jezcaudle/rails-caf
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

caf_text now working

Browse Source 
redirects working for company now - although the overall structure is not clear in the app or in my mind
This commit is contained in:
Jez Caudle 2023-02-21 06:02:08 +00:00
parent 3b53f930be
commit a35b656cf3
4 changed files with 9 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/controllers/cafs_controller.rb
View File

@ -26,7 +26,7 @@ class CafsController < ApplicationController
respond_to do |format|
if @caf.save
format.html { redirect_to caf_url(@caf), notice: "Caf was successfully created." }
format.html { redirect_to company_caf_url(@caf.company_id,@caf.id), notice: "Caf was successfully created." }
format.json { render :show, status: :created, location: @caf }
else
format.html { render :new, status: :unprocessable_entity }

8
app/views/cafs/show.html.erb
View File

@ -1,10 +1,8 @@
<p style="color: green"><%= notice %></p>
<%= render @caf %>
<div>
<%= link_to "Edit this caf", edit_caf_path(@caf) %> |
<%= link_to "Back to cafs", cafs_path %>
<%= link_to "Edit this caf", edit_company_caf_path(@caf.company_id,@caf.id) %> |
<%= link_to "Back to cafs", company_cafs_path(@caf.company_id) %>
<%= button_to "Destroy this caf", @caf, method: :delete %>
<%= button_to "Destroy this caf", company_caf_path(@caf.id), method: :delete %>
</div>

4
app/views/home/index.html.erb
View File

@ -1,8 +1,8 @@
<h1>CAF Compliance Tracking</h1>
<h1>Cyber Awareness Framework</h1>
<h2>Compliance Tracking</h2>
<% if !user_signed_in? %>
Not Signed in.
<% else %>
<%#= current_user.roletxt %>
<% if current_user.admin? %>

6
config/caf_text.yml
View File

@ -67,7 +67,7 @@ objectives:
- Risk management decision-making is delegated and escalated where necessary, across the organisation, to people who have the skills, knowledge, tools, and authority they need.
- Risk management decisions are periodically reviewed to ensure their continued relevance and validity.
- principle:
name: A2Risk Management
name: A2 Risk Management
description: The organisation takes appropriate steps to identify, assess and understand security risks to the network and information systems supporting the operation of essential functions. This includes an overall organisational approach to risk management.
sub-principles:
- sub-principle:
@ -91,10 +91,10 @@ objectives:
condition: All
subprincipleitem:
- Your organisational process ensures that security risks to networks and information systems relevant to essential functions are identified, analysed, prioritised, and managed.
- Your risk assessments are informed by an understanding of the vulnerabilities in the networks and information systems supporting your essential function.
- Your risk assessments are informed by an understanding of the vulnerabilities in the networks and info<p style="color: green"><%= notice %></p>rmation systems supporting your essential function.
- The output from your risk management process is a clear set of security requirements that will address the risks in line with your organisational approach to security.
- Significant conclusions reached in the course of your risk management process are communicated to key security decision-makers and accountable individuals.
- You conduct risk assessments when significant events potentially affect the essential function, such as replacing a system or a change in the cyber security threat.
- You conduct risk assessments when significant events potentially affect the essential function, such as replacing a system or a change in the cybe<p style="color: green"><%= notice %></p>r security threat.
- You perform threat analysis and understand how generic threats apply to your organisation.
- subprincipleitemgroup:
kind: Achieved