AdminGit2026/nis2-agile
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
76 Commits 1 Branch 0 Tags 2.9 MiB
c4c34aeed1
Commit Graph

76 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
DevEnv nis2-agile
c4c34aeed1 [UX] Landing NIS2: tema rosso cybersecurity 
Cambio colore brand da cyan (#06B6D4) a rosso (#EF4444):
- --brand-accent: #EF4444
- --brand-gradient: #EF4444 → #DC2626
- --border-color: rgba(239,68,68,0.12)
- --cyan: #EF4444 (compatibilità var)
Tutte le 22+ referenze colore aggiornate via CSS variables cascade.
Tema blu (#3B82F6) mantenuto solo per card "Azienda" (differenziazione).

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-09 11:56:03 +01:00
DevEnv nis2-agile
0a194f6f12 [FEAT] Landing NIS2: accesso su invito + form lead request 
- index.html: CTA "Registrati" → "Richiedi accesso" (anchor form)
  Badge hero "Accesso su invito — Richiedi il tuo codice per iniziare"
  Sezione #richiedi-accesso con form lead (nome, email, azienda, ruolo,
  dimensioni, messaggio) + JS submit asincrono + stato successo/errore
  CTA finale aggiornato con messaggio codice invito
- ContactController.php: POST /api/contact/request-invite
  Validazione campi, rate limit 3/10min per IP, email a info@agile.software
  tramite EmailService con template HTML branded
- index.php: route contact → ContactController + action requestInvite

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-09 11:23:40 +01:00
DevEnv nis2-agile
6cf1cd7384 [FEAT] Landing page marketing NIS2 Agile — sito completo 
Sostituisce il placeholder minimalista con una landing page marketing
completa dark-theme, stile AgentAI hub:
- Hero con mock dashboard interattiva e 4 statistiche chiave
- Sezione normativa: sanzioni Art.34, 18 settori, scadenze Art.23
- Sezione "Per chi è": Azienda PMI vs Consulente/MSSP con feature list
- 9 feature card moduli piattaforma con icone Font Awesome
- Banner integrazione 231 Agile (link a lg231.agile.software)
- How-it-works 4 step con CTA
- CTA finale + footer con info@agile.software
- Brand cyan #06B6D4, Inter font, Font Awesome 6.5.1
- Responsive mobile

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-09 11:04:21 +01:00
DevEnv nis2-agile
902423d768 [DOCS] Aggiorna CONTEXT_LAST_SESSION: sprint fix simulazione + test suite ✓36/36 2026-03-09 10:24:09 +01:00
DevEnv nis2-agile
8578cb5c31 [FIX] ServicesController: query assessment_responses reale + NonConformityController: getPagination named keys 2026-03-09 10:22:40 +01:00
DevEnv nis2-agile
159d783ed7 [FIX] ServicesController: allineamento colonne DB reali (risk_level, contained_at, owner_name, company_name, category compliance_controls) 2026-03-09 10:20:43 +01:00
DevEnv nis2-agile
27ec63c28d [FIX] ServicesController: entity_type (nis2_entity_type col non esiste) + WebhookService risk.status null-safe 2026-03-09 10:14:30 +01:00
DevEnv nis2-agile
086ffbd675 [FIX] test-runner: aggiorna email/password ai valori del simulatore 
Email corrette: admin@datacore-srl.demo, admin@medclinic-spa.demo,
admin@enernet-srl.demo, consultant@nis2agile.demo
Password: NIS2Demo2026! (era Demo2026!)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-09 10:03:14 +01:00
DevEnv nis2-agile
1602438aac [FIX] Simulazione: warning residui + provision JWT standard 
- ServicesController::provision(): JWT usa user_id (standard requireAuth)
- simulate-nis2.php: classifyOrg null-safe per entity_type
- simulate-nis2.php: completeOnboarding usa PUT /organizations/{id}
  invece di /onboarding/complete (evita 409 quando org già esiste)
- simulate-nis2.php: supplier.critical rimosso da $supDef (was extra field)
- EmailService: rimosso sent_at (non in email_log schema)
- WebhookService: status ?? 'detected' (null-safe)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-09 10:00:59 +01:00
DevEnv nis2-agile
13df162ec4 [FIX] SIM-06 + EmailService + WebhookService + supplier assessment 
- ServicesController::provision(): created_by usa userId (INT) non string
- EmailService::logEmail(): rimosso sent_at (colonna non esiste in email_log)
- WebhookService::incidentPayload(): status ?? 'detected' (null-safe)
- simulate-nis2.php: supplier assessment usa formato assessment_responses
  corretto [{question, weight, value: yes|partial|no}]

