Source code

001package gov.nist.secauto.oscal.lib.model;
002
003import gov.nist.secauto.metaschema.binding.model.annotations.AllowedValue;
004import gov.nist.secauto.metaschema.binding.model.annotations.AllowedValues;
005import gov.nist.secauto.metaschema.binding.model.annotations.AssemblyConstraints;
006import gov.nist.secauto.metaschema.binding.model.annotations.BoundAssembly;
007import gov.nist.secauto.metaschema.binding.model.annotations.BoundField;
008import gov.nist.secauto.metaschema.binding.model.annotations.BoundFieldValue;
009import gov.nist.secauto.metaschema.binding.model.annotations.BoundFlag;
010import gov.nist.secauto.metaschema.binding.model.annotations.GroupAs;
011import gov.nist.secauto.metaschema.binding.model.annotations.Index;
012import gov.nist.secauto.metaschema.binding.model.annotations.IndexHasKey;
013import gov.nist.secauto.metaschema.binding.model.annotations.IsUnique;
014import gov.nist.secauto.metaschema.binding.model.annotations.KeyField;
015import gov.nist.secauto.metaschema.binding.model.annotations.Matches;
016import gov.nist.secauto.metaschema.binding.model.annotations.MetaschemaAssembly;
017import gov.nist.secauto.metaschema.binding.model.annotations.ValueConstraints;
018import gov.nist.secauto.metaschema.model.common.JsonGroupAsBehavior;
019import gov.nist.secauto.metaschema.model.common.constraint.IConstraint;
020import gov.nist.secauto.metaschema.model.common.datatype.adapter.DateAdapter;
021import gov.nist.secauto.metaschema.model.common.datatype.adapter.UriAdapter;
022import gov.nist.secauto.metaschema.model.common.datatype.adapter.UriReferenceAdapter;
023import gov.nist.secauto.metaschema.model.common.datatype.adapter.UuidAdapter;
024import gov.nist.secauto.metaschema.model.common.datatype.markup.MarkupLine;
025import gov.nist.secauto.metaschema.model.common.datatype.markup.MarkupLineAdapter;
026import gov.nist.secauto.metaschema.model.common.datatype.markup.MarkupMultiline;
027import gov.nist.secauto.metaschema.model.common.datatype.markup.MarkupMultilineAdapter;
028import gov.nist.secauto.metaschema.model.common.datatype.object.Date;
029import gov.nist.secauto.metaschema.model.common.util.ObjectUtils;
030import java.lang.Override;
031import java.lang.String;
032import java.util.LinkedList;
033import java.util.List;
034import java.util.UUID;
035import org.apache.commons.lang3.builder.MultilineRecursiveToStringStyle;
036import org.apache.commons.lang3.builder.ReflectionToStringBuilder;
037
038/**
039 * Provides information as to how the system is implemented.
040 */
041@MetaschemaAssembly(
042    formalName = "System Implementation",
043    description = "Provides information as to how the system is implemented.",
044    name = "system-implementation",
045    metaschema = OscalSspMetaschema.class
046)
047@ValueConstraints(
048    allowedValues = @AllowedValues(level = IConstraint.Level.ERROR, target = "(component | inventory-item)/prop[has-oscal-namespace('http://csrc.nist.gov/ns/oscal') and @name='allows-authenticated-scan']/@value", values = {@AllowedValue(value = "yes", description = "The component allows an authenticated scan."), @AllowedValue(value = "no", description = "The component does not allow an authenticated scan.")}),
049    indexHasKey = {
050        @IndexHasKey(level = IConstraint.Level.ERROR, target = "component/prop[@name='leveraged-authorization-uuid']", indexName = "index-system-implementation-leveraged-authorization-uuid", keyFields = @KeyField(target = "@value")),
051        @IndexHasKey(level = IConstraint.Level.ERROR, target = "component/link[@rel='depends-on']", indexName = "index-system-implementation-component-uuid", keyFields = @KeyField(target = "@href")),
052        @IndexHasKey(level = IConstraint.Level.ERROR, target = "component/link[@rel='validated-by']", indexName = "index-system-implementation-component-uuid-validation", keyFields = @KeyField(target = "@href")),
053        @IndexHasKey(level = IConstraint.Level.ERROR, target = "component/link[@rel='proof-of-compliance']", indexName = "index-system-implementation-component-uuid-validation", keyFields = @KeyField(target = "@href")),
054        @IndexHasKey(level = IConstraint.Level.ERROR, target = "component/link[@rel='uses-service']", indexName = "index-system-implementation-component-uuid-service", keyFields = @KeyField(target = "@href")),
055        @IndexHasKey(level = IConstraint.Level.ERROR, target = "component[@type='service']/link[@rel='provided-by']", indexName = "index-system-implementation-component-uuid-software", keyFields = @KeyField(target = "@href"))
