ETB/ETB-API/security/migrations/0003_adaptiveauthentication_and_more.py

# Generated by Django 5.2.6 on 2025-09-18 17:49

import django.core.validators
import django.db.models.deletion
import uuid
from django.conf import settings
from django.db import migrations, models


class Migration(migrations.Migration):

    dependencies = [
        ('security', '0002_user_emergency_contact_user_oncall_preferences_and_more'),
    ]

    operations = [
        migrations.CreateModel(
            name='AdaptiveAuthentication',
            fields=[
                ('id', models.UUIDField(default=uuid.uuid4, editable=False, primary_key=True, serialize=False)),
                ('name', models.CharField(max_length=100, unique=True)),
                ('description', models.TextField()),
                ('low_risk_threshold', models.IntegerField(default=25, validators=[django.core.validators.MinValueValidator(0), django.core.validators.MaxValueValidator(100)])),
                ('medium_risk_threshold', models.IntegerField(default=50, validators=[django.core.validators.MinValueValidator(0), django.core.validators.MaxValueValidator(100)])),
                ('high_risk_threshold', models.IntegerField(default=75, validators=[django.core.validators.MinValueValidator(0), django.core.validators.MaxValueValidator(100)])),
                ('low_risk_auth_methods', models.JSONField(default=list, help_text='Auth methods for low risk')),
                ('medium_risk_auth_methods', models.JSONField(default=list, help_text='Auth methods for medium risk')),
                ('high_risk_auth_methods', models.JSONField(default=list, help_text='Auth methods for high risk')),
                ('critical_risk_auth_methods', models.JSONField(default=list, help_text='Auth methods for critical risk')),
                ('device_trust_multiplier', models.FloatField(default=1.0, help_text='Multiplier for device trust')),
                ('location_trust_multiplier', models.FloatField(default=1.0, help_text='Multiplier for location trust')),
                ('time_trust_multiplier', models.FloatField(default=1.0, help_text='Multiplier for time trust')),
                ('enable_behavioral_analysis', models.BooleanField(default=True)),
                ('behavior_learning_period', models.IntegerField(default=30, help_text='Days to learn user behavior')),
                ('anomaly_threshold', models.FloatField(default=0.7, help_text='Threshold for behavioral anomalies')),
                ('ml_enabled', models.BooleanField(default=False)),
                ('ml_model_path', models.CharField(blank=True, help_text='Path to ML model file', max_length=500)),
                ('ml_confidence_threshold', models.FloatField(default=0.8, help_text='ML confidence threshold')),
                ('fallback_auth_methods', models.JSONField(default=list, help_text='Fallback auth methods')),
                ('max_auth_attempts', models.IntegerField(default=3)),
                ('lockout_duration', models.IntegerField(default=15, help_text='Lockout duration in minutes')),
                ('is_active', models.BooleanField(default=True)),
                ('created_at', models.DateTimeField(auto_now_add=True)),
                ('updated_at', models.DateTimeField(auto_now=True)),
            ],
            options={
                'ordering': ['name'],
            },
        ),
        migrations.AddField(
            model_name='accesspolicy',
            name='adaptive_auth_enabled',
            field=models.BooleanField(default=False),
        ),
        migrations.AddField(
            model_name='accesspolicy',
            name='auth_factors_required',
            field=models.JSONField(default=list, help_text='Required authentication factors'),
        ),
        migrations.AddField(
            model_name='accesspolicy',
            name='max_risk_score',
            field=models.IntegerField(default=100, help_text='Maximum allowed risk score', validators=[django.core.validators.MinValueValidator(0), django.core.validators.MaxValueValidator(100)]),
        ),
        migrations.AddField(
            model_name='accesspolicy',
            name='min_device_trust_level',
            field=models.CharField(choices=[('HIGH', 'High Trust'), ('MEDIUM', 'Medium Trust'), ('LOW', 'Low Trust')], default='LOW', max_length=20),
        ),
        migrations.AddField(
            model_name='accesspolicy',
            name='requires_compliant_device',
            field=models.BooleanField(default=False),
        ),
        migrations.AddField(
            model_name='accesspolicy',
            name='requires_device_trust',
            field=models.BooleanField(default=False),
        ),
        migrations.AddField(
            model_name='accesspolicy',
            name='requires_geolocation_check',
            field=models.BooleanField(default=False),
