예제 #1
0
        public void SetThreatModel([NotNull] IThreatModel model)
        {
            _model         = model;
            _schemaManager = new AnnotationsPropertySchemaManager(_model);
            _propertyType  = _schemaManager.GetAnnotationsPropertyType();

            LoadModel();
        }
예제 #2
0
 public static IEnumerable <IMitigation> GetKnownMitigations(this IThreatModel model,
                                                             [NotNull] AnnotationsPropertySchemaManager schemaManager, [NotNull] IPropertyType propertyType,
                                                             string filter, bool showOnlyOpenQuestions = false)
 {
     return(model.Mitigations?
            .Where(x => x.HasNotesWithText(schemaManager, filter) && (showOnlyOpenQuestions ? schemaManager.HasOpenTopics(x) : x.HasProperty(propertyType)))
            .OrderBy(x => x.Name));
 }
예제 #3
0
 public static bool HasNotesWithText(this IPropertiesContainer container, [NotNull] AnnotationsPropertySchemaManager schemaManager, string filter)
 {
     return(string.IsNullOrWhiteSpace(filter) ||
            (schemaManager.GetAnnotations(container)?
             .Any(x => x.Text != null && x.Text.ToLower().Contains(filter.ToLower()) ||
                  (x is TopicToBeClarified topic &&
                   (topic.Answers?.Any(y => y.Text != null && y.Text.ToLower().Contains(filter.ToLower())) ?? false))) ?? false));
 }
예제 #4
0
        public void ExecuteCustomAction([NotNull] IActionDefinition action)
        {
            var schemaManager = new AnnotationsPropertySchemaManager(_model);

            _right.SuspendLayout();

            switch (action.Name)
            {
            case "AddReviewNote":
                if (_selected != null)
                {
                    var review = new ReviewNote();
                    schemaManager.AddAnnotation(_selected, review);
                    AddButton(review);
                }
                break;

            case "RemoveReviewNote":
                if (_selected != null && _annotation.Annotation is ReviewNote reviewNote &&
                    MessageBox.Show("You are about to remove the currently selected Review Note. Are you sure?",
                                    "Remove Review Note", MessageBoxButtons.OKCancel, MessageBoxIcon.Warning,
                                    MessageBoxDefaultButton.Button2) == DialogResult.OK)
                {
                    schemaManager.RemoveAnnotation(_selected, reviewNote);
                    _annotation.Annotation = null;
                    RemoveButton(reviewNote);
                }
                break;

            case "Export":
                var saveFileDialog = new SaveFileDialog()
                {
                    AddExtension       = true,
                    AutoUpgradeEnabled = true,
                    CheckFileExists    = false,
                    CheckPathExists    = true,
                    RestoreDirectory   = true,
                    DefaultExt         = "csv",
                    Filter             = "CSV file (*.csv)|*.csv",
                    Title         = "Create CSV file",
                    ValidateNames = true
                };
                if (saveFileDialog.ShowDialog(Form.ActiveForm) == DialogResult.OK)
                {
                    ExportCsv(saveFileDialog.FileName);
                }
                break;

            case "Refresh":
                LoadModel();
                break;
            }

            _right.ResumeLayout();
        }
예제 #5
0
 private void Generate([NotNull] Question question, [NotNull] IPropertiesContainer container,
                       [NotNull] AnnotationsPropertySchemaManager schemaManager)
 {
     if (question.Rule?.Evaluate(container) ?? false)
     {
         schemaManager.AddAnnotation(container, new TopicToBeClarified()
         {
             Text = question.Text
         });
     }
 }
예제 #6
0
        private bool Generate([NotNull] IThreatModel model)
        {
            var result = false;

            var schemaManager = new QuestionsPropertySchemaManager(model);
            var questions     = schemaManager.GetQuestions()?.ToArray();

            if (questions?.Any() ?? false)
            {
                var asm = new AnnotationsPropertySchemaManager(model);
                var pt  = asm.GetAnnotationsPropertyType();

