private bool Set(IMitigation mitigation, int pos) { bool result = false; var status = GetPaletteWorkItemStatus(pos); try { _loading = true; DevOpsManager.SetMitigationsStatusAsync(mitigation, status); result = true; } catch (WorkItemCreationException) { MoveItem(mitigation, status, WorkItemStatus.Unknown); ShowWarning?.Invoke($"Mitigation creation failed.\nPlease wait a few moments and retry, because the problem may be temporary."); } catch (WorkItemStateChangeException stateChangeException) { MoveItem(mitigation, stateChangeException.FinalStatus, stateChangeException.InitialStatus); ShowWarning?.Invoke($"Mitigation movement failed.\nPlease wait a few moments and retry, because the problem may be temporary."); } finally { _loading = false; } return(result); }
public bool Execute(IIdentity identity) { bool result = false; if (identity is IEntity entity && entity.Model is IThreatModel model && MessageBox.Show(Form.ActiveForm, $"You are about to disassociate the associated diagram from {model.GetIdentityTypeName(entity)} '{entity.Name}'. Are you sure?", "Disassociate Diagram", MessageBoxButtons.YesNo, MessageBoxIcon.Information, MessageBoxDefaultButton.Button2) == DialogResult.Yes) { var schemaManager = new AssociatedDiagramPropertySchemaManager(model); var propertyType = schemaManager.GetAssociatedDiagramIdPropertyType(); if (propertyType != null) { if (entity.GetProperty(propertyType) is IPropertyIdentityReference property && property.ValueId != Guid.Empty) { result = true; property.Value = null; DiagramAssociationHelper.NotifyDiagramDisassociation(entity); ShowMessage?.Invoke("Diagram has been disassociated successfully."); } else { ShowWarning?.Invoke("The Entity is not associated to any Diagram."); } } }
private ILink CreateLink([NotNull] GraphLink glink, [NotNull] GraphEntity source, [NotNull] GraphEntity target) { ILink result = null; var dataFlow = _diagram.Model?.AddDataFlow(glink.Text, source.EntityShape.AssociatedId, target.EntityShape.AssociatedId); if (dataFlow == null) { dataFlow = _diagram.Model?.GetDataFlow(source.EntityShape.AssociatedId, target.EntityShape.AssociatedId); if (dataFlow != null) { result = _diagram.GetLink(dataFlow.Id); if (result == null) { result = _diagram.AddLink(dataFlow); } } else { ShowWarning?.Invoke("The Flow in the Diagram is in an inconsistent status. Please close the Diagram and try again."); } } else { result = _diagram.AddLink(dataFlow); } return(result); }
public bool Execute(IIdentity identity) { if (identity is IEntity entity) { if (entity.GenerateThreatEvents()) { ShowMessage?.Invoke("Threat Events generated successfully."); } else { ShowWarning?.Invoke("No Threat Event or Mitigation has been generated."); } } else if (identity is IDataFlow flow) { if (flow.GenerateThreatEvents()) { ShowMessage?.Invoke("Threat Events generated successfully."); } else { ShowWarning?.Invoke("No Threat Event or Mitigation has been generated."); } } return(true); }
public bool Execute(IIdentity identity) { bool result = false; if (identity is IEntity entity && entity.Model is IThreatModel model) { var schemaManager = new AssociatedDiagramPropertySchemaManager(model); var propertyType = schemaManager.GetAssociatedDiagramIdPropertyType(); if (propertyType != null) { var property = entity.GetProperty(propertyType); if (property is IPropertyIdentityReference identityReference && identityReference.Value is IDiagram diagram) { result = true; var factory = ExtensionUtils.GetExtensionByLabel <IPanelFactory>("Diagram"); if (factory != null) { OpenPanel?.Invoke(factory, diagram); } } } } if (!result) { ShowWarning?.Invoke("The Entity is not associated to any Diagram."); } return(result); }
