oscal 0.1.0 → 0.1.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.github/workflows/rake.yml +15 -0
- data/.github/workflows/release.yml +24 -0
- data/.gitignore +11 -0
- data/.gitmodules +3 -0
- data/.hound.yml +5 -0
- data/.rubocop.yml +10 -0
- data/Gemfile +2 -0
- data/README.adoc +63 -0
- data/bin/console +30 -0
- data/bin/setup +8 -0
- data/exe/convert2oscalyaml.rb +560 -0
- data/lib/oscal/add.rb +25 -0
- data/lib/oscal/address.rb +21 -0
- data/lib/oscal/address_line.rb +10 -0
- data/lib/oscal/alter.rb +21 -0
- data/lib/oscal/back_matter.rb +19 -0
- data/lib/oscal/base64_object.rb +10 -0
- data/lib/oscal/base_class.rb +49 -0
- data/lib/oscal/catalog.rb +50 -10
- data/lib/oscal/choice.rb +10 -0
- data/lib/oscal/citation.rb +21 -0
- data/lib/oscal/combine.rb +10 -0
- data/lib/oscal/common_utils.rb +35 -0
- data/lib/oscal/constraint.rb +19 -0
- data/lib/oscal/control.rb +20 -31
- data/lib/oscal/custom.rb +21 -0
- data/lib/oscal/document_id.rb +10 -0
- data/lib/oscal/email_address.rb +10 -0
- data/lib/oscal/exclude_control.rb +21 -0
- data/lib/oscal/external_id.rb +10 -0
- data/lib/oscal/group.rb +26 -35
- data/lib/oscal/guideline.rb +10 -0
- data/lib/oscal/hash_object.rb +10 -0
- data/lib/oscal/import_object.rb +21 -0
- data/lib/oscal/include_control.rb +21 -0
- data/lib/oscal/insert_control.rb +21 -0
- data/lib/oscal/link.rb +10 -0
- data/lib/oscal/location.rb +30 -0
- data/lib/oscal/location_uuid.rb +10 -0
- data/lib/oscal/matching.rb +10 -0
- data/lib/oscal/member_of_organization.rb +10 -0
- data/lib/oscal/merge.rb +19 -0
- data/lib/oscal/metadata_block.rb +28 -14
- data/lib/oscal/modify.rb +21 -0
- data/lib/oscal/parameter.rb +22 -20
- data/lib/oscal/part.rb +13 -22
- data/lib/oscal/party.rb +35 -0
- data/lib/oscal/party_uuid.rb +10 -0
- data/lib/oscal/profile.rb +32 -7
- data/lib/oscal/property.rb +3 -25
- data/lib/oscal/remove.rb +10 -0
- data/lib/oscal/resource.rb +28 -0
- data/lib/oscal/responsible_party.rb +23 -0
- data/lib/oscal/revision.rb +22 -0
- data/lib/oscal/rlink.rb +19 -0
- data/lib/oscal/role.rb +21 -0
- data/lib/oscal/select.rb +19 -0
- data/lib/oscal/serializer.rb +17 -4
- data/lib/oscal/set_parameter.rb +30 -0
- data/lib/oscal/telephone_number.rb +10 -0
- data/lib/oscal/test.rb +10 -0
- data/lib/oscal/url.rb +10 -0
- data/lib/oscal/value.rb +36 -0
- data/lib/oscal/version.rb +1 -1
- data/lib/oscal/with_id.rb +39 -0
- data/lib/oscal.rb +1 -13
- data/oscal.gemspec +9 -11
- data/spec/oscal/catalog_spec.rb +39 -0
- data/spec/oscal_spec.rb +7 -0
- data/spec/spec_helper.rb +15 -0
- metadata +65 -9
- data/lib/oscal/component.rb +0 -14
- data/lib/oscal/prose.rb +0 -13
- data/lib/oscal/statement.rb +0 -12
|
@@ -0,0 +1,560 @@
|
|
|
1
|
+
#!/usr/bin/env ruby
|
|
2
|
+
#
|
|
3
|
+
# Confidential and proprietary trade secret material of Ribose, Inc.
|
|
4
|
+
