001package gov.nist.secauto.oscal.lib.model; 002 003import gov.nist.secauto.metaschema.binding.model.annotations.BoundAssembly; 004import gov.nist.secauto.metaschema.binding.model.annotations.BoundField; 005import gov.nist.secauto.metaschema.binding.model.annotations.BoundFieldValue; 006import gov.nist.secauto.metaschema.binding.model.annotations.BoundFlag; 007import gov.nist.secauto.metaschema.binding.model.annotations.Expect; 008import gov.nist.secauto.metaschema.binding.model.annotations.GroupAs; 009import gov.nist.secauto.metaschema.binding.model.annotations.MetaschemaAssembly; 010import gov.nist.secauto.metaschema.binding.model.annotations.ValueConstraints; 011import gov.nist.secauto.metaschema.model.common.JsonGroupAsBehavior; 012import gov.nist.secauto.metaschema.model.common.constraint.IConstraint; 013import gov.nist.secauto.metaschema.model.common.datatype.adapter.UuidAdapter; 014import gov.nist.secauto.metaschema.model.common.datatype.markup.MarkupLine; 015import gov.nist.secauto.metaschema.model.common.datatype.markup.MarkupLineAdapter; 016import gov.nist.secauto.metaschema.model.common.datatype.markup.MarkupMultiline; 017import gov.nist.secauto.metaschema.model.common.datatype.markup.MarkupMultilineAdapter; 018import gov.nist.secauto.metaschema.model.common.util.ObjectUtils; 019import java.lang.Override; 020import java.lang.String; 021import java.util.LinkedList; 022import java.util.List; 023import java.util.UUID; 024import org.apache.commons.lang3.builder.MultilineRecursiveToStringStyle; 025import org.apache.commons.lang3.builder.ReflectionToStringBuilder; 026 027/** 028 * Describes an individual POA&M item. 029 */ 030@MetaschemaAssembly( 031 formalName = "POA&M Item", 032 description = "Describes an individual POA\\&M item.", 033 name = "poam-item", 034 metaschema = OscalPoamMetaschema.class 035) 036@ValueConstraints( 037 expect = @Expect(level = IConstraint.Level.WARNING, test = "@uuid", message = "It is a best practice to provide a UUID.") 038) 039public class PoamItem { 040 @BoundFlag( 041 formalName = "POA&M Item Universally Unique Identifier", 042 description = "A [machine-oriented](https://pages.nist.gov/OSCAL/concepts/identifier-use/#machine-oriented), [globally unique](https://pages.nist.gov/OSCAL/concepts/identifier-use/#globally-unique) identifier with [instance](https://pages.nist.gov/OSCAL/concepts/identifier-use/#instance) scope that can be used to reference this POA\\&M item entry in [this OSCAL instance](https://pages.nist.gov/OSCAL/concepts/identifier-use/#poam-identifiers). This UUID should be assigned [per-subject](https://pages.nist.gov/OSCAL/concepts/identifier-use/#consistency), which means it should be consistently used to identify the same subject across revisions of the document.", 043 useName = "uuid", 044 typeAdapter = UuidAdapter.class 045 ) 046 private UUID _uuid; 047 048 /** 049 * "The title or name for this POA&M item ." 050 */ 051 @BoundField( 052 formalName = "POA&M Item Title", 053 description = "The title or name for this POA\\&M item .", 054 useName = "title", 055 minOccurs = 1 056 ) 057 @BoundFieldValue( 058 typeAdapter = MarkupLineAdapter.class 059 ) 060 private MarkupLine _title; 061 062 /** 063 * "A human-readable description of POA&M item." 064 */ 065 @BoundField( 066 formalName = "POA&M Item Description", 067 description = "A human-readable description of POA\\&M item.", 068 useName = "description", 069 minOccurs = 1 070 ) 071 @BoundFieldValue( 072 typeAdapter = MarkupMultilineAdapter.class 073 ) 074 private MarkupMultiline _description; 075 076 @BoundAssembly( 077 formalName = "Property", 078 description = "An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair.", 079 useName = "prop", 080 maxOccurs = -1 081 ) 082 @GroupAs( 083 name = "props", 084 inJson = JsonGroupAsBehavior.LIST 085 ) 086 private List<Property> _props; 087 088 @BoundAssembly( 089 formalName = "Link", 090 description = "A reference to a local or remote resource, that has a specific relation to the containing object.", 091 useName = "link", 092 maxOccurs = -1 093 ) 094 @GroupAs( 095 name = "links", 096 inJson = JsonGroupAsBehavior.LIST 097 ) 098 private List<Link> _links; 099 100 /** 101 * "Identifies the source of the finding, such as a tool or person." 