public void Answer(object context, AnswerType answer) { if (answer == AnswerType.Yes || answer == AnswerType.Ok || answer == AnswerType.No) { if (context is IEntity entity) { if (entity.GenerateThreatEvents(answer == AnswerType.No)) { ShowMessage?.Invoke(Resources.SuccessGeneration); } else { ShowWarning?.Invoke(Resources.WarningNothingGenerated); } } else if (context is IDataFlow flow) { if (flow.GenerateThreatEvents(answer == AnswerType.No)) { ShowMessage?.Invoke(Resources.SuccessGeneration); } else { ShowWarning?.Invoke(Resources.WarningNothingGenerated); } } } }
public void ExecuteRibbonAction(IThreatModel threatModel, IActionDefinition action) { try { switch (action.Name) { case "ApplyAutoGenRules": if (threatModel.HasTop()) { Ask?.Invoke(this, threatModel, Resources.ApplyAutoGenRules_Caption, $"Do you want to generate all Threat Events and Mitigations?\nPress Yes to confirm.\nPress No to generate only the Top Threats and Mitigations.\nPress Cancel to avoid generating anything.", false, RequestOptions.YesNoCancel); } else { Ask?.Invoke(this, threatModel, Resources.ApplyAutoGenRules_Caption, Resources.ApplyAutoGenRules_Confirm, false, RequestOptions.OkCancel); } break; } } catch { ShowWarning?.Invoke("Automatic Threat Event generation failed.\nPlease close the document without saving it."); throw; } }
private bool LoadDocStructure([Required] string fileName) { bool result = false; _loading = true; try { var structure = _reportGenerator.LoadStructure(fileName)?.ToArray(); if (structure?.Any() ?? false) { CreatePlaceholderPanel(PlaceholderSection.Model, structure); CreatePlaceholderPanel(PlaceholderSection.Counter, structure); CreatePlaceholderPanel(PlaceholderSection.Chart, structure); CreatePlaceholderPanel(PlaceholderSection.List, structure); CreatePlaceholderPanel(PlaceholderSection.Table, structure); result = true; } } catch { ShowWarning?.Invoke("An error occurred while loading the reference document structure."); } finally { _loading = false; } return(result); }
public void ExecuteRibbonAction(IThreatModel threatModel, IActionDefinition action) { try { switch (action.Name) { case "SummaryExcel": var dialog = new SaveFileDialog(); dialog.DefaultExt = "xlsx"; dialog.Filter = "Excel 2016 files (*.xlsx)|*.xlsx|All files (*.*)|*.*"; dialog.Title = "Save Summary Excel Report"; dialog.RestoreDirectory = true; if (dialog.ShowDialog(Form.ActiveForm) == DialogResult.OK) { var threats = AnalyzeThreatModel(threatModel); if (threats?.Any() ?? false) { if (CreateReport(dialog.FileName, threats)) { ShowMessage?.Invoke("Summary Excel Report generation succeeded."); } } else { ShowWarning?.Invoke("Summary Excel Report failed because no Threat Events are defined."); } } break; } } catch (Exception exc) { ShowWarning?.Invoke("Summary Excel Report failed."); } }
public void ExecuteRibbonAction(IThreatModel threatModel, IActionDefinition action) { try { switch (action.Name) { case "RemoveThreatEvents": if (MessageBox.Show(Form.ActiveForm, Resources.RemoveAllThreatEvents_Confirm, Resources.RemoveAllThreatEvents_Caption, MessageBoxButtons.OKCancel, MessageBoxIcon.Warning, MessageBoxDefaultButton.Button2) == DialogResult.OK) { Do(threatModel); ShowMessage?.Invoke("Threat Events removed successfully."); } break; } } catch { ShowWarning?.Invoke("Threat Events removal failed.\nPlease close the document without saving it."); throw; } }
private void _namespace_TextChanged(object sender, EventArgs e) { if (!_loading && _schemas.SelectedItem is IPropertySchema schema && (!schema.System || _promoted)) { if (string.IsNullOrWhiteSpace(_namespace.Text)) { _loading = true; _namespace.Text = schema.Namespace; _loading = false; ShowWarning?.Invoke("The Schema namespace cannot be empty."); } else { if (_updaters?.Any() ?? false) { foreach (var updater in _updaters) { updater.UpdateSchemaName(_model, schema.Name, schema.Namespace, schema.Name, _namespace.Text); } } schema.Namespace = _namespace.Text; } } }
