regscale-cli 6.19.0.1__py3-none-any.whl → 6.19.1.0__py3-none-any.whl

regscale/__init__.py

@@ -1 +1 @@
-__version__ = "6.19.0.1"
+__version__ = "6.19.1.0"

regscale/core/app/utils/app_utils.py

@@ -642,7 +642,7 @@ def save_to_json(file: Path, data: Any, output_log: bool) -> None:
         with open(file, "w", encoding="utf-8") as outfile:
             outfile.write(str(data))
     if output_log:
-        logger.info("Data successfully saved to %s", file.absolute())
+        logger.info("Data successfully saved to %s", file.name)
 
 
 def save_data_to(file: Path, data: Any, output_log: bool = True, transpose_data: bool = True) -> None:

regscale/integrations/commercial/tenablev2/commands.py

@@ -30,12 +30,17 @@ from regscale.integrations.commercial.tenablev2.jsonl_scanner import TenableSCJs
 from regscale.integrations.commercial.tenablev2.sc_scanner import SCIntegration
 from regscale.integrations.commercial.tenablev2.variables import TenableVariables
 from regscale.models import regscale_id, regscale_ssp_id
-from regscale.models.app_models.click import save_output_to, file_types
-from regscale.models.regscale_models.security_plan import SecurityPlan
+from regscale.models.app_models.click import file_types, hidden_file_path, save_output_to
+from regscale.models.regscale_models import SecurityPlan
 
 logger = logging.getLogger("regscale")
 console = Console()
 artifacts_dir = "./artifacts"
+REGSCALE_INC = "RegScale, Inc."
+REGSCALE_CLI = "RegScale CLI"
+FULLY_IMPLEMENTED = "Fully Implemented"
+NOT_IMPLEMENTED = "Not Implemented"
+IN_REMEDIATION = "In Remediation"
 
 
 # Define a helper function for gen_client to replace the original one
@@ -146,7 +151,7 @@ def io_sync_assets(regscale_ssp_id: int, tags: List[Tuple[str, str]] = None):
         from regscale.integrations.commercial.tenablev2.scanner import TenableIntegration
 
         integration = TenableIntegration(plan_id=regscale_ssp_id, tags=tags)
-        integration.sync_assets()
+        integration.sync_assets(plan_id=regscale_ssp_id)
 
         console.print("[bold green]Tenable.io asset synchronization complete.[/bold green]")
     except Exception as e:
@@ -185,7 +190,7 @@ def io_sync_findings(
         from regscale.integrations.commercial.tenablev2.scanner import TenableIntegration
 
         integration = TenableIntegration(plan_id=regscale_ssp_id, tags=tags, scan_date=scan_date)
-        integration.sync_findings(severity=severity)
+        integration.sync_findings(plan_id=regscale_ssp_id, severity=severity)
 
         console.print("[bold green]Tenable.io finding synchronization complete.[/bold green]")
     except Exception as e:
@@ -768,6 +773,31 @@ def sync_jsonl(
         logger.error(f"Error in Tenable SC JSONL sync: {str(e)}", exc_info=True)
 
 
+@io.command(name="sync_compliance_controls")
+@regscale_ssp_id()
+@click.option(
+    "--catalog_id",
+    type=click.INT,
+    help="The ID number from RegScale Catalog that the System Security Plan's controls belong to",
+    prompt="Enter RegScale Catalog ID",
+    required=True,
+)
+@click.option(
+    "--framework",
+    required=True,
+    type=click.Choice(["800-53", "800-53r5", "CSF", "800-171"], case_sensitive=True),
+    help="The framework to use. from Tenable.io frameworks MUST be the same RegScale Catalog of controls",
+)
+@hidden_file_path(help="The file path to load control data instead of fetching from Tenable.io")
+def sync_compliance_data(regscale_ssp_id: int, catalog_id: int, framework: str, offline: Optional[Path] = None):
+    """
+    Sync the compliance data from Tenable.io to create control implementations for controls in frameworks.
+    """
+    from regscale.integrations.commercial.tenablev2.sync_compliance import sync_compliance_data
+
+    sync_compliance_data(ssp_id=regscale_ssp_id, catalog_id=catalog_id, framework=framework, offline=offline)
+
+
 # Add import_nessus to __all__ exports at the end of the file
 __all__ = [
     "tenable",

