Fix #163

cairis-platform · Feb 11, 2018 · 87ebdaa · 87ebdaa
1 parent 3dafc89
commit 87ebdaa
Show file tree

Hide file tree

Showing 13 changed files with 273 additions and 4 deletions.
diff --git a/cairis/controllers/VersionController.py b/cairis/controllers/VersionController.py
@@ -0,0 +1,75 @@
+#  Licensed to the Apache Software Foundation (ASF) under one
+#  or more contributor license agreements.  See the NOTICE file
+#  distributed with this work for additional information
+#  regarding copyright ownership.  The ASF licenses this file
+#  to you under the Apache License, Version 2.0 (the
+#  "License"); you may not use this file except in compliance
+#  with the License.  You may obtain a copy of the License at
+#
+#  http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing,
+#  software distributed under the License is distributed on an
+#  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+#  KIND, either express or implied.  See the License for the
+#  specific language governing permissions and limitations
+#  under the License.
+
+import sys
+if (sys.version_info > (3,)):
+  import http.client
+  from http.client import BAD_REQUEST, CONFLICT, NOT_FOUND, OK
+else:
+  import httplib
+  from httplib import BAD_REQUEST, CONFLICT, NOT_FOUND, OK
+from flask import make_response, request, session, send_file
+from flask_restful import Resource
+from flask_restful_swagger import swagger
+from cairis.core.ARM import DatabaseProxyException, ARMException
+from cairis.core.Borg import Borg
+from cairis.daemon.CairisHTTPError import MalformedJSONHTTPError, CairisHTTPError, ARMHTTPError, MissingParameterHTTPError
+from cairis.data.VersionDAO import VersionDAO
+from cairis.tools.JsonConverter import json_serialize
+from cairis.tools.MessageDefinitions import VersionMessage
+from cairis.tools.ModelDefinitions import VersionModel
+from cairis.tools.SessionValidator import get_session_id
+from io import StringIO
+
+__author__ = 'Shamal Faily'
+
+
+class VersionAPI(Resource):
+  # region Swagger Doc
+  @swagger.operation(
+    notes='Get CAIRIS version',
+    nickname='cairis-version',
+    parameters=[
+      {
+        "name": "session_id",
+        "description": "The ID of the user's session",
+        "required": False,
+        "allowMultiple": False,
+        "dataType": str.__name__,
+        "paramType": "query"
+      }
+    ],
+    responseMessages=[
+      {
+        'code': BAD_REQUEST,
+        'message': 'The provided file is not a valid XML file'
+      },
+      {
+        'code': BAD_REQUEST,
+        'message': '''Some parameters are missing. Be sure 'file_contents' and 'type' are defined.'''
+      }
+    ]
+  )
+  # endregion
+  def get(self):
+    session_id = get_session_id(session, request)
+    dao = VersionDAO(session_id)
+    objts = dao.cairis_version()
+    dao.close()
+    resp = make_response(json_serialize(objts, session_id=session_id))
+    resp.headers['Content-Type'] = "application/json"
+    return resp
diff --git a/cairis/core/MySQLDatabaseProxy.py b/cairis/core/MySQLDatabaseProxy.py
@@ -4552,3 +4552,6 @@ def threatenedDataflows(self,envName):
 
   def defaultValue(self,valueType):
     return self.responseList('call defaultValue(:valueType)',{'valueType':valueType},'MySQL error getting default value for ' + valueType)[0]
+
+  def cairisVersion(self):
+    return self.responseList('select cairisVersion()',{},'MySQL error getting CAIRIS version')[0]
diff --git a/cairis/daemon/main/views.py b/cairis/daemon/main/views.py
@@ -38,7 +38,7 @@
     RequirementController, ResponseController, RiskController, RoleController, TaskController, ThreatController, \
     UploadController, VulnerabilityController, ObstacleController, CountermeasureController, DomainPropertyController, UseCaseController, \
     DependencyController, DocumentationController, FindController, ExternalDocumentController, DocumentReferenceController, \
-    PersonaCharacteristicController, TaskCharacteristicController, ObjectDependencyController, ArchitecturalPatternController, SecurityPatternController, ValueTypeController, TemplateGoalController, TemplateAssetController,TemplateRequirementController, LocationsController, RiskLevelController, TraceController, SummaryController, ConceptReferenceController, DataFlowController, DirectoryController,TrustBoundaryController
+    PersonaCharacteristicController, TaskCharacteristicController, ObjectDependencyController, ArchitecturalPatternController, SecurityPatternController, ValueTypeController, TemplateGoalController, TemplateAssetController,TemplateRequirementController, LocationsController, RiskLevelController, TraceController, SummaryController, ConceptReferenceController, DataFlowController, DirectoryController,TrustBoundaryController, VersionController
 from cairis.daemon.main import main, api
 
