001package gov.nist.secauto.oscal.lib.model; 002 003import gov.nist.secauto.metaschema.binding.model.annotations.AllowedValue; 004import gov.nist.secauto.metaschema.binding.model.annotations.AllowedValues; 005import gov.nist.secauto.metaschema.binding.model.annotations.AssemblyConstraints; 006import gov.nist.secauto.metaschema.binding.model.annotations.BoundAssembly; 007import gov.nist.secauto.metaschema.binding.model.annotations.BoundField; 008import gov.nist.secauto.metaschema.binding.model.annotations.BoundFieldValue; 009import gov.nist.secauto.metaschema.binding.model.annotations.BoundFlag; 010import gov.nist.secauto.metaschema.binding.model.annotations.GroupAs; 011import gov.nist.secauto.metaschema.binding.model.annotations.HasCardinality; 012import gov.nist.secauto.metaschema.binding.model.annotations.IsUnique; 013import gov.nist.secauto.metaschema.binding.model.annotations.KeyField; 014import gov.nist.secauto.metaschema.binding.model.annotations.MetaschemaAssembly; 015import gov.nist.secauto.metaschema.binding.model.annotations.ValueConstraints; 016import gov.nist.secauto.metaschema.model.common.JsonGroupAsBehavior; 017import gov.nist.secauto.metaschema.model.common.constraint.IConstraint; 018import gov.nist.secauto.metaschema.model.common.datatype.adapter.UuidAdapter; 019import gov.nist.secauto.metaschema.model.common.datatype.markup.MarkupLine; 020import gov.nist.secauto.metaschema.model.common.datatype.markup.MarkupLineAdapter; 021import gov.nist.secauto.metaschema.model.common.datatype.markup.MarkupMultiline; 022import gov.nist.secauto.metaschema.model.common.datatype.markup.MarkupMultilineAdapter; 023import gov.nist.secauto.metaschema.model.common.util.ObjectUtils; 024import java.lang.Override; 025import java.lang.String; 026import java.util.LinkedList; 027import java.util.List; 028import java.util.UUID; 029import org.apache.commons.lang3.builder.MultilineRecursiveToStringStyle; 030import org.apache.commons.lang3.builder.ReflectionToStringBuilder; 031 032/** 033 * Identifies an assessment or related process that can be performed. In the assessment plan, this is an intended activity which may be associated with an assessment task. In the assessment results, this an activity that was actually performed as part of an assessment. 034 */ 035@MetaschemaAssembly( 036 formalName = "Activity", 037 description = "Identifies an assessment or related process that can be performed. In the assessment plan, this is an intended activity which may be associated with an assessment task. In the assessment results, this an activity that was actually performed as part of an assessment.", 038 name = "activity", 039 metaschema = OscalAssessmentCommonMetaschema.class 040) 041@ValueConstraints( 042 allowedValues = { 043 @AllowedValues(level = IConstraint.Level.ERROR, target = "prop[has-oscal-namespace('http://csrc.nist.gov/ns/oscal')]/@name", values = @AllowedValue(value = "method", description = "The assessment method to use. This typically appears on parts with the name \"assessment\".")), 044 @AllowedValues(level = IConstraint.Level.ERROR, target = "prop[has-oscal-namespace('http://csrc.nist.gov/ns/oscal') and @name='method']/@value", values = {@AllowedValue(value = "INTERVIEW", description = "The process of holding discussions with individuals or groups of individuals within an organization to once again, facilitate assessor understanding, achieve clarification, or obtain evidence."), @AllowedValue(value = "EXAMINE", description = "The process of reviewing, inspecting, observing, studying, or analyzing one or more assessment objects (i.e., specifications, mechanisms, or activities)."), @AllowedValue(value = "TEST", description = "The process of exercising one or more assessment objects (i.e., activities or mechanisms) under specified conditions to compare actual with expected behavior.")