[feature/BLAZ-202] to dev (#381)

* [BLAZ-202] Only first MTMT is processed and representation is calculated for line boundaries

* [BLAZ-202] Fixed wrong import

* [BLAZ-202] Fixed wrong parent calculation in complex nesting scenarios

* [BLAZ-202] Fixed setuptools-scm problem with last git version

.github/actions/install-startleft/action.yml

@@ -15,7 +15,7 @@ runs:
           python-version: ${{ inputs.python-version }}
 
       - name: Update pip version to 23.0.1
-        run: python -m pip install --upgrade pip==23.0.1
+        run: python -m pip install --use-pep517 --upgrade pip==23.0.1
         shell: bash
 
       - name: Setup Graphviz

otm/otm/trustzone_representation_calculator.py

@@ -9,7 +9,7 @@
 TZ_PADDING = 30
 
 
-def _get_trustzone_components(trustzone_id: str, components: List[Component]):
+def _get_trustzone_components(trustzone_id: str, components: List[Union[Component, Trustzone]]):
     return list(filter(lambda component: component.parent == trustzone_id, components))
 
 
@@ -20,7 +20,7 @@ def _get_first_representation(component: Component):
 def calculate_missing_trustzones_representations(otm: OTM, representation_id):
     for trustzone in otm.trustzones:
         if not trustzone.representations:
-            tz_components = _get_trustzone_components(trustzone.id, otm.components)
+            tz_components = _get_trustzone_components(trustzone.id, otm.trustzones + otm.components)
             TrustZoneRepresentationCalculator(representation_id, trustzone, tz_components).calculate()
 
 

otm/tests/unit/test_trustzone_representation_calculator.py

@@ -70,7 +70,8 @@ def test_calculate_missing_trustzones_representations(self, trustzone_calculator
             calculate_missing_trustzones_representations(otm, REPRESENTATION_ID)
 
         # THEN the components are retrieved for the trustzone_without_representation
-        get_trustzone_components_mock.assert_called_with(trustzone_without_representation.id, trustzone_components)
+        get_trustzone_components_mock.assert_called_with(
+            trustzone_without_representation.id, otm.trustzones + trustzone_components)
 
         # AND the trustzone representation is calculated for the trustzone_without_representation
         trustzone_calculator_mock.assert_called_with(REPRESENTATION_ID,

setup.py

@@ -29,7 +29,7 @@
         'vsdx==0.5.13',
         'python-magic==0.4.27',
         'setuptools==67.8.0',
-        'setuptools-scm==8.0.2',
+        'setuptools-scm==8.1.0',
         'defusedxml==0.7.1',
         'networkx==3.1',
         'dependency-injector==4.41.0',

slp_mtmt/slp_mtmt/mtmt_loader.py

@@ -38,12 +38,12 @@ def __read(self):
         model_ = json_['ThreatModel']
         list_ = model_['DrawingSurfaceList']
         surface_model_ = list_['DrawingSurfaceModel']
-        surface_model_array \
-            = surface_model_ if isinstance(surface_model_, collections.abc.Sequence) else [surface_model_]
+        surface_model_ \
+            = surface_model_[0] if isinstance(surface_model_, collections.abc.Sequence) else surface_model_
 
-        for surface_model in surface_model_array:
-            self.add_borders(surface_model)
-            self.add_lines(surface_model)
+        # Only the first tab of the MTMT file is processed
+        self.add_borders(surface_model_)
+        self.add_lines(surface_model_)
 
         self.add_threats(model_)
         self.know_base = MTMKnowledge(model_['KnowledgeBase'])

slp_mtmt/slp_mtmt/mtmt_parser.py

@@ -11,6 +11,7 @@
 from slp_mtmt.slp_mtmt.parse.mtmt_connector_parser import MTMTConnectorParser
 from slp_mtmt.slp_mtmt.parse.mtmt_threat_parser import MTMThreatParser
 from slp_mtmt.slp_mtmt.parse.mtmt_trustzone_parser import MTMTTrustzoneParser
+from otm.otm.trustzone_representation_calculator import calculate_missing_trustzones_representations
 
 
 class MTMTParser(ProviderParser):
@@ -62,14 +63,17 @@ def __get_mtmt_representations(self) -> list:
 
     def build_otm(self) -> OTM:
         threats, mitigations = self.__get_mtmt_threats_and_mitigations(self.__get_mtmt_components())
+        otm_representations = self.__get_mtmt_representations()
 
         otm = OTMBuilder(self.project_id, self.project_name, EtmType.MTMT) \
-            .add_representations(self.__get_mtmt_representations()) \
+            .add_representations(otm_representations) \
             .add_trustzones(self.__get_mtmt_trustzones()) \
             .add_components(self.__get_mtmt_components()) \
             .add_dataflows(self.__get_mtmt_dataflows()) \
             .add_threats(threats) \
             .add_mitigations(mitigations) \
             .build()
 
