monarc-project · ruslanbaidan · May 8, 2026 · May 13, 2026 · May 18, 2026 · May 28, 2026
diff --git a/config/module.config.php b/config/module.config.php
@@ -316,6 +316,31 @@
                 ],
             ],
 
+            'monarc_api_risk_sources' => [
+                'type' => 'segment',
+                'options' => [
+                    'route' => '/api/risk-sources[/:id]',
+                    'constraints' => [
+                        'id' => '[0-9]+',
+                    ],
+                    'defaults' => [
+                        'controller' => Controller\ApiRiskSourcesController::class,
+                    ],
+                ],
+            ],
+            'monarc_api_reassessment_triggers' => [
+                'type' => 'segment',
+                'options' => [
+                    'route' => '/api/reassessment-triggers[/:id]',
+                    'constraints' => [
+                        'id' => '[0-9]+',
+                    ],
+                    'defaults' => [
+                        'controller' => Controller\ApiReassessmentTriggersController::class,
+                    ],
+                ],
+            ],
+
             'monarc_api_measures' => [
                 'type' => 'segment',
                 'options' => [
@@ -855,7 +880,9 @@
             Controller\ApiOperationalRisksScalesCommentsController::class => AutowireFactory::class,
             Controller\ApiQuestionsController::class => AutowireFactory::class,
             Controller\ApiQuestionsChoicesController::class => AutowireFactory::class,
+            Controller\ApiReassessmentTriggersController::class => AutowireFactory::class,
             Controller\ApiReferentialsController::class => AutowireFactory::class,
+            Controller\ApiRiskSourcesController::class => AutowireFactory::class,
             Controller\ApiRolfRisksController::class => AutowireFactory::class,
             Controller\ApiRolfTagsController::class => AutowireFactory::class,
             Controller\ApiAnrRisksController::class => AutowireFactory::class,
@@ -988,7 +1015,9 @@
             'monarc_api_anr/library',
             'monarc_api_anr/library_category',
             'monarc_api_anr/objects',
+            'monarc_api_reassessment_triggers',
             'monarc_api_referentials',
+            'monarc_api_risk_sources',
             'monarc_api_measures',
             'monarc_api_measuremeasure',
             'monarc_api_questions',

diff --git a/src/Controller/ApiReassessmentTriggersController.php b/src/Controller/ApiReassessmentTriggersController.php
@@ -0,0 +1,112 @@
+<?php declare(strict_types=1);
+/**
+ * @link      https://github.com/monarc-project for the canonical source repository
+ * @copyright Copyright (c) 2016-2026 Luxembourg House of Cybersecurity LHC.lu - Licensed under GNU Affero GPL v3
+ * @license   MONARC is licensed under GNU Affero General Public License version 3
+ */
+
+namespace Monarc\BackOffice\Controller;
+
+use Laminas\Mvc\Controller\AbstractRestfulController;
+use Monarc\Core\Controller\Handler\ControllerRequestResponseHandlerTrait;
+use Monarc\Core\Entity\ReassessmentTrigger;
+use Monarc\Core\InputFormatter\ReassessmentTrigger\GetReassessmentTriggersInputFormatter;
+use Monarc\Core\Service\ReassessmentTriggerService;
+use Monarc\Core\Validator\InputValidator\ReassessmentTrigger\PatchReassessmentTriggerDataInputValidator;
+use Monarc\Core\Validator\InputValidator\ReassessmentTrigger\PostReassessmentTriggerDataInputValidator;
+
+class ApiReassessmentTriggersController extends AbstractRestfulController
+{
+    use ControllerRequestResponseHandlerTrait;
+
+    public function __construct(
+        private GetReassessmentTriggersInputFormatter $getReassessmentTriggersInputFormatter,
+        private ReassessmentTriggerService $reassessmentTriggerService,
+        private PostReassessmentTriggerDataInputValidator $postReassessmentTriggerDataInputValidator,
+        private PatchReassessmentTriggerDataInputValidator $patchReassessmentTriggerDataInputValidator
+    ) {
+    }
+
+    public function getList()
+    {
+        $formattedParams = $this->getFormattedInputParams($this->getReassessmentTriggersInputFormatter);
+        $reassessmentTriggers = $this->reassessmentTriggerService->getList($formattedParams);
+
+        return $this->getPreparedJsonResponse([