public void ExecuteRibbonAction([NotNull] IThreatModel threatModel, [NotNull] IActionDefinition action) { try { switch (action.Name) { case "ImportDocument": var dialog = new OpenFileDialog() { AddExtension = true, CheckFileExists = true, CheckPathExists = true, DefaultExt = "tm7", Filter = "TMT documents (*.tm7)|*.tm7|TMT templates (*.tb7)|*.tb7", FilterIndex = 1, Multiselect = false, RestoreDirectory = true }; if (dialog.ShowDialog(Form.ActiveForm) == DialogResult.OK) { var importer = new Importer(); importer.Import(threatModel, dialog.FileName, Dpi.Factor.Height, HandleUnassignedThreat, out var diagrams, out var externalInteractors, out var processes, out var dataStores, out var flows, out var trustBoundaries, out var entityTypes, out var threatTypes, out var customThreatTypes, out var threats, out var missingThreats); RefreshPanels?.Invoke(this); ShowMessage?.Invoke("TMT7 file imported successfully."); using (var resultDialog = new ImportResultDialog() { Properties = new ImportStatus() { Diagrams = diagrams, ExternalInteractors = externalInteractors, Processes = processes, DataStores = dataStores, DataFlows = flows, TrustBoundaries = trustBoundaries, EntityTypes = entityTypes, ThreatTypes = threatTypes, CustomThreatTypes = customThreatTypes, Threats = threats, MissingThreats = missingThreats } }) { resultDialog.ShowDialog(Form.ActiveForm); } } break; } } catch { ShowWarning?.Invoke("TMT file import failed.\nPlease close the document without saving it."); throw; } }
public void ExecuteCustomAction([NotNull] IActionDefinition action) { string text = null; bool warning = false; try { switch (action.Name) { case "Full": if (SaveFull()) { text = "Document Generation"; } break; case "Open": if (!string.IsNullOrWhiteSpace(_lastDocument) && File.Exists(_lastDocument) && string.CompareOrdinal(Path.GetExtension(_lastDocument), ".docx") == 0) { text = "Document Opening"; Process.Start(_lastDocument); } break; case "Refresh": _docStructure.PrimaryGrid.Rows.Clear(); if (!string.IsNullOrWhiteSpace(_wordFile.Text)) { var file = GetDocumentPath(_model, _wordFile.Text); if (File.Exists(file)) { LoadDocStructure(file); } } else { ShowWarning?.Invoke($"No Reference Word file has been selected."); } break; } if (warning) { ShowWarning?.Invoke(text); } else if (text != null) { ShowMessage?.Invoke($"{text} has been executed successfully."); } } catch { ShowWarning?.Invoke($"An error occurred during the execution of the action."); throw; } }
public void ExecuteCustomAction([NotNull] IActionDefinition action) { string text = null; try { switch (action.Name) { case "ImportChecked": text = "Import of checked Threats"; var checkedNodes = _catalog.CheckedNodes; if (checkedNodes != null) { ImportThreats(checkedNodes); } break; case "ImportSelected": text = "Import of selected Threat"; var selectedNodes = _catalog.SelectedNodes; if (selectedNodes != null) { ImportThreats(selectedNodes); } break; case "CheckAll": _catalog.CheckAll(); break; case "CheckBranch": _catalog.CheckBranch(); break; case "Clear": text = "Reset of selections"; _catalog.ResetSelections(); break; } if (text != null) { ShowMessage?.Invoke($"{text} has been executed successfully."); } } catch { if (text != null) { ShowWarning?.Invoke($"{text} has failed."); } } }
