def delete_database(self, db_name, pathValues=[]):
try:
if (db_name in ['null', '']):
raise ARMException('No database name defined')
if (db_name not in list(
map(lambda db: db['database'], self.show_databases()))):
raise ObjectNotFound(db_name + " does not exist")
self.db_proxy.deleteDatabase(db_name, self.session_id)
return 'Database successfully deleted'
except ObjectNotFound as ex:
self.close()
raise ObjectNotFoundHTTPError('The provided asset name')
except DatabaseProxyException as ex:
raise ARMHTTPError(ex)
except ARMException as ex:
raise ARMHTTPError(ex)
def get_requirement_by_shortcode(self, shortcode):
found_requirement = None
requirements = self.get_requirements().values()
idx = 0
while found_requirement is None and idx < len(requirements):
requirement = requirements[idx]
if requirement.theLabel == shortcode:
found_requirement = requirement
idx +=1
if found_requirement is None:
self.close()
raise ObjectNotFoundHTTPError(obj='The provided requirement shortcode')
return found_requirement
def update_goal(self, goal, name):
params = GoalParameters(goalName=goal.theName,
goalOrig=goal.theOriginator,
tags=goal.theTags,
properties=goal.theEnvironmentProperties)
try:
goalId = self.db_proxy.getDimensionId(name, 'goal')
params.setId(goalId)
self.db_proxy.updateGoal(params)
except ObjectNotFound as ex:
self.close()
raise ObjectNotFoundHTTPError(ex)
except DatabaseProxyException as ex:
self.close()
raise ARMHTTPError(ex)
def get_goal_by_name(self, name, coloured=False, simplify=True):
found_goal = None
goalId = self.db_proxy.getDimensionId(name,'goal')
goals = self.get_goals(goalId,coloured=coloured, simplify=False)
if goals is not None:
found_goal = goals.get(name)
if found_goal is None:
self.close()
raise ObjectNotFoundHTTPError('The provided goal name')
if simplify:
found_goal = self.simplify(found_goal)
return found_goal
def get_obstacle_by_name(self, name, simplify=True):
obsId = self.db_proxy.getDimensionId(name, 'obstacle')
found_obstacle = None
obstacles = self.get_obstacles(obsId, simplify=False)
if obstacles is not None:
found_obstacle = obstacles.get(name)
if found_obstacle is None:
self.close()
raise ObjectNotFoundHTTPError('The provided obstacle name')
if simplify:
found_obstacle = self.simplify(found_obstacle)
return found_obstacle
def delete_object_by_4parameters(self, environment, depender, dependee,
dependency):
try:
dep = self.db_proxy.getDependency(environment, depender, dependee,
dependency)
self.db_proxy.deleteDependency(dep.theId, dep.theDependencyType)
return 1
except ObjectNotFound as ex:
self.close()
raise ObjectNotFoundHTTPError('The provided dependency name')
except DatabaseProxyException as ex:
self.close()
raise ARMHTTPError(ex)
except ARMException as ex:
self.close()
raise ARMHTTPError(ex)
def get_misusability_model(self, mc_name,tc_name, pathValues = []):
fontName, fontSize, apFontName = get_fonts(session_id=self.session_id)
if tc_name == 'all':
tc_name = ''
try:
associations = self.db_proxy.assumptionTaskModel(mc_name,tc_name)
model = GraphicalAssumptionTaskModel(associations,db_proxy=self.db_proxy, font_name=fontName, font_size=fontSize)
dot_code = model.graph()
if not dot_code:
raise ObjectNotFoundHTTPError('The misusability model')
return dot_code
except DatabaseProxyException as ex:
self.close()
raise ARMHTTPError(ex)
except ARMException as ex:
self.close()
raise ARMHTTPError(ex)
def generate_asset_from_template(self, cmName, taName):
try:
cm = self.db_proxy.dimensionObject(cmName, 'countermeasure')
taParameters = cairis.core.AssetParametersFactory.buildFromTemplate(
taName, cm.environments())
self.db_proxy.nameCheck(taParameters.name(), 'asset')
assetId = self.db_proxy.addAsset(taParameters)
self.db_proxy.addTrace('countermeasure_asset', cm.id(), assetId)
except ObjectNotFound as ex:
self.close()
raise ObjectNotFoundHTTPError('The provided countermeasure name')
except DatabaseProxyException as ex:
self.close()
raise ARMHTTPError(ex)
except ARMException as ex:
self.close()
raise ARMHTTPError(ex)
def get_risk_rating_by_tve(self, threat_name, vulnerability_name, environment_name):
"""