056    }
057)
058@AssemblyConstraints(
059    index = {
060        @Index(level = IConstraint.Level.ERROR, target = "leveraged-authorization", name = "index-system-implementation-leveraged-authorization-uuid", keyFields = @KeyField(target = "@uuid")),
061        @Index(level = IConstraint.Level.ERROR, target = "component", name = "index-system-implementation-component-uuid", keyFields = @KeyField(target = "@uuid")),
062        @Index(level = IConstraint.Level.ERROR, target = "component[@type='validation']", name = "index-system-implementation-component-uuid-validation", keyFields = @KeyField(target = "@uuid")),
063        @Index(level = IConstraint.Level.ERROR, target = "component[@type='service']", name = "index-system-implementation-component-uuid-service", keyFields = @KeyField(target = "@uuid")),
064        @Index(level = IConstraint.Level.ERROR, target = "component[@type='service']", name = "index-system-implementation-component-uuid-software", keyFields = @KeyField(target = "@uuid"))
065    },
066    isUnique = @IsUnique(id = "unique-ssp-system-implementation-user", level = IConstraint.Level.ERROR, target = "user", keyFields = @KeyField(target = "@uuid"), remarks = "A given `uuid` must be assigned only once to a user.")
067)
068public class SystemImplementation {
069  @BoundAssembly(
070      formalName = "Property",
071      description = "An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair.",
072      useName = "prop",
073      maxOccurs = -1
074  )
075  @GroupAs(
076      name = "props",
077      inJson = JsonGroupAsBehavior.LIST
078  )
079  private List<Property> _props;
080
081  @BoundAssembly(
082      formalName = "Link",
083      description = "A reference to a local or remote resource, that has a specific relation to the containing object.",
084      useName = "link",
085      maxOccurs = -1
086  )
087  @GroupAs(
088      name = "links",
089      inJson = JsonGroupAsBehavior.LIST
090  )
091  private List<Link> _links;
092
093  /**
094   * "A description of another authorized system from which this system inherits capabilities that satisfy security requirements. Another term for this concept is a <em>common control provider</em>."
095   */
096  @BoundAssembly(
097      formalName = "Leveraged Authorization",
098      description = "A description of another authorized system from which this system inherits capabilities that satisfy security requirements. Another term for this concept is a *common control provider*.",
099      useName = "leveraged-authorization",
100      maxOccurs = -1
101  )
102  @GroupAs(
103      name = "leveraged-authorizations",
104      inJson = JsonGroupAsBehavior.LIST
105  )
106  private List<LeveragedAuthorization> _leveragedAuthorizations;
107
108  @BoundAssembly(
109      formalName = "System User",
110      description = "A type of user that interacts with the system based on an associated role.",
111      useName = "user",
112      minOccurs = 1,
113      maxOccurs = -1
114  )
115  @GroupAs(
116      name = "users",
117      inJson = JsonGroupAsBehavior.LIST
118  )
119  private List<SystemUser> _users;
120
121  @BoundAssembly(
122      formalName = "Component",
123      description = "A defined component that can be part of an implemented system.",
124      useName = "component",
125      minOccurs = 1,
126      maxOccurs = -1
127  )
128  @GroupAs(
129      name = "components",
130      inJson = JsonGroupAsBehavior.LIST
131  )
132  private List<SystemComponent> _components;
133
134  @BoundAssembly(
135      formalName = "Inventory Item",
136      description = "A single managed inventory item within the system.",
137      useName = "inventory-item",
138      maxOccurs = -1,
139      remarks = "A set of `inventory-item` entries that represent the managed inventory instances of the system."
140  )
141  @GroupAs(
142      name = "inventory-items",
143      inJson = JsonGroupAsBehavior.LIST
144  )
145  private List<InventoryItem> _inventoryItems;
146
147  @BoundField(
148      formalName = "Remarks",
149      description = "Additional commentary about the containing object.",
150      useName = "remarks"
151  )
152  @BoundFieldValue(
153      typeAdapter = MarkupMultilineAdapter.class
154  )
155  private MarkupMultiline _remarks;
156
157  public SystemImplementation() {
158  }
159
160  public List<Property> getProps() {
161    return _props;
162  }
163
164  public void setProps(List<Property> value) {
165    _props = value;
166  }
167
168  /**
169   * Add a new {@link Property} item to the underlying collection.
