Source code

001package gov.nist.secauto.oscal.lib.model;
002
003import gov.nist.secauto.metaschema.binding.model.annotations.BoundAssembly;
004import gov.nist.secauto.metaschema.binding.model.annotations.BoundField;
005import gov.nist.secauto.metaschema.binding.model.annotations.BoundFieldValue;
006import gov.nist.secauto.metaschema.binding.model.annotations.BoundFlag;
007import gov.nist.secauto.metaschema.binding.model.annotations.Expect;
008import gov.nist.secauto.metaschema.binding.model.annotations.GroupAs;
009import gov.nist.secauto.metaschema.binding.model.annotations.MetaschemaAssembly;
010import gov.nist.secauto.metaschema.binding.model.annotations.ValueConstraints;
011import gov.nist.secauto.metaschema.model.common.JsonGroupAsBehavior;
012import gov.nist.secauto.metaschema.model.common.constraint.IConstraint;
013import gov.nist.secauto.metaschema.model.common.datatype.adapter.UuidAdapter;
014import gov.nist.secauto.metaschema.model.common.datatype.markup.MarkupLine;
015import gov.nist.secauto.metaschema.model.common.datatype.markup.MarkupLineAdapter;
016import gov.nist.secauto.metaschema.model.common.datatype.markup.MarkupMultiline;
017import gov.nist.secauto.metaschema.model.common.datatype.markup.MarkupMultilineAdapter;
018import gov.nist.secauto.metaschema.model.common.util.ObjectUtils;
019import java.lang.Override;
020import java.lang.String;
021import java.util.LinkedList;
022import java.util.List;
023import java.util.UUID;
024import org.apache.commons.lang3.builder.MultilineRecursiveToStringStyle;
025import org.apache.commons.lang3.builder.ReflectionToStringBuilder;
026
027/**
028 * Describes an individual POA&amp;M item.
029 */
030@MetaschemaAssembly(
031    formalName = "POA&M Item",
032    description = "Describes an individual POA\\&M item.",
033    name = "poam-item",
034    metaschema = OscalPoamMetaschema.class
035)
036@ValueConstraints(
037    expect = @Expect(level = IConstraint.Level.WARNING, test = "@uuid", message = "It is a best practice to provide a UUID.")
038)
039public class PoamItem {
040  @BoundFlag(
041      formalName = "POA&M Item Universally Unique Identifier",
042      description = "A [machine-oriented](https://pages.nist.gov/OSCAL/concepts/identifier-use/#machine-oriented), [globally unique](https://pages.nist.gov/OSCAL/concepts/identifier-use/#globally-unique) identifier with [instance](https://pages.nist.gov/OSCAL/concepts/identifier-use/#instance) scope that can be used to reference this POA\\&M item entry in [this OSCAL instance](https://pages.nist.gov/OSCAL/concepts/identifier-use/#poam-identifiers). This UUID should be assigned [per-subject](https://pages.nist.gov/OSCAL/concepts/identifier-use/#consistency), which means it should be consistently used to identify the same subject across revisions of the document.",
043      useName = "uuid",
044      typeAdapter = UuidAdapter.class
045  )
046  private UUID _uuid;
047
048  /**
049   * "The title or name for this POA&amp;M item ."
050   */
051  @BoundField(
052      formalName = "POA&M Item Title",
053      description = "The title or name for this POA\\&M item .",
054      useName = "title",
055      minOccurs = 1
056  )
057  @BoundFieldValue(
058      typeAdapter = MarkupLineAdapter.class
059  )
060  private MarkupLine _title;
061
062  /**
063   * "A human-readable description of POA&amp;M item."
