regscale-cli 6.16.0.0__py3-none-any.whl

regscale/models/regscale_models/control_objective.py

@@ -0,0 +1,261 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+"""Control Objective Model"""
+from collections import defaultdict
+from typing import Any, Optional
+
+from pydantic import Field, ConfigDict
+
+from regscale.core.app.utils.app_utils import get_current_datetime
+from regscale.models.regscale_models.regscale_model import RegScaleModel
+
+
+class ControlObjective(RegScaleModel):
+    """RegScale Control Objective"""
+
+    _module_slug = "controlObjectives"
+    _unique_fields = [
+        ["securityControlId", "name"],
+    ]
+
+    id: int = 0
+    uuid: Optional[str] = None
+    name: str
+    description: str
+    otherId: str = ""  # API does not return if None
+    archived: bool = False
+    securityControlId: int
+    dateCreated: str = Field(default_factory=get_current_datetime)
+    dateLastUpdated: str = Field(default_factory=get_current_datetime)
+    objectiveType: str = "objective"
+
+    @staticmethod
+    def _get_additional_endpoints() -> ConfigDict:
+        """
+        Get additional endpoints for the ControlObjective
+
+        :return: Additional endpoints for the ControlObjective
+        :rtype: ConfigDict
+        """
+        return ConfigDict(
+            get_all_by_parent="/api/{model_slug}/getByControl/{intParentID}",
+            insert="/api/{model_slug}",
+            get_by_catalog="/api/{model_slug}/getByCatalog/{catalogId}",
+            get_by_catalogue="/api/{model_slug}/getByCatalogue/{catalogId}",
+            # Note: This is identical to get_by_catalog, might be redundant
+            get_by_control="/api/{model_slug}/getByControl/{controlId}",
+            batch_create="/api/{model_slug}/batchCreate",
+        )  # type: ignore
+
+    @classmethod
+    def get_by_catalog(cls, catalog_id: int) -> list["ControlObjective"]:
+        """
+        Get a list of objects by catalog.
+
+        :param int catalog_id: The ID of the catalog
+        :return: A list of objects
+        :rtype: list["ControlObjective"]
+        """
+        endpoint = cls.get_endpoint("get_by_catalog").format(catalogId=catalog_id)
+        return cls._handle_list_response(cls._get_api_handler().get(endpoint))
+
+    @classmethod
+    def get_by_catalogue(cls, catalog_id: int) -> list["ControlObjective"]:
+        """
+        Get a list of objects by catalogue.
+
+        :param int catalog_id: The ID of the catalogue
+        :return: A list of objects
+        :rtype: list["ControlObjective"]
+        """
+
+        return cls.get_by_catalog(cls, catalog_id)
+
+    @classmethod
+    def get_by_control(cls, control_id: int) -> list["ControlObjective"]:
+        """
+        Get a list of objects by control.
+
+        :param int control_id: The ID of the control
+        :return: A list of objects
+        :rtype: list["ControlObjective"]
+        """
+        endpoint = cls.get_endpoint("get_by_control").format(controlId=control_id)
+        return cls._handle_list_response(cls._get_api_handler().get(endpoint))
+
+    @staticmethod
+    def from_dict(obj: Any) -> "ControlObjective":
+        """
+        Create ControlObjective object from dict
+
+        :param Any obj: Dictionary
+        :return: ControlObjective class from provided dict
+        :rtype: ControlObjective
+        """
+        _securityControlId = int(obj.get("securityControlId", 0))
+        _id = int(obj.get("id", 0))
+        _uuid = str(obj.get("uuid"))
+        _name = str(obj.get("name"))
+        _description = str(obj.get("description"))
+        _otherId = str(obj.get("otherId"))
+        _objectiveType = str(obj.get("objectiveType"))
+        _archived = False
+        return ControlObjective(
+            _securityControlId,
+            _id,
+            _uuid,
+            _name,
+            _description,
+            _otherId,
+            _objectiveType,
+            _archived,
+        )
+
+    @classmethod
+    def fetch_control_objectives_by_other_id(
+        cls, parent_id: int, other_id_contains: str, skip: int = 0, take: int = 50
+    ) -> list["ControlObjective"]:
+        """
+        Fetch control objectives by other ID.
+
+        :param int parent_id: The ID of the parent
+        :param str other_id_contains: The other ID to search for
+        :param int skip: Number of items to skip
+        :param int take: Number of items to take
+        :return: A list of control objectives
+        :rtype: list["ControlObjective"]
+        """
+
+        query = f"""
+            query GetControlImplementations() {{
+                controlImplementations(
+                    skip: {skip}, take: {take}, where: {{
+                        parentId: {{eq: {parent_id}}},
+                        control: {{
+                            controlObjectives: {{
+                                some: {{