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-09 09:56:39 +01:00
DevEnv nis2-agile
4be541e9b5 [FIX] reset-demo.sql: gestione trigger audit_log + drop/recreate 
Il trigger prevent_audit_log_delete blocca DELETE e interrompe lo script.
Fix: drop triggers prima di DELETE audit_logs, poi ricrea.
Richiede esecuzione con utente root MySQL.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-09 09:51:40 +01:00
DevEnv nis2-agile
9f9f967d52 [FIX] simulate-nis2: allineamento completo a schema DB reale 
- ensureUser: seed-first (1 login call invece di 2) → evita rate limit
- Risk category: technical→cyber, data_breach→compliance, availability→operational,
  human_factor→human (enum reale: cyber,operational,compliance,supply_chain,physical,human)
- Risk: rimosso status:'open' (default 'identified' nel DB)
- Policy: type→category nel createPolicy, aggiunto mappa cryptography→encryption,
  data_protection→information_security, risk_management→vulnerability_management
- Incident SIM-02/03: category→classification, valori corretti (cyber_attack/data_breach),
  affected_systems→affected_services, rimosso estimated_impact, status investigating→analyzing,
  status resolved→recovering, aggiunto detected_at (campo required)
- Onboarding: org_name→name, employees_count→employee_count
- Classify: aggiunti employee_count e annual_turnover_eur (required)
- Supplier: risk_level→criticality, rimosso is_critical

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-09 09:48:42 +01:00
DevEnv nis2-agile
ef8b7a90e4 [FIX] Simulator: P.IVA checksum + ServicesController: sectorMap + role enum 
- simulate-nis2.php: P.IVA demo corrette con checksum Luhn validi
  (09876543217, 07654321095, 05432109873, 99887766550)
- ServicesController::provision(): sectorMap rimappato a valori enum reali
  (es: 'energia'→'energy', 'finanza'→'banking', 'ict'→'ict_services')
- ServicesController::provision(): user_organizations.role 'super_admin'→'org_admin'
  (super_admin non è nel enum di user_organizations)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-09 09:38:02 +01:00
DevEnv nis2-agile
48317e0556 [FIX] Simulator + ServicesController: allineamento a schema DB reale 
simulate-nis2.php:
- sector: ict → ict_services, healthcare → health (enum DB corretto)
- employee_count (non employees_count) per OrganizationController

ServicesController::provision():
- INSERT organizations: rimossi campi non esistenti (legal_form, ateco_code, etc.)
- Usa colonne reali: name, vat_number, employee_count, sector, entity_type, is_active
- entity_type: voluntary → not_applicable (enum non supporta voluntary)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-09 09:30:20 +01:00
DevEnv nis2-agile
eb31a0a504 [FIX] simulate-nis2: seed DB diretto per evitare rate limit registrazione 
- dbSeedUser(): inserisce utenti demo direttamente nel DB MySQL (bypass HTTP rate limit)
- ensureUser(): usa dbSeedUser() come metodo primario, API /register come fallback
- Rimosse le 2 chiamate register doppie (DEMO_EMAIL + email reale)
- Aggiunto seed consultant@nis2agile.demo + membership a tutte le org demo

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-09 09:12:45 +01:00
DevEnv nis2-agile
d51c365e46 [FIX] ServicesController + simulate-nis2: adatta a schema users reale (full_name, is_active) 
- ServicesController::provision(): INSERT users usa full_name/is_active (non first_name/last_name/status)
- ServicesController::ssoLogin(): stesso fix per SSO user creation
- simulate-nis2::ensureUser(): registration payload usa full_name (non first_name+last_name)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-09 09:09:07 +01:00
DevEnv nis2-agile
eddc2fe79d [FIX] reset-demo.sql: adatta a struttura reale DB (incident_timeline, capa_actions, email_log, users) 
- incident_timeline: join su incidents (no organization_id diretto)
- corrective_actions → capa_actions, non_conformity_id → ncr_id
- email_log: filtra per recipient LIKE '%.demo%' (no organization_id)
- users INSERT: first_name/last_name/status → full_name/is_active