064   */
065  @BoundField(
066      formalName = "POA&M Item Description",
067      description = "A human-readable description of POA\\&M item.",
068      useName = "description",
069      minOccurs = 1
070  )
071  @BoundFieldValue(
072      typeAdapter = MarkupMultilineAdapter.class
073  )
074  private MarkupMultiline _description;
075
076  @BoundAssembly(
077      formalName = "Property",
078      description = "An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair.",
079      useName = "prop",
080      maxOccurs = -1
081  )
082  @GroupAs(
083      name = "props",
084      inJson = JsonGroupAsBehavior.LIST
085  )
086  private List<Property> _props;
087
088  @BoundAssembly(
089      formalName = "Link",
090      description = "A reference to a local or remote resource, that has a specific relation to the containing object.",
091      useName = "link",
092      maxOccurs = -1
093  )
094  @GroupAs(
095      name = "links",
096      inJson = JsonGroupAsBehavior.LIST
097  )
098  private List<Link> _links;
099
100  /**
101   * "Identifies the source of the finding, such as a tool or person."
102   */
103  @BoundAssembly(
104      formalName = "Origin",
105      description = "Identifies the source of the finding, such as a tool or person.",
106      useName = "origin",
107      maxOccurs = -1,
108      remarks = "Used to identify the individual and/or tool generated this poam-item."
109  )
110  @GroupAs(
111      name = "origins",
112      inJson = JsonGroupAsBehavior.LIST
113  )
114  private List<Origin> _origins;
115
116  /**
117   * "Relates the poam-item to referenced finding(s)."
118   */
119  @BoundAssembly(
120      formalName = "Related Finding",
121      description = "Relates the poam-item to referenced finding(s).",
122      useName = "related-finding",
123      maxOccurs = -1
124  )
125  @GroupAs(
126      name = "related-findings",
127      inJson = JsonGroupAsBehavior.LIST
128  )
129  private List<RelatedFinding> _relatedFindings;
130
131  /**
132   * "Relates the poam-item to a set of referenced observations that were used to determine the finding."
133   */
134  @BoundAssembly(
135      formalName = "Related Observation",
136      description = "Relates the poam-item to a set of referenced observations that were used to determine the finding.",
137      useName = "related-observation",
138      maxOccurs = -1
139  )
140  @GroupAs(
141      name = "related-observations",
142      inJson = JsonGroupAsBehavior.LIST
143  )
144  private List<RelatedObservation> _relatedObservations;
145
146  /**
147   * "Relates the finding to a set of referenced risks that were used to determine the finding."
148   */
149  @BoundAssembly(
150      formalName = "Associated Risk",
151      description = "Relates the finding to a set of referenced risks that were used to determine the finding.",
152      useName = "associated-risk",
153      maxOccurs = -1
154  )
155  @GroupAs(
156      name = "related-risks",
157      inJson = JsonGroupAsBehavior.LIST
158  )
159  private List<AssociatedRisk> _relatedRisks;
160
161  @BoundField(
162      formalName = "Remarks",
163      description = "Additional commentary about the containing object.",
164      useName = "remarks"
165  )
166  @BoundFieldValue(
167      typeAdapter = MarkupMultilineAdapter.class
168  )
169  private MarkupMultiline _remarks;
170
171  public PoamItem() {
172  }
173
174  public UUID getUuid() {
175    return _uuid;
176  }
177
178  public void setUuid(UUID value) {
179    _uuid = value;
180  }
181
182  public MarkupLine getTitle() {
183    return _title;
184  }
185
186  public void setTitle(MarkupLine value) {
187    _title = value;
188  }
189
190  public MarkupMultiline getDescription() {
191    return _description;
192  }
193
194  public void setDescription(MarkupMultiline value) {
195    _description = value;
196  }
197
198  public List<Property> getProps() {
199    return _props;
200  }
201
202  public void setProps(List<Property> value) {
203    _props = value;
204  }
205
206  /**
207   * Add a new {@link Property} item to the underlying collection.
208   * @param item the item to add
209   * @return {@code true}
210   */
211  public boolean addProp(Property item) {
212    Property value = ObjectUtils.requireNonNull(item,"item cannot be null");
213    if (_props == null) {
214      _props = new LinkedList<>();
215    }
216    return _props.add(value);
217  }
218
219  /**
220   * Remove the first matching {@link Property} item from the underlying collection.
