def on_patch(self, req, resp, security_threat_id):
"""Updates (partially) the security threat requested.
All entities that reference the security threat will be affected by the update.
:param req: See Falcon Request documentation.
:param resp: See Falcon Response documentation.
:param security_threat_id: The id of security threat to be patched.
"""
session = Session()
try:
security_threat = session.query(SecurityThreat).get(security_threat_id)
if security_threat is None:
raise falcon.HTTPNotFound()
errors = validate_patch(req.media, session)
if errors:
raise HTTPUnprocessableEntity(errors)
patch_item(security_threat, req.media, only=['name', 'description'])
session.commit()
resp.status = falcon.HTTP_OK
resp.media = {'data': security_threat.asdict()}
finally:
session.close()
def on_patch(self, req, resp, organization_code, analysis_id):
"""Updates (only allowed properties of) an analysis.
:param req: See Falcon Request documentation.
:param resp: See Falcon Response documentation.
:param organization_code: The code of organization.
:param analysis_id: The id of the analysis to be patched.
"""
session = Session()
try:
analysis = find_organization_analysis(analysis_id,
organization_code, session)
if analysis is None:
raise falcon.HTTPNotFound()
errors = validate_patch(req.media)
if errors:
raise HTTPUnprocessableEntity(errors)
patch_item(analysis, req.media, only=['description'])
session.commit()
resp.status = falcon.HTTP_OK
resp.media = {'data': custom_asdict(analysis)}
finally:
session.close()
def on_patch(self, req, resp, organization_code, it_asset_instance_id,
security_threat_id):
"""Updates (partially) the IT asset vulnerability requested.
All entities that reference the IT asset vulnerability will be affected by the update.
:param req: See Falcon Request documentation.
:param resp: See Falcon Response documentation.
:param organization_code: The code of organization.
:param it_asset_instance_id: The id of IT asset instance to be patched.
:param security_threat_id: The id of security threat.
"""
session = Session()
try:
vulnerability = find_it_asset_instance_security_threat(
security_threat_id, it_asset_instance_id, organization_code,
session)
if vulnerability is None:
raise falcon.HTTPNotFound()
errors = validate_patch(req.media, session)
if errors:
raise HTTPUnprocessableEntity(errors)
accepted_fields = ['vulnerability_level_id']
patch_item(vulnerability, req.media, only=accepted_fields)
session.commit()
resp.status = falcon.HTTP_OK
resp.media = {'data': custom_asdict(vulnerability)}
finally:
session.close()
def on_patch(self, req, resp, organization_code, security_threat_id):
"""Updates (partially) the security threat requested.
All entities that reference the security threat will be affected by the update.
:param req: See Falcon Request documentation.
:param resp: See Falcon Response documentation.
:param organization_code: The code of organization containing the security threat.
:param security_threat_id: The id of security threat to be patched.
"""
session = Session()
try:
security_threat = find_organization_security_threat(
security_threat_id, organization_code, session)
if security_threat is None:
raise falcon.HTTPNotFound()
errors = validate_patch(req.media, organization_code, session)
if errors:
raise HTTPUnprocessableEntity(errors)
patch_item(security_threat, req.media, only=['threat_level_id'])
session.commit()
resp.status = falcon.HTTP_OK
resp.media = {'data': custom_asdict(security_threat)}
finally:
session.close()
def on_patch(self, req, resp, macroprocess_id):
"""Updates (partially) the macroprocess requested.
All entities that reference the macroprocess will be affected by the update.
:param req: See Falcon Request documentation.
:param resp: See Falcon Response documentation.
:param macroprocess_id: The id of macroprocess to be patched.
"""
session = Session()
try:
macroprocess = session.query(BusinessMacroprocess).get(
macroprocess_id)
if macroprocess is None:
raise falcon.HTTPNotFound()
errors = validate_patch(req.media, session)
if errors:
raise HTTPUnprocessableEntity(errors)
patch_item(macroprocess, req.media, only=['name'])
session.commit()
resp.status = falcon.HTTP_OK
resp.media = {'data': macroprocess.asdict()}
finally:
session.close()
def on_patch(self, req, resp, organization_code, it_asset_instance_id):
"""Updates (partially) the IT asset instance requested.
All entities that reference the IT asset instance will be affected by the update.
:param req: See Falcon Request documentation.
:param resp: See Falcon Response documentation.
:param organization_code: The code of organization.
:param it_asset_instance_id: The id of IT asset instance to be patched.
"""
session = Session()
try:
it_asset_instance = find_it_asset_instance(it_asset_instance_id,
organization_code,
session)
if it_asset_instance is None:
raise falcon.HTTPNotFound()
errors = validate_patch(req.media, it_asset_instance,
organization_code, session)
if errors:
raise HTTPUnprocessableEntity(errors)
patch_item(it_asset_instance,
req.media,
only=['external_identifier'])
session.commit()
resp.status = falcon.HTTP_OK
resp.media = {'data': custom_asdict(it_asset_instance)}
finally:
session.close()
def on_patch(self, req, resp, it_asset_category_id):
"""Updates (partially) the IT asset category requested.
