AdminGit2026/nis2-agile
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
86e9bdded2
nis2-agile/docs/sql/008_whistleblowing.sql
DevEnv nis2-agile 86e9bdded2 [FEAT] Services API, Webhook, Whistleblowing, Normative + integrazioni 
Sprint completo — prodotto presentation-ready:

Services API (read-only, API Key + scope):
- GET /api/services/status|compliance-summary|risks-feed|incidents-feed
- GET /api/services/controls-status|assets-critical|suppliers-risk|policies-approved
- GET /api/services/openapi (spec OpenAPI 3.0.3 JSON)

Webhook Outbound (Stripe-like HMAC-SHA256):
- CRUD api_keys + webhook_subscriptions (Settings → 2 nuovi tab)
- WebhookService: retry 3x backoff (0s/5min/30min), delivery log
- Trigger auto in IncidentController, RiskController, PolicyController
- Delivery log, test ping, processRetry

Nuovi moduli:
- WhistleblowingController (Art.32 NIS2): anonimato garantito, timeline, token tracking
- NormativeController: feed NIS2/ACN/DORA con ACK tracciato per audit

Frontend:
- whistleblowing.html: form submit anonimo/firmato + gestione CISO
- normative.html: feed con presa visione documentata + progress bar ACK
- public/docs/api.html: documentazione API dark theme (Swagger-like)
- settings.html: tab API Keys + tab Webhook
- integrations/: guide per lg231, SustainAI, AllRisk, SIEM (widget + codice)
- Sidebar: Segnalazioni + Normative aggiunte a common.js

DB: migration 007 (api_keys, webhook_subscriptions, webhook_deliveries),
    008 (whistleblowing_reports + timeline),
    009 (normative_updates + normative_ack + seed NIS2/ACN/DORA/ISO)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-07 13:20:24 +01:00

66 lines
3.4 KiB
SQL
Raw Blame History

-- ============================================================
-- NIS2 Agile - Migration 008: Whistleblowing (Art.32 NIS2)
-- Canale segnalazioni anomalie di sicurezza con anonimato garantito
-- ============================================================
CREATE TABLE IF NOT EXISTS whistleblowing_reports (
id INT UNSIGNED AUTO_INCREMENT PRIMARY KEY,
organization_id INT UNSIGNED NOT NULL,
report_code VARCHAR(20) NOT NULL UNIQUE, -- Es. WB-2026-001
-- Mittente (opzionale — anonimato garantito)
is_anonymous TINYINT(1) NOT NULL DEFAULT 1,
submitted_by INT UNSIGNED NULL, -- NULL se anonimo
anonymous_token VARCHAR(64) NULL, -- Token per tracking anonimo
contact_email VARCHAR(255) NULL, -- Email facoltativa per follow-up
-- Contenuto segnalazione
category ENUM(
'security_incident', 'policy_violation', 'unauthorized_access',
'data_breach', 'supply_chain_risk', 'corruption', 'fraud',
'nis2_non_compliance', 'other'
) NOT NULL,
title VARCHAR(255) NOT NULL,
description TEXT NOT NULL,
evidence_files JSON NULL, -- Array path files allegati
nis2_article VARCHAR(20) NULL, -- Articolo NIS2 violato
-- Gestione
priority ENUM('critical', 'high', 'medium', 'low') NOT NULL DEFAULT 'medium',
status ENUM('received', 'under_review', 'investigating', 'resolved', 'closed', 'rejected') NOT NULL DEFAULT 'received',
assigned_to INT UNSIGNED NULL, -- Utente incaricato
resolution_notes TEXT NULL, -- Note risoluzione (visibili al segnalante se email fornita)
closed_at TIMESTAMP NULL,
closed_by INT UNSIGNED NULL,
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
updated_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
INDEX idx_org (organization_id),
INDEX idx_status (status),
INDEX idx_priority (priority),
INDEX idx_token (anonymous_token),
INDEX idx_code (report_code)
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;
-- ── Timeline segnalazione ──────────────────────────────────
CREATE TABLE IF NOT EXISTS whistleblowing_timeline (
id INT UNSIGNED AUTO_INCREMENT PRIMARY KEY,
report_id INT UNSIGNED NOT NULL,
event_type ENUM('received','status_change','assigned','note_added','closed') NOT NULL,
description TEXT NOT NULL,
new_status VARCHAR(30) NULL,
created_by INT UNSIGNED NULL, -- NULL = sistema
is_visible_to_reporter TINYINT(1) NOT NULL DEFAULT 0, -- Se visibile al segnalante anonimo
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
INDEX idx_report (report_id)
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;
-- ── Foreign Keys ──────────────────────────────────────────
ALTER TABLE whistleblowing_reports
ADD CONSTRAINT fk_wb_org FOREIGN KEY (organization_id) REFERENCES organizations(id) ON DELETE CASCADE;
ALTER TABLE whistleblowing_timeline
ADD CONSTRAINT fk_wb_timeline_report FOREIGN KEY (report_id) REFERENCES whistleblowing_reports(id) ON DELETE CASCADE;
Reference in New Issue View Git Blame Copy Permalink