web_to_db.protocol = "MySQL" web_to_db.dstPort = 3306 # this is a BAD way of defining a data object, here for a demo on how it # will appear on the sample report. Use Data objects. web_to_db.data = "MySQL insert statement, all literals" web_to_db.note = ( "Web server inserts user comments\ninto it's SQL query and stores them in the DB." ) comment_retrieved = Data("Web server retrieves comments from DB", classification=Classification.PUBLIC) db_to_web = Dataflow(db, web, "Retrieve comments") db_to_web.protocol = "MySQL" db_to_web.dstPort = 80 db_to_web.data = comment_retrieved db_to_web.responseTo = web_to_db comment_to_show = Data("Web server shows comments to the end user", classifcation=Classification.PUBLIC) web_to_user = Dataflow(web, user, "Show comments (*)") web_to_user.protocol = "HTTP" web_to_user.data = comment_to_show web_to_user.responseTo = user_to_web clear_op = Data("Serverless function clears DB", classification=Classification.PUBLIC) my_lambda_to_db = Dataflow(my_lambda, db, "Serverless function periodically cleans DB") my_lambda_to_db.protocol = "MySQL" my_lambda_to_db.dstPort = 3306 my_lambda_to_db.data = clear_op
customer_client_to_merchant_web = Dataflow( customer_client, merchant_web, "Customer Client sends order intent, including order amount (*)") customer_client_to_merchant_web.protocol = "HTTPS" customer_client_to_merchant_web.dstPort = 443 merchant_web_to_stripe_api = Dataflow( merchant_web, stripe_api, "Merchant sends order information inc amount and currency (*)") merchant_web_to_stripe_api.data = 'POST /v1/payment_intents' stripe_api_to_merchant_web = Dataflow( stripe_api, merchant_web, "Return PaymentIntent to the Merchant (*)") stripe_api_to_merchant_web.data = 'Response' stripe_api_to_merchant_web.responseTo = merchant_web_to_stripe_api merchant_web_to_customer_client = Dataflow( merchant_web, customer_client, "Return PaymentIntent to the Customer Client (*)") merchant_web_to_customer_client.data = 'merchant_secret' merchant_web_to_customer_client.responseTo = customer_client_to_merchant_web customer_to_customer_client = Dataflow( customer, customer_client, "Customer provides card details and finalizes payment (*)") customer_client_to_stripe_api = Dataflow( customer_client, stripe_api, "Customer Client sends stripe.confirmCardPayment() (*)") customer_client_to_stripe_api.data = "client_secret and card details"