Source code

001package gov.nist.secauto.oscal.lib.model;
002
003import gov.nist.secauto.metaschema.core.datatype.adapter.UuidAdapter;
004import gov.nist.secauto.metaschema.core.datatype.markup.MarkupLine;
005import gov.nist.secauto.metaschema.core.datatype.markup.MarkupLineAdapter;
006import gov.nist.secauto.metaschema.core.datatype.markup.MarkupMultiline;
007import gov.nist.secauto.metaschema.core.datatype.markup.MarkupMultilineAdapter;
008import gov.nist.secauto.metaschema.core.model.IBoundObject;
009import gov.nist.secauto.metaschema.core.model.IMetaschemaData;
010import gov.nist.secauto.metaschema.core.model.JsonGroupAsBehavior;
011import gov.nist.secauto.metaschema.core.util.ObjectUtils;
012import gov.nist.secauto.metaschema.databind.model.annotations.BoundAssembly;
013import gov.nist.secauto.metaschema.databind.model.annotations.BoundField;
014import gov.nist.secauto.metaschema.databind.model.annotations.BoundFlag;
015import gov.nist.secauto.metaschema.databind.model.annotations.GroupAs;
016import gov.nist.secauto.metaschema.databind.model.annotations.MetaschemaAssembly;
017import java.lang.Override;
018import java.lang.String;
019import java.util.LinkedList;
020import java.util.List;
021import java.util.UUID;
022import org.apache.commons.lang3.builder.ReflectionToStringBuilder;
023import org.apache.commons.lang3.builder.ToStringStyle;
024
025/**
026 * Describes an individual finding.
027 */
028@MetaschemaAssembly(
029    formalName = "Finding",
030    description = "Describes an individual finding.",
031    name = "finding",
032    moduleClass = OscalAssessmentCommonModule.class
033)
034public class Finding implements IBoundObject {
035  private final IMetaschemaData __metaschemaData;
036
037  /**
038   * "A <a href=\"https://pages.nist.gov/OSCAL/concepts/identifier-use/#machine-oriented\">machine-oriented</a>, <a href=\"https://pages.nist.gov/OSCAL/concepts/identifier-use/#globally-unique\">globally unique</a> identifier with <a href=\"https://pages.nist.gov/OSCAL/concepts/identifier-use/#cross-instance\">cross-instance</a> scope that can be used to reference this finding in <a href=\"https://pages.nist.gov/OSCAL/concepts/identifier-use/#ar-identifiers\">this or other OSCAL instances</a>. The locally defined <em>UUID</em> of the <code>finding</code> can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned <a href=\"https://pages.nist.gov/OSCAL/concepts/identifier-use/#consistency\">per-subject</a>, which means it should be consistently used to identify the same subject across revisions of the document."
039   */
040  @BoundFlag(
041      formalName = "Finding Universally Unique Identifier",
042      description = "A [machine-oriented](https://pages.nist.gov/OSCAL/concepts/identifier-use/#machine-oriented), [globally unique](https://pages.nist.gov/OSCAL/concepts/identifier-use/#globally-unique) identifier with [cross-instance](https://pages.nist.gov/OSCAL/concepts/identifier-use/#cross-instance) scope that can be used to reference this finding in [this or other OSCAL instances](https://pages.nist.gov/OSCAL/concepts/identifier-use/#ar-identifiers). The locally defined *UUID* of the `finding` can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned [per-subject](https://pages.nist.gov/OSCAL/concepts/identifier-use/#consistency), which means it should be consistently used to identify the same subject across revisions of the document.",
043      name = "uuid",
044      required = true,
045      typeAdapter = UuidAdapter.class
046  )
047  private UUID _uuid;
048
049  @BoundField(
050      formalName = "Finding Title",
051      description = "The title for this finding.",
052      useName = "title",
053      minOccurs = 1,
054      typeAdapter = MarkupLineAdapter.class
055  )
056  private MarkupLine _title;
057
058  @BoundField(
059      formalName = "Finding Description",
060      description = "A human-readable description of this finding.",
061      useName = "description",
062      minOccurs = 1,
063      typeAdapter = MarkupMultilineAdapter.class
064  )
065  private MarkupMultiline _description;
066
067  @BoundAssembly(
068      formalName = "Property",
