SystemImplementation.java
package gov.nist.secauto.oscal.lib.model;
import gov.nist.secauto.metaschema.binding.model.annotations.AllowedValue;
import gov.nist.secauto.metaschema.binding.model.annotations.AllowedValues;
import gov.nist.secauto.metaschema.binding.model.annotations.AssemblyConstraints;
import gov.nist.secauto.metaschema.binding.model.annotations.BoundAssembly;
import gov.nist.secauto.metaschema.binding.model.annotations.BoundField;
import gov.nist.secauto.metaschema.binding.model.annotations.BoundFieldValue;
import gov.nist.secauto.metaschema.binding.model.annotations.BoundFlag;
import gov.nist.secauto.metaschema.binding.model.annotations.GroupAs;
import gov.nist.secauto.metaschema.binding.model.annotations.Index;
import gov.nist.secauto.metaschema.binding.model.annotations.IndexHasKey;
import gov.nist.secauto.metaschema.binding.model.annotations.IsUnique;
import gov.nist.secauto.metaschema.binding.model.annotations.KeyField;
import gov.nist.secauto.metaschema.binding.model.annotations.Matches;
import gov.nist.secauto.metaschema.binding.model.annotations.MetaschemaAssembly;
import gov.nist.secauto.metaschema.binding.model.annotations.ValueConstraints;
import gov.nist.secauto.metaschema.model.common.JsonGroupAsBehavior;
import gov.nist.secauto.metaschema.model.common.constraint.IConstraint;
import gov.nist.secauto.metaschema.model.common.datatype.adapter.DateAdapter;
import gov.nist.secauto.metaschema.model.common.datatype.adapter.UriAdapter;
import gov.nist.secauto.metaschema.model.common.datatype.adapter.UriReferenceAdapter;
import gov.nist.secauto.metaschema.model.common.datatype.adapter.UuidAdapter;
import gov.nist.secauto.metaschema.model.common.datatype.markup.MarkupLine;
import gov.nist.secauto.metaschema.model.common.datatype.markup.MarkupLineAdapter;
import gov.nist.secauto.metaschema.model.common.datatype.markup.MarkupMultiline;
import gov.nist.secauto.metaschema.model.common.datatype.markup.MarkupMultilineAdapter;
import gov.nist.secauto.metaschema.model.common.datatype.object.Date;
import gov.nist.secauto.metaschema.model.common.util.ObjectUtils;
import java.lang.Override;
import java.lang.String;
import java.util.LinkedList;
import java.util.List;
import java.util.UUID;
import org.apache.commons.lang3.builder.MultilineRecursiveToStringStyle;
import org.apache.commons.lang3.builder.ReflectionToStringBuilder;
/**
* Provides information as to how the system is implemented.
*/
@MetaschemaAssembly(
formalName = "System Implementation",
description = "Provides information as to how the system is implemented.",
name = "system-implementation",
metaschema = OscalSspMetaschema.class
)
@ValueConstraints(
allowedValues = @AllowedValues(level = IConstraint.Level.ERROR, target = "(component | inventory-item)/prop[has-oscal-namespace('http://csrc.nist.gov/ns/oscal') and @name='allows-authenticated-scan']/@value", values = {@AllowedValue(value = "yes", description = "The component allows an authenticated scan."), @AllowedValue(value = "no", description = "The component does not allow an authenticated scan.")}),
indexHasKey = {
@IndexHasKey(level = IConstraint.Level.ERROR, target = "component/prop[@name='leveraged-authorization-uuid']", indexName = "index-system-implementation-leveraged-authorization-uuid", keyFields = @KeyField(target = "@value")),
@IndexHasKey(level = IConstraint.Level.ERROR, target = "component/link[@rel='depends-on']", indexName = "index-system-implementation-component-uuid", keyFields = @KeyField(target = "@href")),
@IndexHasKey(level = IConstraint.Level.ERROR, target = "component/link[@rel='validated-by']", indexName = "index-system-implementation-component-uuid-validation", keyFields = @KeyField(target = "@href")),
@IndexHasKey(level = IConstraint.Level.ERROR, target = "component/link[@rel='proof-of-compliance']", indexName = "index-system-implementation-component-uuid-validation", keyFields = @KeyField(target = "@href")),
@IndexHasKey(level = IConstraint.Level.ERROR, target = "component/link[@rel='uses-service']", indexName = "index-system-implementation-component-uuid-service", keyFields = @KeyField(target = "@href")),