regscale/integrations/commercial/tenablev2/sync_compliance.py

@@ -0,0 +1,550 @@
+"""
+Sync the compliance data from Tenable.io to RegScale
+"""
+
+import json
+import logging
+from datetime import datetime, timedelta
+from typing import Dict, List, Optional
+from urllib.parse import urljoin
+
+from pathlib import Path
+from rich.console import Console
+
+from regscale.core.app.api import Api
+from regscale.core.app.application import Application
+from regscale.core.app.utils.app_utils import (
+    format_dict_to_html,
+    get_current_datetime,
+)
+from regscale.models.integration_models.tenable_models.models import AssetCheck
+from regscale.models.regscale_models import ControlImplementation
+
+logger = logging.getLogger("regscale")
+console = Console()
+artifacts_dir = "./artifacts"
+REGSCALE_INC = "RegScale, Inc."
+REGSCALE_CLI = "RegScale CLI"
+FULLY_IMPLEMENTED = "Fully Implemented"
+NOT_IMPLEMENTED = "Not Implemented"
+IN_REMEDIATION = "In Remediation"
+
+
+def sync_compliance_data(ssp_id: int, catalog_id: int, framework: str, offline: Optional[Path] = None) -> None:
+    """
+    Sync the compliance data from Tenable.io to create control implementations for controls in frameworks
+    :param int ssp_id: The ID number from RegScale of the System Security Plan
+    :param int catalog_id: The ID number from RegScale Catalog that the System Security Plan's controls belong to
+    :param str framework: The framework to use. from Tenable.io frameworks MUST be the same RegScale Catalog of controls
+    :param Optional[Path] offline: The file path to load control data instead of fetching from Tenable.io, defaults to None
+    :rtype: None
+    """
+    logger.info("Note: This command only available for Tenable.io")
+    logger.info("Note: This command Requires admin access.")
+    app = Application()
+    config = app.config
+    # we specifically don't gen client here, so we only get the client for Tenable.io as its only supported there
+
+    compliance_data = _get_compliance_data(config=config, offline=offline)  # type: ignore
+
+    dict_of_frameworks_and_asset_checks: Dict = dict()
+    framework_controls: Dict[str, List[str]] = {}
+    asset_checks: Dict[str, List[AssetCheck]] = {}
+    passing_controls: Dict = dict()
+    # partial_passing_controls: Dict = dict()
+    failing_controls: Dict = dict()
+    for findings in compliance_data:
+        asset_check = AssetCheck(**findings)
+        for ref in asset_check.reference:
+            if ref.framework not in framework_controls:
+                framework_controls[ref.framework] = []
+            if ref.control not in framework_controls[ref.framework]:  # Avoid duplicate controls
+                framework_controls[ref.framework].append(ref.control)
+                formatted_control_id = convert_control_id(ref.control)
+                # sort controls by status
+                add_control_to_status_dict(
+                    control_id=formatted_control_id,
+                    status=asset_check.status,
+                    dict_obj=failing_controls,
+                    desired_status="FAILED",
+                )
+                add_control_to_status_dict(
+                    control_id=formatted_control_id,
+                    status=asset_check.status,
+                    dict_obj=passing_controls,
+                    desired_status="PASSED",
+                )
+                remove_passing_controls_if_in_failed_status(passing=passing_controls, failing=failing_controls)
+                if formatted_control_id not in asset_checks:
+                    asset_checks[formatted_control_id] = [asset_check]
+                else:
+                    asset_checks[formatted_control_id].append(asset_check)
+        dict_of_frameworks_and_asset_checks = {
+            key: {"controls": framework_controls, "asset_checks": asset_checks} for key in framework_controls.keys()
+        }
+    logger.info(f"Found {len(dict_of_frameworks_and_asset_checks)} findings to process")
+    framework_data = dict_of_frameworks_and_asset_checks.get(framework, None)
+    process_compliance_data(
+        framework_data=framework_data,
+        catalog_id=catalog_id,
+        ssp_id=ssp_id,
+        framework=framework,
+        passing_controls=passing_controls,
+        failing_controls=failing_controls,
+    )
+
+
+def _get_compliance_data(config: dict, offline: Optional[Path] = None) -> Dict:
+    """
+    Get compliance data from Tenable.io
+    :param dict config: Configuration dictionary
+    :param Optional[Path] offline: File path to load control data instead of fetching from Tenable.io
+    :return: Compliance data
+    :rtype: Dict
+    """
+    from regscale import __version__
+    from tenable.io import TenableIO
+
+    if offline:
+        with open(offline.absolute(), "r") as f:
+            compliance_data = json.load(f)
+    else:
+        client = TenableIO(
+            url=config["tenableUrl"],
+            access_key=config["tenableAccessKey"],
+            secret_key=config["tenableSecretKey"],
+            vendor=REGSCALE_INC,
+            product=REGSCALE_CLI,
+            build=__version__,
+        )
+        compliance_data = client.exports.compliance()
+    return compliance_data
+
+
+def add_control_to_status_dict(control_id: str, status: str, dict_obj: Dict, desired_status: str) -> None:
+    """
+    Add a control to a status dictionary
+    :param str control_id: The control id to add to the dictionary
+    :param str status: The status of the control
+    :param Dict dict_obj: The dictionary to add the control to
+    :param str desired_status: The desired status of the control
+    :rtype: None
+    """
+    friendly_control_id = control_id.lower()
+    if status == desired_status and friendly_control_id not in dict_obj:
+        dict_obj[friendly_control_id] = desired_status
+
+
+def remove_passing_controls_if_in_failed_status(passing: Dict, failing: Dict) -> None:
+    """
+    Remove passing controls if they are in failed status
+    :param Dict passing: Dictionary of passing controls
+    :param Dict failing: Dictionary of failing controls
+    :rtype: None
+    """
+    to_remove = []
+    for k in passing.keys():
+        if k in failing.keys():
+            to_remove.append(k)
+
+    for k in to_remove:
+        del passing[k]
+
+
+def process_compliance_data(
+    framework_data: Dict,
+    catalog_id: int,
+    ssp_id: int,
+    framework: str,
+    passing_controls: Dict,
+    failing_controls: Dict,
+) -> None:
+    """
+    Processes the compliance data from Tenable.io to create control implementations for controls in frameworks
+    :param Dict framework_data: List of tenable.io controls per framework
+    :param int catalog_id: The catalog id
+    :param int ssp_id: The ssp id
+    :param str framework: The framework name
+    :param Dict passing_controls: Dictionary of passing controls
+    :param Dict failing_controls: Dictionary of failing controls
+    :rtype: None
+    """
+    if not framework_data:
+        return
+    framework_controls = framework_data.get("controls", {})
+    asset_checks = framework_data.get("asset_checks", {})
+    existing_implementation_dict = get_existing_control_implementations(ssp_id)
+    catalog_controls = get_controls(catalog_id)
+    matched_controls = []
+    for tenable_framework, tenable_controls in framework_controls.items():
+        logger.info(f"Found {len(tenable_controls)} controls that passed for framework: {tenable_framework}")
