private static bool ApplyThreatType([NotNull] IIdentity identity, [NotNull] ThreatTypeInfo tti, [NotNull] AutoGenRulesPropertySchemaManager schemaManager) { bool result = false; if (tti.Rule.Evaluate(identity) && identity is IThreatEventsContainer container) { var threatEvent = container.AddThreatEvent(tti.ThreatType); if (threatEvent == null) { threatEvent = container.ThreatEvents.FirstOrDefault(x => x.ThreatTypeId == tti.ThreatType.Id); } else { result = true; } if (threatEvent != null) { result |= threatEvent.ApplyMitigations(tti.TopOnly, schemaManager); } } return(result); }
public static bool HasTop(this IThreatModel model, AutoGenRulesPropertySchemaManager schemaManager = null) { bool result = false; if (schemaManager == null) { schemaManager = new AutoGenRulesPropertySchemaManager(model); } var threatTypes = model.ThreatTypes?.Where(x => schemaManager.IsTop(x)).ToArray(); if (threatTypes?.Any() ?? false) { foreach (var threatType in threatTypes) { if (threatType.Mitigations?.Any(x => schemaManager.IsTop(x)) ?? false) { result = true; break; } } } return(result); }
private static IEnumerable <ThreatTypeInfo> GetThreatTypesWithRules( [NotNull] IThreatModel model, bool topOnly, [NotNull] AutoGenRulesPropertySchemaManager schemaManager) { IEnumerable <ThreatTypeInfo> result = null; var threatTypes = model.ThreatTypes? .Where(x => !topOnly || schemaManager.IsTop(x)) .ToArray(); if (threatTypes?.Any() ?? false) { List <ThreatTypeInfo> list = null; foreach (var threatType in threatTypes) { var rule = GetRule(threatType); if (rule != null) { if (list == null) { list = new List <ThreatTypeInfo>(); } list.Add(new ThreatTypeInfo(threatType, rule, topOnly)); } } result = list?.AsReadOnly(); } return(result); }
private bool ApplyGenRule([NotNull] IPropertiesContainer container, string value) { var result = false; if (container is IThreatModelChild child) { var propertyType = new AutoGenRulesPropertySchemaManager(child.Model).GetPropertyType(); if (propertyType != null) { var property = container.GetProperty(propertyType); if (property != null) { property.StringValue = value; } else { container.AddProperty(propertyType, value); } result = true; } } return(result); }
public static bool HasTop(this IThreatTypeMitigation mitigation, AutoGenRulesPropertySchemaManager schemaManager = null) { if (schemaManager == null) { schemaManager = new AutoGenRulesPropertySchemaManager(mitigation.Model); } return(schemaManager.IsTop(mitigation)); }
public static void SetTop(this IPropertiesContainer container, bool top, AutoGenRulesPropertySchemaManager schemaManager = null) { if (container is IThreatModelChild child && (container is IThreatType || container is IThreatTypeMitigation)) { if (schemaManager == null) { schemaManager = new AutoGenRulesPropertySchemaManager(child.Model); } schemaManager.SetTop(container, top); } }
public IEnumerable <KeyValuePair <string, IPropertyType> > GetProperties([NotNull] IThreatModel model) { IEnumerable <KeyValuePair <string, IPropertyType> > result = null; var schemaManager = new AutoGenRulesPropertySchemaManager(model); var mitigations = model.Mitigations? .Where(x => model.GetThreatTypeMitigations(x)?.Any(y => y.HasTop(schemaManager)) ?? false) .OrderBy(x => x.Name) .ToArray(); if (mitigations?.Any() ?? false) { var dict = new Dictionary <string, IPropertyType>(); foreach (var mitigation in mitigations) { var properties = mitigation.Properties? .Where(x => !(x.PropertyType?.DoNotPrint ?? true) && model.GetSchema(x.PropertyType.SchemaId) is IPropertySchema schema && (string.CompareOrdinal(schema.Namespace, SchemaNamespace) != 0 || string.CompareOrdinal(schema.Name, SchemaName) != 0 || string.CompareOrdinal(x.PropertyType.Name, PropertyName) != 0)) .Select(x => x.PropertyType) .ToArray(); if (properties?.Any() ?? false) { foreach (var property in properties) { if (!dict.ContainsKey(property.Name)) { dict.Add(property.Name, property); } } } } result = dict .OrderBy(x => model.GetSchema(x.Value.SchemaId).Priority) .ThenBy(x => x.Value.Priority) .ToArray(); } return(result); }