+            'count' => $this->reassessmentTriggerService->getCount($formattedParams),
+            'reassessmentTriggers' => array_map(
+                fn (ReassessmentTrigger $reassessmentTrigger): array => $this->prepareReassessmentTriggerData(
+                    $reassessmentTrigger,
+                    false
+                ),
+                $reassessmentTriggers
+            ),
+        ]);
+    }
+
+    public function get($id)
+    {
+        return $this->getPreparedJsonResponse(
+            $this->prepareReassessmentTriggerData($this->reassessmentTriggerService->get((int)$id), true)
+        );
+    }
+
+    public function create($data)
+    {
+        $this->validatePostParams($this->postReassessmentTriggerDataInputValidator, $data);
+
+        return $this->getSuccessfulJsonResponse($this->prepareReassessmentTriggerData(
+            $this->reassessmentTriggerService->create(
+                $this->postReassessmentTriggerDataInputValidator->getValidData()
+            ),
+            true
+        ));
+    }
+
+    public function update($id, $data)
+    {
+        $this->validatePostParams($this->patchReassessmentTriggerDataInputValidator, $data);
+
+        return $this->getSuccessfulJsonResponse($this->prepareReassessmentTriggerData(
+            $this->reassessmentTriggerService->update(
+                (int)$id,
+                $this->patchReassessmentTriggerDataInputValidator->getValidData()
+            ),
+            true
+        ));
+    }
+
+    public function delete($id)
+    {
+        $this->reassessmentTriggerService->delete((int)$id);
+
+        return $this->getSuccessfulJsonResponse();
+    }
+
+    private function prepareReassessmentTriggerData(
+        ReassessmentTrigger $reassessmentTrigger,
+        bool $includeTranslations
+    ): array {
+        $reassessmentTriggerData = [
+            'id' => $reassessmentTrigger->getId(),
+            'triggerType' => $this->reassessmentTriggerService->getDisplayTriggerType($reassessmentTrigger),
+            'description' => $this->reassessmentTriggerService->getDisplayDescription($reassessmentTrigger),
+            'monitoringApproach' => $this->reassessmentTriggerService->getDisplayMonitoringApproach(
+                $reassessmentTrigger
+            ),
+            'isActive' => $reassessmentTrigger->isActive(),
+            'position' => $reassessmentTrigger->getPosition(),
+        ];
+
+        if ($includeTranslations) {
+            $reassessmentTriggerData['triggerTypes'] = $this->reassessmentTriggerService
+                ->getTriggerTypes($reassessmentTrigger);
+            $reassessmentTriggerData['descriptions'] = $this->reassessmentTriggerService
+                ->getDescriptions($reassessmentTrigger);
+            $reassessmentTriggerData['monitoringApproaches'] = $this->reassessmentTriggerService
+                ->getMonitoringApproaches($reassessmentTrigger);
+        }
+
+        return $reassessmentTriggerData;
+    }
+}
diff --git a/src/Controller/ApiRiskSourcesController.php b/src/Controller/ApiRiskSourcesController.php
@@ -0,0 +1,125 @@
+<?php declare(strict_types=1);
+/**
+ * @link      https://github.com/monarc-project for the canonical source repository
+ * @copyright Copyright (c) 2016-2026 Luxembourg House of Cybersecurity LHC.lu - Licensed under GNU Affero GPL v3
+ * @license   MONARC is licensed under GNU Affero General Public License version 3
+ */
+
+namespace Monarc\BackOffice\Controller;
+
+use Laminas\Mvc\Controller\AbstractRestfulController;
+use Monarc\Core\Controller\Handler\ControllerRequestResponseHandlerTrait;
+use Monarc\Core\Entity\RiskSource;
+use Monarc\Core\InputFormatter\RiskSource\GetRiskSourcesInputFormatter;
+use Monarc\Core\Service\RiskSourceService;
+use Monarc\Core\Validator\InputValidator\RiskSource\PatchRiskSourceDataInputValidator;
+use Monarc\Core\Validator\InputValidator\RiskSource\PostRiskSourceDataInputValidator;
+
+class ApiRiskSourcesController extends AbstractRestfulController
+{
+    use ControllerRequestResponseHandlerTrait;
+
+    public function __construct(
+        private GetRiskSourcesInputFormatter $getRiskSourcesInputFormatter,
+        private RiskSourceService $riskSourceService,
+        private PostRiskSourceDataInputValidator $postRiskSourceDataInputValidator,
+        private PatchRiskSourceDataInputValidator $patchRiskSourceDataInputValidator
