Report store merge

.gitignore

@@ -85,6 +85,8 @@ profile_default/
 ipython_config.py
 
 # pyenv
+#don't add database credentials
+.env
 .python-version
 
 # pipenv
@@ -189,3 +191,7 @@ gradle-app.setting
 
 /.vs/
 node_modules/
+.env
+/api/migrations/0001_initial.py
+/api/migrations/0002_codesubmission_incident_id_and_more.py
+/api/migrations/0003_codesubmission_report_data.py

api/admin.py

@@ -0,0 +1,3 @@
+from django.contrib import admin
+
+# Register your models here.

api/apps.py

@@ -0,0 +1,6 @@
+from django.apps import AppConfig
+
+
+class ScannerConfig(AppConfig):
+    default_auto_field = 'django.db.models.BigAutoField'
+    name = 'api'

api/migrations/0001_initial.py

@@ -0,0 +1,77 @@
+# Generated by Django 6.0.3 on 2026-03-30 20:11
+
+import django.db.models.deletion
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    initial = True
+
+    dependencies = [
+    ]
+
+    operations = [
+        migrations.CreateModel(
+            name='CodeSubmission',
+            fields=[
+                ('submission_id', models.AutoField(primary_key=True, serialize=False)),
+                ('submission_name', models.CharField(blank=True, max_length=255, null=True)),
+                ('uploaded_at', models.DateTimeField(auto_now_add=True)),
+                ('overall_risk_score', models.DecimalField(blank=True, decimal_places=2, max_digits=5, null=True)),
+                ('simplified_summary', models.TextField(blank=True, null=True)),
+                ('detailed_summary', models.TextField(blank=True, null=True)),
+            ],
+        ),
+        migrations.CreateModel(
+            name='CWE',
+            fields=[
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('cwe_id', models.CharField(max_length=50, unique=True)),
+                ('name', models.TextField()),
+                ('description', models.TextField(blank=True, null=True)),
+                ('cvss_version', models.CharField(default='3.1', max_length=10)),
+                ('average_score', models.DecimalField(decimal_places=2, max_digits=5)),
+                ('severity', models.CharField(blank=True, max_length=20, null=True)),
+                ('categories', models.TextField(blank=True, null=True)),
+            ],
+        ),
+        migrations.CreateModel(
+            name='User',
+            fields=[
+                ('user_id', models.AutoField(primary_key=True, serialize=False)),
+                ('email', models.CharField(max_length=255, unique=True)),
+                ('password_hash', models.TextField()),
+                ('created_at', models.DateTimeField(auto_now_add=True)),
+            ],
+        ),
+        migrations.CreateModel(
+            name='File',
+            fields=[
+                ('file_id', models.AutoField(primary_key=True, serialize=False)),
+                ('file_name', models.CharField(max_length=255)),
+                ('file_path', models.TextField()),
+                ('file_type', models.CharField(blank=True, max_length=100, null=True)),
+                ('submission', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='files', to='api.codesubmission')),
+            ],
+        ),
+        migrations.CreateModel(
+            name='Threat',
+            fields=[
+                ('threat_id', models.AutoField(primary_key=True, serialize=False)),
+                ('title', models.CharField(max_length=255)),
+                ('description', models.TextField(blank=True, null=True)),
+                ('severity_level', models.CharField(choices=[('Low', 'Low'), ('Medium', 'Medium'), ('High', 'High'), ('Critical', 'Critical')], max_length=10)),
+                ('severity_score', models.DecimalField(blank=True, decimal_places=2, max_digits=5, null=True)),
+                ('recommendation', models.TextField(blank=True, null=True)),
+                ('line_number', models.IntegerField(blank=True, null=True)),
+                ('file', models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.SET_NULL, related_name='threats', to='api.file')),
+                ('submission', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='threats', to='api.codesubmission')),
+            ],
+        ),
+        migrations.AddField(
+            model_name='codesubmission',
+            name='user',
+            field=models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='submissions', to='api.user'),
+        ),
+    ]

api/migrations/0002_alter_user_table.py

@@ -0,0 +1,22 @@
+# Generated by Django 6.0.3 on 2026-04-06 17:52
+
+from django.db import migrations
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('api', '0001_initial'),
+    ]
+
+    operations = [
+        migrations.SeparateDatabaseAndState(
+            database_operations=[],
+            state_operations=[
+                migrations.AlterModelTable(
+                    name='user',
+                    table='users',
+                ),
+            ],
+        ),
+    ]

api/migrations/0004_merge_20260422_1651.py

@@ -0,0 +1,14 @@
+# Generated by Django 6.0.3 on 2026-04-22 21:51
+
+from django.db import migrations
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('api', '0002_alter_user_table'),
+        ('api', '0003_codesubmission_report_data'),
+    ]
+
+    operations = [
+    ]

api/migrations/0005_alter_cwe_options.py

@@ -0,0 +1,17 @@
+# Generated by Django 6.0.3 on 2026-04-22 21:51
+
+from django.db import migrations
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('api', '0004_merge_20260422_1651'),
+    ]
+
+    operations = [
+        migrations.AlterModelOptions(
+            name='cwe',
+            options={'managed': False},
+        ),
+    ]

api/migrations/0006_alter_cwe_table.py

@@ -0,0 +1,17 @@
+# Generated by Django 6.0.3 on 2026-04-22 22:13
+
+from django.db import migrations
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('api', '0005_alter_cwe_options'),
+    ]
+
+    operations = [
+        migrations.AlterModelTable(
+            name='cwe',
+            table='cwe',
+        ),
+    ]

