def test_weakness_analysis(self):
importComponentViewFile(os.environ['CAIRIS_SRC'] + '/test/ContextPolicyManagement.xml','test')
url = '/api/architectural_patterns/name/Context%20Policy%20Management/environment/Complete/weakness_analysis?session_id=test'
method = 'test_weakness_analysis'
self.logger.info('[%s] URL: %s', method, url)
rv = self.app.get(url, content_type='application/json')
walm = jsonpickle.decode(rv.data.decode('utf-8'))
self.logger.debug('[%s] Response data: %s', method, walm)
self.assertIsNotNone(walm, 'No results after deserialization')
def setUpClass(cls):
importModelFile(os.environ['CAIRIS_SRC'] + '/test/webinos.xml', 1,
'test')
importComponentViewFile(
os.environ['CAIRIS_SRC'] + '/test/ContextPolicyManagement.xml',
'test')
importSecurityPatternsFile(
os.environ['CAIRIS_SRC'] + '/test/test_security_patterns.xml',
'test')
def test_get_by_name(self):
importComponentViewFile(os.environ['CAIRIS_SRC'] + '/test/ContextPolicyManagement.xml','test')
url = '/api/architectural_patterns/name/Context%20Policy%20Management?session_id=test'
method = 'test_get_by_name'
rv = self.app.get(url)
self.assertIsNotNone(rv.data, 'No response')
self.logger.debug('[%s] Response data: %s', method, rv.data)
ap = jsonpickle.decode(rv.data)
self.assertIsInstance(ap, dict, 'Response is not a valid JSON object')
self.assertEqual(ap['theName'],'Context Policy Management')
def test_get_by_name(self):
importComponentViewFile(os.environ['CAIRIS_SRC'] + '/test/ContextPolicyManagement.xml','test')
url = '/api/architectural_patterns/name/Context%20Policy%20Management?session_id=test'
method = 'test_get_by_name'
rv = self.app.get(url)
self.assertIsNotNone(rv.data, 'No response')
self.logger.debug('[%s] Response data: %s', method, rv.data)
ap = jsonpickle.decode(rv.data.decode('utf-8'))
self.assertIsInstance(ap, dict, 'Response is not a valid JSON object')
self.assertEqual(ap['theName'],'Context Policy Management')
def setUpClass(cls): cairis.core.BorgFactory.initialise() importModelFile(os.environ['CAIRIS_SRC'] + '/test/webinos.xml',1) importTVTypeFile(os.environ['CAIRIS_SRC'] + '/test/OWASPTypes.xml',0) importTVTypeFile(os.environ['CAIRIS_SRC'] + '/../examples/threat_vulnerability_types/cwecapec_tv_types.xml',0) importDirectoryFile(os.environ['CAIRIS_SRC'] + '/../examples/directories/owasp_directory.xml',0) importDirectoryFile(os.environ['CAIRIS_SRC'] + '/../examples/directories/cwecapec_directory.xml',0) importDirectoryFile(os.environ['CAIRIS_SRC'] + '/test/D28TV.xml',0) importComponentViewFile(os.environ['CAIRIS_SRC'] + '/test/ContextPolicyManagement.xml',0) importAttackPattern(os.environ['CAIRIS_SRC'] + '/test/XACMLAttackPattern.xml',0) importModelFile(os.environ['CAIRIS_SRC'] + '/test/persona_synopses.xml',0)
def test_delete(self):
importComponentViewFile(os.environ['CAIRIS_SRC'] + '/test/ContextPolicyManagement.xml','test')
url = '/api/architectural_patterns/name/Context%20Policy%20Management?session_id=test'
method = 'test_delete'
rv = self.app.delete(url)
self.assertIsNotNone(rv.data, 'No response')
json_resp = jsonpickle.decode(rv.data)
self.assertIsInstance(json_resp, dict, 'The response cannot be converted to a dictionary')
message = json_resp.get('message', None)
self.assertIsNotNone(message, 'No message in response')
self.logger.info('[%s] Message: %s\n', method, message)
def test_delete(self):
importComponentViewFile(os.environ['CAIRIS_SRC'] + '/test/ContextPolicyManagement.xml','test')
url = '/api/architectural_patterns/name/Context%20Policy%20Management?session_id=test'
method = 'test_delete'
rv = self.app.delete(url)
self.assertIsNotNone(rv.data, 'No response')
json_resp = jsonpickle.decode(rv.data.decode('utf-8'))
self.assertIsInstance(json_resp, dict, 'The response cannot be converted to a dictionary')
message = json_resp.get('message', None)
self.assertIsNotNone(message, 'No message in response')
self.logger.info('[%s] Message: %s\n', method, message)
def test_get(self):
importComponentViewFile(os.environ['CAIRIS_SRC'] + '/test/ContextPolicyManagement.xml','test')
method = 'test_get'
url = '/api/architectural_patterns?session_id=test'
