β BackCMMC Artifact Tracker β TODO
Done
- [x] Dashboard with per-family progress bars
- [x] Family detail pages with collapsible requirements
- [x] Checkable objectives with artifact notes + date captured
- [x] Examine/Interview/Test methods as expandable reference
- [x] File upload (screenshots, docs, PDFs, etc.)
- [x] Team member management (config page)
- [x] Per-objective assignments
- [x] Bulk assign per requirement group
- [x] Duplicate assignment prevention
- [x] No-artifact-no-checkmark enforcement
- [x] CSV export with assigned-to column
- [x] Toast notifications instead of popups
- [x] Progress by person β member dashboard showing their assignments, completion %, what's pending
- [x] Search β global search by objective ID, text, or family
- [x] Due dates on assignments β date picker UI, highlight overdue in red
- [x] Status workflow β Not Started β In Progress β Evidence Collected β Reviewed β Complete
- [x] Artifact count on dashboard cards (evidence attached vs total objectives)
- [x] POA&M generator β auto-generate Plan of Action & Milestones for incomplete objectives
- [x] Evidence mapping β link one artifact to multiple objectives
- [x] Domain/asset tagging for artifacts
- [x] Auto-rename artifacts (AC-3.01.01.a-Domain.pdf)
- [x] File metadata extraction (creation date from EXIF, PDF, docx, xlsx)
- [x] "How was this obtained?" per artifact
- [x] User auth with first-run setup flow
- [x] Role-based access (admin/user)
- [x] Audit trail β logs all user actions
- [x] Dark/light mode toggle
- [x] Font size controls
- [x] Security audit β CSRF, XSS, rate limiting, secure headers, file upload hardening
- [x] Print/PDF assessment report
- [x] Landing page
Backlog (Priority Order)
- [x] Comments/activity log per objective
- [x] Dashboard charts (bar/pie for visual progress)
- [x] SSP mapping β link requirements to System Security Plan sections
- [x] Import/export full state as zip backup
- [x] Email notifications for overdue assignments
- [ ] Multi-tenant support (multiple organizations)
- [ ] API documentation (OpenAPI/Swagger)
- [ ] Docker Compose production config (nginx, SSL)