def on_get(self, req, resp, organization_code):
"""GETs a paged collection of departments of an organization.
:param req: See Falcon Request documentation.
:param resp: See Falcon Response documentation.
:param organization_code: The code of the organization.
"""
session = Session()
try:
organization = session.query(Organization).get(organization_code)
if organization is None:
raise falcon.HTTPNotFound()
# Build query to fetch items
query = session\
.query(OrganizationDepartment)\
.filter(OrganizationDepartment.organization_id == organization_code)\
.order_by(OrganizationDepartment.created_on)\
.options(joinedload(OrganizationDepartment.department, innerjoin=True))
data, paging = get_collection_page(req, query, custom_asdict)
resp.media = {
'data': data,
'paging': paging
}
finally:
session.close()
def on_get(self, req, resp, organization_code, analysis_id):
"""GETs a paged collection of details of a specific analysis from an organization.
:param req: See Falcon Request documentation.
:param resp: See Falcon Response documentation.
:param organization_code: The code of the organization.
:param analysis_id: The id of the analysis for which the details should be retrieved.
"""
session = Session()
try:
organization_analysis = find_organization_analysis(organization_code, analysis_id, session)
if organization_analysis is None:
raise falcon.HTTPNotFound()
# Build query to fetch items
query = session \
.query(OrganizationAnalysisDetail) \
.join(OrganizationAnalysis) \
.filter(OrganizationAnalysis.organization_id == organization_code) \
.filter(OrganizationAnalysis.id == analysis_id) \
.order_by(OrganizationAnalysisDetail.calculated_risk.desc(),
OrganizationAnalysisDetail.calculated_impact.desc(),
OrganizationAnalysisDetail.calculated_probability.desc())
data, paging = get_collection_page(req, query, custom_asdict)
resp.media = {
'data': data,
'paging': paging
}
finally:
session.close()
def on_get(self, req, resp, organization_code):
"""GETs a paged collection of processes of an organization.
:param req: See Falcon Request documentation.
:param resp: See Falcon Response documentation.
:param organization_code: The code of the organization.
"""
session = Session()
try:
organization = session.query(Organization).get(organization_code)
if organization is None:
raise falcon.HTTPNotFound()
# Build query to fetch items
query = session\
.query(OrganizationProcess) \
.filter(OrganizationProcess.organization_id == organization_code)\
.order_by(OrganizationProcess.created_on)
# Handle optional filters
macroprocess_instance_id = req.get_param_as_int('macroprocessInstanceId')
if macroprocess_instance_id:
query = query.filter(OrganizationProcess.macroprocess_instance_id == macroprocess_instance_id)
data, paging = get_collection_page(req, query, custom_asdict)
resp.media = {
'data': data,
'paging': paging
}
finally:
session.close()
def on_get(self, req, resp, organization_code, it_asset_instance_id):
"""GETs a paged collection of an IT assets' vulnerabilities in an organization.
:param req: See Falcon Request documentation.
:param resp: See Falcon Response documentation.
:param organization_code: The code of the organization.
:param it_asset_instance_id: The id of the IT asset instance.
"""
session = Session()
try:
it_asset_instance = find_it_asset_instance(it_asset_instance_id,
organization_code,
session)
if it_asset_instance is None:
raise falcon.HTTPNotFound()
# Build query to fetch items
query = session\
.query(OrganizationITAssetVulnerability)\
.join(OrganizationSecurityThreat)\
.join(OrganizationITAsset)\
.join(SecurityThreat)\
.filter(OrganizationSecurityThreat.organization_id == organization_code) \
.filter(OrganizationITAsset.instance_id == it_asset_instance_id) \
.order_by(SecurityThreat.name)
data, paging = get_collection_page(req, query, custom_asdict)
resp.media = {'data': data, 'paging': paging}
finally:
session.close()
def on_get(self, req, resp, organization_code, it_asset_instance_id):
"""List mitigation controls for an organization IT asset.
:param req: See Falcon Request documentation.
:param resp: See Falcon Response documentation.
