def parameters(self): parameters = PersonaCharacteristicParameters( self.thePersonaName, self.theModalQualifier, self.theVariable, self.theCharacteristic, self.theGrounds, self.theWarrant, [], self.theRebuttal) parameters.setId(self.theId) return parameters
def endElement(self,name): if name == 'persona': p = PersonaParameters(self.theName,unescape(self.theActivities),unescape(self.theAttitudes),unescape(self.theAptitudes),unescape(self.theMotivations),unescape(self.theSkills),unescape(self.theIntrinsic),unescape(self.theContextual),self.theImage,self.isAssumptionPersona,self.theType,self.theTags,self.theEnvironmentProperties,{}) self.thePersonas.append(p) self.resetPersonaAttributes() elif name == 'persona_environment': p = PersonaEnvironmentProperties(self.theEnvironmentName,self.isDirect,unescape(self.theNarrative),self.theRoles,{'narrative':{}}) self.theEnvironmentProperties.append(p) self.resetPersonaEnvironmentAttributes() elif name == 'external_document': p = ExternalDocumentParameters(self.theName,self.theVersion,self.theDate,self.theAuthors,unescape(self.theDescription)) self.theExternalDocuments.append(p) self.resetExternalDocumentAttributes() elif name == 'document_reference': p = DocumentReferenceParameters(self.theName,self.theDocument,self.theContributor,unescape(self.theExcerpt)) self.theDocumentReferences.append(p) self.resetDocumentReferenceAttributes() elif name == 'persona_characteristic': p = PersonaCharacteristicParameters(self.thePersona,self.theModalQualifier,self.theBvName,unescape(self.theDefinition),self.theGrounds,self.theWarrants,[],self.theRebuttals) self.thePersonaCharacteristics.append(p) self.resetPersonaCharacteristicAttributes() elif name == 'task': p = TaskParameters(unescape(self.theName),unescape(self.theCode),unescape(self.theObjective),self.isAssumptionTask,self.theAuthor,self.theTags,self.theEnvironmentProperties) self.theTasks.append(p) self.resetTaskAttributes() elif name == 'task_environment': p = TaskEnvironmentProperties(unescape(self.theEnvironmentName),unescape(self.theDependencies),self.theTaskPersonas,self.theConcerns,self.theConcernAssociations,unescape(self.theNarrative),unescape(self.theConsequences),unescape(self.theBenefits),[],{'narrative':{},'consequences':{},'benefits':{}}) self.theEnvironmentProperties.append(p) self.resetTaskEnvironmentAttributes() elif name == 'activities': self.inActivities = 0 elif name == 'attitudes': self.inAttitudes = 0 elif name == 'aptitudes': self.inAptitudes = 0 elif name == 'motivations': self.inMotivations = 0 elif name == 'skills': self.inSkills = 0 elif name == 'intrinsic': self.inIntrinsic = 0 elif name == 'contextual': self.inContextual = 0 elif name == 'narrative': self.inNarrative = 0 elif name == 'excerpt': self.inExcerpt = 0 elif name == 'description': self.inDescription = 0 elif name == 'definition': self.inDefinition = 0 elif name == 'dependencies': self.inDependencies = 0 elif name == 'objective': self.inObjective = 0 elif name == 'benefits': self.inBenefits = 0 elif name == 'consequences': self.inConsequences = 0
def add_persona_characteristic(self, pc): pcParams = PersonaCharacteristicParameters(pName=pc.thePersonaName, modQual=pc.theModQual, vName=pc.theVariable, cDesc=pc.theCharacteristic, pcGrounds=pc.theGrounds, pcWarrant=pc.theWarrant, pcBacking=pc.theBacking, pcRebuttal=pc.theRebuttal) try: self.db_proxy.addPersonaCharacteristic(pcParams) except ARMException as ex: self.close() raise ARMHTTPError(ex)
def setUp(self): call([os.environ['CAIRIS_SRC'] + "/test/initdb.sh"]) cairis.core.BorgFactory.initialise() f = open(os.environ['CAIRIS_SRC'] + '/test/threats.json') d = json.load(f) f.close() self.ienvs = d['environments'] self.iep = EnvironmentParameters(self.ienvs[0]["theName"],self.ienvs[0]["theShortCode"],self.ienvs[0]["theDescription"]) b = Borg() b.dbProxy.addEnvironment(self.iep) self.oenvs = b.dbProxy.getEnvironments() self.iRoles = d['roles'] self.irp = RoleParameters(self.iRoles[0]["theName"], self.iRoles[0]["theType"], self.iRoles[0]["theShortCode"], self.iRoles[0]["theDescription"],[]) b.dbProxy.addRole(self.irp) self.oRoles = b.dbProxy.getRoles() self.iPersonas = d['personas'] self.ipp = PersonaParameters(self.iPersonas[0]["theName"],self.iPersonas[0]["theActivities"],self.iPersonas[0]["theAttitudes"],self.iPersonas[0]["theAptitudes"],self.iPersonas[0]["theMotivations"],self.iPersonas[0]["theSkills"],self.iPersonas[0]["theIntrinsic"],self.iPersonas[0]["theContextual"],"","0",self.iPersonas[0]["thePersonaType"],[],[PersonaEnvironmentProperties(self.iPersonas[0]["theEnvironmentProperties"][0]["theName"],(self.iPersonas[0]["theEnvironmentProperties"][0]["theDirectFlag"] == "True"),self.iPersonas[0]["theEnvironmentProperties"][0]["theNarrative"],self.iPersonas[0]["theEnvironmentProperties"][0]["theRole"])],[]) b.dbProxy.addPersona(self.ipp) self.opp = b.dbProxy.getPersonas() self.iExternalDocuments = d['external_documents'] self.iec1 = ExternalDocumentParameters(self.iExternalDocuments[0]["theName"],self.iExternalDocuments[0]["theVersion"],self.iExternalDocuments[0]["thePublicationDate"],self.iExternalDocuments[0]["theAuthors"],self.iExternalDocuments[0]["theDescription"]) self.iec2 = ExternalDocumentParameters(self.iExternalDocuments[1]["theName"],self.iExternalDocuments[1]["theVersion"],self.iExternalDocuments[1]["thePublicationDate"],self.iExternalDocuments[1]["theAuthors"],self.iExternalDocuments[1]["theDescription"]) b.dbProxy.addExternalDocument(self.iec1) b.dbProxy.addExternalDocument(self.iec2) self.oecs = b.dbProxy.getExternalDocuments() self.iDocumentReferences = d['document_references'] self.idr1 = DocumentReferenceParameters(self.iDocumentReferences[0]["theName"],self.iDocumentReferences[0]["theDocName"],self.iDocumentReferences[0]["theContributor"],self.iDocumentReferences[0]["theExcerpt"]) self.idr2 = DocumentReferenceParameters(self.iDocumentReferences[1]["theName"],self.iDocumentReferences[1]["theDocName"],self.iDocumentReferences[1]["theContributor"],self.iDocumentReferences[1]["theExcerpt"]) b.dbProxy.addDocumentReference(self.idr1) b.dbProxy.addDocumentReference(self.idr2) self.odrs = b.dbProxy.getDocumentReferences() self.iPersonaCharacteristics = d['persona_characteristics'] self.ipc1 = PersonaCharacteristicParameters(self.iPersonaCharacteristics[0]["thePersonaName"],self.iPersonaCharacteristics[0]["theModQual"],self.iPersonaCharacteristics[0]["theVariable"],self.iPersonaCharacteristics[0]["theCharacteristic"],[(self.iPersonaCharacteristics[0]["ground"],'','document')],[(self.iPersonaCharacteristics[0]["warrant"],'','document')],[],[]) b.dbProxy.addPersonaCharacteristic(self.ipc1) self.opcs = b.dbProxy.getPersonaCharacteristics() self.iAttackers = d['attackers'] self.iatkeps = [AttackerEnvironmentProperties(self.iAttackers[0]["theEnvironmentProperties"][0]["theName"],self.iAttackers[0]["theEnvironmentProperties"][0]["theRoles"],self.iAttackers[0]["theEnvironmentProperties"][0]["theMotives"],self.iAttackers[0]["theEnvironmentProperties"][0]["theCapabilities"])] self.iatk = AttackerParameters(self.iAttackers[0]["theName"], self.iAttackers[0]["theDescription"], self.iAttackers[0]["theImage"],[],self.iatkeps) b.dbProxy.addAttacker(self.iatk) self.oAttackers = b.dbProxy.getAttackers() self.iVtypes = d['valuetypes'] self.ivt = ValueTypeParameters(self.iVtypes[0]["theName"], self.iVtypes[0]["theDescription"], self.iVtypes[0]["theType"]) b.dbProxy.addValueType(self.ivt) self.ovt = b.dbProxy.getValueTypes('threat_type') self.iassets = d['assets'] self.iaeps = [AssetEnvironmentProperties(self.iassets[0]["theEnvironmentProperties"][0][0],self.iassets[0]["theEnvironmentProperties"][0][1],self.iassets[0]["theEnvironmentProperties"][0][2])] self.iap = AssetParameters(self.iassets[0]["theName"],self.iassets[0]["theShortCode"],self.iassets[0]["theDescription"],self.iassets[0]["theSignificance"],self.iassets[0]["theType"],"0","N/A",[],[],self.iaeps) b.dbProxy.addAsset(self.iap) self.oap = b.dbProxy.getAssets() self.iThreats = d['threats']
def update_persona_characteristic(self, pc, name): found_pc = self.get_persona_characteristic(name) pcParams = PersonaCharacteristicParameters(pName=pc.thePersonaName, modQual=pc.theModQual, vName=pc.theVariable, cDesc=pc.theCharacteristic, pcGrounds=pc.theGrounds, pcWarrant=pc.theWarrant, pcBacking=pc.theBacking, pcRebuttal=pc.theRebuttal) pcParams.setId(found_pc.theId) try: self.db_proxy.updatePersonaCharacteristic(pcParams) except ARMException as ex: self.close() raise ARMHTTPError(ex)
def update_object(self, pc, name): pcParams = PersonaCharacteristicParameters(pName=pc.thePersonaName, modQual=pc.theModQual, vName=pc.theVariable, cDesc=pc.theName, pcGrounds=pc.theGrounds, pcWarrant=pc.theWarrant, pcBacking=[], pcRebuttal=pc.theRebuttal) try: pcId = self.db_proxy.getDimensionId(name, 'persona_characteristic') pcParams.setId(pcId) self.db_proxy.updatePersonaCharacteristic(pcParams) except ARMException as ex: self.close() raise ARMHTTPError(ex)
def setUp(self): call([os.environ['CAIRIS_SRC'] + "/test/initdb.sh"]) cairis.core.BorgFactory.initialise() f = open(os.environ['CAIRIS_SRC'] + '/test/responses.json') d = json.load(f) f.close() self.ienvs = d['environments'] self.iep1 = EnvironmentParameters(self.ienvs[0]["theName"], self.ienvs[0]["theShortCode"], self.ienvs[0]["theDescription"]) b = Borg() b.dbProxy.addEnvironment(self.iep1) self.oenvs = b.dbProxy.getEnvironments() self.iRoles = d['roles'] self.irp = RoleParameters(self.iRoles[0]["theName"], self.iRoles[0]["theType"], self.iRoles[0]["theShortCode"], self.iRoles[0]["theDescription"], []) b.dbProxy.addRole(self.irp) self.oRoles = b.dbProxy.getRoles() self.iPersonas = d['personas'] self.ipp = PersonaParameters( self.iPersonas[0]["theName"], self.iPersonas[0]["theActivities"], self.iPersonas[0]["theAttitudes"], self.iPersonas[0]["theAptitudes"], self.iPersonas[0]["theMotivations"], self.iPersonas[0]["theSkills"], self.iPersonas[0]["theIntrinsic"], self.iPersonas[0]["theContextual"], "", "0", self.iPersonas[0]["thePersonaType"], [], [ PersonaEnvironmentProperties( self.iPersonas[0]["theEnvironmentProperties"][0] ["theName"], (self.iPersonas[0]["theEnvironmentProperties"] [0]["theDirectFlag"] == "True"), self.iPersonas[0]["theEnvironmentProperties"][0] ["theNarrative"], self.iPersonas[0] ["theEnvironmentProperties"][0]["theRole"]) ], []) b.dbProxy.addPersona(self.ipp) self.opp = b.dbProxy.getPersonas() self.iExternalDocuments = d['external_documents'] self.iec1 = ExternalDocumentParameters( self.iExternalDocuments[0]["theName"], self.iExternalDocuments[0]["theVersion"], self.iExternalDocuments[0]["thePublicationDate"], self.iExternalDocuments[0]["theAuthors"], self.iExternalDocuments[0]["theDescription"]) self.iec2 = ExternalDocumentParameters( self.iExternalDocuments[1]["theName"], self.iExternalDocuments[1]["theVersion"], self.iExternalDocuments[1]["thePublicationDate"], self.iExternalDocuments[1]["theAuthors"], self.iExternalDocuments[1]["theDescription"]) b.dbProxy.addExternalDocument(self.iec1) b.dbProxy.addExternalDocument(self.iec2) self.oecs = b.dbProxy.getExternalDocuments() self.iDocumentReferences = d['document_references'] self.idr1 = DocumentReferenceParameters( self.iDocumentReferences[0]["theName"], self.iDocumentReferences[0]["theDocName"], self.iDocumentReferences[0]["theContributor"], self.iDocumentReferences[0]["theExcerpt"]) self.idr2 = DocumentReferenceParameters( self.iDocumentReferences[1]["theName"], self.iDocumentReferences[1]["theDocName"], self.iDocumentReferences[1]["theContributor"], self.iDocumentReferences[1]["theExcerpt"]) b.dbProxy.addDocumentReference(self.idr1) b.dbProxy.addDocumentReference(self.idr2) self.odrs = b.dbProxy.getDocumentReferences() self.iPersonaCharacteristics = d['persona_characteristics'] self.ipc1 = PersonaCharacteristicParameters( self.iPersonaCharacteristics[0]["thePersonaName"], self.iPersonaCharacteristics[0]["theModQual"], self.iPersonaCharacteristics[0]["theVariable"], self.iPersonaCharacteristics[0]["theCharacteristic"], [(self.iPersonaCharacteristics[0]["ground"], '', 'document')], [(self.iPersonaCharacteristics[0]["warrant"], '', 'document')], [], []) b.dbProxy.addPersonaCharacteristic(self.ipc1) self.opcs = b.dbProxy.getPersonaCharacteristics() self.iAttackers = d['attackers'] self.iatkeps = [ AttackerEnvironmentProperties( self.iAttackers[0]["theEnvironmentProperties"][0]["theName"], self.iAttackers[0]["theEnvironmentProperties"][0]["theRoles"], self.iAttackers[0]["theEnvironmentProperties"][0] ["theMotives"], self.iAttackers[0]["theEnvironmentProperties"] [0]["theCapabilities"]) ] self.iatk = AttackerParameters(self.iAttackers[0]["theName"], self.iAttackers[0]["theDescription"], self.iAttackers[0]["theImage"], [], self.iatkeps) b.dbProxy.addAttacker(self.iatk) self.oAttackers = b.dbProxy.getAttackers() self.iVtypes = d['valuetypes'] self.ivt1 = ValueTypeParameters(self.iVtypes[0]["theName"], self.iVtypes[0]["theDescription"], self.iVtypes[0]["theType"]) self.ivt2 = ValueTypeParameters(self.iVtypes[1]["theName"], self.iVtypes[1]["theDescription"], self.iVtypes[1]["theType"]) b.dbProxy.addValueType(self.ivt1) b.dbProxy.addValueType(self.ivt2) self.ovtt = b.dbProxy.getValueTypes('threat_type') self.ovtv = b.dbProxy.getValueTypes('vulnerability_type') self.iassets = d['assets'] self.iaeps1 = [ AssetEnvironmentProperties( self.iassets[0]["theEnvironmentProperties"][0][0], self.iassets[0]["theEnvironmentProperties"][0][1], self.iassets[0]["theEnvironmentProperties"][0][2]) ] self.iaeps2 = [ AssetEnvironmentProperties( self.iassets[1]["theEnvironmentProperties"][0][0], self.iassets[1]["theEnvironmentProperties"][0][1], self.iassets[1]["theEnvironmentProperties"][0][2]) ] self.iaeps3 = [ AssetEnvironmentProperties( self.iassets[2]["theEnvironmentProperties"][0][0], self.iassets[2]["theEnvironmentProperties"][0][1], self.iassets[2]["theEnvironmentProperties"][0][2]) ] self.iap1 = AssetParameters(self.iassets[0]["theName"], self.iassets[0]["theShortCode"], self.iassets[0]["theDescription"], self.iassets[0]["theSignificance"], self.iassets[0]["theType"], "0", "N/A", [], [], self.iaeps1) self.iap2 = AssetParameters(self.iassets[1]["theName"], self.iassets[1]["theShortCode"], self.iassets[1]["theDescription"], self.iassets[1]["theSignificance"], self.iassets[1]["theType"], "0", "N/A", [], [], self.iaeps2) self.iap3 = AssetParameters(self.iassets[2]["theName"], self.iassets[2]["theShortCode"], self.iassets[2]["theDescription"], self.iassets[2]["theSignificance"], self.iassets[2]["theType"], "0", "N/A", [], [], self.iaeps3) b.dbProxy.addAsset(self.iap1) b.dbProxy.addAsset(self.iap2) b.dbProxy.addAsset(self.iap3) self.oap = b.dbProxy.getAssets() self.iThreats = d['threats'] self.iteps = [ ThreatEnvironmentProperties( self.iThreats[0]["theEnvironmentProperties"][0]["theName"], self.iThreats[0]["theEnvironmentProperties"][0] ["theLikelihood"], self.iThreats[0]["theEnvironmentProperties"][0]["theAssets"], self.iThreats[0]["theEnvironmentProperties"][0] ["theAttackers"], self.iThreats[0]["theEnvironmentProperties"] [0]["theProperties"][0][1], self.iThreats[0] ["theEnvironmentProperties"][0]["theProperties"][0][1]) ] self.itps = ThreatParameters(self.iThreats[0]["theName"], self.iThreats[0]["theType"], self.iThreats[0]["theMethod"], [], self.iteps) b.dbProxy.addThreat(self.itps) self.otps = b.dbProxy.getThreats() self.iVuln = d['vulnerabilities'] self.iveps = [ VulnerabilityEnvironmentProperties( self.iVuln[0]["theEnvironmentProperties"][0]["theName"], self.iVuln[0]["theEnvironmentProperties"][0]["theSeverity"], self.iVuln[0]["theEnvironmentProperties"][0]["theAssets"]) ] self.ivp = VulnerabilityParameters(self.iVuln[0]["theName"], self.iVuln[0]["theDescription"], self.iVuln[0]["theType"], [], self.iveps) b.dbProxy.addVulnerability(self.ivp) self.ovp = b.dbProxy.getVulnerabilities() self.imc = d['misuseCase'] self.iRisks = d['risks'] imcep = [ MisuseCaseEnvironmentProperties( self.imc[0]["theEnvironmentProperties"][0]["theName"], self.imc[0]["theEnvironmentProperties"][0]["theDescription"]) ] imcp = MisuseCase(int(0), self.imc[0]["theName"], imcep, self.imc[0]["theRisk"]) irp = RiskParameters(self.iRisks[0]["theName"], self.iRisks[0]["threatName"], self.iRisks[0]["vulName"], imcp, []) b.dbProxy.addRisk(irp) oRisks = b.dbProxy.getRisks() self.r = oRisks[self.iRisks[0]["theName"]] self.iResponses = d['responses']
def testPersona(self): ipp = PersonaParameters( self.iPersonas[0]["theName"], self.iPersonas[0]["theActivities"], self.iPersonas[0]["theAttitudes"], self.iPersonas[0]["theAptitudes"], self.iPersonas[0]["theMotivations"], self.iPersonas[0]["theSkills"], self.iPersonas[0]["theIntrinsic"], self.iPersonas[0]["theContextual"], "", "0", self.iPersonas[0]["thePersonaType"], [], [ PersonaEnvironmentProperties( self.iPersonas[0]["theEnvironmentProperties"][0] ["theName"], (self.iPersonas[0]["theEnvironmentProperties"] [0]["theDirectFlag"] == "True"), self.iPersonas[0]["theEnvironmentProperties"][0] ["theNarrative"], self.iPersonas[0] ["theEnvironmentProperties"][0]["theRole"]) ], []) b = Borg() b.dbProxy.addPersona(ipp) thePersonas = b.dbProxy.getPersonas() op = thePersonas[self.iPersonas[0]["theName"]] self.assertEqual(ipp.name(), op.name()) self.assertEqual(ipp.activities(), op.activities()) self.assertEqual(ipp.attitudes(), op.attitudes()) self.assertEqual(ipp.aptitudes(), op.aptitudes()) self.assertEqual(ipp.motivations(), op.motivations()) self.assertEqual(ipp.skills(), op.skills()) self.assertEqual(ipp.intrinsic(), op.intrinsic()) self.assertEqual(ipp.contextual(), op.contextual()) self.assertEqual( self.iPersonas[0]["theEnvironmentProperties"][0]["theDirectFlag"], op.environmentProperties()[0].directFlag()) self.assertEqual( self.iPersonas[0]["theEnvironmentProperties"][0]["theNarrative"], op.environmentProperties()[0].narrative()) self.assertEqual( self.iPersonas[0]["theEnvironmentProperties"][0]["theRole"], op.environmentProperties()[0].roles()) iec1 = ExternalDocumentParameters( self.iExternalDocuments[0]["theName"], self.iExternalDocuments[0]["theVersion"], self.iExternalDocuments[0]["thePublicationDate"], self.iExternalDocuments[0]["theAuthors"], self.iExternalDocuments[0]["theDescription"]) iec2 = ExternalDocumentParameters( self.iExternalDocuments[1]["theName"], self.iExternalDocuments[1]["theVersion"], self.iExternalDocuments[1]["thePublicationDate"], self.iExternalDocuments[1]["theAuthors"], self.iExternalDocuments[1]["theDescription"]) b.dbProxy.addExternalDocument(iec1) b.dbProxy.addExternalDocument(iec2) oecs = b.dbProxy.getExternalDocuments() oec1 = oecs[self.iExternalDocuments[0]["theName"]] oec2 = oecs[self.iExternalDocuments[1]["theName"]] self.assertEqual(self.iExternalDocuments[0]["theName"], oec1.name()) self.assertEqual(self.iExternalDocuments[0]["theVersion"], oec1.version()) self.assertEqual(self.iExternalDocuments[0]["thePublicationDate"], oec1.date()) self.assertEqual(self.iExternalDocuments[0]["theAuthors"], oec1.authors()) self.assertEqual(self.iExternalDocuments[0]["theDescription"], oec1.description()) self.assertEqual(self.iExternalDocuments[1]["theName"], oec2.name()) self.assertEqual(self.iExternalDocuments[1]["theVersion"], oec2.version()) self.assertEqual(self.iExternalDocuments[1]["thePublicationDate"], oec2.date()) self.assertEqual(self.iExternalDocuments[1]["theAuthors"], oec2.authors()) self.assertEqual(self.iExternalDocuments[1]["theDescription"], oec2.description()) idr1 = DocumentReferenceParameters( self.iDocumentReferences[0]["theName"], self.iDocumentReferences[0]["theDocName"], self.iDocumentReferences[0]["theContributor"], self.iDocumentReferences[0]["theExcerpt"]) idr2 = DocumentReferenceParameters( self.iDocumentReferences[1]["theName"], self.iDocumentReferences[1]["theDocName"], self.iDocumentReferences[1]["theContributor"], self.iDocumentReferences[1]["theExcerpt"]) idr3 = DocumentReferenceParameters( self.iDocumentReferences[2]["theName"], self.iDocumentReferences[2]["theDocName"], self.iDocumentReferences[2]["theContributor"], self.iDocumentReferences[2]["theExcerpt"]) b.dbProxy.addDocumentReference(idr1) b.dbProxy.addDocumentReference(idr2) b.dbProxy.addDocumentReference(idr3) odrs = b.dbProxy.getDocumentReferences() odr1 = odrs[self.iDocumentReferences[0]["theName"]] odr2 = odrs[self.iDocumentReferences[1]["theName"]] odr3 = odrs[self.iDocumentReferences[2]["theName"]] self.assertEqual(self.iDocumentReferences[0]["theName"], odr1.name()) self.assertEqual(self.iDocumentReferences[0]["theDocName"], odr1.document()) self.assertEqual(self.iDocumentReferences[0]["theContributor"], odr1.contributor()) self.assertEqual(self.iDocumentReferences[0]["theExcerpt"], odr1.excerpt()) self.assertEqual(self.iDocumentReferences[1]["theName"], odr2.name()) self.assertEqual(self.iDocumentReferences[1]["theDocName"], odr2.document()) self.assertEqual(self.iDocumentReferences[1]["theContributor"], odr2.contributor()) self.assertEqual(self.iDocumentReferences[1]["theExcerpt"], odr2.excerpt()) self.assertEqual(self.iDocumentReferences[2]["theName"], odr3.name()) self.assertEqual(self.iDocumentReferences[2]["theDocName"], odr3.document()) self.assertEqual(self.iDocumentReferences[2]["theContributor"], odr3.contributor()) self.assertEqual(self.iDocumentReferences[2]["theExcerpt"], odr3.excerpt()) ipc1 = PersonaCharacteristicParameters( self.iPersonaCharacteristics[0]["thePersonaName"], self.iPersonaCharacteristics[0]["theModQual"], self.iPersonaCharacteristics[0]["theVariable"], self.iPersonaCharacteristics[0]["theCharacteristic"], [(self.iPersonaCharacteristics[0]["ground"], '', 'document')], [(self.iPersonaCharacteristics[0]["warrant"], '', 'document')], [], [(self.iPersonaCharacteristics[0]["rebuttal"], '', 'document')]) b.dbProxy.addPersonaCharacteristic(ipc1) opcs = b.dbProxy.getPersonaCharacteristics() opc1 = opcs[self.iPersonaCharacteristics[0]["thePersonaName"] + '/' + self.iPersonaCharacteristics[0]["theVariable"] + '/' + self.iPersonaCharacteristics[0]["theCharacteristic"]] self.assertEqual(self.iPersonaCharacteristics[0]["thePersonaName"], opc1.persona()) self.assertEqual(self.iPersonaCharacteristics[0]["theModQual"], opc1.qualifier()) self.assertEqual(self.iPersonaCharacteristics[0]["theVariable"], opc1.behaviouralVariable()) self.assertEqual(self.iPersonaCharacteristics[0]["theCharacteristic"], opc1.characteristic()) self.assertEqual(self.iPersonaCharacteristics[0]["ground"], opc1.grounds()[0][0]) self.assertEqual(self.iPersonaCharacteristics[0]["warrant"], opc1.warrant()[0][0]) self.assertEqual(self.iPersonaCharacteristics[0]["rebuttal"], opc1.rebuttal()[0][0]) b.dbProxy.deletePersonaCharacteristic(opc1.id()) b.dbProxy.deleteDocumentReference(odr1.id()) b.dbProxy.deleteDocumentReference(odr2.id()) b.dbProxy.deleteDocumentReference(odr3.id()) b.dbProxy.deleteExternalDocument(oec1.id()) b.dbProxy.deleteExternalDocument(oec2.id()) b.dbProxy.deletePersona(op.id())
def endElement(self, name): if name == 'persona': p = PersonaParameters(self.theName, self.theActivities, self.theAttitudes, self.theAptitudes, self.theMotivations, self.theSkills, self.theIntrinsic, self.theContextual, self.theImage, self.isAssumptionPersona, self.theType, self.theTags, self.theEnvironmentProperties, {}) self.thePersonas.append(p) self.resetPersonaAttributes() elif name == 'persona_environment': p = PersonaEnvironmentProperties(self.theEnvironmentName, self.isDirect, self.theNarrative, self.theRoles, {'narrative': {}}) self.theEnvironmentProperties.append(p) self.resetPersonaEnvironmentAttributes() elif name == 'external_document': p = ExternalDocumentParameters(self.theName, self.theVersion, self.theDate, self.theAuthors, self.theDescription) self.theExternalDocuments.append(p) self.resetExternalDocumentAttributes() elif name == 'document_reference': p = DocumentReferenceParameters(self.theName, self.theDocument, self.theContributor, self.theExcerpt) self.theDocumentReferences.append(p) self.resetDocumentReferenceAttributes() elif name == 'concept_reference': p = ConceptReferenceParameters(self.theName, self.theConcept, self.theObject, self.theDescription) self.theConceptReferences.append(p) self.resetConceptReferenceAttributes() elif name == 'persona_characteristic': p = PersonaCharacteristicParameters( self.thePersona, self.theModalQualifier, self.theBvName, self.theDefinition, self.theGrounds, self.theWarrants, [], self.theRebuttals) self.thePersonaCharacteristics.append(p) self.resetPersonaCharacteristicAttributes() elif name == 'task_characteristic': p = TaskCharacteristicParameters(self.theTask, self.theModalQualifier, self.theDefinition, self.theGrounds, self.theWarrants, [], self.theRebuttals) self.theTaskCharacteristics.append(p) self.resetTaskCharacteristicAttributes() elif name == 'task': p = TaskParameters(self.theName, self.theCode, self.theObjective, self.isAssumptionTask, self.theAuthor, self.theTags, self.theEnvironmentProperties) self.theTasks.append(p) self.resetTaskAttributes() elif name == 'task_environment': p = TaskEnvironmentProperties( self.theEnvironmentName, self.theDependencies, self.theTaskPersonas, self.theConcerns, self.theConcernAssociations, self.theNarrative, self.theConsequences, self.theBenefits, { 'narrative': {}, 'consequences': {}, 'benefits': {} }) self.theEnvironmentProperties.append(p) self.resetTaskEnvironmentAttributes() elif name == 'exception': self.theCurrentStep.addException( (self.theExcName, self.theExcType, self.theExcValue, self.theExcCat, self.theDefinition)) elif name == 'step': self.theCurrentStep.setTags(self.theTags) self.theSteps.append(self.theCurrentStep) self.theCurrentStep = None elif name == 'usecase_environment': p = UseCaseEnvironmentProperties(self.theEnvironmentName, self.thePreconditions, self.theSteps, self.thePostconditions) self.theEnvironmentProperties.append(p) self.resetUseCaseEnvironmentAttributes() elif name == 'usecase': p = UseCaseParameters(self.theName, self.theAuthor, self.theCode, self.theActors, self.theDescription, self.theTags, self.theEnvironmentProperties) self.theUseCases.append(p) self.resetUseCaseAttributes() elif name == 'activities': self.inActivities = 0 elif name == 'attitudes': self.inAttitudes = 0 elif name == 'aptitudes': self.inAptitudes = 0 elif name == 'motivations': self.inMotivations = 0 elif name == 'skills': self.inSkills = 0 elif name == 'intrinsic': self.inIntrinsic = 0 elif name == 'contextual': self.inContextual = 0 elif name == 'narrative': self.inNarrative = 0 elif name == 'excerpt': self.inExcerpt = 0 elif name == 'description': self.inDescription = 0 elif name == 'definition': self.inDefinition = 0 elif name == 'dependencies': self.inDependencies = 0 elif name == 'objective': self.inObjective = 0 elif name == 'preconditions': self.inPreconditions = 0 elif name == 'postconditions': self.inPostconditions = 0 elif name == 'benefits': self.inBenefits = 0 elif name == 'consequences': self.inConsequences = 0
def setUp(self): call([os.environ['CAIRIS_SRC'] + "/test/initdb.sh"]) cairis.core.BorgFactory.initialise() f = open(os.environ['CAIRIS_SRC'] + '/test/countermeasures.json') d = json.load(f) f.close() self.ienvs = d['environments'] self.iep1 = EnvironmentParameters(self.ienvs[0]["theName"], self.ienvs[0]["theShortCode"], self.ienvs[0]["theDescription"]) b = Borg() b.dbProxy.addEnvironment(self.iep1) self.oenvs = b.dbProxy.getEnvironments() self.iRoles = d['roles'] self.irp = RoleParameters(self.iRoles[0]["theName"], self.iRoles[0]["theType"], self.iRoles[0]["theShortCode"], self.iRoles[0]["theDescription"], []) b.dbProxy.addRole(self.irp) self.oRoles = b.dbProxy.getRoles() self.iPersonas = d['personas'] self.ipp = PersonaParameters( self.iPersonas[0]["theName"], self.iPersonas[0]["theActivities"], self.iPersonas[0]["theAttitudes"], self.iPersonas[0]["theAptitudes"], self.iPersonas[0]["theMotivations"], self.iPersonas[0]["theSkills"], self.iPersonas[0]["theIntrinsic"], self.iPersonas[0]["theContextual"], "", "0", self.iPersonas[0]["thePersonaType"], [], [ PersonaEnvironmentProperties( self.iPersonas[0]["theEnvironmentProperties"][0] ["theName"], (self.iPersonas[0]["theEnvironmentProperties"] [0]["theDirectFlag"] == "True"), self.iPersonas[0]["theEnvironmentProperties"][0] ["theNarrative"], self.iPersonas[0] ["theEnvironmentProperties"][0]["theRole"]) ], []) b.dbProxy.addPersona(self.ipp) self.opp = b.dbProxy.getPersonas() self.iExternalDocuments = d['external_documents'] self.iec1 = ExternalDocumentParameters( self.iExternalDocuments[0]["theName"], self.iExternalDocuments[0]["theVersion"], self.iExternalDocuments[0]["thePublicationDate"], self.iExternalDocuments[0]["theAuthors"], self.iExternalDocuments[0]["theDescription"]) self.iec2 = ExternalDocumentParameters( self.iExternalDocuments[1]["theName"], self.iExternalDocuments[1]["theVersion"], self.iExternalDocuments[1]["thePublicationDate"], self.iExternalDocuments[1]["theAuthors"], self.iExternalDocuments[1]["theDescription"]) b.dbProxy.addExternalDocument(self.iec1) b.dbProxy.addExternalDocument(self.iec2) self.oecs = b.dbProxy.getExternalDocuments() self.iDocumentReferences = d['document_references'] self.idr1 = DocumentReferenceParameters( self.iDocumentReferences[0]["theName"], self.iDocumentReferences[0]["theDocName"], self.iDocumentReferences[0]["theContributor"], self.iDocumentReferences[0]["theExcerpt"]) self.idr2 = DocumentReferenceParameters( self.iDocumentReferences[1]["theName"], self.iDocumentReferences[1]["theDocName"], self.iDocumentReferences[1]["theContributor"], self.iDocumentReferences[1]["theExcerpt"]) b.dbProxy.addDocumentReference(self.idr1) b.dbProxy.addDocumentReference(self.idr2) self.odrs = b.dbProxy.getDocumentReferences() self.iPersonaCharacteristics = d['persona_characteristics'] self.ipc1 = PersonaCharacteristicParameters( self.iPersonaCharacteristics[0]["thePersonaName"], self.iPersonaCharacteristics[0]["theModQual"], self.iPersonaCharacteristics[0]["theVariable"], self.iPersonaCharacteristics[0]["theCharacteristic"], [(self.iPersonaCharacteristics[0]["ground"], '', 'document')], [(self.iPersonaCharacteristics[0]["warrant"], '', 'document')], [], []) b.dbProxy.addPersonaCharacteristic(self.ipc1) self.opcs = b.dbProxy.getPersonaCharacteristics() self.iAttackers = d['attackers'] self.iatkeps = [ AttackerEnvironmentProperties( self.iAttackers[0]["theEnvironmentProperties"][0]["theName"], self.iAttackers[0]["theEnvironmentProperties"][0]["theRoles"], self.iAttackers[0]["theEnvironmentProperties"][0] ["theMotives"], self.iAttackers[0]["theEnvironmentProperties"] [0]["theCapabilities"]) ] self.iatk = AttackerParameters(self.iAttackers[0]["theName"], self.iAttackers[0]["theDescription"], self.iAttackers[0]["theImage"], [], self.iatkeps) b.dbProxy.addAttacker(self.iatk) self.oAttackers = b.dbProxy.getAttackers() self.iVtypes = d['valuetypes'] self.ivt1 = ValueTypeParameters(self.iVtypes[0]["theName"], self.iVtypes[0]["theDescription"], self.iVtypes[0]["theType"]) self.ivt2 = ValueTypeParameters(self.iVtypes[1]["theName"], self.iVtypes[1]["theDescription"], self.iVtypes[1]["theType"]) b.dbProxy.addValueType(self.ivt1) b.dbProxy.addValueType(self.ivt2) self.ovtt = b.dbProxy.getValueTypes('threat_type') self.ovtv = b.dbProxy.getValueTypes('vulnerability_type') self.iassets = d['assets'] self.iaeps1 = [ AssetEnvironmentProperties( self.iassets[0]["theEnvironmentProperties"][0][0], self.iassets[0]["theEnvironmentProperties"][0][1], self.iassets[0]["theEnvironmentProperties"][0][2]) ] self.iaeps2 = [ AssetEnvironmentProperties( self.iassets[1]["theEnvironmentProperties"][0][0], self.iassets[1]["theEnvironmentProperties"][0][1], self.iassets[1]["theEnvironmentProperties"][0][2]) ] self.iaeps3 = [ AssetEnvironmentProperties( self.iassets[2]["theEnvironmentProperties"][0][0], self.iassets[2]["theEnvironmentProperties"][0][1], self.iassets[2]["theEnvironmentProperties"][0][2]) ] self.iap1 = AssetParameters(self.iassets[0]["theName"], self.iassets[0]["theShortCode"], self.iassets[0]["theDescription"], self.iassets[0]["theSignificance"], self.iassets[0]["theType"], "0", "N/A", [], [], self.iaeps1) self.iap2 = AssetParameters(self.iassets[1]["theName"], self.iassets[1]["theShortCode"], self.iassets[1]["theDescription"], self.iassets[1]["theSignificance"], self.iassets[1]["theType"], "0", "N/A", [], [], self.iaeps2) self.iap3 = AssetParameters(self.iassets[2]["theName"], self.iassets[2]["theShortCode"], self.iassets[2]["theDescription"], self.iassets[2]["theSignificance"], self.iassets[2]["theType"], "0", "N/A", [], [], self.iaeps3) b.dbProxy.addAsset(self.iap1) b.dbProxy.addAsset(self.iap2) b.dbProxy.addAsset(self.iap3) self.oap = b.dbProxy.getAssets() self.iThreats = d['threats'] self.iteps = [ ThreatEnvironmentProperties( self.iThreats[0]["theEnvironmentProperties"][0]["theName"], self.iThreats[0]["theEnvironmentProperties"][0] ["theLikelihood"], self.iThreats[0]["theEnvironmentProperties"][0]["theAssets"], self.iThreats[0]["theEnvironmentProperties"][0] ["theAttackers"], self.iThreats[0]["theEnvironmentProperties"] [0]["theProperties"][0][1], self.iThreats[0] ["theEnvironmentProperties"][0]["theProperties"][0][1]) ] self.itps = ThreatParameters(self.iThreats[0]["theName"], self.iThreats[0]["theType"], self.iThreats[0]["theMethod"], [], self.iteps) b.dbProxy.addThreat(self.itps) self.otps = b.dbProxy.getThreats() self.iVuln = d['vulnerabilities'] self.iveps = [ VulnerabilityEnvironmentProperties( self.iVuln[0]["theEnvironmentProperties"][0]["theName"], self.iVuln[0]["theEnvironmentProperties"][0]["theSeverity"], self.iVuln[0]["theEnvironmentProperties"][0]["theAssets"]) ] self.ivp = VulnerabilityParameters(self.iVuln[0]["theName"], self.iVuln[0]["theDescription"], self.iVuln[0]["theType"], [], self.iveps) b.dbProxy.addVulnerability(self.ivp) self.ovp = b.dbProxy.getVulnerabilities() self.imc = d['misuseCase'] self.iRisks = d['risks'] imcep = [ MisuseCaseEnvironmentProperties( self.imc[0]["theEnvironmentProperties"][0]["theName"], self.imc[0]["theEnvironmentProperties"][0]["theDescription"]) ] imcp = MisuseCase(int(0), self.imc[0]["theName"], imcep, self.imc[0]["theRisk"]) irp = RiskParameters(self.iRisks[0]["theName"], self.iRisks[0]["threatName"], self.iRisks[0]["vulName"], imcp, []) b.dbProxy.addRisk(irp) oRisks = b.dbProxy.getRisks() self.r = oRisks[self.iRisks[0]["theName"]] self.iResponses = d['responses'] iar1Name = self.iResponses[0]["theType"] + " " + self.iResponses[0][ "theRisk"] iaep1 = AcceptEnvironmentProperties( self.iResponses[0]["theEnvironmentProperties"][0], self.iResponses[0]["theEnvironmentProperties"][1], self.iResponses[0]["theEnvironmentProperties"][2]) iar1 = ResponseParameters(iar1Name, self.iResponses[0]["theRisk"], [], [iaep1], self.iResponses[0]["theType"]) iar2Name = self.iResponses[1]["theType"] + " " + self.iResponses[1][ "theRisk"] iaep2 = MitigateEnvironmentProperties( self.iResponses[1]["theEnvironmentProperties"], self.iResponses[1]["theType"]) iar2 = ResponseParameters(iar2Name, self.iResponses[1]["theRisk"], [], [iaep2], self.iResponses[1]["theType"]) b.dbProxy.addResponse(iar1) b.dbProxy.addResponse(iar2) self.ors = b.dbProxy.getResponses() self.oar1 = self.ors[iar1Name] self.oar2 = self.ors[iar2Name] rgp = cairis.core.GoalFactory.build(self.oar2) riskParameters = rgp[0] riskGoalId = b.dbProxy.addGoal(riskParameters) b.dbProxy.addTrace('response_goal', self.oar2.id(), riskGoalId) if (rgp > 1): threatParameters = rgp[1] vulnerabilityParameters = rgp[2] b.dbProxy.addGoal(vulnerabilityParameters) b.dbProxy.addGoal(threatParameters) b.dbProxy.relabelGoals(iaep2.name()) oGoals = b.dbProxy.getGoals() self.rg = oGoals['Deter' + self.oar2.risk()] self.vg = oGoals[vulnerabilityParameters.name()] self.tg = oGoals[threatParameters.name()] ogops = b.dbProxy.getGoalAssociations() self.ogop1 = ogops[iaep2.name() + '/' + riskParameters.name() + '/' + threatParameters.name() + '/or'] self.ogop2 = ogops[iaep2.name() + '/' + riskParameters.name() + '/' + vulnerabilityParameters.name() + '/or'] self.reqId = b.dbProxy.newId() self.irequirements = d['requirements'] self.ireq = cairis.core.RequirementFactory.build( self.reqId, self.irequirements[0]["theLabel"], self.irequirements[0]["theName"], self.irequirements[0]["theDescription"], self.irequirements[0]["thePriority"], self.irequirements[0]["theRationale"], self.irequirements[0]["theFitCriterion"], self.irequirements[0]["theOriginator"], self.irequirements[0]["theType"], self.irequirements[0]["theReference"], 1) b.dbProxy.addRequirement(self.ireq, self.irequirements[0]["theReference"], True) oreqs = b.dbProxy.getRequirements() self.oreq = oreqs[self.ireq.description()] iga = GoalAssociationParameters(iaep2.name(), self.vg.name(), 'goal', 'and', self.oreq.name(), 'requirement', 0, 'None') b.dbProxy.addGoalAssociation(iga) ogops = b.dbProxy.getGoalAssociations() self.ogop3 = ogops[iaep2.name() + '/' + self.vg.name() + '/' + self.oreq.name() + '/and'] self.iCountermeasures = d['countermeasures']
