001package gov.nist.secauto.oscal.lib.model; 002 003import gov.nist.secauto.metaschema.binding.model.annotations.AllowedValue; 004import gov.nist.secauto.metaschema.binding.model.annotations.AllowedValues; 005import gov.nist.secauto.metaschema.binding.model.annotations.BoundAssembly; 006import gov.nist.secauto.metaschema.binding.model.annotations.BoundField; 007import gov.nist.secauto.metaschema.binding.model.annotations.BoundFieldValue; 008import gov.nist.secauto.metaschema.binding.model.annotations.BoundFlag; 009import gov.nist.secauto.metaschema.binding.model.annotations.GroupAs; 010import gov.nist.secauto.metaschema.binding.model.annotations.MetaschemaAssembly; 011import gov.nist.secauto.metaschema.binding.model.annotations.ValueConstraints; 012import gov.nist.secauto.metaschema.model.common.JsonGroupAsBehavior; 013import gov.nist.secauto.metaschema.model.common.constraint.IConstraint; 014import gov.nist.secauto.metaschema.model.common.datatype.adapter.StringAdapter; 015import gov.nist.secauto.metaschema.model.common.datatype.adapter.TokenAdapter; 016import gov.nist.secauto.metaschema.model.common.datatype.markup.MarkupLine; 017import gov.nist.secauto.metaschema.model.common.datatype.markup.MarkupLineAdapter; 018import gov.nist.secauto.metaschema.model.common.datatype.markup.MarkupMultiline; 019import gov.nist.secauto.metaschema.model.common.datatype.markup.MarkupMultilineAdapter; 020import gov.nist.secauto.metaschema.model.common.util.ObjectUtils; 021import java.lang.Override; 022import java.lang.String; 023import java.util.LinkedList; 024import java.util.List; 025import org.apache.commons.lang3.builder.MultilineRecursiveToStringStyle; 026import org.apache.commons.lang3.builder.ReflectionToStringBuilder; 027 028/** 029 * Captures an assessor's conclusions regarding the degree to which an objective is satisfied. 030 */ 031@MetaschemaAssembly( 032 formalName = "Objective Status", 033 description = "Captures an assessor's conclusions regarding the degree to which an objective is satisfied.", 034 name = "finding-target", 035 metaschema = OscalAssessmentCommonMetaschema.class 036) 037public class FindingTarget { 038 @BoundFlag( 039 formalName = "Finding Target Type", 040 description = "Identifies the type of the target.", 041 useName = "type", 042 required = true, 043 typeAdapter = StringAdapter.class, 044 remarks = "The target will always be a reference to: 1) a control statement, or 2) a control objective. In the former case, there is always a single top-level statement within a control. Thus, if the entire control is targeted, this statement identifier can be used." 045 ) 046 @ValueConstraints( 047 allowedValues = @AllowedValues(level = IConstraint.Level.ERROR, values = {@AllowedValue(value = "statement-id", description = "A reference to a control statement identifier within a control."), @AllowedValue(value = "objective-id", description = "A reference to a control objective identifier within a control.")}) 048 ) 049 private String _type; 050 051 @BoundFlag( 052 formalName = "Finding Target Identifier Reference", 053 description = "A [machine-oriented](https://pages.nist.gov/OSCAL/concepts/identifier-use/#machine-oriented) identifier reference for a specific target qualified by the `type`.", 054 useName = "target-id", 055 required = true, 056 typeAdapter = TokenAdapter.class 057 ) 058 private String _targetId; 059 060 /** 061 * "The title for this objective status." 062 */ 063 @BoundField( 064 formalName = "Objective Status Title", 065 description = "The title for this objective status.", 066 useName = "title" 067 ) 068 @BoundFieldValue( 069 typeAdapter = MarkupLineAdapter.class 070 ) 071 private MarkupLine _title; 072 073 /** 074 * "A human-readable description of the assessor's conclusions regarding the degree to which an objective is satisfied." 