public RoadmapStatus GetStatus(IMitigation mitigation)
{
var result = GetStatusFromProperties(mitigation);
var tems = mitigation.GetThreatEventMitigations()?.ToArray();
if (!(tems?.Any() ?? false))
{
result = RoadmapStatus.NotAssessed;
}
if (result == RoadmapStatus.NotAssessed)
{
if (tems?.Any() ?? false)
{
if (tems.All(x =>
x.Status == MitigationStatus.Existing || x.Status == MitigationStatus.Implemented))
{
result = RoadmapStatus.NoActionRequired;
}
}
}
return(result);
}
private async void AutoLoad([NotNull] IMitigation mitigation, [NotNull] IDevOpsConnector connector,
[NotNull] DevOpsPropertySchemaManager schemaManager)
{
try
{
var devOpsItemInfos = (await connector.GetItemsAsync(mitigation.Name))?.ToArray();
if ((devOpsItemInfos?.Length ?? 0) == 1)
{
var info = devOpsItemInfos.First();
if (info?.Id >= 0)
{
var workItemInfo = await connector.GetWorkItemInfoAsync(info.Id);
if (workItemInfo != null)
{
schemaManager.SetDevOpsStatus(mitigation, connector, info.Id,
info.Url, info.AssignedTo, workItemInfo.Status);
}
}
}
}
finally
{
_countdown.Signal();
}
}
/// <summary>
/// Constructor.
/// </summary>
/// <param name="mitigation">Mitigation for which it has not been possible to create the Mitigation.</param>
public WorkItemStateChangeException([NotNull] IMitigation mitigation, WorkItemStatus initialStatus, WorkItemStatus finalStatus) :
base("A failure occurred during update of the Work Item status.")
{
Mitigation = mitigation;
InitialStatus = initialStatus;
FinalStatus = finalStatus;
}
private void Assign([NotNull] IMitigation mitigation, [NotNull] IStrength strength, MitigationStatus status = MitigationStatus.Undefined)
{
if (_threatType != null)
{
_threatType.AddMitigation(mitigation, strength);
}
else if (_threatEvent != null)
{
if (_standardMitigationsContainer.Visible && _standardMitigations.Checked &&
!(_threatEvent.ThreatType?.Mitigations?.Any(x => x.MitigationId == mitigation.Id) ?? false))
{
_threatEvent.ThreatType?.AddMitigation(mitigation, strength);
}
_threatEvent.AddMitigation(mitigation, strength, status);
}
else if (_weakness != null)
{
_weakness.AddMitigation(mitigation, strength);
}
else if (_vulnerability != null)
{
if (_standardMitigationsContainer.Visible && _standardMitigations.Checked &&
!(_vulnerability.Weakness?.Mitigations?.Any(x => x.MitigationId == mitigation.Id) ?? false))
{
_vulnerability.Weakness?.AddMitigation(mitigation, strength);
}
_vulnerability.AddMitigation(mitigation, strength, status);
}
}
public Row([NotNull] IMitigation mitigation, IEnumerable <IThreatEventMitigation> mitigations)
{
RowType = RowType.Mitigation;
Values = new[] { mitigation.Name, null };
Identity = mitigation;
Mitigations = mitigations;
}
public IVulnerabilityMitigation AddMitigation(IMitigation mitigation, IStrength strength,
MitigationStatus status = MitigationStatus.Proposed, string directives = null)
{
if (mitigation == null)
{
throw new ArgumentNullException(nameof(mitigation));
}
IVulnerabilityMitigation result = null;
if (GetMitigation(mitigation.Id) == null && Instance is IVulnerability vulnerability)
{
result = new VulnerabilityMitigation(vulnerability, mitigation, strength)
{
Status = status, Directives = directives
};
if (_mitigations == null)
{
_mitigations = new List <IVulnerabilityMitigation>();
}
_mitigations.Add(result);
if (Instance is IDirty dirtyObject)
{
dirtyObject.SetDirty();
}
_vulnerabilityMitigationAdded?.Invoke(vulnerability, result);
}
return(result);
}
private bool Set(IMitigation mitigation, int pos)
{
bool result = false;
var status = GetPaletteWorkItemStatus(pos);
try
{
_loading = true;
DevOpsManager.SetMitigationsStatusAsync(mitigation, status);
result = true;
}
catch (WorkItemCreationException)
{
MoveItem(mitigation, status, WorkItemStatus.Unknown);
ShowWarning?.Invoke($"Mitigation creation failed.\nPlease wait a few moments and retry, because the problem may be temporary.");
}
catch (WorkItemStateChangeException stateChangeException)
{
MoveItem(mitigation, stateChangeException.FinalStatus, stateChangeException.InitialStatus);
ShowWarning?.Invoke($"Mitigation movement failed.\nPlease wait a few moments and retry, because the problem may be temporary.");
}
finally
{
_loading = false;
}
return(result);
}
private string GetMitigationExposure([NotNull] IMitigation mitigation)
{
return(_model.GetThreatEventMitigations(mitigation)?