102 */ 103 @BoundAssembly( 104 formalName = "Origin", 105 description = "Identifies the source of the finding, such as a tool or person.", 106 useName = "origin", 107 maxOccurs = -1, 108 remarks = "Used to identify the individual and/or tool generated this poam-item." 109 ) 110 @GroupAs( 111 name = "origins", 112 inJson = JsonGroupAsBehavior.LIST 113 ) 114 private List<Origin> _origins; 115 116 /** 117 * "Relates the poam-item to referenced finding(s)." 118 */ 119 @BoundAssembly( 120 formalName = "Related Finding", 121 description = "Relates the poam-item to referenced finding(s).", 122 useName = "related-finding", 123 maxOccurs = -1 124 ) 125 @GroupAs( 126 name = "related-findings", 127 inJson = JsonGroupAsBehavior.LIST 128 ) 129 private List<RelatedFinding> _relatedFindings; 130 131 /** 132 * "Relates the poam-item to a set of referenced observations that were used to determine the finding." 133 */ 134 @BoundAssembly( 135 formalName = "Related Observation", 136 description = "Relates the poam-item to a set of referenced observations that were used to determine the finding.", 137 useName = "related-observation", 138 maxOccurs = -1 139 ) 140 @GroupAs( 141 name = "related-observations", 142 inJson = JsonGroupAsBehavior.LIST 143 ) 144 private List<RelatedObservation> _relatedObservations; 145 146 /** 147 * "Relates the finding to a set of referenced risks that were used to determine the finding." 148 */ 149 @BoundAssembly( 150 formalName = "Associated Risk", 151 description = "Relates the finding to a set of referenced risks that were used to determine the finding.", 152 useName = "associated-risk", 153 maxOccurs = -1 154 ) 155 @GroupAs( 156 name = "related-risks", 157 inJson = JsonGroupAsBehavior.LIST 158 ) 159 private List<AssociatedRisk> _relatedRisks; 160 161 @BoundField( 162 formalName = "Remarks", 163 description = "Additional commentary about the containing object.", 164 useName = "remarks" 165 ) 166 @BoundFieldValue( 167 typeAdapter = MarkupMultilineAdapter.class 168 ) 169 private MarkupMultiline _remarks; 170 171 public PoamItem() { 172 } 173 174 public UUID getUuid() { 175 return _uuid; 176 } 177 178 public void setUuid(UUID value) { 179 _uuid = value; 180 } 181 182 public MarkupLine getTitle() { 183 return _title; 184 } 185 186 public void setTitle(MarkupLine value) { 187 _title = value; 188 } 189 190 public MarkupMultiline getDescription() { 191 return _description; 192 } 193 194 public void setDescription(MarkupMultiline value) { 195 _description = value; 196 } 197 198 public List<Property> getProps() { 199 return _props; 200 } 201 202 public void setProps(List<Property> value) { 203 _props = value; 204 } 205 206 /** 207 * Add a new {@link Property} item to the underlying collection. 208 * @param item the item to add 209 * @return {@code true} 210 */ 211 public boolean addProp(Property item) { 212 Property value = ObjectUtils.requireNonNull(item,"item cannot be null"); 213 if (_props == null) { 214 _props = new LinkedList<>(); 215 } 216 return _props.add(value); 217 } 218 219 /** 220 * Remove the first matching {@link Property} item from the underlying collection. 