+        calculate_missing_trustzones_representations(otm, otm_representations[0].id)
+
         return otm

slp_mtmt/slp_mtmt/parse/mtmt_general_parser.py

@@ -1,3 +1,5 @@
+from typing import Union
+
 from slp_mtmt.slp_mtmt.entity.mtmt_entity_border import MTMBorder
 from slp_mtmt.slp_mtmt.entity.mtmt_entity_line import MTMLine
 from slp_mtmt.slp_mtmt.mtmt_entity import MTMT
@@ -16,7 +18,7 @@ def is_parent(parent, child):
     return False
 
 
-def get_the_child(parents):
+def get_the_child(parents) -> Union[MTMBorder, MTMLine, None]:
     if len(parents) == 0:
         return None
     if len(parents) == 1:
@@ -43,7 +45,7 @@ def __init__(self, source: MTMT, mapping: MTMTMapping, diagram_representation: s
         self.mapping = mapping
         self.diagram_representation = diagram_representation
 
-    def _get_parent(self, border: MTMBorder):
+    def _get_parent(self, border: MTMBorder)  -> Union[MTMBorder, MTMLine, None]:
         parents = []
         for candidate in self.source.borders + self.source.lines:
             if is_parent(candidate, border):

slp_mtmt/slp_mtmt/parse/mtmt_trustzone_parser.py

@@ -45,7 +45,7 @@ def create_trustzone(self, border) -> Trustzone:
             parent_id, parent_type = None, None
         mtmt_type = self.__calculate_otm_type(border)
         if mtmt_type is not None:
-            calculator = TrustzoneRepresentationCalculator(self.diagram_representation, border)
+            calculator = TrustzoneRepresentationCalculator(self.diagram_representation, border, parent)
             representations = calculator.calculate_representation()
             tz = Trustzone(trustzone_id=border.id,
                            name=border.name or border.stencil_name,

slp_mtmt/slp_mtmt/util/component_representation_calculator.py

@@ -5,15 +5,13 @@
 class ComponentRepresentationCalculator(RepresentationCalculator):
 
     def get_position(self) -> (int, int):
-        if isinstance(self.parent, MTMBorder):
-            return self.__get_border_position()
-        return None, None
+        return self.__get_border_position()
 
     def get_size(self) -> (int, int):
         return self.element.width, self.element.height
 
     def __get_border_position(self):
-        if self.parent:
+        if isinstance(self.parent, MTMBorder):
             x = self.element.left - self.parent.left
             y = self.element.top - self.parent.top
         else:

slp_mtmt/slp_mtmt/util/trustzone_representation_calculator.py

@@ -5,14 +5,18 @@
 class TrustzoneRepresentationCalculator(RepresentationCalculator):
 
     def get_position(self) -> (int, int):
-        if isinstance(self.element, MTMBorder):
-            return self.__get_border_position()
-        return None, None
+        if not isinstance(self.element, MTMBorder):
+            return None, None
+
+        return self.__get_relative_position() if isinstance(self.parent, MTMBorder) else self.__get_absolute_position()
 
     def get_size(self) -> (int, int):
         if isinstance(self.element, MTMBorder):
             return self.element.width, self.element.height
         return None, None
 
-    def __get_border_position(self):
+    def __get_absolute_position(self):
         return self.element.left, self.element.top
+
+    def __get_relative_position(self):
+        return self.element.left - self.parent.left, self.element.top - self.parent.top

