001package gov.nist.secauto.oscal.lib.model;
002
003import gov.nist.secauto.metaschema.core.datatype.adapter.UuidAdapter;
004import gov.nist.secauto.metaschema.core.datatype.markup.MarkupMultiline;
005import gov.nist.secauto.metaschema.core.datatype.markup.MarkupMultilineAdapter;
006import gov.nist.secauto.metaschema.core.model.IBoundObject;
007import gov.nist.secauto.metaschema.core.model.IMetaschemaData;
008import gov.nist.secauto.metaschema.core.model.JsonGroupAsBehavior;
009import gov.nist.secauto.metaschema.core.model.constraint.IConstraint;
010import gov.nist.secauto.metaschema.core.util.ObjectUtils;
011import gov.nist.secauto.metaschema.databind.model.annotations.AllowedValue;
012import gov.nist.secauto.metaschema.databind.model.annotations.AllowedValues;
013import gov.nist.secauto.metaschema.databind.model.annotations.AssemblyConstraints;
014import gov.nist.secauto.metaschema.databind.model.annotations.BoundAssembly;
015import gov.nist.secauto.metaschema.databind.model.annotations.BoundField;
016import gov.nist.secauto.metaschema.databind.model.annotations.BoundFlag;
017import gov.nist.secauto.metaschema.databind.model.annotations.GroupAs;
018import gov.nist.secauto.metaschema.databind.model.annotations.Index;
019import gov.nist.secauto.metaschema.databind.model.annotations.IsUnique;
020import gov.nist.secauto.metaschema.databind.model.annotations.KeyField;
021import gov.nist.secauto.metaschema.databind.model.annotations.Let;
022import gov.nist.secauto.metaschema.databind.model.annotations.MetaschemaAssembly;
023import gov.nist.secauto.metaschema.databind.model.annotations.ValueConstraints;
024import java.lang.Override;
025import java.lang.String;
026import java.util.LinkedList;
027import java.util.List;
028import java.util.UUID;
029import org.apache.commons.lang3.builder.ReflectionToStringBuilder;
030import org.apache.commons.lang3.builder.ToStringStyle;
031
032/**
033 * An assessment plan, such as those provided by a FedRAMP assessor.
034 */
035@MetaschemaAssembly(
036    formalName = "Security Assessment Plan (SAP)",
037    description = "An assessment plan, such as those provided by a FedRAMP assessor.",
038    name = "assessment-plan",
039    moduleClass = OscalApModule.class,
040    rootName = "assessment-plan",
041    valueConstraints = @ValueConstraints(lets = @Let(name = "all-imports", target = "recurse-depth('.[import-ssp]/doc(resolve-uri(Q{http://csrc.nist.gov/ns/oscal/1.0}resolve-reference(import-ssp/@href)))/system-security-plan|.[import-profile]/resolve-profile(doc(resolve-uri(Q{http://csrc.nist.gov/ns/oscal/1.0}resolve-reference(import-profile/@href))))/catalog')")),
042    modelConstraints = @AssemblyConstraints(index = {@Index(id = "oscal-ap-index-metadata-scoped-role-id", formalName = "In-Scope Role Identifiers", description = "An index of role identifiers that are in-scope for the assessment-plan model. Roles are collected from imported system-securtity-plans, which in turn includes referenced profiles and catalogs. For a given role @id, a locally declared role takes precedence over a role that is imported, the role that was last imported.", level = IConstraint.Level.ERROR, target = "map:merge($all-imports/metadata/role ! map:entry(@id,.))?*", name = "index-imports-metadata-role-id", keyFields = @KeyField(target = "@id")), @Index(id = "oscal-ap-index-metadata-scoped-location-uuid", level = IConstraint.Level.ERROR, target = "map:merge($all-imports/metadata/location ! map:entry(@uuid,.))?*", name = "index-imports-metadata-location-uuid", keyFields = @KeyField(target = "@uuid")), @Index(id = "oscal-ap-index-metadata-scoped-party-uuid", level = IConstraint.Level.ERROR, target = "map:merge($all-imports/metadata/party ! map:entry(@uuid,.))