def main(args=None):
try:
parser = argparse.ArgumentParser(description='Computer Aided Integration of Requirements and Information Security - Model Import')
parser.add_argument('modelFile',help='model file to import')
parser.add_argument('--type',dest='modelFormat',help='model type to import. One of securitypattern, attackpattern, tvtypes, directory, requirements, riskanalysis, usability, project, domainvalues, architecturalpattern, associations, synopses, processes, assets, locations or all')
parser.add_argument('--overwrite',dest='isOverwrite',help='Where appropriate, overwrite an existing CAIRIS model with this model')
parser.add_argument('--image_dir',dest='imageDir',help='Where appropriate, directory for model images (overwrites default_image_dir value in cairis.cnf)')
args = parser.parse_args()
mFormat = args.modelFormat
importFile = args.modelFile
overwriteFlag = args.isOverwrite
if overwriteFlag == None:
overwriteFlag = 1
cairis.core.BorgFactory.initialise()
b = Borg()
if args.imageDir != None:
b.imageDir = os.path.abspath(args.imageDir)
msgStr = ''
if (mFormat == 'securitypattern'):
msgStr += importSecurityPatterns(importFile)
if (mFormat == 'attackpattern'):
msgStr += importAttackPattern(importFile)
elif (mFormat == 'tvtypes'):
msgStr += importTVTypeFile(importFile,int(overwriteFlag))
elif (mFormat == 'directory'):
msgStr += importDirectoryFile(importFile,int(overwriteFlag))
elif (mFormat == 'requirements'):
msgStr += importRequirementsFile(importFile)
elif (mFormat == 'riskanalysis'):
msgStr += importRiskAnalysisFile(importFile)
elif (mFormat == 'usability'):
msgStr += importUsabilityFile(importFile)
elif (mFormat == 'associations'):
msgStr += importAssociationsFile(importFile)
elif (mFormat == 'project'):
msgStr += importProjectFile(importFile)
elif (mFormat == 'domainvalues'):
msgStr += importDomainValuesFile(importFile)
elif (mFormat == 'architecturalpattern'):
msgStr += importComponentViewFile(importFile)
elif (mFormat == 'synopses'):
msgStr += importSynopsesFile(importFile)
elif (mFormat == 'processes'):
msgStr += importProcessesFile(importFile)
elif (mFormat == 'assets'):
msgStr += importAssetsFile(importFile)
elif (mFormat == 'locations'):
msgStr += importLocationsFile(importFile)
elif (mFormat == 'all'):
msgStr += importModelFile(importFile,int(overwriteFlag))
else:
raise ARMException('Input model type ' + mFormat + ' not recognised')
print msgStr
except ARMException, e:
print 'cimport error: ',e
exit(-1)
def get_dbproxy(self, session_id):
"""
Searches the MySQLDatabaseProxy instance associated with the session ID.
:param
session_id: The session ID
:type
session_id: str
:rtype
MySQLDatabaseProxy
:return
The MySQLDatabaseProxy instance associated with the session ID
:raise
CairisHTTPError
"""
if session_id:
b = Borg()
db_proxy = b.get_dbproxy(session_id)
if db_proxy is None:
raise CairisHTTPError(
status_code=httplib.CONFLICT,
message='The database connection could not be created.'
)
elif isinstance(db_proxy, MySQLDatabaseProxy):
db_proxy.reconnect(session_id=session_id)
return db_proxy
else:
raise CairisHTTPError(
status_code=httplib.CONFLICT,
message='The database connection was not properly set up. Please try to reset the connection.'
)
else:
raise MissingParameterHTTPError(
param_names=['session_id']
)
def exportAttackPatterns(outFile,session_id = None):
b = Borg()
rmAttackPatterns = b.get_dbproxy(session_id).redmineAttackPatterns()
buf = 'h1. Contextualised Attack Patterns\n\nThis section was automatically generated based on the contents of the webinos WP 2 git repository at http://dev.webinos.org/git/wp2.git.\n\nh2. Obstacle probability: colour codes\n\n!{width:200px}ObsColour.jpg!\n\n'
apdxBuf = ''
noAPs = 0
for apName,envName,cType,apTxt in rmAttackPatterns:
if (cType == 'body'):
buf += apTxt + '\n'
gmName = apName.replace(' ','_') + 'ObstacleModel.jpg'
buildRiskObstacleModel(b.get_dbproxy(session_id),apName,envName,gmName)
else:
apdxBuf += apTxt + '\n'
noAPs += 1
aFile = open(outFile,'w')
aFile.write(buf)
aFile.close()
fileName,filePostfix = outFile.split('.')
summaryFile = fileName + '-summary.txt'
buf = b.get_dbproxy(session_id).redmineAttackPatternsSummary('Complete')
aFile = open(summaryFile,'w')
aFile.write(buf)
aFile.close()
return 'Exported ' + str(noAPs) + ' attack patterns.'
def json_serialize(obj, pretty_printing=False, session_id=None):
"""
Serializes the Python object to a JSON serialized string.
:param obj: The object to be serialized
:type obj: object
:param pretty_printing: Defines if the string needs to be pretty printed
:type pretty_printing: bool
:param session_id: The user's session ID
:type session_id: int
:return: Returns a JSON serialized string of the object
"""
b = Borg()
if session_id is None:
session_id = session.get('session_id', None)
s = b.get_settings(session_id)
if s is not None:
pretty_printing = s.get('jsonPrettyPrint', False)
if pretty_printing:
json_string = dumps(loads(serialize(obj)), indent=4)
else:
json_string = serialize(obj)
for key in conv_terms:
json_string = json_string.replace(key, conv_terms[key])
return json_string
def get_fonts(session_id=None):
"""
Validates that the fonts to output the SVG models are properly set up
:param session_id: The session ID provided by the user
:return: The font name, font size and AP font name
:rtype : str,str,str
:raise CairisHTTPError: Raises a CairisHTTPError when the database could not be properly set up
"""
if session_id is not None:
b = Borg()
settings = b.get_settings(session_id)
fontName = settings.get('fontName', None)
fontSize = settings.get('fontSize', None)
apFontName = settings.get('apFontSize', None)
if fontName is None or fontSize is None or apFontName is None:
raise CairisHTTPError(
status_code=httplib.BAD_REQUEST,
message='The method is not callable without setting up the project settings.'
)
elif isinstance(fontName, str) and isinstance(fontSize, str) and isinstance(apFontName, str):
return fontName, fontSize, apFontName
else:
raise CairisHTTPError(
status_code=httplib.BAD_REQUEST,
message='The database connection was not properly set up. Please try to reset the connection.'
)
else:
raise CairisHTTPError(
status_code=httplib.BAD_REQUEST,
message='The method is not callable without setting up the project settings.'
)
def get_dbproxy(self, session_id):
"""
Searches the MySQLDatabaseProxy instance associated with the session ID.
:param
session_id: The session ID
:type
session_id: str
:rtype
MySQLDatabaseProxy
:return
The MySQLDatabaseProxy instance associated with the session ID
:raise
CairisHTTPError
"""
if session_id:
b = Borg()
try:
db_proxy = b.get_dbproxy(session_id)
except SessionNotFound as ex:
raise NoSessionError(ex)
if isinstance(db_proxy, MySQLDatabaseProxy):
if db_proxy.conn is None:
db_proxy.reconnect(session_id=session_id)
return db_proxy
else:
raise CairisHTTPError(
status_code=CONFLICT,
message='The database connection was not properly set up. Please try to reset the connection.'
