Source code

001package gov.nist.secauto.oscal.lib.model;
002
003import gov.nist.secauto.metaschema.binding.model.annotations.AllowedValue;
004import gov.nist.secauto.metaschema.binding.model.annotations.AllowedValues;
005import gov.nist.secauto.metaschema.binding.model.annotations.AssemblyConstraints;
006import gov.nist.secauto.metaschema.binding.model.annotations.BoundAssembly;
007import gov.nist.secauto.metaschema.binding.model.annotations.BoundField;
008import gov.nist.secauto.metaschema.binding.model.annotations.BoundFieldValue;
009import gov.nist.secauto.metaschema.binding.model.annotations.BoundFlag;
010import gov.nist.secauto.metaschema.binding.model.annotations.GroupAs;
011import gov.nist.secauto.metaschema.binding.model.annotations.HasCardinality;
012import gov.nist.secauto.metaschema.binding.model.annotations.IndexHasKey;
013import gov.nist.secauto.metaschema.binding.model.annotations.IsUnique;
014import gov.nist.secauto.metaschema.binding.model.annotations.KeyField;
015import gov.nist.secauto.metaschema.binding.model.annotations.MetaschemaAssembly;
016import gov.nist.secauto.metaschema.binding.model.annotations.ValueConstraints;
017import gov.nist.secauto.metaschema.model.common.JsonGroupAsBehavior;
018import gov.nist.secauto.metaschema.model.common.constraint.IConstraint;
019import gov.nist.secauto.metaschema.model.common.datatype.adapter.TokenAdapter;
020import gov.nist.secauto.metaschema.model.common.datatype.adapter.UuidAdapter;
021import gov.nist.secauto.metaschema.model.common.datatype.markup.MarkupMultiline;
022import gov.nist.secauto.metaschema.model.common.datatype.markup.MarkupMultilineAdapter;
023import gov.nist.secauto.metaschema.model.common.util.ObjectUtils;
024import java.lang.Override;
025import java.lang.String;
026import java.util.LinkedList;
027import java.util.List;
028import java.util.UUID;
029import org.apache.commons.lang3.builder.MultilineRecursiveToStringStyle;
030import org.apache.commons.lang3.builder.ReflectionToStringBuilder;
031
032/**
033 * Describes how the system satisfies the requirements of an individual control.
034 */
035@MetaschemaAssembly(
036    formalName = "Control-based Requirement",
037    description = "Describes how the system satisfies the requirements of an individual control.",
038    name = "implemented-requirement",
039    metaschema = OscalSspMetaschema.class,
040    remarks = "Use of `set-parameter` in this context, sets the parameter for the referenced control. Any `set-parameter` defined in a child context will override this value. If not overridden by a child, this value applies in the child context."
041)
042@ValueConstraints(
043    allowedValues = {
044        @AllowedValues(level = IConstraint.Level.ERROR, target = "(.|statement|.//by-component)/prop[has-oscal-namespace('http://csrc.nist.gov/ns/oscal')]/@name", values = @AllowedValue(value = "control-origination", description = "Identifies the source of the implemented control. Any `control-origination` prop defined in a child context will override the parent value.")),
045        @AllowedValues(level = IConstraint.Level.ERROR, target = "(.|statement|.//by-component)/prop[has-oscal-namespace('http://csrc.nist.gov/ns/oscal') and @name='control-origination']/@value", values = {@AllowedValue(value = "organization", description = "The control is implemented by the organization owning the system, but is not specific to the system itself."), @AllowedValue(value = "system-specific", description = "The control is implemented specifically to this system."), @AllowedValue(value = "customer-configured", description = "The control is provided by the system, but must be configured by the customer."), @AllowedValue(value = "customer-provided", description = "The control must be implemented by the customer."), @AllowedValue(value = "inherited", description = "This control is inherited from an underlying system.")}),
046        @AllowedValues(level = IConstraint.Level.ERROR, target = "responsible-role/@role-id", allowOthers = true, values = {@AllowedValue(value = "asset-owner", description = "Accountable for ensuring the asset is managed in accordance with organizational policies and procedures."), @AllowedValue(value = "asset-administrator", description = "Responsible for administering a set of assets."), @AllowedValue(value = "security-operations", description = "Members of the security operations center (SOC)."), @AllowedValue(value = "network-operations", description = "Members of the network operations center (NOC)."), @AllowedValue(value = "incident-response", description = "Responsible for responding to an event that could lead to loss of, or disruption to, an organization's operations, services or functions."), @AllowedValue(value = "help-desk", description = "Responsible for providing information and support to users."), @AllowedValue(value = "configuration-management", description = "Responsible for the configuration management processes governing changes to the asset.")})