:param organization_code: The code of the organization.
:param it_asset_instance_id: The id of the IT asset instance.
"""
session = Session()
try:
organization_it_asset = find_organization_it_asset(it_asset_instance_id, organization_code, session)
if organization_it_asset is None:
raise falcon.HTTPNotFound()
# Build query to fetch items
query = session \
.query(OrganizationItAssetControl) \
.join(OrganizationITAsset) \
.join(MitigationControl) \
.filter(OrganizationITAsset.organization_id == organization_code) \
.filter(OrganizationITAsset.instance_id == it_asset_instance_id) \
.order_by(MitigationControl.name)
data, paging = get_collection_page(req, query, custom_asdict)
resp.media = {
'data': data,
'paging': paging
}
finally:
session.close()
def test_database(errors):
try:
session = Session()
session.query(RatingLevel).first()
except SQLAlchemyError:
errors.append({
'name': 'database',
'status': falcon.HTTP_INTERNAL_SERVER_ERROR
})
def on_post(self, req, resp, organization_code):
"""Adds a security threat to an organization.
:param req: See Falcon Request documentation.
:param resp: See Falcon Response documentation.
:param organization_code: The code of the organization.
"""
session = Session()
try:
organization = session.query(Organization).get(organization_code)
if organization is None:
raise falcon.HTTPNotFound()
errors = validate_post(req.media, organization_code, session)
if errors:
raise HTTPUnprocessableEntity(errors)
item = OrganizationSecurityThreat()
item.organization_id = organization_code
item.security_threat_id = req.media.get('security_threat_id')
item.threat_level_id = req.media.get('threat_level_id')
session.add(item)
session.commit()
resp.status = falcon.HTTP_CREATED
resp.location = req.relative_uri + f'/{item.id}'
resp.media = {'data': custom_asdict(item)}
finally:
session.close()
def on_post(self, req, resp, organization_code):
"""Adds a IT asset to an organization's IT service.
:param req: See Falcon Request documentation.
:param resp: See Falcon Response documentation.
:param organization_code: The code of the organization.
"""
session = Session()
try:
organization = session.query(Organization).get(organization_code)
if organization is None:
raise falcon.HTTPNotFound()
errors = validate_post(req.media, organization_code, session)
if errors:
raise HTTPUnprocessableEntity(errors)
accepted_fields = ['it_asset_id', 'external_identifier']
item = OrganizationITAsset().fromdict(req.media,
only=accepted_fields)
item.organization_id = organization_code
session.add(item)
session.commit()
resp.status = falcon.HTTP_CREATED
resp.location = req.relative_uri + f'/{item.instance_id}'
resp.media = {'data': custom_asdict(item)}
finally:
session.close()
def on_put(self, req, resp, user_id, role_id):
"""Adds a role to a system user.
:param req: See Falcon Request documentation.
:param resp: See Falcon Response documentation.
:param user_id: The id of user.
:param role_id: The id of role to be added.
"""
session = Session()
try:
user = session.query(SystemUser).get(user_id)
if user is None:
raise falcon.HTTPNotFound()
errors = validate_put(req.media, user_id, role_id, session)
if errors:
raise HTTPUnprocessableEntity(errors)
# Add role if not already there
user_role = find_user_role(user_id, role_id, session)
if not user_role:
user_role = SystemUserRole(user_id=user_id, role_id=role_id)
session.add(user_role)
session.commit()
resp.status = falcon.HTTP_OK
resp.media = {'data': custom_asdict(user_role)}
finally:
session.close()
def on_get(self, req, resp):
"""GETs a paged collection of IT services available.
:param req: See Falcon Request documentation.
:param resp: See Falcon Response documentation.
"""
session = Session()
try:
query = session.query(ITService).order_by(ITService.name)
data, paging = get_collection_page(req, query)
resp.media = {'data': data, 'paging': paging}
finally:
session.close()
def on_post(self, req, resp, organization_code, it_service_instance_id):
"""Adds an instance of IT asset to an organization IT service.
:param req: See Falcon Request documentation.
