001package gov.nist.secauto.oscal.lib.model; 002 003import gov.nist.secauto.metaschema.core.datatype.adapter.UuidAdapter; 004import gov.nist.secauto.metaschema.core.datatype.markup.MarkupLine; 005import gov.nist.secauto.metaschema.core.datatype.markup.MarkupLineAdapter; 006import gov.nist.secauto.metaschema.core.datatype.markup.MarkupMultiline; 007import gov.nist.secauto.metaschema.core.datatype.markup.MarkupMultilineAdapter; 008import gov.nist.secauto.metaschema.core.model.IBoundObject; 009import gov.nist.secauto.metaschema.core.model.IMetaschemaData; 010import gov.nist.secauto.metaschema.core.model.JsonGroupAsBehavior; 011import gov.nist.secauto.metaschema.core.model.constraint.IConstraint; 012import gov.nist.secauto.metaschema.core.util.ObjectUtils; 013import gov.nist.secauto.metaschema.databind.model.annotations.AssemblyConstraints; 014import gov.nist.secauto.metaschema.databind.model.annotations.BoundAssembly; 015import gov.nist.secauto.metaschema.databind.model.annotations.BoundField; 016import gov.nist.secauto.metaschema.databind.model.annotations.BoundFlag; 017import gov.nist.secauto.metaschema.databind.model.annotations.GroupAs; 018import gov.nist.secauto.metaschema.databind.model.annotations.IsUnique; 019import gov.nist.secauto.metaschema.databind.model.annotations.KeyField; 020import gov.nist.secauto.metaschema.databind.model.annotations.MetaschemaAssembly; 021import java.lang.Override; 022import java.lang.String; 023import java.util.LinkedList; 024import java.util.List; 025import java.util.UUID; 026import org.apache.commons.lang3.builder.ReflectionToStringBuilder; 027import org.apache.commons.lang3.builder.ToStringStyle; 028 029/** 030 * Identifies the assets used to perform this assessment, such as the assessment team, scanning tools, and assumptions. 031 */ 032@MetaschemaAssembly( 033 formalName = "Assessment Assets", 034 description = "Identifies the assets used to perform this assessment, such as the assessment team, scanning tools, and assumptions.", 035 name = "assessment-assets", 036 moduleClass = OscalAssessmentCommonModule.class, 037 modelConstraints = @AssemblyConstraints(unique = @IsUnique(id = "unique-ssp-assessment-assets-component", level = IConstraint.Level.ERROR, target = "component", keyFields = @KeyField(target = "@uuid"), remarks = "Since multiple assessment `component` entries can be provided, each component must have a unique `uuid`.")) 038) 039public class AssessmentAssets implements IBoundObject { 040 private final IMetaschemaData __metaschemaData; 041 042 @BoundAssembly( 043 formalName = "Component", 044 description = "A defined component that can be part of an implemented system.", 045 useName = "component", 046 remarks = "Used to add any components for tools used during the assessment. These are represented here to avoid mixing with system components.\n" 047 + "\n" 048 + "The technology tools used by the assessor to perform the assessment, such as vulnerability scanners. In the assessment plan these are the intended tools. In the assessment results, these are the actual tools used, including any differences from the assessment plan.", 049 maxOccurs = -1, 050 groupAs = @GroupAs(name = "components", inJson = JsonGroupAsBehavior.LIST) 051 ) 052 private List<SystemComponent> _components; 053 054 @BoundAssembly( 055 formalName = "Assessment Platform", 056 description = "Used to represent the toolset used to perform aspects of the assessment.", 057 useName = "assessment-platform", 058 minOccurs = 1, 059 maxOccurs = -1, 060 groupAs = @GroupAs(name = "assessment-platforms", inJson = JsonGroupAsBehavior.LIST) 061 ) 062 private List<AssessmentPlatform> _assessmentPlatforms; 063 064 public AssessmentAssets() { 065 this(null); 066 } 067 068 public AssessmentAssets(IMetaschemaData data) { 069 this.__metaschemaData = data; 070 } 071 072 @Override 073 public IMetaschemaData getMetaschemaData() { 074 return __metaschemaData; 075 } 076 077 public List<SystemComponent> getComponents() { 078 return _components; 079 } 080 081 public void setComponents(List<SystemComponent> value) { 082 _components = value; 083 } 084 085 /** 086 * Add a new {@link SystemComponent} item to the underlying collection. 