Implement Phase 4: ML threat detection, automated playbooks, and advanced reporting

Co-authored-by: mblanke <9078342+mblanke@users.noreply.github.com>

backend/app/api/routes/reports.py

@@ -0,0 +1,120 @@
+from typing import List
+from fastapi import APIRouter, Depends, HTTPException, status
+from sqlalchemy.orm import Session
+
+from app.core.database import get_db
+from app.core.deps import get_current_active_user, get_tenant_id
+from app.models.user import User
+from app.models.report_template import ReportTemplate, Report
+from app.schemas.report import ReportTemplateCreate, ReportTemplateRead, ReportCreate, ReportRead
+
+router = APIRouter()
+
+
+@router.get("/templates", response_model=List[ReportTemplateRead])
+async def list_report_templates(
+    skip: int = 0,
+    limit: int = 100,
+    current_user: User = Depends(get_current_active_user),
+    tenant_id: int = Depends(get_tenant_id),
+    db: Session = Depends(get_db)
+):
+    """List report templates scoped to tenant"""
+    templates = db.query(ReportTemplate).filter(
+        ReportTemplate.tenant_id == tenant_id
+    ).offset(skip).limit(limit).all()
+    return templates
+
+
+@router.post("/templates", response_model=ReportTemplateRead, status_code=status.HTTP_201_CREATED)
+async def create_report_template(
+    template_data: ReportTemplateCreate,
+    current_user: User = Depends(get_current_active_user),
+    tenant_id: int = Depends(get_tenant_id),
+    db: Session = Depends(get_db)
+):
+    """Create a new report template"""
+    template = ReportTemplate(
+        tenant_id=tenant_id,
+        created_by=current_user.id,
+        **template_data.dict()
+    )
+    db.add(template)
+    db.commit()
+    db.refresh(template)
+    return template
+
+
+@router.post("/generate", response_model=ReportRead, status_code=status.HTTP_201_CREATED)
+async def generate_report(
+    report_data: ReportCreate,
+    current_user: User = Depends(get_current_active_user),
+    tenant_id: int = Depends(get_tenant_id),
+    db: Session = Depends(get_db)
+):
+    """
+    Generate a new report
+    
+    This is a simplified implementation. In production, this would:
+    1. Fetch relevant data based on report type
+    2. Apply template formatting
+    3. Generate PDF/HTML output
+    4. Store file and return path
+    """
+    report = Report(
+        tenant_id=tenant_id,
+        template_id=report_data.template_id,
+        title=report_data.title,
+        report_type=report_data.report_type,
+        format=report_data.format,
+        status="generating",
+        generated_by=current_user.id
+    )
+    db.add(report)
+    db.commit()
+    
+    # Simulate report generation
+    # In production, this would be an async task
+    report.status = "completed"
+    report.file_path = f"/reports/{report.id}.{report_data.format}"
+    db.commit()
+    db.refresh(report)
+    
+    return report
+
+
+@router.get("/", response_model=List[ReportRead])
+async def list_reports(
+    skip: int = 0,
+    limit: int = 100,
+    current_user: User = Depends(get_current_active_user),
+    tenant_id: int = Depends(get_tenant_id),
+    db: Session = Depends(get_db)
+):
+    """List generated reports"""
+    reports = db.query(Report).filter(
+        Report.tenant_id == tenant_id
+    ).order_by(Report.generated_at.desc()).offset(skip).limit(limit).all()
+    return reports
+
+
+@router.get("/{report_id}", response_model=ReportRead)
+async def get_report(
+    report_id: int,
+    current_user: User = Depends(get_current_active_user),
+    tenant_id: int = Depends(get_tenant_id),
+    db: Session = Depends(get_db)
+):
+    """Get a specific report"""
+    report = db.query(Report).filter(
+        Report.id == report_id,
+        Report.tenant_id == tenant_id
+    ).first()
+    
+    if not report:
+        raise HTTPException(
+            status_code=status.HTTP_404_NOT_FOUND,
+            detail="Report not found"
+        )
+    
+    return report