.Select(x => x.ThreatEvent.Id.ToString("N"))
.OrderBy(x => x)
.TagConcat());
}
public void SetFirstSeenOn([NotNull] IMitigation mitigation, Iteration info)
{
var iterationFirstSeenPropertyType = GetIterationFirstSeenPropertyType();
var mitigationExposurePropertyType = GetMitigationExposurePropertyType();
if (iterationFirstSeenPropertyType != null && mitigationExposurePropertyType != null)
{
var propertyFirstSeen = mitigation.GetProperty(iterationFirstSeenPropertyType) ?? mitigation.AddProperty(iterationFirstSeenPropertyType, null);
var propertyMitigationExposure = mitigation.GetProperty(mitigationExposurePropertyType) ?? mitigation.AddProperty(mitigationExposurePropertyType, null);
if (propertyFirstSeen is IPropertyJsonSerializableObject firstSeen &&
propertyMitigationExposure is IPropertySingleLineString mitigationExposure)
{
if (info == null)
{
firstSeen.StringValue = null;
mitigationExposure.StringValue = null;
}
else
{
firstSeen.Value = new IterationInfo(info);
mitigationExposure.StringValue = GetMitigationExposure(mitigation);
}
}
}
}
public static RoadmapStatus GetStatus(this IMitigation mitigation, out bool automatedCalculation)
{
var result = GetStatusFromProperties(mitigation);
automatedCalculation = false;
var tems = mitigation.GetThreatEventMitigations();
if (!(tems?.Any() ?? false))
{
result = RoadmapStatus.NotAssessed;
}
if (result == RoadmapStatus.NotAssessed)
{
if (tems?.Any() ?? false)
{
if (tems.All(x =>
x.Status == MitigationStatus.Existing || x.Status == MitigationStatus.Implemented))
{
result = RoadmapStatus.NoActionRequired;
automatedCalculation = true;
}
}
}
return(result);
}
private IEnumerable <Line> GetLines([NotNull] IMitigation mitigation)
{
IEnumerable <Line> result = null;
var model = mitigation.Model;
var threatEventMitigations = model.GetThreatEventMitigations(mitigation)?
.Where(x => x.Status != MitigationStatus.Existing && x.Status != MitigationStatus.Implemented && x.Status != MitigationStatus.Undefined)
.OrderBy(x => x.Status.ToString())
.ThenBy(x => x.ThreatEvent.Parent.Name)
.ThenBy(x => x.ThreatEvent.Name)
.ToArray();
if (threatEventMitigations?.Any() ?? false)
{
var list = new List <Line>();
foreach (var tem in threatEventMitigations)
{
list.Add(new Line(tem.ThreatEvent.Name,
$"[{model.GetIdentityTypeInitial(tem.ThreatEvent.Parent)}] {tem.ThreatEvent.Parent.Name}: ",
null, new [] { tem.ThreatEvent.Id, tem.ThreatEvent.ThreatTypeId }, tem.Status.ToString()));
}
result = list;
}
return(result);
}
public IThreatEventMitigation AddMitigation(IMitigation mitigation, IStrength strength,
MitigationStatus status = MitigationStatus.Proposed, string directives = null)
{
if (!(IsInitialized?.Get() ?? false))
{
return(null);
}
if (mitigation == null)
{
throw new ArgumentNullException(nameof(mitigation));
}
IThreatEventMitigation result = null;
if (GetMitigation(mitigation.Id) == null)
{
result = new ThreatEventMitigation(MySelf?.Get(), mitigation, strength);
result.Status = status;
result.Directives = directives;
if (_mitigations == null)
{
_mitigations = new List <IThreatEventMitigation>();
}
_mitigations.Add(result);
Dirty.IsDirty = true;
_threatEventMitigationAdded?.Invoke(MitigationsContainer?.Get(), result);
}
return(result);
}
private void _ok_Click(object sender, EventArgs e)
{
if (Enum.TryParse <SecurityControlType>((string)_controlType.SelectedItem, out var controlType))
{
_mitigation = _threatModel.AddMitigation(_name.Text);
_mitigation.Description = _description.Text;
_mitigation.ControlType = controlType;
}
}
public void RemoveDevOpsInfos([NotNull] IMitigation mitigation)
{
var propertyType = GetDevOpsInfoPropertyType();
if (propertyType != null)
{
mitigation.RemoveProperty(propertyType);
}
}
public WeaknessMitigation([NotNull] IThreatModel model, [NotNull] IWeakness weakness,
[NotNull] IMitigation mitigation, IStrength strength) : this()
{
_model = model;
_modelId = model.Id;
_weaknessId = weakness.Id;
_weakness = weakness;
_mitigationId = mitigation.Id;
_mitigation = mitigation;
Strength = strength;
}
private void OnRemoveMitigation(IMitigation obj)
{
var node = Document.OfType <RoadmapItem>()
.FirstOrDefault(x => x.Mitigation == obj);
