diff --git a/pytm/pytm.py b/pytm/pytm.py index aaae8ce3..f42fee08 100644 --- a/pytm/pytm.py +++ b/pytm/pytm.py @@ -609,6 +609,8 @@ class TM: _flows = [] _elements = [] + _actors = [] + _assets = [] _threats = [] _boundaries = [] _data = [] @@ -645,6 +647,8 @@ def __init__(self, name, **kwargs): def reset(cls): cls._flows = [] cls._elements = [] + cls._actors = [] + cls._assets = [] cls._threats = [] cls._boundaries = [] cls._data = [] @@ -869,6 +873,8 @@ def report(self, template_path): "threats": TM._threats, "findings": self.findings, "elements": TM._elements, + "assets": TM._assets, + "actors": TM._actors, "boundaries": TM._boundaries, "data": TM._data, } @@ -1237,6 +1243,9 @@ class Asset(Element): OS = varString("") providesIntegrity = varBool(False) + def __init__(self, name, **kwargs): + super().__init__(name, **kwargs) + TM._assets.append(self) class Lambda(Asset): """A lambda function running in a Function-as-a-Service (FaaS) environment""" @@ -1404,6 +1413,7 @@ class Actor(Element): def __init__(self, name, **kwargs): super().__init__(name, **kwargs) + TM._actors.append(self) class Process(Asset): diff --git a/tests/output.json b/tests/output.json index 6ba40ae7..9246faaa 100644 --- a/tests/output.json +++ b/tests/output.json @@ -1,4 +1,260 @@ { + "actors": [ + { + "__class__": "Actor", + "authenticatesDestination": false, + "checksDestinationRevocation": false, + "data": [], + "description": "", + "findings": [], + "inBoundary": "Internet", + "inScope": true, + "inputs": [ + "Show comments (*)" + ], + "isAdmin": false, + "levels": [ + 0 + ], + "maxClassification": "Classification.UNKNOWN", + "name": "User", + "outputs": [ + "User enters comments (*)" + ], + "overrides": [], + "port": -1, + "protocol": "", + "providesIntegrity": false + } + ], + "assets": [ + { + "OS": "", + "__class__": "Server", + "authenticatesDestination": false, + "authenticatesSource": false, + "authenticationScheme": "", + "authorizesSource": false, + "checksDestinationRevocation": false, + "checksInputBounds": false, + "data": [], + "definesConnectionTimeout": false, + "description": "", + "disablesDTD": false, + "encodesHeaders": false, + "encodesOutput": false, + "findings": [], + "handlesResourceConsumption": false, + "handlesResources": false, + "hasAccessControl": false, + "implementsAuthenticationScheme": false, + "implementsCSRFToken": false, + "implementsNonce": false, + "implementsPOLP": false, + "implementsServerSideValidation": false, + "implementsStrictHTTPValidation": false, + "inBoundary": null, + "inScope": true, + "inputs": [ + "User enters comments (*)", + "Retrieve comments" + ], + "invokesScriptFilters": false, + "isEncrypted": false, + "isHardened": false, + "isResilient": false, + "levels": [ + 0 + ], + "maxClassification": "Classification.UNKNOWN", + "name": "Web Server", + "onAWS": false, + "outputs": [ + "Insert query with comments", + "Call func", + "Show comments (*)" + ], + "overrides": [], + "port": -1, + "protocol": "", + "providesConfidentiality": false, + "providesIntegrity": false, + "sanitizesInput": false, + "usesCache": false, + "usesCodeSigning": false, + "usesEncryptionAlgorithm": "", + "usesEnvironmentVariables": false, + "usesLatestTLSversion": false, + "usesSessionTokens": false, + "usesStrongSessionIdentifiers": false, + "usesVPN": false, + "usesXMLParser": false, + "validatesContentType": false, + "validatesHeaders": false, + "validatesInput": false + }, + { + "OS": "", + "__class__": "Lambda", + "authenticatesDestination": false, + "authenticatesSource": false, + "authenticationScheme": "", + "authorizesSource": false, + "checksDestinationRevocation": false, + "checksInputBounds": false, + "data": [], + "definesConnectionTimeout": false, + "description": "", + "encodesOutput": false, + "environment": "", + "findings": [], + "handlesResourceConsumption": false, + "handlesResources": false, + "hasAccessControl": false, + "implementsAPI": false, + "implementsAuthenticationScheme": false, + "implementsNonce": false, + "inBoundary": null, + "inScope": true, + "inputs": [ + "Call func" + ], + "isEncrypted": false, + "isHardened": false, + "levels": [ + 0 + ], + "maxClassification": "Classification.UNKNOWN", + "name": "Lambda func", + "onAWS": true, + "outputs": [], + "overrides": [], + "port": -1, + "protocol": "", + "providesIntegrity": false, + "sanitizesInput": false, + "usesEnvironmentVariables": false, + "validatesInput": false + }, + { + "OS": "", + "__class__": "Process", + "allowsClientSideScripting": false, + "authenticatesDestination": false, + "authenticatesSource": false, + "authenticationScheme": "", + "authorizesSource": false, + "checksDestinationRevocation": false, + "checksInputBounds": false, + "codeType": "Unmanaged", + "data": [], + "definesConnectionTimeout": false, + "description": "", + "disablesiFrames": false, + "encodesOutput": false, + "encryptsCookies": false, + "encryptsSessionData": false, + "environment": "", + "findings": [], + "handlesCrashes": false, + "handlesInterruptions": false, + "handlesResourceConsumption": false, + "handlesResources": false, + "hasAccessControl": false, + "implementsAPI": false, + "implementsAuthenticationScheme": false, + "implementsCSRFToken": false, + "implementsCommunicationProtocol": false, + "implementsNonce": false, + "implementsPOLP": false, + "inBoundary": null, + "inScope": true, + "inputs": [], + "isEncrypted": false, + "isHardened": false, + "isResilient": false, + "levels": [ + 0 + ], + "maxClassification": "Classification.UNKNOWN", + "name": "Task queue worker", + "onAWS": false, + "outputs": [ + "Query for tasks" + ], + "overrides": [], + "port": -1, + "protocol": "", + "providesConfidentiality": false, + "providesIntegrity": false, + "sanitizesInput": false, + "tracksExecutionFlow": false, + "usesEnvironmentVariables": false, + "usesMFA": false, + "usesParameterizedInput": false, + "usesSecureFunctions": false, + "usesStrongSessionIdentifiers": false, + "validatesInput": false, + "verifySessionIdentifiers": false + }, + { + "OS": "", + "__class__": "Datastore", + "authenticatesDestination": false, + "authenticatesSource": false, + "authenticationScheme": "", + "authorizesSource": false, + "checksDestinationRevocation": false, + "checksInputBounds": false, + "data": [], + "definesConnectionTimeout": false, + "description": "", + "encodesOutput": false, + "findings": [], + "handlesInterruptions": false, + "handlesResourceConsumption": false, + "handlesResources": false, + "hasAccessControl": false, + "hasWriteAccess": false, + "implementsAuthenticationScheme": false, + "implementsNonce": false, + "implementsPOLP": false, + "inBoundary": "Server/DB", + "inScope": true, + "inputs": [ + "Insert query with comments", + "Query for tasks" + ], + "isEncrypted": false, + "isEncryptedAtRest": false, + "isHardened": false, + "isResilient": false, + "isSQL": true, + "isShared": false, + "levels": [ + 0 + ], + "maxClassification": "Classification.UNKNOWN", + "name": "SQL Database", + "onAWS": false, + "onRDS": false, + "outputs": [ + "Retrieve comments" + ], + "overrides": [], + "port": -1, + "protocol": "", + "providesConfidentiality": false, + "providesIntegrity": false, + "sanitizesInput": false, + "storesLogData": false, + "storesPII": false, + "storesSensitiveData": false, + "usesEncryptionAlgorithm": "", + "usesEnvironmentVariables": false, + "validatesInput": false + } + ], "boundaries": [ { "description": "",