Split and moved zero trust service into pillar_service.py and principle_service.py

This commit is contained in:
VakarisZ 2021-01-18 12:01:33 +02:00
parent 01feea905b
commit e69c94ae50
6 changed files with 80 additions and 73 deletions

View File

@ -5,8 +5,9 @@ from flask import Response, jsonify
from monkey_island.cc.models.zero_trust.scoutsuite_data_json import ScoutSuiteDataJson from monkey_island.cc.models.zero_trust.scoutsuite_data_json import ScoutSuiteDataJson
from monkey_island.cc.resources.auth.auth import jwt_required from monkey_island.cc.resources.auth.auth import jwt_required
from monkey_island.cc.services.zero_trust.report_data.finding_service import FindingService from monkey_island.cc.services.zero_trust.zero_trust_report.finding_service import FindingService
from monkey_island.cc.services.zero_trust.zero_trust_service import ZeroTrustService from monkey_island.cc.services.zero_trust.zero_trust_report.pillar_service import PillarService
from monkey_island.cc.services.zero_trust.zero_trust_report.principle_service import PrincipleService
REPORT_DATA_PILLARS = "pillars" REPORT_DATA_PILLARS = "pillars"
REPORT_DATA_FINDINGS = "findings" REPORT_DATA_FINDINGS = "findings"
@ -20,12 +21,12 @@ class ZeroTrustReport(flask_restful.Resource):
def get(self, report_data=None): def get(self, report_data=None):
if report_data == REPORT_DATA_PILLARS: if report_data == REPORT_DATA_PILLARS:
return jsonify({ return jsonify({
"statusesToPillars": ZeroTrustService.get_statuses_to_pillars(), "statusesToPillars": PillarService.get_statuses_to_pillars(),
"pillarsToStatuses": ZeroTrustService.get_pillars_to_statuses(), "pillarsToStatuses": PillarService.get_pillars_to_statuses(),
"grades": ZeroTrustService.get_pillars_grades() "grades": PillarService.get_pillars_grades()
}) })
elif report_data == REPORT_DATA_PRINCIPLES_STATUS: elif report_data == REPORT_DATA_PRINCIPLES_STATUS:
return jsonify(ZeroTrustService.get_principles_status()) return jsonify(PrincipleService.get_principles_status())
elif report_data == REPORT_DATA_FINDINGS: elif report_data == REPORT_DATA_FINDINGS:
return jsonify(FindingService.get_all_findings()) return jsonify(FindingService.get_all_findings())
elif report_data == REPORT_DATA_SCOUTSUITE: elif report_data == REPORT_DATA_SCOUTSUITE:

View File

@ -0,0 +1,69 @@
import common.common_consts.zero_trust_consts as zero_trust_consts
from monkey_island.cc.models.zero_trust.finding import Finding
class PillarService:
@staticmethod
def get_pillars_grades():
pillars_grades = []
all_findings = Finding.objects()
for pillar in zero_trust_consts.PILLARS:
pillars_grades.append(PillarService.__get_pillar_grade(pillar, all_findings))
return pillars_grades
@staticmethod
def __get_pillar_grade(pillar, all_findings):
pillar_grade = {
"pillar": pillar,
zero_trust_consts.STATUS_FAILED: 0,
zero_trust_consts.STATUS_VERIFY: 0,
zero_trust_consts.STATUS_PASSED: 0,
zero_trust_consts.STATUS_UNEXECUTED: 0
}
tests_of_this_pillar = zero_trust_consts.PILLARS_TO_TESTS[pillar]
test_unexecuted = {}
for test in tests_of_this_pillar:
test_unexecuted[test] = True
for finding in all_findings:
test_unexecuted[finding.test] = False
test_info = zero_trust_consts.TESTS_MAP[finding.test]
if pillar in test_info[zero_trust_consts.PILLARS_KEY]:
pillar_grade[finding.status] += 1
pillar_grade[zero_trust_consts.STATUS_UNEXECUTED] = list(test_unexecuted.values()).count(True)
return pillar_grade
@staticmethod
def get_statuses_to_pillars():
results = {
zero_trust_consts.STATUS_FAILED: [],
zero_trust_consts.STATUS_VERIFY: [],
zero_trust_consts.STATUS_PASSED: [],
zero_trust_consts.STATUS_UNEXECUTED: []
}
for pillar in zero_trust_consts.PILLARS:
results[PillarService.__get_status_of_single_pillar(pillar)].append(pillar)
return results
@staticmethod
def get_pillars_to_statuses():
results = {}
for pillar in zero_trust_consts.PILLARS:
results[pillar] = PillarService.__get_status_of_single_pillar(pillar)
return results
@staticmethod
def __get_status_of_single_pillar(pillar):
all_findings = Finding.objects()
grade = PillarService.__get_pillar_grade(pillar, all_findings)
for status in zero_trust_consts.ORDERED_TEST_STATUSES:
if grade[status] > 0:
return status
return zero_trust_consts.STATUS_UNEXECUTED

