Tailwind UI work

Squash of 96 commits previously on this branch (chronological order):

- Apply DefectDojo brand guidelines to docs site styling
- Merge branch 'dev' of https://github.com/devGregA/django-DefectDojo into dev
- Replace Bootstrap 3 + SB Admin 2 with Tailwind CSS v4
- Merge dev into tailwind branch
- Merge dev into tailwind branch
- Mark dev as merged into tailwind (content already absorbed via 196da76 + 729a73a)
- Add UI toggle for classic Bootstrap fallback and align form field widths
- Fix ruff lint errors in template loaders, display tags, and user views
- Fix integration test login selector and ship Work Sans fonts
- refactor: consolidate RBAC into dojo/authorization package
- feat(authorization): reintroduce authorized_users M2M on Product / Product_Type
- feat(authorization): backfill authorized_users from existing RBAC tables
- feat(authorization): introduce Action enum and permission_to_action mapper
- feat(authorization): rewrite core checks with legacy authorized_users model
- feat(authorization): rewrite query_registrations with legacy filtering
- feat(authorization): release RBAC tables from dojo state to managed=False shells
- feat(authorization): add preview_legacy_authorization_migration command
- refactor(authorization): simplify call sites to legacy action vocabulary
- refactor(authorization): simplify templates to legacy action vocabulary
- docs(authorization): add migration rehearsal procedure
- fix(authorization): restore is_staff bypass for View
- test(authorization): rewrite tests for legacy semantics
- test(authorization): adapt RBAC-flavored tests to legacy semantics
- test(authorization): adapt permissions audit suite to legacy semantics
- fix(authorization): perform_create reused serializer.instance + adapt rest_framework tests
- test: green-light the full unittest suite under legacy authorization
- feat(authorization): add Authorized Users UI for legacy access management
- fix(authorization): drop multi-line {# #} comments leaking as text
- test(authorization): cover end-to-end ACL filtering for authorized_users
- docs(2.58): document Authorized Users panel + Pro no-op note
- fix(user): drop stale select_related("global_role") in /user list view
- feat(authorization): strip inert user-groups panel from view_user.html
- fix(user): use forward FK to look up Global_Role on profile / user / group save
- style: hoist Global_Role/Role imports to module top to satisfy ruff PLC0415
- feat(authorization): strip Global Role + profile Groups panel under legacy
- feat(authorization): exclude default_group RBAC fields from System Settings form/serializer
- fix(ui): row-action ellipsis alignment + Authorized Users trash icon visibility
- feat(authorization): unregister RBAC API endpoints in OS — moved to Pro
- fix(authorization): restore is_staff bypass for configuration permissions
- feat(authorization): expose is_staff on user UI form + API serializer
- feat(authorization): strip RBAC member-listing panels from view_user.html
- feat(authorization): make view_user product/product_type panels read-only under legacy
- feat(authorization): wire user-view Add/Revoke actions to authorized_users
- docs(2.58): expand legacy authorization rewrite notes
- docs(2.58): call out the two migration management commands
- docs(2.58): correct the migration story — 0266/0267/0268 ship in 2.58, not 2.57
- docs(2.58): soften migration narrative in the upgrade notes
- Merge origin/dev into tailwind
- feat(sso): remove SSO surface from open source — Pro only as of 2.58
- docs(2.58): reframe SSO and RBAC as Pro-only; add Authorized Users page
- Remove SAML logout button from header menu
- ui(authorized-users): collapse row delete into kebab menu, equalize columns
- fix(profile): redirect after successful POST so UI toggle takes effect
- Merge branch 'tailwind' of github.com:devGregA/django-DefectDojo into tailwind
- feat(users): replace Global Role column with Staff boolean
- docs(2.59): slip legacy authorization + SSO upgrade notes from 2.58 to 2.59
- docs(view_group): point help-text links to OS Authorized Users page
- chore(migrations): merge 0269 table renames into 0268 release-rbac-state
- Merge origin/dev into tailwind
- fix(lint): drop merge-residual unused imports flagged by ruff
- remove OS UI for individual groups and group members
- remove orphaned templates_classic copies for individual groups
- remove OS UI for product groups
- remove OS UI for product-type groups
- strip Global_Role and group-membership UI from user pages
- remove orphaned API ViewSets, serializers, and permissions for groups/roles
- clean up unused imports left over from groups/roles UI removal
- remove dojo/group/ — queries and signals move to Pro
- move 10 group/member helper queries to Pro
- remove OS user-side UI for product / product-type members
- remove OS UI for product members
- remove OS UI for product-type members
- remove orphaned API ViewSets, serializers, and permissions for members
- clean up unused Product_Member / Product_Type_Member imports left over from member UI removal
- stop creating Product_Type_Member in OS ProductTypeViewSet.perform_create
- stop creating Product_Type_Member in classic add_product_type view
- stop creating Product_Type_Member in OS OrganizationViewSet.perform_create
- stop creating Product_Member / Product_Type_Member during auto_create_context
- stop creating default Dojo_Group_Member from user_post_save
- remove orphaned AssetMember V3 API ViewSet, serializer, filter, and permission
- remove orphaned AssetGroup V3 API ViewSet, serializer, filter, and permission
- remove orphaned OrganizationMember V3 API ViewSet, serializer, filter, and permission
- remove orphaned OrganizationGroup V3 API ViewSet, serializer, filter, and permission
- move get_authorized_product_members / get_authorized_product_groups to Pro
- move get_authorized_product_type_members / get_authorized_product_type_groups to Pro
- strip Global_Role guard from delete_user view
- strip Global_Role check from finding_group ListFindingGroups
- strip RBAC route entries from URL_PERMISSIONS
- gut RBAC isinstance / queryset fallbacks from OS auth core
- move Add_Product_Group_GroupForm / Add_Product_Type_Group_GroupForm / GlobalRoleForm to Pro
- remove migrate_staff_users management command
- devGregA elevate Writer Global_Role to is_staff in legacy auth backfill
- Merge branch 'dev' into tailwind
- Merge branch 'dev' into tailwind
- remove templates_classic counterparts of deleted cred/promote files
- strip cred + stub_finding inline blocks from templates_classic

