v1.8.0

SecurityRiskAdvisors · Dec 5, 2024 · 95b548f · 95b548f
1 parent cfa3807
commit 95b548f
Show file tree

Hide file tree

Showing 8 changed files with 79 additions and 39 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,12 @@
 ***
 
+# Version 1.8.0 - December 2024
+
+- Added support for Blueprint overrides to Darkpool
+- Fixed prerequisites list in Darkpool
+
+***
+
 # Version 1.7.2 - November 2024
 
 - Added back scoping check

diff --git a/dist/marketmaker-1.7.2-py3-none-any.whl → dist/marketmaker-1.8.0-py3-none-any.whl b/dist/marketmaker-1.7.2-py3-none-any.whl → dist/marketmaker-1.8.0-py3-none-any.whl
diff --git a/libmm/scripts/mmdarkpool.py b/libmm/scripts/mmdarkpool.py
@@ -149,7 +149,10 @@ def render_variant_listing(variants: List[Variant]):
     vars:
     - all_variants
     """
-    return jinja_env.get_template(Templates.Variants).render(all_variants=variants)
+    grouped = {}
+    for variant in variants:
+        grouped.setdefault(variant.tid, []).append(variant.render())
+    return jinja_env.get_template(Templates.Variants).render(grouped_variants=grouped)
 
 
 def render_blueprint_listing(latest_blueprints: List[LatestBlueprintPair], all_blueprints: List[Blueprint]):
@@ -180,8 +183,19 @@ def render_blueprint(
     ):  # type: LinkedData
         data = format_linked_data(row)
         linked_data.setdefault(row.display_name, []).append(data)
+
+    campaigns = []  # list of campaign name, variant pairs
+    for campaign in blueprint.child_campaigns:
+        variants = [variant.render(apply_overrides=True, blueprint_id=blueprint.id) for variant in campaign.variants]
+        pair = campaign.name, variants
+        campaigns.append(pair)
+
     return jinja_env.get_template(Templates.Blueprint).render(
-        latest_blueprints=latest_blueprints, all_blueprints=all_blueprints, blueprint=blueprint, linked_data=linked_data
+        latest_blueprints=latest_blueprints,
+        all_blueprints=all_blueprints,
+        blueprint=blueprint,
+        linked_data=linked_data,
+        campaigns=campaigns,
     )
 
 
@@ -202,6 +216,11 @@ def render_variant(variant: Variant, **kwargs):
         data = format_linked_data(row)
         linked_data.setdefault(row.display_name, []).append(data)
 
+    # do all this before rendering
+    related_variants = session.query(Variant).filter(Variant.tid == variant.tid).all()
+    related_variants = [variant.render() for variant in related_variants]
+    mitre_description = lookup_technique_by_tid(variant.tid)[0].description
+
     # cleanup guidance
     final_guidance = ""
     if variant.guidance:
@@ -213,15 +232,29 @@ def render_variant(variant: Variant, **kwargs):
                 final_guidance += guidance
                 final_guidance += "\n"
 
+    campaigns_grouped = {}
+    if "blueprint" in kwargs:
+        # if a blueprint is provided, we need to apply overrides from that blueprint
+        # to the variant on the blueprint's variant page
+        blueprint: Blueprint = kwargs.get("blueprint")
+        variant = variant.render(apply_overrides=True, blueprint_id=blueprint.id)
+        for campaign in blueprint.child_campaigns:
+            campaigns_grouped[campaign.name] = [
+                v.render(apply_overrides=True, blueprint_id=blueprint.id) for v in campaign.variants
+            ]
+    else:
+        variant = variant.render()
+
     # left-side menu is default all other variants in library that share a TID/
     #   if blueprint is provided, the left-side menu is all variants in that blueprint
     #   grouped by the campaign name
     return jinja_env.get_template(Templates.Variant).render(
         variant=variant,
-        related_variants=session.query(Variant).filter(Variant.tid == variant.tid).all(),
+        related_variants=related_variants,
         linked_data=linked_data,
         guidance=final_guidance,
-        mitre_description=lookup_technique_by_tid(variant.tid)[0].description,
+        mitre_description=mitre_description,
+        campaigns_grouped=campaigns_grouped,
         **kwargs,
     )
 

