Feat/dfd sec controls view (#20)

* SC: added basic security control view * Linked controls to assuptions * SC: linked the secuirty control view to threats, mitigations and assumptions
cds-snc · Oct 25, 2023 · 1e6c275 · 1e6c275
1 parent 6bcc72e
commit 1e6c275
Show file tree

Hide file tree

Showing 53 changed files with 1,970 additions and 71 deletions.
diff --git a/src/components/application/ApplicationInfo/index.tsx b/src/components/application/ApplicationInfo/index.tsx
@@ -17,6 +17,8 @@
 import Button from '@cloudscape-design/components/button';
 import Container from '@cloudscape-design/components/container';
 import FormField from '@cloudscape-design/components/form-field';
+import SegmentedControl from '@cloudscape-design/components/segmented-control';
+import Checkbox from '@cloudscape-design/components/checkbox';
 import Header from '@cloudscape-design/components/header';
 import SpaceBetween from '@cloudscape-design/components/space-between';
 import { FC, useState, useCallback, useMemo, useEffect } from 'react';
@@ -33,6 +35,15 @@ const ApplicationInfo: FC<EditableComponentBaseProps> = ({
   const [editMode, setEditMode] = useState(!applicationInfo.name && !applicationInfo.description );
   const [content, setContent] = useState('');
   const [name, setName] = useState('');
+  const [securityCategory, setSecurityCategory] = useState('cccs-medium');
+  const [checkedIaaS, setCheckedIaaS] = useState(false);
+  const [checkedPaaS, setCheckedPaaS] = useState(false);
+  const [checkedSaaS, setCheckedSaaS] = useState(false);
+  const [checkedData, setCheckedData] = useState(true);
+  const [checkedStorage, setCheckedStorage] = useState(true);
+  const [checkedApplication, setCheckedApplication] = useState(false);
+  const [checkedCompute, setCheckedCompute] = useState(false);
+  const [checkedNetwork, setCheckedNetwork] = useState(true);
 
   useEffect(() => {
     onEditModeChange?.(editMode);
@@ -62,7 +73,7 @@ const ApplicationInfo: FC<EditableComponentBaseProps> = ({
 
   return (<Container
     header={<Header actions={actions}>{applicationInfo.name || 'Application Introduction'}</Header>}
-  >{editMode ? (<SpaceBetween direction='vertical' size='s'>
+  >{editMode ? (<SpaceBetween direction='vertical' size='l'>
       <FormField
         label="Application name"
       >
@@ -82,6 +93,93 @@ const ApplicationInfo: FC<EditableComponentBaseProps> = ({
         parentHeaderLevel='h2'
         validateData={ApplicationInfoSchema.shape.description.safeParse}
       />
+      <FormField
+        label="This application / feature requires the following GC Cloud Profile"
+        description="CCCS Low (formerly PALL) -> Targets: Protected A, Low Integrity, Low Availability | CCCS Medium (formerly PBMM) -> Targets: Protected B, Medium Integrity, Medium Availability"
+      >
+        <SegmentedControl
+          selectedId={securityCategory}
+          onChange={({ detail }) =>
+            setSecurityCategory(detail.selectedId)
+          }
+          label="This application / feature require the following GC Cloud Profile"
+          options={[
+            { text: 'CCCS Low', id: 'cccs-low' },
+            { text: 'CCCS Medium', id: 'cccs-medium' },
+            { text: 'CCCS High', id: 'cccs-high' },
+          ]}
+        />
+      </FormField>
+      <FormField
+        label="Cloud service model">
+        <Checkbox
+          onChange={({ detail }) =>
+            setCheckedIaaS(detail.checked)
+          }
+          checked={checkedIaaS}
+        >
+        IaaS
+        </Checkbox>
+        <Checkbox
+          onChange={({ detail }) =>
+            setCheckedPaaS(detail.checked)
+          }
+          checked={checkedPaaS}
+        >
+        PaaS
+        </Checkbox>
+        <Checkbox
+          onChange={({ detail }) =>
+            setCheckedSaaS(detail.checked)
+          }
+          checked={checkedSaaS}
+        >
+        SaaS
+        </Checkbox>
+      </FormField>
+      <FormField
+        label="Cloud stack component">
+        <Checkbox
+          onChange={({ detail }) =>
+            setCheckedData(detail.checked)
+          }
+          checked={checkedData}
+        >
+        Data
+        </Checkbox>
+        <Checkbox
+          onChange={({ detail }) =>
+            setCheckedStorage(detail.checked)
+          }
+          checked={checkedStorage}
+        >
+        Storage
+        </Checkbox>
+        <Checkbox
+          onChange={({ detail }) =>
+            setCheckedApplication(detail.checked)
+          }
+          checked={checkedApplication}
+        >
+        Application
+        </Checkbox>
+        <Checkbox
+          onChange={({ detail }) =>
+            setCheckedCompute(detail.checked)
+          }
+          checked={checkedCompute}
+        >
+        Compute
+        </Checkbox>
+        <Checkbox
+          onChange={({ detail }) =>
+            setCheckedNetwork(detail.checked)
+          }
+          checked={checkedNetwork}
+        >
+        Network
+        </Checkbox>
+      </FormField>
     </SpaceBetween>) :
       (<MarkdownViewer>
         {applicationInfo.description || ''}