}) 045 } 046) 047@AssemblyConstraints( 048 isUnique = @IsUnique(id = "unique-activity-responsible-role", level = IConstraint.Level.ERROR, target = "responsible-role", keyFields = @KeyField(target = "@role-id"), remarks = "Since `responsible-role` associates multiple `party-uuid` entries with a single `role-id`, each role-id must be referenced only once."), 049 hasCardinality = @HasCardinality(level = IConstraint.Level.ERROR, target = "prop[has-oscal-namespace('http://csrc.nist.gov/ns/oscal') and @name='method']", minOccurs = 1) 050) 051public class Activity { 052 @BoundFlag( 053 formalName = "Assessment Activity Universally Unique Identifier", 054 description = "A [machine-oriented](https://pages.nist.gov/OSCAL/concepts/identifier-use/#machine-oriented), [globally unique](https://pages.nist.gov/OSCAL/concepts/identifier-use/#globally-unique) identifier with [cross-instance](https://pages.nist.gov/OSCAL/concepts/identifier-use/#cross-instance) scope that can be used to reference this assessment activity elsewhere in [this or other OSCAL instances](https://pages.nist.gov/OSCAL/concepts/identifier-use/#scope). The locally defined *UUID* of the `activity` can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned [per-subject](https://pages.nist.gov/OSCAL/concepts/identifier-use/#consistency), which means it should be consistently used to identify the same subject across revisions of the document.", 055 useName = "uuid", 056 required = true, 057 typeAdapter = UuidAdapter.class 058 ) 059 private UUID _uuid; 060 061 /** 062 * "The title for this included activity." 063 */ 064 @BoundField( 065 formalName = "Included Activity Title", 066 description = "The title for this included activity.", 067 useName = "title" 068 ) 069 @BoundFieldValue( 070 typeAdapter = MarkupLineAdapter.class 071 ) 072 private MarkupLine _title; 073 074 /** 075 * "A human-readable description of this included activity." 076 */ 077 @BoundField( 078 formalName = "Included Activity Description", 079 description = "A human-readable description of this included activity.", 080 useName = "description", 081 minOccurs = 1 082 ) 083 @BoundFieldValue( 084 typeAdapter = MarkupMultilineAdapter.class 085 ) 086 private MarkupMultiline _description; 087 088 @BoundAssembly( 089 formalName = "Property", 090 description = "An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair.", 091 useName = "prop", 092 maxOccurs = -1 093 ) 094 @GroupAs( 095 name = "props", 096 inJson = JsonGroupAsBehavior.LIST 097 ) 098 private List<Property> _props; 099 100 @BoundAssembly( 101 formalName = "Link", 102 description = "A reference to a local or remote resource, that has a specific relation to the containing object.", 103 useName = "link", 104 maxOccurs = -1 105 ) 106 @GroupAs( 107 name = "links", 108 inJson = JsonGroupAsBehavior.LIST 109 ) 110 private List<Link> _links; 111 112 /** 113 * "Identifies an individual step in a series of steps related to an activity, such as an assessment test or examination procedure." 114 */ 115 @BoundAssembly( 116 formalName = "Step", 117 description = "Identifies an individual step in a series of steps related to an activity, such as an assessment test or examination procedure.", 118 useName = "step", 119 maxOccurs = -1 120 ) 121 @GroupAs( 122 name = "steps", 123 inJson = JsonGroupAsBehavior.LIST 124 ) 125 private List<Step> _steps; 126 127 @BoundAssembly( 128 formalName = "Reviewed Controls and Control Objectives", 129 description = "Identifies the controls being assessed and their control objectives.", 130 useName = "related-controls", 131 remarks = "This can be optionally used to define the set of controls and control objectives that are assessed or remediated by this activity." 132 ) 133 private ReviewedControls _relatedControls; 134 135 @BoundAssembly( 136 formalName = "Responsible Role", 137 description = "A reference to a role with responsibility for performing a function relative to the containing object, optionally associated with a set of persons and/or organizations that perform that role.", 138 useName = "responsible-role", 139 maxOccurs = -1, 140 remarks = "Since `responsible-role` associates multiple `party-uuid` entries with a single `role-id`, each role-id must be referenced only once." 141 ) 142 @GroupAs( 143 name = "responsible-roles", 144 inJson = JsonGroupAsBehavior.LIST 145 ) 146 private List<ResponsibleRole> _responsibleRoles; 147 148 @BoundField( 149 formalName = "Remarks", 150 description = "Additional commentary about the containing object.", 151 useName = "remarks" 152 ) 153 @BoundFieldValue( 154 typeAdapter = MarkupMultilineAdapter.class 155 ) 156 private MarkupMultiline _remarks; 157 158 public Activity() { 159 } 160 161 public UUID getUuid() { 162 return _uuid; 163 } 164 165 public void setUuid(UUID value) { 166 _uuid = value; 167 } 168 169 public MarkupLine getTitle() { 170 return _title; 171 } 172 173 public void setTitle(MarkupLine value) { 174 _title = value; 175 } 176 177 public MarkupMultiline getDescription() { 178 return _description; 179 } 180 181 public void setDescription(MarkupMultiline value) { 182 _description = value; 183 } 184 185 public List<Property> getProps() { 186 return _props; 187 } 188 189 public void setProps(List<Property> value) { 190 _props = value; 191 } 192 193 /** 194 * Add a new {@link Property} item to the underlying collection. 