+                                    otherId: {{
+                                        contains: "{other_id_contains}"
+                                    }}
+                                }}
+                            }}
+                        }}
+                    }}
+                ) {{
+                items {{
+                    id
+                    control {{
+                        id,
+                        controlObjectives {{
+                            id
+                            uuid
+                            name
+                            description
+                            otherId
+                            archived
+                            securityControlId
+                            dateCreated
+                            dateLastUpdated
+                            objectiveType
+                        }}
+                    }}
+                }}
+                pageInfo {{
+                    hasNextPage
+                }}
+                totalCount
+                }}
+            }}
+        """
+
+        response = cls._get_api_handler().graph(query)
+        control_objectives: list["ControlObjective"] = []
+        if "controlImplementations" in response:
+            # Extract controlObjectives from each control in the controlImplementations
+            for item in response["controlImplementations"]["items"]:
+                for objective in item["control"]["controlObjectives"]:
+                    if (
+                        other_id_contains in objective["otherId"]
+                    ):  # API_PROBLEM: Hack to fix broken API returning too many results
+                        if control_objective := cls(**objective):
+                            control_objectives.append(control_objective)
+        return control_objectives
+
+    @classmethod
+    def fetch_control_objectives_by_name(
+        cls, parent_id: int, name_contains: str, skip: int = 0, take: int = 50
+    ) -> list["ControlObjective"]:
+        """
+        Fetch control objectives by other ID.
+
+        :param int parent_id: The ID of the parent
+        :param str name_contains: The name to search for
+        :param int skip: Number of items to skip
+        :param int take: Number of items to take
+        :return: A list of control objectives
+        :rtype: list["ControlObjective"]
+        """
+
+        query = f"""
+            query GetControlImplementations() {{
+                controlImplementations(
+                    skip: {skip}, take: {take}, where: {{
+                        parentId: {{eq: {parent_id}}},
+                        control: {{
+                            controlObjectives: {{
+                                some: {{
+                                    name: {{
+                                        contains: "{name_contains}"
+                                    }}
+                                }}
+                            }}
+                        }}
+                    }}
+                ) {{
+                items {{
+                    id
+                    control {{
+                        id,
+                        controlObjectives {{
+                            id
+                            uuid
+                            name
+                            description
+                            otherId
+                            archived
+                            securityControlId
+                            dateCreated
+                            dateLastUpdated
+                            objectiveType
+                        }}
+                    }}
+                }}
+                pageInfo {{
+                    hasNextPage
+                }}
+                totalCount
+                }}
+            }}
+        """
+
+        response = cls._get_api_handler().graph(query)
+        control_objectives: list["ControlObjective"] = []
+        if "controlImplementations" in response:
+            # Extract controlObjectives from each control in the controlImplementations
+            for item in response["controlImplementations"]["items"]:
+                for objective in item["control"]["controlObjectives"]:
+                    if name_contains in objective["name"]:  # TODO: Hack to fix broken API returning too many results
+                        control_objectives.append(cls(**objective))
+        return control_objectives
+
+
+def map_ccis_to_control_ids(parent_id: int) -> dict:
+    ccis_to_control_ids: dict[str, set[int]] = defaultdict(set)
+    objectives = ControlObjective.fetch_control_objectives_by_other_id(parent_id=parent_id, other_id_contains="CCI-")
+
+    for objective in objectives:
+        cci_ids = objective.otherId.split(",")
+        for cci_id in cci_ids:
+            ccis_to_control_ids[cci_id.strip()].add(objective.securityControlId)
+
+    return ccis_to_control_ids

