PyPI - mal-toolbox - Versions diffs - 1.1.3__tar.gz → 1.2.1__tar.gz - Mend

mal-toolbox 1.1.3tar.gz → 1.2.1tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (40) hide show

{mal_toolbox-1.1.3/mal_toolbox.egg-info → mal_toolbox-1.2.1}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: mal-toolbox
-Version: 1.1.3
+Version: 1.2.1
 Summary: A collection of tools used to create MAL models and attack graphs.
 Author-email: Andrei Buhaiu <buhaiu@kth.se>, Joakim Loxdal <loxdal@kth.se>, Nikolaos Kakouros <nkak@kth.se>, Jakob Nyberg <jaknyb@kth.se>, Giuseppe Nebbione <nebbione@kth.se>, Sandor Berglund <sandor@kth.se>
 License: Apache Software License
@@ -75,6 +75,15 @@ available.
 pip install mal-toolbox
 ```
+### Requirements
+If you wish to run visualisations with graphviz, you must first download and install it on your computer. Depending on your operating system, you can find out how to do this here: [link to graphviz installation](https://graphviz.org/download/).
+Once the software has been successfully installed, you must also include the python package by running:
+```
+pip install graphviz
+```
 ## Configuration
 You can use a `maltoolbox.yml` file in the current working directory to
 configure the toolbox.

{mal_toolbox-1.1.3 → mal_toolbox-1.2.1}/README.md RENAMED Viewed

@@ -44,6 +44,15 @@ available.
 pip install mal-toolbox
 ```
+### Requirements
+If you wish to run visualisations with graphviz, you must first download and install it on your computer. Depending on your operating system, you can find out how to do this here: [link to graphviz installation](https://graphviz.org/download/).
+Once the software has been successfully installed, you must also include the python package by running:
+```
+pip install graphviz
+```
 ## Configuration
 You can use a `maltoolbox.yml` file in the current working directory to
 configure the toolbox.

{mal_toolbox-1.1.3 → mal_toolbox-1.2.1/mal_toolbox.egg-info}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: mal-toolbox
-Version: 1.1.3
+Version: 1.2.1
 Summary: A collection of tools used to create MAL models and attack graphs.
 Author-email: Andrei Buhaiu <buhaiu@kth.se>, Joakim Loxdal <loxdal@kth.se>, Nikolaos Kakouros <nkak@kth.se>, Jakob Nyberg <jaknyb@kth.se>, Giuseppe Nebbione <nebbione@kth.se>, Sandor Berglund <sandor@kth.se>
 License: Apache Software License
@@ -75,6 +75,15 @@ available.
 pip install mal-toolbox
 ```
+### Requirements
+If you wish to run visualisations with graphviz, you must first download and install it on your computer. Depending on your operating system, you can find out how to do this here: [link to graphviz installation](https://graphviz.org/download/).
+Once the software has been successfully installed, you must also include the python package by running:
+```
+pip install graphviz
+```
 ## Configuration
 You can use a `maltoolbox.yml` file in the current working directory to
 configure the toolbox.