# (c) 2023 Ribose, Inc. as unpublished work.
|
|
5
|
+
#
|
|
6
|
+
#
|
|
7
|
+
#
|
|
8
|
+
# This script attempts to read the ISO 27002:2022 controls and convert to
|
|
9
|
+
# OSCAL yaml file.
|
|
10
|
+
|
|
11
|
+
require "fileutils"
|
|
12
|
+
require "optparse"
|
|
13
|
+
require "ostruct"
|
|
14
|
+
require "yaml"
|
|
15
|
+
require "securerandom"
|
|
16
|
+
require "asciidoctor"
|
|
17
|
+
require "nokogiri"
|
|
18
|
+
require "json"
|
|
19
|
+
require "time"
|
|
20
|
+
|
|
21
|
+
def convert_control_to_oscal(control)
|
|
22
|
+
clause_no = control["identifier"].split(":")[-1]
|
|
23
|
+
|
|
24
|
+
# set control id
|
|
25
|
+
catalog_control = Catalog::Control.new("clause_#{clause_no}")
|
|
26
|
+
catalog_control.props = []
|
|
27
|
+
catalog_control.parts = []
|
|
28
|
+
|
|
29
|
+
control.each do |key, value|
|
|
30
|
+
case key
|
|
31
|
+
when "identifier"
|
|
32
|
+
# add control props
|
|
33
|
+
catalog_control.props << {
|
|
34
|
+
"name" => "clause",
|
|
35
|
+
"value" => clause_no,
|
|
36
|
+
}
|
|
37
|
+
when "maps_27002_2013"
|
|
38
|
+
catalog_control.props << {
|
|
39
|
+
"name" => "maps_27002_2013",
|
|
40
|
+
"value" => value,
|
|
41
|
+
}
|
|
42
|
+
when "title"
|
|
43
|
+
catalog_control.title = value
|
|
44
|
+
when "tags"
|
|
45
|
+
# add tags as props
|
|
46
|
+
value.each do |k, v|
|
|
47
|
+
catalog_control.props << {
|
|
48
|
+
"name" => k,
|
|
49
|
+
"value" => v,
|
|
50
|
+
}
|
|
51
|
+
end
|
|
52
|
+
when "control"
|
|
53
|
+
part = Catalog::Part.new
|
|
54
|
+
part.id = "control_#{clause_no}"
|
|
55
|
+
part.name = "clause_#{clause_no}_control"
|
|
56
|
+
part.prose = value.chomp
|
|
57
|
+
catalog_control.parts << part.to_hash
|
|
58
|
+
when "purpose"
|
|
59
|
+
part = Catalog::Part.new
|
|
60
|
+
part.id = "purpose_#{clause_no}"
|
|
61
|
+
part.name = "clause_#{clause_no}_purpose"
|
|
62
|
+
part.prose = value.chomp
|
|
63
|
+
catalog_control.parts << part.to_hash
|
|
64
|
+
when "other_info"
|
|
65
|
+
part = Catalog::Part.new
|
|
66
|
+
part.id = "other_info_#{clause_no}"
|
|
67
|
+
part.name = "clause_#{clause_no}_other_info"
|
|
68
|
+
unless value.empty?
|
|
69
|
+
part.parts = parse_content(
|
|
70
|
+
value,
|
|
71
|
+
clause_no,
|
|
72
|
+
"other_info",
|
|
73
|
+
)
|
|
74
|
+
end
|
|
75
|
+
catalog_control.parts << part.to_hash
|
|
76
|
+
when "guidance"
|
|
77
|
+
# guidance contains multiple parts with title and content
|
|
78
|
+
# each part may contains empty title
|
|
79
|
+
# each part contains content
|
|
80
|
+
# content may contains list or table
|
|
81
|
+
value.each do |v|
|
|
82
|
+
part = Catalog::Part.new
|
|
83
|
+
part.id = "scls_#{clause_no.gsub('.', '-')}"
|
|
84
|
+
part.name = if v["title"].nil?
|
|
85
|
+
"clause_#{clause_no}_guidance"
|
|
86
|
+
else
|
|
87
|
+
v["title"]
|
|
88
|
+
end
|
|
89
|
+
unless v["content"].empty?
