# Generated by Django 5.2.6 on 2025-09-18 17:49 import django.core.validators import django.db.models.deletion import uuid from django.conf import settings from django.db import migrations, models class Migration(migrations.Migration): dependencies = [ ('security', '0002_user_emergency_contact_user_oncall_preferences_and_more'), ] operations = [ migrations.CreateModel( name='AdaptiveAuthentication', fields=[ ('id', models.UUIDField(default=uuid.uuid4, editable=False, primary_key=True, serialize=False)), ('name', models.CharField(max_length=100, unique=True)), ('description', models.TextField()), ('low_risk_threshold', models.IntegerField(default=25, validators=[django.core.validators.MinValueValidator(0), django.core.validators.MaxValueValidator(100)])), ('medium_risk_threshold', models.IntegerField(default=50, validators=[django.core.validators.MinValueValidator(0), django.core.validators.MaxValueValidator(100)])), ('high_risk_threshold', models.IntegerField(default=75, validators=[django.core.validators.MinValueValidator(0), django.core.validators.MaxValueValidator(100)])), ('low_risk_auth_methods', models.JSONField(default=list, help_text='Auth methods for low risk')), ('medium_risk_auth_methods', models.JSONField(default=list, help_text='Auth methods for medium risk')), ('high_risk_auth_methods', models.JSONField(default=list, help_text='Auth methods for high risk')), ('critical_risk_auth_methods', models.JSONField(default=list, help_text='Auth methods for critical risk')), ('device_trust_multiplier', models.FloatField(default=1.0, help_text='Multiplier for device trust')), ('location_trust_multiplier', models.FloatField(default=1.0, help_text='Multiplier for location trust')), ('time_trust_multiplier', models.FloatField(default=1.0, help_text='Multiplier for time trust')), ('enable_behavioral_analysis', models.BooleanField(default=True)), ('behavior_learning_period', models.IntegerField(default=30, help_text='Days to learn user behavior')), ('anomaly_threshold', models.FloatField(default=0.7, help_text='Threshold for behavioral anomalies')), ('ml_enabled', models.BooleanField(default=False)), ('ml_model_path', models.CharField(blank=True, help_text='Path to ML model file', max_length=500)), ('ml_confidence_threshold', models.FloatField(default=0.8, help_text='ML confidence threshold')), ('fallback_auth_methods', models.JSONField(default=list, help_text='Fallback auth methods')), ('max_auth_attempts', models.IntegerField(default=3)), ('lockout_duration', models.IntegerField(default=15, help_text='Lockout duration in minutes')), ('is_active', models.BooleanField(default=True)), ('created_at', models.DateTimeField(auto_now_add=True)), ('updated_at', models.DateTimeField(auto_now=True)), ], options={ 'ordering': ['name'], }, ), migrations.AddField( model_name='accesspolicy', name='adaptive_auth_enabled', field=models.BooleanField(default=False), ), migrations.AddField( model_name='accesspolicy', name='auth_factors_required', field=models.JSONField(default=list, help_text='Required authentication factors'), ), migrations.AddField( model_name='accesspolicy', name='max_risk_score', field=models.IntegerField(default=100, help_text='Maximum allowed risk score', validators=[django.core.validators.MinValueValidator(0), django.core.validators.MaxValueValidator(100)]), ), migrations.AddField( model_name='accesspolicy', name='min_device_trust_level', field=models.CharField(choices=[('HIGH', 'High Trust'), ('MEDIUM', 'Medium Trust'), ('LOW', 'Low Trust')], default='LOW', max_length=20), ), migrations.AddField( model_name='accesspolicy', name='requires_compliant_device', field=models.BooleanField(default=False), ), migrations.AddField( model_name='accesspolicy', name='requires_device_trust', field=models.BooleanField(default=False), ), migrations.AddField( model_name='accesspolicy', name='requires_geolocation_check', field=models.BooleanField(default=False), ), migrations.AddField( model_name='accesspolicy', name='time_restrictions', field=models.JSONField(default=dict, help_text='Time-based