170   * @param item the item to add
171   * @return {@code true}
172   */
173  public boolean addProp(Property item) {
174    Property value = ObjectUtils.requireNonNull(item,"item cannot be null");
175    if (_props == null) {
176      _props = new LinkedList<>();
177    }
178    return _props.add(value);
179  }
180
181  /**
182   * Remove the first matching {@link Property} item from the underlying collection.
183   * @param item the item to remove
184   * @return {@code true} if the item was removed or {@code false} otherwise
185   */
186  public boolean removeProp(Property item) {
187    Property value = ObjectUtils.requireNonNull(item,"item cannot be null");
188    return _props == null ? false : _props.remove(value);
189  }
190
191  public List<Link> getLinks() {
192    return _links;
193  }
194
195  public void setLinks(List<Link> value) {
196    _links = value;
197  }
198
199  /**
200   * Add a new {@link Link} item to the underlying collection.
201   * @param item the item to add
202   * @return {@code true}
203   */
204  public boolean addLink(Link item) {
205    Link value = ObjectUtils.requireNonNull(item,"item cannot be null");
206    if (_links == null) {
207      _links = new LinkedList<>();
208    }
209    return _links.add(value);
210  }
211
212  /**
213   * Remove the first matching {@link Link} item from the underlying collection.
214   * @param item the item to remove
215   * @return {@code true} if the item was removed or {@code false} otherwise
216   */
217  public boolean removeLink(Link item) {
218    Link value = ObjectUtils.requireNonNull(item,"item cannot be null");
219    return _links == null ? false : _links.remove(value);
220  }
221
222  public List<LeveragedAuthorization> getLeveragedAuthorizations() {
223    return _leveragedAuthorizations;
224  }
225
226  public void setLeveragedAuthorizations(List<LeveragedAuthorization> value) {
227    _leveragedAuthorizations = value;
228  }
229
230  /**
231   * Add a new {@link LeveragedAuthorization} item to the underlying collection.
232   * @param item the item to add
233   * @return {@code true}
234   */
235  public boolean addLeveragedAuthorization(LeveragedAuthorization item) {
236    LeveragedAuthorization value = ObjectUtils.requireNonNull(item,"item cannot be null");
237    if (_leveragedAuthorizations == null) {
238      _leveragedAuthorizations = new LinkedList<>();
239    }
240    return _leveragedAuthorizations.add(value);
241  }
242
243  /**
244   * Remove the first matching {@link LeveragedAuthorization} item from the underlying collection.
245   * @param item the item to remove
246   * @return {@code true} if the item was removed or {@code false} otherwise
247   */
248  public boolean removeLeveragedAuthorization(LeveragedAuthorization item) {
249    LeveragedAuthorization value = ObjectUtils.requireNonNull(item,"item cannot be null");
250    return _leveragedAuthorizations == null ? false : _leveragedAuthorizations.remove(value);
251  }
252
253  public List<SystemUser> getUsers() {
254    return _users;
255  }
256
257  public void setUsers(List<SystemUser> value) {
258    _users = value;
259  }
260
261  /**
262   * Add a new {@link SystemUser} item to the underlying collection.
263   * @param item the item to add
264   * @return {@code true}
265   */
266  public boolean addUser(SystemUser item) {
267    SystemUser value = ObjectUtils.requireNonNull(item,"item cannot be null");
268    if (_users == null) {
269      _users = new LinkedList<>();
270    }
271    return _users.add(value);
272  }
273
274  /**
275   * Remove the first matching {@link SystemUser} item from the underlying collection.
276   * @param item the item to remove
277   * @return {@code true} if the item was removed or {@code false} otherwise
278   */
279  public boolean removeUser(SystemUser item) {
280    SystemUser value = ObjectUtils.requireNonNull(item,"item cannot be null");
281    return _users == null ? false : _users.remove(value);
282  }
283
284  public List<SystemComponent> getComponents() {
285    return _components;
286  }
287
288  public void setComponents(List<SystemComponent> value) {
289    _components = value;
290  }
291
292  /**
293   * Add a new {@link SystemComponent} item to the underlying collection.
294   * @param item the item to add
295   * @return {@code true}
296   */
297  public boolean addComponent(SystemComponent item) {
298    SystemComponent value = ObjectUtils.requireNonNull(item,"item cannot be null");
299    if (_components == null) {
300      _components = new LinkedList<>();
301    }
302    return _components.add(value);
303  }
304
305  /**
306   * Remove the first matching {@link SystemComponent} item from the underlying collection.
