Exemple #1
0
        public void SetThreatModel([NotNull] IThreatModel threatModel)
        {
            _model         = threatModel;
            _catalog.Model = threatModel;

            var propertySchemaManager = new CapecPropertySchemaManager(threatModel);
            var schema       = propertySchemaManager.GetSchema();
            var propertyType = propertySchemaManager.GetHiddenPropertiesPropertyType();

            if (propertyType != null)
            {
                var property = _model.GetProperty(propertyType);
                if (property is IPropertyTokens propertyTokens)
                {
                    var hiddenProperties = propertyTokens.Value?.ToArray();
                    if (hiddenProperties?.Any() ?? false)
                    {
                        _catalog.SetHiddenProperties(hiddenProperties);
                    }
                }
            }

            _catalog.AutoLoad();
        }
        private void ImportThreats([NotNull] IEnumerable <ThreatSourceNode> nodes)
        {
            var propertySchemaManager = new CapecPropertySchemaManager(_model);
            var propertySchema        = propertySchemaManager.GetSchema();
            var threatsSchemaManager  = new ThreatsPropertySchemaManager(_model);
            var threatsSchema         = threatsSchemaManager.GetSchema();

            var hiddenProperties = _catalog.HiddenProperties.ToArray();
            var hpPropertyType   = propertySchemaManager.GetHiddenPropertiesPropertyType();

            if (hpPropertyType != null)
            {
                var property = _model.GetProperty(hpPropertyType);
                if (property is IPropertyTokens propertyTokens)
                {
                    propertyTokens.Value = hiddenProperties;
                }
                else
                {
                    _model.AddProperty(hpPropertyType, hiddenProperties.TagConcat());
                }
            }

            var unkownSeverity = _model.GetMappedSeverity(0);

            foreach (var node in nodes)
            {
                var threatType = _model.AddThreatType(node.Name, unkownSeverity);
                if (threatType != null)
                {
                    var properties = node.Properties.Where(x => !hiddenProperties.Contains(x.Key)).ToArray();
                    if (properties.Any())
                    {
                        foreach (var property in properties)
                        {
                            if (!IsSpecialProperty(property.Key, property.Value, threatType))
                            {
                                var propertyType =
                                    propertySchema.GetPropertyType(property.Key) ??
                                    propertySchema.AddPropertyType(property.Key, PropertyValueType.String);
                                if (propertyType != null)
                                {
                                    var p = threatType.GetProperty(propertyType);
                                    if (p != null)
                                    {
                                        p.StringValue = property.Value;
                                    }
                                    else
                                    {
                                        threatType.AddProperty(propertyType, property.Value);
                                    }
                                }
                            }
                        }
                    }

                    var keywords = _catalog.GetKeywords(node.Id)?.ToArray();
                    if (keywords?.Any() ?? false)
                    {
                        var keywordsPT = threatsSchema.GetPropertyType("Keywords") ??
                                         threatsSchema.AddPropertyType("Keywords", PropertyValueType.Tokens);
                        if (keywordsPT != null)
                        {
                            var keywordsP = threatType.GetProperty(keywordsPT);
                            if (keywordsP != null)
                            {
                                keywordsP.StringValue = keywords.TagConcat();
                            }
                            else
                            {
                                threatType.AddProperty(keywordsPT, keywords.TagConcat());
                            }
                        }
                    }
                }
            }
        }