)
else:
raise MissingParameterHTTPError(
param_names=['session_id']
)
def setPort(port):
logger.info('Applying web port...')
b = Borg()
if port == 0:
if not hasattr(b, 'webPort'):
b.webPort = 7071
else:
b.webPort = port
def exportGRL(outFileName,personaNames,taskNames,envName,session_id = None): b = Borg() pStr = ', '.join(personaNames) tStr = ', '.join(taskNames) buf = b.get_dbproxy(session_id).pcToGrl(pStr,tStr,envName) rFile = open(outFileName,'w') rFile.write(buf) rFile.close() return 'Exported GRL for ' + pStr + ' in tasks ' + tStr + ' situated in environment ' + envName
def __init__(self, session_id=None):
b = Borg()
self.dbProxy = b.get_dbproxy(session_id)
self.configDir = b.configDir
self.theCharacteristicSynopses = []
self.theReferenceSynopses = []
self.theStepSynopses = []
self.theReferenceContributions = []
self.theUseCaseContributions = []
def importRequirements(dpParameterSet,goalParameterSet,obsParameterSet,reqParameterSet,cmParameterSet,session_id):
b = Borg()
db_proxy = b.get_dbproxy(session_id)
dpCount = 0
for dpParameters in dpParameterSet:
objtId = db_proxy.existingObject(dpParameters.name(),'domainproperty')
if objtId == -1:
db_proxy.addDomainProperty(dpParameters)
else:
dpParameters.setId(objtId)
db_proxy.updateDomainProperty(dpParameters)
dpCount += 1
goalCount = 0
for goalParameters in goalParameterSet:
objtId = db_proxy.existingObject(goalParameters.name(),'goal')
if objtId == -1:
db_proxy.addGoal(goalParameters)
else:
goalParameters.setId(objtId)
db_proxy.updateGoal(goalParameters)
goalCount += 1
obsCount = 0
for obsParameters in obsParameterSet:
objtId = db_proxy.existingObject(obsParameters.name(),'obstacle')
if objtId == -1:
db_proxy.addObstacle(obsParameters)
else:
obsParameters.setId(objtId)
db_proxy.updateObstacle(obsParameters)
obsCount += 1
reqCount = 0
for req,refName,refType in reqParameterSet:
objtId = db_proxy.existingObject(req.name(),'requirement')
if objtId == -1:
isAsset = True
if (refType == 'environment'):
isAsset = False
db_proxy.addRequirement(req,refName,isAsset)
else:
db_proxy.updateRequirement(req)
reqCount += 1
cmCount = 0
for cmParameters in cmParameterSet:
objtId = db_proxy.existingObject(cmParameters.name(),'countermeasure')
if objtId == -1:
db_proxy.addCountermeasure(cmParameters)
else:
cmParameters.setId(objtId)
db_proxy.updateCountermeasure(cmParameters)
cmCount += 1
msgStr = 'Imported ' + str(dpCount) + ' domain properties, ' + str(goalCount) + ' goals, ' + str(obsCount) + ' obstacles, ' + str(reqCount) + ' requirements, and ' + str(cmCount) + ' countermeasures.'
return msgStr
def validate_proxy(session, id, request=None, conf=None):
"""
Validates that the DB proxy object is properly set up
:param session: The session object of the request
:param id: The session ID provided by the user
:param conf: A dictionary containing configuration settings for direct authenrication
:return: The MySQLDatabaseProxy object associated to the session
:rtype : MySQLDatabaseProxy
:raise CairisHTTPError: Raises a CairisHTTPError when the database could not be properly set up
"""
if session is not None:
session_id = session.get('session_id', -1)
else:
session_id = None
if conf is not None:
if isinstance(conf, dict):
try:
db_proxy = MySQLDatabaseProxy(host=conf['dbhost'], port=conf['dbport'], user=conf['dbuser'], passwd=conf['dbpasswd'], db=conf['dbname'])
if db_proxy is not None:
return db_proxy
else:
raise CairisHTTPError(
status_code=httplib.CONFLICT,
message='The database connection could not be created.'
)
except DatabaseProxyException:
raise CairisHTTPError(
status_code=httplib.BAD_REQUEST,
message='The provided settings are invalid and cannot be used to create a database connection'
)
if not (session_id is None and id is None):
if id is None:
id = session_id
b = Borg()
db_proxy = b.get_dbproxy(id)
if db_proxy is None:
raise CairisHTTPError(
status_code=httplib.CONFLICT,
message='The database connection could not be created.'
)
elif isinstance(db_proxy, MySQLDatabaseProxy):
return db_proxy
else:
raise CairisHTTPError(
status_code=httplib.CONFLICT,
message='The database connection was not properly set up. Please try to reset the connection.'
)
else:
raise CairisHTTPError(
status_code=httplib.BAD_REQUEST,
message='The session is neither started or no session ID is provided with the request.'
)
def setStaticDir(static_dir):
logger.info('Setting static web content directory...')
b = Borg()
try:
os.listdir(static_dir)
except EnvironmentError as ex:
logger.warning('The directory for static web content is not readable: %s' % ex.strerror)
logger.warning('Static content may not be available')
b.staticDir = os.path.abspath(static_dir)
def __init__(self, session_id=None):
b = Borg()
self.dbProxy = b.get_dbproxy(session_id)
self.configDir = b.configDir
self.theManualAssociations = set([])
self.theGoalAssociations = []
self.theDependencyAssociations = []
self.resetManualAssociationAttributes()
self.resetGoalAssociationAttributes()
self.resetDependencyAssociationAttributes()
def exportRedmineScenarios(outFile,session_id = None):
b = Borg()
rmScenarios = b.get_dbproxy(session_id).redmineScenarios()
buf = ''
noScenarios = 0
for sName,sEnv,sTxt in rmScenarios:
buf += sTxt + '\n'
noScenarios += 1
sFile = open(outFile,'w')
sFile.write(buf)
sFile.close()
return 'Exported ' + str(noScenarios) + ' scenarios.'
def setLoglevel(log_level):
b = Borg()
logger.info('Applying log level...')
log_level = log_level.lower()
if log_level == 'verbose':
realLevel = logging.INFO
elif log_level == 'debug':
realLevel = logging.DEBUG
else:
realLevel = logging.WARNING
b.logLevel = realLevel
def importDomainValues(tvValues,rvValues,cvValues,svValues,lvValues,capValues,motValues,session_id):
noOfTvs = len(tvValues)
noOfRvs = len(rvValues)
noOfCvs = len(cvValues)
noOfSvs = len(svValues)
noOfLvs = len(lvValues)
noOfCapVs = len(capValues)
noOfMotVs = len(motValues)
b = Borg()
db_proxy = b.get_dbproxy(session_id)
tId = 0
if (noOfTvs > 0):
for tvp in tvValues:
tvp.setId(tId)
db_proxy.updateValueType(tvp)
tId += 1
tId =1
if (noOfRvs > 0):
for rvp in rvValues:
rvp.setId(tId)
db_proxy.updateValueType(rvp)
tId += 1
tId = 0
if (noOfCvs > 0):
for cvp in cvValues:
cvp.setId(tId)
db_proxy.updateValueType(cvp)
tId += 1
tId = 0
if (noOfSvs > 0):
for svp in svValues:
svp.setId(tId)
db_proxy.updateValueType(svp)
tId += 1
tId = 0
if (noOfLvs > 0):
for lvp in lvValues:
lvp.setId(tId)
db_proxy.updateValueType(lvp)
tId += 1
if (noOfCapVs > 0):
for capvp in capValues:
db_proxy.addValueType(capvp)
if (noOfMotVs > 0):
for motvp in motValues:
db_proxy.addValueType(motvp)
msgStr = 'Imported domain values'
return msgStr
def importProcesses(docs,codes,memos,quotations,codeNetworks,processes,ics,intentions,contributions,session_id):
noOfDocs = len(docs)
noOfCodes = len(codes)
noOfMemos = len(memos)
noOfQuotations = len(quotations)
noOfCNs = len(codeNetworks)
noOfProcs = len(processes)
noOfICs = len(ics)
noOfIntentions = len(intentions)
noOfContributions = len(contributions)
b = Borg()
db_proxy = b.get_dbproxy(session_id)
for dp in docs:
db_proxy.addInternalDocument(dp)
for cp in codes:
db_proxy.addCode(cp)
for mp in memos:
db_proxy.addMemo(mp)
for q in quotations:
db_proxy.addQuotation(q)
# Necessary because adding document memos currently overwrites the existing memo text
for mp in memos:
db_proxy.updateMemo(mp)
for cn in codeNetworks:
personaName = cn[0]
rtName = cn[1]
fromCode = cn[2]
toCode = cn[3]
db_proxy.addCodeRelationship(personaName,fromCode,toCode,rtName)
for p in processes:
db_proxy.addImpliedProcess(p)
for ic in ics:
db_proxy.addImpliedCharacteristic(ic)
for intention in intentions:
db_proxy.addIntention(intention)
for contribution in contributions:
db_proxy.addContribution(contribution)
msgStr = 'Imported ' + str(noOfDocs) + ' internal documents, ' + str(noOfCodes) + ' codes, ' + str(noOfMemos) + ' memos, ' + str(noOfQuotations) + ' quotations, ' + str(noOfCNs) + ' code relationships, ' + str(noOfProcs) + ' implied processes, ' + str(noOfIntentions) + ' intentions, and ' + str(noOfContributions) + ' contributions.'
