View Javadoc
1   package gov.nist.secauto.oscal.lib.model;
2   
3   import gov.nist.secauto.metaschema.binding.model.annotations.BoundAssembly;
4   import gov.nist.secauto.metaschema.binding.model.annotations.BoundField;
5   import gov.nist.secauto.metaschema.binding.model.annotations.BoundFlag;
6   import gov.nist.secauto.metaschema.binding.model.annotations.GroupAs;
7   import gov.nist.secauto.metaschema.binding.model.annotations.MetaschemaAssembly;
8   import gov.nist.secauto.metaschema.model.common.JsonGroupAsBehavior;
9   import gov.nist.secauto.metaschema.model.common.datatype.adapter.UuidAdapter;
10  import gov.nist.secauto.metaschema.model.common.util.ObjectUtils;
11  import java.lang.Override;
12  import java.lang.String;
13  import java.util.LinkedList;
14  import java.util.List;
15  import java.util.UUID;
16  import org.apache.commons.lang3.builder.MultilineRecursiveToStringStyle;
17  import org.apache.commons.lang3.builder.ReflectionToStringBuilder;
18  
19  /**
20   * A plan of action and milestones which identifies initial and residual risks, deviations, and disposition, such as those required by FedRAMP.
21   */
22  @MetaschemaAssembly(
23      formalName = "Plan of Action and Milestones (POA&M)",
24      description = "A plan of action and milestones which identifies initial and residual risks, deviations, and disposition, such as those required by FedRAMP.",
25      name = "plan-of-action-and-milestones",
26      metaschema = OscalPoamMetaschema.class,
27      rootName = "plan-of-action-and-milestones",
28      remarks = "Either an OSCAL-based SSP must be imported, or a unique system-id must be specified. Both may be present."
29  )
30  public class PlanOfActionAndMilestones extends AbstractOscalInstance {
31    @BoundFlag(
32        formalName = "POA&M Universally Unique Identifier",
33        description = "A [machine-oriented](https://pages.nist.gov/OSCAL/concepts/identifier-use/#machine-oriented), [globally unique](https://pages.nist.gov/OSCAL/concepts/identifier-use/#globally-unique) identifier with [instance](https://pages.nist.gov/OSCAL/concepts/identifier-use/#instance)scope that can be used to reference this POA\\&M instance in [this OSCAL instance](https://pages.nist.gov/OSCAL/concepts/identifier-use/#poam-identifiers). This UUID should be assigned [per-subject](https://pages.nist.gov/OSCAL/concepts/identifier-use/#consistency), which means it should be consistently used to identify the same subject across revisions of the document.",
34        useName = "uuid",
35        required = true,
36        typeAdapter = UuidAdapter.class
37    )
38    private UUID _uuid;
39  
40    @BoundAssembly(
41        formalName = "Document Metadata",
42        description = "Provides information about the containing document, and defines concepts that are shared across the document.",
43        useName = "metadata",
44        minOccurs = 1
45    )
46    private Metadata _metadata;
47  
48    @BoundAssembly(
49        formalName = "Import System Security Plan",
50        description = "Used by the assessment plan and POA\\&M to import information about the system.",
51        useName = "import-ssp",
52        remarks = "Used by the POA\\&M to import information about the system."
53    )
54    private ImportSsp _importSsp;
55  
56    @BoundField(
57        formalName = "System Identification",
58        description = "A [human-oriented](https://pages.nist.gov/OSCAL/concepts/identifier-use/#human-oriented), [globally unique](https://pages.nist.gov/OSCAL/concepts/identifier-use/#globally-unique) identifier with [cross-instance](https://pages.nist.gov/OSCAL/concepts/identifier-use/#cross-instance) scope that can be used to reference this system identification property elsewhere in [this or other OSCAL instances](https://pages.nist.gov/OSCAL/concepts/identifier-use/#scope). When referencing an externally defined `system identification`, the `system identification` must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). This string should be assigned [per-subject](https://pages.nist.gov/OSCAL/concepts/identifier-use/#consistency), which means it should be consistently used to identify the same system across revisions of the document.",
59        useName = "system-id"
60    )
61    private SystemId _systemId;
62  
63    @BoundAssembly(
64        formalName = "Local Definitions",
65        description = "Allows components, and inventory-items to be defined within the POA\\&M for circumstances where no OSCAL-based SSP exists, or is not delivered with the POA\\&M.",
66        useName = "local-definitions"
67    )
68    private LocalDefinitions _localDefinitions;
69  
70    @BoundAssembly(
71        formalName = "Observation",
72        description = "Describes an individual observation.",
73        useName = "observation",
74        maxOccurs = -1
75    )
76    @GroupAs(
77        name = "observations",
78        inJson = JsonGroupAsBehavior.LIST
79    )
80    private List<Observation> _observations;
81  
82    @BoundAssembly(
83        formalName = "Identified Risk",
84        description = "An identified risk.",
85        useName = "risk",
86        maxOccurs = -1
87    )
88    @GroupAs(
89        name = "risks",
90        inJson = JsonGroupAsBehavior.LIST
91    )
92    private List<Risk> _risks;
93  
94    @BoundAssembly(
95        formalName = "Finding",
96        description = "Describes an individual finding.",
97        useName = "finding",
98        maxOccurs = -1
99    )
100   @GroupAs(
101       name = "findings",
102       inJson = JsonGroupAsBehavior.LIST
103   )
104   private List<Finding> _findings;
105 
106   @BoundAssembly(
107       formalName = "POA&M Item",
108       description = "Describes an individual POA\\&M item.",
109       useName = "poam-item",
110       minOccurs = 1,
111       maxOccurs = -1
112   )
113   @GroupAs(
114       name = "poam-items",
115       inJson = JsonGroupAsBehavior.LIST
116   )
117   private List<PoamItem> _poamItems;
118 
119   @BoundAssembly(
120       formalName = "Back matter",
121       description = "A collection of resources that may be referenced from within the OSCAL document instance.",
122       useName = "back-matter"
123   )
124   private BackMatter _backMatter;
125 
126   public PlanOfActionAndMilestones() {
127   }
128 
129   public UUID getUuid() {
130     return _uuid;
131   }
132 
133   public void setUuid(UUID value) {
134     _uuid = value;
135   }
136 
137   public Metadata getMetadata() {
138     return _metadata;
139   }
140 
141   public void setMetadata(Metadata value) {
142     _metadata = value;
143   }
144 
145   public ImportSsp getImportSsp() {
146     return _importSsp;
147   }
148 
149   public void setImportSsp(ImportSsp value) {
150     _importSsp = value;
151   }
152 
153   public SystemId getSystemId() {
154     return _systemId;
155   }
156 
157   public void setSystemId(SystemId value) {
158     _systemId = value;
159   }
160 
161   public LocalDefinitions getLocalDefinitions() {
162     return _localDefinitions;
163   }
164 
165   public void setLocalDefinitions(LocalDefinitions value) {
166     _localDefinitions = value;
167   }
168 
169   public List<Observation> getObservations() {
170     return _observations;
171   }
172 
173   public void setObservations(List<Observation> value) {
174     _observations = value;
175   }
176 
177   /**
178    * Add a new {@link Observation} item to the underlying collection.
