def post(self): session_id = get_session_id(session, request) if session_id is None: raise CairisHTTPError( status_code=httplib.BAD_REQUEST, message='The session is neither started or no session ID is provided with the request.' ) content_length = request.content_length max_length = 10*1024*1024 if content_length > max_length: raise MissingParameterHTTPError(exception=RuntimeError('File exceeded maximum size (10MB)')) try: file = request.files['file'] except LookupError as ex: raise MissingParameterHTTPError(param_names=['file']) except Exception as ex: raise CairisHTTPError( status_code=httplib.CONFLICT, message=str(ex.message), status='Unknown error' ) dao = UploadDAO(session_id) filename = dao.upload_image(file) resp_dict = {'message': 'File successfully uploaded', 'filename': filename} resp = make_response(json_serialize(resp_dict, session_id=session_id), httplib.OK) resp.contenttype = 'application/json' return resp
def post(self): session_id = get_session_id(session, request) content_length = request.content_length max_length = 30 * 1024 * 1024 if content_length > max_length: raise MissingParameterHTTPError( exception=RuntimeError('File exceeded maximum size (30MB)')) try: wb = request.files['file'] fd, abs_path = mkstemp(suffix='.xlsx') fs_temp = open(abs_path, 'wb') fs_temp.write(wb.stream.read()) fs_temp.close() os.close(fd) dao = self.DAOModule(session_id) postMsg = getattr(dao, self.thePostMethod)(abs_path) dao.close() os.remove(abs_path) resp_dict = {'message': postMsg} resp = make_response( json_serialize(resp_dict, session_id=session_id), OK) resp.contenttype = 'application/json' return resp except DatabaseProxyException as ex: raise ARMHTTPError(ex) except ARMException as ex: raise ARMHTTPError(ex) except LookupError as ex: raise MissingParameterHTTPError(param_names=['file']) except Exception as ex: raise CairisHTTPError(status_code=CONFLICT, message=str(ex), status='Unknown error')
def update_requirement(self, requirement, name=None): old_requirement = None old_reference = None if name is not None: old_requirement = self.db_proxy.getRequirement(name) old_reference = old_requirement.asset() else: self.close() raise MissingParameterHTTPError(param_names=['theId']) if old_requirement is not None: try: requirement.theVersion = old_requirement.theVersion requirement.theId = old_requirement.theId requirement.incrementVersion() self.db_proxy.updateRequirement(requirement) reqReference = requirement.asset() if (reqReference != old_reference): self.db_proxy.reassociateRequirement( requirement.name(), reqReference) self.db_proxy.relabelRequirements(reqReference) self.db_proxy.relabelRequirements(old_reference) except DatabaseProxyException as ex: self.close() raise ARMHTTPError(ex) else: self.close() raise MissingParameterHTTPError(param_names=['id'])
def add_requirement(self, requirement, asset_name=None, environment_name=None): try: self.db_proxy.nameCheck(requirement.theName, 'requirement') except ARMException as ex: self.close() raise ARMHTTPError(ex) new_id = self.db_proxy.newId() requirement.theId = new_id if asset_name is not None: try: self.db_proxy.addRequirement(requirement, assetName=asset_name, isAsset=True) except Exception as ex: self.close() handle_exception(ex) elif environment_name is not None: try: self.db_proxy.addRequirement(requirement, assetName=environment_name, isAsset=False) except Exception as ex: self.close() handle_exception(ex) else: self.close() raise MissingParameterHTTPError(param_names=['requirement', 'environment']) return new_id
