Source code

001package gov.nist.secauto.oscal.lib.model;
002
003import gov.nist.secauto.metaschema.core.datatype.adapter.TokenAdapter;
004import gov.nist.secauto.metaschema.core.datatype.adapter.UuidAdapter;
005import gov.nist.secauto.metaschema.core.datatype.markup.MarkupLine;
006import gov.nist.secauto.metaschema.core.datatype.markup.MarkupLineAdapter;
007import gov.nist.secauto.metaschema.core.datatype.markup.MarkupMultiline;
008import gov.nist.secauto.metaschema.core.datatype.markup.MarkupMultilineAdapter;
009import gov.nist.secauto.metaschema.core.model.IBoundObject;
010import gov.nist.secauto.metaschema.core.model.IMetaschemaData;
011import gov.nist.secauto.metaschema.core.model.JsonGroupAsBehavior;
012import gov.nist.secauto.metaschema.core.model.constraint.IConstraint;
013import gov.nist.secauto.metaschema.core.util.ObjectUtils;
014import gov.nist.secauto.metaschema.databind.model.annotations.AllowedValue;
015import gov.nist.secauto.metaschema.databind.model.annotations.AllowedValues;
016import gov.nist.secauto.metaschema.databind.model.annotations.BoundAssembly;
017import gov.nist.secauto.metaschema.databind.model.annotations.BoundField;
018import gov.nist.secauto.metaschema.databind.model.annotations.BoundFlag;
019import gov.nist.secauto.metaschema.databind.model.annotations.GroupAs;
020import gov.nist.secauto.metaschema.databind.model.annotations.IndexHasKey;
021import gov.nist.secauto.metaschema.databind.model.annotations.KeyField;
022import gov.nist.secauto.metaschema.databind.model.annotations.MetaschemaAssembly;
023import gov.nist.secauto.metaschema.databind.model.annotations.ValueConstraints;
024import java.lang.Override;
025import java.lang.String;
026import java.util.LinkedList;
027import java.util.List;
028import java.util.UUID;
029import org.apache.commons.lang3.builder.ReflectionToStringBuilder;
030import org.apache.commons.lang3.builder.ToStringStyle;
031
032/**
033 * A type of user that interacts with the system based on an associated role.
034 */
035@MetaschemaAssembly(
036    formalName = "System User",
037    description = "A type of user that interacts with the system based on an associated role.",
038    name = "system-user",
039    moduleClass = OscalImplementationCommonModule.class,
040    remarks = "Permissible values to be determined closer to the application, such as by a receiving authority.",
041    valueConstraints = @ValueConstraints(allowedValues = {@AllowedValues(level = IConstraint.Level.ERROR, target = "prop[has-oscal-namespace('http://csrc.nist.gov/ns/oscal')]/@name", values = {@AllowedValue(value = "type", description = "The type of user, such as internal, external, or general-public."), @AllowedValue(value = "privilege-level", description = "The user's privilege level within the system, such as privileged, non-privileged, no-logical-access.")}), @AllowedValues(level = IConstraint.Level.ERROR, target = "prop[has-oscal-namespace('http://csrc.nist.gov/ns/oscal') and @name='type']/@value", values = {@AllowedValue(value = "internal", description = "A user account for a person or entity that is part of the organization who owns or operates the system."), @AllowedValue(value = "external", description = "A user account for a person or entity that is not part of the organization who owns or operates the system."), @AllowedValue(value = "general-public", description = "A user of the system considered to be outside")}), @AllowedValues(level = IConstraint.Level.ERROR, target = "prop[has-oscal-namespace('http://csrc.nist.gov/ns/oscal') and @name='privilege-level']/@value", values = {@AllowedValue(value = "privileged", description = "This role has elevated access to the system, such as a group or system administrator."), @AllowedValue(value = "non-privileged", description = "This role has typical user-level access to the system without elevated access."), @AllowedValue(value = "no-logical-access", description = "This role has no access to the system, such as a manager who approves access as part of a process.")}), @AllowedValues(level = IConstraint.Level.ERROR, target = "role-id", allowOthers = true, values = {@AllowedValue(value = "asset-owner", description = "Accountable for ensuring the asset is managed in accordance with organizational policies and procedures."), @AllowedValue(value = "asset-administrator", description = "Responsible for administering a set of assets."), @AllowedValue(value = "security-operations", description = "Members of the security operations center (SOC)."), @AllowedValue(value = "network-operations", description = "Members of the network operations center (NOC)."), @AllowedValue(value = "incident-response", description = "Responsible for responding to an event that could lead to loss of, or disruption to, an organization's operations, services or functions."), @AllowedValue(value = "help-desk", description = "Responsible for providing information and support to users."), @AllowedValue(value = "configuration-management", description = "Responsible for the configuration management processes governing changes to the asset.")})})
042)
043public class SystemUser implements IBoundObject {
044  private final IMetaschemaData __metaschemaData;
045
046  /**
047   * "A <a href=\"https://pages.nist.gov/OSCAL/concepts/identifier-use/#machine-oriented\">machine-oriented</a>, <a href=\"https://pages.nist.gov/OSCAL/concepts/identifier-use/#globally-unique\">globally unique</a> identifier with <a href=\"https://pages.nist.gov/OSCAL/concepts/identifier-use/#cross-instance\">cross-instance</a> scope that can be used to reference this user class elsewhere in <a href=\"https://pages.nist.gov/OSCAL/concepts/identifier-use/#scope\">this or other OSCAL instances</a>. The locally defined <em>UUID</em> of the <code>system user</code> can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned <a href=\"https://pages.nist.gov/OSCAL/concepts/identifier-use/#consistency\">per-subject</a>, which means it should be consistently used to identify the same subject across revisions of the document."