@IndexHasKey(level = IConstraint.Level.ERROR, target = "component[@type='service']/link[@rel='provided-by']", indexName = "index-system-implementation-component-uuid-software", keyFields = @KeyField(target = "@href"))
}
)
@AssemblyConstraints(
index = {
@Index(level = IConstraint.Level.ERROR, target = "leveraged-authorization", name = "index-system-implementation-leveraged-authorization-uuid", keyFields = @KeyField(target = "@uuid")),
@Index(level = IConstraint.Level.ERROR, target = "component", name = "index-system-implementation-component-uuid", keyFields = @KeyField(target = "@uuid")),
@Index(level = IConstraint.Level.ERROR, target = "component[@type='validation']", name = "index-system-implementation-component-uuid-validation", keyFields = @KeyField(target = "@uuid")),
@Index(level = IConstraint.Level.ERROR, target = "component[@type='service']", name = "index-system-implementation-component-uuid-service", keyFields = @KeyField(target = "@uuid")),
@Index(level = IConstraint.Level.ERROR, target = "component[@type='service']", name = "index-system-implementation-component-uuid-software", keyFields = @KeyField(target = "@uuid"))
},
isUnique = @IsUnique(id = "unique-ssp-system-implementation-user", level = IConstraint.Level.ERROR, target = "user", keyFields = @KeyField(target = "@uuid"), remarks = "A given `uuid` must be assigned only once to a user.")
)
public class SystemImplementation {
@BoundAssembly(
formalName = "Property",
description = "An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair.",
useName = "prop",
maxOccurs = -1
)
@GroupAs(
name = "props",
inJson = JsonGroupAsBehavior.LIST
)
private List<Property> _props;
@BoundAssembly(
formalName = "Link",
description = "A reference to a local or remote resource, that has a specific relation to the containing object.",
useName = "link",
maxOccurs = -1
)
@GroupAs(
name = "links",
inJson = JsonGroupAsBehavior.LIST
)
private List<Link> _links;
/**
* "A description of another authorized system from which this system inherits capabilities that satisfy security requirements. Another term for this concept is a <em>common control provider</em>."
*/
@BoundAssembly(
formalName = "Leveraged Authorization",
description = "A description of another authorized system from which this system inherits capabilities that satisfy security requirements. Another term for this concept is a *common control provider*.",
useName = "leveraged-authorization",
maxOccurs = -1
)
@GroupAs(
name = "leveraged-authorizations",
inJson = JsonGroupAsBehavior.LIST
)
private List<LeveragedAuthorization> _leveragedAuthorizations;
@BoundAssembly(
formalName = "System User",
description = "A type of user that interacts with the system based on an associated role.",
useName = "user",
minOccurs = 1,
maxOccurs = -1
)
@GroupAs(
name = "users",
inJson = JsonGroupAsBehavior.LIST
)
private List<SystemUser> _users;
@BoundAssembly(
formalName = "Component",
description = "A defined component that can be part of an implemented system.",
useName = "component",
minOccurs = 1,
maxOccurs = -1
)
@GroupAs(
name = "components",
inJson = JsonGroupAsBehavior.LIST
)
private List<SystemComponent> _components;
@BoundAssembly(
formalName = "Inventory Item",
description = "A single managed inventory item within the system.",
useName = "inventory-item",
maxOccurs = -1,
remarks = "A set of `inventory-item` entries that represent the managed inventory instances of the system."
)
@GroupAs(
name = "inventory-items",
inJson = JsonGroupAsBehavior.LIST
)
private List<InventoryItem> _inventoryItems;
@BoundField(
formalName = "Remarks",
description = "Additional commentary about the containing object.",
useName = "remarks"
)
@BoundFieldValue(
typeAdapter = MarkupMultilineAdapter.class
)
private MarkupMultiline _remarks;
public SystemImplementation() {
}
public List<Property> getProps() {
return _props;
}
public void setProps(List<Property> value) {
_props = value;
}
/**
* Add a new {@link Property} item to the underlying collection.
