public static void UpdateConfig([NotNull] IThreatModel model)
{
if (_connectors.TryGetValue(model.Id, out var connector))
{
var config = new DevOpsConfigPropertySchemaManager(model);
config.RegisterConnection(connector);
}
}
public static void Register([NotNull] IDevOpsConnector connector, [NotNull] IThreatModel model)
{
Unregister(model);
var config = new DevOpsConfigPropertySchemaManager(model);
config.RegisterConnection(connector);
_connectors.Add(model.Id, connector);
ConnectorAdded?.Invoke(model, connector);
}
public void ExecuteRibbonAction(IThreatModel threatModel, IActionDefinition action)
{
try
{
var connector = DevOpsManager.GetConnector(threatModel);
switch (action.Name)
{
case "Connect":
var dialog = new DevOpsConnectionDialog();
if (connector == null)
{
var schemaManager = new DevOpsConfigPropertySchemaManager(threatModel);
dialog.Connection = schemaManager.ConnectionInfo;
}
else
{
dialog.Connector = connector;
}
if (dialog.ShowDialog(Form.ActiveForm) == DialogResult.OK)
{
connector = dialog.Connector;
var project = dialog.ProjectName;
if (connector != null && !string.IsNullOrWhiteSpace(project))
{
connector.OpenProject(project);
DevOpsManager.Register(connector, threatModel);
ChangeDisconnectButtonStatus(connector, true);
}
}
break;
case "Disconnect":
if (connector != null && MessageBox.Show(Form.ActiveForm,
"You are about to disconnect the current DevOps Connector.\nIf you proceed, all the links between the Threat Model and the DevOps system may be lost.\nAre you sure?",
"DevOps Disconnect", MessageBoxButtons.YesNo, MessageBoxIcon.Warning) ==
DialogResult.Yes)
{
DevOpsManager.Unregister(threatModel);
ChangeDisconnectButtonStatus(null, false);
}
break;
}
}
catch
{
ShowWarning?.Invoke("Connection failed.");
throw;
}
}
public static void Unregister([NotNull] IThreatModel model)
{
if (_connectors.TryGetValue(model.Id, out var connector))
{
connector.Disconnect();
var config = new DevOpsConfigPropertySchemaManager(model);
config.UnregisterConnection();
_connectors.Remove(model.Id);
ConnectorRemoved?.Invoke(model, connector);
}
}
public async void Process(IThreatModel model)
{
Connect.ChangeDisconnectButtonStatus(null, false);
var schemaManager = new DevOpsConfigPropertySchemaManager(model);
var connector = schemaManager.GetDevOpsConnector(out var url, out var project);
if (connector != null && !string.IsNullOrWhiteSpace(url) && !string.IsNullOrWhiteSpace(project))
{
try
{
var tokenManager = new SecretsManager();
var token = tokenManager.GetSecret(url);
if (!string.IsNullOrWhiteSpace(token))
{
connector.Connect(url, token);
var projects = (await connector.GetProjectsAsync())?.ToArray();
if (projects?.Contains(project) ?? false)
{
if (connector.OpenProject(project))
{
DevOpsManager.Register(connector, model);
Connect.ChangeDisconnectButtonStatus(connector, true);
var configManager = new ExtensionConfigurationManager(model, this.GetExtensionId());
configManager.Apply();
await DevOpsManager.UpdateAsync(model);
}
}
else
{
connector.Disconnect();
ShowWarning?.Invoke(
"DevOps system cannot be automatically connected due to an internal error.");
}
}
else
{
ShowWarning?.Invoke(
"DevOps system cannot be automatically connected because no Personal Access Token has been found.");
}
}
catch (Exception exc)
{
ShowWarning?.Invoke($@"DevOps system cannot be automatically connected due to the following error: {exc.Message}. Everything else should be unaffected.");
}
}
}
public bool Execute(IIdentity identity)
{
bool result = false;
if (identity is IThreatModel model)
{
var schemaManager = new DevOpsPropertySchemaManager(model);
var mitigations = model.Mitigations?