047    },
048    indexHasKey = {
049        @IndexHasKey(level = IConstraint.Level.ERROR, target = "responsible-role|statement/responsible-role|.//by-component//responsible-role", indexName = "index-metadata-role-id", keyFields = @KeyField(target = "@role-id")),
050        @IndexHasKey(level = IConstraint.Level.ERROR, target = "responsible-role|statement/responsible-role|.//by-component//responsible-role", indexName = "index-metadata-party-uuid", keyFields = @KeyField(target = "party-uuid"))
051    }
052)
053@AssemblyConstraints(
054    isUnique = {
055        @IsUnique(id = "unique-ssp-implemented-requirement-set-parameter", level = IConstraint.Level.ERROR, target = "set-parameter", keyFields = @KeyField(target = "@param-id"), remarks = "Since multiple `set-parameter` entries can be provided, each parameter must be set only once."),
056        @IsUnique(id = "unique-ssp-implemented-requirement-responsible-role", level = IConstraint.Level.ERROR, target = "responsible-role", keyFields = @KeyField(target = "@role-id"), remarks = "Since `responsible-role` associates multiple `party-uuid` entries with a single `role-id`, each role-id must be referenced only once."),
057        @IsUnique(id = "unique-ssp-implemented-requirement-statement", level = IConstraint.Level.ERROR, target = "statement", keyFields = @KeyField(target = "@statement-id"), remarks = "Since `statement` entries can be referenced using the statement's statement-id, each statement must be referenced only once."),
058        @IsUnique(id = "unique-ssp-implemented-requirement-by-component", level = IConstraint.Level.ERROR, target = "by-component", keyFields = @KeyField(target = "@component-uuid"), remarks = "Since `by-component` can reference `component` entries using the component's uuid, each component must be referenced only once. This ensures that all implementation statements are contained in the same `by-component` entry.")
059    },
060    hasCardinality = @HasCardinality(level = IConstraint.Level.ERROR, target = ".//by-component", minOccurs = 1)
061)
062public class ImplementedRequirement {
063  @BoundFlag(
064      formalName = "Control Requirement Universally Unique Identifier",
065      description = "A [machine-oriented](https://pages.nist.gov/OSCAL/concepts/identifier-use/#machine-oriented), [globally unique](https://pages.nist.gov/OSCAL/concepts/identifier-use/#globally-unique) identifier with [cross-instance](https://pages.nist.gov/OSCAL/concepts/identifier-use/#cross-instance) scope that can be used to reference this control requirement elsewhere in [this or other OSCAL instances](https://pages.nist.gov/OSCAL/concepts/identifier-use/#ssp-identifiers). The locally defined *UUID* of the `control requirement` can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned [per-subject](https://pages.nist.gov/OSCAL/concepts/identifier-use/#consistency), which means it should be consistently used to identify the same subject across revisions of the document.",
066      useName = "uuid",
067      required = true,
068      typeAdapter = UuidAdapter.class
069  )
070  private UUID _uuid;
071
072  @BoundFlag(
073      formalName = "Control Identifier Reference",
074      description = "A reference to a control with a corresponding `id` value. When referencing an externally defined `control`, the `Control Identifier Reference` must be used in the context of the external / imported OSCAL instance (e.g., uri-reference).",
075      useName = "control-id",
076      required = true,
077      typeAdapter = TokenAdapter.class
078  )
079  private String _controlId;
080
081  @BoundAssembly(
082      formalName = "Property",
083      description = "An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair.",
084      useName = "prop",
085      maxOccurs = -1
086  )
087  @GroupAs(
088      name = "props",
089      inJson = JsonGroupAsBehavior.LIST
090  )
091  private List<Property> _props;
092
093  @BoundAssembly(
094      formalName = "Link",
095      description = "A reference to a local or remote resource, that has a specific relation to the containing object.",
096      useName = "link",
097      maxOccurs = -1
098  )
099  @GroupAs(
