regscale-cli 6.20.4.1__py3-none-any.whl → 6.20.6.0__py3-none-any.whl

regscale/models/regscale_models/__init__.py

@@ -1,10 +1,12 @@
 """RegScale models."""
 
+from .assessment_plan import *
 from .assessment import *
 from .asset import *
 from .asset_mapping import *
 from .business_impact_assessment import *
 from .catalog import *
+from .case import *
 from .cci import *
 from .change import *
 from .checklist import *

regscale/models/regscale_models/asset.py

@@ -8,7 +8,7 @@ from enum import Enum
 from typing import Any, List, Optional, Union, cast
 from urllib.parse import urljoin
 
-from pydantic import ConfigDict, Field
+from pydantic import Field
 from requests import Response
 from rich.progress import Progress
 

regscale/models/regscale_models/catalog.py

@@ -259,3 +259,19 @@ class Catalog(RegScaleModel):
             return response
         cls.log_response_error(response, suppress_error=True)
         return response
+
+    @classmethod
+    def find_by_guid(cls, guid: str) -> Optional["Catalog"]:
+        """
+        Find a catalog by its GUID.
+
+        :param str guid: The GUID of the catalog
+        :return: The catalog object or None if not found
+        :rtype: Optional["Catalog"]
+        """
+        endpoint = cls.get_endpoint("find_by_guid").format(model_slug=cls.get_module_slug(), strID=guid)
+        response = cls._get_api_handler().get(endpoint)
+
+        if response and response.ok and response.status_code not in [204, 404]:
+            return cls.model_validate(response.json())
+        return None

regscale/models/regscale_models/file.py

@@ -188,10 +188,11 @@ class File(BaseModel):
             file_res = api.post(
                 url=f"{api.config['domain']}/api/files",
                 headers=file_headers,
-                json=new_file.dict(),
+                json=new_file.model_dump(),
             )
             if file_res.ok and return_object:
                 return File(**file_res.json()).model_dump()
+            File.create_tag_mappings(file_res)
         else:
             return False
         return file_res.ok

regscale/models/regscale_models/form_field_value.py

@@ -8,6 +8,7 @@ from typing import Any, List, Optional, Dict
 from pydantic import ConfigDict, Field
 
 from regscale.models.regscale_models.regscale_model import RegScaleModel
+from regscale.models.regscale_models.module import Module
 
 logger = logging.getLogger(__name__)
 
@@ -79,7 +80,7 @@ class FormFieldValue(RegScaleModel):
         Get custom data for a record
         :param record_id: record id
         :param module_name: module name
-        :param form_id: form id
+        :param form_id: form tab id
         :return: list of custom fields
         """
         result = cls._get_api_handler().get(
@@ -92,3 +93,60 @@ class FormFieldValue(RegScaleModel):
         else:
             cls.log_response_error(response=result)
             return []
+
+    @staticmethod
+    def check_custom_fields(fields_list: list, module_name: str, tab_name: str) -> dict:
+        """
+        Check if the custom fields exist and
+            create if not
+
+        :param list fields_list: list list of custom fields
+        :param str module_name: name of the module in RegScale
+        :param str tab_name: name of the tab in the module
+        :return: map of custom fields names to ids
+        :return_type: dict
+        """
+        # Check the custom fields exist in RegScale
+        custom_form_fields = Module.get_form_fields_by_tab_id(module_name=module_name, tab_name=tab_name)
+        if custom_form_fields:
+            custom_form_field_id_dict = {cf.regScaleName: cf.id for cf in custom_form_fields}
+        else:
+            custom_form_field_id_dict = {}
+        missing_custom_fields = []
+        for field in fields_list:
+            if field not in custom_form_field_id_dict.keys():
+                missing_custom_fields.append(field)
+
+        if len(missing_custom_fields) > 0:
+            logger.error(
+                f"The following custom fields are missing:\n \
+                    {missing_custom_fields}\n \
+                        Load these custom fields in RegScale \
+                        using the file: security_plan_custom_fields.json\
+                        and run this command again"
+            )
+
+        return custom_form_field_id_dict
+
+    @staticmethod
+    def save_custom_fields(form_field_values: list):
+        """
+        Populate Custom Fields form a list of dict of
+        record_id, form_field_id, and field_value
+
+        :param list form_field_values: list of custom form
+        fields, values, and the record to which to post
+        :return: None
+        """
+        logger.debug("Creating custom form field values...")
+        # FormFieldValue class will throw errors if encountered
+        for form_field_value in form_field_values:
+            data = [
+                FormFieldValue(
+                    formFieldId=form_field_value["form_field_id"], fieldValue=form_field_value["field_value"]
+                ),
+            ]
+            if data:
+                FormFieldValue.save_custom_data(
+                    record_id=form_field_value["record_id"], module_name="securityplans", data=data
+                )