069      description = "An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair.",
070      useName = "prop",
071      maxOccurs = -1,
072      groupAs = @GroupAs(name = "props", inJson = JsonGroupAsBehavior.LIST)
073  )
074  private List<Property> _props;
075
076  @BoundAssembly(
077      formalName = "Link",
078      description = "A reference to a local or remote resource, that has a specific relation to the containing object.",
079      useName = "link",
080      maxOccurs = -1,
081      groupAs = @GroupAs(name = "links", inJson = JsonGroupAsBehavior.LIST)
082  )
083  private List<Link> _links;
084
085  @BoundAssembly(
086      formalName = "Origin",
087      description = "Identifies the source of the finding, such as a tool, interviewed person, or activity.",
088      useName = "origin",
089      remarks = "Used to identify the individual and/or tool generated this finding.",
090      maxOccurs = -1,
091      groupAs = @GroupAs(name = "origins", inJson = JsonGroupAsBehavior.LIST)
092  )
093  private List<Origin> _origins;
094
095  @BoundAssembly(
096      formalName = "Objective Status",
097      description = "Captures an assessor's conclusions regarding the degree to which an objective is satisfied.",
098      useName = "target",
099      minOccurs = 1
100  )
101  private FindingTarget _target;
102
103  @BoundField(
104      formalName = "Implementation Statement UUID",
105      description = "A [machine-oriented](https://pages.nist.gov/OSCAL/concepts/identifier-use/#machine-oriented) identifier reference to the implementation statement in the SSP to which this finding is related.",
106      useName = "implementation-statement-uuid",
107      typeAdapter = UuidAdapter.class
108  )
109  private UUID _implementationStatementUuid;
110
111  @BoundAssembly(
112      formalName = "Related Observation",
113      description = "Relates the finding to a set of referenced observations that were used to determine the finding.",
114      useName = "related-observation",
115      maxOccurs = -1,
116      groupAs = @GroupAs(name = "related-observations", inJson = JsonGroupAsBehavior.LIST)
117  )
118  private List<RelatedObservation> _relatedObservations;
119
120  @BoundAssembly(
121      formalName = "Associated Risk",
122      description = "Relates the finding to a set of referenced risks that were used to determine the finding.",
123      useName = "associated-risk",
124      maxOccurs = -1,
125      groupAs = @GroupAs(name = "related-risks", inJson = JsonGroupAsBehavior.LIST)
126  )
127  private List<AssociatedRisk> _relatedRisks;
128
129  @BoundField(
130      formalName = "Remarks",
131      description = "Additional commentary about the containing object.",
132      useName = "remarks",
133      typeAdapter = MarkupMultilineAdapter.class
134  )
135  private MarkupMultiline _remarks;
136
137  public Finding() {
138    this(null);
139  }
140
141  public Finding(IMetaschemaData data) {
142    this.__metaschemaData = data;
143  }
144
145  @Override
146  public IMetaschemaData getMetaschemaData() {
147    return __metaschemaData;
148  }
149
150  public UUID getUuid() {
151    return _uuid;
152  }
153
154  public void setUuid(UUID value) {
155    _uuid = value;
156  }
157
158  public MarkupLine getTitle() {
159    return _title;
160  }
161
162  public void setTitle(MarkupLine value) {
163    _title = value;
164  }
165
166  public MarkupMultiline getDescription() {
167    return _description;
168  }
169
170  public void setDescription(MarkupMultiline value) {
171    _description = value;
172  }
173
174  public List<Property> getProps() {
175    return _props;
176  }
177
178  public void setProps(List<Property> value) {
179    _props = value;
180  }
181
182  /**
183   * Add a new {@link Property} item to the underlying collection.
184   * @param item the item to add
185   * @return {@code true}
186   */
187  public boolean addProp(Property item) {
188    Property value = ObjectUtils.requireNonNull(item,"item cannot be null");
189    if (_props == null) {
190      _props = new LinkedList<>();
191    }
192    return _props.add(value);
193  }
194
195  /**
196   * Remove the first matching {@link Property} item from the underlying collection.
