cartography 0.117.0__py3-none-any.whl → 0.119.0__py3-none-any.whl

cartography/models/gsuite/group.py

@@ -0,0 +1,218 @@
+from dataclasses import dataclass
+
+from cartography.models.core.common import PropertyRef
+from cartography.models.core.nodes import CartographyNodeProperties
+from cartography.models.core.nodes import CartographyNodeSchema
+from cartography.models.core.nodes import ExtraNodeLabels
+from cartography.models.core.relationships import CartographyRelProperties
+from cartography.models.core.relationships import CartographyRelSchema
+from cartography.models.core.relationships import LinkDirection
+from cartography.models.core.relationships import make_source_node_matcher
+from cartography.models.core.relationships import make_target_node_matcher
+from cartography.models.core.relationships import OtherRelationships
+from cartography.models.core.relationships import SourceNodeMatcher
+from cartography.models.core.relationships import TargetNodeMatcher
+
+
+@dataclass(frozen=True)
+class GSuiteGroupNodeProperties(CartographyNodeProperties):
+    """
+    GSuite group node properties
+    """
+
+    id: PropertyRef = PropertyRef("id")
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+
+    # Group identifiers and basic info
+    group_id: PropertyRef = PropertyRef("id")  # Alias for id
+    email: PropertyRef = PropertyRef("email", extra_index=True)
+    name: PropertyRef = PropertyRef("name")
+    description: PropertyRef = PropertyRef("description")
+
+    # Group settings
+    admin_created: PropertyRef = PropertyRef("adminCreated")
+    direct_members_count: PropertyRef = PropertyRef("directMembersCount")
+
+    # Metadata
+    etag: PropertyRef = PropertyRef("etag")
+    kind: PropertyRef = PropertyRef("kind")
+
+    # Tenant relationship
+    customer_id: PropertyRef = PropertyRef("CUSTOMER_ID", set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class GSuiteGroupToTenantRelProperties(CartographyRelProperties):
+    """
+    Properties for GSuite group to tenant relationship
+    """
+
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class GSuiteGroupToTenantRel(CartographyRelSchema):
+    """
+    Relationship from GSuite group to GSuite tenant
+    """
+
+    target_node_label: str = "GSuiteTenant"
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {
+            "id": PropertyRef("CUSTOMER_ID", set_in_kwargs=True),
+        }
+    )
+    direction: LinkDirection = LinkDirection.OUTWARD
+    rel_label: str = "RESOURCE"
+    properties: GSuiteGroupToTenantRelProperties = GSuiteGroupToTenantRelProperties()
+
+
+@dataclass(frozen=True)
+class GSuiteGroupToMemberRelProperties(CartographyRelProperties):
+    """
+    Properties for GSuite group to member relationship
+    """
+
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class GSuiteGroupToMemberRel(CartographyRelSchema):
+    """
+    Relationship from GSuite group to its members (users or groups)
+    """
+
+    target_node_label: str = "GSuiteUser"  # or GSuiteGroup for subgroup relationships
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {
+            "id": PropertyRef("member_ids", one_to_many=True),
+        }
+    )
+    direction: LinkDirection = LinkDirection.INWARD
+    rel_label: str = "MEMBER_GSUITE_GROUP"
+    properties: GSuiteGroupToMemberRelProperties = GSuiteGroupToMemberRelProperties()
+
+
+@dataclass(frozen=True)
+class GSuiteGroupToOwnerRelProperties(CartographyRelProperties):
+    """
+    Properties for GSuite group to owner relationship
+    """
+