307   * @param item the item to remove
308   * @return {@code true} if the item was removed or {@code false} otherwise
309   */
310  public boolean removeComponent(SystemComponent item) {
311    SystemComponent value = ObjectUtils.requireNonNull(item,"item cannot be null");
312    return _components == null ? false : _components.remove(value);
313  }
314
315  public List<InventoryItem> getInventoryItems() {
316    return _inventoryItems;
317  }
318
319  public void setInventoryItems(List<InventoryItem> value) {
320    _inventoryItems = value;
321  }
322
323  /**
324   * Add a new {@link InventoryItem} item to the underlying collection.
325   * @param item the item to add
326   * @return {@code true}
327   */
328  public boolean addInventoryItem(InventoryItem item) {
329    InventoryItem value = ObjectUtils.requireNonNull(item,"item cannot be null");
330    if (_inventoryItems == null) {
331      _inventoryItems = new LinkedList<>();
332    }
333    return _inventoryItems.add(value);
334  }
335
336  /**
337   * Remove the first matching {@link InventoryItem} item from the underlying collection.
338   * @param item the item to remove
339   * @return {@code true} if the item was removed or {@code false} otherwise
340   */
341  public boolean removeInventoryItem(InventoryItem item) {
342    InventoryItem value = ObjectUtils.requireNonNull(item,"item cannot be null");
343    return _inventoryItems == null ? false : _inventoryItems.remove(value);
344  }
345
346  public MarkupMultiline getRemarks() {
347    return _remarks;
348  }
349
350  public void setRemarks(MarkupMultiline value) {
351    _remarks = value;
352  }
353
354  @Override
355  public String toString() {
356    return new ReflectionToStringBuilder(this, MultilineRecursiveToStringStyle.MULTI_LINE_STYLE).toString();
357  }
358
359  /**
360   * A description of another authorized system from which this system inherits capabilities that satisfy security requirements. Another term for this concept is a <em>common control provider</em>.
361   */
362  @MetaschemaAssembly(
363      formalName = "Leveraged Authorization",
364      description = "A description of another authorized system from which this system inherits capabilities that satisfy security requirements. Another term for this concept is a *common control provider*.",
365      name = "leveraged-authorization",
366      metaschema = OscalSspMetaschema.class
367  )
368  @ValueConstraints(
369      allowedValues = @AllowedValues(level = IConstraint.Level.ERROR, target = "link/@rel", allowOthers = true, values = @AllowedValue(value = "system-security-plan", description = "A reference to the system security plan for the leveraged authorization.")),
370      indexHasKey = @IndexHasKey(level = IConstraint.Level.ERROR, target = "link[@rel='system-security-plan' and starts-with(@href,'#')]", indexName = "index-back-matter-resource", keyFields = @KeyField(target = "@href", pattern = "#(.*)")),
371      matches = {
372          @Matches(level = IConstraint.Level.ERROR, target = "link[@rel='system-security-plan']/@href[starts-with(.,'#')]", typeAdapter = UriReferenceAdapter.class),
373          @Matches(level = IConstraint.Level.ERROR, target = "link[@rel='system-security-plan']/@href[not(starts-with(.,'#'))]", typeAdapter = UriAdapter.class)
374      }
375  )
376  public static class LeveragedAuthorization {
377    @BoundFlag(
378        formalName = "Leveraged Authorization Universally Unique Identifier",
379        description = "A [machine-oriented](https://pages.nist.gov/OSCAL/concepts/identifier-use/#machine-oriented), [globally unique](https://pages.nist.gov/OSCAL/concepts/identifier-use/#globally-unique) identifier with [cross-instance](https://pages.nist.gov/OSCAL/concepts/identifier-use/#cross-instance) scope and can be used to reference this leveraged authorization elsewhere in [this or other OSCAL instances](https://pages.nist.gov/OSCAL/concepts/identifier-use/#ssp-identifiers). The locally defined *UUID* of the `leveraged authorization` can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned [per-subject](https://pages.nist.gov/OSCAL/concepts/identifier-use/#consistency), which means it should be consistently used to identify the same subject across revisions of the document.",
380        useName = "uuid",
381        required = true,
382        typeAdapter = UuidAdapter.class
383    )
384    private UUID _uuid;
385
386    /**
387     * "A human readable name for the leveraged authorization in the context of the system."
