public void Initialize([NotNull] IThreatModel model)
{
var entitiesPropertySchemaManager = new EntitiesPropertySchemaManager(model);
entitiesPropertySchemaManager.GetSchema();
var dataFlowsPropertySchemaManager = new DataFlowsPropertySchemaManager(model);
dataFlowsPropertySchemaManager.GetSchema();
var threatsPropertySchemaManager = new ThreatsPropertySchemaManager(model);
threatsPropertySchemaManager.GetSchema();
}
private IDataFlow GetDataFlow([Required] string msDataFlowId, [NotNull] IThreatModel model,
[NotNull] DataFlowsPropertySchemaManager schemaManager)
{
IDataFlow result = null;
var dataFlows = model.DataFlows?.ToArray();
if (dataFlows != null)
{
foreach (var dataFlow in dataFlows)
{
var id = schemaManager.GetMsTmtDataFlowId(dataFlow);
if (string.CompareOrdinal(id, msDataFlowId) == 0)
{
result = dataFlow;
break;
}
}
}
return(result);
}
private int ImportDataFlows([NotNull] ThreatModel source, [NotNull] IThreatModel target)
{
int result = 0;
var flows = source.Flows;
if (flows?.Any() ?? false)
{
var entitiesSchemaManager = new EntitiesPropertySchemaManager(target);
var dataFlowsSchemaManager = new DataFlowsPropertySchemaManager(target);
var schema = dataFlowsSchemaManager.GetSchema();
foreach (var flow in flows)
{
var sourceEntity = GetEntity(flow.SourceGuid.ToString(), target, entitiesSchemaManager);
var targetEntity = GetEntity(flow.TargetGuid.ToString(), target, entitiesSchemaManager);
if (sourceEntity != null && targetEntity != null)
{
var dataFlow = target.AddDataFlow(flow.Name, sourceEntity.Id, targetEntity.Id);
if (dataFlow != null)
{
dataFlowsSchemaManager.SetMsTmtDataFlowId(dataFlow, flow.FlowId.ToString());
var properties = flow.Properties?.ToArray();
AddProperties(schema, dataFlow, properties);
}
IDiagram diagram = target.Diagrams?.FirstOrDefault(x =>
string.CompareOrdinal(x.Name, flow.PageName) == 0);
diagram?.AddLink(dataFlow);
result++;
}
}
}
return(result);
}
private void ImportThreats([NotNull] ThreatModel source, [NotNull] IThreatModel target,
Func <IThreatModel, Threat, IThreatType, IPropertySchema, bool> unassignedThreatHandler,
out int threatTypes, out int customThreatTypes, out int threats, out int missingThreats)
{
threatTypes = 0;
customThreatTypes = 0;
threats = 0;
missingThreats = 0;
var threatsPerType = source.ThreatsPerType;
if (threatsPerType?.Any() ?? false)
{
var schema = new ThreatsPropertySchemaManager(target).GetSchema();
InitializeThreatsPropertySchema(schema, source.Properties);
var dataFlowsSchemaManager = new DataFlowsPropertySchemaManager(target);
var defaultSeverity = target.GetMappedSeverity(0);
foreach (var threatPerType in threatsPerType)
{
var threatTypeName = source.GetThreatTypeName(threatPerType.Key);
IThreatType threatType = null;
if (!string.IsNullOrWhiteSpace(threatTypeName))
{
ISeverity severity;
if (Enum.TryParse <DefaultSeverity>(source.GetThreatTypePriority(threatPerType.Key), out var severityId))
{
severity = target.GetMappedSeverity((int)severityId);
}
else
{
severity = target.GetMappedSeverity((int)DefaultSeverity.High);
}
threatType = target.AddThreatType(threatTypeName, severity);
if (threatType != null)
{
threatType.Description = source.GetThreatTypeDescription(threatPerType.Key);
var threatTypeProperties = source.GetThreatTypeProperties(threatPerType.Key);
foreach (var property in threatTypeProperties)
{
switch (property.Name)
{
case "Title":
break;
case "UserThreatDescription":
break;
case "Priority":
break;
default:
var propertyType = schema.GetPropertyType(property.Label);
if (propertyType != null)
{
threatType.AddProperty(propertyType, property.Values.FirstOrDefault());
}
break;
}
}
threatTypes++;
}
else
{
threatType = target.ThreatTypes?
.FirstOrDefault(x => string.CompareOrdinal(x.Name, threatTypeName) == 0);
}
}
else
{
var internalThreats = threatPerType.Value;
if (internalThreats.Any())
{
foreach (var internalThreat in internalThreats)
{
threatType = target.AddThreatType(internalThreat.ToString(), defaultSeverity);
if (threatType != null)
{
threatType.Description = internalThreat.GetValueFromLabel("Description");
customThreatTypes++;
}
else
{
threatType = target.ThreatTypes?.FirstOrDefault(x =>
string.CompareOrdinal(x.Name, internalThreat.ToString()) == 0);
}
break;
}
}
}
if (threatType != null)
{
foreach (var threat in threatPerType.Value)
{
var flow = GetDataFlow(threat.FlowGuid.ToString(), target, dataFlowsSchemaManager);
if (flow != null)
{
var threatEvent = flow.AddThreatEvent(threatType);
if (threatEvent != null)
{
AddProperties(threatEvent, threat, schema);
threats++;
}
else
{
missingThreats++;
}
}
else
{
if (unassignedThreatHandler(target, threat, threatType, schema))
{
threats++;
}
else
{
missingThreats++;
}
}
}
}
}
}
}
