make tool type have rule ids, similar to standard sections (#245)

* make tool type have rule ids, similar to standard sections

* linting

* lint

Makefile

@@ -81,7 +81,7 @@ import-all:
 	make migrate-upgrade
 	export FLASK_APP=$(CURDIR)/cre.py
 	python cre.py --add --from_spreadsheet https://docs.google.com/spreadsheets/d/1eZOEYgts7d_-Dr-1oAbogPfzBLh6511b58pX3b59kvg/edit#gid=260321921 
-	python cre.py --zap_in --cheatsheets_in --github_tools_in  --capec_in --csa_ccm_v4_in
+	python cre.py --zap_in --cheatsheets_in --github_tools_in  --capec_in --csa_ccm_v4_in --iso_27001_in
 
 
 all: clean lint test dev dev-run

application/database/db.py

@@ -574,7 +574,6 @@ def __get_nodes_query__(
                 query = query.filter(Node.description == description)
             else:
                 query = query.filter(Node.description.like(description))
-
         return query
 
     def get_CREs(
@@ -1161,6 +1160,7 @@ def dbNodeFromTool(tool: cre_defs.Node) -> Node:
         ntype=tool.doctype.value,
         description=tool.description,
         link=tool.hyperlink,
+        section=tool.ruleID,
     )
 
 
@@ -1189,6 +1189,7 @@ def nodeFromDB(dbnode: Node) -> cre_defs.Node:
             tags=tags,
             description=dbnode.description,
             tooltype=ttype,
+            ruleID=dbnode.section,
         )
     elif dbnode.ntype == cre_defs.Code.__name__:
         return cre_defs.Code(

application/defs/cre_defs.py

@@ -399,6 +399,7 @@ def __eq__(self, other: object) -> bool:
 
 @dataclass
 class Tool(Node):
+    ruleID: str = ""
     tooltype: ToolTypes = ToolTypes.Unknown
     doctype: Credoctypes = Credoctypes.Tool
 
@@ -412,6 +413,7 @@ def __eq__(self, other: object) -> bool:
     def todict(self) -> Dict[str, Any]:
         res = super().todict()
         res["tooltype"] = self.tooltype.value + ""
+        res["ruleID"] = self.ruleID
         return res
 
     def __hash__(self) -> int:

application/frontend/src/components/DocumentNode/DocumentNode.tsx

@@ -3,13 +3,12 @@ import './documentNode.scss';
 import axios from 'axios';
 import React, { FunctionComponent, useContext, useEffect, useMemo, useState } from 'react';
 import { Link, useHistory } from 'react-router-dom';
-import { Button } from 'semantic-ui-react';
 
 import {
+  DOCUMENT_TYPES,
   DOCUMENT_TYPE_NAMES,
   TYPE_CONTAINS,
   TYPE_IS_PART_OF,
-  TYPE_LINKED_TO,
   TYPE_RELATED,
 } from '../../const';
 import { useEnvironment } from '../../hooks';
@@ -132,7 +131,10 @@ export const DocumentNode: FunctionComponent<DocumentNode> = ({
                 <div className="document-node__link-type-container" key={type}>
                   <div>
                     <span>
-                      {usedNode.doctype}: {usedNode.name} - {usedNode.section}{' '}
+                      {usedNode.doctype}: {usedNode.name} -{' '}
+                      {usedNode.doctype.toLowerCase() === DOCUMENT_TYPES.TYPE_TOOL.toLowerCase()
+                        ? usedNode.ruleID
+                        : usedNode.section}{' '}
                     </span>
                     <b> {DOCUMENT_TYPE_NAMES[type]}</b>:
                   </div>

application/frontend/src/const.ts

@@ -14,6 +14,13 @@ export const DOCUMENT_TYPE_NAMES = {
   [TYPE_RELATED]: 'is related to',
 };
 