+    ) {
+    }
+
+    public function getList()
+    {
+        $formattedParams = $this->getFormattedInputParams($this->getRiskSourcesInputFormatter);
+        $riskSources = $this->riskSourceService->getList($formattedParams);
+        $displayLabelsByRiskSourceId = $this->riskSourceService->getDisplayLabelsByRiskSourceId($riskSources);
+
+        return $this->getPreparedJsonResponse([
+            'count' => $this->riskSourceService->getCount($formattedParams),
+            'riskSources' => array_map(
+                fn (RiskSource $riskSource): array => $this->prepareRiskSourceData(
+                    $riskSource,
+                    false,
+                    $displayLabelsByRiskSourceId[$riskSource->getId()] ?? $riskSource->getLabel()
+                ),
+                $riskSources
+            ),
+        ]);
+    }
+
+    public function get($id)
+    {
+        return $this->getPreparedJsonResponse(
+            $this->prepareRiskSourceData($this->riskSourceService->get((int)$id), true)
+        );
+    }
+
+    public function create($data)
+    {
+        $this->validatePostParams($this->postRiskSourceDataInputValidator, $data);
+        $riskSourceData = $this->prepareRiskSourcePayload($data, $this->postRiskSourceDataInputValidator->getValidData());
+
+        return $this->getSuccessfulJsonResponse($this->prepareRiskSourceData(
+            $this->riskSourceService->create($riskSourceData),
+            true
+        ));
+    }
+
+    public function update($id, $data)
+    {
+        $this->validatePostParams($this->patchRiskSourceDataInputValidator, $data);
+        $riskSourceData = $this->prepareRiskSourcePayload($data, $this->patchRiskSourceDataInputValidator->getValidData());
+
+        return $this->getSuccessfulJsonResponse($this->prepareRiskSourceData(
+            $this->riskSourceService->update((int)$id, $riskSourceData),
+            true
+        ));
+    }
+
+    public function delete($id)
+    {
+        $this->riskSourceService->delete((int)$id);
+
+        return $this->getSuccessfulJsonResponse();
+    }
+
+    private function prepareRiskSourceData(
+        RiskSource $riskSource,
+        bool $includeLabels = false,
+        ?string $displayLabel = null
+    ): array
+    {
+        $riskSourceData = [
+            'id' => $riskSource->getId(),
+            'label' => $displayLabel ?? $this->riskSourceService->getDisplayLabel($riskSource),
+            'isDefault' => $riskSource->isDefault(),
+            'isActive' => $riskSource->isActive(),
+        ];
+
+        if ($includeLabels) {
+            $riskSourceData['labels'] = $this->riskSourceService->getLabels($riskSource);
+        }
+
+        return $riskSourceData;
+    }
+
+    private function prepareRiskSourcePayload(array $sourceData, array $validatedData): array
+    {
+        if (!isset($sourceData['labels']) || !is_array($sourceData['labels'])) {
+            return $validatedData;
+        }
+
+        $labels = [];
+        foreach ($sourceData['labels'] as $languageCode => $label) {
+            $trimmedLabel = trim((string)$label);
+            if ($trimmedLabel !== '') {
+                $labels[(string)$languageCode] = $trimmedLabel;
+            }
+        }
+
+        if ($labels !== []) {
+            $validatedData['labels'] = $labels;
+        }
+
+        return $validatedData;
+    }
+}
diff --git a/view/layout/layout.phtml b/view/layout/layout.phtml
@@ -45,6 +45,9 @@
         ->appendFile('js/anr/ThreatService.js')
         ->appendFile('js/anr/VulnService.js')
         ->appendFile('js/anr/RiskService.js')
+        ->appendFile('js/anr/RiskSourceService.js')
+        ->appendFile('js/anr/InterestedPartyService.js')
+        ->appendFile('js/anr/ReassessmentTriggerService.js')
         ->appendFile('js/anr/AmvService.js')
         ->appendFile('js/anr/CategoryService.js')
         ->appendFile('js/anr/ToolsAnrService.js')
@@ -72,6 +75,7 @@
         ->appendFile('js/kb/rolf/BackofficeKbOpRiskCtrl.js')
         // KB Models
         ->appendFile('js/kb/models/BackofficeKbModelsCtrl.js')
+        ->appendFile('js/kb/reassessment/BackofficeKbReassessmentTriggerCtrl.js')
         // Other KB sections
         ->appendFile('js/kb/BackofficeQuestionsCtrl.js')
         ->appendFile('js/kb/BackofficeAnalysisGuidesCtrl.js')