regscale-cli 6.16.0.0__py3-none-any.whl

regscale/models/regscale_models/leveraged_authorization.py

@@ -0,0 +1,125 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+"""Model for Leveraged Authorizations in the application"""
+from enum import Enum
+from typing import Optional, Union
+from urllib.parse import urljoin
+
+from pydantic import field_validator, Field, ConfigDict
+
+from regscale.core.app.api import Api
+from regscale.core.app.application import Application
+from regscale.core.app.utils.app_utils import get_current_datetime
+from .regscale_model import RegScaleModel
+
+
+class NatureOfAgreement(str, Enum):
+    """Asset Status Enum"""
+
+    EULA = "End User Licensing Agreement (EULA)"
+    SLA = "Service Level Agreement (SLA)"
+    LicenseAgreement = "License Agreement"
+    Contract = "Contract"
+    Other = "Other"
+
+    def __str__(self):
+        return self.value
+
+
+class ImpactLevel(str, Enum):
+    """Asset Status Enum"""
+
+    LowSaaS = "Low Impact SaaS"
+    Low = "Low"
+    Moderate = "Moderate"
+    High = "High"
+    NonAuthorized = "Non-Authorized Cloud Service Provider (CSP)"
+
+    def __str__(self):
+        return self.value
+
+
+class LeveragedAuthorization(RegScaleModel):
+    """LeveragedAuthorizations model."""
+
+    _module_slug = "leveraged-authorization"
+    _get_objects_for_list = True
+
+    id: Optional[int] = 0
+    isPublic: Optional[bool] = True
+    uuid: Optional[str] = None
+    title: str
+    fedrampId: Optional[str] = None
+    ownerId: str
+    securityPlanId: int
+    natureOfAgreement: Union[NatureOfAgreement, str] = NatureOfAgreement.Other
+    impactLevel: Union[ImpactLevel, str] = ImpactLevel.Low
+    dateAuthorized: Optional[str] = None
+    description: Optional[str] = None
+    dataTypes: Optional[str] = None
+    servicesUsed: Optional[str] = None
+    authenticationType: Optional[str] = None
+    authorizedUserTypes: Optional[str] = None
+    authorizationType: Optional[str] = None  # not to be confused with authenticationType
+    securityPlanLink: Optional[str] = ""
+    crmLink: Optional[str] = ""
+    responsibilityAndInheritanceLink: Optional[str] = ""
+    createdById: str = Field(default_factory=RegScaleModel.get_user_id)
+    dateCreated: Optional[str] = Field(default_factory=get_current_datetime)
+    lastUpdatedById: str = Field(default_factory=RegScaleModel.get_user_id)
+    dateLastUpdated: Optional[str] = Field(default_factory=get_current_datetime)
+    tenantsId: Optional[int] = 1
+
+    @staticmethod
+    def _get_additional_endpoints() -> ConfigDict:
+        """
+        Get additional endpoints for the PortsProtocols model.
+
+        :return: A dictionary of additional endpoints
+        :rtype: ConfigDict
+        """
+        return ConfigDict(  # type: ignore
+            get_all_by_parent="/api/{model_slug}/getAllByParent/{intParentID}",
+        )
+
+    @classmethod
+    @field_validator(
+        "crmLink",
+        "responsibilityAndInheritanceLink",
+        "securityPlanLink",
+        mode="before",
+        check_fields=True,
+    )
+    def validate_fields(cls, value: Optional[str]) -> str:
+        """
+        Validate the CRM link, responsibility and inheritance link, and security plan link.
+
+        :param Optional[str] value: The field value.
+        :return: The validated field value or empty string.
+        :rtype: str
+        """
+        if not value:
+            value = ""
+        return value
+
+    @staticmethod
+    def insert_leveraged_authorizations(app: Application, leveraged_auth: "LeveragedAuthorization") -> dict:
+        """
+        Insert a leveraged authorization into the database.
+
+        :param Application app: The application instance.
+        :param LeveragedAuthorization leveraged_auth: The leveraged authorization to insert.
+        :return: The response from the API or raise an exception
+        :rtype: dict
+        """
+        api = Api()
+
+        # Construct the URL by joining the domain and endpoint
+        url = urljoin(app.config.get("domain"), "/api/leveraged-authorization")
+        # Convert the Pydantic model to a dictionary
+        data = leveraged_auth.dict()
+        # Make the POST request to insert the data
+        response = api.post(url, json=data)
+
+        # Check for success and handle the response as needed
+        return response.json() if response.ok else response.raise_for_status()

