AdminGit2026/nis2-agile
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
46 Commits 1 Branch 0 Tags 2.9 MiB
cb0988da27
Commit Graph

6 Commits

Author SHA1 Message Date
DevEnv nis2-agile
86e9bdded2 [FEAT] Services API, Webhook, Whistleblowing, Normative + integrazioni 
Sprint completo — prodotto presentation-ready:

Services API (read-only, API Key + scope):
- GET /api/services/status|compliance-summary|risks-feed|incidents-feed
- GET /api/services/controls-status|assets-critical|suppliers-risk|policies-approved
- GET /api/services/openapi (spec OpenAPI 3.0.3 JSON)

Webhook Outbound (Stripe-like HMAC-SHA256):
- CRUD api_keys + webhook_subscriptions (Settings → 2 nuovi tab)
- WebhookService: retry 3x backoff (0s/5min/30min), delivery log
- Trigger auto in IncidentController, RiskController, PolicyController
- Delivery log, test ping, processRetry

Nuovi moduli:
- WhistleblowingController (Art.32 NIS2): anonimato garantito, timeline, token tracking
- NormativeController: feed NIS2/ACN/DORA con ACK tracciato per audit

Frontend:
- whistleblowing.html: form submit anonimo/firmato + gestione CISO
- normative.html: feed con presa visione documentata + progress bar ACK
- public/docs/api.html: documentazione API dark theme (Swagger-like)
- settings.html: tab API Keys + tab Webhook
- integrations/: guide per lg231, SustainAI, AllRisk, SIEM (widget + codice)
- Sidebar: Segnalazioni + Normative aggiunte a common.js

DB: migration 007 (api_keys, webhook_subscriptions, webhook_deliveries),
    008 (whistleblowing_reports + timeline),
    009 (normative_updates + normative_ack + seed NIS2/ACN/DORA/ISO)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-07 13:20:24 +01:00
DevEnv nis2-agile
0e78ec24c1 [FIX] i18n funzionante + bug audit.html + help system 
- common.js: aggiunto i18nKey a navItems, data-i18n su sezioni e voci
  sidebar → toggle IT/EN ora traduce la navigazione in tempo reale
- Tutte e 10 le pagine HTML: aggiunto data-i18n="*.title" agli h2
  (dashboard, assessment, risks, incidents, policies, supply-chain,
  training, assets, reports, settings)
- FIX BUG: sidebar puntava ad audit.html (inesistente) → corretto
  in reports.html
- HelpSystem: funziona correttamente in tutte le 10 pagine
  (content-header-actions presente, init() chiamato)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-02-20 11:17:04 +01:00
DevEnv nis2-agile
ba21534e6a [DEPLOY] Migrazione a subdomain nis2.certisource.it 
Rimozione prefisso /nis2/ da tutti i path frontend e router:
- index.php: basePath '' (da '/nis2')
- api.js: baseUrl '/api' (da '/nis2/api')
- Tutti i file HTML: path assoluti senza prefisso /nis2/

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-02-19 14:05:18 +01:00
Cristiano Benassati
52fd45fac9 [FEAT] i18n IT/EN, Help Online contestuale, pagina Architettura 
- i18n.js: sistema traduzioni IT/EN con ~150 chiavi, localStorage, data-i18n
- help.js: help contestuale per 10 pagine con riferimenti NIS2
- architecture.html: descrizione architettura sistema completa
- common.js: language toggle sidebar (IT/EN), link Architettura, icone
- Integrato i18n + help in tutte le 14 pagine app + 3 admin

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-18 08:34:37 +01:00
Cristiano Benassati
4e3408e9f6 [FEAT] Visura auto-fill, adesione volontaria, modulo NCR/CAPA 
1. Fix auto-fill visura: mapping corretto suggested_sector e employees_range,
   indicatori visivi verdi sui campi auto-compilati, fatturato sempre manuale
2. Adesione volontaria: colonna voluntary_compliance, checkbox in onboarding
   step 5 quando not_applicable, toggle in settings, reset su ri-classificazione
3. Modulo NCR/CAPA: NonConformityController con 10 endpoint API,
   tabelle non_conformities + capa_actions, generazione NCR dai gap assessment,
   predisposizione integrazione SistemiG.agile (webhook + sync)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-18 08:12:57 +01:00
Cristiano Benassati
73e78ea6b4 [FEAT] Add all frontend pages - complete UI for NIS2 platform 
- risks.html: Risk register with 5x5 matrix heatmap, treatments, AI suggest
- incidents.html: Incident management with NIS2 Art.23 timeline (24h/72h/30d)
- policies.html: Policy management with templates, approval workflow, AI generate
- supply-chain.html: Supplier registry with 10-question security assessment
- training.html: Courses, assignments, compliance status tracking
- assets.html: Asset inventory with dependency mapping
- reports.html: Compliance report, controls, audit log, ISO 27001 mapping
- settings.html: Organization, profile, members, security settings
- admin/index.html: Platform admin dashboard with stats
- admin/organizations.html: Organization management for super_admin
- admin/users.html: User management for super_admin

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-17 18:46:03 +01:00