return msgStr
def get_logger():
b = Borg()
log = logging.getLogger('cairisd')
log.setLevel(logging.INFO)
try:
log = b.logger
except AttributeError:
b.logger = log
try:
log.setLevel(b.logLevel)
b.logger.setLevel(b.logLevel)
except AttributeError:
b.logLevel = logging.INFO
return log
def __init__(self,session_id = None):
b = Borg()
self.dbProxy = b.get_dbproxy(session_id)
self.configDir = b.configDir
self.theDomainProperties = []
self.theGoals = []
self.theObstacles = []
self.theRequirements = []
self.theCountermeasures = []
self.resetDomainPropertyAttributes()
self.resetGoalAttributes()
self.resetObstacleAttributes()
self.resetRequirementAttributes()
self.resetGoalAttributes()
self.resetCountermeasureAttributes()
def importSynopses(charSyns,refSyns,stepSyns,refConts,ucConts,session_id):
b = Borg()
db_proxy = b.get_dbproxy(session_id)
for cs in charSyns:
db_proxy.addCharacteristicSynopsis(cs)
for rs in refSyns:
db_proxy.addReferenceSynopsis(rs)
for ucName,envName,stepNo,synName,aType,aName in stepSyns:
db_proxy.addStepSynopsis(ucName,envName,stepNo,synName,aType,aName)
db_proxy.conn.commit()
for rc in refConts:
db_proxy.addReferenceContribution(rc)
for uc in ucConts:
db_proxy.addUseCaseContribution(uc)
msgStr = 'Imported ' + str(len(charSyns)) + ' characteristic synopses, ' + str(len(refSyns)) + ' reference synopses, ' + str(len(stepSyns)) + ' step synopses, ' + str(len(refConts)) + ' reference contributions, and ' + str(len(ucConts)) + ' use case contributions.'
return msgStr
def importAssets(valueTypes,assets,session_id):
b = Borg()
db_proxy = b.get_dbproxy(session_id)
vtCount = 0
taCount = 0
for vtParameters in valueTypes:
vtId = db_proxy.existingObject(vtParameters.name(),vtParameters.type())
if vtId == -1:
db_proxy.addValueType(vtParameters)
vtCount += 1
for taParameters in assets:
taId = db_proxy.existingObject(taParameters.name(),'template_asset')
if taId == -1:
db_proxy.addTemplateAsset(taParameters)
taCount += 1
return 'Imported ' + str(vtCount) + ' value types, and ' + str(taCount) + ' template assets.'
def importTVTypes(vulTypes,threatTypes,isOverwrite,session_id):
b = Borg()
db_proxy = b.get_dbproxy(session_id)
noOfVts = len(vulTypes)
noOfTts = len(threatTypes)
if (noOfVts > 0):
if (isOverwrite):
db_proxy.deleteVulnerabilityType(-1)
for vt in vulTypes:
db_proxy.addValueType(vt)
if (noOfTts > 0):
if (isOverwrite):
db_proxy.deleteThreatType(-1)
for tt in threatTypes:
db_proxy.addValueType(tt)
msgStr = 'Imported ' + str(noOfVts) + ' vulnerability types and ' + str(noOfTts) + ' threat types.'
return msgStr
def main(args=None):
parser = argparse.ArgumentParser(description='Computer Aided Integration of Requirements and Information Security - Model Import')
parser.add_argument('modelFile',help='model file to import')
parser.add_argument('--type',dest='modelFormat',help='model type to import. One of securitypattern, attackpattern, tvtypes, directory, requirements, riskanalysis, usability, project, domainvalues, architecturalpattern, associations, synopses, processes, assets, locations or all')
parser.add_argument('--overwrite',dest='isOverwrite',help='Where appropriate, overwrite an existing CAIRIS model with this model')
parser.add_argument('--image_dir',dest='imageDir',help='Where appropriate, directory for model images (overwrites default_image_dir value in cairis.cnf)')
args = parser.parse_args()
mFormat = args.modelFormat
importFile = args.modelFile
overwriteFlag = args.isOverwrite
import cairis.core.BorgFactory
from cairis.core.Borg import Borg
cairis.core.BorgFactory.initialise()
b = Borg()
if args.imageDir != None:
b.imageDir = os.path.abspath(args.imageDir)
file_import(importFile,mFormat,overwriteFlag)
def importAssociations(maParameterSet,gaParameterSet,depParameterSet,session_id):
b = Borg()
db_proxy = b.get_dbproxy(session_id)
maCount = 0
for tTable,fromId,toId,refType in maParameterSet:
db_proxy.addTrace(tTable,fromId,toId,refType)
maCount += 1
gaCount = 0
for gaParameters in gaParameterSet:
db_proxy.addGoalAssociation(gaParameters)
gaCount += 1
depCount = 0
for depParameters in depParameterSet:
db_proxy.addDependency(depParameters)
depCount += 1
msgStr = 'Imported ' + str(maCount) + ' manual associations, ' + str(gaCount) + ' goal associations, and ' + str(depCount) + ' dependency associations.'
return msgStr
def importModelFile(importFile,isOverwrite = 1,session_id = None):
try:
b = Borg()
db_proxy = b.get_dbproxy(session_id)
modelTxt = ''
if isOverwrite == 1:
db_proxy.clearDatabase(session_id)
modelTxt += importTVTypeFile(importFile,isOverwrite,session_id = session_id) + ' '
modelTxt += importDomainValuesFile(importFile,session_id) + ' '
modelTxt += importProjectFile(importFile,session_id) + ' '
modelTxt += importRiskAnalysisFile(importFile,session_id) + ' '
modelTxt += importUsabilityFile(importFile,session_id) + ' '
modelTxt += importRequirementsFile(importFile,session_id) + ' '
modelTxt += importAssociationsFile(importFile,session_id) + ' '
modelTxt += importSynopsesFile(importFile,session_id)
return modelTxt
except xml.sax.SAXException, e:
raise ARMException("Error parsing" + importFile + ": " + e.getMessage())
def importProjectData(pSettings,envParameterSet,session_id):
b = Borg()
db_proxy = b.get_dbproxy(session_id)
if (pSettings != None):
db_proxy.updateSettings(pSettings[0],pSettings[1],pSettings[2],pSettings[3],pSettings[4],pSettings[5],pSettings[6],pSettings[7])
envCount = 0
for envParameters in envParameterSet:
objtId = db_proxy.existingObject(envParameters.name(),'environment')
if objtId == -1:
db_proxy.addEnvironment(envParameters)
else:
envParameters.setId(objtId)
db_proxy.updateEnvironment(envParameters)
envCount += 1
msgText = 'Imported ' + str(envCount) + ' environments'
if (pSettings != None):
msgText += ', and project settings'
msgText += '.'
return msgText
def importDirectoryFile(importFile,isOverwrite=1,session_id = None):
try:
parser = xml.sax.make_parser()
handler = DirectoryContentHandler()
parser.setContentHandler(handler)
parser.setEntityResolver(handler)
parser.parse(importFile)
vulDir,threatDir = handler.directories()
vdSize = len(vulDir)
tdSize = len(threatDir)
b = Borg()
db_proxy = b.get_dbproxy(session_id)
if (vdSize > 0):
db_proxy.addVulnerabilityDirectory(vulDir,isOverwrite)
if (tdSize > 0):
db_proxy.addThreatDirectory(threatDir,isOverwrite)
msgStr = 'Imported ' + str(vdSize) + ' template vulnerabilities and ' + str(tdSize) + ' template threats.'