:rtype: RiskRating
"""
try:
rating = self.db_proxy.riskRating(threat_name, vulnerability_name, environment_name)
risk_rating = RiskRating(threat_name, vulnerability_name, environment_name, rating)
return risk_rating
except DatabaseProxyException as ex:
self.close()
raise ARMHTTPError(ex)
except ARMException as ex:
self.close()
raise ARMHTTPError(ex)
except TypeError:
self.close()
raise ObjectNotFoundHTTPError(obj='A rating for the risk')
def get_object_by_name(self, name, simplify=True):
try:
personaId = self.db_proxy.getDimensionId(name, 'persona')
personas = self.db_proxy.getPersonas(personaId)
except DatabaseProxyException as ex:
self.close()
raise ARMHTTPError(ex)
except ARMException as ex:
self.close()
raise ARMHTTPError(ex)
found_persona = personas.get(name, None)
if found_persona is None:
self.close()
raise ObjectNotFoundHTTPError('The provided persona name')
found_persona = self.simplify(found_persona)
return found_persona
def get_risk_analysis_model(self, environment_name, dim_name, obj_name,model_layout):
fontName, fontSize, apFontName = get_fonts(session_id=self.session_id)
try:
riskAnalysisModel = self.db_proxy.riskAnalysisModel(environment_name, dim_name, obj_name)
tLinks = EnvironmentModel(riskAnalysisModel, environment_name, self.db_proxy, model_layout, fontName=fontName, fontSize=fontSize)
dot_code = tLinks.graph()
if not dot_code:
raise ObjectNotFoundHTTPError('The risk analysis model')
return dot_code
except DatabaseProxyException as ex:
self.close()
raise ARMHTTPError(ex)
except ARMException as ex:
self.close()
raise ARMHTTPError(ex)
except Exception as ex:
self.close()
print(ex)
def get_role_by_id(self, role_id, simplify=True):
found_role = None
roles = self.db_proxy.getRoles()
idx = 0
while found_role is None and idx < len(roles):
if list(roles.values())[idx].theId == role_id:
found_role = list(roles.values())[idx]
idx += 1
if found_role is None:
self.close()
raise ObjectNotFoundHTTPError('The provided role name')
if simplify:
found_role = self.simplify(found_role)
return found_role
def generate_asset(self, cmName, pathValues=[]):
try:
cm = self.db_proxy.dimensionObject(cmName, 'countermeasure')
assetParameters = cairis.core.AssetParametersFactory.build(
cm, self.db_proxy)
self.db_proxy.nameCheck(assetParameters.name(), 'asset')
assetId = self.db_proxy.addAsset(assetParameters)
self.db_proxy.addTrace('countermeasure_asset', cm.id(), assetId)
return 'Asset ' + cmName + ' CM created'
except ObjectNotFound as ex:
self.close()
raise ObjectNotFoundHTTPError('The provided countermeasure name')
except DatabaseProxyException as ex:
self.close()
raise ARMHTTPError(ex)
except ARMException as ex:
self.close()
raise ARMHTTPError(ex)
def get_object_by_name(self, name, simplify=True):
try:
taskId = self.db_proxy.getDimensionId(name,'task')
tasks = self.db_proxy.getTasks(taskId)
except DatabaseProxyException as ex:
self.close()
raise ARMHTTPError(ex)
except ARMException as ex:
self.close()
raise ARMHTTPError(ex)
found_task = tasks.get(name, None)
if found_task is None:
self.close()
raise ObjectNotFoundHTTPError('The provided task name')
found_task = self.simplify(found_task)
return found_task
def situate_countermeasure_pattern(self,cmName,spName):
try:
cm = self.db_proxy.dimensionObject(cmName,'countermeasure')
patternId = self.db_proxy.getDimensionId(spName,'securitypattern')
assetParametersList = []
for assetName in self.db_proxy.patternAssets(patternId):
assetParametersList.append(cairis.core.AssetParametersFactory.buildFromTemplate(assetName,cm.environments()))
self.db_proxy.addSituatedAssets(patternId,assetParametersList)
self.db_proxy.addTrace('countermeasure_securitypattern',cm.id(),patternId)
except ObjectNotFound as ex:
self.close()
raise ObjectNotFoundHTTPError('The provided countermeasure name')
except DatabaseProxyException as ex:
self.close()
raise ARMHTTPError(ex)
except ARMException as ex:
self.close()
raise ARMHTTPError(ex)
def get_threat_by_name(self, name, simplify=True):
found_threat = None
try:
threats = self.db_proxy.getThreats()
except DatabaseProxyException as ex:
self.close()
raise ARMHTTPError(ex)