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-09 09:04:48 +01:00
DevEnv nis2-agile
fca3ab3cf8 [TEST] Test Runner v2: aggiunto L6 AI Features (Cross-Analysis, Normative, Whistleblowing) 
- Livello L6 con 6 test: portfolio, history, analyze AI, 403 role check, normative, whistleblowing
- CSS badge lvl-l6 verde smeraldo
- Coverage table: 27 → 35 endpoint (8 nuovi L6)
- Full Suite aggiornata L1→L6 con step L3 e L6 funzionanti
- Header doc aggiornato

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-09 09:01:28 +01:00
DevEnv nis2-agile
19a9e5622d [FEAT] L4 AI Cross-Analysis — analisi aggregata multi-org per consulenti 
- CrossAnalysisController.php: analyze/history/portfolio (k-anonymity min 2 org)
- AIService::crossOrgAnalysis(): aggregazione 9 dimensioni, zero PII nel prompt
- cross-analysis.html: chat UI purple theme, 3 tab, quick questions, portfolio stats
- index.php: routing /api/cross-analysis/{analyze,history,portfolio}
- common.js: link "AI Cross-Analysis" in sidebar sezione Gestione
- docs/AI_LEVELS_SCHEMA.md: schema architetturale L1-L5 con matrice privacy

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-09 08:17:53 +01:00
DevEnv nis2-agile
89fd201bc2 [AI+HELP+I18N] Help workflow, traduzioni IT/EN, schema 5 livelli AI 
- help.js: aggiunta sezione workflow (Compliance Journey) + pageMap entry
- i18n.js: 16 chiavi IT/EN per workflow (fasi, stati, etichette)
- docs/AI_LEVELS_SCHEMA.md: schema architettura 5 livelli AI con privacy matrix
  L1 Guida (safe), L2 Operativo, L3 Aziendale (anonimizzato), L4 Cross-Org (k-anonymity), L5 Normativo

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-09 08:05:36 +01:00
DevEnv nis2-agile
3e8f24eb49 [FEAT] Compliance Journey — workflow visivo 6 fasi NIS2 
- workflow.html: roadmap orizzontale 6 fasi (Preparazione→Valutazione→Rischi→Implementazione→Monitoraggio→Reportistica)
- Dati reali da 9 API in parallelo (assessment, rischi, policy, asset, fornitori, formazione, controlli)
- Auto-selezione fase attiva + dettaglio step con metriche live
- Banner "prossima azione consigliata" contestuale
- Aggiunto link "Compliance Journey" nella sidebar (sezione Principale)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-09 07:54:15 +01:00
DevEnv nis2-agile
ab0e3755f4 [BACKEND] Completa backend: validate-invite, lookup-piva, ruoli, SIM-06 
AuthController:
- register() accetta `role` diretto (compliance_manager, org_admin, auditor, board_member, consultant)
- Aggiunto validateInvite() → POST /api/auth/validate-invite (no auth)

OnboardingController:
- Aggiunto lookupPiva() → POST /api/onboarding/lookup-piva (no auth, rate limit 10/min)
  usato da register.html per P.IVA lookup pre-login

Router (index.php):
- Aggiunto POST:validateInvite e POST:lookupPiva

api.js:
- register() invia sia `role` che `user_type` per retrocompatibilità

simulate-nis2.php:
- SIM-06: B2B provisioning via X-Provision-Secret → org + JWT + API Key
- Filtro NIS2_SIM=SIM06 via goto per skip SIM-01→05 indipendenti
- readEnvValue() helper per leggere PROVISION_SECRET da .env

register.html:
- lookupPiva usa /onboarding/lookup-piva (endpoint pubblico)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-07 17:23:16 +01:00
DevEnv nis2-agile
e4e7d94043 [UX] Standardizzazione login/register/onboarding + Test Runner v2 
login.html: eye toggle, forgot password, auth-terms footer
register.html: wizard 3-step, 5 ruoli NIS2, invite_token URL, P.IVA lookup
onboarding.html: Font Awesome, brand color cyan (#06B6D4)
test-runner.php: L1-L5 test levels, SIM-06 B2B, tab Coverage/Stats,
  DB row counts, run history (localStorage), 5 tabs totali