regscale/models/regscale_models/issue.py

@@ -1,6 +1,7 @@
 #!/usr/bin/env python3
 # -*- coding: utf-8 -*-
 """Model for a RegScale Issue"""
+import datetime
 from collections import defaultdict
 from concurrent.futures import ThreadPoolExecutor, as_completed
 from enum import Enum
@@ -387,6 +388,52 @@ class Issue(RegScaleModel):
                 return "High"
         return ""
 
+    @staticmethod
+    def get_due_date(
+        severity: Union[IssueSeverity, str],
+        config: dict,
+        key: str,
+        start_date: Union[str, datetime.datetime, None] = None,
+        dt_format: Optional[str] = "%Y-%m-%dT%H:%M:%S",
+    ) -> str:
+        """
+        Function to return due date based on the severity of the issue; the values are in the init.yaml
+        and if not, it will default to 60 days from the current date.
+
+        :param Union[IssueSeverity, str] severity: Severity of the issue, can be an IssueSeverity enum or a string
+        :param dict config: Application config
+        :param str key: The key to use for init.yaml from the issues section to determine the due date
+        :param Union[str, datetime.datetime, None] start_date: The date to start the due date calculation from, defaults to current date
+        :param Optional[str] dt_format: String of the date format to use, defaults to "%Y-%m-%dT%H:%M:%S"
+        :return: Due date for the issue
+        :rtype: str
+        """
+        if isinstance(start_date, str):
+            from regscale.core.utils.date import datetime_obj
+
+            start_date = datetime_obj(start_date)
+        elif start_date is None:
+            start_date = datetime.datetime.now()
+
+        # if the severity is an enum, get the value
+        if isinstance(severity, IssueSeverity):
+            severity = severity.value
+        elif severity.lower() not in [severity.value.lower() for severity in IssueSeverity]:
+            severity = IssueSeverity.NotAssigned.value
+
+        if severity == IssueSeverity.Critical.value:
+            days = config["issues"].get(key, {}).get("critical", 0)
+        elif severity == IssueSeverity.High.value:
+            days = config["issues"].get(key, {}).get("high", 0)
+        elif severity == IssueSeverity.Moderate.value:
+            days = config["issues"].get(key, {}).get("moderate", 0) or config["issues"].get(key, {}).get("medium", 0)
+        elif severity == IssueSeverity.Low.value:
+            days = config["issues"].get(key, {}).get("low", 0)
+        else:
+            days = 60
+        due_date = start_date + datetime.timedelta(days=days)
+        return due_date.strftime(dt_format)
+
     @staticmethod
     def assign_severity(value: Optional[Any] = None) -> str:
         """

regscale/models/regscale_models/modules.py

@@ -4,7 +4,7 @@
 
 # standard python imports
 from dataclasses import asdict, dataclass
-from typing import Any
+from typing import Any, Optional
 
 from rich.console import Console
 from rich.table import Table
@@ -189,3 +189,90 @@ class Modules:
 
