def get_risks(self, constraint_id=-1, simplify=True, skip_misuse=False):
"""
:type constraint_id: int
:type simplify: bool
:rtype: dict[str,Risk]
"""
try:
risks = self.db_proxy.getRisks(constraintId=constraint_id)
except ARM.DatabaseProxyException as ex:
self.close()
raise ARMHTTPError(ex)
except ARM.ARMException as ex:
self.close()
raise ARMHTTPError(ex)
if isinstance(risks, dict):
for key, value in risks.items():
if value.theMisuseCase and not skip_misuse:
risks[
key].theMisuseCase = self.get_misuse_case_by_risk_name(
value.theName, simplify=False)
if simplify:
risks[key] = self.simplify(value)
return risks
def create_new_project(self):
try:
self.db_proxy.clearDatabase(session_id=self.session_id)
except ARM.DatabaseProxyException as ex:
raise ARMHTTPError(ex)
except ARM.ARMException as ex:
raise ARMHTTPError(ex)
def update_attacker_capability(self,
attacker_capability,
name,
environment_name=''):
assert isinstance(attacker_capability, ValueType)
found_capability = self.get_attacker_capability_by_name(
name, environment_name)
params = ValueTypeParameters(vtName=attacker_capability.theName,
vtDesc=attacker_capability.theDescription,
vType='capability',
envName=environment_name,
vtScore=attacker_capability.theScore,
vtRat=attacker_capability.theRationale)
params.setId(found_capability.theId)
try:
self.db_proxy.updateValueType(params)
except ARM.DatabaseProxyException as ex:
self.close()
raise ARMHTTPError(ex)
except ARM.ARMException as ex:
self.close()
raise ARMHTTPError(ex)
def add_environment(self, environment):
"""
:return: Returns the ID of the new environment
:raise ARMHTTPError:
"""
env_params = self.to_environment_parameters(environment)
try:
if not self.check_existing_environment(environment.theName):
self.db_proxy.addEnvironment(env_params)
else:
self.close()
raise ARM.DatabaseProxyException('Environment name already exists within the database.')
except ARM.DatabaseProxyException as ex:
self.close()
raise ARMHTTPError(ex)
except ARM.ARMException as ex:
self.close()
raise ARMHTTPError(ex)
try:
new_environment = self.get_environment_by_name(environment.theName, simplify=False)
if new_environment is not None:
return new_environment.theId
except ObjectNotFoundHTTPError:
self.logger.warning('The new environment was not found in the database')
self.logger.warning('Environment name: %s', environment.theName)
return -1
def update_vulnerability_type(self,
vulnerability_type,
name,
environment_name=''):
assert isinstance(vulnerability_type, ValueType)
found_type = self.get_vulnerability_type_by_name(
name, environment_name)
params = ValueTypeParameters(vtName=vulnerability_type.theName,
vtDesc=vulnerability_type.theDescription,
vType='vulnerability_type',
envName=environment_name,
vtScore=vulnerability_type.theScore,
vtRat=vulnerability_type.theRationale)
params.setId(found_type.theId)
try:
self.db_proxy.updateValueType(params)
except ARM.DatabaseProxyException as ex:
self.close()
raise ARMHTTPError(ex)
except ARM.ARMException as ex:
self.close()
raise ARMHTTPError(ex)
def update_vulnerability(self, vulnerability, name=None, vuln_id=None):
if name is not None:
found_vulnerability = self.get_vulnerability_by_name(
name, simplify=False)
elif vuln_id is not None:
found_vulnerability = self.get_vulnerability_by_id(vuln_id,
simplify=False)
else:
self.close()
raise MissingParameterHTTPError(param_names=['name'])
vuln_params = VulnerabilityParameters(
vulName=vulnerability.theVulnerabilityName,
vulDesc=vulnerability.theVulnerabilityDescription,
vulType=vulnerability.theVulnerabilityType,
tags=vulnerability.theTags,
cProperties=vulnerability.theEnvironmentProperties)
vuln_params.setId(found_vulnerability.theVulnerabilityId)
try:
if self.check_existing_vulnerability(name):
self.db_proxy.updateVulnerability(vuln_params)
except ARM.DatabaseProxyException as ex:
self.close()
raise ARMHTTPError(ex)
except ARM.ARMException as ex:
self.close()
raise ARMHTTPError(ex)
def add_vulnerability_type(self, vulnerability_type, environment_name=''):
assert isinstance(vulnerability_type, ValueType)
type_exists = self.check_existing_vulnerability_type(
vulnerability_type.theName, environment_name=environment_name)
if type_exists:
self.close()
raise OverwriteNotAllowedHTTPError(
obj_name='The vulnerability type')
params = ValueTypeParameters(vtName=vulnerability_type.theName,
vtDesc=vulnerability_type.theDescription,
vType='vulnerability_type',
envName=environment_name,
vtScore=vulnerability_type.theScore,
vtRat=vulnerability_type.theRationale)
try:
return self.db_proxy.addValueType(params)
except ARM.DatabaseProxyException as ex:
self.close()
raise ARMHTTPError(ex)
except ARM.ARMException as ex:
self.close()
raise ARMHTTPError(ex)
def get_misuse_case_by_risk_name(self, risk_name, simplify=True):
found_risk = self.get_risk_by_name(risk_name, skip_misuse=True)
try:
misuse_case = self.db_proxy.riskMisuseCase(found_risk.theId)
except ARM.DatabaseProxyException as ex:
self.close()
raise ARMHTTPError(ex)
except ARM.ARMException as ex:
self.close()
raise ARMHTTPError(ex)
if not misuse_case:
self.close()
raise ObjectNotFoundHTTPError(
'The misuse case associated with the risk')
assert isinstance(misuse_case, MisuseCase)
misuse_case = self.expand_mc_props(misuse_case)
if simplify:
misuse_case = self.simplify(misuse_case)
return misuse_case
def update_asset_properties(self, props, name, existing_params=None):
if existing_params is None:
asset = self.get_asset_by_name(name, simplify=False)
existing_params = AssetParameters(
assetName=asset.theName,
shortCode=asset.theShortCode,
assetDesc=asset.theDescription,
assetSig=asset.theSignificance,
assetType=asset.theType,
cFlag=asset.isCritical,
cRationale=asset.theCriticalRationale,
tags=asset.theTags,
ifs=asset.theInterfaces,
cProperties=[])
existing_params.setId(asset.theId)
existing_params.theEnvironmentProperties = props
try:
self.db_proxy.updateAsset(existing_params)
except ARM.DatabaseProxyException as ex:
self.close()
raise ARMHTTPError(ex)
except ARM.ARMException as ex:
self.close()
raise ARMHTTPError(ex)
def add_attacker(self, attacker):
"""
:type attacker: Attacker
:rtype: int
:raise ARMHTTPError:
"""
attacker_params = AttackerParameters(
name=attacker.theName,
desc=attacker.theDescription,
image=attacker.theImage,
tags=attacker.theTags,
properties=attacker.theEnvironmentProperties)
try:
if not self.check_existing_attacker(attacker.theName):
new_id = self.db_proxy.addAttacker(attacker_params)
return new_id
else:
self.close()
raise OverwriteNotAllowedHTTPError(obj_name=attacker.theName)
except ARM.DatabaseProxyException as ex:
self.close()
raise ARMHTTPError(ex)
except ARM.ARMException as ex:
self.close()
raise ARMHTTPError(ex)
def update_attacker_motivation(self,
attacker_motivation,
name,
environment_name=''):
"""
:return:
:raise: ARMHTTPError:
"""
assert isinstance(attacker_motivation, ValueType)
found_motivation = self.get_attacker_motivation_by_name(
name, environment_name)
params = ValueTypeParameters(vtName=attacker_motivation.theName,
vtDesc=attacker_motivation.theDescription,
vType='motivation',
envName=environment_name,
vtScore=attacker_motivation.theScore,
vtRat=attacker_motivation.theRationale)
params.setId(found_motivation.theId)
try:
self.db_proxy.updateValueType(params)
except ARM.DatabaseProxyException as ex:
self.close()
raise ARMHTTPError(ex)
except ARM.ARMException as ex:
self.close()
raise ARMHTTPError(ex)
