001package gov.nist.secauto.oscal.lib.model; 002 003import gov.nist.secauto.metaschema.binding.model.annotations.AssemblyConstraints; 004import gov.nist.secauto.metaschema.binding.model.annotations.BoundAssembly; 005import gov.nist.secauto.metaschema.binding.model.annotations.BoundField; 006import gov.nist.secauto.metaschema.binding.model.annotations.BoundFieldValue; 007import gov.nist.secauto.metaschema.binding.model.annotations.BoundFlag; 008import gov.nist.secauto.metaschema.binding.model.annotations.GroupAs; 009import gov.nist.secauto.metaschema.binding.model.annotations.IsUnique; 010import gov.nist.secauto.metaschema.binding.model.annotations.KeyField; 011import gov.nist.secauto.metaschema.binding.model.annotations.MetaschemaAssembly; 012import gov.nist.secauto.metaschema.model.common.JsonGroupAsBehavior; 013import gov.nist.secauto.metaschema.model.common.constraint.IConstraint; 014import gov.nist.secauto.metaschema.model.common.datatype.adapter.UuidAdapter; 015import gov.nist.secauto.metaschema.model.common.datatype.markup.MarkupLine; 016import gov.nist.secauto.metaschema.model.common.datatype.markup.MarkupLineAdapter; 017import gov.nist.secauto.metaschema.model.common.datatype.markup.MarkupMultiline; 018import gov.nist.secauto.metaschema.model.common.datatype.markup.MarkupMultilineAdapter; 019import gov.nist.secauto.metaschema.model.common.util.ObjectUtils; 020import java.lang.Override; 021import java.lang.String; 022import java.util.LinkedList; 023import java.util.List; 024import java.util.UUID; 025import org.apache.commons.lang3.builder.MultilineRecursiveToStringStyle; 026import org.apache.commons.lang3.builder.ReflectionToStringBuilder; 027 028/** 029 * Identifies the assets used to perform this assessment, such as the assessment team, scanning tools, and assumptions. 030 */ 031@MetaschemaAssembly( 032 formalName = "Assessment Assets", 033 description = "Identifies the assets used to perform this assessment, such as the assessment team, scanning tools, and assumptions.", 034 name = "assessment-assets", 035 metaschema = OscalAssessmentCommonMetaschema.class 036) 037@AssemblyConstraints( 038 isUnique = @IsUnique(id = "unique-ssp-assessment-assets-component", level = IConstraint.Level.ERROR, target = "component", keyFields = @KeyField(target = "@uuid"), remarks = "Since multiple assessment `component` entries can be provided, each component must have a unique `uuid`.") 039) 040public class AssessmentAssets { 041 @BoundAssembly( 042 formalName = "Component", 043 description = "A defined component that can be part of an implemented system.", 044 useName = "component", 045 maxOccurs = -1, 046 remarks = "Used to add any components for tools used during the assessment. These are represented here to avoid mixing with system components.\n" 047 + "\n" 048 + "The technology tools used by the assessor to perform the assessment, such as vulnerability scanners. In the assessment plan these are the intended tools. In the assessment results, these are the actual tools used, including any differences from the assessment plan." 049 ) 050 @GroupAs( 051 name = "components", 052 inJson = JsonGroupAsBehavior.LIST 053 ) 054 private List<SystemComponent> _components; 055 056 /** 057 * "Used to represent the toolset used to perform aspects of the assessment." 058 */ 059 @BoundAssembly( 060 formalName = "Assessment Platform", 061 description = "Used to represent the toolset used to perform aspects of the assessment.", 062 useName = "assessment-platform", 063 minOccurs = 1, 064 maxOccurs = -1 065 ) 066 @GroupAs( 067 name = "assessment-platforms", 068 inJson = JsonGroupAsBehavior.LIST 069 ) 070 private List<AssessmentPlatform> _assessmentPlatforms; 071 072 public AssessmentAssets() { 073 } 074 075 public List<SystemComponent> getComponents() { 076 return _components; 077 } 078 079 public void setComponents(List<SystemComponent> value) { 080 _components = value; 081 } 082 083 /** 084 * Add a new {@link SystemComponent} item to the underlying collection. 