|
|
90
|
+
part.parts = parse_content(
|
|
91
|
+
v["content"],
|
|
92
|
+
clause_no,
|
|
93
|
+
)
|
|
94
|
+
end
|
|
95
|
+
catalog_control.parts << part.to_hash
|
|
96
|
+
end
|
|
97
|
+
end
|
|
98
|
+
end
|
|
99
|
+
|
|
100
|
+
catalog_control
|
|
101
|
+
end
|
|
102
|
+
|
|
103
|
+
def add_note(nokogiri_children, _content, part)
|
|
104
|
+
note = nokogiri_children.css(".note").first.content
|
|
105
|
+
note = note.gsub("Note", "NOTE:")
|
|
106
|
+
note_part = Catalog::Part.new
|
|
107
|
+
note_part.id = "#{part.id}_note"
|
|
108
|
+
note_part.name = "#{part.name}_note"
|
|
109
|
+
note_part.prose = note
|
|
110
|
+
|
|
111
|
+
note_part
|
|
112
|
+
end
|
|
113
|
+
|
|
114
|
+
def replace_link(nokogiri_children, content)
|
|
115
|
+
nokogiri_children.xpath("//a/@href").each do |href|
|
|
116
|
+
href_value = href.value[1..-1]
|
|
117
|
+
|
|
118
|
+
clause_no = if href_value.start_with?("scls_")
|
|
119
|
+
href_value.split("_").last.gsub("-", ".")
|
|
120
|
+
else
|
|
121
|
+
href_value
|
|
122
|
+
end
|
|
123
|
+
|
|
124
|
+
content = content.gsub(
|
|
125
|
+
"[#{href_value}]",
|
|
126
|
+
"[#{clause_no}](##{href_value})",
|
|
127
|
+
)
|
|
128
|
+
end
|
|
129
|
+
|
|
130
|
+
content
|
|
131
|
+
end
|
|
132
|
+
|
|
133
|
+
def parse_content(content, clause_no, content_type = "guidance")
|
|
134
|
+
parts = []
|
|
135
|
+
|
|
136
|
+
# convert content into html
|
|
137
|
+
html = Asciidoctor.convert content, safe: :safe
|
|
138
|
+
# replace \n with space
|
|
139
|
+
html = html.gsub("\n", " ")
|
|
140
|
+
html = html.gsub("> <", "><")
|
|
141
|
+
# parse html by nokogiri
|
|
142
|
+
htmldoc = Nokogiri::HTML(html)
|
|
143
|
+
# get the body
|
|
144
|
+
body = htmldoc.children[1].children[0]
|
|
145
|
+
|
|
146
|
+
prev_part = nil
|
|
147
|
+
prev_second_part = nil
|
|
148
|
+
first_level_index = 0
|
|
149
|
+
|
|
150
|
+
body.children.each do |c|
|
|
151
|
+
next if c.content == " "
|
|
152
|
+
|
|
153
|
+
tag_name = c.name
|
|
154
|
+
css_classes = c.attr("class").split
|
|
155
|
+
is_olist = css_classes.include?("olist")
|
|
156
|
+
is_table = tag_name.match?("table")
|
|
157
|
+
contains_alink = c.search("a").count.positive?
|
|
158
|
+
contains_colon_at_end = c.content.chars.last(1).join == ":"
|
|
159
|
+
is_link_to_table = contains_alink &&
|
|
160
|
+
c.xpath("//a/@href")[0].value.match?("table")
|
|
161
|
+
|
|
162
|
+
if is_olist
|
|
163
|
+
# get all second level list items
|
|
164
|
+
list_items = c.css("ol[class=arabic] > li")
|
|
165
|
+
second_level_index = 0
|
|
166
|
+
|
|
167
|
+
list_items.each do |item|
|
|
168
|
+
part = Catalog::Part.new
|
|
169
|
+
part.id = "#{content_type}_#{clause_no}_part_#{first_level_index}_#{second_level_index + 1}"
|
|
170
|
+
part.name = "#{content_type}_part_list_item"
|
|
171
|
+
content = item.css("p").first.content
|
|
172
|
+
|
|
173
|
+
if item.search("a").count.positive?
|
|
174
|
+
content = replace_link(item, content)
|
|
175
|
+
end
|
|
176
|
+
|
|
177
|
+
if item.search(".note").count.positive?
|
|
178
|
+
note_part = add_note(item, content, part)
|
|
179
|
+
part.parts ||= []
|
|
180
|
+
part.parts << note_part
|
|
181
|
+
end
|
|
182
|
+
|
|
183
|
+
part.prose = content
|
|
184
|
+
prev_part.parts ||= []
|
|
185
|
+
|
|
186
|
+
# list item contains sublist items
|
|
187
|
+
if item.css("ol").count.positive?