075 */ 076 @BoundField( 077 formalName = "Objective Status Description", 078 description = "A human-readable description of the assessor's conclusions regarding the degree to which an objective is satisfied.", 079 useName = "description" 080 ) 081 @BoundFieldValue( 082 typeAdapter = MarkupMultilineAdapter.class 083 ) 084 private MarkupMultiline _description; 085 086 @BoundAssembly( 087 formalName = "Property", 088 description = "An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair.", 089 useName = "prop", 090 maxOccurs = -1 091 ) 092 @GroupAs( 093 name = "props", 094 inJson = JsonGroupAsBehavior.LIST 095 ) 096 private List<Property> _props; 097 098 @BoundAssembly( 099 formalName = "Link", 100 description = "A reference to a local or remote resource, that has a specific relation to the containing object.", 101 useName = "link", 102 maxOccurs = -1 103 ) 104 @GroupAs( 105 name = "links", 106 inJson = JsonGroupAsBehavior.LIST 107 ) 108 private List<Link> _links; 109 110 /** 111 * "A determination of if the objective is satisfied or not within a given system." 112 */ 113 @BoundAssembly( 114 formalName = "Objective Status", 115 description = "A determination of if the objective is satisfied or not within a given system.", 116 useName = "status", 117 minOccurs = 1 118 ) 119 private Status _status; 120 121 @BoundAssembly( 122 formalName = "Implementation Status", 123 description = "Indicates the degree to which the a given control is implemented.", 124 useName = "implementation-status", 125 remarks = "The `implementation-status` is used to qualify the `status` value to indicate the degree to which the control was found to be implemented." 126 ) 127 private ImplementationStatus _implementationStatus; 128 129 @BoundField( 130 formalName = "Remarks", 131 description = "Additional commentary about the containing object.", 132 useName = "remarks" 133 ) 134 @BoundFieldValue( 135 typeAdapter = MarkupMultilineAdapter.class 136 ) 137 private MarkupMultiline _remarks; 138 139 public FindingTarget() { 140 } 141 142 public String getType() { 143 return _type; 144 } 145 146 public void setType(String value) { 147 _type = value; 148 } 149 150 public String getTargetId() { 151 return _targetId; 152 } 153 154 public void setTargetId(String value) { 155 _targetId = value; 156 } 157 158 public MarkupLine getTitle() { 159 return _title; 160 } 161 162 public void setTitle(MarkupLine value) { 163 _title = value; 164 } 165 166 public MarkupMultiline getDescription() { 167 return _description; 168 } 169 170 public void setDescription(MarkupMultiline value) { 171 _description = value; 172 } 173 174 public List<Property> getProps() { 175 return _props; 176 } 177 178 public void setProps(List<Property> value) { 179 _props = value; 180 } 181 182 /** 183 * Add a new {@link Property} item to the underlying collection. 184 * @param item the item to add 185 * @return {@code true} 186 */ 187 public boolean addProp(Property item) { 188 Property value = ObjectUtils.requireNonNull(item,"item cannot be null"); 189 if (_props == null) { 190 _props = new LinkedList<>(); 191 } 192 return _props.add(value); 193 } 194 195 /** 196 * Remove the first matching {@link Property} item from the underlying collection. 197 * @param item the item to remove 198 * @return {@code true} if the item was removed or {@code false} otherwise 199 */ 200 public boolean removeProp(Property item) { 201 Property value = ObjectUtils.requireNonNull(item,"item cannot be null"); 202 return _props == null ? false : _props.remove(value); 203 } 204 205 public List<Link> getLinks() { 206 return _links; 207 } 208 209 public void setLinks(List<Link> value) { 210 _links = value; 211 } 212 213 /** 214 * Add a new {@link Link} item to the underlying collection. 