                var ei  = model.Entities?.OfType <IExternalInteractor>().OrderBy(x => x.Name);
                var p   = model.Entities?.OfType <IProcess>().OrderBy(x => x.Name);
                var ds  = model.Entities?.OfType <IDataStore>().OrderBy(x => x.Name);
                var f   = model.DataFlows?.OrderBy(x => x.Name);
                var tb  = model.Groups?.OfType <ITrustBoundary>().OrderBy(x => x.Name);
                var te  = model.GetThreatEvents()?.OrderBy(x => x.Name);
                var tem = model.GetThreatEventMitigations()?
                          .OrderBy(x => x.Mitigation.Name)
                          .ThenBy(x => x.ThreatEvent.Name)
                          .ThenBy(x => x.ThreatEvent.Parent.Name);
                var tt = model.ThreatTypes?.OrderBy(x => x.Name);
                var km = model.Mitigations?.OrderBy(x => x.Name);
                var sm = model.GetThreatTypeMitigations()?
                         .OrderBy(x => x.Mitigation.Name)
                         .ThenBy(x => x.ThreatType.Name);
                var et  = model.EntityTemplates?.OrderBy(x => x.Name);
                var ft  = model.FlowTemplates?.OrderBy(x => x.Name);
                var tbt = model.TrustBoundaryTemplates?.OrderBy(x => x.Name);

                foreach (var question in questions)
                {
                    Generate(question, ei, asm);
                    Generate(question, p, asm);
                    Generate(question, ds, asm);
                    Generate(question, f, asm);
                    Generate(question, tb, asm);
                    Generate(question, te, asm);
                    Generate(question, tem, asm);
                    Generate(question, tt, asm);
                    Generate(question, km, asm);
                    Generate(question, sm, asm);
                    Generate(question, et, asm);
                    Generate(question, ft, asm);
                    Generate(question, tbt, asm);
                    Generate(question, model, asm);
                }

                result = true;
            }

            return(result);
        }
예제 #7
0
 public void Dispose()
 {
     _model.PropertyAdded        -= PropertyUpdated;
     _model.PropertyRemoved      -= PropertyUpdated;
     _model.PropertyValueChanged -= PropertyUpdated;
     _model.ChildPropertyAdded   -= ChildPropertyUpdated;
     _model.ChildPropertyChanged -= ChildPropertyUpdated;
     _model.ChildPropertyChanged -= ChildPropertyUpdated;
     _schemaManager = null;
     _propertyType  = null;
     _model         = null;
 }
예제 #8
0
        private bool Execute([NotNull] IPropertiesContainer container)
        {
            bool result = false;

            if (container is IThreatModelChild child)
            {
                var schemaManager = new AnnotationsPropertySchemaManager(child.Model);
                result = schemaManager.EnableAnnotations(container);
            }

            return(result);
        }
예제 #9
0
        private void Generate([NotNull] Question question,
                              IEnumerable <IPropertiesContainer> containers, AnnotationsPropertySchemaManager schemaManager)
        {
            var items = containers?.ToArray();

            if (items?.Any() ?? false)
            {
                foreach (var item in items)
                {
                    Generate(question, item, schemaManager);
                }
            }
        }
예제 #10
0
        public bool Execute()
        {
            bool result = false;

            var dialog = new AnnotationDialog(_model, _container, new ReviewNote());

            if (dialog.ShowDialog(Form.ActiveForm) == DialogResult.OK)
            {
                var schemaManager = new AnnotationsPropertySchemaManager(_model);
                schemaManager.AddAnnotation(_container, dialog.Annotation);
                result = true;
            }

            return(result);
        }
예제 #11
0
        public void Initialize([NotNull] IThreatModel model)
        {
            if (_model != null)
            {
                Dispose();
            }

            _model                       = model;
            _schemaManager               = new AnnotationsPropertySchemaManager(model);
            _propertyType                = _schemaManager.GetAnnotationsPropertyType();
            _model.PropertyAdded        += PropertyUpdated;
            _model.PropertyRemoved      += PropertyUpdated;
            _model.PropertyValueChanged += PropertyUpdated;
            _model.ChildPropertyAdded   += ChildPropertyUpdated;
            _model.ChildPropertyChanged += ChildPropertyUpdated;
            _model.ChildPropertyChanged += ChildPropertyUpdated;
        }
예제 #12
0
        private bool GeneratePdf([Required] string fileName)
        {
            using (var doc = new PdfDocument(PdfConformanceLevel.None))
            {
                doc.PageSettings.Orientation = PdfPageOrientation.Portrait;
                var page = doc.Pages.Add();
                var y    = AddPdfHeader(page);

                var font    = new PdfStandardFont(PdfFontFamily.Helvetica, 12);
                var minSize = font.MeasureString("Ag");
                _minTextHeight = minSize.Height;
                var healthIndex = _analyzersManager.Analyze(_model,
                                                            QualityPropertySchemaManager.IsFalsePositive,
                                                            out var outcomes);
                AddSummary(doc, page, y + 10, font, healthIndex, outcomes);

                var analyzers = QualityAnalyzersManager.QualityAnalyzers?.ToArray();
                if (analyzers?.Any() ?? false)
                {
                    foreach (var analyzer in analyzers)
                    {
                        var outcome = outcomes?.FirstOrDefault(x => x.Id == analyzer.GetExtensionId());
                        if (outcome != null)
                        {
                            AddOutcomePage(doc, font, analyzer, outcome);
                        }
                    }
                }

                var schemaManager = new AnnotationsPropertySchemaManager(_model);
                var propertyType  = schemaManager.GetAnnotationsPropertyType();
                var containers    = GetContainers(schemaManager, propertyType)?.ToArray();
                if (containers?.Any() ?? false)
                {
                    AddReviewNotesPage(doc, font, containers, schemaManager, propertyType);
                }