197   * @param item the item to remove
198   * @return {@code true} if the item was removed or {@code false} otherwise
199   */
200  public boolean removeProp(Property item) {
201    Property value = ObjectUtils.requireNonNull(item,"item cannot be null");
202    return _props != null && _props.remove(value);
203  }
204
205  public List<Link> getLinks() {
206    return _links;
207  }
208
209  public void setLinks(List<Link> value) {
210    _links = value;
211  }
212
213  /**
214   * Add a new {@link Link} item to the underlying collection.
215   * @param item the item to add
216   * @return {@code true}
217   */
218  public boolean addLink(Link item) {
219    Link value = ObjectUtils.requireNonNull(item,"item cannot be null");
220    if (_links == null) {
221      _links = new LinkedList<>();
222    }
223    return _links.add(value);
224  }
225
226  /**
227   * Remove the first matching {@link Link} item from the underlying collection.
228   * @param item the item to remove
229   * @return {@code true} if the item was removed or {@code false} otherwise
230   */
231  public boolean removeLink(Link item) {
232    Link value = ObjectUtils.requireNonNull(item,"item cannot be null");
233    return _links != null && _links.remove(value);
234  }
235
236  public List<Origin> getOrigins() {
237    return _origins;
238  }
239
240  public void setOrigins(List<Origin> value) {
241    _origins = value;
242  }
243
244  /**
245   * Add a new {@link Origin} item to the underlying collection.
246   * @param item the item to add
247   * @return {@code true}
248   */
249  public boolean addOrigin(Origin item) {
250    Origin value = ObjectUtils.requireNonNull(item,"item cannot be null");
251    if (_origins == null) {
252      _origins = new LinkedList<>();
253    }
254    return _origins.add(value);
255  }
256
257  /**
258   * Remove the first matching {@link Origin} item from the underlying collection.
259   * @param item the item to remove
260   * @return {@code true} if the item was removed or {@code false} otherwise
261   */
262  public boolean removeOrigin(Origin item) {
263    Origin value = ObjectUtils.requireNonNull(item,"item cannot be null");
264    return _origins != null && _origins.remove(value);
265  }
266
267  public FindingTarget getTarget() {
268    return _target;
269  }
270
271  public void setTarget(FindingTarget value) {
272    _target = value;
273  }
274
275  public UUID getImplementationStatementUuid() {
276    return _implementationStatementUuid;
277  }
278
279  public void setImplementationStatementUuid(UUID value) {
280    _implementationStatementUuid = value;
281  }
282
283  public List<RelatedObservation> getRelatedObservations() {
284    return _relatedObservations;
285  }
286
287  public void setRelatedObservations(List<RelatedObservation> value) {
288    _relatedObservations = value;
289  }
290
291  /**
292   * Add a new {@link RelatedObservation} item to the underlying collection.
293   * @param item the item to add
294   * @return {@code true}
295   */
296  public boolean addRelatedObservation(RelatedObservation item) {
297    RelatedObservation value = ObjectUtils.requireNonNull(item,"item cannot be null");
298    if (_relatedObservations == null) {
299      _relatedObservations = new LinkedList<>();
300    }
301    return _relatedObservations.add(value);
302  }
303
304  /**
305   * Remove the first matching {@link RelatedObservation} item from the underlying collection.
306   * @param item the item to remove
307   * @return {@code true} if the item was removed or {@code false} otherwise
308   */
309  public boolean removeRelatedObservation(RelatedObservation item) {
310    RelatedObservation value = ObjectUtils.requireNonNull(item,"item cannot be null");
311    return _relatedObservations != null && _relatedObservations.remove(value);
312  }
313
314  public List<AssociatedRisk> getRelatedRisks() {
315    return _relatedRisks;
316  }
317
318  public void setRelatedRisks(List<AssociatedRisk> value) {
319    _relatedRisks = value;
320  }
321
322  /**
323   * Add a new {@link AssociatedRisk} item to the underlying collection.
324   * @param item the item to add
325   * @return {@code true}
326   */
327  public boolean addAssociatedRisk(AssociatedRisk item) {
328    AssociatedRisk value = ObjectUtils.requireNonNull(item,"item cannot be null");
329    if (_relatedRisks == null) {
330      _relatedRisks = new LinkedList<>();
331    }
332    return _relatedRisks.add(value);
333  }
334
335  /**
336   * Remove the first matching {@link AssociatedRisk} item from the underlying collection.