def convert_loc_list(self,real_loc_list = None, fake_loc_list = None): new_loc_list = [] if real_loc_list is not None: if len(real_loc_list) > 0: for real_loc in real_loc_list: assert isinstance(real_loc,Location) loc_dict = {} loc_dict['theName'] = real_loc.name() loc_dict['theAssetInstances'] = [] for ai in real_loc.assetInstances(): loc_dict['theAssetInstances'].append({'theName':ai[0],'theAsset':ai[1]}) loc_dict['thePersonaInstances'] = [] for pi in real_loc.personaInstances(): loc_dict['thePersonaInstances'].append({'theName':pi[0],'thePersona':pi[1]}) loc_dict['theLinks'] = real_loc.links() new_loc_list.append(loc_dict) elif fake_loc_list is not None: if len(fake_loc_list) > 0: for fake_loc in fake_loc_list: check_required_keys(fake_loc,LocationModel.required) assetInstances = [] for ai in fake_loc['theAssetInstances']: assetInstances.append((ai['theName'],ai['theAsset'])) personaInstances = [] for pi in fake_loc['thePersonaInstances']: personaInstances.append((pi['theName'],pi['thePersona'])) new_loc_list.append(Location(-1,fake_loc['theName'],assetInstances,personaInstances,fake_loc['theLinks'])) else: self.close() raise MissingParameterHTTPError(param_names=['real_loc_list', 'fake_loc_list']) return new_loc_list
def get_session_id(session, request): """ Looks up the session ID in the HTTP session, request URL and body :type session: flask.session :type request: flask.request """ session_id = None # Look if HTTP session is being used if session is not None: session_id = session.get('session_id', session_id) # Look if form data is being used if request.form: session_id = request.form.get('session_id', session_id) # Look if body contains session ID json = request.get_json(silent=True) if json is not False and json is not None: session_id = json.get('session_id', session_id) # Check if the session ID is provided by query parameters session_id = request.args.get('session_id', session_id) if session_id is None: raise MissingParameterHTTPError(param_names=['session_id']) return session_id
def update_vulnerability(self, vulnerability, name=None, vuln_id=None): if name is not None: found_vulnerability = self.get_vulnerability_by_name( name, simplify=False) elif vuln_id is not None: found_vulnerability = self.get_vulnerability_by_id(vuln_id, simplify=False) else: self.close() raise MissingParameterHTTPError(param_names=['name']) vuln_params = VulnerabilityParameters( vulName=vulnerability.theVulnerabilityName, vulDesc=vulnerability.theVulnerabilityDescription, vulType=vulnerability.theVulnerabilityType, tags=vulnerability.theTags, cProperties=vulnerability.theEnvironmentProperties) vuln_params.setId(found_vulnerability.theVulnerabilityId) try: if self.check_existing_vulnerability(name): self.db_proxy.updateVulnerability(vuln_params) except DatabaseProxyException as ex: self.close() raise ARMHTTPError(ex) except ARMException as ex: self.close() raise ARMHTTPError(ex)
def get_dbproxy(self, session_id): """ Searches the MySQLDatabaseProxy instance associated with the session ID. :param session_id: The session ID :type session_id: str :rtype MySQLDatabaseProxy :return The MySQLDatabaseProxy instance associated with the session ID :raise CairisHTTPError """ if session_id: b = Borg() db_proxy = b.get_dbproxy(session_id) if db_proxy is None: raise CairisHTTPError( status_code=httplib.CONFLICT, message='The database connection could not be created.') elif isinstance(db_proxy, MySQLDatabaseProxy): db_proxy.reconnect(session_id=session_id) return db_proxy else: raise CairisHTTPError( status_code=httplib.CONFLICT, message= 'The database connection was not properly set up. Please try to reset the connection.' ) else: raise MissingParameterHTTPError(param_names=['session_id'])
def update_threat(self, threat, name=None, threat_id=None): if name is not None: found_threat = self.get_threat_by_name(name, simplify=False) elif threat_id is not None: found_threat = self.get_threat_by_id(threat_id, simplify=False) else: self.close() raise MissingParameterHTTPError(param_names=['name']) threat_params = ThreatParameters( threatName=threat.theThreatName, thrType=threat.theType, thrMethod=threat.theMethod, tags=threat.theTags, cProperties=threat.theEnvironmentProperties) threat_params.setId(found_threat.theId) try: if self.check_existing_threat(name): self.db_proxy.updateThreat(threat_params) except DatabaseProxyException as ex: self.close() raise ARMHTTPError(ex) except ARMException as ex: self.close() raise ARMHTTPError(ex)