100      name = "links",
101      inJson = JsonGroupAsBehavior.LIST
102  )
103  private List<Link> _links;
104
105  @BoundAssembly(
106      formalName = "Set Parameter Value",
107      description = "Identifies the parameter that will be set by the enclosed value.",
108      useName = "set-parameter",
109      maxOccurs = -1
110  )
111  @GroupAs(
112      name = "set-parameters",
113      inJson = JsonGroupAsBehavior.LIST
114  )
115  private List<SetParameter> _setParameters;
116
117  @BoundAssembly(
118      formalName = "Responsible Role",
119      description = "A reference to a role with responsibility for performing a function relative to the containing object, optionally associated with a set of persons and/or organizations that perform that role.",
120      useName = "responsible-role",
121      maxOccurs = -1
122  )
123  @GroupAs(
124      name = "responsible-roles",
125      inJson = JsonGroupAsBehavior.LIST
126  )
127  private List<ResponsibleRole> _responsibleRoles;
128
129  @BoundAssembly(
130      formalName = "Specific Control Statement",
131      description = "Identifies which statements within a control are addressed.",
132      useName = "statement",
133      maxOccurs = -1
134  )
135  @GroupAs(
136      name = "statements",
137      inJson = JsonGroupAsBehavior.LIST
138  )
139  private List<Statement> _statements;
140
141  @BoundAssembly(
142      formalName = "Component Control Implementation",
143      description = "Defines how the referenced component implements a set of controls.",
144      useName = "by-component",
145      maxOccurs = -1
146  )
147  @GroupAs(
148      name = "by-components",
149      inJson = JsonGroupAsBehavior.LIST
150  )
151  private List<ByComponent> _byComponents;
152
153  @BoundField(
154      formalName = "Remarks",
155      description = "Additional commentary about the containing object.",
156      useName = "remarks"
157  )
158  @BoundFieldValue(
159      typeAdapter = MarkupMultilineAdapter.class
160  )
161  private MarkupMultiline _remarks;
162
163  public ImplementedRequirement() {
164  }
165
166  public UUID getUuid() {
167    return _uuid;
168  }
169
170  public void setUuid(UUID value) {
171    _uuid = value;
172  }
173
174  public String getControlId() {
175    return _controlId;
176  }
177
178  public void setControlId(String value) {
179    _controlId = value;
180  }
181
182  public List<Property> getProps() {
183    return _props;
184  }
185
186  public void setProps(List<Property> value) {
187    _props = value;
188  }
189
190  /**
191   * Add a new {@link Property} item to the underlying collection.
192   * @param item the item to add
193   * @return {@code true}
194   */
195  public boolean addProp(Property item) {
196    Property value = ObjectUtils.requireNonNull(item,"item cannot be null");
197    if (_props == null) {
198      _props = new LinkedList<>();
199    }
200    return _props.add(value);
201  }
202
203  /**
204   * Remove the first matching {@link Property} item from the underlying collection.
205   * @param item the item to remove
206   * @return {@code true} if the item was removed or {@code false} otherwise
207   */
208  public boolean removeProp(Property item) {
209    Property value = ObjectUtils.requireNonNull(item,"item cannot be null");
210    return _props == null ? false : _props.remove(value);
211  }
212
213  public List<Link> getLinks() {
214    return _links;
215  }
216
217  public void setLinks(List<Link> value) {
218    _links = value;
219  }
220
221  /**
222   * Add a new {@link Link} item to the underlying collection.
223   * @param item the item to add
224   * @return {@code true}
225   */
226  public boolean addLink(Link item) {
227    Link value = ObjectUtils.requireNonNull(item,"item cannot be null");
228    if (_links == null) {
229      _links = new LinkedList<>();
230    }
231    return _links.add(value);
232  }
233
234  /**
235   * Remove the first matching {@link Link} item from the underlying collection.
236   * @param item the item to remove
237   * @return {@code true} if the item was removed or {@code false} otherwise
238   */
239  public boolean removeLink(Link item) {
240    Link value = ObjectUtils.requireNonNull(item,"item cannot be null");
241    return _links == null ? false : _links.remove(value);
242  }
243
244  public List<SetParameter> getSetParameters() {
245    return _setParameters;
246  }
247
248  public void setSetParameters(List<SetParameter> value) {
249    _setParameters = value;
250  }
251
252  /**
253   * Add a new {@link SetParameter} item to the underlying collection.