221   * @param item the item to remove
222   * @return {@code true} if the item was removed or {@code false} otherwise
223   */
224  public boolean removeProp(Property item) {
225    Property value = ObjectUtils.requireNonNull(item,"item cannot be null");
226    return _props == null ? false : _props.remove(value);
227  }
228
229  public List<Link> getLinks() {
230    return _links;
231  }
232
233  public void setLinks(List<Link> value) {
234    _links = value;
235  }
236
237  /**
238   * Add a new {@link Link} item to the underlying collection.
239   * @param item the item to add
240   * @return {@code true}
241   */
242  public boolean addLink(Link item) {
243    Link value = ObjectUtils.requireNonNull(item,"item cannot be null");
244    if (_links == null) {
245      _links = new LinkedList<>();
246    }
247    return _links.add(value);
248  }
249
250  /**
251   * Remove the first matching {@link Link} item from the underlying collection.
252   * @param item the item to remove
253   * @return {@code true} if the item was removed or {@code false} otherwise
254   */
255  public boolean removeLink(Link item) {
256    Link value = ObjectUtils.requireNonNull(item,"item cannot be null");
257    return _links == null ? false : _links.remove(value);
258  }
259
260  public List<Origin> getOrigins() {
261    return _origins;
262  }
263
264  public void setOrigins(List<Origin> value) {
265    _origins = value;
266  }
267
268  /**
269   * Add a new {@link Origin} item to the underlying collection.
270   * @param item the item to add
271   * @return {@code true}
272   */
273  public boolean addOrigin(Origin item) {
274    Origin value = ObjectUtils.requireNonNull(item,"item cannot be null");
275    if (_origins == null) {
276      _origins = new LinkedList<>();
277    }
278    return _origins.add(value);
279  }
280
281  /**
282   * Remove the first matching {@link Origin} item from the underlying collection.
283   * @param item the item to remove
284   * @return {@code true} if the item was removed or {@code false} otherwise
285   */
286  public boolean removeOrigin(Origin item) {
287    Origin value = ObjectUtils.requireNonNull(item,"item cannot be null");
288    return _origins == null ? false : _origins.remove(value);
289  }
290
291  public List<RelatedFinding> getRelatedFindings() {
292    return _relatedFindings;
293  }
294
295  public void setRelatedFindings(List<RelatedFinding> value) {
296    _relatedFindings = value;
297  }
298
299  /**
300   * Add a new {@link RelatedFinding} item to the underlying collection.
301   * @param item the item to add
302   * @return {@code true}
303   */
304  public boolean addRelatedFinding(RelatedFinding item) {
305    RelatedFinding value = ObjectUtils.requireNonNull(item,"item cannot be null");
306    if (_relatedFindings == null) {
307      _relatedFindings = new LinkedList<>();
308    }
309    return _relatedFindings.add(value);
310  }
311
312  /**
313   * Remove the first matching {@link RelatedFinding} item from the underlying collection.
314   * @param item the item to remove
315   * @return {@code true} if the item was removed or {@code false} otherwise
316   */
317  public boolean removeRelatedFinding(RelatedFinding item) {
318    RelatedFinding value = ObjectUtils.requireNonNull(item,"item cannot be null");
319    return _relatedFindings == null ? false : _relatedFindings.remove(value);
320  }
321
322  public List<RelatedObservation> getRelatedObservations() {
323    return _relatedObservations;
324  }
325
326  public void setRelatedObservations(List<RelatedObservation> value) {
327    _relatedObservations = value;
328  }
329
330  /**
331   * Add a new {@link RelatedObservation} item to the underlying collection.