|
|
188
|
+
prev_second_part = part
|
|
189
|
+
sublist_items = item.css("li")
|
|
190
|
+
third_level_index = 0
|
|
191
|
+
|
|
192
|
+
sublist_items.each do |sub_item|
|
|
193
|
+
sub_part = Catalog::Part.new
|
|
194
|
+
sub_part.id = "#{content_type}_#{clause_no}_part_#{first_level_index}_#{second_level_index + 1}_#{third_level_index + 1}"
|
|
195
|
+
sub_part.name = "#{content_type}_part_list_item"
|
|
196
|
+
content = sub_item.content
|
|
197
|
+
|
|
198
|
+
if sub_item.search("a").count.positive?
|
|
199
|
+
content = replace_link(sub_item, content)
|
|
200
|
+
end
|
|
201
|
+
|
|
202
|
+
sub_part.prose = content
|
|
203
|
+
|
|
204
|
+
prev_second_part.parts ||= []
|
|
205
|
+
prev_second_part.parts << sub_part
|
|
206
|
+
|
|
207
|
+
third_level_index = third_level_index + 1
|
|
208
|
+
end
|
|
209
|
+
|
|
210
|
+
part = prev_second_part
|
|
211
|
+
end
|
|
212
|
+
|
|
213
|
+
prev_part.parts << part
|
|
214
|
+
|
|
215
|
+
second_level_index = second_level_index + 1
|
|
216
|
+
end
|
|
217
|
+
|
|
218
|
+
first_level_index = first_level_index - 1
|
|
219
|
+
parts << prev_part
|
|
220
|
+
elsif is_table
|
|
221
|
+
column_num = 0
|
|
222
|
+
table_header = []
|
|
223
|
+
table_body = []
|
|
224
|
+
table_prose = ""
|
|
225
|
+
|
|
226
|
+
c.children.each do |item|
|
|
227
|
+
case item.name
|
|
228
|
+
when "caption"
|
|
229
|
+
part = Catalog::Part.new
|
|
230
|
+
part.id = "#{content_type}_#{clause_no}_part_#{first_level_index + 1}"
|
|
231
|
+
part.name = "#{content_type}_table_title"
|
|
232
|
+
part.prose = item.content
|
|
233
|
+
part.props = []
|
|
234
|
+
if item.content.match?(".")
|
|
235
|
+
part.props << {
|
|
236
|
+
"name" => "table",
|
|
237
|
+
"value" => item.content.split(".")[0].split[1],
|
|
238
|
+
}
|
|
239
|
+
end
|
|
240
|
+
|
|
241
|
+
parts << part.to_hash
|
|
242
|
+
when "colgroup"
|
|
243
|
+
column_num = item.children.count
|
|
244
|
+
when "thead"
|
|
245
|
+
item.children.children.each do |th|
|
|
246
|
+
# bold header
|
|
247
|
+
head = th.content.empty? ? " " : "*#{th.content}*"
|
|
248
|
+
table_header << head
|
|
249
|
+
end
|
|
250
|
+
when "tbody"
|
|
251
|
+
# loop through tr
|
|
252
|
+
item.children.each do |tr|
|
|
253
|
+
tr_data = []
|
|
254
|
+
|
|
255
|
+
# loop through td
|
|
256
|
+
tr.css("td").each do |td|
|
|
257
|
+
tr_data << td.content
|
|
258
|
+
end
|
|
259
|
+
|
|
260
|
+
table_body << tr_data
|
|
261
|
+
end
|
|
262
|
+
end
|
|
263
|
+
end
|
|
264
|
+
|
|
265
|
+
# create prose for table
|
