Skip to content

Commit

Permalink
Merge pull request #182 from izar/assumptions
Browse files Browse the repository at this point in the history
Assumptions
  • Loading branch information
izar authored Oct 4, 2021
2 parents 4a34599 + 62b7e26 commit 2c2a210
Show file tree
Hide file tree
Showing 6 changed files with 59 additions and 4 deletions.
36 changes: 33 additions & 3 deletions docs/pytm/index.html
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1, minimum-scale=1" />
<meta name="generator" content="pdoc 0.9.2" />
<meta name="generator" content="pdoc 0.10.0" />
<title>pytm API documentation</title>
<meta name="description" content="" />
<link rel="preload stylesheet" as="style" href="https://cdnjs.cloudflare.com/ajax/libs/10up-sanitize.css/11.0.1/sanitize.min.css" integrity="sha256-PK9q560IAAa6WVRRh76LtCaI8pjTJ2z11v0miyNNjrs=" crossorigin>
Expand Down Expand Up @@ -2218,7 +2218,7 @@ <h3>Instance variables</h3>
)

def __str__(self):
return f&#34;{self.target}: {self.description}\n{self.details}\n{self.severity}&#34;</code></pre>
return f&#34;&#39;{self.target}&#39;: {self.description}\n{self.details}\n{self.severity}&#34;</code></pre>
</details>
<h3>Instance variables</h3>
<dl>
Expand Down Expand Up @@ -3548,6 +3548,11 @@ <h3>Class variables</h3>
doc=&#34;&#34;&#34;How to handle duplicate Dataflow
with same properties, except name and notes&#34;&#34;&#34;,
)
assumptions = varStrings(
[],
required=False,
doc=&#34;A list of assumptions about the design/model.&#34;,
)

def __init__(self, name, **kwargs):
for key, value in kwargs.items():
Expand Down Expand Up @@ -3603,6 +3608,7 @@ <h3>Class variables</h3>

finding_count += 1
f = Finding(e, id=str(finding_count), threat=t)
logger.debug(f&#34;new finding: {f}&#34;)
findings.append(f)
elements[e].append(f)
self.findings = findings
Expand Down Expand Up @@ -3839,6 +3845,9 @@ <h3>Class variables</h3>
if result.describe is not None:
_describe_classes(result.describe.split())

if result.list_elements:
_list_elements()

if result.list is True:
[print(&#34;{} - {}&#34;.format(t.id, t.description)) for t in TM._threats]

Expand Down Expand Up @@ -3961,6 +3970,22 @@ <h3>Static methods</h3>
</dl>
<h3>Instance variables</h3>
<dl>
<dt id="pytm.TM.assumptions"><code class="name">var <span class="ident">assumptions</span></code></dt>
<dd>
<div class="desc"><p>A list of assumptions about the design/model.</p></div>
<details class="source">
<summary>
<span>Expand source code</span>
</summary>
<pre><code class="python">def __get__(self, instance, owner):
# when x.d is called we get here
# instance = x
# owner = type(x)
if instance is None:
return self
return self.data.get(instance, self.default)</code></pre>
</details>
</dd>
<dt id="pytm.TM.description"><code class="name">var <span class="ident">description</span></code></dt>
<dd>
<div class="desc"><p>Model description</p></div>
Expand Down Expand Up @@ -4160,6 +4185,9 @@ <h3>Methods</h3>
if result.describe is not None:
_describe_classes(result.describe.split())

if result.list_elements:
_list_elements()

if result.list is True:
[print(&#34;{} - {}&#34;.format(t.id, t.description)) for t in TM._threats]

Expand Down Expand Up @@ -4231,6 +4259,7 @@ <h3>Methods</h3>

finding_count += 1
f = Finding(e, id=str(finding_count), threat=t)
logger.debug(f&#34;new finding: {f}&#34;)
findings.append(f)
elements[e].append(f)
self.findings = findings
Expand Down Expand Up @@ -4768,6 +4797,7 @@ <h4><code><a title="pytm.TLSVersion" href="#pytm.TLSVersion">TLSVersion</a></cod
<li>
<h4><code><a title="pytm.TM" href="#pytm.TM">TM</a></code></h4>
<ul class="two-column">
<li><code><a title="pytm.TM.assumptions" href="#pytm.TM.assumptions">assumptions</a></code></li>
<li><code><a title="pytm.TM.description" href="#pytm.TM.description">description</a></code></li>
<li><code><a title="pytm.TM.findings" href="#pytm.TM.findings">findings</a></code></li>
<li><code><a title="pytm.TM.get_table" href="#pytm.TM.get_table">get_table</a></code></li>
Expand Down Expand Up @@ -4805,7 +4835,7 @@ <h4><code><a title="pytm.Threat" href="#pytm.Threat">Threat</a></code></h4>
</nav>
</main>
<footer id="footer">
<p>Generated by <a href="https://pdoc3.github.io/pdoc"><cite>pdoc</cite> 0.9.2</a>.</p>
<p>Generated by <a href="https://pdoc3.github.io/pdoc" title="pdoc: Python API documentation generator"><cite>pdoc</cite> 0.10.0</a>.</p>
</footer>
</body>
</html>
13 changes: 13 additions & 0 deletions docs/template.md
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,19 @@

&nbsp;

{tm.assumptions:if:

|Assumptions|
|-----------|
{tm.assumptions:repeat:|{{item}}|
}

&nbsp;
&nbsp;
&nbsp;
}


## Dataflow Diagram - Level 0 DFD

![](sample.png)
Expand Down
5 changes: 5 additions & 0 deletions pytm/pytm.py
Original file line number Diff line number Diff line change
Expand Up @@ -720,6 +720,11 @@ class TM:
doc="""How to handle duplicate Dataflow
with same properties, except name and notes""",
)
assumptions = varStrings(
[],
required=False,
doc="A list of assumptions about the design/model.",
)

def __init__(self, name, **kwargs):
for key, value in kwargs.items():
Expand Down
3 changes: 2 additions & 1 deletion tests/output.json
Original file line number Diff line number Diff line change
Expand Up @@ -264,6 +264,7 @@
"validatesInput": false
}
],
"assumptions": [],
"boundaries": [
{
"description": "",
Expand Down Expand Up @@ -801,4 +802,4 @@
"onDuplicates": "Action.NO_ACTION",
"threatsExcluded": [],
"threatsFile": "pytm/threatlib/threats.json"
}
}
3 changes: 3 additions & 0 deletions tests/output.md
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,9 @@ aaa

&nbsp;




## Dataflow Diagram - Level 0 DFD

![](sample.png)
Expand Down
3 changes: 3 additions & 0 deletions tm.py
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,9 @@
tm.description = "This is a sample threat model of a very simple system - a web-based comment system. The user enters comments and these are added to a database and displayed back to the user. The thought is that it is, though simple, a complete enough example to express meaningful threats."
tm.isOrdered = True
tm.mergeResponses = True
tm.assumptions = [
"Here you can document a list of assumptions about the system",
]

internet = Boundary("Internet")
server_db = Boundary("Server/DB")
Expand Down

0 comments on commit 2c2a210

Please sign in to comment.