085 * @param item the item to add 086 * @return {@code true} 087 */ 088 public boolean addComponent(SystemComponent item) { 089 SystemComponent value = ObjectUtils.requireNonNull(item,"item cannot be null"); 090 if (_components == null) { 091 _components = new LinkedList<>(); 092 } 093 return _components.add(value); 094 } 095 096 /** 097 * Remove the first matching {@link SystemComponent} item from the underlying collection. 098 * @param item the item to remove 099 * @return {@code true} if the item was removed or {@code false} otherwise 100 */ 101 public boolean removeComponent(SystemComponent item) { 102 SystemComponent value = ObjectUtils.requireNonNull(item,"item cannot be null"); 103 return _components == null ? false : _components.remove(value); 104 } 105 106 public List<AssessmentPlatform> getAssessmentPlatforms() { 107 return _assessmentPlatforms; 108 } 109 110 public void setAssessmentPlatforms(List<AssessmentPlatform> value) { 111 _assessmentPlatforms = value; 112 } 113 114 /** 115 * Add a new {@link AssessmentPlatform} item to the underlying collection. 116 * @param item the item to add 117 * @return {@code true} 118 */ 119 public boolean addAssessmentPlatform(AssessmentPlatform item) { 120 AssessmentPlatform value = ObjectUtils.requireNonNull(item,"item cannot be null"); 121 if (_assessmentPlatforms == null) { 122 _assessmentPlatforms = new LinkedList<>(); 123 } 124 return _assessmentPlatforms.add(value); 125 } 126 127 /** 128 * Remove the first matching {@link AssessmentPlatform} item from the underlying collection. 129 * @param item the item to remove 130 * @return {@code true} if the item was removed or {@code false} otherwise 131 */ 132 public boolean removeAssessmentPlatform(AssessmentPlatform item) { 133 AssessmentPlatform value = ObjectUtils.requireNonNull(item,"item cannot be null"); 134 return _assessmentPlatforms == null ? false : _assessmentPlatforms.remove(value); 135 } 136 137 @Override 138 public String toString() { 139 return new ReflectionToStringBuilder(this, MultilineRecursiveToStringStyle.MULTI_LINE_STYLE).toString(); 140 } 141 142 /** 143 * Used to represent the toolset used to perform aspects of the assessment. 144 */ 145 @MetaschemaAssembly( 146 formalName = "Assessment Platform", 147 description = "Used to represent the toolset used to perform aspects of the assessment.", 148 name = "assessment-platform", 149 metaschema = OscalAssessmentCommonMetaschema.class 150 ) 151 public static class AssessmentPlatform { 152 @BoundFlag( 153 formalName = "Assessment Platform Universally Unique Identifier", 154 description = "A [machine-oriented](https://pages.nist.gov/OSCAL/concepts/identifier-use/#machine-oriented), [globally unique](https://pages.nist.gov/OSCAL/concepts/identifier-use/#globally-unique) identifier with [cross-instance](https://pages.nist.gov/OSCAL/concepts/identifier-use/#cross-instance) scope that can be used to reference this assessment platform elsewhere in this or other OSCAL instances. The locally defined *UUID* of the `assessment platform` can be used to reference the data item locally or globally (e.g., in an [imported OSCAL instance](https://pages.nist.gov/OSCAL/concepts/identifier-use/#scope)). This UUID should be assigned [per-subject](https://pages.nist.gov/OSCAL/concepts/identifier-use/#consistency), which means it should be consistently used to identify the same subject across revisions of the document.", 155 useName = "uuid", 156 required = true, 157 typeAdapter = UuidAdapter.class 158 ) 159 private UUID _uuid; 160 161 /** 162 * "The title or name for the assessment platform." 