regscale/models/regscale_models/line_of_inquiry.py

@@ -0,0 +1,52 @@
+from enum import Enum
+from typing import Optional, Union
+
+from pydantic import Field, ConfigDict
+
+from regscale.core.app.utils.app_utils import get_current_datetime
+from regscale.models.regscale_models import RegScaleModel
+
+
+class LoIType(str, Enum):
+    """Lines of Inquiry Type Enum"""
+
+    Audit = "Audit Question"
+    Data = "Data Collection"
+
+
+class LinesOfInquiry(RegScaleModel):
+    """Lines of Inquiry Model"""
+
+    _module_slug = "lines-of-inquiry"
+    _unique_fields = ["id"]
+    _parent_id_field = "assessmentPlanId"
+
+    id: int = 0
+    isPublic: bool = True
+    uuid: Optional[str] = None
+    inquiry: Optional[str] = None
+    requirement: Optional[str] = None
+    assessmentPlanId: int = 0
+    weight: Optional[int] = 1
+    lineType: Union[LoIType, str] = LoIType.Audit
+    dataType: Optional[str] = Field(default_factory=get_current_datetime)
+    choiceList: Optional[str] = None
+    requiresScoring: bool = True
+    createdBy: Optional[str] = None
+    createdById: Optional[str] = Field(default_factory=RegScaleModel.get_user_id)
+    dateCreated: Optional[str] = Field(default_factory=get_current_datetime)
+    lastUpdatedBy: Optional[str] = None
+    lastUpdatedById: Optional[str] = Field(default_factory=RegScaleModel.get_user_id)
+    dateLastUpdated: Optional[str] = Field(default_factory=get_current_datetime)
+
+    @staticmethod
+    def _get_additional_endpoints() -> ConfigDict:
+        """
+        Get additional endpoints for the Components model.
+
+        :return: A dictionary of additional endpoints
+        :rtype: ConfigDict
+        """
+        return ConfigDict(  # type: ignore
+            get_all_by_parent="/api/{model_slug}/getAllByParent/{intAssessmentID}",
+        )