087 * @param item the item to add 088 * @return {@code true} 089 */ 090 public boolean addComponent(SystemComponent item) { 091 SystemComponent value = ObjectUtils.requireNonNull(item,"item cannot be null"); 092 if (_components == null) { 093 _components = new LinkedList<>(); 094 } 095 return _components.add(value); 096 } 097 098 /** 099 * Remove the first matching {@link SystemComponent} item from the underlying collection. 100 * @param item the item to remove 101 * @return {@code true} if the item was removed or {@code false} otherwise 102 */ 103 public boolean removeComponent(SystemComponent item) { 104 SystemComponent value = ObjectUtils.requireNonNull(item,"item cannot be null"); 105 return _components != null && _components.remove(value); 106 } 107 108 public List<AssessmentPlatform> getAssessmentPlatforms() { 109 return _assessmentPlatforms; 110 } 111 112 public void setAssessmentPlatforms(List<AssessmentPlatform> value) { 113 _assessmentPlatforms = value; 114 } 115 116 /** 117 * Add a new {@link AssessmentPlatform} item to the underlying collection. 118 * @param item the item to add 119 * @return {@code true} 120 */ 121 public boolean addAssessmentPlatform(AssessmentPlatform item) { 122 AssessmentPlatform value = ObjectUtils.requireNonNull(item,"item cannot be null"); 123 if (_assessmentPlatforms == null) { 124 _assessmentPlatforms = new LinkedList<>(); 125 } 126 return _assessmentPlatforms.add(value); 127 } 128 129 /** 130 * Remove the first matching {@link AssessmentPlatform} item from the underlying collection. 131 * @param item the item to remove 132 * @return {@code true} if the item was removed or {@code false} otherwise 133 */ 134 public boolean removeAssessmentPlatform(AssessmentPlatform item) { 135 AssessmentPlatform value = ObjectUtils.requireNonNull(item,"item cannot be null"); 136 return _assessmentPlatforms != null && _assessmentPlatforms.remove(value); 137 } 138 139 @Override 140 public String toString() { 141 return new ReflectionToStringBuilder(this, ToStringStyle.MULTI_LINE_STYLE).toString(); 142 } 143 144 /** 145 * Used to represent the toolset used to perform aspects of the assessment. 146 */ 147 @MetaschemaAssembly( 148 formalName = "Assessment Platform", 149 description = "Used to represent the toolset used to perform aspects of the assessment.", 150 name = "assessment-platform", 151 moduleClass = OscalAssessmentCommonModule.class 152 ) 153 public static class AssessmentPlatform implements IBoundObject { 154 private final IMetaschemaData __metaschemaData; 155 156 /** 157 * "A <a href=\"https://pages.nist.gov/OSCAL/concepts/identifier-use/#machine-oriented\">machine-oriented</a>, <a href=\"https://pages.nist.gov/OSCAL/concepts/identifier-use/#globally-unique\">globally unique</a> identifier with <a href=\"https://pages.nist.gov/OSCAL/concepts/identifier-use/#cross-instance\">cross-instance</a> scope that can be used to reference this assessment platform elsewhere in this or other OSCAL instances. The locally defined <em>UUID</em> of the <code>assessment platform</code> can be used to reference the data item locally or globally (e.g., in an <a href=\"https://pages.nist.gov/OSCAL/concepts/identifier-use/#scope\">imported OSCAL instance</a>). This UUID should be assigned <a href=\"https://pages.nist.gov/OSCAL/concepts/identifier-use/#consistency\">per-subject</a>, which means it should be consistently used to identify the same subject across revisions of the document." 