Feat/poam phase1

docs/POAM-Design.md

@@ -0,0 +1,38 @@
+Title: POAM Phase 1 – UI Design
+
+Goals
+
+- Provide a basic POAM Items list page to exercise the API filters end-to-end.
+- Keep UX simple for Phase 1; extend with create/edit flows in Phase 2.
+
+Routing
+
+- New authenticated route: /poam-items
+- Router entry added under app routes; guard via existing auth store.
+
+Data Access
+
+- Uses existing composables (useFetch/useApi) to call /api/poam-items
+- Query params supported: status, sspId, riskId, deadlineBefore (RFC3339)
+
+View: CCFPoamItemsListView
+
+- Filters
+  - Dropdown: status (open|in-progress|completed|overdue)
+  - Inputs: sspId UUID, riskId UUID, deadlineBefore RFC3339
+  - Apply triggers a reload with current params
+- Table Columns
+  - Title, Status, Deadline, POC (name/email), Updated
+
+Future Enhancements
+
+- Create/Edit forms for POAM items and milestones
+- Mark milestone completed, auto-set completed_at
+- Link POAM item to risks from the UI
+- Pagination and sorting
+
+Verification
+
+- API is reachable at /api/poam-items
+- UI config.json provides API_URL
+- Manual test by applying filters and verifying table updates

src/router/index.ts

@@ -92,6 +92,11 @@ const authenticatedRoutes = [
           },
         ],
       },
+      {
+        path: 'components/dashboards/:componentId',
+        name: 'system-component-dashboards',
+        component: () => import('../views/system/ComponentsView.vue'),
+      },
       {
         path: 'authorizations',
         name: 'system:authorizations',
@@ -110,6 +115,14 @@ const authenticatedRoutes = [
       requiresAuth: true,
     },
   },
+  {
+    path: 'poam-items',
+    name: 'poam-items:index',
+    component: () => import('../views/poam/CCFPoamItemsListView.vue'),
+    meta: {
+      requiresAuth: true,
+    },
+  },
   {
     path: 'risks/:riskId',
     name: 'risks:detail',
@@ -194,6 +207,14 @@ const authenticatedRoutes = [
       requiresAuth: true,
     },
   },
+  {
+    path: '/profiles/build-props',
+    name: 'profile-build-props',
+    component: () => import('../views/profile/ProfileBuildPropsView.vue'),
+    meta: {
+      requiresAuth: true,
+    },
+  },
   {
     path: '/profiles/:id',
     name: 'profile:view',

src/views/LeftSideNav.vue

@@ -119,11 +119,6 @@ const links = ref<Array<NavigationItem>>([
         name: 'users-list',
         title: 'System Users',
       },
-      {
-        name: 'admin-import',
-        title: 'Import',
-        abbr: 'IMP',
-      },
     ],
   },
 ]);

src/views/catalog/CatalogControl.vue

@@ -41,11 +41,25 @@
     >
       <div class="flex items-start justify-between gap-4">
         <div>
-          <TertiaryButton v-if="!statement">Add Statement</TertiaryButton>
-          <TertiaryButton v-if="!objective" class="ml-2"
+          <TertiaryButton v-if="!statement" @click="showEditStatement = true"
+            >Add Statement</TertiaryButton
+          >
+          <TertiaryButton
+            v-if="statement"
+            class="ml-2"
+            @click="showEditStatement = true"
+            >Edit Statement</TertiaryButton
+          >
+          <TertiaryButton
+            v-if="!objective"
+            class="ml-2"
+            @click="showEditObjective = true"
             >Add Objective</TertiaryButton
           >
-          <TertiaryButton v-if="!guidance" class="ml-2"
+          <TertiaryButton
+            v-if="!guidance"
+            class="ml-2"
+            @click="showEditGuidance = true"
             >Add Guidance</TertiaryButton
           >
 
@@ -100,6 +114,27 @@
           :parent-control="props.control"
           v-model="showControlForm"
         />
+        <ControlPartEditModal
+          v-model="showEditStatement"
+          :catalog="catalog"
+          :control="props.control"
+          type="statement"
+          @updated="onUpdated"
+        />
+        <ControlPartEditModal
+          v-model="showEditObjective"
+          :catalog="catalog"
+          :control="props.control"
+          type="assessment-objective"
+          @updated="onUpdated"
+        />
+        <ControlPartEditModal
+          v-model="showEditGuidance"
+          :catalog="catalog"
+          :control="props.control"
+          type="guidance"
+          @updated="onUpdated"
+        />
         <ControlEditModal
           v-model="showEdit"
           :catalog="catalog"
@@ -118,6 +153,7 @@ import { type Catalog, type Control } from '@/oscal';
 import TertiaryButton from '@/volt/TertiaryButton.vue';
 import ControlCreateModal from '@/components/catalogs/ControlCreateModal.vue';
 import ControlEditModal from '@/components/catalogs/ControlEditModal.vue';
+import ControlPartEditModal from '@/components/catalogs/ControlPartEditModal.vue';
 import type { Part } from '@/oscal';
 import PartDisplayEditor from '@/components/PartDisplayEditor.vue';
 import { useRouter } from 'vue-router';
@@ -179,6 +215,9 @@ function getPart(type: string) {
 