regscale/models/regscale_models/link.py

@@ -0,0 +1,205 @@
+"""Model for a RegScale Link"""
+
+import warnings
+from concurrent.futures import ThreadPoolExecutor, as_completed
+from typing import List, Optional
+
+from pydantic import ConfigDict, Field
+from requests import JSONDecodeError, Response
+
+from regscale.core.app.api import Api
+from regscale.core.app.application import Application
+from regscale.core.app.logz import create_logger
+from regscale.core.app.utils.app_utils import get_current_datetime
+from .regscale_model import RegScaleModel
+
+
+class Link(RegScaleModel):
+    _module_slug = "links"
+    _unique_fields = [
+        ["title", "parentID", "parentModule"],
+    ]
+    _parent_id_field = "parentID"
+
+    id: Optional[int] = 0
+    url: str
+    title: str
+    createdById: Optional[str] = Field(default_factory=RegScaleModel.get_user_id)
+    dateCreated: Optional[str] = Field(default_factory=get_current_datetime)
+    lastUpdatedById: Optional[str] = Field(default_factory=RegScaleModel.get_user_id)
+    isPublic: bool = True
+    parentID: Optional[int] = None
+    parentModule: Optional[str] = None
+    tenantsId: Optional[int] = None
+    dateLastUpdated: Optional[str] = Field(default_factory=get_current_datetime)
+    otherAttributes: Optional[str] = None
+    externalId: Optional[str] = None
+
+    @staticmethod
+    def _get_additional_endpoints() -> ConfigDict:
+        """
+        Get additional endpoints for the Links model.
+
+        :return: A dictionary of additional endpoints
+        :rtype: ConfigDict
+        """
+        return ConfigDict(
+            get_all_by_part="/api/{model_slug}/getAllByPart/{intParentID}/{strModule}/{strType}/{strPart}",
+            get_all_from_list="/api/{model_slug}/getAllFromList",
+            batch_create="/api/{model_slug}/batchCreate",
+            batch_update="/api/{model_slug}/batchUpdate",
+        )
+
+    def __hash__(self) -> hash:
+        """
+        Enable object to be hashable
+
+        :return: Hashed Link
+        :rtype: hash
+        """
+        return hash(
+            (
+                self.title,
+                self.parentID,
+                self.parentModule,
+                self.url,
+            )
+        )
+
+    def __eq__(self, other: "Link") -> bool:
+        """
+        Determine if two Links are equal
+
+        :param Link other: Link Object to compare to
+        :return: True if equal
+        :rtype: bool
+        """
+        return (
+            self.title == other.title
+            and self.parentID == other.parentID
+            and self.parentModule == other.parentModule
+            and self.url == other.url
+        )
+
+    @staticmethod
+    def update_link(app: Application, link: "Link") -> Optional["Link"]:
+        """
+        Update a Link in RegScale via API
+
+        :param Application app: Application
+        :param Link link: Link to update
+        :return: Updated Link
+        :rtype: Optional[Link]
+        """
+        warnings.warn(
+            "This function is deprecated and will be removed in the future. Use Link.save() instead.",
+            DeprecationWarning,
+            stacklevel=2,
+        )
+        api = Api()
+        link_id = link.id
+
+        response = api.put(app.config["domain"] + f"/api/links/{link_id}", json=link.dict())
+        if response.status_code == 200:
+            try:
+                link = Link(**response.json())
+            except JSONDecodeError:
+                link = None
+        return link
+
+    @staticmethod
+    def bulk_insert(api: Api, links: List["Link"], thread_count: Optional[int] = 10) -> List[Response]:
+        """
+        Bulk insert Links to the RegScale API
+
+        :param Api api: RegScale API
+        :param List[Link] links: List of links to insert
+        :param Optional[int] thread_count: Number of threads to use, defaults to 10
+        :return: List of Responses from RegScale API
+        :rtype: List[Response]
+        """
+        warnings.warn(
+            "This function is deprecated and will be removed in the future. Use Link.batch_create() instead.",
+            DeprecationWarning,
+            stacklevel=2,
+        )
+
+        app = api.app
+        results = []
+
+        # use threadpoolexecutor to speed up inserts
+        with ThreadPoolExecutor(max_workers=thread_count) as executor:
+            futures = [
+                executor.submit(
+                    Link.insert_link,
+                    app,
+                    link,
+                )
+                for link in links
+            ]
+            for future in as_completed(futures):
+                results.append(future.result())
+        return results
+
+    @staticmethod
+    def insert_link(app: Application, link: "Link") -> "Link":
+        """
+        Insert a Link into RegScale
+
+        :param Application app: Application
+        :param Link link: Link to insert
+        :return: Inserted Link
+        :rtype: Link
+        """
+        warnings.warn(
+            "This function is deprecated and will be removed in the future. Use Link.create() instead.",
+            DeprecationWarning,
+            stacklevel=2,
+        )
+        api = Api()
+        logger = create_logger()
+        response = api.post(app.config["domain"] + "/api/links", json=link.dict())
+        if response.status_code == 200:
+            try:
+                link = Link(**response.json())
+            except JSONDecodeError as jex:
+                logger.error("Unable to read link:\n%s", jex)
+                link = None
+        else:
+            logger.warning("Unable to insert link: %s", link.title)
+        return link
+
+    @staticmethod
+    def fetch_links_by_parent(
+        app: Application,
+        regscale_id: int,
+        regscale_module: str,
+    ) -> List["Link"]:
+        """
+        Fetch Links by Parent ID and Module
+
+        :param Application app: Application
+        :param int regscale_id: RegScale ID
+        :param str regscale_module: RegScale Module
+        :return: List of Links
+        :rtype: List[Link]
+        """
+        api = Api()
+        body = f"""
+            query {{
+                links(take: 50, skip: 0, where: {{ parentModule: {{eq: "{regscale_module}"}} parentID: {{eq: {regscale_id}}}
+                }}) {{
+                items {{
+                    {Link.build_graphql_fields()}
+                }},
+                pageInfo {{
+                    hasNextPage
+                }}
+                ,totalCount}}
+            }}
+        """
+        try:
+            existing_regscale_links = api.graph(query=body)["links"]["items"]
+        except (JSONDecodeError, KeyError):
+            existing_regscale_links = []
+        return [Link(**link) for link in existing_regscale_links]