+        # logger.info(f"tenable_controls: {tenable_controls[0]}") if len(tenable_controls) >0 else None
+        if tenable_framework == framework:
+            matched_controls = get_matched_controls(tenable_controls, catalog_controls)
+
+    logger.info(f"Found {len(matched_controls)} controls that matched")
+
+    control_implementations = create_control_implementations(
+        controls=matched_controls,
+        parent_id=ssp_id,
+        parent_module="securityplans",
+        existing_implementation_dict=existing_implementation_dict,
+        passing_controls=passing_controls,
+        failing_controls=failing_controls,
+    )
+
+    logger.info(f"SSP now has {len(control_implementations)} control implementations")
+    catalog_controls_dict = {c["id"]: c for c in catalog_controls}
+    create_assessments(control_implementations, catalog_controls_dict, asset_checks)
+
+
+def create_assessments(
+    control_implementations: List[Dict],
+    catalog_controls_dict: Dict,
+    asset_checks: Dict,
+) -> None:
+    """
+    Create assessments from control implementations
+    :param List[Dict] control_implementations: List of control implementations
+    :param Dict catalog_controls_dict: Dictionary of catalog controls
+    :param Dict asset_checks: Dictionary of asset checks
+    :rtype: None
+    :return: None
+    """
+    app = Application()
+    user_id = app.config.get("userId", "")
+    assessments_to_create = []
+    for cim in control_implementations:
+        control = catalog_controls_dict.get(cim["controlID"], {})
+        check = asset_checks.get(control["controlId"].lower())
+        assessment = create_assessment_from_cim(cim, user_id, control, check)
+        assessments_to_create.append(assessment)
+    update_control_implementations(control_implementations, assessments_to_create)
+    post_assessments_to_api(assessments_to_create)
+
+
+def get_control_assessments(control: Dict, assessments_to_create: List[Dict]) -> List[Dict]:
+    """
+    Get control assessments
+    :param Dict control: Control
+    :param List[Dict] assessments_to_create: List of assessments to create
+    :return: List of control assessments
+    :rtype: List[Dict]
+    """
+    return [
+        assess
+        for assess in assessments_to_create
+        if assess["controlID"] == control["id"] and assess["status"] == "Complete"
+    ]
+
+
+def post_assessments_to_api(assessments_to_create: List[Dict]) -> None:
+    """
+    Post assessments to the API
+    :param List[Dict] assessments_to_create: List of assessments to create
+    :rtype: None
+    """
+    app = Application()
+    api = Api()
+    assessment_url = urljoin(app.config.get("domain", ""), "/api/assessments/batchCreate")
+    assessment_response = api.post(url=assessment_url, json=assessments_to_create)
+    if assessment_response.ok:
+        logger.info(f"Created {len(assessment_response.json())} Assessments!")
+    else:
+        logger.debug(assessment_response.status_code)
+        logger.error(f"Failed to insert Assessment.\n{assessment_response.text}")
+
+
+def update_control_implementations(control_implementations: List[Dict], assessments_to_create: List[Dict]) -> None:
+    """
+    Update control implementations with assessments
+    :param List[Dict] control_implementations: List of control implementations
+    :param List[Dict] assessments_to_create: List of assessments to create
+    :rtype: None
+    """
+    for control in control_implementations:
+        control_assessments = get_control_assessments(control, assessments_to_create)
+        if sorted_assessments := sort_assessments(control_assessments):
+            update_control_object(control, sorted_assessments)
+
+
+def update_control_object(control: Dict, sorted_assessments: List[Dict]) -> None:
+    """
+    Update control object
+    :param Dict control: Control
+    :param List[Dict] sorted_assessments: Sorted assessments
+    :rtype: None
+    """
+
+    dt_format = "%Y-%m-%d %H:%M:%S"
+    app = Application()
+    control["dateLastAssessed"] = sorted_assessments[0]["actualFinish"]
+    control["lastAssessmentResult"] = sorted_assessments[0]["assessmentResult"]
+    if control.get("lastAssessmentResult"):
+        control_obj = ControlImplementation(**control)
+        if control_obj.lastAssessmentResult == "Fail" and control_obj.status != IN_REMEDIATION:
+            control_obj.status = IN_REMEDIATION
+            control_obj.plannedImplementationDate = (datetime.now() + timedelta(30)).strftime(dt_format)
+            control_obj.stepsToImplement = "n/a"
+        elif control_obj.status == IN_REMEDIATION:
+            control_obj.plannedImplementationDate = (
+                (datetime.now() + timedelta(30)).strftime(dt_format)
+                if not control_obj.plannedImplementationDate
+                else control_obj.plannedImplementationDate
+            )
+            control_obj.stepsToImplement = "n/a" if not control_obj.stepsToImplement else control_obj.stepsToImplement
+        elif control_obj.lastAssessmentResult == "Pass" and control_obj.status != FULLY_IMPLEMENTED:
+            control_obj.status = FULLY_IMPLEMENTED
+        ControlImplementation.update(app=app, implementation=control_obj)
+
+
+def sort_assessments(control_assessments: List[Dict]) -> List[Dict]:
+    """
+    Sort assessments by actual finish date
+    :param List[Dict] control_assessments: List of control assessments
+    :return: Sorted assessments
+    :rtype: List[Dict]
+    """
+    dt_format = "%Y-%m-%d %H:%M:%S"
+    return sorted(
+        control_assessments,
+        key=lambda x: datetime.strptime(x["actualFinish"], dt_format),
+        reverse=True,
+    )
+
+
+def get_assessment_status_from_implementation_status(status: str) -> str:
+    """
+    Get the assessment status from the implementation status
+    :param str status: Implementation status
+    :return: Assessment status
+    :rtype: str
+    """
+    if status == FULLY_IMPLEMENTED:
+        return "Pass"
+    if status == IN_REMEDIATION:
+        return "Fail"
+    else:
+        return "N/A"
+
+
+def create_assessment_from_cim(cim: Dict, user_id: str, control: Dict, check: List[AssetCheck]) -> Dict:
+    """
+    Create an assessment from a control implementation
+    :param Dict cim: Control Implementation
+    :param str user_id: User ID
+    :param Dict control: Control
+    :param List[AssetCheck] check: Asset Check
+    :return: Assessment
+    :rtype: Dict
+    """
+    assessment_result = get_assessment_status_from_implementation_status(cim.get("status"))
+    summary_dict = check[0].dict() if check else dict()
+    summary_dict.pop("reference", None)
+    title = summary_dict.get("check_name") if summary_dict else control.get("title")
+    html_summary = format_dict_to_html(summary_dict)
+    document_reviewed = check[0].audit_file if check else None
+    check_name = check[0].check_name if check else None
+    methodology = check[0].check_info if check else None
+    summary_of_results = check[0].description if check else None
+    uuid = check[0].asset_uuid if check and check[0].asset_uuid is not None else None
+    title_part = f"{title} - {uuid}" if uuid else f"{title}"
+    uuid_title = f"{title_part} Automated Assessment test"
+    return {
+        "leadAssessorId": user_id,
+        "title": uuid_title,
+        "assessmentType": "Control Testing",
+        "plannedStart": get_current_datetime(),
+        "plannedFinish": get_current_datetime(),
+        "status": "Complete",