diff --git a/src/components/assumptions/AssumptionCard/index.tsx b/src/components/assumptions/AssumptionCard/index.tsx
@@ -27,6 +27,7 @@ import GenericCard from '../../generic/GenericCard';
 import Textarea from '../../generic/Textarea';
 import AssumptionMitigationLink from '../AssumptionMitigationLink';
 import AssumptionThreatLink from '../AssumptionThreatLink';
+import AssumptionControlLink from '../AssumptionControlLink';
 
 export interface AssumptionCardProps {
   assumption: Assumption;
@@ -97,8 +98,12 @@ const AssumptionCard: FC<AssumptionCardProps> = ({
           <AssumptionThreatLink
             assumptionId={assumption.id}
           />
+          <AssumptionControlLink
+            assumptionId={assumption.id}
+          />
           <AssumptionMitigationLink
-            assumptionId={assumption.id} />
+            assumptionId={assumption.id}
+          />
         </SpaceBetween>
       </ColumnLayout>
       <MetadataEditor

diff --git a/src/components/assumptions/AssumptionControlLink/index.tsx b/src/components/assumptions/AssumptionControlLink/index.tsx
@@ -0,0 +1,74 @@
+/** *******************************************************************************************************************
+  Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+
+  Licensed under the Apache License, Version 2.0 (the "License").
+  You may not use this file except in compliance with the License.
+  You may obtain a copy of the License at
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing, software
+  distributed under the License is distributed on an "AS IS" BASIS,
+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  See the License for the specific language governing permissions and
+  limitations under the License.
+ ******************************************************************************************************************** */
+
+import { FC, useCallback, useEffect, useState } from 'react';
+import { useAssumptionLinksContext } from '../../../contexts/AssumptionLinksContext/context';
+import { useControlsContext } from '../../../contexts/ControlsContext/context';
+import { AssumptionLink } from '../../../customTypes';
+import ControlLinkView from '../../controls/ControlLinkView';
+
+export interface AssumptionThreatLinkProps {
+  assumptionId: string;
+}
+
+const AssumptionThreatLinkComponent: FC<AssumptionThreatLinkProps> = ({
+  assumptionId,
+}) => {
+  const { controlList, saveControl } = useControlsContext();
+  const [assumptionLinks, setAssumptionLinks] = useState<AssumptionLink[]>([]);
+
+  const { getAssumptionEntityLinks } = useAssumptionLinksContext();
+
+  useEffect(() => {
+    const _assumptionLinks = getAssumptionEntityLinks(assumptionId, 'Control');
+    setAssumptionLinks(_assumptionLinks || []);
+  }, [getAssumptionEntityLinks, assumptionId]);
+
+  const {
+    addAssumptionLink,
+    removeAssumptionLink,
+  } = useAssumptionLinksContext();
+
+  const handleAddControlLink = useCallback((controlIdOrNewControl: string) => {
+    if (controlList.find(m => m.id === controlIdOrNewControl)) {
+      addAssumptionLink({
+        linkedId: controlIdOrNewControl,
+        assumptionId,
+        type: 'Control',
+      });
+    } else {
+      const newControl = saveControl({
+        numericId: -1,
+        content: controlIdOrNewControl,
+        id: 'new',
+      });
+      addAssumptionLink({
+        type: 'Control',
+        linkedId: newControl.id,
+        assumptionId,
+      });
+    }
+  }, [assumptionId, controlList, addAssumptionLink, saveControl]);
+
+  return (<ControlLinkView
+    controlList={controlList}
+    linkedControlIds={assumptionLinks.map(ml => ml.linkedId)}
+    onAddControlLink={handleAddControlLink}
+    onRemoveControlLink={(controlId) => removeAssumptionLink(assumptionId, controlId)}
+  />);
+};
+
+export default AssumptionThreatLinkComponent;
diff --git a/src/components/assumptions/AssumptionCreationCard/index.tsx b/src/components/assumptions/AssumptionCreationCard/index.tsx
@@ -17,34 +17,39 @@
 import SpaceBetween from '@cloudscape-design/components/space-between';
 import { FC, useState, useCallback } from 'react';
 import { useMitigationsContext } from '../../../contexts/MitigationsContext/context';
+import { useControlsContext } from '../../../contexts/ControlsContext/context';
 import { useThreatsContext } from '../../../contexts/ThreatsContext/context';
 import { Assumption } from '../../../customTypes';
 import GenericEntityCreationCard, { DEFAULT_ENTITY } from '../../generic/GenericEntityCreationCard';
 import MitigationLinkView from '../../mitigations/MitigationLinkView';
+import ControlLinkView from '../../controls/ControlLinkView';
 import ThreatLinkView from '../../threats/ThreatLinkView';
 
