devsecopsmaturitymodel · wurstbrot · Sep 9, 2020 · Sep 9, 2020
diff --git a/bib.php b/bib.php
@@ -20,10 +20,10 @@ function readCSV($filename, $delimiter)
     return $data;
 }
 
-function elementIsSelected($elementName)
+function elementIsSelected($activityName)
 {
     foreach (getCsv() as $element) {
-        if ($elementName == $element["element"]) {
+        if ($activityName == $element["element"]) {
             return true;
         }
     }

diff --git a/data-yml.php b/data-yml.php
@@ -119,8 +119,8 @@ function getElementByName($dimensions, $name)
 {
     foreach ($dimensions as $dimensionName => $subDimension) {
         foreach ($subDimension as $subDimensionName => $elements) {
-            foreach ($elements as $elementName => $element) {
-                if ($elementName == $name) {
+            foreach ($elements as $activityName => $element) {
+                if ($activityName == $name) {
                     return $element;
                 }
             }

diff --git a/data.php b/data.php
@@ -119,8 +119,8 @@ function getElementByName($dimensions, $name)
 {
     foreach ($dimensions as $dimensionName => $subDimension) {
         foreach ($subDimension as $subDimensionName => $elements) {
-            foreach ($elements as $elementName => $element) {
-                if ($elementName == $name) {
+            foreach ($elements as $activityName => $element) {
+                if ($activityName == $name) {
                     return $element;
                 }
             }

diff --git a/detail.php b/detail.php
@@ -10,11 +10,11 @@
 
 $dimension = $_GET['dimension'];
 $subdimension = $_GET['subdimension'];
-$elementName = $_GET['element'];
+$activityName = $_GET['element'];
 
-function printDetail($dimension, $subdimension, $elementName, $dimensions, $report = false)
+function printDetail($dimension, $subdimension, $activityName, $dimensions, $report = false)
 {
-    $element = $dimensions[$dimension][$subdimension][$elementName];
+    $element = $dimensions[$dimension][$subdimension][$activityName];
 
     if ($element == null) { //Whitelist approach for security reasons (deny XSS)
         //echo "Sorry, we could not found the element";
@@ -34,9 +34,9 @@ function printDetail($dimension, $subdimension, $elementName, $dimensions, $repo
 
             $pageH1 .= " -> $subdimension";
         }
-        $pageH1 .= ": $elementName";
+        $pageH1 .= ": $activityName";
     } else {
-        $pageH1 .= "$elementName";
+        $pageH1 .= "$activityName";
     }
 
     echo "<h$headerWeight>$pageH1</h$headerWeight>";
@@ -101,4 +101,4 @@ function printDetail($dimension, $subdimension, $elementName, $dimensions, $repo
     }
 }
 
-printDetail($dimension, $subdimension, $elementName, $dimensions);
+printDetail($dimension, $subdimension, $activityName, $dimensions);
diff --git a/graph.php b/graph.php
@@ -12,7 +12,7 @@
 include_once "data.php";
 function hasElementChildren($element) {
     $hasContent = false;
-    foreach ($element as $elementName => $content) {
+    foreach ($element as $activityName => $content) {
         if (!array_key_exists("dependsOn", $content)) {
             continue;
         }
@@ -62,9 +62,9 @@ function hasElementChildren($element) {
         }
     </style>
 <?php
-function getSourceAndParent($elementName, $subdimension, $parent = "")
+function getSourceAndParent($activityName, $subdimension, $parent = "")
 {
-    return "{source: \"$elementName\", target: \"$parent\", type: \"" . base64_encode($subdimension) . "\"}";
+    return "{source: \"$activityName\", target: \"$parent\", type: \"" . base64_encode($subdimension) . "\"}";
 }
 
 
@@ -83,7 +83,7 @@ function getSourceAndParent($elementName, $subdimension, $parent = "")
                     $first = true;
 
