Merge branch 'master' into gsoc-2023

Author: ptechofficial

Development.md

@@ -22,5 +22,5 @@ Run `ng test` to execute the unit tests via [Karma](https://karma-runner.github.
 
 - We follow the coding style defined by [ESLint](https://eslint.org/). 
 - We also use [Prettier](https://prettier.io/docs/en/index.html) as our opinionated code formatter.
-
+- To validate the schemas of the DSOMM yaml files in the IDE, it is recommended to use the VS Code extension [redhat.vscode-yaml](https://marketplace.visualstudio.com/items?itemName=redhat.vscode-yaml). The schemas are stored in /src/assets/YAML/schemas
 

README.md

@@ -10,14 +10,12 @@ Attackers are intelligent and creative, equipped with new technologies and purpo
 
 # Usage
 
-Go to https://dsomm.timo-pagel.de.
+Go to https://dsomm.owasp.org.
 
 * _matrix_ shows the dimensions, subdimensions and activities are described.
-* _Implementation Levels_ can be used to measure the current implementation level by clicking on the specific activities which have been performed.
-* _Ease and Value of Implementation_ is used for the maturity model development to see the ease and value of each activity to be able to compare it with activities within the subdimension and activities from other subdimensions.
-* _Dependenies_ shows the dependencies between activities
-* _Useage_ describes the dimensions
-* _Full Report_ prints all activities to be able to print it
+* _Implementation Levels_ can be used to show the current implementation level by clicking on the specific activities which have been performed (it is recommended to use a gitops-like flow)
+* _Mappings_ Shows mappings to other standards and provides the ability to download an excel sheet
+* _Useage_ describes how to use DSOMM
 
 In this [video](https://www.youtube.com/watch?v=tX9RHZ_O5NU) Timo Pagel describes different strategic approaches for your secure DevOps strategy. The use OWASP DSOMM in combination with [OWASP SAMM](https//owaspsamm.org) is explained.
 

src/app/component/activity-description/activity-description.component.css

@@ -14,4 +14,4 @@
 }
 .teams-implemented-list {
   list-style: none;
-}
+}

src/app/component/activity-description/activity-description.component.html

@@ -10,6 +10,15 @@ <h1>
   </div>
 
   <mat-accordion multi="true">
+    <mat-expansion-panel>
+      <mat-expansion-panel-header>
+        <mat-panel-title>
+          <b>UUID</b>
+        </mat-panel-title>
+      </mat-expansion-panel-header>
+      <p [innerHTML]="currentActivity.uuid"></p>
+    </mat-expansion-panel>
+
     <mat-expansion-panel [expanded]="true">
       <mat-expansion-panel-header>
         <mat-panel-title>

src/app/component/activity-description/activity-description.component.spec.ts

@@ -40,13 +40,22 @@ describe('ActivityDescriptionComponent', () => {
     expect(heading.textContent).toContain(testSubDimension);
   });
 
+  it('check if UUID is being genenrated', () => {
+    const testUUID = '00000000-0000-0000-0000-000000000000';
+    component.currentActivity.uuid = testUUID;
+    fixture.detectChanges();
+    const HTMLElement: HTMLElement = fixture.nativeElement;
+    const contentDisplayedinParagraphTag = HTMLElement.querySelectorAll('p')!;
+    expect(contentDisplayedinParagraphTag[0].textContent).toContain(testUUID);
+  });
+
   it('check if description is being genenrated', () => {
     const testDescription = 'Sample Description';
     component.currentActivity.description = testDescription;
     fixture.detectChanges();
     const HTMLElement: HTMLElement = fixture.nativeElement;
     const contentDisplayedinParagraphTag = HTMLElement.querySelectorAll('p')!;
-    expect(contentDisplayedinParagraphTag[0].textContent).toContain(
+    expect(contentDisplayedinParagraphTag[1].textContent).toContain(
       testDescription
     );
   });
@@ -57,7 +66,7 @@ describe('ActivityDescriptionComponent', () => {
     fixture.detectChanges();
     const HTMLElement: HTMLElement = fixture.nativeElement;
     const contentDisplayedinParagraphTag = HTMLElement.querySelectorAll('p')!;
-    expect(contentDisplayedinParagraphTag[1].textContent).toContain(testRisk);
+    expect(contentDisplayedinParagraphTag[2].textContent).toContain(testRisk);
   });
 