public void ExecuteRibbonAction(IThreatModel threatModel, IActionDefinition action) { try { switch (action.Name) { case "Merge": var dialog = new OpenFileDialog() { AddExtension = true, AutoUpgradeEnabled = true, CheckFileExists = true, CheckPathExists = true, DefaultExt = "tm", DereferenceLinks = true, Filter = "Threat Model (*.tm)|*.tm|Threat Model Template (*.tmt)|*.tmt|Threat Model Json Template (*.tmk)|*.tmk", FilterIndex = 0, Title = "Select file to be merged", RestoreDirectory = true }; if (dialog.ShowDialog(Form.ActiveForm) == DialogResult.OK) { using (var merge = new MergeDialog()) { merge.SetExecutionMode(_executionMode); if (merge.Initialize(threatModel, dialog.FileName)) { if (merge.ShowDialog(Form.ActiveForm) == DialogResult.OK) { RefreshPanels?.Invoke(this); var factory = ExtensionUtils.GetExtensionByLabel <IPanelFactory>("Diagram"); if (factory != null) { ClosePanels?.Invoke(factory); UpdateStatusInfoProviders?.Invoke(); } ShowMessage?.Invoke("Merge succeeded."); } } } } break; } } catch { ShowWarning?.Invoke("Merge failed.\nPlease close the document without saving it."); throw; } }
public void ExecuteRibbonAction(IThreatModel threatModel, IActionDefinition action) { try { var connector = DevOpsManager.GetConnector(threatModel); switch (action.Name) { case "Connect": var dialog = new DevOpsConnectionDialog(); if (connector == null) { var schemaManager = new DevOpsConfigPropertySchemaManager(threatModel); dialog.Connection = schemaManager.ConnectionInfo; } else { dialog.Connector = connector; } if (dialog.ShowDialog(Form.ActiveForm) == DialogResult.OK) { connector = dialog.Connector; var project = dialog.ProjectName; if (connector != null && !string.IsNullOrWhiteSpace(project)) { connector.OpenProject(project); DevOpsManager.Register(connector, threatModel); ChangeDisconnectButtonStatus(connector, true); } } break; case "Disconnect": if (connector != null && MessageBox.Show(Form.ActiveForm, "You are about to disconnect the current DevOps Connector.\nIf you proceed, all the links between the Threat Model and the DevOps system may be lost.\nAre you sure?", "DevOps Disconnect", MessageBoxButtons.YesNo, MessageBoxIcon.Warning) == DialogResult.Yes) { DevOpsManager.Unregister(threatModel); ChangeDisconnectButtonStatus(null, false); } break; } } catch { ShowWarning?.Invoke("Connection failed."); throw; } }
public void Answer(object context, AnswerType answer) { if (answer == AnswerType.Ok && context is IThreatModel threatModel) { if (threatModel.GenerateThreatEvents()) { ShowMessage?.Invoke("Threat Events generated successfully."); } else { ShowWarning?.Invoke("No Threat Event or Mitigation has been generated."); } } }
public void Answer(object context, AnswerType answer) { if (answer == AnswerType.Ok && context is IThreatModel threatModel) { if (Generate(threatModel)) { ShowMessage?.Invoke("Topics to be Clarified generated successfully."); } else { ShowWarning?.Invoke("No Topic to be Clarified has been generated."); } } }
public async void Process(IThreatModel model) { Connect.ChangeDisconnectButtonStatus(null, false); var schemaManager = new DevOpsConfigPropertySchemaManager(model); var connector = schemaManager.GetDevOpsConnector(out var url, out var project); if (connector != null && !string.IsNullOrWhiteSpace(url) && !string.IsNullOrWhiteSpace(project)) { try { var tokenManager = new SecretsManager(); var token = tokenManager.GetSecret(url); if (!string.IsNullOrWhiteSpace(token)) { connector.Connect(url, token); var projects = (await connector.GetProjectsAsync())?.ToArray(); if (projects?.Contains(project) ?? false) { if (connector.OpenProject(project)) { DevOpsManager.Register(connector, model); Connect.ChangeDisconnectButtonStatus(connector, true); var configManager = new ExtensionConfigurationManager(model, this.GetExtensionId()); configManager.Apply(); await DevOpsManager.UpdateAsync(model); } } else { connector.Disconnect(); ShowWarning?.Invoke( "DevOps system cannot be automatically connected due to an internal error."); } } else { ShowWarning?.Invoke( "DevOps system cannot be automatically connected because no Personal Access Token has been found."); } } catch (Exception exc) { ShowWarning?.Invoke($@"DevOps system cannot be automatically connected due to the following error: {exc.Message}. Everything else should be unaffected."); } } }