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class GSuiteGroupToOwnerRel(CartographyRelSchema):
+    """
+    Relationship from GSuite group to its owners (users)
+    """
+
+    target_node_label: str = "GSuiteUser"
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {
+            "id": PropertyRef("owner_ids", one_to_many=True),
+        }
+    )
+    direction: LinkDirection = LinkDirection.INWARD
+    rel_label: str = "OWNER_GSUITE_GROUP"
+    properties: GSuiteGroupToOwnerRelProperties = GSuiteGroupToOwnerRelProperties()
+
+
+@dataclass(frozen=True)
+class GSuiteGroupSchema(CartographyNodeSchema):
+    """
+    GSuite group node schema
+    """
+
+    label: str = "GSuiteGroup"
+    properties: GSuiteGroupNodeProperties = GSuiteGroupNodeProperties()
+    sub_resource_relationship: GSuiteGroupToTenantRel = GSuiteGroupToTenantRel()
+    extra_node_labels: ExtraNodeLabels = ExtraNodeLabels(["GCPPrincipal"])
+    other_relationships = OtherRelationships(
+        [
+            GSuiteGroupToMemberRel(),
+            GSuiteGroupToOwnerRel(),
+        ]
+    )
+
+
+# MatchLinks for Group => Group relationships
+
+
+@dataclass(frozen=True)
+class GSuiteGroupToGroupMemberRelProperties(CartographyRelProperties):
+    """
+    Properties for GSuite group to group member relationship (MatchLink)
+    """
+
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+    _sub_resource_label: PropertyRef = PropertyRef(
+        "_sub_resource_label", set_in_kwargs=True
+    )
+    _sub_resource_id: PropertyRef = PropertyRef("_sub_resource_id", set_in_kwargs=True)
+    role: PropertyRef = PropertyRef("role")
+
+
+@dataclass(frozen=True)
+class GSuiteGroupToGroupMemberRel(CartographyRelSchema):
+    """
+    MatchLink relationship from GSuite parent group to member group
+    """
+
+    target_node_label: str = "GSuiteGroup"
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {
+            "id": PropertyRef("subgroup_id"),
+        }
+    )
+    source_node_label: str = "GSuiteGroup"
+    source_node_matcher: SourceNodeMatcher = make_source_node_matcher(
+        {
+            "id": PropertyRef("parent_group_id"),
+        }
+    )
+    direction: LinkDirection = LinkDirection.INWARD
+    rel_label: str = "MEMBER_GSUITE_GROUP"
+    properties: GSuiteGroupToGroupMemberRelProperties = (
+        GSuiteGroupToGroupMemberRelProperties()
+    )
+
+
+@dataclass(frozen=True)
+class GSuiteGroupToGroupOwnerRelProperties(CartographyRelProperties):
+    """
+    Properties for GSuite group to group owner relationship (MatchLink)
+    """
+
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+    _sub_resource_label: PropertyRef = PropertyRef(
+        "_sub_resource_label", set_in_kwargs=True
+    )
+    _sub_resource_id: PropertyRef = PropertyRef("_sub_resource_id", set_in_kwargs=True)
+    role: PropertyRef = PropertyRef("role")
+
+
+@dataclass(frozen=True)
+class GSuiteGroupToGroupOwnerRel(CartographyRelSchema):
+    """
+    MatchLink relationship from GSuite parent group to owner group
+    """
+
+    target_node_label: str = "GSuiteGroup"
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {
+            "id": PropertyRef("subgroup_id"),
+        }
+    )
+    source_node_label: str = "GSuiteGroup"
+    source_node_matcher: SourceNodeMatcher = make_source_node_matcher(
+        {
+            "id": PropertyRef("parent_group_id"),
+        }
+    )
+    direction: LinkDirection = LinkDirection.INWARD
+    rel_label: str = "OWNER_GSUITE_GROUP"
+    properties: GSuiteGroupToGroupOwnerRelProperties = (
+        GSuiteGroupToGroupOwnerRelProperties()
+    )