163 */ 164 @BoundField( 165 formalName = "Assessment Platform Title", 166 description = "The title or name for the assessment platform.", 167 useName = "title" 168 ) 169 @BoundFieldValue( 170 typeAdapter = MarkupLineAdapter.class 171 ) 172 private MarkupLine _title; 173 174 @BoundAssembly( 175 formalName = "Property", 176 description = "An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair.", 177 useName = "prop", 178 maxOccurs = -1 179 ) 180 @GroupAs( 181 name = "props", 182 inJson = JsonGroupAsBehavior.LIST 183 ) 184 private List<Property> _props; 185 186 @BoundAssembly( 187 formalName = "Link", 188 description = "A reference to a local or remote resource, that has a specific relation to the containing object.", 189 useName = "link", 190 maxOccurs = -1 191 ) 192 @GroupAs( 193 name = "links", 194 inJson = JsonGroupAsBehavior.LIST 195 ) 196 private List<Link> _links; 197 198 /** 199 * "The set of components that are used by the assessment platform." 200 */ 201 @BoundAssembly( 202 formalName = "Uses Component", 203 description = "The set of components that are used by the assessment platform.", 204 useName = "uses-component", 205 maxOccurs = -1 206 ) 207 @GroupAs( 208 name = "uses-components", 209 inJson = JsonGroupAsBehavior.LIST 210 ) 211 private List<UsesComponent> _usesComponents; 212 213 @BoundField( 214 formalName = "Remarks", 215 description = "Additional commentary about the containing object.", 216 useName = "remarks" 217 ) 218 @BoundFieldValue( 219 typeAdapter = MarkupMultilineAdapter.class 220 ) 221 private MarkupMultiline _remarks; 222 223 public AssessmentPlatform() { 224 } 225 226 public UUID getUuid() { 227 return _uuid; 228 } 229 230 public void setUuid(UUID value) { 231 _uuid = value; 232 } 233 234 public MarkupLine getTitle() { 235 return _title; 236 } 237 238 public void setTitle(MarkupLine value) { 239 _title = value; 240 } 241 242 public List<Property> getProps() { 243 return _props; 244 } 245 246 public void setProps(List<Property> value) { 247 _props = value; 248 } 249 250 /** 251 * Add a new {@link Property} item to the underlying collection. 252 * @param item the item to add 253 * @return {@code true} 254 */ 255 public boolean addProp(Property item) { 256 Property value = ObjectUtils.requireNonNull(item,"item cannot be null"); 257 if (_props == null) { 258 _props = new LinkedList<>(); 259 } 260 return _props.add(value); 261 } 262 263 /** 264 * Remove the first matching {@link Property} item from the underlying collection. 265 * @param item the item to remove 266 * @return {@code true} if the item was removed or {@code false} otherwise 267 */ 268 public boolean removeProp(Property item) { 269 Property value = ObjectUtils.requireNonNull(item,"item cannot be null"); 270 return _props == null ? false : _props.remove(value); 271 } 272 273 public List<Link> getLinks() { 274 return _links; 275 } 276 277 public void setLinks(List<Link> value) { 278 _links = value; 279 } 280 281 /** 282 * Add a new {@link Link} item to the underlying collection. 283 * @param item the item to add 284 * @return {@code true} 285 */ 286 public boolean addLink(Link item) { 287 Link value = ObjectUtils.requireNonNull(item,"item cannot be null"); 288 if (_links == null) { 289 _links = new LinkedList<>(); 290 } 291 return _links.add(value); 292 } 293 294 /** 295 * Remove the first matching {@link Link} item from the underlying collection. 