if threats is not None:
found_threat = threats.get(name)
if found_threat is None:
self.close()
raise ObjectNotFoundHTTPError('The provided threat name')
if simplify:
found_threat = self.simplify(found_threat)
return found_threat
def get_persona_model(self, persona_name, variable_name,
characteristic_name):
fontName, fontSize, apFontName = get_fonts(session_id=self.session_id)
try:
modelAssocs = self.db_proxy.assumptionPersonaModel(
persona_name, variable_name, characteristic_name)
associations = AssumptionPersonaModel(modelAssocs,
font_name=fontName,
font_size=fontSize)
dot_code = associations.graph()
if not dot_code:
raise ObjectNotFoundHTTPError('The persona model')
return dot_code
except DatabaseProxyException as ex:
self.close()
raise ARMHTTPError(ex)
except ARMException as ex:
self.close()
raise ARMHTTPError(ex)
def get_vulnerability_by_name(self, name, simplify=True):
found_vulnerability = None
try:
vulnerabilities = self.db_proxy.getVulnerabilities()
except DatabaseProxyException as ex:
self.close()
raise ARMHTTPError(ex)
if vulnerabilities is not None:
found_vulnerability = vulnerabilities.get(name)
if found_vulnerability is None:
self.close()
raise ObjectNotFoundHTTPError('The provided vulnerability name')
if simplify:
found_vulnerability = self.simplify(found_vulnerability)
return found_vulnerability
def delete_environment(self, name=None, env_id=None):
if name is not None:
found_environment = self.get_environment_by_name(name, simplify=False)
if found_environment is None:
raise ObjectNotFoundHTTPError('The provided environment name')
env_id = found_environment.theId
if env_id is not None and env_id > -1:
try:
self.db_proxy.deleteEnvironment(env_id)
except DatabaseProxyException as ex:
self.close()
raise ARMHTTPError(ex)
except ARMException as ex:
self.close()
raise ARMHTTPError(ex)
else:
self.close()
raise MissingParameterHTTPError(param_names=['id'])
def update_object(self, response, resp_name):
params = ResponseParameters(respName=response.theName,
respRisk=response.theRisk,
tags=response.theTags,
cProps=response.theEnvironmentProperties,
rType=response.theResponseType)
try:
respId = self.db_proxy.getDimensionId(resp_name, 'response')
params.setId(respId)
self.db_proxy.updateResponse(params)
except ObjectNotFound as ex:
self.close()
raise ObjectNotFoundHTTPError('The provided response name')
except DatabaseProxyException as ex:
self.close()
raise ARMHTTPError(ex)
except ARMException as ex:
self.close()
raise ARMHTTPError(ex)
def update_task_characteristic(self, tc, name):
tcParams = TaskCharacteristicParameters(pName=tc.theTaskName,
modQual=tc.theModQual,
cDesc=tc.theName,
pcGrounds=tc.theGrounds,
pcWarrant=tc.theWarrant,
pcBacking=[],
pcRebuttal=tc.theRebuttal)
try:
tcId = self.db_proxy.getDimensionId(name, 'task_characteristic')
tcParams.setId(tcId)
self.db_proxy.updateTaskCharacteristic(tcParams)
except ObjectNotFound as ex:
self.close()
raise ObjectNotFoundHTTPError('The provided task characteristic')
except ARMException as ex:
self.close()
raise ARMHTTPError(ex)
def get_requirement_by_id(self, req_id):
found_requirement = None
try:
requirements = self.db_proxy.getRequirements()
except DatabaseProxyException as ex:
self.close()
raise ARMHTTPError(ex)
idx = 0
while found_requirement is None and idx < len(requirements):
if requirements.values()[idx].theId == int(req_id):
found_requirement = requirements.values()[idx]
idx += 1
if found_requirement is None:
self.close()
raise ObjectNotFoundHTTPError('The provided requirement ID')
return found_requirement
def get_environment_by_name(self, name, simplify=True):
found_environment = None
try:
environments = self.db_proxy.getEnvironments()
except DatabaseProxyException as ex:
self.close()
raise ARMHTTPError(ex)
if environments is not None:
found_environment = environments.get(name)
if found_environment is None:
self.close()
raise ObjectNotFoundHTTPError('The provided environment name')
if simplify:
found_environment = self.simplify(found_environment)
return found_environment
def get(self, ap_name):
session_id = get_session_id(session, request)