def add_attacker_motivation(self,
attacker_motivation,
environment_name=''):
"""
:rtype: int
:raises
CairisHTTPError:
OverwriteNotAllowedHTTPError:
"""
assert isinstance(attacker_motivation, ValueType)
type_exists = self.check_existing_attacker_motivation(
attacker_motivation.theName, environment_name=environment_name)
if type_exists:
self.close()
raise OverwriteNotAllowedHTTPError(
obj_name='The attacker motivation')
params = ValueTypeParameters(vtName=attacker_motivation.theName,
vtDesc=attacker_motivation.theDescription,
vType='motivation',
envName=environment_name,
vtScore=attacker_motivation.theScore,
vtRat=attacker_motivation.theRationale)
try:
return self.db_proxy.addValueType(params)
except ARM.DatabaseProxyException as ex:
self.close()
raise ARMHTTPError(ex)
except ARM.ARMException as ex:
self.close()
raise ARMHTTPError(ex)
def update_threat(self, threat, name=None, threat_id=None):
if name is not None:
found_threat = self.get_threat_by_name(name, simplify=False)
elif threat_id is not None:
found_threat = self.get_threat_by_id(threat_id, simplify=False)
else:
self.close()
raise MissingParameterHTTPError(param_names=['name'])
threat_params = ThreatParameters(
threatName=threat.theThreatName,
thrType=threat.theType,
thrMethod=threat.theMethod,
tags=threat.theTags,
cProperties=threat.theEnvironmentProperties)
threat_params.setId(found_threat.theId)
try:
if self.check_existing_threat(name):
self.db_proxy.updateThreat(threat_params)
except ARM.DatabaseProxyException as ex:
self.close()
raise ARMHTTPError(ex)
except ARM.ARMException as ex:
self.close()
raise ARMHTTPError(ex)
def get_goal_values(self, environment_name=''):
try:
goal_values = self.db_proxy.getValueTypes('goal_value',
environment_name)
return goal_values
except ARM.DatabaseProxyException as ex:
raise ARMHTTPError(ex)
except ARM.ARMException as ex:
raise ARMHTTPError(ex)
def delete_goal_type(self, name, environment_name=''):
found_type = self.get_goal_type_by_name(name, environment_name)
try:
self.db_proxy.deleteGoalType(found_type.theId)
except ARM.DatabaseProxyException as ex:
raise ARMHTTPError(ex)
except ARM.ARMException as ex:
raise ARMHTTPError(ex)
def get_asset_names(self, environment=''):
try:
asset_names = self.db_proxy.getDimensionNames('asset', environment)
return asset_names
except ARM.DatabaseProxyException as ex:
self.close()
raise ARMHTTPError(ex)
except ARM.ARMException as ex:
self.close()
raise ARMHTTPError(ex)
def delete_threat_type(self, name, environment_name=''):
found_type = self.get_threat_type_by_name(name, environment_name)
try:
self.db_proxy.deleteThreatType(found_type.theId)
except ARM.DatabaseProxyException as ex:
self.close()
raise ARMHTTPError(ex)
except ARM.ARMException as ex:
self.close()
raise ARMHTTPError(ex)
def delete_risk(self, name):
found_risk = self.get_risk_by_name(name)
try:
self.db_proxy.deleteRisk(found_risk.theId)
except ARM.DatabaseProxyException as ex:
self.close()
raise ARMHTTPError(ex)
except ARM.ARMException as ex:
self.close()
raise ARMHTTPError(ex)
def delete_goal(self, name):
found_goal = self.get_goal_by_name(name)
try:
self.db_proxy.deleteGoal(found_goal.theId)
except ARM.DatabaseProxyException as ex:
self.close()
raise ARMHTTPError(ex)
except ARM.ARMException as ex:
self.close()
raise ARMHTTPError(ex)
def get_threat_types(self, environment_name=''):
try:
threat_types = self.db_proxy.getValueTypes('threat_type',
environment_name)
return threat_types
except ARM.DatabaseProxyException as ex:
self.close()
raise ARMHTTPError(ex)
except ARM.ARMException as ex:
self.close()
raise ARMHTTPError(ex)
def delete_attacker(self, name):
found_attacker = self.get_attacker_by_name(name, simplify=False)
attacker_id = found_attacker.theId