|
266
|
+
table_prose = "|===\n"
|
|
267
|
+
table_prose << ("|#{table_header.join(' | ')}\n")
|
|
268
|
+
table_body.each do |tr|
|
|
269
|
+
# bold first column
|
|
270
|
+
tr[0] = "*#{tr[0]}*"
|
|
271
|
+
table_prose << ("|#{tr.join(' | ')}\n")
|
|
272
|
+
end
|
|
273
|
+
table_prose << "|==="
|
|
274
|
+
|
|
275
|
+
# create part for table
|
|
276
|
+
part = Catalog::Part.new
|
|
277
|
+
part.id = "#{content_type}_#{clause_no}_part_#{first_level_index + 1}"
|
|
278
|
+
part.name = "#{content_type}_table"
|
|
279
|
+
part.prose = table_prose
|
|
280
|
+
|
|
281
|
+
parts << part.to_hash
|
|
282
|
+
elsif contains_colon_at_end
|
|
283
|
+
part = Catalog::Part.new
|
|
284
|
+
part.id = "#{content_type}_#{clause_no}_part_#{first_level_index + 1}"
|
|
285
|
+
part.name = "#{content_type}_part"
|
|
286
|
+
content = c.content
|
|
287
|
+
|
|
288
|
+
if contains_alink
|
|
289
|
+
content = replace_link(c, content)
|
|
290
|
+
end
|
|
291
|
+
|
|
292
|
+
part.prose = content
|
|
293
|
+
|
|
294
|
+
prev_part = part
|
|
295
|
+
else
|
|
296
|
+
part = Catalog::Part.new
|
|
297
|
+
part.id = "#{content_type}_#{clause_no}_part_#{first_level_index + 1}"
|
|
298
|
+
part.name = "#{content_type}_part"
|
|
299
|
+
content = c.content
|
|
300
|
+
|
|
301
|
+
if contains_alink
|
|
302
|
+
content = replace_link(c, content)
|
|
303
|
+
end
|
|
304
|
+
|
|
305
|
+
if content.start_with?("Note ")
|
|
306
|
+
content = content.gsub("Note ", "NOTE: ")
|
|
307
|
+
end
|
|
308
|
+
|
|
309
|
+
part.prose = content
|
|
310
|
+
|
|
311
|
+
parts << part.to_hash
|
|
312
|
+
end
|
|
313
|
+
|
|
314
|
+
first_level_index = first_level_index + 1
|
|
315
|
+
end
|
|
316
|
+
|
|
317
|
+
parts
|
|
318
|
+
end
|
|
319
|
+
|
|
320
|
+
#
|
|
321
|
+
# https://dev.to/ayushn21/how-to-generate-yaml-from-ruby-objects-without-type-annotations-4fli
|
|
322
|
+
module Hashify
|
|
323
|
+
# Classes that include this module can exclude certain
|
|
324
|
+
# instance variable from its hash representation by overriding
|
|
325
|
+
# this method
|
|
326
|
+
def ivars_excluded_from_hash
|
|
327
|
+
[]
|
|
328
|
+
end
|
|
329
|
+
|
|
330
|
+
def to_hash
|
|
331
|
+
hash = {}
|
|
332
|
+
excluded_ivars = ivars_excluded_from_hash
|
|
333
|
+
|
|
334
|
+
# Iterate over all the instance variables and store their
|
|
335
|
+
# names and values in a hash
|
|
336
|
+
instance_variables.each do |var|
|
|
337
|
+
next if excluded_ivars.include? var.to_s
|
|
338
|
+
|
|
339
|
+
value = instance_variable_get(var)
