def testStandardVulnerability(self): iveps1 = [ VulnerabilityEnvironmentProperties( self.iVuln[0]["theEnvironmentProperties"][0]["theName"], self.iVuln[0]["theEnvironmentProperties"][0]["theSeverity"], self.iVuln[0]["theEnvironmentProperties"][0]["theAssets"]) ] iveps2 = [ VulnerabilityEnvironmentProperties( self.iVuln[1]["theEnvironmentProperties"][0]["theName"], self.iVuln[1]["theEnvironmentProperties"][0]["theSeverity"], self.iVuln[1]["theEnvironmentProperties"][0]["theAssets"]) ] iveps3 = [ VulnerabilityEnvironmentProperties( self.iVuln[2]["theEnvironmentProperties"][0]["theName"], self.iVuln[2]["theEnvironmentProperties"][0]["theSeverity"], self.iVuln[2]["theEnvironmentProperties"][0]["theAssets"]) ] ivp1 = VulnerabilityParameters(self.iVuln[0]["theName"], self.iVuln[0]["theDescription"], self.iVuln[0]["theType"], [], iveps1) ivp2 = VulnerabilityParameters(self.iVuln[1]["theName"], self.iVuln[1]["theDescription"], self.iVuln[1]["theType"], [], iveps2) ivp3 = VulnerabilityParameters(self.iVuln[2]["theName"], self.iVuln[2]["theDescription"], self.iVuln[2]["theType"], [], iveps3) b = Borg() b.dbProxy.addVulnerability(ivp1) b.dbProxy.addVulnerability(ivp2) b.dbProxy.addVulnerability(ivp3) ovps = b.dbProxy.getVulnerabilities() ovp1 = ovps[self.iVuln[0]["theName"]] ovep1 = ovp1.environmentProperties() self.assertEqual(ivp1.name(), ovp1.name()) self.assertEqual(ivp1.type(), ovp1.type()) self.assertEqual(ivp1.description(), ovp1.description()) self.assertEqual( self.iVuln[0]["theEnvironmentProperties"][0]["theSeverity"], ovep1[0].severity()) self.assertEqual( str(self.iVuln[0]["theEnvironmentProperties"][0]["theAssets"][0]), str(ovep1[0].assets()[0])) ovp2 = ovps[self.iVuln[1]["theName"]] ovep2 = ovp2.environmentProperties() self.assertEqual(ivp2.name(), ovp2.name()) self.assertEqual(ivp2.type(), ovp2.type()) self.assertEqual(ivp2.description(), ovp2.description()) self.assertEqual( self.iVuln[1]["theEnvironmentProperties"][0]["theSeverity"], ovp2.environmentProperties()[0].severity()) self.assertEqual( str(self.iVuln[1]["theEnvironmentProperties"][0]["theAssets"][0]), str(ovep2[0].assets()[0])) ovp3 = ovps[self.iVuln[2]["theName"]] ovep3 = ovp3.environmentProperties() self.assertEqual(ivp3.name(), ovp3.name()) self.assertEqual(ivp3.type(), ovp3.type()) self.assertEqual(ivp3.description(), ovp3.description()) self.assertEqual( self.iVuln[2]["theEnvironmentProperties"][0]["theSeverity"], ovep3[0].severity()) self.assertEqual( str(self.iVuln[2]["theEnvironmentProperties"][0]["theAssets"][0]), str(ovep3[0].assets()[0])) ovp3.theVulnerabilityName = 'updated name' ovp3.theVulnerabilityDescription = 'updated description' b.dbProxy.updateVulnerability(ovp3) ovps = b.dbProxy.getVulnerabilities() ovp4 = ovps['updated name'] self.assertEqual(ovp3.name(), ovp4.name()) self.assertEqual(ovp3.type(), ovp4.type()) self.assertEqual(ovp3.description(), ovp4.description()) b.dbProxy.deleteVulnerability(ovp1.id()) b.dbProxy.deleteVulnerability(ovp2.id()) b.dbProxy.deleteVulnerability(ovp3.id())
