Get a preview of key risk and policy suggestion changes based on threat level changes
PATCH /v1/threats/preview
This endpoint is only guaranteed to work correctly IF every threat position is valid for the organization, and all of the threat positions are passed in the request body.
Request Body required
Section titled “Request Body required ”A position of a threat.
This is used to calculate the consequence of moving a threat objective to a certain likelihood and impact.
In most cases, it’s better to use a ThreatProfile than to use a Vec<ThreatPosition>.
object
Y-axis for the threat objective
X-axis for the threat objective
PK of the threat objective in the database
Responses
Section titled “ Responses ”Get a threat level preview
Determines that the ramifications of a current threat proposal will be compared to the “cannon” version
object
Contains a list of policy changes that will affect how adversarial notifies users about their policies
Contains a list of changes for a single document that will occur if a proposal is approved.
object
object
Contains a list of changes that will occur if a proposal is approved.
Does contain the driver field like [PolicySuggestion] because the value
provides this information.
object
The node id the selector
The value of the selector upon document initialization.
object
object
Contains a list of changes that will occur if a proposal is approved.
object
The id of the risk that is determining this new suggestion. None if there is no id determining the new suggestion
The node id the selector
The proposed suggestion based on AKR association, if relevant.
The avilable options to choose from
This is a representation of a “selector”, which gives an organization the capability of selecting what the value of a selector is
object
The current suggestion based on AKR, if relevant.
The currently selected option, usually by an organization
A slug and version pair that uniquely identifies a document.
As a string, the format should be slug:version, where slug is a string that is a valid slug and version is a string that is a valid version.
Example
# use std::str::FromStr;
# use backend::views::document::{DocumentId, Version};
# use backend::views::common::Slug;
let document_id_str = "cybersecurity-policy:1.0.0";
let document_id: DocumentId = DocumentId::from_str(document_id_str).unwrap();
assert_eq!(document_id.slug.as_str(), "cybersecurity-policy");
assert_eq!(document_id_str.to_string(), DocumentId::new(Slug::from_str("cybersecurity-policy").unwrap(), Version::new(1, 0, 0)).to_string());object
The slug of the document. i.e. cybersecurity-policy
The version of the document. i.e. 1.0.0
Contains a list of changes that will occur for AKRs if the proposed state is approved
Defines the change between an akr in its original state, to an akr after its been modified.
object
Describes the new position and the responsible threat objective for a risk change
should be renamed to new_score
object
Usually part of a larger struct, defines a combination of likelihood and impact
Sometimes these distinct values are necessary,
since they contain more “information” than [Urgency] alone.
object
The threat objective that caused this change to occur
TODO: use fnv once utoipa supports different hasher derivations
Should be renamed to original_score
object
Usually part of a larger struct, defines a combination of likelihood and impact
Sometimes these distinct values are necessary,
since they contain more “information” than [Urgency] alone.
object
The threat objective that caused this change to occur
TODO: use fnv once utoipa supports different hasher derivations
Describes the short summary of a risk