388     */
389    @BoundField(
390        formalName = "title field",
391        description = "A human readable name for the leveraged authorization in the context of the system.",
392        useName = "title",
393        minOccurs = 1
394    )
395    @BoundFieldValue(
396        typeAdapter = MarkupLineAdapter.class
397    )
398    private MarkupLine _title;
399
400    @BoundAssembly(
401        formalName = "Property",
402        description = "An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair.",
403        useName = "prop",
404        maxOccurs = -1
405    )
406    @GroupAs(
407        name = "props",
408        inJson = JsonGroupAsBehavior.LIST
409    )
410    private List<Property> _props;
411
412    @BoundAssembly(
413        formalName = "Link",
414        description = "A reference to a local or remote resource, that has a specific relation to the containing object.",
415        useName = "link",
416        maxOccurs = -1
417    )
418    @GroupAs(
419        name = "links",
420        inJson = JsonGroupAsBehavior.LIST
421    )
422    private List<Link> _links;
423
424    /**
425     * "A <a href=\"https://pages.nist.gov/OSCAL/concepts/identifier-use/#machine-oriented\">machine-oriented</a> identifier reference to the <code>party</code> that manages the leveraged system."
426     */
427    @BoundField(
428        formalName = "party-uuid field",
429        description = "A [machine-oriented](https://pages.nist.gov/OSCAL/concepts/identifier-use/#machine-oriented) identifier reference to the `party` that manages the leveraged system.",
430        useName = "party-uuid",
431        minOccurs = 1
432    )
433    @BoundFieldValue(
434        typeAdapter = UuidAdapter.class
435    )
436    private UUID _partyUuid;
437
438    @BoundField(
439        formalName = "System Authorization Date",
440        description = "The date the system received its authorization.",
441        useName = "date-authorized",
442        minOccurs = 1
443    )
444    @BoundFieldValue(
445        typeAdapter = DateAdapter.class
446    )
447    private Date _dateAuthorized;
448
449    @BoundField(
450        formalName = "Remarks",
451        description = "Additional commentary about the containing object.",
452        useName = "remarks"
453    )
454    @BoundFieldValue(
455        typeAdapter = MarkupMultilineAdapter.class
456    )
457    private MarkupMultiline _remarks;
458
459    public LeveragedAuthorization() {
460    }
461
462    public UUID getUuid() {
463      return _uuid;
464    }
465
466    public void setUuid(UUID value) {
467      _uuid = value;
468    }
469
470    public MarkupLine getTitle() {
471      return _title;
472    }
473
474    public void setTitle(MarkupLine value) {
475      _title = value;
476    }
477
478    public List<Property> getProps() {
479      return _props;
480    }
481
482    public void setProps(List<Property> value) {
483      _props = value;
484    }
485
486    /**
487     * Add a new {@link Property} item to the underlying collection.
488     * @param item the item to add
489     * @return {@code true}
490     */
491    public boolean addProp(Property item) {
492      Property value = ObjectUtils.requireNonNull(item,"item cannot be null");
493      if (_props == null) {
494        _props = new LinkedList<>();
495      }
496      return _props.add(value);
497    }
498
499    /**
500     * Remove the first matching {@link Property} item from the underlying collection.
501     * @param item the item to remove
502     * @return {@code true} if the item was removed or {@code false} otherwise
503     */
504    public boolean removeProp(Property item) {
505      Property value = ObjectUtils.requireNonNull(item,"item cannot be null");
506      return _props == null ? false : _props.remove(value);
507    }
508
509    public List<Link> getLinks() {
510      return _links;
511    }
512
513    public void setLinks(List<Link> value) {
514      _links = value;
515    }
516
517    /**
518     * Add a new {@link Link} item to the underlying collection.
519     * @param item the item to add
520     * @return {@code true}
521     */
522    public boolean addLink(Link item) {
523      Link value = ObjectUtils.requireNonNull(item,"item cannot be null");
524      if (_links == null) {
525        _links = new LinkedList<>();
526      }
527      return _links.add(value);
528    }
529
530    /**
531     * Remove the first matching {@link Link} item from the underlying collection.
532     * @param item the item to remove
533     * @return {@code true} if the item was removed or {@code false} otherwise
534     */
535    public boolean removeLink(Link item) {
536      Link value = ObjectUtils.requireNonNull(item,"item cannot be null");
537      return _links == null ? false : _links.remove(value);
538    }
539
540    public UUID getPartyUuid() {
541      return _partyUuid;
542    }
543
544    public void setPartyUuid(UUID value) {
545      _partyUuid = value;
546    }
547
548    public Date getDateAuthorized() {
549      return _dateAuthorized;
550    }
551
552    public void setDateAuthorized(Date value) {
553      _dateAuthorized = value;
554    }
555
556    public MarkupMultiline getRemarks() {
557      return _remarks;
558    }
559
560    public void setRemarks(MarkupMultiline value) {
561      _remarks = value;
562    }
563
564    @Override
565    public String toString() {
566      return new ReflectionToStringBuilder(this, MultilineRecursiveToStringStyle.MULTI_LINE_STYLE).toString();
567    }
568  }
569}