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-07 17:11:25 +01:00
DevEnv nis2-agile
47a7a25d35 [FIX] InviteController: array_slice(-0) → $where corretto per COUNT query 
array_slice($where, 0, -0) in PHP restituisce array vuoto (−0=0),
generando SQL invalido "WHERE " → PDOException 1064.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-07 16:50:37 +01:00
DevEnv nis2-agile
9ccf2a72b5 [FIX] Database::execute() → Database::query() in 5 controller 
Database non ha metodo execute() — corretto in:
InviteController, ServicesController, WebhookController,
NormativeController, WhistleblowingController.
Causa del HTTP 500 su tutti gli endpoint /api/invites/*.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-07 16:49:58 +01:00
DevEnv nis2-agile
c906a6eff3 [DB] Fix migration 013: MySQL 8.0 compat + script deploy idempotente 
- Rimosso ADD COLUMN IF NOT EXISTS (non supportato MySQL 8.0 standard)
- Aggiunto deploy_013.sh: script bash idempotente con check information_schema

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-07 16:48:53 +01:00
DevEnv nis2-agile
f7347ccd8c [CONTEXT+MKTG] Contesto sessione + HTML migliorati per comunicazione terze parti 
- CONTEXT_LAST_SESSION.md: documento completo di tutto lo sprint B2B
- mktg-api-doc.html: Quick Start box con chiave attiva, flusso visivo 4 step, curl pronti
- integrazioniext.html tab Inviti: tabella "Chi fa cosa" per ruolo, sezione mktg-agile
  con chiave API + 3 curl pronti, Quick Start aggiornato con tabella risorse per destinatario

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-07 16:37:14 +01:00
DevEnv nis2-agile
13eb8ae8a8 [SETTINGS] Aggiunto scope admin:licenses, admin:org, sso:login al form API Keys 2026-03-07 16:28:15 +01:00
DevEnv nis2-agile
39e21878f1 [MKTG-API] Fix: Postman collection in public root 2026-03-07 16:05:49 +01:00
DevEnv nis2-agile
d407fd0510 [MKTG-API] Documentazione + auth API Key per licenze 
- InviteController: requireLicenseAuth() accetta X-API-Key (scope admin:licenses)
  oppure JWT super_admin — tutti i metodi admin aggiornati
- mktg-api-doc.html: risponde alle 6 domande del marketing con esempi curl,
  tabelle risposta, riepilogo endpoint, link Postman collection
- nis2-license-api.postman.json: collection completa (login, create, list,
  revoke, regenerate, validate, provision) con pre-script salva JWT/invite_id

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-07 16:05:18 +01:00
DevEnv nis2-agile
cb0988da27 [LICENSE] Gestione licenze marketing + campi commerciali estesi 
- licenseExt.html: dashboard marketing per generare/gestire licenze
  Login JWT super_admin, stats strip (totali/usate/orgs/utenti),
  form genera con label/piano/durata/max-aziende/max-utenti/prezzo/reseller,
  lista paginata con filtri stato+canale, dettaglio modale, revoca/rigenera,
  export CSV e copia token/URL
- Migration 013: invites +max_users_per_org, +price_eur, +reseller_name
  organizations +license_max_users (da provisioning)
- InviteController::create() gestisce nuovi campi, validate() espone max_users_per_org
- ServicesController::provision() salva license_max_users nell'org

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-07 15:34:38 +01:00
DevEnv nis2-agile
612befd66d [INVITE] Sistema inviti/licenze B2B + provisioning con invite_token 
- InviteController: CRUD inviti (gen, list, show, revoke, rigenera, validate)
- Token inv_* sha256-hashed, one-shot o multi-use, canali, scadenza
- ServicesController::provision() accetta invite_token al posto di X-Provision-Secret
  Piano e durata forzati dall'invito, markUsed() chiaamto dopo provisioning riuscito
- index.php: routing /api/invites/* aggiunto (controller + action map)
- integrazioniext.html: nuovo tab "Inviti & Licenze" con flow completo, endpoints,
  esempi curl/php, guida lg231 aggiornata con sezione provisioning automatico