+        "assessmentResult": assessment_result if assessment_result else "N/A",
+        "controlID": cim["id"],
+        "actualFinish": get_current_datetime(),
+        "assessmentReport": html_summary if html_summary else "Passed",
+        "parentId": cim["id"],
+        "parentModule": "controls",
+        "assessmentPlan": check_name if check_name else None,
+        "documentsReviewed": document_reviewed if document_reviewed else None,
+        "methodology": methodology if methodology else None,
+        "summaryOfResults": summary_of_results if summary_of_results else None,
+    }
+
+
+def get_matched_controls(tenable_controls: List[Dict], catalog_controls: List[Dict]) -> List[Dict]:
+    """
+    Get controls that match between Tenable and the catalog
+    :param List[Dict] tenable_controls: List of controls from Tenable
+    :param List[Dict] catalog_controls: List of controls from the catalog
+    :return: List of matched controls
+    :rtype: List[Dict]
+    """
+    matched_controls = []
+    for control in tenable_controls:
+        formatted_control = convert_control_id(control)
+        logger.info(formatted_control)
+        for catalog_control in catalog_controls:
+            if catalog_control["controlId"].lower() == formatted_control.lower():
+                logger.info(f"Catalog Control {formatted_control} matched")
+                matched_controls.append(catalog_control)
+                break
+    return matched_controls
+
+
+def create_control_implementations(
+    controls: list,
+    parent_id: int,
+    parent_module: str,
+    existing_implementation_dict: Dict,
+    passing_controls: Dict,
+    failing_controls: Dict,
+) -> List[Dict]:
+    """
+    Creates a list of control implementations
+    :param list controls: list of controls
+    :param int parent_id: parent control id
+    :param str parent_module: parent module
+    :param Dict existing_implementation_dict: Dictionary of existing control implementations
+    :param Dict passing_controls: Dictionary of passing controls
+    :param Dict failing_controls: Dictionary of failing controls
+    :return: list of control implementations
+    :rtype: List[Dict]
+    """
+    app = Application()
+    api = Api()
+    user_id = app.config.get("userId")
+    domain = app.config.get("domain")
+    control_implementations = []
+    to_create = []
+    to_update = []
+    for control in controls:
+        lower_case_control_id = control["controlId"].lower()
+        status = check_implementation(
+            passing_controls=passing_controls,
+            failing_controls=failing_controls,
+            control_id=lower_case_control_id,
+        )
+        if control["controlId"] not in existing_implementation_dict.keys():
+            cim = ControlImplementation(
+                controlOwnerId=user_id,
+                dateLastAssessed=get_current_datetime(),
+                status=status,
+                controlID=control["id"],
+                parentId=parent_id,
+                parentModule=parent_module,
+                createdById=user_id,
+                dateCreated=get_current_datetime(),
+                lastUpdatedById=user_id,
+                dateLastUpdated=get_current_datetime(),
+            ).dict()
+            cim["controlSource"] = "Baseline"
+            to_create.append(cim)
+
+        else:
+            # update existing control implementation data
+            existing_imp = existing_implementation_dict.get(control["controlId"])
+            existing_imp["status"] = status
+            existing_imp["dateLastAssessed"] = get_current_datetime()
+            existing_imp["lastUpdatedById"] = user_id
+            existing_imp["dateLastUpdated"] = get_current_datetime()
+            del existing_imp["createdBy"]
+            del existing_imp["systemRole"]
+            del existing_imp["controlOwner"]
+            del existing_imp["lastUpdatedBy"]
+            to_update.append(existing_imp)
+
+    if len(to_create) > 0:
+        ci_url = urljoin(domain, "/api/controlImplementation/batchCreate")
+        resp = api.post(url=ci_url, json=to_create)
+        if resp.ok:
+            control_implementations.extend(resp.json())
+            logger.info(f"Created {len(to_create)} Control Implementation(s), Successfully!")
+        else:
+            resp.raise_for_status()
+    if len(to_update) > 0:
+        ci_url = urljoin(domain, "/api/controlImplementation/batchUpdate")
+        resp = api.post(url=ci_url, json=to_update)
+        if resp.ok:
+            control_implementations.extend(resp.json())
+            logger.info(f"Updated {len(to_update)} Control Implementation(s), Successfully!")
+        else:
+            resp.raise_for_status()
+    return control_implementations
+
+
+def check_implementation(passing_controls: Dict, failing_controls: Dict, control_id: str) -> str:
+    """
+    Checks the status of a control implementation
+    :param Dict passing_controls: Dictionary of passing controls
+    :param Dict failing_controls: Dictionary of failing controls
+    :param str control_id: control id
+    :return: status of control implementation
+    :rtype: str
+    """
+    if control_id in passing_controls.keys():
+        return FULLY_IMPLEMENTED
+    elif control_id in failing_controls.keys():
+        return IN_REMEDIATION
+    else:
+        return NOT_IMPLEMENTED
+
+
+def convert_control_id(control_id: str) -> str:
+    """
+    Convert the control id to a format that can be used in Tenable.io
+    :param str control_id: The control id to convert
+    :return: The converted control id
+    :rtype: str
+    """
+    # Convert to lowercase
+    control_id = control_id.lower()
+
+    # Check if there's a parenthesis and replace its content
+    if "(" in control_id and ")" in control_id:
+        inner_value = control_id.split("(")[1].split(")")[0]
+        control_id = control_id.replace(f"({inner_value})", f".{inner_value}")
+
+    return control_id
+
+
+def get_existing_control_implementations(parent_id: int) -> Dict:
+    """
+    fetch existing control implementations
+    :param int parent_id: parent control id
+    :return: Dictionary of existing control implementations
+    :rtype: Dict
+    """
+    app = Application()
+    api = Api()
+    domain = app.config.get("domain")
+    existing_implementation_dict = {}
+    get_url = urljoin(domain, f"/api/controlImplementation/getAllByPlan/{parent_id}")
+    response = api.get(get_url)
+    if response.ok:
+        existing_control_implementations_json = response.json()
+        for cim in existing_control_implementations_json:
+            existing_implementation_dict[cim["controlName"]] = cim
+        logger.info(f"Found {len(existing_implementation_dict)} existing control implementations")
+    elif response.status_code == 404:
+        logger.info(f"No existing control implementations found for {parent_id}")
+    else:
+        logger.warning(f"Unable to get existing control implementations. {response.text}")
+
+    return existing_implementation_dict
+
+
+def get_controls(catalog_id: int) -> List[Dict]:
+    """
+    Gets all the controls
+    :param int catalog_id: catalog id
+    :return: list of controls
+    :rtype: List[Dict]
+    """
+    app = Application()
+    api = Api()
+    url = urljoin(app.config.get("domain"), f"/api/SecurityControls/getList/{catalog_id}")
+    response = api.get(url)
+    if response.ok:
+        return response.json()
+    else:
+        response.raise_for_status()
+    return []