+export const DOCUMENT_TYPES = {
+  TYPE_TOOL: 'Tool',
+  TYPE_CRE: 'CRE',
+  TYPE_STANDARD: 'Standard',
+  TYPE_CODE: 'Code',
+};
+
 // Routes
 export const INDEX = '/';
 export const STANDARD = '/standard';

application/frontend/src/hooks/applyFilters.tsx

@@ -26,6 +26,7 @@ const filterLinks = (document: Document, filters: string[]): Document | undefine
       subsection: document.subsection,
       tags: document.tags,
       links: links,
+      ruleID: document.ruleID,
     };
   }
 };

application/frontend/src/pages/CommonRequirementEnumeration/CommonRequirementEnumeration.tsx

@@ -101,7 +101,7 @@ export const CommonRequirementEnumeration = () => {
                     </div>
                   ))}
                 </div>
-            ))}
+              ))}
           </div>
         </>
       )}

application/frontend/src/pages/Deeplink/Deeplink.tsx

@@ -7,13 +7,14 @@ import { useEnvironment } from '../../hooks';
 import { Document } from '../../types';
 
 export const Deeplink = () => {
-  let { type, nodeName, section, subsection, tooltype } = useParams();
+  let { type, nodeName, section, subsection, tooltype, ruleID } = useParams();
   const { apiUrl } = useEnvironment();
   const [loading, setLoading] = useState<boolean>(false);
   const search = useLocation().search;
   section = section ? section : new URLSearchParams(search).get('section');
   subsection = subsection ? subsection : new URLSearchParams(search).get('subsection');
   tooltype = tooltype ? tooltype : new URLSearchParams(search).get('tooltype');
+  ruleID = ruleID ? ruleID : new URLSearchParams(search).get('ruleID');
   if (!type) {
     // Backwards compatible fix, the url used to be /deeplink/:nodename, new url is /deeplink/:type/:nodename
     type = 'Standard';
@@ -23,7 +24,8 @@ export const Deeplink = () => {
     `${apiUrl}/${type}/${nodeName}` +
     (section != null ? `?section=${section}&` : '') +
     (subsection != null ? `subsection=${subsection}&` : '') +
-    (tooltype != null ? `tooltype=${tooltype}&` : '');
+    (tooltype != null ? `tooltype=${tooltype}&` : '') +
+    (ruleID != null ? `ruleID=${ruleID}&` : '');
 
   const { error, data, refetch } = useQuery<{ standards: Document[] }, string>(
     'deeplink',

application/frontend/src/pages/Graph/Graph.tsx

@@ -19,6 +19,7 @@ import { useParams } from 'react-router-dom';
 import { FlowNode } from 'typescript';
 
 import { LoadingAndErrorIndicator } from '../../components/LoadingAndErrorIndicator';
+import { DOCUMENT_TYPES } from '../../const';
 import { useEnvironment } from '../../hooks';
 import { Document, LinkedDocument } from '../../types';
 
@@ -50,9 +51,9 @@ const documentToReactFlowNode = (cDoc: Document | any): CREGraph => {
 
   if (cDoc.links) {
     for (let link of cDoc.links) {
-      const { id, doctype, hyperlink, name, section, subsection } = link.document;
+      const { id, doctype, hyperlink, name, section, subsection, ruleID } = link.document;
       const unique_node_id = id || section || name;
-      const node_label = name + ' - ' + section || id;
+      const node_label = name + ' - ' + doctype === DOCUMENT_TYPES.TYPE_TOOL ? ruleID : section || id;
       let node = {
         id: unique_node_id,
         type: doctype,

application/frontend/src/pages/Standard/StandardSection.tsx

@@ -7,7 +7,7 @@ import { Pagination } from 'semantic-ui-react';
 
 import { DocumentNode } from '../../components/DocumentNode';
 import { LoadingAndErrorIndicator } from '../../components/LoadingAndErrorIndicator';
-import { DOCUMENT_TYPE_NAMES } from '../../const';
+import { DOCUMENT_TYPES, DOCUMENT_TYPE_NAMES, TOOL } from '../../const';
 import { useEnvironment } from '../../hooks';
 import { Document } from '../../types';
 import { groupLinksByType } from '../../utils';
@@ -68,7 +68,10 @@ export const StandardSection = () => {
               Object.entries(linksByType).map(([type, links]) => (
                 <div className="cre-page__links" key={type}>
                   <div className="cre-page__links-header">
-                    {document.doctype}: {document.name} - {document.section}{' '}
+                    {document.doctype}: {document.name} -{' '}
+                    {document.doctype.toLowerCase() === DOCUMENT_TYPES.TYPE_TOOL.toLowerCase()
+                      ? document.ruleID
+                      : document.section}{' '}
                     <b>{DOCUMENT_TYPE_NAMES[type]}</b>:
                   </div>
                   {links.map((link, i) => (

