EBIOS-RM-Pro-v5.html

<!DOCTYPE html>
<html lang="fr">
<head>
<meta charset="UTF-8"><meta name="viewport" content="width=device-width,initial-scale=1.0">
<meta http-equiv="Content-Security-Policy" content="default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.tailwindcss.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://cdn.tailwindcss.com; img-src 'self' data: blob:; font-src 'self' https://fonts.gstatic.com; connect-src 'self';">
<title>EBIOS RM Pro v5</title>
<script src="https://cdn.tailwindcss.com"></script>
<script src="https://cdn.jsdelivr.net/npm/docx@8.5.0/build/index.umd.min.js"></script>
<script src="https://cdn.jsdelivr.net/npm/file-saver@2.0.5/dist/FileSaver.min.js"></script>
<script src="https://cdn.jsdelivr.net/npm/chart.js"></script>
<style>
*{font-family:'Segoe UI',system-ui,sans-serif;box-sizing:border-box}
::-webkit-scrollbar{width:6px;height:6px}::-webkit-scrollbar-track{background:#1e293b}::-webkit-scrollbar-thumb{background:#475569;border-radius:3px}
.sidebar{width:240px;min-width:240px;transition:all .3s}.sidebar.collapsed{width:50px;min-width:50px}.sidebar.collapsed .stxt{display:none}
.wnav.active{background:rgba(59,130,246,0.2);color:#93c5fd}
.modal{display:none;position:fixed;inset:0;background:rgba(0,0,0,0.85);z-index:100;align-items:center;justify-content:center}.modal.active{display:flex}
.chip{display:inline-flex;align-items:center;gap:4px;padding:3px 10px;border-radius:999px;font-size:11px;margin:2px}
.editable:hover{background:rgba(59,130,246,0.1);cursor:pointer}
input:focus,select:focus,textarea:focus{outline:none;border-color:#3b82f6;box-shadow:0 0 0 2px rgba(59,130,246,0.2)}
.card{background:rgba(30,41,59,0.5);border:1px solid #334155;border-radius:12px;padding:20px}
.btn{padding:8px 16px;border-radius:8px;font-weight:500;transition:all .2s}
.btn-blue{background:#2563eb;color:#fff}.btn-blue:hover{background:#1d4ed8}
.btn-red{background:#dc2626;color:#fff}.btn-red:hover{background:#b91c1c}
.btn-green{background:#16a34a;color:#fff}.btn-green:hover{background:#15803d}
.btn-purple{background:#7c3aed;color:#fff}.btn-purple:hover{background:#6d28d9}
.btn-orange{background:#ea580c;color:#fff}.btn-orange:hover{background:#c2410c}
.btn-gray{background:#475569;color:#fff}.btn-gray:hover{background:#334155}
.badge{padding:2px 8px;border-radius:4px;font-size:11px;font-weight:600}
.table-container{overflow-x:auto;border-radius:8px;border:1px solid #334155}
table{width:100%;border-collapse:collapse}
th{background:#1e293b;padding:10px 12px;text-align:left;font-size:11px;text-transform:uppercase;color:#94a3b8;font-weight:600}
td{padding:10px 12px;border-top:1px solid #334155;color:#fff}
tr:hover{background:rgba(59,130,246,0.05)}
.radar-container{position:relative;width:100%;padding-top:100%;background:radial-gradient(circle,rgba(30,41,59,0.8) 0%,rgba(15,23,42,0.9) 100%);border-radius:50%;border:2px solid #334155}
.radar-ring{position:absolute;border:1px solid #334155;border-radius:50%}
.radar-point{position:absolute;width:12px;height:12px;border-radius:50%;transform:translate(-50%,-50%);cursor:pointer;transition:all .2s}
.radar-point:hover{transform:translate(-50%,-50%) scale(1.3);z-index:10}
/* Couleurs niveau 1-4 */
.lvl-1{color:#22c55e !important}.bg-lvl-1{background:#22c55e20;border-color:#22c55e}
.lvl-2{color:#eab308 !important}.bg-lvl-2{background:#eab30820;border-color:#eab308}
.lvl-3{color:#f97316 !important}.bg-lvl-3{background:#f9731620;border-color:#f97316}
.lvl-4{color:#dc2626 !important}.bg-lvl-4{background:#dc262620;border-color:#dc2626}
/* Texte blanc global */
body, p, span, div, label, option{color:#fff}
.text-slate-400{color:#94a3b8 !important}
.text-slate-500{color:#64748b !important}
</style>
</head>
<body class="bg-gradient-to-br from-slate-900 via-slate-800 to-slate-900 min-h-screen flex">

<!-- Sidebar -->
<aside id="sidebar" class="sidebar bg-slate-900 border-r border-slate-700 flex flex-col h-screen sticky top-0">
<div class="p-3 border-b border-slate-700 flex items-center gap-2">
<div class="w-9 h-9 bg-gradient-to-br from-blue-500 to-purple-600 rounded-lg flex items-center justify-center text-lg shrink-0">🛡️</div>
<div class="stxt"><h1 class="text-sm font-bold text-white">EBIOS RM Pro</h1><p class="text-slate-500 text-xs">v5.0 • ANSSI</p></div>
</div>
<nav class="flex-1 p-2 overflow-y-auto">
<div class="stxt text-slate-500 text-[10px] uppercase tracking-wider px-2 py-1">Ateliers</div>
<button onclick="goW(1)" class="wnav w-full flex items-center gap-2 px-2 py-2 rounded-lg text-left mb-0.5 text-slate-400 hover:bg-slate-800" data-w="1"><span class="w-7 h-7 rounded bg-blue-600 flex items-center justify-center font-bold text-xs text-white shrink-0">1</span><span class="stxt text-sm">Cadrage</span></button>
<button onclick="goW(2)" class="wnav w-full flex items-center gap-2 px-2 py-2 rounded-lg text-left mb-0.5 text-slate-400 hover:bg-slate-800" data-w="2"><span class="w-7 h-7 rounded bg-red-600 flex items-center justify-center font-bold text-xs text-white shrink-0">2</span><span class="stxt text-sm">Sources Risque</span></button>
<button onclick="goW(3)" class="wnav w-full flex items-center gap-2 px-2 py-2 rounded-lg text-left mb-0.5 text-slate-400 hover:bg-slate-800" data-w="3"><span class="w-7 h-7 rounded bg-purple-600 flex items-center justify-center font-bold text-xs text-white shrink-0">3</span><span class="stxt text-sm">Stratégiques</span></button>
<button onclick="goW(4)" class="wnav w-full flex items-center gap-2 px-2 py-2 rounded-lg text-left mb-0.5 text-slate-400 hover:bg-slate-800" data-w="4"><span class="w-7 h-7 rounded bg-orange-600 flex items-center justify-center font-bold text-xs text-white shrink-0">4</span><span class="stxt text-sm">Opérationnels</span></button>
<button onclick="goW(5)" class="wnav w-full flex items-center gap-2 px-2 py-2 rounded-lg text-left mb-0.5 text-slate-400 hover:bg-slate-800" data-w="5"><span class="w-7 h-7 rounded bg-green-600 flex items-center justify-center font-bold text-xs text-white shrink-0">5</span><span class="stxt text-sm">Traitement</span></button>
<div class="stxt text-slate-500 text-[10px] uppercase tracking-wider px-2 py-1 mt-3">Synthèse</div>
<button onclick="goW(6)" class="wnav w-full flex items-center gap-2 px-2 py-2 rounded-lg text-left mb-0.5 text-slate-400 hover:bg-slate-800" data-w="6"><span class="w-7 h-7 rounded bg-cyan-600 flex items-center justify-center text-xs shrink-0">📊</span><span class="stxt text-sm">Dashboard</span></button>
<div class="stxt text-slate-500 text-[10px] uppercase tracking-wider px-2 py-1 mt-3">Ressources</div>
<button onclick="showMitre()" class="w-full flex items-center gap-2 px-2 py-2 rounded-lg text-left mb-0.5 text-slate-400 hover:bg-slate-800"><span class="w-7 h-7 rounded bg-rose-700 flex items-center justify-center text-xs shrink-0">⚔️</span><span class="stxt text-sm">MITRE ATT&CK</span></button>
<button onclick="showBDC()" class="w-full flex items-center gap-2 px-2 py-2 rounded-lg text-left mb-0.5 text-slate-400 hover:bg-slate-800"><span class="w-7 h-7 rounded bg-indigo-600 flex items-center justify-center text-xs shrink-0">📚</span><span class="stxt text-sm">Base ANSSI</span></button>
</nav>
<div class="p-2 border-t border-slate-700">
<div class="stxt text-[10px] text-slate-500 mb-1 px-1">Projet: <span class="text-white" id="projName">-</span></div>
<div class="flex gap-1">
<button onclick="expJSON()" class="flex-1 py-1.5 bg-slate-800 hover:bg-slate-700 text-slate-300 rounded text-xs">💾</button>
<button onclick="expWord()" class="flex-1 py-1.5 bg-blue-700 hover:bg-blue-600 text-white rounded text-xs" title="Export Word">📝</button>
<button onclick="toggleSB()" class="py-1.5 px-2 bg-slate-800 hover:bg-slate-700 text-slate-300 rounded text-xs">◀</button>
</div></div>
</aside>

<!-- Main -->
<main class="flex-1 flex flex-col min-h-screen overflow-hidden">
<header class="bg-slate-900/90 border-b border-slate-700 px-5 py-3 flex items-center justify-between shrink-0">
<div><h2 class="text-lg font-bold text-white" id="pageTitle">Atelier 1</h2><p class="text-slate-400 text-xs" id="pageDesc">Cadrage</p></div>
<div class="flex items-center gap-2">
<span id="saveInd" class="text-green-400 text-xs flex items-center gap-1"><span class="w-1.5 h-1.5 bg-green-400 rounded-full"></span>Sauvé</span>
<button onclick="showSettings()" class="p-1.5 hover:bg-slate-800 rounded text-slate-400">⚙️</button>
</div>
</header>
<div class="flex-1 p-5 overflow-y-auto" id="main"></div>
</main>

<!-- Modals -->
<div id="startModal" class="modal active">
<div class="bg-slate-800 rounded-2xl p-6 max-w-md w-full border border-slate-600">
<div class="text-center mb-5">
<div class="w-20 h-20 bg-gradient-to-br from-blue-500 via-purple-500 to-pink-500 rounded-2xl flex items-center justify-center text-4xl mx-auto mb-3">🛡️</div>
<h2 class="text-xl font-bold text-white">EBIOS RM Pro v5</h2>
<p class="text-slate-400 text-sm mt-1">Analyse de Risques • ANSSI • MITRE ATT&CK</p>
</div>
<div id="savedBox" class="hidden mb-4 p-3 bg-blue-500/20 border border-blue-500/50 rounded-lg">
<p class="text-blue-300 text-sm font-medium">📁 Analyse détectée</p>
<p class="text-slate-400 text-xs mt-0.5" id="savedInfo"></p>
</div>
<div class="space-y-2">
<button onclick="loadSaved()" id="btnResume" class="hidden w-full py-2.5 btn btn-blue">📂 Reprendre</button>
<button onclick="startNew()" class="w-full py-2.5 btn btn-green">✨ Nouvelle analyse</button>
<button onclick="document.getElementById('fileIn').click()" class="w-full py-2.5 btn btn-gray">📥 Importer JSON</button>
</div>
<input type="file" id="fileIn" accept=".json" class="hidden" onchange="impJSON(event)">
</div>
</div>

<div id="editModal" class="modal">
<div class="bg-slate-800 rounded-xl p-5 max-w-lg w-full border border-slate-600 max-h-[85vh] overflow-y-auto">
<div class="flex justify-between items-center mb-4"><h3 class="text-lg font-bold text-white" id="editTitle">Modifier</h3><button onclick="closeEdit()" class="text-slate-400 hover:text-white text-xl">&times;</button></div>
<div id="editBody"></div>
<div class="flex gap-2 mt-4">
<button onclick="saveEdit()" class="flex-1 btn btn-blue">Enregistrer</button>
<button onclick="closeEdit()" class="flex-1 btn btn-gray">Annuler</button>
</div>
</div>
</div>

<div id="mitreModal" class="modal">
<div class="bg-slate-800 rounded-xl p-5 max-w-5xl w-full border border-slate-600 max-h-[90vh] flex flex-col">
<div class="flex justify-between items-center mb-3"><h3 class="text-lg font-bold text-white">⚔️ MITRE ATT&CK</h3><button onclick="closeMitre()" class="text-slate-400 hover:text-white text-xl">&times;</button></div>
<input type="text" id="mitreQ" class="w-full bg-slate-900 border border-slate-600 rounded-lg px-3 py-2 text-white text-sm mb-3" placeholder="Rechercher..." oninput="filterMitre()">
<div id="mitreGrid" class="flex-1 overflow-y-auto grid grid-cols-2 md:grid-cols-3 lg:grid-cols-4 gap-2"></div>
</div>
</div>

<div id="bdcModal" class="modal">
<div class="bg-slate-800 rounded-xl p-5 max-w-5xl w-full border border-slate-600 max-h-[90vh] overflow-y-auto">
<div class="flex justify-between items-center mb-3"><h3 class="text-lg font-bold text-white">📚 Base ANSSI</h3><button onclick="closeBDC()" class="text-slate-400 hover:text-white text-xl">&times;</button></div>
<div id="bdcBody"></div>
</div>
</div>

<div id="settingsModal" class="modal">
<div class="bg-slate-800 rounded-xl p-5 max-w-sm w-full border border-slate-600">
<div class="flex justify-between items-center mb-4"><h3 class="text-lg font-bold text-white">⚙️ Paramètres</h3><button onclick="closeSettings()" class="text-slate-400 hover:text-white text-xl">&times;</button></div>
<div class="space-y-3">
<div><label class="text-slate-400 text-xs">Nom du projet</label><input type="text" id="setName" class="w-full bg-slate-900 border border-slate-600 rounded-lg px-3 py-2 text-white mt-1" onchange="D.meta.studyName=this.value;save();updUI()"></div>
<div><label class="text-slate-400 text-xs">Organisation</label><input type="text" id="setOrg" class="w-full bg-slate-900 border border-slate-600 rounded-lg px-3 py-2 text-white mt-1" onchange="D.meta.organization=this.value;save()"></div>
<div><label class="text-slate-400 text-xs">Jalons PACS</label><select id="setJal" class="w-full bg-slate-900 border border-slate-600 rounded-lg px-3 py-2 text-white mt-1" onchange="D.meta.jalons=+this.value;save()"><option value="1">1</option><option value="2">2</option><option value="3" selected>3</option><option value="4">4</option></select></div>
<button onclick="if(confirm('Tout effacer?')){localStorage.clear();location.reload()}" class="w-full mt-3 py-2 bg-red-600/20 text-red-400 rounded-lg text-sm">🗑️ Réinitialiser</button>
</div>
</div>
</div>

<script>
// ============ DATA ============
const MITRE={tactics:[
{id:'TA0043',n:'Reconnaissance',c:'#64748b',t:['Scan actif','Collecte infos','OSINT','Phishing recon']},
{id:'TA0001',n:'Initial Access',c:'#ef4444',t:['Drive-by','Exploit public app','Phishing','Supply chain','Valid accounts','Hardware','Trusted relationship']},
{id:'TA0002',n:'Execution',c:'#f97316',t:['Command line','PowerShell','Scripting','WMI','Scheduled task','User execution']},
{id:'TA0003',n:'Persistence',c:'#eab308',t:['Boot autostart','Create account','Scheduled task','Registry','Services','Startup folder']},
{id:'TA0004',n:'Privilege Escalation',c:'#22c55e',t:['Exploit vuln','Access token','Sudo exploit','DLL hijack','Setuid/Setgid']},
{id:'TA0005',n:'Defense Evasion',c:'#06b6d4',t:['Obfuscation','Disable AV','Clear logs','Masquerading','Rootkit','Process injection']},
{id:'TA0006',n:'Credential Access',c:'#ec4899',t:['Brute force','Credential dump','Keylogger','MitM','Password spray','Kerberoasting']},
{id:'TA0007',n:'Discovery',c:'#14b8a6',t:['Account discovery','Network scan','System info','File discovery','Process discovery']},
{id:'TA0008',n:'Lateral Movement',c:'#f59e0b',t:['Remote services','SMB/Admin shares','Pass the hash','RDP','SSH hijack']},
{id:'TA0009',n:'Collection',c:'#a855f7',t:['Data staged','Screen capture','Keylogging','Email collection','Clipboard']},
{id:'TA0011',n:'Command & Control',c:'#6366f1',t:['Web protocols','DNS tunnel','Proxy','Encrypted channel','Remote access tools']},
{id:'TA0010',n:'Exfiltration',c:'#dc2626',t:['Exfil over C2','Exfil over web','Exfil to cloud','Scheduled transfer','Physical medium']},
{id:'TA0040',n:'Impact',c:'#991b1b',t:['Data destruction','Ransomware','Defacement','DoS','Resource hijack','Wiper']}
]};

const BDC={
sources:['État étranger','Officine spécialisée','Crime organisé','Concurrent','Terroriste','Hacktiviste','Attaquant interne','Amateur','Vengeur','Cyber-mercenaire'],
objectifs:['Espionnage','Pré-positionnement','Déstabilisation','Entrave','Lucratif','Atteinte image','Vengeance','Idéologique','Sabotage','Chantage'],
typesVM:['Processus métier','Service','Info stratégique','Info opérationnelle','Données perso','Données financières','Propriété intellectuelle','Infrastructure critique'],
gravites:[{id:'G1',n:'Mineure',c:'#22c55e'},{id:'G2',n:'Significative',c:'#eab308'},{id:'G3',n:'Grave',c:'#f97316'},{id:'G4',n:'Critique',c:'#dc2626'}],
vrais:[{id:'V1',n:'Peu vrais.',c:'#22c55e'},{id:'V2',n:'Vraisemblable',c:'#eab308'},{id:'V3',n:'Très vrais.',c:'#f97316'},{id:'V4',n:'Quasi-certain',c:'#dc2626'}],
impacts:['Missions','Sécurité personnes','Matériels','Environnement','Gouvernance','Financiers','Juridiques','Image'],
refs:['Guide hygiène ANSSI','ISO 27001','ISO 27002','ISO 27005','RGPD','NIS2','LPM','DORA','PCI-DSS','HDS','SecNumCloud','NIST CSF','SOC 2'],
catPP:['Clients','Fournisseurs','Prestataires IT','Sous-traitants','Partenaires','Filiales','Hébergeurs'],
echelles:{
    dep:['Non nécessaire','Utile','Important','Indispensable'],
    pen:['Aucun accès','Limité','Étendu','Total'],
    mat:['Inexistante','Partielle','Avancée','Optimale'],
    conf:['Faible','Modérée','Élevée','Totale']
},
echellesNoms:{dep:'DÉPENDANCE',pen:'PÉNÉTRATION',mat:'MATURITÉ',conf:'CONFIANCE'},
motivation:[{v:1,n:'Faible',c:'#22c55e'},{v:2,n:'Modérée',c:'#eab308'},{v:3,n:'Forte',c:'#f97316'},{v:4,n:'Très forte',c:'#dc2626'}],
ressources:[{v:1,n:'Limitées',c:'#22c55e'},{v:2,n:'Significatives',c:'#eab308'},{v:3,n:'Importantes',c:'#f97316'},{v:4,n:'Illimitées',c:'#dc2626'}]
};