public bool Execute(IIdentity identity) { if (identity is IThreatEvent threatEvent) { if (threatEvent.ApplyMitigations()) { ShowMessage?.Invoke("Mitigations associated successfully."); } else { ShowWarning?.Invoke("No Mitigation has been associated."); } } return(true); }
public void Answer(object context, AnswerType answer) { if (answer == AnswerType.Yes && context is IThreatEvent threatEvent && threatEvent.Parent is IThreatEventsContainer container) { var result = container.RemoveThreatEvent(threatEvent.Id); if (result) { ShowMessage?.Invoke("Remove Threat Event has been executed successfully."); } else { ShowWarning?.Invoke("Remove Threat Event has failed."); } } }
public void Answer(object context, AnswerType answer) { if (answer == AnswerType.Yes && context is IThreatType threatType && threatType.Model is IThreatModel model) { var result = model.RemoveThreatType(threatType.Id); if (result) { ShowMessage?.Invoke("Remove Threat Type has been executed successfully."); } else { ShowWarning?.Invoke("Remove Threat Type has failed."); } } }
public void Answer(object context, AnswerType answer) { if (answer == AnswerType.Yes || answer == AnswerType.Ok || answer == AnswerType.No) { if (context is IThreatEvent threatEvent) { if (threatEvent.ApplyMitigations(answer == AnswerType.No)) { ShowMessage?.Invoke(Resources.SuccessAssociation); } else { ShowWarning?.Invoke(Resources.WarningNoAssociations); } } } }
public void ExecuteRibbonAction(IThreatModel threatModel, IActionDefinition action) { try { switch (action.Name) { case "SomeAction": // TODO: specify the execution for the action. break; } } catch { ShowWarning?.Invoke($"{action.Name} failed."); throw; } }
public void ExecuteRibbonAction(IThreatModel threatModel, IActionDefinition action) { try { switch (action.Name) { case "ApplyAutoGenRules": Ask?.Invoke(this, threatModel, Resources.ApplyAutoGenRules_Caption, Resources.ApplyAutoGenRules_Confirm, false, RequestOptions.OkCancel); break; } } catch { ShowWarning?.Invoke("Automatic Threat Event generation failed.\nPlease close the document without saving it."); throw; } }
public bool Execute(IIdentity identity) { bool result = false; // ReSharper disable once SuspiciousTypeConversion.Global if (identity is IThreatEventsContainer destContainer) { if (Clipboard.GetDataObject() is DataObject dataObject && dataObject.GetDataPresent("ThreatEventsInfo") && dataObject.GetData("ThreatEventsInfo") is string info) { var deserialized = JsonConvert.DeserializeObject <ThreatEventsInfo>(info, new JsonSerializerSettings() { #pragma warning disable SCS0028 // Type information used to serialize and deserialize objects #pragma warning disable SEC0030 // Insecure Deserialization - Newtonsoft JSON TypeNameHandling = TypeNameHandling.All #pragma warning restore SEC0030 // Insecure Deserialization - Newtonsoft JSON #pragma warning restore SCS0028 // Type information used to serialize and deserialize objects }); if (deserialized?.ThreatEvents?.Any() ?? false) { foreach (var threatEvent in deserialized.ThreatEvents) { if (!(destContainer.ThreatEvents?.Any(x => x.ThreatTypeId == threatEvent.ThreatTypeId) ?? false)) { AddThreatEvent(threatEvent, destContainer); result = true; } } } } } if (result) { ShowMessage?.Invoke("Threat Events have been copied successfully."); } else { ShowWarning?.Invoke("No Threat Event has been copied to the selected object."); } return(result); }
