Make the StoredLibrary builtin attribute non-customizable

intuitem · May 15, 2024 · 7af9afb · 7af9afb
1 parent 9a13447
commit 7af9afb
Show file tree

Hide file tree

Showing 52 changed files with 4 additions and 76 deletions.
diff --git a/backend/core/models.py b/backend/core/models.py
@@ -125,7 +125,7 @@ def __init_class__(cls):
         )
 
     @classmethod
-    def store_library_content(cls, library_content: bytes) -> "StoredLibrary | None":
+    def store_library_content(cls, library_content: bytes,builtin: bool=False) -> "StoredLibrary | None":
         hash_checksum = sha256(library_content)
         if hash_checksum in StoredLibrary.HASH_CHECKSUM_SET:
             return None  # We do not store the library if its hash checksum is in the database.
@@ -176,18 +176,16 @@ def store_library_content(cls, library_content: bytes) -> "StoredLibrary | None"
             objects_meta=objects_meta,
             dependencies=dependencies,
             is_loaded=is_loaded,
-            builtin=library_data.get(
-                "builtin", False
-            ),  # We have to add a "builtin: true" line to every builtin library file.
+            builtin=builtin,  # We have to add a "builtin: true" line to every builtin library file.
             hash_checksum=hash_checksum,
             content=library_objects,
         )
 
     @classmethod
-    def store_library_file(cls, fname: Path) -> "StoredLibrary | None":
+    def store_library_file(cls, fname: Path,builtin: bool=False) -> "StoredLibrary | None":
         with open(fname, "rb") as f:
             library_content = f.read()
-        return StoredLibrary.store_library_content(library_content)
+        return StoredLibrary.store_library_content(library_content,builtin)
 
     def load(self) -> Union[str, None]:
         from library.utils import LibraryImporter

diff --git a/backend/library/libraries/3cf-ed1-v1.yaml b/backend/library/libraries/3cf-ed1-v1.yaml
@@ -1,5 +1,4 @@
 urn: urn:intuitem:risk:library:3cf-ed1-v1
-builtin: true
 locale: fr
 ref_id: 3CF-ed1-v1
 name: "Cadre de Conformit\xE9 Cyber France (3CF) pour l'aviation civile"

diff --git a/backend/library/libraries/3cf-v2.yaml b/backend/library/libraries/3cf-v2.yaml
@@ -1,5 +1,4 @@
 urn: urn:intuitem:risk:library:3cf-v2
-builtin: true
 locale: fr
 ref_id: 3CF-v2
 name: "Cadre de Conformit\xE9 Cyber France (3CF) pour l'aviation civile - v2"

diff --git a/backend/library/libraries/aircyber-v1.5.2.yaml b/backend/library/libraries/aircyber-v1.5.2.yaml
@@ -1,5 +1,4 @@
 urn: urn:intuitem:risk:library:aircyber-v1.5.2
-builtin: true
 locale: en
 ref_id: AirCyber-v1.5.2
 name: Public AirCyber Maturity Level Matrix

diff --git a/backend/library/libraries/anssi-genai-security-recommendations-1.0.yaml b/backend/library/libraries/anssi-genai-security-recommendations-1.0.yaml
@@ -1,5 +1,4 @@
 urn: urn:intuitem:risk:library:anssi-genai-security-recommendations-1.0
-builtin: true
 locale: fr
 ref_id: anssi-genai-security-recommendations-1.0
 name: "ANSSI: RECOMMANDATIONS DE S\xC9CURIT\xC9 POUR UN SYST\xC8ME D'IA G\xC9N\xC9\

diff --git a/backend/library/libraries/anssi-guide-hygiene.yaml b/backend/library/libraries/anssi-guide-hygiene.yaml
@@ -1,5 +1,4 @@
 urn: urn:intuitem:risk:library:anssi-guide-hygiene
-builtin: true
 locale: fr
 ref_id: ANSSI-GUIDE-HYGIENE
 name: "ANSSI - Guide d'hygi\xE8ne informatique"

diff --git a/backend/library/libraries/anssi-nis-rules.yaml b/backend/library/libraries/anssi-nis-rules.yaml
@@ -1,5 +1,4 @@
 urn: urn:intuitem:risk:library:anssi-nis-rules
-builtin: true
 locale: en
 ref_id: ANSSI-NIS
 name: ANSSI NIS rules