// Couleur selon niveau 1-4
function getLvlColor(v){
    v=parseInt(v);
    if(v===1)return '#22c55e';
    if(v===2)return '#eab308';
    if(v===3)return '#f97316';
    return '#dc2626';
}

// ============ SÉCURITÉ ============
// Fonction d'échappement HTML pour prévenir les attaques XSS
function esc(str){
    if(str===null||str===undefined)return '';
    const div=document.createElement('div');
    div.textContent=String(str);
    return div.innerHTML;
}

// Validation de chaîne (longueur max, caractères autorisés)
function sanitizeStr(str,maxLen=500){
    if(typeof str!=='string')return '';
    return str.substring(0,maxLen).replace(/[<>]/g,'');
}

// Validation d'un nombre dans une plage
function sanitizeNum(val,min=1,max=4){
    const n=parseInt(val);
    if(isNaN(n))return min;
    return Math.max(min,Math.min(max,n));
}

// Schéma de validation pour l'import JSON
const SCHEMA={
    meta:{type:'object',required:['studyName']},
    missions:{type:'array',itemProps:['id','name']},
    bv:{type:'array',itemProps:['id','name','type']},
    fe:{type:'array',itemProps:['id','bv','desc','g']},
    baseline:{type:'array',itemProps:['id','domain','status']},
    rs:{type:'array',itemProps:['id','type','mot','res']},
    pp:{type:'array',itemProps:['id','name','cat']},
    ss:{type:'array',itemProps:['id','srIds','g']},
    os:{type:'array',itemProps:['id','ss','v']},
    measures:{type:'array',itemProps:['id','measure','cat']},
    erToSr:{type:'array',itemProps:['er','sr']},
    customSources:{type:'array'},
    objectifsVises:{type:'array'},
    risquesResiduels:{type:'array',itemProps:['id','riskId','gRes','vRes']}
};

// Validation du JSON importé
function validateJSON(data){
    if(!data||typeof data!=='object')throw new Error('Format JSON invalide');
    // Vérifier la structure
    for(const[key,schema]of Object.entries(SCHEMA)){
        if(data[key]!==undefined){
            if(schema.type==='array'&&!Array.isArray(data[key])){
                throw new Error(`${key} doit être un tableau`);
            }
            if(schema.type==='object'&&typeof data[key]!=='object'){
                throw new Error(`${key} doit être un objet`);
            }
            // Vérifier les propriétés requises des items
            if(schema.itemProps&&Array.isArray(data[key])){
                data[key].forEach((item,i)=>{
                    if(typeof item!=='object')throw new Error(`${key}[${i}] invalide`);
                });
            }
        }
    }
    // Nettoyer les données
    if(data.meta){
        data.meta.studyName=sanitizeStr(data.meta.studyName||'',100);
        data.meta.organization=sanitizeStr(data.meta.organization||'',100);
        data.meta.scope=sanitizeStr(data.meta.scope||'',1000);
    }
    return data;
}

// Vérifier les tentatives d'injection dans les chaînes
function hasInjection(str){
    if(typeof str!=='string')return false;
    const patterns=[/<script/i,/javascript:/i,/on\w+=/i,/data:/i];
    return patterns.some(p=>p.test(str));
}

let D={meta:{studyName:'',organization:'',scope:'',date:new Date().toISOString().split('T')[0],version:'1.0',jalons:3},
missions:[],bv:[],fe:[],baseline:[],rs:[],pp:[],ss:[],os:[],measures:[],erToSr:[],customSources:[],objectifsVises:[],risquesResiduels:[]};
let ID=1,W=1,editT=null,editI=null,mitreTargetOS=null;
const gid=()=>ID++;

// ============ SAVE/LOAD ============
function save(){
document.getElementById('saveInd').innerHTML='<span class="w-1.5 h-1.5 bg-yellow-400 rounded-full animate-pulse"></span>...';
setTimeout(()=>{D.meta.lastSaved=new Date().toISOString();localStorage.setItem('ebios5',JSON.stringify(D));localStorage.setItem('ebios5id',ID);
document.getElementById('saveInd').innerHTML='<span class="w-1.5 h-1.5 bg-green-400 rounded-full"></span>Sauvé';},100);}

function checkSaved(){const s=localStorage.getItem('ebios5');if(s){try{const d=JSON.parse(s);document.getElementById('savedBox').classList.remove('hidden');document.getElementById('btnResume').classList.remove('hidden');document.getElementById('savedInfo').textContent=`${esc(d.meta?.studyName)||'Sans nom'} - ${d.meta?.lastSaved?new Date(d.meta.lastSaved).toLocaleString('fr'):'?'}`;}catch(e){}}}

function loadSaved(){const s=localStorage.getItem('ebios5'),i=localStorage.getItem('ebios5id');if(s){D=JSON.parse(s);['missions','bv','fe','baseline','rs','pp','ss','os','measures','erToSr','customSources','objectifsVises','risquesResiduels'].forEach(k=>{if(!D[k])D[k]=[];});ID=parseInt(i)||1;closeStart();updUI();render();}}

function startNew(){if(localStorage.getItem('ebios5')&&!confirm('Effacer l\'analyse?'))return;localStorage.clear();D={meta:{studyName:'',organization:'',scope:'',date:new Date().toISOString().split('T')[0],version:'1.0',jalons:3},missions:[],bv:[],fe:[],baseline:[],rs:[],pp:[],ss:[],os:[],measures:[],erToSr:[],customSources:[],objectifsVises:[],risquesResiduels:[]};ID=1;closeStart();render();}

function impJSON(e){
const f=e.target.files[0];
if(!f)return;
if(f.size>5*1024*1024){alert('Fichier trop volumineux (max 5 Mo)');return;}
const r=new FileReader();
r.onload=ev=>{
try{
    let data=JSON.parse(ev.target.result);
    // Validation et nettoyage
    data=validateJSON(data);
    // Vérifier les injections dans les chaînes principales
    const allStrings=JSON.stringify(data);
    if(hasInjection(allStrings)){
        throw new Error('Contenu suspect détecté dans le fichier');
    }
    D=data;
    ['customSources','objectifsVises','risquesResiduels'].forEach(k=>{if(!D[k])D[k]=[];});
    ID=Math.max(...Object.values(D).flat().filter(x=>x?.id).map(x=>x.id),0)+1;
    save();closeStart();updUI();render();
    console.log('✅ Import JSON validé et sécurisé');
}catch(e){
    alert('Erreur import: '+e.message);
    console.error('Import JSON échoué:',e);
}};
r.readAsText(f);
}

function expJSON(){const b=new Blob([JSON.stringify(D,null,2)],{type:'application/json'});const a=document.createElement('a');a.href=URL.createObjectURL(b);a.download=`EBIOS_${esc(D.meta.studyName)||'Export'}_${D.meta.date}.json`;a.click();}

function closeStart(){document.getElementById('startModal').classList.remove('active');}
function updUI(){document.getElementById('projName').textContent=D.meta.studyName||'-';}

// ============ NAV ============
function goW(n){W=n;document.querySelectorAll('.wnav').forEach(b=>{b.classList.remove('active');if(b.dataset.w==n)b.classList.add('active');});
const t={1:['Atelier 1: Cadrage','Périmètre, valeurs métier, événements redoutés'],2:['Atelier 2: Sources de Risque','Couples SR/OV et pertinence'],3:['Atelier 3: Scénarios Stratégiques','Écosystème et chemins d\'attaque'],4:['Atelier 4: Scénarios Opérationnels','Modes opératoires MITRE ATT&CK'],5:['Atelier 5: Traitement','Évaluation et PACS multi-jalons'],6:['Dashboard','Synthèse et indicateurs']};
document.getElementById('pageTitle').textContent=t[n]?.[0]||'';document.getElementById('pageDesc').textContent=t[n]?.[1]||'';render();}

function render(){const m=document.getElementById('main');switch(W){case 1:m.innerHTML=w1();break;case 2:m.innerHTML=w2();break;case 3:m.innerHTML=w3();setTimeout(initRadar,50);break;case 4:m.innerHTML=w4();break;case 5:m.innerHTML=w5();break;case 6:m.innerHTML=w6();setTimeout(initCharts,50);break;}}

function toggleSB(){document.getElementById('sidebar').classList.toggle('collapsed');}

// ============ MODALS ============
function showMitre(osId=null){mitreTargetOS=osId;document.getElementById('mitreModal').classList.add('active');renderMitre();}
function closeMitre(){document.getElementById('mitreModal').classList.remove('active');mitreTargetOS=null;}
function showBDC(){document.getElementById('bdcModal').classList.add('active');renderBDC();}
function closeBDC(){document.getElementById('bdcModal').classList.remove('active');}
function showSettings(){document.getElementById('settingsModal').classList.add('active');document.getElementById('setName').value=D.meta.studyName||'';document.getElementById('setOrg').value=D.meta.organization||'';document.getElementById('setJal').value=D.meta.jalons||3;}
function closeSettings(){document.getElementById('settingsModal').classList.remove('active');}

function renderMitre(){
let h='';MITRE.tactics.forEach(tac=>{
h+=`<div class="bg-slate-900 rounded-lg p-2 border-l-4" style="border-color:${tac.c}" data-tac="${tac.id}">
<div class="flex items-center gap-1 mb-1"><span class="w-3 h-3 rounded-full" style="background:${tac.c}"></span><span class="text-white text-xs font-bold">${tac.n}</span></div>
<div class="space-y-0.5">${tac.t.map(t=>`<div class="mitre-t text-[10px] text-white py-0.5 px-1 rounded hover:bg-slate-800 cursor-pointer" style="border-left:2px solid ${tac.c}" onclick="addAction('${tac.n}','${t}','${tac.c}')">${t}</div>`).join('')}</div>
</div>`;});
document.getElementById('mitreGrid').innerHTML=h;}

function filterMitre(){const q=document.getElementById('mitreQ').value.toLowerCase();document.querySelectorAll('.mitre-t').forEach(el=>{el.style.display=el.textContent.toLowerCase().includes(q)?'':'none';});}

function addAction(tac,tech,color){
if(!D.os||D.os.length===0){alert('Créez d\'abord un scénario opérationnel (Atelier 4)');return;}
let target;
if(mitreTargetOS!==null){
target=D.os.find(o=>o.id===mitreTargetOS);
}else{
target=D.os[D.os.length-1];
}
if(!target){alert('Scénario non trouvé');return;}
if(!target.actions)target.actions=[];
target.actions.push({tactic:tac,technique:tech,v:2,color:color});
const targetIdx=D.os.indexOf(target)+1;
save();alert(`✅ ${tech} ajouté au scénario SO${targetIdx}`);closeMitre();if(W===4)render();}

function renderBDC(){
document.getElementById('bdcBody').innerHTML=`
<div class="grid md:grid-cols-3 gap-3 mb-4">
<div class="bg-slate-900 rounded-lg p-3"><h4 class="text-red-400 text-sm font-bold mb-2">🎯 Sources de Risque</h4><div class="space-y-0.5">${BDC.sources.map(s=>`<div class="text-xs text-white py-0.5">${s}</div>`).join('')}</div></div>
<div class="bg-slate-900 rounded-lg p-3"><h4 class="text-orange-400 text-sm font-bold mb-2">🎪 Objectifs Visés</h4><div class="space-y-0.5">${BDC.objectifs.map(s=>`<div class="text-xs text-white py-0.5">${s}</div>`).join('')}</div></div>
<div class="bg-slate-900 rounded-lg p-3"><h4 class="text-blue-400 text-sm font-bold mb-2">💎 Types Valeurs Métier</h4><div class="space-y-0.5">${BDC.typesVM.map(s=>`<div class="text-xs text-white py-0.5">${s}</div>`).join('')}</div></div>
</div>
<div class="grid grid-cols-4 gap-2 mb-4">${BDC.gravites.map(g=>`<div class="p-2 rounded border" style="background:${g.c}20;border-color:${g.c}"><span class="text-white text-xs font-bold">${g.id}</span> <span class="text-white text-xs">${g.n}</span></div>`).join('')}</div>
<div class="bg-slate-900 rounded-lg p-3"><h4 class="text-cyan-400 text-sm font-bold mb-2">👥 Échelles Parties Prenantes</h4>
<div class="grid grid-cols-2 gap-3 text-xs">${Object.entries(BDC.echelles).map(([k,v])=>`<div><span class="text-cyan-400 font-bold">${BDC.echellesNoms[k]}:</span><br>${v.map((x,i)=>`<span style="color:${getLvlColor(i+1)}" class="font-bold">${i+1}</span>-${x}`).join(', ')}</div>`).join('')}</div></div>`;}

// ============ ATELIER 1 ============
function w1(){return `
<section class="card mb-4">
<h3 class="text-white font-bold mb-3">🏢 Cadrage</h3>
<div class="grid md:grid-cols-4 gap-3">
<div><label class="text-slate-400 text-xs">Nom *</label><input type="text" class="w-full bg-slate-900 border border-slate-600 rounded-lg px-3 py-2 text-white text-sm mt-1" value="${D.meta.studyName}" onchange="D.meta.studyName=this.value;updUI();save()"></div>
<div><label class="text-slate-400 text-xs">Organisation</label><input type="text" class="w-full bg-slate-900 border border-slate-600 rounded-lg px-3 py-2 text-white text-sm mt-1" value="${D.meta.organization}" onchange="D.meta.organization=this.value;save()"></div>
<div><label class="text-slate-400 text-xs">Date</label><input type="date" class="w-full bg-slate-900 border border-slate-600 rounded-lg px-3 py-2 text-white text-sm mt-1" value="${D.meta.date}" onchange="D.meta.date=this.value;save()"></div>
<div><label class="text-slate-400 text-xs">Version</label><input type="text" class="w-full bg-slate-900 border border-slate-600 rounded-lg px-3 py-2 text-white text-sm mt-1" value="${D.meta.version}" onchange="D.meta.version=this.value;save()"></div>
</div>
</section>

<section class="card mb-4">
<h3 class="text-white font-bold mb-3">🎯 Missions</h3>
<div class="flex gap-2 mb-3"><input type="text" id="newM" class="flex-1 bg-slate-900 border border-slate-600 rounded-lg px-3 py-2 text-white text-sm" placeholder="Mission..." onkeypress="if(event.key==='Enter')addM()"><button onclick="addM()" class="btn btn-blue text-sm">+ Ajouter</button></div>
<div class="flex flex-wrap gap-1">${D.missions.map(m=>`<span class="chip bg-blue-500/20 text-blue-300 border border-blue-500/30">${m.t}<button onclick="delM(${m.id})" class="ml-1 hover:text-red-400">&times;</button></span>`).join('')||'<span class="text-slate-500 text-sm">Aucune mission</span>'}</div>
</section>

<section class="card mb-4">
<div class="flex justify-between items-center mb-3"><h3 class="text-white font-bold">💎 Valeurs Métier</h3><span class="text-slate-400 text-xs">${D.bv.length}</span></div>
<div class="grid md:grid-cols-5 gap-2 mb-3">
<input type="text" id="bvN" class="bg-slate-900 border border-slate-600 rounded-lg px-3 py-2 text-white text-sm" placeholder="Dénomination *">
<select id="bvT" class="bg-slate-900 border border-slate-600 rounded-lg px-3 py-2 text-white text-sm">${BDC.typesVM.map(t=>`<option>${t}</option>`).join('')}</select>
<input type="text" id="bvD" class="bg-slate-900 border border-slate-600 rounded-lg px-3 py-2 text-white text-sm" placeholder="Description">
<input type="text" id="bvS" class="bg-slate-900 border border-slate-600 rounded-lg px-3 py-2 text-white text-sm" placeholder="Biens Support (séparés par ,)">
<input type="text" id="bvO" class="bg-slate-900 border border-slate-600 rounded-lg px-3 py-2 text-white text-sm" placeholder="Responsable">
<button onclick="addBV()" class="btn btn-blue text-sm">+ Ajouter</button>
</div>
${D.bv.length?`<div class="table-container"><table><thead><tr><th>ID</th><th>Dénomination</th><th>Type</th><th>Biens Support</th><th>Resp.</th><th class="w-20"></th></tr></thead><tbody>${D.bv.map((b,i)=>`<tr class="editable" ondblclick="editBV(${b.id})"><td class="text-blue-400 font-mono font-bold">VM${i+1}</td><td class="text-white"><div>${esc(b.name)}</div>${b.desc?`<div class="text-slate-400 text-xs mt-1">${esc(b.desc)}</div>`:''}</td><td class="text-white text-sm">${b.type}</td><td class="text-white text-xs">${b.support?b.support.split(',').map(s=>`<span class="inline-block bg-cyan-500/20 text-cyan-300 px-1.5 py-0.5 rounded mr-1 mb-1">${esc(s.trim())}</span>`).join(''):'<span class="text-slate-500">-</span>'}</td><td class="text-white text-sm">${b.owner||'-'}</td><td><button onclick="editBV(${b.id})" class="text-blue-400 hover:text-blue-300 mr-2">✏️</button><button onclick="delBV(${b.id})" class="text-red-400 hover:text-red-300">🗑️</button></td></tr>`).join('')}</tbody></table></div>`:'<div class="text-center py-6 text-slate-500">Aucune valeur métier</div>'}
</section>

<section class="card mb-4">
<div class="flex justify-between items-center mb-3"><h3 class="text-white font-bold">⚠️ Événements Redoutés</h3><span class="text-slate-400 text-xs">${D.fe.length}</span></div>
<div class="bg-slate-900/50 rounded-lg p-3 mb-3"><div class="grid grid-cols-4 gap-2">${BDC.gravites.map(g=>`<div class="p-2 rounded border text-center" style="background:${g.c}15;border-color:${g.c}50"><span class="font-bold text-white text-sm">${g.id}</span> <span class="text-white text-xs">${g.n}</span></div>`).join('')}</div></div>
<div class="grid md:grid-cols-5 gap-2 mb-3">
<select id="feV" class="bg-slate-900 border border-slate-600 rounded-lg px-3 py-2 text-white text-sm"><option value="">-- VM --</option>${D.bv.map((b,i)=>`<option value="${b.id}">VM${i+1}: ${esc(b.name)}</option>`).join('')}</select>
<input type="text" id="feD" class="bg-slate-900 border border-slate-600 rounded-lg px-3 py-2 text-white text-sm" placeholder="Description *">
<select id="feI" class="bg-slate-900 border border-slate-600 rounded-lg px-3 py-2 text-white text-sm">${BDC.impacts.map(i=>`<option>${i}</option>`).join('')}</select>
<select id="feG" class="bg-slate-900 border border-slate-600 rounded-lg px-3 py-2 text-white text-sm">${BDC.gravites.map(g=>`<option value="${g.id.charAt(1)}">${g.id} - ${g.n}</option>`).join('')}</select>
<button onclick="addFE()" class="btn btn-red text-sm">+ Ajouter</button>
</div>
${D.fe.length?`<div class="space-y-1">${D.fe.map((f,i)=>{const bv=D.bv.find(b=>b.id===f.bv);const bvi=D.bv.findIndex(b=>b.id===f.bv);const g=parseInt(f.g);return `<div class="flex items-center gap-2 p-2 rounded-lg bg-slate-900/50 border border-slate-700"><span class="text-red-400 font-mono font-bold text-xs w-10">ER${i+1}</span><span class="badge text-white" style="background:${BDC.gravites[g-1]?.c||'#666'}">G${f.g}</span><span class="text-white text-sm flex-1">${esc(f.desc)}</span><span class="text-blue-400 text-xs">VM${bvi+1}: ${bv?.name||'?'}</span><button onclick="editFE(${f.id})" class="text-blue-400 hover:text-blue-300">✏️</button><button onclick="delFE(${f.id})" class="text-red-400 text-xs">🗑️</button></div>`;}).join('')}</div>`:'<div class="text-center py-6 text-slate-500">Aucun événement</div>'}
</section>

