def add_asset_association(self, assoc): assocParams = ClassAssociationParameters( envName=assoc.theEnvironmentName, headName=assoc.theHeadAsset, headDim='asset', headNav=assoc.theHeadNavigation, headType=assoc.theHeadType, headMultiplicity=assoc.theHeadMultiplicity, headRole=assoc.theHeadRole, tailRole=assoc.theTailRole, tailMultiplicity=assoc.theTailMultiplicity, tailType=assoc.theTailType, tailNav=assoc.theTailNavigation, tailDim='asset', tailName=assoc.theTailAsset, rationale=assoc.theRationale) try: self.db_proxy.addClassAssociation(assocParams) except ARMException as ex: self.close() raise ARMHTTPError(ex)
def get_obstacle_model(self, environment_name, obstacle_name): fontName, fontSize, apFontName = get_fonts(session_id=self.session_id) try: obstacle_filter = 0 if obstacle_name != '': obstacle_filter = 1 associationDictionary = self.db_proxy.obstacleModel( environment_name, obstacle_name, obstacle_filter) associations = KaosModel(associationDictionary.values(), environment_name, 'obstacle', obstacle_name, db_proxy=self.db_proxy, font_name=fontName, font_size=fontSize) dot_code = associations.graph() return dot_code except DatabaseProxyException as ex: self.close() raise ARMHTTPError(ex)
def getDimensions(self, table, id): try: permissableDimensions = [ 'access_right', 'architectural_pattern', 'asset', 'asset_reference', 'asset_type', 'attacker', 'attacker_reference', 'behavioural_variable', 'capability', 'characteristic_synopsis', 'component', 'concept_reference', 'connector', 'countermeasure', 'countermeasure_reference', 'countermeasure_value', 'datastore', 'detection_mechanism', 'dfd_filter', 'document_reference', 'domainproperty', 'domainproperty_reference', 'entity', 'environment', 'environment_reference', 'external_document', 'goal', 'goal_reference', 'goal_category_type', 'interface', 'likelihood', 'locations', 'misusability_case', 'misusecase', 'misusecase_reference', 'motivation', 'obstacle', 'obstacle_category_type', 'obstacle_reference', 'persona', 'persona_characteristic', 'persona_characteristic_synopsis', 'persona_implied_process', 'persona_reference', 'persona_type', 'priority_type', 'privilege', 'protocol', 'reference_synopsis', 'requirement', 'requirement_reference', 'requirement_type', 'response', 'response_reference', 'risk', 'risk_class', 'risk_reference', 'role', 'role_reference', 'role_type', 'securitypattern', 'severity', 'surface_type', 'task', 'task_characteristic', 'task_reference', 'template_asset', 'template_goal', 'template_requirement', 'trace_dimension', 'threat', 'threat_reference', 'threat_type', 'threat_value', 'usecase', 'vulnerability', 'vulnerability_reference', 'vulnerability_type' ] if (table not in permissableDimensions): raise CairisHTTPError( BAD_REQUEST, 'Invalid dimension', table + ' is not a permissable dimension') if (table == 'persona_characteristic_synopsis'): return self.getDimensionNames(table, '') else: return sorted(self.db_proxy.getDimensions(table, id).keys()) except DatabaseProxyException as ex: self.close() raise ARMHTTPError(ex)
def get_goal_model(self, environment_name, goal_name, usecase_name): fontName, fontSize, apFontName = get_fonts(session_id=self.session_id) try: associationDictionary = {} goalFilter = 0 ucFilter = 0 if goal_name != '': goalFilter = 1 if usecase_name != '': ucFilter = 1 associationDictionary = self.db_proxy.goalModel( environment_name, goal_name, goalFilter, ucFilter) associations = KaosModel(associationDictionary.values(), environment_name, 'goal', goal_name, db_proxy=self.db_proxy, font_name=fontName, font_size=fontSize) dot_code = associations.graph() return dot_code except DatabaseProxyException as ex: self.close() raise ARMHTTPError(ex)