access restrictions'), ), migrations.AlterField( model_name='accesspolicy', name='policy_type', field=models.CharField(choices=[('ALLOW', 'Allow'), ('DENY', 'Deny'), ('REQUIRE_MFA', 'Require Additional MFA'), ('STEP_UP_AUTH', 'Step-up Authentication'), ('RISK_BASED', 'Risk-based Decision')], max_length=20), ), migrations.CreateModel( name='GeolocationRule', fields=[ ('id', models.UUIDField(default=uuid.uuid4, editable=False, primary_key=True, serialize=False)), ('name', models.CharField(max_length=100, unique=True)), ('description', models.TextField()), ('rule_type', models.CharField(choices=[('ALLOW', 'Allow'), ('DENY', 'Deny'), ('REQUIRE_MFA', 'Require Additional MFA'), ('RESTRICT', 'Restrict Access')], max_length=20)), ('allowed_countries', models.JSONField(default=list, help_text='List of allowed country codes')), ('blocked_countries', models.JSONField(default=list, help_text='List of blocked country codes')), ('allowed_regions', models.JSONField(default=list, help_text='List of allowed regions/states')), ('blocked_regions', models.JSONField(default=list, help_text='List of blocked regions/states')), ('allowed_cities', models.JSONField(default=list, help_text='List of allowed cities')), ('blocked_cities', models.JSONField(default=list, help_text='List of blocked cities')), ('allowed_ip_ranges', models.JSONField(default=list, help_text='List of allowed IP ranges (CIDR)')), ('blocked_ip_ranges', models.JSONField(default=list, help_text='List of blocked IP ranges (CIDR)')), ('allowed_time_zones', models.JSONField(default=list, help_text='List of allowed time zones')), ('working_hours_only', models.BooleanField(default=False)), ('working_hours_start', models.TimeField(blank=True, null=True)), ('working_hours_end', models.TimeField(blank=True, null=True)), ('working_days', models.JSONField(default=list, help_text='List of working days (0-6, Monday=0)')), ('max_distance_from_office', models.FloatField(blank=True, help_text='Max distance from office in km', null=True)), ('office_latitude', models.FloatField(blank=True, null=True)), ('office_longitude', models.FloatField(blank=True, null=True)), ('notification_message', models.TextField(blank=True, help_text='Message to show when rule triggers')), ('log_violation', models.BooleanField(default=True)), ('require_manager_approval', models.BooleanField(default=False)), ('is_active', models.BooleanField(default=True)), ('priority', models.IntegerField(default=100, help_text='Lower numbers have higher priority')), ('created_at', models.DateTimeField(auto_now_add=True)), ('updated_at', models.DateTimeField(auto_now=True)), ('created_by', models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.SET_NULL, to=settings.AUTH_USER_MODEL)), ], options={ 'ordering': ['priority', 'name'], }, ), migrations.AddField( model_name='accesspolicy', name='geolocation_rule', field=models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.SET_NULL, to='security.geolocationrule'), ), migrations.CreateModel( name='RiskAssessment', fields=[ ('id', models.UUIDField(default=uuid.uuid4, editable=False, primary_key=True, serialize=False)), ('assessment_type', models.CharField(default='LOGIN', help_text='Type of assessment (LOGIN, ACCESS, TRANSACTION)', max_length=50)), ('resource_type', models.CharField(blank=True, help_text='Type of resource being accessed', max_length=100)), ('resource_id', models.CharField(blank=True, help_text='ID of resource being