diff --git a/libmm/scripts/mmdarkpool/templates/blueprint.html.j2 b/libmm/scripts/mmdarkpool/templates/blueprint.html.j2
@@ -128,18 +128,18 @@
                         </div>
                         <div class="message-body">
                             <div class="columns">
-                                {% set campaign_len = blueprint.child_campaigns | list | length | int %}
+                                {% set campaign_len = campaigns | length | int %}
                                 {% set campaign_left = (campaign_len/2)|int + (campaign_len % 2) %}
                                 <div class="column is-half">
                                     <aside class="menu">
-                                    {% for campaign in blueprint.child_campaigns[:campaign_left] %}
+                                    {% for campaign in campaigns[:campaign_left] %}
                                         <details>
-                                            <summary>{{ campaign.name }}</summary>
+                                            <summary>{{ campaign[0] }}</summary>
                                             <ul class="menu-list">
                                                 <li>
                                                     <ul>
-                                                    {% for variant in campaign.variants %}
-                                                        <li><a href="/bundles/{{ blueprint.id }}/{{ variant.id }}.html">{{ variant.display_name }}</a></li>
+                                                    {% for variant in campaign[1] %}
+                                                        <li><a href="/bundles/{{ blueprint.id }}/{{ variant["metadata"]["id"] }}.html">{{ variant["name"] }}</a></li>
                                                     {% endfor %}
                                                     </ul>
                                                 </li>
@@ -150,14 +150,14 @@
                                 </div>
                                 <div class="column is-half">
                                     <aside class="menu">
-                                    {% for campaign in blueprint.child_campaigns[campaign_left:] %}
+                                    {% for campaign in campaigns[campaign_left:] %}
                                         <details>
-                                            <summary>{{ campaign.name }}</summary>
+                                            <summary>{{ campaign[0] }}</summary>
                                             <ul class="menu-list">
                                                 <li>
                                                     <ul>
-                                                    {% for variant in campaign.variants %}
-                                                        <li><a href="/bundles/{{ blueprint.id }}/{{ variant.id }}.html">{{ variant.display_name }}</a></li>
+                                                    {% for variant in campaign[1] %}
+                                                        <li><a href="/bundles/{{ blueprint.id }}/{{ variant["metadata"]["id"]}}.html">{{ variant["name"] }}</a></li>
                                                     {% endfor %}
                                                     </ul>
                                                 </li>

diff --git a/libmm/scripts/mmdarkpool/templates/variant.html.j2 b/libmm/scripts/mmdarkpool/templates/variant.html.j2
@@ -10,14 +10,14 @@
                         <p class="menu-label">
                             {{ blueprint.name }}
                         </p>
-                        {% for campaign in blueprint.child_campaigns %}
+                        {% for campaign, variants in campaigns_grouped.items() %}
                             <details open>
-                                <summary>{{ campaign.name }}</summary>
+                                <summary>{{ campaign }}</summary>
                                 <ul class="menu-list">
                                     <li>
                                         <ul>
-                                        {% for variant in campaign.variants %}
-                                          <li><a href="/bundles/{{ blueprint.id }}/{{ variant.id }}.html">{{ variant.display_name }}</a></li>
+                                        {% for variant in variants %}
+                                          <li><a href="/bundles/{{ blueprint.id }}/{{ variant["metadata"]["id"] }}.html">{{ variant["name"] }}</a></li>
                                         {% endfor %}
                                         </ul>
                                     </li>
@@ -28,11 +28,11 @@
                     {% elif related_variants %}
                     <aside class="menu">
                         <p class="menu-label">
-                            [{{ variant.tid }}] {{ variant.tid | tid2name }}
+                            [{{ variant["metadata"]["tid"] }}] {{ variant["metadata"]["tid"] | tid2name }}
                         </p>
                         <ul class="menu-list">
                             {% for related_variant in related_variants %}
-                            <li><a href="/testcases/{{ related_variant.id }}.html">{{ related_variant.display_name }}</a></li>
+                            <li><a href="/testcases/{{ related_variant["metadata"]["id"] }}.html">{{ related_variant["name"] }}</a></li>
                             {% endfor %}
                         </ul>
                     </aside>
@@ -42,7 +42,7 @@
                 <div class="column is-9">
                     <div class="notification is-danger">
                         <p class="title">
-                            {{ variant.display_name }}
+                            {{ variant["name"] }}
                         </p>
                     </div>
                     <section>
@@ -55,17 +55,17 @@
                                 <div class="level-right">
                                         <p>
                                             <span class="tag is-light">
-                                                <a style="text-decoration:none" target="_blank" rel="noopener noreferrer" href="https://attack.mitre.org/techniques/{{ variant.tid | replace('.', '/') }}/">{{ variant.tid }}</a>
+                                                <a style="text-decoration:none" target="_blank" rel="noopener noreferrer" href="https://attack.mitre.org/techniques/{{ variant["metadata"]["tid"] | replace('.', '/') }}/">{{ variant["metadata"]["tid"] }}</a>
                                             </span>
-                                            <span class="tag is-light">{{ variant.id }}</span>
+                                            <span class="tag is-light">{{ variant["metadata"]["id"] }}</span>
                                         </p>
                                 </div>
                             </div>
                             <div class="message-body">
-                                <div class="block">{{ variant.description }}</div>
+                                <div class="block">{{ variant["description"] }}</div>
                                 <div class="block">
                                     <details>
-                                        <summary><u>MITRE ATT&CK description for [{{ variant.tid | tid2name }}]</u></summary>
+                                        <summary><u>MITRE ATT&CK description for [{{ variant["metadata"]["tid"] | tid2name }}]</u></summary>
                                         <div id='markdown'>{{ mitre_description }}</div>
                                     </details>
                                 </div>
@@ -80,8 +80,8 @@
                                             Prerequisites
                                     </div>
                                     <div class="message-body has-text-centered">
-                                        {% if variant.prerequisites %}
-                                        {% for prerequisite in variant.prerequisites %}
+                                        {% if variant["prerequisites"] %}
+                                        {% for prerequisite in variant["prerequisites"] %}
                                         <span class="tag is-link">{{ prerequisite }}</span>
                                         {% endfor %}
                                         {% endif %}
@@ -94,8 +94,8 @@
                                             Platforms
                                     </div>
                                     <div class="message-body has-text-centered">
-                                        {% if variant.platforms %}
-                                        {% for platform in variant.platforms %}
+                                        {% if variant["platforms"] %}
+                                        {% for platform in variant["platforms"] %}
                                         <span class="tag is-link">{{ platform }}</span>
                                         {% endfor %}
                                         {% endif %}
@@ -104,7 +104,7 @@
                             </div>
                         </div>
 