         # return the string
         return output
+
+    @staticmethod
+    def module_to_class(module: str) -> Optional[Any]:
+        """
+        Function to convert RegScale module to RegScale class
+
+        :param str module: RegScale module
+        :return: RegScale class if found in the mapping, else None
+        :rtype: Optional[Any]
+        """
+        from regscale.models import (
+            AssessmentPlan,
+            Assessment,
+            Asset,
+            Case,
+            Catalog,
+            Change,
+            Component,
+            Evidence,
+            Incident,
+            Issue,
+            Policy,
+            Project,
+            Questionnaires,
+            Requirement,
+            Risk,
+            SecurityPlan,
+            SupplyChain,
+            Task,
+            Threat,
+        )
+
+        regscale_models = {
+            "assessmentplans": AssessmentPlan,
+            "assessments": Assessment,
+            "assets": Asset,
+            "cases": Case,
+            "catalogues": Catalog,
+            "changes": Change,
+            "components": Component,
+            "evidence": Evidence,
+            "incidents": Incident,
+            "issues": Issue,
+            "policies": Policy,
+            "projects": Project,
+            "questionnaires": Questionnaires,
+            "requirements": Requirement,
+            "risks": Risk,
+            "securityplans": SecurityPlan,
+            "supplychain": SupplyChain,
+            "tasks": Task,
+            "threats": Threat,
+        }
+
+        return regscale_models.get(module) or None
+
+    @staticmethod
+    def get_module_to_id(module: str) -> Optional[int]:
+        """
+        Returns the id of a RegScale module
+
+        :return: id of RegScale module, if found in the mapping, else None
+        :rtype: Optional[int]
+        """
+        module_to_id = {
+            "assessmentplans": 33,
+            "assessments": 2,
+            "assets": 3,
+            "cases": 28,
+            "catalogues": 4,
+            "changes": 31,
+            "components": 27,
+            "evidence": 32,
+            "incidents": 8,
+            "issues": 10,
+            "policies": 11,
+            "projects": 12,
+            "questionnaires": 26,
+            "requirements": 13,
+            "risks": 14,
+            "securityplans": 16,
+            "supplychain": 25,
+            "tasks": 18,
+            "threats": 19,
+        }
+
+        return module_to_id.get(module)

regscale/models/regscale_models/organization.py

@@ -0,0 +1,30 @@
+"""Organization model for RegScale."""
+
+from typing import Optional
+
+from pydantic import ConfigDict
+
+from regscale.models.regscale_models.regscale_model import RegScaleModel
+
+
+class Organization(RegScaleModel):
+    """Data Model for Organizations"""
+
+    _module_slug = "organizations"
+
+    id: int = 0
+    name: Optional[str] = ""
+    description: Optional[str] = ""
+    status: Optional[str] = "Active"
+
+    @staticmethod
+    def _get_additional_endpoints() -> dict:
+        """
+        Get additional endpoints for the Facility model.
+
+        :return: A dictionary of additional endpoints
+        :rtype: dict
+        """
+        return ConfigDict(
+            get_list="/api/{model_slug}/getList",
+        )

regscale/models/regscale_models/regscale_model.py

@@ -410,12 +410,12 @@ class RegScaleModel(BaseModel, ABC):
         """
         hidden_fields = set(
             attribute_name
-            for attribute_name, model_field in self.model_fields.items()
+            for attribute_name, model_field in self.__class__.model_fields.items()
             if model_field.from_field("hidden") == "hidden"
         )
         unset_fields = set(
             attribute_name
-            for attribute_name, model_field in self.model_fields.items()
+            for attribute_name, model_field in self.__class__.model_fields.items()
             if getattr(self, attribute_name, None) is None
         )
         excluded_fields = hidden_fields.union(unset_fields)
@@ -963,24 +963,32 @@ class RegScaleModel(BaseModel, ABC):
         return items
 
     @classmethod
-    def get_field_names(cls) -> List[str]:
+    def get_field_names(cls, use_aliases: bool = False) -> List[str]:
         """
         Get the field names for the Asset model.
 
+        :param bool use_aliases: Whether to use aliases for the field names, defaults to False
         :return: List of field names
         :rtype: List[str]
         """
+        if use_aliases:
+            return [val.alias or key for key, val in cls.model_fields.items() if not key.startswith("_")]
         return [x for x in get_type_hints(cls).keys() if not x.startswith("_")]
 
     @classmethod
-    def build_graphql_fields(cls) -> str:
+    def build_graphql_fields(cls, use_aliases: bool = False) -> str:
         """
         Dynamically builds a GraphQL query for a given Pydantic model class.
 
+        :param bool use_aliases: Whether to use aliases for the field names, defaults to False
         :return: A string representing the GraphQL query
         :rtype: str
         """
-        return "\n".join(x for x in cls.get_field_names() if x not in cls._exclude_graphql_fields and x != "extra_data")
+        return "\n".join(
+            x
+            for x in cls.get_field_names(use_aliases=use_aliases)
+            if x not in cls._exclude_graphql_fields and x != "extra_data"
+        )
 