cartography/models/gsuite/tenant.py

@@ -0,0 +1,29 @@
+from dataclasses import dataclass
+
+from cartography.models.core.common import PropertyRef
+from cartography.models.core.nodes import CartographyNodeProperties
+from cartography.models.core.nodes import CartographyNodeSchema
+
+
+@dataclass(frozen=True)
+class GSuiteTenantNodeProperties(CartographyNodeProperties):
+    """
+    GSuite tenant (domain/customer) node properties
+    """
+
+    id: PropertyRef = PropertyRef("id")
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+
+    # Customer/domain identifier - use id as the primary identifier
+    customer_id: PropertyRef = PropertyRef("id")
+
+
+@dataclass(frozen=True)
+class GSuiteTenantSchema(CartographyNodeSchema):
+    """
+    GSuite tenant (domain/customer) schema
+    """
+
+    label: str = "GSuiteTenant"
+    properties: GSuiteTenantNodeProperties = GSuiteTenantNodeProperties()
+    sub_resource_relationship: None = None  # Tenant is the root level

cartography/models/gsuite/user.py

@@ -0,0 +1,107 @@
+from dataclasses import dataclass
+
+from cartography.models.core.common import PropertyRef
+from cartography.models.core.nodes import CartographyNodeProperties
+from cartography.models.core.nodes import CartographyNodeSchema
+from cartography.models.core.nodes import ExtraNodeLabels
+from cartography.models.core.relationships import CartographyRelProperties
+from cartography.models.core.relationships import CartographyRelSchema
+from cartography.models.core.relationships import LinkDirection
+from cartography.models.core.relationships import make_target_node_matcher
+from cartography.models.core.relationships import TargetNodeMatcher
+
+
+@dataclass(frozen=True)
+class GSuiteUserNodeProperties(CartographyNodeProperties):
+    """
+    GSuite user node properties
+    """
+
+    id: PropertyRef = PropertyRef("id")
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+
+    # User identifiers and basic info
+    user_id: PropertyRef = PropertyRef("id")  # Alias for id
+    email: PropertyRef = PropertyRef("primaryEmail", extra_index=True)
+    primary_email: PropertyRef = PropertyRef("primaryEmail")
+    name: PropertyRef = PropertyRef("name")
+    family_name: PropertyRef = PropertyRef("family_name")
+    given_name: PropertyRef = PropertyRef("given_name")
+
+    # Account settings
+    agreed_to_terms: PropertyRef = PropertyRef("agreedToTerms")
+    archived: PropertyRef = PropertyRef("archived")
+    change_password_at_next_login: PropertyRef = PropertyRef(
+        "changePasswordAtNextLogin"
+    )
+    suspended: PropertyRef = PropertyRef("suspended")
+
+    # Admin and security settings
+    is_admin: PropertyRef = PropertyRef("isAdmin")
+    is_delegated_admin: PropertyRef = PropertyRef("isDelegatedAdmin")
+    is_enforced_in_2_sv: PropertyRef = PropertyRef("isEnforcedIn2Sv")
+    is_enrolled_in_2_sv: PropertyRef = PropertyRef("isEnrolledIn2Sv")
+    ip_whitelisted: PropertyRef = PropertyRef("ipWhitelisted")
+
+    # Organization and profile
+    org_unit_path: PropertyRef = PropertyRef("orgUnitPath")
+    include_in_global_address_list: PropertyRef = PropertyRef(
+        "includeInGlobalAddressList"
+    )
+    is_mailbox_setup: PropertyRef = PropertyRef("isMailboxSetup")
+
+    # Timestamps and metadata
+    creation_time: PropertyRef = PropertyRef("creationTime")
+    last_login_time: PropertyRef = PropertyRef("lastLoginTime")
+    etag: PropertyRef = PropertyRef("etag")
+    kind: PropertyRef = PropertyRef("kind")
+
+    # Photo information
+    thumbnail_photo_etag: PropertyRef = PropertyRef("thumbnailPhotoEtag")
+    thumbnail_photo_url: PropertyRef = PropertyRef("thumbnailPhotoUrl")
+
+    # Tenant relationship
+    customer_id: PropertyRef = PropertyRef("CUSTOMER_ID", set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class GSuiteUserToTenantRelProperties(CartographyRelProperties):
+    """
+    Properties for GSuite user to tenant relationship
+    """
+
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class GSuiteUserToTenantRel(CartographyRelSchema):
+    """
+    Relationship from GSuite user to GSuite tenant
+    """
+
+    target_node_label: str = "GSuiteTenant"
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {
+            "id": PropertyRef("CUSTOMER_ID", set_in_kwargs=True),
+        }
+    )
+    direction: LinkDirection = LinkDirection.OUTWARD
+    rel_label: str = "RESOURCE"
+    properties: GSuiteUserToTenantRelProperties = GSuiteUserToTenantRelProperties()
+
+
+@dataclass(frozen=True)
+class GSuiteUserSchema(CartographyNodeSchema):
+    """
+    GSuite user node schema
+    """
+
+    label: str = "GSuiteUser"
+    properties: GSuiteUserNodeProperties = GSuiteUserNodeProperties()
+    sub_resource_relationship: GSuiteUserToTenantRel = GSuiteUserToTenantRel()
+    extra_node_labels: ExtraNodeLabels = ExtraNodeLabels(
+        [
+            "GCPPrincipal",
+            "UserAccount",
+        ]  # UserAccount label is used for ontology mapping
+    )

cartography/models/kandji/device.py

@@ -14,9 +14,8 @@ from cartography.models.core.relationships import TargetNodeMatcher
 class KandjiDeviceNodeProperties(CartographyNodeProperties):
     id: PropertyRef = PropertyRef("id")
     lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
-
     device_id: PropertyRef = PropertyRef("device_id")
-    device_name: PropertyRef = PropertyRef("device_name")
+    device_name: PropertyRef = PropertyRef("device_name", extra_index=True)
     last_check_in: PropertyRef = PropertyRef("last_check_in")
     model: PropertyRef = PropertyRef("model")
     os_version: PropertyRef = PropertyRef("os_version")

