('Imported document TEST-001', output)
finally:
os.unlink(test_file)
def test_import_creates_einleitung(self):
"""Test that Einleitung sections are created"""
test_content = """>>>Einleitung
>>>text
This is the introduction text.
>>>geltungsbereich
>>>text
Scope text.
"""
test_file = self.create_test_file(test_content)
try:
call_command(
'import-document',
test_file,
'--nummer', 'TEST-002',
'--name', 'Test Document 2',
'--dokumententyp', 'IT-Sicherheit'
)
dokument = Dokument.objects.get(nummer='TEST-002')
einleitung = Einleitung.objects.filter(einleitung=dokument)
self.assertEqual(einleitung.count(), 1)
self.assertEqual(einleitung.first().inhalt, 'This is the introduction text.')
self.assertEqual(einleitung.first().abschnitttyp, self.text_typ)
finally:
os.unlink(test_file)
def test_import_creates_geltungsbereich(self):
"""Test that Geltungsbereich sections are created"""
test_content = """>>>geltungsbereich
>>>text
This standard applies to all servers.
"""
test_file = self.create_test_file(test_content)
try:
call_command(
'import-document',
test_file,
'--nummer', 'TEST-003',
'--name', 'Test Document 3',
'--dokumententyp', 'IT-Sicherheit'
)
dokument = Dokument.objects.get(nummer='TEST-003')
geltungsbereich = Geltungsbereich.objects.filter(geltungsbereich=dokument)
self.assertEqual(geltungsbereich.count(), 1)
self.assertEqual(
geltungsbereich.first().inhalt,
'This standard applies to all servers.'
)
self.assertEqual(geltungsbereich.first().abschnitttyp, self.text_typ)
finally:
os.unlink(test_file)
def test_import_creates_vorgabe_with_all_fields(self):
"""Test creating a Vorgabe with all fields"""
test_content = """>>>Vorgabe Organisation
>>>Nummer 1
>>>Titel
Complete Requirement
>>>Kurztext
>>>Text
Short text here.
>>>Langtext
>>>Text
Long text here.
>>>Stichworte
Testing, Management, Security
>>>Checkliste
Is the requirement met?
Has documentation been provided?
"""
test_file = self.create_test_file(test_content)
try:
call_command(
'import-document',
test_file,
'--nummer', 'TEST-004',
'--name', 'Test Document 4',
'--dokumententyp', 'IT-Sicherheit'
)
dokument = Dokument.objects.get(nummer='TEST-004')
vorgabe = Vorgabe.objects.get(dokument=dokument, nummer=1)
# Check basic fields
self.assertEqual(vorgabe.titel, 'Complete Requirement')
self.assertEqual(vorgabe.thema, self.thema_organisation)
# Check Kurztext
kurztext = VorgabeKurztext.objects.filter(abschnitt=vorgabe)
self.assertEqual(kurztext.count(), 1)
self.assertEqual(kurztext.first().inhalt, 'Short text here.')
# Check Langtext
langtext = VorgabeLangtext.objects.filter(abschnitt=vorgabe)
self.assertEqual(langtext.count(), 1)
self.assertEqual(langtext.first().inhalt, 'Long text here.')
# Check Stichworte
stichworte = vorgabe.stichworte.all()
self.assertEqual(stichworte.count(), 3)
stichwort_names = {s.stichwort for s in stichworte}
self.assertEqual(stichwort_names, {'Testing', 'Management', 'Security'})
# Check Checklistenfragen
fragen = Checklistenfrage.objects.filter(vorgabe=vorgabe)
self.assertEqual(fragen.count(), 2)
frage_texts = {f.frage for f in fragen}
self.assertEqual(frage_texts, {
'Is the requirement met?',
'Has documentation been provided?'
})
finally:
os.unlink(test_file)
def test_import_multiple_vorgaben(self):
"""Test importing multiple Vorgaben"""
test_content = """>>>Vorgabe Organisation
>>>Nummer 1
>>>Titel
First Requirement
>>>Kurztext
>>>Text
First requirement text.
>>>Vorgabe Technik
>>>Nummer 2
>>>Titel
Second Requirement
>>>Kurztext
>>>Text
Second requirement text.
>>>Vorgabe Organisation
>>>Nummer 3
>>>Titel
Third Requirement
>>>Kurztext
>>>Text
Third requirement text.
"""
test_file = self.create_test_file(test_content)
try:
call_command(
'import-document',
test_file,
'--nummer', 'TEST-005',
'--name', 'Test Document 5',
'--dokumententyp', 'IT-Sicherheit'
)
dokument = Dokument.objects.get(nummer='TEST-005')
vorgaben = Vorgabe.objects.filter(dokument=dokument).order_by('nummer')
self.assertEqual(vorgaben.count(), 3)
self.assertEqual(vorgaben[0].nummer, 1)
self.assertEqual(vorgaben[0].thema, self.thema_organisation)
self.assertEqual(vorgaben[1].nummer, 2)
self.assertEqual(vorgaben[1].thema, self.thema_technik)
self.assertEqual(vorgaben[2].nummer, 3)
self.assertEqual(vorgaben[2].thema, self.thema_organisation)
finally:
os.unlink(test_file)
def test_dry_run_creates_no_data(self):
"""Test that dry-run mode creates no database records"""
test_content = """>>>Einleitung
>>>text
Introduction text.
>>>Vorgabe Organisation
>>>Nummer 1
>>>Titel
Test Requirement
>>>Kurztext
>>>Text
Short text.
"""
test_file = self.create_test_file(test_content)
try:
out = StringIO()
call_command(
'import-document',
test_file,
'--nummer', 'TEST-DRY',
'--name', 'Dry Run Test',
'--dokumententyp', 'IT-Sicherheit',
'--dry-run',
stdout=out
)
# Document is created (for counting purposes) but not saved
output = out.getvalue()
self.assertIn('Dry run: no database changes will be made', output)
self.assertIn('Dry run complete', output)
# Check that Einleitung and Vorgabe were NOT created
dokument = Dokument.objects.get(nummer='TEST-DRY')
self.assertEqual(Einleitung.objects.filter(einleitung=dokument).count(), 0)
self.assertEqual(Vorgabe.objects.filter(dokument=dokument).count(), 0)
finally:
os.unlink(test_file)
def test_dry_run_verbose_shows_details(self):
"""Test that dry-run with verbose shows detailed output"""
test_content = """>>>Einleitung
>>>text
Introduction.
>>>Vorgabe Organisation
>>>Nummer 1
>>>Titel
Test
>>>Kurztext
>>>Text
Short.
>>>Langtext
>>>Text
Long.
>>>Stichworte
Keyword1, Keyword2
>>>Checkliste
Question 1?
Question 2?
"""
test_file = self.create_test_file(test_content)
try:
out = StringIO()
call_command(
'import-document',
test_file,
'--nummer', 'TEST-VERBOSE',
'--name', 'Verbose Test',
'--dokumententyp', 'IT-Sicherheit',
'--dry-run',
'--verbose',
stdout=out
)
output = out.getvalue()
self.assertIn('[DRY RUN] Einleitung Abschnitt', output)
self.assertIn('[DRY RUN] Would create Vorgabe 1', output)
self.assertIn('Stichworte: Keyword1, Keyword2', output)
self.assertIn('Checkliste: Question 1?', output)
self.assertIn('Checkliste: Question 2?', output)
self.assertIn('Kurztext', output)
self.assertIn('Langtext', output)
finally:
os.unlink(test_file)
def test_purge_deletes_existing_content(self):
"""Test that --purge deletes existing content before import"""
test_content = """>>>Vorgabe Organisation
>>>Nummer 1
>>>Titel
New Requirement
>>>Kurztext
>>>Text
New text.
