def get(self):
session_id = get_session_id(session, request)
constraint_id = request.args.get('constraint_id', -1)
dao = RiskDAO(session_id)
risks = dao.get_risks(constraint_id)
resp = make_response(json_serialize(risks, session_id=session_id),
httplib.OK)
resp.contenttype = 'application/json'
return resp
def post(self):
session_id = get_session_id(session, request)
dao = RiskDAO(session_id)
risk = dao.from_json(request)
risk_id = dao.add_risk(risk)
resp_dict = {'message': 'Risk successfully added', 'risk_id': risk_id}
resp = make_response(json_serialize(resp_dict), httplib.OK)
resp.contenttype = 'application/json'
return resp
def get(self, threat, vulnerability, environment):
session_id = get_session_id(session, request)
dao = RiskDAO(session_id)
risk_rating = dao.get_risk_rating_by_tve(threat, vulnerability,
environment)
resp = make_response(
json_serialize(risk_rating, session_id=session_id), httplib.OK)
resp.contenttype = 'application/json'
return resp
def delete(self, name):
session_id = get_session_id(session, request)
dao = RiskDAO(session_id)
dao.delete_risk(name)
dao.close()
resp_dict = {'message': 'Risk successfully deleted'}
resp = make_response(json_serialize(resp_dict), httplib.OK)
resp.headers['Content-type'] = 'application/json'
return resp
def get(self, name):
session_id = get_session_id(session, request)
dao = RiskDAO(session_id)
found_risk = dao.get_risk_by_name(name)
dao.close()
resp = make_response(json_serialize(found_risk, session_id=session_id),
httplib.OK)
resp.headers['Content-type'] = 'application/json'
return resp
def get(self):
session_id = get_session_id(session, request)
constraintsId = request.args.get('constraints_id', -1)
dao = RiskDAO(session_id)
misuse_cases = dao.get_misuse_cases(constraintsId)
dao.close()
resp = make_response(
json_serialize(misuse_cases, session_id=session_id), httplib.OK)
resp.headers['Content-type'] = 'application/json'
return resp
def put(self, name):
session_id = get_session_id(session, request)
dao = RiskDAO(session_id)
new_risk = dao.from_json(request)
dao.update_risk(name, new_risk)
dao.close()
resp_dict = {'message': 'Risk successfully updated'}
resp = make_response(json_serialize(resp_dict), httplib.OK)
resp.headers['Content-type'] = 'application/json'
return resp
def get(self, environment):
session_id = get_session_id(session, request)
dim_name = request.args.get('dimension_name', '')
obj_name = request.args.get('object_name', '')
dao = RiskDAO(session_id)
dotcode = dao.get_risk_analysis_model(environment, dim_name, obj_name)
model_gen = get_model_generator()
svg_code = model_gen.generate(dotcode, model_type='risk')
accept_header = request.headers.get('accept', 'image/svg+xml')
resp = make_response(svg_code, httplib.OK)
if accept_header.find('image/svg+xml') or accept_header.find(
'text/html'):
resp.contenttype = 'image/svg+xml'
else:
resp.contenttype = 'text/plain'
return resp