public static Threat ToDataModel(this Contracts.Threat.CreateThreat create, RAAPEntities db) { var threat = new Threat { Name = create.Name, Description = create.Description, ThreatCategory = db.ThreatCategories.FirstOrDefault(tc => tc.ThreatCategoryId == create.Category.ThreatCategoryId), CreatedOn = DateTime.Now, UpdatedOn = DateTime.Now, Confidenciality = create.Confidenciality, AcceptRisk = create.AcceptRisk, Availability = create.Availability, Integrity = create.Integrity, Authenticity = create.Authenticity, InternalExternal = create.InternalExternal, RiskAssessmentMethod = create.RiskAssessmentMethod, SecuritySafety = create.SecuritySafety, ReduceRisk = create.ReduceRisk, AvoidRisk = create.AvoidRisk, ShareRisk = create.ShareRisk, }; if (create.AvoidRisk || create.AcceptRisk) { threat.RiskDate = DateTime.Now; threat.RiskUser = HttpContext.Current.User.Identity.GetUserName(); } create.Evaluations.Where(e => e.EvaluationId == 0 && !string.IsNullOrEmpty(e.Text)).OrderBy(e => e.Revision) .ForEach(e => threat.HtmlComments.Add(e.ToDataModel(db, threat))); create.Risks.ForEach(r => threat.ThreatRisks.Add(r.ToDataModel())); threat.Attributes = create.Causes.Select(c => c.ToDataModel()).ToList(); return(threat); }
public Contracts.Threat.Threat Create(Contracts.Threat.CreateThreat createThreat) { using (var db = new RAAPEntities(GetConnectionString())) { if (db.Threats.Any(a => a.Name == createThreat.Name)) { throw new RAAPConflictException("Name is already in use, please try another name."); } RiskCalculator.CheckRiskTypes(createThreat, db); RiskCalculator.CalculateRisk(createThreat); var threat = createThreat.ToDataModel(db); db.Threats.Add(threat); AddControls(db, threat, createThreat.Controls); db.SaveChanges(); return(threat.ToContract(_userService)); } }
public IHttpActionResult Post([FromBody] Contracts.Threat.CreateThreat create) { var created = ThreatService.Create(create); return(Ok(created)); }