"""
test_file = self.create_test_file(test_content)
try:
# First import
call_command(
'import-document',
test_file,
'--nummer', 'TEST-PURGE',
'--name', 'Purge Test',
'--dokumententyp', 'IT-Sicherheit'
)
dokument = Dokument.objects.get(nummer='TEST-PURGE')
self.assertEqual(Vorgabe.objects.filter(dokument=dokument).count(), 1)
# Second import with different content and --purge
test_content_2 = """>>>Vorgabe Technik
>>>Nummer 2
>>>Titel
Replacement Requirement
>>>Kurztext
>>>Text
Replacement text.
"""
test_file_2 = self.create_test_file(test_content_2)
try:
out = StringIO()
call_command(
'import-document',
test_file_2,
'--nummer', 'TEST-PURGE',
'--name', 'Purge Test',
'--dokumententyp', 'IT-Sicherheit',
'--purge',
stdout=out
)
# Old Vorgabe should be deleted, only new one exists
vorgaben = Vorgabe.objects.filter(dokument=dokument)
self.assertEqual(vorgaben.count(), 1)
self.assertEqual(vorgaben.first().nummer, 2)
self.assertEqual(vorgaben.first().thema, self.thema_technik)
output = out.getvalue()
self.assertIn('Purged', output)
finally:
os.unlink(test_file_2)
finally:
os.unlink(test_file)
def test_purge_dry_run_shows_what_would_be_deleted(self):
"""Test that --purge with --dry-run shows deletion counts"""
test_content = """>>>Vorgabe Organisation
>>>Nummer 1
>>>Titel
Original
>>>Kurztext
>>>Text
Text.
"""
test_file = self.create_test_file(test_content)
try:
# First import to create data
call_command(
'import-document',
test_file,
'--nummer', 'TEST-PURGE-DRY',
'--name', 'Purge Dry Test',
'--dokumententyp', 'IT-Sicherheit'
)
# Dry run with purge
out = StringIO()
call_command(
'import-document',
test_file,
'--nummer', 'TEST-PURGE-DRY',
'--name', 'Purge Dry Test',
'--dokumententyp', 'IT-Sicherheit',
'--purge',
'--dry-run',
stdout=out
)
output = out.getvalue()
self.assertIn('[DRY RUN] Would purge:', output)
self.assertIn('1 Vorgaben', output)
finally:
os.unlink(test_file)
def test_header_normalization(self):
"""Test that headers with hyphens are normalized correctly"""
test_content = """>>>geltungsbereich
>>>Liste-ungeordnet
Item 1
Item 2
Item 3
"""
test_file = self.create_test_file(test_content)
try:
call_command(
'import-document',
test_file,
'--nummer', 'TEST-NORM',
'--name', 'Normalization Test',
'--dokumententyp', 'IT-Sicherheit'
)
dokument = Dokument.objects.get(nummer='TEST-NORM')
geltungsbereich = Geltungsbereich.objects.get(geltungsbereich=dokument)
# Should have normalized "Liste-ungeordnet" to "liste ungeordnet"
self.assertEqual(geltungsbereich.abschnitttyp, self.liste_ungeordnet_typ)
finally:
os.unlink(test_file)
def test_missing_file_raises_error(self):
"""Test that missing file raises CommandError"""
with self.assertRaises(CommandError) as cm:
call_command(
'import-document',
'/nonexistent/file.txt',
'--nummer', 'TEST-ERR',
'--name', 'Error Test',
'--dokumententyp', 'IT-Sicherheit'
)
self.assertIn('does not exist', str(cm.exception))
def test_missing_dokumententyp_raises_error(self):
"""Test that missing Dokumententyp raises CommandError"""
test_content = """>>>geltungsbereich
>>>text
Text.
"""
test_file = self.create_test_file(test_content)
try:
with self.assertRaises(CommandError) as cm:
call_command(
'import-document',
test_file,
'--nummer', 'TEST-ERR',
'--name', 'Error Test',
'--dokumententyp', 'NonExistentType'
)
self.assertIn('does not exist', str(cm.exception))
finally:
os.unlink(test_file)
def test_missing_thema_skips_vorgabe(self):
"""Test that missing Thema causes Vorgabe to be skipped with warning"""
test_content = """>>>Vorgabe NonExistentThema
>>>Nummer 1
>>>Titel
Test
>>>Kurztext
>>>Text
Text.
"""
test_file = self.create_test_file(test_content)
try:
out = StringIO()
call_command(
'import-document',
test_file,
'--nummer', 'TEST-SKIP',
'--name', 'Skip Test',
'--dokumententyp', 'IT-Sicherheit',
stdout=out
)
dokument = Dokument.objects.get(nummer='TEST-SKIP')
# Vorgabe should NOT be created
self.assertEqual(Vorgabe.objects.filter(dokument=dokument).count(), 0)
output = out.getvalue()
self.assertIn('not found, skipping Vorgabe', output)
finally:
os.unlink(test_file)
def test_missing_abschnitttyp_defaults_to_text(self):
"""Test that missing AbschnittTyp defaults to 'text' with warning"""
# Delete all but text type
AbschnittTyp.objects.exclude(abschnitttyp='text').delete()
test_content = """>>>geltungsbereich
>>>liste geordnet
Item 1
"""
test_file = self.create_test_file(test_content)
try:
out = StringIO()
call_command(
'import-document',
test_file,
'--nummer', 'TEST-DEFAULT',
'--name', 'Default Test',
'--dokumententyp', 'IT-Sicherheit',
stdout=out
)
dokument = Dokument.objects.get(nummer='TEST-DEFAULT')
geltungsbereich = Geltungsbereich.objects.get(geltungsbereich=dokument)
# Should default to 'text' type
self.assertEqual(geltungsbereich.abschnitttyp.abschnitttyp, 'text')
output = out.getvalue()
self.assertIn("not found; defaulting to 'text'", output)
finally:
os.unlink(test_file)
def test_inline_titel(self):
"""Test that inline title (on same line as header) is parsed"""
test_content = """>>>Vorgabe Organisation
>>>Nummer 1
>>>Titel Inline Title Here
>>>Kurztext
>>>Text
Text.
"""
test_file = self.create_test_file(test_content)
try:
call_command(
'import-document',
test_file,
'--nummer', 'TEST-INLINE',
'--name', 'Inline Test',
'--dokumententyp', 'IT-Sicherheit'
)
dokument = Dokument.objects.get(nummer='TEST-INLINE')
vorgabe = Vorgabe.objects.get(dokument=dokument)
self.assertEqual(vorgabe.titel, 'Inline Title Here')
finally:
os.unlink(test_file)
def test_inline_stichworte(self):
"""Test that inline Stichworte (on same line as header) are parsed"""
test_content = """>>>Vorgabe Organisation
>>>Nummer 1
>>>Titel Test
>>>Stichworte Security, Testing, Compliance
>>>Kurztext
>>>Text
Text.
"""
test_file = self.create_test_file(test_content)
try:
call_command(
'import-document',
test_file,
'--nummer', 'TEST-INLINE-STW',
'--name', 'Inline Stichwort Test',
'--dokumententyp', 'IT-Sicherheit'
)
dokument = Dokument.objects.get(nummer='TEST-INLINE-STW')
vorgabe = Vorgabe.objects.get(dokument=dokument)
stichworte = {s.stichwort for s in vorgabe.stichworte.all()}
self.assertEqual(stichworte, {'Security', 'Testing', 'Compliance'})
finally:
os.unlink(test_file)
def test_gueltigkeit_dates(self):
"""Test that validity dates are set correctly"""
test_content = """>>>geltungsbereich
>>>text
Scope.