return msgStr
except xml.sax.SAXException, e:
raise ARMException("Error parsing" + importFile + ": " + e.getMessage())
def __init__(self,session_id = None):
self.thePatternName = ''
self.theLikelihood = ''
self.theSeverity = ''
self.theObstacles = []
self.theObstacleAssociations = []
self.inIntent = 0
self.theIntent = ''
self.theMotivations = []
self.theEnvironment = ''
self.theAttack = ''
self.theExploit = ''
self.theAttackObstacle = ''
self.theExploitObstacle = ''
self.theParticipants = []
self.theTargets = []
self.theExploits = []
self.inConsequences = 0
self.theConsequences = ''
self.inImplementation = 0
self.theImplementation = ''
self.inKnownUses = 0
self.theKnownUses = ''
self.inRelatedPatterns = 0
self.theRelatedPatterns = ''
b = Borg()
self.configDir = b.configDir
self.dbProxy = b.get_dbproxy(session_id)
self.theObstacleParameters = []
self.theObstacleAssociationParameters = []
self.theAssetParameters = []
self.theAttackerParameters = []
self.theVulnerabilityParameters = None
self.theThreatParameters = None
self.theRiskParameters = None
self.resetObstacleElements()
self.resetObstacleAssociationElements()
self.resetMotivationElements()
self.resetParticipantElements()
def importSecurityPatterns(importFile,session_id=None):
try:
parser = xml.sax.make_parser()
handler = SecurityPatternContentHandler()
parser.setContentHandler(handler)
parser.setEntityResolver(handler)
parser.parse(importFile)
taps = handler.assets()
spps = handler.patterns()
vts = handler.metricTypes()
noOfTaps = len(taps)
noOfSpps = len(spps)
b = Borg()
db_proxy = b.get_dbproxy(session_id)
msgStr = 'No patterns imported'
if (noOfTaps > 0):
tapId = 0;
db_proxy.deleteSecurityPattern(-1)
db_proxy.deleteTemplateAsset(-1)
for vt in vts:
db_proxy.addValueType(vt)
for tap in taps:
tap.setId(tapId)
db_proxy.addTemplateAsset(tap)
tapId += 1
if (noOfSpps > 0):
spId = 0;
db_proxy.deleteSecurityPattern(-1)
for sp in spps:
sp.setId(spId)
db_proxy.addSecurityPattern(sp)
spId += 1
msgStr = 'Imported ' + str(noOfTaps) + ' template assets and ' + str(noOfSpps) + ' security patterns'
return msgStr
except xml.sax.SAXException, e:
raise ARMException("Error parsing" + importFile + ": " + e.getMessage())
def exportArchitecture(outFile,session_id = None):
b = Borg()
rmArchitecture = b.get_dbproxy(session_id).redmineArchitecture()
buf = ''
noAPs = 0
for aName,aType,sTxt in rmArchitecture:
buf += sTxt + '\n'
noAPs += 1
if (aType == 'component'):
caName = aName.replace(' ','_') + 'AssetModel.jpg'
cgName = aName.replace(' ','_') + 'GoalModel.jpg'
buildComponentAssetModel(b.get_dbproxy(session_id),aName,caName)
buildComponentGoalModel(b.get_dbproxy(session_id),aName,cgName)
elif (aType == 'architectural_pattern'):
graphName = aName.replace(' ','_') + 'ComponentModel.jpg'
buildComponentModel(b.get_dbproxy(session_id),aName,graphName)
aFile = open(outFile,'w')
aFile.write(buf)
aFile.close()
outFilePrefix,outFilePostfix = outFile.split('.')
summaryFile = outFilePrefix + '-summary.' + outFilePostfix
archSumm = b.get_dbproxy(session_id).redmineArchitectureSummary('Complete')
buf = ''
for aName,sTxt in archSumm:
buf += sTxt + '\n'
aFile = open(summaryFile,'w')
aFile.write(buf)
aFile.close()
return 'Exported ' + str(noAPs) + ' architectural patterns.'
def tearDown(self):
b = Borg()
b.dbProxy.deleteTemplateAsset(self.oTap.id())
b.dbProxy.close()
call([os.environ['CAIRIS_SRC'] + "/test/dropdb.sh"])
def testRequirement(self):
b = Borg()
reqId = b.dbProxy.newId()
ireq = cairis.core.RequirementFactory.build(reqId,self.irequirements[0]["theLabel"],self.irequirements[0]["theName"],self.irequirements[0]["theDescription"],self.irequirements[0]["thePriority"],self.irequirements[0]["theRationale"],self.irequirements[0]["theFitCriterion"],self.irequirements[0]["theOriginator"],self.irequirements[0]["theType"],self.irequirements[0]["theReference"],1)
b.dbProxy.addRequirement(ireq,self.irequirements[0]["theReference"],True)
oreqs = b.dbProxy.getRequirements()
oreq = oreqs[ireq.description()]
self.assertEqual(str(ireq.id()),str(oreq.id()))
self.assertEqual(self.iassets[0]["theShortCode"] + "-" + str(ireq.label()),str(oreq.label()))
self.assertEqual(str(ireq.name()),str(oreq.name()))
self.assertEqual(str(ireq.description()),str(oreq.description()))
self.assertEqual(str(ireq.rationale()),str(oreq.rationale()))
self.assertEqual(str(ireq.fitCriterion()),str(oreq.fitCriterion()))
self.assertEqual(str(ireq.version()),str(oreq.version()))
self.assertEqual(str(ireq.originator()),str(oreq.originator()))
self.assertEqual(str(ireq.type()),str(oreq.type()))
self.assertEqual(str(ireq.asset()),str(oreq.asset()))
self.assertEqual(len(b.dbProxy.getRequirementVersions(ireq.id())),1)
soreq = b.dbProxy.getRequirement(oreq.label())
self.assertEqual(str(oreq.name()),str(soreq.name()))
self.assertEqual(str(oreq.description()),str(soreq.description()))
self.assertEqual(str(oreq.rationale()),str(soreq.rationale()))
self.assertEqual(str(oreq.fitCriterion()),str(soreq.fitCriterion()))
self.assertEqual(str(oreq.version()),str(soreq.version()))
self.assertEqual(str(oreq.originator()),str(soreq.originator()))
self.assertEqual(str(oreq.type()),str(soreq.type()))
self.assertEqual(str(oreq.asset()),str(soreq.asset()))
uireq = oreq
uireq.update('label',oreq.label())
uireq.update('description','revised description')
uireq.update('name','revised name')
uireq.update('priority',oreq.priority())
uireq.update('rationale',oreq.rationale())
uireq.update('fitCriterion',oreq.fitCriterion())
uireq.update('supportingMaterial','None')
uireq.update('type',oreq.type())
uireq.update('asset',oreq.asset())
self.assertEqual(uireq.dirty(),9)
uireq.incrementVersion()
uireq.theLabel = int(uireq.theLabel.split('-')[1])
b.dbProxy.updateRequirement(uireq)
uoreqs = b.dbProxy.getRequirements()
uoreq = uoreqs['revised description']
self.assertEqual(str(uireq.name()),str(uoreq.name()))
self.assertEqual(str(uireq.description()),str(uoreq.description()))
self.assertEqual(str(uireq.rationale()),str(uoreq.rationale()))
self.assertEqual(str(uireq.fitCriterion()),str(uoreq.fitCriterion()))
self.assertEqual(str(oreq.version()),'2')
self.assertEqual(str(uireq.originator()),str(uoreq.originator()))
self.assertEqual(str(uireq.type()),str(uoreq.type()))
self.assertEqual(str(uireq.asset()),str(uoreq.asset()))
b.dbProxy.deleteRequirement(ireq.id())