def convert_scores(self, real_scores=None, fake_scores=None): new_scores = [] if real_scores: if len(real_scores) > 0: for idx in range(0, len(real_scores)): real_score = real_scores[idx] if len(real_score) == 4: new_score = RiskScore(response_name=real_score[0], unmit_score=real_score[1], mit_score=real_score[2], details=real_score[3]) new_scores.append(new_score) elif fake_scores: if len(fake_scores) > 0: for idx in range(0, len(fake_scores)): fake_score = fake_scores[idx] assert isinstance(fake_score, RiskScore) check_required_keys(fake_score, RiskScore.required) if fake_score['unmitScore'] == -1: fake_score['unmitScore'] = None if fake_score['mitScore'] == -1: fake_score['mitScore'] = None new_score = (fake_score['responseName'], fake_score['unmitScore'], fake_score['mitScore'], fake_score['details']) new_scores.append(new_score) else: self.close() raise MissingParameterHTTPError(param_names=['scores']) return new_scores
def get_dbproxy(self, session_id): """ Searches the MySQLDatabaseProxy instance associated with the session ID. :param session_id: The session ID :type session_id: str :rtype MySQLDatabaseProxy :return The MySQLDatabaseProxy instance associated with the session ID :raise CairisHTTPError """ if session_id: b = Borg() try: db_proxy = b.get_dbproxy(session_id) except SessionNotFound as ex: raise NoSessionError(ex) if isinstance(db_proxy, MySQLDatabaseProxy): if db_proxy.conn is None: db_proxy.reconnect(session_id=session_id) return db_proxy else: raise CairisHTTPError( status_code=CONFLICT, message= 'The database connection was not properly set up. Please try to reset the connection.' ) else: raise MissingParameterHTTPError(param_names=['session_id'])
def update_role(self, role, name=None, role_id=-1): if name is not None: old_role = self.get_role_by_name(name, simplify=False) if role is None: self.close() raise ObjectNotFoundHTTPError('The asset') role_id = old_role.theId if role_id > -1: params = RoleParameters( name=role.theName, rType=role.theType, sCode=role.theShortCode, desc=role.theDescription, cProperties=[] ) params.setId(role_id) try: self.db_proxy.updateRole(params) except DatabaseProxyException as ex: self.close() raise ARMHTTPError(ex) else: self.close() raise MissingParameterHTTPError(param_names=['id'])
def check_required_keys(json_dict, required): """ :return: :raise MissingParameterHTTPError: """ if not all(reqKey in json_dict for reqKey in required): raise MissingParameterHTTPError(param_names=required)
def convert_props(self, real_props=None, fake_props=None): new_props = [] if real_props is not None: if len(real_props) > 0: for real_prop in real_props: assert isinstance(real_prop, PersonaEnvironmentProperties) del real_prop.theCodes new_props.append(real_prop) elif fake_props is not None: if len(fake_props) > 0: for fake_prop in fake_props: check_required_keys( fake_prop, PersonaEnvironmentPropertiesModel.required) new_prop = PersonaEnvironmentProperties( environmentName=fake_prop['theEnvironmentName'], direct=fake_prop['theDirectFlag'], description=fake_prop['theNarrative'], roles=fake_prop['theRoles'], pCodes=[]) new_props.append(new_prop) else: self.close() raise MissingParameterHTTPError( param_names=['real_props', 'fake_props']) return new_props
def convert_properties(self, real_props=None, fake_props=None): new_props = [] if real_props is not None: for real_prop in real_props: assert isinstance(real_prop, GoalEnvironmentProperties) new_concern_assocs = [] for concern_assoc in real_prop.theConcernAssociations: new_concern_assocs.append(list(concern_assoc)) new_goal_refinements = [] for goal_refinement in real_prop.theGoalRefinements: new_goal_refinements.append(list(goal_refinement)) new_subgoal_refinements = [] for subgoal_refinement in real_prop.theSubGoalRefinements: new_subgoal_refinements.append(list(subgoal_refinement)) real_prop.theConcernAssociations = new_concern_assocs real_prop.theGoalRefinements = new_goal_refinements real_prop.theSubGoalRefinements = new_subgoal_refinements new_props.append(real_prop) elif fake_props is not None: for fake_prop in fake_props: check_required_keys(fake_prop, GoalEnvironmentPropertiesModel.required) new_concern_assocs = [] for concern_assoc in fake_prop['theConcernAssociations']: new_concern_assocs.append(tuple(concern_assoc)) new_goal_refinements = [] for goal_refinement in fake_prop['theGoalRefinements']: new_goal_refinements.append(tuple(goal_refinement)) new_subgoal_refinements = [] for subgoal_refinement in fake_prop['theSubGoalRefinements']: new_subgoal_refinements.append(tuple(subgoal_refinement)) new_prop = GoalEnvironmentProperties( environmentName=fake_prop['theEnvironmentName'], lbl=fake_prop['theLabel'], definition=fake_prop['theDefinition'], category=fake_prop['theCategory'], priority=fake_prop['thePriority'], fitCriterion=fake_prop['theFitCriterion'], issue=fake_prop['theIssue'], goalRefinements=new_goal_refinements, subGoalRefinements=new_subgoal_refinements, concs=fake_prop['theConcerns'], cas=new_concern_assocs) new_props.append(new_prop) else: self.close() raise MissingParameterHTTPError( param_names=['real_props', 'fake_props']) return new_props
def convert_props(self, real_props=None, fake_props=None): new_props = [] if real_props is not None: if len(real_props) > 0: for real_prop in real_props: assert isinstance(real_prop, TaskEnvironmentProperties) del real_prop.theCodes ptList = [] for ptc in real_prop.personas(): ptList.append( PersonaTaskCharacteristics(ptc[0], ptc[1], ptc[2], ptc[3], ptc[4])) real_prop.thePersonas = ptList gcaList = [] for gca in real_prop.concernAssociations(): gcaList.append( ConcernAssociationModel(gca[0], gca[1], gca[2], gca[3], gca[4])) real_prop.theConcernAssociations = gcaList new_props.append(real_prop) elif fake_props is not None: if len(fake_props) > 0: for fake_prop in fake_props: check_required_keys( fake_prop, TaskEnvironmentPropertiesModel.required) ptList = [] for ptc in fake_prop['thePersonas']: ptList.append([ ptc['thePersona'], ptc['theDuration'], ptc['theFrequency'], ptc['theDemands'], ptc['theGoalConflict'] ]) fake_prop['thePersonas'] = ptList gcaList = [] for gca in fake_prop['theConcernAssociations']: gcaList.append([ gca['theSource'], gca['theSourceNry'], gca['theLinkVerb'], gca['theTarget'], gca['theTargetNry'] ]) fake_prop['theConcernAssociations'] = gcaList new_prop = TaskEnvironmentProperties( environmentName=fake_prop['theEnvironmentName'], deps=fake_prop['theDependencies'], personas=fake_prop['thePersonas'], assets=fake_prop['theAssets'], concs=fake_prop['theConcernAssociations'], narrative=fake_prop['theNarrative'], consequences=fake_prop['theConsequences'], benefits=fake_prop['theBenefits'], tCodes=[]) new_props.append(new_prop) else: self.close() raise MissingParameterHTTPError( param_names=['real_props', 'fake_props']) return new_props
def convert_props(self, real_props=None, fake_props=None): new_props = [] if real_props is not None: if len(real_props) > 0: assert isinstance(real_props[0], ThreatEnvironmentProperties) for real_prop in real_props: assert isinstance(real_prop, ThreatEnvironmentProperties) assert len(real_prop.theProperties) == len( real_prop.theRationale) new_attrs = [] for idx in range(0, len(real_prop.theProperties)): attr_name = self.rev_attr_dict.get(idx) attr_value = self.prop_dict[ real_prop.theProperties[idx]] attr_rationale = real_prop.theRationale[idx] new_attr = SecurityAttribute(attr_name, attr_value, attr_rationale) new_attrs.append(new_attr) real_prop.theProperties = new_attrs del real_prop.theRationale new_props.append(real_prop) return new_props elif fake_props is not None: if len(fake_props) > 0: check_required_keys(fake_props[0], ThreatEnvironmentPropertiesModel.required) for fake_prop in fake_props: check_required_keys( fake_prop, ThreatEnvironmentPropertiesModel.required) new_ndprops = array([0] * 8).astype(numpy.core.int32) new_ratios = ['None'] * 8 for idx in range(0, len(fake_prop['theProperties'])): new_attr = fake_prop['theProperties'][idx] check_required_keys(new_attr, SecurityAttribute.required) attr_id = self.attr_dict.get(new_attr['name'], -1) if -1 < attr_id < len(self.attr_dict): attr_value = self.rev_prop_dict[new_attr['value']] attr_rationale = new_attr['rationale'] new_ndprops[attr_id] = attr_value new_ratios[attr_id] = attr_rationale fake_prop['theProperties'] = new_ndprops fake_prop['theRationale'] = new_ratios new_prop = ThreatEnvironmentProperties( environmentName=fake_prop['theEnvironmentName'], lhood=fake_prop['theLikelihood'], assets=fake_prop['theAssets'], attackers=fake_prop['theAttackers'], pRationale=fake_prop['theRationale'], syProperties=fake_prop['theProperties']) new_props.append(new_prop) return new_props else: self.close() raise MissingParameterHTTPError( param_names=['real_props', 'fake_props'])
