private GridRow AddGridRow([NotNull] IThreatType threatType, [NotNull] IEnumerable <IThreatEvent> threatEvents, [NotNull] GridPanel panel) { var row = new GridRow( threatType.Name, threatEvents .Select(x => x.Severity) .OrderByDescending(x => x, new SeverityComparer()) .FirstOrDefault()); ((INotifyPropertyChanged)threatType).PropertyChanged += OnThreatTypePropertyChanged; row.Tag = threatType; row.Cells[0].CellStyles.Default.Image = threatType.GetImage(ImageSize.Small); panel.Rows.Add(row); for (int i = 0; i < row.Cells.Count; i++) { row.Cells[i].PropertyChanged += OnThreatTypeCellChanged; } var subPanel = CreateThreatEventsPanel(threatType, threatEvents); if (subPanel != null) { row.Rows.Add(subPanel); } return(row); }
private bool IsSelected([NotNull] IThreatType item, string filter, AutoThreatTypeListFilter filterSpecial, string filterRule) { bool result; var mitigations = item.Mitigations?.Where(x => x != null).ToArray(); if (string.IsNullOrWhiteSpace(filter)) { result = true; } else { result = item.Filter(filter); if (!result && (mitigations?.Any() ?? false)) { foreach (var mitigation in mitigations) { result = mitigation.Mitigation.Filter(filter); if (result) { break; } } } } if (result) { switch (filterSpecial) { case AutoThreatTypeListFilter.NoGenRule: result = !HasSelectionRule(item); break; case AutoThreatTypeListFilter.NoMitigationGenRule: result = !(item.Mitigations?.All(HasSelectionRule) ?? true); break; } } if (result && _ruleFilter.Checked && !string.IsNullOrWhiteSpace(filterRule)) { result = FilterRule(item, filterRule); if (!result && (mitigations?.Any() ?? false)) { foreach (var mitigation in mitigations) { result = FilterRule(mitigation.Mitigation, filterRule); if (result) { break; } } } } return(result); }
public void Initialize([NotNull] IThreatType threatType) { _threatType = threatType; _model = threatType.Model; _standardMitigationsContainer.Visible = false; InitializeGrid(false); InitializeItem(threatType); var existingMitigations = threatType.Mitigations?.ToArray(); var mitigations = _model?.Mitigations?.OrderBy(x => x.Name); if (mitigations != null) { var defaultStrength = _model.GetStrength((int)DefaultStrength.Average); foreach (var mitigation in mitigations) { var existingMitigation = existingMitigations?.FirstOrDefault(x => x.MitigationId == mitigation.Id); var row = new GridRow(mitigation.Name, mitigation.ControlType.GetEnumLabel(), existingMitigation?.Strength ?? defaultStrength); row.Tag = mitigation; row.Checked = existingMitigation != null; _grid.PrimaryGrid.Rows.Add(row); } } }
private GridRow AddGridRow([NotNull] IThreatType threatType, [NotNull] GridPanel panel) { bool rule = HasSelectionRule(threatType); var row = new GridRow( threatType.Name, rule ? "Edit Rule" : "Create Rule"); ((INotifyPropertyChanged)threatType).PropertyChanged += OnThreatTypePropertyChanged; threatType.PropertyValueChanged += OnThreatTypePropertyValueChanged; row.Tag = threatType; UpdateMitigationLevel(threatType, row); panel.Rows.Add(row); row.Cells[0].PropertyChanged += OnThreatTypeCellChanged; threatType.ThreatTypeMitigationAdded += OnThreatTypeMitigationAdded; threatType.ThreatTypeMitigationRemoved += OnThreatTypeMitigationRemoved; if (threatType.Mitigations?.Any() ?? false) { var subPanel = CreateMitigationsPanel(threatType); if (subPanel != null) { row.Rows.Add(subPanel); } } return(row); }
