From 362f633e0ccfebb6408fae3622881ba7f4f40bad Mon Sep 17 00:00:00 2001
From: eric-intuitem <71850047+eric-intuitem@users.noreply.github.com>
Date: Fri, 24 Jan 2025 16:32:40 +0100
Subject: [PATCH] docs: domain import/export specification (#1361)

* Update data-model.md

- add domain import/export
- add draft for asset compliance

* Update data-model.md

* Update data-model.md

---------

Co-authored-by: Mohamed-Hacene <90701924+Mohamed-Hacene@users.noreply.github.com>
---
 documentation/architecture/data-model.md | 45 ++++++++++++++++++++++++
 1 file changed, 45 insertions(+)

diff --git a/documentation/architecture/data-model.md b/documentation/architecture/data-model.md
index fb530d61c..f9f5c7882 100644
--- a/documentation/architecture/data-model.md
+++ b/documentation/architecture/data-model.md
@@ -1442,3 +1442,48 @@ erDiagram
 - EBIOS-RM objects are defined within a dedicated Django "application" ebios_rm.
 - There is no object for "strategic scenarios", as they result directly from attack paths and corresponding feared event (which is the title of the strategic scenario).
 - the current and residual "criticity" are calculated on stakeholders, so they are not seen as fields.
+
+## Domain import/export
+
+### MVP
+
+- It is possible to export a domain, and reimport it on another instance.
+- The imported domain is created as a new child domain of the global domain.
+- The name of the domain is not exported. The name of the imported domain is selected at import. It shall be unique.
+- Subdomains are not exported, only the domain itself.
+- Objects coming from a library shall be available on the target. If not, an error message is displayed to point to the missing library.
+- Objects not coming from library are created in the target domain, even if they come from an upper domain.
+- The export is a zip file containing a json dump of concerned objects and attached evidences.
+- The import is atomic, any error provokes a rollback.
+- The export function is only available in the PRO version.
+- The version of CISO Assistant is published in the export. The version at import shall be identical.
+
+### Additional features
+
+- It shall be possible to see the list of objects that would be exported, and to select/deselect some of them while keeping consistency. This should include evidences with their size.
+- It shall be possible to visualize objects that would be imported, and to select/deselect some of them while keeping consistency.  This should include evidences with their size.
+- It shall be possible to optionally export subdomains along with the domain. The import shall be flattened if the target is not a PRO version.
+
+## Asset compliance (draft)
+
+```mermaid
+erDiagram
+
+    COMPLIANCE_INDICATOR          }o--o{ ASSET                : applies_to
+    OBSERVATION                   }o--|| ASSET                : applies_to
+    OBSERVATION                   }o--|| COMPLIANCE_INDICATOR : corresponds_to
+ 
+    COMPLIANCE_INDICATOR {
+        string ref_id
+        string name
+        string description
+        json   tracker_metadata
+    }
+
+    OBSERVATION {
+        datetime when
+        json     tracked_data
+        boolean  compliance_status
+    }
+
+```