def get_requirement_by_name(self, name): found_requirement = None try: requirements = self.db_proxy.getRequirements() except DatabaseProxyException as ex: self.close() raise ARMHTTPError(ex) if requirements is not None: idx = 0 while found_requirement is None and idx < len(requirements): if (list(requirements.values())[idx].theName == name) or (list( requirements.values())[idx].theLabel == name): found_requirement = list(requirements.values())[idx] idx += 1 if found_requirement is None: self.close() raise ObjectNotFoundHTTPError('The provided requirement name ' + '"' + name + '"') return found_requirement
def file_export(self, fileName='', fileType='xml'): try: xmlBuf = '<?xml version="1.0"?>\n<!DOCTYPE cairis_model PUBLIC "-//CAIRIS//DTD MODEL 1.0//EN" "http://cairis.org/dtd/cairis_model.dtd">\n<cairis_model>\n\n\n' xmlBuf += self.db_proxy.tvTypesToXml(0)[0] + '\n\n' xmlBuf += self.db_proxy.domainValuesToXml(0)[0] + '\n\n' xmlBuf += self.db_proxy.projectToXml(0) + '\n\n' xmlBuf += self.db_proxy.riskAnalysisToXml(0)[0] + '\n\n' xmlBuf += self.db_proxy.usabilityToXml(0)[0] + '\n\n' xmlBuf += self.db_proxy.goalsToXml(0)[0] + '\n\n' xmlBuf += self.db_proxy.associationsToXml(0)[0] + '\n\n' xmlBuf += self.db_proxy.synopsesToXml(0)[0] + '\n\n' xmlBuf += self.db_proxy.misusabilityToXml(0)[0] + '\n\n' xmlBuf += self.db_proxy.dataflowsToXml(0)[0] + '\n\n' xmlBuf += self.db_proxy.locationsToXml()[0] + '\n\n</cairis_model>' if (fileType == 'xml'): return xmlBuf else: return self.modelPackage(fileName, xmlBuf) except DatabaseProxyException as ex: self.close() raise ARMHTTPError(ex)
def add_asset(self, asset, asset_props=None): try: self.db_proxy.nameCheck(asset.theName, 'asset') except ARMException as ex: self.close() raise ARMHTTPError(ex) assetParams = AssetParameters( assetName=asset.theName, shortCode=asset.theShortCode, assetDesc=asset.theDescription, assetSig=asset.theSignificance, assetType=asset.theType, cFlag=asset.isCritical, cRationale=asset.theCriticalRationale, tags=asset.theTags, ifs=asset.theInterfaces, cProperties=asset.theEnvironmentProperties ) asset_id = self.db_proxy.addAsset(assetParams) return asset_id
def add_goal_association(self, assoc, pathValues=[]): if (assoc.theGoal == assoc.theSubGoal): raise CairisHTTPError(status_code=http.client.BAD_REQUEST, status="Self-refinement error", message='Cannot self-refine ' + assoc.theGoal) assocParams = GoalAssociationParameters( envName=assoc.theEnvironmentName, goalName=assoc.theGoal, goalDimName=assoc.theGoalDimension, aType=assoc.theAssociationType, subGoalName=assoc.theSubGoal, subGoalDimName=assoc.theSubGoalDimension, alternativeId=assoc.theAlternativeId, rationale=assoc.theRationale) try: self.db_proxy.addGoalAssociation(assocParams) except ARMException as ex: self.close() raise ARMHTTPError(ex)
def get_vulnerability_by_id(self, vuln_id, simplify=True): found_vulnerability = None try: vulnerabilities = self.db_proxy.getVulnerabilities() except DatabaseProxyException as ex: self.close() raise ARMHTTPError(ex) idx = 0 while found_vulnerability is None and idx < len(vulnerabilities): if vulnerabilities.values()[idx].theId == vuln_id: found_vulnerability = vulnerabilities.values()[idx] idx += 1 if found_vulnerability is None: self.close() raise ObjectNotFoundHTTPError('The provided vulnerability ID') if simplify: found_vulnerability = self.simplify(found_vulnerability) return found_vulnerability
def get_threat_by_id(self, threat_id, simplify=True): found_threat = None try: threats = self.db_proxy.getThreats() except DatabaseProxyException as ex: self.close() raise ARMHTTPError(ex) idx = 0 while found_threat is None and idx < len(threats): if list(threats.values())[idx].theId == threat_id: found_threat = list(threats.values())[idx] idx += 1 if found_threat is None: self.close() raise ObjectNotFoundHTTPError('The provided threat ID') if simplify: found_threat = self.simplify(found_threat) return found_threat