332   * @param item the item to add
333   * @return {@code true}
334   */
335  public boolean addRelatedObservation(RelatedObservation item) {
336    RelatedObservation value = ObjectUtils.requireNonNull(item,"item cannot be null");
337    if (_relatedObservations == null) {
338      _relatedObservations = new LinkedList<>();
339    }
340    return _relatedObservations.add(value);
341  }
342
343  /**
344   * Remove the first matching {@link RelatedObservation} item from the underlying collection.
345   * @param item the item to remove
346   * @return {@code true} if the item was removed or {@code false} otherwise
347   */
348  public boolean removeRelatedObservation(RelatedObservation item) {
349    RelatedObservation value = ObjectUtils.requireNonNull(item,"item cannot be null");
350    return _relatedObservations == null ? false : _relatedObservations.remove(value);
351  }
352
353  public List<AssociatedRisk> getRelatedRisks() {
354    return _relatedRisks;
355  }
356
357  public void setRelatedRisks(List<AssociatedRisk> value) {
358    _relatedRisks = value;
359  }
360
361  /**
362   * Add a new {@link AssociatedRisk} item to the underlying collection.
363   * @param item the item to add
364   * @return {@code true}
365   */
366  public boolean addAssociatedRisk(AssociatedRisk item) {
367    AssociatedRisk value = ObjectUtils.requireNonNull(item,"item cannot be null");
368    if (_relatedRisks == null) {
369      _relatedRisks = new LinkedList<>();
370    }
371    return _relatedRisks.add(value);
372  }
373
374  /**
375   * Remove the first matching {@link AssociatedRisk} item from the underlying collection.
376   * @param item the item to remove
377   * @return {@code true} if the item was removed or {@code false} otherwise
378   */
379  public boolean removeAssociatedRisk(AssociatedRisk item) {
380    AssociatedRisk value = ObjectUtils.requireNonNull(item,"item cannot be null");
381    return _relatedRisks == null ? false : _relatedRisks.remove(value);
382  }
383
384  public MarkupMultiline getRemarks() {
385    return _remarks;
386  }
387
388  public void setRemarks(MarkupMultiline value) {
389    _remarks = value;
390  }
391
392  @Override
393  public String toString() {
394    return new ReflectionToStringBuilder(this, MultilineRecursiveToStringStyle.MULTI_LINE_STYLE).toString();
395  }
396
397  /**
398   * Relates the poam-item to a set of referenced observations that were used to determine the finding.
399   */
400  @MetaschemaAssembly(
401      formalName = "Related Observation",
402      description = "Relates the poam-item to a set of referenced observations that were used to determine the finding.",
403      name = "related-observation",
404      metaschema = OscalPoamMetaschema.class
405  )
406  public static class RelatedObservation {
407    @BoundFlag(
408        formalName = "Observation Universally Unique Identifier Reference",
409        description = "A [machine-oriented](https://pages.nist.gov/OSCAL/concepts/identifier-use/#machine-oriented) identifier reference to an observation defined in the list of observations.",
410        useName = "observation-uuid",
411        required = true,
412        typeAdapter = UuidAdapter.class
413    )
414    private UUID _observationUuid;
415
416    public RelatedObservation() {
417    }
418
419    public UUID getObservationUuid() {
420      return _observationUuid;
421    }
422
423    public void setObservationUuid(UUID value) {
424      _observationUuid = value;
425    }
426
427    @Override
428    public String toString() {
429      return new ReflectionToStringBuilder(this, MultilineRecursiveToStringStyle.MULTI_LINE_STYLE).toString();
430    }
431  }
432
433  /**
434   * Identifies the source of the finding, such as a tool or person.
435   */
436  @MetaschemaAssembly(
437      formalName = "Origin",
438      description = "Identifies the source of the finding, such as a tool or person.",
439      name = "origin",
440      metaschema = OscalPoamMetaschema.class,
441      remarks = "Used to identify the individual and/or tool generated this poam-item."