-                        {% if variant.guidance %}
+                        {% if variant["guidance"] %}
                         {%- set _ = toc.append("Commands") %}
                         <article class="message is-dark" id="commands">
                             <div class="message-header">
@@ -127,8 +127,8 @@
                                     </div>
                                     <div class="level-right">
                                             <p>
-                                                {% if variant.controls %}
-                                                {% for control in variant.controls %}
+                                                {% if variant["controls"] %}
+                                                {% for control in variant["controls"] %}
                                                 <span class="tag is-light">{{ control }}</span>
                                                 {% endfor %}
                                                 {% endif %}
@@ -141,8 +141,8 @@
                                             <h4 class="title is-5">Detect</h4>
                                             <div class="content">
                                                 <ul>
-                                                    {% if variant.detect %}
-                                                    {% for detect in variant.detect %}
+                                                    {% if variant["detect"] %}
+                                                    {% for detect in variant["detect"] %}
                                                     <li>{{ detect }}</li>
                                                     {% endfor %}
                                                     {% endif %}
@@ -153,8 +153,8 @@
                                             <h4 class="title is-5">Block</h4>
                                             <div class="content">
                                                 <ul>
-                                                    {% if variant.block %}
-                                                    {% for block in variant.block %}
+                                                    {% if variant["block"] %}
+                                                    {% for block in variant["block"] %}
                                                     <li>{{ block }}</li>
                                                     {% endfor %}
                                                     {% endif %}

diff --git a/libmm/scripts/mmdarkpool/templates/variants.html.j2 b/libmm/scripts/mmdarkpool/templates/variants.html.j2
@@ -4,7 +4,7 @@
     <div class="container">
         <div class="columns">
             <div class="column is-three-quarters mx-auto">
-                {% for tid, variants in all_variants | groupby('tid') %}
+                {% for tid, variants in grouped_variants.items() %}
                 <section class="section">
                     <div class="notification is-danger">
                         <div class="columns">
@@ -28,7 +28,7 @@
                                 <li>
                                     <ul>
                                     {% for variant in variants %}
-                                        <li><a href="/testcases/{{ variant.id }}.html">{{ variant.display_name }}</a></li>
+                                        <li><a href="/testcases/{{ variant["metadata"]["id"] }}.html">{{ variant["name"] }}</a></li>
                                     {% endfor %}
                                     </ul>
                                 </li>

diff --git a/libmm/sql.py b/libmm/sql.py
@@ -183,7 +183,7 @@ def render(self, apply_overrides: bool = True, blueprint_id: str = None):
 
         # dictionary fields are decided based on an inclusion criteria rather than exclusion
         # NOTE: when adding new attributes to the Variant class, make sure to update this list
-        top_level_includes = ["description", "platforms", "guidance", "block", "detect", "controls"]
+        top_level_includes = ["description", "platforms", "prerequisites", "guidance", "block", "detect", "controls"]
         for include in top_level_includes:
             if include in original_dict:
                 final_dict[include] = original_dict[include]

diff --git a/pyproject.toml b/pyproject.toml
@@ -1,6 +1,6 @@
 [tool.poetry]
 name = "marketmaker"
-version = "1.7.2"
+version = "1.8.0"
 description = "Suite of tools for managing and creating attack plans"
 authors = ["2XXE <[email protected]>"]
 readme = "README.md"