 const showControlForm = ref<boolean>(false);
 const showEdit = ref<boolean>(false);
+const showEditStatement = ref<boolean>(false);
+const showEditObjective = ref<boolean>(false);
+const showEditGuidance = ref<boolean>(false);
 
 function controlCreated(control: Control) {
   controls.value?.push(control);

src/views/catalog/CatalogView.vue

@@ -138,7 +138,6 @@ async function deleteCatalog(uuid: string, title: string) {
 function deleteCurrentCatalog() {
   deleteCatalog(catalogId.value, catalog.value?.metadata?.title || '');
 }
-
 function reloadLists() {
   groupExecute(`/api/oscal/catalogs/${catalogId.value}/groups`);
   catalogExecute(`/api/oscal/catalogs/${catalogId.value}/controls`);

src/views/poam/CCFPoamItemsListView.vue

@@ -0,0 +1,137 @@
+<template>
+  <div class="p-6">
+    <h1 class="text-2xl font-semibold mb-4">POAM Items</h1>
+    <div class="grid grid-cols-1 md:grid-cols-4 gap-3 mb-4">
+      <div>
+        <label class="block text-sm font-medium mb-1">Status</label>
+        <select v-model="status" class="border rounded px-2 py-1 w-full">
+          <option value="">Any</option>
+          <option value="open">open</option>
+          <option value="in-progress">in-progress</option>
+          <option value="completed">completed</option>
+          <option value="overdue">overdue</option>
+        </select>
+      </div>
+      <div>
+        <label class="block text-sm font-medium mb-1">SSP ID</label>
+        <input
+          v-model="sspId"
+          placeholder="UUID"
+          class="border rounded px-2 py-1 w-full"
+        />
+      </div>
+      <div>
+        <label class="block text-sm font-medium mb-1">Risk ID</label>
+        <input
+          v-model="riskId"
+          placeholder="UUID"
+          class="border rounded px-2 py-1 w-full"
+        />
+      </div>
+      <div>
+        <label class="block text-sm font-medium mb-1">Deadline Before</label>
+        <input
+          v-model="deadlineBefore"
+          placeholder="YYYY-MM-DDTHH:mm:ssZ"
+          class="border rounded px-2 py-1 w-full"
+        />
+      </div>
+    </div>
+    <div class="mb-4">
+      <button @click="refresh" class="bg-blue-600 text-white px-3 py-1 rounded">
+        Apply Filters
+      </button>
+    </div>
+    <div v-if="loading" class="text-gray-600">Loading...</div>
+    <div v-else-if="error" class="text-red-600">Failed to load POAM items</div>
+    <table v-else class="min-w-full border rounded">
+      <thead>
+        <tr class="bg-gray-100 text-left text-sm">
+          <th class="p-2 border">Title</th>
+          <th class="p-2 border">Status</th>
+          <th class="p-2 border">Deadline</th>
+          <th class="p-2 border">POC</th>
+          <th class="p-2 border">Updated</th>
+        </tr>
+      </thead>
+      <tbody>
+        <tr v-for="item in items" :key="item.id" class="text-sm">
+          <td class="p-2 border">{{ item.title }}</td>
+          <td class="p-2 border">{{ item.status }}</td>
+          <td class="p-2 border">{{ item.deadline ?? '-' }}</td>
+          <td class="p-2 border">
+            {{ item.pocName ?? '-' }}
+            <span v-if="item.pocEmail">({{ item.pocEmail }})</span>
+          </td>
+          <td class="p-2 border">{{ item.updatedAt }}</td>
+        </tr>
+      </tbody>
+    </table>
+  </div>
+</template>
+
+<script setup lang="ts">
+import { ref, watchEffect, computed } from 'vue';
+import { useApi } from '@/composables/api';
+
+type PoamItem = {
+  id: string;
+  sspId: string;
+  title: string;
+  description: string;
+  status: string;
+  deadline?: string | null;
+  resourceRequired?: string | null;
+  pocName?: string | null;
+  pocEmail?: string | null;
+  pocPhone?: string | null;
+  remarks?: string | null;
+  createdAt: string;
+  updatedAt: string;
+};
+
+type ListResponse = { data: PoamItem[] };
+
+const status = ref<string>('');
+const sspId = ref<string>('');
+const riskId = ref<string>('');
+const deadlineBefore = ref<string>('');
+
+const url = () => {
+  const params = new URLSearchParams();
+  if (status.value) params.set('status', status.value);
+  if (sspId.value) params.set('sspId', sspId.value);
+  if (riskId.value) params.set('riskId', riskId.value);
+  if (deadlineBefore.value) params.set('deadlineBefore', deadlineBefore.value);
+  const qs = params.toString();
+  return new Request(`/api/poam-items${qs ? `?${qs}` : ''}`, {
+    method: 'GET',
+    headers: new Headers(),
+  });
+};
+
+const data = ref<ListResponse>();
+const loading = ref<boolean>(true);
+const error = ref<boolean>(false);
+
+function load() {
+  loading.value = true;
+  error.value = false;
+  const { data: d, loading: l, error: e } = useApi<ListResponse>(url());
+  watchEffect(() => {
+    data.value = d.value;
+    loading.value = l.value;
+    error.value = e.value;
+  });
+}
+
+function refresh() {
+  load();
+}
+
+load();
+
+const items = computed(() => data.value?.data ?? []);
+</script>
+
+<style scoped></style>