Author: devGregA

Dockerfile.nginx-alpine

@@ -61,6 +61,8 @@ RUN \
   yarn
 COPY manage.py ./
 COPY dojo/ ./dojo/
+# Build Tailwind CSS
+RUN cd components && yarn build:css
 # always collect static for debug toolbar as we can't make it dependant on env variables or build arguments without breaking docker layer caching
 RUN env DD_SECRET_KEY='.' DD_DJANGO_DEBUG_TOOLBAR_ENABLED=True python3 manage.py collectstatic --noinput --verbosity=2 && true
 

components/node_modules/.gitkeep

@@ -1,14 +1,18 @@
 {
   "name": "defectdojo",
   "version": "2.59.0-dev",
-  "license" : "BSD-3-Clause",
+  "license": "BSD-3-Clause",
   "private": true,
   "dependencies": {
+    "@fontsource-variable/work-sans": "^5.1",
     "JUMFlot": "jumjum123/JUMFlot#*",
+    "alpinejs": "^3.14",
     "bootstrap": "^3.4.1",
     "bootstrap-select": "^1.13.18",
     "bootstrap-social": "^4.0.0",
     "bootstrap-wysiwyg": "^2.0.0",
+    "chart.js": "^4.4",
+    "chartjs-adapter-moment": "^1.0",
     "chosen-bootstrap": "https://github.com/dbtek/chosen-bootstrap",
     "chosen-js": "^1.8.7",
     "clipboard": "^2.0.11",
@@ -18,10 +22,12 @@
     "drmonty-datatables-plugins": "^1.0.0",
     "drmonty-datatables-responsive": "^1.0.0",
     "easymde": "^2.21.0",
+    "flatpickr": "^4.6",
     "flot": "flot/flot#~0.8.3",
     "font-awesome": "^4.0.0",
     "fullcalendar": "^3.10.2",
     "google-code-prettify": "^1.0.0",
+    "htmx.org": "^2.0",
     "jquery": "^3.7.1",
     "jquery-highlight": "3.5.0",
     "jquery-ui": "1.14.2",
@@ -36,6 +42,16 @@
     "pdfmake": "^0.3.7",
     "startbootstrap-sb-admin-2": "1.0.7"
   },
+  "devDependencies": {
+    "@tailwindcss/cli": "^4.1",
+    "@tailwindcss/forms": "^0.5",
+    "tailwindcss": "^4.1"
+  },
+  "scripts": {
+    "copy:fonts": "mkdir -p ../dojo/static/dojo/css/files && cp node_modules/@fontsource-variable/work-sans/files/work-sans-*-wght-normal.woff2 ../dojo/static/dojo/css/files/",
+    "build:css": "npm run copy:fonts && npx @tailwindcss/cli -i tailwind.css -o ../dojo/static/dojo/css/tailwind-out.css --minify",
+    "watch:css": "npm run copy:fonts && npx @tailwindcss/cli -i tailwind.css -o ../dojo/static/dojo/css/tailwind-out.css --watch"
+  },
   "engines": {
     "yarn": ">= 1.0.0"
   }