"""
test_file = self.create_test_file(test_content)
try:
call_command(
'import-document',
test_file,
'--nummer', 'TEST-DATES',
'--name', 'Date Test',
'--dokumententyp', 'IT-Sicherheit',
'--gueltigkeit_von', '2024-01-01',
'--gueltigkeit_bis', '2024-12-31'
)
dokument = Dokument.objects.get(nummer='TEST-DATES')
self.assertEqual(str(dokument.gueltigkeit_von), '2024-01-01')
self.assertEqual(str(dokument.gueltigkeit_bis), '2024-12-31')
finally:
os.unlink(test_file)
def test_existing_document_updates(self):
"""Test that importing to existing document number shows warning"""
test_content = """>>>geltungsbereich
>>>text
First version.
"""
test_file = self.create_test_file(test_content)
try:
# First import
out = StringIO()
call_command(
'import-document',
test_file,
'--nummer', 'TEST-EXISTS',
'--name', 'Existing Test',
'--dokumententyp', 'IT-Sicherheit',
stdout=out
)
output1 = out.getvalue()
self.assertIn('Created Document TEST-EXISTS', output1)
# Second import with same number
out2 = StringIO()
call_command(
'import-document',
test_file,
'--nummer', 'TEST-EXISTS',
'--name', 'Existing Test',
'--dokumententyp', 'IT-Sicherheit',
stdout=out2
)
output2 = out2.getvalue()
self.assertIn('already exists', output2)
finally:
os.unlink(test_file)
def test_multiple_kurztext_sections(self):
"""Test Vorgabe with multiple Kurztext sections"""
test_content = """>>>Vorgabe Organisation
>>>Nummer 1
>>>Titel Multiple Sections
>>>Kurztext
>>>Text
First kurztext section.
>>>Liste ungeordnet
Item A
Item B
>>>Langtext
>>>Text
Langtext.
"""
test_file = self.create_test_file(test_content)
try:
call_command(
'import-document',
test_file,
'--nummer', 'TEST-MULTI',
'--name', 'Multi Section Test',
'--dokumententyp', 'IT-Sicherheit'
)
dokument = Dokument.objects.get(nummer='TEST-MULTI')
vorgabe = Vorgabe.objects.get(dokument=dokument)
kurztext_sections = VorgabeKurztext.objects.filter(abschnitt=vorgabe).order_by('id')
self.assertEqual(kurztext_sections.count(), 2)
self.assertEqual(kurztext_sections[0].abschnitttyp.abschnitttyp, 'text')
self.assertEqual(kurztext_sections[1].abschnitttyp.abschnitttyp, 'liste ungeordnet')
finally:
os.unlink(test_file)
def test_empty_file(self):
"""Test importing an empty file"""
test_content = ""
test_file = self.create_test_file(test_content)
try:
out = StringIO()
call_command(
'import-document',
test_file,
'--nummer', 'TEST-EMPTY',
'--name', 'Empty Test',
'--dokumententyp', 'IT-Sicherheit',
stdout=out
)
dokument = Dokument.objects.get(nummer='TEST-EMPTY')
# Document created but no content
self.assertEqual(Einleitung.objects.filter(einleitung=dokument).count(), 0)
self.assertEqual(Geltungsbereich.objects.filter(geltungsbereich=dokument).count(), 0)
self.assertEqual(Vorgabe.objects.filter(dokument=dokument).count(), 0)
output = out.getvalue()
self.assertIn('with 0 Vorgaben', output)
finally:
os.unlink(test_file)
def test_unicode_content(self):
"""Test that Unicode characters (German umlauts, etc.) are handled correctly"""
test_content = """>>>Einleitung
>>>text
Übersicht über die Sicherheitsanforderungen für IT-Systeme.
>>>Vorgabe Organisation
>>>Nummer 1
>>>Titel
Überprüfung der Systemkonfiguration
>>>Kurztext
>>>Text
Die Konfiguration muss regelmäßig überprüft werden.
>>>Stichworte
Überprüfung, Sicherheit, Qualität
"""
test_file = self.create_test_file(test_content)
try:
call_command(
'import-document',
test_file,
'--nummer', 'TEST-UNICODE',
'--name', 'Unicode Test',
'--dokumententyp', 'IT-Sicherheit'
)
dokument = Dokument.objects.get(nummer='TEST-UNICODE')
# Check Einleitung
einleitung = Einleitung.objects.get(einleitung=dokument)
self.assertIn('Übersicht', einleitung.inhalt)
# Check Vorgabe
vorgabe = Vorgabe.objects.get(dokument=dokument)
self.assertEqual(vorgabe.titel, 'Überprüfung der Systemkonfiguration')
# Check Kurztext
kurztext = VorgabeKurztext.objects.get(abschnitt=vorgabe)
self.assertIn('regelmäßig', kurztext.inhalt)
# Check Stichworte
stichworte = {s.stichwort for s in vorgabe.stichworte.all()}
self.assertIn('Überprüfung', stichworte)
finally:
os.unlink(test_file)
def test_context_switching(self):
"""Test that context switches correctly between sections"""
test_content = """>>>Einleitung
>>>text
Intro text 1.
>>>text
Intro text 2.
>>>geltungsbereich
>>>text
Scope text 1.
>>>text
Scope text 2.
>>>Vorgabe Organisation
>>>Nummer 1
>>>Titel Test
>>>Kurztext
>>>text
Kurztext 1.
>>>text
Kurztext 2.
>>>Langtext
>>>text
Langtext 1.