221 * @param item the item to remove 222 * @return {@code true} if the item was removed or {@code false} otherwise 223 */ 224 public boolean removeProp(Property item) { 225 Property value = ObjectUtils.requireNonNull(item,"item cannot be null"); 226 return _props == null ? false : _props.remove(value); 227 } 228 229 public List<Link> getLinks() { 230 return _links; 231 } 232 233 public void setLinks(List<Link> value) { 234 _links = value; 235 } 236 237 /** 238 * Add a new {@link Link} item to the underlying collection. 239 * @param item the item to add 240 * @return {@code true} 241 */ 242 public boolean addLink(Link item) { 243 Link value = ObjectUtils.requireNonNull(item,"item cannot be null"); 244 if (_links == null) { 245 _links = new LinkedList<>(); 246 } 247 return _links.add(value); 248 } 249 250 /** 251 * Remove the first matching {@link Link} item from the underlying collection. 252 * @param item the item to remove 253 * @return {@code true} if the item was removed or {@code false} otherwise 254 */ 255 public boolean removeLink(Link item) { 256 Link value = ObjectUtils.requireNonNull(item,"item cannot be null"); 257 return _links == null ? false : _links.remove(value); 258 } 259 260 public List<Origin> getOrigins() { 261 return _origins; 262 } 263 264 public void setOrigins(List<Origin> value) { 265 _origins = value; 266 } 267 268 /** 269 * Add a new {@link Origin} item to the underlying collection. 270 * @param item the item to add 271 * @return {@code true} 272 */ 273 public boolean addOrigin(Origin item) { 274 Origin value = ObjectUtils.requireNonNull(item,"item cannot be null"); 275 if (_origins == null) { 276 _origins = new LinkedList<>(); 277 } 278 return _origins.add(value); 279 } 280 281 /** 282 * Remove the first matching {@link Origin} item from the underlying collection. 283 * @param item the item to remove 284 * @return {@code true} if the item was removed or {@code false} otherwise 285 */ 286 public boolean removeOrigin(Origin item) { 287 Origin value = ObjectUtils.requireNonNull(item,"item cannot be null"); 288 return _origins == null ? false : _origins.remove(value); 289 } 290 291 public List<RelatedFinding> getRelatedFindings() { 292 return _relatedFindings; 293 } 294 295 public void setRelatedFindings(List<RelatedFinding> value) { 296 _relatedFindings = value; 297 } 298 299 /** 300 * Add a new {@link RelatedFinding} item to the underlying collection. 301 * @param item the item to add 302 * @return {@code true} 303 */ 304 public boolean addRelatedFinding(RelatedFinding item) { 305 RelatedFinding value = ObjectUtils.requireNonNull(item,"item cannot be null"); 306 if (_relatedFindings == null) { 307 _relatedFindings = new LinkedList<>(); 308 } 309 return _relatedFindings.add(value); 310 } 311 312 /** 313 * Remove the first matching {@link RelatedFinding} item from the underlying collection. 314 * @param item the item to remove 315 * @return {@code true} if the item was removed or {@code false} otherwise 316 */ 317 public boolean removeRelatedFinding(RelatedFinding item) { 318 RelatedFinding value = ObjectUtils.requireNonNull(item,"item cannot be null"); 319 return _relatedFindings == null ? false : _relatedFindings.remove(value); 320 } 321 322 public List<RelatedObservation> getRelatedObservations() { 323 return _relatedObservations; 324 } 325 326 public void setRelatedObservations(List<RelatedObservation> value) { 327 _relatedObservations = value; 328 } 329 330 /** 331 * Add a new {@link RelatedObservation} item to the underlying collection. 