.Where(x => schemaManager.GetFirstSeenOn(x) == null)
.ToArray();
if (mitigations?.Any() ?? false)
{
var configSchemaManager = new DevOpsConfigPropertySchemaManager(model);
var iteration = configSchemaManager.CurrentIteration;
if (iteration != null)
{
if (MessageBox.Show(
$"You are about to assign {mitigations.Length} mitigations to the current iteration ('{iteration.Name}')." +
$"\nDo you confirm?", "Bulk assignment to Iteration", MessageBoxButtons.YesNo,
MessageBoxIcon.Information, MessageBoxDefaultButton.Button2) == DialogResult.Yes)
{
foreach (var mitigation in mitigations)
{
schemaManager.SetFirstSeenOn(mitigation, iteration);
}
result = true;
ShowMessage?.Invoke("Assignment to Iteration succeeded.");
}
}
else
{
ShowWarning?.Invoke("No current Iteration is defined.");
}
}
else
{
ShowMessage?.Invoke(
"Nothing to do, because all Mitigations have already been assigned to an Iteration.");
}
}
return(result);
}
public void Process([NotNull] IThreatModel model)
{
var schemaManager = new DevOpsConfigPropertySchemaManager(model);
var connector = schemaManager.GetDevOpsConnector(out var url, out var project);
if (connector != null && !string.IsNullOrWhiteSpace(url) && !string.IsNullOrWhiteSpace(project))
{
var projects = connector.Connect(url);
if (projects.Contains(project))
{
if (connector.OpenProject(project))
{
DevOpsManager.Register(connector, model);
Connect.ChangeDisconnectButtonStatus(connector, true);
var configManager = new ExtensionConfigurationManager(model, this.GetExtensionId());
configManager.Apply();
}
}
}
}
private void LoadModel()
{
var schemaManager = new DevOpsConfigPropertySchemaManager(_model);
var iterations = schemaManager.GetIterations()?.ToArray();
if (iterations?.Any() ?? false)
{
_iterations.Items.AddRange(iterations);
var propertySchemaManager = new DevOpsPropertySchemaManager(_model);
var firstSeenOn = propertySchemaManager.GetFirstSeenOn(_mitigation);
if (firstSeenOn != null)
{
var item = _iterations.Items.OfType <Iteration>()
.FirstOrDefault(x => string.CompareOrdinal(x.Id, firstSeenOn.IterationId) == 0);
if (item != null)
{
_iterations.SelectedItem = item;
}
}
}
}
public void Execute([NotNull] IThreatModel model)
{
var schemaManager = new DevOpsConfigPropertySchemaManager(model);
var iteration = schemaManager.CurrentIteration ?? schemaManager.PreviousIteration;
if (iteration != null)
{
var extensionId = ExtensionUtils.GetExtensionByLabel <IConfigurationPanelFactory <Form> >(
"Extensions Configuration Panel")?.GetExtensionId();
if (extensionId != null)
{
var normalizationReference = model.GetExtensionConfiguration(extensionId)?
.GlobalGet <int>("normalization") ?? 0;
var risk = model.EvaluateRisk(normalizationReference);
if (risk > 0f)
{
schemaManager.SetIterationRisk(iteration, risk);
}
}
}
}
public bool Execute(IIdentity identity)
{
bool result = false;
if (identity is IThreatModel model)
{
var schemaManager = new DevOpsPropertySchemaManager(model);
var mitigations = model.Mitigations?
.Where(x => schemaManager.GetFirstSeenOn(x) != null)
.ToArray();
if (mitigations?.Any() ?? false)
{
var configSchemaManager = new DevOpsConfigPropertySchemaManager(model);
if (MessageBox.Show(
$"You are about to unassign {mitigations.Length} mitigations from the assigned iterations." +
$"\nDo you confirm?", "Bulk unassignment from Iterations", MessageBoxButtons.YesNo,
MessageBoxIcon.Information, MessageBoxDefaultButton.Button2) == DialogResult.Yes)
{
foreach (var mitigation in mitigations)
{
schemaManager.SetFirstSeenOn(mitigation, null);
}
result = true;
ShowMessage?.Invoke("Unassignment from Iterations succeeded.");
}
}
else
{
ShowMessage?.Invoke(
"Nothing to do, because no Mitigation has already been assigned to an Iteration.");
}
}
return(result);
}
public IEnumerable <IRoadmapFilter> GetFilters([NotNull] IThreatModel model)
{
var schemaManager = new DevOpsConfigPropertySchemaManager(model);
return(schemaManager.GetIterations()?.Select(x => new IterationFilter(x)));
}
public void SetThreatModel(IThreatModel threatModel)
{
var schemaManager = new DevOpsConfigPropertySchemaManager(threatModel);
var iterations = schemaManager.GetIterations()?
.OrderBy(x => x.Start)
.ToArray();
if (iterations?.Any() ?? false)
{
var current = schemaManager.CurrentIteration ?? schemaManager.PreviousIteration;
float maxRisk = 0f;
if (Chart?.ChartSeries.FirstOrDefault() is ChartSeries series)
{
SeriesPoint point;
float risk = 0f;
foreach (var iteration in iterations)
{
point = new SeriesPoint(iteration.Name);
if (iteration == current)
{
var extensionId = ExtensionUtils.GetExtensionByLabel <IConfigurationPanelFactory <Form> >(
"Extensions Configuration Panel")?.GetExtensionId();
if (extensionId != null)
{
var normalizationReference = threatModel.GetExtensionConfiguration(extensionId)?
.GlobalGet <int>("normalization") ?? 0;
if (normalizationReference > 0)
{
risk = threatModel.EvaluateRisk(normalizationReference);
if (risk > 0f)
{
schemaManager.SetIterationRisk(iteration, risk);
}
}
}
}
else
{
risk = schemaManager.GetIterationRisk(iteration);
}
point.ValueY = new object[] { ((object)risk) };
series.SeriesPoints.Add(point);
if (maxRisk < risk)
{
maxRisk = risk;
}
}
}
var residualRiskSchemaManager = new ResidualRiskEstimatorPropertySchemaManager(threatModel);
var estimator = residualRiskSchemaManager.SelectedEstimator;
if (estimator != null)
{
var parameters = residualRiskSchemaManager.Parameters?.ToArray();
if (parameters?.Any() ?? false)
{
var infinite = residualRiskSchemaManager.Infinite;
if (infinite < 0)
{
infinite = estimator.DefaultInfinite;
}
var p = parameters.ToDictionary(x => x.Name, x => x.Value);
AcceptableRisk = estimator.GetAcceptableRisk(threatModel, p, infinite, 0);
}
else
{
AcceptableRisk = 0f;
}
if (AcceptableRisk > maxRisk)
{
Chart.AxisY.MaxValue = AcceptableRisk * 1.2f;
}
}
}
}
