regscale-cli 6.19.1.0__py3-none-any.whl → 6.20.0.0__py3-none-any.whl

regscale/models/regscale_models/__init__.py

@@ -3,6 +3,7 @@
 from .assessment import *
 from .asset import *
 from .asset_mapping import *
+from .business_impact_assessment import *
 from .catalog import *
 from .cci import *
 from .change import *
@@ -32,9 +33,11 @@ from .interconnection import *
 from .issue import *
 from .leveraged_authorization import *
 from .link import *
+from .master_assessment import *
 from .meta_data import *
 from .objective import *
 from .parameter import *
+from .policy import *
 from .ports_protocol import *
 from .privacy import *
 from .profile import *
@@ -48,6 +51,7 @@ from .questionnaire_instance import *
 from .reference import *
 from .requirement import *
 from .risk import *
+from .risk_trend import *
 from .sbom import *
 from .scan_history import *
 from .security_control import *
@@ -55,6 +59,7 @@ from .security_plan import *
 from .software_inventory import *
 from .stake_holder import *
 from .stig import *
+from .supply_chain import *
 from .system_role import *
 from .system_role_external_assignment import *
 from .task import *

regscale/models/regscale_models/business_impact_assessment.py

@@ -0,0 +1,71 @@
+"""
+This module contains the Business Impact Assessment model for RegScale.
+"""
+
+from typing import List
+
+from pydantic import ConfigDict
+
+from regscale.models.regscale_models.regscale_model import RegScaleModel
+
+
+class BusinessImpactAssessment(RegScaleModel):
+    """RegScale Business Impact Assessment
+
+    :return: RegScale Business Impact Assessment
+    """
+
+    _module_slug = "business-impact-assessments"
+    _module_string = "business-impact-assessments"
+    # Should we include baseline, ruleId, check, and results in unique fields?
+    _unique_fields = [
+        [
+            "riskId",
+            "category",
+        ],
+    ]
+    _parent_id_field = "riskId"
+    # Required
+    id: int = 0
+    isPublic: bool = True
+    uuid: str = ""
+    category: str = ""
+    probability: str = ""
+    consequence: str = ""
+    notes: str = ""
+    riskType: str = ""
+    riskScore: int = 0
+    riskId: int = 0
+
+    @staticmethod
+    def _get_additional_endpoints() -> ConfigDict:
+        """
+        Get additional endpoints for the Catalogues model
+
+        :return: A dictionary of additional endpoints
+        :rtype: ConfigDict
+        """
+        return ConfigDict(  # type: ignore
+            get_all_by_risk="/api/{model_slug}/getAllByRisk/{intID}",
+            get_all_by_risk_and_type="/api/{model_slug}/getAllByRiskAndType/{intID}/{strType}",
+        )
+
+    @classmethod
+    def get_all_by_risk(cls, risk_id: int) -> List["BusinessImpactAssessment"]:
+        """
+        Get all Business Impact Assessments by risk ID
+        """
+        endpoint = cls.get_endpoint("get_all_by_risk").format(model_slug=cls.get_module_slug(), intID=risk_id)
+        res = cls._handle_list_response(cls._get_api_handler().get(endpoint))
+        return res
+
+    @classmethod
+    def get_all_by_risk_and_type(cls, risk_id: int, risk_type: str) -> List["BusinessImpactAssessment"]:
+        """
+        Get all Business Impact Assessments by risk ID and type
+        """
+        endpoint = cls.get_endpoint("get_all_by_risk_and_type").format(
+            model_slug=cls.get_module_slug(), intID=risk_id, strType=risk_type
+        )
+        res = cls._handle_list_response(cls._get_api_handler().get(endpoint))
+        return res

regscale/models/regscale_models/control_implementation.py

@@ -39,6 +39,21 @@ class ControlImplementationStatus(str, Enum):
     Alternative = "Alternate Implementation"
 
 
+class ImplementationControlOrigin(str, Enum):
+    SERVICE_PROVIDER_CORPORATE = "Service Provider Corporate"
+    SERVICE_PROVIDER_SYSTEM = "Service Provider System Specific"
+    SERVICE_PROVIDER_HYBRID = "Service Provider Hybrid (Corporate and System Specific)"
+    CONFIGURED_BY_CUSTOMER = "Configured by Customer (Customer System Specific)"
+    PROVIDED_BY_CUSTOMER = "Provided by Customer (Customer Specific)"
+    SHARED = "Shared (Service Provider and Customer Responsibility)"
+    INHERITED_FROM_PRE_EXISTING_FEDRAMP_AUTHORIZATION = (
+        "Inherited from pre-existing FedRAMP Authorization"  # noqa: E501
+    )
+
+    def __str__(self):
+        return self.value
+
+
 class ControlImplementationOrigin(str, Enum):
     """Control Origination"""
 