   it('check if measure is being genenrated', () => {
@@ -66,7 +75,7 @@ describe('ActivityDescriptionComponent', () => {
     fixture.detectChanges();
     const HTMLElement: HTMLElement = fixture.nativeElement;
     const contentDisplayedinParagraphTag = HTMLElement.querySelectorAll('p')!;
-    expect(contentDisplayedinParagraphTag[2].textContent).toContain(
+    expect(contentDisplayedinParagraphTag[3].textContent).toContain(
       testMeasure
     );
   });
@@ -77,7 +86,7 @@ describe('ActivityDescriptionComponent', () => {
     fixture.detectChanges();
     const HTMLElement: HTMLElement = fixture.nativeElement;
     const contentDisplayedinParagraphTag = HTMLElement.querySelectorAll('p')!;
-    expect(contentDisplayedinParagraphTag[3].textContent).toContain(
+    expect(contentDisplayedinParagraphTag[4].textContent).toContain(
       testImplementationGuide
     );
   });
@@ -88,7 +97,7 @@ describe('ActivityDescriptionComponent', () => {
     fixture.detectChanges();
     const HTMLElement: HTMLElement = fixture.nativeElement;
     const contentDisplayedinParagraphTag = HTMLElement.querySelectorAll('p')!;
-    expect(contentDisplayedinParagraphTag[6].textContent).toContain(
+    expect(contentDisplayedinParagraphTag[7].textContent).toContain(
       testEvidence
     );
   });
@@ -99,7 +108,7 @@ describe('ActivityDescriptionComponent', () => {
     fixture.detectChanges();
     const HTMLElement: HTMLElement = fixture.nativeElement;
     const contentDisplayedinParagraphTag = HTMLElement.querySelectorAll('p')!;
-    expect(contentDisplayedinParagraphTag[7].textContent).toContain(
+    expect(contentDisplayedinParagraphTag[8].textContent).toContain(
       testAssessment
     );
   });
@@ -110,7 +119,7 @@ describe('ActivityDescriptionComponent', () => {
     fixture.detectChanges();
     const HTMLElement: HTMLElement = fixture.nativeElement;
     const contentDisplayedinParagraphTag = HTMLElement.querySelectorAll('p')!;
-    expect(contentDisplayedinParagraphTag[10].textContent).toContain(
+    expect(contentDisplayedinParagraphTag[11].textContent).toContain(
       testComments
     );
   });
@@ -125,7 +134,7 @@ describe('ActivityDescriptionComponent', () => {
     fixture.detectChanges();
     const HTMLElement: HTMLElement = fixture.nativeElement;
     const contentDisplayedinParagraphTag = HTMLElement.querySelectorAll('p')!;
-    expect(contentDisplayedinParagraphTag[9].textContent).toContain(
+    expect(contentDisplayedinParagraphTag[10].textContent).toContain(
       component.SAMMVersion +
         testSAMM[0] +
         component.ISOVersion +

src/app/component/activity-description/activity-description.component.ts

@@ -16,6 +16,7 @@ export interface activityDescription {
   level: string;
   tags: string[];
   activityName: string;
+  uuid: string;
   description: string;
   risk: string;
   measure: string;
@@ -48,6 +49,7 @@ export class ActivityDescriptionComponent implements OnInit {
     level: '',
     tags: [''],
     activityName: '',
+    uuid: '',
     description: '',
     risk: '',
     measure: '',
@@ -109,6 +111,7 @@ export class ActivityDescriptionComponent implements OnInit {
         data['description'],
         ''
       );
+      this.currentActivity.uuid = this.defineStringValues(data['uuid'], '');
       this.currentActivity.risk = this.defineStringValues(data['risk'], '');
       this.currentActivity.tags = this.defineStringArrayValues(
         data['tags'],
@@ -278,7 +281,6 @@ export class ActivityDescriptionComponent implements OnInit {
     this.accordion.forEach(element => {
       element.openAll();
     });
-    console.log(this.currentActivity.teamsImplemented);
   }
 