cartography/models/keycloak/user.py

@@ -3,6 +3,7 @@ from dataclasses import dataclass
 from cartography.models.core.common import PropertyRef
 from cartography.models.core.nodes import CartographyNodeProperties
 from cartography.models.core.nodes import CartographyNodeSchema
+from cartography.models.core.nodes import ExtraNodeLabels
 from cartography.models.core.relationships import CartographyRelProperties
 from cartography.models.core.relationships import CartographyRelSchema
 from cartography.models.core.relationships import LinkDirection
@@ -47,5 +48,8 @@ class KeycloakUserToRealmRel(CartographyRelSchema):
 @dataclass(frozen=True)
 class KeycloakUserSchema(CartographyNodeSchema):
     label: str = "KeycloakUser"
+    extra_node_labels: ExtraNodeLabels = ExtraNodeLabels(
+        ["UserAccount"]
+    )  # UserAccount label is used for ontology mapping
     properties: KeycloakUserNodeProperties = KeycloakUserNodeProperties()
     sub_resource_relationship: KeycloakUserToRealmRel = KeycloakUserToRealmRel()

cartography/models/lastpass/user.py

@@ -3,6 +3,7 @@ from dataclasses import dataclass
 from cartography.models.core.common import PropertyRef
 from cartography.models.core.nodes import CartographyNodeProperties
 from cartography.models.core.nodes import CartographyNodeSchema
+from cartography.models.core.nodes import ExtraNodeLabels
 from cartography.models.core.relationships import CartographyRelProperties
 from cartography.models.core.relationships import CartographyRelSchema
 from cartography.models.core.relationships import LinkDirection
@@ -73,6 +74,9 @@ class LastpassTenantToUserRel(CartographyRelSchema):
 @dataclass(frozen=True)
 class LastpassUserSchema(CartographyNodeSchema):
     label: str = "LastpassUser"
+    extra_node_labels: ExtraNodeLabels = ExtraNodeLabels(
+        ["UserAccount"]
+    )  # UserAccount label is used for ontology mapping
     properties: LastpassUserNodeProperties = LastpassUserNodeProperties()
     other_relationships: OtherRelationships = OtherRelationships(
         rels=[LastpassHumanToUserRel()],