|
|
340
|
+
value = value.map(&:to_hash) if value.is_a? Array
|
|
341
|
+
|
|
342
|
+
hash[var.to_s.delete("@")] = value
|
|
343
|
+
end
|
|
344
|
+
|
|
345
|
+
hash
|
|
346
|
+
end
|
|
347
|
+
end
|
|
348
|
+
|
|
349
|
+
#########################################
|
|
350
|
+
#
|
|
351
|
+
# Catalog
|
|
352
|
+
#
|
|
353
|
+
# Catalog contains uuid, metadata and groups.
|
|
354
|
+
#
|
|
355
|
+
class Catalog
|
|
356
|
+
include Hashify
|
|
357
|
+
|
|
358
|
+
attr_accessor :catalog
|
|
359
|
+
|
|
360
|
+
def initialize(title = nil, remark = nil)
|
|
361
|
+
@catalog = Hash.new
|
|
362
|
+
@catalog["uuid"] = SecureRandom.uuid
|
|
363
|
+
@catalog["metadata"] = Metadata.build(title, remark)
|
|
364
|
+
@catalog["groups"] = []
|
|
365
|
+
@catalog["back-matter"] = BackMatter.build
|
|
366
|
+
end
|
|
367
|
+
|
|
368
|
+
def catalog_groups=(arr)
|
|
369
|
+
@catalog["groups"] = arr
|
|
370
|
+
end
|
|
371
|
+
|
|
372
|
+
def add_catalog_groups(arr)
|
|
373
|
+
@catalog["groups"] << arr
|
|
374
|
+
end
|
|
375
|
+
|
|
376
|
+
def get_catalog_groups(num)
|
|
377
|
+
@catalog["groups"].select { |g| g.id == num }.first
|
|
378
|
+
end
|
|
379
|
+
|
|
380
|
+
def hashify_catalog_groups
|
|
381
|
+
@catalog["groups"].map!(&:to_hash)
|
|
382
|
+
end
|
|
383
|
+
|
|
384
|
+
def catalog_groups
|
|
385
|
+
@catalog["groups"]
|
|
386
|
+
end
|
|
387
|
+
|
|
388
|
+
#
|
|
389
|
+
# BackMatter
|
|
390
|
+
#
|
|
391
|
+
# BackMatter contains title, published, last-modified, version, oscal-version
|
|
392
|
+
# and remarks
|
|
393
|
+
#
|
|
394
|
+
class BackMatter
|
|
395
|
+
include Hashify
|
|
396
|
+
|
|
397
|
+
def self.build
|
|
398
|
+
back_matter_path = File.expand_path(
|
|
399
|
+
"../sources/sections/back-matter.yml",
|
|
400
|
+
__dir__,
|
|
401
|
+
)
|
|
402
|
+
back_matter = YAML.safe_load(File.read(back_matter_path))
|
|
403
|
+
|
|
404
|
+
back_matter["resources"].each do |res|
|
|
405
|
+
res["uuid"] = SecureRandom.uuid.to_s
|
|
406
|
+
end
|
|
407
|
+
|
|
408
|
+
back_matter
|
|
409
|
+
end
|
|
410
|
+
end
|
|
411
|
+
|
|
412
|
+
#
|
|
413
|
+
# Metadata
|
|
414
|
+
#
|
|
415
|
+
# Metadata contains title, published, last-modified, version, oscal-version
|
|
416
|
+
# and remarks
|
|
417
|
+
#
|
|
418
|
+
class Metadata
|
|
419
|
+
include Hashify
|
|
420
|
+
|
|
421
|
+
def self.build(title = nil, remark = nil)
|
|
422
|
+
default_title = "Catalog for ISO27002:2022"
|
|
423
|
+
default_remarks = "OSCAL yaml generated from ISO27002:2022"
|
|
424
|
+
|
|
425
|
+
{
|
|
426
|
+
"title" => title.nil? ? default_title : "",
|
|
427
|
+
"published" => Time.now.iso8601,
|
|
428
|
+
"last-modified" => Time.now.iso8601,
|
|
429
|
+
"version" => "1.0",
|
|
430
|
+
"oscal-version" => "1.0.0",
|
|
431
|
+
"remarks" => remark.nil? ? default_remarks : "",
|
|
432
|
+
}
|
|
433
|
+
end
|
|
434
|
+
end
|
|
435
|
+
|
|
436
|
+
#
|
|
437
|
+
# Group
|
|
438
|
+
#
|
|
439
|
+
# Group has id and title.
|
|
440
|
+
# Group can contains mulitple controls or groups.
|
|
441
|
+
# Group can contains props in name-value pairs
|
|
442
|
+
#
|
|
443
|
+
class Group
|
|
444
|
+
include Hashify
|
|
445
|
+
|
|
446
|
+
attr_accessor :id, :title, :groups, :controls, :props
|
|
447
|
+
|
|
448
|
+
def initialize(id, title)
|
|
449
|
+
@id = id
|
|
450
|
+
@title = title
|
|
451
|
+
end
|
|
452
|
+
end
|
|
453
|
+
|
|
454
|
+
#
|
|
455
|
+
# Control
|
|
456
|
+
#
|
|
457
|
+
# Control has id and title.
|
|
458
|
+
# Control can contains mulitple parts.
|
|
459
|
+
# Control can contains props in name-value pairs
|
|
460
|
+
#
|
|
461
|
+
class Control
|
|
462
|
+
include Hashify
|
|
463
|
+
|
|
464
|
+
attr_accessor :id, :title, :parts, :props
|
|
465
|
+
|
|
466
|
+
def initialize(id)