public static void SetRule(this IPropertiesContainer container, SelectionRule rule, IThreatModel model = null) { if (model == null && container is IThreatModelChild child) { model = child.Model; } if (model != null) { var schemaManager = new AutoGenRulesPropertySchemaManager(model); var propertyType = schemaManager.GetPropertyType(); var property = container.GetProperty(propertyType) ?? container.AddProperty(propertyType, null); if (property is IPropertyJsonSerializableObject jsonSerializableObject) { jsonSerializableObject.Value = rule; } } }
private bool Execute([NotNull] IPropertiesContainer container) { var result = false; if (container is IThreatModelChild child) { var propertyType = new AutoGenRulesPropertySchemaManager(child.Model).GetPropertyType(); if (propertyType != null) { DataObject dataObject = new DataObject(); dataObject.SetData("AutoGenRule", container.GetProperty(propertyType)?.StringValue ?? string.Empty); Clipboard.SetDataObject(dataObject); result = true; } } return(result); }
public static bool HasTop(this IThreatType threatType, AutoGenRulesPropertySchemaManager schemaManager = null) { bool result = false; if (schemaManager == null) { schemaManager = new AutoGenRulesPropertySchemaManager(threatType.Model); } if (schemaManager.IsTop(threatType)) { if (threatType.Mitigations?.Any(x => schemaManager.IsTop(x)) ?? false) { result = true; } } return(result); }
public static bool GenerateThreatEvents(this IDataFlow flow, bool topOnly, AutoGenRulesPropertySchemaManager schemaManager = null) { bool result = false; if (flow.Model is IThreatModel model) { if (schemaManager == null) { schemaManager = new AutoGenRulesPropertySchemaManager(model); } var threatTypesWithRules = GetThreatTypesWithRules(model, topOnly, schemaManager)?.ToArray(); if (threatTypesWithRules?.Any() ?? false) { ApplyThreatTypes(flow, threatTypesWithRules, schemaManager); result = true; } } return(result); }
public static SelectionRule GetRule(this IPropertiesContainer container, IThreatModel model = null) { SelectionRule result = null; if (model == null && container is IThreatModelChild child) { model = child.Model; } if (model != null) { var schemaManager = new AutoGenRulesPropertySchemaManager(model); var propertyType = schemaManager.GetPropertyType(); if (container.HasProperty(propertyType)) { if (container.GetProperty(propertyType) is IPropertyJsonSerializableObject jsonSerializableObject) { result = jsonSerializableObject.Value as SelectionRule; } } else { var oldSchema = model.GetSchema(OldSchemaName, Properties.Resources.DefaultNamespace); var oldPropertyType = oldSchema?.GetPropertyType(OldPropertyName); if (oldPropertyType != null) { if (container.GetProperty(oldPropertyType) is IPropertyJsonSerializableObject jsonSerializableObject) { result = jsonSerializableObject.Value as SelectionRule; container.AddProperty(propertyType, jsonSerializableObject.StringValue); container.RemoveProperty(oldPropertyType); } } } } return(result); }
public static bool GenerateThreatEvents(this IThreatModel model, bool topOnly, AutoGenRulesPropertySchemaManager schemaManager = null) { var result = false; if (schemaManager == null) { schemaManager = new AutoGenRulesPropertySchemaManager(model); } var threatTypesWithRules = GetThreatTypesWithRules(model, topOnly, schemaManager)?.ToArray(); if (threatTypesWithRules?.Any() ?? false) { ApplyThreatTypes(model, threatTypesWithRules, schemaManager); var entities = model.Entities?.ToArray(); if (entities?.Any() ?? false) { foreach (var entity in entities) { ApplyThreatTypes(entity, threatTypesWithRules, schemaManager); } } var dataFlows = model.DataFlows?.ToArray(); if (dataFlows?.Any() ?? false) { foreach (var dataFlow in dataFlows) { ApplyThreatTypes(dataFlow, threatTypesWithRules, schemaManager); } } result = true; } return(result); }