def __init__(self):
self.theVulnerabilityTypes = []
self.theThreatTypes = []
self.resetAttributes()
b = Borg()
self.configDir = b.configDir
def __init__(self, parent):
BasePanel.__init__(self, parent, ASSET_ID)
self.theAssetId = None
b = Borg()
self.dbProxy = b.dbProxy
def build(url,environmentName,newNode = False,objtName = None,assocType = None,goalIndicator = None):
dim,objtName = url.split('#')
b = Borg()
proxy = b.dbProxy
builder = gtk.Builder()
gladeFile = b.configDir + '/imvnodes/imvnodes.xml'
builder.add_from_file(gladeFile)
objt = None
dupProperty = None
overridingEnvironment = None
if (newNode == False):
objt = proxy.dimensionObject(objtName,dim)
dupProperty,overridingEnvironment = proxy.duplicateProperties( proxy.getDimensionId(environmentName,'environment') )
dlg = 0
if (dim == 'threat'):
dlg = ThreatNodeDialog(objt,environmentName,dupProperty,overridingEnvironment,builder)
elif (dim == 'asset'):
if (assocType == None):
dlg = AssetNodeDialog(objt,environmentName,dupProperty,overridingEnvironment,builder)
else:
dlg = AssetAssociationNodeDialog(objt,environmentName,builder)
elif (dim == 'goal'):
if (assocType == 'andrequirement'):
dlg = NewRequirementNodeDialog(objt,environmentName,builder)
elif (assocType == 'subrequirement'):
dlg = GoalRefinementNodeDialog(objt,environmentName,builder,False,objtName,True)
elif (assocType == 'assign'):
dlg = AssignResponsibilityNodeDialog(objt,environmentName,builder,objtName)
elif (goalIndicator == None):
dlg = GoalNodeDialog(objt,environmentName,dupProperty,overridingEnvironment,builder)
dlg.parentGoal(objtName,assocType)
elif (goalIndicator == True):
dlg = GoalRefinementNodeDialog(objt,environmentName,builder,True,objtName)
else:
dlg = GoalRefinementNodeDialog(objt,environmentName,builder,False,objtName)
elif (dim == 'obstacle'):
dlg = ObstacleNodeDialog(objt,environmentName,dupProperty,overridingEnvironment,builder)
dlg.parentObstacle(objtName,assocType)
elif (dim == 'domainproperty'):
dlg = DomainPropertyNodeDialog(objt,environmentName,dupProperty,overridingEnvironment,builder)
elif (dim == 'attacker'):
dlg = AttackerNodeDialog(objt,environmentName,dupProperty,overridingEnvironment,builder)
elif (dim == 'vulnerability'):
dlg = VulnerabilityNodeDialog(objt,environmentName,dupProperty,overridingEnvironment,builder)
elif (dim == 'role'):
dlg = RoleNodeDialog(objt,environmentName,dupProperty,overridingEnvironment,builder)
elif (dim == 'requirement'):
if (assocType == 'assign'):
dlg = AssignResponsibilityNodeDialog(objt,environmentName,builder,objtName,False)
else:
dlg = RequirementNodeDialog(objt,builder)
elif (dim == 'persona'):
dlg = PersonaNodeDialog(objt,environmentName,dupProperty,overridingEnvironment,builder)
elif (dim == 'risk'):
rating = proxy.riskRating(objt.threat(),objt.vulnerability(),environmentName)
dlg = RiskNodeDialog(objt,rating,environmentName,builder)
elif (dim == 'response'):
if (objt.responseType() == 'Accept'):
dlg = AcceptNodeDialog(objt,environmentName,dupProperty,overridingEnvironment,builder)
elif (objt.responseType() == 'Transfer'):
dlg = TransferNodeDialog(objt,environmentName,dupProperty,overridingEnvironment,builder)
elif (objt.responseType() == 'Mitigate'):
dlg = MitigateNodeDialog(objt,environmentName,dupProperty,overridingEnvironment,builder)
elif (dim == 'task'):
dlg = TaskNodeDialog(objt,environmentName,dupProperty,overridingEnvironment,builder)
elif (dim == 'usecase'):
dlg = UseCaseNodeDialog(objt,environmentName,dupProperty,overridingEnvironment,builder)
elif (dim == 'misusecase'):
dlg = MisuseCaseNodeDialog(objt,environmentName,dupProperty,overridingEnvironment,builder)
elif (dim == 'countermeasure'):
dlg = CountermeasureNodeDialog(objt,environmentName,dupProperty,overridingEnvironment,builder)
# elif (dim == 'linkand'):
# dlg = LinkAndNodeDialog(objt,environmentName,dupProperty,overridingEnvironment,builder)
else:
return
dlg.show()
builder.connect_signals(dlg)
def buildNode(self, dimName, objtName):
objtUrl = dimName + '#' + str(objtName)
b = Borg()
if (dimName == 'persona'):
self.theGraph.add_node(
pydot.Node(objtName,
shapefile=b.staticDir + '/assets/modelActor.png',
fontname=self.fontName,
fontsize=self.fontSize,
URL=objtUrl,
peripheries='0'))
elif (dimName == 'persona_characteristic'):
self.theGraph.add_node(
pydot.Node(objtName,
shape='record',
margin=0,
fontname=self.fontName,
style='filled',
fillcolor='green',
fontcolor='white',
fontsize=self.fontSize,
URL=objtUrl))
elif (dimName == 'implied_characteristic'):
self.theGraph.add_node(
pydot.Node(objtName,
shape='record',
margin=0,
fontname=self.fontName,
style='filled',
fillcolor='green',
fontcolor='white',
fontsize=self.fontSize,
URL=objtUrl))
elif (dimName == 'rebuttal'):
self.theGraph.add_node(
pydot.Node(objtName,
shape='record',
margin=0,
fontname=self.fontName,
style='filled',
fillcolor='red',
fontsize=self.fontSize,
URL=objtUrl))
elif (dimName == 'qualifier'):
self.theGraph.add_node(
pydot.Node(objtName,
shape='rectangle',
margin=0,
fontname=self.fontName,
style='dashed',
fontsize=self.fontSize,
URL=objtUrl))
elif (dimName == 'warrant'):
self.theGraph.add_node(
pydot.Node(objtName,
shape='record',
margin=0,
fontname=self.fontName,
style='filled',
fillcolor='darkslategray3',
fontsize=self.fontSize,
URL=objtUrl))
elif (dimName == 'backing'):
self.theGraph.add_node(
pydot.Node(objtName,
shape='record',
margin=0,
fontname=self.fontName,
style='filled',
fillcolor='gray95',
fontsize=self.fontSize,
URL=objtUrl))
elif (dimName == 'grounds'):
self.theGraph.add_node(
pydot.Node(objtName,
shape='record',
margin=0,
fontname=self.fontName,
fontsize=self.fontSize,
URL=objtUrl))
else:
self.theGraph.add_node(
pydot.Node(objtName,
shape='point',
fontname=self.fontName,
label=' ',
fontsize=self.fontSize))
def testExportRedmineGoals(self):
b = Borg()
b.dbProxy.relabelGoals('Complete')
b.dbProxy.redmineGoals('Complete')
def testExportRedmineRequirements(self):
b = Borg()
b.dbProxy.getRedmineRequirements()
def __init__(self, parent):
BasePanel.__init__(self, parent, VULNERABILITY_ID)
b = Borg()
self.dbProxy = b.dbProxy
def testExportAttackPatterns(self):
b = Borg()
b.dbProxy.redmineAttackPatterns()
b.dbProxy.redmineAttackPatternsSummary('Complete')
def testExportArchitecture(self):
b = Borg()
b.dbProxy.redmineArchitecture()
b.dbProxy.redmineArchitectureSummary('Complete')