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-07 15:22:25 +01:00
DevEnv nis2-agile
6933e1d3fb [INTEG] Provisioning B2B automatico + fix JWT helpers 
- POST /api/services/provision: onboarding automatico tenant da lg231
  - X-Provision-Secret auth (master secret, non org-specific)
  - Crea org (con tutti i dati lg231: P.IVA, ATECO, sede, PEC, fatturato)
  - Crea admin user con password temporanea (must_change_password=1)
  - Genera API Key scope [read:all, write:all, admin:org, sso:login]
  - Emette JWT 2h per apertura immediata UI
  - Callback webhook a lg231 con api_key
  - Idempotent: stessa P.IVA → restituisce org esistente
  - Audit: org.provisioned severity=critical
- config.php: PROVISION_SECRET (env var)
- BaseController: base64UrlEncode/Decode da private → protected
- Migration 011: colonne provisioning + must_change_password + indexes

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-07 15:02:11 +01:00
DevEnv nis2-agile
29aaf5db88 [INTEG] Aggiorna integrazioniext.html con token exchange, SSO e audit 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-07 14:47:10 +01:00
DevEnv nis2-agile
1f534db33a [INTEG] Token exchange + SSO federato + Audit trail chiamate esterne 
ServicesController:
- POST /api/services/token: lg231 invia API key → riceve JWT 15min
- POST /api/services/sso: SSO federato con identità utente + responsabilità
  → crea/trova utente NIS2 + emette JWT 2h con ruolo e responsibilities
- Audit trail: ogni chiamata esterna autenticata loggata (api.external_call)
- SSO login loggato come auth.sso_login severity=warning con responsabilità

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-07 14:46:27 +01:00
DevEnv nis2-agile
5ecdce7d47 [INTEG] Pagina integrazioni esterne + spec lg231↔NIS2 
- public/integrazioniext.html: pagina pubblica con 4 tab (Services API,
  Guida lg231, Webhook, Quick Start) — link in sidebar
- docs/integration/lg231-nis2-integration.md: spec tecnica completa
  per agente Claude lg231 (provider-config, Nis2Client, widget, escalation OdV)
- common.js: voce sidebar → integrazioniext.html

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-07 14:43:59 +01:00
DevEnv nis2-agile
3321509d02 [TEST] Bottone Reset+Simula+Testa Tutto + preserva admin Benassati 
- test-runner.php: bottone verde scuro in cima al tab Test che esegue
  reset DB → simulazioni → smoke test in sequenza
- reset-demo.sql: INSERT ON DUPLICATE KEY per cristiano.benassati@gmail.com
  (super_admin, Silvia1978!@) — sopravvive a qualsiasi reset
- Tab Credenziali: admin permanente in cima alla tabella

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-07 14:35:20 +01:00
DevEnv nis2-agile
78c3fd1860 [TEST] Sposta test-runner.php in public/ (document root Apache) 
Il document root Apache è public/, quindi il runner deve essere
accessibile da /test-runner.php?t=Nis2Test2026

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-07 14:24:29 +01:00
DevEnv nis2-agile
4d8e7c74f4 [TEST] Test Runner NIS2 Agile — pattern lg231 
Single-file PHP runner con token auth (Nis2Test2026), SSE streaming,
dark terminal UI. Comandi: health, smoke, sim01-05, simulate, chain-verify,
reset, all. Tab: Test / Simulazioni / Credenziali demo.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-07 14:23:28 +01:00
DevEnv nis2-agile
d4a028e71f [DOCS] CLAUDE.md: istruzioni attivazione nis2.agile.software SSL 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-07 14:09:49 +01:00
DevEnv nis2-agile
07c1a71685 [MIGRATE] Migrazione a nis2.agile.software 
- Tutti i riferimenti nis2.certisource.it → nis2.agile.software
- Apache vhost HTTP nis2.agile.software attivo su Hetzner
- Script setup-nis2-agile-software.sh: certbot SSL + redirect da vecchio dominio
- .env server: APP_URL aggiornato a https://nis2.agile.software
- CLAUDE.md, docs commerciali, integrazioni, API docs aggiornati

DNS da aggiungere in Cloudflare: nis2.agile.software A 135.181.149.254 (proxy OFF)
Poi eseguire: bash /opt/devenv/scripts/setup-nis2-agile-software.sh