regscale/integrations/scanner_integration.py

@@ -14,7 +14,7 @@ import time
 from abc import ABC, abstractmethod
 from collections import defaultdict
 from concurrent.futures import ThreadPoolExecutor
-from typing import Any, Dict, Generic, Iterator, List, Optional, Set, TypeVar, Union, Callable
+from typing import Any, Callable, Dict, Generic, Iterator, List, Optional, Set, TypeVar, Union
 
 from rich.progress import Progress, TaskID
 
@@ -616,6 +616,7 @@ class ScannerIntegration(ABC):
 
     # Close Outdated Findings
     close_outdated_findings = True
+    closed_count = 0
 
     def __init__(self, plan_id: int, tenant_id: int = 1, is_component: bool = False, **kwargs):
         """

regscale/models/regscale_models/assessment_plan.py

@@ -4,7 +4,7 @@ from typing import Optional, Union
 from pydantic import Field, ConfigDict
 
 from regscale.core.app.utils.app_utils import get_current_datetime
-from regscale.models.regscale_models import RegScaleModel
+from regscale.models.regscale_models.regscale_model import RegScaleModel
 
 
 class AssesmentPlanArea(str, Enum):

regscale/models/regscale_models/assessment_result.py

@@ -0,0 +1,39 @@
+from enum import Enum
+from typing import Optional, Union
+from datetime import datetime
+
+from pydantic import Field, ConfigDict
+
+from regscale.core.app.utils.app_utils import get_current_datetime
+from regscale.models.regscale_models.regscale_model import RegScaleModel
+
+
+class AssessmentResult(RegScaleModel):
+    """Assessment Results Model"""
+
+    _module_slug = "assessmentresults"
+    _unique_fields = ["id"]
+
+    id: int = 0
+    isPublic: bool = True
+    uuid: Optional[str] = None
+    status: Optional[str] = None
+    loqId: Optional[int] = 0
+    lineOfInquiry: Optional[str] = None
+    requirement: Optional[str] = None
+    citation: Optional[str] = None
+    weight: Optional[int] = 0
+    responsibility: Optional[str] = None
+    guidance: Optional[str] = None
+    observations: Optional[str] = None
+    recommendations: Optional[str] = None
+    issuesIdentified: Optional[str] = None
+    riskAssessment: Optional[str] = None
+    samplingMethodology: Optional[str] = None
+    fixedDuringAssessment: bool = False
+    bComplete: bool = False
+    parentAssessmentId: Optional[int] = 0
+    dataDate: Optional[str] = Field(default_factory=get_current_datetime)
+    dataString: Optional[datetime] = None
+    dataDecimal: Optional[float] = 0.0
+    dataBoolean: Optional[bool] = False

regscale/models/regscale_models/line_of_inquiry.py

@@ -4,7 +4,7 @@ from typing import Optional, Union
 from pydantic import Field, ConfigDict
 
 from regscale.core.app.utils.app_utils import get_current_datetime
-from regscale.models.regscale_models import RegScaleModel
+from regscale.models.regscale_models.regscale_model import RegScaleModel
 
 
 class LoIType(str, Enum):
@@ -48,5 +48,5 @@ class LinesOfInquiry(RegScaleModel):
         :rtype: ConfigDict
         """
         return ConfigDict(  # type: ignore
-            get_all_by_parent="/api/{model_slug}/getAllByParent/{intAssessmentID}",
+            get_all_by_parent="/api/{model_slug}/getAllByParent/{intParentID}",
         )

regscale/models/regscale_models/software_inventory.py

@@ -9,7 +9,7 @@ from pydantic import ConfigDict, Field
 from regscale.core.app.api import Api
 from regscale.core.app.application import Application
 from regscale.core.app.utils.app_utils import get_current_datetime
-from regscale.models.regscale_models import RegScaleModel
+from regscale.models.regscale_models.regscale_model import RegScaleModel
 
 
 class SoftwareInventory(RegScaleModel):

regscale/models/regscale_models/supply_chain.py

@@ -6,7 +6,7 @@ from typing import Optional, Union
 
 from pydantic import ConfigDict, Field
 
-from .regscale_model import RegScaleModel
+from regscale.models.regscale_models.regscale_model import RegScaleModel
 
 logger = logging.getLogger("regscale")
 
@@ -103,9 +103,9 @@ class SupplyChain(RegScaleModel):
     parentModule: Optional[str] = None
     orgId: Optional[int] = None
     facilityId: Optional[int] = None
-    contractValue: Optional[int] = 0
-    fundedAmount: Optional[int] = 0
-    actualCosts: Optional[int] = 0
+    contractValue: Optional[float] = 0.0
+    fundedAmount: Optional[float] = 0.0
+    actualCosts: Optional[float] = 0.0
     scope: Optional[str] = None
     startDate: Optional[str] = None
     endDate: Optional[str] = None

regscale/models/regscale_models/user.py

@@ -175,6 +175,17 @@ class User(RegScaleModel):
         response = cls._get_api_handler().get(endpoint=cls.get_endpoint("get_all"))
         return cast(List[T], cls._handle_list_response(response))
 
+    @classmethod
+    def get_roles(cls) -> List["User"]:
+        """
+        Get all roles from RegScale
+
+        :return: List of RegScale roles
+        :rtype: dict
+        """
+        response = cls._get_api_handler().get(endpoint=cls.get_endpoint("get_roles"))
+        return cast(List[T], cls._handle_list_response(response))
+
     def assign_role(self, role_id: str) -> bool:
         """
         Assign a role to a user