public IThreatEvent AddThreatEvent(IThreatType threatType) { if (!(IsInitialized?.Get() ?? false)) { return(null); } IThreatEvent result = null; var threatEventsContainer = ThreatEventsContainer?.Get(); if ((_threatEvents?.All(x => x.ThreatTypeId != threatType.Id) ?? true) && threatEventsContainer is IIdentity identity) { result = new ThreatEvent(Model?.Get(), threatType, identity); if (_threatEvents == null) { _threatEvents = new List <IThreatEvent>(); } _threatEvents.Add(result); Dirty.IsDirty = true; _threatEventAdded?.Invoke(threatEventsContainer, result); } return(result); }
private static bool ApplyThreatType([NotNull] IIdentity identity, [NotNull] IThreatType threatType, [NotNull] IJsonSerializableObjectPropertyType propertyType) { bool result = false; var property = threatType.GetProperty(propertyType); if (property is IPropertyJsonSerializableObject jsonProperty && jsonProperty.Value is SelectionRule rule && rule.Evaluate(identity) && identity is IThreatEventsContainer container) { var threatEvent = container.AddThreatEvent(threatType); if (threatEvent == null) { threatEvent = container.ThreatEvents.FirstOrDefault(x => x.ThreatTypeId == threatType.Id); } else { result = true; } if (threatEvent != null) { result |= threatEvent.ApplyMitigations(propertyType); } } return(result); }
public ThreatTypeMitigationSelectionDialog([NotNull] IThreatType threatType) : this() { _threatType = threatType; _threatTypeName.Text = threatType.Name; var strengths = _threatType.Model?.Strengths?.ToArray(); if (strengths?.Any() ?? false) { _strength.Items.AddRange(strengths); _strengthExisting.Items.AddRange(strengths); } var alreadyIncludedMitigations = threatType.Mitigations?.ToArray(); var mitigations = threatType.Model?.Mitigations? .Where(x => !(alreadyIncludedMitigations?.Any(y => y.MitigationId == x.Id) ?? false)) .OrderBy(x => x.Name) .ToArray(); if (mitigations?.Any() ?? false) { _existingMitigation.Items.AddRange(mitigations); _existingMitigation.Tag = mitigations; } else { _createNew.Checked = true; _associateExisting.Enabled = false; EnableControls(); } }
private static bool ApplyThreatType([NotNull] IIdentity identity, [NotNull] IThreatType threatType, [NotNull] SelectionRule rule) { bool result = false; if (rule.Evaluate(identity) && identity is IThreatEventsContainer container) { var threatEvent = container.AddThreatEvent(threatType); if (threatEvent == null) { threatEvent = container.ThreatEvents.FirstOrDefault(x => x.ThreatTypeId == threatType.Id); } else { result = true; } if (threatEvent != null) { result |= threatEvent.ApplyMitigations(); } } return(result); }
private GridRow AddGridRow([NotNull] IThreatType threatType, [NotNull] GridPanel panel) { var row = new GridRow( threatType.Name, threatType.Severity); ((INotifyPropertyChanged)threatType).PropertyChanged += OnThreatTypePropertyChanged; row.Tag = threatType; UpdateMitigationLevel(threatType, row); panel.Rows.Add(row); for (int i = 0; i < row.Cells.Count; i++) { row.Cells[i].PropertyChanged += OnThreatTypeCellChanged; } threatType.ThreatTypeMitigationAdded += OnThreatTypeMitigationAdded; threatType.ThreatTypeMitigationRemoved += OnThreatTypeMitigationRemoved; if (threatType.Mitigations?.Any() ?? false) { var subPanel = CreateMitigationsPanel(threatType); if (subPanel != null) { row.Rows.Add(subPanel); } } return(row); }