<section class="card">
<div class="flex justify-between items-center mb-3"><h3 class="text-white font-bold">✅ Socle de Sécurité</h3><span class="text-slate-400 text-xs">${D.baseline.length}</span></div>
<div class="grid md:grid-cols-5 gap-2 mb-3">
<select id="blR" class="bg-slate-900 border border-slate-600 rounded-lg px-3 py-2 text-white text-sm"><option value="">-- Référentiel --</option>${BDC.refs.map(r=>`<option>${r}</option>`).join('')}</select>
<input type="text" id="blC" class="bg-slate-900 border border-slate-600 rounded-lg px-3 py-2 text-white text-sm" placeholder="Ou saisie libre...">
<select id="blS" class="bg-slate-900 border border-slate-600 rounded-lg px-3 py-2 text-white text-sm"><option>Non appliqué</option><option>En cours</option><option>Partiel</option><option>Appliqué</option></select>
<input type="text" id="blG" class="bg-slate-900 border border-slate-600 rounded-lg px-3 py-2 text-white text-sm" placeholder="Écarts">
<button onclick="addBL()" class="btn btn-green text-sm">+ Ajouter</button>
</div>
${D.baseline.length?`<div class="table-container"><table><thead><tr><th>Référentiel</th><th>État</th><th>Écarts</th><th class="w-12"></th></tr></thead><tbody>${D.baseline.map(b=>{const sc={'Appliqué':'bg-green-500/20 text-green-300','Partiel':'bg-yellow-500/20 text-yellow-300','En cours':'bg-blue-500/20 text-blue-300','Non appliqué':'bg-red-500/20 text-red-300'};return `<tr><td class="text-white">${b.ref}</td><td><span class="badge ${sc[b.status]||''}">${b.status}</span></td><td class="text-white text-sm">${b.gap||'-'}</td><td><button onclick="delBL(${b.id})" class="text-red-400">🗑️</button></td></tr>`;}).join('')}</tbody></table></div>`:'<div class="text-center py-6 text-slate-500">Aucun référentiel</div>'}
</section>`;}

// ============ ATELIER 2 ============
function w2(){
const PERT={'4-1':'Moyen','4-2':'Élevé','4-3':'Élevé','4-4':'Élevé','3-1':'Moyen','3-2':'Élevé','3-3':'Élevé','3-4':'Élevé','2-1':'Faible','2-2':'Moyen','2-3':'Élevé','2-4':'Élevé','1-1':'Faible','1-2':'Faible','1-3':'Moyen','1-4':'Moyen'};
const allSources=[...BDC.sources,...D.customSources];
const allObjectifs=[...BDC.objectifs,...D.objectifsVises];
return `
<section class="card mb-4">
<h3 class="text-white font-bold mb-3">📊 Échelles Motivation & Ressources</h3>
<div class="grid md:grid-cols-2 gap-4">
<div class="bg-slate-900/50 rounded-lg p-3">
<h4 class="text-orange-400 text-sm font-bold mb-2">🔥 MOTIVATION</h4>
<div class="grid grid-cols-4 gap-2">${BDC.motivation.map(m=>`<div class="p-2 rounded border text-center" style="background:${m.c}20;border-color:${m.c}"><span class="font-bold text-white">${m.v}</span><br><span class="text-white text-xs">${m.n}</span></div>`).join('')}</div>
</div>
<div class="bg-slate-900/50 rounded-lg p-3">
<h4 class="text-purple-400 text-sm font-bold mb-2">💪 RESSOURCES</h4>
<div class="grid grid-cols-4 gap-2">${BDC.ressources.map(r=>`<div class="p-2 rounded border text-center" style="background:${r.c}20;border-color:${r.c}"><span class="font-bold text-white">${r.v}</span><br><span class="text-white text-xs">${r.n}</span></div>`).join('')}</div>
</div>
</div>
</section>

<div class="grid md:grid-cols-2 gap-4 mb-4">
<section class="card">
<h3 class="text-white font-bold mb-3">🎯 Sources de Risque (${allSources.length})</h3>
<div class="flex gap-2 mb-3">
<input type="text" id="newSrc" class="flex-1 bg-slate-900 border border-slate-600 rounded-lg px-3 py-2 text-white text-sm" placeholder="Nouvelle source de risque...">
<button onclick="addSource()" class="btn btn-red text-sm">+ Ajouter</button>
</div>
<div class="bg-slate-900/50 rounded-lg p-2 max-h-48 overflow-y-auto">
${allSources.map((s,i)=>`<div class="flex items-center justify-between py-1 px-2 hover:bg-slate-800 rounded">
<span class="text-white text-sm"><span class="text-red-400 font-mono font-bold mr-2">SR${i+1}</span>${s}</span>
${D.customSources.includes(s)?`<button onclick="delSource('${s.replace(/'/g,"\\'")}')" class="text-red-400 text-xs hover:text-red-300">🗑️</button>`:'<span class="text-slate-600 text-xs">prédéfini</span>'}
</div>`).join('')}
</div>
</section>

<section class="card">
<h3 class="text-white font-bold mb-3">🎯 Objectifs Visés (${allObjectifs.length})</h3>
<div class="flex gap-2 mb-3">
<input type="text" id="newObjV" class="flex-1 bg-slate-900 border border-slate-600 rounded-lg px-3 py-2 text-white text-sm" placeholder="Nouvel objectif visé...">
<button onclick="addObjectif()" class="btn btn-purple text-sm">+ Ajouter</button>
</div>
<div class="bg-slate-900/50 rounded-lg p-2 max-h-48 overflow-y-auto">
${allObjectifs.map((o,i)=>`<div class="flex items-center justify-between py-1 px-2 hover:bg-slate-800 rounded">
<span class="text-white text-sm"><span class="text-purple-400 font-mono font-bold mr-2">OV${i+1}</span>${o}</span>
${D.objectifsVises.includes(o)?`<button onclick="delObjectif('${o.replace(/'/g,"\\'")}')" class="text-red-400 text-xs hover:text-red-300">🗑️</button>`:'<span class="text-slate-600 text-xs">prédéfini</span>'}
</div>`).join('')}
</div>
</section>
</div>

<section class="card mb-4">
<h3 class="text-white font-bold mb-3">🔗 Créer Couple SR/OV</h3>
<div class="grid md:grid-cols-2 lg:grid-cols-4 gap-3 mb-3">
<div>
<label class="text-slate-400 text-xs">Source de Risque</label>
<select id="rsT" class="w-full bg-slate-900 border border-slate-600 rounded-lg px-3 py-2 text-white text-sm mt-1">${allSources.map((s,i)=>`<option value="${s}">SR${i+1}: ${s}</option>`).join('')}</select>
</div>
<div class="lg:col-span-2">
<label class="text-slate-400 text-xs">Objectifs Visés (multi)</label>
<div class="bg-slate-900 border border-slate-600 rounded-lg p-2 mt-1 max-h-24 overflow-y-auto">${allObjectifs.map((o,i)=>`<label class="flex items-center gap-1 text-white text-xs py-0.5 cursor-pointer hover:bg-slate-800 px-1 rounded"><input type="checkbox" class="rsO" value="${o}"><span class="text-purple-400 font-mono mr-1">OV${i+1}</span>${o}</label>`).join('')}</div>
</div>
<div class="space-y-2">
<div><label class="text-slate-400 text-xs">Motivation</label><select id="rsM" class="w-full bg-slate-900 border border-slate-600 rounded-lg px-3 py-2 text-white text-sm mt-1">${BDC.motivation.map(m=>`<option value="${m.v}" style="color:${m.c}" ${m.v===3?'selected':''}>${m.v} - ${m.n}</option>`).join('')}</select></div>
<div><label class="text-slate-400 text-xs">Ressources</label><select id="rsR" class="w-full bg-slate-900 border border-slate-600 rounded-lg px-3 py-2 text-white text-sm mt-1">${BDC.ressources.map(r=>`<option value="${r.v}" style="color:${r.c}" ${r.v===2?'selected':''}>${r.v} - ${r.n}</option>`).join('')}</select></div>
</div>
</div>
<button onclick="addRS()" class="btn btn-orange text-sm">+ Créer Couple SR/OV</button>
</section>

<section class="card mb-4">
<h3 class="text-white font-bold mb-3">📋 Récapitulatif Couples SR/OV (${D.rs.length})</h3>
${D.rs.length?`<div class="table-container"><table><thead><tr><th>ID</th><th>Source de Risque</th><th>Objectifs Visés</th><th>M</th><th>R</th><th>Pertinence</th><th>Retenu</th><th class="w-20"></th></tr></thead><tbody>${D.rs.map((r,i)=>{const p=PERT[r.mot+'-'+r.res]||'?';const pc=p==='Élevé'?'bg-red-500/20 text-red-300':p==='Moyen'?'bg-yellow-500/20 text-yellow-300':'bg-green-500/20 text-green-300';return `<tr><td class="text-orange-400 font-mono font-bold">C${i+1}</td><td class="text-white">${r.type}</td><td class="text-white text-xs max-w-[200px]">${(r.objs||[]).join(', ')}</td><td class="text-center"><span style="color:${getLvlColor(r.mot)}" class="font-bold">${r.mot}</span></td><td class="text-center"><span style="color:${getLvlColor(r.res)}" class="font-bold">${r.res}</span></td><td class="text-center"><span class="badge ${pc}">${p}</span></td><td class="text-center"><input type="checkbox" ${r.retained?'checked':''} onchange="D.rs.find(x=>x.id===${r.id}).retained=this.checked;save()"></td><td><button onclick="editRS(${r.id})" class="text-blue-400 hover:text-blue-300 mr-1">✏️</button><button onclick="delRS(${r.id})" class="text-red-400">🗑️</button></td></tr>`;}).join('')}</tbody></table></div>`:'<div class="text-center py-6 text-slate-500">Aucun couple SR/OV créé</div>'}
</section>

<section class="card">
<h3 class="text-white font-bold mb-3">🔗 Liaison ER ↔ Couples SR/OV</h3>
<p class="text-slate-400 text-xs mb-3">Cochez les couples pertinents pour chaque événement redouté</p>
${D.fe.length&&D.rs.length?`<div class="table-container"><table><thead><tr><th style="min-width:180px">VM</th><th style="min-width:250px">ER</th><th>G</th>${D.rs.map((r,i)=>`<th class="text-center text-xs">C${i+1}<br><span class="text-slate-500 font-normal">${r.type.substring(0,8)}...</span></th>`).join('')}</tr></thead><tbody>${D.fe.map((f,fi)=>{const bv=D.bv.find(b=>b.id===f.bv);const bvi=D.bv.findIndex(b=>b.id===f.bv);return `<tr><td class="text-blue-400 text-xs" title="${bv?.name||'?'}">VM${bvi+1}: ${bv?.name||'?'}</td><td class="text-white text-sm" title="${esc(f.desc)}">ER${fi+1}: ${esc(f.desc)}</td><td><span class="badge" style="background:${BDC.gravites[parseInt(f.g)-1]?.c||'#666'}">G${f.g}</span></td>${D.rs.map(r=>{const linked=D.erToSr.some(l=>l.er===f.id&&l.sr===r.id);return `<td class="text-center"><input type="checkbox" ${linked?'checked':''} onchange="toggleLink(${f.id},${r.id},this.checked)"></td>`;}).join('')}</tr>`;}).join('')}</tbody></table></div>`:'<div class="text-center py-6 text-slate-500">Ajoutez des ER et des couples SR/OV d\'abord</div>'}
</section>`;}

function addSource(){
const src=document.getElementById('newSrc').value.trim();
if(!src)return alert('Entrez une source de risque');
if([...BDC.sources,...D.customSources].includes(src))return alert('Cette source existe déjà');
D.customSources.push(src);save();
document.getElementById('newSrc').value='';
render();
}

function delSource(src){
if(confirm('Supprimer cette source de risque?')){
D.customSources=D.customSources.filter(s=>s!==src);
save();render();
}
}

function addObjectif(){
const obj=document.getElementById('newObjV').value.trim();
if(!obj)return alert('Entrez un objectif visé');
if([...BDC.objectifs,...D.objectifsVises].includes(obj))return alert('Cet objet existe déjà');
D.objectifsVises.push(obj);save();
document.getElementById('newObjV').value='';
render();
}

function delObjectif(obj){
if(confirm('Supprimer cet objectif visé?')){
D.objectifsVises=D.objectifsVises.filter(o=>o!==obj);
save();render();
}
}

function addCustomSource(){
const src=document.getElementById('customSrc')?.value?.trim();
if(!src)return;
if(!D.customSources.includes(src)){D.customSources.push(src);save();}
document.getElementById('customSrc').value='';
render();
}

function toggleLink(er,sr,c){if(c){if(!D.erToSr.some(l=>l.er===er&&l.sr===sr))D.erToSr.push({er,sr});}else{D.erToSr=D.erToSr.filter(l=>!(l.er===er&&l.sr===sr));}save();}

// ============ ATELIER 3 ============
function w3(){
const retSR=D.rs.filter(r=>r.retained);
return `
<section class="card mb-4">
<h3 class="text-white font-bold mb-3">👥 Parties Prenantes</h3>
<div class="bg-slate-900/50 rounded-lg p-3 mb-3">
<div class="grid grid-cols-2 md:grid-cols-4 gap-3 text-xs">
${Object.entries(BDC.echelles).map(([k,v])=>`<div><span class="text-cyan-400 font-bold">${BDC.echellesNoms[k]}</span><br>${v.map((x,i)=>`<span style="color:${getLvlColor(i+1)}" class="font-bold">${i+1}</span>-${x}`).join('<br>')}</div>`).join('')}
</div>
<div class="mt-3 text-xs text-slate-400">Formule: <code class="text-cyan-400">Menace = (D×P)/(M×C)</code> | <span class="text-green-400">&lt;1 Veille</span> | <span class="text-yellow-400">1-2 Contrôle</span> | <span class="text-red-400">&gt;2 Danger</span></div>
</div>
<div class="grid grid-cols-7 gap-2 mb-3">
<input type="text" id="ppN" class="bg-slate-900 border border-slate-600 rounded-lg px-3 py-2 text-white text-sm" placeholder="Nom">
<select id="ppC" class="bg-slate-900 border border-slate-600 rounded-lg px-3 py-2 text-white text-sm">${BDC.catPP.map(c=>`<option>${c}</option>`).join('')}</select>
<select id="ppD" class="bg-slate-900 border border-slate-600 rounded-lg px-3 py-2 text-white text-sm">${[1,2,3,4].map(v=>`<option value="${v}" style="color:${getLvlColor(v)}">D:${v}</option>`).join('')}</select>
<select id="ppP" class="bg-slate-900 border border-slate-600 rounded-lg px-3 py-2 text-white text-sm">${[1,2,3,4].map(v=>`<option value="${v}" style="color:${getLvlColor(v)}">P:${v}</option>`).join('')}</select>
<select id="ppM" class="bg-slate-900 border border-slate-600 rounded-lg px-3 py-2 text-white text-sm">${[1,2,3,4].map(v=>`<option value="${v}" style="color:${getLvlColor(v)}">M:${v}</option>`).join('')}</select>
<select id="ppCf" class="bg-slate-900 border border-slate-600 rounded-lg px-3 py-2 text-white text-sm">${[1,2,3,4].map(v=>`<option value="${v}" style="color:${getLvlColor(v)}">C:${v}</option>`).join('')}</select>
<button onclick="addPP()" class="btn btn-purple text-sm">+ Ajouter</button>
</div>

<div class="grid lg:grid-cols-2 gap-4">
<div class="table-container">${D.pp.length?`<table><thead><tr><th>ID</th><th>PP</th><th>Cat.</th><th>D</th><th>P</th><th>M</th><th>C</th><th>Menace</th><th>Zone</th><th></th></tr></thead><tbody>${D.pp.map((p,i)=>{const t=((p.d*p.p)/(p.m*p.c)).toFixed(2);const z=t<1?{n:'Veille',c:'#22c55e'}:t<2?{n:'Contrôle',c:'#eab308'}:{n:'Danger',c:'#dc2626'};return `<tr><td class="text-purple-400 font-mono font-bold">PP${i+1}</td><td class="text-white">${esc(p.name)}</td><td class="text-white text-xs">${p.cat}</td><td class="text-center" style="color:${getLvlColor(p.d)}">${p.d}</td><td class="text-center" style="color:${getLvlColor(p.p)}">${p.p}</td><td class="text-center" style="color:${getLvlColor(p.m)}">${p.m}</td><td class="text-center" style="color:${getLvlColor(p.c)}">${p.c}</td><td class="text-center font-bold">${t}</td><td class="text-center"><span class="badge" style="background:${z.c}30;color:${z.c}">${z.n}</span></td><td><button onclick="editPP(${p.id})" class="text-blue-400 mr-1">✏️</button><button onclick="delPP(${p.id})" class="text-red-400">🗑️</button></td></tr>`;}).join('')}</tbody></table>`:'<div class="p-6 text-center text-slate-500">Aucune PP</div>'}</div>
<div class="bg-slate-900/50 rounded-lg p-4"><h4 class="text-white text-sm font-bold mb-2 text-center">Radar Écosystème</h4><div id="radarBox" class="radar-container"></div></div>
</div>
</section>

<section class="card">
<h3 class="text-white font-bold mb-3">🔀 Scénarios Stratégiques</h3>
<p class="text-slate-400 text-xs mb-3">Chemin: SR(s) → [PP(s)] → ER(s) - Sélection multiple possible</p>
${retSR.length===0?'<div class="bg-yellow-500/20 border border-yellow-500 rounded-lg p-3 mb-3 text-yellow-300 text-sm">⚠️ Cochez "Retenu" sur les SR dans l\'Atelier 2</div>':''}