:param resp: See Falcon Response documentation.
:param organization_code: The code of the organization.
:param it_service_instance_id: The id of the IT service instance.
"""
session = Session()
try:
it_service_instance = find_it_service_instance(
it_service_instance_id, organization_code, session)
if it_service_instance is None:
raise falcon.HTTPNotFound()
errors = validate_post(req.media, organization_code,
it_service_instance_id, session)
if errors:
raise HTTPUnprocessableEntity(errors)
accepted_fields = ['it_asset_instance_id', 'relevance_level_id']
item = OrganizationITServiceITAsset().fromdict(
req.media, only=accepted_fields)
item.it_service_instance = it_service_instance
session.add(item)
session.commit()
resp.status = falcon.HTTP_CREATED
resp.location = req.relative_uri + f'/{item.it_asset_instance_id}'
resp.media = {'data': custom_asdict(item)}
finally:
session.close()
def on_delete(self, req, resp, organization_code, it_service_instance_id,
it_asset_instance_id):
"""Removes an instance of IT asset from an organization IT service.
It doesn't remove the IT asset from the organization.
:param req: See Falcon Request documentation.
:param resp: See Falcon Response documentation.
:param organization_code: The code of the organization.
:param it_service_instance_id: The id of the IT service instance from which the IT asset should be removed.
:param it_asset_instance_id: The id of the IT asset instance to be removed.
"""
session = Session()
try:
# Route params are checked in two steps:
# 1st step: check if IT service is in organization
# 2nd step: check if IT asset is in organization IT service
it_service_instance = find_it_service_instance(
it_service_instance_id, organization_code, session)
it_service_asset = find_it_service_it_asset(
it_asset_instance_id, it_service_instance_id, session)
if it_service_instance is None or it_service_asset is None:
raise falcon.HTTPNotFound()
session.delete(it_service_asset)
session.commit()
finally:
session.close()
def on_post(self, req, resp, organization_code, it_asset_instance_id):
"""Adds a control to an IT asset in order to decrease vulnerability against a security threat.
However, the security threat against which the control is effective is not relevant here.
:param req: See Falcon Request documentation.
:param resp: See Falcon Response documentation.
:param organization_code: The code of the organization.
:param it_asset_instance_id: The id of the IT asset instance.
"""
session = Session()
try:
organization_it_asset = find_organization_it_asset(it_asset_instance_id, organization_code, session)
if organization_it_asset is None:
raise falcon.HTTPNotFound()
errors = validate_post(req.media, it_asset_instance_id, organization_code, session)
if errors:
raise HTTPUnprocessableEntity(errors)
accepted_fields = ['mitigation_control_id', 'description']
item = OrganizationItAssetControl().fromdict(req.media, only=accepted_fields)
item.organization_it_asset_id = it_asset_instance_id
session.add(item)
session.commit()
resp.status = falcon.HTTP_CREATED
resp.location = req.relative_uri + f'/{item.id}'
resp.media = {'data': custom_asdict(item)}
finally:
session.close()
def on_post(self, req, resp):
"""Creates a new system user.
:param req: See Falcon Request documentation.
:param resp: See Falcon Response documentation.
"""
session = Session()
try:
errors = validate_post(req.media, session)
if errors:
raise HTTPUnprocessableEntity(errors)
# Copy fields from request to a SystemUser object
item = SystemUser().fromdict(req.media,
only=['email', 'full_name'])
# Get password and hash it
password = req.media.get('password')
item.hashed_password = bcrypt.hashpw(password.encode('UTF-8'),
bcrypt.gensalt())
# Add roles to user being created when informed
add_roles(item, req.media.get('roles'))
session.add(item)
session.commit()
resp.status = falcon.HTTP_CREATED
resp.location = req.relative_uri + f'/{item.id}'
resp.media = {'data': custom_asdict(item)}
finally:
session.close()
def on_get(self, req, resp):
"""GETs a paged collection of system users.
:param req: See Falcon Request documentation.
:param resp: See Falcon Response documentation.