regscale/models/regscale_models/master_assessment.py

@@ -1,6 +1,7 @@
 #!/usr/bin/env python3
 # -*- coding: utf-8 -*-
 """Model for a RegScale Assessment"""
+from enum import Enum
 from typing import List, Optional
 
 from pydantic import ConfigDict, Field
@@ -9,6 +10,13 @@ from regscale.models.regscale_models.assessment import Assessment
 from regscale.models.regscale_models.regscale_model import RegScaleModel
 
 
+class MasterAssessmentStatus(Enum):
+    """Enum representing different status states with string values."""
+
+    InProgress = "In Progress"
+    Completed = "Completed"
+
+
 class MasterAssessment(RegScaleModel):
     """
     Model for a RegScale Assessment
@@ -125,3 +133,14 @@ class MasterAssessment(RegScaleModel):
                 if ci := cls.get_object(object_id=ci["id"]):
                     assessments.append(ci)
         return assessments
+
+    @classmethod
+    def is_date_field(cls, field_name: str) -> bool:
+        """
+        Overrides the base method.
+
+        :param str field_name: The property name to provide enum values for
+        :return: bool if the field should be formatted as a date
+        :rtype: bool
+        """
+        return field_name in ["plannedStart", "plannedFinish", "actualFinish"]

regscale/models/regscale_models/policy.py

@@ -0,0 +1,90 @@
+"""This module contains the Policy models."""
+
+from datetime import datetime
+from typing import List, Optional
+
+from pydantic import ConfigDict
+
+from regscale.models.regscale_models.regscale_model import RegScaleModel
+
+
+class PolicyParameter(RegScaleModel):
+    """Policy Parameter Model"""
+
+    _module_slug = "policyparameter"
+    _unique_fields = [
+        ["policyId", "name"],
+    ]
+    id: int = 0
+    policyId: int
+    name: str = ""
+    value: str = ""
+    default: str = ""
+
+
+class Policy(RegScaleModel):
+    """Policy Model"""
+
+    _module_slug = "policies"
+    _unique_fields = [
+        ["integrationFindingId", "vulnerabilityId", "status"],
+        ["otherIdentifier", "parentModule", "parentId", "status"],
+    ]
+
+    id: int = 0
+    policyNumber: str = ""
+    policyOwnerId: str = ""
+    policyType: str = ""
+    dateApproved: str = ""
+    expirationDate: str = ""
+    status: str = ""
+    title: str = ""
+    description: str = ""
+    practiceLevel: str = ""
+    processLevel: str = ""
+    facilityId: Optional[int] = None
+    orgId: int = 0
+    parentModule: str = ""
+    parentId: int = 0
+    isPublic: bool = True
+    policyTemplate: str = ""
+    policyTemplateId: str = ""
+    policyParameters: List[PolicyParameter] = []
+
+    @staticmethod
+    def _get_additional_endpoints() -> ConfigDict:
+        """
+        Get additional endpoints for the ProfileMapping model, using {model_slug} as a placeholder for the model slug.
+
+        :return: A dictionary of additional endpoints
+        :rtype: ConfigDict
+        """
+
+        return ConfigDict(  # type: ignore
+            get_list="/api/{model_slug}/getList",
+        )
+
+    @classmethod
+    def get_list(cls) -> List[dict]:
+        """
+        Get a list of policies.
+
+        :return: A list of policies
+        :rtype: List[dict]
+        """
+        endpoint = cls.get_endpoint("get_list")
+        res = cls._get_api_handler().get(endpoint=endpoint)
+        return res.json()
+
+    def convert_datetime_to_date_str(self, dt: Optional[datetime]) -> str:
+        """
+        Convert a datetime object to a date string in the format 'MMM DD, YYYY'.
+
+        :param dt: The datetime object to convert
+        :type dt: Optional[datetime]
+        :return: The date string in format 'MMM DD, YYYY'
+        :rtype: str
+        """
+        if dt is None:
+            return ""
+        return dt.strftime("%b %d, %Y")

regscale/models/regscale_models/question.py

@@ -3,9 +3,13 @@ This module contains the Questions model for RegScale.
 """
 
 from enum import Enum
-from typing import Optional, List, Dict
+from typing import Dict, List, Optional
+
 from pydantic import ConfigDict, Field
+
+from regscale.core.app.utils.api_handler import APIRetrieveError
 from regscale.core.app.utils.app_utils import get_current_datetime
+
 from .regscale_model import RegScaleModel
 