158 */ 159 @BoundFlag( 160 formalName = "Assessment Platform Universally Unique Identifier", 161 description = "A [machine-oriented](https://pages.nist.gov/OSCAL/concepts/identifier-use/#machine-oriented), [globally unique](https://pages.nist.gov/OSCAL/concepts/identifier-use/#globally-unique) identifier with [cross-instance](https://pages.nist.gov/OSCAL/concepts/identifier-use/#cross-instance) scope that can be used to reference this assessment platform elsewhere in this or other OSCAL instances. The locally defined *UUID* of the `assessment platform` can be used to reference the data item locally or globally (e.g., in an [imported OSCAL instance](https://pages.nist.gov/OSCAL/concepts/identifier-use/#scope)). This UUID should be assigned [per-subject](https://pages.nist.gov/OSCAL/concepts/identifier-use/#consistency), which means it should be consistently used to identify the same subject across revisions of the document.", 162 name = "uuid", 163 required = true, 164 typeAdapter = UuidAdapter.class 165 ) 166 private UUID _uuid; 167 168 @BoundField( 169 formalName = "Assessment Platform Title", 170 description = "The title or name for the assessment platform.", 171 useName = "title", 172 typeAdapter = MarkupLineAdapter.class 173 ) 174 private MarkupLine _title; 175 176 @BoundAssembly( 177 formalName = "Property", 178 description = "An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair.", 179 useName = "prop", 180 maxOccurs = -1, 181 groupAs = @GroupAs(name = "props", inJson = JsonGroupAsBehavior.LIST) 182 ) 183 private List<Property> _props; 184 185 @BoundAssembly( 186 formalName = "Link", 187 description = "A reference to a local or remote resource, that has a specific relation to the containing object.", 188 useName = "link", 189 maxOccurs = -1, 190 groupAs = @GroupAs(name = "links", inJson = JsonGroupAsBehavior.LIST) 191 ) 192 private List<Link> _links; 193 194 @BoundAssembly( 195 formalName = "Uses Component", 196 description = "The set of components that are used by the assessment platform.", 197 useName = "uses-component", 198 maxOccurs = -1, 199 groupAs = @GroupAs(name = "uses-components", inJson = JsonGroupAsBehavior.LIST) 200 ) 201 private List<UsesComponent> _usesComponents; 202 203 @BoundField( 204 formalName = "Remarks", 205 description = "Additional commentary about the containing object.", 206 useName = "remarks", 207 typeAdapter = MarkupMultilineAdapter.class 208 ) 209 private MarkupMultiline _remarks; 210 211 public AssessmentPlatform() { 212 this(null); 213 } 214 215 public AssessmentPlatform(IMetaschemaData data) { 216 this.__metaschemaData = data; 217 } 218 219 @Override 220 public IMetaschemaData getMetaschemaData() { 221 return __metaschemaData; 222 } 223 224 public UUID getUuid() { 225 return _uuid; 226 } 227 228 public void setUuid(UUID value) { 229 _uuid = value; 230 } 231 232 public MarkupLine getTitle() { 233 return _title; 234 } 235 236 public void setTitle(MarkupLine value) { 237 _title = value; 238 } 239 240 public List<Property> getProps() { 241 return _props; 242 } 243 244 public void setProps(List<Property> value) { 245 _props = value; 246 } 247 248 /** 249 * Add a new {@link Property} item to the underlying collection. 250 * @param item the item to add 251 * @return {@code true} 252 */ 253 public boolean addProp(Property item) { 254 Property value = ObjectUtils.requireNonNull(item,"item cannot be null"); 255 if (_props == null) { 256 _props = new LinkedList<>(); 257 } 258 return _props.add(value); 259 } 260 261 /** 262 * Remove the first matching {@link Property} item from the underlying collection. 263 * @param item the item to remove 264 * @return {@code true} if the item was removed or {@code false} otherwise 265 */ 266 public boolean removeProp(Property item) { 267 Property value = ObjectUtils.requireNonNull(item,"item cannot be null"); 268 return _props != null && _props.remove(value); 269 } 270 271 public List<Link> getLinks() { 272 return _links; 273 } 274 275 public void setLinks(List<Link> value) { 276 _links = value; 277 } 278 279 /** 280 * Add a new {@link Link} item to the underlying collection. 281 * @param item the item to add 282 * @return {@code true} 283 */ 284 public boolean addLink(Link item) { 285 Link value = ObjectUtils.requireNonNull(item,"item cannot be null"); 286 if (_links == null) { 287 _links = new LinkedList<>(); 288 } 289 return _links.add(value); 290 } 291 292 /** 293 * Remove the first matching {@link Link} item from the underlying collection. 