regscale/models/regscale_models/control_parameter.py

@@ -0,0 +1,100 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+"""Model for Control Parameter in the application"""
+import warnings
+from typing import Optional, List
+from urllib.parse import urljoin
+
+from pydantic import Field, ConfigDict
+
+from regscale.core.app.api import Api
+from regscale.core.app.application import Application
+from regscale.core.app.utils.api_handler import APIInsertionError
+from regscale.core.app.utils.app_utils import get_current_datetime
+from regscale.models.regscale_models.regscale_model import RegScaleModel
+
+
+class ControlParameter(RegScaleModel):
+    """
+    ControlParameter class
+    """
+
+    _module_slug = "controlParameters"
+    _module_string = "controlparameter"
+    _unique_fields = [
+        ["parameterId", "securityControlId"],
+    ]
+
+    id: Optional[int] = 0
+    uuid: Optional[str] = None
+    text: str = ""
+    parameterId: Optional[str] = None
+    otherId: Optional[str] = None
+    securityControlId: Optional[int] = None
+    archived: bool = False
+    createdById: Optional[str] = Field(default_factory=RegScaleModel.get_user_id)
+    dateCreated: Optional[str] = Field(default_factory=get_current_datetime)
+    lastUpdatedById: Optional[str] = Field(default_factory=RegScaleModel.get_user_id)
+    dateLastUpdated: Optional[str] = Field(default_factory=get_current_datetime)
+    tenantsId: Optional[int] = 1
+    dataType: Optional[str] = None
+    isPublic: bool = True
+    default: Optional[str] = None
+    displayName: str = ""
+
+    @staticmethod
+    def _get_additional_endpoints() -> ConfigDict:
+        """
+        Get additional endpoints for the ControlParameter
+
+        :return: Additional endpoints for the ControlParameter
+        :rtype: ConfigDict
+        """
+        return ConfigDict(  # type: ignore
+            get_all_by_parent="/api/{model_slug}/getByControl/{intParentID}",
+            get_by_control="/api/{model_slug}/getByControl/{id}",
+            create="/api/{model_slug}",
+            batch_create="/api/{model_slug}/batchCreate",
+        )
+
+    @classmethod
+    def get_by_control(cls, control_id: int) -> Optional[List["ControlParameter"]]:
+        """
+        Get a list of control parameters by control ID
+        :param int control_id:
+        :return: Optional[List["ControlParameter"]]
+        :rtype: Optional[List["ControlParameter"]]
+        """
+        endpoint = cls.get_endpoint("get_by_control").format(id=control_id)
+        response = cls._get_api_handler().get(endpoint=endpoint)
+        if response and response.ok:
+            return [cls(**item) for item in response.json()]
+        return None
+
+    def insert_parameter(self, app: Application) -> dict:
+        """
+        DEPRECATED: Insert a new control parameter
+
+        :param Application app: Application object
+        :raises APIInsertionError: If the API request fails
+        :return: JSON response as a dictionary
+        :rtype: dict
+        """
+        warnings.warn(
+            "The 'insert_parameter' method is deprecated, use 'create' method instead",
+            DeprecationWarning,
+        )
+
+        # Convert the model to a dictionary
+        api = Api()
+        data = self.dict()
+        api_url = urljoin(app.config["domain"], "/api/controlparameters")
+        # Make the API call
+        response = api.post(api_url, json=data)
+
+        # Check the response
+        if not response.ok:
+            print(response.text)
+            raise APIInsertionError(f"API request failed with status {response.status_code}")
+
+        return response.json()

regscale/models/regscale_models/control_test.py

@@ -0,0 +1,34 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+"""Model for Control Test in the application"""
+import uuid
+
+from pydantic import ConfigDict, Field
+
+from regscale.models.regscale_models.regscale_model import RegScaleModel
+
+
+class ControlTest(RegScaleModel):
+    """Properties plan model"""
+
+    _module_slug = "controltests"
+    _unique_fields = [
+        ["uuid"],
+    ]
+    _parent_id_field = "parentControlId"
+
+    uuid: str = Field(default_factory=lambda: str(uuid.uuid4()))
+    isPublic: bool = True
+    testCriteria: str
+    parentControlId: int
+    parentRequirementId: int = 0
+
+    @staticmethod
+    def _get_additional_endpoints() -> ConfigDict:
+        """
+        Function to get additional endpoints for the ControlTest model
+
+        :return: Additional endpoints for the ControlTest model
+        :rtype: ConfigDict
+        """
+        return ConfigDict(get_all_by_parent="/api/{model_slug}/getByControl/{intParentID}")  # type: ignore