diff --git a/backend/library/libraries/anssi-recommandations-configuration-systeme-gnu-linux.yaml b/backend/library/libraries/anssi-recommandations-configuration-systeme-gnu-linux.yaml
@@ -1,5 +1,4 @@
 urn: urn:protocolpaladin:risk:library:anssi-recommandations-configuration-systeme-gnu-linux
-builtin: true
 locale: fr
 ref_id: 'ANSSI-RECOMMANDATIONS-CONFIGURATION-SYSTEME-GNU-LINUX '
 name: "ANSSI - Recommandations de s\xE9curit\xE9 relatives \xE0 un syst\xE8me GNU-Linux"

diff --git a/backend/library/libraries/ccb-cff-2023-03-01.yaml b/backend/library/libraries/ccb-cff-2023-03-01.yaml
@@ -1,5 +1,4 @@
 urn: urn:intuitem:risk:library:ccb-cff-2023-03-01
-builtin: true
 locale: en
 ref_id: CCB-CFF-2023-03-01
 name: CCB CyberFundamentals Framework

diff --git a/backend/library/libraries/cmmc-2.0.yaml b/backend/library/libraries/cmmc-2.0.yaml
@@ -1,5 +1,4 @@
 urn: urn:intuitem:risk:library:cmmc-2.0
-builtin: true
 locale: en
 ref_id: CMMC-2.0
 name: CMMC version 2.0

diff --git a/backend/library/libraries/cra-proposal-annexes.yaml b/backend/library/libraries/cra-proposal-annexes.yaml
@@ -1,5 +1,4 @@
 urn: urn:intuitem:risk:library:cra-proposal-annexes
-builtin: true
 locale: en
 ref_id: CRA-proposal-annexes
 name: Cyber Resilience Act

diff --git a/backend/library/libraries/critical_risk_matrix_3x3.yaml b/backend/library/libraries/critical_risk_matrix_3x3.yaml
@@ -1,5 +1,4 @@
 urn: urn:intuitem:risk:library:critical_risk_matrix_3x3
-builtin: true
 locale: en
 ref_id: critical_3x3
 name: Critical risk matrix 3x3

diff --git a/backend/library/libraries/critical_risk_matrix_5x5.yaml b/backend/library/libraries/critical_risk_matrix_5x5.yaml
@@ -1,5 +1,4 @@
 urn: urn:intuitem:risk:library:critical_risk_matrix_5x5
-builtin: true
 locale: en
 ref_id: critical_5x5
 name: Critical risk matrix 5x5

diff --git a/backend/library/libraries/dfs-500-2023-11.yaml b/backend/library/libraries/dfs-500-2023-11.yaml
@@ -1,5 +1,4 @@
 urn: urn:intuitem:risk:library:dfs-500-2023-11
-builtin: true
 locale: en
 ref_id: DFS-500-2023-11
 name: NY DFS 500 with 2023-11 amendments

diff --git a/backend/library/libraries/doc-pol.yaml b/backend/library/libraries/doc-pol.yaml
@@ -1,5 +1,4 @@
 urn: urn:intuitem:risk:library:doc-pol
-builtin: true
 locale: en
 ref_id: doc-pol
 name: Documents and policies

diff --git a/backend/library/libraries/dora.yaml b/backend/library/libraries/dora.yaml
@@ -1,5 +1,4 @@
 urn: urn:intuitem:risk:library:dora
-builtin: true
 locale: en
 ref_id: DORA
 name: Digital Operational Resilience Act

diff --git a/backend/library/libraries/ecc-1.yaml b/backend/library/libraries/ecc-1.yaml
@@ -1,5 +1,4 @@
 urn: urn:intuitem:risk:library:ecc-1
-builtin: true
 locale: en
 ref_id: essential-cybersecurity-controls
 name: Essential Cybersecurity Controls

diff --git a/backend/library/libraries/essential-eight.yaml b/backend/library/libraries/essential-eight.yaml
@@ -1,5 +1,4 @@
 urn: urn:intuitem:risk:library:essential-eight
-builtin: true
 locale: en
 ref_id: Essential Eight
 name: Essential Eight Maturity Model

