public void SetThreatModel([NotNull] IThreatModel model)
{
_model = model;
_schemaManager = new QuestionsPropertySchemaManager(model);
InitializeGrid();
LoadModel();
}
private bool Generate([NotNull] IThreatModel model)
{
var result = false;
var schemaManager = new QuestionsPropertySchemaManager(model);
var questions = schemaManager.GetQuestions()?.ToArray();
if (questions?.Any() ?? false)
{
var asm = new AnnotationsPropertySchemaManager(model);
var pt = asm.GetAnnotationsPropertyType();
var ei = model.Entities?.OfType <IExternalInteractor>().OrderBy(x => x.Name);
var p = model.Entities?.OfType <IProcess>().OrderBy(x => x.Name);
var ds = model.Entities?.OfType <IDataStore>().OrderBy(x => x.Name);
var f = model.DataFlows?.OrderBy(x => x.Name);
var tb = model.Groups?.OfType <ITrustBoundary>().OrderBy(x => x.Name);
var te = model.GetThreatEvents()?.OrderBy(x => x.Name);
var tem = model.GetThreatEventMitigations()?
.OrderBy(x => x.Mitigation.Name)
.ThenBy(x => x.ThreatEvent.Name)
.ThenBy(x => x.ThreatEvent.Parent.Name);
var tt = model.ThreatTypes?.OrderBy(x => x.Name);
var km = model.Mitigations?.OrderBy(x => x.Name);
var sm = model.GetThreatTypeMitigations()?
.OrderBy(x => x.Mitigation.Name)
.ThenBy(x => x.ThreatType.Name);
var et = model.EntityTemplates?.OrderBy(x => x.Name);
var ft = model.FlowTemplates?.OrderBy(x => x.Name);
var tbt = model.TrustBoundaryTemplates?.OrderBy(x => x.Name);
foreach (var question in questions)
{
Generate(question, ei, asm);
Generate(question, p, asm);
Generate(question, ds, asm);
Generate(question, f, asm);
Generate(question, tb, asm);
Generate(question, te, asm);
Generate(question, tem, asm);
Generate(question, tt, asm);
Generate(question, km, asm);
Generate(question, sm, asm);
Generate(question, et, asm);
Generate(question, ft, asm);
Generate(question, tbt, asm);
Generate(question, model, asm);
}
result = true;
}
return(result);
}
public void ExecuteRibbonAction(IThreatModel threatModel, IActionDefinition action)
{
try
{
switch (action.Name)
{
case "ImportQuestions":
var openFileDialog = new OpenFileDialog()
{
DefaultExt = "tmq",
Filter = "Questions file (*.tmq)|*.tmq",
RestoreDirectory = true,
Title = "Import Questions"
};
if (openFileDialog.ShowDialog(Form.ActiveForm) == DialogResult.OK)
{
using (var file = File.OpenRead(openFileDialog.FileName))
{
using (var ms = new MemoryStream())
{
file.CopyTo(ms);
var json = ms.ToArray();
if (json.Length > 0)
{
string jsonText;
if (json[0] == 0xFF)
{
jsonText = Encoding.Unicode.GetString(json, 2, json.Length - 2);
}
else
{
jsonText = Encoding.Unicode.GetString(json);
}
IEnumerable <Question> questions;
using (var textReader = new StringReader(jsonText))
using (var reader = new JsonTextReader(textReader))
{
var serializer = new JsonSerializer
{
TypeNameHandling = TypeNameHandling.All,
SerializationBinder = new KnownTypesBinder(),
MissingMemberHandling = MissingMemberHandling.Ignore
};
questions = serializer.Deserialize <ICollection <Question> >(reader)?.ToArray();
}
if (questions?.Any() ?? false)
{
var schemaManager = new QuestionsPropertySchemaManager(threatModel);
var existing = schemaManager.GetQuestions()?.ToArray();
foreach (var question in questions)
{
if (!(existing?.Any(x =>
string.CompareOrdinal(x.Text, question.Text) == 0) ?? false))
{
schemaManager.AddQuestion(question);
}
}
}
}
}
}
}
break;
}
}
catch
{
ShowWarning?.Invoke("Question Import failed.\nThe Threat Model may have some questions applied.");
throw;
}
}