                AddFooters(doc, font);

                doc.Save(fileName);
            }

            return(true);
        }
예제 #13
0
        private void Generate([NotNull] Question question,
                              IEnumerable <IPropertiesContainer> containers, AnnotationsPropertySchemaManager schemaManager)
        {
            var items = containers?.ToArray();

            if (items?.Any() ?? false)
            {
                foreach (var item in items)
                {
                    if (question.Rule?.Evaluate(item) ?? false)
                    {
                        schemaManager.AddAnnotation(item, new TopicToBeClarified()
                        {
                            Text = question.Text
                        });
                    }
                }
            }
        }
예제 #14
0
        public bool Execute()
        {
            var result = false;

            if (_annotation is TopicToBeClarified topicToBeClarified)
            {
                var dialog = new AnnotationDialog(_model, _container, topicToBeClarified, true);
                if (dialog.ShowDialog(Form.ActiveForm) == DialogResult.Abort)
                {
                    var schemaManager = new AnnotationsPropertySchemaManager(_model);
                    schemaManager.RemoveAnnotation(_container, topicToBeClarified);
                }

                result = true;
            }
            else if (_annotation is Highlight highlight)
            {
                var dialog = new AnnotationDialog(_model, _container, highlight, true);
                if (dialog.ShowDialog(Form.ActiveForm) == DialogResult.Abort)
                {
                    var schemaManager = new AnnotationsPropertySchemaManager(_model);
                    schemaManager.RemoveAnnotation(_container, highlight);
                }

                result = true;
            }
            else if (_annotation is ReviewNote reviewNote)
            {
                var dialog = new AnnotationDialog(_model, _container, reviewNote, true);
                if (dialog.ShowDialog(Form.ActiveForm) == DialogResult.Abort)
                {
                    var schemaManager = new AnnotationsPropertySchemaManager(_model);
                    schemaManager.RemoveAnnotation(_container, reviewNote);
                }

                result = true;
            }

            return(result);
        }
예제 #15
0
        private IEnumerable <IPropertiesContainer> GetContainers([NotNull] AnnotationsPropertySchemaManager schemaManager,
                                                                 [NotNull] IPropertyType propertyType)
        {
            var list = new List <IPropertiesContainer>();

            Add(list, _model.GetExternalInteractors(schemaManager, propertyType, null));
            Add(list, _model.GetProcesses(schemaManager, propertyType, null));
            Add(list, _model.GetDataStores(schemaManager, propertyType, null));
            Add(list, _model.GetFlows(schemaManager, propertyType, null));
            Add(list, _model.GetTrustBoundaries(schemaManager, propertyType, null));
            Add(list, _model.GetThreatEvents(schemaManager, propertyType, null));
            Add(list, _model.GetThreatEventMitigations(schemaManager, propertyType, null));
            Add(list, _model.GetThreatTypes(schemaManager, propertyType, null));
            Add(list, _model.GetKnownMitigations(schemaManager, propertyType, null));
            Add(list, _model.GetStandardMitigations(schemaManager, propertyType, null));
            Add(list, _model.GetEntityTemplates(schemaManager, propertyType, null));
            Add(list, _model.GetFlowTemplates(schemaManager, propertyType, null));
            Add(list, _model.GetTrustBoundaryTemplates(schemaManager, propertyType, null));
            Add(list, _model.GetDiagrams(schemaManager, propertyType, null));

            return(list);
        }
예제 #16
0
        public bool IsVisible(object item)
        {
            bool result = false;

            IThreatModel model = null;

            if (item is IThreatModelChild child)
            {
                model = child.Model;
            }
            else if (item is IThreatModel threatModel)
            {
                model = threatModel;
            }

            if (model != null && item is IPropertiesContainer container)
            {
                var schemaManager = new AnnotationsPropertySchemaManager(model);
                result = !schemaManager.AreAnnotationsEnabled(container);
            }

            return(result);
        }
예제 #17
0
        public void ExecuteCustomAction([NotNull] IActionDefinition action)
        {
            var schemaManager = new AnnotationsPropertySchemaManager(_model);