<div class="grid md:grid-cols-2 lg:grid-cols-4 gap-3 mb-3">
<div>
<label class="text-slate-400 text-xs">SR retenus (multi)</label>
<div class="bg-slate-900 border border-slate-600 rounded-lg p-2 mt-1 max-h-32 overflow-y-auto">
${retSR.map(r=>{const ri=D.rs.indexOf(r);return `<label class="flex items-center gap-1 text-white text-xs py-0.5 cursor-pointer hover:bg-slate-800 px-1 rounded"><input type="checkbox" class="ssRS" value="${r.id}">SR${ri+1}: ${r.type}</label>`;}).join('')||'<span class="text-slate-500 text-xs">Aucun SR retenu</span>'}
</div>
</div>
<div>
<label class="text-slate-400 text-xs">PP (multi, optionnel)</label>
<div class="bg-slate-900 border border-slate-600 rounded-lg p-2 mt-1 max-h-32 overflow-y-auto">
${D.pp.map((p,i)=>`<label class="flex items-center gap-1 text-white text-xs py-0.5 cursor-pointer hover:bg-slate-800 px-1 rounded"><input type="checkbox" class="ssPP" value="${p.id}">PP${i+1}: ${esc(p.name)}</label>`).join('')||'<span class="text-slate-500 text-xs">Aucune PP</span>'}
</div>
</div>
<div>
<label class="text-slate-400 text-xs">ER (multi)</label>
<div class="bg-slate-900 border border-slate-600 rounded-lg p-2 mt-1 max-h-32 overflow-y-auto">
${D.fe.map((f,i)=>`<label class="flex items-center gap-1 text-white text-xs py-0.5 cursor-pointer hover:bg-slate-800 px-1 rounded"><input type="checkbox" class="ssER" value="${f.id}">ER${i+1}: ${f.desc.substring(0,20)}...</label>`).join('')||'<span class="text-slate-500 text-xs">Aucun ER</span>'}
</div>
</div>
<div>
<label class="text-slate-400 text-xs">Gravité</label>
<select id="ssG" class="w-full bg-slate-900 border border-slate-600 rounded-lg px-3 py-2 text-white text-sm mt-1">${BDC.gravites.map(g=>`<option value="${g.id.charAt(1)}" style="color:${g.c}">${g.id} - ${g.n}</option>`).join('')}</select>
<button onclick="addSS()" class="btn btn-purple text-sm w-full mt-2">+ Ajouter SS</button>
</div>
</div>
<textarea id="ssD" class="w-full bg-slate-900 border border-slate-600 rounded-lg px-3 py-2 text-white text-sm mb-3" rows="2" placeholder="Description du scénario..."></textarea>
${D.ss.length?`<div class="space-y-2">${D.ss.map((s,i)=>{
const srList=(s.srIds||[s.rs]).map(sid=>{const r=D.rs.find(x=>x.id===sid);return r?`SR${D.rs.indexOf(r)+1}`:null;}).filter(Boolean).join(', ');
const ppList=(s.ppIds||[s.pp]).filter(Boolean).map(pid=>{const p=D.pp.find(x=>x.id===pid);return p?`PP${D.pp.indexOf(p)+1}: ${esc(p.name)}`:null;}).filter(Boolean).join(', ');
const erList=(s.erIds||[s.fe]).map(eid=>{const f=D.fe.find(x=>x.id===eid);return f?`ER${D.fe.indexOf(f)+1}: ${f.desc.substring(0,15)}...`:null;}).filter(Boolean).join(', ');
const g=parseInt(s.g);
return `<div class="p-3 rounded-lg bg-slate-900/50 border border-slate-700">
<div class="flex items-center justify-between mb-2">
<div class="flex items-center gap-2 flex-wrap">
<span class="text-purple-400 font-mono font-bold text-xs">SS${i+1}</span>
<span class="badge" style="background:${BDC.gravites[g-1]?.c||'#666'}">G${s.g}</span>
<span class="text-red-400 text-xs">${srList||'?'}</span>
${ppList?`<span class="text-cyan-400 text-xs">→ ${ppList}</span>`:''}
<span class="text-slate-400">→</span>
<span class="text-orange-300 text-xs">${erList||'?'}</span>
</div>
<div>
<button onclick="editSS(${s.id})" class="text-blue-400 text-xs mr-1">✏️</button>
<button onclick="delSS(${s.id})" class="text-red-400 text-xs">🗑️</button>
</div>
</div>
${s.desc?`<p class="text-white text-sm bg-slate-800/50 p-2 rounded">${esc(s.desc)}</p>`:''}
</div>`;}).join('')}</div>`:'<div class="text-center py-6 text-slate-500">Aucun scénario</div>'}
</section>`;}

function initRadar(){
const box=document.getElementById('radarBox');if(!box||!D.pp.length)return;
let h='<div class="radar-ring" style="width:80%;height:80%;top:10%;left:10%"></div><div class="radar-ring" style="width:50%;height:50%;top:25%;left:25%"></div><div class="radar-ring" style="width:20%;height:20%;top:40%;left:40%"></div>';
h+='<div style="position:absolute;top:5%;left:50%;transform:translateX(-50%);color:#fff;font-size:10px">Danger</div>';
h+='<div style="position:absolute;bottom:5%;left:50%;transform:translateX(-50%);color:#fff;font-size:10px">Veille</div>';
D.pp.forEach((p,i)=>{
const t=((p.d*p.p)/(p.m*p.c));
const angle=(i/D.pp.length)*2*Math.PI-Math.PI/2;
const r=Math.min(t/3,1)*40+5;
const x=50+r*Math.cos(angle);
const y=50+r*Math.sin(angle);
const c=t<1?'#22c55e':t<2?'#eab308':'#dc2626';
h+=`<div class="radar-point" style="top:${y}%;left:${x}%;background:${c}" title="PP${i+1}: ${esc(p.name)} (${t.toFixed(2)})"></div>`;
});
box.innerHTML=h;}

// ============ ATELIER 4 ============
function w4(){return `
<section class="card mb-4">
<h3 class="text-white font-bold mb-3">⚙️ Scénarios Opérationnels</h3>
<p class="text-slate-400 text-xs mb-3">Modes opératoires: CONNAÎTRE → RENTRER → TROUVER → EXPLOITER</p>
<div class="bg-slate-900/50 rounded-lg p-3 mb-3"><div class="grid grid-cols-4 gap-2">${BDC.vrais.map(v=>`<div class="p-2 rounded border text-center" style="background:${v.c}15;border-color:${v.c}50"><span class="font-bold text-white text-sm">${v.id}</span> <span class="text-white text-xs">${v.n}</span></div>`).join('')}</div></div>
${D.ss.length===0?'<div class="bg-yellow-500/20 border border-yellow-500 rounded-lg p-3 mb-3 text-yellow-300 text-sm">⚠️ Créez des scénarios stratégiques (Atelier 3)</div>':''}
<div class="grid md:grid-cols-3 gap-2 mb-3">
<select id="osS" class="bg-slate-900 border border-slate-600 rounded-lg px-3 py-2 text-white text-sm"><option value="">-- Scénario Stratégique --</option>${D.ss.map((s,i)=>{
const srList=(s.srIds||[s.rs]).map(sid=>{const r=D.rs.find(x=>x.id===sid);return r?r.type:null;}).filter(Boolean).join(', ');
return `<option value="${s.id}">SS${i+1}: ${srList.substring(0,30)}...</option>`;}).join('')}</select>
<select id="osV" class="bg-slate-900 border border-slate-600 rounded-lg px-3 py-2 text-white text-sm">${BDC.vrais.map(v=>`<option value="${v.id.charAt(1)}" style="color:${v.c}">${v.id} - ${v.n}</option>`).join('')}</select>
<button onclick="addOS()" class="btn btn-orange text-sm">+ Créer Scénario</button>
</div>
<textarea id="osD" class="w-full bg-slate-900 border border-slate-600 rounded-lg px-3 py-2 text-white text-sm mb-3" rows="2" placeholder="Description du mode opératoire..."></textarea>
</section>

<section class="card">
<h3 class="text-white font-bold mb-3">📋 Scénarios Opérationnels (${D.os.length})</h3>
${D.os.length?`<div class="space-y-3">${D.os.map((o,i)=>{const ss=D.ss.find(s=>s.id===o.ss);const ssi=ss?D.ss.indexOf(ss)+1:'?';
const srList=ss?(ss.srIds||[ss.rs]).map(sid=>{const r=D.rs.find(x=>x.id===sid);return r?r.type:null;}).filter(Boolean).join(', '):'?';
const v=parseInt(o.v);return `<div class="bg-slate-900/50 border border-slate-700 rounded-lg p-4">
<div class="flex items-center justify-between mb-2"><div class="flex items-center gap-2 flex-wrap"><span class="text-orange-400 font-mono font-bold">SO${i+1}</span><span class="badge" style="background:${BDC.vrais[v-1]?.c||'#666'}">${BDC.vrais[v-1]?.id||'?'}</span><span class="text-white">${srList}</span><span class="text-slate-500 text-xs">(SS${ssi})</span></div><div><button onclick="editOS(${o.id})" class="text-blue-400 text-xs mr-1">✏️</button><button onclick="delOS(${o.id})" class="text-red-400 text-xs">🗑️</button></div></div>
${o.desc?`<p class="text-white text-sm mb-2 bg-slate-800/50 p-2 rounded">${esc(o.desc)}</p>`:''}
<div class="flex items-center gap-2 mb-2"><span class="text-slate-400 text-xs">Actions MITRE:</span><button onclick="showMitre(${o.id})" class="text-xs text-blue-400 hover:text-blue-300">+ Ajouter depuis ATT&CK</button></div>
${o.actions?.length?`<div class="flex flex-wrap gap-1">${o.actions.map((a,ai)=>`<span class="chip text-white border" style="background:${a.color||'#be123c'}30;border-color:${a.color||'#be123c'}">${a.technique}<button onclick="delAction(${o.id},${ai})" class="ml-1 hover:text-red-400">&times;</button></span>`).join('')}</div>`:'<div class="text-slate-500 text-xs">Aucune action - Utilisez MITRE ATT&CK</div>'}
</div>`;}).join('')}</div>`:'<div class="text-center py-6 text-slate-500">Aucun scénario opérationnel</div>'}
</section>`;}

function delAction(osId,ai){const os=D.os.find(o=>o.id===osId);if(os?.actions)os.actions.splice(ai,1);save();render();}

// ============ ATELIER 5 ============
function w5(){
const risks=getRisks();
const rl=l=>l<=4?{n:'Faible',c:'#22c55e'}:l<=8?{n:'Moyen',c:'#eab308'}:l<=12?{n:'Élevé',c:'#f97316'}:{n:'Critique',c:'#dc2626'};
let matrix='<div></div>';for(let v=1;v<=4;v++)matrix+=`<div class="text-center text-xs text-white p-1" style="color:${getLvlColor(v)}">V${v}</div>`;
for(let g=4;g>=1;g--){matrix+=`<div class="text-center text-xs p-1" style="color:${getLvlColor(g)}">G${g}</div>`;for(let v=1;v<=4;v++){const lv=rl(g*v);const cr=risks.filter(r=>r.g===g&&r.v===v);matrix+=`<div style="background:${lv.c}20" class="p-1 rounded min-h-[30px] border border-slate-700 flex flex-wrap gap-0.5 items-center justify-center">${cr.map(r=>`<span style="background:${lv.c}" class="text-white text-[10px] px-1 rounded">R${r.i}</span>`).join('')}</div>`;}}
return `
<section class="card mb-4">
<h3 class="text-white font-bold mb-3">📊 Cartographie des Risques</h3>
<div class="grid lg:grid-cols-2 gap-4">
<div class="bg-slate-900/50 rounded-lg p-4"><h4 class="text-white text-sm font-medium mb-2 text-center">Matrice G × V</h4><div class="grid grid-cols-5 gap-1">${matrix}</div>
<div class="flex justify-center gap-3 mt-2 text-xs"><span class="flex items-center gap-1"><span class="w-2 h-2 bg-green-500 rounded"></span><span class="text-white">1-4</span></span><span class="flex items-center gap-1"><span class="w-2 h-2 bg-yellow-500 rounded"></span><span class="text-white">5-8</span></span><span class="flex items-center gap-1"><span class="w-2 h-2 bg-orange-500 rounded"></span><span class="text-white">9-12</span></span><span class="flex items-center gap-1"><span class="w-2 h-2 bg-red-600 rounded"></span><span class="text-white">13-16</span></span></div></div>
<div><h4 class="text-white text-sm font-medium mb-2">Risques (${risks.length})</h4><div class="space-y-1 max-h-60 overflow-y-auto">${risks.map(r=>{const lv=rl(r.level);return `<div class="flex items-center gap-2 bg-slate-900/50 p-2 rounded"><span style="background:${lv.c}" class="text-white text-xs px-2 py-0.5 rounded font-mono">R${r.i}</span><span class="text-white text-sm flex-1 truncate">${esc(r.name)}</span><span class="text-white text-xs">G${r.g}×V${r.v}=${r.level}</span></div>`;}).join('')||'<div class="text-slate-500 text-sm">Aucun risque</div>'}</div></div>
</div>
</section>

<section class="card mb-4">
<h3 class="text-white font-bold mb-3">📅 Échelle des Jalons PACS</h3>
<div class="grid grid-cols-4 gap-3">
<div class="bg-red-500/20 border border-red-500/50 rounded-lg p-3 text-center">
<div class="text-red-400 font-bold text-lg">J1</div>
<div class="text-white text-sm font-medium">Court terme</div>
<div class="text-slate-400 text-xs mt-1">0-3 mois</div>
<div class="text-red-300 text-xs mt-2">🔴 Urgente</div>
<div class="text-slate-500 text-[10px] mt-1">Quick wins, corrections critiques</div>
</div>
<div class="bg-orange-500/20 border border-orange-500/50 rounded-lg p-3 text-center">
<div class="text-orange-400 font-bold text-lg">J2</div>
<div class="text-white text-sm font-medium">Moyen terme</div>
<div class="text-slate-400 text-xs mt-1">3-6 mois</div>
<div class="text-orange-300 text-xs mt-2">🟠 Haute</div>
<div class="text-slate-500 text-[10px] mt-1">Mesures nécessitant préparation</div>
</div>
<div class="bg-yellow-500/20 border border-yellow-500/50 rounded-lg p-3 text-center">
<div class="text-yellow-400 font-bold text-lg">J3</div>
<div class="text-white text-sm font-medium">Long terme</div>
<div class="text-slate-400 text-xs mt-1">6-12 mois</div>
<div class="text-yellow-300 text-xs mt-2">🟡 Moyenne</div>
<div class="text-slate-500 text-[10px] mt-1">Projets structurants</div>
</div>
<div class="bg-green-500/20 border border-green-500/50 rounded-lg p-3 text-center">
<div class="text-green-400 font-bold text-lg">J4</div>
<div class="text-white text-sm font-medium">Très long terme</div>
<div class="text-slate-400 text-xs mt-1">12+ mois</div>
<div class="text-green-300 text-xs mt-2">🟢 Planifiée</div>
<div class="text-slate-500 text-[10px] mt-1">Amélioration continue</div>
</div>
</div>
</section>

<section class="card">
<h3 class="text-white font-bold mb-3">📋 Plan de Traitement (PACS)</h3>
<div class="grid md:grid-cols-2 lg:grid-cols-6 gap-2 mb-3">
<div class="lg:col-span-2">
<label class="text-slate-400 text-xs">Risques (multi)</label>
<div id="riskCheckboxes" class="bg-slate-900 border border-slate-600 rounded-lg p-2 mt-1 max-h-24 overflow-y-auto">
${risks.length?risks.map(r=>`<label class="flex items-center gap-1 text-white text-xs py-0.5 cursor-pointer hover:bg-slate-800 px-1 rounded"><input type="checkbox" class="mRisk" value="${r.id}">R${r.i}: ${r.name.substring(0,25)}...</label>`).join(''):'<span class="text-slate-500 text-xs">Aucun risque</span>'}
</div>
</div>
<div>
<label class="text-slate-400 text-xs">Catégorie</label>
<select id="mC" class="w-full bg-slate-900 border border-slate-600 rounded-lg px-3 py-2 text-white text-sm mt-1"><option value="gouvernance">Gouvernance</option><option value="protection">Protection</option><option value="defense">Défense</option><option value="resilience">Résilience</option></select>
</div>
<div>
<label class="text-slate-400 text-xs">Mesure *</label>
<input type="text" id="mM" class="w-full bg-slate-900 border border-slate-600 rounded-lg px-3 py-2 text-white text-sm mt-1" placeholder="Description...">
</div>
<div>
<label class="text-slate-400 text-xs">Responsable</label>
<input type="text" id="mP" class="w-full bg-slate-900 border border-slate-600 rounded-lg px-3 py-2 text-white text-sm mt-1" placeholder="Nom...">
</div>
<div>
<label class="text-slate-400 text-xs">Jalon</label>
<select id="mJ" class="w-full bg-slate-900 border border-slate-600 rounded-lg px-3 py-2 text-white text-sm mt-1">${[1,2,3,4].map(j=>`<option value="${j}" style="color:${j===1?'#ef4444':j===2?'#f97316':j===3?'#eab308':'#22c55e'}">J${j}</option>`).join('')}</select>
</div>
</div>
<button onclick="addMeasure()" class="btn btn-green text-sm mb-3">+ Ajouter Mesure</button>
${D.measures.length?`<div class="table-container"><table><thead><tr><th>Mesure</th><th>Risques</th><th>Cat.</th><th>Resp.</th><th>Jalon</th><th>Statut</th><th class="w-20"></th></tr></thead><tbody>${D.measures.map(m=>{
const riskIds=m.riskIds||[m.risk].filter(Boolean);
const riskLabels=riskIds.map(rid=>{const r=risks.find(x=>x.id===rid);return r?'R'+r.i:null;}).filter(Boolean);
const jc=m.jalon===1?'#ef4444':m.jalon===2?'#f97316':m.jalon===3?'#eab308':'#22c55e';
return `<tr><td class="text-white">${esc(m.measure)}</td><td class="text-white text-xs">${riskLabels.length?riskLabels.map(rl=>`<span class="inline-block bg-orange-500/20 text-orange-300 px-1.5 py-0.5 rounded mr-1 mb-1">${rl}</span>`).join(''):'<span class="text-slate-500">-</span>'}</td><td class="capitalize text-white">${m.cat}</td><td class="text-white text-sm">${m.resp||'-'}</td><td class="text-center"><span class="badge" style="background:${jc}30;color:${jc}">J${m.jalon||1}</span></td><td><select class="bg-slate-800 border border-slate-600 rounded px-1 py-0.5 text-xs text-white" onchange="D.measures.find(x=>x.id===${m.id}).status=this.value;save()"><option value="todo" ${m.status==='todo'?'selected':''}>À faire</option><option value="ongoing" ${m.status==='ongoing'?'selected':''}>En cours</option><option value="done" ${m.status==='done'?'selected':''}>Fait</option></select></td><td><button onclick="editMeasure(${m.id})" class="text-blue-400 mr-1">✏️</button><button onclick="delMeasure(${m.id})" class="text-red-400">🗑️</button></td></tr>`;}).join('')}</tbody></table></div>`:'<div class="text-center py-6 text-slate-500">Aucune mesure</div>'}
</section>

<section class="card mb-4">
<h3 class="text-white font-bold mb-3">📉 Évaluation des Risques Résiduels</h3>
<div class="flex items-center gap-4 mb-4">
<label class="text-slate-400 text-sm">Jalon d'évaluation:</label>
<select id="jalonFilter" class="bg-slate-900 border border-slate-600 rounded-lg px-3 py-2 text-white text-sm" onchange="render()">
<option value="0">Tous les jalons</option>
${[1,2,3,4].map(j=>`<option value="${j}" style="color:${j===1?'#ef4444':j===2?'#f97316':j===3?'#eab308':'#22c55e'}">J${j} - ${j===1?'0-3 mois':j===2?'3-6 mois':j===3?'6-12 mois':'12+ mois'}</option>`).join('')}
</select>
<span class="text-slate-500 text-xs">Filtrer les risques par jalon des mesures associées</span>
</div>