{regscale_cli-6.19.0.1.dist-info → regscale_cli-6.19.1.0.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: regscale-cli
-Version: 6.19.0.1
+Version: 6.19.1.0
 Summary: Command Line Interface (CLI) for bulk processing/loading data into RegScale
 Home-page: https://github.com/RegScale/regscale-cli
 Author: Travis Howerton
@@ -78,7 +78,7 @@ Requires-Dist: PyMuPDF >=1.24.7 ; extra == 'airflow'
 Requires-Dist: PyYAML ==6.0.1 ; extra == 'airflow'
 Requires-Dist: apache-airflow-providers-common-sql ; extra == 'airflow'
 Requires-Dist: apache-airflow-providers-postgres ; extra == 'airflow'
-Requires-Dist: apache-airflow >=2.10.3 ; extra == 'airflow'
+Requires-Dist: apache-airflow ==2.10.3 ; extra == 'airflow'
 Requires-Dist: beautifulsoup4 ; extra == 'airflow'
 Requires-Dist: boto3 ==1.35.10 ; extra == 'airflow'
 Requires-Dist: botocore ==1.35.10 ; extra == 'airflow'
@@ -146,7 +146,7 @@ Requires-Dist: PyYAML ==6.0.1 ; extra == 'airflow-azure'
 Requires-Dist: apache-airflow-providers-common-sql ; extra == 'airflow-azure'
 Requires-Dist: apache-airflow-providers-microsoft-azure ; extra == 'airflow-azure'
 Requires-Dist: apache-airflow-providers-postgres ; extra == 'airflow-azure'
-Requires-Dist: apache-airflow >=2.10.3 ; extra == 'airflow-azure'
+Requires-Dist: apache-airflow ==2.10.3 ; extra == 'airflow-azure'
 Requires-Dist: azure-storage-blob ; extra == 'airflow-azure'
 Requires-Dist: beautifulsoup4 ; extra == 'airflow-azure'
 Requires-Dist: boto3 ==1.35.10 ; extra == 'airflow-azure'
@@ -216,7 +216,7 @@ Requires-Dist: PyYAML ==6.0.1 ; extra == 'airflow-sqlserver'
 Requires-Dist: apache-airflow-providers-common-sql ; extra == 'airflow-sqlserver'
 Requires-Dist: apache-airflow-providers-microsoft-mssql ; extra == 'airflow-sqlserver'
 Requires-Dist: apache-airflow-providers-postgres ; extra == 'airflow-sqlserver'
-Requires-Dist: apache-airflow >=2.10.3 ; extra == 'airflow-sqlserver'
+Requires-Dist: apache-airflow ==2.10.3 ; extra == 'airflow-sqlserver'
 Requires-Dist: beautifulsoup4 ; extra == 'airflow-sqlserver'
 Requires-Dist: boto3 ==1.35.10 ; extra == 'airflow-sqlserver'
 Requires-Dist: botocore ==1.35.10 ; extra == 'airflow-sqlserver'
@@ -286,7 +286,7 @@ Requires-Dist: PyYAML ==6.0.1 ; extra == 'all'
 Requires-Dist: ansible ; extra == 'all'
 Requires-Dist: apache-airflow-providers-common-sql ; extra == 'all'
 Requires-Dist: apache-airflow-providers-postgres ; extra == 'all'
-Requires-Dist: apache-airflow >=2.10.3 ; extra == 'all'
+Requires-Dist: apache-airflow ==2.10.3 ; extra == 'all'
 Requires-Dist: beautifulsoup4 ; extra == 'all'
 Requires-Dist: boto3 ==1.35.10 ; extra == 'all'
 Requires-Dist: botocore ==1.35.10 ; extra == 'all'