296 * @param item the item to remove 297 * @return {@code true} if the item was removed or {@code false} otherwise 298 */ 299 public boolean removeLink(Link item) { 300 Link value = ObjectUtils.requireNonNull(item,"item cannot be null"); 301 return _links == null ? false : _links.remove(value); 302 } 303 304 public List<UsesComponent> getUsesComponents() { 305 return _usesComponents; 306 } 307 308 public void setUsesComponents(List<UsesComponent> value) { 309 _usesComponents = value; 310 } 311 312 /** 313 * Add a new {@link UsesComponent} item to the underlying collection. 314 * @param item the item to add 315 * @return {@code true} 316 */ 317 public boolean addUsesComponent(UsesComponent item) { 318 UsesComponent value = ObjectUtils.requireNonNull(item,"item cannot be null"); 319 if (_usesComponents == null) { 320 _usesComponents = new LinkedList<>(); 321 } 322 return _usesComponents.add(value); 323 } 324 325 /** 326 * Remove the first matching {@link UsesComponent} item from the underlying collection. 327 * @param item the item to remove 328 * @return {@code true} if the item was removed or {@code false} otherwise 329 */ 330 public boolean removeUsesComponent(UsesComponent item) { 331 UsesComponent value = ObjectUtils.requireNonNull(item,"item cannot be null"); 332 return _usesComponents == null ? false : _usesComponents.remove(value); 333 } 334 335 public MarkupMultiline getRemarks() { 336 return _remarks; 337 } 338 339 public void setRemarks(MarkupMultiline value) { 340 _remarks = value; 341 } 342 343 @Override 344 public String toString() { 345 return new ReflectionToStringBuilder(this, MultilineRecursiveToStringStyle.MULTI_LINE_STYLE).toString(); 346 } 347 348 /** 349 * The set of components that are used by the assessment platform. 350 */ 351 @MetaschemaAssembly( 352 formalName = "Uses Component", 353 description = "The set of components that are used by the assessment platform.", 354 name = "uses-component", 355 metaschema = OscalAssessmentCommonMetaschema.class 356 ) 357 @AssemblyConstraints( 358 isUnique = @IsUnique(id = "unique-ssp-uses-component-responsible-party", level = IConstraint.Level.ERROR, target = "responsible-party", keyFields = @KeyField(target = "@role-id"), remarks = "Since `responsible-party` associates multiple `party-uuid` entries with a single `role-id`, each role-id must be referenced only once.") 359 ) 360 public static class UsesComponent { 361 @BoundFlag( 362 formalName = "Component Universally Unique Identifier Reference", 363 description = "A [machine-oriented](https://pages.nist.gov/OSCAL/concepts/identifier-use/#machine-oriented) identifier reference to a component that is implemented as part of an inventory item.", 364 useName = "component-uuid", 365 required = true, 366 typeAdapter = UuidAdapter.class 367 ) 368 private UUID _componentUuid; 369 370 @BoundAssembly( 371 formalName = "Property", 372 description = "An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair.", 373 useName = "prop", 374 maxOccurs = -1 375 ) 376 @GroupAs( 377 name = "props", 378 inJson = JsonGroupAsBehavior.LIST 379 ) 380 private List<Property> _props; 381 382 @BoundAssembly( 383 formalName = "Link", 384 description = "A reference to a local or remote resource, that has a specific relation to the containing object.", 385 useName = "link", 386 maxOccurs = -1 387 ) 388 @GroupAs( 389 name = "links", 390 inJson = JsonGroupAsBehavior.LIST 391 ) 392 private List<Link> _links; 393 394 @BoundAssembly( 395 formalName = "Responsible Party", 396 description = "A reference to a set of persons and/or organizations that have responsibility for performing the referenced role in the context of the containing object.", 397 useName = "responsible-party", 398 maxOccurs = -1 399 ) 400 @GroupAs( 401 name = "responsible-parties", 402 inJson = JsonGroupAsBehavior.LIST 403 ) 404 private List<ResponsibleParty> _responsibleParties; 405 406 @BoundField( 