"""
test_file = self.create_test_file(test_content)
try:
call_command(
'import-document',
test_file,
'--nummer', 'TEST-CONTEXT',
'--name', 'Context Test',
'--dokumententyp', 'IT-Sicherheit'
)
dokument = Dokument.objects.get(nummer='TEST-CONTEXT')
# Check Einleitung has 2 sections
einleitung = Einleitung.objects.filter(einleitung=dokument)
self.assertEqual(einleitung.count(), 2)
# Check Geltungsbereich has 2 sections
geltungsbereich = Geltungsbereich.objects.filter(geltungsbereich=dokument)
self.assertEqual(geltungsbereich.count(), 2)
# Check Vorgabe has correct Kurztext and Langtext counts
vorgabe = Vorgabe.objects.get(dokument=dokument)
kurztext = VorgabeKurztext.objects.filter(abschnitt=vorgabe)
langtext = VorgabeLangtext.objects.filter(abschnitt=vorgabe)
self.assertEqual(kurztext.count(), 2)
self.assertEqual(langtext.count(), 1)
finally:
os.unlink(test_file)
def test_real_world_example(self):
"""Test importing the real r009.txt example document"""
# Use the actual example file
example_file = Path(__file__).parent.parent / 'Documentation' / 'import formats' / 'r009.txt'
if not example_file.exists():
self.skipTest("r009.txt example file not found")
out = StringIO()
call_command(
'import-document',
str(example_file),
'--nummer', 'R009',
'--name', 'IT-Sicherheit Serversysteme',
'--dokumententyp', 'IT-Sicherheit',
stdout=out
)
dokument = Dokument.objects.get(nummer='R009')
# Check that Einleitung was created
self.assertGreater(Einleitung.objects.filter(einleitung=dokument).count(), 0)
# Check that Geltungsbereich was created
self.assertGreater(Geltungsbereich.objects.filter(geltungsbereich=dokument).count(), 0)
# Check that multiple Vorgaben were created (r009.txt has 23 Vorgaben)
vorgaben = Vorgabe.objects.filter(dokument=dokument)
self.assertGreaterEqual(vorgaben.count(), 20)
# Verify output message
output = out.getvalue()
self.assertIn('Imported document R009', output)

840
dokumente/tests.py
View File

@@ -493,6 +493,38 @@ class ViewsTestCase(TestCase):
url = reverse('standard_history', kwargs={'nummer': 'R01234'})
response = self.client.get(url)
self.assertEqual(response.status_code, 200)
def test_standard_history_past_date_shows_historische(self):
"""Test that past dates show 'Historische Version'"""
past_date = (date.today() - timedelta(days=30)).strftime('%Y-%m-%d')
url = f'/dokumente/R01234/history/{past_date}/'
response = self.client.get(url)
self.assertEqual(response.status_code, 200)
self.assertContains(response, 'Historische Version vom')
self.assertNotContains(response, 'Zukünftige Version vom')
# Verify is_future flag is False
self.assertFalse(response.context['standard'].is_future)
def test_standard_history_future_date_shows_zukuenftige(self):
"""Test that future dates show 'Zukünftige Version'"""
future_date = (date.today() + timedelta(days=30)).strftime('%Y-%m-%d')
url = f'/dokumente/R01234/history/{future_date}/'
response = self.client.get(url)
self.assertEqual(response.status_code, 200)
self.assertContains(response, 'Zukünftige Version vom')
self.assertNotContains(response, 'Historische Version vom')
# Verify is_future flag is True
self.assertTrue(response.context['standard'].is_future)
def test_standard_detail_current_has_no_version_label(self):
"""Test that current view (no history) has no version label"""
url = reverse('standard_detail', kwargs={'nummer': 'R01234'})
response = self.client.get(url)
self.assertEqual(response.status_code, 200)
self.assertNotContains(response, 'Historische Version vom')
self.assertNotContains(response, 'Zukünftige Version vom')
# Verify history flag is False
self.assertFalse(response.context['standard'].history)
class URLPatternsTest(TestCase):
@@ -761,6 +793,134 @@ class VorgabeSanityCheckTest(TestCase):
self.assertIn("intersecting validity periods", report)
class VorgabeThemaValidationTest(TestCase):
"""Test cases for Vorgabe Thema validation"""
def setUp(self):
"""Set up test data for Thema validation tests"""
self.dokumententyp = Dokumententyp.objects.create(
name="Standard IT-Sicherheit",
verantwortliche_ve="SR-SUR-SEC"
)
self.dokument = Dokument.objects.create(
nummer="R0066",
dokumententyp=self.dokumententyp,
name="IT Security Standard",
aktiv=True
)
self.thema = Thema.objects.create(name="Organisation")
def test_vorgabe_with_thema_passes_validation(self):
"""Test that Vorgabe with a valid Thema passes clean() validation"""
vorgabe = Vorgabe(
order=1,
nummer=1,
dokument=self.dokument,
thema=self.thema,
titel="Test Vorgabe",
gueltigkeit_von=date.today()
)
# Should not raise any exception
try:
vorgabe.clean()
except Exception as e:
self.fail(f"clean() raised {e} unexpectedly!")
def test_vorgabe_without_thema_fails_validation(self):
"""Test that Vorgabe without Thema fails clean() validation"""
from django.core.exceptions import ValidationError
vorgabe = Vorgabe(
order=1,
nummer=1,
dokument=self.dokument,
thema=None, # No Thema
titel="Test Vorgabe",
gueltigkeit_von=date.today()
)
with self.assertRaises(ValidationError) as context:
vorgabe.clean()
# Check that the error message is about thema
self.assertIn('thema', context.exception.message_dict)
self.assertIn('Thema ist ein Pflichtfeld', str(context.exception))
def test_vorgabe_form_with_thema_is_valid(self):
"""Test that VorgabeForm with Thema is valid"""
from dokumente.admin import VorgabeForm
form_data = {
'order': 1,
'nummer': 1,
'dokument': self.dokument.pk,
'thema': self.thema.pk,
'titel': 'Test Vorgabe',
'gueltigkeit_von': date.today(),
}
form = VorgabeForm(data=form_data)
self.assertTrue(form.is_valid(), f"Form errors: {form.errors}")
def test_vorgabe_form_without_thema_is_invalid(self):
"""Test that VorgabeForm without Thema is invalid"""
from dokumente.admin import VorgabeForm
form_data = {
'order': 1,
'nummer': 1,
'dokument': self.dokument.pk,
'thema': '', # Empty/missing Thema
'titel': 'Test Vorgabe',
'gueltigkeit_von': date.today(),
}
form = VorgabeForm(data=form_data)
self.assertFalse(form.is_valid())
self.assertIn('thema', form.errors)
def test_vorgabe_form_thema_error_message_is_german(self):
"""Test that VorgabeForm shows German error message for missing Thema"""
from dokumente.admin import VorgabeForm
form_data = {
'order': 1,
'nummer': 1,
'dokument': self.dokument.pk,
'thema': '', # Empty/missing Thema
'titel': 'Test Vorgabe',
'gueltigkeit_von': date.today(),
}
form = VorgabeForm(data=form_data)
form.is_valid()
# Check that the error message is in German
thema_errors = form.errors.get('thema', [])
error_messages = ' '.join(thema_errors)
self.assertTrue(
'Pflichtfeld' in error_messages or 'pflichtfeld' in error_messages.lower(),
f"Expected German error message about Pflichtfeld, got: {thema_errors}"
)
def test_vorgabe_model_clean_error_message_is_german(self):
"""Test that Vorgabe.clean() shows German error message for missing Thema"""
from django.core.exceptions import ValidationError
vorgabe = Vorgabe(
order=1,
nummer=1,
dokument=self.dokument,
thema=None,
titel="Test Vorgabe",
gueltigkeit_von=date.today()
)
with self.assertRaises(ValidationError) as context:
vorgabe.clean()
# Check error message is in German
error_str = str(context.exception)
self.assertIn('Thema ist ein Pflichtfeld', error_str)
class SanityCheckManagementCommandTest(TestCase):
"""Test cases for sanity_check_vorgaben management command"""