{mal_toolbox-1.1.3 → mal_toolbox-1.2.1}/mal_toolbox.egg-info/SOURCES.txt RENAMED Viewed

@@ -14,6 +14,7 @@ maltoolbox/exceptions.py
 maltoolbox/file_utils.py
 maltoolbox/model.py
 maltoolbox/py.typed
+maltoolbox/str_utils.py
 maltoolbox/attackgraph/__init__.py
 maltoolbox/attackgraph/attackgraph.py
 maltoolbox/attackgraph/node.py
@@ -33,4 +34,5 @@ maltoolbox/visualization/draw_io_utils.py
 maltoolbox/visualization/graphviz_utils.py
 maltoolbox/visualization/neo4j_utils.py
 maltoolbox/visualization/utils.py
-tests/test_model.py
+tests/test_model.py
+tests/test_visualization.py

{mal_toolbox-1.1.3 → mal_toolbox-1.2.1}/maltoolbox/__init__.py RENAMED Viewed

@@ -1,4 +1,4 @@
-# MAL Toolbox v1.1.3
+# MAL Toolbox v1.2.1
 # Copyright 2025, Andrei Buhaiu.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
@@ -19,7 +19,7 @@
 """
 __title__ = "maltoolbox"
-__version__ = "1.1.3"
+__version__ = "1.2.1"
 __authors__ = [
     "Andrei Buhaiu",
     "Giuseppe Nebbione",

{mal_toolbox-1.1.3 → mal_toolbox-1.2.1}/maltoolbox/attackgraph/attackgraph.py RENAMED Viewed

@@ -26,6 +26,8 @@ from ..language import (
     LanguageGraphAttackStep,
     disaggregate_attack_step_full_name,
 )
+from ..str_utils import levenshtein_distance
 from ..model import Model
 from .node import AttackGraphNode
@@ -277,7 +279,7 @@ class AttackGraph:
         return cls._from_dict(serialized_attack_graph,
             lang_graph, model=model)
-    def get_node_by_full_name(self, full_name: str) -> AttackGraphNode | None:
+    def get_node_by_full_name(self, full_name: str) -> AttackGraphNode:
         """Return the attack node that matches the full name provided.
         Arguments:
@@ -291,7 +293,13 @@ class AttackGraph:
         """
         logger.debug('Looking up node with full name "%s"', full_name)
-        return self._full_name_to_node.get(full_name)
+        if full_name not in self._full_name_to_node:
+            similar_names = self._get_similar_full_names(full_name)
+            raise LookupError(
+                f'Could not find node with name "{full_name}". '
+                f'Did you mean: {", ".join(similar_names)}?'
+            )
+        return self._full_name_to_node[full_name]
     def _follow_field_expr_chain(
         self, target_assets: set[ModelAsset], expr_chain: ExpressionsChain
@@ -623,6 +631,19 @@ class AttackGraph:
             ag_node.children.add(target_node)
             target_node.parents.add(ag_node)
+    def _get_similar_full_names(self, q: str) -> list[str]:
+        """Return a list of node full names that are similar to `q`"""
+        shortest_dist = 100
+        similar_names = []
+        for full_name in self._full_name_to_node:
+            dist = levenshtein_distance(q, full_name)
+            if dist == shortest_dist:
+                similar_names.append(full_name)
+            elif dist < shortest_dist:
+                similar_names = [full_name]
+                shortest_dist = dist
+        return similar_names
     def regenerate_graph(self) -> None:
         """Regenerate the attack graph based on the original model instance and
         the MAL language specification provided at initialization.

mal_toolbox-1.2.1/maltoolbox/str_utils.py ADDED Viewed

@@ -0,0 +1,22 @@
+"""String related methods"""
+def levenshtein_distance(a: str, b: str) -> int:
+    """Get distance between two strings"""
+    if a == b:
+        return 0
+    if not a:
+        return len(b)
+    if not b:
+        return len(a)
+    prev_row = list(range(len(b) + 1))
+    for i, ca in enumerate(a, start=1):
+        curr_row = [i]
+        for j, cb in enumerate(b, start=1):
+            insertions = prev_row[j] + 1
+            deletions = curr_row[j - 1] + 1
+            substitutions = prev_row[j - 1] + (ca != cb)
+            curr_row.append(min(insertions, deletions, substitutions))
+        prev_row = curr_row
+    return prev_row[-1]

{mal_toolbox-1.1.3 → mal_toolbox-1.2.1}/maltoolbox/visualization/graphviz_utils.py RENAMED Viewed

@@ -1,3 +1,6 @@
+from pathlib import Path
+from os import PathLike
+from typing import Optional
 import random
 import graphviz
@@ -36,8 +39,28 @@ graphviz_bright_colors = [
 ]
-def render_model(model: Model):
-    """Render a model in graphviz, create pdf and open it"""
+def _resolve_graphviz_path(path: Optional[PathLike], default_name: str):
+    """
+    Resolve a user-provided path into (directory, filename_without_ext).