View File

@ -2,40 +2,7 @@ import common.common_consts.zero_trust_consts as zero_trust_consts
from monkey_island.cc.models.zero_trust.finding import Finding from monkey_island.cc.models.zero_trust.finding import Finding
class ZeroTrustService: class PrincipleService:
@staticmethod
def get_pillars_grades():
pillars_grades = []
all_findings = Finding.objects()
for pillar in zero_trust_consts.PILLARS:
pillars_grades.append(ZeroTrustService.__get_pillar_grade(pillar, all_findings))
return pillars_grades
@staticmethod
def __get_pillar_grade(pillar, all_findings):
pillar_grade = {
"pillar": pillar,
zero_trust_consts.STATUS_FAILED: 0,
zero_trust_consts.STATUS_VERIFY: 0,
zero_trust_consts.STATUS_PASSED: 0,
zero_trust_consts.STATUS_UNEXECUTED: 0
}
tests_of_this_pillar = zero_trust_consts.PILLARS_TO_TESTS[pillar]
test_unexecuted = {}
for test in tests_of_this_pillar:
test_unexecuted[test] = True
for finding in all_findings:
test_unexecuted[finding.test] = False
test_info = zero_trust_consts.TESTS_MAP[finding.test]
if pillar in test_info[zero_trust_consts.PILLARS_KEY]:
pillar_grade[finding.status] += 1
pillar_grade[zero_trust_consts.STATUS_UNEXECUTED] = list(test_unexecuted.values()).count(True)
return pillar_grade
@staticmethod @staticmethod
def get_principles_status(): def get_principles_status():
@ -50,8 +17,8 @@ class ZeroTrustService:
all_principles_statuses[pillar].append( all_principles_statuses[pillar].append(
{ {
"principle": zero_trust_consts.PRINCIPLES[principle], "principle": zero_trust_consts.PRINCIPLES[principle],
"tests": ZeroTrustService.__get_tests_status(principle_tests), "tests": PrincipleService.__get_tests_status(principle_tests),
"status": ZeroTrustService.__get_principle_status(principle_tests) "status": PrincipleService.__get_principle_status(principle_tests)
} }
) )
@ -79,7 +46,7 @@ class ZeroTrustService:
results.append( results.append(
{ {
"test": zero_trust_consts.TESTS_MAP[test][zero_trust_consts.TEST_EXPLANATION_KEY], "test": zero_trust_consts.TESTS_MAP[test][zero_trust_consts.TEST_EXPLANATION_KEY],
"status": ZeroTrustService.__get_lcd_worst_status_for_test(test_findings) "status": PrincipleService.__get_lcd_worst_status_for_test(test_findings)
} }
) )
return results return results
@ -98,33 +65,3 @@ class ZeroTrustService:
current_worst_status = finding.status current_worst_status = finding.status
return current_worst_status return current_worst_status
@staticmethod
def get_statuses_to_pillars():
results = {
zero_trust_consts.STATUS_FAILED: [],
zero_trust_consts.STATUS_VERIFY: [],
zero_trust_consts.STATUS_PASSED: [],
zero_trust_consts.STATUS_UNEXECUTED: []
}
for pillar in zero_trust_consts.PILLARS:
results[ZeroTrustService.__get_status_of_single_pillar(pillar)].append(pillar)
return results
@staticmethod
def get_pillars_to_statuses():
results = {}
for pillar in zero_trust_consts.PILLARS:
results[pillar] = ZeroTrustService.__get_status_of_single_pillar(pillar)
return results
@staticmethod
def __get_status_of_single_pillar(pillar):
all_findings = Finding.objects()
grade = ZeroTrustService.__get_pillar_grade(pillar, all_findings)
for status in zero_trust_consts.ORDERED_TEST_STATUSES:
if grade[status] > 0:
return status
return zero_trust_consts.STATUS_UNEXECUTED