?*", name = "index-imports-metadata-party-uuid", keyFields = @KeyField(target = "@uuid")), @Index(id = "oscal-ap-index-metadata-scoped-party-organization-uuid", level = IConstraint.Level.ERROR, target = "map:merge($all-imports/metadata/party[@type='organization'] ! map:entry(@uuid,.))?*", name = "index-imports-metadata-party-organization-uuid", keyFields = @KeyField(target = "@uuid")), @Index(id = "oscal-ap-index-metadata-scoped-property-uuid", level = IConstraint.Level.ERROR, target = "map:merge($all-imports//prop[@uuid] ! map:entry(@uuid,.))?*", name = "index-imports-metadata-property-uuid", keyFields = @KeyField(target = "@uuid"))}, unique = {@IsUnique(id = "oscal-unique-document-id", formalName = "Unique Document Identifier", description = "Ensure all document identifiers have a unique combination of @scheme and value.", level = IConstraint.Level.ERROR, target = "document-id", keyFields = {@KeyField(target = "@scheme"), @KeyField}), @IsUnique(id = "oscal-unique-property-in-context-location", formalName = "Unique Properties", description = "Ensure all properties are unique for a given location using a unique combination of @ns, @name, @class. @group. and @value.", level = IConstraint.Level.ERROR, target = ".//prop", keyFields = {@KeyField(target = "path(..)"), @KeyField(target = "@name"), @KeyField(target = "@ns"), @KeyField(target = "@class"), @KeyField(target = "@group"), @KeyField(target = "@value")}), @IsUnique(id = "oscal-unique-link-in-context-location", formalName = "Unique Links", description = "Ensure all links are unique for a given location using a unique combination of @href, @rel, and @media-type.", level = IConstraint.Level.ERROR, target = ".//link", keyFields = {@KeyField(target = "path(..)"), @KeyField(target = "@href"), @KeyField(target = "@rel"), @KeyField(target = "@media-type")}), @IsUnique(id = "oscal-unique-responsibility-in-context-location", formalName = "Unique Responsibilities", description = "Ensure all responsible-roles and responsible-parties are unique for a given location using a unique combination of @role-id and the combination of @party-uuid values.", level = IConstraint.Level.ERROR, target = ".//(responsible-party|responsible-role)", keyFields = {@KeyField(target = "path(..)"), @KeyField(target = "@role-id"), @KeyField(target = "@party-uuid")}, remarks = "Since `responsible-party` and `responsible-role` associate multiple `party-uuid` entries with a single `role-id`, each role-id must be referenced only once.")})
043)
044public class AssessmentPlan extends AbstractOscalInstance implements IBoundObject {
045  private final IMetaschemaData __metaschemaData;
046
047  /**
048   * "A <a href=\"https://pages.nist.gov/OSCAL/concepts/identifier-use/#machine-oriented\">machine-oriented</a>, <a href=\"https://pages.nist.gov/OSCAL/concepts/identifier-use/#globally-unique\">globally unique</a> identifier with <a href=\"https://pages.nist.gov/OSCAL/concepts/identifier-use/#cross-instance\">cross-instance</a> scope that can be used to reference this assessment plan in <a href=\"https://pages.nist.gov/OSCAL/concepts/identifier-use/#ap-identifiers\">this or other OSCAL instances</a>. The locally defined <em>UUID</em> of the <code>assessment plan</code> can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned <a href=\"https://pages.nist.gov/OSCAL/concepts/identifier-use/#consistency\">per-subject</a>, which means it should be consistently used to identify the same subject across revisions of the document."
