Assumptions

docs/pytm/index.html

@@ -3,7 +3,7 @@
 <head>
 <meta charset="utf-8">
 <meta name="viewport" content="width=device-width, initial-scale=1, minimum-scale=1" />
-<meta name="generator" content="pdoc 0.9.2" />
+<meta name="generator" content="pdoc 0.10.0" />
 <title>pytm API documentation</title>
 <meta name="description" content="" />
 <link rel="preload stylesheet" as="style" href="https://cdnjs.cloudflare.com/ajax/libs/10up-sanitize.css/11.0.1/sanitize.min.css" integrity="sha256-PK9q560IAAa6WVRRh76LtCaI8pjTJ2z11v0miyNNjrs=" crossorigin>
@@ -2218,7 +2218,7 @@ <h3>Instance variables</h3>
         )
 
     def __str__(self):
-        return f&#34;{self.target}: {self.description}\n{self.details}\n{self.severity}&#34;</code></pre>
+        return f&#34;&#39;{self.target}&#39;: {self.description}\n{self.details}\n{self.severity}&#34;</code></pre>
 </details>
 <h3>Instance variables</h3>
 <dl>
@@ -3548,6 +3548,11 @@ <h3>Class variables</h3>
         doc=&#34;&#34;&#34;How to handle duplicate Dataflow
 with same properties, except name and notes&#34;&#34;&#34;,
     )
+    assumptions = varStrings(
+        [],
+        required=False,
+        doc=&#34;A list of assumptions about the design/model.&#34;,
+    )
 
     def __init__(self, name, **kwargs):
         for key, value in kwargs.items():
@@ -3603,6 +3608,7 @@ <h3>Class variables</h3>
 
                 finding_count += 1
                 f = Finding(e, id=str(finding_count), threat=t)
+                logger.debug(f&#34;new finding: {f}&#34;)
                 findings.append(f)
                 elements[e].append(f)
         self.findings = findings
@@ -3839,6 +3845,9 @@ <h3>Class variables</h3>
         if result.describe is not None:
             _describe_classes(result.describe.split())
 
+        if result.list_elements:
+            _list_elements()
+
         if result.list is True:
             [print(&#34;{} - {}&#34;.format(t.id, t.description)) for t in TM._threats]
 
@@ -3961,6 +3970,22 @@ <h3>Static methods</h3>
 </dl>
 <h3>Instance variables</h3>
 <dl>
+<dt id="pytm.TM.assumptions"><code class="name">var <span class="ident">assumptions</span></code></dt>
+<dd>
+<div class="desc"><p>A list of assumptions about the design/model.</p></div>
+<details class="source">
+<summary>
+<span>Expand source code</span>
+</summary>
+<pre><code class="python">def __get__(self, instance, owner):
+    # when x.d is called we get here
+    # instance = x
+    # owner = type(x)
+    if instance is None:
+        return self
+    return self.data.get(instance, self.default)</code></pre>
+</details>
+</dd>
 <dt id="pytm.TM.description"><code class="name">var <span class="ident">description</span></code></dt>
 <dd>
 <div class="desc"><p>Model description</p></div>
@@ -4160,6 +4185,9 @@ <h3>Methods</h3>
     if result.describe is not None:
         _describe_classes(result.describe.split())
 
+    if result.list_elements:
+        _list_elements()
+
     if result.list is True:
         [print(&#34;{} - {}&#34;.format(t.id, t.description)) for t in TM._threats]
 
@@ -4231,6 +4259,7 @@ <h3>Methods</h3>
 
             finding_count += 1
             f = Finding(e, id=str(finding_count), threat=t)
+            logger.debug(f&#34;new finding: {f}&#34;)
             findings.append(f)
             elements[e].append(f)
     self.findings = findings
@@ -4768,6 +4797,7 @@ <h4><code><a title="pytm.TLSVersion" href="#pytm.TLSVersion">TLSVersion</a></cod
 <li>
 <h4><code><a title="pytm.TM" href="#pytm.TM">TM</a></code></h4>
 <ul class="two-column">
+<li><code><a title="pytm.TM.assumptions" href="#pytm.TM.assumptions">assumptions</a></code></li>
 <li><code><a title="pytm.TM.description" href="#pytm.TM.description">description</a></code></li>
 <li><code><a title="pytm.TM.findings" href="#pytm.TM.findings">findings</a></code></li>
 <li><code><a title="pytm.TM.get_table" href="#pytm.TM.get_table">get_table</a></code></li>
@@ -4805,7 +4835,7 @@ <h4><code><a title="pytm.Threat" href="#pytm.Threat">Threat</a></code></h4>
 </nav>
 </main>
 <footer id="footer">
-<p>Generated by <a href="https://pdoc3.github.io/pdoc"><cite>pdoc</cite> 0.9.2</a>.</p>
+<p>Generated by <a href="https://pdoc3.github.io/pdoc" title="pdoc: Python API documentation generator"><cite>pdoc</cite> 0.10.0</a>.</p>
 </footer>
 </body>
 </html>

docs/template.md

@@ -7,6 +7,19 @@
 
  
 
+{tm.assumptions:if:
+
+|Assumptions|
+|-----------|
+{tm.assumptions:repeat:|{{item}}| 
+}
+
+ 
+ 
+ 
+}
+
+
 ## Dataflow Diagram - Level 0 DFD
 
 ![](sample.png)

pytm/pytm.py

@@ -720,6 +720,11 @@ class TM:
         doc="""How to handle duplicate Dataflow
 with same properties, except name and notes""",
     )
+    assumptions = varStrings(
+        [],
+        required=False,
+        doc="A list of assumptions about the design/model.",
+    )
 
     def __init__(self, name, **kwargs):
         for key, value in kwargs.items():

tests/output.json

@@ -264,6 +264,7 @@
             "validatesInput": false
         }
     ],
+    "assumptions": [],
     "boundaries": [
         {
             "description": "",
@@ -801,4 +802,4 @@
     "onDuplicates": "Action.NO_ACTION",
     "threatsExcluded": [],
     "threatsFile": "pytm/threatlib/threats.json"
-}
+}

tests/output.md

@@ -7,6 +7,9 @@ aaa
 
  
 
+
+
+
 ## Dataflow Diagram - Level 0 DFD
 
 ![](sample.png)

tm.py

@@ -16,6 +16,9 @@
 tm.description = "This is a sample threat model of a very simple system - a web-based comment system. The user enters comments and these are added to a database and displayed back to the user. The thought is that it is, though simple, a complete enough example to express meaningful threats."
 tm.isOrdered = True
 tm.mergeResponses = True
+tm.assumptions = [
+"Here you can document a list of assumptions about the system",
+]
 
 internet = Boundary("Internet")
 server_db = Boundary("Server/DB")