forked from p15670423/monkey
Improved readability of zero trust report resource by creating separate service for raw scoutsuite data and moving pillar report data structure into separate method on pillar service
This commit is contained in:
parent
d0404cbeae
commit
7aef86744e
|
@ -3,11 +3,11 @@ import http.client
|
|||
import flask_restful
|
||||
from flask import Response, jsonify
|
||||
|
||||
from monkey_island.cc.models.zero_trust.scoutsuite_data_json import ScoutSuiteDataJson
|
||||
from monkey_island.cc.resources.auth.auth import jwt_required
|
||||
from monkey_island.cc.services.zero_trust.zero_trust_report.finding_service import FindingService
|
||||
from monkey_island.cc.services.zero_trust.zero_trust_report.pillar_service import PillarService
|
||||
from monkey_island.cc.services.zero_trust.zero_trust_report.principle_service import PrincipleService
|
||||
from monkey_island.cc.services.zero_trust.zero_trust_report.scoutsuite_raw_data_service import ScoutSuiteRawDataService
|
||||
|
||||
REPORT_DATA_PILLARS = "pillars"
|
||||
REPORT_DATA_FINDINGS = "findings"
|
||||
|
@ -20,20 +20,13 @@ class ZeroTrustReport(flask_restful.Resource):
|
|||
@jwt_required
|
||||
def get(self, report_data=None):
|
||||
if report_data == REPORT_DATA_PILLARS:
|
||||
return jsonify({
|
||||
"statusesToPillars": PillarService.get_statuses_to_pillars(),
|
||||
"pillarsToStatuses": PillarService.get_pillars_to_statuses(),
|
||||
"grades": PillarService.get_pillars_grades()
|
||||
})
|
||||
return jsonify(PillarService.get_pillar_report_data())
|
||||
elif report_data == REPORT_DATA_PRINCIPLES_STATUS:
|
||||
return jsonify(PrincipleService.get_principles_status())
|
||||
elif report_data == REPORT_DATA_FINDINGS:
|
||||
return jsonify(FindingService.get_all_findings())
|
||||
elif report_data == REPORT_DATA_SCOUTSUITE:
|
||||
try:
|
||||
data = ScoutSuiteDataJson.objects.get().scoutsuite_data
|
||||
except Exception:
|
||||
data = "{}"
|
||||
return Response(data, mimetype='application/json')
|
||||
return Response(ScoutSuiteRawDataService.get_scoutsuite_data_json(),
|
||||
mimetype='application/json')
|
||||
|
||||
flask_restful.abort(http.client.NOT_FOUND)
|
||||
|
|
|
@ -5,7 +5,13 @@ from monkey_island.cc.models.zero_trust.finding import Finding
|
|||
class PillarService:
|
||||
|
||||
@staticmethod
|
||||
def get_pillars_grades():
|
||||
def get_pillar_report_data():
|
||||
return {"statusesToPillars": PillarService._get_statuses_to_pillars(),
|
||||
"pillarsToStatuses": PillarService._get_pillars_to_statuses(),
|
||||
"grades": PillarService._get_pillars_grades()}
|
||||
|
||||
@staticmethod
|
||||
def _get_pillars_grades():
|
||||
pillars_grades = []
|
||||
all_findings = Finding.objects()
|
||||
for pillar in zero_trust_consts.PILLARS:
|
||||
|
@ -39,7 +45,7 @@ class PillarService:
|
|||
return pillar_grade
|
||||
|
||||
@staticmethod
|
||||
def get_statuses_to_pillars():
|
||||
def _get_statuses_to_pillars():
|
||||
results = {
|
||||
zero_trust_consts.STATUS_FAILED: [],
|
||||
zero_trust_consts.STATUS_VERIFY: [],
|
||||
|
@ -52,7 +58,7 @@ class PillarService:
|
|||
return results
|
||||
|
||||
@staticmethod
|
||||
def get_pillars_to_statuses():
|
||||
def _get_pillars_to_statuses():
|
||||
results = {}
|
||||
for pillar in zero_trust_consts.PILLARS:
|
||||
results[pillar] = PillarService.__get_status_of_single_pillar(pillar)
|
||||
|
|
|
@ -0,0 +1,13 @@
|
|||
from monkey_island.cc.models.zero_trust.scoutsuite_data_json import ScoutSuiteDataJson
|
||||
|
||||
|
||||
class ScoutSuiteRawDataService:
|
||||
|
||||
# Return unparsed json of ScoutSuite results,
|
||||
# so that UI can pick out values it needs for report
|
||||
@staticmethod
|
||||
def get_scoutsuite_data_json() -> str:
|
||||
try:
|
||||
return ScoutSuiteDataJson.objects.get().scoutsuite_data
|
||||
except Exception:
|
||||
return "{}"
|
|
@ -15,7 +15,7 @@ from monkey_island.cc.test_common.fixtures import FixtureEnum
|
|||
def test_get_pillars_grades():
|
||||
save_example_findings()
|
||||
expected_grades = _get_expected_pillar_grades()
|
||||
computed_grades = PillarService.get_pillars_grades()
|
||||
computed_grades = PillarService._get_pillars_grades()
|
||||
assert expected_grades == computed_grades
|
||||
|
||||
|
||||
|
@ -97,7 +97,7 @@ def test_get_pillars_to_statuses():
|
|||
zero_trust_consts.WORKLOADS: zero_trust_consts.STATUS_UNEXECUTED,
|
||||
zero_trust_consts.DATA: zero_trust_consts.STATUS_UNEXECUTED
|
||||
}
|
||||
assert PillarService.get_pillars_to_statuses() == expected
|
||||
assert PillarService._get_pillars_to_statuses() == expected
|
||||
|
||||
# Test with example finding set
|
||||
save_example_findings()
|
||||
|
@ -110,4 +110,4 @@ def test_get_pillars_to_statuses():
|
|||
zero_trust_consts.WORKLOADS: zero_trust_consts.STATUS_UNEXECUTED,
|
||||
zero_trust_consts.DATA: zero_trust_consts.STATUS_FAILED
|
||||
}
|
||||
assert PillarService.get_pillars_to_statuses() == expected
|
||||
assert PillarService._get_pillars_to_statuses() == expected
|
||||
|
|
Loading…
Reference in New Issue