application/frontend/src/types.ts

@@ -12,6 +12,7 @@ export interface Document {
   subsection?: string;
   tags?: string[];
   tooltype?: string;
+  ruleID?: string;
 }
 export interface LinkedDocument {
   document: Document;

application/frontend/src/utils/document.ts

@@ -3,23 +3,25 @@ import { Document, LinkedDocument } from '../types';
 
 export const getDocumentDisplayName = (document: Document) =>
   // [document.doctype, document.id, document.name, document.section, document.subsection].filter(Boolean).join(' - '); // format: Standard - ASVS - V1.1
-  [document.id, document.name, document.section, document.subsection].filter(Boolean).join(' - '); // format: ASVS - V1.1
+  [document.id, document.name, document.section, document.subsection, document.ruleID]
+    .filter(Boolean)
+    .join(' - '); // format: ASVS - V1.1
 
 export type LinksByType = Record<string, LinkedDocument[]>;
 
 export const groupLinksByType = (node: Document): LinksByType =>
   node.links ? groupBy(node.links, (link) => link.ltype) : {};
 
 export const orderLinksByType = (lbt: LinksByType): LinksByType => {
-  const order = ["Contains", "Linked To","SAME", "SAM", "Is Part Of", "Related"]
-  const res: LinksByType = {}
+  const order = ['Contains', 'Linked To', 'SAME', 'SAM', 'Is Part Of', 'Related'];
+  const res: LinksByType = {};
   for (const itm of order) {
     if (lbt[itm]) {
-      res[itm] = lbt[itm]
+      res[itm] = lbt[itm];
     }
   }
-  return res
-}
+  return res;
+};
 export const groupBy = <T, K extends keyof any>(list: T[], getKey: (item: T) => K) =>
   list.reduce((previous, currentItem) => {
     const group = getKey(currentItem);

application/utils/external_project_parsers/zap_alerts_parser.py

@@ -20,7 +20,8 @@ def zap_alert(
     tags.append(id)
     return defs.Tool(
         tooltype=defs.ToolTypes.Offensive,
-        name=f"ZAP Rule: {name}",
+        name=f"ZAP Rule",
+        ruleID=name,
         description=description,
         tags=tags,
         hyperlink=code,

cres/Do_not_expose_data_through_API_URLs.yaml

@@ -8,13 +8,13 @@ links:
   ltype: Contains
 - document:
     doctype: CRE
-    id: 118-110
-    name: API/web services
+    id: 486-813
+    name: Configuration
   ltype: Related
 - document:
     doctype: CRE
-    id: 486-813
-    name: Configuration
+    id: 118-110
+    name: API/web services
   ltype: Related
 - document:
     doctype: Standard

cres/Mutually_authenticate_application_components._Minimize_privileges.yaml

@@ -8,13 +8,13 @@ links:
   ltype: Contains
 - document:
     doctype: CRE
-    id: 155-155
-    name: Architecture
+    id: 724-770
+    name: '>>Authorized access'
   ltype: Related
 - document:
     doctype: CRE
-    id: 724-770
-    name: '>>Authorized access'
+    id: 155-155
+    name: Architecture
   ltype: Related
 - document:
     doctype: Standard

cres/Sandbox,_containerize_and-or_isolate_applications_at_the_network_level.yaml

@@ -10,13 +10,13 @@ links:
   ltype: Contains
 - document:
     doctype: CRE
-    id: 155-155
-    name: Architecture
+    id: 836-068
+    name: Deserialization Prevention
   ltype: Related
 - document:
     doctype: CRE
-    id: 836-068
-    name: Deserialization Prevention
+    id: 155-155
+    name: Architecture
   ltype: Related
 - document:
     doctype: Standard