try:
self.db_proxy.deleteAttacker(attacker_id)
except ARM.DatabaseProxyException as ex:
self.close()
raise ARMHTTPError(ex)
except ARM.ARMException as ex:
self.close()
raise ARMHTTPError(ex)
def apply_settings(self, settings):
try:
self.db_proxy.updateSettings(
settings.projectName, settings.projectBackground,
settings.projectGoals, settings.projectScope,
settings.definitions, settings.contributions,
settings.revisions, settings.richPicture, settings.fontSize,
settings.fontName)
except ARM.DatabaseProxyException as ex:
raise ARMHTTPError(ex)
except ARM.ARMException as ex:
raise ARMHTTPError(ex)
def get_environment_names_by_threat_vulnerability(self, threat_name, vulnerability_name):
"""
:rtype : list[str]
"""
try:
environments = self.db_proxy.riskEnvironments(threat_name, vulnerability_name)
return environments
except ARM.DatabaseProxyException as ex:
self.close()
raise ARMHTTPError(ex)
except ARM.ARMException as ex:
self.close()
raise ARMHTTPError(ex)
def get_settings(self):
try:
pSettings = self.db_proxy.getProjectSettings()
pDict = self.db_proxy.getDictionary()
contributors = self.db_proxy.getContributors()
revisions = self.db_proxy.getRevisions()
except ARM.DatabaseProxyException as ex:
raise ARMHTTPError(ex)
except ARM.ARMException as ex:
raise ARMHTTPError(ex)
settings = ProjectSettings(pSettings, pDict, contributors, revisions)
return settings
def get_scores_by_rtve(self, risk_name, threat_name, vulnerability_name,
environment_name):
try:
scores = self.db_proxy.riskScore(threat_name, vulnerability_name,
environment_name, risk_name)
if len(scores) > 0:
scores = self.convert_scores(real_scores=scores)
return scores
except ARM.DatabaseProxyException as ex:
self.close()
raise ARMHTTPError(ex)
except ARM.ARMException as ex:
self.close()
raise ARMHTTPError(ex)
def get_asset_values(self, environment_name=''):
"""
:rtype : list[ValueType]
"""
try:
asset_values = self.db_proxy.getValueTypes('asset_value',
environment_name)
return asset_values
except ARM.DatabaseProxyException as ex:
self.close()
raise ARMHTTPError(ex)
except ARM.ARMException as ex:
self.close()
raise ARMHTTPError(ex)
def delete_attacker_capability(self, name, environment_name=''):
"""
:raise ARMHTTPError:
"""
found_capability = self.get_attacker_capability_by_name(
name, environment_name)
try:
self.db_proxy.deleteAssetType(found_capability.theId)
except ARM.DatabaseProxyException as ex:
self.close()
raise ARMHTTPError(ex)
except ARM.ARMException as ex:
self.close()
raise ARMHTTPError(ex)
def get_attacker_motivations(self, environment_name=''):
"""
:rtype : list[ValueType]
:raise ARMHTTPError:
"""
try:
attacker_motivations = self.db_proxy.getValueTypes(
'motivation', environment_name)
return attacker_motivations
except ARM.DatabaseProxyException as ex:
self.close()
raise ARMHTTPError(ex)
except ARM.ARMException as ex:
self.close()
raise ARMHTTPError(ex)
def get_environment_names(self):
"""
Get the available environment names.
:rtype list[str]
:raise ARMHTTPError:
"""
try:
environment_names = self.db_proxy.getEnvironmentNames()
except ARM.DatabaseProxyException as ex:
self.close()
raise ARMHTTPError(ex)
except ARM.ARMException as ex:
self.close()
raise ARMHTTPError(ex)
return environment_names
def delete_dependencies(self, environment, depender, dependee, dependency):
found_dependencies = self.get_dependency(environment, depender,
dependee, dependency)
try:
for found_dependency in found_dependencies:
self.db_proxy.deleteDependency(
found_dependency.theId, found_dependency.theDependencyType)
return len(found_dependencies)
except ARM.DatabaseProxyException as ex:
self.close()
raise ARMHTTPError(ex)
except ARM.ARMException as ex:
self.close()
raise ARMHTTPError(ex)