accessed', max_length=255)), ('device_risk_score', models.IntegerField(default=0, validators=[django.core.validators.MinValueValidator(0), django.core.validators.MaxValueValidator(100)])), ('location_risk_score', models.IntegerField(default=0, validators=[django.core.validators.MinValueValidator(0), django.core.validators.MaxValueValidator(100)])), ('behavior_risk_score', models.IntegerField(default=0, validators=[django.core.validators.MinValueValidator(0), django.core.validators.MaxValueValidator(100)])), ('network_risk_score', models.IntegerField(default=0, validators=[django.core.validators.MinValueValidator(0), django.core.validators.MaxValueValidator(100)])), ('time_risk_score', models.IntegerField(default=0, validators=[django.core.validators.MinValueValidator(0), django.core.validators.MaxValueValidator(100)])), ('user_risk_score', models.IntegerField(default=0, validators=[django.core.validators.MinValueValidator(0), django.core.validators.MaxValueValidator(100)])), ('overall_risk_score', models.IntegerField(default=0, validators=[django.core.validators.MinValueValidator(0), django.core.validators.MaxValueValidator(100)])), ('risk_level', models.CharField(choices=[('LOW', 'Low Risk'), ('MEDIUM', 'Medium Risk'), ('HIGH', 'High Risk'), ('CRITICAL', 'Critical Risk')], default='LOW', max_length=20)), ('ip_address', models.GenericIPAddressField(blank=True, null=True)), ('user_agent', models.TextField(blank=True)), ('location_data', models.JSONField(default=dict, help_text='Geolocation and network data')), ('device_data', models.JSONField(default=dict, help_text='Device information')), ('behavior_data', models.JSONField(default=dict, help_text='User behavior patterns')), ('risk_factors', models.JSONField(default=list, help_text='List of identified risk factors')), ('mitigation_actions', models.JSONField(default=list, help_text='Recommended mitigation actions')), ('assessment_details', models.JSONField(default=dict, help_text='Detailed assessment results')), ('access_decision', models.CharField(choices=[('ALLOW', 'Allow Access'), ('DENY', 'Deny Access'), ('STEP_UP', 'Step-up Authentication'), ('REVIEW', 'Manual Review Required')], default='ALLOW', max_length=20)), ('decision_reason', models.TextField(blank=True)), ('assessed_at', models.DateTimeField(auto_now_add=True)), ('expires_at', models.DateTimeField(blank=True, null=True)), ('user', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='risk_assessments', to=settings.AUTH_USER_MODEL)), ], options={ 'ordering': ['-assessed_at'], }, ), migrations.CreateModel( name='UserBehaviorProfile', fields=[ ('id', models.UUIDField(default=uuid.uuid4, editable=False, primary_key=True, serialize=False)), ('typical_login_times', models.JSONField(default=list, help_text='Typical login times')), ('typical_login_locations', models.JSONField(default=list, help_text='Typical login locations')), ('typical_login_devices', models.JSONField(default=list, help_text='Typical login devices')), ('typical_access_times', models.JSONField(default=list, help_text='Typical resource access times')), ('typical_access_patterns', models.JSONField(default=list, help_text='Typical access patterns')), ('typical_session_duration', models.FloatField(default=0.0, help_text='Typical session duration in hours')), ('typical_ip_ranges', models.JSONField(default=list, help_text='Typical IP address ranges')), ('typical_user_agents', models.JSONField(default=list, help_text='Typical user agents')), ('login_frequency', models.FloatField(default=0.0, help_text='Average logins per day')), ('access_frequency', models.FloatField(default=0.0, help_text='Average resource accesses per day')), ('anomaly_score', models.FloatField(default=0.0, help_text='Current anomaly score')), ('is_learning', models.BooleanField(default=True)), ('learning_start_date', models.DateTimeField(auto_now_add=True)), ('learning_complete_date', models.DateTimeField(blank=True, null=True)), ('sample_count', models.IntegerField(default=0, help_text='Number of samples used for learning')), ('last_updated', models.DateTimeField(auto_now=True)), ('created_at', models.DateTimeField(auto_now_add=True)), ('user', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='behavior_profile', to=settings.AUTH_USER_MODEL)), ], options={ 'ordering': ['-last_updated'], }, ), migrations.CreateModel( name='DevicePosture', fields=[ ('id', models.UUIDField(default=uuid.uuid4, editable=False, primary_key=True, serialize=False)), ('device_id', models.CharField(help_text='Unique device