 __author__ = 'Robin Quetin, Shamal Faily'
@@ -449,6 +449,9 @@ def get_image(path):
 api.add_resource(ValueTypeController.ValueTypesByNameAPI, '/api/value_types/type/<string:type_name>/environment/<string:environment_name>/name/<string:object_name>',endpoint='value_type')
 api.add_resource(ValueTypeController.ValueTypesCreateAPI, '/api/value_types/',endpoint='create_value_type')
 
+# Version route
+api.add_resource(VersionController.VersionAPI, '/api/version',endpoint='version')
+
 # Vulnerability routes
 api.add_resource(VulnerabilityController.VulnerabilityAPI, '/api/vulnerabilities',endpoint='vulnerabilities')
 api.add_resource(VulnerabilityController.VulnerabilityByIdAPI, '/api/vulnerabilities/id/<int:id>',endpoint='vulnerability_id')

diff --git a/cairis/data/VersionDAO.py b/cairis/data/VersionDAO.py
@@ -0,0 +1,34 @@
+#  Licensed to the Apache Software Foundation (ASF) under one
+#  or more contributor license agreements.  See the NOTICE file
+#  distributed with this work for additional information
+#  regarding copyright ownership.  The ASF licenses this file
+#  to you under the Apache License, Version 2.0 (the
+#  "License"); you may not use this file except in compliance
+#  with the License.  You may obtain a copy of the License at
+#
+#  http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing,
+#  software distributed under the License is distributed on an
+#  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+#  KIND, either express or implied.  See the License for the
+#  specific language governing permissions and limitations
+#  under the License.
+
+from cairis.core.ARM import *
+from cairis.daemon.CairisHTTPError import CairisHTTPError, ARMHTTPError
+from cairis.data.CairisDAO import CairisDAO
+__author__ = 'Shamal Faily'
+
+
+class VersionDAO(CairisDAO):
+
+  def __init__(self, session_id):
+    CairisDAO.__init__(self, session_id)
+
+  def cairis_version(self):
+    try:
+      return self.db_proxy.cairisVersion()
+    except ARMException as ex:
+      self.close()
+      raise ARMHTTPError(ex)
diff --git a/cairis/sql/init.sql b/cairis/sql/init.sql
@@ -374,7 +374,14 @@ DROP TABLE IF EXISTS securityusability_property_value;
 DROP TABLE IF EXISTS countermeasure_value;
 DROP TABLE IF EXISTS threat_value;
 DROP TABLE IF EXISTS users;
+DROP TABLE IF EXISTS version;
 
+CREATE TABLE version(
+  major INT NOT NULL,
+  minor INT NOT NULL,
+  patch INT NOT NULL,
+  PRIMARY KEY(major,minor,patch)
+) ENGINE=INNODB;
 CREATE TABLE trace_dimension(
   id INT NOT NULL,
   name VARCHAR(50) NOT NULL,
@@ -3864,7 +3871,7 @@ CREATE VIEW quotation as
    select c.name code,'persona' artifact_type,p.name artifact_name,'Contextual' section,pc.start_index,pc.end_index,personaQuotationString(p.name,'contextual',pc.start_index,pc.end_index) quote,pc.synopsis,pc.label from code c, persona p, persona_code pc where c.id = pc.code_id and p.id = pc.persona_id order by 1;
 
 
-
+INSERT INTO version (major,minor,patch) VALUES (1,5,2);
 INSERT INTO attributes (id,name) VALUES (103,'did');
 INSERT INTO trace_dimension values (0,'requirement');
 INSERT INTO trace_dimension values (1,'persona');

diff --git a/cairis/sql/procs.sql b/cairis/sql/procs.sql
@@ -915,6 +915,7 @@ drop procedure if exists threatenedDataflows;
 drop procedure if exists defaultValue;
 drop procedure if exists deleteWidowedConcerns;
 drop function if exists xmlEscaped;
+drop function if exists cairisVersion;
 