def importPersonaCharacteristicsWorkbook(wbFile,session_id): eds = [] drs = [] pcs = [] wb = load_workbook(filename = wbFile,data_only=True) edSheet = wb.worksheets[0] edNames = set([]) for row in edSheet.iter_rows(min_row=2): edName = row[0].value edAuth = row[1].value edVer = row[2].value edPD = str(row[3].value) edDesc = row[4].value if (edName != '' and edName != None): edNames.add(edName) if (edAuth == '' or edAuth == None): edAuth = 'Unknown' if (edVer == '' or edVer == None): edVer = '1' if (edPD == '' or edPD == None): edPD = 'Unknown' if (edDesc == '' or edDesc == None): edDesc = 'Unknown' eds.append(ExternalDocumentParameters(edName,edVer,edPD,edAuth,edDesc)) b = Borg() db_proxy = b.get_dbproxy(session_id) drNames = set([]) drSheet = wb.worksheets[1] for row in drSheet.iter_rows(min_row=2): drName = row[0].value drDoc = row[1].value drCont = row[2].value drExc = row[3].value if (drName != '' and drName != None): drNames.add(drName) if (drDoc not in edNames): if (db_proxy.existingObject(drDoc,'external_document') == -1): raise ARMException("Cannot import document reference " + drName + ". " + drDoc + " not an external document.") if (drCont == '' or drCont == None): drCont = 'Unknown' if (drExc == '' or drExc == None): drExc = 'Unknown' drs.append(DocumentReferenceParameters(drName,drDoc,drCont,drExc)) pcSheet = wb.worksheets[2] for row in pcSheet.iter_rows(min_row=2): pcName = row[0].value pName = row[1].value.strip() bvName = row[2].value.strip() modQual = row[3].value.strip() grounds = row[4].value if (grounds == None): grounds = [] else: grounds = list(map(lambda x: (x.strip(),'','document'),grounds.strip().split(','))) if (len(grounds) == 1 and grounds[0][0] == ''): grounds = [] warrant = row[5].value if (warrant == None): warrant = [] else: warrant = list(map(lambda x: (x.strip(),'','document'),warrant.strip().split(','))) if (len(warrant) == 1 and warrant[0][0] == ''): warrant = [] rebuttal = row[6].value if (rebuttal == None): rebuttal = [] else: rebuttal = list(map(lambda x: (x.strip(),'','document'),rebuttal.strip().split(','))) if (len(rebuttal) == 1 and rebuttal[0][0] == ''): rebuttal = [] if (pcName != ''): if (db_proxy.existingObject(pName,'persona') == -1): raise ARMException("Cannot import persona characteristic " + pcName + ". Persona " + pName + " does not exist.") if bvName not in ['Activities','Attitudes','Aptitudes','Motivations','Skills','Environment Narrative','Intrinsic','Contextual']: raise ARMException("Cannot import persona characteristic " + pcName + ". " + bvName + " is an invalid behavioural variable name.") if (modQual == '' or modQual == None): modQual = 'Possibly' for g in grounds: if ((g[0] not in drNames) and (db_proxy.existingObject(g[0],'document_reference') == -1)): raise ARMException("Cannot import persona characteristic " + pcName + ". Document reference corresponding with grounds " + g[0] + " does not exist.") for w in warrant: if ((w[0] not in drNames) and (db_proxy.existingObject(w[0],'document_reference') == -1)): raise ARMException("Cannot import persona characteristic " + pcName + ". Document reference corresponding with warrant " + w[0] + " does not exist.") for r in rebuttal: if ((r[0] not in drNames) and (db_proxy.existingObject(r[0],'document_reference') == -1)): raise ARMException("Cannot import persona characteristic " + pcName + ". Document reference corresponding with rebuttal " + r[0] + " does not exist.") pcs.append(PersonaCharacteristicParameters(pName,modQual,bvName,pcName,grounds,warrant,[],rebuttal)) for edParameters in eds: objtId = db_proxy.existingObject(edParameters.name(),'external_document') if objtId == -1: db_proxy.addExternalDocument(edParameters) else: edParameters.setId(objtId) db_proxy.updateExternalDocument(edParameters) for drParameters in drs: objtId = db_proxy.existingObject(drParameters.name(),'document_reference') if objtId == -1: db_proxy.addDocumentReference(drParameters) else: drParameters.setId(objtId) db_proxy.updateDocumentReference(drParameters) for pcParameters in pcs: objtId = db_proxy.existingObject(pcParameters.characteristic(),'persona_characteristic') if objtId == -1: db_proxy.addPersonaCharacteristic(pcParameters) else: pcParameters.setId(objtId) db_proxy.updatePersonaCharacteristic(pcParameters) msgStr = 'Imported ' + str(len(eds)) + ' external documents, ' + str(len(drs)) + ' document references, and ' + str(len(pcs)) + ' persona characteristics.' return msgStr