Cyberleague: [premieroctet#159] WIP statistics for bellwether

Wappizy · Oct 1, 2024 · a72dee3 · a72dee3
1 parent 715b1eb
commit a72dee3
Show file tree

Hide file tree

Showing 2 changed files with 156 additions and 0 deletions.
diff --git a/backend/web/server/plugins/cyberleague/functions.js b/backend/web/server/plugins/cyberleague/functions.js
@@ -31,6 +31,7 @@ const Gain = require('../../models/Gain')
 const { isMineForPost } = require('./post')
 const { getRelated } = require('./related')
 const { getLooking } = require('./user')
+const { computeBellwetherStatistics } = require('./statistic')
 
 //User declarations
 const USER_MODELS = ['user', 'loggedUser', 'admin', 'partner', 'member']
@@ -388,6 +389,12 @@ const preprocessGet = async ({model, fields, id, user, params}) => {
       }
     }
   }
+
+  if (model == 'statistic') {
+    const computedStatistics = computeBellwetherStatistics(params.filters ? params.filters : {})
+    params = {...params, ...computedStatistics}
+  }
+
   return Promise.resolve({model, fields, id, user, params})
 }
 

diff --git a/backend/web/server/plugins/cyberleague/statistic.js b/backend/web/server/plugins/cyberleague/statistic.js
@@ -0,0 +1,149 @@
+const lodash = require('lodash')
+const Company = require("../../models/Company")
+const Score = require("../../models/Score")
+const User = require("../../models/User")
+const { COMPANY_SIZE_5001_PLUS } = require("./consts")
+
+
+const bellwetherDataStructure = {
+  threatSecurityIncident: {value: 0, count: 0},
+  threatSecurityIncidentETI: {value: 0, count: 0},
+  threatLeakage: {value: 0, count: 0},
+  threatCriticalIncident: {value: 0, count: 0},
+  maturityBudget: {value: 0, count: 0},
+  maturityBudgetPME: {value: 0, count: 0},
+  maturityCyberRef: {value: 0, count: 0},
+  protectionIntrusion: {value: 0, count: 0},
+  protectionIntrusionPME: {value: 0, count: 0},
+  protectionIntrusionETI: {value: 0, count: 0},
+  protectionExternalized: {value: 0, count: 0},
+  protectionWebApp: {value: 0, count: 0},
+  protectionWebAppPME: {value: 0, count: 0},
+  protectionWebAppETI: {value: 0, count: 0},
+  protectionAntivirus: {value: 0, count: 0},
+  practicesCharter: {value: 0, count: 0},
+  practicesFinancial: {value: 0, count: 0},
+  practicesSensibilization: {value: 0, count: 0}
+}
+
+const regexSecurityIncident = (text) => {
+  return false
+}
+
+const regexLeakage = (text) => {
+  return false
+}
+
+const regexCriticalIncident = (text) => {
+  return false
+}
+
+const regexBudget = (text) => {
+  const regex = /.*assurance.*|.*incident.*|.*partenaire.*/
+  return regex.test(text)
+}
+
+const regexCyberRef = (text) => {
+  const regex = /.*référent.*/
+  return regex.test(text)
+}
+
+const regexIntrusion = (text) => {
+  const regex = /.*intrusion.*/
+  return regex.test(text)
+}
+
+const regexExternalized = (text) => {
+  const regex = /.*sauvegarde.*/
+  return regex.test(text)
+}
+
+const regexWebApp = (text) => {
+  const regex = /.*WAF.*/
+  return regex.test(text)
+}
+
+const regexAntivirus = (text) => {
+  const regex = /.*antivirus.*/
+  return regex.test(text)
+}
+
+const regexCharter = (text) => {
+  const regex = /.*charte.*/
+  return regex.test(text)
+}
+
+const regexFinancial = (text) => {
+  const regex = /.*banques.*/
+  return regex.test(text)
+}
+
+const regexSensibilization = (text) => {
+  const regex = /.*Sensibilisez.*/
+  return regex.test(text)
+}
+
+const computeBellwetherStatistics = async (filters) => {
+  //TODO take filters into account (company sector and / or company region)
+  const companyFilter = {size: {$ne: COMPANY_SIZE_5001_PLUS}}
+
+  //Getting scores that will be used to do statistics
+  const companies = await Company.find(companyFilter)
+
+  //if user is not attach to a recorded company, we check its company size (TODO : and apply filters)
+  const users = await User.find({$or: [{company: {$in: companies.map((c) => {return c._id})}}, {company: undefined, company_size: {$lte: 5000}}]})
+
+  const scores = await Score.find({creator: {$in: users.map((u) => {return u._id})}}).populate([
+    {path: 'answers', populate: {path:'answer'}},
+    {path: 'answers', populate: {path: 'question', $match: {is_bellwether: true}, populate: {path: 'text'}}}
+  ])
+
+  // /!\ /!\ /!\ scores.answers.question in [question, undefined] -> undefined means answer is not bellwether
+  const cleanScores = scores.map((s)=> {
+    s.answers = lodash.filter(s.answers,(a) => {
+      return !a.question 
+    })
+    return s
+  })
+
+  cleanScores.forEach((s)=> {
+    s.answers.forEach((a) => {
+      if (regexAntivirus(a.question.text)) {
+
+      } else if (regexBudget(a.question.text)) {
+        // 3 questions for this one
+        // need to check if PME
+
+      } else if (regexCharter(a.question.text)) {
+
+      } else if (regexCriticalIncident(a.question.text)) {
+
+      } else if (regexCyberRef(a.question.text)) {
+
+      } else if (regexExternalized(a.question.text)) {
+
+      } else if (regexFinancial(a.question.text)) {
+
+      } else if (regexIntrusion(a.question.text)) {
+        // need to check if PME or ETI
+
+      } else if (regexLeakage(a.question.text)) {
+
+      } else if (regexSecurityIncident(a.question.text)) {
+        // need to check if ETI
+
+      } else if (regexSensibilization(a.question.text)) {
+
+      } else if (regexWebApp(a.question.text)) {
+        // need to check if PME or ETI
+
+      } else {
+        throw new Error(`La question '${a.question.text}' ne fait pas partie du baromètre`)
+      }
+    })
+  })
+}
+
+module.exports = {
+  computeBellwetherStatistics
+}