identifier', max_length=255, unique=True)), ('device_name', models.CharField(blank=True, max_length=200)), ('device_type', models.CharField(choices=[('DESKTOP', 'Desktop Computer'), ('LAPTOP', 'Laptop Computer'), ('MOBILE', 'Mobile Device'), ('TABLET', 'Tablet'), ('SERVER', 'Server'), ('IOT', 'IoT Device'), ('UNKNOWN', 'Unknown Device')], default='UNKNOWN', max_length=20)), ('os_type', models.CharField(choices=[('WINDOWS', 'Windows'), ('MACOS', 'macOS'), ('LINUX', 'Linux'), ('ANDROID', 'Android'), ('IOS', 'iOS'), ('UNKNOWN', 'Unknown OS')], default='UNKNOWN', max_length=20)), ('os_version', models.CharField(blank=True, max_length=100)), ('browser_info', models.CharField(blank=True, max_length=200)), ('is_managed', models.BooleanField(default=False, help_text='Is device managed by organization')), ('has_antivirus', models.BooleanField(default=False)), ('antivirus_status', models.CharField(blank=True, max_length=50)), ('firewall_enabled', models.BooleanField(default=False)), ('encryption_enabled', models.BooleanField(default=False)), ('screen_lock_enabled', models.BooleanField(default=False)), ('biometric_auth', models.BooleanField(default=False)), ('ip_address', models.GenericIPAddressField(blank=True, null=True)), ('mac_address', models.CharField(blank=True, max_length=17)), ('network_type', models.CharField(blank=True, help_text='Corporate, Public, Home, etc.', max_length=50)), ('vpn_connected', models.BooleanField(default=False)), ('risk_score', models.IntegerField(default=0, help_text='Device risk score (0-100, higher = more risky)', validators=[django.core.validators.MinValueValidator(0), django.core.validators.MaxValueValidator(100)])), ('last_assessment', models.DateTimeField(auto_now=True)), ('assessment_details', models.JSONField(default=dict, help_text='Detailed assessment results')), ('is_compliant', models.BooleanField(default=False)), ('compliance_issues', models.JSONField(default=list, help_text='List of compliance issues')), ('is_active', models.BooleanField(default=True)), ('is_trusted', models.BooleanField(default=False)), ('trust_level', models.CharField(choices=[('HIGH', 'High Trust'), ('MEDIUM', 'Medium Trust'), ('LOW', 'Low Trust'), ('UNTRUSTED', 'Untrusted')], default='LOW', max_length=20)), ('first_seen', models.DateTimeField(auto_now_add=True)), ('last_seen', models.DateTimeField(auto_now=True)), ('created_at', models.DateTimeField(auto_now_add=True)), ('updated_at', models.DateTimeField(auto_now=True)), ('user', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='device_postures', to=settings.AUTH_USER_MODEL)), ], options={ 'ordering': ['-last_seen'], 'indexes': [models.Index(fields=['user', 'is_active'], name='security_de_user_id_b40615_idx'), models.Index(fields=['device_id'], name='security_de_device__3e5496_idx'), models.Index(fields=['risk_score', 'trust_level'], name='security_de_risk_sc_248ac7_idx'), models.Index(fields=['is_compliant', 'is_trusted'], name='security_de_is_comp_4de70c_idx')], }, ), migrations.AddIndex( model_name='geolocationrule', index=models.Index(fields=['rule_type', 'is_active'], name='security_ge_rule_ty_2a030f_idx'), ), migrations.AddIndex( model_name='geolocationrule', index=models.Index(fields=['priority'], name='security_ge_priorit_3ffb41_idx'), ), migrations.AddIndex( model_name='riskassessment', index=models.Index(fields=['user', 'assessed_at'], name='security_ri_user_id_d9ab1c_idx'), ), migrations.AddIndex( model_name='riskassessment', index=models.Index(fields=['overall_risk_score', 'risk_level'], name='security_ri_overall_4cd9c9_idx'), ), migrations.AddIndex( model_name='riskassessment', index=models.Index(fields=['access_decision'], name='security_ri_access__e109fb_idx'), ), migrations.AddIndex( model_name='userbehaviorprofile', index=models.Index(fields=['user', 'is_learning'], name='security_us_user_id_9b04d7_idx'), ), migrations.AddIndex( model_name='userbehaviorprofile', index=models.Index(fields=['anomaly_score'], name='security_us_anomaly_2ca992_idx'), ), ]