+    - If path is None → ('.', default_name)
+    - If path is a directory → (path, default_name)
+    - If path is a file → (parent_directory, file_stem)
+    """
+    if path is None:
+        return ".", default_name
+    p = Path(path)
+    if p.is_dir():
+        return str(p), default_name
+    # It's a file path
+    return str(p.parent), p.stem
+def render_model(model: Model, path: Optional[PathLike] = None, view=True):
+    """Render a model in graphviz, create PDF, and open it."""
     dot = graphviz.Digraph(model.name)
     # Create nodes
@@ -47,58 +70,60 @@ def render_model(model: Model):
         if not bg_color:
             bg_color = random.choice(graphviz_bright_colors)
             asset_type_colors[asset.lg_asset.name] = bg_color
-        dot.node(
-            str(asset.id), asset.name, style="filled", fillcolor=bg_color
-        )
+        dot.node(str(asset.id), asset.name, style="filled", fillcolor=bg_color)
     # Create edges
     for from_asset in model.assets.values():
         for fieldname, to_assets in from_asset.associated_assets.items():
             for to_asset in to_assets:
-                dot.edge(
-                    str(from_asset.id), str(to_asset.id), label=fieldname
-                )
-    dot.render(directory='.', view=True)
+                dot.edge(str(from_asset.id), str(to_asset.id), label=fieldname)
+    directory, filename = _resolve_graphviz_path(path, model.name)
+    dot.render(directory=directory, filename=f"{filename}.gv", view=view, format="pdf")
-def render_attack_graph(attack_graph: AttackGraph):
-    """Render attack graph graphviz, create pdf and open it"""
+def render_attack_graph(attack_graph: AttackGraph, path: Optional[PathLike] = None, view = True):
+    """Render attack graph graphviz, create PDF, and open it."""
     assert attack_graph.model, "Attack graph needs a model"
-    dot = graphviz.Graph(attack_graph.model.name)
-    dot.graph_attr['nodesep'] = '3.0'  # Node separation
-    dot.graph_attr['ratio'] = 'compress'
+    name = attack_graph.model.name + "-attack_graph"
+    dot = graphviz.Digraph(name)
+    dot.graph_attr["nodesep"] = "3.0"
+    dot.graph_attr["ratio"] = "compress"
     # Create nodes
     asset_colors: dict[str, str] = {}
     for node in attack_graph.nodes.values():
         assert node.model_asset, "Node needs model"
         bg_color = asset_colors.get(node.model_asset.name)
         if not bg_color:
             bg_color = random.choice(graphviz_bright_colors)
             asset_colors[node.model_asset.name] = bg_color
-        path_color = 'white'
         match node.type:
-            case 'defense':
-                path_color = 'blue'
-            case 'or':
-                path_color = 'red'
-            case 'and':
-                path_color = 'red'
-            case 'exist':
-                path_color = 'grey'
-            case 'notExist':
-                path_color = 'grey'
+            case "defense":
+                path_color = "blue"
+            case "or" | "and":
+                path_color = "red"
+            case "exist" | "notExist":
+                path_color = "grey"
             case t:
-                raise ValueError(f'Type {t} not supported')
+                raise ValueError(f"Type {t} not supported")
         dot.node(
-            str(node.id), node.full_name, style="filled", color=path_color, fillcolor=bg_color
+            str(node.id),
+            node.full_name,
+            style="filled",
+            color=path_color,
+            fillcolor=bg_color
         )
     # Create edges
     for parent in attack_graph.nodes.values():
         for child in parent.children:
-            dot.edge(str(parent.id), str(child.id))
+            dot.edge(str(parent.id), str(child.id), arrowhead="normal")
-    dot.render(directory='.', view=True)
+    directory, filename = _resolve_graphviz_path(path, name)
+    dot.render(directory=directory, filename=f"{filename}.gv", view=view, format="pdf")

{mal_toolbox-1.1.3 → mal_toolbox-1.2.1}/pyproject.toml RENAMED Viewed

@@ -1,6 +1,6 @@
 [project]
 name = "mal-toolbox"
-version = "1.1.3"
+version = "1.2.1"
 authors = [
   { name="Andrei Buhaiu", email="buhaiu@kth.se" },
   { name="Joakim Loxdal", email="loxdal@kth.se" },

mal_toolbox-1.2.1/tests/test_visualization.py ADDED Viewed

@@ -0,0 +1,104 @@
+from pathlib import Path
+from maltoolbox.model import Model
+from maltoolbox.attackgraph import AttackGraph
+from maltoolbox.visualization import render_attack_graph, render_model
+# -------------------------------------------------------------------
+# 1. Tests when PATH is a directory
+# -------------------------------------------------------------------
+def test_render_model_to_dir(example_model: Model, tmp_path: Path):
+    """Ensure the model renders to directory with .gv and .gv.pdf."""