 delimiter //
 
@@ -24045,4 +24046,20 @@ begin
 end
 //
 
+create function cairisVersion()
+returns text
+deterministic
+begin
+  declare cmaj int;
+  declare cmin int;
+  declare cpat int;
+
+  select major into cmaj from version limit 1;
+  select minor into cmin from version limit 1;
+  select patch into cpat from version limit 1;
+
+  return concat(cmaj,'.',cmin,'.',cpat);
+end
+//
+
 delimiter ;
diff --git a/cairis/test/test_VersionAPI.py b/cairis/test/test_VersionAPI.py
@@ -0,0 +1,54 @@
+#  Licensed to the Apache Software Foundation (ASF) under one
+#  or more contributor license agreements.  See the NOTICE file
+#  distributed with this work for additional information
+#  regarding copyright ownership.  The ASF licenses this file
+#  to you under the Apache License, Version 2.0 (the
+#  "License"); you may not use this file except in compliance
+#  with the License.  You may obtain a copy of the License at
+#
+#  http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing,
+#  software distributed under the License is distributed on an
+#  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+#  KIND, either express or implied.  See the License for the
+#  specific language governing permissions and limitations
+#  under the License.
+
+import logging
+import sys
+if (sys.version_info > (3,)):
+  from urllib.parse import quote
+else:
+  from urllib import quote
+from io import StringIO
+import os
+import jsonpickle
+from cairis.test.CairisDaemonTestCase import CairisDaemonTestCase
+from cairis.mio.ModelImport import importModelFile
+import os
+
+__author__ = 'Shamal Faily'
+
+class VersionAPITests(CairisDaemonTestCase):
+
+  @classmethod
+  def setUpClass(cls):
+    pass
+
+  def setUp(self):
+    self.logger = logging.getLogger(__name__)
+
+  def test_version(self):
+    method = 'test_version'
+    url = '/api/version?session_id=test'
+    self.logger.info('[%s] URL: %s', method, url)
+    rv = self.app.get(url)
+    self.assertIsNotNone(rv.data, 'No response')
+    if (sys.version_info > (3,)):
+      responseData = rv.data.decode('utf-8')
+    else:
+      responseData = rv.data
+    objts = jsonpickle.decode(responseData)
+    self.assertIsNotNone(objts, 'No results after deserialization')
+    self.assertEqual(objts,'1.5.2')
diff --git a/cairis/tools/MessageDefinitions.py b/cairis/tools/MessageDefinitions.py
@@ -322,6 +322,10 @@ class FindMessage(DefaultMessage):
   resource_fields = gen_message_fields(ModelDefinitions.FindModel)
   required = DefaultMessage.required
 
+class VersionMessage(DefaultMessage):
+  resource_fields = gen_message_fields(ModelDefinitions.VersionModel)
+  required = DefaultMessage.required
+
 # region Swagger Doc
 @swagger.model
 @swagger.nested(

diff --git a/cairis/tools/ModelDefinitions.py b/cairis/tools/ModelDefinitions.py
@@ -1013,6 +1013,14 @@ class FindModel(object):
   required = list(resource_fields.keys())
   required.remove(obj_id_field)
 
+class VersionModel(object):
+  resource_fields = {
+    obj_id_field: fields.String,
+    'theVersion': fields.String
+  }
+  required = list(resource_fields.keys())
+  required.remove(obj_id_field)
+
 @swagger.model
 class AssetAssociationModel(object):
   resource_fields = {