def get_asset_by_id(self, id, simplify=True): found_asset = None try: assets = self.db_proxy.getAssets() except DatabaseProxyException as ex: self.close() raise ARMHTTPError(ex) idx = 0 while found_asset is None and idx < len(assets): if assets.values()[idx].theId == id: found_asset = assets.values()[idx] idx += 1 if found_asset is None: self.close() raise ObjectNotFoundHTTPError('The provided asset ID') if simplify: found_asset = self.simplify(found_asset) return found_asset
def update_goal_association(self, assoc, environment_name, goal_name, subgoal_name): old_assoc = self.get_goal_association(environment_name, goal_name, subgoal_name, False) assocId = old_assoc.theId assocParams = GoalAssociationParameters( envName=assoc.theEnvironmentName, goalName=assoc.theGoal, goalDimName=assoc.theGoalDimension, aType=assoc.theAssociationType, subGoalName=assoc.theSubGoal, subGoalDimName=assoc.theSubGoalDimension, alternativeId=assoc.theAlternativeId, rationale=assoc.theRationale) assocParams.setId(assocId) try: self.db_proxy.updateGoalAssociation(assocParams) except ARMException as ex: self.close() raise ARMHTTPError(ex)
def add_role(self, role): """ Adds a new Role to the database :type role_props: RoleEnvironmentProperties :type role: Role :return Returns the role's new ID :rtype int """ try: self.db_proxy.nameCheck(role.theName, 'role') except ARMException as ex: self.close() raise ARMHTTPError(ex) role_params = RoleParameters(name=role.theName, rType=role.theType, sCode=role.theShortCode, desc=role.theDescription, cProperties=[]) role_id = self.db_proxy.addRole(role_params) return role_id
def get_environment_by_name(self, name, simplify=True): """ :rtype: Environment :raise ObjectNotFoundHTTPError: """ found_environment = None try: environments = self.db_proxy.getEnvironments() except DatabaseProxyException as ex: self.close() raise ARMHTTPError(ex) if environments is not None: found_environment = environments.get(name) if found_environment is None: self.close() raise ObjectNotFoundHTTPError('The provided environment name') if simplify: found_environment = self.simplify(found_environment) return found_environment
def get_hta_model(self, environment_name,usecaseName,sub_usecaseName, pathValues): fontName, fontSize, apFontName = get_fonts(session_id=self.session_id) is_top_level = pathValues[0] if usecaseName == 'all': usecaseName = '' if sub_usecaseName == 'all': sub_usecaseName = '' try: associationDictionary = {} ucFilter = 0 sub_ucFilter = 0 if usecaseName != '': ucFilter = 1 if sub_usecaseName != '': sub_ucFilter = 1 usecaseName = sub_usecaseName associationDictionary = self.db_proxy.UseCaseModel(environment_name,usecase_name,is_top_level,ucFilter) associations = UseCaseModel(list(associationDictionary.values()), environment_name, 'usecase', usecase_name, db_proxy=self.db_proxy, font_name=fontName, font_size=fontSize) dot_code = associations.graph() return dot_code except DatabaseProxyException as ex: self.close() raise ARMHTTPError(ex)
def get_objects(self, constraint_id='', simplify=True): try: if (constraint_id == -1): constraint_id = '' dependencies = self.db_proxy.getDependencies(constraint_id) except DatabaseProxyException as ex: self.close() raise ARMHTTPError(ex) except ARMException as ex: self.close() raise ARMHTTPError if (simplify): depKeys = sorted(dependencies.keys()) depList = [] for key in depKeys: value = dependencies[key] del value.theId depList.append(value) return depList else: for key, value in list(dependencies.items()): del value.theId dependencies[key] = value return dependencies
def update_role(self, role, name=None, role_id=-1): if name is not None: old_role = self.get_role_by_name(name, simplify=False) if role is None: self.close() raise ObjectNotFoundHTTPError('The asset') role_id = old_role.theId if role_id > -1: params = RoleParameters(name=role.theName, rType=role.theType, sCode=role.theShortCode, desc=role.theDescription, cProperties=[]) params.setId(role_id) try: self.db_proxy.updateRole(params) except DatabaseProxyException as ex: self.close() raise ARMHTTPError(ex) else: self.close() raise MissingParameterHTTPError(param_names=['id'])