049   */
050  @BoundFlag(
051      formalName = "Assessment Plan Universally Unique Identifier",
052      description = "A [machine-oriented](https://pages.nist.gov/OSCAL/concepts/identifier-use/#machine-oriented), [globally unique](https://pages.nist.gov/OSCAL/concepts/identifier-use/#globally-unique) identifier with [cross-instance](https://pages.nist.gov/OSCAL/concepts/identifier-use/#cross-instance) scope that can be used to reference this assessment plan in [this or other OSCAL instances](https://pages.nist.gov/OSCAL/concepts/identifier-use/#ap-identifiers). The locally defined *UUID* of the `assessment plan` can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned [per-subject](https://pages.nist.gov/OSCAL/concepts/identifier-use/#consistency), which means it should be consistently used to identify the same subject across revisions of the document.",
053      name = "uuid",
054      required = true,
055      typeAdapter = UuidAdapter.class
056  )
057  private UUID _uuid;
058
059  @BoundAssembly(
060      formalName = "Document Metadata",
061      description = "Provides information about the containing document, and defines concepts that are shared across the document.",
062      useName = "metadata",
063      minOccurs = 1
064  )
065  private Metadata _metadata;
066
067  @BoundAssembly(
068      formalName = "Import System Security Plan",
069      description = "Used by the assessment plan and POA\\&M to import information about the system.",
070      useName = "import-ssp",
071      remarks = "Used by the SAP to import information about the system being assessed.",
072      minOccurs = 1
073  )
074  private ImportSsp _importSsp;
075
076  @BoundAssembly(
077      formalName = "Local Definitions",
078      description = "Used to define data objects that are used in the assessment plan, that do not appear in the referenced SSP.",
079      useName = "local-definitions"
080  )
081  private LocalDefinitions _localDefinitions;
082
083  @BoundAssembly(
084      formalName = "Assessment Plan Terms and Conditions",
085      description = "Used to define various terms and conditions under which an assessment, described by the plan, can be performed. Each child part defines a different type of term or condition.",
086      useName = "terms-and-conditions"
087  )
088  private TermsAndConditions _termsAndConditions;
089
090  @BoundAssembly(
091      formalName = "Reviewed Controls and Control Objectives",
092      description = "Identifies the controls being assessed and their control objectives.",
093      useName = "reviewed-controls",
094      minOccurs = 1
095  )
096  private ReviewedControls _reviewedControls;
097
098  @BoundAssembly(
099      formalName = "Subject of Assessment",
100      description = "Identifies system elements being assessed, such as components, inventory items, and locations. In the assessment plan, this identifies a planned assessment subject. In the assessment results this is an actual assessment subject, and reflects any changes from the plan. exactly what will be the focus of this assessment. Any subjects not identified in this way are out-of-scope.",
101      useName = "assessment-subject",
102      maxOccurs = -1,
103      groupAs = @GroupAs(name = "assessment-subjects", inJson = JsonGroupAsBehavior.LIST)
104  )
105  private List<AssessmentSubject> _assessmentSubjects;
106
107  @BoundAssembly(
108      formalName = "Assessment Assets",
109      description = "Identifies the assets used to perform this assessment, such as the assessment team, scanning tools, and assumptions.",
110      useName = "assessment-assets"
111  )
112  private AssessmentAssets _assessmentAssets;
113
114  @BoundAssembly(
115      formalName = "Task",
116      description = "Represents a scheduled event or milestone, which may be associated with a series of assessment actions.",
117      useName = "task",
118      maxOccurs = -1,
119      groupAs = @GroupAs(name = "tasks", inJson = JsonGroupAsBehavior.LIST)
120  )
121  private List<Task> _tasks;
122
123  @BoundAssembly(
124      formalName = "Back matter",
125      description = "A collection of resources that may be referenced from within the OSCAL document instance.",
126      useName = "back-matter"
127  )
128  private BackMatter _backMatter;
129
130  public AssessmentPlan() {
131    this(null);
132  }
133
134  public AssessmentPlan(IMetaschemaData data) {
135    this.__metaschemaData = data;
136  }
137
138  @Override
139  public IMetaschemaData getMetaschemaData() {
140    return __metaschemaData;
141  }
142
143  public UUID getUuid() {
144    return _uuid;
145  }
146
147  public void setUuid(UUID value) {
148    _uuid = value;
149  }
150
151  public Metadata getMetadata() {
152    return _metadata;
153  }
154
155  public void setMetadata(Metadata value) {
156    _metadata = value;
157  }
158
159  public ImportSsp getImportSsp() {
160    return _importSsp;
161  }
162
163  public void setImportSsp(ImportSsp value) {
164    _importSsp = value;
165  }
166
167  public LocalDefinitions getLocalDefinitions() {
168    return _localDefinitions;
169  }
170
171  public void setLocalDefinitions(LocalDefinitions value) {
172    _localDefinitions = value;
173  }
174
175  public TermsAndConditions getTermsAndConditions() {
176    return _termsAndConditions;
177  }
178
179  public void setTermsAndConditions(TermsAndConditions value) {
180    _termsAndConditions = value;
181  }
182
183  public ReviewedControls getReviewedControls() {
184    return _reviewedControls;
185  }
186
187  public void setReviewedControls(ReviewedControls value) {
188    _reviewedControls = value;
189  }
190
191  public List<AssessmentSubject> getAssessmentSubjects() {
192    return _assessmentSubjects;
193  }
194
195  public void setAssessmentSubjects(List<AssessmentSubject> value) {
196    _assessmentSubjects = value;
197  }
198
199  /**
200   * Add a new {@link AssessmentSubject} item to the underlying collection.