@@ -1620,19 +1780,25 @@ class GetVorgabeCommentsViewTest(TestCase):
# Create users
self.regular_user = User.objects.create_user(
username='regularuser',
password='testpass123'
password='testpass123',
first_name='Regular',
last_name='User'
)
self.staff_user = User.objects.create_user(
username='staffuser',
password='testpass123'
password='testpass123',
first_name='Staff',
last_name='User'
)
self.staff_user.is_staff = True
self.staff_user.save()
self.other_user = User.objects.create_user(
username='otheruser',
password='testpass123'
password='testpass123',
first_name='Other',
last_name='User'
)
# Create test data
@@ -1697,7 +1863,7 @@ class GetVorgabeCommentsViewTest(TestCase):
# Should only see their own comment
self.assertEqual(len(data['comments']), 1)
self.assertEqual(data['comments'][0]['text'], 'Kommentar von Regular User')
self.assertEqual(data['comments'][0]['user'], 'regularuser')
self.assertEqual(data['comments'][0]['user'], 'Regular User')
self.assertTrue(data['comments'][0]['is_own'])
def test_staff_user_sees_all_comments(self):
@@ -1715,8 +1881,8 @@ class GetVorgabeCommentsViewTest(TestCase):
# Should see all comments
self.assertEqual(len(data['comments']), 2)
usernames = [c['user'] for c in data['comments']]
self.assertIn('regularuser', usernames)
self.assertIn('otheruser', usernames)
self.assertIn('Regular User', usernames)
self.assertIn('Other User', usernames)
def test_get_comments_returns_404_for_nonexistent_vorgabe(self):
"""Test that requesting comments for non-existent Vorgabe returns 404"""
@@ -1786,6 +1952,279 @@ class GetVorgabeCommentsViewTest(TestCase):
self.assertEqual(response['X-Content-Type-Options'], 'nosniff')
class DokumentDatesPropertyTest(TestCase):
"""Test cases for Dokument.dates property"""
def setUp(self):
"""Set up test data for dates property tests"""
self.dokumententyp = Dokumententyp.objects.create(
name="Standard IT-Sicherheit",
verantwortliche_ve="SR-SUR-SEC"
)
self.dokument = Dokument.objects.create(
nummer="R0066",
dokumententyp=self.dokumententyp,
name="IT Security Standard",
aktiv=True
)
self.thema = Thema.objects.create(name="Organisation")
def test_dates_property_no_vorgaben(self):
"""Test dates property returns empty list when dokument has no vorgaben"""
dates = self.dokument.dates
self.assertEqual(dates, [])
def test_dates_property_single_vorgabe_with_only_gueltigkeit_von(self):
"""Test dates property with single vorgabe with only gueltigkeit_von"""
vorgabe = Vorgabe.objects.create(
order=1,
nummer=1,
dokument=self.dokument,
thema=self.thema,
titel="Test Vorgabe",
gueltigkeit_von=date(2025, 1, 1)
)
dates = self.dokument.dates
self.assertEqual(len(dates), 1)
self.assertEqual(dates[0], date(2025, 1, 1))
def test_dates_property_single_vorgabe_with_both_dates(self):
"""Test dates property with single vorgabe with both gueltigkeit_von and gueltigkeit_bis"""
vorgabe = Vorgabe.objects.create(
order=1,
nummer=1,
dokument=self.dokument,
thema=self.thema,
titel="Test Vorgabe",
gueltigkeit_von=date(2025, 1, 1),
gueltigkeit_bis=date(2026, 1, 1)
)
dates = self.dokument.dates
# gueltigkeit_bis would add 2026-01-02, but that's the last date so it's excluded
self.assertEqual(len(dates), 1)
self.assertEqual(dates[0], date(2025, 1, 1))
def test_dates_property_multiple_vorgaben_different_dates(self):
"""Test dates property with multiple vorgaben with different dates"""
vorgabe1 = Vorgabe.objects.create(
order=1,
nummer=1,
dokument=self.dokument,
thema=self.thema,
titel="Vorgabe 1",
gueltigkeit_von=date(2025, 1, 1),
gueltigkeit_bis=date(2025, 6, 30)
)
vorgabe2 = Vorgabe.objects.create(
order=2,
nummer=2,
dokument=self.dokument,
thema=self.thema,
titel="Vorgabe 2",
gueltigkeit_von=date(2025, 7, 1),
gueltigkeit_bis=date(2026, 1, 1)
)
dates = self.dokument.dates
# Dates: 2025-01-01, 2025-07-01, 2026-01-02 (but last one excluded)
self.assertEqual(len(dates), 2)
self.assertIn(date(2025, 1, 1), dates) # Start of vorgabe1
self.assertIn(date(2025, 7, 1), dates) # End of vorgabe1 + 1 day = Start of vorgabe2 (deduplicated)
def test_dates_property_ensures_uniqueness(self):
"""Test dates property returns unique dates only"""
# Create two vorgaben with overlapping dates
vorgabe1 = Vorgabe.objects.create(
order=1,
nummer=1,
dokument=self.dokument,
thema=self.thema,
titel="Vorgabe A",
gueltigkeit_von=date(2025, 1, 1),
gueltigkeit_bis=date(2026, 1, 1)
)
vorgabe2 = Vorgabe.objects.create(
order=2,
nummer=2,
dokument=self.dokument,
thema=self.thema,
titel="Vorgabe B",
gueltigkeit_von=date(2025, 1, 1), # Same start date
gueltigkeit_bis=date(2026, 1, 1) # Same end date
)
dates = self.dokument.dates
# Both vorgaben have same dates, and the last date (2026-01-02) is excluded
self.assertEqual(len(dates), 1)
self.assertEqual(dates[0], date(2025, 1, 1))
def test_dates_property_sorted_chronologically(self):
"""Test dates property returns dates sorted from oldest to newest"""
# Create vorgaben in non-chronological order
vorgabe1 = Vorgabe.objects.create(
order=1,
nummer=1,
dokument=self.dokument,
thema=self.thema,
titel="Vorgabe 1",
gueltigkeit_von=date(2026, 1, 1)
)
vorgabe2 = Vorgabe.objects.create(
order=2,
nummer=2,
dokument=self.dokument,
thema=self.thema,
titel="Vorgabe 2",
gueltigkeit_von=date(2024, 1, 1)
)
vorgabe3 = Vorgabe.objects.create(
order=3,
nummer=3,
dokument=self.dokument,
thema=self.thema,
titel="Vorgabe 3",
gueltigkeit_von=date(2025, 1, 1)
)
dates = self.dokument.dates
# Dates are [2024-01-01, 2025-01-01, 2026-01-01] but the last one is excluded
self.assertEqual(len(dates), 2)
self.assertEqual(dates[0], date(2024, 1, 1))
self.assertEqual(dates[1], date(2025, 1, 1))
def test_dates_property_ignores_none_dates(self):
"""Test dates property ignores None date values"""
vorgabe1 = Vorgabe.objects.create(
order=1,
nummer=1,
dokument=self.dokument,
thema=self.thema,
titel="Vorgabe 1",
gueltigkeit_von=date(2025, 1, 1)
# No gueltigkeit_bis (None)
)
vorgabe2 = Vorgabe.objects.create(
order=2,
nummer=2,
dokument=self.dokument,
thema=self.thema,
titel="Vorgabe 2",
gueltigkeit_von=date(2026, 1, 1),
gueltigkeit_bis=None # Explicitly None
)
dates = self.dokument.dates
# Dates are 2025-01-01 and 2026-01-01, but the last date (2026-01-01) is excluded
self.assertEqual(len(dates), 1)
self.assertEqual(dates[0], date(2025, 1, 1))
def test_dates_property_complex_scenario(self):
"""Test dates property with complex real-world scenario
Vorgabe A: 2025-01-01 to 2025-12-31
Vorgabe B: 2025-06-01 to 2026-01-01 (overlaps with A)
Vorgabe C: 2026-02-01 to None (no end date)
Expected dates: [2025-01-01, 2025-06-01, 2025-12-31, 2026-01-01, 2026-02-01]
The middle date (2026-01-01) should NOT be excluded even though B overlaps with A
"""
vorgabe_a = Vorgabe.objects.create(
order=1,
nummer=1,
dokument=self.dokument,
thema=self.thema,
titel="Vorgabe A",
gueltigkeit_von=date(2025, 1, 1),
gueltigkeit_bis=date(2025, 12, 31)
)
vorgabe_b = Vorgabe.objects.create(
order=2,
nummer=2,
dokument=self.dokument,
thema=self.thema,
titel="Vorgabe B",
gueltigkeit_von=date(2025, 6, 1),
gueltigkeit_bis=date(2026, 1, 1)
)
vorgabe_c = Vorgabe.objects.create(
order=3,
nummer=3,
dokument=self.dokument,
thema=self.thema,
titel="Vorgabe C",
gueltigkeit_von=date(2026, 2, 1)
# No gueltigkeit_bis
)
dates = self.dokument.dates
# All dates: 2025-01-01, 2025-06-01, 2026-01-01, 2026-01-02, 2026-02-01
# Last date (2026-02-01) is excluded
expected = [