<div class="grid md:grid-cols-2 lg:grid-cols-5 gap-2 mb-3 bg-slate-900/30 p-3 rounded-lg">
<div>
<label class="text-slate-400 text-xs">Risque</label>
<select id="rrRisk" class="w-full bg-slate-900 border border-slate-600 rounded-lg px-3 py-2 text-white text-sm mt-1">
<option value="">-- Sélectionner --</option>
${risks.map(r=>{const lv=rl(r.level);return `<option value="${r.id}" data-g="${r.g}" data-v="${r.v}">R${r.i}: ${r.name.substring(0,30)}... (${lv.n})</option>`;}).join('')}
</select>
</div>
<div>
<label class="text-slate-400 text-xs">Gravité résiduelle</label>
<select id="rrG" class="w-full bg-slate-900 border border-slate-600 rounded-lg px-3 py-2 text-white text-sm mt-1">
${[1,2,3,4].map(g=>`<option value="${g}" style="color:${getLvlColor(g)}">G${g}</option>`).join('')}
</select>
</div>
<div>
<label class="text-slate-400 text-xs">Vraisemblance résiduelle</label>
<select id="rrV" class="w-full bg-slate-900 border border-slate-600 rounded-lg px-3 py-2 text-white text-sm mt-1">
${[1,2,3,4].map(v=>`<option value="${v}" style="color:${getLvlColor(v)}">V${v}</option>`).join('')}
</select>
</div>
<div>
<label class="text-slate-400 text-xs">Jalon évaluation</label>
<select id="rrJ" class="w-full bg-slate-900 border border-slate-600 rounded-lg px-3 py-2 text-white text-sm mt-1">
${[1,2,3,4].map(j=>`<option value="${j}" style="color:${j===1?'#ef4444':j===2?'#f97316':j===3?'#eab308':'#22c55e'}">J${j}</option>`).join('')}
</select>
</div>
<div>
<label class="text-slate-400 text-xs">Justification</label>
<input type="text" id="rrJust" class="w-full bg-slate-900 border border-slate-600 rounded-lg px-3 py-2 text-white text-sm mt-1" placeholder="Mesures appliquées...">
</div>
</div>
<button onclick="addRR()" class="btn btn-purple text-sm mb-3">+ Évaluer Risque Résiduel</button>

${D.risquesResiduels.length?`<div class="table-container"><table><thead><tr><th>Risque</th><th>Initial</th><th>Résiduel</th><th>Évolution</th><th>Jalon</th><th>Justification</th><th class="w-20"></th></tr></thead><tbody>${D.risquesResiduels.map(rr=>{
const r=risks.find(x=>x.id===rr.riskId);
if(!r)return '';
const lvI=rl(r.level);const lvR=rl(rr.gRes*rr.vRes);
const diff=r.level-(rr.gRes*rr.vRes);
const diffC=diff>0?'text-green-400':diff<0?'text-red-400':'text-slate-400';
const jc=rr.jalon===1?'#ef4444':rr.jalon===2?'#f97316':rr.jalon===3?'#eab308':'#22c55e';
return `<tr><td class="text-white"><span class="text-orange-400 font-mono font-bold">R${r.i}</span> ${r.name.substring(0,25)}...</td><td class="text-center"><span class="badge" style="background:${lvI.c}30;color:${lvI.c}">G${r.g}×V${r.v}=${r.level}</span></td><td class="text-center"><span class="badge" style="background:${lvR.c}30;color:${lvR.c}">G${rr.gRes}×V${rr.vRes}=${rr.gRes*rr.vRes}</span></td><td class="text-center ${diffC} font-bold">${diff>0?'↓ -'+diff:diff<0?'↑ +'+Math.abs(diff):'='}</td><td class="text-center"><span class="badge" style="background:${jc}30;color:${jc}">J${rr.jalon}</span></td><td class="text-white text-xs">${rr.justification||'-'}</td><td><button onclick="editRR(${rr.id})" class="text-blue-400 mr-1">✏️</button><button onclick="delRR(${rr.id})" class="text-red-400">🗑️</button></td></tr>`;}).join('')}</tbody></table></div>`:'<div class="text-center py-6 text-slate-500">Aucune évaluation résiduelle</div>'}
</section>

<section class="card">
<h3 class="text-white font-bold mb-3">📊 Comparaison Cartographies (Avant/Après)</h3>
<div class="grid md:grid-cols-2 gap-4">
<div class="bg-slate-900/50 rounded-lg p-4">
<h4 class="text-white text-sm font-medium mb-2 text-center">🔴 Risques Initiaux</h4>
<div class="grid grid-cols-5 gap-1">${matrix}</div>
</div>
<div class="bg-slate-900/50 rounded-lg p-4">
<h4 class="text-white text-sm font-medium mb-2 text-center">🟢 Risques Résiduels</h4>
${(()=>{
let mRes='<div></div>';for(let v=1;v<=4;v++)mRes+=`<div class="text-center text-xs text-white p-1" style="color:${getLvlColor(v)}">V${v}</div>`;
const risksRes=risks.map(r=>{const rr=D.risquesResiduels.find(x=>x.riskId===r.id);return rr?{...r,g:rr.gRes,v:rr.vRes,level:rr.gRes*rr.vRes}:r;});
for(let g=4;g>=1;g--){mRes+=`<div class="text-center text-xs p-1" style="color:${getLvlColor(g)}">G${g}</div>`;for(let v=1;v<=4;v++){const lv=rl(g*v);const cr=risksRes.filter(r=>r.g===g&&r.v===v);mRes+=`<div style="background:${lv.c}20" class="p-1 rounded min-h-[30px] border border-slate-700 flex flex-wrap gap-0.5 items-center justify-center">${cr.map(r=>`<span style="background:${lv.c}" class="text-white text-[10px] px-1 rounded">R${r.i}</span>`).join('')}</div>`;}}
return `<div class="grid grid-cols-5 gap-1">${mRes}</div>`;
})()}
</div>
</div>
<div class="flex justify-center gap-6 mt-4 text-xs">
<span class="flex items-center gap-1"><span class="w-3 h-3 bg-green-500 rounded"></span><span class="text-white">Faible (1-4)</span></span>
<span class="flex items-center gap-1"><span class="w-3 h-3 bg-yellow-500 rounded"></span><span class="text-white">Moyen (5-8)</span></span>
<span class="flex items-center gap-1"><span class="w-3 h-3 bg-orange-500 rounded"></span><span class="text-white">Élevé (9-12)</span></span>
<span class="flex items-center gap-1"><span class="w-3 h-3 bg-red-600 rounded"></span><span class="text-white">Critique (13-16)</span></span>
</div>
</section>`;}

// ============ RISQUES RESIDUELS ============
function addRR(){
const riskId=parseInt(document.getElementById('rrRisk').value);
if(!riskId||isNaN(riskId))return alert('Sélectionnez un risque');
if(D.risquesResiduels.some(rr=>rr.riskId===riskId)){
if(!confirm('Ce risque a déjà une évaluation résiduelle. Remplacer?'))return;
D.risquesResiduels=D.risquesResiduels.filter(rr=>rr.riskId!==riskId);
}
const justif=sanitizeStr(document.getElementById('rrJust').value,500);
if(hasInjection(justif))return alert('Caractères non autorisés');
D.risquesResiduels.push({
id:gid(),
riskId,
gRes:sanitizeNum(document.getElementById('rrG').value),
vRes:sanitizeNum(document.getElementById('rrV').value),
jalon:sanitizeNum(document.getElementById('rrJ').value),
justification:justif
});
document.getElementById('rrJust').value='';
save();render();
}

function delRR(id){if(confirm('Supprimer cette évaluation?')){D.risquesResiduels=D.risquesResiduels.filter(x=>x.id!==id);save();render();}}

function editRR(id){
editT='rr';editI=id;
const rr=D.risquesResiduels.find(x=>x.id===id);
const risks=getRisks();
const r=risks.find(x=>x.id===rr.riskId);
document.getElementById('editTitle').textContent='Modifier Risque Résiduel';
document.getElementById('editBody').innerHTML=`
<div class="space-y-3">
<div class="bg-slate-800 p-2 rounded text-sm text-white">Risque: <span class="text-orange-400 font-bold">R${r?.i||'?'}</span> ${r?.name||'?'}</div>
<div class="grid grid-cols-2 gap-2">
<div><label class="text-slate-400 text-xs">Gravité résiduelle</label><select id="eRRG" class="w-full bg-slate-900 border border-slate-600 rounded-lg px-3 py-2 text-white mt-1">${[1,2,3,4].map(g=>`<option value="${g}" ${g===rr.gRes?'selected':''} style="color:${getLvlColor(g)}">G${g}</option>`).join('')}</select></div>
<div><label class="text-slate-400 text-xs">Vraisemblance résiduelle</label><select id="eRRV" class="w-full bg-slate-900 border border-slate-600 rounded-lg px-3 py-2 text-white mt-1">${[1,2,3,4].map(v=>`<option value="${v}" ${v===rr.vRes?'selected':''} style="color:${getLvlColor(v)}">V${v}</option>`).join('')}</select></div>
</div>
<div><label class="text-slate-400 text-xs">Jalon d'évaluation</label><select id="eRRJ" class="w-full bg-slate-900 border border-slate-600 rounded-lg px-3 py-2 text-white mt-1">${[1,2,3,4].map(j=>`<option value="${j}" ${j===rr.jalon?'selected':''}>J${j}</option>`).join('')}</select></div>
<div><label class="text-slate-400 text-xs">Justification</label><textarea id="eRRJust" class="w-full bg-slate-900 border border-slate-600 rounded-lg px-3 py-2 text-white mt-1" rows="2">${esc(rr.justification||'')}</textarea></div>
</div>`;
document.getElementById('editModal').classList.add('active');
}

function getRisks(){return D.os.map((o,i)=>{const ss=D.ss.find(s=>s.id===o.ss);
const srList=ss?(ss.srIds||[ss.rs]).map(sid=>{const r=D.rs.find(x=>x.id===sid);return r?r.type:null;}).filter(Boolean).join(', '):'?';
const erList=ss?(ss.erIds||[ss.fe]).map(eid=>{const f=D.fe.find(x=>x.id===eid);return f?f.desc.substring(0,15):null;}).filter(Boolean).join(', '):'?';
const g=ss?parseInt(ss.g):1;const v=parseInt(o.v);return {id:o.id,i:i+1,name:`${srList} → ${erList}...`,g,v,level:g*v};});}

// ============ DASHBOARD ============
function w6(){
const risks=getRisks();const rl=l=>l<=4?'Faible':l<=8?'Moyen':l<=12?'Élevé':'Critique';
const byLvl={f:risks.filter(r=>r.level<=4).length,m:risks.filter(r=>r.level>4&&r.level<=8).length,e:risks.filter(r=>r.level>8&&r.level<=12).length,c:risks.filter(r=>r.level>12).length};
const mStat={todo:D.measures.filter(m=>m.status==='todo').length,ongoing:D.measures.filter(m=>m.status==='ongoing').length,done:D.measures.filter(m=>m.status==='done').length};
return `
<div class="bg-gradient-to-r from-blue-900/30 to-purple-900/30 rounded-xl p-5 border border-blue-700/50 mb-5">
<div class="grid md:grid-cols-4 gap-4 text-center">
<div><span class="text-slate-400 text-xs block">Projet</span><span class="text-white font-medium">${D.meta.studyName||'-'}</span></div>
<div><span class="text-slate-400 text-xs block">Organisation</span><span class="text-white font-medium">${D.meta.organization||'-'}</span></div>
<div><span class="text-slate-400 text-xs block">Date</span><span class="text-white font-medium">${D.meta.date}</span></div>
<div><span class="text-slate-400 text-xs block">Version</span><span class="text-white font-medium">v${D.meta.version}</span></div>
</div>
</div>

<div class="grid grid-cols-5 gap-3 mb-5">
<div class="bg-blue-500/10 border border-blue-500/50 rounded-xl p-4 text-center"><div class="text-3xl font-black text-blue-400">${D.bv.length}</div><div class="text-white text-xs">Valeurs Métier</div></div>
<div class="bg-red-500/10 border border-red-500/50 rounded-xl p-4 text-center"><div class="text-3xl font-black text-red-400">${D.fe.length}</div><div class="text-white text-xs">Événements</div></div>
<div class="bg-purple-500/10 border border-purple-500/50 rounded-xl p-4 text-center"><div class="text-3xl font-black text-purple-400">${D.rs.filter(r=>r.retained).length}</div><div class="text-white text-xs">SR/OV Retenus</div></div>
<div class="bg-orange-500/10 border border-orange-500/50 rounded-xl p-4 text-center"><div class="text-3xl font-black text-orange-400">${risks.length}</div><div class="text-white text-xs">Risques</div></div>
<div class="bg-green-500/10 border border-green-500/50 rounded-xl p-4 text-center"><div class="text-3xl font-black text-green-400">${D.measures.length}</div><div class="text-white text-xs">Mesures</div></div>
</div>

<div class="grid md:grid-cols-2 gap-4 mb-5">
<div class="card"><h4 class="text-white font-bold mb-3">📊 Répartition des Risques</h4><canvas id="chartRisk" height="180"></canvas></div>
<div class="card"><h4 class="text-white font-bold mb-3">⏱️ Avancement PACS</h4><canvas id="chartPacs" height="180"></canvas></div>
</div>

<div class="card">
<h4 class="text-white font-bold mb-3">📋 Synthèse des Risques</h4>
${risks.length?`<div class="table-container"><table><thead><tr><th>Réf</th><th>Description</th><th>G</th><th>V</th><th>Niveau</th><th>Mesures</th></tr></thead><tbody>${risks.map(r=>{const lv=r.level<=4?{n:'Faible',c:'#22c55e'}:r.level<=8?{n:'Moyen',c:'#eab308'}:r.level<=12?{n:'Élevé',c:'#f97316'}:{n:'Critique',c:'#dc2626'};const mc=D.measures.filter(m=>(m.riskIds||[m.risk].filter(Boolean)).includes(r.id)).length;return `<tr><td class="text-orange-400 font-mono font-bold">R${r.i}</td><td class="text-white">${esc(r.name)}</td><td class="text-center" style="color:${getLvlColor(r.g)}">G${r.g}</td><td class="text-center" style="color:${getLvlColor(r.v)}">V${r.v}</td><td class="text-center"><span class="badge" style="background:${lv.c}30;color:${lv.c}">${r.level} - ${lv.n}</span></td><td class="text-center text-white">${mc}</td></tr>`;}).join('')}</tbody></table></div>`:'<div class="text-center py-6 text-slate-500">Aucun risque</div>'}
</div>`;}

function initCharts(){
const risks=getRisks();
const byLvl=[risks.filter(r=>r.level<=4).length,risks.filter(r=>r.level>4&&r.level<=8).length,risks.filter(r=>r.level>8&&r.level<=12).length,risks.filter(r=>r.level>12).length];
const mStat=[D.measures.filter(m=>m.status==='todo').length,D.measures.filter(m=>m.status==='ongoing').length,D.measures.filter(m=>m.status==='done').length];
const c1=document.getElementById('chartRisk');const c2=document.getElementById('chartPacs');
if(c1)new Chart(c1,{type:'doughnut',data:{labels:['Faible','Moyen','Élevé','Critique'],datasets:[{data:byLvl,backgroundColor:['#22c55e','#eab308','#f97316','#dc2626']}]},options:{plugins:{legend:{labels:{color:'#fff'}}}}});
if(c2)new Chart(c2,{type:'pie',data:{labels:['À faire','En cours','Fait'],datasets:[{data:mStat,backgroundColor:['#64748b','#eab308','#22c55e']}]},options:{plugins:{legend:{labels:{color:'#fff'}}}}});}

// ============ CRUD ============
function addM(){const v=document.getElementById('newM').value.trim();if(v){D.missions.push({id:gid(),t:v});document.getElementById('newM').value='';save();render();}}
function delM(id){D.missions=D.missions.filter(x=>x.id!==id);save();render();}

function addBV(){const n=sanitizeStr(document.getElementById('bvN').value.trim(),200);if(!n)return alert('Dénomination requise');if(hasInjection(n))return alert('Caractères non autorisés');D.bv.push({id:gid(),name:n,type:document.getElementById('bvT').value,desc:sanitizeStr(document.getElementById('bvD').value,1000),support:sanitizeStr(document.getElementById('bvS').value,500),owner:sanitizeStr(document.getElementById('bvO').value,100)});['bvN','bvD','bvS','bvO'].forEach(x=>document.getElementById(x).value='');save();render();}
function delBV(id){if(confirm('Supprimer?')){D.bv=D.bv.filter(x=>x.id!==id);save();render();}}

function addFE(){const bv=document.getElementById('feV').value,d=sanitizeStr(document.getElementById('feD').value.trim(),500);if(!bv||!d)return alert('VM et description requises');if(hasInjection(d))return alert('Caractères non autorisés');D.fe.push({id:gid(),bv:+bv,desc:d,impact:document.getElementById('feI').value,g:document.getElementById('feG').value});document.getElementById('feD').value='';save();render();}
function delFE(id){D.fe=D.fe.filter(x=>x.id!==id);save();render();}

function addBL(){const r=document.getElementById('blC').value.trim()||document.getElementById('blR').value;if(!r)return alert('Référentiel requis');D.baseline.push({id:gid(),ref:r,status:document.getElementById('blS').value,gap:document.getElementById('blG').value});['blC','blG'].forEach(x=>document.getElementById(x).value='');document.getElementById('blR').value='';save();render();}
function delBL(id){D.baseline=D.baseline.filter(x=>x.id!==id);save();render();}

function addRS(){const objs=[...document.querySelectorAll('.rsO:checked')].map(c=>c.value);if(!objs.length)return alert('Sélectionnez des objectifs');D.rs.push({id:gid(),type:document.getElementById('rsT').value,objs,mot:document.getElementById('rsM').value,res:document.getElementById('rsR').value,retained:false});document.querySelectorAll('.rsO').forEach(c=>c.checked=false);save();render();}
function delRS(id){D.rs=D.rs.filter(x=>x.id!==id);save();render();}

function addPP(){const n=sanitizeStr(document.getElementById('ppN').value.trim(),200);if(!n)return alert('Nom requis');if(hasInjection(n))return alert('Caractères non autorisés');D.pp.push({id:gid(),name:n,cat:document.getElementById('ppC').value,d:sanitizeNum(document.getElementById('ppD').value),p:sanitizeNum(document.getElementById('ppP').value),m:sanitizeNum(document.getElementById('ppM').value),c:sanitizeNum(document.getElementById('ppCf').value)});document.getElementById('ppN').value='';save();render();}
function delPP(id){D.pp=D.pp.filter(x=>x.id!==id);save();render();}

function addSS(){
const srIds=[...document.querySelectorAll('.ssRS:checked')].map(c=>+c.value);
const ppIds=[...document.querySelectorAll('.ssPP:checked')].map(c=>+c.value);
const erIds=[...document.querySelectorAll('.ssER:checked')].map(c=>+c.value);
if(!srIds.length)return alert('Sélectionnez au moins un SR');
if(!erIds.length)return alert('Sélectionnez au moins un ER');
D.ss.push({id:gid(),srIds,ppIds,erIds,g:document.getElementById('ssG').value,desc:document.getElementById('ssD').value});
document.querySelectorAll('.ssRS,.ssPP,.ssER').forEach(c=>c.checked=false);
document.getElementById('ssD').value='';save();render();
}
function delSS(id){D.ss=D.ss.filter(x=>x.id!==id);save();render();}

function addOS(){const ss=document.getElementById('osS').value;if(!ss)return alert('SS requis');const desc=sanitizeStr(document.getElementById('osD').value,1000);D.os.push({id:gid(),ss:+ss,v:document.getElementById('osV').value,desc:desc,actions:[]});document.getElementById('osD').value='';save();render();}
function delOS(id){D.os=D.os.filter(x=>x.id!==id);save();render();}

function addMeasure(){const m=sanitizeStr(document.getElementById('mM').value.trim(),500);if(!m)return alert('Mesure requise');if(hasInjection(m))return alert('Caractères non autorisés');
const riskIds=[...document.querySelectorAll('.mRisk:checked')].map(c=>+c.value);
D.measures.push({id:gid(),riskIds:riskIds,cat:document.getElementById('mC').value,measure:m,resp:sanitizeStr(document.getElementById('mP').value,100),jalon:sanitizeNum(document.getElementById('mJ').value),status:'todo'});
document.getElementById('mM').value='';document.getElementById('mP').value='';
document.querySelectorAll('.mRisk').forEach(c=>c.checked=false);
save();render();}
function delMeasure(id){D.measures=D.measures.filter(x=>x.id!==id);save();render();}