        ),
        migrations.AddField(
            model_name='accesspolicy',
            name='time_restrictions',
            field=models.JSONField(default=dict, help_text='Time-based access restrictions'),
        ),
        migrations.AlterField(
            model_name='accesspolicy',
            name='policy_type',
            field=models.CharField(choices=[('ALLOW', 'Allow'), ('DENY', 'Deny'), ('REQUIRE_MFA', 'Require Additional MFA'), ('STEP_UP_AUTH', 'Step-up Authentication'), ('RISK_BASED', 'Risk-based Decision')], max_length=20),
        ),
        migrations.CreateModel(
            name='GeolocationRule',
            fields=[
                ('id', models.UUIDField(default=uuid.uuid4, editable=False, primary_key=True, serialize=False)),
                ('name', models.CharField(max_length=100, unique=True)),
                ('description', models.TextField()),
                ('rule_type', models.CharField(choices=[('ALLOW', 'Allow'), ('DENY', 'Deny'), ('REQUIRE_MFA', 'Require Additional MFA'), ('RESTRICT', 'Restrict Access')], max_length=20)),
                ('allowed_countries', models.JSONField(default=list, help_text='List of allowed country codes')),
                ('blocked_countries', models.JSONField(default=list, help_text='List of blocked country codes')),
                ('allowed_regions', models.JSONField(default=list, help_text='List of allowed regions/states')),
                ('blocked_regions', models.JSONField(default=list, help_text='List of blocked regions/states')),
                ('allowed_cities', models.JSONField(default=list, help_text='List of allowed cities')),
                ('blocked_cities', models.JSONField(default=list, help_text='List of blocked cities')),
                ('allowed_ip_ranges', models.JSONField(default=list, help_text='List of allowed IP ranges (CIDR)')),
                ('blocked_ip_ranges', models.JSONField(default=list, help_text='List of blocked IP ranges (CIDR)')),
                ('allowed_time_zones', models.JSONField(default=list, help_text='List of allowed time zones')),
                ('working_hours_only', models.BooleanField(default=False)),
                ('working_hours_start', models.TimeField(blank=True, null=True)),
                ('working_hours_end', models.TimeField(blank=True, null=True)),
                ('working_days', models.JSONField(default=list, help_text='List of working days (0-6, Monday=0)')),
                ('max_distance_from_office', models.FloatField(blank=True, help_text='Max distance from office in km', null=True)),
                ('office_latitude', models.FloatField(blank=True, null=True)),
                ('office_longitude', models.FloatField(blank=True, null=True)),
                ('notification_message', models.TextField(blank=True, help_text='Message to show when rule triggers')),
                ('log_violation', models.BooleanField(default=True)),
                ('require_manager_approval', models.BooleanField(default=False)),
                ('is_active', models.BooleanField(default=True)),
                ('priority', models.IntegerField(default=100, help_text='Lower numbers have higher priority')),
                ('created_at', models.DateTimeField(auto_now_add=True)),
                ('updated_at', models.DateTimeField(auto_now=True)),
                ('created_by', models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.SET_NULL, to=settings.AUTH_USER_MODEL)),
            ],
            options={
                'ordering': ['priority', 'name'],
            },
        ),
        migrations.AddField(
            model_name='accesspolicy',
            name='geolocation_rule',
            field=models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.SET_NULL, to='security.geolocationrule'),
        ),
        migrations.CreateModel(
            name='RiskAssessment',
            fields=[
                ('id', models.UUIDField(default=uuid.uuid4, editable=False, primary_key=True, serialize=False)),
                ('assessment_type', models.CharField(default='LOGIN', help_text='Type of assessment (LOGIN, ACCESS, TRANSACTION)', max_length=50)),
                ('resource_type', models.CharField(blank=True, help_text='Type of resource being accessed', max_length=100)),
                ('resource_id', models.CharField(blank=True, help_text='ID of resource being accessed', max_length=255)),
                ('device_risk_score', models.IntegerField(default=0, validators=[django.core.validators.MinValueValidator(0), django.core.validators.MaxValueValidator(100)])),
                ('location_risk_score', models.IntegerField(default=0, validators=[django.core.validators.MinValueValidator(0), django.core.validators.MaxValueValidator(100)])),
                ('behavior_risk_score', models.IntegerField(default=0, validators=[django.core.validators.MinValueValidator(0), django.core.validators.MaxValueValidator(100)])),
