View Javadoc
1   package gov.nist.secauto.oscal.lib.model;
2   
3   import gov.nist.secauto.metaschema.binding.model.annotations.AllowedValue;
4   import gov.nist.secauto.metaschema.binding.model.annotations.AllowedValues;
5   import gov.nist.secauto.metaschema.binding.model.annotations.BoundAssembly;
6   import gov.nist.secauto.metaschema.binding.model.annotations.BoundField;
7   import gov.nist.secauto.metaschema.binding.model.annotations.BoundFieldValue;
8   import gov.nist.secauto.metaschema.binding.model.annotations.BoundFlag;
9   import gov.nist.secauto.metaschema.binding.model.annotations.GroupAs;
10  import gov.nist.secauto.metaschema.binding.model.annotations.IndexHasKey;
11  import gov.nist.secauto.metaschema.binding.model.annotations.KeyField;
12  import gov.nist.secauto.metaschema.binding.model.annotations.MetaschemaAssembly;
13  import gov.nist.secauto.metaschema.binding.model.annotations.ValueConstraints;
14  import gov.nist.secauto.metaschema.model.common.JsonGroupAsBehavior;
15  import gov.nist.secauto.metaschema.model.common.constraint.IConstraint;
16  import gov.nist.secauto.metaschema.model.common.datatype.adapter.TokenAdapter;
17  import gov.nist.secauto.metaschema.model.common.datatype.adapter.UuidAdapter;
18  import gov.nist.secauto.metaschema.model.common.datatype.markup.MarkupLine;
19  import gov.nist.secauto.metaschema.model.common.datatype.markup.MarkupLineAdapter;
20  import gov.nist.secauto.metaschema.model.common.datatype.markup.MarkupMultiline;
21  import gov.nist.secauto.metaschema.model.common.datatype.markup.MarkupMultilineAdapter;
22  import gov.nist.secauto.metaschema.model.common.util.ObjectUtils;
23  import java.lang.Override;
24  import java.lang.String;
25  import java.util.LinkedList;
26  import java.util.List;
27  import java.util.UUID;
28  import org.apache.commons.lang3.builder.MultilineRecursiveToStringStyle;
29  import org.apache.commons.lang3.builder.ReflectionToStringBuilder;
30  
31  /**
32   * A type of user that interacts with the system based on an associated role.
33   */
34  @MetaschemaAssembly(
35      formalName = "System User",
36      description = "A type of user that interacts with the system based on an associated role.",
37      name = "system-user",
38      metaschema = OscalImplementationCommonMetaschema.class,
39      remarks = "Permissible values to be determined closer to the application, such as by a receiving authority."
40  )
41  @ValueConstraints(
42      allowedValues = {
43          @AllowedValues(level = IConstraint.Level.ERROR, target = "prop[has-oscal-namespace('http://csrc.nist.gov/ns/oscal')]/@name", values = {@AllowedValue(value = "type", description = "The type of user, such as internal, external, or general-public."), @AllowedValue(value = "privilege-level", description = "The user's privilege level within the system, such as privileged, non-privileged, no-logical-access.")}),
44          @AllowedValues(level = IConstraint.Level.ERROR, target = "prop[has-oscal-namespace('http://csrc.nist.gov/ns/oscal') and @name='type']/@value", values = {@AllowedValue(value = "internal", description = "A user account for a person or entity that is part of the organization who owns or operates the system."), @AllowedValue(value = "external", description = "A user account for a person or entity that is not part of the organization who owns or operates the system."), @AllowedValue(value = "general-public", description = "A user of the system considered to be outside")}),
45          @AllowedValues(level = IConstraint.Level.ERROR, target = "prop[has-oscal-namespace('http://csrc.nist.gov/ns/oscal') and @name='privilege-level']/@value", values = {@AllowedValue(value = "privileged", description = "This role has elevated access to the system, such as a group or system administrator."), @AllowedValue(value = "non-privileged", description = "This role has typical user-level access to the system without elevated access."), @AllowedValue(value = "no-logical-access", description = "This role has no access to the system, such as a manager who approves access as part of a process.")}),
46          @AllowedValues(level = IConstraint.Level.ERROR, target = "role-id", allowOthers = true, values = {@AllowedValue(value = "asset-owner", description = "Accountable for ensuring the asset is managed in accordance with organizational policies and procedures."), @AllowedValue(value = "asset-administrator", description = "Responsible for administering a set of assets."), @AllowedValue(value = "security-operations", description = "Members of the security operations center (SOC)."), @AllowedValue(value = "network-operations", description = "Members of the network operations center (NOC)."), @AllowedValue(value = "incident-response", description = "Responsible for responding to an event that could lead to loss of, or disruption to, an organization's operations, services or functions."), @AllowedValue(value = "help-desk", description = "Responsible for providing information and support to users."), @AllowedValue(value = "configuration-management", description = "Responsible for the configuration management processes governing changes to the asset.")})
47      }
48  )
49  public class SystemUser {
50    @BoundFlag(
51        formalName = "User Universally Unique Identifier",
52        description = "A [machine-oriented](https://pages.nist.gov/OSCAL/concepts/identifier-use/#machine-oriented), [globally unique](https://pages.nist.gov/OSCAL/concepts/identifier-use/#globally-unique) identifier with [cross-instance](https://pages.nist.gov/OSCAL/concepts/identifier-use/#cross-instance) scope that can be used to reference this user class elsewhere in [this or other OSCAL instances](https://pages.nist.gov/OSCAL/concepts/identifier-use/#scope). The locally defined *UUID* of the `system user` can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned [per-subject](https://pages.nist.gov/OSCAL/concepts/identifier-use/#consistency), which means it should be consistently used to identify the same subject across revisions of the document.",
53        useName = "uuid",
54        required = true,
55        typeAdapter = UuidAdapter.class
56    )
57    private UUID _uuid;
58  
59    /**
60     * "A name given to the user, which may be used by a tool for display and navigation."
