def on_get(self, req, resp, organization_code, it_asset_instance_id):
"""List mitigation controls for an organization IT asset.
:param req: See Falcon Request documentation.
:param resp: See Falcon Response documentation.
:param organization_code: The code of the organization.
:param it_asset_instance_id: The id of the IT asset instance.
"""
session = Session()
try:
organization_it_asset = find_organization_it_asset(it_asset_instance_id, organization_code, session)
if organization_it_asset is None:
raise falcon.HTTPNotFound()
# Build query to fetch items
query = session \
.query(OrganizationItAssetControl) \
.join(OrganizationITAsset) \
.join(MitigationControl) \
.filter(OrganizationITAsset.organization_id == organization_code) \
.filter(OrganizationITAsset.instance_id == it_asset_instance_id) \
.order_by(MitigationControl.name)
data, paging = get_collection_page(req, query, custom_asdict)
resp.media = {
'data': data,
'paging': paging
}
finally:
session.close()
def on_get(self, req, resp, organization_code, it_asset_instance_id):
"""GETs a paged collection of an IT assets' vulnerabilities in an organization.
:param req: See Falcon Request documentation.
:param resp: See Falcon Response documentation.
:param organization_code: The code of the organization.
:param it_asset_instance_id: The id of the IT asset instance.
"""
session = Session()
try:
it_asset_instance = find_it_asset_instance(it_asset_instance_id,
organization_code,
session)
if it_asset_instance is None:
raise falcon.HTTPNotFound()
# Build query to fetch items
query = session\
.query(OrganizationITAssetVulnerability)\
.join(OrganizationSecurityThreat)\
.join(OrganizationITAsset)\
.join(SecurityThreat)\
.filter(OrganizationSecurityThreat.organization_id == organization_code) \
.filter(OrganizationITAsset.instance_id == it_asset_instance_id) \
.order_by(SecurityThreat.name)
data, paging = get_collection_page(req, query, custom_asdict)
resp.media = {'data': data, 'paging': paging}
finally:
session.close()
def on_get(self, req, resp, organization_code, analysis_id):
"""GETs a paged collection of details of a specific analysis from an organization.
:param req: See Falcon Request documentation.
:param resp: See Falcon Response documentation.
:param organization_code: The code of the organization.
:param analysis_id: The id of the analysis for which the details should be retrieved.
"""
session = Session()
try:
organization_analysis = find_organization_analysis(organization_code, analysis_id, session)
if organization_analysis is None:
raise falcon.HTTPNotFound()
# Build query to fetch items
query = session \
.query(OrganizationAnalysisDetail) \
.join(OrganizationAnalysis) \
.filter(OrganizationAnalysis.organization_id == organization_code) \
.filter(OrganizationAnalysis.id == analysis_id) \
.order_by(OrganizationAnalysisDetail.calculated_risk.desc(),
OrganizationAnalysisDetail.calculated_impact.desc(),
OrganizationAnalysisDetail.calculated_probability.desc())
data, paging = get_collection_page(req, query, custom_asdict)
resp.media = {
'data': data,
'paging': paging
}
finally:
session.close()
def on_get(self, req, resp, organization_code):
"""GETs a paged collection of departments of an organization.
:param req: See Falcon Request documentation.
:param resp: See Falcon Response documentation.
:param organization_code: The code of the organization.
"""
session = Session()
try:
organization = session.query(Organization).get(organization_code)
if organization is None:
raise falcon.HTTPNotFound()
# Build query to fetch items
query = session\
.query(OrganizationDepartment)\
.filter(OrganizationDepartment.organization_id == organization_code)\
.order_by(OrganizationDepartment.created_on)\
.options(joinedload(OrganizationDepartment.department, innerjoin=True))
data, paging = get_collection_page(req, query, custom_asdict)
resp.media = {
'data': data,
'paging': paging
}
finally:
session.close()
def on_get(self, req, resp, organization_code):
"""GETs a paged collection of processes of an organization.
:param req: See Falcon Request documentation.
:param resp: See Falcon Response documentation.
:param organization_code: The code of the organization.
"""
session = Session()
try:
organization = session.query(Organization).get(organization_code)
if organization is None:
raise falcon.HTTPNotFound()
# Build query to fetch items
query = session\
.query(OrganizationProcess) \
.filter(OrganizationProcess.organization_id == organization_code)\
.order_by(OrganizationProcess.created_on)
# Handle optional filters
macroprocess_instance_id = req.get_param_as_int('macroprocessInstanceId')
if macroprocess_instance_id:
query = query.filter(OrganizationProcess.macroprocess_instance_id == macroprocess_instance_id)
data, paging = get_collection_page(req, query, custom_asdict)
resp.media = {
'data': data,
'paging': paging
}
finally:
session.close()
def on_get(self, req, resp):
"""GETs a paged collection of system users.
:param req: See Falcon Request documentation.
:param resp: See Falcon Response documentation.
"""
session = Session()
try:
query = session.query(SystemUser).order_by(SystemUser.full_name)
data, paging = get_collection_page(req, query, custom_asdict)
resp.media = {'data': data, 'paging': paging}
finally:
session.close()
def on_get(self, req, resp):
"""GETs a paged collection of IT services available.
:param req: See Falcon Request documentation.
:param resp: See Falcon Response documentation.
"""
session = Session()
try:
query = session.query(ITService).order_by(ITService.name)
data, paging = get_collection_page(req, query)
resp.media = {'data': data, 'paging': paging}
finally:
session.close()
def on_get(self, req, resp):
"""GETs a paged collection of organizations.
:param req: See Falcon Request documentation.
:param resp: See Falcon Response documentation.
"""
session = Session()
try:
query = session.query(Organization).order_by(Organization.legal_name, Organization.created_on)
data, paging = get_collection_page(req, query)
resp.media = {
'data': data,
'paging': paging
}
finally:
session.close()
def on_get(self, req, resp, organization_code):
"""GETs a paged collection of analyses of an organization.
:param req: See Falcon Request documentation.
:param resp: See Falcon Response documentation.
:param organization_code: The code of the organization.
"""
session = Session()
try:
organization = session.query(Organization).get(organization_code)
if organization is None:
raise falcon.HTTPNotFound()
query = session\
.query(OrganizationAnalysis) \
.filter(OrganizationAnalysis.organization_id == organization_code) \
.order_by(OrganizationAnalysis.created_on.desc())
data, paging = get_collection_page(req, query, custom_asdict)
resp.media = {'data': data, 'paging': paging}
finally:
session.close()
def on_get(self, req, resp, organization_code):
"""GETs a paged collection of security threats of an organization.
:param req: See Falcon Request documentation.
:param resp: See Falcon Response documentation.
:param organization_code: The code of the organization.
"""
session = Session()
try:
organization = session.query(Organization).get(organization_code)
if organization is None:
raise falcon.HTTPNotFound()
# Build query to fetch items
query = session\
.query(OrganizationSecurityThreat)\
.join(SecurityThreat)\
.filter(OrganizationSecurityThreat.organization_id == organization_code)\
.order_by(SecurityThreat.name)\
data, paging = get_collection_page(req, query, custom_asdict)
resp.media = {'data': data, 'paging': paging}
finally:
session.close()