self.logger.info('[%s] URL: %s', method, url)
rv = self.app.get(url)
self.assertIsNotNone(rv.data, 'No response')
self.logger.debug('[%s] Response data: %s', method, rv.data)
aps = jsonpickle.decode(rv.data.decode('utf-8'))
ap = aps[0]
self.assertIsInstance(ap, dict, 'Response is not a valid JSON object')
self.assertEqual(ap['theName'],'Context Policy Management')
def test_situate_component_view(self):
importComponentViewFile(os.environ['CAIRIS_SRC'] + '/test/ContextPolicyManagement.xml','test')
url = '/api/architectural_patterns/name/Context%20Policy%20Management/environment/Complete/situate?session_id=test'
method = 'test_situate_component_view'
self.logger.info('[%s] URL: %s', method, url)
rv = self.app.post(url, content_type='application/json')
modelData = rv.data.decode('utf-8')
self.logger.debug('[%s] Response data: %s', method, modelData)
json_resp = jsonpickle.decode(modelData)
self.assertIsNotNone(json_resp, 'No results after deserialization')
msg = json_resp.get('message', None)
self.assertEqual(msg, 'Architectural Pattern successfully situated')
def setUpClass(cls):
cairis.core.BorgFactory.initialise()
# importModelFile(os.environ['CAIRIS_SRC'] + '/../examples/exemplars/NeuroGrid/NeuroGrid.xml',1)
importModelFile(os.environ['CAIRIS_SRC'] + '/test/webinos_incomplete.xml',1)
importTVTypeFile(os.environ['CAIRIS_SRC'] + '/test/OWASPTypes.xml',0)
importTVTypeFile(os.environ['CAIRIS_SRC'] + '/../examples/threat_vulnerability_types/cwecapec_tv_types.xml',0)
importDirectoryFile(os.environ['CAIRIS_SRC'] + '/../examples/directories/owasp_directory.xml',0)
importDirectoryFile(os.environ['CAIRIS_SRC'] + '/../examples/directories/cwecapec_directory.xml',0)
importDirectoryFile(os.environ['CAIRIS_SRC'] + '/test/D28TV.xml',0)
importComponentViewFile(os.environ['CAIRIS_SRC'] + '/test/ContextPolicyManagement.xml',0)
importAttackPattern(os.environ['CAIRIS_SRC'] + '/test/XACMLAttackPattern.xml',0)
importModelFile(os.environ['CAIRIS_SRC'] + '/test/misusability.xml',0)
def file_import(importFile, mFormat, overwriteFlag, session_id=None):
if overwriteFlag == None:
overwriteFlag = 1
from cairis.mio.ModelImport import importSecurityPatternsFile, importAttackPattern, importTVTypeFile, importDirectoryFile, importRequirementsFile, importRiskAnalysisFile, importUsabilityFile, importAssociationsFile, importProjectFile, importDomainValuesFile, importComponentViewFile, importSynopsesFile, importProcessesFile, importAssetsFile, importLocationsFile, importModelFile, importMisusabilityFile, importDataflowsFile, importStoriesFile
try:
ET.fromstring(open(importFile).read())
except ET.ParseError as e:
raise ARMException('Error parsing ' + importFile + ': ' + str(e))
msgStr = ''
if (mFormat == 'securitypattern' or mFormat == 'Security Pattern'):
msgStr += importSecurityPatternsFile(importFile, session_id)
elif (mFormat == 'attackpattern' or mFormat == 'Attack Pattern'):
msgStr += importAttackPattern(importFile, session_id)
elif (mFormat == 'tvtypes' or mFormat == 'Threat and Vulnerability Types'):
msgStr += importTVTypeFile(importFile, int(overwriteFlag), session_id)
elif (mFormat == 'directory'
or mFormat == 'Threat and Vulnerability Directory'):
msgStr += importDirectoryFile(importFile, int(overwriteFlag),
session_id)
elif (mFormat == 'requirements' or mFormat == 'Requirements'):
msgStr += importRequirementsFile(importFile, session_id)
elif (mFormat == 'riskanalysis' or mFormat == 'Risk Analysis'):
msgStr += importRiskAnalysisFile(importFile, session_id)
elif (mFormat == 'usability' or mFormat == 'Usability'):
msgStr += importUsabilityFile(importFile, session_id)
elif (mFormat == 'misusability' or mFormat == 'Misusability'):
msgStr += importMisusabilityFile(importFile, session_id)
elif (mFormat == 'associations' or mFormat == 'Associations'):
msgStr += importAssociationsFile(importFile, session_id)
elif (mFormat == 'project' or mFormat == 'Project data'):
msgStr += importProjectFile(importFile, session_id)
elif (mFormat == 'domainvalues' or mFormat == 'Domain Values'):
msgStr += importDomainValuesFile(importFile, session_id)