61     */
62    @BoundField(
63        formalName = "User Title",
64        description = "A name given to the user, which may be used by a tool for display and navigation.",
65        useName = "title"
66    )
67    @BoundFieldValue(
68        typeAdapter = MarkupLineAdapter.class
69    )
70    private MarkupLine _title;
71  
72    /**
73     * "A short common name, abbreviation, or acronym for the user."
74     */
75    @BoundField(
76        formalName = "User Short Name",
77        description = "A short common name, abbreviation, or acronym for the user.",
78        useName = "short-name"
79    )
80    private String _shortName;
81  
82    /**
83     * "A summary of the user's purpose within the system."
84     */
85    @BoundField(
86        formalName = "User Description",
87        description = "A summary of the user's purpose within the system.",
88        useName = "description"
89    )
90    @BoundFieldValue(
91        typeAdapter = MarkupMultilineAdapter.class
92    )
93    private MarkupMultiline _description;
94  
95    @BoundAssembly(
96        formalName = "Property",
97        description = "An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair.",
98        useName = "prop",
99        maxOccurs = -1
100   )
101   @GroupAs(
102       name = "props",
103       inJson = JsonGroupAsBehavior.LIST
104   )
105   private List<Property> _props;
106 
107   @BoundAssembly(
108       formalName = "Link",
109       description = "A reference to a local or remote resource, that has a specific relation to the containing object.",
110       useName = "link",
111       maxOccurs = -1
112   )
113   @GroupAs(
114       name = "links",
115       inJson = JsonGroupAsBehavior.LIST
116   )
117   private List<Link> _links;
118 
119   @BoundField(
120       formalName = "Role Identifier Reference",
121       description = "Reference to a role by UUID.",
122       useName = "role-id",
123       maxOccurs = -1
124   )
125   @BoundFieldValue(
126       typeAdapter = TokenAdapter.class
127   )
128   @ValueConstraints(
129       indexHasKey = @IndexHasKey(level = IConstraint.Level.ERROR, indexName = "index-metadata-role-id", keyFields = @KeyField)
130   )
131   @GroupAs(
132       name = "role-ids",
133       inJson = JsonGroupAsBehavior.LIST
134   )
135   private List<String> _roleIds;
136 
137   @BoundAssembly(
138       formalName = "Privilege",
139       description = "Identifies a specific system privilege held by the user, along with an associated description and/or rationale for the privilege.",
140       useName = "authorized-privilege",
141       maxOccurs = -1
142   )
143   @GroupAs(
144       name = "authorized-privileges",
145       inJson = JsonGroupAsBehavior.LIST
146   )
147   private List<AuthorizedPrivilege> _authorizedPrivileges;
148 
149   @BoundField(
150       formalName = "Remarks",
151       description = "Additional commentary about the containing object.",
152       useName = "remarks"
153   )
154   @BoundFieldValue(
155       typeAdapter = MarkupMultilineAdapter.class
156   )
157   private MarkupMultiline _remarks;
158 
159   public SystemUser() {
160   }
161 
162   public UUID getUuid() {
163     return _uuid;
164   }
165 
166   public void setUuid(UUID value) {
167     _uuid = value;
168   }
169 
170   public MarkupLine getTitle() {
171     return _title;
172   }
173 
174   public void setTitle(MarkupLine value) {
175     _title = value;
176   }
177 
178   public String getShortName() {
179     return _shortName;
180   }
181 
182   public void setShortName(String value) {
183     _shortName = value;
184   }
185 
186   public MarkupMultiline getDescription() {
187     return _description;
188   }
189 
190   public void setDescription(MarkupMultiline value) {
191     _description = value;
192   }
193 
194   public List<Property> getProps() {
195     return _props;
196   }
197 
198   public void setProps(List<Property> value) {
199     _props = value;
200   }
201 
202   /**
203    * Add a new {@link Property} item to the underlying collection.