     @classmethod
     def get_by_parent(cls, parent_id: int, parent_module: str) -> List[T]:
@@ -1142,13 +1150,18 @@ class RegScaleModel(BaseModel, ABC):
         :return: The saved object
         :rtype: T
         """
-        if self.has_changed():
+        # Check if the model has change tracking and if there are changes
+        has_change_tracking = hasattr(self, "has_changed") and callable(getattr(self, "has_changed", None))
+        should_save = not has_change_tracking or self.has_changed()
+
+        if should_save:
             if bulk:
                 logger.debug(f"Adding {self.__class__.__name__} {self.id} to pending updates")
                 self._get_pending_updates().add(self._get_cache_key(self))
                 self.cache_object(self)  # Update the cache with the current state
                 return self
             else:
+                logger.debug(f"Saving {self.__class__.__name__} {self.id}")
                 return self._perform_save()
         else:
             logger.debug(f"No changes detected for {self.__class__.__name__} {self.id}")
@@ -1276,6 +1289,7 @@ class RegScaleModel(BaseModel, ABC):
         endpoint = self.get_endpoint("update").format(id=self.id)
         response = self._get_api_handler().put(endpoint=endpoint, data=self.dict(), headers=self._get_headers())
         if hasattr(response, "ok") and response.ok:
+            logger.debug(f"Successfully saved {self.__class__.__name__} {self.id}")
             obj = self.__class__(**response.json())
             self.cache_object(obj)
             return obj

regscale/models/regscale_models/security_control.py

@@ -24,8 +24,10 @@ class SecurityControl(RegScaleModel):
         ["controlId", "catalogueId"],
     ]
     _parent_id_field = "catalogueId"
+    _exclude_graphql_fields = ["objectives", "tests", "parameters"]
 
     id: int = 0
+    otherId: Optional[str] = None
     isPublic: bool = True
     uuid: Optional[str] = None
     controlId: Optional[str] = None
@@ -130,3 +132,48 @@ class SecurityControl(RegScaleModel):
         config = api.config
         res = api.get(config["domain"] + f"/api/securitycontrols/findByUniqueId/{control_name}/{catalog_id}")
         return SecurityControl(**res.json()) if res.status_code == 200 else None
+
+    @classmethod
+    def get_controls_by_parent_id_and_module(
+        cls, parent_id: int, parent_module: str, return_dicts: bool = False
+    ) -> List["SecurityControl"]:
+        """
+        Get a list of Security Controls by parent ID and module using GraphQL
+
+        :param int parent_id: The ID of the parent
+        :param str parent_module: The module of the parent
+        :param bool return_dicts: Whether to return the controls as a list of dicts, defaults to False
+        :return: A list of Security Controls
+        :rtype: List["SecurityControl"]
+        """
+        query = f"""
+            query {{
+            controlImplementations(skip: 0, take: 50, where:  {{
+                parentId:  {{
+                    eq: {parent_id}
+                }},
+                parentModule:  {{
+                    eq: "{parent_module}"
+                }}
+                control:  {{
+                    id:  {{
+                    gt: 0
+                    }}
+                }}
+            }}) {{
+                items {{
+                    control {{
+                        {cls.build_graphql_fields(use_aliases=True)}
+                    }}
+                }}
+                totalCount
+                pageInfo {{
+                    hasNextPage
+                }}
+            }}
+        }}"""
+        data = cls._get_api_handler().graph(query=query)
+        controls = data.get("controlImplementations", {}).get("items", [])
+        if return_dicts:
+            return [control["control"] for control in controls if control.get("control")]
+        return [cls(**control["control"]) for control in controls if control.get("control")]

regscale/models/regscale_models/security_plan.py

@@ -27,6 +27,7 @@ class SecurityPlan(RegScaleModel):
     defaultAssessmentDays: int = 0
     planInformationSystemSecurityOfficerId: Optional[str] = None
     planAuthorizingOfficialId: Optional[str] = None
+    systemSecurityManagerId: Optional[str] = None
     systemOwnerId: Optional[str] = None  # this could be userID
     otherIdentifier: Optional[str] = ""
     confidentiality: str = ""
@@ -138,6 +139,8 @@ class SecurityPlan(RegScaleModel):
         return ConfigDict(  # type: ignore
             get_control_implementations="/api/controlImplementation/getAllByPlan/{plan_id}",
             mega_api="/api/{module_slug}/megaAPI/{intId}",
+            export_cis_crm="/api/{module_slug}/exportFedrampRev5CisCrm/{intId}",
+            list="/api/{module_slug}/getList",
         )
 
     @classmethod
@@ -156,6 +159,35 @@ class SecurityPlan(RegScaleModel):
             return response.json()
         return {}
 