407 formalName = "Remarks", 408 description = "Additional commentary about the containing object.", 409 useName = "remarks" 410 ) 411 @BoundFieldValue( 412 typeAdapter = MarkupMultilineAdapter.class 413 ) 414 private MarkupMultiline _remarks; 415 416 public UsesComponent() { 417 } 418 419 public UUID getComponentUuid() { 420 return _componentUuid; 421 } 422 423 public void setComponentUuid(UUID value) { 424 _componentUuid = value; 425 } 426 427 public List<Property> getProps() { 428 return _props; 429 } 430 431 public void setProps(List<Property> value) { 432 _props = value; 433 } 434 435 /** 436 * Add a new {@link Property} item to the underlying collection. 437 * @param item the item to add 438 * @return {@code true} 439 */ 440 public boolean addProp(Property item) { 441 Property value = ObjectUtils.requireNonNull(item,"item cannot be null"); 442 if (_props == null) { 443 _props = new LinkedList<>(); 444 } 445 return _props.add(value); 446 } 447 448 /** 449 * Remove the first matching {@link Property} item from the underlying collection. 450 * @param item the item to remove 451 * @return {@code true} if the item was removed or {@code false} otherwise 452 */ 453 public boolean removeProp(Property item) { 454 Property value = ObjectUtils.requireNonNull(item,"item cannot be null"); 455 return _props == null ? false : _props.remove(value); 456 } 457 458 public List<Link> getLinks() { 459 return _links; 460 } 461 462 public void setLinks(List<Link> value) { 463 _links = value; 464 } 465 466 /** 467 * Add a new {@link Link} item to the underlying collection. 468 * @param item the item to add 469 * @return {@code true} 470 */ 471 public boolean addLink(Link item) { 472 Link value = ObjectUtils.requireNonNull(item,"item cannot be null"); 473 if (_links == null) { 474 _links = new LinkedList<>(); 475 } 476 return _links.add(value); 477 } 478 479 /** 480 * Remove the first matching {@link Link} item from the underlying collection. 481 * @param item the item to remove 482 * @return {@code true} if the item was removed or {@code false} otherwise 483 */ 484 public boolean removeLink(Link item) { 485 Link value = ObjectUtils.requireNonNull(item,"item cannot be null"); 486 return _links == null ? false : _links.remove(value); 487 } 488 489 public List<ResponsibleParty> getResponsibleParties() { 490 return _responsibleParties; 491 } 492 493 public void setResponsibleParties(List<ResponsibleParty> value) { 494 _responsibleParties = value; 495 } 496 497 /** 498 * Add a new {@link ResponsibleParty} item to the underlying collection. 499 * @param item the item to add 500 * @return {@code true} 501 */ 502 public boolean addResponsibleParty(ResponsibleParty item) { 503 ResponsibleParty value = ObjectUtils.requireNonNull(item,"item cannot be null"); 504 if (_responsibleParties == null) { 505 _responsibleParties = new LinkedList<>(); 506 } 507 return _responsibleParties.add(value); 508 } 509 510 /** 511 * Remove the first matching {@link ResponsibleParty} item from the underlying collection. 512 * @param item the item to remove 513 * @return {@code true} if the item was removed or {@code false} otherwise 514 */ 515 public boolean removeResponsibleParty(ResponsibleParty item) { 516 ResponsibleParty value = ObjectUtils.requireNonNull(item,"item cannot be null"); 517 return _responsibleParties == null ? false : _responsibleParties.remove(value); 518 } 519 520 public MarkupMultiline getRemarks() { 521 return _remarks; 522 } 523 524 public void setRemarks(MarkupMultiline value) { 525 _remarks = value; 526 } 527 528 @Override 529 public String toString() { 530 return new ReflectionToStringBuilder(this, MultilineRecursiveToStringStyle.MULTI_LINE_STYLE).toString(); 531 } 532 } 533 } 534}