 
@@ -62,6 +66,30 @@ class Questions(RegScaleModel):
     uploadEnabled: bool = False
     response: Optional[str] = None  # Adjust the type if it's not a string
 
+    @classmethod
+    def get_all_by_parent(cls, parent_questionnaire_id: int) -> List["Questions"]:
+        """
+        Retrieve all questions associated with a parent questionnaire.
+
+        :param parent_questionnaire_id: The ID of the parent questionnaire to fetch questions for.
+        :return: A list of Questions objects associated with the parent questionnaire.
+        :raises ValueError: If parent_questionnaire_id is less than or equal to 0.
+        :raises APIRetrieveError: If the API request fails.
+        """
+        if parent_questionnaire_id <= 0:
+            raise ValueError("parent_questionnaire_id must be a positive integer")
+
+        params = {"parentId": parent_questionnaire_id}
+        endpoint = cls.get_endpoint("get_all_by_parent").format(
+            model_slug=cls._module_slug,
+        )
+
+        response = cls._get_api_handler().get(endpoint=endpoint, params=params)
+        if not response.ok:
+            raise APIRetrieveError(f"Failed to fetch questions: {response.status_code} - {response.text}")
+
+        return [cls(**ques) for ques in response.json()]
+
     @staticmethod
     def _get_additional_endpoints() -> ConfigDict:
         """
@@ -71,7 +99,7 @@ class Questions(RegScaleModel):
         :rtype: ConfigDict
         """
         return ConfigDict(
-            get_all_by_parent_get="/api/{model_slug}/getAllByParent",
+            get_all_by_parent="/api/{model_slug}/getAllByParent",
             get="/api/{model_slug}/find/{id}",
             insert="/api/{model_slug}/create",
             update="/api/{model_slug}/update",

regscale/models/regscale_models/questionnaire.py

@@ -1,9 +1,10 @@
+# pylint: disable=C0301
 """
 This module contains the Questionnaires model in RegScale.
 """
 
 import logging
-from typing import Optional, List, Dict
+from typing import List, Optional
 
 from pydantic import ConfigDict
 
@@ -19,6 +20,7 @@ class Questionnaires(RegScaleModel):
     """
 
     _module_slug = "questionnaires"
+    _unique_fields = [["title", "parentQuestionnaireId"]]
 
     id: Optional[int] = 0
     uuid: Optional[str] = None
@@ -82,6 +84,5 @@ class Questionnaires(RegScaleModel):
         if response.ok:
             response_json = response.json()
             return [QuestionnaireInstance(**instance) for instance in response_json.get("createdInstances", [])]
-        else:
-            logger.info(f"Failed to create instances from questionnaires {response.status_code} - {response.text}")
+        logger.info("Failed to create instances from questionnaires %i - %s", response.status_code, response.text)
         return None

regscale/models/regscale_models/questionnaire_instance.py

@@ -2,14 +2,15 @@
 This module contains the QuestionnaireInstances model.
 """
 
+import logging
 from enum import Enum
-from typing import Optional, List, Dict, Any
+from typing import Any, Dict, List, Optional
 
-from pydantic import Field, ConfigDict
+from pydantic import ConfigDict, Field
+from requests import Response
 
 from regscale.core.app.utils.app_utils import get_current_datetime
 from regscale.models.regscale_models.regscale_model import RegScaleModel
-import logging
 
 logger = logging.getLogger(__name__)
 
@@ -113,26 +114,48 @@ class QuestionnaireInstance(RegScaleModel):
         return None
 
     @classmethod
-    def link_feedback(cls, id: int) -> Optional[Dict[str, Any]]:
+    def _handle_response(cls, response: Optional[Response]) -> Optional[Dict[str, Any]]:
         """
-        Retrieves a questionnaire based on its ID for feedback purposes.
+        Helper method to handle API responses consistently.
 