                     //if($subdimension != "Erzeugung") continue;
-                    foreach ($element as $elementName => $content) {
+                    foreach ($element as $activityName => $content) {
                         if (!array_key_exists("dependsOn", $content)) {
                             continue;
                         }
@@ -98,14 +98,14 @@ function getSourceAndParent($elementName, $subdimension, $parent = "")
                                     echo ",";
                                 }
                                 $first = false;
-                                echo getSourceAndParent($elementName, $subdimension, $dependsOn);
+                                echo getSourceAndParent($activityName, $subdimension, $dependsOn);
                             }
                         } else {
                             if (!$first) {
                                 echo ",";
                             }
                             $first = false;
-                            echo getSourceAndParent($elementName, $subdimension, $parent);
+                            echo getSourceAndParent($activityName, $subdimension, $parent);
                         }
 
                     }

diff --git a/head.php b/head.php
@@ -121,12 +121,12 @@ function getTable($dimensions) {
 
 			for($i = 1; $i <= NUMBER_LEVELS; $i ++) {
 				$tableContent .= "<td><ul>";
-				foreach ( $element as $elementName => $content ) {
-					$content = getContentForLevelFromSubdimensions ( $i, $content, $elementName );
+				foreach ( $element as $activityName => $content ) {
+					$content = getContentForLevelFromSubdimensions ( $i, $content, $activityName );
 					if ($content != "") {
-						$elementLink = "detail.php?dimension=" . urlencode ( $dimension ) . "&subdimension=" . urlencode ( $subdimension ) . "&element=" . urlencode ( $elementName );
-						$tableContent .= "<a href='$elementLink' data-dimension='$dimension' data-subdimension='$subdimension' data-element='$elementName'";
-						if (elementIsSelected ( $elementName )) {
+						$elementLink = "detail.php?dimension=" . urlencode ( $dimension ) . "&subdimension=" . urlencode ( $subdimension ) . "&element=" . urlencode ( $activityName );
+						$tableContent .= "<a href='$elementLink' data-dimension='$dimension' data-subdimension='$subdimension' data-element='$activityName'";
+						if (elementIsSelected ( $activityName )) {
 							$tableContent .= "class='selected'";
 						}
 						$tableContent .= "><li>" . $content . "</li></a>";
@@ -143,11 +143,11 @@ function getTable($dimensions) {
 	$table .= "</table>";
 	return $table;
 }
-function getContentForLevelFromSubdimensions($level, $subdimension, $elementName) {
+function getContentForLevelFromSubdimensions($level, $subdimension, $activityName) {
 	if ($level != $subdimension ["level"]) {
 		return "";
 	}
 	$tooltip = "<div class='popoverdetails'>" . build_table_tooltip ( $subdimension ) . "</div>";
-	return "<div data-toggle=\"popover\" data-title=\"$elementName\" data-content=\"$tooltip\" type=\"button\" data-html=\"true \">" . $elementName . "</div>";
+	return "<div data-toggle=\"popover\" data-title=\"$activityName\" data-content=\"$tooltip\" type=\"button\" data-html=\"true \">" . $activityName . "</div>";
 }
 
diff --git a/mappings.php b/mappings.php
@@ -14,13 +14,13 @@
 ?>
 <table class="table">
 <thead>
-<tr>
-    <th scope="col">Dimension</th>
-    <th scope="col">Subdimension</th>
-    <th scope="col">Actvity</th>
-    <th scope="col">SAMM 2</th>
-    <th scope="col">ISO 27001</th>
-</tr>
+    <tr>
+        <th scope="col">Dimension</th>
+        <th scope="col">Subdimension</th>
+        <th scope="col">Actvity</th>
+        <th scope="col">SAMM 2</th>
+        <th scope="col">ISO 27001</th>
+    </tr>
 </thead>
 <tbody>
 <?php