                ('network_risk_score', models.IntegerField(default=0, validators=[django.core.validators.MinValueValidator(0), django.core.validators.MaxValueValidator(100)])),
                ('time_risk_score', models.IntegerField(default=0, validators=[django.core.validators.MinValueValidator(0), django.core.validators.MaxValueValidator(100)])),
                ('user_risk_score', models.IntegerField(default=0, validators=[django.core.validators.MinValueValidator(0), django.core.validators.MaxValueValidator(100)])),
                ('overall_risk_score', models.IntegerField(default=0, validators=[django.core.validators.MinValueValidator(0), django.core.validators.MaxValueValidator(100)])),
                ('risk_level', models.CharField(choices=[('LOW', 'Low Risk'), ('MEDIUM', 'Medium Risk'), ('HIGH', 'High Risk'), ('CRITICAL', 'Critical Risk')], default='LOW', max_length=20)),
                ('ip_address', models.GenericIPAddressField(blank=True, null=True)),
                ('user_agent', models.TextField(blank=True)),
                ('location_data', models.JSONField(default=dict, help_text='Geolocation and network data')),
                ('device_data', models.JSONField(default=dict, help_text='Device information')),
                ('behavior_data', models.JSONField(default=dict, help_text='User behavior patterns')),
                ('risk_factors', models.JSONField(default=list, help_text='List of identified risk factors')),
                ('mitigation_actions', models.JSONField(default=list, help_text='Recommended mitigation actions')),
                ('assessment_details', models.JSONField(default=dict, help_text='Detailed assessment results')),
                ('access_decision', models.CharField(choices=[('ALLOW', 'Allow Access'), ('DENY', 'Deny Access'), ('STEP_UP', 'Step-up Authentication'), ('REVIEW', 'Manual Review Required')], default='ALLOW', max_length=20)),
                ('decision_reason', models.TextField(blank=True)),
                ('assessed_at', models.DateTimeField(auto_now_add=True)),
                ('expires_at', models.DateTimeField(blank=True, null=True)),
                ('user', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='risk_assessments', to=settings.AUTH_USER_MODEL)),
            ],
            options={
                'ordering': ['-assessed_at'],
            },
        ),
        migrations.CreateModel(
            name='UserBehaviorProfile',
            fields=[
                ('id', models.UUIDField(default=uuid.uuid4, editable=False, primary_key=True, serialize=False)),
                ('typical_login_times', models.JSONField(default=list, help_text='Typical login times')),
                ('typical_login_locations', models.JSONField(default=list, help_text='Typical login locations')),
                ('typical_login_devices', models.JSONField(default=list, help_text='Typical login devices')),
                ('typical_access_times', models.JSONField(default=list, help_text='Typical resource access times')),
                ('typical_access_patterns', models.JSONField(default=list, help_text='Typical access patterns')),
                ('typical_session_duration', models.FloatField(default=0.0, help_text='Typical session duration in hours')),
                ('typical_ip_ranges', models.JSONField(default=list, help_text='Typical IP address ranges')),
                ('typical_user_agents', models.JSONField(default=list, help_text='Typical user agents')),
                ('login_frequency', models.FloatField(default=0.0, help_text='Average logins per day')),
                ('access_frequency', models.FloatField(default=0.0, help_text='Average resource accesses per day')),
                ('anomaly_score', models.FloatField(default=0.0, help_text='Current anomaly score')),
                ('is_learning', models.BooleanField(default=True)),
                ('learning_start_date', models.DateTimeField(auto_now_add=True)),
                ('learning_complete_date', models.DateTimeField(blank=True, null=True)),
                ('sample_count', models.IntegerField(default=0, help_text='Number of samples used for learning')),
                ('last_updated', models.DateTimeField(auto_now=True)),
                ('created_at', models.DateTimeField(auto_now_add=True)),
                ('user', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='behavior_profile', to=settings.AUTH_USER_MODEL)),
            ],
            options={
                'ordering': ['-last_updated'],
            },
        ),
        migrations.CreateModel(
            name='DevicePosture',
            fields=[
                ('id', models.UUIDField(default=uuid.uuid4, editable=False, primary_key=True, serialize=False)),