            _right.SuspendLayout();

            switch (action.Name)
            {
            case "AddNotes":
                if (_selected != null)
                {
                    var notes = new Annotation();
                    schemaManager.AddAnnotation(_selected, notes);
                    AddButton(notes);
                }
                break;

            case "AddTopic":
                if (_selected != null)
                {
                    var topic = new TopicToBeClarified();
                    schemaManager.AddAnnotation(_selected, topic);
                    AddButton(topic);
                }
                break;

            case "AddHighlight":
                if (_selected != null)
                {
                    var high = new Highlight();
                    schemaManager.AddAnnotation(_selected, high);
                    AddButton(high);
                }
                break;

            case "RemoveNotes":
                if (_selected != null && _annotation.Annotation is Annotation annotation &&
                    MessageBox.Show("You are about to remove the currently selected Note. Are you sure?",
                                    "Remove Notes", MessageBoxButtons.OKCancel, MessageBoxIcon.Warning,
                                    MessageBoxDefaultButton.Button2) == DialogResult.OK)
                {
                    schemaManager.RemoveAnnotation(_selected, annotation);
                    _annotation.Annotation = null;
                    RemoveButton(annotation);
                }
                break;

            case "RemoveTopic":
                if (_selected != null && _annotation.Annotation is TopicToBeClarified toBeClarified &&
                    MessageBox.Show("You are about to remove the currently selected Topic. Are you sure?",
                                    "Remove Topic", MessageBoxButtons.OKCancel, MessageBoxIcon.Warning,
                                    MessageBoxDefaultButton.Button2) == DialogResult.OK)
                {
                    schemaManager.RemoveAnnotation(_selected, toBeClarified);
                    _annotation.Annotation = null;
                    RemoveButton(toBeClarified);
                }
                break;

            case "RemoveHighlight":
                if (_selected != null && _annotation.Annotation is Highlight highlight &&
                    MessageBox.Show("You are about to remove the currently selected Highlight. Are you sure?",
                                    "Remove Highlight", MessageBoxButtons.OKCancel, MessageBoxIcon.Warning,
                                    MessageBoxDefaultButton.Button2) == DialogResult.OK)
                {
                    schemaManager.RemoveAnnotation(_selected, highlight);
                    _annotation.Annotation = null;
                    RemoveButton(highlight);
                }
                break;

            case "ShowOpenTopics":
                _show = WhatToShow.OpenTopicsOnly;
                LoadModel();
                ChangeCustomActionStatus?.Invoke("ShowOpenTopics", false);
                ChangeCustomActionStatus?.Invoke("ShowHighlights", true);
                ChangeCustomActionStatus?.Invoke("ShowReviewNotes", true);
                ChangeCustomActionStatus?.Invoke("ShowAll", true);
                break;

            case "ShowHighlights":
                _show = WhatToShow.HighlightsOnly;
                LoadModel();
                ChangeCustomActionStatus?.Invoke("ShowOpenTopics", true);
                ChangeCustomActionStatus?.Invoke("ShowHighlights", false);
                ChangeCustomActionStatus?.Invoke("ShowReviewNotes", true);
                ChangeCustomActionStatus?.Invoke("ShowAll", true);
                break;

            case "ShowAll":
                _show = WhatToShow.All;
                LoadModel();
                ChangeCustomActionStatus?.Invoke("ShowOpenTopics", true);
                ChangeCustomActionStatus?.Invoke("ShowHighlights", true);
                ChangeCustomActionStatus?.Invoke("ShowReviewNotes", true);
                ChangeCustomActionStatus?.Invoke("ShowAll", false);
                break;

            case "ExportOpen":
                var saveFileDialog = new SaveFileDialog()
                {
                    AddExtension       = true,
                    AutoUpgradeEnabled = true,
                    CheckFileExists    = false,
                    CheckPathExists    = true,
                    RestoreDirectory   = true,
                    DefaultExt         = "csv",
                    Filter             = "CSV file (*.csv)|*.csv|Excel file (*.xlsx)|*.xlsx",
                    Title         = "Create a file with open Topics",
                    ValidateNames = true
                };
                if (saveFileDialog.ShowDialog(Form.ActiveForm) == DialogResult.OK)
                {
                    ExportCsv(saveFileDialog.FileName, true);
                }
                break;

            case "ExportAll":
                var saveFileDialog2 = new SaveFileDialog()
                {
                    AddExtension       = true,
                    AutoUpgradeEnabled = true,
                    CheckFileExists    = false,
                    CheckPathExists    = true,
                    RestoreDirectory   = true,
                    DefaultExt         = "csv",
                    Filter             = "CSV file (*.csv)|*.csv|Excel file (*.xlsx)|*.xlsx",
                    Title         = "Create a file with all Topics",
                    ValidateNames = true
                };
                if (saveFileDialog2.ShowDialog(Form.ActiveForm) == DialogResult.OK)
                {
                    ExportCsv(saveFileDialog2.FileName, false);
                }
                break;

            case "Refresh":
                LoadModel();
                break;
            }