diff --git a/backend/library/libraries/fadp.yaml b/backend/library/libraries/fadp.yaml
@@ -1,5 +1,4 @@
 urn: urn:intuitem:risk:library:fadp
-builtin: true
 locale: en
 ref_id: FADP
 name: 'Federal Act on Data Protection '

diff --git a/backend/library/libraries/fedramp-rev5.yaml b/backend/library/libraries/fedramp-rev5.yaml
@@ -1,5 +1,4 @@
 urn: urn:intuitem:risk:library:fedramp-rev5
-builtin: true
 locale: en
 ref_id: GSA-FEDRAMP-rev5
 name: GSA FedRAMP Rev5

diff --git a/backend/library/libraries/gdpr-checklist.yaml b/backend/library/libraries/gdpr-checklist.yaml
@@ -1,5 +1,4 @@
 urn: urn:intuitem:risk:library:gdpr-checklist
-builtin: true
 locale: en
 ref_id: GDPR-checklist
 name: GDPR checklist for data controllers

diff --git a/backend/library/libraries/hds-v2023-a.yaml b/backend/library/libraries/hds-v2023-a.yaml
@@ -1,5 +1,4 @@
 urn: urn:intuitem:risk:library:hds-v2023-a
-builtin: true
 locale: fr
 ref_id: HDS-v2023-A
 name: HDS v2023-A

diff --git a/backend/library/libraries/iso27001-2022-fr.yaml b/backend/library/libraries/iso27001-2022-fr.yaml
@@ -1,5 +1,4 @@
 urn: urn:intuitem:risk:library:iso27001-2022-fr
-builtin: true
 locale: fr
 ref_id: ISO/IEC 27001:2022
 name: Norme internationale ISO/IEC 27001:2022

diff --git a/backend/library/libraries/iso27001-2022.yaml b/backend/library/libraries/iso27001-2022.yaml
@@ -1,5 +1,4 @@
 urn: urn:intuitem:risk:library:iso27001-2022
-builtin: true
 locale: en
 ref_id: ISO/IEC 27001:2022
 name: International standard ISO/IEC 27001:2022

diff --git a/backend/library/libraries/lpm-oiv-2019.yaml b/backend/library/libraries/lpm-oiv-2019.yaml
@@ -1,5 +1,4 @@
 urn: urn:intuitem:risk:library:lpm-oiv-2019
-builtin: true
 locale: fr
 ref_id: LPM-OIV-2019
 name: "R\xE8gles OIV"

diff --git a/backend/library/libraries/matrice-des-risques-critiques-3x3.yaml b/backend/library/libraries/matrice-des-risques-critiques-3x3.yaml
@@ -1,5 +1,4 @@
 urn: urn:protocolpaladin:risk:library:matrice-des-risques-critiques-3x3
-builtin: true
 locale: fr
 ref_id: matrice-des-risques-critiques-3x3
 name: Matrice des risques critiques 3x3

diff --git a/backend/library/libraries/matrice-des-risques-critiques-5x5.yaml b/backend/library/libraries/matrice-des-risques-critiques-5x5.yaml
@@ -1,5 +1,4 @@
 urn: urn:protocolpaladin:risk:library:matrice-des-risques-critiques-5x5
-builtin: true
 locale: fr
 ref_id: matrice-des-risques-critiques-5x5
 name: Matrice des risques critiques 5x5

diff --git a/backend/library/libraries/mitre-attack-v14.yaml b/backend/library/libraries/mitre-attack-v14.yaml
@@ -1,5 +1,4 @@
 urn: urn:intuitem:risk:library:mitre-attack-v14
-builtin: true
 locale: en
 ref_id: mitre-attack
 name: Mitre ATT&CK v14 - Threats and mitigations

diff --git a/backend/library/libraries/nis2-directive.yaml b/backend/library/libraries/nis2-directive.yaml
@@ -1,5 +1,4 @@
 urn: urn:intuitem:risk:library:nis2-directive
-builtin: true
 locale: en
 ref_id: NIS2-directive
 name: NIS 2 directive requirements

diff --git a/backend/library/libraries/nist-800-171-rev2.yaml b/backend/library/libraries/nist-800-171-rev2.yaml
@@ -1,5 +1,4 @@
 urn: urn:intuitem:risk:library:nist-800-171-rev2
-builtin: true
 locale: en
 ref_id: nist-800-171-rev2
 name: NIST SP 800-171 Rev. 2

