flowstrider.converters package

Submodules

flowstrider.converters.dfd_to_dot_converter module

flowstrider.converters.dfd_to_dot_converter.cluster_to_dot(cluster: Cluster, dfd: DataflowDiagram, relationships: dict) str[source]
takes a cluster object and generates dot string. recursively includes

nested clusters

Parameters:

  • cluster – the cluster to be converted to dot

  • dfd – the dataflow diagram to which the cluster belongs (needed to get node and child cluster objects)

  • relationships – possible child clusters to be added recursively

Returns:

the dot representation of the cluster(s) as a string

flowstrider.converters.dfd_to_dot_converter.dataflow_to_dot(edge: Edge) str[source]

takes an edge object and generates dot string

Parameters:

edge – the edge to be converted to dot

Returns:

the dot representation of the edge as a string

flowstrider.converters.dfd_to_dot_converter.deserialized_dfd_to_dot(dfd: DataflowDiagram) str[source]
takes dfd object as input and creates a dot representation (as string)

which can be rendered as PNG file

Parameters:

dfd – the dataflow diagram to be converted to dot format

Returns:

the dot representation of the dfd as a string

flowstrider.converters.dfd_to_dot_converter.format_attributes(attributes: dict) str[source]
takes metadata of an entity and formats it in a more human-readable format

(helpful for the SVG representation where a metadata tooltip can be added)

Parameters:

attributes – the metadata dictionary of an entity (node, edge, cluster)

Returns:

the formatted attributes to be added to the dot string of the entity

flowstrider.converters.dfd_to_dot_converter.node_to_dot(node: Node) str[source]

takes a node object and generates dot string

Parameters:

node – the node to be converted to dot

Returns:

the dot representation of the node as a string

flowstrider.converters.dfd_to_dot_converter.render_dfd(dfd: DataflowDiagram) int[source]

Renders a given dataflow diagram as a PNG file (or SVG)

Parameters:

dfd – the dataflowdiagram to be rendered

flowstrider.converters.dfd_to_dot_converter.text_length_warning(id: str)[source]
flowstrider.converters.dfd_to_dot_converter.wrap_text(text_to_wrap: str, max_line_char_length: int = 80, include_hyphen: bool = True) str[source]

Inserts line breaks in the given string to fit the given maximum character length per line

Parameters:

  • text_to_wrap – the text that is being wrapped

  • max_line_char_length – number of characters that will be allowed in one line

  • include_hyphen – if hyphen are used to indicate that a long word continues on the next line; set to False for hyperlinks!

Returns:

wrapped version of the input text up to the maximum char length per line as a string with line breaks

flowstrider.converters.metadata_xlsx_converter module

flowstrider.converters.metadata_xlsx_converter.determine_type(entity) str[source]
flowstrider.converters.metadata_xlsx_converter.metadata_check(dfd: DataflowDiagram, output_path: Path)[source]
Generates an xlsx file highlighting missing metadata

that would be helpful to add to a dataflowdiagram

Parameters:

dfd – the dataflowdiagram for which the metadata overview should be generated

flowstrider.converters.metadata_xlsx_converter.parse_value(value)[source]
Helper method when updating a dfd.json file from an xlsx file.

Is given the value from a cell and attempts to parse it. Especially relevant to parse lists properly.

Parameters:

value – the value from a specific cell

Returns:

the parsed value where more complex parsing is necessary. Otherwise returns unparsed value

flowstrider.converters.metadata_xlsx_converter.update_dfd_json_from_xlsx(dfd: DataflowDiagram, xlsx_file) DataflowDiagram[source]
Updates the metadata of a given dfd from a given xlsx file

Changes to the dfd are saved to the json file of it

Parameters:

  • dfd – the dfd that should be updated with new metadata

  • xlsx_file – file from which metadata is taken

Returns:

updated dfd

flowstrider.converters.threats_formatter module

class flowstrider.converters.threats_formatter.ThreatGroup(name: str, threats_by_source_and_severity: Dict[Tuple[str, float], List[Threat]])[source]

Bases: object

One group holding its threats

name

the name of the group used for displaying

Type:

str

threats_by_source_and_severity

all threats in this group, all grouped to the corresponding combination of source and severity they belong to

Type:

Dict[Tuple[str, float], List[flowstrider.models.threat.Threat]]

name: str
threats_by_source_and_severity: Dict[Tuple[str, float], List[Threat]]
class flowstrider.converters.threats_formatter.ThreatsInfoContainer(info_strings: Dict[str, str], threat_groups: Dict[str, ThreatGroup], sources_occurences: Dict[str, int])[source]

Bases: object

Container for the sorted and grouped threats and some associated data.

info_strings

Strings to be printed containing general information about the threats

Type:

Dict[str, str]

threat_groups

A dictionary holding all the threat groups

Type:

Dict[str, flowstrider.converters.threats_formatter.ThreatGroup]

sources_occurences

How often each single source occurs

Type:

Dict[str, int]

info_strings: Dict[str, str]
sources_occurences: Dict[str, int]
threat_groups: Dict[str, ThreatGroup]
flowstrider.converters.threats_formatter.format_threats(dfd: DataflowDiagram, threats: List[Threat], threat_management_db: ThreatManagementDatabase, filters: List[str], sort: str, group: str) ThreatsInfoContainer[source]

This function gets the raw unordered threats and sorts, orders and filters them. Some associated data is also being calculated. The results are used by the cmd output and the PDF generation.

Parameters:

  • dfd – the dataflowdiagram from which the threats were generated

  • threats – generated threats

  • threat_management_db – management data for the generated threats

  • filters – list of filters that are used to filter the threats

  • sort – by which parameter the threats are going to be sorted

  • group – by which parameter the threats are going to be grouped

Returns:

Container holding the filtered, sorted and grouped threats as well as strings with information about the threats that are going to be used for the console and the PDF report

flowstrider.converters.threats_formatter.threats_apply_filters(dfd: DataflowDiagram, threats: List[Threat], threat_management_db: ThreatManagementDatabase, filters: List[str]) Tuple[List[Threat], str][source]

Parse cmd filters and apply to list of threats

Parameters:

  • dfd – the dataflowdiagram in which the threats were generated

  • threats – the generated threats

  • threat_management_db – management database for generated threats

  • filters – list of filters to be applied to the threats

Returns:

Tuple with list of the threats that are left after the filters were applied and a string containing the applied filters

flowstrider.converters.threats_formatter.threats_group(dfd: DataflowDiagram, threats: List[Threat], threat_management_db: ThreatManagementDatabase, grouping_criteria: str) Tuple[Dict[str, ThreatGroup], Dict[str, int]][source]

Parse cmd grouping_criteria and group the threats

Parameters:

  • dfd – the dataflowdiagram in which the threats were generated

  • threats – the generated threats

  • threat_management_db – management database for generated threats

  • grouping_criteria – the criteria by which the threats will be grouped

Returns:

Dictionary containing each threat group with the name and a list of all threats in that group and a dictionary containing a 0 for each source that appears only once and a 1 for sources appearing more than once

flowstrider.converters.threats_formatter.threats_sort(dfd: DataflowDiagram, threats: List[Threat], sort_criteria: str) List[Threat][source]

Parse cmd sorting criteria and sort the threats

Parameters:

  • dfd – the dataflowdiagram in which the threats were generated

  • threats – the generated threats

  • sort_criteria – the sorting criteria (divided by comma if multiple)

Returns:

List of all the threats in sorted order

flowstrider.converters.threats_to_file_converter module

class flowstrider.converters.threats_to_file_converter.PDF(orientation: str | PageOrientation = PageOrientation.PORTRAIT, unit: str | float = 'mm', format: str | tuple[float, float] = 'A4', font_cache_dir: Literal['DEPRECATED'] = 'DEPRECATED', *, enforce_compliance: str | DocumentCompliance | None = None)[source]

Bases: FPDF

add_row(left_value: str, right_value: str, left_width: int = 40)[source]

Method to add two cells next to each other with content dependent sizing

add_table_h_line()[source]

Adds a horizontal line to the pdf for use in tables (needed because the cell borders work differently in fpdf2 than in fpdf, they are repeated on a new page)

footer()[source]

Footer to be implemented in your own inherited class.

This is automatically called by FPDF.add_page() and FPDF.output() and should not be called directly by the user application. The default implementation performs nothing: you have to override this method in a subclass to implement your own rendering logic.

get_string_line_count(input: str, width: int) int[source]

Returns number of lines a given string would need to be displayed in a column of given width

page: int

Setting the page manually may result in unexpected behavior. pdf.add_page() takes special care to ensure the page’s content stream matches FPDF’s instance attributes. Manually setting the page does not.

Type:

Note

flowstrider.converters.threats_to_file_converter.create_threats_pdf(dfd: DataflowDiagram, threat_management_database: ThreatManagementDatabase, threats_info_holder: ThreatsInfoContainer, dfd_path: Path, management_path: Path | None, output_path: Path, quiet: bool)[source]
Generates a pdf report with all generated threats for a dfd

and the graphviz visualisation if apllicable

Parameters:

  • dfd – the dataflowdiagram for which the threats were generated

  • threats_management_database – management data for the threats

  • threats_info_holder – strings to print and formatted strings

  • output_path – path to save the pdf to

Module contents