294 * @param item the item to remove 295 * @return {@code true} if the item was removed or {@code false} otherwise 296 */ 297 public boolean removeLink(Link item) { 298 Link value = ObjectUtils.requireNonNull(item,"item cannot be null"); 299 return _links != null && _links.remove(value); 300 } 301 302 public List<UsesComponent> getUsesComponents() { 303 return _usesComponents; 304 } 305 306 public void setUsesComponents(List<UsesComponent> value) { 307 _usesComponents = value; 308 } 309 310 /** 311 * Add a new {@link UsesComponent} item to the underlying collection. 312 * @param item the item to add 313 * @return {@code true} 314 */ 315 public boolean addUsesComponent(UsesComponent item) { 316 UsesComponent value = ObjectUtils.requireNonNull(item,"item cannot be null"); 317 if (_usesComponents == null) { 318 _usesComponents = new LinkedList<>(); 319 } 320 return _usesComponents.add(value); 321 } 322 323 /** 324 * Remove the first matching {@link UsesComponent} item from the underlying collection. 325 * @param item the item to remove 326 * @return {@code true} if the item was removed or {@code false} otherwise 327 */ 328 public boolean removeUsesComponent(UsesComponent item) { 329 UsesComponent value = ObjectUtils.requireNonNull(item,"item cannot be null"); 330 return _usesComponents != null && _usesComponents.remove(value); 331 } 332 333 public MarkupMultiline getRemarks() { 334 return _remarks; 335 } 336 337 public void setRemarks(MarkupMultiline value) { 338 _remarks = value; 339 } 340 341 @Override 342 public String toString() { 343 return new ReflectionToStringBuilder(this, ToStringStyle.MULTI_LINE_STYLE).toString(); 344 } 345 346 /** 347 * The set of components that are used by the assessment platform. 348 */ 349 @MetaschemaAssembly( 350 formalName = "Uses Component", 351 description = "The set of components that are used by the assessment platform.", 352 name = "uses-component", 353 moduleClass = OscalAssessmentCommonModule.class, 354 modelConstraints = @AssemblyConstraints(unique = @IsUnique(id = "unique-ssp-uses-component-responsible-party", level = IConstraint.Level.ERROR, target = "responsible-party", keyFields = @KeyField(target = "@role-id"), remarks = "Since `responsible-party` associates multiple `party-uuid` entries with a single `role-id`, each role-id must be referenced only once.")) 355 ) 356 public static class UsesComponent implements IBoundObject { 357 private final IMetaschemaData __metaschemaData; 358 359 /** 360 * "A <a href=\"https://pages.nist.gov/OSCAL/concepts/identifier-use/#machine-oriented\">machine-oriented</a> identifier reference to a component that is implemented as part of an inventory item." 361 */ 362 @BoundFlag( 363 formalName = "Component Universally Unique Identifier Reference", 364 description = "A [machine-oriented](https://pages.nist.gov/OSCAL/concepts/identifier-use/#machine-oriented) identifier reference to a component that is implemented as part of an inventory item.", 365 name = "component-uuid", 366 required = true, 367 typeAdapter = UuidAdapter.class 368 ) 369 private UUID _componentUuid; 370 371 @BoundAssembly( 372 formalName = "Property", 373 description = "An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair.", 374 useName = "prop", 375 maxOccurs = -1, 376 groupAs = @GroupAs(name = "props", inJson = JsonGroupAsBehavior.LIST) 377 ) 378 private List<Property> _props; 379 380 @BoundAssembly( 381 formalName = "Link", 382 description = "A reference to a local or remote resource, that has a specific relation to the containing object.", 383 useName = "link", 384 maxOccurs = -1, 385 groupAs = @GroupAs(name = "links", inJson = JsonGroupAsBehavior.LIST) 386 ) 387 private List<Link> _links; 388 389 @BoundAssembly( 390 formalName = "Responsible Party", 391 description = "A reference to a set of persons and/or organizations that have responsibility for performing the referenced role in the context of the containing object.", 392 useName = "responsible-party", 393 maxOccurs = -1, 394 groupAs = @GroupAs(name = "responsible-parties", inJson = JsonGroupAsBehavior.LIST) 395 ) 396 private List<ResponsibleParty> _responsibleParties; 397 398 @BoundField( 399 formalName = "Remarks", 400 description = "Additional commentary about the containing object.", 401 useName = "remarks", 402 typeAdapter = MarkupMultilineAdapter.class 403 ) 404 private MarkupMultiline _remarks; 405 406 public UsesComponent() { 407 this(null); 408 } 409 410 public UsesComponent(IMetaschemaData data) { 411 this.