332 * @param item the item to add 333 * @return {@code true} 334 */ 335 public boolean addRelatedObservation(RelatedObservation item) { 336 RelatedObservation value = ObjectUtils.requireNonNull(item,"item cannot be null"); 337 if (_relatedObservations == null) { 338 _relatedObservations = new LinkedList<>(); 339 } 340 return _relatedObservations.add(value); 341 } 342 343 /** 344 * Remove the first matching {@link RelatedObservation} item from the underlying collection. 345 * @param item the item to remove 346 * @return {@code true} if the item was removed or {@code false} otherwise 347 */ 348 public boolean removeRelatedObservation(RelatedObservation item) { 349 RelatedObservation value = ObjectUtils.requireNonNull(item,"item cannot be null"); 350 return _relatedObservations == null ? false : _relatedObservations.remove(value); 351 } 352 353 public List<AssociatedRisk> getRelatedRisks() { 354 return _relatedRisks; 355 } 356 357 public void setRelatedRisks(List<AssociatedRisk> value) { 358 _relatedRisks = value; 359 } 360 361 /** 362 * Add a new {@link AssociatedRisk} item to the underlying collection. 363 * @param item the item to add 364 * @return {@code true} 365 */ 366 public boolean addAssociatedRisk(AssociatedRisk item) { 367 AssociatedRisk value = ObjectUtils.requireNonNull(item,"item cannot be null"); 368 if (_relatedRisks == null) { 369 _relatedRisks = new LinkedList<>(); 370 } 371 return _relatedRisks.add(value); 372 } 373 374 /** 375 * Remove the first matching {@link AssociatedRisk} item from the underlying collection. 376 * @param item the item to remove 377 * @return {@code true} if the item was removed or {@code false} otherwise 378 */ 379 public boolean removeAssociatedRisk(AssociatedRisk item) { 380 AssociatedRisk value = ObjectUtils.requireNonNull(item,"item cannot be null"); 381 return _relatedRisks == null ? false : _relatedRisks.remove(value); 382 } 383 384 public MarkupMultiline getRemarks() { 385 return _remarks; 386 } 387 388 public void setRemarks(MarkupMultiline value) { 389 _remarks = value; 390 } 391 392 @Override 393 public String toString() { 394 return new ReflectionToStringBuilder(this, MultilineRecursiveToStringStyle.MULTI_LINE_STYLE).toString(); 395 } 396 397 /** 398 * Relates the poam-item to a set of referenced observations that were used to determine the finding. 399 */ 400 @MetaschemaAssembly( 401 formalName = "Related Observation", 402 description = "Relates the poam-item to a set of referenced observations that were used to determine the finding.", 403 name = "related-observation", 404 metaschema = OscalPoamMetaschema.class 405 ) 406 public static class RelatedObservation { 407 @BoundFlag( 408 formalName = "Observation Universally Unique Identifier Reference", 409 description = "A [machine-oriented](https://pages.nist.gov/OSCAL/concepts/identifier-use/#machine-oriented) identifier reference to an observation defined in the list of observations.", 410 useName = "observation-uuid", 411 required = true, 412 typeAdapter = UuidAdapter.class 413 ) 414 private UUID _observationUuid; 415 416 public RelatedObservation() { 417 } 418 419 public UUID getObservationUuid() { 420 return _observationUuid; 421 } 422 423 public void setObservationUuid(UUID value) { 424 _observationUuid = value; 425 } 426 427 @Override 428 public String toString() { 429 return new ReflectionToStringBuilder(this, MultilineRecursiveToStringStyle.MULTI_LINE_STYLE).toString(); 430 } 431 } 432 433 /** 434 * Identifies the source of the finding, such as a tool or person. 