195 * @param item the item to add 196 * @return {@code true} 197 */ 198 public boolean addProp(Property item) { 199 Property value = ObjectUtils.requireNonNull(item,"item cannot be null"); 200 if (_props == null) { 201 _props = new LinkedList<>(); 202 } 203 return _props.add(value); 204 } 205 206 /** 207 * Remove the first matching {@link Property} item from the underlying collection. 208 * @param item the item to remove 209 * @return {@code true} if the item was removed or {@code false} otherwise 210 */ 211 public boolean removeProp(Property item) { 212 Property value = ObjectUtils.requireNonNull(item,"item cannot be null"); 213 return _props == null ? false : _props.remove(value); 214 } 215 216 public List<Link> getLinks() { 217 return _links; 218 } 219 220 public void setLinks(List<Link> value) { 221 _links = value; 222 } 223 224 /** 225 * Add a new {@link Link} item to the underlying collection. 226 * @param item the item to add 227 * @return {@code true} 228 */ 229 public boolean addLink(Link item) { 230 Link value = ObjectUtils.requireNonNull(item,"item cannot be null"); 231 if (_links == null) { 232 _links = new LinkedList<>(); 233 } 234 return _links.add(value); 235 } 236 237 /** 238 * Remove the first matching {@link Link} item from the underlying collection. 239 * @param item the item to remove 240 * @return {@code true} if the item was removed or {@code false} otherwise 241 */ 242 public boolean removeLink(Link item) { 243 Link value = ObjectUtils.requireNonNull(item,"item cannot be null"); 244 return _links == null ? false : _links.remove(value); 245 } 246 247 public List<Step> getSteps() { 248 return _steps; 249 } 250 251 public void setSteps(List<Step> value) { 252 _steps = value; 253 } 254 255 /** 256 * Add a new {@link Step} item to the underlying collection. 257 * @param item the item to add 258 * @return {@code true} 259 */ 260 public boolean addStep(Step item) { 261 Step value = ObjectUtils.requireNonNull(item,"item cannot be null"); 262 if (_steps == null) { 263 _steps = new LinkedList<>(); 264 } 265 return _steps.add(value); 266 } 267 268 /** 269 * Remove the first matching {@link Step} item from the underlying collection. 270 * @param item the item to remove 271 * @return {@code true} if the item was removed or {@code false} otherwise 272 */ 273 public boolean removeStep(Step item) { 274 Step value = ObjectUtils.requireNonNull(item,"item cannot be null"); 275 return _steps == null ? false : _steps.remove(value); 276 } 277 278 public ReviewedControls getRelatedControls() { 279 return _relatedControls; 280 } 281 282 public void setRelatedControls(ReviewedControls value) { 283 _relatedControls = value; 284 } 285 286 public List<ResponsibleRole> getResponsibleRoles() { 287 return _responsibleRoles; 288 } 289 290 public void setResponsibleRoles(List<ResponsibleRole> value) { 291 _responsibleRoles = value; 292 } 293 294 /** 295 * Add a new {@link ResponsibleRole} item to the underlying collection. 296 * @param item the item to add 297 * @return {@code true} 298 */ 299 public boolean addResponsibleRole(ResponsibleRole item) { 300 ResponsibleRole value = ObjectUtils.requireNonNull(item,"item cannot be null"); 301 if (_responsibleRoles == null) { 302 _responsibleRoles = new LinkedList<>(); 303 } 304 return _responsibleRoles.add(value); 305 } 306 307 /** 308 * Remove the first matching {@link ResponsibleRole} item from the underlying collection. 