337   * @param item the item to remove
338   * @return {@code true} if the item was removed or {@code false} otherwise
339   */
340  public boolean removeAssociatedRisk(AssociatedRisk item) {
341    AssociatedRisk value = ObjectUtils.requireNonNull(item,"item cannot be null");
342    return _relatedRisks != null && _relatedRisks.remove(value);
343  }
344
345  public MarkupMultiline getRemarks() {
346    return _remarks;
347  }
348
349  public void setRemarks(MarkupMultiline value) {
350    _remarks = value;
351  }
352
353  @Override
354  public String toString() {
355    return new ReflectionToStringBuilder(this, ToStringStyle.MULTI_LINE_STYLE).toString();
356  }
357
358  /**
359   * Relates the finding to a set of referenced observations that were used to determine the finding.
360   */
361  @MetaschemaAssembly(
362      formalName = "Related Observation",
363      description = "Relates the finding to a set of referenced observations that were used to determine the finding.",
364      name = "related-observation",
365      moduleClass = OscalAssessmentCommonModule.class
366  )
367  public static class RelatedObservation implements IBoundObject {
368    private final IMetaschemaData __metaschemaData;
369
370    /**
371     * "A <a href=\"https://pages.nist.gov/OSCAL/concepts/identifier-use/#machine-oriented\">machine-oriented</a> identifier reference to an observation defined in the list of observations."
372     */
373    @BoundFlag(
374        formalName = "Observation Universally Unique Identifier Reference",
375        description = "A [machine-oriented](https://pages.nist.gov/OSCAL/concepts/identifier-use/#machine-oriented) identifier reference to an observation defined in the list of observations.",
376        name = "observation-uuid",
377        required = true,
378        typeAdapter = UuidAdapter.class
379    )
380    private UUID _observationUuid;
381
382    public RelatedObservation() {
383      this(null);
384    }
385
386    public RelatedObservation(IMetaschemaData data) {
387      this.__metaschemaData = data;
388    }
389
390    @Override
391    public IMetaschemaData getMetaschemaData() {
392      return __metaschemaData;
393    }
394
395    public UUID getObservationUuid() {
396      return _observationUuid;
397    }
398
399    public void setObservationUuid(UUID value) {
400      _observationUuid = value;
401    }
402
403    @Override
404    public String toString() {
405      return new ReflectionToStringBuilder(this, ToStringStyle.MULTI_LINE_STYLE).toString();
406    }
407  }
408
409  /**
410   * Relates the finding to a set of referenced risks that were used to determine the finding.
411   */
412  @MetaschemaAssembly(
413      formalName = "Associated Risk",
414      description = "Relates the finding to a set of referenced risks that were used to determine the finding.",
415      name = "associated-risk",
416      moduleClass = OscalAssessmentCommonModule.class
417  )
418  public static class AssociatedRisk implements IBoundObject {
419    private final IMetaschemaData __metaschemaData;
420
421    /**
422     * "A <a href=\"https://pages.nist.gov/OSCAL/concepts/identifier-use/#machine-oriented\">machine-oriented</a> identifier reference to a risk defined in the list of risks."
423     */
424    @BoundFlag(
425        formalName = "Risk Universally Unique Identifier Reference",
426        description = "A [machine-oriented](https://pages.nist.gov/OSCAL/concepts/identifier-use/#machine-oriented) identifier reference to a risk defined in the list of risks.",
427        name = "risk-uuid",
428        required = true,
429        typeAdapter = UuidAdapter.class
430    )
431    private UUID _riskUuid;
432
433    public AssociatedRisk() {
434      this(null);
435    }
436
437    public AssociatedRisk(IMetaschemaData data) {
438      this.__metaschemaData = data;
439    }
440
441    @Override
442    public IMetaschemaData getMetaschemaData() {
443      return __metaschemaData;
444    }
445
446    public UUID getRiskUuid() {
447      return _riskUuid;
448    }
449
450    public void setRiskUuid(UUID value) {
451      _riskUuid = value;
452    }
453
454    @Override
455    public String toString() {
456      return new ReflectionToStringBuilder(this, ToStringStyle.MULTI_LINE_STYLE).toString();
457    }
458  }
459}