diff --git a/report-samm.php b/report-samm.php
@@ -21,13 +21,13 @@
         echo "<h3 style='color:green;'>With SAMM2 Mapping</h3>";
         for ($i = 1; $i <= 4; $i++) {
             $tableContent .= "<td><ul>";
-            foreach ($element as $elementName => $content) {
+            foreach ($element as $activityName => $content) {
                 if(array_key_exists("samm2", $content) && !preg_match("/TODO/i", $content["samm2"])) {
-                    $content2 = getContentForLevelFromSubdimensions($i, $content, $elementName);
+                    $content2 = getContentForLevelFromSubdimensions($i, $content, $activityName);
 
                     if ($content2 != "") {
-                        printDetail($dimension, $subdimension, $elementName, $dimensions, true);
-                        $mappingExists[$subdimension][$content["samm2"]][$elementName] = $content;
+                        printDetail($dimension, $subdimension, $activityName, $dimensions, true);
+                        $mappingExists[$subdimension][$content["samm2"]][$activityName] = $content;
                     }
                 }
             }
@@ -36,14 +36,14 @@
         echo "<h3 style='color:red;'>Without SAMM2 Mapping</h3>";
         for ($i = 1; $i <= 4; $i++) {
             $tableContent .= "<td><ul>";
-            foreach ($element as $elementName => $content) {
+            foreach ($element as $activityName => $content) {
                 if(!array_key_exists("samm2", $content) || preg_match("/TODO/i", $content["samm2"])) {
-                    $content2 = getContentForLevelFromSubdimensions($i, $content, $elementName);
+                    $content2 = getContentForLevelFromSubdimensions($i, $content, $activityName);
 
                     if ($content2 != "") {
-                        printDetail($dimension, $subdimension, $elementName, $dimensions, true);
-                        $content["name"] = $elementName;
-                        $noMappingExists[$subdimension][$content["samm2"]][$elementName] = $content;
+                        printDetail($dimension, $subdimension, $activityName, $dimensions, true);
+                        $content["name"] = $activityName;
+                        $noMappingExists[$subdimension][$content["samm2"]][$activityName] = $content;
                     }
                 }
             }
@@ -56,8 +56,8 @@
     foreach($category as $category => $content) {
         //var_dump($content);exit;
         echo $category . " ".count($content) . " ";
-        foreach($content as $elementName => $content2){ 
-            echo "$elementName" . " /";   }  
+        foreach($content as $activityName => $content2){ 
+            echo "$activityName" . " /";   }  
         echo   "<br>";
     }
 }

diff --git a/report.php b/report.php
@@ -4,24 +4,62 @@
     <body>
 <?php
 include_once "navi.php";
+
+if(array_key_exists("performed", $_GET)) {
+    $showPerformed = $_GET['performed'];
+
+    if($showPerformed != "true") $showPerformed = false;
+}else {
+    $showPerformed = false;
+}
+
+if(array_key_exists("planned", $_GET)) {
+    $showPlanned = $_GET['planned'];
+
+    if($showPlanned != "true") $showPlanned = false;
+}else {
+    $showPlanned = false;
+}
+
 ?>
+
+<form method="get">
+    <div class="form-check">
+        <input type="checkbox" class="form-check-input" name="performed" id="exampleCheck1" value="true" <?php if($showPerformed) {echo " checked=checked";}?>>
+        <label class="form-check-label" for="exampleCheck1">Show performed activities</label>
+  </div>
+  <div class="form-check">
+        <input type="checkbox" class="form-check-input" name="planned" id="exampleCheck2" value="true" <?php if($showPlanned) {echo " checked=checked";} ?>>
+        <label class="form-check-label" for="exampleCheck2">Show planned activities</label>
+  </div>  
+  <button type="submit" class="btn btn-primary">Submit</button>
+</form>
+
 <?php
 include_once "data.php";
 include_once "detail.php";
 