{regscale_cli-6.19.0.1.dist-info → regscale_cli-6.19.1.0.dist-info}/RECORD

@@ -1,4 +1,4 @@
-regscale/__init__.py,sha256=BVzwcyu7M9vUKN8JF2eHy61Le8zrZvupLmlwkhOLLag,25
+regscale/__init__.py,sha256=nj8VCAjjre7hxmOERduZFW-KJyVxE8MitYAHu5V7Sic,25
 regscale/regscale.py,sha256=t4uLMzy9P_KeKazI9ZTQupTkbgh28uMilLSpmzn7adE,30983
 regscale/airflow/__init__.py,sha256=yMwN0Bz4JbM0nl5qY_hPegxo_O2ilhTOL9PY5Njhn-s,270
 regscale/airflow/click_dags.py,sha256=H3SUR5jkvInNMv1gu-VG-Ja_H-kH145CpQYNalWNAbE,4520
@@ -55,7 +55,7 @@ regscale/core/app/internal/workflow.py,sha256=SpgYk1QyzdilVLOK1fFzaKhdLspumaugf5
 regscale/core/app/utils/XMLIR.py,sha256=M_RrCsbjznihatkucCKw6dPgHTPQczXyqIdUXWhuCLI,8328
 regscale/core/app/utils/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 regscale/core/app/utils/api_handler.py,sha256=T1meKw6Yi3ZAgRbQ1xuKDVh9Q9B8mbMqqN_LrSwIlAM,11765
-regscale/core/app/utils/app_utils.py,sha256=PnZeSU3AJqqe4NtdqABYowH1c3emiPSGDgRUdVp1kDc,36246
+regscale/core/app/utils/app_utils.py,sha256=zLEHHHWR4likFQYY_bZsWLTAoRajyyaWrESkotVrFlM,36240
 regscale/core/app/utils/file_utils.py,sha256=URKWVEiR9aFnwoW3-Io7R22tBVeROTC3sX1wOZuhqXw,8912
 regscale/core/app/utils/parser_utils.py,sha256=aBEgcFwbJMD-ARf3wzf-tyWwR6NHvzEcdYcPMm8hGqo,2533
 regscale/core/app/utils/pickle_file_handler.py,sha256=iMdv4N8z00TB5LyPdxIcLKNRpDQVWQ8ZQWAqCKpqmF0,1695
@@ -111,7 +111,7 @@ regscale/integrations/api_paginator.py,sha256=73rjaNM9mGv8evHAeoObXEjZPg-bJuGPo6
 regscale/integrations/api_paginator_example.py,sha256=lEuYI-xEGcjnXuIzbCobCP0YRuukLF0s8S3d382SAH4,12119
 regscale/integrations/integration_override.py,sha256=PH7t_bf-RCe_it3FJ61tlKX5UghqHuSEQNJWDfCamAg,5480
 regscale/integrations/jsonl_scanner_integration.py,sha256=fglDgJN9alUvbJzNYKrlIf_25oqQ8kIU0moE3f9tDMQ,56717
-regscale/integrations/scanner_integration.py,sha256=ECWOq2bZ-4LwwXxlEXd5VkCqtlXRhcNeRn2pHMYyZUU,134678
+regscale/integrations/scanner_integration.py,sha256=fAHnFQ7twysa6ouo_gIVOR7WbbCHQq6-MQm7r-l9fPQ,134699
 regscale/integrations/variables.py,sha256=A0R76VAeJFj48wHnNgUY-xaD7QKcSmGO9-9cQLlqDJ8,2071
 regscale/integrations/commercial/__init__.py,sha256=BZcCIUdyW027NjOGkcBOT52RPSLrtUv69UEPIkAmq1M,13319
 regscale/integrations/commercial/ad.py,sha256=YXSmK8vRf6yi2GnREGa5GrE6GelhFrLj44SY8AO1pK0,15509
@@ -210,11 +210,12 @@ regscale/integrations/commercial/synqly/ticketing.py,sha256=6UhmDa0l-GYTJAyc93Hi
 regscale/integrations/commercial/synqly/vulnerabilities.py,sha256=B8GwfKVDdoOIikjZO-4KqDNf-ApXlcJNkwmno0FjDOQ,7842
 regscale/integrations/commercial/tenablev2/__init__.py,sha256=UpSY_oww83kz9c7amdbptJKwDB1gAOBQDS-Q9WFp588,295
 regscale/integrations/commercial/tenablev2/authenticate.py,sha256=VPTmxaVCaah2gJYNeU9P1KoQ734ohGQ-wcVy6JfqDTE,1247
-regscale/integrations/commercial/tenablev2/commands.py,sha256=MedjPqMXTudoYP32gErio-1FVgDwzrDnh6CxelMotaQ,26180
+regscale/integrations/commercial/tenablev2/commands.py,sha256=zFwCbGAMlvQXZq5Jw1Ii7NRD5xXH8wtFpX09bawXU6A,27473
 regscale/integrations/commercial/tenablev2/jsonl_scanner.py,sha256=zNruS_Oi6ls6lJTUxwdD6jRiXCvVLuGI2nvpF29pvU4,83485
 regscale/integrations/commercial/tenablev2/sc_scanner.py,sha256=Y70eZf_1DM3Np9tlrvZ_OHHjqzHjqrizFcHG8esqLQQ,23220
 regscale/integrations/commercial/tenablev2/scanner.py,sha256=bKm7MmZ_xAjKwNT0x16WvuRbQcip3pXg8xqPNHejgKs,21584
 regscale/integrations/commercial/tenablev2/stig_parsers.py,sha256=01h5ImYMUsjrVHaGgqj5JVBx6Jzlhg06ufu0SL_uBEs,5983
+regscale/integrations/commercial/tenablev2/sync_compliance.py,sha256=xViAWWKI6wAN6OoRVocXWbynKCgAFVki6mbgsKLhM0o,21927
 regscale/integrations/commercial/tenablev2/utils.py,sha256=_MmvcR71PmvH4dQ1k4M-q4PYAg0EE_aQ9w4cUdP7SwE,3359
 regscale/integrations/commercial/tenablev2/variables.py,sha256=CHK8HpSFHMUF4HWj0xosfEQ-RRNDoWdeRvjJok_mKpU,991
 regscale/integrations/commercial/trivy/__init__.py,sha256=fTTABeR1Z3Wei3l-A54SoTPn2mrMQrKLmr9SwTyYLTM,117
@@ -347,7 +348,8 @@ regscale/models/integration_models/tenable_models/integration.py,sha256=lplL8zmj
 regscale/models/integration_models/tenable_models/models.py,sha256=dmG7btkN4YkDWwnfW5Ldc3tWEAGjPiaRgJjrqMOkPEU,15846
 regscale/models/regscale_models/__init__.py,sha256=OmFpksQ7e1P52xkBfP5_CTew1A4JiB65cvNuwchGXWU,1900
 regscale/models/regscale_models/assessment.py,sha256=ekzNlcsfDGBu97PMCi7hBRGbzVgxk7Ij0RfrdGh1Rfw,20440
-regscale/models/regscale_models/assessment_plan.py,sha256=8AEj-lSq5kk7nSMJ7wJmDwkY9h94PB-oD7qKfLfT9cE,1701
+regscale/models/regscale_models/assessment_plan.py,sha256=qo2YA5ckSbUKDHnC_2BUc2I9kMTje9Gq-qTCXqvEKCY,1716
+regscale/models/regscale_models/assessment_result.py,sha256=K48yjYKwgY1-d_Y3aQUDcCvaqcTIVYdbKV5Wgicf4Ts,1283
 regscale/models/regscale_models/asset.py,sha256=-ws6o6hRl2sMLNcT8CIw0SQvOwLtrVSeEp5kF80ydAQ,19840
 regscale/models/regscale_models/asset_mapping.py,sha256=HFlkAoPZHy2xPYq28cXuzLpFoP36SI08HTL8mH_Q-uE,6851