201   * @param item the item to add
202   * @return {@code true}
203   */
204  public boolean addAssessmentSubject(AssessmentSubject item) {
205    AssessmentSubject value = ObjectUtils.requireNonNull(item,"item cannot be null");
206    if (_assessmentSubjects == null) {
207      _assessmentSubjects = new LinkedList<>();
208    }
209    return _assessmentSubjects.add(value);
210  }
211
212  /**
213   * Remove the first matching {@link AssessmentSubject} item from the underlying collection.
214   * @param item the item to remove
215   * @return {@code true} if the item was removed or {@code false} otherwise
216   */
217  public boolean removeAssessmentSubject(AssessmentSubject item) {
218    AssessmentSubject value = ObjectUtils.requireNonNull(item,"item cannot be null");
219    return _assessmentSubjects != null && _assessmentSubjects.remove(value);
220  }
221
222  public AssessmentAssets getAssessmentAssets() {
223    return _assessmentAssets;
224  }
225
226  public void setAssessmentAssets(AssessmentAssets value) {
227    _assessmentAssets = value;
228  }
229
230  public List<Task> getTasks() {
231    return _tasks;
232  }
233
234  public void setTasks(List<Task> value) {
235    _tasks = value;
236  }
237
238  /**
239   * Add a new {@link Task} item to the underlying collection.
240   * @param item the item to add
241   * @return {@code true}
242   */
243  public boolean addTask(Task item) {
244    Task value = ObjectUtils.requireNonNull(item,"item cannot be null");
245    if (_tasks == null) {
246      _tasks = new LinkedList<>();
247    }
248    return _tasks.add(value);
249  }
250
251  /**
252   * Remove the first matching {@link Task} item from the underlying collection.
253   * @param item the item to remove
254   * @return {@code true} if the item was removed or {@code false} otherwise
255   */
256  public boolean removeTask(Task item) {
257    Task value = ObjectUtils.requireNonNull(item,"item cannot be null");
258    return _tasks != null && _tasks.remove(value);
259  }
260
261  public BackMatter getBackMatter() {
262    return _backMatter;
263  }
264
265  public void setBackMatter(BackMatter value) {
266    _backMatter = value;
267  }
268
269  @Override
270  public String toString() {
271    return new ReflectionToStringBuilder(this, ToStringStyle.MULTI_LINE_STYLE).toString();
272  }
273
274  /**
275   * Used to define data objects that are used in the assessment plan, that do not appear in the referenced SSP.