b.dbProxy.architecturalPatternToXml('Context Policy Management')
def testExportPersona(self):
b = Borg()
b.dbProxy.personaToXml('Helen')
def testDataFlowDiagram(self):
importDataflowsFile(os.environ['CAIRIS_SRC'] +
'/test/testdataflow.xml')
b = Borg()
dfs = b.dbProxy.dataFlowDiagram('Psychosis', '')
self.assertEqual(len(dfs), 1)
def testExportDataflows(self):
importDataflowsFile(os.environ['CAIRIS_SRC'] +
'/test/testdataflow.xml')
b = Borg()
self.assertEqual(b.dbProxy.dataflowsToXml()[1], 1)
def exportUserGoalWorkbook(outFile, session_id=None):
b = Borg()
dbProxy = b.get_dbproxy(session_id)
drs = dbProxy.getDocumentReferences()
pcs = list(
map(lambda x: x[1], list(dbProxy.getPersonaCharacteristics().items())))
drSet = set([])
for pc in pcs:
personaName = pc.persona()
for e in pc.grounds() + pc.warrant() + pc.rebuttal():
dr = drs[e[0]]
dr.thePersonaName = personaName
drSet.add(dr)
wb = Workbook(outFile)
ugSheet = wb.add_worksheet('UserGoal')
hFormat = wb.add_format({
'border': 1,
'bg_color': '#C6EFCE',
'bold': True,
'text_wrap': True
})
unlocked = wb.add_format({
'locked': False,
'text_wrap': True,
'font_color': 'green'
})
tWrap = wb.add_format({'text_wrap': True, 'italic': True})
ugSheet.protect()
ugSheet.write('A1', 'Reference', hFormat)
ugSheet.write('B1', 'Description', hFormat)
ugSheet.write('C1', 'Persona', hFormat)
ugSheet.write('D1', 'persona/document_reference', hFormat)
ugSheet.write('E1', 'Element Type', hFormat)
ugSheet.write('F1', 'User Goal', hFormat)
ugSheet.write('G1', 'Initial Satisfaction', hFormat)
cellDict = {}
ugRow = 1
for objt in pcs + list(drSet):
refName = ''
elementType = ''
refDesc = ''
if (objt.__class__.__name__ == 'PersonaCharacteristic'):
refName = objt.characteristic()
elementType = 'persona'
refDesc = refName
else:
refName = objt.name()
elementType = 'document_reference'
refDesc = objt.excerpt()
ugSheet.write_string(ugRow, 0, refName, tWrap)
ugSheet.write_string(ugRow, 1, refDesc, tWrap)
ugSheet.write_string(ugRow, 2, objt.thePersonaName, tWrap)
ugSheet.write_string(ugRow, 3, elementType, tWrap)
ugSheet.data_validation('E' + str(ugRow), {
'validate': 'list',
'source': ['goal', 'softgoal', 'belief']
})
ugSheet.write_string('E' + str(ugRow + 1), 'goal', unlocked)
cellDict[refName] = 'F' + str(ugRow + 1)
ugSheet.write_string(ugRow, 5, '', unlocked)
ugSheet.data_validation(
'G' + str(ugRow + 1), {
'validate':
'list',
'source': [
'Satisfied', 'Weakly Satisfied', 'None', 'Weakly Denied',
'Denied'
]
})
ugSheet.write_string('G' + str(ugRow + 1), 'None', unlocked)
ugRow += 1
ugSheet.set_column('A:B', 30)
ugSheet.set_column('C:D', 20)
ugSheet.set_column('F:G', 30)
contSheet = wb.add_worksheet('Contributions')
hFormat = wb.add_format({
'border': 1,
'bg_color': '#C6EFCE',
'bold': True,
'text_wrap': True
})
contSheet.protect()
contSheet.write('A1', 'Source (GWR User Goal)', hFormat)
contSheet.write('B1', 'Destination (PC User Goal)', hFormat)
contSheet.write('C1', 'Means/End', hFormat)
contSheet.write('D1', 'Contribution', hFormat)
contRow = 1
for pc in pcs:
for e in pc.grounds() + pc.warrant() + pc.rebuttal():
contSheet.write_formula(contRow, 0, "=UserGoal!" + cellDict[e[0]],
tWrap)
contSheet.write_formula(
contRow, 1, "=UserGoal!" + cellDict[pc.characteristic()],
tWrap)
contSheet.data_validation('C' + str(contRow + 1), {
'validate': 'list',
'source': ['means', 'end']
})
contSheet.write('C' + str(contRow + 1), 'means', unlocked)
contSheet.data_validation(
'D' + str(contRow + 1), {
'validate':
'list',
'source': [
'Make', 'SomePositive', 'Help', 'Hurt', 'SomeNegative',
'Break'
]
})
contSheet.write('D' + str(contRow + 1), 'Help', unlocked)
contRow += 1
contSheet.set_column('A:B', 20)
contSheet.set_column('C:D', 15)
wb.close()
def importRiskAnalysis(roleParameterSet, assetParameterSet, vulParameterSet,
attackerParameterSet, threatParameterSet,
riskParameterSet, responseParameterSet,
assocParameterSet, session_id):
b = Borg()
db_proxy = b.get_dbproxy(session_id)
roleCount = 0
for roleParameters in roleParameterSet:
objtId = db_proxy.existingObject(roleParameters.name(), 'role')
if objtId == -1:
db_proxy.addRole(roleParameters)
else:
roleParameters.setId(objtId)
db_proxy.updateRole(roleParameters)
roleCount += 1
assetCount = 0
for assetParameters in assetParameterSet:
objtId = db_proxy.existingObject(assetParameters.name(), 'asset')
if objtId == -1:
db_proxy.addAsset(assetParameters)
else:
assetParameters.setId(objtId)
db_proxy.updateAsset(assetParameters)
assetCount += 1
vulCount = 0
for vulParameters in vulParameterSet:
objtId = db_proxy.existingObject(vulParameters.name(), 'vulnerability')
if objtId == -1:
db_proxy.addVulnerability(vulParameters)
else:
vulParameters.setId(objtId)
db_proxy.updateVulnerability(vulParameters)
vulCount += 1
attackerCount = 0
for attackerParameters in attackerParameterSet:
objtId = db_proxy.existingObject(attackerParameters.name(), 'attacker')
if objtId == -1:
db_proxy.addAttacker(attackerParameters)
else:
attackerParameters.setId(objtId)
db_proxy.updateAttacker(attackerParameters)
attackerCount += 1
threatCount = 0
for threatParameters in threatParameterSet:
objtId = db_proxy.existingObject(threatParameters.name(), 'threat')
if objtId == -1:
db_proxy.addThreat(threatParameters)
else:
threatParameters.setId(objtId)
db_proxy.updateThreat(threatParameters)
threatCount += 1
riskCount = 0
for riskParameters in riskParameterSet:
objtId = db_proxy.existingObject(riskParameters.name(), 'risk')
if objtId == -1:
db_proxy.addRisk(riskParameters)
else:
riskParameters.setId(objtId)
db_proxy.updateRisk(riskParameters)
riskCount += 1
responseCount = 0
for responseParameters in responseParameterSet:
objtId = db_proxy.existingObject(responseParameters.name(), 'response')
if objtId == -1:
db_proxy.addResponse(responseParameters)
else:
responseParameters.setId(objtId)
db_proxy.updateResponse(responseParameters)
responseCount += 1
rshipCount = 0
for assocParameters in assocParameterSet:
db_proxy.addClassAssociation(assocParameters)
rshipCount += 1
msgStr = 'Imported ' + str(roleCount) + ' roles, ' + str(
assetCount) + ' assets, ' + str(vulCount) + ' vulnerabilities, ' + str(
attackerCount) + ' attackers, ' + str(
threatCount) + ' threats, ' + str(
riskCount) + ' risks, ' + str(
responseCount) + ' responses, and ' + str(
rshipCount) + ' asset associations.'
