FRIC API

The development of FRIC required a custom RESTful API to be created in order to fulfill all the necessary requirements. To test our API endpoints you can use a tool such as Postman.

The development of FRIC required a custom RESTful API to be created in order to fulfill all the necessary requirements. To test our API endpoints you can use a tool such as Postman.

Get Artifacts

GET http://localhost:3000/<artifact>/all

This endpoint allows the system to get data from artifacts. <artifact> in the URL indicates the artifact collection such as Transactions, Analysts, Events, Systems, Tasks, Subtasks or a Findings.

Path Parameters

Name	Type	Description
transactions	string	This will display all Transactions in the database.
analysts	string	This will display all Analysts in the database.
events	string	This will display all Events in the database.
systems	string	This will display all Systems in the database.
tasks	string	This will display all Tasks in the database.
subtasks	string	This will display all Subtasks in the database.
findings	string	This will display all Findings in the database.

200 Returns if the connection was successfully made with the backend and the request was accepted. Sample POST request that would generate a 200

GET all tasks

{
        "subtasks": "1",
        "system": "",
        "analyst": "",
        "title": "SampleTaskKevin",
        "systems_for_task": "AlexAlex",
        "findings": "3",
        "task_priority": "Medium",
        "task_progress": "Transferred",
        "created": "2020-12-02",
        "description": "asdfasdf",
        "task_association": [],
        "subtask_association": [],
        "finding_association": [],
        "systems": "",
        "progress": 0,
        "priority": "",
        "task_progresses": "Not Started",
        "id": "5fab4352d5032a469de0d2a0"
    },

404 Returns if there was an issue with the request on that artifact or endpoint. For example, if you try to reach an endpoint that is misspelled you might see something like this.

<!DOCTYPE html>
<html lang="en">

<head>
	<meta charset="utf-8">
	<title>Error</title>
</head>

<body>
	<pre>Cannot GET /tasksk/all</pre>
</body>

</html>

Post Artifacts

POST http://localhost:3000/<artifact>/

This endpoint allows the system to add data to the artifacts. <artifact> in the URL indicates the artifact collection such as Transactions, Analysts, Events, Systems, Tasks, Subtasks or a Findings.

Path Parameters

Name	Type	Description
transactions	string	This will add a new artifact to Artifacts in the database.
analysts	string	This will add a new artifact to Analysts in the database.
events	string	This will add a new artifact to Events in the database.
systems	string	This will add a new artifact to Systems in the database.
tasks	string	This will add a new artifact to Tasks in the database.
subtasks	string	This will add a new artifact to Subtaks in the database.
findings	string	This will add a new artifact to Findings in the database.

200 This appears when you are able to submit a request to our API and it is accepted. For example if you create a new system you might see something like this be returned to you.

{
        "name": "SampleSystemName",
        "system": "",
        "description": "asdf",
        "location": "123",
        "router": "asdf",
        "switches": "fds",
        "room": "fdsa",
        "plan": "afsd",
        "analyst": "",
        "title": "",
        "findings": "0",
        "progress": 0,
        "tasks": "0",
        "status": "0",
        "type": "",
        "classification": "a simple security guide",
        "risk": "",
        "system_confidentiality": "Medium",
        "system_integrity": "High",
        "system_availability": "Low",
        "task_association": [],
        "subtask_association": [],
        "finding_association": [],
        "task": "",
        "id": "5f87e1567e88ea1048cd348d"
    },

Patch Artifacts

PATCH http://localhost:3000/<artifact>/:id

This endpoint allows the system to modify data from artifacts. <artifact> in the URL indicates the artifact collection such as Transactions, Analysts, Events, Systems, Tasks, Subtasks or a Findings. :id indicates the unique identifier for the artifact.

Path Parameters

Name	Type	Description
:id	string	The unique identifier for the artifact that is to be displayed and modified in the database.

200 A sample response you would get if you changed the title of a finding.

{
    "message": "Finding was updated successfully."
}

Delete Artifacts

DELETE http://localhost:3000/<artifact>/:id

This endpoint allows the system to remove an artifact. <artifact> in the URL indicates the artifact collection such as Transactions, Analysts, Events, Systems, Tasks, Subtasks or a Findings. :id indicates the unique identifier for the artifact.

Path Parameters

Name	Type	Description
:id	string	The unique identifier for the artifact that is to be removed from the database.

200 After a succesfull deletion of a system, you might see this response.

{
    "message": "System was deleted successfully!"
}