def delete_requirement(self, name=None): if name is not None: req = self.db_proxy.getRequirement(name) reqReference = req.asset() self.db_proxy.deleteRequirement(req.id()) self.db_proxy.relabelRequirements(reqReference) else: self.close() raise MissingParameterHTTPError(param_names=['name'])
def convert_properties(self, real_props=None, fake_props=None): new_props = [] if real_props is not None: for real_prop in real_props: assert isinstance(real_prop, ObstacleEnvironmentProperties) del real_prop.theLabel new_goal_refinements = [] for gr in real_prop.theGoalRefinements: new_goal_refinements.append( RefinementModel(gr[0], gr[1], gr[2], gr[3], gr[4])) new_subgoal_refinements = [] for sgr in real_prop.theSubGoalRefinements: new_subgoal_refinements.append( RefinementModel(sgr[0], sgr[1], sgr[2], sgr[3], sgr[4])) real_prop.theGoalRefinements = new_goal_refinements real_prop.theSubGoalRefinements = new_subgoal_refinements new_props.append(real_prop) elif fake_props is not None: for fake_prop in fake_props: check_required_keys( fake_prop, ObstacleEnvironmentPropertiesModel.required) new_goal_refinements = [] for gr in fake_prop['theGoalRefinements']: new_goal_refinements.append( (gr['theEndName'], gr['theEndType'], gr['theRefType'], gr['isAlternate'], gr['theRationale'])) new_subgoal_refinements = [] for sgr in fake_prop['theSubGoalRefinements']: new_subgoal_refinements.append( (sgr['theEndName'], sgr['theEndType'], sgr['theRefType'], sgr['isAlternate'], sgr['theRationale'])) new_prop = ObstacleEnvironmentProperties( environmentName=fake_prop['theEnvironmentName'], lbl='', definition=fake_prop['theDefinition'], category=fake_prop['theCategory'], gRefs=new_goal_refinements, sgRefs=new_subgoal_refinements, concs=fake_prop['theConcerns']) new_prop.theProbability = fake_prop['theProbability'] new_prop.theProbabilityRationale = fake_prop[ 'theProbabilityRationale'] new_props.append(new_prop) else: self.close() raise MissingParameterHTTPError( param_names=['real_props', 'fake_props']) return new_props
def convert_properties(self, real_props=None, fake_props=None): new_props = [] if real_props is not None: for real_prop in real_props: assert isinstance(real_prop, GoalEnvironmentProperties) del real_prop.theLabel new_concern_assocs = [] for concern_assoc in real_prop.theConcernAssociations: new_concern_assocs.append(ConcernAssociationModel(concern_assoc[0],concern_assoc[1],concern_assoc[2],concern_assoc[3],concern_assoc[4])) new_goal_refinements = [] for gr in real_prop.theGoalRefinements: new_goal_refinements.append(RefinementModel(gr[0],gr[1],gr[2],gr[3],gr[4])) new_subgoal_refinements = [] for sgr in real_prop.theSubGoalRefinements: new_subgoal_refinements.append(RefinementModel(sgr[0],sgr[1],sgr[2],sgr[3],sgr[4])) real_prop.theConcernAssociations = new_concern_assocs real_prop.theGoalRefinements = new_goal_refinements real_prop.theSubGoalRefinements = new_subgoal_refinements new_props.append(real_prop) elif fake_props is not None: for fake_prop in fake_props: check_required_keys(fake_prop, GoalEnvironmentPropertiesModel.required) new_concern_assocs = [] for concern_assoc in fake_prop['theConcernAssociations']: new_concern_assocs.append([concern_assoc['theSource'],concern_assoc['theSourceNry'],concern_assoc['theLinkVerb'],concern_assoc['theTarget'],concern_assoc['theTargetNry']]) new_goal_refinements = [] for gr in fake_prop['theGoalRefinements']: new_goal_refinements.append((gr['theEndName'],gr['theEndType'],gr['theRefType'],gr['isAlternate'],gr['theRationale'])) new_subgoal_refinements = [] for sgr in fake_prop['theSubGoalRefinements']: new_subgoal_refinements.append((sgr['theEndName'],sgr['theEndType'],sgr['theRefType'],sgr['isAlternate'],sgr['theRationale'])) new_prop = GoalEnvironmentProperties( environmentName=fake_prop['theEnvironmentName'], lbl='', definition=fake_prop['theDefinition'], category=fake_prop['theCategory'], priority=fake_prop['thePriority'], fitCriterion=fake_prop['theFitCriterion'], issue=fake_prop['theIssue'], goalRefinements=new_goal_refinements, subGoalRefinements=new_subgoal_refinements, concs=fake_prop['theConcerns'], cas=new_concern_assocs) new_props.append(new_prop) else: self.close() raise MissingParameterHTTPError(param_names=['real_props', 'fake_props']) return new_props