diff --git a/backend/library/libraries/nist-ai-rmf-1.0.yaml b/backend/library/libraries/nist-ai-rmf-1.0.yaml
@@ -1,5 +1,4 @@
 urn: urn:intuitem:risk:library:nist-ai-rmf-1.0
-builtin: true
 locale: en
 ref_id: NIST-AI-RMF-1.0
 name: NIST AI RMF 1.0

diff --git a/backend/library/libraries/nist-csf-1.1.yaml b/backend/library/libraries/nist-csf-1.1.yaml
@@ -1,5 +1,4 @@
 urn: urn:intuitem:risk:library:nist-csf-1.1
-builtin: true
 locale: en
 ref_id: NIST-CSF-1.1
 name: NIST CSF version 1.1

diff --git a/backend/library/libraries/nist-csf-2.0.yaml b/backend/library/libraries/nist-csf-2.0.yaml
@@ -1,5 +1,4 @@
 urn: urn:intuitem:risk:library:nist-csf-2.0
-builtin: true
 locale: en
 ref_id: NIST-CSF-2.0
 name: NIST CSF version 2.0

diff --git a/backend/library/libraries/nist-privacy-1.0.yaml b/backend/library/libraries/nist-privacy-1.0.yaml
@@ -1,5 +1,4 @@
 urn: urn:intuitem:risk:library:nist-privacy-1.0
-builtin: true
 locale: en
 ref_id: NIST-PRIVACY-1.0
 name: NIST PRIVACY FRAMEWORK 1.0

diff --git a/backend/library/libraries/nist-sp-800-53-rev5.yaml b/backend/library/libraries/nist-sp-800-53-rev5.yaml
@@ -1,5 +1,4 @@
 urn: urn:intuitem:risk:library:nist-sp-800-53-rev5
-builtin: true
 locale: en
 ref_id: NIST-SP-800-53-rev5
 name: NIST SP 800-53 revision 5

diff --git a/backend/library/libraries/nist-sp-800-66-rev2.yaml b/backend/library/libraries/nist-sp-800-66-rev2.yaml
@@ -1,5 +1,4 @@
 urn: urn:intuitem:risk:library:nist-sp-800-66-rev2
-builtin: true
 locale: en
 ref_id: NIST-SP-800-66-rev2
 name: NIST SP-800-66 rev2 (HIPAA)

diff --git a/backend/library/libraries/nist-ssdf-1.1.yaml b/backend/library/libraries/nist-ssdf-1.1.yaml
@@ -1,5 +1,4 @@
 urn: urn:intuitem:risk:library:nist-ssdf-1.1
-builtin: true
 locale: en
 ref_id: nist-ssdf-1.1
 name: Secure Software Development Framework (SSDF)

diff --git a/backend/library/libraries/owasp-asvs-4.0.3.yaml b/backend/library/libraries/owasp-asvs-4.0.3.yaml
@@ -1,5 +1,4 @@
 urn: urn:intuitem:risk:library:owasp-asvs-4.0.3
-builtin: true
 locale: en
 ref_id: OWASP-ASVS-4.0.3
 name: OWASP ASVS 4.0.3

diff --git a/backend/library/libraries/owasp-top-10-web.yaml b/backend/library/libraries/owasp-top-10-web.yaml
@@ -1,5 +1,4 @@
 urn: urn:intuitem:risk:library:owasp-top-10-web
-builtin: true
 locale: en
 ref_id: OWASP top 10 Web
 name: OWASP top 10 Web

diff --git a/backend/library/libraries/pcidss-4_0.yaml b/backend/library/libraries/pcidss-4_0.yaml
@@ -1,5 +1,4 @@
 urn: urn:intuitem:risk:library:pcidss-4_0
-builtin: true
 locale: en
 ref_id: PCI DSS 4.0
 name: Payment Card Industry Data Security Standard

diff --git a/backend/library/libraries/pgssi-s-1.0.yaml b/backend/library/libraries/pgssi-s-1.0.yaml
@@ -1,5 +1,4 @@
 urn: urn:ackwa:risk:library:pgssi-s-1.0
-builtin: true
 locale: fr
 ref_id: pgssi-s-1.0
 name: PGSSI-S v1.0

