diff --git a/Makefile b/Makefile index d3a063bf..2b7801c5 100644 --- a/Makefile +++ b/Makefile @@ -2,14 +2,21 @@ ROOTDIR := $(dir $(abspath $(lastword $(MAKEFILE_LIST)))) SOURCEDIR = docs/ BUILDDIR = docs/_build/ +.PHONY: help +help: + @grep -E '^[a-zA-Z_-]+:.*?## .*$$' $(MAKEFILE_LIST) | awk 'BEGIN {FS = ":.*?## "}; {printf "\033[36m%-30s\033[0m %s\n", $$1, $$2}' | sort + .PHONY: docs -docs: +docs: ## Build Sphinx documentation sphinx-build -M dirhtml "$(SOURCEDIR)" "$(BUILDDIR)" +docs-server: ## Run the Sphinx dev server + sphinx-autobuild -b dirhtml -a "$(SOURCEDIR)" "$(BUILDDIR)" + src/attack_flow_builder/dist/cli.common.js: src/attack_flow_builder/src/cli.ts cd src/attack_flow_builder && env VUE_CLI_SERVICE_CONFIG_PATH="${ROOTDIR}src/attack_flow_builder/vue.cli.config.js" npx vue-cli-service build --target lib --name cli --formats commonjs --no-clean src/cli.ts -docs-examples: src/attack_flow_builder/dist/cli.common.js +docs-examples: src/attack_flow_builder/dist/cli.common.js ## Build example flows mkdir -p docs/extra/corpus cp corpus/*.afb docs/extra/corpus node src/attack_flow_builder/dist/cli.common.js --verbose corpus/*.afb @@ -20,29 +27,26 @@ docs-examples: src/attack_flow_builder/dist/cli.common.js ls -1 corpus/*.json | sed 's/corpus\/\(.*\)\.json/\1/' | xargs -t -I {} mmdc -i "docs/extra/corpus/{}.mmd" -o "docs/extra/corpus/{}.mmd.png" af doc-examples corpus/ docs/example_flows.rst -docs-matrix: +docs-matrix: ## Build the Navigator visualization JS code mkdir -p docs/extra/matrix cp src/matrix-viz/* docs/extra/matrix/ -docs-schema: +docs-schema: ## Build the schema documentation af doc-schema stix/attack-flow-schema-2.0.0.json stix/attack-flow-example.json docs/language.rst -docs-server: - sphinx-autobuild -b dirhtml -a "$(SOURCEDIR)" "$(BUILDDIR)" - -docs-pdf: +docs-pdf: ## Build Sphinx documentation in PDF format. poetry export --dev --without-hashes -f requirements.txt -o docs/requirements.txt docker run --rm -v "$(PWD)/docs":/docs sphinxdoc/sphinx-latexpdf:4.3.1 \ bash -c "pip install -r requirements.txt && sphinx-build -M latexpdf /docs /docs/_build" rm docs/requirements.txt -test: +test: ## Run Python tests pytest --cov=src/ --cov-report=term-missing -test-ci: +test-ci: ## Run Python tests with XML coverage. pytest --cov=src/ --cov-report=xml -validate: src/attack_flow_builder/dist/cli.common.js +validate: src/attack_flow_builder/dist/cli.common.js ## Validate all flows in the corpus. mkdir -p docs/extra/corpus cp corpus/*.afb docs/extra/corpus node src/attack_flow_builder/dist/cli.common.js --verbose corpus/*.afb @@ -50,8 +54,8 @@ validate: src/attack_flow_builder/dist/cli.common.js stix/attack-flow-example.json \ corpus/*.json -docker-build: +docker-build: ## Build the Docker image. docker build . -t attack-flow-builder:latest -docker-run: +docker-run: ## Run the Docker image. docker run --rm -p 8080:80 attack-flow-builder:latest diff --git a/src/attack_flow/graphviz.py b/src/attack_flow/graphviz.py index fcd63d01..c7205dde 100644 --- a/src/attack_flow/graphviz.py +++ b/src/attack_flow/graphviz.py @@ -1,4 +1,5 @@ import html +import logging import textwrap import graphviz @@ -11,6 +12,9 @@ ) +logger = logging.getLogger(__name__) + + def label_escape(text): return graphviz.escape(html.escape(text)) @@ -28,6 +32,7 @@ def convert(bundle): ignored_ids = get_viz_ignored_ids(bundle) for o in bundle.objects: + logger.debug("Processing object id=%s", o.id) if o.type == "attack-action": gv.node( o.id, diff --git a/src/attack_flow/model.py b/src/attack_flow/model.py index 3e5fb753..71a3e8f7 100644 --- a/src/attack_flow/model.py +++ b/src/attack_flow/model.py @@ -5,7 +5,7 @@ sure how best to refactor: generate JSON schema from this code, or generate this code from the JSON scheme? """ -from stix2 import CustomObject, parse +from stix2 import Bundle, CustomObject, parse from stix2.properties import ListProperty, ReferenceProperty, StringProperty ATTACK_FLOW_EXTENSION_ID = "extension-definition--fb9c968a-745b-4ade-9b25-c324172197f4" @@ -136,6 +136,12 @@ def load_attack_flow_bundle(path): """ with path.open() as f: bundle = parse(f, allow_custom=True) + # The STIX library will not parse unknown objects; it just returns them as dict. We should + # throw an error since it will break downstream code that expects real STIX objects. + if isinstance(bundle, Bundle): + for o in bundle.objects: + if type(o) == dict: + raise Exception("This object could not be parsed into STIX: %s", o) return bundle diff --git a/src/attack_flow_builder/src/assets/configuration/builder.config.publisher.ts b/src/attack_flow_builder/src/assets/configuration/builder.config.publisher.ts index 9ed3422d..06460dee 100644 --- a/src/attack_flow_builder/src/assets/configuration/builder.config.publisher.ts +++ b/src/attack_flow_builder/src/assets/configuration/builder.config.publisher.ts @@ -70,6 +70,7 @@ const AttackFlowTemplatesMap: Map ["condition", "attack-condition"], ["or", "attack-operator"], ["and", "attack-operator"], + ["email_address", "email-addr"], ]); diff --git a/tests/test_schema.py b/tests/test_schema.py index b207af24..749be6f8 100644 --- a/tests/test_schema.py +++ b/tests/test_schema.py @@ -311,13 +311,8 @@ def test_cannot_validate_unknown_type(): ] with temporary_flow_file(flow_json) as flow_path: - result = validate_doc(flow_path) - # assert result.success - assert len(result.messages) == 1 - assert ( - str(result.messages[0]) - == "[warning] Cannot validate objects of type: foobar" - ) + with pytest.raises(Exception): + result = validate_doc(flow_path) def test_invalid_ref():