309 * @param item the item to remove 310 * @return {@code true} if the item was removed or {@code false} otherwise 311 */ 312 public boolean removeResponsibleRole(ResponsibleRole item) { 313 ResponsibleRole value = ObjectUtils.requireNonNull(item,"item cannot be null"); 314 return _responsibleRoles == null ? false : _responsibleRoles.remove(value); 315 } 316 317 public MarkupMultiline getRemarks() { 318 return _remarks; 319 } 320 321 public void setRemarks(MarkupMultiline value) { 322 _remarks = value; 323 } 324 325 @Override 326 public String toString() { 327 return new ReflectionToStringBuilder(this, MultilineRecursiveToStringStyle.MULTI_LINE_STYLE).toString(); 328 } 329 330 /** 331 * Identifies an individual step in a series of steps related to an activity, such as an assessment test or examination procedure. 332 */ 333 @MetaschemaAssembly( 334 formalName = "Step", 335 description = "Identifies an individual step in a series of steps related to an activity, such as an assessment test or examination procedure.", 336 name = "step", 337 metaschema = OscalAssessmentCommonMetaschema.class 338 ) 339 @AssemblyConstraints( 340 isUnique = @IsUnique(id = "unique-step-responsible-role", level = IConstraint.Level.ERROR, target = "responsible-role", keyFields = @KeyField(target = "@role-id"), remarks = "Since multiple `party-uuid` entries can be provided, each role-id must be referenced only once.") 341 ) 342 public static class Step { 343 @BoundFlag( 344 formalName = "Step Universally Unique Identifier", 345 description = "A [machine-oriented](https://pages.nist.gov/OSCAL/concepts/identifier-use/#machine-oriented), [globally unique](https://pages.nist.gov/OSCAL/concepts/identifier-use/#globally-unique) identifier with [cross-instance](https://pages.nist.gov/OSCAL/concepts/identifier-use/#cross-instance) scope that can be used to reference this step elsewhere in [this or other OSCAL instances](https://pages.nist.gov/OSCAL/concepts/identifier-use/#scope). The locally defined *UUID* of the `step` (in a series of steps) can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned [per-subject](https://pages.nist.gov/OSCAL/concepts/identifier-use/#consistency), which means it should be consistently used to identify the same subject across revisions of the document.", 346 useName = "uuid", 347 required = true, 348 typeAdapter = UuidAdapter.class 349 ) 350 private UUID _uuid; 351 352 /** 353 * "The title for this step." 354 */ 355 @BoundField( 356 formalName = "Step Title", 357 description = "The title for this step.", 358 useName = "title" 359 ) 360 @BoundFieldValue( 361 typeAdapter = MarkupLineAdapter.class 362 ) 363 private MarkupLine _title; 364 365 /** 366 * "A human-readable description of this step." 367 */ 368 @BoundField( 369 formalName = "Step Description", 370 description = "A human-readable description of this step.", 371 useName = "description", 372 minOccurs = 1 373 ) 374 @BoundFieldValue( 375 typeAdapter = MarkupMultilineAdapter.class 376 ) 377 private MarkupMultiline _description; 378 379 @BoundAssembly( 380 formalName = "Property", 381 description = "An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair.", 382 useName = "prop", 383 maxOccurs = -1 384 ) 385 @GroupAs( 386 name = "props", 387 inJson = JsonGroupAsBehavior.LIST 388 ) 389 private List<Property> _props; 390 391 @BoundAssembly( 392 formalName = "Link", 393 description = "A reference to a local or remote resource, that has a specific relation to the containing object.", 394 useName = "link", 395 maxOccurs = -1 396 ) 397 @GroupAs( 398 name = "links", 399 inJson = JsonGroupAsBehavior.LIST 400 ) 401 private List<Link> _links; 402 403 @BoundAssembly( 404 formalName = "Reviewed Controls and Control Objectives", 405 description = "Identifies the controls being assessed and their control objectives.", 406 useName = "reviewed-controls", 407 remarks = "This can be optionally used to define the set of controls and control objectives that are assessed by this step." 408 ) 409 private ReviewedControls _reviewedControls; 410 411 @BoundAssembly( 412 formalName = "Responsible Role", 413 description = "A reference to a role with responsibility for performing a function relative to the containing object, optionally associated with a set of persons and/or organizations that perform that role.", 414 useName = "responsible-role", 415 maxOccurs = -1, 416 remarks = "Identifies the roles, and optionally the parties, associated with this step that is part of an assessment activity." 