elif (mFormat == 'architecturalpattern'
or mFormat == 'Architectural Pattern'):
msgStr += importComponentViewFile(importFile, session_id)
elif (mFormat == 'synopses' or mFormat == 'Synopses'):
msgStr += importSynopsesFile(importFile, session_id)
elif (mFormat == 'processes' or mFormat == 'Processes'):
msgStr += importProcessesFile(importFile, session_id)
elif (mFormat == 'assets' or mFormat == 'Assets'):
msgStr += importAssetsFile(importFile, session_id)
elif (mFormat == 'locations' or mFormat == 'Locations'):
msgStr += importLocationsFile(importFile, session_id)
elif (mFormat == 'dataflows' or mFormat == 'Dataflows'):
msgStr += importDataflowsFile(importFile, session_id)
elif (mFormat == 'stories' or mFormat == 'Stories'):
msgStr += importStoriesFile(importFile, session_id)
elif (mFormat == 'all' or mFormat == 'Model'
or mFormat == 'Model file (.xml)'):
msgStr += importModelFile(importFile, int(overwriteFlag), session_id)
else:
raise ARMException('Input model type ' + mFormat + ' not recognised')
return 0
def file_import(importFile, mFormat, overwriteFlag, session_id=None):
if overwriteFlag == None:
overwriteFlag = 1
if (os.access(importFile, os.R_OK)) == False:
raise ARMException("Cannot access " + importFile)
from cairis.mio.ModelImport import importSecurityPatternsFile, importAttackPattern, importTVTypeFile, importDirectoryFile, importRequirementsFile, importRiskAnalysisFile, importUsabilityFile, importAssociationsFile, importProjectFile, importDomainValuesFile, importComponentViewFile, importSynopsesFile, importProcessesFile, importAssetsFile, importLocationsFile, importModelFile, importMisusabilityFile, importDataflowsFile
msgStr = ''
if (mFormat == 'securitypattern' or mFormat == 'Security Pattern'):
msgStr += importSecurityPatternsFile(importFile, session_id=session_id)
elif (mFormat == 'attackpattern' or mFormat == 'Attack Pattern'):
msgStr += importAttackPattern(importFile, session_id)
elif (mFormat == 'tvtypes' or mFormat == 'Threat and Vulnerability Types'):
msgStr += importTVTypeFile(importFile, int(overwriteFlag), session_id)
elif (mFormat == 'directory'
or mFormat == 'Threat and Vulnerability Directory'):
msgStr += importDirectoryFile(importFile, int(overwriteFlag),
session_id)
elif (mFormat == 'requirements' or mFormat == 'Requirements'):
msgStr += importRequirementsFile(importFile, session_id)
elif (mFormat == 'riskanalysis' or mFormat == 'Risk Analysis'):
msgStr += importRiskAnalysisFile(importFile, session_id)
elif (mFormat == 'usability' or mFormat == 'Usability'):
msgStr += importUsabilityFile(importFile, session_id)
elif (mFormat == 'misusability' or mFormat == 'Misusability'):
msgStr += importMisusabilityFile(importFile, session_id)
elif (mFormat == 'associations' or mFormat == 'Associations'):
msgStr += importAssociationsFile(importFile, session_id)
elif (mFormat == 'project' or mFormat == 'Project data'):
msgStr += importProjectFile(importFile, session_id)
elif (mFormat == 'domainvalues' or mFormat == 'Domain Values'):
msgStr += importDomainValuesFile(importFile, session_id)
elif (mFormat == 'architecturalpattern'
or mFormat == 'Architectural Pattern'):
msgStr += importComponentViewFile(importFile, session_id)
elif (mFormat == 'synopses' or mFormat == 'Synopses'):
msgStr += importSynopsesFile(importFile, session_id)
elif (mFormat == 'processes' or mFormat == 'Processes'):
msgStr += importProcessesFile(importFile, session_id)
elif (mFormat == 'assets' or mFormat == 'Assets'):
msgStr += importAssetsFile(importFile, session_id)
elif (mFormat == 'locations' or mFormat == 'Locations'):
msgStr += importLocationsFile(importFile, session_id)
elif (mFormat == 'dataflows' or mFormat == 'Dataflows'):
msgStr += importDataflowsFile(importFile, session_id)
elif (mFormat == 'all' or mFormat == 'Model'):
msgStr += importModelFile(importFile, int(overwriteFlag), session_id)
else:
raise ARMException('Input model type ' + mFormat + ' not recognised')
return 0
def setUpClass(cls):
cairis.core.BorgFactory.initialise()