   // Close all function

src/app/component/circular-heatmap/circular-heatmap.component.html

@@ -5,7 +5,6 @@
       <div class="overlay-details" [hidden]="!showOverlay">
         <div
           *ngIf="activityDetails; then activityTrue; else activityFalse"></div>
-        <!-- Team Based Assessment -->
         <ng-template #activityTrue>
           <div class="overlay-modal">
             <mat-accordion multi="true" class="overlay-accordion">
@@ -83,8 +82,7 @@ <h2>Nothing to show</h2>
                 </mat-expansion-panel-header>
                 <ng-template matExpansionPanelContent>
                   <ul>
-                    <li
-                      *ngFor="let implement of activityDetails.implementation">
+                    <li *ngFor="let implement of activityDetails.implementation">
                       <a href="{{ implement.url }}">{{ implement.name }}</a>
                     </li>
                   </ul>
@@ -116,9 +114,7 @@ <h2>Nothing to show</h2>
                     Knowledge:
                     {{ activityDetails.difficultyOfImplementation.knowledge }}
                   </p>
-                  <p>
-                    Time: {{ activityDetails.difficultyOfImplementation.time }}
-                  </p>
+                  <p>Time: {{ activityDetails.difficultyOfImplementation.time }}</p>
                   <p>
                     Resources:
                     {{ activityDetails.difficultyOfImplementation.resources }}

src/app/component/circular-heatmap/circular-heatmap.component.ts

@@ -14,7 +14,6 @@ import { from, single } from 'rxjs';
 
 export interface activitySchema {
   activityName: string;
-  // ifActivityDone: boolean;
   teamsImplemented: any;
 }
 
@@ -32,12 +31,13 @@ export interface cardSchema {
   styleUrls: ['./circular-heatmap.component.css'],
 })
 export class CircularHeatmapComponent implements OnInit {
-  maxLevelOfActivitys: number = -1;
+  Routing: string = '/activity-description';
+  maxLevelOfActivities: number = -1;
   showActivityCard: boolean = false;
   cardHeader: string = '';
   cardSubheader: string = '';
   currentDimension: string = '';
-  activitysData: any[] = [];
+  activityData: any[] = [];
   ALL_CARD_DATA: cardSchema[] = [];
   radial_labels: string[] = [];
   YamlObject: any;
@@ -67,7 +67,7 @@ export class CircularHeatmapComponent implements OnInit {
       for (let x in this.YamlObject['strings']['en']['maturity_levels']) {
         var y = parseInt(x) + 1;
         this.radial_labels.push('Level ' + y);
-        this.maxLevelOfActivitys = y;
+        this.maxLevelOfActivities = y;
       }
     });
     // Team Data
@@ -97,7 +97,7 @@ export class CircularHeatmapComponent implements OnInit {
         }
       }
       // console.log(this.segment_labels);
-      for (var l = 0; l < this.maxLevelOfActivitys; l++) {
+      for (var l = 0; l < this.maxLevelOfActivities; l++) {
         var allDimensionNames = Object.keys(this.YamlObject);
         for (var i = 0; i < allDimensionNames.length; i++) {
           var allSubDimensionInThisDimension = Object.keys(
@@ -286,14 +286,12 @@ export class CircularHeatmapComponent implements OnInit {
         break;
       }
     }
-
     this.ALL_CARD_DATA[index]['Activity'][activityIndex]['teamsImplemented'][
       teamKey
     ] =
       !this.ALL_CARD_DATA[index]['Activity'][activityIndex]['teamsImplemented'][
         teamKey
       ];
-
     this.saveState();
     this.reColorHeatmap();
   }
@@ -385,9 +383,10 @@ export class CircularHeatmapComponent implements OnInit {
         console.log('index', _self.ALL_CARD_DATA[index]['Activity']);
         _self.currentDimension = curr.Dimension;
         _self.cardSubheader = curr.Level;
-        _self.activitysData = curr.Activity;
+        _self.activityData = curr.Activity;
         _self.cardHeader = curr.SubDimension;
         _self.showActivityCard = true;
+        //console.log(_self.activityData)
       })
       .on('mouseover', function (d) {
         //console.log(d.toElement.__data__.Name)
@@ -658,12 +657,10 @@ export class CircularHeatmapComponent implements OnInit {
       }
     }
   }
-
   navigate(dim: string, subdim: string, activityName: string) {
     let navigationExtras = {
       dimension: dim,
       subDimension: subdim,
-
       activityName: activityName,
     };
     this.yaml.setURI('./assets/YAML/generated/generated.yaml');
@@ -737,7 +734,6 @@ export class CircularHeatmapComponent implements OnInit {
   ResetIsImplemented() {
     for (var x = 0; x < this.ALL_CARD_DATA.length; x++) {
       if (this.ALL_CARD_DATA[x]['Done%'] > 0) {
-        // this.ALL_CARD_DATA[x]['Done%'] = 0;
         for (var y = 0; y < this.ALL_CARD_DATA[x]['Activity'].length; y++) {
           var currActivityTeamsImplemented =
             this.ALL_CARD_DATA[x]['Activity'][y]['teamsImplemented'];