date(2025, 1, 1), # Start of A
date(2025, 6, 1), # Start of B
date(2026, 1, 1), # End of A + 1 day
date(2026, 1, 2) # End of B + 1 day
]
self.assertEqual(dates, expected)
def test_dates_property_returns_list(self):
"""Test dates property returns a list (not a set or tuple)"""
vorgabe = Vorgabe.objects.create(
order=1,
nummer=1,
dokument=self.dokument,
thema=self.thema,
titel="Test Vorgabe",
gueltigkeit_von=date(2025, 1, 1)
)
dates = self.dokument.dates
self.assertIsInstance(dates, list)
def test_dates_property_does_not_persist_to_database(self):
"""Test dates property is calculated on-the-fly, not stored"""
vorgabe = Vorgabe.objects.create(
order=1,
nummer=1,
dokument=self.dokument,
thema=self.thema,
titel="Test Vorgabe",
gueltigkeit_von=date(2025, 1, 1),
gueltigkeit_bis=date(2025, 12, 31)
)
# Get dates before adding new vorgabe
dates_before = self.dokument.dates
self.assertEqual(len(dates_before), 1) # 2025-01-01 (2026-01-02 is last, so excluded)
# Add new vorgabe
vorgabe2 = Vorgabe.objects.create(
order=2,
nummer=2,
dokument=self.dokument,
thema=self.thema,
titel="Test Vorgabe 2",
gueltigkeit_von=date(2026, 2, 1)
)
# Get dates after - new dates are 2025-01-01, 2026-01-02, 2026-02-01
# Last date (2026-02-01) is excluded, so we get [2025-01-01, 2026-01-01]
dates_after = self.dokument.dates
self.assertEqual(len(dates_after), 2)
self.assertEqual(dates_after[0], date(2025, 1, 1))
self.assertEqual(dates_after[1], date(2026, 1, 1))
class AddVorgabeCommentViewTest(TestCase):
"""Test cases for add_vorgabe_comment view"""
@@ -2041,12 +2480,16 @@ class DeleteVorgabeCommentViewTest(TestCase):
self.other_user = User.objects.create_user(
username='otheruser',
password='testpass123'
password='testpass123',
first_name='Other',
last_name='User'
)
self.staff_user = User.objects.create_user(
username='staffuser',
password='testpass123'
password='testpass123',
first_name='Staff',
last_name='User'
)
self.staff_user.is_staff = True
self.staff_user.save()
@@ -2172,3 +2615,384 @@ class DeleteVorgabeCommentViewTest(TestCase):
self.assertIn('Content-Security-Policy', response)
self.assertIn('X-Content-Type-Options', response)
self.assertEqual(response['X-Content-Type-Options'], 'nosniff')
class UserCommentsViewTest(TestCase):
"""Test the user comments view that displays all comments grouped by document"""
def setUp(self):
"""Set up test data"""
# Create users
self.user1 = User.objects.create_user(username='user1', password='pass123')
self.user2 = User.objects.create_user(username='user2', password='pass123')
# Create documents
self.doc_type = Dokumententyp.objects.create(name='Test Type', verantwortliche_ve='test')
self.doc1 = Dokument.objects.create(nummer='DOC-001', name='Document 1', dokumententyp=self.doc_type, aktiv=True)
self.doc2 = Dokument.objects.create(nummer='DOC-002', name='Document 2', dokumententyp=self.doc_type, aktiv=True)
# Create themes
self.theme1 = Thema.objects.create(name='Theme 1')
self.theme2 = Thema.objects.create(name='Theme 2')
# Create vorgaben
from datetime import date
self.vorgabe1 = Vorgabe.objects.create(
nummer=1,
order=1,
dokument=self.doc1,
thema=self.theme1,
titel='Vorgabe 1',
gueltigkeit_von=date.today()
)
self.vorgabe2 = Vorgabe.objects.create(
nummer=2,
order=2,
dokument=self.doc1,
thema=self.theme1,
titel='Vorgabe 2',
gueltigkeit_von=date.today()
)
self.vorgabe3 = Vorgabe.objects.create(
nummer=1,
order=1,
dokument=self.doc2,
thema=self.theme2,
titel='Vorgabe 3',
gueltigkeit_von=date.today()
)
# Create comments for user1
self.comment1 = VorgabeComment.objects.create(
vorgabe=self.vorgabe1,
user=self.user1,
text='User1 comment on vorgabe1'
)
self.comment2 = VorgabeComment.objects.create(
vorgabe=self.vorgabe2,
user=self.user1,
text='User1 comment on vorgabe2'
)
self.comment3 = VorgabeComment.objects.create(
vorgabe=self.vorgabe3,
user=self.user1,
text='User1 comment on vorgabe3'
)
# Create comment for user2
self.comment4 = VorgabeComment.objects.create(
vorgabe=self.vorgabe1,
user=self.user2,
text='User2 comment on vorgabe1'
)
def test_user_comments_requires_login(self):
"""Test that user comments view requires authentication"""
response = self.client.get(reverse('user_comments'))
self.assertEqual(response.status_code, 302)
self.assertIn('/login/', response.url)
def test_user_comments_shows_only_own_comments(self):
"""Test that user only sees their own comments"""
self.client.login(username='user1', password='pass123')
response = self.client.get(reverse('user_comments'))
self.assertEqual(response.status_code, 200)
self.assertContains(response, 'User1 comment on vorgabe1')
self.assertContains(response, 'User1 comment on vorgabe2')
self.assertContains(response, 'User1 comment on vorgabe3')
self.assertNotContains(response, 'User2 comment on vorgabe1')
def test_user_comments_grouped_by_document(self):
"""Test that comments are properly grouped by document"""
self.client.login(username='user1', password='pass123')
response = self.client.get(reverse('user_comments'))
self.assertEqual(response.status_code, 200)
# Check that document titles appear
self.assertContains(response, 'DOC-001 Document 1')
self.assertContains(response, 'DOC-002 Document 2')
# Check context
self.assertIn('comments_by_document', response.context)
self.assertEqual(len(response.context['comments_by_document']), 2)
def test_user_comments_count_display(self):
"""Test that total comment count is displayed"""
self.client.login(username='user1', password='pass123')
response = self.client.get(reverse('user_comments'))
self.assertEqual(response.status_code, 200)
self.assertEqual(response.context['total_comments'], 3)
self.assertContains(response, '3 Kommentare')
def test_user_comments_empty_view(self):
"""Test the view when user has no comments"""
# Create a new user with no comments
user3 = User.objects.create_user(username='user3', password='pass123')
self.client.login(username='user3', password='pass123')
response = self.client.get(reverse('user_comments'))
self.assertEqual(response.status_code, 200)
self.assertEqual(response.context['total_comments'], 0)
self.assertContains(response, 'Sie haben noch keine Kommentare')
def test_user_comments_comment_text_preserved(self):
"""Test that comment text is correctly displayed"""
self.client.login(username='user1', password='pass123')
response = self.client.get(reverse('user_comments'))
self.assertEqual(response.status_code, 200)
# Check that comment text appears in response
self.assertContains(response, 'User1 comment on vorgabe1')
def test_user_comments_vorgabe_number_link(self):
"""Test that vorgabe numbers are linked correctly"""
self.client.login(username='user1', password='pass123')
response = self.client.get(reverse('user_comments'))
self.assertEqual(response.status_code, 200)
# Check that vorgabe numbers appear (format is DOC-001.T.1)
self.assertContains(response, 'DOC-001.T.1')
self.assertContains(response, 'DOC-001.T.2')
self.assertContains(response, 'DOC-002.T.1')
def test_user_comments_ordered_by_creation_date(self):
"""Test that comments are ordered by creation date (newest first)"""
self.client.login(username='user1', password='pass123')
response = self.client.get(reverse('user_comments'))
self.assertEqual(response.status_code, 200)