regscale/models/regscale_models/meta_data.py

@@ -0,0 +1,64 @@
+"""Metadata model for RegScale"""
+
+from typing import List, Optional
+
+from pydantic import Field, ConfigDict
+
+from regscale.core.app.utils.app_utils import get_current_datetime
+from .regscale_model import RegScaleModel
+
+
+class Metadata(RegScaleModel):
+    """RegScale Metadata class"""
+
+    _module_slug = "metadata"
+
+    id: Optional[int] = None
+    isPublic: bool = True  # Required as boolean
+    active: bool = True  # Required as boolean
+    readOnly: bool = False  # Required as boolean
+    field: Optional[str] = None
+    value: Optional[str] = None
+    type: Optional[str] = None
+    module: Optional[str] = None
+    tenantsId: int = 1
+    lastUpdatedById: Optional[str] = None
+    createdById: Optional[str] = None
+    dateCreated: str = Field(default_factory=get_current_datetime)  # Required as string
+    dateLastUpdated: str = Field(default_factory=get_current_datetime)  # Required as string
+    dateLastUpdated: str = Field(default_factory=get_current_datetime)  # Required as string
+    mappedValue: Optional[str] = None
+    externalKey: Optional[str] = None
+
+    @staticmethod
+    def _get_additional_endpoints() -> ConfigDict:
+        """
+        Get additional endpoints for the Metadata model.
+
+        :return: A dictionary of additional endpoints
+        :rtype: ConfigDict
+        """
+        return ConfigDict(
+            get_all_grouped="/api/{model_slug}/getAllGrouped",
+            filter_metadata="/api/{model_slug}/filterMetadata/{strModule}/{strField}/{strSortBy}/{strDirection}/{intPage}/{intPageSize}",
+            get_metadata_by_module_field="/api/{model_slug}/getMetadata/{strModule}/{strField}",
+            get_metadata_by_module="/api/{model_slug}/getMetadata/{strModule}",
+            get_seeding_options="/api/{model_slug}/getSeedingOptions",
+            reseed="/api/{model_slug}/reseed/{strModule}",
+            toggle_metadata="/api/{model_slug}/toggleMetadata/{intId}/{bToggle}",
+        )
+
+    @classmethod
+    def get_metadata_by_module_field(cls, module: str, field: str) -> List["Metadata"]:
+        """
+        Retrieves metadata by module and field.
+
+        :param str module: The module
+        :param str field: The field
+        :return: A list of metadata or None
+        :rtype: List[Metadata]
+        """
+        response = cls._get_api_handler().get(
+            endpoint=cls.get_endpoint("get_metadata_by_module_field").format(strModule=module, strField=field)
+        )
+        return cls._handle_list_response(response)