regscale/models/regscale_models/control_test_plan.py

@@ -0,0 +1,75 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+"""Model for Control Test Plan in the application"""
+import warnings
+from typing import Optional
+from urllib.parse import urljoin
+
+from pydantic import ConfigDict
+
+from regscale.core.app.api import Api
+from regscale.core.app.application import Application
+from regscale.core.app.utils.api_handler import APIInsertionError
+from regscale.models.regscale_models.regscale_model import RegScaleModel
+
+
+class ControlTestPlan(RegScaleModel):
+    """
+    ControlTestPlan class
+    """
+
+    _module_slug = "controlTestPlans"
+    _module_string = "controltestplan"
+
+    id: int = 0
+    uuid: Optional[str] = None
+    test: Optional[str] = None
+    testId: Optional[str] = None
+    securityControlId: Optional[int] = None
+    archived: bool = False
+    createdById: Optional[str] = None
+    dateCreated: Optional[str] = None
+    lastUpdatedById: Optional[str] = None
+    dateLastUpdated: Optional[str] = None
+    tenantsId: Optional[int] = None
+    isPublic: bool = True
+
+    @staticmethod
+    def _get_additional_endpoints() -> ConfigDict:
+        """
+        Get additional endpoints for the ControlTestPlan
+
+        :return: Additional endpoints for the ControlTestPlan
+        :rtype: ConfigDict
+        """
+        return ConfigDict(  # type: ignore
+            get_all_by_parent="/api/{model_slug}/getByControl/{intParentID}",
+        )
+
+    def insert_controltestplan(self, app: Application) -> dict:
+        """
+        Insert a ControlTestPlan into the database
+
+        :param Application app: Application object
+        :raises APIInsertionError: API request failed
+        :return: JSON response
+        :rtype: dict
+        """
+        warnings.warn(
+            "The 'insert_controltestplan' method is deprecated, use 'create' method instead",
+            DeprecationWarning,
+        )
+
+        # Convert the model to a dictionary
+        api = Api()
+        data = self.dict()
+        api_url = urljoin(app.config["domain"], "/api/controltestplans")
+        # Make the API call
+        response = api.post(api_url, json=data)
+
+        # Check the response
+        if not response.ok:
+            print(response.text)
+            raise APIInsertionError(f"API request failed with status {response.status_code}")
+
+        return response.json()

regscale/models/regscale_models/control_test_result.py

@@ -0,0 +1,52 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+"""Model for Control Test Results in the application"""
+from enum import Enum
+from typing import Optional
+
+from pydantic import ConfigDict
+
+from regscale.models.regscale_models.regscale_model import RegScaleModel
+
+
+class ControlTestResultStatus(str, Enum):
+    """Control Test Statuses"""
+
+    FAIL = "Fail"
+    PASS = "Pass"
+    NOT_APPLICABLE = "Not Applicable"
+    NOT_REVIEWED = "Not Reviewed"
+
+
+class ControlTestResult(RegScaleModel):
+    """Control Test Results model"""
+
+    _module_slug = "controltestresults"
+
+    id: Optional[int] = None
+    is_public: bool = True
+    result: ControlTestResultStatus
+    uuid: Optional[str] = None
+    observations: Optional[str] = None
+    gaps: Optional[str] = None
+    evidence: Optional[str] = None
+    bIssue: Optional[bool] = None
+    originalRisk: Optional[str] = None
+    identifiedRisk: Optional[str] = None
+    likelihood: Optional[str] = None
+    impact: Optional[str] = None
+    recommendationForMitigation: Optional[str] = None
+    dateAssessed: Optional[str] = None
+    assessedById: Optional[str] = None
+    parentTestId: Optional[int] = None
+    parentAssessmentId: Optional[int] = None
+
+    @staticmethod
+    def _get_additional_endpoints() -> ConfigDict:
+        """
+        Get additional endpoints for the ControlTestResults model
+
+        :return: Additional endpoints for the ControlTestResults model
+        :rtype: ConfigDict
+        """
+        return ConfigDict(get_by_parent="/api/{model_slug}/getByAssessment/{intParentID}")  # type: ignore