model_generator = get_model_generator()
dao = ArchitecturalPatternDAO(session_id)
dot_code = dao.get_component_model(ap_name)
dao.close()
if not isinstance(dot_code, str):
raise ObjectNotFoundHTTPError('The model')
resp = make_response(
model_generator.generate(dot_code, renderer='dot'), httplib.OK)
accept_header = request.headers.get('Accept', 'image/svg+xml')
if accept_header.find('text/plain') > -1:
resp.headers['Content-type'] = 'text/plain'
else:
resp.headers['Content-type'] = 'image/svg+xml'
return resp
def get_task_model(self, environment_name,task_name,misusecase_name):
fontName, fontSize, apFontName = get_fonts(session_id=self.session_id)
try:
mcFilter = False
filter_name = task_name
if misusecase_name != '':
mcFilter = True
filter_name = misusecase_name
associationDirectory = self.db_proxy.taskModel(environment_name,filter_name,mcFilter)
associations = KaosModel(associationDirectory.values(), environment_name, kaosModelType = 'task',goalName = filter_name,db_proxy=self.db_proxy, font_name=fontName, font_size=fontSize)
dot_code = associations.graph()
if not dot_code:
raise ObjectNotFoundHTTPError('The task model')
return dot_code
except DatabaseProxyException as ex:
self.close()
raise ARMHTTPError(ex)
except ARMException as ex:
self.close()
raise ARMHTTPError(ex)
def get_requirement_by_name(self, name):
found_requirement = None
try:
requirements = self.db_proxy.getRequirements()
except DatabaseProxyException as ex:
self.close()
raise ARMHTTPError(ex)
if requirements is not None:
idx = 0
while found_requirement is None and idx < len(requirements):
if (requirements.values()[idx].theName == name) or (requirements.values()[idx].theLabel == name):
found_requirement = requirements.values()[idx]
idx += 1
if found_requirement is None:
self.close()
raise ObjectNotFoundHTTPError('The provided requirement name ' + '"' + name + '"')
return found_requirement
def get_dataflow_diagram(self, environment_name, filter_element):
fontName, fontSize, apFontName = get_fonts(session_id=self.session_id)
try:
dfdRows = self.db_proxy.dataFlowDiagram(environment_name,
filter_element)
associations = DataFlowDiagram(dfdRows,
environment_name,
self.db_proxy,
font_name=fontName,
font_size=fontSize)
dot_code = associations.graph()
if not dot_code:
raise ObjectNotFoundHTTPError('The data flow diagram')
return dot_code
except DatabaseProxyException as ex:
self.close()
raise ARMHTTPError(ex)
except ARMException as ex:
self.close()
raise ARMHTTPError(ex)
def get_asset_by_name(self, name, simplify=True):
try:
assetId = self.db_proxy.getDimensionId(name,'asset')
assets = self.db_proxy.getAssets(assetId)
except DatabaseProxyException as ex:
self.close()
raise ARMHTTPError(ex)
except ARMException as ex:
self.close()
raise ARMHTTPError(ex)
if assets is not None:
found_asset = assets.get(name)
if found_asset is None:
self.close()
raise ObjectNotFoundHTTPError('The provided asset name')
if simplify:
found_asset = self.simplify(found_asset)
return found_asset
def delete_asset(self, name=None, asset_id=-1):
if name is not None:
found_asset = self.get_asset_by_name(name)
elif asset_id > -1:
found_asset = self.get_asset_by_id(asset_id)
else:
self.close()
raise MissingParameterHTTPError(param_names=['name'])
if found_asset is None or not isinstance(found_asset, Asset):
self.close()
raise ObjectNotFoundHTTPError('The provided asset name')
try:
self.db_proxy.deleteAsset(found_asset.theId)
except DatabaseProxyException as ex:
self.close()
raise ARMHTTPError(ex)
except ARMException as ex:
self.close()
raise ARMHTTPError(ex)
def delete_role(self, name=None, role_id=-1):
if name is not None:
found_role = self.get_role_by_name(name)
elif role_id > -1:
found_role = self.get_role_by_id(role_id)
else:
self.close()
raise MissingParameterHTTPError(param_names=['name'])
if found_role is None or not isinstance(found_role, Role):
self.close()
raise ObjectNotFoundHTTPError('The provided role name')
try:
self.db_proxy.deleteRole(found_role.theId)
except DatabaseProxyException as ex:
self.close()
raise ARMHTTPError(ex)
except ARMException as ex:
self.close()
raise ARMHTTPError(ex)
