work on GDPR

asiffer · Apr 30, 2023 · 593c20a · 593c20a
1 parent 45bb840
commit 593c20a
Show file tree

Hide file tree

Showing 37 changed files with 2,369 additions and 651 deletions.
diff --git a/app/Activity.php b/app/Activity.php
@@ -80,11 +80,6 @@ public function operations()
         return $this->belongsToMany(Operation::class)->orderBy('name');
     }
 
-    public function documents()
-    {
-        return $this->belongsToMany(Document::class);
-    }
-
     protected function serializeDate(DateTimeInterface $date)
     {
         return $date->format('Y-m-d H:i:s');

diff --git a/app/DataProcessing.php b/app/DataProcessing.php
@@ -0,0 +1,73 @@
+<?php
+
+namespace App;
+
+use App\Document;
+use App\Process;
+use App\MApplication;
+use App\Information;
+
+use App\Traits\Auditable;
+use DateTimeInterface;
+use Illuminate\Database\Eloquent\Model;
+use Illuminate\Database\Eloquent\SoftDeletes;
+
+/**
+ * App\Actor
+ *
+ */
+class DataProcessing extends Model
+{
+    use SoftDeletes, Auditable;
+
+    public $table = 'data_processing';
+
+    public static $searchable = [
+        'name',
+        'description',
+    ];
+
+    protected $dates = [
+        'created_at',
+        'updated_at',
+        'deleted_at',
+    ];
+
+    protected $fillable = [
+        'name',
+        'description',
+        'responsible',
+        'purpose',
+        'categories',
+        'recipients',
+        'transfert',
+        'retention',
+        'controls',
+    ];
+
+
+    public function processes()
+    {
+        return $this->belongsToMany(Process::class)->orderBy('identifiant');
+    }
+
+    public function applications()
+    {
+        return $this->belongsToMany(MApplication::class)->orderBy('name');
+    }
+
+    public function informations()
+    {
+        return $this->belongsToMany(Information::class)->orderBy('name');
+    }
+
+    public function documents()
+    {
+        return $this->belongsToMany(Document::class);
+    }
+
+    protected function serializeDate(DateTimeInterface $date)
+    {
+        return $date->format('Y-m-d H:i:s');
+    }
+}
diff --git a/app/Http/Controllers/Admin/ActivityController.php b/app/Http/Controllers/Admin/ActivityController.php
@@ -21,7 +21,6 @@ public function index()
     {
         abort_if(Gate::denies('activity_access'), Response::HTTP_FORBIDDEN, '403 Forbidden');
 
-        // $activities = Activity::all()->sortBy('name');
         $activities = Activity::with('operations', 'activitiesProcesses')->orderBy('name')->get();
 
         return view('admin.activities.index', compact('activities'));
@@ -33,9 +32,7 @@ public function create()
 
         $operations = Operation::all()->sortBy('name')->pluck('name', 'id');
         $processes = Process::all()->sortBy('name')->pluck('identifiant', 'id');
-
-        session()->put("documents",array());
-
+
         return view('admin.activities.create', compact('operations', 'processes'));
     }
 
@@ -44,8 +41,6 @@ public function store(StoreActivityRequest $request)
         $activity = Activity::create($request->all());
         $activity->operations()->sync($request->input('operations', []));
         $activity->activitiesProcesses()->sync($request->input('processes', []));
-        $activity->documents()->sync(session()->get("documents"));
-        session()->forget("documents");
 