442  )
443  public static class Origin {
444    @BoundAssembly(
445        formalName = "Originating Actor",
446        description = "The actor that produces an observation, a finding, or a risk. One or more actor type can be used to specify a person that is using a tool.",
447        useName = "actor",
448        minOccurs = 1,
449        maxOccurs = -1
450    )
451    @GroupAs(
452        name = "actors",
453        inJson = JsonGroupAsBehavior.LIST
454    )
455    private List<OriginActor> _actors;
456
457    public Origin() {
458    }
459
460    public List<OriginActor> getActors() {
461      return _actors;
462    }
463
464    public void setActors(List<OriginActor> value) {
465      _actors = value;
466    }
467
468    /**
469     * Add a new {@link OriginActor} item to the underlying collection.
470     * @param item the item to add
471     * @return {@code true}
472     */
473    public boolean addActor(OriginActor item) {
474      OriginActor value = ObjectUtils.requireNonNull(item,"item cannot be null");
475      if (_actors == null) {
476        _actors = new LinkedList<>();
477      }
478      return _actors.add(value);
479    }
480
481    /**
482     * Remove the first matching {@link OriginActor} item from the underlying collection.
483     * @param item the item to remove
484     * @return {@code true} if the item was removed or {@code false} otherwise
485     */
486    public boolean removeActor(OriginActor item) {
487      OriginActor value = ObjectUtils.requireNonNull(item,"item cannot be null");
488      return _actors == null ? false : _actors.remove(value);
489    }
490
491    @Override
492    public String toString() {
493      return new ReflectionToStringBuilder(this, MultilineRecursiveToStringStyle.MULTI_LINE_STYLE).toString();
494    }
495  }
496
497  /**
498   * Relates the finding to a set of referenced risks that were used to determine the finding.
499   */
500  @MetaschemaAssembly(
501      formalName = "Associated Risk",
502      description = "Relates the finding to a set of referenced risks that were used to determine the finding.",
503      name = "associated-risk",
504      metaschema = OscalPoamMetaschema.class
505  )
506  public static class AssociatedRisk {
507    @BoundFlag(
508        formalName = "Risk Universally Unique Identifier Reference",
509        description = "A [machine-oriented](https://pages.nist.gov/OSCAL/concepts/identifier-use/#machine-oriented) identifier reference to a risk defined in the list of risks.",
510        useName = "risk-uuid",
511        required = true,
512        typeAdapter = UuidAdapter.class
513    )
514    private UUID _riskUuid;
515
516    public AssociatedRisk() {
517    }
518
519    public UUID getRiskUuid() {
520      return _riskUuid;
521    }
522
523    public void setRiskUuid(UUID value) {
524      _riskUuid = value;
525    }
526
527    @Override
528    public String toString() {
529      return new ReflectionToStringBuilder(this, MultilineRecursiveToStringStyle.MULTI_LINE_STYLE).toString();
530    }
531  }
532
533  /**
534   * Relates the poam-item to referenced finding(s).
535   */
536  @MetaschemaAssembly(
537      formalName = "Related Finding",
538      description = "Relates the poam-item to referenced finding(s).",
539      name = "related-finding",
540      metaschema = OscalPoamMetaschema.class
541  )
542  public static class RelatedFinding {
543    @BoundFlag(
544        formalName = "Finding Universally Unique Identifier Reference",
545        description = "A [machine-oriented](https://pages.nist.gov/OSCAL/concepts/identifier-use/#machine-oriented) identifier reference to a finding defined in the list of findings.",
546        useName = "finding-uuid",
547        required = true,
548        typeAdapter = UuidAdapter.class
549    )
550    private UUID _findingUuid;
551
552    public RelatedFinding() {
553    }
554
555    public UUID getFindingUuid() {
556      return _findingUuid;
557    }
558
559    public void setFindingUuid(UUID value) {
560      _findingUuid = value;
561    }
562
563    @Override
564    public String toString() {
565      return new ReflectionToStringBuilder(this, MultilineRecursiveToStringStyle.MULTI_LINE_STYLE).toString();
566    }
567  }
568}