regscale/models/regscale_models/mixins/parent_cache.py

@@ -0,0 +1,124 @@
+"""
+This module contains the PlanCacheMixin class, which provides caching functionality for objects associated with security plans.
+
+The PlanCacheMixin is a generic class that can be used with any model that has a security plan ID. It offers methods to populate a cache of objects by plan ID and retrieve all objects for a given plan ID.
+
+Classes that inherit from PlanCacheMixin should define two class variables:
+- _graph_query_name: A string representing the name of the GraphQL query for the objects.
+- _graph_plan_id_path: A dot notation string representing the path to the security plan ID in the GraphQL response.
+
+Example usage:
+    class AssetMapping(PlanCacheMixin["AssetMapping"]):
+        _graph_query_name = "assetMappings"
+        _graph_plan_id_path = "component.securityPlanId"
+
+This mixin is designed to work with the RegScale API and assumes the existence of certain methods like cache_object.
+"""
+
+import logging
+from typing import Dict, List, TypeVar, Generic, cast, Type, ClassVar
+
+logger = logging.getLogger("regscale")
+
+
+T = TypeVar("T", bound="PlanCacheMixin")
+
+
+class PlanCacheMixin(Generic[T]):
+    """
+    Mixin for caching objects by plan ID.
+
+    This mixin is designed to be used with classes that have a security plan ID.
+    It provides a method to populate a cache of objects by plan ID and a method to get all objects for a given plan ID.
+
+    Example:
+    class AssetMapping(PlanCacheMixin["AssetMapping"]):
+        _graph_query_name = "assetMappings"
+        _graph_plan_id_path = "component.securityPlanId"
+    """
+
+    _graph_query_name: ClassVar[str]  # Example: "assetMappings"
+    _graph_plan_id_path: ClassVar[str]  # Example: "component.securityPlanId"
+
+    @classmethod
+    def populate_cache_by_plan(cls: Type[T], plan_id: int) -> None:
+        """
+        Populate the parent cache using the get_plan_objects method.
+
+        :param int plan_id: Security Plan ID
+        :rtype: None
+        """
+        objects = cls.get_plan_objects(plan_id)
+        for obj in objects:
+            cls.cache_object(obj)
+        logger.info("Cached %s %s objects", len(objects), cls.__name__)
+
+    @classmethod
+    def get_plan_objects(cls: Type[T], plan_id: int) -> List[T]:
+        """
+        Get all objects for a given plan ID.
+
+        :param int plan_id: Security Plan ID
+        :return: Objects for a given plan ID
+        :rtype: List[T]
+        """
+        plan_id_field = cls._graph_plan_id_path
+
+        # Parse the dot notation to build the where statement
+        where_parts = plan_id_field.split(".")
+        where_statement = ": {".join(where_parts) + f": {{eq: {plan_id}}}" + "}" * (len(where_parts) - 1)
+
+        search_query = f"""query {{
+            {cls._graph_query_name}(skip: 0, take: 50, where: {{{where_statement}}}) {{
+                items {{
+                    {cls.build_graphql_fields()}
+                }}
+                totalCount
+                pageInfo {{
+                    hasNextPage
+                }}
+            }}
+        }}"""
+        response = cls._get_api_handler().graph(query=search_query)
+        objects = cast(List[T], cls._handle_graph_response(response))
+        return objects
+
+    @classmethod
+    def build_graphql_fields(cls) -> str:
+        """
+        Build GraphQL fields for the query.
+
+        :return: GraphQL fields
+        :rtype: str
+        """
+        raise NotImplementedError("Subclasses must implement build_graphql_fields")
+
+    @classmethod
+    def cache_object(cls, obj: T) -> None:
+        """
+        Cache an object.
+
+        :param T obj: Object to cache
+        :rtype: None
+        """
+        raise NotImplementedError("Subclasses must implement cache_object")
+
+    @classmethod
+    def _handle_graph_response(cls, response: Dict) -> List[T]:
+        """
+        Handle GraphQL response.
+
+        :param Dict response: GraphQL response
+        :return: List of objects
+        :rtype: List[T]
+        """
+        raise NotImplementedError("Subclasses must implement _handle_graph_response")
+
+    @property
+    def _api_handler(self):
+        """
+        Get API handler.
+
+        :return: API handler
+        """
+        raise NotImplementedError("Subclasses must implement _api_handler")