# The queryset orders by vorgabe document, then by -created_at
# Check that all three comments are in the response
self.assertContains(response, 'User1 comment on vorgabe1')
self.assertContains(response, 'User1 comment on vorgabe2')
self.assertContains(response, 'User1 comment on vorgabe3')
def test_user_comments_template_used(self):
"""Test that correct template is used"""
self.client.login(username='user1', password='pass123')
response = self.client.get(reverse('user_comments'))
self.assertEqual(response.status_code, 200)
self.assertTemplateUsed(response, 'standards/user_comments.html')
class AllCommentsViewTest(TestCase):
"""Test the all comments view that displays all comments from all users (staff only)"""
def setUp(self):
"""Set up test data"""
# Create users
self.user1 = User.objects.create_user(username='user1', password='pass123', first_name='Max', last_name='Mustermann')
self.user2 = User.objects.create_user(username='user2', password='pass123', first_name='Anna', last_name='Mueller')
self.staff_user = User.objects.create_user(username='staff', password='pass123', is_staff=True, first_name='Admin', last_name='User')
# Create documents
self.doc_type = Dokumententyp.objects.create(name='Test Type', verantwortliche_ve='test')
self.doc1 = Dokument.objects.create(nummer='DOC-001', name='Document 1', dokumententyp=self.doc_type, aktiv=True)
self.doc2 = Dokument.objects.create(nummer='DOC-002', name='Document 2', dokumententyp=self.doc_type, aktiv=True)
# Create themes
self.theme1 = Thema.objects.create(name='Theme 1')
self.theme2 = Thema.objects.create(name='Theme 2')
# Create vorgaben
self.vorgabe1 = Vorgabe.objects.create(
nummer=1,
order=1,
dokument=self.doc1,
thema=self.theme1,
titel='Vorgabe 1',
gueltigkeit_von=date.today()
)
self.vorgabe2 = Vorgabe.objects.create(
nummer=2,
order=2,
dokument=self.doc1,
thema=self.theme1,
titel='Vorgabe 2',
gueltigkeit_von=date.today()
)
self.vorgabe3 = Vorgabe.objects.create(
nummer=1,
order=1,
dokument=self.doc2,
thema=self.theme2,
titel='Vorgabe 3',
gueltigkeit_von=date.today()
)
# Create comments from different users
self.comment1 = VorgabeComment.objects.create(
vorgabe=self.vorgabe1,
user=self.user1,
text='User1 comment on vorgabe1'
)
self.comment2 = VorgabeComment.objects.create(
vorgabe=self.vorgabe2,
user=self.user1,
text='User1 comment on vorgabe2'
)
self.comment3 = VorgabeComment.objects.create(
vorgabe=self.vorgabe3,
user=self.user2,
text='User2 comment on vorgabe3'
)
self.comment4 = VorgabeComment.objects.create(
vorgabe=self.vorgabe1,
user=self.user2,
text='User2 comment on vorgabe1'
)
def test_all_comments_requires_login(self):
"""Test that all comments view requires authentication"""
response = self.client.get(reverse('all_comments'))
self.assertEqual(response.status_code, 302)
self.assertIn('/login/', response.url)
def test_all_comments_staff_only(self):
"""Test that non-staff users cannot access all comments view"""
self.client.login(username='user1', password='pass123')
response = self.client.get(reverse('all_comments'))
self.assertEqual(response.status_code, 302)
self.assertIn('/login/', response.url)
def test_all_comments_staff_can_access(self):
"""Test that staff users can access all comments view"""
self.client.login(username='staff', password='pass123')
response = self.client.get(reverse('all_comments'))
self.assertEqual(response.status_code, 200)
def test_all_comments_shows_all_comments(self):
"""Test that staff sees all comments from all users"""
self.client.login(username='staff', password='pass123')
response = self.client.get(reverse('all_comments'))
self.assertEqual(response.status_code, 200)
self.assertContains(response, 'User1 comment on vorgabe1')
self.assertContains(response, 'User1 comment on vorgabe2')
self.assertContains(response, 'User2 comment on vorgabe3')
self.assertContains(response, 'User2 comment on vorgabe1')
def test_all_comments_shows_usernames(self):
"""Test that all comments display the username of the author"""
self.client.login(username='staff', password='pass123')
response = self.client.get(reverse('all_comments'))
self.assertEqual(response.status_code, 200)
# Check that user names appear in the response
self.assertContains(response, 'Max Mustermann')
self.assertContains(response, 'Anna Mueller')
def test_all_comments_grouped_by_document(self):
"""Test that comments are properly grouped by document"""
self.client.login(username='staff', password='pass123')
response = self.client.get(reverse('all_comments'))
self.assertEqual(response.status_code, 200)
# Check that document titles appear
self.assertContains(response, 'DOC-001 Document 1')
self.assertContains(response, 'DOC-002 Document 2')
# Check context
self.assertIn('comments_by_document', response.context)
self.assertEqual(len(response.context['comments_by_document']), 2)
def test_all_comments_count_display(self):
"""Test that total comment count is displayed"""
self.client.login(username='staff', password='pass123')
response = self.client.get(reverse('all_comments'))
self.assertEqual(response.status_code, 200)
self.assertEqual(response.context['total_comments'], 4)
self.assertContains(response, '4 Kommentare')
def test_all_comments_empty_view(self):
"""Test the view when there are no comments"""
# Delete all comments
VorgabeComment.objects.all().delete()
self.client.login(username='staff', password='pass123')
response = self.client.get(reverse('all_comments'))
self.assertEqual(response.status_code, 200)
self.assertEqual(response.context['total_comments'], 0)
self.assertContains(response, 'Es gibt noch keine Kommentare')
def test_all_comments_template_used(self):
"""Test that correct template is used"""
self.client.login(username='staff', password='pass123')
response = self.client.get(reverse('all_comments'))
self.assertEqual(response.status_code, 200)
self.assertTemplateUsed(response, 'standards/all_comments.html')
def test_all_comments_has_delete_buttons(self):
"""Test that delete buttons are present for each comment"""
self.client.login(username='staff', password='pass123')
response = self.client.get(reverse('all_comments'))
self.assertEqual(response.status_code, 200)
# Check for delete button form elements - look for the delete form action URLs
self.assertContains(response, '/dokumente/comments/delete/', count=4)
# Also check for the delete button text
self.assertContains(response, 'Löschen', count=4)
def test_all_comments_vorgabe_number_link(self):
"""Test that vorgabe numbers are linked correctly"""
self.client.login(username='staff', password='pass123')
response = self.client.get(reverse('all_comments'))
self.assertEqual(response.status_code, 200)
# Check that vorgabe numbers appear
self.assertContains(response, 'DOC-001.T.1')
self.assertContains(response, 'DOC-001.T.2')
self.assertContains(response, 'DOC-002.T.1')
def test_all_comments_ordered_by_document_and_date(self):
"""Test that comments are ordered by document then by creation date"""
self.client.login(username='staff', password='pass123')
response = self.client.get(reverse('all_comments'))
self.assertEqual(response.status_code, 200)
# Check context has properly grouped comments
comments_by_doc = response.context['comments_by_document']
# Verify all documents are present
doc_numbers = [doc.nummer for doc in comments_by_doc.keys()]