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-07 14:07:10 +01:00
DevEnv nis2-agile
0fcc69ee85 [DOCS] CLAUDE.md: documentazione AuditService, simulazioni, migration 010 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-07 13:58:29 +01:00
DevEnv nis2-agile
874eabb6fc [FEAT] Simulazioni Demo + Audit Trail Certificato SHA-256 
- 5 scenari reali: Onboarding, Ransomware Art.23, Data Breach Supply Chain,
  Whistleblowing SCADA, Audit Hash Chain Verification
- simulate-nis2.php: 3 aziende (DataCore/MedClinic/EnerNet), 10 fasi, CLI+SSE
- AuditService.php: hash chain SHA-256 stile lg231 (prev_hash+entry_hash)
- Migration 010: prev_hash, entry_hash, severity, performed_by su audit_logs
- AuditController: GET chain-verify + GET export-certified
- reset-demo.sql: reset dati demo idempotente
- public/simulate.html: web runner SSE con console dark-theme
- Sidebar: link Simulazione Demo + Integrazioni

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-07 13:56:53 +01:00
DevEnv nis2-agile
b23bbc55fd [DOCS] CLAUDE.md aggiornato sprint Services/Webhook/Whistleblowing/Normative 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-07 13:26:22 +01:00
DevEnv nis2-agile
a8ef41dc35 [FIX] Migration SQL: INT NOT NULL per FK verso organizations/users (signed) 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-07 13:22:08 +01:00
DevEnv nis2-agile
86e9bdded2 [FEAT] Services API, Webhook, Whistleblowing, Normative + integrazioni 
Sprint completo — prodotto presentation-ready:

Services API (read-only, API Key + scope):
- GET /api/services/status|compliance-summary|risks-feed|incidents-feed
- GET /api/services/controls-status|assets-critical|suppliers-risk|policies-approved
- GET /api/services/openapi (spec OpenAPI 3.0.3 JSON)

Webhook Outbound (Stripe-like HMAC-SHA256):
- CRUD api_keys + webhook_subscriptions (Settings → 2 nuovi tab)
- WebhookService: retry 3x backoff (0s/5min/30min), delivery log
- Trigger auto in IncidentController, RiskController, PolicyController
- Delivery log, test ping, processRetry

Nuovi moduli:
- WhistleblowingController (Art.32 NIS2): anonimato garantito, timeline, token tracking
- NormativeController: feed NIS2/ACN/DORA con ACK tracciato per audit

Frontend:
- whistleblowing.html: form submit anonimo/firmato + gestione CISO
- normative.html: feed con presa visione documentata + progress bar ACK
- public/docs/api.html: documentazione API dark theme (Swagger-like)
- settings.html: tab API Keys + tab Webhook
- integrations/: guide per lg231, SustainAI, AllRisk, SIEM (widget + codice)
- Sidebar: Segnalazioni + Normative aggiunte a common.js

DB: migration 007 (api_keys, webhook_subscriptions, webhook_deliveries),
    008 (whistleblowing_reports + timeline),
    009 (normative_updates + normative_ack + seed NIS2/ACN/DORA/ISO)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-07 13:20:24 +01:00
Cleanup
3f4b451e2a [TEST] Cleanup test files 2026-02-24 16:43:11 +00:00
RoundTest
a11589d61f [TEST-R2] Push da nis2-agile-devenv 2026-02-24 17:42:05 +01:00
CertiSource Server
32bfb82d4b [SERVER] Auto-commit: allineamento repository 2026-02-24 12:56:23 +00:00
DevEnv nis2-agile
c2aaebd6c1 [COMMERCIAL] Landing page NIS2 Agile + aggiornamento AgentAI Hub 
- Aggiunta docs/commercial/landing-nis2-agile.html (landing page 7 sezioni)
  Hero con mockup dashboard, trust bar compliance, problema/soluzione,
  5-step come funziona, 4 metriche, CTA finale. Palette cyan dark, responsive.
- AgentAI Hub (agentai.certisource.it): products.json NIS2 corretto
  (Vanilla JS, releaseDate Q1 2026, 8 features, links completi)
- Presentazione aggiornata: Tailwind→CSS3, slide Pricing aggiunta (ora 9 slide)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-02-20 14:32:04 +01:00