private static bool ApplyThreatTypes([NotNull] IIdentity identity, [NotNull] IEnumerable <ThreatTypeInfo> threatTypesWithRules, [NotNull] AutoGenRulesPropertySchemaManager schemaManager) { bool result = false; foreach (var threatTypeWithRule in threatTypesWithRules) { result |= ApplyThreatType(identity, threatTypeWithRule, schemaManager); } return(result); }
public IEnumerable <KeyValuePair <string, IEnumerable <ListItem> > > GetList(IThreatModel model) { IEnumerable <KeyValuePair <string, IEnumerable <ListItem> > > result = null; var schemaManager = new AutoGenRulesPropertySchemaManager(model); var mitigations = model.Mitigations? .Where(x => model.GetThreatTypeMitigations(x)?.Any(y => y.HasTop(schemaManager)) ?? false) .OrderBy(x => x.Name) .ToArray(); if ((mitigations?.Any() ?? false) && !string.IsNullOrWhiteSpace(SchemaNamespace) && !string.IsNullOrWhiteSpace(SchemaName) && !string.IsNullOrWhiteSpace(PropertyName)) { var list = new List <KeyValuePair <string, IEnumerable <ListItem> > >(); var propertyType = model.GetSchema(SchemaName, SchemaNamespace)?.GetPropertyType(PropertyName); if (propertyType != null) { var possibleValues = mitigations .Where(x => x.HasProperty(propertyType)) .Select(x => x.GetProperty(propertyType)?.StringValue) .OrderBy(x => x) .Distinct() .ToArray(); if (possibleValues.Any()) { foreach (var possibleValue in possibleValues) { if (!string.IsNullOrWhiteSpace(possibleValue)) { var selectedMitigations = mitigations .Where(x => x.HasProperty(propertyType) && string.CompareOrdinal(x.GetProperty(propertyType).StringValue, possibleValue) == 0) .ToArray(); var listItems = GetListItems(model, selectedMitigations)?.ToArray(); if (listItems?.Any() ?? false) { list.Add(new KeyValuePair <string, IEnumerable <ListItem> >(possibleValue, listItems)); } } } } var remainingMitigations = mitigations .Where(x => !x.HasProperty(propertyType) || string.IsNullOrWhiteSpace(x.GetProperty(propertyType)?.StringValue)) .ToArray(); var remainingListItems = GetListItems(model, remainingMitigations)?.ToArray(); if (remainingListItems?.Any() ?? false) { list.Add(new KeyValuePair <string, IEnumerable <ListItem> >("<undefined>", remainingListItems)); } } result = list; } return(result); }
public static bool ApplyMitigations(this IThreatEvent threatEvent, bool topOnly, AutoGenRulesPropertySchemaManager schemaManager = null) { bool result = false; if (threatEvent.ThreatType is IThreatType threatType && threatEvent.Model is IThreatModel model && threatEvent.Parent is IIdentity identity) { if (schemaManager == null) { schemaManager = new AutoGenRulesPropertySchemaManager(model); } var mitigations = threatType.Mitigations? .Where(x => !topOnly || schemaManager.IsTop(x)) .ToArray(); if (mitigations?.Any() ?? false) { ISeverity maximumSeverity = null; foreach (var mitigation in mitigations) { var rule = GetRule(mitigation); if (rule?.Evaluate(identity) ?? false) { var strength = mitigation.Strength; if (rule is MitigationSelectionRule mitigationRule) { if (mitigationRule.StrengthId.HasValue && model.GetStrength(mitigationRule.StrengthId.Value) is IStrength strengthOverride) { strength = strengthOverride; } var status = mitigationRule.Status ?? MitigationStatus.Undefined; var generated = (threatEvent.AddMitigation(mitigation.Mitigation, strength, status) != null); result |= generated; if (generated && mitigationRule.SeverityId.HasValue && model.GetSeverity(mitigationRule.SeverityId.Value) is ISeverity severity && (maximumSeverity == null || maximumSeverity.Id > severity.Id)) { maximumSeverity = severity; } } else { result |= (threatEvent.AddMitigation(mitigation.Mitigation, strength, MitigationStatus.Undefined) != null); } } } if (maximumSeverity != null && maximumSeverity.Id < threatEvent.SeverityId) { threatEvent.Severity = maximumSeverity; } } } return(result); }
public static bool HasTop(this IThreatEvent threatEvent, AutoGenRulesPropertySchemaManager schemaManager = null) { return(threatEvent?.ThreatType?.HasTop(schemaManager) ?? false); }