 regscale/models/regscale_models/case.py,sha256=hLVTwZXzusnXR9avqh7xSVLJwPJ1rPI_Nla_VAkpZcg,1192
@@ -387,7 +389,7 @@ regscale/models/regscale_models/inherited_control.py,sha256=RuQJgVyZgfoIrUG_vvwQ
 regscale/models/regscale_models/interconnection.py,sha256=B8Y4I6KnN-T_gid08QM_o50OwGZcFfO8SJFY2uB68Ak,1256
 regscale/models/regscale_models/issue.py,sha256=wFt_pWARHYG6YikIPePgmvEVlinDPveKx7VB4zbCFvQ,46791
 regscale/models/regscale_models/leveraged_authorization.py,sha256=OUrL8JQV3r7T3ldHlL6Y_ZLv6KuQIC-3eZW5wZ7XFUk,4192
-regscale/models/regscale_models/line_of_inquiry.py,sha256=u8oPt15LvdFNv7FSSZIbBbjMqPF4lLbLEr3EN6mQa1Q,1702
+regscale/models/regscale_models/line_of_inquiry.py,sha256=Uu0lQEhif0W6yTSkJo27GyQGmExSngJvyqGBTr4Q8Fg,1713
 regscale/models/regscale_models/link.py,sha256=lAY4Ig3Menm1EqfcAbVJ7jsCsRO5tWtJIf-9-G9FXT8,6593
 regscale/models/regscale_models/master_assessment.py,sha256=thG3dDTuhKTXxjarLlHlLG-KkpfQOZ7UUVMQFhypIrQ,6758
 regscale/models/regscale_models/meta_data.py,sha256=Fg8rrWSTx3K00QkF4glH9UdY9OFWJ4_UqxleLSSbx8I,2482
@@ -415,17 +417,17 @@ regscale/models/regscale_models/scan_history.py,sha256=o4e9P2rQlqlLj4mbgSPX44jut
 regscale/models/regscale_models/search.py,sha256=rPbFDCnnBRHY5JJv9Ev3_6GjMlkdhUAsaUzC97eE2Ys,1015
 regscale/models/regscale_models/security_control.py,sha256=tob8y9zaMGdITju4ffrCAa5s6qhdchdkuxJdZ6VdkOA,4614
 regscale/models/regscale_models/security_plan.py,sha256=4hBnAqHpjVXd6i1dsO2r2HbPKjeyM-QnMKCmdk1sYGw,7549
-regscale/models/regscale_models/software_inventory.py,sha256=xZyLl1SgFxRjrbASFkzTsmK3bQty2ZlO-zXPjuElwmM,5540
+regscale/models/regscale_models/software_inventory.py,sha256=FRAIfoUlS0kaX1HQRDyV5q4yxwRHilXbS52NSj6exo0,5555
 regscale/models/regscale_models/stake_holder.py,sha256=JIuDTIky_3acDl-NOMwylTHkppN38JgPDZ1A6wM-BGE,1956
 regscale/models/regscale_models/stig.py,sha256=y-PQuGg3pwDTfsNZGW6anaNAjIZBQoNe7GOLMiT5zfw,26329
-regscale/models/regscale_models/supply_chain.py,sha256=wG0Jc8fN69_-1i6dwLc0YUHHL-dkBqyZ86b3E_7Uaj0,5111
+regscale/models/regscale_models/supply_chain.py,sha256=tMP0IUt5mrJ1QaV5YtcdV7KW0wPQbKdPO3dX0se0gZo,5154
 regscale/models/regscale_models/system_role.py,sha256=cGKhdekD0ZlT_cuUGDhzED9J46UzWdAVzdoq_TxG0KA,6406
 regscale/models/regscale_models/system_role_external_assignment.py,sha256=vCI-paDP4gARkHyGareBUdkmK0hcp1cDSe7yFdYMSug,1333
 regscale/models/regscale_models/tag.py,sha256=D4n5ABDzjI7u1ukjRyHgmgyVd8iNTNJlQrdi55AhYmM,1130
 regscale/models/regscale_models/tag_mapping.py,sha256=QtafVsWjpBR8BAxRhabk3FL3E4WI5OdCv95fuvNOrZs,657
 regscale/models/regscale_models/task.py,sha256=eKVdR89Gb6M9E2plhK4fru8teQI3zPJpgtJ0f43FOrY,4919
 regscale/models/regscale_models/threat.py,sha256=4TNZcRnTgmlDwBsYu5Pbh9GRd8ZWAtqqr0Xph3uPNAA,7255
-regscale/models/regscale_models/user.py,sha256=2OfrIlwD-vtEMnC2Pn_ch2Ze5S_p7_SgBD4ejXmestI,6854
+regscale/models/regscale_models/user.py,sha256=wiU2qKwp3aYtmaHEmTtv8BbMEgFb913dHgc2VnmsAkg,7186
 regscale/models/regscale_models/user_group.py,sha256=vzlXHvPNsgJd38H0R3osi46Oj19QO5oPx0qXntQBKWI,1891
 regscale/models/regscale_models/vulnerability.py,sha256=VKgWMVvAQ74Sq46myYsivGfIeW63dHq3bv3cRCkDcbg,10960
 regscale/models/regscale_models/vulnerability_mapping.py,sha256=cq44xkkCH7rfp0BJxavr4DLiEAHouyyPmi5EaizH6NI,6261
@@ -500,9 +502,9 @@ tests/regscale/models/test_regscale_model.py,sha256=ZsrEZkC4EtdIsoQuayn1xv2gEGcV
 tests/regscale/models/test_report.py,sha256=eiSvS_zS0aVeL0HBvtmHVvEzcfF9ZFVn2twj5g8KttY,970
 tests/regscale/models/test_tenable_integrations.py,sha256=PNJC2Zu6lv1xj7y6e1yOsz5FktSU3PRKb5x3n5YG3w0,4072
 tests/regscale/models/test_user_model.py,sha256=e9olv28qBApgnvK6hFHOgXjUC-pkaV8aGDirEIWASL4,4427
-regscale_cli-6.19.0.1.dist-info/LICENSE,sha256=ytNhYQ9Rmhj_m-EX2pPq9Ld6tH5wrqqDYg-fCf46WDU,1076
-regscale_cli-6.19.0.1.dist-info/METADATA,sha256=wWhMYlFSOvacarUAvTVNBKFy-HAUeWd_br8BZQH0Jho,30913
-regscale_cli-6.19.0.1.dist-info/WHEEL,sha256=oiQVh_5PnQM0E3gPdiz09WCNmwiHDMaGer_elqB3coM,92
-regscale_cli-6.19.0.1.dist-info/entry_points.txt,sha256=cLOaIP1eRv1yZ2u7BvpE3aB4x3kDrDwkpeisKOu33z8,269
-regscale_cli-6.19.0.1.dist-info/top_level.txt,sha256=Uv8VUCAdxRm70bgrD4YNEJUmDhBThad_1aaEFGwRByc,15
-regscale_cli-6.19.0.1.dist-info/RECORD,,
+regscale_cli-6.19.1.0.dist-info/LICENSE,sha256=ytNhYQ9Rmhj_m-EX2pPq9Ld6tH5wrqqDYg-fCf46WDU,1076
+regscale_cli-6.19.1.0.dist-info/METADATA,sha256=eMCQ4kKNLhTBf2WOaVp35o_ZK0k7s13eNZ7OBEFNPy4,30913
+regscale_cli-6.19.1.0.dist-info/WHEEL,sha256=oiQVh_5PnQM0E3gPdiz09WCNmwiHDMaGer_elqB3coM,92
+regscale_cli-6.19.1.0.dist-info/entry_points.txt,sha256=cLOaIP1eRv1yZ2u7BvpE3aB4x3kDrDwkpeisKOu33z8,269
+regscale_cli-6.19.1.0.dist-info/top_level.txt,sha256=Uv8VUCAdxRm70bgrD4YNEJUmDhBThad_1aaEFGwRByc,15
+regscale_cli-6.19.1.0.dist-info/RECORD,,