* @param item the item to add
* @return {@code true}
*/
public boolean addProp(Property item) {
Property value = ObjectUtils.requireNonNull(item,"item cannot be null");
if (_props == null) {
_props = new LinkedList<>();
}
return _props.add(value);
}
/**
* Remove the first matching {@link Property} item from the underlying collection.
* @param item the item to remove
* @return {@code true} if the item was removed or {@code false} otherwise
*/
public boolean removeProp(Property item) {
Property value = ObjectUtils.requireNonNull(item,"item cannot be null");
return _props == null ? false : _props.remove(value);
}
public List<Link> getLinks() {
return _links;
}
public void setLinks(List<Link> value) {
_links = value;
}
/**
* Add a new {@link Link} item to the underlying collection.
* @param item the item to add
* @return {@code true}
*/
public boolean addLink(Link item) {
Link value = ObjectUtils.requireNonNull(item,"item cannot be null");
if (_links == null) {
_links = new LinkedList<>();
}
return _links.add(value);
}
/**
* Remove the first matching {@link Link} item from the underlying collection.
* @param item the item to remove
* @return {@code true} if the item was removed or {@code false} otherwise
*/
public boolean removeLink(Link item) {
Link value = ObjectUtils.requireNonNull(item,"item cannot be null");
return _links == null ? false : _links.remove(value);
}
public List<LeveragedAuthorization> getLeveragedAuthorizations() {
return _leveragedAuthorizations;
}
public void setLeveragedAuthorizations(List<LeveragedAuthorization> value) {
_leveragedAuthorizations = value;
}
/**
* Add a new {@link LeveragedAuthorization} item to the underlying collection.
* @param item the item to add
* @return {@code true}
*/
public boolean addLeveragedAuthorization(LeveragedAuthorization item) {
LeveragedAuthorization value = ObjectUtils.requireNonNull(item,"item cannot be null");
if (_leveragedAuthorizations == null) {
_leveragedAuthorizations = new LinkedList<>();
}
return _leveragedAuthorizations.add(value);
}
/**
* Remove the first matching {@link LeveragedAuthorization} item from the underlying collection.
* @param item the item to remove
* @return {@code true} if the item was removed or {@code false} otherwise
*/
public boolean removeLeveragedAuthorization(LeveragedAuthorization item) {
LeveragedAuthorization value = ObjectUtils.requireNonNull(item,"item cannot be null");
return _leveragedAuthorizations == null ? false : _leveragedAuthorizations.remove(value);
}
public List<SystemUser> getUsers() {
return _users;
}
public void setUsers(List<SystemUser> value) {
_users = value;
}
/**
* Add a new {@link SystemUser} item to the underlying collection.
* @param item the item to add
* @return {@code true}
*/
public boolean addUser(SystemUser item) {
SystemUser value = ObjectUtils.requireNonNull(item,"item cannot be null");
if (_users == null) {
_users = new LinkedList<>();
}
return _users.add(value);
}
/**
* Remove the first matching {@link SystemUser} item from the underlying collection.
* @param item the item to remove
* @return {@code true} if the item was removed or {@code false} otherwise
*/
public boolean removeUser(SystemUser item) {
SystemUser value = ObjectUtils.requireNonNull(item,"item cannot be null");
return _users == null ? false : _users.remove(value);
}
public List<SystemComponent> getComponents() {
return _components;
}
public void setComponents(List<SystemComponent> value) {
_components = value;
}
/**
* Add a new {@link SystemComponent} item to the underlying collection.
* @param item the item to add
* @return {@code true}
*/
public boolean addComponent(SystemComponent item) {
SystemComponent value = ObjectUtils.requireNonNull(item,"item cannot be null");
if (_components == null) {
_components = new LinkedList<>();
}
return _components.add(value);
}
/**
* Remove the first matching {@link SystemComponent} item from the underlying collection.