         return redirect()->route('admin.activities.index');
     }

diff --git a/app/Http/Controllers/Admin/DataProcessingController.php b/app/Http/Controllers/Admin/DataProcessingController.php
@@ -0,0 +1,109 @@
+<?php
+
+namespace App\Http\Controllers\Admin;
+
+use App\Information;
+use App\MApplication;
+use App\Process;
+use App\DataProcessing;
+
+use App\Http\Controllers\Controller;
+use App\Http\Requests\MassDestroyDataProcessingRequest;
+use App\Http\Requests\StoreDataProcessingRequest;
+use App\Http\Requests\UpdateDataProcessingRequest;
+
+use Gate;
+
+use Symfony\Component\HttpFoundation\Response;
+
+class DataProcessingController extends Controller
+{
+    public function index()
+    {
+        abort_if(Gate::denies('data_processing_register_access'), Response::HTTP_FORBIDDEN, '403 Forbidden');
+
+        $processingRegister = DataProcessing::orderBy('name')->get();
+
+        return view('admin.dataProcessing.index', compact('processingRegister'));
+    }
+
+    public function create()
+    {
+        abort_if(Gate::denies('data_processing_register_create'), Response::HTTP_FORBIDDEN, '403 Forbidden');
+
+        $processes = Process::orderBy('identifiant')->get()->pluck('identifiant', 'id');
+        $informations = Information::orderBy('name')->get()->pluck('name', 'id');
+        $applications = MApplication::orderBy('name')->get()->pluck('name', 'id');
+
+        session()->put("documents",array());
+
+        return view('admin.dataProcessing.create', 
+            compact('applications', 'informations', 'processes'));
+    }
+
+    public function store(StoreDataProcessingRequest $request)
+    {
+        $dataProcessing = DataProcessing::create($request->all());
+        $dataProcessing->processes()->sync($request->input('processes', []));
+        $dataProcessing->informations()->sync($request->input('informations', []));
+        $dataProcessing->applications()->sync($request->input('applications', []));
+        $dataProcessing->documents()->sync(session()->get("documents"));
+        session()->forget("documents");
+
+        return redirect()->route('admin.data-processing.index');
+    }
+
+    public function edit(DataProcessing $dataProcessing)
+    {
+        abort_if(Gate::denies('data_processing_register_edit'), Response::HTTP_FORBIDDEN, '403 Forbidden');
+
+        $processes = Process::orderBy('identifiant')->get()->pluck('identifiant', 'id');
+        $informations = Information::orderBy('name')->get()->pluck('name', 'id');
+        $applications = MApplication::orderBy('name')->get()->pluck('name', 'id');
+        session()->put("documents", $dataProcessing->documents()->get());
+
+//dd(session()->get("documents"));
+
+        $dataProcessing->load('applications', 'informations', 'processes');
+
+        return view('admin.dataProcessing.edit', 
+            compact('dataProcessing', 'applications', 'informations', 'processes'));
+    }
+
+    public function update(UpdateDataProcessingRequest $request, DataProcessing $dataProcessing)
+    {
+        $dataProcessing->update($request->all());
+        $dataProcessing->processes()->sync($request->input('processes', []));
+        $dataProcessing->applications()->sync($request->input('applications', []));
+        $dataProcessing->informations()->sync($request->input('informations', []));
+        $dataProcessing->documents()->sync(session()->get("documents"));
+        session()->forget("documents");
+
+        return redirect()->route('admin.data-processing.index');
+    }
+
+    public function show(DataProcessing $dataProcessing)
+    {
+        abort_if(Gate::denies('data_processing_register_show'), Response::HTTP_FORBIDDEN, '403 Forbidden');
+
+        $dataProcessing->load('applications', 'informations', 'processes');
+
+        return view('admin.dataProcessing.show', compact('dataProcessing'));
+    }
+
+    public function destroy(DataProcessing $dataProcessing)
+    {
+        abort_if(Gate::denies('data_processing_register_delete'), Response::HTTP_FORBIDDEN, '403 Forbidden');
+
+        $dataProcessing->delete();
+
+        return redirect()->route('admin.data-processing.index');
+    }
+
+    public function massDestroy(MassDestroyDataProcessingRequest $request)
+    {
+        DataProcessing::whereIn('id', request('ids'))->delete();
+
+        return response(null, Response::HTTP_NO_CONTENT);
+    }
+}
diff --git a/app/Http/Controllers/Admin/HomeController.php b/app/Http/Controllers/Admin/HomeController.php
@@ -2,6 +2,9 @@
 
 namespace App\Http\Controllers\Admin;
 
+// GDPR
+use App\DataProcessing;
+use App\SecurityControl;
 // ecosystem
 use App\Activity;
 use App\Actor;
@@ -123,6 +126,10 @@ public function index()
     protected function computeMaturity()
     {
         $levels = [
+            // GDPR
+            'data_processing' => DataProcessing::count(),
+            'security_controls' => SecurityControl::count(),
+
             // ecosystem
             'entities' => Entity::count(),
             'relations' => Relation::count(),
@@ -215,14 +222,6 @@ protected function computeMaturity()
             'activities' => Activity::count(),
             'activities_lvl2' => Activity
                 ::where('description', '<>', null)
-                    ->where('responsible', '<>', null)
-                    ->where('purpose', '<>', null)
-                    ->where('categories', '<>', null)
-                    ->where('recipients', '<>', null)
-                    ->where('transfert', '<>', null)
-                    ->where('description', '<>', null)
-                    ->where('retention', '<>', null)
-                    ->where('controls', '<>', null)
                     // activity must have one process
                     /*
                     ->whereExists(function ($query) {