# Uncommenting the below and commenting the other setup lines might be useful if you want to test exporting using different models
# importModelFile(os.environ['CAIRIS_SRC'] + '/../examples/exemplars/NeuroGrid/NeuroGrid.xml',1)
# importModelFile(os.environ['CAIRIS_SRC'] + '/../examples/exemplars/ACME_Water/ACME_Water.xml',1)
importModelFile(
os.environ['CAIRIS_SRC'] + '/test/webinos_incomplete.xml', 1)
importTVTypeFile(os.environ['CAIRIS_SRC'] + '/test/OWASPTypes.xml', 0)
importTVTypeFile(
os.environ['CAIRIS_SRC'] +
'/../examples/threat_vulnerability_types/cwecapec_tv_types.xml', 0)
importDirectoryFile(
os.environ['CAIRIS_SRC'] +
'/../examples/directories/owasp_directory.xml', 0)
importDirectoryFile(
os.environ['CAIRIS_SRC'] +
'/../examples/directories/cwecapec_directory.xml', 0)
importDirectoryFile(os.environ['CAIRIS_SRC'] + '/test/D28TV.xml', 0)
importComponentViewFile(
os.environ['CAIRIS_SRC'] + '/test/ContextPolicyManagement.xml', 0)
importAttackPattern(
os.environ['CAIRIS_SRC'] + '/test/XACMLAttackPattern.xml', 0)
importModelFile(os.environ['CAIRIS_SRC'] + '/test/misusability.xml', 0)
def file_import(importFile,mFormat,overwriteFlag,session_id = None):
if overwriteFlag == None:
overwriteFlag = 1
if (os.access(importFile, os.R_OK)) == False:
raise ARMException("Cannot access " + importFile)
from cairis.mio.ModelImport import importSecurityPatternsFile, importAttackPattern,importTVTypeFile,importDirectoryFile,importRequirementsFile, importRiskAnalysisFile, importUsabilityFile, importAssociationsFile, importProjectFile, importDomainValuesFile, importComponentViewFile, importSynopsesFile,importProcessesFile,importAssetsFile,importLocationsFile,importModelFile,importMisusabilityFile,importDataflowsFile
msgStr = ''
if (mFormat == 'securitypattern' or mFormat == 'Security Pattern'):
msgStr += importSecurityPatternsFile(importFile,session_id = session_id)
elif (mFormat == 'attackpattern' or mFormat == 'Attack Pattern'):
msgStr += importAttackPattern(importFile,session_id)
elif (mFormat == 'tvtypes' or mFormat == 'Threat and Vulnerability Types'):
msgStr += importTVTypeFile(importFile,int(overwriteFlag),session_id)
elif (mFormat == 'directory' or mFormat == 'Threat and Vulnerability Directory'):
msgStr += importDirectoryFile(importFile,int(overwriteFlag),session_id)
elif (mFormat == 'requirements' or mFormat == 'Requirements'):
msgStr += importRequirementsFile(importFile,session_id)
elif (mFormat == 'riskanalysis' or mFormat == 'Risk Analysis'):
msgStr += importRiskAnalysisFile(importFile,session_id)
elif (mFormat == 'usability' or mFormat == 'Usability'):
msgStr += importUsabilityFile(importFile,session_id)
elif (mFormat == 'misusability' or mFormat == 'Misusability'):
msgStr += importMisusabilityFile(importFile,session_id)
elif (mFormat == 'associations' or mFormat == 'Associations'):
msgStr += importAssociationsFile(importFile,session_id)
elif (mFormat == 'project' or mFormat == 'Project data'):
msgStr += importProjectFile(importFile,session_id)
elif (mFormat == 'domainvalues' or mFormat == 'Domain Values'):
msgStr += importDomainValuesFile(importFile,session_id)
elif (mFormat == 'architecturalpattern' or mFormat == 'Architectural Pattern'):
msgStr += importComponentViewFile(importFile,session_id)
elif (mFormat == 'synopses' or mFormat == 'Synopses'):
msgStr += importSynopsesFile(importFile,session_id)
elif (mFormat == 'processes' or mFormat == 'Processes'):
msgStr += importProcessesFile(importFile,session_id)
elif (mFormat == 'assets' or mFormat == 'Assets'):
msgStr += importAssetsFile(importFile,session_id)
elif (mFormat == 'locations' or mFormat == 'Locations'):
msgStr += importLocationsFile(importFile,session_id)
elif (mFormat == 'dataflows' or mFormat == 'Dataflows'):
msgStr += importDataflowsFile(importFile,session_id)
elif (mFormat == 'all' or mFormat == 'Model'):
msgStr += importModelFile(importFile,int(overwriteFlag),session_id)
else:
raise ARMException('Input model type ' + mFormat + ' not recognised')
return 0
def setUpClass(cls): importModelFile(os.environ['CAIRIS_SRC'] + '/test/webinos.xml',1,'test') importComponentViewFile(os.environ['CAIRIS_SRC'] + '/test/ContextPolicyManagement.xml','test')