417 ) 418 @GroupAs( 419 name = "responsible-roles", 420 inJson = JsonGroupAsBehavior.LIST 421 ) 422 private List<ResponsibleRole> _responsibleRoles; 423 424 @BoundField( 425 formalName = "Remarks", 426 description = "Additional commentary about the containing object.", 427 useName = "remarks" 428 ) 429 @BoundFieldValue( 430 typeAdapter = MarkupMultilineAdapter.class 431 ) 432 private MarkupMultiline _remarks; 433 434 public Step() { 435 } 436 437 public UUID getUuid() { 438 return _uuid; 439 } 440 441 public void setUuid(UUID value) { 442 _uuid = value; 443 } 444 445 public MarkupLine getTitle() { 446 return _title; 447 } 448 449 public void setTitle(MarkupLine value) { 450 _title = value; 451 } 452 453 public MarkupMultiline getDescription() { 454 return _description; 455 } 456 457 public void setDescription(MarkupMultiline value) { 458 _description = value; 459 } 460 461 public List<Property> getProps() { 462 return _props; 463 } 464 465 public void setProps(List<Property> value) { 466 _props = value; 467 } 468 469 /** 470 * Add a new {@link Property} item to the underlying collection. 471 * @param item the item to add 472 * @return {@code true} 473 */ 474 public boolean addProp(Property item) { 475 Property value = ObjectUtils.requireNonNull(item,"item cannot be null"); 476 if (_props == null) { 477 _props = new LinkedList<>(); 478 } 479 return _props.add(value); 480 } 481 482 /** 483 * Remove the first matching {@link Property} item from the underlying collection. 484 * @param item the item to remove 485 * @return {@code true} if the item was removed or {@code false} otherwise 486 */ 487 public boolean removeProp(Property item) { 488 Property value = ObjectUtils.requireNonNull(item,"item cannot be null"); 489 return _props == null ? false : _props.remove(value); 490 } 491 492 public List<Link> getLinks() { 493 return _links; 494 } 495 496 public void setLinks(List<Link> value) { 497 _links = value; 498 } 499 500 /** 501 * Add a new {@link Link} item to the underlying collection. 502 * @param item the item to add 503 * @return {@code true} 504 */ 505 public boolean addLink(Link item) { 506 Link value = ObjectUtils.requireNonNull(item,"item cannot be null"); 507 if (_links == null) { 508 _links = new LinkedList<>(); 509 } 510 return _links.add(value); 511 } 512 513 /** 514 * Remove the first matching {@link Link} item from the underlying collection. 515 * @param item the item to remove 516 * @return {@code true} if the item was removed or {@code false} otherwise 517 */ 518 public boolean removeLink(Link item) { 519 Link value = ObjectUtils.requireNonNull(item,"item cannot be null"); 520 return _links == null ? false : _links.remove(value); 521 } 522 523 public ReviewedControls getReviewedControls() { 524 return _reviewedControls; 525 } 526 527 public void setReviewedControls(ReviewedControls value) { 528 _reviewedControls = value; 529 } 530 531 public List<ResponsibleRole> getResponsibleRoles() { 532 return _responsibleRoles; 533 } 534 535 public void setResponsibleRoles(List<ResponsibleRole> value) { 536 _responsibleRoles = value; 537 } 538 539 /** 540 * Add a new {@link ResponsibleRole} item to the underlying collection. 541 * @param item the item to add 542 * @return {@code true} 543 */ 544 public boolean addResponsibleRole(ResponsibleRole item) { 545 ResponsibleRole value = ObjectUtils.requireNonNull(item,"item cannot be null"); 546 if (_responsibleRoles == null) { 547 _responsibleRoles = new LinkedList<>(); 548 } 549 return _responsibleRoles.add(value); 550 } 551 552 /** 553 * Remove the first matching {@link ResponsibleRole} item from the underlying collection. 554 * @param item the item to remove 555 * @return {@code true} if the item was removed or {@code false} otherwise 556 */ 557 public boolean removeResponsibleRole(ResponsibleRole item) { 558 ResponsibleRole value = ObjectUtils.requireNonNull(item,"item cannot be null"); 559 return _responsibleRoles == null ? false : _responsibleRoles.remove(value); 560 } 561 562 public MarkupMultiline getRemarks() { 563 return _remarks; 564 } 565 566 public void setRemarks(MarkupMultiline value) { 567 _remarks = value; 568 } 569 570 @Override 571 public String toString() { 572 return new ReflectionToStringBuilder(this, MultilineRecursiveToStringStyle.MULTI_LINE_STYLE).toString(); 573 } 574 } 575}