                ('device_id', models.CharField(help_text='Unique device identifier', max_length=255, unique=True)),
                ('device_name', models.CharField(blank=True, max_length=200)),
                ('device_type', models.CharField(choices=[('DESKTOP', 'Desktop Computer'), ('LAPTOP', 'Laptop Computer'), ('MOBILE', 'Mobile Device'), ('TABLET', 'Tablet'), ('SERVER', 'Server'), ('IOT', 'IoT Device'), ('UNKNOWN', 'Unknown Device')], default='UNKNOWN', max_length=20)),
                ('os_type', models.CharField(choices=[('WINDOWS', 'Windows'), ('MACOS', 'macOS'), ('LINUX', 'Linux'), ('ANDROID', 'Android'), ('IOS', 'iOS'), ('UNKNOWN', 'Unknown OS')], default='UNKNOWN', max_length=20)),
                ('os_version', models.CharField(blank=True, max_length=100)),
                ('browser_info', models.CharField(blank=True, max_length=200)),
                ('is_managed', models.BooleanField(default=False, help_text='Is device managed by organization')),
                ('has_antivirus', models.BooleanField(default=False)),
                ('antivirus_status', models.CharField(blank=True, max_length=50)),
                ('firewall_enabled', models.BooleanField(default=False)),
                ('encryption_enabled', models.BooleanField(default=False)),
                ('screen_lock_enabled', models.BooleanField(default=False)),
                ('biometric_auth', models.BooleanField(default=False)),
                ('ip_address', models.GenericIPAddressField(blank=True, null=True)),
                ('mac_address', models.CharField(blank=True, max_length=17)),
                ('network_type', models.CharField(blank=True, help_text='Corporate, Public, Home, etc.', max_length=50)),
                ('vpn_connected', models.BooleanField(default=False)),
                ('risk_score', models.IntegerField(default=0, help_text='Device risk score (0-100, higher = more risky)', validators=[django.core.validators.MinValueValidator(0), django.core.validators.MaxValueValidator(100)])),
                ('last_assessment', models.DateTimeField(auto_now=True)),
                ('assessment_details', models.JSONField(default=dict, help_text='Detailed assessment results')),
                ('is_compliant', models.BooleanField(default=False)),
                ('compliance_issues', models.JSONField(default=list, help_text='List of compliance issues')),
                ('is_active', models.BooleanField(default=True)),
                ('is_trusted', models.BooleanField(default=False)),
                ('trust_level', models.CharField(choices=[('HIGH', 'High Trust'), ('MEDIUM', 'Medium Trust'), ('LOW', 'Low Trust'), ('UNTRUSTED', 'Untrusted')], default='LOW', max_length=20)),
                ('first_seen', models.DateTimeField(auto_now_add=True)),
                ('last_seen', models.DateTimeField(auto_now=True)),
                ('created_at', models.DateTimeField(auto_now_add=True)),
                ('updated_at', models.DateTimeField(auto_now=True)),
                ('user', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='device_postures', to=settings.AUTH_USER_MODEL)),
            ],
            options={
                'ordering': ['-last_seen'],
                'indexes': [models.Index(fields=['user', 'is_active'], name='security_de_user_id_b40615_idx'), models.Index(fields=['device_id'], name='security_de_device__3e5496_idx'), models.Index(fields=['risk_score', 'trust_level'], name='security_de_risk_sc_248ac7_idx'), models.Index(fields=['is_compliant', 'is_trusted'], name='security_de_is_comp_4de70c_idx')],
            },
        ),
        migrations.AddIndex(
            model_name='geolocationrule',
            index=models.Index(fields=['rule_type', 'is_active'], name='security_ge_rule_ty_2a030f_idx'),
        ),
        migrations.AddIndex(
            model_name='geolocationrule',
            index=models.Index(fields=['priority'], name='security_ge_priorit_3ffb41_idx'),
        ),
        migrations.AddIndex(
            model_name='riskassessment',
            index=models.Index(fields=['user', 'assessed_at'], name='security_ri_user_id_d9ab1c_idx'),
        ),
        migrations.AddIndex(
            model_name='riskassessment',
            index=models.Index(fields=['overall_risk_score', 'risk_level'], name='security_ri_overall_4cd9c9_idx'),
        ),
        migrations.AddIndex(
            model_name='riskassessment',
            index=models.Index(fields=['access_decision'], name='security_ri_access__e109fb_idx'),
        ),
        migrations.AddIndex(
            model_name='userbehaviorprofile',
            index=models.Index(fields=['user', 'is_learning'], name='security_us_user_id_9b04d7_idx'),
        ),
        migrations.AddIndex(
            model_name='userbehaviorprofile',
            index=models.Index(fields=['anomaly_score'], name='security_us_anomaly_2ca992_idx'),
        ),
    ]