 export interface AssumptionCreationCardProps {
-  onSave?: (entity: Assumption, linkedMitigationIds: string[], linkedThreatIds: string[]) => void;
+  onSave?: (entity: Assumption, linkedMitigationIds: string[], linkedControlIds: string[], linkedThreatIds: string[]) => void;
 }
 
 const AssumptionCreationCard: FC<AssumptionCreationCardProps> = ({ onSave }) => {
   const [editingEntity, setEditingEntity] = useState<Assumption>(DEFAULT_ENTITY);
   const [linkedMitigationIds, setLinkedMitigationIds] = useState<string[]>([]);
+  const [linkedControlIds, setLinkedControlIds] = useState<string[]>([]);
   const [linkedThreatIds, setLinkedThreatIds] = useState<string[]>([]);
 
   const { mitigationList, saveMitigation } = useMitigationsContext();
+  const { controlList, saveControl } = useControlsContext();
   const { statementList } = useThreatsContext();
 
   const handleSave = useCallback(() => {
-    onSave?.(editingEntity, linkedMitigationIds, linkedThreatIds);
+    onSave?.(editingEntity, linkedMitigationIds, linkedControlIds, linkedThreatIds);
     setEditingEntity(DEFAULT_ENTITY);
     setLinkedMitigationIds([]);
     setLinkedThreatIds([]);
-  }, [editingEntity, linkedMitigationIds, linkedThreatIds, onSave]);
+  }, [editingEntity, linkedMitigationIds, linkedControlIds, linkedThreatIds, onSave]);
 
   const handleReset = useCallback(() => {
     setEditingEntity(DEFAULT_ENTITY);
     setLinkedMitigationIds([]);
+    setLinkedControlIds([]);
     setLinkedThreatIds([]);
   }, []);
 
@@ -61,6 +66,19 @@ const AssumptionCreationCard: FC<AssumptionCreationCardProps> = ({ onSave }) =>
     }
   }, [mitigationList, saveMitigation]);
 
