-
Saket Agrahari authoredSaket Agrahari authored
standards_and_policies.py 6.46 KiB
from typing import Any
from compendium_v2.db.presentation_models import Standards, CrisisExercises, SecurityControls
from compendium_v2.routes import common
from flask import Blueprint, jsonify
routes = Blueprint('standards-and-policies', __name__)
STANDARDS_RESPONSE_SCHEMA = {
'$schema': 'http://json-schema.org/draft-07/schema#',
'definitions': {
'standards': {
'type': 'object',
'properties': {
'nren': {'type': 'string'},
'nren_country': {'type': 'string'},
'year': {'type': 'integer'},
'audits': {'type': 'string'},
'audit_specifics': {'type': 'string'},
'business_continuity_plans': {'type': 'string'},
'business_continuity_plans_specifics': {'type': 'string'},
'crisis_management_procedure': {'type': 'string'}
},
'required': ['nren', 'nren_country', 'year'],
'additionalProperties': False
}
},
'type': 'array',
'items': {'$ref': '#/definitions/standards'}
}
CRISIS_EXERCISES_RESPONSE_SCHEMA = {
'$schema': 'http://json-schema.org/draft-07/schema#',
'definitions': {
'crisis_exercises': {
'type': 'object',
'properties': {
'nren': {'type': 'string'},
'nren_country': {'type': 'string'},
'year': {'type': 'integer'},
'exercise_descriptions': {'type': 'array', 'items': {'type': 'string'}}
},
'required': ['nren', 'nren_country', 'year'],
'additionalProperties': False
}
},
'type': 'array',
'items': {'$ref': '#/definitions/crisis_exercises'}
}
SECURITY_CONTROLS_RESPONSE_SCHEMA = {
'$schema': 'http://json-schema.org/draft-07/schema#',
'definitions': {
'security_controls': {
'type': 'object',
'properties': {
'nren': {'type': 'string'},
'nren_country': {'type': 'string'},
'year': {'type': 'integer'},
'security_control_descriptions': {'type': 'array', 'items': {'type': 'string'}}
},
'required': ['nren', 'nren_country', 'year'],
'additionalProperties': False
}
},
'type': 'array',
'items': {'$ref': '#/definitions/security_controls'}
}
def standards_extract_data(standards: Standards) -> dict:
return {
'nren': standards.nren.name,
'nren_country': standards.nren.country,
'year': int(standards.year),
'audits': str(standards.audits),
'audit_specifics': str(standards.audit_specifics),
'business_continuity_plans': str(standards.business_continuity_plans),
'business_continuity_plans_specifics': str(standards.business_continuity_plans_specifics),
'crisis_management_procedure': str(standards.crisis_management_procedure)
}
@routes.route('/standards', methods=['GET'])
@common.require_accepts_json
def standards_view() -> Any:
"""
handler for /api/standards-and-policies/standards requests
Endpoint for getting the fibre operation models the NREN.
This endpoint retrieves fibre operation model that of the NREN.
response will be formatted as:
.. asjson::
compendium_v2.routes.standards_and_policies.STANDARDS_RESPONSE_SCHEMA
:return:
"""
entries = []
records = common.get_data(Standards)
for entry in records:
entries.append(standards_extract_data(entry))
return jsonify(entries)
crisis_exercises_map = {
"geant_workshops": "We participate in GEANT Crisis workshops such as CLAW",
"none": "No, we have not done any crisis exercises or trainings",
"national_excercises": "We participated in National crisis exercises ",
"real_crisis": "We had a real crisis",
"simulation_excercises": "We run our own simulation exercises",
"tabletop_exercises": "We run our own tabletop exercises",
"other_excercises": "We have done/participated in other exercises or trainings"
}
def crisis_exercises_extract_data(crisis_exercises: CrisisExercises) -> dict:
return {
'nren': crisis_exercises.nren.name,
'nren_country': crisis_exercises.nren.country,
'year': int(crisis_exercises.year),
'exercise_descriptions': [crisis_exercises_map.get(item, item) for item in
crisis_exercises.exercise_descriptions]
}
@routes.route('/crisis-exercises', methods=['GET'])
@common.require_accepts_json
def crisis_exercises_view() -> Any:
"""
handler for /api/standards-and-policies/crisis-exercises requests
Endpoint for getting the fibre operation models the NREN.
This endpoint retrieves fibre operation model that of the NREN.
response will be formatted as:
.. asjson::
compendium_v2.routes.standards_and_policies.CRISIS_EXERCISES_RESPONSE_SCHEMA
:return:
"""
entries = []
records = common.get_data(CrisisExercises)
for entry in records:
entries.append(crisis_exercises_extract_data(entry))
return jsonify(entries)
security_controls_map = {
"anti_virus": "Anti Virus",
"anti_spam": "Anti-Spam",
"firewall": "Firewall",
"ddos_mitigation": "DDoS mitigation",
"monitoring": "Network monitoring",
"ips_ids": "IPS/IDS",
"acl": "ACL",
"segmentation": "Network segmentation",
"integrity_checking": "Integrity checking"
}
def security_controls_extract_data(security_controls: SecurityControls) -> dict:
return {
'nren': security_controls.nren.name,
'nren_country': security_controls.nren.country,
'year': int(security_controls.year),
'security_control_descriptions': [security_controls_map.get(item, item) for item in
security_controls.security_control_descriptions]
}
@routes.route('/security-controls', methods=['GET'])
@common.require_accepts_json
def security_controls_view() -> Any:
"""
handler for /api/standards-and-policies/security-controls requests
Endpoint for getting the fibre operation models the NREN.
This endpoint retrieves fibre operation model that of the NREN.
response will be formatted as:
.. asjson::
compendium_v2.routes.standards_and_policies.SECURITY_CONTROLS_RESPONSE_SCHEMA
:return:
"""
entries = []
records = common.get_data(SecurityControls)
for entry in records:
entries.append(security_controls_extract_data(entry))
return jsonify(entries)