* @param item the item to remove
* @return {@code true} if the item was removed or {@code false} otherwise
*/
public boolean removeComponent(SystemComponent item) {
SystemComponent value = ObjectUtils.requireNonNull(item,"item cannot be null");
return _components == null ? false : _components.remove(value);
}
public List<InventoryItem> getInventoryItems() {
return _inventoryItems;
}
public void setInventoryItems(List<InventoryItem> value) {
_inventoryItems = value;
}
/**
* Add a new {@link InventoryItem} item to the underlying collection.
* @param item the item to add
* @return {@code true}
*/
public boolean addInventoryItem(InventoryItem item) {
InventoryItem value = ObjectUtils.requireNonNull(item,"item cannot be null");
if (_inventoryItems == null) {
_inventoryItems = new LinkedList<>();
}
return _inventoryItems.add(value);
}
/**
* Remove the first matching {@link InventoryItem} item from the underlying collection.
* @param item the item to remove
* @return {@code true} if the item was removed or {@code false} otherwise
*/
public boolean removeInventoryItem(InventoryItem item) {
InventoryItem value = ObjectUtils.requireNonNull(item,"item cannot be null");
return _inventoryItems == null ? false : _inventoryItems.remove(value);
}
public MarkupMultiline getRemarks() {
return _remarks;
}
public void setRemarks(MarkupMultiline value) {
_remarks = value;
}
@Override
public String toString() {
return new ReflectionToStringBuilder(this, MultilineRecursiveToStringStyle.MULTI_LINE_STYLE).toString();
}
/**
* A description of another authorized system from which this system inherits capabilities that satisfy security requirements. Another term for this concept is a <em>common control provider</em>.
*/
@MetaschemaAssembly(
formalName = "Leveraged Authorization",
description = "A description of another authorized system from which this system inherits capabilities that satisfy security requirements. Another term for this concept is a *common control provider*.",
name = "leveraged-authorization",
metaschema = OscalSspMetaschema.class
)
@ValueConstraints(
allowedValues = @AllowedValues(level = IConstraint.Level.ERROR, target = "link/@rel", allowOthers = true, values = @AllowedValue(value = "system-security-plan", description = "A reference to the system security plan for the leveraged authorization.")),
indexHasKey = @IndexHasKey(level = IConstraint.Level.ERROR, target = "link[@rel='system-security-plan' and starts-with(@href,'#')]", indexName = "index-back-matter-resource", keyFields = @KeyField(target = "@href", pattern = "#(.*)")),
matches = {
@Matches(level = IConstraint.Level.ERROR, target = "link[@rel='system-security-plan']/@href[starts-with(.,'#')]", typeAdapter = UriReferenceAdapter.class),
@Matches(level = IConstraint.Level.ERROR, target = "link[@rel='system-security-plan']/@href[not(starts-with(.,'#'))]", typeAdapter = UriAdapter.class)
}
)
public static class LeveragedAuthorization {
@BoundFlag(
formalName = "Leveraged Authorization Universally Unique Identifier",
description = "A [machine-oriented](https://pages.nist.gov/OSCAL/concepts/identifier-use/#machine-oriented), [globally unique](https://pages.nist.gov/OSCAL/concepts/identifier-use/#globally-unique) identifier with [cross-instance](https://pages.nist.gov/OSCAL/concepts/identifier-use/#cross-instance) scope and can be used to reference this leveraged authorization elsewhere in [this or other OSCAL instances](https://pages.nist.gov/OSCAL/concepts/identifier-use/#ssp-identifiers). The locally defined *UUID* of the `leveraged authorization` can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned [per-subject](https://pages.nist.gov/OSCAL/concepts/identifier-use/#consistency), which means it should be consistently used to identify the same subject across revisions of the document.",
useName = "uuid",
required = true,
typeAdapter = UuidAdapter.class
)
private UUID _uuid;
/**
* "A human readable name for the leveraged authorization in the context of the system."