__metaschemaData = data; 412 } 413 414 @Override 415 public IMetaschemaData getMetaschemaData() { 416 return __metaschemaData; 417 } 418 419 public UUID getComponentUuid() { 420 return _componentUuid; 421 } 422 423 public void setComponentUuid(UUID value) { 424 _componentUuid = value; 425 } 426 427 public List<Property> getProps() { 428 return _props; 429 } 430 431 public void setProps(List<Property> value) { 432 _props = value; 433 } 434 435 /** 436 * Add a new {@link Property} item to the underlying collection. 437 * @param item the item to add 438 * @return {@code true} 439 */ 440 public boolean addProp(Property item) { 441 Property value = ObjectUtils.requireNonNull(item,"item cannot be null"); 442 if (_props == null) { 443 _props = new LinkedList<>(); 444 } 445 return _props.add(value); 446 } 447 448 /** 449 * Remove the first matching {@link Property} item from the underlying collection. 450 * @param item the item to remove 451 * @return {@code true} if the item was removed or {@code false} otherwise 452 */ 453 public boolean removeProp(Property item) { 454 Property value = ObjectUtils.requireNonNull(item,"item cannot be null"); 455 return _props != null && _props.remove(value); 456 } 457 458 public List<Link> getLinks() { 459 return _links; 460 } 461 462 public void setLinks(List<Link> value) { 463 _links = value; 464 } 465 466 /** 467 * Add a new {@link Link} item to the underlying collection. 468 * @param item the item to add 469 * @return {@code true} 470 */ 471 public boolean addLink(Link item) { 472 Link value = ObjectUtils.requireNonNull(item,"item cannot be null"); 473 if (_links == null) { 474 _links = new LinkedList<>(); 475 } 476 return _links.add(value); 477 } 478 479 /** 480 * Remove the first matching {@link Link} item from the underlying collection. 481 * @param item the item to remove 482 * @return {@code true} if the item was removed or {@code false} otherwise 483 */ 484 public boolean removeLink(Link item) { 485 Link value = ObjectUtils.requireNonNull(item,"item cannot be null"); 486 return _links != null && _links.remove(value); 487 } 488 489 public List<ResponsibleParty> getResponsibleParties() { 490 return _responsibleParties; 491 } 492 493 public void setResponsibleParties(List<ResponsibleParty> value) { 494 _responsibleParties = value; 495 } 496 497 /** 498 * Add a new {@link ResponsibleParty} item to the underlying collection. 499 * @param item the item to add 500 * @return {@code true} 501 */ 502 public boolean addResponsibleParty(ResponsibleParty item) { 503 ResponsibleParty value = ObjectUtils.requireNonNull(item,"item cannot be null"); 504 if (_responsibleParties == null) { 505 _responsibleParties = new LinkedList<>(); 506 } 507 return _responsibleParties.add(value); 508 } 509 510 /** 511 * Remove the first matching {@link ResponsibleParty} item from the underlying collection. 512 * @param item the item to remove 513 * @return {@code true} if the item was removed or {@code false} otherwise 514 */ 515 public boolean removeResponsibleParty(ResponsibleParty item) { 516 ResponsibleParty value = ObjectUtils.requireNonNull(item,"item cannot be null"); 517 return _responsibleParties != null && _responsibleParties.remove(value); 518 } 519 520 public MarkupMultiline getRemarks() { 521 return _remarks; 522 } 523 524 public void setRemarks(MarkupMultiline value) { 525 _remarks = value; 526 } 527 528 @Override 529 public String toString() { 530 return new ReflectionToStringBuilder(this, ToStringStyle.MULTI_LINE_STYLE).toString(); 531 } 532 } 533 } 534}