276   */
277  @MetaschemaAssembly(
278      formalName = "Local Definitions",
279      description = "Used to define data objects that are used in the assessment plan, that do not appear in the referenced SSP.",
280      name = "local-definitions",
281      moduleClass = OscalApModule.class,
282      modelConstraints = @AssemblyConstraints(unique = {@IsUnique(id = "unique-ap-local-definitions-component", level = IConstraint.Level.ERROR, target = "component", keyFields = @KeyField(target = "@uuid"), remarks = "Since multiple `component` entries can be provided, each component must have a unique `uuid`."), @IsUnique(id = "unique-ap-local-definitions-user", level = IConstraint.Level.ERROR, target = "user", keyFields = @KeyField(target = "@uuid"), remarks = "A given `uuid` must be assigned only once to a user.")})
283  )
284  public static class LocalDefinitions implements IBoundObject {
285    private final IMetaschemaData __metaschemaData;
286
287    @BoundAssembly(
288        formalName = "Component",
289        description = "A defined component that can be part of an implemented system.",
290        useName = "component",
291        remarks = "Used to add any components, not defined via the System Security Plan (AR-\\>AP-\\>SSP)",
292        maxOccurs = -1,
293        groupAs = @GroupAs(name = "components", inJson = JsonGroupAsBehavior.LIST)
294    )
295    private List<SystemComponent> _components;
296
297    @BoundAssembly(
298        formalName = "Inventory Item",
299        description = "A single managed inventory item within the system.",
300        useName = "inventory-item",
301        remarks = "Used to add any inventory-items, not defined via the System Security Plan (AR-\\>AP-\\>SSP)",
302        maxOccurs = -1,
303        groupAs = @GroupAs(name = "inventory-items", inJson = JsonGroupAsBehavior.LIST)
304    )
305    private List<InventoryItem> _inventoryItems;
306
307    @BoundAssembly(
308        formalName = "System User",
309        description = "A type of user that interacts with the system based on an associated role.",
310        useName = "user",
311        remarks = "Used to add any users, not defined via the System Security Plan (AR-\\>AP-\\>SSP)",
312        maxOccurs = -1,
313        groupAs = @GroupAs(name = "users", inJson = JsonGroupAsBehavior.LIST)
314    )
315    private List<SystemUser> _users;
316
317    @BoundAssembly(
318        formalName = "Assessment-Specific Control Objective",
319        description = "A local definition of a control objective for this assessment. Uses catalog syntax for control objective and assessment actions.",
320        useName = "objectives-and-methods",
321        maxOccurs = -1,
322        groupAs = @GroupAs(name = "objectives-and-methods", inJson = JsonGroupAsBehavior.LIST)
323    )
324    private List<LocalObjective> _objectivesAndMethods;
325
326    @BoundAssembly(
327        formalName = "Activity",
328        description = "Identifies an assessment or related process that can be performed. In the assessment plan, this is an intended activity which may be associated with an assessment task. In the assessment results, this an activity that was actually performed as part of an assessment.",
329        useName = "activity",
330        maxOccurs = -1,
331        groupAs = @GroupAs(name = "activities", inJson = JsonGroupAsBehavior.LIST)
332    )
333    private List<Activity> _activities;
334
335    @BoundField(
336        formalName = "Remarks",
337        description = "Additional commentary about the containing object.",
338        useName = "remarks",
339        typeAdapter = MarkupMultilineAdapter.class
340    )
341    private MarkupMultiline _remarks;
342
343    public LocalDefinitions() {
344      this(null);
345    }
346
347    public LocalDefinitions(IMetaschemaData data) {
348      this.__metaschemaData = data;
349    }
350
351    @Override
352    public IMetaschemaData getMetaschemaData() {
353      return __metaschemaData;
354    }
355
356    public List<SystemComponent> getComponents() {
357      return _components;
358    }
359
360    public void setComponents(List<SystemComponent> value) {
361      _components = value;
362    }
363
364    /**
365     * Add a new {@link SystemComponent} item to the underlying collection.
366     * @param item the item to add
367     * @return {@code true}
368     */
369    public boolean addComponent(SystemComponent item) {
370      SystemComponent value = ObjectUtils.requireNonNull(item,"item cannot be null");
371      if (_components == null) {
372        _components = new LinkedList<>();
373      }
374      return _components.add(value);
375    }
376
377    /**
378     * Remove the first matching {@link SystemComponent} item from the underlying collection.
379     * @param item the item to remove
380     * @return {@code true} if the item was removed or {@code false} otherwise
381     */
382    public boolean removeComponent(SystemComponent item) {
383      SystemComponent value = ObjectUtils.requireNonNull(item,"item cannot be null");
384      return _components != null && _components.remove(value);
385    }
386
387    public List<InventoryItem> getInventoryItems() {
388      return _inventoryItems;
389    }
390
391    public void setInventoryItems(List<InventoryItem> value) {
392      _inventoryItems = value;
393    }
394
395    /**
396     * Add a new {@link InventoryItem} item to the underlying collection.
