def validate_post(request_media, session):
errors = []
# Validate name
# -----------------------------------------------------
name = request_media.get('name')
error = validate_str('name', name,
is_mandatory=True,
max_length=constants.GENERAL_NAME_MAX_LENGTH,
exists_strategy=exists_name(name, session))
if error:
errors.append(error)
# Validate description
# -----------------------------------------------------
description = request_media.get('description')
error = validate_str('description', description, max_length=constants.GENERAL_DESCRIPTION_MAX_LENGTH)
if error:
errors.append(error)
# Asset category id is mandatory and must be valid
# -----------------------------------------------------
category_id = request_media.get('category_id')
if category_id is None:
errors.append(build_error(Message.ERR_FIELD_CANNOT_BE_NULL, field_name='categoryId'))
elif not session.query(ITAssetCategory).get(category_id):
errors.append(build_error(Message.ERR_FIELD_VALUE_INVALID, field_name='categoryId'))
return errors
def validate_patch(request_media, session):
errors = []
if not request_media:
errors.append(build_error(Message.ERR_NO_CONTENT))
return errors
# Validate name if informed
# -----------------------------------------------------
if 'name' in request_media:
name = request_media.get('name')
error = validate_str('name', name,
is_mandatory=True,
max_length=constants.GENERAL_NAME_MAX_LENGTH,
exists_strategy=exists_name(name, session))
if error:
errors.append(error)
# Validate name if informed
# -----------------------------------------------------
if 'description' in request_media:
description = request_media.get('description')
error = validate_str('description', description, max_length=constants.GENERAL_DESCRIPTION_MAX_LENGTH)
if error:
errors.append(error)
return errors
def validate_post(request_media, session):
errors = []
# Validate id
# -----------------------------------------------------
role_id = request_media.get('id')
error = validate_number('id',
role_id,
is_mandatory=True,
min_value=1,
exists_strategy=exists_role_id(role_id, session))
if error:
errors.append(error)
# Validate name
# -----------------------------------------------------
name = request_media.get('name')
error = validate_str('name',
name,
is_mandatory=True,
max_length=constants.GENERAL_NAME_MAX_LENGTH,
exists_strategy=exists_name(name, session))
if error:
errors.append(error)
# Validate description
# -----------------------------------------------------
description = request_media.get('description')
error = validate_str('description',
description,
max_length=constants.GENERAL_DESCRIPTION_MAX_LENGTH)
if error:
errors.append(error)
return errors
def validate_post(request_media, session):
errors = []
# Validate Tax ID
# -----------------------------------------------------
tax_id = request_media.get('tax_id')
error = validate_str('taxId', tax_id,
is_mandatory=True,
max_length=constants.TAX_ID_MAX_LENGTH,
exists_strategy=exists_tax_id(tax_id, session))
if error:
errors.append(error)
# Validate legal name
# -----------------------------------------------------
legal_name = request_media.get('legal_name')
error = validate_str('legalName', legal_name,
is_mandatory=True,
min_length=constants.GENERAL_NAME_MIN_LENGTH,
max_length=constants.GENERAL_NAME_MAX_LENGTH,
exists_strategy=exists_legal_name(legal_name, session))
if error:
errors.append(error)
# Validate trade name
# -----------------------------------------------------
trade_name = request_media.get('trade_name')
error = validate_str('tradeName', trade_name,
min_length=constants.GENERAL_NAME_MIN_LENGTH,
max_length=constants.GENERAL_NAME_MAX_LENGTH)
if error:
errors.append(error)
return errors
def validate_post(request_media, session):
errors = []
# Validate name
# -----------------------------------------------------
full_name = request_media.get('full_name')
error = validate_str('fullName',
full_name,
is_mandatory=True,
max_length=constants.GENERAL_NAME_MAX_LENGTH)
if error:
errors.append(error)
# Validate email
# -----------------------------------------------------
email = request_media.get('email')
error = validate_str('email',
email,
is_mandatory=True,
max_length=constants.EMAIL_MAX_LENGTH,
exists_strategy=exists_email(email, session))
if error:
errors.append(error)
# Validate password
# -----------------------------------------------------
password = request_media.get('password')
error = validate_str('password',
password,
is_mandatory=True,
min_length=constants.PASSWORD_MIN_LENGTH)
if error:
errors.append(error)
# Validate roles
# -----------------------------------------------------
roles = request_media.get('roles')
if roles:
# Get the system roles (get scalars from tuples returned)
existing_roles = session.query(SystemRole.id).all()
existing_roles_ids = [role_id for (role_id, ) in existing_roles]
# Check if id informed exists
for idx, role in enumerate(roles):
if role.get('id') not in existing_roles_ids:
field_name = 'role[{}].id'.format(idx)
errors.append(
build_error(Message.ERR_FIELD_VALUE_INVALID,