// ============ EDIT FUNCTIONS ============
function editBV(id){editT='bv';editI=id;const item=D.bv.find(x=>x.id===id);document.getElementById('editTitle').textContent='Modifier Valeur Métier';
document.getElementById('editBody').innerHTML=`<div class="space-y-3"><div><label class="text-slate-400 text-xs">Dénomination</label><input type="text" id="eN" class="w-full bg-slate-900 border border-slate-600 rounded-lg px-3 py-2 text-white mt-1" value="${esc(item.name)}"></div><div><label class="text-slate-400 text-xs">Type</label><select id="eT" class="w-full bg-slate-900 border border-slate-600 rounded-lg px-3 py-2 text-white mt-1">${BDC.typesVM.map(t=>`<option ${t===item.type?'selected':''}>${t}</option>`).join('')}</select></div><div><label class="text-slate-400 text-xs">Description</label><textarea id="eD" class="w-full bg-slate-900 border border-slate-600 rounded-lg px-3 py-2 text-white mt-1" rows="2">${esc(item.desc||'')}</textarea></div><div><label class="text-slate-400 text-xs">Biens Support (séparés par virgule)</label><input type="text" id="eS" class="w-full bg-slate-900 border border-slate-600 rounded-lg px-3 py-2 text-white mt-1" value="${esc(item.support||'')}" placeholder="Serveur1, BDD, Réseau..."></div><div><label class="text-slate-400 text-xs">Responsable</label><input type="text" id="eO" class="w-full bg-slate-900 border border-slate-600 rounded-lg px-3 py-2 text-white mt-1" value="${esc(item.owner||'')}"></div></div>`;
document.getElementById('editModal').classList.add('active');}

function editFE(id){editT='fe';editI=id;const item=D.fe.find(x=>x.id===id);document.getElementById('editTitle').textContent='Modifier Événement Redouté';
document.getElementById('editBody').innerHTML=`<div class="space-y-3"><div><label class="text-slate-400 text-xs">VM</label><select id="eBV" class="w-full bg-slate-900 border border-slate-600 rounded-lg px-3 py-2 text-white mt-1">${D.bv.map((b,i)=>`<option value="${b.id}" ${b.id===item.bv?'selected':''}>VM${i+1}: ${esc(b.name)}</option>`).join('')}</select></div><div><label class="text-slate-400 text-xs">Description</label><input type="text" id="eD" class="w-full bg-slate-900 border border-slate-600 rounded-lg px-3 py-2 text-white mt-1" value="${esc(item.desc)}"></div><div><label class="text-slate-400 text-xs">Gravité</label><select id="eG" class="w-full bg-slate-900 border border-slate-600 rounded-lg px-3 py-2 text-white mt-1">${BDC.gravites.map(g=>`<option value="${g.id.charAt(1)}" ${g.id.charAt(1)===item.g?'selected':''}>${g.id} - ${g.n}</option>`).join('')}</select></div></div>`;
document.getElementById('editModal').classList.add('active');}

function editRS(id){editT='rs';editI=id;const item=D.rs.find(x=>x.id===id);const allSources=[...BDC.sources,...D.customSources];
document.getElementById('editTitle').textContent='Modifier Source de Risque';
document.getElementById('editBody').innerHTML=`<div class="space-y-3"><div><label class="text-slate-400 text-xs">Source</label><select id="eType" class="w-full bg-slate-900 border border-slate-600 rounded-lg px-3 py-2 text-white mt-1">${allSources.map(s=>`<option ${s===item.type?'selected':''}>${s}</option>`).join('')}</select></div><div><label class="text-slate-400 text-xs">Motivation</label><select id="eMot" class="w-full bg-slate-900 border border-slate-600 rounded-lg px-3 py-2 text-white mt-1">${BDC.motivation.map(m=>`<option value="${m.v}" ${m.v==item.mot?'selected':''}>${m.v} - ${m.n}</option>`).join('')}</select></div><div><label class="text-slate-400 text-xs">Ressources</label><select id="eRes" class="w-full bg-slate-900 border border-slate-600 rounded-lg px-3 py-2 text-white mt-1">${BDC.ressources.map(r=>`<option value="${r.v}" ${r.v==item.res?'selected':''}>${r.v} - ${r.n}</option>`).join('')}</select></div></div>`;
document.getElementById('editModal').classList.add('active');}

function editPP(id){editT='pp';editI=id;const item=D.pp.find(x=>x.id===id);
document.getElementById('editTitle').textContent='Modifier Partie Prenante';
document.getElementById('editBody').innerHTML=`<div class="space-y-3"><div><label class="text-slate-400 text-xs">Nom</label><input type="text" id="eN" class="w-full bg-slate-900 border border-slate-600 rounded-lg px-3 py-2 text-white mt-1" value="${esc(item.name)}"></div><div><label class="text-slate-400 text-xs">Catégorie</label><select id="eCat" class="w-full bg-slate-900 border border-slate-600 rounded-lg px-3 py-2 text-white mt-1">${BDC.catPP.map(c=>`<option ${c===item.cat?'selected':''}>${c}</option>`).join('')}</select></div><div class="grid grid-cols-4 gap-2"><div><label class="text-slate-400 text-xs">D</label><select id="eD" class="w-full bg-slate-900 border border-slate-600 rounded-lg px-2 py-1 text-white mt-1">${[1,2,3,4].map(v=>`<option ${v===item.d?'selected':''}>${v}</option>`).join('')}</select></div><div><label class="text-slate-400 text-xs">P</label><select id="eP" class="w-full bg-slate-900 border border-slate-600 rounded-lg px-2 py-1 text-white mt-1">${[1,2,3,4].map(v=>`<option ${v===item.p?'selected':''}>${v}</option>`).join('')}</select></div><div><label class="text-slate-400 text-xs">M</label><select id="eM" class="w-full bg-slate-900 border border-slate-600 rounded-lg px-2 py-1 text-white mt-1">${[1,2,3,4].map(v=>`<option ${v===item.m?'selected':''}>${v}</option>`).join('')}</select></div><div><label class="text-slate-400 text-xs">C</label><select id="eC" class="w-full bg-slate-900 border border-slate-600 rounded-lg px-2 py-1 text-white mt-1">${[1,2,3,4].map(v=>`<option ${v===item.c?'selected':''}>${v}</option>`).join('')}</select></div></div></div>`;
document.getElementById('editModal').classList.add('active');}

function editSS(id){editT='ss';editI=id;const item=D.ss.find(x=>x.id===id);const retSR=D.rs.filter(r=>r.retained);
const srIds=item.srIds||[item.rs];const ppIds=item.ppIds||[item.pp].filter(Boolean);const erIds=item.erIds||[item.fe];
document.getElementById('editTitle').textContent='Modifier Scénario Stratégique';
document.getElementById('editBody').innerHTML=`<div class="space-y-3">
<div><label class="text-slate-400 text-xs">SR retenus</label><div class="bg-slate-900 border border-slate-600 rounded-lg p-2 mt-1 max-h-24 overflow-y-auto">${retSR.map(r=>{const ri=D.rs.indexOf(r);const checked=srIds.includes(r.id);return `<label class="flex items-center gap-1 text-white text-xs py-0.5"><input type="checkbox" class="eSR" value="${r.id}" ${checked?'checked':''}>SR${ri+1}: ${r.type}</label>`;}).join('')}</div></div>
<div><label class="text-slate-400 text-xs">PP</label><div class="bg-slate-900 border border-slate-600 rounded-lg p-2 mt-1 max-h-24 overflow-y-auto">${D.pp.map((p,i)=>{const checked=ppIds.includes(p.id);return `<label class="flex items-center gap-1 text-white text-xs py-0.5"><input type="checkbox" class="ePP" value="${p.id}" ${checked?'checked':''}>PP${i+1}: ${esc(p.name)}</label>`;}).join('')}</div></div>
<div><label class="text-slate-400 text-xs">ER</label><div class="bg-slate-900 border border-slate-600 rounded-lg p-2 mt-1 max-h-24 overflow-y-auto">${D.fe.map((f,i)=>{const checked=erIds.includes(f.id);return `<label class="flex items-center gap-1 text-white text-xs py-0.5"><input type="checkbox" class="eER" value="${f.id}" ${checked?'checked':''}>ER${i+1}: ${f.desc.substring(0,20)}...</label>`;}).join('')}</div></div>
<div><label class="text-slate-400 text-xs">Gravité</label><select id="eG" class="w-full bg-slate-900 border border-slate-600 rounded-lg px-3 py-2 text-white mt-1">${BDC.gravites.map(g=>`<option value="${g.id.charAt(1)}" ${g.id.charAt(1)===item.g?'selected':''}>${g.id} - ${g.n}</option>`).join('')}</select></div>
<div><label class="text-slate-400 text-xs">Description</label><textarea id="eDesc" class="w-full bg-slate-900 border border-slate-600 rounded-lg px-3 py-2 text-white mt-1" rows="2">${esc(item.desc||'')}</textarea></div>
</div>`;
document.getElementById('editModal').classList.add('active');}

function editOS(id){editT='os';editI=id;const item=D.os.find(x=>x.id===id);
document.getElementById('editTitle').textContent='Modifier Scénario Opérationnel';
document.getElementById('editBody').innerHTML=`<div class="space-y-3">
<div><label class="text-slate-400 text-xs">Scénario Stratégique</label><select id="eSS" class="w-full bg-slate-900 border border-slate-600 rounded-lg px-3 py-2 text-white mt-1">${D.ss.map((s,i)=>{const srList=(s.srIds||[s.rs]).map(sid=>{const r=D.rs.find(x=>x.id===sid);return r?r.type:null;}).filter(Boolean).join(', ');return `<option value="${s.id}" ${s.id===item.ss?'selected':''}>SS${i+1}: ${srList.substring(0,30)}...</option>`;}).join('')}</select></div>
<div><label class="text-slate-400 text-xs">Vraisemblance</label><select id="eV" class="w-full bg-slate-900 border border-slate-600 rounded-lg px-3 py-2 text-white mt-1">${BDC.vrais.map(v=>`<option value="${v.id.charAt(1)}" ${v.id.charAt(1)===item.v?'selected':''}>${v.id} - ${v.n}</option>`).join('')}</select></div>
<div><label class="text-slate-400 text-xs">Description</label><textarea id="eDesc" class="w-full bg-slate-900 border border-slate-600 rounded-lg px-3 py-2 text-white mt-1" rows="2">${esc(item.desc||'')}</textarea></div>
</div>`;
document.getElementById('editModal').classList.add('active');}

function editMeasure(id){editT='measure';editI=id;const item=D.measures.find(x=>x.id===id);const risks=getRisks();
const riskIds=item.riskIds||[item.risk].filter(Boolean);
document.getElementById('editTitle').textContent='Modifier Mesure';
document.getElementById('editBody').innerHTML=`<div class="space-y-3">
<div><label class="text-slate-400 text-xs">Risques (multi)</label><div class="bg-slate-900 border border-slate-600 rounded-lg p-2 mt-1 max-h-32 overflow-y-auto">${risks.length?risks.map(r=>{const checked=riskIds.includes(r.id);return `<label class="flex items-center gap-1 text-white text-xs py-0.5 cursor-pointer hover:bg-slate-800 px-1 rounded"><input type="checkbox" class="eRisk" value="${r.id}" ${checked?'checked':''}>R${r.i}: ${r.name.substring(0,30)}...</label>`;}).join(''):'<span class="text-slate-500 text-xs">Aucun risque</span>'}</div></div>
<div><label class="text-slate-400 text-xs">Catégorie</label><select id="eCat" class="w-full bg-slate-900 border border-slate-600 rounded-lg px-3 py-2 text-white mt-1"><option ${item.cat==='gouvernance'?'selected':''} value="gouvernance">Gouvernance</option><option ${item.cat==='protection'?'selected':''} value="protection">Protection</option><option ${item.cat==='defense'?'selected':''} value="defense">Défense</option><option ${item.cat==='resilience'?'selected':''} value="resilience">Résilience</option></select></div>
<div><label class="text-slate-400 text-xs">Mesure</label><input type="text" id="eMeasure" class="w-full bg-slate-900 border border-slate-600 rounded-lg px-3 py-2 text-white mt-1" value="${esc(item.measure)}"></div>
<div><label class="text-slate-400 text-xs">Responsable</label><input type="text" id="eResp" class="w-full bg-slate-900 border border-slate-600 rounded-lg px-3 py-2 text-white mt-1" value="${esc(item.resp||'')}"></div>
<div><label class="text-slate-400 text-xs">Jalon</label><select id="eJalon" class="w-full bg-slate-900 border border-slate-600 rounded-lg px-3 py-2 text-white mt-1">${[1,2,3,4].map(j=>`<option value="${j}" ${j===item.jalon?'selected':''} style="color:${j===1?'#ef4444':j===2?'#f97316':j===3?'#eab308':'#22c55e'}">J${j} - ${j===1?'Court terme (0-3 mois)':j===2?'Moyen terme (3-6 mois)':j===3?'Long terme (6-12 mois)':'Très long terme (12+ mois)'}</option>`).join('')}</select></div>
</div>`;
document.getElementById('editModal').classList.add('active');}

function saveEdit(){
if(editT==='bv'){const item=D.bv.find(x=>x.id===editI);const n=sanitizeStr(document.getElementById('eN').value,200);if(!n||hasInjection(n))return alert('Nom invalide');item.name=n;item.type=document.getElementById('eT').value;item.desc=sanitizeStr(document.getElementById('eD').value,1000);item.support=sanitizeStr(document.getElementById('eS').value,500);item.owner=sanitizeStr(document.getElementById('eO').value,100);}
else if(editT==='fe'){const item=D.fe.find(x=>x.id===editI);const d=sanitizeStr(document.getElementById('eD').value,500);if(hasInjection(d))return alert('Description invalide');item.bv=+document.getElementById('eBV').value;item.desc=d;item.g=document.getElementById('eG').value;}
else if(editT==='rs'){const item=D.rs.find(x=>x.id===editI);item.type=document.getElementById('eType').value;item.mot=document.getElementById('eMot').value;item.res=document.getElementById('eRes').value;}
else if(editT==='pp'){const item=D.pp.find(x=>x.id===editI);const n=sanitizeStr(document.getElementById('eN').value,200);if(!n||hasInjection(n))return alert('Nom invalide');item.name=n;item.cat=document.getElementById('eCat').value;item.d=sanitizeNum(document.getElementById('eD').value);item.p=sanitizeNum(document.getElementById('eP').value);item.m=sanitizeNum(document.getElementById('eM').value);item.c=sanitizeNum(document.getElementById('eC').value);}
else if(editT==='ss'){const item=D.ss.find(x=>x.id===editI);item.srIds=[...document.querySelectorAll('.eSR:checked')].map(c=>+c.value);item.ppIds=[...document.querySelectorAll('.ePP:checked')].map(c=>+c.value);item.erIds=[...document.querySelectorAll('.eER:checked')].map(c=>+c.value);item.g=document.getElementById('eG').value;item.desc=sanitizeStr(document.getElementById('eDesc').value,1000);}
else if(editT==='os'){const item=D.os.find(x=>x.id===editI);item.ss=+document.getElementById('eSS').value;item.v=document.getElementById('eV').value;item.desc=sanitizeStr(document.getElementById('eDesc').value,1000);}
else if(editT==='measure'){const item=D.measures.find(x=>x.id===editI);const m=sanitizeStr(document.getElementById('eMeasure').value,500);if(hasInjection(m))return alert('Mesure invalide');item.riskIds=[...document.querySelectorAll('.eRisk:checked')].map(c=>+c.value);item.cat=document.getElementById('eCat').value;item.measure=m;item.resp=sanitizeStr(document.getElementById('eResp').value,100);item.jalon=sanitizeNum(document.getElementById('eJalon').value);}
else if(editT==='rr'){const item=D.risquesResiduels.find(x=>x.id===editI);const j=sanitizeStr(document.getElementById('eRRJust').value,500);if(hasInjection(j))return alert('Justification invalide');item.gRes=sanitizeNum(document.getElementById('eRRG').value);item.vRes=sanitizeNum(document.getElementById('eRRV').value);item.jalon=sanitizeNum(document.getElementById('eRRJ').value);item.justification=j;}
closeEdit();save();render();}
function closeEdit(){document.getElementById('editModal').classList.remove('active');editT=editI=null;}


// ============ WORD EXPORT ============
async function expWord(){
try{
if(typeof docx==='undefined'){alert('Erreur: librairie docx non chargée');return;}
const{Document,Packer,Paragraph,TextRun,Table,TableRow,TableCell,HeadingLevel,AlignmentType,BorderStyle,WidthType,ShadingType,PageBreak,VerticalAlign}=docx;

const risks=getRisks();
const rl=l=>l<=4?'Faible':l<=8?'Moyen':l<=12?'Élevé':'Critique';
const lc=l=>l<=4?'22C55E':l<=8?'EAB308':l<=12?'F97316':'DC2626';
const byLvl={f:risks.filter(r=>r.level<=4).length,m:risks.filter(r=>r.level>4&&r.level<=8).length,e:risks.filter(r=>r.level>8&&r.level<=12).length,c:risks.filter(r=>r.level>12).length};
const mStat={todo:D.measures.filter(m=>m.status==='todo').length,ongoing:D.measures.filter(m=>m.status==='ongoing').length,done:D.measures.filter(m=>m.status==='done').length};
const pctDone=D.measures.length?Math.round(mStat.done/D.measures.length*100):0;

const border={style:BorderStyle.SINGLE,size:1,color:'CCCCCC'};
const borders={top:border,bottom:border,left:border,right:border};
const noBorder={style:BorderStyle.NONE,size:0,color:'FFFFFF'};
const noBorders={top:noBorder,bottom:noBorder,left:noBorder,right:noBorder};

const hdrCell=(txt,w)=>new TableCell({borders,width:{size:w,type:WidthType.PERCENTAGE},shading:{fill:'1E40AF',type:ShadingType.CLEAR},margins:{top:60,bottom:60,left:80,right:80},children:[new Paragraph({children:[new TextRun({text:txt,bold:true,color:'FFFFFF',size:20})]})]});
const cell=(txt,w,opts={})=>new TableCell({borders:opts.noBorder?noBorders:borders,width:{size:w,type:WidthType.PERCENTAGE},shading:opts.fill?{fill:opts.fill,type:ShadingType.CLEAR}:undefined,margins:{top:40,bottom:40,left:60,right:60},verticalAlign:VerticalAlign.CENTER,children:[new Paragraph({alignment:opts.center?AlignmentType.CENTER:AlignmentType.LEFT,children:[new TextRun({text:String(txt||'-'),size:opts.size||20,bold:opts.bold,color:opts.color})]})]});