-        :param int id: The ID of the questionnaire
-        :return: The response from the API or None
+        :param Optional[Response] response: The response from the API
+        :return: The JSON response if successful, None otherwise
         :rtype: Optional[Dict[str, Any]]
         """
-        endpoint = cls.get_endpoint("link_feedback").format(model_slug=cls._module_slug, id=id)
-        response = cls._get_api_handler().get(endpoint)
-
         if not response or response.status_code in [204, 404]:
             return None
         if response.ok:
-            try:
-                return response.json()
-            except Exception:
-                return None
+            return response.json()
         return None
 
+    @classmethod
+    def submit_for_feedback(cls, quid: str, payload: Dict[str, Any]) -> Optional[Dict[str, Any]]:
+        """
+        Submits a questionnaire instance for feedback.
+
+        :param str quid: The QUID of the questionnaire instance
+        :param Dict[str, Any] payload: The data to be sent in the request body
+        :return: The response from the API or None
+        :rtype: Optional[Dict[str, Any]]
+        """
+        endpoint = cls.get_endpoint("submit_for_feedback").format(model_slug=cls._module_slug, uuid=quid)
+        response = cls._get_api_handler().put(endpoint, data=payload)
+        return cls._handle_response(response)
+
+    @classmethod
+    def update_response(cls, quid: str, payload: Dict[str, Any]) -> Optional[Dict[str, Any]]:
+        """
+        Updates questionnaire instance responses.
+
+        :param str quid: The QUID of the questionnaire instance
+        :param Dict[str, Any] payload: The data to be sent in the request body containing instance and questions
+        :return: The response from the API or None
+        :rtype: Optional[Dict[str, Any]]
+        """
+        endpoint = cls.get_endpoint("update_responses").format(model_slug=cls._module_slug, uuid=quid)
+        response = cls._get_api_handler().put(endpoint, data=payload)
+        return cls._handle_response(response)
+
     @classmethod
     def get_all_by_parent(cls, parent_questionnaire_id: int) -> List["QuestionnaireInstance"]:
         """

regscale/models/regscale_models/rbac.py

@@ -8,7 +8,6 @@ logger = logging.getLogger(__name__)
 
 
 class RBAC(RegScaleModel):
-
     _module_slug = "rbac"
     id: Optional[int] = Field(alias="rbacId")
     moduleId: Optional[int] = None

regscale/models/regscale_models/regscale_model.py

@@ -32,6 +32,8 @@ T = TypeVar("T", bound="RegScaleModel")
 
 logger = logging.getLogger("regscale")
 
+IS_DISABLE_CACHE = False  # flag to disable caching
+
 
 class RegScaleModel(BaseModel, ABC):
     """Mixin class for RegScale Models to add functionality to interact with RegScale API"""
@@ -52,8 +54,6 @@ class RegScaleModel(BaseModel, ABC):
     _exclude_graphql_fields: ClassVar[List[str]] = ["extra_data", "tenantsId"]
     _original_data: Optional[Dict[str, Any]] = None
 
-    # Caching
-    _disable_cache: bool = False  # flag to disable caching
     _object_cache: ClassVar[Cache] = Cache(maxsize=100000)
     _parent_cache: ClassVar[Cache] = Cache(maxsize=50000)
     _lock_registry: ClassVar[ThreadSafeDict] = ThreadSafeDict()
@@ -78,11 +78,12 @@ class RegScaleModel(BaseModel, ABC):
         :rtype: None
         """
         try:
+            global IS_DISABLE_CACHE
             super().__init__(*args, **data)
             # Capture initial state after initialization
             self._original_data = self.dict(exclude_unset=True)
-            self._disable_cache = self._fetch_disabled_cache_setting()
-            if self._disable_cache:
+            IS_DISABLE_CACHE = self._fetch_disabled_cache_setting()
+            if IS_DISABLE_CACHE:
                 logger.debug("cache is disabled")
         except Exception as e:
             logger.error(f"Error creating {self.__class__.__name__}: {e} {data}", exc_info=True)
@@ -107,8 +108,9 @@ class RegScaleModel(BaseModel, ABC):
         :return: True if caching is disabled, False otherwise
         :rtype: bool
         """
-        cls._disable_cache = True
-        return cls._disable_cache
+        global IS_DISABLE_CACHE
+        IS_DISABLE_CACHE = True
+        return IS_DISABLE_CACHE
 
     @classmethod
     def enable_cache(cls) -> bool:
@@ -118,8 +120,9 @@ class RegScaleModel(BaseModel, ABC):
         :return: True if caching is enabled, False otherwise
         :rtype: bool
         """
-        cls._disable_cache = False
-        return cls._disable_cache
+        global IS_DISABLE_CACHE
+        IS_DISABLE_CACHE = False
+        return IS_DISABLE_CACHE
 