204    * @param item the item to add
205    * @return {@code true}
206    */
207   public boolean addProp(Property item) {
208     Property value = ObjectUtils.requireNonNull(item,"item cannot be null");
209     if (_props == null) {
210       _props = new LinkedList<>();
211     }
212     return _props.add(value);
213   }
214 
215   /**
216    * Remove the first matching {@link Property} item from the underlying collection.
217    * @param item the item to remove
218    * @return {@code true} if the item was removed or {@code false} otherwise
219    */
220   public boolean removeProp(Property item) {
221     Property value = ObjectUtils.requireNonNull(item,"item cannot be null");
222     return _props == null ? false : _props.remove(value);
223   }
224 
225   public List<Link> getLinks() {
226     return _links;
227   }
228 
229   public void setLinks(List<Link> value) {
230     _links = value;
231   }
232 
233   /**
234    * Add a new {@link Link} item to the underlying collection.
235    * @param item the item to add
236    * @return {@code true}
237    */
238   public boolean addLink(Link item) {
239     Link value = ObjectUtils.requireNonNull(item,"item cannot be null");
240     if (_links == null) {
241       _links = new LinkedList<>();
242     }
243     return _links.add(value);
244   }
245 
246   /**
247    * Remove the first matching {@link Link} item from the underlying collection.
248    * @param item the item to remove
249    * @return {@code true} if the item was removed or {@code false} otherwise
250    */
251   public boolean removeLink(Link item) {
252     Link value = ObjectUtils.requireNonNull(item,"item cannot be null");
253     return _links == null ? false : _links.remove(value);
254   }
255 
256   public List<String> getRoleIds() {
257     return _roleIds;
258   }
259 
260   public void setRoleIds(List<String> value) {
261     _roleIds = value;
262   }
263 
264   /**
265    * Add a new {@link String} item to the underlying collection.
266    * @param item the item to add
267    * @return {@code true}
268    */
269   public boolean addRoleId(String item) {
270     String value = ObjectUtils.requireNonNull(item,"item cannot be null");
271     if (_roleIds == null) {
272       _roleIds = new LinkedList<>();
273     }
274     return _roleIds.add(value);
275   }
276 
277   /**
278    * Remove the first matching {@link String} item from the underlying collection.
279    * @param item the item to remove
280    * @return {@code true} if the item was removed or {@code false} otherwise
281    */
282   public boolean removeRoleId(String item) {
283     String value = ObjectUtils.requireNonNull(item,"item cannot be null");
284     return _roleIds == null ? false : _roleIds.remove(value);
285   }
286 
287   public List<AuthorizedPrivilege> getAuthorizedPrivileges() {
288     return _authorizedPrivileges;
289   }
290 
291   public void setAuthorizedPrivileges(List<AuthorizedPrivilege> value) {
292     _authorizedPrivileges = value;
293   }
294 
295   /**
296    * Add a new {@link AuthorizedPrivilege} item to the underlying collection.
297    * @param item the item to add
298    * @return {@code true}
299    */
300   public boolean addAuthorizedPrivilege(AuthorizedPrivilege item) {
301     AuthorizedPrivilege value = ObjectUtils.requireNonNull(item,"item cannot be null");
302     if (_authorizedPrivileges == null) {
303       _authorizedPrivileges = new LinkedList<>();
304     }
305     return _authorizedPrivileges.add(value);
306   }
307 
308   /**
309    * Remove the first matching {@link AuthorizedPrivilege} item from the underlying collection.
310    * @param item the item to remove
311    * @return {@code true} if the item was removed or {@code false} otherwise
312    */
313   public boolean removeAuthorizedPrivilege(AuthorizedPrivilege item) {
314     AuthorizedPrivilege value = ObjectUtils.requireNonNull(item,"item cannot be null");
315     return _authorizedPrivileges == null ? false : _authorizedPrivileges.remove(value);
316   }
317 
318   public MarkupMultiline getRemarks() {
319     return _remarks;
320   }
321 
322   public void setRemarks(MarkupMultiline value) {
323     _remarks = value;
324   }
325 
326   @Override
327   public String toString() {
328     return new ReflectionToStringBuilder(this, MultilineRecursiveToStringStyle.MULTI_LINE_STYLE).toString();
329   }
330 }