+    @classmethod
+    def export_cis_crm(cls, ssp_id: int) -> dict:
+        """
+        Export to a new CIS/CRM workbook with an existing SSP ID
+
+        :param int ssp_id: RegScale SSP ID
+        :return: A status message
+        :rtype: dict
+        """
+        response = cls._get_api_handler().get(
+            endpoint=cls.get_endpoint("export_cis_crm").format(module_slug=cls._module_slug, intId=ssp_id)
+        )
+        if response.ok:
+            return response.json()
+        return {}
+
+    @classmethod
+    def get_list(cls) -> list:
+        """
+        Get a list of objects.
+
+        :return: A list of objects
+        :rtype: list
+        """
+        response = cls._get_api_handler().get(endpoint=cls.get_endpoint("list").format(module_slug=cls._module_slug))
+        if not response.raise_for_status():
+            return response.json()
+        return []
+
     # Legacy code
     def create_new_ssp(self, api: Api, return_id: Optional[bool] = False) -> Union[int, None, "SecurityPlan"]:
         """

regscale/models/regscale_models/vulnerability.py

@@ -14,9 +14,9 @@ from regscale.core.app.api import Api
 from regscale.core.app.application import Application
 from regscale.core.app.utils.app_utils import get_current_datetime
 from regscale.models import regscale_models
+from regscale.models.regscale_models.issue import IssueStatus
 from regscale.models.regscale_models.regscale_model import RegScaleModel
 
-
 logger = logging.getLogger("regscale")
 
 
@@ -68,7 +68,7 @@ class Vulnerability(RegScaleModel):
     firstSeen: Optional[str] = None
     daysOpen: Optional[int] = None
     dns: Optional[str] = None
-    ipAddress: Optional[str] = ""
+    ipAddress: Optional[str] = None
     mitigated: Optional[bool] = None
     operatingSystem: Optional[str] = None
     port: Optional[Union[str, int]] = None
@@ -86,7 +86,7 @@ class Vulnerability(RegScaleModel):
     tenantsId: int = Field(default=0)
     isPublic: bool = Field(default=False)
     dateClosed: Optional[str] = None
-    status: Optional[VulnerabilityStatus] = VulnerabilityStatus.Open
+    status: Optional[Union[str, IssueStatus]] = Field(default_factory=IssueStatus.Open)
     buildVersion: Optional[str] = None
     cvsSv3BaseVector: Optional[str] = None
     cvsSv2BaseVector: Optional[str] = None

regscale/models/regscale_models/vulnerability_mapping.py

@@ -23,7 +23,7 @@ class VulnerabilityMapping(RegScaleModel):
     vulnerabilityId: int
     assetId: int
     scanId: Optional[int] = None
-    securityPlansId: Optional[int] = None
+    securityPlanId: Optional[int] = None
     status: Optional[str] = Field(max_length=450)
     firstSeen: str
     lastSeen: str
@@ -33,7 +33,7 @@ class VulnerabilityMapping(RegScaleModel):
     lastUpdatedById: str = Field(default_factory=RegScaleModel.get_user_id)
     dateCreated: str
     dateLastUpdated: Optional[str] = None
-    tenantsId: int = Field(default=0)
+    tenantsId: int = Field(default=1)
 
     @staticmethod
     def _get_additional_endpoints() -> ConfigDict:

regscale/regscale.py

@@ -127,6 +127,7 @@ file_upload = import_command_with_timing("regscale.core.app.internal.file_upload
 migrations = import_command_with_timing(INTERNAL, "migrations")
 model = import_command_with_timing(INTERNAL, "model")
 issues = import_command_with_timing(INTERNAL, "issues")
+set_permissions = import_command_with_timing(INTERNAL, "set_permissions")
 
 ############################################################
 # Public Integrations
@@ -757,6 +758,7 @@ cli.add_command(evidence)  # add Evidence Feature
 cli.add_command(migrations)  # add data migration support
 cli.add_command(issues)  # add POAM(Issues) Editor Feature
 cli.add_command(model)  # add POAM(Issues) Editor Feature
+cli.add_command(set_permissions)  # add builk editor for record permissions
 
 ############################################################
 # Add Commercial Integrations

{regscale_cli-6.20.4.1.dist-info → regscale_cli-6.20.6.0.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: regscale-cli
-Version: 6.20.4.1
+Version: 6.20.6.0
 Summary: Command Line Interface (CLI) for bulk processing/loading data into RegScale
 Home-page: https://github.com/RegScale/regscale-cli
 Author: Travis Howerton