def add_asset_type(self, asset_type, pathValues):
assert isinstance(asset_type, ValueType)
environment_name = pathValues[0]
type_exists = self.check_existing_asset_type(
asset_type.theName, environment_name=environment_name)
if type_exists:
self.close()
raise OverwriteNotAllowedHTTPError(obj_name='The asset type')
params = ValueTypeParameters(vtName=asset_type.theName,
vtDesc=asset_type.theDescription,
vType='asset_type',
envName=environment_name,
vtScore=asset_type.theScore,
vtRat=asset_type.theRationale)
try:
self.db_proxy.addValueType(params)
except DatabaseProxyException as ex:
self.close()
raise ARMHTTPError(ex)
except ARMException as ex:
self.close()
raise ARMHTTPError(ex)
def add_object(self, dataflow):
df_params = DataFlowParameters(dfName=dataflow.name(),
dfType=dataflow.type(),
envName=dataflow.environment(),
fromName=dataflow.fromName(),
fromType=dataflow.fromType(),
toName=dataflow.toName(),
toType=dataflow.toType(),
dfAssets=dataflow.assets(),
dfObs=dataflow.obstacles(),
dfTags=dataflow.tags())
try:
if not self.check_existing_dataflow(
dataflow.name(), dataflow.fromType(), dataflow.fromName(),
dataflow.toType(), dataflow.toName(),
dataflow.environment()):
self.db_proxy.addDataFlow(df_params)
else:
self.close()
raise OverwriteNotAllowedHTTPError(obj_name=dataflow.name())
except DatabaseProxyException as ex:
self.close()
raise ARMHTTPError(ex)
except ARMException as ex:
self.close()
raise ARMHTTPError(ex)
def add_persona(self, persona):
"""
:type persona: Persona
:rtype: int
:raise ARMHTTPError:
"""
persona_params = PersonaParameters(
name=persona.name(),
activities=persona.activities(),
attitudes=persona.attitudes(),
aptitudes=persona.aptitudes(),
motivations=persona.motivations(),
skills=persona.skills(),
intrinsic=persona.intrinsic(),
contextual=persona.contextual(),
image=persona.image(),
isAssumption=persona.assumption(),
pType=persona.type(),
tags=persona.tags(),
properties=persona.environmentProperties(),
pCodes=persona.theCodes)
try:
if not self.check_existing_persona(persona.name()):
new_id = self.db_proxy.addPersona(persona_params)
return new_id
else:
self.close()
raise OverwriteNotAllowedHTTPError(obj_name=persona.name())
except DatabaseProxyException as ex:
self.close()
raise ARMHTTPError(ex)
except ARMException as ex:
self.close()
raise ARMHTTPError(ex)
def add_attacker_motivation(self,
attacker_motivation,
environment_name=''):
assert isinstance(attacker_motivation, ValueType)
type_exists = self.check_existing_attacker_motivation(
attacker_motivation.theName, environment_name=environment_name)
if type_exists:
self.close()
raise OverwriteNotAllowedHTTPError(
obj_name='The attacker motivation')
params = ValueTypeParameters(vtName=attacker_motivation.theName,
vtDesc=attacker_motivation.theDescription,
vType='motivation',
envName=environment_name,
vtScore=attacker_motivation.theScore,
vtRat=attacker_motivation.theRationale)
try:
return self.db_proxy.addValueType(params)
except DatabaseProxyException as ex:
self.close()
raise ARMHTTPError(ex)
except ARMException as ex:
self.close()
raise ARMHTTPError(ex)
def add_countermeasure(self, countermeasure):
"""
:type countermeasure: Countermeasure
:rtype: int
:raise ARMHTTPError:
"""
countermeasure_params = CountermeasureParameters(
cmName=countermeasure.name(),
cmDesc=countermeasure.description(),
cmType=countermeasure.type(),
tags=countermeasure.tags(),
cProps=countermeasure.environmentProperties()
)
try:
if not self.check_existing_countermeasure(countermeasure.name()):
new_id = self.db_proxy.addCountermeasure(countermeasure_params)
return new_id
else:
self.close()
raise OverwriteNotAllowedHTTPError(obj_name=countermeasure.name())
except DatabaseProxyException as ex:
self.close()
raise ARMHTTPError(ex)
except ARMException as ex:
self.close()
raise ARMHTTPError(ex)
def add_response(self, response):
"""
:raises:
ARMHTTPError:
OverwriteNotAllowedHTTPError:
"""
if self.check_existing_response(response.theName):
self.close()
raise OverwriteNotAllowedHTTPError('The provided response name')
params = ResponseParameters(respName=response.theName,
respRisk=response.theRisk,
tags=response.theTags,
cProps=response.theEnvironmentProperties,
rType=response.theResponseType)
try:
resp_id = self.db_proxy.addResponse(params)
return resp_id
except DatabaseProxyException as ex:
self.close()
raise ARMHTTPError(ex)
except ARMException as ex:
self.close()
raise ARMHTTPError(ex)
def add_task(self, task):
"""
:type task: Task
:rtype: int
:raise ARMHTTPError:
"""
task_params = TaskParameters(
tName=task.name(),
tSName=task.shortCode(),
tObjt=task.objective(),
isAssumption=task.assumption(),
tAuth=task.author(),
tags=task.tags(),
cProps=task.environmentProperties()
)
try:
if not self.check_existing_task(task.name()):
new_id = self.db_proxy.addTask(task_params)
return new_id
else:
self.close()
raise OverwriteNotAllowedHTTPError(obj_name=task.name())
except DatabaseProxyException as ex:
self.close()
raise ARMHTTPError(ex)
except ARMException as ex:
self.close()
raise ARMHTTPError(ex)
def add_attacker(self, attacker):
"""
:type attacker: Attacker
:rtype: int
:raise ARMHTTPError:
"""
attacker_params = AttackerParameters(
name=attacker.theName,
desc=attacker.theDescription,
image=attacker.theImage,
tags=attacker.theTags,
properties=attacker.theEnvironmentProperties)
try:
if not self.check_existing_attacker(attacker.theName):
new_id = self.db_proxy.addAttacker(attacker_params)
return new_id
else:
self.close()
raise OverwriteNotAllowedHTTPError(obj_name=attacker.theName)
except DatabaseProxyException as ex:
self.close()
raise ARMHTTPError(ex)
except ARMException as ex:
self.close()
raise ARMHTTPError(ex)
def add_usecase(self, usecase):
"""
:type usecase: UseCase
:rtype: int
:raise ARMHTTPError:
"""
usecase_params = UseCaseParameters(
ucName=usecase.name(),
ucAuth=usecase.author(),
ucCode=usecase.code(),
ucActors=usecase.actors(),
ucDesc=usecase.description(),
tags=usecase.tags(),
cProps=usecase.environmentProperties())
for envProp in usecase.environmentProperties():
for step in envProp.steps():
for exc in step.exceptions():
self.db_proxy.nameCheck(exc[0], 'obstacle')
try:
if not self.check_existing_usecase(usecase.name()):
new_id = self.db_proxy.addUseCase(usecase_params)
return new_id
else:
self.close()
raise OverwriteNotAllowedHTTPError(obj_name=usecase.name())
except DatabaseProxyException as ex:
self.close()
raise ARMHTTPError(ex)
except ARMException as ex:
self.close()
raise ARMHTTPError(ex)
def add_vulnerability_type(self, vulnerability_type, environment_name=''):
assert isinstance(vulnerability_type, ValueType)
type_exists = self.check_existing_vulnerability_type(
vulnerability_type.theName, environment_name=environment_name)
if type_exists:
self.close()
raise OverwriteNotAllowedHTTPError(
obj_name='The vulnerability type')
params = ValueTypeParameters(vtName=vulnerability_type.theName,
vtDesc=vulnerability_type.theDescription,
vType='vulnerability_type',
envName=environment_name,
vtScore=vulnerability_type.theScore,
vtRat=vulnerability_type.theRationale)
try:
return self.db_proxy.addValueType(params)
except DatabaseProxyException as ex:
self.close()
raise ARMHTTPError(ex)
except ARMException as ex:
self.close()
raise ARMHTTPError(ex)
def add_domain_property(self, domain_property):
"""
:type domain_property: DomainProperty
:rtype: int
:raise ARMHTTPError:
"""
domain_property_params = DomainPropertyParameters(