            _right.ResumeLayout();
        }
예제 #18
0
        private void AddReviewNotesPage([NotNull] PdfDocument doc, [NotNull] PdfStandardFont font,
                                        [NotNull] IEnumerable <IPropertiesContainer> containers, [NotNull] AnnotationsPropertySchemaManager schemaManager,
                                        [NotNull] IPropertyType propertyType)
        {
            string  objectType = null;
            string  name       = null;
            string  text       = null;
            Bitmap  image      = null;
            var     y          = 0f;
            PdfPage page       = null;
            var     textSize   = SizeF.Empty;

            foreach (var container in containers)
            {
                if (container is IDataFlow flow)
                {
                    objectType = _model.GetIdentityTypeName(flow);
                    name       = flow.Name;
                    text       = $"From {_model.GetIdentityTypeName(flow.Source)} '{flow.Source.Name}' to {_model.GetIdentityTypeName(flow.Target)} '{flow.Target.Name}'";
                    image      = flow.GetImage(ImageSize.Medium);
                }
                else if (container is IThreatEvent threatEvent)
                {
                    objectType = _model.GetIdentityTypeName(threatEvent);
                    name       = threatEvent.Name;
                    text       = $"Applied to {_model.GetIdentityTypeName(threatEvent.Parent)} '{threatEvent.Parent.Name}'";
                    image      = threatEvent.GetImage(ImageSize.Medium);
                }
                else if (container is IIdentity identity)
                {
                    objectType = _model.GetIdentityTypeName(identity);
                    name       = identity.Name;
                    text       = null;
                    image      = identity.GetImage(ImageSize.Medium);
                }
                else if (container is IThreatEventMitigation threatEventMitigation)
                {
                    objectType = "Threat Event Mitigation";
                    name       = threatEventMitigation.Mitigation.Name;
                    text       = $"Associated to Threat Event '{threatEventMitigation.ThreatEvent.Name}' on '{threatEventMitigation.ThreatEvent.Parent.Name}'";
                    image      = Icons.Resources.mitigations;
                }
                else if (container is IThreatTypeMitigation threatTypeMitigation)
                {
                    objectType = "Threat Type Mitigation";
                    name       = threatTypeMitigation.Mitigation.Name;
                    text       = $"Associated to Threat Type '{threatTypeMitigation.ThreatType.Name}'";
                    image      = Icons.Resources.standard_mitigations;
                }
                else
                {
                    objectType = null;
                    name       = null;
                    text       = null;
                    image      = null;
                }

                var reviewNotes = schemaManager.GetAnnotations(container)?.OfType <ReviewNote>().ToArray();
                if (reviewNotes?.Any() ?? false)
                {
                    PdfImage img;
                    foreach (var reviewNote in reviewNotes)
                    {
                        if (y == 0 || (y > page.Graphics.ClientSize.Height - textSize.Height * 10))
                        {
                            y    = 0;
                            page = doc.Pages.Add();

                            textSize = WriteText(page, "Review Notes", new PdfStandardFont(font, font.Size, PdfFontStyle.Bold), 0, 0);
                            y        = textSize.Height + 10;
                            page.Graphics.DrawLine(PdfPens.Black, 0, y, page.Graphics.ClientSize.Width, y);
                            y += 10;
                        }

                        if (image != null && objectType != null && name != null)
                        {
                            img = PdfImage.FromImage(image);
                            page.Graphics.DrawImage(img, new RectangleF(0, y, 16, 16));
                            textSize = WriteText(page, $"{objectType}: {name}", font, 18, y + 2);
                            if (text != null)
                            {
                                y       += textSize.Height + 5;
                                textSize = WriteText(page, text, font, 18, y);
                            }
                            y       += textSize.Height + 5;
                            textSize = WriteText(page, reviewNote.Text, font, 18, y);
                            y       += textSize.Height + 5;
                            textSize = WriteText(page, $"Note created by {reviewNote.CreatedBy} on {reviewNote.CreatedOn.ToShortDateString()} and modified by {reviewNote.ModifiedBy} on {reviewNote.ModifiedOn.ToShortDateString()}", font, 18, y);

                            y += textSize.Height + 10;
                        }
                    }
                }
            }
        }