+  const handleAddControlLink = useCallback((controlIdOrNewControl: string) => {
+    if (controlList.find(m => m.id === controlIdOrNewControl)) {
+      setLinkedControlIds(prev => [...prev, controlIdOrNewControl]);
+    } else {
+      const newControl = saveControl({
+        numericId: -1,
+        content: controlIdOrNewControl,
+        id: 'new',
+      });
+      setLinkedControlIds(prev => [...prev, newControl.id]);
+    }
+  }, [controlList, saveControl]);
+
   return (<GenericEntityCreationCard
     editingEntity={editingEntity}
     setEditingEntity={setEditingEntity}
@@ -74,6 +92,12 @@ const AssumptionCreationCard: FC<AssumptionCreationCardProps> = ({ onSave }) =>
         onAddThreatLink={(id) => setLinkedThreatIds(prev => [...prev, id])}
         onRemoveThreatLink={(id) => setLinkedThreatIds(prev => prev.filter(p => p !== id))}
       />
+      <ControlLinkView
+        linkedControlIds={linkedControlIds}
+        controlList={controlList}
+        onAddControlLink={handleAddControlLink}
+        onRemoveControlLink={(id) => setLinkedControlIds(prev => prev.filter(p => p !== id))}
+      />
       <MitigationLinkView
         linkedMitigationIds={linkedMitigationIds}
         mitigationList={mitigationList}

diff --git a/src/components/assumptions/AssumptionList/index.tsx b/src/components/assumptions/AssumptionList/index.tsx
@@ -55,6 +55,11 @@ const AssumptionList: FC = () => {
     setSelectedLinkedThreatsFilter,
   ] = useState(ALL);
 
+  const [
+    selectedLinkedControlFilter,
+    setSelectedLinkedControlFilter,
+  ] = useState(ALL);
+
   const [
     selectedLinkedMitigationFilter,
     setSelectedLinkedMitigationFilter,
@@ -104,19 +109,28 @@ const AssumptionList: FC = () => {
       });
     }
 
+    if (selectedLinkedControlFilter !== ALL) {
+      output = output.filter(st => {
+        return assumptionLinkList.some(al => al.assumptionId === st.id && al.type === 'Control') ?
+          selectedLinkedControlFilter === WITH_LINKED_ENTITY :
+          selectedLinkedControlFilter === WITHOUT_NO_LINKED_ENTITY;
+      });
+    }
+
     output = output.sort((op1, op2) => (op2.displayOrder || Number.MAX_VALUE) - (op1.displayOrder || Number.MAX_VALUE));
 
     return output;
   }, [filteringText, assumptionList, selectedTags,
     assumptionLinkList,
-    selectedLinkedMitigationFilter, selectedLinkedThreatsFilter]);
+    selectedLinkedMitigationFilter, selectedLinkedControlFilter, selectedLinkedThreatsFilter]);
 
   const hasNoFilter = useMemo(() => {
     return (filteringText === ''
       && selectedLinkedMitigationFilter === ALL
+      && selectedLinkedControlFilter === ALL
       && selectedLinkedThreatsFilter === ALL
       && selectedTags.length === 0);
-  }, [filteringText, selectedTags, selectedLinkedThreatsFilter, selectedLinkedMitigationFilter]);
+  }, [filteringText, selectedTags, selectedLinkedThreatsFilter, selectedLinkedControlFilter, selectedLinkedMitigationFilter]);
 
   const allTags = useMemo(() => {
     return assumptionList
@@ -129,6 +143,7 @@ const AssumptionList: FC = () => {
     setFilteringText('');
     setSelectedTags([]);
     setSelectedLinkedMitigationFilter(ALL);
+    setSelectedLinkedControlFilter(ALL);
     setSelectedLinkedThreatsFilter(ALL);
   }, []);
 
@@ -175,9 +190,9 @@ const AssumptionList: FC = () => {
           />
           <Grid
             gridDefinition={[
+              { colspan: { default: 12, xs: 2 } },
+              { colspan: { default: 12, xs: 3 } },
               { colspan: { default: 12, xs: 3 } },
-              { colspan: { default: 12, xs: 4 } },
-              { colspan: { default: 12, xs: 4 } },
               { colspan: { default: 1 } },
             ]}
           >
@@ -192,6 +207,12 @@ const AssumptionList: FC = () => {
               selected={selectedLinkedThreatsFilter}
               setSelected={setSelectedLinkedThreatsFilter}
             />
+            <LinkedEntityFilter
+              label='Linked controls'
+              entityDisplayName='controls'
+              selected={selectedLinkedControlFilter}
+              setSelected={setSelectedLinkedControlFilter}
+            />
             <LinkedEntityFilter
               label='Linked mitigations'
               entityDisplayName='mitigations'