|
|
467
|
+
@id = id
|
|
468
|
+
end
|
|
469
|
+
end
|
|
470
|
+
|
|
471
|
+
#
|
|
472
|
+
# Part
|
|
473
|
+
#
|
|
474
|
+
# Part has id and name
|
|
475
|
+
# Part may contains prose.
|
|
476
|
+
# Part can contains mulitple parts.
|
|
477
|
+
# Part can contains props in name-value pairs
|
|
478
|
+
#
|
|
479
|
+
class Part
|
|
480
|
+
include Hashify
|
|
481
|
+
|
|
482
|
+
attr_accessor :id, :name, :prose, :parts, :props
|
|
483
|
+
end
|
|
484
|
+
end
|
|
485
|
+
|
|
486
|
+
def get_group_num_and_name(control_path)
|
|
487
|
+
group_shortname = control_path.split("/")[-2]
|
|
488
|
+
group_num = control_path.split("/")[-1].split("-")[0]
|
|
489
|
+
groupname = ""
|
|
490
|
+
|
|
491
|
+
case group_shortname
|
|
492
|
+
when "controls-org"
|
|
493
|
+
groupname = "Organizational controls"
|
|
494
|
+
when "controls-people"
|
|
495
|
+
groupname = "People controls"
|
|
496
|
+
when "controls-physical"
|
|
497
|
+
groupname = "Physical controls"
|
|
498
|
+
when "controls-tech"
|
|
499
|
+
groupname = "Technological controls"
|
|
500
|
+
end
|
|
501
|
+
|
|
502
|
+
[group_num, groupname]
|
|
503
|
+
end
|
|
504
|
+
|
|
505
|
+
########
|
|
506
|
+
# Main #
|
|
507
|
+
########
|
|
508
|
+
oscal_catalog = Catalog.new
|
|
509
|
+
controls_sections_dir = File.expand_path("../sources/sections", __dir__)
|
|
510
|
+
controls_paths_files = Dir["#{controls_sections_dir}/**/paths.yml"]
|
|
511
|
+
|
|
512
|
+
# read controls based on paths.yml
|
|
513
|
+
controls_paths_files.sort.each do |controls_paths_file|
|
|
514
|
+
controls_paths = YAML.safe_load(File.read(controls_paths_file))
|
|
515
|
+
prev_groupnum = nil
|
|
516
|
+
|
|
517
|
+
controls_paths.each do |control_path|
|
|
518
|
+
groupnum = get_group_num_and_name(control_path)[0]
|
|
519
|
+
groupname = get_group_num_and_name(control_path)[1]
|
|
520
|
+
|
|
521
|
+
if prev_groupnum.nil? || groupnum != prev_groupnum
|
|
522
|
+
# create groups for sections, e.g. 5, 6, 7, 8
|
|
523
|
+
catalog_group = Catalog::Group.new("cls_#{groupnum}", groupname)
|
|
524
|
+
catalog_group.props = [
|
|
525
|
+
{
|
|
526
|
+
"name" => "clause",
|
|
527
|
+
"value" => groupnum,
|
|
528
|
+
},
|
|
529
|
+
]
|
|
530
|
+
|
|
531
|
+
oscal_catalog.add_catalog_groups(catalog_group)
|
|
532
|
+
prev_groupnum = groupnum
|
|
533
|
+
else
|
|
534
|
+
# get existing group
|
|
535
|
+
catalog_group = oscal_catalog.get_catalog_groups("cls_#{groupnum}")
|
|
536
|
+
end
|
|
537
|
+
|
|
538
|
+
# DEBUG
|
|
539
|
+
# set control path to a specific yml file path
|
|
540
|
+
# if control_path == "sections/controls-<TYPE>/X-YY.yml"
|
|
541
|
+
# if control_path == "sections/controls-org/5-02.yml"
|
|
542
|
+
control = YAML.safe_load(File.read("./sources/#{control_path}"))
|
|
543
|
+
converted_control = convert_control_to_oscal(control)