048   */
049  @BoundFlag(
050      formalName = "User Universally Unique Identifier",
051      description = "A [machine-oriented](https://pages.nist.gov/OSCAL/concepts/identifier-use/#machine-oriented), [globally unique](https://pages.nist.gov/OSCAL/concepts/identifier-use/#globally-unique) identifier with [cross-instance](https://pages.nist.gov/OSCAL/concepts/identifier-use/#cross-instance) scope that can be used to reference this user class elsewhere in [this or other OSCAL instances](https://pages.nist.gov/OSCAL/concepts/identifier-use/#scope). The locally defined *UUID* of the `system user` can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned [per-subject](https://pages.nist.gov/OSCAL/concepts/identifier-use/#consistency), which means it should be consistently used to identify the same subject across revisions of the document.",
052      name = "uuid",
053      required = true,
054      typeAdapter = UuidAdapter.class
055  )
056  private UUID _uuid;
057
058  @BoundField(
059      formalName = "User Title",
060      description = "A name given to the user, which may be used by a tool for display and navigation.",
061      useName = "title",
062      typeAdapter = MarkupLineAdapter.class
063  )
064  private MarkupLine _title;
065
066  @BoundField(
067      formalName = "User Short Name",
068      description = "A short common name, abbreviation, or acronym for the user.",
069      useName = "short-name"
070  )
071  private String _shortName;
072
073  @BoundField(
074      formalName = "User Description",
075      description = "A summary of the user's purpose within the system.",
076      useName = "description",
077      typeAdapter = MarkupMultilineAdapter.class
078  )
079  private MarkupMultiline _description;
080
081  @BoundAssembly(
082      formalName = "Property",
083      description = "An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair.",
084      useName = "prop",
085      maxOccurs = -1,
086      groupAs = @GroupAs(name = "props", inJson = JsonGroupAsBehavior.LIST)
087  )
088  private List<Property> _props;
089
090  @BoundAssembly(
091      formalName = "Link",
092      description = "A reference to a local or remote resource, that has a specific relation to the containing object.",
093      useName = "link",
094      maxOccurs = -1,
095      groupAs = @GroupAs(name = "links", inJson = JsonGroupAsBehavior.LIST)
096  )
097  private List<Link> _links;
098
099  @BoundField(
100      formalName = "Role Identifier Reference",
101      description = "Reference to a role by UUID.",
102      useName = "role-id",
103      maxOccurs = -1,
104      groupAs = @GroupAs(name = "role-ids", inJson = JsonGroupAsBehavior.LIST),
105      typeAdapter = TokenAdapter.class,
106      valueConstraints = @ValueConstraints(indexHasKey = @IndexHasKey(level = IConstraint.Level.ERROR, indexName = "index-metadata-role-id", keyFields = @KeyField))
107  )
108  private List<String> _roleIds;
109
110  @BoundAssembly(
111      formalName = "Privilege",
112      description = "Identifies a specific system privilege held by the user, along with an associated description and/or rationale for the privilege.",
113      useName = "authorized-privilege",
114      maxOccurs = -1,
115      groupAs = @GroupAs(name = "authorized-privileges", inJson = JsonGroupAsBehavior.LIST)
116  )
117  private List<AuthorizedPrivilege> _authorizedPrivileges;
118
119  @BoundField(
120      formalName = "Remarks",
121      description = "Additional commentary about the containing object.",
122      useName = "remarks",
123      typeAdapter = MarkupMultilineAdapter.class
124  )
125  private MarkupMultiline _remarks;
126
127  public SystemUser() {
128    this(null);
129  }
130
131  public SystemUser(IMetaschemaData data) {
132    this.__metaschemaData = data;
133  }
134
135  @Override
136  public IMetaschemaData getMetaschemaData() {
137    return __metaschemaData;
138  }
139
140  public UUID getUuid() {
141    return _uuid;
142  }
143
144  public void setUuid(UUID value) {
145    _uuid = value;
146  }
147
148  public MarkupLine getTitle() {
149    return _title;
150  }
151
152  public void setTitle(MarkupLine value) {
153    _title = value;
154  }
155
156  public String getShortName() {
157    return _shortName;
158  }
159
160  public void setShortName(String value) {
161    _shortName = value;
162  }
163
164  public MarkupMultiline getDescription() {
165    return _description;
166  }
167
168  public void setDescription(MarkupMultiline value) {
169    _description = value;
170  }
171
172  public List<Property> getProps() {
173    return _props;
174  }
175
176  public void setProps(List<Property> value) {
177    _props = value;
178  }
179
180  /**
181   * Add a new {@link Property} item to the underlying collection.