All entities that reference the IT asset category will be affected by the update.
:param req: See Falcon Request documentation.
:param resp: See Falcon Response documentation.
:param it_asset_category_id: The id of IT asset category to be patched.
"""
session = Session()
try:
it_asset_category = session.query(ITAssetCategory).get(
it_asset_category_id)
if it_asset_category is None:
raise falcon.HTTPNotFound()
errors = validate_patch(req.media, session)
if errors:
raise HTTPUnprocessableEntity(errors)
patch_item(it_asset_category, req.media, only=['name'])
session.commit()
resp.status = falcon.HTTP_OK
resp.media = {'data': it_asset_category.asdict()}
finally:
session.close()
def on_patch(self, req, resp, mitigation_control_id):
"""Updates (partially) the mitigation control requested.
All entities that reference the mitigation control will be affected by the update.
:param req: See Falcon Request documentation.
:param resp: See Falcon Response documentation.
:param mitigation_control_id: The id of mitigation control to be patched.
"""
session = Session()
try:
item = session.query(MitigationControl).get(mitigation_control_id)
if item is None:
raise falcon.HTTPNotFound()
errors = validate_patch(req.media, session)
if errors:
raise HTTPUnprocessableEntity(errors)
patch_item(item, req.media, only=['name', 'description'])
session.commit()
resp.status = falcon.HTTP_OK
resp.media = {'data': item.asdict()}
finally:
session.close()
def on_patch(self, req, resp, user_id):
"""Updates (partially) the system user requested.
All entities that reference the system user will be affected by the update.
:param req: See Falcon Request documentation.
:param resp: See Falcon Response documentation.
:param user_id: The id of user to be patched.
"""
session = Session()
try:
user = session.query(SystemUser).get(user_id)
if user is None:
raise falcon.HTTPNotFound()
errors = validate_patch(req.media, session)
if errors:
raise HTTPUnprocessableEntity(errors)
patch_item(user, req.media, only=['email', 'full_name'])
# Update password if informed
if 'password' in req.media:
password = req.media.get('password')
user.hashed_password = bcrypt.hashpw(password.encode('UTF-8'),
bcrypt.gensalt())
user.last_modified_on = datetime.utcnow()
# Block / Unblock user if requested
if 'is_blocked' in req.media:
is_blocked = req.media.get('is_blocked')
change_block_state(is_blocked, user)
# Unlock if requested
if req.media.get('unlock') is True:
user.locked_out_on = None
user.last_modified_on = datetime.utcnow()
session.commit()
resp.status = falcon.HTTP_OK
resp.media = {'data': custom_asdict(user)}
finally:
session.close()
def on_patch(self, req, resp, organization_code, it_service_instance_id,
it_asset_instance_id):
"""Updates (partially) the relationship IT service-IT asset requested.
All entities that reference the relationship will be affected by the update.
:param req: See Falcon Request documentation.
:param resp: See Falcon Response documentation.
:param organization_code: The code of the organization.
:param it_service_instance_id: The id of the IT service instance to be patched.
:param it_asset_instance_id: The id of the IT asset instance to be patched.
"""
session = Session()
try:
# Route params are checked in two steps:
# 1st step: check if IT service is in organization
# 2nd step: check if IT asset is in organization IT service
it_service_instance = find_it_service_instance(
it_service_instance_id, organization_code, session)
it_service_asset = find_it_service_it_asset(
it_asset_instance_id, it_service_instance_id, session)
if it_service_instance is None or it_service_asset is None:
raise falcon.HTTPNotFound()
errors = validate_patch(req.media, organization_code, session)
if errors:
raise HTTPUnprocessableEntity(errors)
patch_item(it_service_asset,
req.media,
only=['relevance_level_id'])
session.commit()
resp.status = falcon.HTTP_OK
resp.media = {'data': custom_asdict(it_service_asset)}
finally:
session.close()
def on_patch(self, req, resp, organization_code):
"""Updates (partially) the organization.
:param req: See Falcon Request documentation.
:param resp: See Falcon Response documentation.
:param organization_code: The code of organization to be patched.
"""
session = Session()
try:
organization = session.query(Organization).get(organization_code)
if organization is None:
raise falcon.HTTPNotFound()
errors = validate_patch(req.media, session)
if errors:
raise HTTPUnprocessableEntity(errors)
patch_item(organization, req.media, only=['tax_id', 'legal_name', 'trade_name'])
session.commit()
resp.status = falcon.HTTP_OK
resp.media = {'data': organization.asdict()}
finally:
session.close()