179    * @param item the item to add
180    * @return {@code true}
181    */
182   public boolean addObservation(Observation item) {
183     Observation value = ObjectUtils.requireNonNull(item,"item cannot be null");
184     if (_observations == null) {
185       _observations = new LinkedList<>();
186     }
187     return _observations.add(value);
188   }
189 
190   /**
191    * Remove the first matching {@link Observation} item from the underlying collection.
192    * @param item the item to remove
193    * @return {@code true} if the item was removed or {@code false} otherwise
194    */
195   public boolean removeObservation(Observation item) {
196     Observation value = ObjectUtils.requireNonNull(item,"item cannot be null");
197     return _observations == null ? false : _observations.remove(value);
198   }
199 
200   public List<Risk> getRisks() {
201     return _risks;
202   }
203 
204   public void setRisks(List<Risk> value) {
205     _risks = value;
206   }
207 
208   /**
209    * Add a new {@link Risk} item to the underlying collection.
210    * @param item the item to add
211    * @return {@code true}
212    */
213   public boolean addRisk(Risk item) {
214     Risk value = ObjectUtils.requireNonNull(item,"item cannot be null");
215     if (_risks == null) {
216       _risks = new LinkedList<>();
217     }
218     return _risks.add(value);
219   }
220 
221   /**
222    * Remove the first matching {@link Risk} item from the underlying collection.
223    * @param item the item to remove
224    * @return {@code true} if the item was removed or {@code false} otherwise
225    */
226   public boolean removeRisk(Risk item) {
227     Risk value = ObjectUtils.requireNonNull(item,"item cannot be null");
228     return _risks == null ? false : _risks.remove(value);
229   }
230 
231   public List<Finding> getFindings() {
232     return _findings;
233   }
234 
235   public void setFindings(List<Finding> value) {
236     _findings = value;
237   }
238 
239   /**
240    * Add a new {@link Finding} item to the underlying collection.
241    * @param item the item to add
242    * @return {@code true}
243    */
244   public boolean addFinding(Finding item) {
245     Finding value = ObjectUtils.requireNonNull(item,"item cannot be null");
246     if (_findings == null) {
247       _findings = new LinkedList<>();
248     }
249     return _findings.add(value);
250   }
251 
252   /**
253    * Remove the first matching {@link Finding} item from the underlying collection.
254    * @param item the item to remove
255    * @return {@code true} if the item was removed or {@code false} otherwise
256    */
257   public boolean removeFinding(Finding item) {
258     Finding value = ObjectUtils.requireNonNull(item,"item cannot be null");
259     return _findings == null ? false : _findings.remove(value);
260   }
261 
262   public List<PoamItem> getPoamItems() {
263     return _poamItems;
264   }
265 
266   public void setPoamItems(List<PoamItem> value) {
267     _poamItems = value;
268   }
269 
270   /**
271    * Add a new {@link PoamItem} item to the underlying collection.
272    * @param item the item to add
273    * @return {@code true}
274    */
275   public boolean addPoamItem(PoamItem item) {
276     PoamItem value = ObjectUtils.requireNonNull(item,"item cannot be null");
277     if (_poamItems == null) {
278       _poamItems = new LinkedList<>();
279     }
280     return _poamItems.add(value);
281   }
282 
283   /**
284    * Remove the first matching {@link PoamItem} item from the underlying collection.
285    * @param item the item to remove
286    * @return {@code true} if the item was removed or {@code false} otherwise
287    */
288   public boolean removePoamItem(PoamItem item) {
289     PoamItem value = ObjectUtils.requireNonNull(item,"item cannot be null");
290     return _poamItems == null ? false : _poamItems.remove(value);
291   }
292 
293   public BackMatter getBackMatter() {
294     return _backMatter;
295   }
296 
297   public void setBackMatter(BackMatter value) {
298     _backMatter = value;
299   }
300 
301   @Override
302   public String toString() {
303     return new ReflectionToStringBuilder(this, MultilineRecursiveToStringStyle.MULTI_LINE_STYLE).toString();
304   }
305 }