+    outdir = tmp_path
+    render_model(example_model, path=outdir, view=False)
+    expected_pdf = outdir / f"{example_model.name}.gv.pdf"
+    expected_gv = outdir / f"{example_model.name}.gv"
+    assert expected_pdf.exists()
+    assert expected_gv.exists()
+def test_render_attack_graph_to_dir(example_attackgraph: AttackGraph, tmp_path: Path):
+    """Ensure the attack graph renders to directory with .gv and .gv.pdf."""
+    outdir = tmp_path
+    assert example_attackgraph.model, "Need model"
+    name = example_attackgraph.model.name + "-attack_graph"
+    render_attack_graph(example_attackgraph, path=outdir, view=False)
+    expected_pdf = outdir / f"{name}.gv.pdf"
+    expected_gv = outdir / f"{name}.gv"
+    assert expected_pdf.exists()
+    assert expected_gv.exists()
+# -------------------------------------------------------------------
+# 2. Tests when PATH is a specific file path
+# -------------------------------------------------------------------
+def test_render_model_to_exact_file(example_model: Model, tmp_path: Path):
+    """Ensure rendering works when given an explicit file path."""
+    out_file = tmp_path / "custom_output.gv"  # user-specified file name
+    render_model(example_model, path=out_file, view=False)
+    expected_pdf = tmp_path / "custom_output.gv.pdf"
+    expected_gv = tmp_path / "custom_output.gv"
+    assert expected_pdf.exists()
+    assert expected_gv.exists()
+def test_render_attack_graph_to_exact_file(example_attackgraph: AttackGraph, tmp_path: Path):
+    """Ensure attack graph renders to an exact file path."""
+    out_file = tmp_path / "attack_output.gv"
+    render_attack_graph(example_attackgraph, path=out_file, view=False)
+    expected_pdf = tmp_path / "attack_output.gv.pdf"
+    expected_gv = tmp_path / "attack_output.gv"
+    assert expected_pdf.exists()
+    assert expected_gv.exists()
+# -------------------------------------------------------------------
+# 3. Tests when PATH is None (default behavior)
+# -------------------------------------------------------------------
+def test_render_model_no_path(example_model: Model, tmp_path: Path, monkeypatch):
+    """
+    Ensure rendering works with path=None.
+    We monkeypatch cwd so files go into tmp_path.
+    """
+    monkeypatch.chdir(tmp_path)
+    render_model(example_model, path=None, view=False)
+    expected_pdf = tmp_path / f"{example_model.name}.gv.pdf"
+    expected_gv = tmp_path / f"{example_model.name}.gv"
+    assert expected_pdf.exists()
+    assert expected_gv.exists()
+def test_render_attack_graph_no_path(example_attackgraph: AttackGraph, tmp_path: Path, monkeypatch):
+    """
+    Ensure rendering attack graph works with no path.
+    Files should appear in the working directory.
+    """
+    monkeypatch.chdir(tmp_path)
+    assert example_attackgraph.model, "Need model"
+    name = example_attackgraph.model.name + "-attack_graph"
+    render_attack_graph(example_attackgraph, path=None, view=False)
+    expected_pdf = tmp_path / f"{name}.gv.pdf"
+    expected_gv = tmp_path / f"{name}.gv"
+    assert expected_pdf.exists()
+    assert expected_gv.exists()