field_name=field_name))
return errors
def validate_patch(request_media, it_asset_instance, organization_code,
session):
errors = []
if not request_media:
errors.append(build_error(Message.ERR_NO_CONTENT))
return errors
# Validate external identifier if informed
# There MUST NOT exist the same (IT asset id + external identifier) combination in organization except itself
# -----------------------------------------------------
if 'external_identifier' in request_media:
external_identifier = request_media.get('external_identifier')
error = validate_str('externalIdentifier',
external_identifier,
max_length=constants.GENERAL_NAME_MAX_LENGTH)
if error:
errors.append(error)
elif exists_other_it_asset(session, organization_code,
it_asset_instance, external_identifier):
errors.append(
build_error(Message.ERR_FIELD_VALUE_ALREADY_EXISTS,
field_name='externalIdentifier'))
return errors
def validate_post(request_media, organization_code, session):
errors = []
# Validate IT asset id
# -----------------------------------------------------
it_asset_id = request_media.get('it_asset_id')
if it_asset_id is None:
errors.append(
build_error(Message.ERR_FIELD_CANNOT_BE_NULL,
field_name='itAssetId'))
elif not session.query(ITAsset).get(it_asset_id):
errors.append(
build_error(Message.ERR_FIELD_VALUE_INVALID,
field_name='itAssetId'))
# Validate external identifier if informed
# There MUST NOT exist the same (IT asset id + external identifier) combination in organization
# -----------------------------------------------------
external_identifier = request_media.get('external_identifier')
error = validate_str('externalIdentifier',
external_identifier,
max_length=constants.GENERAL_NAME_MAX_LENGTH)
if error:
errors.append(error)
elif exists_it_asset(session, organization_code, it_asset_id,
external_identifier):
errors.append(
build_error(Message.ERR_FIELD_VALUE_ALREADY_EXISTS,
field_name='externalIdentifier'))
return errors
def validate_post(request_media, session):
errors = []
# Validate name
# -----------------------------------------------------
name = request_media.get('name')
error = validate_str('name',
name,
is_mandatory=True,
max_length=constants.GENERAL_NAME_MAX_LENGTH,
exists_strategy=exists_name(name, session))
if error:
errors.append(error)
# Category id is mandatory, must be valid and must be available
# -----------------------------------------------------
category_id = request_media.get('id')
error = validate_number('id',
category_id,
is_mandatory=True,
min_value=1,
exists_strategy=lambda: session.query(
ITAssetCategory).get(category_id))
if errors:
errors.append(error)
return errors
def validate_patch(request_media, session):
errors = []
if not request_media:
errors.append(build_error(Message.ERR_NO_CONTENT))
return errors
# Validate name if informed
# -----------------------------------------------------
if 'full_name' in request_media:
email = request_media.get('full_name')
error = validate_str('fullName',
email,
is_mandatory=True,
max_length=constants.GENERAL_NAME_MAX_LENGTH)
if error:
errors.append(error)
# Validate email if informed
# -----------------------------------------------------
if 'email' in request_media:
email = request_media.get('email')
error = validate_str('email',
email,
is_mandatory=True,
max_length=constants.EMAIL_MAX_LENGTH,
exists_strategy=exists_email(email, session))
if error:
errors.append(error)
# Validate password if informed
# -----------------------------------------------------
if 'password' in request_media:
password = request_media.get('password')
error = validate_str('password',
password,
is_mandatory=True,
min_length=constants.PASSWORD_MIN_LENGTH)
if error:
errors.append(error)
return errors
def validate_patch(request_media, session):
errors = []
if not request_media:
errors.append(build_error(Message.ERR_NO_CONTENT))
return errors
# Validate Tax ID if informed
# -----------------------------------------------------
if 'tax_id' in request_media:
tax_id = request_media.get('tax_id')
error = validate_str('taxId', tax_id,
is_mandatory=True,
max_length=constants.TAX_ID_MAX_LENGTH,
exists_strategy=exists_tax_id(tax_id, session))
if error:
errors.append(error)
# Validate legal name if informed
# -----------------------------------------------------
if 'legal_name' in request_media:
legal_name = request_media.get('legal_name')
error = validate_str('legalName', legal_name,
is_mandatory=True,
min_length=constants.GENERAL_NAME_MIN_LENGTH,
max_length=constants.GENERAL_NAME_MAX_LENGTH,
exists_strategy=exists_legal_name(legal_name, session))
if error:
errors.append(error)
# Validate trade name if informed
# -----------------------------------------------------
if 'trade_name' in request_media:
trade_name = request_media.get('trade_name')
error = validate_str('tradeName', trade_name,
min_length=constants.GENERAL_NAME_MIN_LENGTH,
max_length=constants.GENERAL_NAME_MAX_LENGTH)
if error:
errors.append(error)
return errors
def validate_patch(request_media, session):
errors = []
