def get(self, environment): session_id = get_session_id(session, request) dao = RiskDAO(session_id) element_names = dao.risk_model_elements(environment) resp = make_response(json_serialize(element_names, session_id=session_id), OK) resp.contenttype = 'application/json' return resp
def get(self, environment):
session_id = get_session_id(session, request)
model_generator = get_model_generator()
dim_name = request.args.get('dimension_name', '')
obj_name = request.args.get('object_name', '')
model_layout = request.args.get('layout','Hierarchical')
if dim_name == 'all': dim_name = ''
if obj_name == 'all': obj_name = ''
if model_layout == 'Hierarchical':
renderer = 'dot'
elif model_layout == 'Spring':
renderer = 'fdp'
elif model_layout == 'Radial':
renderer = 'twopi'
else:
renderer = 'circo'
dao = RiskDAO(session_id)
dot_code = dao.get_risk_analysis_model(environment, dim_name, obj_name, renderer)
dao.close()
resp = make_response(model_generator.generate(dot_code, model_type='risk', renderer=renderer), OK)
accept_header = request.headers.get('Accept', 'image/svg+xml')
if accept_header.find('text/plain') > -1:
resp.headers['Content-type'] = 'text/plain'
else:
resp.headers['Content-type'] = 'image/svg+xml'
return resp
def get(self, environment): session_id = get_session_id(session, request) dao = RiskDAO(session_id) element_names = dao.risk_model_elements(environment) resp = make_response(json_serialize(element_names, session_id=session_id), httplib.OK) resp.contenttype = 'application/json' return resp
def get(self, environment):
session_id = get_session_id(session, request)
model_generator = get_model_generator()
dim_name = request.args.get('dimension_name', '')
obj_name = request.args.get('object_name', '')
model_layout = request.args.get('layout','Hierarchical')
if dim_name == 'all': dim_name = ''
if obj_name == 'all': obj_name = ''
if model_layout == 'Hierarchical':
renderer = 'dot'
elif model_layout == 'Spring':
renderer = 'fdp'
elif model_layout == 'Radial':
renderer = 'twopi'
else:
renderer = 'circo'
dao = RiskDAO(session_id)
dot_code = dao.get_risk_analysis_model(environment, dim_name, obj_name, renderer)
dao.close()
resp = make_response(model_generator.generate(dot_code, model_type='risk', renderer=renderer), httplib.OK)
accept_header = request.headers.get('Accept', 'image/svg+xml')
if accept_header.find('text/plain') > -1:
resp.headers['Content-type'] = 'text/plain'
else:
resp.headers['Content-type'] = 'image/svg+xml'
return resp
def get(self): session_id = get_session_id(session, request) dao = RiskDAO(session_id) objts = dao.get_risks_summary() dao.close() resp = make_response(json_serialize(objts, session_id=session_id)) resp.headers['Content-Type'] = "application/json" return resp
def get(self):
session_id = get_session_id(session, request)
constraint_id = request.args.get('constraint_id', -1)
dao = RiskDAO(session_id)
risks = dao.get_risks(constraint_id)
resp = make_response(json_serialize(risks, session_id=session_id), OK)
resp.contenttype = 'application/json'
return resp
def get(self, threat, vulnerability, environment):
session_id = get_session_id(session, request)
dao = RiskDAO(session_id)
risk_rating = dao.get_risk_rating_by_tve(threat, vulnerability, environment)
resp = make_response(json_serialize(risk_rating, session_id=session_id), httplib.OK)
resp.contenttype = 'application/json'
return resp
def get(self):
session_id = get_session_id(session, request)
constraint_id = request.args.get('constraint_id', -1)
dao = RiskDAO(session_id)
risks = dao.get_risks(constraint_id)
resp = make_response(json_serialize(risks, session_id=session_id), httplib.OK)
resp.contenttype = 'application/json'
return resp
def get(self, threat, vulnerability, environment):
session_id = get_session_id(session, request)
dao = RiskDAO(session_id)
risk_rating = dao.get_risk_rating_by_tve(threat, vulnerability, environment)
resp = make_response(json_serialize(risk_rating, session_id=session_id), OK)
resp.contenttype = 'application/json'
return resp
def get(self, threat,vulnerability):
session_id = get_session_id(session, request)
dao = RiskDAO(session_id)
template_misuse_case = dao.get_misuse_case_by_threat_vulnerability(threat,vulnerability)
dao.close()
resp = make_response(json_serialize(template_misuse_case, session_id=session_id), OK)
resp.headers['Content-type'] = 'application/json'
return resp
def delete(self, name):
session_id = get_session_id(session, request)
dao = RiskDAO(session_id)
dao.delete_risk(name)
dao.close()
resp_dict = {'message': 'Risk successfully deleted'}
resp = make_response(json_serialize(resp_dict), httplib.OK)
resp.headers['Content-type'] = 'application/json'
return resp
def get(self, risk_name):
session_id = get_session_id(session, request)
dao = RiskDAO(session_id)