return msgStr
def exportPersonaCharacteristicsWorkbook(outFile, session_id=None):
b = Borg()
dbProxy = b.get_dbproxy(session_id)
roles = list(map(lambda x: x[1], list(dbProxy.getRoles().items())))
eds = list(
map(lambda x: x[1], list(dbProxy.getExternalDocuments().items())))
drs = list(
map(lambda x: x[1], list(dbProxy.getDocumentReferences().items())))
pcs = list(
map(lambda x: x[1], list(dbProxy.getPersonaCharacteristics().items())))
wb = Workbook(outFile)
hFormat = wb.add_format({
'border': 1,
'bg_color': '#C6EFCE',
'bold': True,
'text_wrap': True
})
wrapped = wb.add_format({
'text_wrap': True,
})
edSheet = wb.add_worksheet('External Documents')
edSheet.write('A1', 'Name', hFormat)
edSheet.write('B1', 'Authors', hFormat)
edSheet.write('C1', 'Version', hFormat)
edSheet.write('D1', 'Publication Date', hFormat)
edSheet.write('E1', 'Description', hFormat)
edRow = 1
for edoc in eds:
edSheet.write('A' + str(edRow + 1), edoc.name(), wrapped)
edSheet.write('B' + str(edRow + 1), edoc.authors(), wrapped)
edSheet.write('C' + str(edRow + 1), edoc.version())
edSheet.write('D' + str(edRow + 1), edoc.date(), wrapped)
edSheet.write('E' + str(edRow + 1), edoc.description(), wrapped)
edRow += 1
edSheet.set_column('A:D', 20)
edSheet.set_column('E:E', 50)
drSheet = wb.add_worksheet('Document References')
drSheet.write('A1', 'Name', hFormat)
drSheet.write('B1', 'External Document', hFormat)
drSheet.write('C1', 'Contributor', hFormat)
drSheet.write('D1', 'Excerpt', hFormat)
drRow = 1
for dr in drs:
drSheet.write('A' + str(drRow + 1), dr.name(), wrapped)
drSheet.data_validation('B' + str(drRow + 1), {
'validate': 'list',
'source': "='External Documents'!$A$2:$A$5000"
})
drSheet.write('B' + str(drRow + 1), dr.document(), wrapped)
drSheet.write('C' + str(drRow + 1), dr.contributor(), wrapped)
drSheet.write('D' + str(drRow + 1), dr.excerpt(), wrapped)
drRow += 1
while drRow <= 5000:
drSheet.data_validation('B' + str(drRow + 1), {
'validate': 'list',
'source': "='External Documents'!$A$2:$A$5000"
})
drRow += 1
drSheet.set_column('A:C', 50)
drSheet.set_column('D:D', 75)
pcSheet = wb.add_worksheet('Persona Characteristics')
pcSheet.write('A1', 'Characteristic', hFormat)
pcSheet.write('B1', 'Persona', hFormat)
pcSheet.write('C1', 'Variable', hFormat)
pcSheet.write('D1', 'Modal Qualifier', hFormat)
pcSheet.write('E1', 'Grounds', hFormat)
pcSheet.write('F1', 'Warrant', hFormat)
pcSheet.write('G1', 'Rebuttal', hFormat)
pcRow = 1
for pc in pcs:
pcSheet.write('A' + str(pcRow + 1), pc.characteristic(), wrapped)
pcSheet.write('B' + str(pcRow + 1), pc.persona(), wrapped)
pcSheet.data_validation(
'C' + str(pcRow + 1), {
'validate':
'list',
'source': [
'Activities', 'Attitudes', 'Aptitudes', 'Motivations',
'Skills', 'Environment Narrative', 'Intrinsic',
'Contextual'
]
})
pcSheet.write('C' + str(pcRow + 1), pc.behaviouralVariable(), wrapped)
pcSheet.write('D' + str(pcRow + 1), pc.qualifier(), wrapped)
pcSheet.write('E' + str(pcRow + 1),
','.join(list(map(lambda x: x[0],
pc.grounds()))), wrapped)
pcSheet.write('F' + str(pcRow + 1),
','.join(list(map(lambda x: x[0],
pc.warrant()))), wrapped)
pcSheet.write('G' + str(pcRow + 1),
','.join(list(map(lambda x: x[0],
pc.rebuttal()))), wrapped)
pcRow += 1
while pcRow <= 5000:
pcSheet.data_validation(
'C' + str(pcRow + 1), {
'validate':
'list',
'source': [
'Activities', 'Attitudes', 'Aptitudes', 'Motivations',
'Skills', 'Environment Narrative', 'Intrinsic',
'Contextual'
]
})
pcRow += 1
pcSheet.set_column('A:A', 50)
pcSheet.set_column('B:D', 20)
pcSheet.set_column('E:G', 75)
wb.close()
def importUsability(personaParameterSet, edParameterSet, drParameterSet,
pcParameterSet, taskParameterSet, ucParameterSet,
session_id):
b = Borg()
db_proxy = b.get_dbproxy(session_id)
personaCount = 0
for personaParameters in personaParameterSet:
objtId = db_proxy.existingObject(personaParameters.name(), 'persona')
if objtId == -1:
db_proxy.addPersona(personaParameters)
else:
personaParameters.setId(objtId)
db_proxy.updatePersona(personaParameters)
personaCount += 1
edCount = 0
for edParameters in edParameterSet:
objtId = db_proxy.existingObject(edParameters.name(),
'external_document')
if objtId == -1:
db_proxy.addExternalDocument(edParameters)
else:
edParameters.setId(objtId)
db_proxy.updateExternalDocument(edParameters)
edCount += 1
drCount = 0
for drParameters in drParameterSet:
objtId = db_proxy.existingObject(drParameters.name(),
'document_reference')
if objtId == -1:
db_proxy.addDocumentReference(drParameters)
else:
drParameters.setId(objtId)
db_proxy.updateDocumentReference(drParameters)
drCount += 1
taskCount = 0
for taskParameters in taskParameterSet:
objtId = db_proxy.existingObject(taskParameters.name(), 'task')
if objtId == -1:
db_proxy.addTask(taskParameters)
else:
taskParameters.setId(objtId)
db_proxy.updateTask(taskParameters)
taskCount += 1
ucCount = 0
for ucParameters in ucParameterSet:
objtId = db_proxy.existingObject(ucParameters.name(), 'usecase')
if objtId == -1:
db_proxy.addUseCase(ucParameters)
else:
ucParameters.setId(objtId)
db_proxy.updateUseCase(ucParameters)
ucCount += 1
pcCount = 0
for pcParameters in pcParameterSet:
db_proxy.addPersonaCharacteristic(pcParameters)
pcCount += 1
msgStr = 'Imported ' + str(personaCount) + ' personas, ' + str(
edCount) + ' external documents, ' + str(
drCount) + ' document references, ' + str(
pcCount) + ' persona characteristics, ' + str(
taskCount) + ' tasks, and ' + str(ucCount) + ' use cases.'
return msgStr
def graph(self):
for location in self.theLocs.locations():
locName = location.name()
assetInstances = location.assetInstances()
personaInstances = location.personaInstances()
locCluster = pydot.Cluster(locName,
label=locName,
URL='location#' + locName)
locCluster.add_node(
pydot.Node('point_' + locName,
label='',
shape="none",
fontcolor="white",
URL='location#' + locName))
for inst in assetInstances:
instName = inst[0]
assetName = inst[1]
locCluster.add_node(
pydot.Node(instName, URL='asset#' + assetName))
for persona in personaInstances:
instName = persona[0]
personaName = persona[1]
locCluster.add_node(
pydot.Node(instName,
shape='circle',
URL='persona#' + personaName))
self.theGraph.add_subgraph(locCluster)
for edges in self.theLocs.links():
self.theGraph.add_edge(
pydot.Edge('point_' + edges[0],
'point_' + edges[1],
arrowhead='none',
arrowtail='none',
dir='both'))
edgeList = set([])
b = Borg()
risks = set([])
for trace in self.theOverlayTraces:
riskName = trace.fromName()
locName = trace.toName()
if (riskName, locName) not in edgeList:
edgeList.add((riskName, locName))
if riskName not in risks:
risks.add(riskName)
riskObjt = b.dbProxy.dimensionObject(riskName, 'risk')
riskScores = b.dbProxy.riskScore(riskObjt.threat(),
riskObjt.vulnerability(),
self.theEnvironmentName,
riskName)
highestScore = 0
for riskScore in riskScores:
currentScore = riskScore[2]
if (currentScore > highestScore):
highestScore = currentScore
self.theGraph.add_node(
pydot.Node(riskName,
shape='diamond',
style='filled',
color=threatColourCode(highestScore),
fontcolor=riskTextColourCode(highestScore),
fontname=self.fontName,
fontsize=self.fontSize,
URL='risk#' + riskName))
for edges in edgeList:
self.theGraph.add_edge(pydot.Edge(edges[0], 'point_' + edges[1]))
return self.layout()
def importComponentViewData(view, session_id=None):
b = Borg()
db_proxy = b.get_dbproxy(session_id)
db_proxy.addComponentView(view)
msgStr = 'Imported architectural pattern'
return msgStr