cartography/models/ontology/device.py

@@ -0,0 +1,125 @@
+from dataclasses import dataclass
+
+from cartography.models.core.common import PropertyRef
+from cartography.models.core.nodes import CartographyNodeProperties
+from cartography.models.core.nodes import CartographyNodeSchema
+from cartography.models.core.nodes import ExtraNodeLabels
+from cartography.models.core.relationships import CartographyRelProperties
+from cartography.models.core.relationships import CartographyRelSchema
+from cartography.models.core.relationships import LinkDirection
+from cartography.models.core.relationships import make_target_node_matcher
+from cartography.models.core.relationships import OtherRelationships
+from cartography.models.core.relationships import TargetNodeMatcher
+
+
+@dataclass(frozen=True)
+class DeviceNodeProperties(CartographyNodeProperties):
+    id: PropertyRef = PropertyRef("hostname")
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+    hostname: PropertyRef = PropertyRef("hostname", extra_index=True)
+    os: PropertyRef = PropertyRef("os")
+    os_version: PropertyRef = PropertyRef("os_version")
+    model: PropertyRef = PropertyRef("model")
+    platform: PropertyRef = PropertyRef("platform")
+    serial_number: PropertyRef = PropertyRef("serial_number", extra_index=True)
+
+
+@dataclass(frozen=True)
+class DeviceToNodeRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+
+
+# (:Device)-[:OBSERVED_AS]->(:DuoEndpoint)
+class DeviceToDuoEndpointRel(CartographyRelSchema):
+    target_node_label: str = "DuoEndpoint"
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {"device_name": PropertyRef("hostname")},
+    )
+    direction: LinkDirection = LinkDirection.OUTWARD
+    rel_label: str = "OBSERVED_AS"
+    properties: DeviceToNodeRelProperties = DeviceToNodeRelProperties()
+
+
+# (:Device)-[:OBSERVED_AS]->(:DuoPhone)
+class DeviceToDuoPhoneRel(CartographyRelSchema):
+    target_node_label: str = "DuoPhone"
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {"name": PropertyRef("hostname")},
+    )
+    direction: LinkDirection = LinkDirection.OUTWARD
+    rel_label: str = "OBSERVED_AS"
+    properties: DeviceToNodeRelProperties = DeviceToNodeRelProperties()
+
+
+# (:Device)-[:OBSERVED_AS]->(:KandjiDevice)
+class DeviceToKandjiDeviceRel(CartographyRelSchema):
+    target_node_label: str = "KandjiDevice"
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {"device_name": PropertyRef("hostname")},
+    )
+    direction: LinkDirection = LinkDirection.OUTWARD
+    rel_label: str = "OBSERVED_AS"
+    properties: DeviceToNodeRelProperties = DeviceToNodeRelProperties()
+
+
+# (:Device)-[:OBSERVED_AS]->(:SnipeitAsset)
+class DeviceToSnipeitAssetRel(CartographyRelSchema):
+    target_node_label: str = "SnipeitAsset"
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {"name": PropertyRef("hostname")},
+    )
+    direction: LinkDirection = LinkDirection.OUTWARD
+    rel_label: str = "OBSERVED_AS"
+    properties: DeviceToNodeRelProperties = DeviceToNodeRelProperties()
+
+
+# (:Device)-[:OBSERVED_AS]->(:TailscaleDevice)
+class DeviceToTailscaleDeviceRel(CartographyRelSchema):
+    target_node_label: str = "TailscaleDevice"
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {"hostname": PropertyRef("hostname")},
+    )
+    direction: LinkDirection = LinkDirection.OUTWARD
+    rel_label: str = "OBSERVED_AS"
+    properties: DeviceToNodeRelProperties = DeviceToNodeRelProperties()
+
+
+# (:Device)-[:OBSERVED_AS]->(:CrowdstrikeHost)
+class DeviceToCrowdstrikeHostRel(CartographyRelSchema):
+    target_node_label: str = "CrowdstrikeHost"
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {"hostname": PropertyRef("hostname")},
+    )
+    direction: LinkDirection = LinkDirection.OUTWARD
+    rel_label: str = "OBSERVED_AS"
+    properties: DeviceToNodeRelProperties = DeviceToNodeRelProperties()
+
+
+# (:Device)-[:OBSERVED_AS]->(:BigfixComputer)
+class DeviceToBigfixComputerRel(CartographyRelSchema):
+    target_node_label: str = "BigfixComputer"
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {"computername": PropertyRef("hostname")},
+    )
+    direction: LinkDirection = LinkDirection.OUTWARD
+    rel_label: str = "OBSERVED_AS"
+    properties: DeviceToNodeRelProperties = DeviceToNodeRelProperties()
+
+
+@dataclass(frozen=True)
+class DeviceSchema(CartographyNodeSchema):
+    label: str = "Device"
+    extra_node_labels: ExtraNodeLabels = ExtraNodeLabels(["Ontology"])
+    properties: DeviceNodeProperties = DeviceNodeProperties()
+    scoped_cleanup: bool = False
+    other_relationships: OtherRelationships = OtherRelationships(
+        rels=[
+            DeviceToDuoEndpointRel(),
+            DeviceToDuoPhoneRel(),
+            DeviceToKandjiDeviceRel(),
+            DeviceToSnipeitAssetRel(),
+            DeviceToTailscaleDeviceRel(),
+            DeviceToCrowdstrikeHostRel(),
+            DeviceToBigfixComputerRel(),
+        ],
+    )

cartography/models/ontology/mapping/__init__.py

@@ -0,0 +1,16 @@
+from cartography.models.core.nodes import CartographyNodeSchema
+from cartography.models.ontology.device import DeviceSchema
+from cartography.models.ontology.mapping.data.devices import DEVICES_ONTOLOGY_MAPPING
+from cartography.models.ontology.mapping.data.users import USERS_ONTOLOGY_MAPPING
+from cartography.models.ontology.mapping.specs import OntologyMapping
+from cartography.models.ontology.user import UserSchema
+
+ONTOLOGY_MAPPING: dict[str, dict[str, OntologyMapping]] = {
+    "users": USERS_ONTOLOGY_MAPPING,
+    "devices": DEVICES_ONTOLOGY_MAPPING,
+}
+
+ONTOLOGY_MODELS: dict[str, type[CartographyNodeSchema]] = {
+    "users": UserSchema,
+    "devices": DeviceSchema,
+}

cartography/models/ontology/mapping/data/__init__.py

@@ -0,0 +1 @@
+# Ontology mapping data files