|
|
544
|
+
|
|
545
|
+
catalog_group.controls ||= []
|
|
546
|
+
catalog_group.controls << converted_control.to_hash
|
|
547
|
+
# end
|
|
548
|
+
end
|
|
549
|
+
end
|
|
550
|
+
|
|
551
|
+
##########
|
|
552
|
+
# Output #
|
|
553
|
+
##########
|
|
554
|
+
|
|
555
|
+
# Remove type annotation from ruby objects
|
|
556
|
+
oscal_catalog.hashify_catalog_groups
|
|
557
|
+
|
|
558
|
+
File.write("scripts/output/iso27002-oscal.yml", oscal_catalog.to_hash.to_yaml)
|
|
559
|
+
|
|
560
|
+
exit 0
|
data/lib/oscal/add.rb
ADDED
|
@@ -0,0 +1,25 @@
|
|
|
1
|
+
require_relative "base_class"
|
|
2
|
+
|
|
3
|
+
module Oscal
|
|
4
|
+
class Add < Oscal::BaseClass
|
|
5
|
+
KEY = %i(position by_id title params props links parts)
|
|
6
|
+
|
|
7
|
+
attr_accessor *KEY
|
|
8
|
+
attr_serializable *KEY
|
|
9
|
+
|
|
10
|
+
def set_value(key_name, val)
|
|
11
|
+
case key_name
|
|
12
|
+
when 'params'
|
|
13
|
+
Parameter.wrap(val)
|
|
14
|
+
when 'props'
|
|
15
|
+
Property.wrap(val)
|
|
16
|
+
when 'links'
|
|
17
|
+
Link.wrap(val)
|
|
18
|
+
when 'part'
|
|
19
|
+
Part.wrap(val)
|
|
20
|
+
else
|
|
21
|
+
val
|
|
22
|
+
end
|
|
23
|
+
end
|
|
24
|
+
end
|
|
25
|
+
end
|
|
@@ -0,0 +1,21 @@
|
|
|
1
|
+
require_relative "base_class"
|
|
2
|
+
|
|
3
|
+
module Oscal
|
|
4
|
+
class Address < Oscal::BaseClass
|
|
5
|
+
KEY = %i(type addr_lines city state postal_code country)
|
|
6
|
+
|
|
7
|
+
attr_accessor *KEY
|
|
8
|
+
attr_serializable *KEY
|
|
9
|
+
|
|
10
|
+
def set_value(key_name, val)
|
|
11
|
+
case key_name
|
|
12
|
+
when 'addr_lines'
|
|
13
|
+
AddressLine.wrap(val)
|
|
14
|
+
when 'links'
|
|
15
|
+
Link.wrap(val)
|
|
16
|
+
else
|
|
17
|
+
val
|
|
18
|
+
end
|
|
19
|
+
end
|
|
20
|
+
end
|
|
21
|
+
end
|
data/lib/oscal/alter.rb
ADDED
|
@@ -0,0 +1,21 @@
|
|
|
1
|
+
require_relative "base_class"
|
|
2
|
+
|
|
3
|
+
module Oscal
|
|
4
|
+
class Alter < Oscal::BaseClass
|
|
5
|
+
KEY = %i(control_id klass removes adds)
|
|
6
|
+
|
|
7
|
+
attr_accessor *KEY
|
|
8
|
+
attr_serializable *KEY
|
|
9
|
+
|
|
10
|
+
def set_value(key_name, val)
|
|
11
|
+
case key_name
|
|
12
|
+
when 'removes'
|
|
13
|
+
Remove.wrap(val)
|
|
14
|
+
when 'adds'
|
|
15
|
+
Add.wrap(val)
|
|
16
|
+
else
|
|
17
|
+
val
|
|
18
|
+
end
|
|
19
|
+
end
|
|
20
|
+
end
|
|
21
|
+
end
|
|
@@ -0,0 +1,19 @@
|
|
|
1
|
+
require_relative "base_class"
|
|
2
|
+
|
|
3
|
+
module Oscal
|
|
4
|
+
class BackMatter < Oscal::BaseClass
|
|
5
|
+
KEY = %i(resources)
|
|
6
|
+
|
|
7
|
+
attr_accessor *KEY
|
|
8
|
+
attr_serializable *KEY
|
|
9
|
+
|
|
10
|
+
def set_value(key_name, val)
|
|
11
|
+
case key_name
|
|
12
|
+
when 'resources'
|
|
13
|
+
Resource.wrap(val)
|
|
14
|
+
else
|
|
15
|
+
val
|
|
16
|
+
end
|
|
17
|
+
end
|
|
18
|
+
end
|
|
19
|
+
end
|