if not request_media:
errors.append(build_error(Message.ERR_NO_CONTENT))
return errors
# Validate name if informed
# -----------------------------------------------------
if 'name' in request_media:
name = request_media.get('name')
error = validate_str('name', name,
is_mandatory=True,
max_length=constants.GENERAL_NAME_MAX_LENGTH,
exists_strategy=exists_name(name, session))
if error:
errors.append(error)
# Validate description if informed
# -----------------------------------------------------
if 'description' in request_media:
description = request_media.get('description')
error = validate_str('description', description, max_length=constants.GENERAL_DESCRIPTION_MAX_LENGTH)
if error:
errors.append(error)
# Validate asset category id if informed
# -----------------------------------------------------
if 'category_id' in request_media:
category_id = request_media.get('category_id')
# Cannot be null if informed and must be valid
if category_id is None:
errors.append(build_error(Message.ERR_FIELD_CANNOT_BE_NULL, field_name='categoryId'))
elif not session.query(ITAssetCategory).get(category_id):
errors.append(build_error(Message.ERR_FIELD_VALUE_INVALID, field_name='categoryId'))
return errors
def validate_post(request_media, session):
errors = []
# Validate name
# -----------------------------------------------------
name = request_media.get('name')
error = validate_str('name',
name,
is_mandatory=True,
max_length=constants.GENERAL_NAME_MAX_LENGTH,
exists_strategy=exists_name(name, session))
if error:
errors.append(error)
return errors
def validate_post(request_media):
errors = []
if not request_media:
errors.append(build_error(Message.ERR_NO_CONTENT))
return errors
# Validate email
# -----------------------------------------------------
email = request_media.get('email')
error = validate_str('email', email, is_mandatory=True)
if error:
errors.append(error)
return errors
# Validate password
# -----------------------------------------------------
password = request_media.get('password')
error = validate_str('password', password, is_mandatory=True)
if error:
errors.append(error)
return errors
return errors
def validate_post(request_media):
errors = []
# Validate description if informed
# -----------------------------------------------------
description = request_media.get('description')
error = validate_str('description',
description,
max_length=constants.ANALYSIS_DESCRIPTION_MAX_LENGTH)
if error:
errors.append(error)
# Validate scopes if informed
# -----------------------------------------------------
scopes = request_media.get('scopes') or []
for i, scope in enumerate(scopes):
scope_i = f'scopes[{i}]'
# departmentId is the minimum scope that must be informed
if scope.get('department_id') is None:
errors.append(
build_error(Message.ERR_FIELD_CANNOT_BE_NULL,
field_name=f'{scope_i}.departmentId'))
# macroprocessId cannot be null when processId is filled
if scope.get('macroprocess_id') is None and scope.get(
'process_id') is not None:
errors.append(
build_error(Message.ERR_FIELD_CANNOT_BE_NULL,
field_name=f'{scope_i}.macroprocessId'))
# Validate if values are numbers greater than 0
errors.append(
validate_number(f'{scope_i}.departmentId',
scope.get('department_id'),
min_value=1))
errors.append(
validate_number(f'{scope_i}.macroprocessId',
scope.get('macroprocess_id'),
min_value=1))
errors.append(
validate_number(f'{scope_i}.processId',
scope.get('process_id'),
min_value=1))
# Remove None's before returning
return [err for err in errors if err is not None]
def validate_patch(request_media):
errors = []
if not request_media:
errors.append(build_error(Message.ERR_NO_CONTENT))
return errors
# Validate description if informed
# -----------------------------------------------------
if 'description' in request_media:
description = request_media.get('description')
error = validate_str(
'description',
description,
max_length=constants.ANALYSIS_DESCRIPTION_MAX_LENGTH)
if error:
errors.append(error)
return errors
def validate_post(request_media, it_asset_instance_id, organization_code, session):
errors = []
# Validate mitigation control id
# -----------------------------------------------------
mitigation_control_id = request_media.get('mitigation_control_id')
if mitigation_control_id is None:
errors.append(build_error(Message.ERR_FIELD_CANNOT_BE_NULL, field_name='mitigationControlId'))
elif not session.query(MitigationControl).get(mitigation_control_id):
errors.append(build_error(Message.ERR_FIELD_VALUE_INVALID, field_name='mitigationControlId'))
elif find_mitigation_control_in_it_asset(mitigation_control_id, it_asset_instance_id, organization_code, session):
errors.append(build_error(Message.ERR_FIELD_VALUE_ALREADY_EXISTS, field_name='mitigationControlId'))
# Validate description if informed
# -----------------------------------------------------
description = request_media.get('description')
error = validate_str('description', description, max_length=constants.GENERAL_DESCRIPTION_MAX_LENGTH)
if error:
errors.append(error)
return errors