def setUp(self): call([os.environ['CAIRIS_CFG_DIR'] + "/initdb.sh"]) cairis.core.BorgFactory.initialise() f = open(os.environ['CAIRIS_SRC'] + '/test/risks.json') d = json.load(f) f.close() ienvs = d['environments'] iep1 = EnvironmentParameters(ienvs[0]["theName"], ienvs[0]["theShortCode"], ienvs[0]["theDescription"]) b = Borg() b.dbProxy.addEnvironment(iep1) iRoles = d['roles'] irp = RoleParameters(iRoles[0]["theName"], iRoles[0]["theType"], iRoles[0]["theShortCode"], iRoles[0]["theDescription"], []) b.dbProxy.addRole(irp) iAttackers = d['attackers'] iatkeps = [ AttackerEnvironmentProperties( iAttackers[0]["theEnvironmentProperties"][0]["theName"], iAttackers[0]["theEnvironmentProperties"][0]["theRoles"], iAttackers[0]["theEnvironmentProperties"][0]["theMotives"], iAttackers[0]["theEnvironmentProperties"][0] ["theCapabilities"]) ] iatk = AttackerParameters(iAttackers[0]["theName"], iAttackers[0]["theDescription"], iAttackers[0]["theImage"], [], iatkeps) b.dbProxy.addAttacker(iatk) iVtypes = d['valuetypes'] ivt1 = ValueTypeParameters(iVtypes[0]["theName"], iVtypes[0]["theDescription"], iVtypes[0]["theType"]) ivt2 = ValueTypeParameters(iVtypes[1]["theName"], iVtypes[1]["theDescription"], iVtypes[1]["theType"]) b.dbProxy.addValueType(ivt1) b.dbProxy.addValueType(ivt2) iassets = d['assets'] iaeps1 = [ AssetEnvironmentProperties( iassets[0]["theEnvironmentProperties"][0][0], iassets[0]["theEnvironmentProperties"][0][1], iassets[0]["theEnvironmentProperties"][0][2]) ] iap1 = AssetParameters(iassets[0]["theName"], iassets[0]["theShortCode"], iassets[0]["theDescription"], iassets[0]["theSignificance"], iassets[0]["theType"], "0", "N/A", [], [], iaeps1) iap2 = AssetParameters(iassets[1]["theName"], iassets[1]["theShortCode"], iassets[1]["theDescription"], iassets[1]["theSignificance"], iassets[1]["theType"], "0", "N/A", [], [], iaeps1) iap3 = AssetParameters(iassets[2]["theName"], iassets[2]["theShortCode"], iassets[2]["theDescription"], iassets[2]["theSignificance"], iassets[2]["theType"], "0", "N/A", [], [], iaeps1) b.dbProxy.addAsset(iap1) b.dbProxy.addAsset(iap2) b.dbProxy.addAsset(iap3) iThreats = d['threats'] iteps = [ ThreatEnvironmentProperties( iThreats[0]["theEnvironmentProperties"][0]["theName"], iThreats[0]["theEnvironmentProperties"][0]["theLikelihood"], iThreats[0]["theEnvironmentProperties"][0]["theAssets"], iThreats[0]["theEnvironmentProperties"][0]["theAttackers"], iThreats[0]["theEnvironmentProperties"][0]["theProperties"][0] [1], iThreats[0]["theEnvironmentProperties"][0] ["theProperties"][0][1]) ] itps = ThreatParameters(iThreats[0]["theName"], iThreats[0]["theType"], iThreats[0]["theMethod"], [], iteps) b.dbProxy.addThreat(itps) iVuln = d['vulnerabilities'] iveps = [ VulnerabilityEnvironmentProperties( iVuln[0]["theEnvironmentProperties"][0]["theName"], iVuln[0]["theEnvironmentProperties"][0]["theSeverity"], iVuln[0]["theEnvironmentProperties"][0]["theAssets"]) ] ivp = VulnerabilityParameters(iVuln[0]["theName"], iVuln[0]["theDescription"], iVuln[0]["theType"], [], iveps) b.dbProxy.addVulnerability(ivp) self.imc = d['misuseCase'] self.iRisks = d['risks']