public IThreatEvent AddThreatEvent(IThreatType threatType) { IThreatEvent result = null; if (threatType != null && Instance is IIdentity identity) { IThreatModel model = (Instance as IThreatModel) ?? (Instance as IThreatModelChild)?.Model; if (model != null) { if (_threatEvents?.All(x => x.ThreatTypeId != threatType.Id) ?? true) { result = new ThreatEvent(model, threatType, identity); if (_threatEvents == null) { _threatEvents = new List <IThreatEvent>(); } _threatEvents.Add(result); if (Instance is IDirty dirtyObject) { dirtyObject.SetDirty(); } if (Instance is IThreatEventsContainer container) { _threatEventAdded?.Invoke(container, result); } } } } return(result); }
public Row([NotNull] IThreatType threatType, [NotNull] ISeverity severity, IEnumerable <IThreatEventMitigation> mitigations) { RowType = RowType.ThreatType; Values = new [] { threatType.Name, severity.Name, null }; Identity = threatType; SeverityTextColor = severity.TextColor; SeverityBackColor = severity.BackColor; Mitigations = mitigations; }
private GraphThreatTypeNode CreateNode([NotNull] IThreatType threatType, ref float width, ref float height) { var result = new GraphThreatTypeNode(threatType); width = Math.Max(width, result.Width); height = Math.Max(height, result.Height); return(result); }
private GridPanel CreateMitigationsPanel([NotNull] IThreatType threatType) { GridPanel result = null; if (!string.IsNullOrWhiteSpace(threatType.Name)) { result = new GridPanel { Name = "Mitigations", AllowRowDelete = false, AllowRowInsert = false, AllowRowResize = true, ShowRowDirtyMarker = false, ShowTreeButtons = false, ShowTreeLines = false, ShowRowHeaders = false, InitialSelection = RelativeSelection.None, }; result.Columns.Add(new GridColumn("Name") { HeaderText = "Mitigation Name", AutoSizeMode = ColumnAutoSizeMode.Fill, DataType = typeof(string), AllowEdit = false }); result.Columns.Add(new GridColumn("AutoGenRule") { HeaderText = "Automatic Threat Generation Rule", DataType = typeof(string), Width = 200, EditorType = typeof(GridButtonXEditControl) }); var bc = result.Columns["AutoGenRule"].EditControl as GridButtonXEditControl; if (bc != null) { bc.Click += BcMitigationButtonClick; } var mitigations = threatType.Mitigations? .OrderBy(x => x.Mitigation.Name) .ToArray(); if (mitigations?.Any() ?? false) { foreach (var mitigation in mitigations) { AddGridRow(mitigation, result); } } } return(result); }
public ThreatTypeMitigation([NotNull] IThreatModel model, [NotNull] IThreatType threatType, [NotNull] IMitigation mitigation, IStrength strength) : this() { _model = model; _modelId = model.Id; _threatTypeId = threatType.Id; _threatType = threatType; _mitigationId = mitigation.Id; _mitigation = mitigation; Strength = strength; }
private void _ok_Click(object sender, EventArgs e) { if (IsValid()) { _threatType = _model.AddThreatType(_name.Text, _severity.SelectedItem as ISeverity); if (!string.IsNullOrWhiteSpace(_description.Text)) { _threatType.Description = _description.Text; } } }
public void Add([NotNull] IThreatType threatType) { if (_threatTypes == null) { _threatTypes = new List <IThreatType>(); } _threatTypes.Add(threatType); SetDirty(); ChildCreated?.Invoke(threatType); }
private void _ok_Click(object sender, EventArgs e) { if (_createNew.Checked && !string.IsNullOrWhiteSpace(_name.Text) && _severity.SelectedItem is ISeverity severity) { _threatType = _model.AddThreatType(_name.Text, severity); if (_threatType != null) { _threatType.Description = _description.Text; } } }
public SelectSeverityDialog([NotNull] IThreatType threatType) : this() { _threatTypeName.Text = threatType.Name; if (threatType.Model is IThreatModel model) { var severities = model.Severities?.Where(x => x.Visible).ToArray(); if (severities?.Any() ?? false) { _severities.Items.AddRange(severities); } } }