def testUseCase(self):
ucName = self.iUseCases[0]["theName"]
ucAuthor = self.iUseCases[0]["theAuthor"]
ucCode = self.iUseCases[0]["theCode"]
ucDesc = self.iUseCases[0]["theDescription"]
ucActor = self.iUseCases[0]["theActor"]
ucEnv = self.iUseCases[0]["theEnvironments"][0]
ucEnvName = ucEnv["theName"]
ucPre = ucEnv["thePreconditions"]
ucPost = ucEnv["thePostconditions"]
ucAttribute = ucEnv["theAttributes"]
ucRationale = ucEnv["theRationale"]
ucDef = ucEnv["theDefinition"]
ucAverage = ucEnv["theAverage"]
ss = Steps()
for ucStep in ucEnv["theFlow"]:
ss.append(Step(ucStep["theDescription"]))
ucep = UseCaseEnvironmentProperties(ucEnvName, ucPre, ss, ucPost,
ucAttribute, ucRationale, ucDef,
ucAverage)
iuc = UseCaseParameters(ucName, ucAuthor, ucCode, [ucActor], ucDesc,
[], [ucep])
b = Borg()
b.dbProxy.addUseCase(iuc)
theUseCases = b.dbProxy.getUseCases()
ouc = theUseCases[self.iUseCases[0]["theName"]]
self.assertEqual(iuc.name(), ouc.name())
self.assertEqual(iuc.tags(), ouc.tags())
self.assertEqual(iuc.author(), ouc.author())
self.assertEqual(iuc.code(), ouc.code())
self.assertEqual(iuc.actors(), ouc.actors())
self.assertEqual(iuc.description(), ouc.description())
self.assertEqual(iuc.author(), ouc.author())
self.assertEqual(iuc.environmentProperties()[0].preconditions(),
ouc.environmentProperties()[0].preconditions())
self.assertEqual(iuc.environmentProperties()[0].postconditions(),
ouc.environmentProperties()[0].postconditions())
self.assertEqual(iuc.environmentProperties()[0].attributes()[0],
ouc.environmentProperties()[0].attributes()[0])
self.assertEqual(iuc.environmentProperties()[0].attributes()[1],
ouc.environmentProperties()[0].attributes()[1])
self.assertEqual(iuc.environmentProperties()[0].attributes()[2],
ouc.environmentProperties()[0].attributes()[2])
self.assertEqual(iuc.environmentProperties()[0].attributes()[3],
ouc.environmentProperties()[0].attributes()[3])
self.assertEqual(iuc.environmentProperties()[0].attributes()[4],
ouc.environmentProperties()[0].attributes()[4])
self.assertEqual(iuc.environmentProperties()[0].rationale()[0],
ouc.environmentProperties()[0].rationale()[0])
self.assertEqual(iuc.environmentProperties()[0].rationale()[1],
ouc.environmentProperties()[0].rationale()[1])
self.assertEqual(iuc.environmentProperties()[0].rationale()[2],
ouc.environmentProperties()[0].rationale()[2])
self.assertEqual(iuc.environmentProperties()[0].rationale()[3],
ouc.environmentProperties()[0].rationale()[3])
self.assertEqual(iuc.environmentProperties()[0].rationale()[4],
ouc.environmentProperties()[0].rationale()[4])
self.assertEqual(iuc.environmentProperties()[0].definition(),
ouc.environmentProperties()[0].definition())
self.assertEqual(iuc.environmentProperties()[0].average(),
ouc.environmentProperties()[0].average())
iuc.theName = 'Updated name'
iuc.setId(ouc.id())
b.dbProxy.updateUseCase(iuc)
theUseCases = b.dbProxy.getUseCases()
ouc = theUseCases['Updated name']
self.assertEqual(iuc.name(), ouc.name())
self.assertEqual(iuc.tags(), ouc.tags())
self.assertEqual(iuc.author(), ouc.author())
self.assertEqual(iuc.code(), ouc.code())
self.assertEqual(iuc.actors(), ouc.actors())
self.assertEqual(iuc.description(), ouc.description())
self.assertEqual(iuc.author(), ouc.author())
self.assertEqual(iuc.environmentProperties()[0].preconditions(),
ouc.environmentProperties()[0].preconditions())
self.assertEqual(iuc.environmentProperties()[0].postconditions(),
ouc.environmentProperties()[0].postconditions())
self.assertEqual(iuc.environmentProperties()[0].attributes()[0],
ouc.environmentProperties()[0].attributes()[0])
self.assertEqual(iuc.environmentProperties()[0].attributes()[1],
ouc.environmentProperties()[0].attributes()[1])
self.assertEqual(iuc.environmentProperties()[0].attributes()[2],
ouc.environmentProperties()[0].attributes()[2])
self.assertEqual(iuc.environmentProperties()[0].attributes()[3],
ouc.environmentProperties()[0].attributes()[3])
self.assertEqual(iuc.environmentProperties()[0].attributes()[4],
ouc.environmentProperties()[0].attributes()[4])
self.assertEqual(iuc.environmentProperties()[0].rationale()[0],
ouc.environmentProperties()[0].rationale()[0])
self.assertEqual(iuc.environmentProperties()[0].rationale()[1],
ouc.environmentProperties()[0].rationale()[1])
self.assertEqual(iuc.environmentProperties()[0].rationale()[2],
ouc.environmentProperties()[0].rationale()[2])
self.assertEqual(iuc.environmentProperties()[0].rationale()[3],
ouc.environmentProperties()[0].rationale()[3])
self.assertEqual(iuc.environmentProperties()[0].rationale()[4],
ouc.environmentProperties()[0].rationale()[4])
self.assertEqual(iuc.environmentProperties()[0].definition(),
ouc.environmentProperties()[0].definition())
self.assertEqual(iuc.environmentProperties()[0].average(),
ouc.environmentProperties()[0].average())
b.dbProxy.deleteUseCase(ouc.id())
def importLocations(locations, session_id):
b = Borg()
db_proxy = b.get_dbproxy(session_id)
db_proxy.addLocations(locations)
msgStr = 'Imported ' + locations.name()
return msgStr
def extractModel(session_id=None):
b = Borg()
xmlBuf = '<?xml version="1.0"?>\n<!DOCTYPE cairis_model PUBLIC "-//CAIRIS//DTD MODEL 1.0//EN" "http://cairis.org/dtd/cairis_model.dtd">\n<cairis_model>\n\n\n'
xmlBuf += b.get_dbproxy(session_id).tvTypesToXml(0)[0] + '\n\n'
xmlBuf += b.get_dbproxy(session_id).domainValuesToXml(0)[0] + '\n\n'
xmlBuf += b.get_dbproxy(session_id).projectToXml(0) + '\n\n'
xmlBuf += b.get_dbproxy(session_id).riskAnalysisToXml(0)[0] + '\n\n'
xmlBuf += b.get_dbproxy(session_id).usabilityToXml(0)[0] + '\n\n'
xmlBuf += b.get_dbproxy(session_id).goalsToXml(0)[0] + '\n\n'
xmlBuf += b.get_dbproxy(session_id).associationsToXml(0)[0] + '\n\n'
xmlBuf += b.get_dbproxy(session_id).synopsesToXml(0)[0] + '\n\n'
xmlBuf += b.get_dbproxy(session_id).misusabilityToXml(0)[0] + '\n\n'
xmlBuf += b.get_dbproxy(session_id).dataflowsToXml(0)[0] + '\n\n'
xmlBuf += b.get_dbproxy(
session_id).locationsToXml()[0] + '\n\n</cairis_model>'
return xmlBuf
def set_dbproxy(dbUser):
b = Borg()
dbName = dbUser + '_default'
dbPasswd = ''
db_proxy = MySQLDatabaseProxy(user=dbUser, passwd=dbPasswd, db=dbName)
pSettings = db_proxy.getProjectSettings()
id = b.init_settings()
db_proxy.close()
session['session_id'] = id
b.settings[id]['dbProxy'] = db_proxy
b.settings[id]['dbUser'] = dbUser
b.settings[id]['dbPasswd'] = dbPasswd
b.settings[id]['dbHost'] = b.dbHost
b.settings[id]['dbPort'] = b.dbPort
b.settings[id]['dbName'] = dbName
b.settings[id]['rPasswd'] = b.rPasswd
b.settings[id]['fontSize'] = pSettings['Font Size']
b.settings[id]['apFontSize'] = pSettings['AP Font Size']
b.settings[id]['fontName'] = pSettings['Font Name']
b.settings[id]['jsonPrettyPrint'] = False
return b.settings[id]
def tearDown(self):
b = Borg()
b.dbProxy.close()
call([os.environ['CAIRIS_CFG_DIR'] + "/dropdb.sh"])
def __init__(self, session_id): CairisDAO.__init__(self, session_id) b = Borg()
def tearDown(self):
b = Borg()
b.dbProxy.deleteDataFlow(self.dfJson['theName'],
self.dfJson['theEnvironmentName'])
odfs = b.dbProxy.getDataFlows()
self.assertEqual(len(odfs), 0)
def __init__(self, session_id): CairisDAO.__init__(self, session_id) b = Borg() self.image_dir = b.uploadDir
def tearDown(self): b = Borg() b.dbProxy.close() call([os.environ['CAIRIS_SRC'] + "/test/dropdb.sh"])
def testProjectSettings(self):
b = Borg()
self.assertEqual(b.fontName, 'Times New Roman')
self.assertEqual(b.fontSize, '7.5')
self.assertEqual(b.apFontSize, '13')