*/
@BoundField(
formalName = "title field",
description = "A human readable name for the leveraged authorization in the context of the system.",
useName = "title",
minOccurs = 1
)
@BoundFieldValue(
typeAdapter = MarkupLineAdapter.class
)
private MarkupLine _title;
@BoundAssembly(
formalName = "Property",
description = "An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair.",
useName = "prop",
maxOccurs = -1
)
@GroupAs(
name = "props",
inJson = JsonGroupAsBehavior.LIST
)
private List<Property> _props;
@BoundAssembly(
formalName = "Link",
description = "A reference to a local or remote resource, that has a specific relation to the containing object.",
useName = "link",
maxOccurs = -1
)
@GroupAs(
name = "links",
inJson = JsonGroupAsBehavior.LIST
)
private List<Link> _links;
/**
* "A <a href=\"https://pages.nist.gov/OSCAL/concepts/identifier-use/#machine-oriented\">machine-oriented</a> identifier reference to the <code>party</code> that manages the leveraged system."
*/
@BoundField(
formalName = "party-uuid field",
description = "A [machine-oriented](https://pages.nist.gov/OSCAL/concepts/identifier-use/#machine-oriented) identifier reference to the `party` that manages the leveraged system.",
useName = "party-uuid",
minOccurs = 1
)
@BoundFieldValue(
typeAdapter = UuidAdapter.class
)
private UUID _partyUuid;
@BoundField(
formalName = "System Authorization Date",
description = "The date the system received its authorization.",
useName = "date-authorized",
minOccurs = 1
)
@BoundFieldValue(
typeAdapter = DateAdapter.class
)
private Date _dateAuthorized;
@BoundField(
formalName = "Remarks",
description = "Additional commentary about the containing object.",
useName = "remarks"
)
@BoundFieldValue(
typeAdapter = MarkupMultilineAdapter.class
)
private MarkupMultiline _remarks;
public LeveragedAuthorization() {
}
public UUID getUuid() {
return _uuid;
}
public void setUuid(UUID value) {
_uuid = value;
}
public MarkupLine getTitle() {
return _title;
}
public void setTitle(MarkupLine value) {
_title = value;
}
public List<Property> getProps() {
return _props;
}
public void setProps(List<Property> value) {
_props = value;
}
/**
* Add a new {@link Property} item to the underlying collection.
* @param item the item to add
* @return {@code true}
*/
public boolean addProp(Property item) {
Property value = ObjectUtils.requireNonNull(item,"item cannot be null");
if (_props == null) {
_props = new LinkedList<>();
}
return _props.add(value);
}
/**
* Remove the first matching {@link Property} item from the underlying collection.
* @param item the item to remove
* @return {@code true} if the item was removed or {@code false} otherwise
*/
public boolean removeProp(Property item) {
Property value = ObjectUtils.requireNonNull(item,"item cannot be null");
return _props == null ? false : _props.remove(value);
}
public List<Link> getLinks() {
return _links;
}
public void setLinks(List<Link> value) {
_links = value;
}
/**
* Add a new {@link Link} item to the underlying collection.
* @param item the item to add
* @return {@code true}
*/
public boolean addLink(Link item) {
Link value = ObjectUtils.requireNonNull(item,"item cannot be null");
if (_links == null) {
_links = new LinkedList<>();
}
return _links.add(value);
}
/**
* Remove the first matching {@link Link} item from the underlying collection.
* @param item the item to remove
* @return {@code true} if the item was removed or {@code false} otherwise
*/
public boolean removeLink(Link item) {
Link value = ObjectUtils.requireNonNull(item,"item cannot be null");
return _links == null ? false : _links.remove(value);
}
public UUID getPartyUuid() {
return _partyUuid;
}
public void setPartyUuid(UUID value) {
_partyUuid = value;
}
public Date getDateAuthorized() {
return _dateAuthorized;
}
public void setDateAuthorized(Date value) {
_dateAuthorized = value;
}
public MarkupMultiline getRemarks() {
return _remarks;
}
public void setRemarks(MarkupMultiline value) {
_remarks = value;
}
@Override
public String toString() {
return new ReflectionToStringBuilder(this, MultilineRecursiveToStringStyle.MULTI_LINE_STYLE).toString();
}
}
}