diff --git a/cairis/web/dist/js/cairis/about.js b/cairis/web/dist/js/cairis/about.js
@@ -0,0 +1,44 @@
+/*  Licensed to the Apache Software Foundation (ASF) under one
+    or more contributor license agreements.  See the NOTICE file
+    distributed with this work for additional information
+    regarding copyright ownership.  The ASF licenses this file
+    to you under the Apache License, Version 2.0 (the
+    "License"); you may not use this file except in compliance
+    with the License.  You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+    Unless required by applicable law or agreed to in writing,
+    software distributed under the License is distributed on an
+    "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+    KIND, either express or implied.  See the License for the
+    specific language governing permissions and limitations
+    under the License.
+
+    Authors: Shamal Faily */
+
+'use strict';
+
+$("#aboutClick").click(function(e){
+  e.preventDefault();
+  $.ajax({
+    type: "GET",
+    dataType: "json",
+    accept: "application/json",
+    data: {
+      session_id: String($.session.get('sessionID'))
+    },
+    crossDomain: true,
+    url: serverIP + "/api/version",
+    success: function (data) {
+      $('#theVersion').text('Version ' + data);
+      $('#cairisVersion').modal('show');
+    },
+    error: function (xhr, textStatus, errorThrown) {
+      var error = JSON.parse(xhr.responseText);
+      showPopup(false, String(error.message));
+      debugLogger(String(this.url));
+      debugLogger("error: " + xhr.responseText +  ", textstatus: " + textStatus + ", thrown: " + errorThrown);
+    }
+  });
+});
diff --git a/cairis/web/index.html b/cairis/web/index.html
@@ -58,6 +58,7 @@
           <li class="dropdown messages-menu">
             <a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button"><span class="glyphicon glyphicon-book"></span> System<span class="caret"></span></a>
             <ul class="dropdown-menu">
+              <li><a id="aboutClick" href="#">About</a></li>
               <li><a id="newDatabaseClick" href="#">New Database</a></li>
               <li><a id="openClick" href="#">Open Database</a></li>
               <li><a id="deleteClick" href="#">Delete Database</a></li>
@@ -1080,7 +1081,6 @@ <h4 class="modal-title">Add Interface</h4>
     </div>
   </div>
   </div>
-
   <div class="modal fade" id="unsupportedModal" role="dialog">
     <div class="modal-dialog">
       <div class="modal-content">
@@ -1097,6 +1097,19 @@ <h4 class="modal-title">Not available</h4>
       </div>
     </div>
   </div>
+  <div class="modal fade" id="cairisVersion" role="dialog">
+    <div class="modal-dialog">
+      <div class="modal-content">
+        <div class="modal-header">
+          <button type="button" class="close" data-dismiss="modal">&times;</button>
+          <h4 class="modal-title">CAIRIS</h4>
+        </div>
+        <div class="modal-body">
+          <label class="control-label" id="theVersion">Version</label>
+        </div>
+      </div>
+    </div>
+  </div>
   <div class="modal fade" id="noRisksModal" role="dialog">
     <div class="modal-dialog">
       <div class="modal-content">
@@ -1404,7 +1417,7 @@ <h4 class="modal-title" id="showDirectoryDialogTitle" >Introduce from directory<
   <script>
     LazyLoad.js(["dist/js/cairis/Cairis-UI.js","dist/js/cairis/buttonclicks.js", "dist/js/cairis/Cairis.js", "dist/js/cairis/readFile.js",
         "dist/js/cairis/threats.js", "dist/js/cairis/attackers.js", "dist/js/cairis/personas.js", "dist/js/cairis/templateassets.js","dist/js/cairis/templaterequirements.js","dist/js/cairis/templategoals.js","dist/js/cairis/goals.js", "dist/js/cairis/projectSettings.js", "dist/js/cairis/tasks.js", "dist/js/cairis/domainproperties.js", "dist/js/cairis/obstacles.js", "dist/js/cairis/countermeasures.js", "dist/js/cairis/usecases.js","dist/js/cairis/vulnerabilities.js","dist/js/cairis/architecturalpatterns.js","dist/js/cairis/requirements.js","dist/js/cairis/assets.js",
-        "dist/js/cairis/risks.js", "dist/js/cairis/fileImport.js", "dist/js/cairis/fileExport.js", "dist/js/cairis/responses.js","dist/js/cairis/dependencies.js","dist/js/cairis/genDoc.js","dist/js/cairis/findobjt.js","dist/js/cairis/externaldocuments.js","dist/js/cairis/documentreferences.js","dist/js/cairis/personacharacteristics.js","dist/js/cairis/taskcharacteristics.js","dist/js/cairis/homeSettings.js","dist/js/cairis/roles.js","dist/js/cairis/environments.js","dist/js/cairis/valuetypes.js","dist/js/cairis/locations.js","dist/js/cairis/traceability.js","dist/js/cairis/chernoff.js","dist/js/cairis/conceptreferences.js","dist/js/cairis/securitypatterns.js","dist/js/cairis/dataflows.js","dist/js/cairis/trustboundaries.js",
+        "dist/js/cairis/risks.js", "dist/js/cairis/fileImport.js", "dist/js/cairis/fileExport.js", "dist/js/cairis/responses.js","dist/js/cairis/dependencies.js","dist/js/cairis/genDoc.js","dist/js/cairis/findobjt.js","dist/js/cairis/externaldocuments.js","dist/js/cairis/documentreferences.js","dist/js/cairis/personacharacteristics.js","dist/js/cairis/taskcharacteristics.js","dist/js/cairis/homeSettings.js","dist/js/cairis/roles.js","dist/js/cairis/environments.js","dist/js/cairis/valuetypes.js","dist/js/cairis/locations.js","dist/js/cairis/traceability.js","dist/js/cairis/chernoff.js","dist/js/cairis/conceptreferences.js","dist/js/cairis/securitypatterns.js","dist/js/cairis/dataflows.js","dist/js/cairis/trustboundaries.js","dist/js/cairis/about.js",
         "dist/js/cairis/SVGhandler.js","dist/js/objects/jsonDefaultObjects.js","dist/js/cairis/assetassociations.js","dist/js/cairis/trello.js"], function () {
       console.log('Ready');
     });

diff --git a/docs/index.rst b/docs/index.rst
@@ -37,6 +37,7 @@ CAIRIS documentation
    configurable
    searching
    gendoc
+   troubleshooting
 
 
 Indices and tables

diff --git a/docs/troubleshooting.rst b/docs/troubleshooting.rst
@@ -0,0 +1,6 @@
+Troubleshooting
+===============
+
+If you experience any problems using CAIRIS then please raise an issue in GitHub.
+
+When raising an issue, please provide the version of CAIRIS you are using.  You can find this by clicking on the System/About menu.