self.assertIn('DOC-001', doc_numbers)
self.assertIn('DOC-002', doc_numbers)
def test_all_comments_displays_timestamps(self):
"""Test that comment timestamps are displayed"""
self.client.login(username='staff', password='pass123')
response = self.client.get(reverse('all_comments'))
self.assertEqual(response.status_code, 200)
# Check that timestamp patterns appear (date formatting)
self.assertContains(response, 'Erstellt:')
def test_all_comments_regular_user_redirect(self):
"""Test that regular users are redirected to login"""
# Create and login as regular user
regular_user = User.objects.create_user(username='regular', password='pass123')
self.client.login(username='regular', password='pass123')
response = self.client.get(reverse('all_comments'))
# Should redirect to login since user is not staff
self.assertEqual(response.status_code, 302)
self.assertIn('/login/', response.url)
def test_all_comments_no_own_comments_filter(self):
"""Test that staff sees comments from ALL users, not just their own"""
self.client.login(username='staff', password='pass123')
response = self.client.get(reverse('all_comments'))
# Verify all comments are visible, not filtered by user
self.assertContains(response, 'User1 comment on vorgabe1')
self.assertContains(response, 'User2 comment on vorgabe1')
# Both users' comments on the same vorgabe should be visible
self.assertEqual(response.context['total_comments'], 4)

2
dokumente/urls.py
View File

@@ -4,6 +4,8 @@ from . import views
urlpatterns = [
path('', views.standard_list, name='standard_list'),
path('unvollstaendig/', views.incomplete_vorgaben, name='incomplete_vorgaben'),
path('meine-kommentare/', views.user_comments, name='user_comments'),
path('alle-kommentare/', views.all_comments, name='all_comments'),
path('<str:nummer>/', views.standard_detail, name='standard_detail'),
path('<str:nummer>/history/<str:check_date>/', views.standard_detail),
path('<str:nummer>/history/', views.standard_detail, {"check_date":"today"}, name='standard_history'),

56
dokumente/views.py
View File

@@ -29,9 +29,11 @@ def standard_detail(request, nummer,check_date=""):
if check_date:
check_date = calendar.parseDT(check_date)[0].date()
standard.history = True
standard.is_future = check_date > date.today()
else:
check_date = date.today()
standard.history = False
standard.is_future = False
standard.check_date=check_date
vorgaben = list(standard.vorgaben.order_by("thema","nummer").select_related("thema","dokument")) # convert queryset to list so we can attach attributes
@@ -366,3 +368,57 @@ def delete_vorgabe_comment(request, comment_id):
response['Content-Security-Policy'] = "default-src 'self'"
response['X-Content-Type-Options'] = 'nosniff'
return response
@login_required
def user_comments(request):
"""
Display all comments made by the logged-in user, grouped by document.
"""
# Get all comments by the current user
user_comments = VorgabeComment.objects.filter(
user=request.user
).select_related('vorgabe', 'vorgabe__dokument').order_by(
'vorgabe__dokument__nummer', '-created_at'
)
# Group comments by document
comments_by_document = {}
for comment in user_comments:
dokument = comment.vorgabe.dokument
if dokument not in comments_by_document:
comments_by_document[dokument] = []
comments_by_document[dokument].append(comment)
return render(request, 'standards/user_comments.html', {
'comments_by_document': comments_by_document,
'total_comments': user_comments.count(),
})
@login_required
@user_passes_test(is_staff_user)
def all_comments(request):
"""
Display all comments from all users, grouped by document.
Staff only.
"""
# Get all comments
all_comments_qs = VorgabeComment.objects.select_related(
'vorgabe', 'vorgabe__dokument', 'user'
).order_by(
'vorgabe__dokument__nummer', '-created_at'
)
# Group comments by document
comments_by_document = {}
for comment in all_comments_qs:
dokument = comment.vorgabe.dokument
if dokument not in comments_by_document:
comments_by_document[dokument] = []
comments_by_document[dokument].append(comment)
return render(request, 'standards/all_comments.html', {
'comments_by_document': comments_by_document,
'total_comments': all_comments_qs.count(),
})

4
k8s/deployment.yaml
View File

@@ -24,8 +24,8 @@ spec:
- name: data
mountPath: /data
containers:
- name: web
image: docker.io/adebaumann/vui:0.917
- name: web
image: docker.io/adebaumann/vui:0.918
imagePullPolicy: Always
ports:
- containerPort: 8000

38
pages/templates/base.html
View File

@@ -48,21 +48,25 @@
<div class="dropdown">
<a href="#" class="dropdown-toggle" data-toggle="dropdown" style="text-decoration: none; color: #000; display: flex; align-items: center;">
<span style="font-size: 24px; margin-right: 8px;">👤</span>
<span class="hidden-xs" style="margin-left: 0;">{{ user.username }}</span>
<span class="hidden-xs" style="margin-left: 0;">{{ user.first_name }} {{ user.last_name }}</span>
<span class="caret" style="margin-left: 8px;"></span>
</a>
<ul class="dropdown-menu dropdown-menu-right" role="menu">
<li><a href="{% url 'password_change' %}">Passwort ändern</a></li>
<li class="divider"></li>
<li>
<form method="post" action="{% url 'logout' %}" style="display: inline;">
{% csrf_token %}
<button type="submit" style="background: none; border: none; color: inherit; padding: 3px 20px; width: 100%; text-align: left; cursor: pointer;">
Abmelden
</button>
</form>
</li>
</ul>
<ul class="dropdown-menu dropdown-menu-right" role="menu">
<li><a href="{% url 'user_comments' %}">Meine Kommentare</a></li>
{% if user.is_staff %}
<li><a href="{% url 'all_comments' %}">Alle Kommentare</a></li>
{% endif %}
<li><a href="{% url 'password_change' %}">Passwort ändern</a></li>
<li class="divider"></li>
<li>
<form method="post" action="{% url 'logout' %}" style="display: inline;">
{% csrf_token %}
<button type="submit" style="background: none; border: none; color: inherit; padding: 3px 20px; width: 100%; text-align: left; cursor: pointer;">
Abmelden
</button>
</form>
</li>
</ul>
</div>
</div>
{% else %}
@@ -102,7 +106,7 @@
<li><a href="/dokumente">Standards</a></li>
{% if user.is_staff %}
<li><a href="/dokumente/unvollstaendig/">Unvollständig</a></li>
<li><a href="/autorenumgebung/">Autorenumgebung</a></li>
<li><a href="/autorenumgebung/">Autor</a></li>
{% endif %}
<li><a href="/referenzen">Referenzen</a></li>
<li><a href="/stichworte">Stichworte</a></li>
@@ -133,7 +137,7 @@
<a href="/dokumente/unvollstaendig/">Unvollständig</a>
</li>
<li class="dropdown {% if 'autorenumgebung' in request.path %}current{% endif %}">
<a href="/autorenumgebung/">Autorenumgebung</a>
<a href="/autorenumgebung/">Autor</a>
</li>
{% endif %}
<li class="dropdown {% if 'referenzen' in request.path %}current{% endif %}">
@@ -215,8 +219,8 @@
</p>
</div>
<div class="col-sm-6 text-right">
<p class="text-muted">Version {{ version|default:"0.960" }}</p>
</div>
<p class="text-muted">Version {{ version|default:"0.973" }}</p>
</div>
</div>
</div>
</footer>

5
requirements.txt
View File

@@ -5,7 +5,7 @@ certifi==2025.8.3
charset-normalizer==3.4.3
curtsies==0.4.3
cwcwidth==0.1.10
Django==5.2.5
Django==5.2.9
django-admin-sortable2==2.2.8
django-js-asset==3.1.2
django-mptt==0.17.0
@@ -30,6 +30,7 @@ pyxdg==0.28
requests==2.32.5
six==1.17.0
sqlparse==0.5.3
urllib3==2.5.0
urllib3==2.6.0
wcwidth==0.2.13
bleach==6.1.0
coverage==7.6.1