 
+
 foreach ($dimensions as $dimension => $subdimensions) {
     echo "<h1>Dimension $dimension</h1>";
-    foreach ($subdimensions as $subdimension => $element) {
+    foreach ($subdimensions as $subdimension => $activity) {
         echo "<h2>Sub-Dimension $subdimension</h2>";
 
         for ($i = 1; $i <= 4; $i++) {
             $tableContent .= "<td><ul>";
-            foreach ($element as $elementName => $content) {
-                $content = getContentForLevelFromSubdimensions($i, $content, $elementName);
+            foreach ($activity as $activityName => $content) {
+                if(elementIsSelected($activityName) && !$showPerformed) {
+                    continue;
+                }
+
+                if(!elementIsSelected($activityName) && !$showPlanned) {
+                    continue;
+                }                
+                $content = getContentForLevelFromSubdimensions($i, $content, $activityName);
 
                 if ($content != "") {
-                    printDetail($dimension, $subdimension, $elementName, $dimensions, true);
+                    printDetail($dimension, $subdimension, $activityName, $dimensions, true);
                 }
             }
         }

diff --git a/scutter.php b/scutter.php
@@ -16,14 +16,14 @@ function getJson($dimensions)
     foreach ($dimensions as $dimension => $subdimensions) {
         foreach ($subdimensions as $subdimension => $element) {
             $values = array();
-            foreach ($element as $elementName => $content) {
+            foreach ($element as $activityName => $content) {
                 $values[] = array(
                     "series" => 0,
                     "shape" => $shapes[$shape],
                     "size" => 3000,
                     "x" => getDifficultyOfImplementation($dimensions, $content),
                     "y" => $content["usefulness"],
-                    "key" => $elementName
+                    "key" => $activityName
                 );
             }
             $json[] = array(

diff --git a/spiderwebData.php b/spiderwebData.php
@@ -12,10 +12,10 @@ function getSpiderWebData($dimensions)
                     $data[$level][$dimension][$subdimension]['count'] = 0;
                     $data[$level][$dimension][$subdimension]['selected'] = 0;
                 }
-                foreach ($element as $elementName => $content) {
+                foreach ($element as $activityName => $content) {
                     if ($level == $content["level"]) {
                         $data[$level][$dimension][$subdimension]['count']++;
-                        if (elementIsSelected($elementName)) {
+                        if (elementIsSelected($activityName)) {
                             $data[$level][$dimension][$subdimension]['selected']++;
                         }
                     }
@@ -75,11 +75,11 @@ function fwritecsv2($filePointer, $dataArray, $delimiter = ",", $enclosure = "\"
 
 //var_dump( getSpiderWebData($dimensions));exit;
 
-function deleteElement(&$data, $elementName)
+function deleteElement(&$data, $activityName)
 {
     $count = 0;
     foreach ($data as $element) {
-        if ($elementName == $element["element"]) {
+        if ($activityName == $element["element"]) {
             unset($data[$count]);
         }
         $count++;
@@ -90,8 +90,8 @@ function isElementExisting($dimensions, $givenElementName)
 {
     foreach ($dimensions as $dimension => $subdimensions) {
         foreach ($subdimensions as $subdimension => $element) {
-            foreach ($element as $elementName => $content) {
-                if ($elementName == $givenElementName) {
+            foreach ($element as $activityName => $content) {
+                if ($activityName == $givenElementName) {
                     return true;
                 }
             }

diff --git a/usefulnessHardness.php b/usefulnessHardness.php
@@ -24,7 +24,7 @@ function printDimensionUsefull($dimensions, $colors)
                     $all[$subdimension][$i]['usefulness'] = array();
                     $all[$subdimension][$i]['difficultyOfImplementation'] = array();
                 }
-                foreach ($element as $elementName => $elementImplementation) {
+                foreach ($element as $activityName => $elementImplementation) {
                     if ($elementImplementation['level'] != $i) continue;
                     $all[$subdimension][$i]['usefulness'][] = $elementImplementation['usefulness'];