     @classmethod
     def _get_api_handler(cls) -> APIHandler:
@@ -207,7 +210,7 @@ class RegScaleModel(BaseModel, ABC):
         :return: The cached object if found, None otherwise
         :rtype: Optional[T]
         """
-        if cls._disable_cache:
+        if IS_DISABLE_CACHE:
             return None
         with cls._get_lock(cache_key):
             return cls._object_cache.get(cache_key)
@@ -221,7 +224,7 @@ class RegScaleModel(BaseModel, ABC):
         :return: None
         :rtype: None
         """
-        if cls._disable_cache:
+        if IS_DISABLE_CACHE:
             return
         try:
             if not obj:
@@ -271,7 +274,7 @@ class RegScaleModel(BaseModel, ABC):
         :return: None
         :rtype: None
         """
-        if cls._disable_cache:
+        if IS_DISABLE_CACHE:
             return
         parent_id = getattr(obj, cls._parent_id_field, None)
         parent_module = getattr(obj, "parentModule", getattr(obj, "parent_module", ""))
@@ -296,7 +299,7 @@ class RegScaleModel(BaseModel, ABC):
         :return: None
         :rtype: None
         """
-        if cls._disable_cache:
+        if IS_DISABLE_CACHE:
             return
         with cls._get_lock(cache_key):
             for obj in objects:
@@ -311,8 +314,6 @@ class RegScaleModel(BaseModel, ABC):
         :return: None
         :rtype: None
         """
-        if cls._disable_cache:
-            return
         cls._object_cache.clear()
 
     @classmethod
@@ -324,7 +325,7 @@ class RegScaleModel(BaseModel, ABC):
         :return: None
         :rtype: None
         """
-        if cls._disable_cache:
+        if IS_DISABLE_CACHE:
             return
         cache_key = cls._get_cache_key(obj)
         with cls._get_lock(cache_key):

regscale/models/regscale_models/risk_trend.py

@@ -0,0 +1,67 @@
+"""
+This module contains the Risk Trends model for RegScale.
+"""
+
+from typing import Optional
+
+from regscale.models.regscale_models.regscale_model import RegScaleModel
+
+
+class RiskTrend(RegScaleModel):
+    """RegScale Risk Trends
+
+    :return: RegScale Business Impact Assessment
+    """
+
+    _module_slug = "riskTrends"
+    _module_string = "riskTrends"
+    # Should we include baseline, ruleId, check, and results in unique fields?
+    _unique_fields = [
+        [
+            "riskId",
+            "category",
+        ],
+    ]
+    _parent_id_field = "riskId"
+    # Required fields (Nullable = "NO")
+    id: int
+    analysis: str = ""
+    riskTrend: str = ""
+    costImpact: float = 0.0
+    scheduleImpact: int = 0
+    dateAssessed: str = ""
+    riskId: int
+    isPublic: bool = True
+    difference: float = 0.0
+    inherentConsequence: str
+    inherentProbability: str
+    inherentRiskScore: float = 0.0
+
+    residualConsequence: str
+    residualProbability: str
+    residualRisk: str
+    residualRiskScore: float = 0.0
+
+    targetRiskScore: float = 0.0
+
+    annualLossExpectancy: float = 0.0
+
+    expectedLost: float = 0.0
+
+    lossEventFrequency: float = 0.0
+
+    maximumLoss: float = 0.0
+
+    minimumLoss: float = 0.0
+
+    riskExposure: float = 0.0
+    threatEventFrequency: float = 0.0
+
+    # Optional fields (Nullable = "YES")
+    uuid: Optional[str] = None
+    mitigationEffectiveness: Optional[str] = None
+    threatChanges: Optional[str] = None
+    impactDescription: Optional[str] = None
+    operationalRequirements: Optional[str] = None
+    riskStrategy: Optional[str] = None
+    assumptions: Optional[str] = None

regscale/utils/graphql_client.py

@@ -27,6 +27,7 @@ class PaginatedGraphQLClient:
         headers: Optional[Dict[str, str]] = None,
         logging_level: str = logging.CRITICAL,
     ) -> None:
+        from regscale.integrations.variables import ScannerVariables
         from gql import gql, Client  # Optimize import performance
         from gql.transport.requests import RequestsHTTPTransport
         from gql.transport.requests import log as requests_logger
@@ -35,7 +36,7 @@ class PaginatedGraphQLClient:
         self.endpoint = endpoint
         self.query = gql(query)
         self.headers = headers or {}  # Ensure headers are a dictionary
-        self.transport = RequestsHTTPTransport(url=endpoint, headers=self.headers)
+        self.transport = RequestsHTTPTransport(url=endpoint, headers=self.headers, verify=ScannerVariables.sslVerify)
         self.client = Client(transport=self.transport)
         self.job_progress = create_progress_object()
         requests_logger.setLevel(level=self.log_level)