// Fonction pour créer une barre de progression
const progressBar=(pct,color,w)=>{
const filled=Math.round(pct/5);
const empty=20-filled;
return new TableCell({borders:noBorders,width:{size:w,type:WidthType.PERCENTAGE},children:[
new Paragraph({children:[
new TextRun({text:'█'.repeat(filled),color:color,size:18}),
new TextRun({text:'░'.repeat(empty),color:'E2E8F0',size:18})
]})
]});
};

const children=[];

// ==================== PAGE 1: TITRE + DASHBOARD ====================
children.push(new Paragraph({alignment:AlignmentType.CENTER,spacing:{after:100},children:[new TextRun({text:'EBIOS RM - Analyse des Risques',bold:true,size:52,color:'1E40AF'})]}));
children.push(new Paragraph({alignment:AlignmentType.CENTER,spacing:{after:100},children:[new TextRun({text:D.meta.studyName||'Analyse',bold:true,size:40,color:'7C3AED'})]}));
children.push(new Paragraph({alignment:AlignmentType.CENTER,spacing:{after:400},children:[new TextRun({text:`${D.meta.organization||'-'} | ${D.meta.date} | v${D.meta.version}`,size:24,color:'64748B'})]}));

// Dashboard - Indicateurs clés
children.push(new Paragraph({spacing:{before:200},children:[new TextRun({text:'TABLEAU DE BORD',bold:true,size:32,color:'1E40AF'})]}));
children.push(new Paragraph({spacing:{after:200},children:[new TextRun({text:'Vue synthétique de l\'analyse de risques',size:22,color:'64748B'})]}));

// Indicateurs en ligne
children.push(new Table({width:{size:100,type:WidthType.PERCENTAGE},rows:[
new TableRow({children:[
cell(D.bv.length,20,{center:true,bold:true,color:'3B82F6',size:48,fill:'EFF6FF'}),
cell(D.fe.length,20,{center:true,bold:true,color:'DC2626',size:48,fill:'FEF2F2'}),
cell(D.rs.filter(r=>r.retained).length,20,{center:true,bold:true,color:'7C3AED',size:48,fill:'F5F3FF'}),
cell(risks.length,20,{center:true,bold:true,color:'EA580C',size:48,fill:'FFF7ED'}),
cell(D.measures.length,20,{center:true,bold:true,color:'16A34A',size:48,fill:'F0FDF4'})
]}),
new TableRow({children:[
cell('Valeurs Métier',20,{center:true,size:18}),
cell('Événements',20,{center:true,size:18}),
cell('Sources',20,{center:true,size:18}),
cell('Risques',20,{center:true,size:18}),
cell('Mesures',20,{center:true,size:18})
]})
]}));

// Graphique Répartition des Risques
children.push(new Paragraph({spacing:{before:400},children:[new TextRun({text:'Répartition des Risques par Niveau',bold:true,size:26,color:'1E40AF'})]}));
const riskTotal=risks.length||1;
children.push(new Table({width:{size:100,type:WidthType.PERCENTAGE},rows:[
new TableRow({children:[cell('Critique (13-16)',25,{noBorder:true,color:'DC2626',bold:true}),progressBar(byLvl.c/riskTotal*100,'DC2626',60),cell(byLvl.c+' ('+Math.round(byLvl.c/riskTotal*100)+'%)',15,{noBorder:true,center:true,bold:true,color:'DC2626'})]}),
new TableRow({children:[cell('Élevé (9-12)',25,{noBorder:true,color:'F97316',bold:true}),progressBar(byLvl.e/riskTotal*100,'F97316',60),cell(byLvl.e+' ('+Math.round(byLvl.e/riskTotal*100)+'%)',15,{noBorder:true,center:true,bold:true,color:'F97316'})]}),
new TableRow({children:[cell('Moyen (5-8)',25,{noBorder:true,color:'EAB308',bold:true}),progressBar(byLvl.m/riskTotal*100,'EAB308',60),cell(byLvl.m+' ('+Math.round(byLvl.m/riskTotal*100)+'%)',15,{noBorder:true,center:true,bold:true,color:'EAB308'})]}),
new TableRow({children:[cell('Faible (1-4)',25,{noBorder:true,color:'22C55E',bold:true}),progressBar(byLvl.f/riskTotal*100,'22C55E',60),cell(byLvl.f+' ('+Math.round(byLvl.f/riskTotal*100)+'%)',15,{noBorder:true,center:true,bold:true,color:'22C55E'})]})
]}));

// Graphique Avancement PACS
children.push(new Paragraph({spacing:{before:300},children:[new TextRun({text:'Avancement du Plan de Traitement (PACS)',bold:true,size:26,color:'1E40AF'})]}));
const mTotal=D.measures.length||1;
children.push(new Table({width:{size:100,type:WidthType.PERCENTAGE},rows:[
new TableRow({children:[cell('Terminé',25,{noBorder:true,color:'22C55E',bold:true}),progressBar(mStat.done/mTotal*100,'22C55E',60),cell(mStat.done+' ('+Math.round(mStat.done/mTotal*100)+'%)',15,{noBorder:true,center:true,bold:true,color:'22C55E'})]}),
new TableRow({children:[cell('En cours',25,{noBorder:true,color:'EAB308',bold:true}),progressBar(mStat.ongoing/mTotal*100,'EAB308',60),cell(mStat.ongoing+' ('+Math.round(mStat.ongoing/mTotal*100)+'%)',15,{noBorder:true,center:true,bold:true,color:'EAB308'})]}),
new TableRow({children:[cell('À faire',25,{noBorder:true,color:'64748B',bold:true}),progressBar(mStat.todo/mTotal*100,'64748B',60),cell(mStat.todo+' ('+Math.round(mStat.todo/mTotal*100)+'%)',15,{noBorder:true,center:true,bold:true,color:'64748B'})]})
]}));
children.push(new Paragraph({spacing:{before:150},alignment:AlignmentType.CENTER,children:[new TextRun({text:'Taux de complétion global: '+pctDone+'%',bold:true,size:28,color:'16A34A'})]}));

// ==================== PAGE 2: ATELIER 1 ====================
children.push(new Paragraph({children:[new PageBreak()]}));
children.push(new Paragraph({shading:{fill:'3B82F6',type:ShadingType.CLEAR},spacing:{after:200},children:[new TextRun({text:'  ATELIER 1 - Cadrage et Socle de Sécurité',bold:true,size:32,color:'FFFFFF'})]}));

// Graphique répartition VM par type
const vmTypes={};D.bv.forEach(b=>{vmTypes[b.type]=(vmTypes[b.type]||0)+1;});
children.push(new Paragraph({spacing:{before:200},children:[new TextRun({text:'Répartition des Valeurs Métier par Type',bold:true,size:24,color:'3B82F6'})]}));
const vmRows=Object.entries(vmTypes).map(([type,count])=>new TableRow({children:[cell(type,40,{noBorder:true}),progressBar(count/D.bv.length*100,'3B82F6',45),cell(count,15,{noBorder:true,center:true,bold:true,color:'3B82F6'})]}));
if(vmRows.length)children.push(new Table({width:{size:100,type:WidthType.PERCENTAGE},rows:vmRows}));

// Tableau VM
children.push(new Paragraph({spacing:{before:300},children:[new TextRun({text:'1.1 Valeurs Métier',bold:true,size:26,color:'1E40AF'})]}));
children.push(new Table({width:{size:100,type:WidthType.PERCENTAGE},rows:[
new TableRow({children:[hdrCell('ID',8),hdrCell('Dénomination',30),hdrCell('Type',12),hdrCell('Biens Support',25),hdrCell('Resp.',12),hdrCell('Desc.',13)]}),
...D.bv.map((b,i)=>new TableRow({children:[cell('VM'+(i+1),8,{bold:true,color:'3B82F6'}),cell(b.name,30),cell(b.type,12),cell(b.support||'-',25),cell(b.owner||'-',12),cell(b.desc?'Oui':'Non',13,{center:true,color:b.desc?'16A34A':'94A3B8'})]}))
]}));

// Détail des descriptions VM si elles existent
const vmWithDesc=D.bv.filter(b=>b.desc);
if(vmWithDesc.length){
children.push(new Paragraph({spacing:{before:200},children:[new TextRun({text:'Descriptions des Valeurs Métier:',bold:true,size:22,color:'3B82F6'})]}));
vmWithDesc.forEach((b,i)=>{
const idx=D.bv.findIndex(x=>x.id===b.id)+1;
children.push(new Paragraph({spacing:{before:80},children:[new TextRun({text:'VM'+idx+' - '+b.name+': ',bold:true,size:20}),new TextRun({text:b.desc,size:20,color:'475569'})]}));
});
}

// Graphique répartition ER par gravité
const erByG={1:0,2:0,3:0,4:0};D.fe.forEach(f=>{erByG[f.g]=(erByG[f.g]||0)+1;});
children.push(new Paragraph({spacing:{before:300},children:[new TextRun({text:'Répartition des Événements Redoutés par Gravité',bold:true,size:24,color:'DC2626'})]}));
children.push(new Table({width:{size:100,type:WidthType.PERCENTAGE},rows:[
new TableRow({children:[cell('G4 - Critique',30,{noBorder:true,color:'DC2626',bold:true}),progressBar(erByG[4]/D.fe.length*100,'DC2626',50),cell(erByG[4],20,{noBorder:true,center:true,bold:true,color:'DC2626'})]}),
new TableRow({children:[cell('G3 - Grave',30,{noBorder:true,color:'F97316',bold:true}),progressBar(erByG[3]/D.fe.length*100,'F97316',50),cell(erByG[3],20,{noBorder:true,center:true,bold:true,color:'F97316'})]}),
new TableRow({children:[cell('G2 - Significatif',30,{noBorder:true,color:'EAB308',bold:true}),progressBar(erByG[2]/D.fe.length*100,'EAB308',50),cell(erByG[2],20,{noBorder:true,center:true,bold:true,color:'EAB308'})]}),
new TableRow({children:[cell('G1 - Mineur',30,{noBorder:true,color:'22C55E',bold:true}),progressBar(erByG[1]/D.fe.length*100,'22C55E',50),cell(erByG[1],20,{noBorder:true,center:true,bold:true,color:'22C55E'})]})
]}));

// Tableau ER
children.push(new Paragraph({spacing:{before:300},children:[new TextRun({text:'1.2 Événements Redoutés',bold:true,size:26,color:'1E40AF'})]}));
children.push(new Table({width:{size:100,type:WidthType.PERCENTAGE},rows:[
new TableRow({children:[hdrCell('ID',8),hdrCell('Valeur Métier',22),hdrCell('Description',58),hdrCell('G',12)]}),
...D.fe.map((f,i)=>{const bvi=D.bv.findIndex(b=>b.id===f.bv);const gc=BDC.gravites[parseInt(f.g)-1]?.c?.replace('#','')||'666666';return new TableRow({children:[cell('ER'+(i+1),8,{bold:true,color:'DC2626'}),cell('VM'+(bvi+1),22),cell(f.desc,58),cell('G'+f.g,12,{center:true,bold:true,color:gc})]});})
]}));

// ==================== PAGE 3: ATELIER 2 ====================
children.push(new Paragraph({children:[new PageBreak()]}));
children.push(new Paragraph({shading:{fill:'7C3AED',type:ShadingType.CLEAR},spacing:{after:200},children:[new TextRun({text:'  ATELIER 2 - Sources de Risque & Objectifs Visés',bold:true,size:32,color:'FFFFFF'})]}));

// Liste des Sources de Risque
const allSources=[...BDC.sources,...(D.customSources||[])];
children.push(new Paragraph({spacing:{before:200},children:[new TextRun({text:'2.1 Sources de Risque ('+allSources.length+')',bold:true,size:26,color:'1E40AF'})]}));
children.push(new Table({width:{size:100,type:WidthType.PERCENTAGE},rows:[
new TableRow({children:[hdrCell('ID',15),hdrCell('Source de Risque',70),hdrCell('Type',15)]}),
...allSources.map((s,i)=>new TableRow({children:[cell('SR'+(i+1),15,{bold:true,color:'DC2626'}),cell(s,70),cell((D.customSources||[]).includes(s)?'Personnalisé':'Prédéfini',15,{center:true,color:(D.customSources||[]).includes(s)?'7C3AED':'64748B'})]}))
]}));

// Liste des Objectifs Visés
const allObjectifs=[...BDC.objectifs,...(D.objectifsVises||[])];
children.push(new Paragraph({spacing:{before:300},children:[new TextRun({text:'2.2 Objectifs Visés ('+allObjectifs.length+')',bold:true,size:26,color:'1E40AF'})]}));
children.push(new Table({width:{size:100,type:WidthType.PERCENTAGE},rows:[
new TableRow({children:[hdrCell('ID',15),hdrCell('Objectif Visé',70),hdrCell('Type',15)]}),
...allObjectifs.map((o,i)=>new TableRow({children:[cell('OV'+(i+1),15,{bold:true,color:'7C3AED'}),cell(o,70),cell((D.objectifsVises||[]).includes(o)?'Personnalisé':'Prédéfini',15,{center:true,color:(D.objectifsVises||[]).includes(o)?'7C3AED':'64748B'})]}))
]}));

// Graphique Couples retenus vs non retenus
const srRetained=D.rs.filter(r=>r.retained).length;
const srNotRetained=D.rs.length-srRetained;
children.push(new Paragraph({spacing:{before:300},children:[new TextRun({text:'2.3 Couples SR/OV - Analyse de Pertinence',bold:true,size:26,color:'1E40AF'})]}));
if(D.rs.length){
children.push(new Table({width:{size:100,type:WidthType.PERCENTAGE},rows:[
new TableRow({children:[cell('Retenus',30,{noBorder:true,color:'16A34A',bold:true}),progressBar(srRetained/D.rs.length*100,'16A34A',50),cell(srRetained+' / '+D.rs.length,20,{noBorder:true,center:true,bold:true,color:'16A34A'})]}),
new TableRow({children:[cell('Non retenus',30,{noBorder:true,color:'94A3B8',bold:true}),progressBar(srNotRetained/D.rs.length*100,'94A3B8',50),cell(srNotRetained+' / '+D.rs.length,20,{noBorder:true,center:true,bold:true,color:'94A3B8'})]})
]}));
}

// Tableau des Couples SR/OV
const PERT={'4-1':'Moyen','4-2':'Élevé','4-3':'Élevé','4-4':'Élevé','3-1':'Moyen','3-2':'Élevé','3-3':'Élevé','3-4':'Élevé','2-1':'Faible','2-2':'Moyen','2-3':'Élevé','2-4':'Élevé','1-1':'Faible','1-2':'Faible','1-3':'Moyen','1-4':'Moyen'};
children.push(new Paragraph({spacing:{before:200},children:[new TextRun({text:'Récapitulatif des Couples SR/OV:',bold:true,size:22,color:'EA580C'})]}));
if(D.rs.length){
children.push(new Table({width:{size:100,type:WidthType.PERCENTAGE},rows:[
new TableRow({children:[hdrCell('Couple',8),hdrCell('Source de Risque',20),hdrCell('Objectifs Visés',34),hdrCell('M',7),hdrCell('R',7),hdrCell('Pert.',12),hdrCell('Retenu',12)]}),
...D.rs.map((r,i)=>{const p=PERT[r.mot+'-'+r.res]||'?';const pc=p==='Élevé'?'DC2626':p==='Moyen'?'EAB308':'22C55E';return new TableRow({children:[cell('C'+(i+1),8,{bold:true,color:'EA580C'}),cell(r.type,20),cell((r.objs||[]).join(', '),34),cell(r.mot,7,{center:true}),cell(r.res,7,{center:true}),cell(p,12,{center:true,color:pc,bold:true}),cell(r.retained?'✓':'-',12,{center:true,color:r.retained?'16A34A':'94A3B8'})]});})
]}));
}else{
children.push(new Paragraph({children:[new TextRun({text:'Aucun couple SR/OV défini',italics:true,color:'64748B'})]}));
}

// Parties Prenantes avec radar simplifié
if(D.pp.length){
children.push(new Paragraph({spacing:{before:300},children:[new TextRun({text:'2.4 Parties Prenantes - Évaluation des Menaces',bold:true,size:26,color:'1E40AF'})]}));

// Graphique zones PP
const ppZones={danger:0,controle:0,veille:0};
D.pp.forEach(p=>{const t=((p.d*p.p)/(p.m*p.c));if(t>=2)ppZones.danger++;else if(t>=1)ppZones.controle++;else ppZones.veille++;});
children.push(new Table({width:{size:100,type:WidthType.PERCENTAGE},rows:[
new TableRow({children:[cell('Zone Danger',30,{noBorder:true,color:'DC2626',bold:true}),progressBar(ppZones.danger/D.pp.length*100,'DC2626',50),cell(ppZones.danger,20,{noBorder:true,center:true,bold:true,color:'DC2626'})]}),
new TableRow({children:[cell('Zone Contrôle',30,{noBorder:true,color:'EAB308',bold:true}),progressBar(ppZones.controle/D.pp.length*100,'EAB308',50),cell(ppZones.controle,20,{noBorder:true,center:true,bold:true,color:'EAB308'})]}),
new TableRow({children:[cell('Zone Veille',30,{noBorder:true,color:'22C55E',bold:true}),progressBar(ppZones.veille/D.pp.length*100,'22C55E',50),cell(ppZones.veille,20,{noBorder:true,center:true,bold:true,color:'22C55E'})]})
]}));

// Tableau PP
children.push(new Table({width:{size:100,type:WidthType.PERCENTAGE},rows:[
new TableRow({children:[hdrCell('PP',6),hdrCell('Nom',24),hdrCell('Cat.',16),hdrCell('D',6),hdrCell('P',6),hdrCell('M',6),hdrCell('C',6),hdrCell('Menace',15),hdrCell('Zone',15)]}),
...D.pp.map((p,i)=>{const t=((p.d*p.p)/(p.m*p.c)).toFixed(2);const z=t<1?{n:'Veille',c:'22C55E'}:t<2?{n:'Contrôle',c:'EAB308'}:{n:'Danger',c:'DC2626'};return new TableRow({children:[cell('PP'+(i+1),6,{bold:true,color:'7C3AED'}),cell(p.name,24),cell(p.cat,16),cell(p.d,6,{center:true}),cell(p.p,6,{center:true}),cell(p.m,6,{center:true}),cell(p.c,6,{center:true}),cell(t,15,{center:true,bold:true}),cell(z.n,15,{center:true,bold:true,color:z.c})]});})
]}));
}

// ==================== PAGE 4: ATELIER 3 ====================
children.push(new Paragraph({children:[new PageBreak()]}));
children.push(new Paragraph({shading:{fill:'7C3AED',type:ShadingType.CLEAR},spacing:{after:200},children:[new TextRun({text:'  ATELIER 3 - Scénarios Stratégiques',bold:true,size:32,color:'FFFFFF'})]}));