if (node != null)
{
RemoveNode(node);
RefreshNodes();
}
}
public ThreatTypeMitigation([NotNull] IThreatModel model, [NotNull] IThreatType threatType,
[NotNull] IMitigation mitigation, IStrength strength) : this()
{
_model = model;
_modelId = model.Id;
_threatTypeId = threatType.Id;
_threatType = threatType;
_mitigationId = mitigation.Id;
_mitigation = mitigation;
Strength = strength;
}
private void RemoveRelatedForThreatTypes([NotNull] IMitigation mitigation)
{
var threatTypes = _threatTypes?.ToArray();
if (threatTypes?.Any() ?? false)
{
foreach (var threatType in threatTypes)
{
threatType.RemoveMitigation(mitigation.Id);
}
}
}
public void Add([NotNull] IMitigation mitigation)
{
if (_mitigations == null)
{
_mitigations = new List <IMitigation>();
}
_mitigations.Add(mitigation);
SetDirty();
ChildCreated?.Invoke(mitigation);
}
public VulnerabilityMitigation([NotNull] IVulnerability vulnerability, [NotNull] IMitigation mitigation, IStrength strength) : this()
{
_model = vulnerability.Model;
_modelId = vulnerability.Model.Id;
_vulnerabilityId = vulnerability.Id;
_vulnerability = vulnerability;
_mitigationId = mitigation.Id;
_mitigation = mitigation;
Strength = strength;
_model.AutoApplySchemas(this);
}
public ThreatEventMitigation([NotNull] IThreatEvent threatEvent, [NotNull] IMitigation mitigation, IStrength strength) : this()
{
_model = threatEvent.Model;
_modelId = threatEvent.Model.Id;
_threatEventId = threatEvent.Id;
_threatEvent = threatEvent;
_mitigationId = mitigation.Id;
_mitigation = mitigation;
Strength = strength;
_model.AutoApplySchemas(this);
}
public DevOpsWorkItemConnectionInfo GetDevOpsInfo([NotNull] IMitigation mitigation, [NotNull] IDevOpsConnector connector)
{
DevOpsWorkItemConnectionInfo result = null;
var info = GetInfo(mitigation);
if (info != null)
{
result = GetConnectionInfo <DevOpsWorkItemConnectionInfo>(info, connector);
}
return(result);
}
public SelectStrengthDialog([NotNull] IMitigation mitigation) : this()
{
_mitigationName.Text = mitigation.Name;
if (mitigation.Model is IThreatModel model)
{
var strengths = model.Strengths?.Where(x => x.Visible).ToArray();
if (strengths?.Any() ?? false)
{
_strengths.Items.AddRange(strengths);
}
}
}
public string GetValue([NotNull] IMitigation mitigation)
{
string result = null;
// ReSharper disable once PatternAlwaysOfType
if (mitigation.Model is IThreatModel model)
{
var schemaManager = new DevOpsPropertySchemaManager(model);
result = schemaManager.GetFirstSeenOn(mitigation)?.GetIteration(model)?.Name;
}
return(result);
}
private KanbanItem GetItem([NotNull] IMitigation mitigation, [Positive] int index)
{
KanbanItem result = null;
var palette = GetPalette(index);
if (palette != null)
{
result = palette.GetNode(mitigation);
}
return(result);
}
private static void GetThreatEventMitigations([NotNull] IMitigation mitigation, IEnumerable <IThreatEventsContainer> containers,
[NotNull] List <IThreatEventMitigation> list)
{
var tecs = containers?.ToArray();
if (tecs?.Any() ?? false)
{
foreach (var tec in tecs)
{
GetThreatEventMitigations(mitigation, tec, list);
}
}
}
public static async Task <bool> SetMitigationsStatusAsync([NotNull] IMitigation mitigation, WorkItemStatus status)
{
bool result = false;
var model = mitigation.Model;
if (model != null)
{
var connector = GetConnector(model);
if (connector?.IsConnected() ?? false)
{
var workItemInfo = await connector.GetWorkItemInfoAsync(mitigation).ConfigureAwait(false);
int id;
if (workItemInfo == null)
{
id = await connector.CreateWorkItemAsync(mitigation).ConfigureAwait(false);
if (id >= 0)
{
workItemInfo = await connector.GetWorkItemInfoAsync(id).ConfigureAwait(false);
}
}
else
{
id = workItemInfo.Id;
}
if (id >= 0)
{
if (await connector.SetWorkItemStateAsync(id, status).ConfigureAwait(false))
{
var schemaManager = new DevOpsPropertySchemaManager(model);
schemaManager.SetDevOpsStatus(mitigation, connector, id, workItemInfo?.Url, status);
result = true;
}
else
{
throw new WorkItemStateChangeException(mitigation,
workItemInfo?.Status ?? WorkItemStatus.Created, status);
}
}
else
{
throw new WorkItemCreationException(mitigation);
}
}
}
return(result);
}