"""
session = Session()
try:
query = session.query(SystemUser).order_by(SystemUser.full_name)
data, paging = get_collection_page(req, query, custom_asdict)
resp.media = {'data': data, 'paging': paging}
finally:
session.close()
def on_get(self, req, resp, it_asset_category_id):
"""GETs a single IT asset by id.
:param req: See Falcon Request documentation.
:param resp: See Falcon Response documentation.
:param it_asset_category_id: The id of IT asset category to retrieve.
"""
session = Session()
try:
item = session.query(ITAssetCategory).get(it_asset_category_id)
if item is None:
raise falcon.HTTPNotFound()
resp.media = {'data': item.asdict()}
finally:
session.close()
def on_get(self, req, resp, user_id):
"""GETs a single user by id.
:param req: See Falcon Request documentation.
:param resp: See Falcon Response documentation.
:param user_id: The id of user to retrieve.
"""
session = Session()
try:
item = session.query(SystemUser).get(user_id)
if item is None:
raise falcon.HTTPNotFound()
resp.media = {'data': custom_asdict(item)}
finally:
session.close()
def on_get(self, req, resp, role_id):
"""GETs a single role by id.
:param req: See Falcon Request documentation.
:param resp: See Falcon Response documentation.
:param role_id: The id of role to retrieve.
"""
session = Session()
try:
item = session.query(SystemRole).get(role_id)
if item is None:
raise falcon.HTTPNotFound()
resp.media = {'data': item.asdict()}
finally:
session.close()
def on_get(self, req, resp, macroprocess_id):
"""GETs a single macroprocess by id.
:param req: See Falcon Request documentation.
:param resp: See Falcon Response documentation.
:param macroprocess_id: The id of macroprocess to retrieve.
"""
session = Session()
try:
item = session.query(BusinessMacroprocess).get(macroprocess_id)
if item is None:
raise falcon.HTTPNotFound()
resp.media = {'data': item.asdict()}
finally:
session.close()
def on_get(self, req, resp, mitigation_control_id):
"""GETs a single mitigation control by id.
:param req: See Falcon Request documentation.
:param resp: See Falcon Response documentation.
:param mitigation_control_id: The id of mitigation control to retrieve.
"""
session = Session()
try:
item = session.query(MitigationControl).get(mitigation_control_id)
if item is None:
raise falcon.HTTPNotFound()
resp.media = {'data': item.asdict()}
finally:
session.close()
def on_get(self, req, resp, organization_code):
"""GETs a single organization by its code.
:param req: See Falcon Request documentation.
:param resp: See Falcon Response documentation.
:param organization_code: The code of organization to retrieve.
"""
session = Session()
try:
item = session.query(Organization).get(organization_code)
if item is None:
raise falcon.HTTPNotFound()
resp.media = {'data': item.asdict()}
finally:
session.close()
def on_get(self, req, resp, department_id):
"""GETs a single department by id.
:param req: See Falcon Request documentation.
:param resp: See Falcon Response documentation.
:param department_id: The id of department to retrieve.
"""
session = Session()
try:
item = session.query(BusinessDepartment).get(department_id)
if item is None:
raise falcon.HTTPNotFound()
resp.media = {'data': item.asdict()}
finally:
session.close()
def on_get(self, req, resp, security_threat_id):
"""GETs a single security threat by id.
:param req: See Falcon Request documentation.
:param resp: See Falcon Response documentation.
:param security_threat_id: The id of security threat to retrieve.
"""
session = Session()
try:
item = session.query(SecurityThreat).get(security_threat_id)
if item is None:
raise falcon.HTTPNotFound()
resp.media = {'data': item.asdict()}
finally:
session.close()
def on_get(self, req, resp, organization_code, department_id):
"""GETs a single department of an organization.
:param req: See Falcon Request documentation.
:param resp: See Falcon Response documentation.
:param organization_code: The code of the organization.
:param department_id: The id of department to retrieve.