slp_mtmt/tests/resources/mtmt/MTMT_example_coordinates_1_line_trustzone.otm

@@ -25,6 +25,19 @@
       "id": "acafa4b0-f94d-4077-8a42-74b959bd0796",
       "type": "b61d6911-338d-46a8-9f39-8dcd24abfe91",
       "name": "Cloud",
+      "representations": [{
+        "id": "acafa4b0-f94d-4077-8a42-74b959bd0796-representation",
+        "name": "Cloud Representation",
+        "position": {
+          "x": 734,
+          "y": 88
+        },
+        "representation": "example-project-diagram",
+        "size": {
+          "height": 488,
+          "width": 535
+        }
+      }],
       "risk": {
         "trustRating": 10
       },
@@ -37,6 +50,19 @@
       "id": "c99b79b6-a658-4096-9919-27946d92e23f",
       "type": "6376d53e-6461-412b-8e04-7b3fe2b397de",
       "name": "Generic Trust Line Boundary",
+      "representations": [{
+        "id": "c99b79b6-a658-4096-9919-27946d92e23f-representation",
+        "name": "Generic Trust Line Boundary Representation",
+        "position": {
+          "x": 86,
+          "y": 109
+        },
+        "representation": "example-project-diagram",
+        "size": {
+          "height": 445,
+          "width": 432
+        }
+      }],
       "risk": {
         "trustRating": 10
       },
@@ -54,6 +80,19 @@
       "parent": {
         "trustZone": "acafa4b0-f94d-4077-8a42-74b959bd0796"
       },
+      "representations": [{
+        "id": "53245f54-0656-4ede-a393-357aeaa2e20f-representation",
+        "name": "Accounting PostgreSQL Representation",
+        "position": {
+          "x": 334,
+          "y": 45
+        },
+        "representation": "example-project-diagram",
+        "size": {
+          "height": 82,
+          "width": 82
+        }
+      }],
       "attributes": {
         "Name": "Accounting PostgreSQL",
         "Out Of Scope": "false",
@@ -100,6 +139,19 @@
       "parent": {
         "trustZone": "c99b79b6-a658-4096-9919-27946d92e23f"
       },
+      "representations": [{
+        "id": "6183b7fa-eba5-4bf8-a0af-c3e30d144a10-representation",
+        "name": "Android Representation",
+        "position": {
+          "x": 320,
+          "y": 30
+        },
+        "representation": "example-project-diagram",
+        "size": {
+          "height": 82,
+          "width": 82
+        }
+      }],
       "attributes": {
         "Name": "Android",
         "Out Of Scope": "false",
@@ -135,6 +187,19 @@
       "parent": {
         "trustZone": "acafa4b0-f94d-4077-8a42-74b959bd0796"
       },
+      "representations": [{
+        "id": "5d15323e-3729-4694-87b1-181c90af5045-representation",
+        "name": "Public API v2 Representation",
+        "position": {
+          "x": 31,
+          "y": 155
+        },
+        "representation": "example-project-diagram",
+        "size": {
+          "height": 82,
+          "width": 82
+        }
+      }],
       "attributes": {
         "Name": "Public API v2",
         "Out Of Scope": "false",
@@ -812,6 +877,19 @@
       "parent": {
         "trustZone": "acafa4b0-f94d-4077-8a42-74b959bd0796"
       },
+      "representations": [{
+        "id": "91882aca-8249-49a7-96f0-164b68411b48-representation",
+        "name": "Azure File Storage Representation",
+        "position": {
+          "x": 300,
+          "y": 161
+        },
+        "representation": "example-project-diagram",
+        "size": {
+          "height": 82,
+          "width": 82
+        }
+      }],
       "attributes": {
         "Name": "Azure File Storage",
         "Out Of Scope": "false",
@@ -900,6 +978,19 @@
       "parent": {
         "trustZone": "c99b79b6-a658-4096-9919-27946d92e23f"
       },
+      "representations": [{
+        "id": "91c41c08-87c3-4740-a9fa-a37975717e93-representation",
+        "name": "iOS Representation",
+        "position": {
+          "x": 30,
+          "y": 155
+        },
+        "representation": "example-project-diagram",
+        "size": {
+          "height": 82,
+          "width": 82
+        }
+      }],
       "attributes": {
         "Name": "iOS",
         "Out Of Scope": "false",
@@ -935,6 +1026,19 @@
       "parent": {
         "trustZone": "c99b79b6-a658-4096-9919-27946d92e23f"
       },
+      "representations": [{
+        "id": "40560275-0a84-4e52-b67f-f9008519e608-representation",
+        "name": "Browser Representation",
+        "position": {
+          "x": 313,
+          "y": 333
+        },
+        "representation": "example-project-diagram",
+        "size": {
+          "height": 82,
+          "width": 82
+        }
+      }],
       "attributes": {
         "Name": "Browser",
         "Out Of Scope": "false"
@@ -969,6 +1073,19 @@
       "parent": {
         "trustZone": "acafa4b0-f94d-4077-8a42-74b959bd0796"
       },
+      "representations": [{
+        "id": "b56070fb-682d-4af7-8262-a31064d85ba1-representation",
+        "name": "Web API Representation",
+        "position": {
+          "x": 155,
+          "y": 297
+        },
+        "representation": "example-project-diagram",
+        "size": {
+          "height": 82,
+          "width": 82
+        }
+      }],
       "attributes": {
         "Name": "Web API",
         "Out Of Scope": "false",
@@ -1146,6 +1263,19 @@
       "parent": {
         "trustZone": "acafa4b0-f94d-4077-8a42-74b959bd0796"
       },
+      "representations": [{
+        "id": "07d453bf-8157-4623-a0e9-5107cc3ca0a5-representation",
+        "name": "Azure Storage Representation",
+        "position": {
+          "x": 341,
+          "y": 293
+        },
+        "representation": "example-project-diagram",
+        "size": {
+          "height": 82,
+          "width": 82
+        }
+      }],
       "attributes": {
         "Name": "Azure Storage",
         "Out Of Scope": "false",