Initial commit: add compliance_checks table, per-check metadata on assets, and compliance audit trail

2026-04-24 07:14:27 +03:00
commit e63b486ec2
58 changed files with 6468 additions and 0 deletions
--- a/init_db.py
+++ b/init_db.py
@@ -0,0 +1,40 @@
+"""
+init_db.py — Run once after `flask db upgrade` to:
+  1. Create all tables (idempotent)
+  2. Create the default admin user if no admin exists
+
+Usage:
+  python init_db.py
+  (or it runs automatically via Docker Compose CMD)
+"""
+import os
+from app import create_app
+from app.extensions import db
+from app.models.admin_user import AdminUser
+
+app = create_app(os.environ.get('FLASK_ENV', 'development'))
+
+with app.app_context():
+    db.create_all()
+
+    # Only create default admin if none exists
+    if AdminUser.query.count() == 0:
+        default_user = os.environ.get('DEFAULT_ADMIN_USER', 'admin')
+        default_pass = os.environ.get('DEFAULT_ADMIN_PASS', 'ChangeMe123!')
+        default_email = os.environ.get('DEFAULT_ADMIN_EMAIL', 'admin@company.local')
+
+        admin = AdminUser(
+            username=default_user,
+            email=default_email,
+            full_name='System Administrator',
+            role='admin',
+        )
+        admin.set_password(default_pass)
+        db.session.add(admin)
+        db.session.commit()
+        print(f'[init_db] Default admin created — username: {default_user}')
+        print(f'[init_db] *** CHANGE THE DEFAULT PASSWORD IMMEDIATELY ***')
+    else:
+        print('[init_db] Admin users already exist — skipping default creation.')
+
+    print('[init_db] Database initialised.')