"""
session = Session()
try:
item = find_organization_department(department_id, organization_code, session)
if item is None:
raise falcon.HTTPNotFound()
resp.media = {'data': custom_asdict(item)}
finally:
session.close()
def on_get(self, req, resp):
"""GETs a paged collection of organizations.
:param req: See Falcon Request documentation.
:param resp: See Falcon Response documentation.
"""
session = Session()
try:
query = session.query(Organization).order_by(Organization.legal_name, Organization.created_on)
data, paging = get_collection_page(req, query)
resp.media = {
'data': data,
'paging': paging
}
finally:
session.close()
def on_patch(self, req, resp, mitigation_control_id):
"""Updates (partially) the mitigation control requested.
All entities that reference the mitigation control will be affected by the update.
:param req: See Falcon Request documentation.
:param resp: See Falcon Response documentation.
:param mitigation_control_id: The id of mitigation control to be patched.
"""
session = Session()
try:
item = session.query(MitigationControl).get(mitigation_control_id)
if item is None:
raise falcon.HTTPNotFound()
errors = validate_patch(req.media, session)
if errors:
raise HTTPUnprocessableEntity(errors)
patch_item(item, req.media, only=['name', 'description'])
session.commit()
resp.status = falcon.HTTP_OK
resp.media = {'data': item.asdict()}
finally:
session.close()
def on_patch(self, req, resp, security_threat_id):
"""Updates (partially) the security threat requested.
All entities that reference the security threat will be affected by the update.
:param req: See Falcon Request documentation.
:param resp: See Falcon Response documentation.
:param security_threat_id: The id of security threat to be patched.
"""
session = Session()
try:
security_threat = session.query(SecurityThreat).get(security_threat_id)
if security_threat is None:
raise falcon.HTTPNotFound()
errors = validate_patch(req.media, session)
if errors:
raise HTTPUnprocessableEntity(errors)
patch_item(security_threat, req.media, only=['name', 'description'])
session.commit()
resp.status = falcon.HTTP_OK
resp.media = {'data': security_threat.asdict()}
finally:
session.close()
def on_patch(self, req, resp, it_asset_category_id):
"""Updates (partially) the IT asset category requested.
All entities that reference the IT asset category will be affected by the update.
:param req: See Falcon Request documentation.
:param resp: See Falcon Response documentation.
:param it_asset_category_id: The id of IT asset category to be patched.
"""
session = Session()
try:
it_asset_category = session.query(ITAssetCategory).get(
it_asset_category_id)
if it_asset_category is None:
raise falcon.HTTPNotFound()
errors = validate_patch(req.media, session)
if errors:
raise HTTPUnprocessableEntity(errors)
patch_item(it_asset_category, req.media, only=['name'])
session.commit()
resp.status = falcon.HTTP_OK
resp.media = {'data': it_asset_category.asdict()}
finally:
session.close()
def on_patch(self, req, resp, macroprocess_id):
"""Updates (partially) the macroprocess requested.
All entities that reference the macroprocess will be affected by the update.
:param req: See Falcon Request documentation.
:param resp: See Falcon Response documentation.
:param macroprocess_id: The id of macroprocess to be patched.
"""
session = Session()
try:
macroprocess = session.query(BusinessMacroprocess).get(
macroprocess_id)
if macroprocess is None:
raise falcon.HTTPNotFound()
errors = validate_patch(req.media, session)
if errors:
raise HTTPUnprocessableEntity(errors)
patch_item(macroprocess, req.media, only=['name'])
session.commit()
resp.status = falcon.HTTP_OK
resp.media = {'data': macroprocess.asdict()}
finally:
session.close()
def on_get(self, req, resp, organization_code, it_service_instance_id):
"""GETs a single instance of IT service of an organization.
:param req: See Falcon Request documentation.
:param resp: See Falcon Response documentation.
:param organization_code: The code of the organization.
:param it_service_instance_id: The id of the IT service instance to retrieve.
"""
session = Session()
try:
item = find_it_service_instance(it_service_instance_id,
organization_code, session)
if item is None:
raise falcon.HTTPNotFound()
resp.media = {'data': custom_asdict(item)}
finally:
session.close()