name=domain_property.name(),
desc=domain_property.description(),
dpType=domain_property.type(),
dpOrig=domain_property.originator(),
tags=domain_property.tags())
try:
if not self.check_existing_domain_property(domain_property.name()):
new_id = self.db_proxy.addDomainProperty(
domain_property_params)
return new_id
else:
self.close()
raise OverwriteNotAllowedHTTPError(
obj_name=domain_property.name())
except DatabaseProxyException as ex:
self.close()
raise ARMHTTPError(ex)
except ARMException as ex:
self.close()
raise ARMHTTPError(ex)
def add_obstacle(self, obstacle):
obsParams = ObstacleParameters(obsName=obstacle.theName,obsOrig=obstacle.theOriginator,tags=obstacle.theTags,properties=obstacle.theEnvironmentProperties)
if not self.check_existing_obstacle(obstacle.theName):
obstacle_id = self.db_proxy.addObstacle(obsParams)
else:
self.close()
raise OverwriteNotAllowedHTTPError('The provided obstacle name')
return obstacle_id
def add_goal(self, goal):
goalParams = GoalParameters(goalName=goal.theName,
goalOrig=goal.theOriginator,
tags=goal.theTags,
properties=goal.theEnvironmentProperties)
if not self.check_existing_goal(goal.theName):
goal_id = self.db_proxy.addGoal(goalParams)
else:
self.close()
raise OverwriteNotAllowedHTTPError('The provided goal name')
return goal_id
def add_trust_boundary(self, tb):
try:
if not self.check_existing_trust_boundary(tb.name()):
self.db_proxy.addTrustBoundary(tb)
else:
self.close()
raise OverwriteNotAllowedHTTPError(obj_name=tb.name())
except DatabaseProxyException as ex:
self.close()
raise ARMHTTPError(ex)
except ARMException as ex:
self.close()
raise ARMHTTPError(ex)
def add_goal(self, goal):
goalParams = GoalParameters(goalName=goal.theName,
goalOrig=goal.theOriginator,
tags=goal.theTags,
properties=goal.theEnvironmentProperties)
try:
if not self.check_existing_goal(goal.theName):
self.db_proxy.addGoal(goalParams)
else:
self.close()
raise OverwriteNotAllowedHTTPError('The provided goal name')
except DatabaseProxyException as ex:
self.close()
raise ARMHTTPError(ex)
def add_risk(self, risk):
if self.check_existing_risk(risk.name()):
self.close()
raise OverwriteNotAllowedHTTPError('The provided risk name')
params = RiskParameters(riskName=risk.name(),threatName=risk.threat(),vulName=risk.vulnerability(),mc=risk.misuseCase(),rTags=risk.tags())
try:
risk_id = self.db_proxy.addRisk(params)
return risk_id
except DatabaseProxyException as ex:
self.close()
raise ARMHTTPError(ex)
except ARMException as ex:
self.close()
raise ARMHTTPError(ex)
def add_threat(self, threat):
threat_params = ThreatParameters(
threatName=threat.theThreatName,
thrType=threat.theType,
thrMethod=threat.theMethod,
tags=threat.theTags,
cProperties=threat.theEnvironmentProperties)
try:
if not self.check_existing_threat(threat.theThreatName):
self.db_proxy.addThreat(threat_params)
else:
raise OverwriteNotAllowedHTTPError(
obj_name=threat.theThreatName)
except DatabaseProxyException as ex:
self.close()
raise ARMHTTPError(ex)
except ARMException as ex:
self.close()
raise ARMHTTPError(ex)
def add_vulnerability(self, vulnerability):
vuln_params = VulnerabilityParameters(
vulName=vulnerability.theName,
vulDesc=vulnerability.theDescription,
vulType=vulnerability.theType,
tags=vulnerability.theTags,
cProperties=vulnerability.theEnvironmentProperties
)
try:
if not self.check_existing_vulnerability(vulnerability.theName):
new_id = self.db_proxy.addVulnerability(vuln_params)
return new_id
else:
self.close()
raise OverwriteNotAllowedHTTPError(obj_name=vulnerability.theName)
except DatabaseProxyException as ex:
self.close()
raise ARMHTTPError(ex)
except ARMException as ex:
self.close()
raise ARMHTTPError(ex)