def update_requirement(self, requirement, name=None): old_requirement = None if name is not None: old_requirement = self.db_proxy.getRequirement(name) else: self.close() raise MissingParameterHTTPError(param_names=['theId']) if old_requirement is not None: try: requirement.theVersion = old_requirement.theVersion requirement.theId = old_requirement.theId requirement.incrementVersion() self.db_proxy.updateRequirement(requirement) except DatabaseProxyException as ex: self.close() raise ARMHTTPError(ex) else: self.close() raise MissingParameterHTTPError(param_names=['id'])
def post(self): session_id = get_session_id(session, request) content_length = request.content_length max_length = 30 * 1024 * 1024 if content_length > max_length: raise MissingParameterHTTPError( exception=RuntimeError('File exceeded maximum size (30MB)')) try: package = request.files['file'] except LookupError as ex: raise MissingParameterHTTPError(param_names=['file']) except Exception as ex: raise CairisHTTPError(status_code=CONFLICT, message=str(ex), status='Unknown error') try: dao = ImportDAO(session_id) dao.package_import(package.stream.read()) dao.close() except DatabaseProxyException as ex: raise ARMHTTPError(ex) except ARMException as ex: raise ARMHTTPError(ex) except Exception as ex: import pytest pytest.set_trace() raise CairisHTTPError(status_code=500, message=str(ex), status='Unknown error') resp_dict = {'message': 'Package successfully imported'} resp = make_response(json_serialize(resp_dict, session_id=session_id), OK) resp.contenttype = 'application/json' return resp
def convert_props(self, real_props=None, fake_props=None): new_props = [] if real_props is not None: if len(real_props) > 0: for real_prop in real_props: assert isinstance(real_prop, UseCaseEnvironmentProperties) s = [] for step in real_prop.steps().theSteps: excs = [] for excKey in step.exceptions(): exc = step.exception(excKey) excs.append( ExceptionAttributes(exc[0], exc[1], exc[2], exc[3], exc[4])) s.append( StepAttributes(step.text(), step.synopsis(), step.actor(), step.actorType(), step.tags(), excs)) real_prop.theSteps = s new_props.append(real_prop) elif fake_props is not None: if len(fake_props) > 0: for fake_prop in fake_props: check_required_keys( fake_prop, UseCaseEnvironmentPropertiesModel.required) steps = Steps() for fs in fake_prop['theSteps']: aStep = Step(fs['theStepText'], fs['theSynopsis'], fs['theActor'], fs['theActorType'], fs['theTags']) for exc in fs['theExceptions']: aStep.addException( (exc['theName'], exc['theDimensionType'], exc['theDimensionValue'], exc['theCategoryName'], exc['theDescription'])) steps.append(aStep) fake_prop['theSteps'] = steps new_prop = UseCaseEnvironmentProperties( environmentName=fake_prop['theEnvironmentName'], preCond=fake_prop['thePreCond'], steps=fake_prop['theSteps'], postCond=fake_prop['thePostCond']) new_props.append(new_prop) else: self.close() raise MissingParameterHTTPError( param_names=['real_props', 'fake_props']) return new_props
def delete_requirement(self, name=None, req_id=None): if name is not None: req = self.get_requirement_by_name(name) elif req_id is not None: req = self.get_requirement_by_id(req_id) else: self.close() raise MissingParameterHTTPError(param_names=['id']) if req is None: self.close() raise ObjectNotFoundHTTPError('The provided requirement') self.db_proxy.deleteRequirement(req.theId)