api/migrations/0007_alter_codesubmission_table.py

@@ -0,0 +1,17 @@
+# Generated by Django 6.0.3 on 2026-04-22 22:22
+
+from django.db import migrations
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('api', '0006_alter_cwe_table'),
+    ]
+
+    operations = [
+        migrations.AlterModelTable(
+            name='codesubmission',
+            table='code_submissions',
+        ),
+    ]

api/models.py

@@ -0,0 +1,98 @@
+from django.db import models
+
+# -------------------
+# Users
+# -------------------
+class User(models.Model):
+    user_id = models.AutoField(primary_key=True)
+    email = models.CharField(max_length=255, unique=True)
+    password_hash = models.TextField()
+    created_at = models.DateTimeField(auto_now_add=True)
+
+    def __str__(self):
+        return self.email
+
+    class Meta:
+        db_table = "users"
+
+# -------------------
+# Code Submissions
+# -------------------
+class CodeSubmission(models.Model):
+    submission_id = models.AutoField(primary_key=True)
+    user = models.ForeignKey(User, on_delete=models.CASCADE, related_name='submissions')
+    submission_name = models.CharField(max_length=255, null=True, blank=True)
+    uploaded_at = models.DateTimeField(auto_now_add=True)
+
+    overall_risk_score = models.DecimalField(max_digits=5, decimal_places=2, null=True, blank=True)
+    simplified_summary = models.TextField(null=True, blank=True)
+    detailed_summary = models.TextField(null=True, blank=True)
+
+    scan_status = models.CharField(max_length=50, null=True, blank=True)
+    risk_level = models.CharField(max_length=20, null=True, blank=True)
+    incident_id = models.CharField(max_length=100, null=True, blank=True)
+    report_html_path = models.TextField(null=True, blank=True)
+    report_data = models.JSONField(null=True, blank=True)
+
+    def __str__(self):
+        return f"{self.submission_name} by {self.user.email}"
+
+    class Meta:
+        db_table = "code_submissions"
+
+# -------------------
+# Files
+# -------------------
+class File(models.Model):
+    file_id = models.AutoField(primary_key=True)
+    submission = models.ForeignKey(CodeSubmission, on_delete=models.CASCADE, related_name='files')
+    file_name = models.CharField(max_length=255)
+    file_path = models.TextField()
+    file_type = models.CharField(max_length=100, null=True, blank=True)
+
+    def __str__(self):
+        return self.file_name
+
+# -------------------
+# Threats
+# -------------------
+class Threat(models.Model):
+    SEVERITY_CHOICES = [
+        ('Low', 'Low'),
+        ('Medium', 'Medium'),
+        ('High', 'High'),
+        ('Critical', 'Critical'),
+    ]
+
+    threat_id = models.AutoField(primary_key=True)
+    submission = models.ForeignKey(CodeSubmission, on_delete=models.CASCADE, related_name='threats')
+    file = models.ForeignKey(File, on_delete=models.SET_NULL, null=True, blank=True, related_name='threats')
+    title = models.CharField(max_length=255)
+    description = models.TextField(null=True, blank=True)
+    severity_level = models.CharField(max_length=10, choices=SEVERITY_CHOICES)
+    severity_score = models.DecimalField(max_digits=5, decimal_places=2, null=True, blank=True)
+    recommendation = models.TextField(null=True, blank=True)
+    line_number = models.IntegerField(null=True, blank=True)
+
+    def __str__(self):
+        return f"{self.title} ({self.severity_level})"
+
+# -------------------
+# CWE Reference
+# -------------------
+class CWE(models.Model):
+    cwe_id = models.CharField(max_length=50, unique=True)
+    name = models.TextField()
+    description = models.TextField(null=True, blank=True)
+    cvss_version = models.CharField(max_length=10, default='3.1')
+    average_score = models.DecimalField(max_digits=5, decimal_places=2)
+    severity = models.CharField(max_length=20, null=True, blank=True)
+    categories = models.TextField(null=True, blank=True)
+
+    class Meta:
+                db_table = 'cwe'
+                managed = False
+
+    def __str__(self):
+        return f"{self.cwe_id} - {self.name}"
+

api/serializers.py

@@ -0,0 +1,26 @@
+from rest_framework import serializers
+from .models import CodeSubmission, File, Threat
+
+# -------------------
+# Serializer for submitting new code
+# -------------------
+class CodeSubmissionSerializer(serializers.ModelSerializer):
+    code = serializers.CharField(write_only=True)  # user input code
+    submission_name = serializers.CharField(required=False, allow_blank=True)
+
+    class Meta:
+        model = CodeSubmission
+        fields = ['submission_name', 'code']
+
+    def create(self, validated_data):
+        # We'll store the "code" as a single File for simplicity
+        code_text = validated_data.pop('code')
+        submission = CodeSubmission.objects.create(**validated_data)
+        File.objects.create(
+            submission=submission,
+            file_name=validated_data.get('submission_name', 'unnamed.py'),
+            file_path='',
+            file_type='code',
+        )
+        # Optionally, you can attach code_text somewhere (DB or AI service)
+        return submission

api/services/ai_service.py

@@ -0,0 +1,13 @@
+import os
+from openai import OpenAI
+from decouple import config
+
+client = OpenAI(api_key=config("OPENAI_API_KEY"))
+
+def ask_ai(user_text):
+    resp = client.chat.completions.create(
+        model="gpt-4.1-mini",
+        messages=[{"role": "user", "content": str(user_text)}],
+    )
+
+    return resp.choices[0].message.content

api/services/dummy_analysis.py

@@ -0,0 +1,12 @@
+def run_dummy(code, language):
+
+    return {
+        "summary" : "this dummy code is better than yours",
+        "findings" : [
+            {
+                "severity" : "Minimal",
+                "description" : "Bad code",
+                "fix" : "Figure it Out"
+            }
+        ]
+    }