435 */ 436 @MetaschemaAssembly( 437 formalName = "Origin", 438 description = "Identifies the source of the finding, such as a tool or person.", 439 name = "origin", 440 metaschema = OscalPoamMetaschema.class, 441 remarks = "Used to identify the individual and/or tool generated this poam-item." 442 ) 443 public static class Origin { 444 @BoundAssembly( 445 formalName = "Originating Actor", 446 description = "The actor that produces an observation, a finding, or a risk. One or more actor type can be used to specify a person that is using a tool.", 447 useName = "actor", 448 minOccurs = 1, 449 maxOccurs = -1 450 ) 451 @GroupAs( 452 name = "actors", 453 inJson = JsonGroupAsBehavior.LIST 454 ) 455 private List<OriginActor> _actors; 456 457 public Origin() { 458 } 459 460 public List<OriginActor> getActors() { 461 return _actors; 462 } 463 464 public void setActors(List<OriginActor> value) { 465 _actors = value; 466 } 467 468 /** 469 * Add a new {@link OriginActor} item to the underlying collection. 470 * @param item the item to add 471 * @return {@code true} 472 */ 473 public boolean addActor(OriginActor item) { 474 OriginActor value = ObjectUtils.requireNonNull(item,"item cannot be null"); 475 if (_actors == null) { 476 _actors = new LinkedList<>(); 477 } 478 return _actors.add(value); 479 } 480 481 /** 482 * Remove the first matching {@link OriginActor} item from the underlying collection. 483 * @param item the item to remove 484 * @return {@code true} if the item was removed or {@code false} otherwise 485 */ 486 public boolean removeActor(OriginActor item) { 487 OriginActor value = ObjectUtils.requireNonNull(item,"item cannot be null"); 488 return _actors == null ? false : _actors.remove(value); 489 } 490 491 @Override 492 public String toString() { 493 return new ReflectionToStringBuilder(this, MultilineRecursiveToStringStyle.MULTI_LINE_STYLE).toString(); 494 } 495 } 496 497 /** 498 * Relates the finding to a set of referenced risks that were used to determine the finding. 499 */ 500 @MetaschemaAssembly( 501 formalName = "Associated Risk", 502 description = "Relates the finding to a set of referenced risks that were used to determine the finding.", 503 name = "associated-risk", 504 metaschema = OscalPoamMetaschema.class 505 ) 506 public static class AssociatedRisk { 507 @BoundFlag( 508 formalName = "Risk Universally Unique Identifier Reference", 509 description = "A [machine-oriented](https://pages.nist.gov/OSCAL/concepts/identifier-use/#machine-oriented) identifier reference to a risk defined in the list of risks.", 510 useName = "risk-uuid", 511 required = true, 512 typeAdapter = UuidAdapter.class 513 ) 514 private UUID _riskUuid; 515 516 public AssociatedRisk() { 517 } 518 519 public UUID getRiskUuid() { 520 return _riskUuid; 521 } 522 523 public void setRiskUuid(UUID value) { 524 _riskUuid = value; 525 } 526 527 @Override 528 public String toString() { 529 return new ReflectionToStringBuilder(this, MultilineRecursiveToStringStyle.MULTI_LINE_STYLE).toString(); 530 } 531 } 532 533 /** 534 * Relates the poam-item to referenced finding(s). 535 */ 536 @MetaschemaAssembly( 537 formalName = "Related Finding", 538 description = "Relates the poam-item to referenced finding(s).", 539 name = "related-finding", 540 metaschema = OscalPoamMetaschema.class 541 ) 542 public static class RelatedFinding { 543 @BoundFlag( 544 formalName = "Finding Universally Unique Identifier Reference", 545 description = "A [machine-oriented](https://pages.nist.gov/OSCAL/concepts/identifier-use/#machine-oriented) identifier reference to a finding defined in the list of findings.", 546 useName = "finding-uuid", 547 required = true, 548 typeAdapter = UuidAdapter.class 549 ) 550 private UUID _findingUuid; 551 552 public RelatedFinding() { 553 } 554 555 public UUID getFindingUuid() { 556 return _findingUuid; 557 } 558 559 public void setFindingUuid(UUID value) { 560 _findingUuid = value; 561 } 562 563 @Override 564 public String toString() { 565 return new ReflectionToStringBuilder(this, MultilineRecursiveToStringStyle.MULTI_LINE_STYLE).toString(); 566 } 567 } 568}