diff --git a/backend/library/libraries/pspf.yaml b/backend/library/libraries/pspf.yaml
@@ -1,5 +1,4 @@
 urn: urn:intuitem:risk:library:pspf
-builtin: true
 locale: en
 ref_id: PSPF
 name: Protective Security Policy Framework

diff --git a/backend/library/libraries/rgs-v2.0.yaml b/backend/library/libraries/rgs-v2.0.yaml
@@ -1,5 +1,4 @@
 urn: urn:intuitem:risk:library:rgs-v2.0
-builtin: true
 locale: fr
 ref_id: RGS-v2.0
 name: "R\xE9f\xE9rentiel G\xE9n\xE9ral de S\xE9curit\xE9 version 2.0"

diff --git a/backend/library/libraries/risk-matrix-3x3-mult.yaml b/backend/library/libraries/risk-matrix-3x3-mult.yaml
@@ -1,5 +1,4 @@
 urn: urn:intuitem:risk:library:risk-matrix-3x3-mult
-builtin: true
 locale: fr
 ref_id: risk-matrix-3x3-mult
 name: Matrice 3x3 multiplicative

diff --git a/backend/library/libraries/risk-matrix-4x4-pgssi-s-1.0.yaml b/backend/library/libraries/risk-matrix-4x4-pgssi-s-1.0.yaml
@@ -1,5 +1,4 @@
 urn: urn:ackwa:risk:library:risk-matrix-4x4-pgssi-s-1.0
-builtin: true
 locale: fr
 ref_id: risk-matrix-4x4-pgssi-s-1.0
 name: Matrice de risques 4x4 PGSSI-S v1.0

diff --git a/backend/library/libraries/risk-matrix-5x5-sensitive.yaml b/backend/library/libraries/risk-matrix-5x5-sensitive.yaml
@@ -1,5 +1,4 @@
 urn: urn:intuitem:risk:library:risk-matrix-5x5-sensitive
-builtin: true
 locale: en
 ref_id: risk-matrix-5x5-sensitive
 name: 5x5 sensitive

diff --git a/backend/library/libraries/secnumcloud-3.2-annexe-2.yaml b/backend/library/libraries/secnumcloud-3.2-annexe-2.yaml
@@ -1,5 +1,4 @@
 urn: urn:intuitem:risk:library:secnumcloud-3.2-annexe-2
-builtin: true
 locale: fr
 ref_id: SecNumCloud v3.2-A2
 name: 'SecNumCloud v3.2 Annexe 2 : recommandations aux commanditaires'

diff --git a/backend/library/libraries/secnumcloud-3.2.yaml b/backend/library/libraries/secnumcloud-3.2.yaml
@@ -1,5 +1,4 @@
 urn: urn:intuitem:risk:library:secnumcloud-3.2
-builtin: true
 locale: fr
 ref_id: SecNumCloud v3.2
 name: "Prestataires de services d\u2019informatique en nuage (SecNumCloud) - r\xE9\

diff --git a/backend/library/libraries/soc2-2017.yaml b/backend/library/libraries/soc2-2017.yaml
@@ -1,5 +1,4 @@
 urn: urn:intuitem:risk:library:soc2-2017
-builtin: true
 locale: en
 ref_id: SOC2-2017
 name: 'SOC2-2017 Trust Services Criteria '

diff --git a/backend/library/libraries/tiber-eu-2018.yaml b/backend/library/libraries/tiber-eu-2018.yaml
@@ -1,5 +1,4 @@
 urn: urn:intuitem:risk:library:tiber-eu-2018
-builtin: true
 locale: en
 ref_id: TIBER-EU-2018
 name: TIBER-EU FRAMEWORK

diff --git a/backend/library/libraries/tisax-v6.0.2.yaml b/backend/library/libraries/tisax-v6.0.2.yaml
@@ -1,5 +1,4 @@
 urn: urn:intuitem:risk:library:tisax-v6.0.2
-builtin: true
 locale: en
 ref_id: TISAX v6.0.2
 name: 'Trusted Information Security Assessment Exchange    '

diff --git a/tools/add_builtin.py b/tools/add_builtin.py