Updated swagger.yaml, new example

IriusRiskCustomOutput.java

@@ -0,0 +1,89 @@
+/*
+ * Copyright (c) 2012-2020 Continuum Security.  All rights reserved
+ */
+
+import com.iriusrisk.ApiException;
+import com.iriusrisk.api.ProductsApi;
+import com.iriusrisk.model.Component;
+import com.iriusrisk.model.ComponentControl;
+import com.iriusrisk.model.ComponentUseCase;
+import com.iriusrisk.model.ComponentUseCaseThreatShort;
+import com.iriusrisk.model.Product;
+import com.iriusrisk.model.ProductShort;
+import com.iriusrisk.model.RiskSummary;
+import com.iriusrisk.model.Threat;
+import com.iriusrisk.model.ThreatControl;
+import com.iriusrisk.model.ThreatWeakness;
+import com.squareup.okhttp.OkHttpClient;
+
+import java.net.InetSocketAddress;
+import java.net.Proxy;
+import java.util.ArrayList;
+import java.util.List;
+
+/**
+ * This is an example of how to use IriusRisk Client Lib to create a custom output from a countermeasure list
+ */
+public class IriusRiskCustomOutput {
+    public static void main(String[] args) {
+
+        System.out.println("New IriusRisk instance");
+        ProductsApi apiInstance = new ProductsApi();
+        // You must define the scheme://host:port/api/v1 from your IriusRisk instance
+        // i.e.: https://server.com:5445/api/v1
+
+        OkHttpClient httpClient = new OkHttpClient();
+        String proxyHost = System.getProperty("proxy.host");
+        if (proxyHost != null) {
+            int proxyPort = Integer.parseInt(System.getProperty("proxy.port"));
+            Proxy proxy = new Proxy(Proxy.Type.HTTP, new InetSocketAddress(proxyHost, proxyPort));
+            httpClient.setProxy(proxy);
+        }
+
+        apiInstance.getApiClient().setBasePath("<scheme://host:port>/api/v1");
+        apiInstance.getApiClient().setHttpClient(httpClient);
+        apiInstance.getApiClient().setVerifyingSsl(false);
+        String apiToken = "<api-token>";
+
+        try {
+            // Get list of products
+            List<ProductShort> rs = apiInstance.productsGet(apiToken, null, null, null);
+            for (ProductShort r : rs) {
+                Product product = apiInstance.productsRefGet(apiToken, r.getRef());
+
+                for(Component component : product.getComponents()){
+                    List<ComponentControl> controls = component.getControls();
+                    for(ComponentUseCase usecase : component.getUsecases()){
+                        for(Threat threat : usecase.getThreats()){
+                            for(ThreatWeakness weakness : threat.getWeaknesses()){
+                                for(ThreatControl control : weakness.getControls()){
+                                    ComponentControl componentControl = controls.stream().filter(x -> x.getRef().equals(control.getRef())).findFirst().get();
+                                    String output = String.join("|",
+                                            r.getRef(),
+                                            r.getName(),
+                                            threat.getRef(),
+                                            "["+threat.getRiskRating().getConfidentiality()+"+"+threat.getRiskRating().getIntegrity()+"+"+threat.getRiskRating().getAvailability()+"]",
+                                            weakness.getRef(),
+                                            control.getRef(),
+                                            // This is to prevent writing "null" if the Issue Id is not set
+                                            // If you want "null" to appear just change the following line to "control.getIssueId(),"
+                                            (componentControl.getIssueId() != null ? componentControl.getIssueId() : ""),
+                                            componentControl.getState()
+                                    );
+
+                                    System.out.println(output);
+                                }
+                            }
+                        }
+                    }
+                }
+            }
+
+        } catch (ApiException e) {
+            System.err.println("Exception when calling API");
+            e.printStackTrace();
+        }
+
+    }
+
+}

swagger.yaml

@@ -660,6 +660,11 @@ paths:
               desc:
                 description: Description field value
                 type: string
+              tags:
+                description: List of tags
+                type: array
+                items:
+                  type: string
       responses:
         201:
           description: Risk Pattern details
@@ -2868,6 +2873,11 @@ definitions:
         type: string
       desc:
         type: string
+      tags:
+        type: array
+        description: 'List of tags'
+        items:
+          type: string
       weaknesses:
         type: array
         items:
@@ -3094,6 +3104,14 @@ definitions:
         type: array
         items:
           $ref: '#/definitions/DataFlow'
+      users:
+        type: array
+        items:
+          type: string
+      groups:
+        type: array
+        items:
+          type: string
   ArchitectureDiagram:
     type: object
     properties:
@@ -3176,8 +3194,13 @@ definitions:
         type: string
       groupName:
         type: string
+        default: null
+        description: This field always returns null. All group names have been transformed into tags.
       tags:
-        type: string
+        type: array
+        description: List of all tags
+        items:
+          type: string
       position:
         type: integer
       questions:
@@ -3713,4 +3736,5 @@ definitions:
           properties:
             name:
               type: string
-              description: Name of the Asset
+              description: Name of the Asset
+