397     * @param item the item to add
398     * @return {@code true}
399     */
400    public boolean addInventoryItem(InventoryItem item) {
401      InventoryItem value = ObjectUtils.requireNonNull(item,"item cannot be null");
402      if (_inventoryItems == null) {
403        _inventoryItems = new LinkedList<>();
404      }
405      return _inventoryItems.add(value);
406    }
407
408    /**
409     * Remove the first matching {@link InventoryItem} item from the underlying collection.
410     * @param item the item to remove
411     * @return {@code true} if the item was removed or {@code false} otherwise
412     */
413    public boolean removeInventoryItem(InventoryItem item) {
414      InventoryItem value = ObjectUtils.requireNonNull(item,"item cannot be null");
415      return _inventoryItems != null && _inventoryItems.remove(value);
416    }
417
418    public List<SystemUser> getUsers() {
419      return _users;
420    }
421
422    public void setUsers(List<SystemUser> value) {
423      _users = value;
424    }
425
426    /**
427     * Add a new {@link SystemUser} item to the underlying collection.
428     * @param item the item to add
429     * @return {@code true}
430     */
431    public boolean addUser(SystemUser item) {
432      SystemUser value = ObjectUtils.requireNonNull(item,"item cannot be null");
433      if (_users == null) {
434        _users = new LinkedList<>();
435      }
436      return _users.add(value);
437    }
438
439    /**
440     * Remove the first matching {@link SystemUser} item from the underlying collection.
441     * @param item the item to remove
442     * @return {@code true} if the item was removed or {@code false} otherwise
443     */
444    public boolean removeUser(SystemUser item) {
445      SystemUser value = ObjectUtils.requireNonNull(item,"item cannot be null");
446      return _users != null && _users.remove(value);
447    }
448
449    public List<LocalObjective> getObjectivesAndMethods() {
450      return _objectivesAndMethods;
451    }
452
453    public void setObjectivesAndMethods(List<LocalObjective> value) {
454      _objectivesAndMethods = value;
455    }
456
457    /**
458     * Add a new {@link LocalObjective} item to the underlying collection.
459     * @param item the item to add
460     * @return {@code true}
461     */
462    public boolean addObjectivesAndMethods(LocalObjective item) {
463      LocalObjective value = ObjectUtils.requireNonNull(item,"item cannot be null");
464      if (_objectivesAndMethods == null) {
465        _objectivesAndMethods = new LinkedList<>();
466      }
467      return _objectivesAndMethods.add(value);
468    }
469
470    /**
471     * Remove the first matching {@link LocalObjective} item from the underlying collection.
472     * @param item the item to remove
473     * @return {@code true} if the item was removed or {@code false} otherwise
474     */
475    public boolean removeObjectivesAndMethods(LocalObjective item) {
476      LocalObjective value = ObjectUtils.requireNonNull(item,"item cannot be null");
477      return _objectivesAndMethods != null && _objectivesAndMethods.remove(value);
478    }
479
480    public List<Activity> getActivities() {
481      return _activities;
482    }
483
484    public void setActivities(List<Activity> value) {
485      _activities = value;
486    }
487
488    /**
489     * Add a new {@link Activity} item to the underlying collection.
490     * @param item the item to add
491     * @return {@code true}
492     */
493    public boolean addActivity(Activity item) {
494      Activity value = ObjectUtils.requireNonNull(item,"item cannot be null");
495      if (_activities == null) {
496        _activities = new LinkedList<>();
497      }
498      return _activities.add(value);
499    }
500
501    /**
502     * Remove the first matching {@link Activity} item from the underlying collection.