// Graphique SS par gravité
const ssByG={1:0,2:0,3:0,4:0};D.ss.forEach(s=>{ssByG[s.g]=(ssByG[s.g]||0)+1;});
children.push(new Paragraph({spacing:{before:200},children:[new TextRun({text:'Répartition des Scénarios Stratégiques par Gravité',bold:true,size:24,color:'7C3AED'})]}));
if(D.ss.length){
children.push(new Table({width:{size:100,type:WidthType.PERCENTAGE},rows:[
new TableRow({children:[cell('G4 - Critique',30,{noBorder:true,color:'DC2626',bold:true}),progressBar(ssByG[4]/D.ss.length*100,'DC2626',50),cell(ssByG[4],20,{noBorder:true,center:true,bold:true,color:'DC2626'})]}),
new TableRow({children:[cell('G3 - Grave',30,{noBorder:true,color:'F97316',bold:true}),progressBar(ssByG[3]/D.ss.length*100,'F97316',50),cell(ssByG[3],20,{noBorder:true,center:true,bold:true,color:'F97316'})]}),
new TableRow({children:[cell('G2 - Significatif',30,{noBorder:true,color:'EAB308',bold:true}),progressBar(ssByG[2]/D.ss.length*100,'EAB308',50),cell(ssByG[2],20,{noBorder:true,center:true,bold:true,color:'EAB308'})]}),
new TableRow({children:[cell('G1 - Mineur',30,{noBorder:true,color:'22C55E',bold:true}),progressBar(ssByG[1]/D.ss.length*100,'22C55E',50),cell(ssByG[1],20,{noBorder:true,center:true,bold:true,color:'22C55E'})]})
]}));
}

// Tableau SS
children.push(new Paragraph({spacing:{before:300},children:[new TextRun({text:'3.1 Scénarios Stratégiques',bold:true,size:26,color:'1E40AF'})]}));
if(D.ss.length){
children.push(new Table({width:{size:100,type:WidthType.PERCENTAGE},rows:[
new TableRow({children:[hdrCell('ID',7),hdrCell('SR',10),hdrCell('PP',10),hdrCell('ER',12),hdrCell('G',8),hdrCell('Description',53)]}),
...D.ss.map((s,i)=>{
const srList=(s.srIds||[s.rs]).map(sid=>{const r=D.rs.find(x=>x.id===sid);return r?'SR'+(D.rs.indexOf(r)+1):null;}).filter(Boolean).join(', ');
const ppList=(s.ppIds||[s.pp]).filter(Boolean).map(pid=>{const p=D.pp.find(x=>x.id===pid);return p?'PP'+(D.pp.indexOf(p)+1):null;}).filter(Boolean).join(', ');
const erList=(s.erIds||[s.fe]).map(eid=>{const f=D.fe.find(x=>x.id===eid);return f?'ER'+(D.fe.indexOf(f)+1):null;}).filter(Boolean).join(', ');
const gc=BDC.gravites[parseInt(s.g)-1]?.c?.replace('#','')||'666666';
return new TableRow({children:[cell('SS'+(i+1),7,{bold:true,color:'7C3AED'}),cell(srList||'-',10),cell(ppList||'-',10),cell(erList||'-',12),cell('G'+s.g,8,{center:true,bold:true,color:gc}),cell(s.desc||'-',53)]});
})
]}));
}else{children.push(new Paragraph({children:[new TextRun({text:'Aucun scénario stratégique défini',italics:true,color:'64748B'})]}));}

// ==================== PAGE 5: ATELIER 4 ====================
children.push(new Paragraph({children:[new PageBreak()]}));
children.push(new Paragraph({shading:{fill:'EA580C',type:ShadingType.CLEAR},spacing:{after:200},children:[new TextRun({text:'  ATELIER 4 - Scénarios Opérationnels',bold:true,size:32,color:'FFFFFF'})]}));

// Graphique SO par vraisemblance
const soByV={1:0,2:0,3:0,4:0};D.os.forEach(o=>{soByV[o.v]=(soByV[o.v]||0)+1;});
children.push(new Paragraph({spacing:{before:200},children:[new TextRun({text:'Répartition des Scénarios Opérationnels par Vraisemblance',bold:true,size:24,color:'EA580C'})]}));
if(D.os.length){
children.push(new Table({width:{size:100,type:WidthType.PERCENTAGE},rows:[
new TableRow({children:[cell('V4 - Quasi-certain',30,{noBorder:true,color:'DC2626',bold:true}),progressBar(soByV[4]/D.os.length*100,'DC2626',50),cell(soByV[4],20,{noBorder:true,center:true,bold:true,color:'DC2626'})]}),
new TableRow({children:[cell('V3 - Très probable',30,{noBorder:true,color:'F97316',bold:true}),progressBar(soByV[3]/D.os.length*100,'F97316',50),cell(soByV[3],20,{noBorder:true,center:true,bold:true,color:'F97316'})]}),
new TableRow({children:[cell('V2 - Probable',30,{noBorder:true,color:'EAB308',bold:true}),progressBar(soByV[2]/D.os.length*100,'EAB308',50),cell(soByV[2],20,{noBorder:true,center:true,bold:true,color:'EAB308'})]}),
new TableRow({children:[cell('V1 - Peu probable',30,{noBorder:true,color:'22C55E',bold:true}),progressBar(soByV[1]/D.os.length*100,'22C55E',50),cell(soByV[1],20,{noBorder:true,center:true,bold:true,color:'22C55E'})]})
]}));
}

// Tableau SO
children.push(new Paragraph({spacing:{before:300},children:[new TextRun({text:'4.1 Scénarios Opérationnels',bold:true,size:26,color:'1E40AF'})]}));
if(D.os.length){
children.push(new Table({width:{size:100,type:WidthType.PERCENTAGE},rows:[
new TableRow({children:[hdrCell('ID',7),hdrCell('SS',8),hdrCell('V',8),hdrCell('Description',42),hdrCell('Actions MITRE ATT&CK',35)]}),
...D.os.map((o,i)=>{const ss=D.ss.find(s=>s.id===o.ss);const ssi=ss?D.ss.indexOf(ss)+1:'?';const vc=BDC.vrais[parseInt(o.v)-1]?.c?.replace('#','')||'666666';return new TableRow({children:[cell('SO'+(i+1),7,{bold:true,color:'EA580C'}),cell('SS'+ssi,8),cell('V'+o.v,8,{center:true,bold:true,color:vc}),cell(o.desc||'-',42),cell(o.actions?.map(a=>a.technique).join(', ')||'-',35)]});})
]}));
}else{children.push(new Paragraph({children:[new TextRun({text:'Aucun scénario opérationnel défini',italics:true,color:'64748B'})]}));}

// ==================== PAGE 6: ATELIER 5 ====================
children.push(new Paragraph({children:[new PageBreak()]}));
children.push(new Paragraph({shading:{fill:'16A34A',type:ShadingType.CLEAR},spacing:{after:200},children:[new TextRun({text:'  ATELIER 5 - Traitement du Risque',bold:true,size:32,color:'FFFFFF'})]}));

// Cartographie des Risques
children.push(new Paragraph({spacing:{before:200},children:[new TextRun({text:'5.1 Cartographie des Risques',bold:true,size:26,color:'1E40AF'})]}));
const matrixRows=[new TableRow({children:[cell('G \\ V',12,{center:true,bold:true,fill:'F1F5F9'}),cell('V1',22,{center:true,bold:true,color:'22C55E',fill:'F1F5F9'}),cell('V2',22,{center:true,bold:true,color:'EAB308',fill:'F1F5F9'}),cell('V3',22,{center:true,bold:true,color:'F97316',fill:'F1F5F9'}),cell('V4',22,{center:true,bold:true,color:'DC2626',fill:'F1F5F9'})]})];
for(let g=4;g>=1;g--){
const gc=g===1?'22C55E':g===2?'EAB308':g===3?'F97316':'DC2626';
const rowCells=[cell('G'+g,12,{center:true,bold:true,color:gc,fill:'F1F5F9'})];
for(let v=1;v<=4;v++){
const lvl=g*v;const bg=lvl<=4?'DCFCE7':lvl<=8?'FEF9C3':lvl<=12?'FFEDD5':'FEE2E2';
const cr=risks.filter(r=>r.g===g&&r.v===v).map(r=>'R'+r.i).join(' ');
rowCells.push(cell(cr||'',22,{center:true,bold:true,fill:bg}));
}
matrixRows.push(new TableRow({children:rowCells}));
}
children.push(new Table({width:{size:100,type:WidthType.PERCENTAGE},rows:matrixRows}));

// Synthèse des Risques
children.push(new Paragraph({spacing:{before:300},children:[new TextRun({text:'5.2 Synthèse des Risques',bold:true,size:26,color:'1E40AF'})]}));
children.push(new Table({width:{size:100,type:WidthType.PERCENTAGE},rows:[
new TableRow({children:[hdrCell('Réf',10),hdrCell('Description',50),hdrCell('G',10),hdrCell('V',10),hdrCell('Niveau',20)]}),
...risks.map(r=>{const lvlColor=lc(r.level);return new TableRow({children:[cell('R'+r.i,10,{bold:true,color:'EA580C'}),cell(r.name,50),cell('G'+r.g,10,{center:true,bold:true}),cell('V'+r.v,10,{center:true,bold:true}),cell(r.level+' - '+rl(r.level),20,{center:true,bold:true,color:lvlColor})]});})
]}));

// Plan de Traitement PACS
children.push(new Paragraph({spacing:{before:300},children:[new TextRun({text:'5.3 Plan de Traitement (PACS)',bold:true,size:26,color:'1E40AF'})]}));
children.push(new Paragraph({spacing:{after:150},children:[
new TextRun({text:'J1 ',bold:true,size:22,color:'DC2626'}),new TextRun({text:'(0-3 mois)   ',size:20}),
new TextRun({text:'J2 ',bold:true,size:22,color:'EA580C'}),new TextRun({text:'(3-6 mois)   ',size:20}),
new TextRun({text:'J3 ',bold:true,size:22,color:'CA8A04'}),new TextRun({text:'(6-12 mois)   ',size:20}),
new TextRun({text:'J4 ',bold:true,size:22,color:'16A34A'}),new TextRun({text:'(12+ mois)',size:20})
]}));
children.push(new Table({width:{size:100,type:WidthType.PERCENTAGE},rows:[
new TableRow({children:[hdrCell('Mesure',36),hdrCell('Risques',12),hdrCell('Cat.',12),hdrCell('Resp.',16),hdrCell('Jalon',12),hdrCell('Statut',12)]}),
...D.measures.map(m=>{
const riskIds=m.riskIds||[m.risk].filter(Boolean);
const riskLabels=riskIds.map(rid=>{const r=risks.find(x=>x.id===rid);return r?'R'+r.i:null;}).filter(Boolean).join(', ');
const jc=m.jalon===1?'DC2626':m.jalon===2?'EA580C':m.jalon===3?'CA8A04':'16A34A';
const sc=m.status==='done'?{t:'Fait',c:'16A34A'}:m.status==='ongoing'?{t:'En cours',c:'EAB308'}:{t:'À faire',c:'64748B'};
return new TableRow({children:[cell(m.measure,36),cell(riskLabels||'-',12),cell(m.cat,12),cell(m.resp||'-',16),cell('J'+(m.jalon||1),12,{center:true,bold:true,color:jc}),cell(sc.t,12,{center:true,bold:true,color:sc.c})]});
})
]}));

// 5.4 Risques Résiduels
if(D.risquesResiduels && D.risquesResiduels.length){
children.push(new Paragraph({spacing:{before:400},children:[new TextRun({text:'5.4 Évaluation des Risques Résiduels',bold:true,size:26,color:'1E40AF'})]}));

// Graphique évolution
const improved=D.risquesResiduels.filter(rr=>{const r=risks.find(x=>x.id===rr.riskId);return r&&(r.level>(rr.gRes*rr.vRes));}).length;
const unchanged=D.risquesResiduels.filter(rr=>{const r=risks.find(x=>x.id===rr.riskId);return r&&(r.level===(rr.gRes*rr.vRes));}).length;
const degraded=D.risquesResiduels.filter(rr=>{const r=risks.find(x=>x.id===rr.riskId);return r&&(r.level<(rr.gRes*rr.vRes));}).length;
const rrTotal=D.risquesResiduels.length||1;
children.push(new Table({width:{size:100,type:WidthType.PERCENTAGE},rows:[
new TableRow({children:[cell('Améliorés (↓)',30,{noBorder:true,color:'22C55E',bold:true}),progressBar(improved/rrTotal*100,'22C55E',50),cell(improved+' / '+D.risquesResiduels.length,20,{noBorder:true,center:true,bold:true,color:'22C55E'})]}),
new TableRow({children:[cell('Inchangés (=)',30,{noBorder:true,color:'EAB308',bold:true}),progressBar(unchanged/rrTotal*100,'EAB308',50),cell(unchanged+' / '+D.risquesResiduels.length,20,{noBorder:true,center:true,bold:true,color:'EAB308'})]}),
new TableRow({children:[cell('Dégradés (↑)',30,{noBorder:true,color:'DC2626',bold:true}),progressBar(degraded/rrTotal*100,'DC2626',50),cell(degraded+' / '+D.risquesResiduels.length,20,{noBorder:true,center:true,bold:true,color:'DC2626'})]})
]}));

// Tableau des risques résiduels
children.push(new Paragraph({spacing:{before:200},children:[new TextRun({text:'Détail des évaluations résiduelles:',bold:true,size:22,color:'7C3AED'})]}));
children.push(new Table({width:{size:100,type:WidthType.PERCENTAGE},rows:[
new TableRow({children:[hdrCell('Risque',25),hdrCell('Initial',15),hdrCell('Résiduel',15),hdrCell('Évol.',10),hdrCell('Jalon',10),hdrCell('Justification',25)]}),
...D.risquesResiduels.map(rr=>{
const r=risks.find(x=>x.id===rr.riskId);
if(!r)return null;
const lvlI=r.level;const lvlR=rr.gRes*rr.vRes;
const diff=lvlI-lvlR;
const diffTxt=diff>0?'↓ -'+diff:diff<0?'↑ +'+Math.abs(diff):'=';
const diffC=diff>0?'22C55E':diff<0?'DC2626':'64748B';
const lvlIC=lvlI<=4?'22C55E':lvlI<=8?'EAB308':lvlI<=12?'F97316':'DC2626';
const lvlRC=lvlR<=4?'22C55E':lvlR<=8?'EAB308':lvlR<=12?'F97316':'DC2626';
const jc=rr.jalon===1?'DC2626':rr.jalon===2?'EA580C':rr.jalon===3?'CA8A04':'16A34A';
return new TableRow({children:[
cell('R'+r.i+': '+r.name.substring(0,20)+'...',25,{bold:true,color:'EA580C'}),
cell('G'+r.g+'×V'+r.v+'='+lvlI,15,{center:true,color:lvlIC,bold:true}),
cell('G'+rr.gRes+'×V'+rr.vRes+'='+lvlR,15,{center:true,color:lvlRC,bold:true}),
cell(diffTxt,10,{center:true,color:diffC,bold:true}),
cell('J'+rr.jalon,10,{center:true,bold:true,color:jc}),
cell(rr.justification||'-',25)
]});
}).filter(Boolean)
]}));

// Comparaison cartographies
children.push(new Paragraph({spacing:{before:300},children:[new TextRun({text:'Comparaison des Cartographies (Avant / Après)',bold:true,size:24,color:'1E40AF'})]}));

// Matrice initiale
children.push(new Paragraph({spacing:{before:150},children:[new TextRun({text:'Cartographie Initiale:',bold:true,size:20,color:'DC2626'})]}));
const matrixRowsI=[new TableRow({children:[cell('G \\ V',12,{center:true,bold:true,fill:'F1F5F9'}),cell('V1',22,{center:true,bold:true,color:'22C55E',fill:'F1F5F9'}),cell('V2',22,{center:true,bold:true,color:'EAB308',fill:'F1F5F9'}),cell('V3',22,{center:true,bold:true,color:'F97316',fill:'F1F5F9'}),cell('V4',22,{center:true,bold:true,color:'DC2626',fill:'F1F5F9'})]})];
for(let g=4;g>=1;g--){
const gc=g===1?'22C55E':g===2?'EAB308':g===3?'F97316':'DC2626';
const rowCells=[cell('G'+g,12,{center:true,bold:true,color:gc,fill:'F1F5F9'})];
for(let v=1;v<=4;v++){
const lvl=g*v;const bg=lvl<=4?'DCFCE7':lvl<=8?'FEF9C3':lvl<=12?'FFEDD5':'FEE2E2';
const cr=risks.filter(r=>r.g===g&&r.v===v).map(r=>'R'+r.i).join(' ');
rowCells.push(cell(cr||'',22,{center:true,bold:true,fill:bg}));
}
matrixRowsI.push(new TableRow({children:rowCells}));
}
children.push(new Table({width:{size:100,type:WidthType.PERCENTAGE},rows:matrixRowsI}));

// Matrice résiduelle
children.push(new Paragraph({spacing:{before:200},children:[new TextRun({text:'Cartographie Résiduelle:',bold:true,size:20,color:'22C55E'})]}));
const risksRes=risks.map(r=>{const rr=D.risquesResiduels.find(x=>x.riskId===r.id);return rr?{...r,g:rr.gRes,v:rr.vRes,level:rr.gRes*rr.vRes}:r;});
const matrixRowsR=[new TableRow({children:[cell('G \\ V',12,{center:true,bold:true,fill:'F1F5F9'}),cell('V1',22,{center:true,bold:true,color:'22C55E',fill:'F1F5F9'}),cell('V2',22,{center:true,bold:true,color:'EAB308',fill:'F1F5F9'}),cell('V3',22,{center:true,bold:true,color:'F97316',fill:'F1F5F9'}),cell('V4',22,{center:true,bold:true,color:'DC2626',fill:'F1F5F9'})]})];
for(let g=4;g>=1;g--){
const gc=g===1?'22C55E':g===2?'EAB308':g===3?'F97316':'DC2626';
const rowCells=[cell('G'+g,12,{center:true,bold:true,color:gc,fill:'F1F5F9'})];
for(let v=1;v<=4;v++){
const lvl=g*v;const bg=lvl<=4?'DCFCE7':lvl<=8?'FEF9C3':lvl<=12?'FFEDD5':'FEE2E2';
const cr=risksRes.filter(r=>r.g===g&&r.v===v).map(r=>'R'+r.i).join(' ');
rowCells.push(cell(cr||'',22,{center:true,bold:true,fill:bg}));
}
matrixRowsR.push(new TableRow({children:rowCells}));
}
children.push(new Table({width:{size:100,type:WidthType.PERCENTAGE},rows:matrixRowsR}));
}

// Footer
children.push(new Paragraph({spacing:{before:400},alignment:AlignmentType.CENTER,children:[new TextRun({text:'EBIOS RM Pro v5 | Généré le '+new Date().toLocaleDateString('fr-FR')+' à '+new Date().toLocaleTimeString('fr-FR')+' | Méthodologie ANSSI',size:18,color:'94A3B8'})]}));

const doc=new Document({
styles:{default:{document:{run:{font:'Arial',size:22}}}},
sections:[{properties:{page:{size:{width:11906,height:16838},margin:{top:720,right:720,bottom:720,left:720}}},children}]
});

Packer.toBlob(doc).then(blob=>{saveAs(blob,'EBIOS_RM_'+(D.meta.studyName||'Rapport').replace(/[^a-zA-Z0-9]/g,'_')+'_'+D.meta.date+'.docx');});
}catch(e){alert('Erreur export Word: '+e.message);console.error(e);}
}

// ============ INIT ============
checkSaved();
document.querySelector('[data-w="1"]').classList.add('active');
</script>
</body>
</html>