found_misuse_case = dao.get_misuse_case_by_risk_name(risk_name)
dao.close()
resp = make_response(json_serialize(found_misuse_case, session_id=session_id), httplib.OK)
resp.headers['Content-type'] = 'application/json'
return resp
def get(self, threat,vulnerability):
session_id = get_session_id(session, request)
dao = RiskDAO(session_id)
template_misuse_case = dao.get_misuse_case_by_threat_vulnerability(threat,vulnerability)
dao.close()
resp = make_response(json_serialize(template_misuse_case, session_id=session_id), httplib.OK)
resp.headers['Content-type'] = 'application/json'
return resp
def get(self, name):
session_id = get_session_id(session, request)
dao = RiskDAO(session_id)
found_risk = dao.get_risk_by_name(name)
dao.close()
resp = make_response(json_serialize(found_risk, session_id=session_id), OK)
resp.headers['Content-type'] = 'application/json'
return resp
def post(self):
session_id = get_session_id(session, request)
dao = RiskDAO(session_id)
risk = dao.from_json(request)
dao.add_risk(risk)
resp_dict = {'message': 'Risk successfully added'}
resp = make_response(json_serialize(resp_dict), OK)
resp.contenttype = 'application/json'
return resp
def get(self):
session_id = get_session_id(session, request)
constraintsId = request.args.get('constraints_id', -1)
dao = RiskDAO(session_id)
misuse_cases = dao.get_misuse_cases(constraintsId)
dao.close()
resp = make_response(json_serialize(misuse_cases, session_id=session_id), httplib.OK)
resp.headers['Content-type'] = 'application/json'
return resp
def get(self):
session_id = get_session_id(session, request)
constraintsId = request.args.get('constraints_id', -1)
dao = RiskDAO(session_id)
misuse_cases = dao.get_misuse_cases(constraintsId)
dao.close()
resp = make_response(json_serialize(misuse_cases, session_id=session_id), OK)
resp.headers['Content-type'] = 'application/json'
return resp
def post(self):
session_id = get_session_id(session, request)
dao = RiskDAO(session_id)
risk = dao.from_json(request)
risk_id = dao.add_risk(risk)
resp_dict = {'message': 'Risk successfully added', 'risk_id': risk_id}
resp = make_response(json_serialize(resp_dict), httplib.OK)
resp.contenttype = 'application/json'
return resp
def get(self, risk_name):
session_id = get_session_id(session, request)
dao = RiskDAO(session_id)
found_misuse_case = dao.get_misuse_case_by_risk_name(risk_name)
dao.close()
resp = make_response(
json_serialize(found_misuse_case, session_id=session_id),
httplib.OK)
resp.headers['Content-type'] = 'application/json'
return resp
def get(self, environment):
session_id = get_session_id(session, request)
dim_name = request.args.get('dimension_name', '')
obj_name = request.args.get('object_name', '')
dao = RiskDAO(session_id)
dotcode = dao.get_risk_analysis_model(environment, dim_name, obj_name)
model_gen = get_model_generator()
svg_code = model_gen.generate(dotcode, model_type='risk')
accept_header = request.headers.get('accept', 'image/svg+xml')
resp = make_response(svg_code, httplib.OK)
if accept_header.find('image/svg+xml') or accept_header.find('text/html'):
resp.contenttype = 'image/svg+xml'
else:
resp.contenttype = 'text/plain'
return resp
def get(self, environment):
session_id = get_session_id(session, request)
model_generator = get_model_generator()
dim_name = request.args.get('dimension_name', '')
obj_name = request.args.get('object_name', '')
dao = RiskDAO(session_id)
dot_code = dao.get_risk_analysis_model(environment, dim_name, obj_name)
dao.close()
resp = make_response(model_generator.generate(dot_code, model_type='risk'), httplib.OK)
accept_header = request.headers.get('Accept', 'image/svg+xml')
if accept_header.find('text/plain') > -1:
resp.headers['Content-type'] = 'text/plain'
else:
resp.headers['Content-type'] = 'image/svg+xml'
return resp
def put(self, name):
session_id = get_session_id(session, request)
dao = RiskDAO(session_id)
new_risk = dao.from_json(request)
dao.update_risk(name, new_risk)
dao.close()
resp_dict = {'message': 'Risk successfully updated'}
resp = make_response(json_serialize(resp_dict), OK)
resp.headers['Content-type'] = 'application/json'
return resp
def delete(self, name):
session_id = get_session_id(session, request)
dao = RiskDAO(session_id)
dao.delete_risk(name)
dao.close()
resp_dict = {'message': 'Risk successfully deleted'}
resp = make_response(json_serialize(resp_dict), OK)
resp.headers['Content-type'] = 'application/json'
return resp
def put(self, name):
session_id = get_session_id(session, request)
dao = RiskDAO(session_id)
new_risk = dao.from_json(request)
dao.update_risk(name, new_risk)
dao.close()
resp_dict = {'message': 'Risk successfully updated'}
resp = make_response(json_serialize(resp_dict), httplib.OK)
resp.headers['Content-type'] = 'application/json'
return resp