503     * @param item the item to remove
504     * @return {@code true} if the item was removed or {@code false} otherwise
505     */
506    public boolean removeActivity(Activity item) {
507      Activity value = ObjectUtils.requireNonNull(item,"item cannot be null");
508      return _activities != null && _activities.remove(value);
509    }
510
511    public MarkupMultiline getRemarks() {
512      return _remarks;
513    }
514
515    public void setRemarks(MarkupMultiline value) {
516      _remarks = value;
517    }
518
519    @Override
520    public String toString() {
521      return new ReflectionToStringBuilder(this, ToStringStyle.MULTI_LINE_STYLE).toString();
522    }
523  }
524
525  /**
526   * Used to define various terms and conditions under which an assessment, described by the plan, can be performed. Each child part defines a different type of term or condition.
527   */
528  @MetaschemaAssembly(
529      formalName = "Assessment Plan Terms and Conditions",
530      description = "Used to define various terms and conditions under which an assessment, described by the plan, can be performed. Each child part defines a different type of term or condition.",
531      name = "terms-and-conditions",
532      moduleClass = OscalApModule.class,
533      valueConstraints = @ValueConstraints(allowedValues = @AllowedValues(level = IConstraint.Level.ERROR, target = "part[has-oscal-namespace('http://csrc.nist.gov/ns/oscal')]/@name", values = {@AllowedValue(value = "rules-of-engagement", description = "Defines the circumstances, conditions, degree, and manner in which the use of cyber-attack techniques or actions may be applied to the assessment."), @AllowedValue(value = "disclosures", description = "Any information the assessor should make known to the system owner or authorizing official. Has child 'item' parts for each individual disclosure."), @AllowedValue(value = "assessment-inclusions", description = "Defines any assessment activities which the system owner or authorizing official wishes to ensure are performed as part of the assessment."), @AllowedValue(value = "assessment-exclusions", description = "Defines any assessment activities which the system owner or authorizing official explicitly prohibits from being performed as part of the assessment."), @AllowedValue(value = "results-delivery", description = "Defines conditions related to the delivery of the assessment results, such as when to deliver, how, and to whom."), @AllowedValue(value = "assumptions", description = "Defines any supposition made by the assessor. Has child 'item' parts for each assumption."), @AllowedValue(value = "methodology", description = "An explanation of practices, procedures, and rules used in the course of the assessment.")}))
534  )
535  public static class TermsAndConditions implements IBoundObject {
536    private final IMetaschemaData __metaschemaData;
537
538    @BoundAssembly(
539        formalName = "Assessment Part",
540        description = "A partition of an assessment plan or results or a child of another part.",
541        useName = "part",
542        maxOccurs = -1,
543        groupAs = @GroupAs(name = "parts", inJson = JsonGroupAsBehavior.LIST)
544    )
545    private List<AssessmentPart> _parts;
546
547    public TermsAndConditions() {
548      this(null);
549    }
550
551    public TermsAndConditions(IMetaschemaData data) {
552      this.__metaschemaData = data;
553    }
554
555    @Override
556    public IMetaschemaData getMetaschemaData() {
557      return __metaschemaData;
558    }
559
560    public List<AssessmentPart> getParts() {
561      return _parts;
562    }
563
564    public void setParts(List<AssessmentPart> value) {
565      _parts = value;
566    }
567
568    /**
569     * Add a new {@link AssessmentPart} item to the underlying collection.
570     * @param item the item to add
571     * @return {@code true}
572     */
573    public boolean addPart(AssessmentPart item) {
574      AssessmentPart value = ObjectUtils.requireNonNull(item,"item cannot be null");
575      if (_parts == null) {
576        _parts = new LinkedList<>();
577      }
578      return _parts.add(value);
579    }
580
581    /**
582     * Remove the first matching {@link AssessmentPart} item from the underlying collection.
583     * @param item the item to remove
584     * @return {@code true} if the item was removed or {@code false} otherwise
585     */
586    public boolean removePart(AssessmentPart item) {
587      AssessmentPart value = ObjectUtils.requireNonNull(item,"item cannot be null");
588      return _parts != null && _parts.remove(value);
589    }
590
591    @Override
592    public String toString() {
593      return new ReflectionToStringBuilder(this, ToStringStyle.MULTI_LINE_STYLE).toString();
594    }
595  }
596}