public IThreatType AddThreatType([Required] string name, [NotNull] ISeverity severity) { IThreatType result = null; if (GetThreatType(name) == null) { result = new ThreatType(this, name, severity); Add(result); RegisterEvents(result); } return(result); }
private void RemoveRelated([NotNull] IThreatType threatType) { RemoveRelatedForEntities(threatType); RemoveRelatedForDataFlows(threatType); var events = ThreatEvents?.Where(x => x.ThreatTypeId == threatType.Id).ToArray(); if (events?.Any() ?? false) { foreach (var threatEvent in events) { RemoveThreatEvent(threatEvent.Id); } } }
public void Add([NotNull] IThreatType threatType) { if (_threatTypes == null) { _threatTypes = new List <IThreatType>(); } _threatTypes.Add(threatType); if (this == ThreatModelManager.Model) { Dirty.IsDirty = true; ChildCreated?.Invoke(threatType); } }
/// <summary> /// Get the maximum severity applied to the Threat Events derived from the specific Threat Type. /// </summary> /// <param name="threatType">Threat Type to be analyzed.</param> /// <returns>Maximum severity applied to Threat Events derived from the Threat Type.</returns> public static ISeverity GetTopSeverity(this IThreatType threatType) { ISeverity result = null; var model = threatType.Model; if (model != null) { var modelTe = model.ThreatEvents?.Where(x => x.ThreatTypeId == threatType.Id) .OrderByDescending(x => x.SeverityId).FirstOrDefault(); if (modelTe != null) { result = modelTe.Severity; } var entitiesTe = model.Entities? .Select(e => e.ThreatEvents?.Where(x => x.ThreatTypeId == threatType.Id) .OrderByDescending(x => x.SeverityId).FirstOrDefault()) .Where(x => x != null).ToArray(); if (entitiesTe?.Any() ?? false) { foreach (var entityTe in entitiesTe) { if (result == null || entityTe.SeverityId > result.Id) { result = entityTe.Severity; } } } var flowsTe = model.DataFlows? .Select(e => e.ThreatEvents?.Where(x => x.ThreatTypeId == threatType.Id) .OrderByDescending(x => x.SeverityId).FirstOrDefault()) .Where(x => x != null).ToArray(); if (flowsTe?.Any() ?? false) { foreach (var flowTe in flowsTe) { if (result == null || flowTe.SeverityId > result.Id) { result = flowTe.Severity; } } } } return(result); }
private void CreateGenerationRule([NotNull] ThreatModel model, [NotNull] ThreatType source, [NotNull] IThreatType target) { SelectionRuleNode include = AnalyzeGenerationRule(model, target.Model, source.IncludeFilter); SelectionRuleNode exclude = AnalyzeGenerationRule(model, target.Model, source.ExcludeFilter); SelectionRule rule = null; var andNode = new AndRuleNode() { Name = "AND" }; if (include != null) { andNode.Children.Add(include); } if (exclude != null) { andNode.Children.Add(new NotRuleNode() { Name = "NOT", Child = exclude }); } if (andNode.Children.Any()) { andNode.Children.Add(new BooleanRuleNode("Out of Scope", Resources.DefaultNamespace, Resources.TmtFlowPropertySchema, false) { Scope = AutoThreatGeneration.Engine.Scope.Object }); rule = new SelectionRule() { Root = andNode }; var schemaManager = new AutoThreatGenPropertySchemaManager(target.Model); var propertyType = schemaManager.GetPropertyType(); var property = target.GetProperty(propertyType) ?? target.AddProperty(propertyType, null); if (property is IPropertyJsonSerializableObject jsonSerializableObject) { jsonSerializableObject.Value = rule; } } }
private GridRow GetRow([NotNull] IThreatType threatType) { GridRow result = null; var rows = _grid.PrimaryGrid.Rows.OfType <GridRow>().ToArray(); foreach (var row in rows) { if (row.Tag == threatType) { result = row; break; } } return(result); }