215 * @param item the item to add 216 * @return {@code true} 217 */ 218 public boolean addLink(Link item) { 219 Link value = ObjectUtils.requireNonNull(item,"item cannot be null"); 220 if (_links == null) { 221 _links = new LinkedList<>(); 222 } 223 return _links.add(value); 224 } 225 226 /** 227 * Remove the first matching {@link Link} item from the underlying collection. 228 * @param item the item to remove 229 * @return {@code true} if the item was removed or {@code false} otherwise 230 */ 231 public boolean removeLink(Link item) { 232 Link value = ObjectUtils.requireNonNull(item,"item cannot be null"); 233 return _links == null ? false : _links.remove(value); 234 } 235 236 public Status getStatus() { 237 return _status; 238 } 239 240 public void setStatus(Status value) { 241 _status = value; 242 } 243 244 public ImplementationStatus getImplementationStatus() { 245 return _implementationStatus; 246 } 247 248 public void setImplementationStatus(ImplementationStatus value) { 249 _implementationStatus = value; 250 } 251 252 public MarkupMultiline getRemarks() { 253 return _remarks; 254 } 255 256 public void setRemarks(MarkupMultiline value) { 257 _remarks = value; 258 } 259 260 @Override 261 public String toString() { 262 return new ReflectionToStringBuilder(this, MultilineRecursiveToStringStyle.MULTI_LINE_STYLE).toString(); 263 } 264 265 /** 266 * A determination of if the objective is satisfied or not within a given system. 267 */ 268 @MetaschemaAssembly( 269 formalName = "Objective Status", 270 description = "A determination of if the objective is satisfied or not within a given system.", 271 name = "status", 272 metaschema = OscalAssessmentCommonMetaschema.class 273 ) 274 public static class Status { 275 @BoundFlag( 276 formalName = "Objective Status State", 277 description = "An indication as to whether the objective is satisfied or not.", 278 useName = "state", 279 required = true, 280 typeAdapter = TokenAdapter.class 281 ) 282 @ValueConstraints( 283 allowedValues = @AllowedValues(level = IConstraint.Level.ERROR, values = {@AllowedValue(value = "satisfied", description = "The objective has been completely satisfied."), @AllowedValue(value = "not-satisfied", description = "The objective has not been completely satisfied, but may be partially satisfied.")}) 284 ) 285 private String _state; 286 287 @BoundFlag( 288 formalName = "Objective Status Reason", 289 description = "The reason the objective was given it's status.", 290 useName = "reason", 291 typeAdapter = TokenAdapter.class, 292 remarks = "Reason may contain any value, and should be used to communicate additional information regarding the status." 293 ) 294 @ValueConstraints( 295 allowedValues = @AllowedValues(level = IConstraint.Level.ERROR, allowOthers = true, values = {@AllowedValue(value = "pass", description = "The target system or system component satisfied all the conditions."), @AllowedValue(value = "fail", description = "The target system or system component did not satisfy all the conditions."), @AllowedValue(value = "other", description = "Some other event took place that is not a pass or a fail.")}) 296 ) 297 private String _reason; 298 299 @BoundField( 300 formalName = "Remarks", 301 description = "Additional commentary about the containing object.", 302 useName = "remarks" 303 ) 304 @BoundFieldValue( 305 typeAdapter = MarkupMultilineAdapter.class 306 ) 307 private MarkupMultiline _remarks; 308 309 public Status() { 310 } 311 312 public String getState() { 313 return _state; 314 } 315 316 public void setState(String value) { 317 _state = value; 318 } 319 320 public String getReason() { 321 return _reason; 322 } 323 324 public void setReason(String value) { 325 _reason = value; 326 } 327 328 public MarkupMultiline getRemarks() { 329 return _remarks; 330 } 331 332 public void setRemarks(MarkupMultiline value) { 333 _remarks = value; 334 } 335 336 @Override 337 public String toString() { 338 return new ReflectionToStringBuilder(this, MultilineRecursiveToStringStyle.MULTI_LINE_STYLE).toString(); 339 } 340 } 341}