def update_asset_association(self, assoc, oldEnvName, oldHeadAsset, oldTailAsset, pathValues=[]): assocParams = ClassAssociationParameters( envName=assoc.theEnvironmentName, headName=assoc.theHeadAsset, headDim='asset', headNav=assoc.theHeadNavigation, headType=assoc.theHeadType, headMultiplicity=assoc.theHeadMultiplicity, headRole=assoc.theHeadRole, tailRole=assoc.theTailRole, tailMultiplicity=assoc.theTailMultiplicity, tailType=assoc.theTailType, tailNav=assoc.theTailNavigation, tailDim='asset', tailName=assoc.theTailAsset, rationale=assoc.theRationale) try: if ((assoc.theEnvironmentName != oldEnvName) or (assoc.theHeadAsset != oldHeadAsset) or (assoc.theTailAsset != oldTailAsset)): self.db_proxy.checkAssetAssociation(assoc.theEnvironmentName, assoc.theHeadAsset, assoc.theTailAsset) caId = self.db_proxy.getDimensionId( oldEnvName + '/' + oldHeadAsset + '/' + oldTailAsset, 'classassociation') assocParams.setId(caId) self.db_proxy.updateClassAssociation(assocParams) except ARMException as ex: self.close() raise ARMHTTPError(ex)
def add_requirement(self, requirement, asset_name=None, environment_name=None): try: self.db_proxy.nameCheck(requirement.theName, 'requirement') except ARMException as ex: self.close() raise ARMHTTPError(ex) new_id = self.db_proxy.newId() requirement.theId = new_id requirement.theVersion = 1 if asset_name is not None: try: self.db_proxy.addRequirement(requirement, assetName=asset_name, isAsset=True) except ARMException as ex: self.close() handle_exception(ex) elif environment_name is not None: try: self.db_proxy.addRequirement(requirement, assetName=environment_name, isAsset=False) except ARMException as ex: self.close() handle_exception(ex) else: self.close() raise MissingParameterHTTPError( param_names=['asset or environment']) return new_id
def get_dimension_requirement_names(self, dimName, objtName): try: return self.db_proxy.dimensionRequirements(dimName, objtName) except DatabaseProxyException as ex: self.close() raise ARMHTTPError(ex)
def file_import(self,importFile,mFormat,overwriteFlag): try: return file_import(importFile,mFormat,overwriteFlag,self.session_id) except DatabaseProxyException as ex: self.close() raise ARMHTTPError(ex)
def getDimensionNames(self,table,environment): try: return self.db_proxy.getDimensionNames(table,environment) except DatabaseProxyException as ex: self.close() raise ARMHTTPError(ex)
def add_object(self, ug): try: self.db_proxy.addUserGoal(ug) except ARMException as ex: self.close() raise ARMHTTPError(ex)
def get_asset_associations(self): try: return self.db_proxy.getClassAssociations() except DatabaseProxyException as ex: self.close() raise ARMHTTPError(ex)
def security_patterns_export(self): try: return self.db_proxy.securityPatternsToXml() except DatabaseProxyException as ex: self.close() raise ARMHTTPError(ex)
def grl_export(self, taskName, personaName, envName): try: return self.db_proxy.pcToGrl(personaName, taskName, envName) except DatabaseProxyException as ex: self.close() raise ARMHTTPError(ex)
def architectural_pattern_export(self, apName): try: return self.db_proxy.architecturalPatternToXml(apName) except DatabaseProxyException as ex: self.close() raise ARMHTTPError(ex)
def delete_trace(self, fromObjt, fromName, toObjt, toName): try: self.db_proxy.deleteTrace(fromObjt, fromName, toObjt, toName) except ARMException as ex: self.close() raise ARMHTTPError(ex)
def handle_keyerror(e): err = ARMHTTPError(e) return handle_error(err)
def trace_dimensions(self, dimension_name, is_from): try: return self.db_proxy.getTraceDimensions(dimension_name, is_from) except ARMException as ex: self.close() raise ARMHTTPError(ex)