private static void UpdateMitigationLevel([NotNull] IThreatType threatType, [NotNull] GridRow row) { switch (threatType.GetMitigationLevel()) { case MitigationLevel.NotMitigated: row.Cells[0].CellStyles.Default.Image = Resources.threat_circle_small; break; case MitigationLevel.Partial: row.Cells[0].CellStyles.Default.Image = Resources.threat_circle_orange_small; break; case MitigationLevel.Complete: row.Cells[0].CellStyles.Default.Image = Resources.threat_circle_green_small; break; } }
private bool IsSelected([NotNull] IThreatType item, string filter, ThreatTypeListFilter filterSpecial) { bool result; var mitigations = item.Mitigations?.ToArray(); if (string.IsNullOrWhiteSpace(filter)) { result = true; } else { result = item.Filter(filter); if (!result && (mitigations?.Any() ?? false)) { foreach (var mitigation in mitigations) { result = mitigation.Mitigation?.Filter(filter) ?? false; if (result) { break; } } } } if (result) { switch (filterSpecial) { case ThreatTypeListFilter.NoMitigations: result = !(item.Mitigations?.Any() ?? false); break; case ThreatTypeListFilter.NoThreatEvents: result = !((_model.ThreatEvents?.Any(x => x.ThreatTypeId == item.Id) ?? false) || (_model.Entities?.Any(x => x.ThreatEvents?.Any(y => y.ThreatTypeId == item.Id) ?? false) ?? false) || (_model.DataFlows?.Any(x => x.ThreatEvents?.Any(y => y.ThreatTypeId == item.Id) ?? false) ?? false)); break; } } return(result); }
public GraphThreatTypeNode([NotNull] IThreatType threatType) { ThreatType = threatType; Text = threatType.Name; Label = new GoText() { Text = threatType.Name, Selectable = false, Width = 500, Wrapping = false, StringTrimming = StringTrimming.EllipsisCharacter, TextColor = Color.White, FontSize = 9 }; Shape.BrushColor = ThreatModelManager.ThreatsColor; ToolTipText = threatType.Name; }
private int Matches([NotNull] IThreatType threatType, [Required] string filter) { int result = 0; if ((threatType.Name?.IndexOf(filter, StringComparison.OrdinalIgnoreCase) ?? -1) >= 0) { result++; } if ((threatType.Description?.IndexOf(filter, StringComparison.OrdinalIgnoreCase) ?? -1) >= 0) { result++; } var properties = threatType.Properties?.ToArray(); if (properties?.Any() ?? false) { foreach (var property in properties) { if ((property.StringValue?.IndexOf(filter, StringComparison.OrdinalIgnoreCase) ?? -1) >= 0) { result++; } if (property is IPropertyTokens propertyTokens) { var values = propertyTokens.Value?.ToArray(); if (values?.Any() ?? false) { foreach (var value in values) { if (string.Compare(filter, value, StringComparison.OrdinalIgnoreCase) == 0) { result += 10; break; } } } } } } return(result); }
private void RemoveRelatedForDataFlows([NotNull] IThreatType threatType) { var dataFlows = _dataFlows?.ToArray(); if (dataFlows?.Any() ?? false) { foreach (var dataFlow in dataFlows) { var events = dataFlow.ThreatEvents?.Where(x => x.ThreatTypeId == threatType.Id).ToArray(); if (events?.Any() ?? false) { foreach (var threatEvent in events) { dataFlow.RemoveThreatEvent(threatEvent.Id); } } } } }
private void RemoveRelatedForEntities([NotNull] IThreatType threatType) { var entities = _entities?.ToArray(); if (entities?.Any() ?? false) { foreach (var entity in entities) { var events = entity.ThreatEvents?.Where(x => x.ThreatTypeId == threatType.Id).ToArray(); if (events?.Any() ?? false) { foreach (var threatEvent in events) { entity.RemoveThreatEvent(threatEvent.Id); } } } } }