254   * @param item the item to add
255   * @return {@code true}
256   */
257  public boolean addSetParameter(SetParameter item) {
258    SetParameter value = ObjectUtils.requireNonNull(item,"item cannot be null");
259    if (_setParameters == null) {
260      _setParameters = new LinkedList<>();
261    }
262    return _setParameters.add(value);
263  }
264
265  /**
266   * Remove the first matching {@link SetParameter} item from the underlying collection.
267   * @param item the item to remove
268   * @return {@code true} if the item was removed or {@code false} otherwise
269   */
270  public boolean removeSetParameter(SetParameter item) {
271    SetParameter value = ObjectUtils.requireNonNull(item,"item cannot be null");
272    return _setParameters == null ? false : _setParameters.remove(value);
273  }
274
275  public List<ResponsibleRole> getResponsibleRoles() {
276    return _responsibleRoles;
277  }
278
279  public void setResponsibleRoles(List<ResponsibleRole> value) {
280    _responsibleRoles = value;
281  }
282
283  /**
284   * Add a new {@link ResponsibleRole} item to the underlying collection.
285   * @param item the item to add
286   * @return {@code true}
287   */
288  public boolean addResponsibleRole(ResponsibleRole item) {
289    ResponsibleRole value = ObjectUtils.requireNonNull(item,"item cannot be null");
290    if (_responsibleRoles == null) {
291      _responsibleRoles = new LinkedList<>();
292    }
293    return _responsibleRoles.add(value);
294  }
295
296  /**
297   * Remove the first matching {@link ResponsibleRole} item from the underlying collection.
298   * @param item the item to remove
299   * @return {@code true} if the item was removed or {@code false} otherwise
300   */
301  public boolean removeResponsibleRole(ResponsibleRole item) {
302    ResponsibleRole value = ObjectUtils.requireNonNull(item,"item cannot be null");
303    return _responsibleRoles == null ? false : _responsibleRoles.remove(value);
304  }
305
306  public List<Statement> getStatements() {
307    return _statements;
308  }
309
310  public void setStatements(List<Statement> value) {
311    _statements = value;
312  }
313
314  /**
315   * Add a new {@link Statement} item to the underlying collection.
316   * @param item the item to add
317   * @return {@code true}
318   */
319  public boolean addStatement(Statement item) {
320    Statement value = ObjectUtils.requireNonNull(item,"item cannot be null");
321    if (_statements == null) {
322      _statements = new LinkedList<>();
323    }
324    return _statements.add(value);
325  }
326
327  /**
328   * Remove the first matching {@link Statement} item from the underlying collection.
329   * @param item the item to remove
330   * @return {@code true} if the item was removed or {@code false} otherwise
331   */
332  public boolean removeStatement(Statement item) {
333    Statement value = ObjectUtils.requireNonNull(item,"item cannot be null");
334    return _statements == null ? false : _statements.remove(value);
335  }
336
337  public List<ByComponent> getByComponents() {
338    return _byComponents;
339  }
340
341  public void setByComponents(List<ByComponent> value) {
342    _byComponents = value;
343  }
344
345  /**
346   * Add a new {@link ByComponent} item to the underlying collection.
347   * @param item the item to add
348   * @return {@code true}
349   */
350  public boolean addByComponent(ByComponent item) {
351    ByComponent value = ObjectUtils.requireNonNull(item,"item cannot be null");
352    if (_byComponents == null) {
353      _byComponents = new LinkedList<>();
354    }
355    return _byComponents.add(value);
356  }
357
358  /**
359   * Remove the first matching {@link ByComponent} item from the underlying collection.
360   * @param item the item to remove
361   * @return {@code true} if the item was removed or {@code false} otherwise
362   */
363  public boolean removeByComponent(ByComponent item) {
364    ByComponent value = ObjectUtils.requireNonNull(item,"item cannot be null");
365    return _byComponents == null ? false : _byComponents.remove(value);
366  }
367
368  public MarkupMultiline getRemarks() {
369    return _remarks;
370  }
371
372  public void setRemarks(MarkupMultiline value) {
373    _remarks = value;
374  }
375
376  @Override
377  public String toString() {
378    return new ReflectionToStringBuilder(this, MultilineRecursiveToStringStyle.MULTI_LINE_STYLE).toString();
379  }
380}