src/app/component/dependency-graph/dependency-graph.component.ts

@@ -43,10 +43,10 @@ export class DependencyGraphComponent implements OnInit {
     this.yaml.getJson().subscribe(data => {
       this.graphData = { nodes: [], links: [] };
       this.YamlObject = data[this.dimension][this.subDimension];
-      this.populateGraphWithActivitiesCurrentactivityDependsOn(
+      this.populateGraphWithActivitiesCurrentActivityDependsOn(
         this.activityName
       );
-      this.populateGraphWithActivitiesThatDependsOnCurrentactivity(
+      this.populateGraphWithActivitiesThatDependsOnCurrentActivity(
         this.activityName
       );
       //console.log({...this.graphData['nodes']})
@@ -56,41 +56,41 @@ export class DependencyGraphComponent implements OnInit {
     });
   }
 
-  populateGraphWithActivitiesCurrentactivityDependsOn(activity: string): void {
+  populateGraphWithActivitiesCurrentActivityDependsOn(activity: string): void {
     this.checkIfNodeHasBeenGenerated(activity);
     try {
-      var activitysThatCurrenactivityIsDependentOn =
+      var activitysThatCurrenActivityIsDependentOn =
         this.YamlObject[activity]['dependsOn'];
       for (
         var j = 0;
-        j < activitysThatCurrenactivityIsDependentOn.length;
+        j < activitysThatCurrenActivityIsDependentOn.length;
         j++
       ) {
         this.checkIfNodeHasBeenGenerated(
-          activitysThatCurrenactivityIsDependentOn[j]
+          activitysThatCurrenActivityIsDependentOn[j]
         );
         this.graphData['links'].push({
-          source: activitysThatCurrenactivityIsDependentOn[j],
+          source: activitysThatCurrenActivityIsDependentOn[j],
           target: activity,
         });
-        this.populateGraphWithActivitiesCurrentactivityDependsOn(
-          activitysThatCurrenactivityIsDependentOn[j]
+        this.populateGraphWithActivitiesCurrentActivityDependsOn(
+          activitysThatCurrenActivityIsDependentOn[j]
         );
       }
     } catch (e) {
       console.log(e);
     }
     //console.log({...this.graphData['nodes']})
   }
-  populateGraphWithActivitiesThatDependsOnCurrentactivity(activity: string) {
-    var allactivitys = Object.keys(this.YamlObject);
-    for (var i = 0; i < allactivitys.length; i++) {
+  populateGraphWithActivitiesThatDependsOnCurrentActivity(activity: string) {
+    var allActivitys = Object.keys(this.YamlObject);
+    for (var i = 0; i < allActivitys.length; i++) {
       try {
-        if (this.YamlObject[allactivitys[i]]['dependsOn'].includes(activity)) {
-          this.checkIfNodeHasBeenGenerated(allactivitys[i]);
+        if (this.YamlObject[allActivitys[i]]['dependsOn'].includes(activity)) {
+          this.checkIfNodeHasBeenGenerated(allActivitys[i]);
           this.graphData['links'].push({
             source: activity,
-            target: allactivitys[i],
+            target: allActivitys[i],
           });
         }
       } catch {