def post(self, type): session_id = get_session_id(session, request) try: if not request.files: raise LookupError() file = request.files['file'] except LookupError: raise MissingParameterHTTPError(param_names=['file']) try: fd, abs_path = mkstemp(suffix='.xml') fs_temp = open(abs_path, 'wb') xml_text = file.stream.read() fs_temp.write(xml_text) fs_temp.close() fd_close(fd) except IOError: raise CairisHTTPError( status_code=CONFLICT, status='Unable to load XML file', message='The XML file could not be loaded on the server.' + 'Please check if the application has permission to write temporary files.' ) try: dao = ImportDAO(session_id) result = dao.file_import(abs_path, type, 1) dao.close() except DatabaseProxyException as ex: raise ARMHTTPError(ex) except ARMException as ex: raise ARMHTTPError(ex) except Exception as ex: raise CairisHTTPError(status_code=500, message=str(ex), status='Unknown error') remove_file(abs_path) message = str(result) if (result == 0): message = file.filename + ' imported' resp_dict = {'message': message} resp = make_response(json_serialize(resp_dict, session_id=session_id), OK) resp.headers['Content-Type'] = 'application/json' return resp
def delete_environment(self, name=None, env_id=None): if name is not None: found_environment = self.get_environment_by_name(name, simplify=False) if found_environment is None: raise ObjectNotFoundHTTPError('The provided environment name') env_id = found_environment.theId if env_id is not None and env_id > -1: try: self.db_proxy.deleteEnvironment(env_id) except DatabaseProxyException as ex: self.close() raise ARMHTTPError(ex) except ARMException as ex: self.close() raise ARMHTTPError(ex) else: self.close() raise MissingParameterHTTPError(param_names=['id'])
def delete_threat(self, name=None, threat_id=None): if name is not None: found_threat = self.get_threat_by_name(name, simplify=False) elif threat_id is not None: found_threat = self.get_threat_by_id(threat_id, simplify=False) else: self.close() raise MissingParameterHTTPError(param_names=['name']) threat_id = found_threat.theId try: self.db_proxy.deleteThreat(threat_id) except DatabaseProxyException as ex: self.close() raise ARMHTTPError(ex) except ARMException as ex: self.close() raise ARMHTTPError(ex)
def convert_props(self, real_props=None, fake_props=None, rationales=None): prop_dict = {} prop_dict['None'] = 0 prop_dict['Low'] = 1 prop_dict['Medium'] = 2 prop_dict['High'] = 3 rev_prop_dict = {} rev_prop_dict[0] = 'None' rev_prop_dict[1] = 'Low' rev_prop_dict[2] = 'Medium' rev_prop_dict[3] = 'High' new_props = [] if real_props is not None: if len(real_props) > 0: new_sec_attrs = [] for idx in range(0, len(real_props)): try: attr_name = self.rev_attr_dict[idx] attr_value = rev_prop_dict[real_props[idx]] new_sec_attr = SecurityAttribute( attr_name, attr_value, rationales[idx]) new_props.append(new_sec_attr) except LookupError: self.logger.warning( 'Unable to find key in dictionary. Attribute is being skipped.' ) return new_props elif fake_props is not None: if len(fake_props) > 0: new_props = array(8 * [0]).astype(numpy.int32) new_rationale = ['None'] * 8 for sec_attr in fake_props: attr_id = self.attr_dict[sec_attr['name']] attr_value = prop_dict[sec_attr['value']] attr_rationale = sec_attr['rationale'] new_props[attr_id] = attr_value new_rationale[attr_id] = attr_rationale return (new_props, new_rationale) else: self.close() raise MissingParameterHTTPError( param_names=['real_props', 'fake_props'])
def delete_role(self, name=None, role_id=-1): if name is not None: found_role = self.get_role_by_name(name) elif role_id > -1: found_role = self.get_role_by_id(role_id) else: self.close() raise MissingParameterHTTPError(param_names=['name']) if found_role is None or not isinstance(found_role, Role): self.close() raise ObjectNotFoundHTTPError('The provided role name') try: self.db_proxy.deleteRole(found_role.theId) except DatabaseProxyException as ex: self.close() raise ARMHTTPError(ex) except ARMException as ex: self.close() raise ARMHTTPError(ex)
def delete_vulnerability(self, name=None, vuln_id=None): if name is not None: found_vulnerability = self.get_vulnerability_by_name( name, simplify=False) elif vuln_id is not None: found_vulnerability = self.get_vulnerability_by_id(vuln_id, simplify=False) else: self.close() raise MissingParameterHTTPError(param_names=['name']) vuln_id = found_vulnerability.theVulnerabilityId try: self.db_proxy.deleteVulnerability(vuln_id) except DatabaseProxyException as ex: self.close() raise ARMHTTPError(ex) except ARMException as ex: self.close() raise ARMHTTPError(ex)