public bool Execute(IIdentity identity) { bool result = false; if (identity is IThreatModel model) { var schemaManager = new DevOpsPropertySchemaManager(model); var mitigations = model.Mitigations? .Where(x => schemaManager.GetFirstSeenOn(x) == null) .ToArray(); if (mitigations?.Any() ?? false) { var configSchemaManager = new DevOpsConfigPropertySchemaManager(model); var iteration = configSchemaManager.CurrentIteration; if (iteration != null) { if (MessageBox.Show( $"You are about to assign {mitigations.Length} mitigations to the current iteration ('{iteration.Name}')." + $"\nDo you confirm?", "Bulk assignment to Iteration", MessageBoxButtons.YesNo, MessageBoxIcon.Information, MessageBoxDefaultButton.Button2) == DialogResult.Yes) { foreach (var mitigation in mitigations) { schemaManager.SetFirstSeenOn(mitigation, iteration); } result = true; ShowMessage?.Invoke("Assignment to Iteration succeeded."); } } else { ShowWarning?.Invoke("No current Iteration is defined."); } } else { ShowMessage?.Invoke( "Nothing to do, because all Mitigations have already been assigned to an Iteration."); } } return(result); }
public bool Execute(IThreatTypeMitigation mitigation) { bool result = false; using (var dialog = new MitigationRuleEditDialog()) { if (dialog.Initialize(mitigation)) { result = mitigation.SetRule(dialog); } else { ShowWarning?.Invoke("Threat Event Generation Rule for the related Threat Type has not been set."); } } return(result); }
private bool Validate([NotNull] IEntity target, [NotNull] IEnumerable <IEntity> sources, [NotNull] IThreatModel model, ReplacementStrategy strategy) { bool result = false; var cycles = model.DataFlows.Where(x => (sources.Any(y => y.Id == x.TargetId) || x.TargetId == target.Id) && (sources.Any(y => y.Id == x.SourceId) || x.SourceId == target.Id)); if (cycles.Any()) { ShowWarning?.Invoke($"Unable to merge, because {cycles.Count()} Flows would create cycles, including '{cycles.First().Name}'"); } else if (strategy == ReplacementStrategy.Stop) { var incoming = model.DataFlows.Where(x => sources.Any(y => y.Id == x.TargetId)); var inExisting = model.DataFlows.Where(x => x.TargetId == target.Id && incoming.Any(y => y.SourceId == x.SourceId)); if (inExisting.Any()) { ShowWarning?.Invoke($"Unable to merge, because {inExisting.Count()} incoming Flows already exist, including '{inExisting.First().Name}'"); } else { var outgoing = model.DataFlows.Where(x => sources.Any(y => y.Id == x.SourceId)); var outExisting = model.DataFlows.Where(x => x.SourceId == target.Id && outgoing.Any(y => y.TargetId == x.TargetId)); if (outExisting.Any()) { ShowWarning?.Invoke($"Unable to merge, because {outExisting.Count()} outgoing Flows already exist, including '{outExisting.First().Name}'"); } else { result = true; } } } else { result = true; } return(result); }
private bool LoadDocStructure([Required] string fileName) { bool result = false; _loading = true; try { var doc = new WordDocument(); doc.OpenReadOnly(fileName, FormatType.Automatic); var items = doc.FindAll(new Regex(@"\[ThreatsManagerPlatform:[\w]*\]"))? .Where(x => !x.IsToc()) .Select(x => new Placeholder(x.SelectedText, _model)) .Distinct(new PlaceholderComparer()) .OrderBy(x => x.Name) .ToArray(); CreatePlaceholderPanel(PlaceholderSection.Model, items); CreatePlaceholderPanel(PlaceholderSection.Counter, items); CreatePlaceholderPanel(PlaceholderSection.Chart, items); CreatePlaceholderPanel(PlaceholderSection.List, items); CreatePlaceholderPanel(PlaceholderSection.Table, items); result = true; } catch (IOException) { ShowWarning?.Invoke("Reference document may be in use in Word, please close it and try again.\nIf the problem persists, then the file may not be accessible."); } catch { ShowWarning?.Invoke("Reference document may be corrupted or not a Word document."); } finally { _loading = false; } return(result); }