182   * @param item the item to add
183   * @return {@code true}
184   */
185  public boolean addProp(Property item) {
186    Property value = ObjectUtils.requireNonNull(item,"item cannot be null");
187    if (_props == null) {
188      _props = new LinkedList<>();
189    }
190    return _props.add(value);
191  }
192
193  /**
194   * Remove the first matching {@link Property} item from the underlying collection.
195   * @param item the item to remove
196   * @return {@code true} if the item was removed or {@code false} otherwise
197   */
198  public boolean removeProp(Property item) {
199    Property value = ObjectUtils.requireNonNull(item,"item cannot be null");
200    return _props != null && _props.remove(value);
201  }
202
203  public List<Link> getLinks() {
204    return _links;
205  }
206
207  public void setLinks(List<Link> value) {
208    _links = value;
209  }
210
211  /**
212   * Add a new {@link Link} item to the underlying collection.
213   * @param item the item to add
214   * @return {@code true}
215   */
216  public boolean addLink(Link item) {
217    Link value = ObjectUtils.requireNonNull(item,"item cannot be null");
218    if (_links == null) {
219      _links = new LinkedList<>();
220    }
221    return _links.add(value);
222  }
223
224  /**
225   * Remove the first matching {@link Link} item from the underlying collection.
226   * @param item the item to remove
227   * @return {@code true} if the item was removed or {@code false} otherwise
228   */
229  public boolean removeLink(Link item) {
230    Link value = ObjectUtils.requireNonNull(item,"item cannot be null");
231    return _links != null && _links.remove(value);
232  }
233
234  public List<String> getRoleIds() {
235    return _roleIds;
236  }
237
238  public void setRoleIds(List<String> value) {
239    _roleIds = value;
240  }
241
242  /**
243   * Add a new {@link String} item to the underlying collection.
244   * @param item the item to add
245   * @return {@code true}
246   */
247  public boolean addRoleId(String item) {
248    String value = ObjectUtils.requireNonNull(item,"item cannot be null");
249    if (_roleIds == null) {
250      _roleIds = new LinkedList<>();
251    }
252    return _roleIds.add(value);
253  }
254
255  /**
256   * Remove the first matching {@link String} item from the underlying collection.
257   * @param item the item to remove
258   * @return {@code true} if the item was removed or {@code false} otherwise
259   */
260  public boolean removeRoleId(String item) {
261    String value = ObjectUtils.requireNonNull(item,"item cannot be null");
262    return _roleIds != null && _roleIds.remove(value);
263  }
264
265  public List<AuthorizedPrivilege> getAuthorizedPrivileges() {
266    return _authorizedPrivileges;
267  }
268
269  public void setAuthorizedPrivileges(List<AuthorizedPrivilege> value) {
270    _authorizedPrivileges = value;
271  }
272
273  /**
274   * Add a new {@link AuthorizedPrivilege} item to the underlying collection.
275   * @param item the item to add
276   * @return {@code true}
277   */
278  public boolean addAuthorizedPrivilege(AuthorizedPrivilege item) {
279    AuthorizedPrivilege value = ObjectUtils.requireNonNull(item,"item cannot be null");
280    if (_authorizedPrivileges == null) {
281      _authorizedPrivileges = new LinkedList<>();
282    }
283    return _authorizedPrivileges.add(value);
284  }
285
286  /**
287   * Remove the first matching {@link AuthorizedPrivilege} item from the underlying collection.
288   * @param item the item to remove
289   * @return {@code true} if the item was removed or {@code false} otherwise
290   */
291  public boolean removeAuthorizedPrivilege(AuthorizedPrivilege item) {
292    AuthorizedPrivilege value = ObjectUtils.requireNonNull(item,"item cannot be null");
293    return _authorizedPrivileges != null && _authorizedPrivileges.remove(value);
294  }
295
296  public MarkupMultiline getRemarks() {
297    return _remarks;
298  }
299
300  public void setRemarks(MarkupMultiline value) {
301    _remarks = value;
302  }
303
304  @Override
305  public String toString() {
306    return new ReflectionToStringBuilder(this, ToStringStyle.MULTI_LINE_STYLE).toString();
307  }
308}