regscale-cli 6.20.9.1__py3-none-any.whl → 6.21.0.0__py3-none-any.whl

regscale/models/integration_models/veracode.py

@@ -2,8 +2,8 @@ from typing import List, Optional, Union
 
 from regscale.core.app.logz import create_logger
 from regscale.core.app.utils.app_utils import get_current_datetime
-from regscale.integrations.scanner_integration import IntegrationFinding
-from regscale.models import Asset, Vulnerability, ImportValidater, IssueStatus
+from regscale.integrations.scanner_integration import IntegrationAsset, IntegrationFinding
+from regscale.models import Asset, ImportValidater, IssueStatus, Vulnerability
 from regscale.models.integration_models.flat_file_importer import FlatFileImporter
 
 APP_NAME = "@app_name"
@@ -77,31 +77,26 @@ class Veracode(FlatFileImporter):
         else:
             name = self.mapping.get_value(dat, "Source", "")
             account_id = str(self.mapping.get_value(dat, "ID", ""))
-        asset = Asset(
+        asset = IntegrationAsset(
             **{
-                "id": 0,
                 "name": name,
-                "otherTrackingNumber": account_id,
-                "ipAddress": "0.0.0.0",
-                "isPublic": True,
+                "ip_address": "0.0.0.0",
+                "identifier": name,
+                "other_tracking_number": account_id,
                 "status": "Active (On Network)",
-                "assetCategory": "Software",
-                "bLatestScan": True,
-                "bAuthenticatedScan": True,
-                "scanningTool": self.name,
-                "assetOwnerId": self.config["userId"],
-                "assetType": "Other",
-                "softwareVendor": "Veracode",
-                "softwareName": name,
-                "softwareVersion": version,
-                "systemAdministratorId": self.config["userId"],
-                "parentId": self.attributes.parent_id,
-                "parentModule": self.attributes.parent_module,
+                "asset_category": "Hardware",
+                "software_vendor": "Veracode",
+                "software_name": name,
+                "software_version": version,
+                "asset_type": "Other",
+                "scanning_tool": self.name,
             }
         )
         return [asset]
 
-    def create_vuln(self, dat: Optional[dict] = None, **kwargs) -> Union[List[Vulnerability], List[IntegrationFinding]]:
+    def create_vuln(
+        self, dat: Optional[dict] = None, **kwargs
+    ) -> Union[List[IntegrationFinding], List[IntegrationFinding]]:
         """
         Create a RegScale vulnerability from a vulnerability in the Veracode export file
 

regscale/models/integration_models/xray.py

@@ -1,16 +1,21 @@
 """
-Nexpose Scan information
+JFrog Xray Scan information
 """
 
-from typing import List, Optional
+import logging
+import traceback
+from typing import Callable, Iterator, Optional
 
 from regscale.core.app.application import Application
 from regscale.core.app.logz import create_logger
-from regscale.core.app.utils.app_utils import epoch_to_datetime, get_current_datetime
-from regscale.models import ImportValidater, Mapping
+from regscale.core.app.utils.app_utils import epoch_to_datetime, get_current_datetime, is_valid_fqdn
+from regscale.exceptions import ValidationException
+from regscale.integrations.scanner_integration import IntegrationAsset, IntegrationFinding
+from regscale.models import ImportValidater
 from regscale.models.integration_models.flat_file_importer import FlatFileImporter
-from regscale.models.regscale_models.asset import Asset
-from regscale.models.regscale_models.vulnerability import Vulnerability
+from regscale.models.regscale_models import IssueStatus, Vulnerability
+
+logger = logging.getLogger(__name__)
 
 
 class XRay(FlatFileImporter):
@@ -25,31 +30,46 @@ class XRay(FlatFileImporter):
     def __init__(self, **kwargs):
         self.name = kwargs.get("name")
         regscale_ssp_id = kwargs.get("regscale_ssp_id")
-        self.cvss3_score = "cvss_v3_score"
-        self.vuln_title = "cve"
-        self.required_headers = [
-            "impacted_artifact",
-        ]
-        self.mapping_file = kwargs.get("mappings_path")
-        self.disable_mapping = kwargs.get("disable_mapping")
+        # Combine related attributes to reduce instance attribute count
+        self.scanner_config = {
+            "cvss3_score": "cvss_v3_score",
+            "vuln_title": "cve",
+            "required_headers": ["impacted_artifact"],
+        }
+        # Combine mapping-related attributes
+        self.mapping_config = {
+            "mapping_file": kwargs.get("mappings_path"),
+            "disable_mapping": kwargs.get("disable_mapping"),
+        }
         self.validater = ImportValidater(
-            self.required_headers, kwargs.get("file_path"), self.mapping_file, self.disable_mapping
+            self.scanner_config["required_headers"],
+            kwargs.get("file_path"),
+            self.mapping_config["mapping_file"],
+            self.mapping_config["disable_mapping"],
         )
         self.headers = self.validater.parsed_headers
         self.mapping = self.validater.mapping
-        logger = create_logger()
+        xray_logger = create_logger()
+        # set vuln count and asset count in constructor
+        vuln_count = 0
+        asset_count = 0
+        for dat in self.validater.data:
+            vuln_count += len(self.mapping.get_value(dat, "cves", []))
+            asset_count += 1
         super().__init__(
-            logger=logger,
+            logger=xray_logger,
             app=Application(),
             headers=None,
             parent_id=regscale_ssp_id,
             parent_module="securityplans",
             asset_func=self.create_asset,
             vuln_func=self.create_vuln,
+            vuln_count=vuln_count,
+            asset_count=asset_count,
             **kwargs,
         )
 
-    def create_asset(self, dat: Optional[dict] = None) -> Optional[Asset]:
+    def create_asset(self, dat: Optional[dict] = None) -> Optional[IntegrationAsset]:
         """
         Create an asset from a row in the Xray JSON file
 
@@ -59,77 +79,251 @@ class XRay(FlatFileImporter):
         """
 
         if asset_name := self.mapping.get_value(dat, "impacted_artifact") if isinstance(dat, dict) else dat:
-            return Asset(
+            return IntegrationAsset(
                 **{
-                    "id": 0,
                     "name": asset_name,
-                    "ipAddress": "0.0.0.0",
-                    "isPublic": True,
+                    "ip_address": "0.0.0.0",
+                    "identifier": asset_name,
+                    "other_tracking_number": asset_name,
                     "status": "Active (On Network)",
-                    "assetCategory": "Software",
-                    "bLatestScan": True,
-                    "bAuthenticatedScan": True,
-                    "scanningTool": self.name,
-                    "assetOwnerId": self.config["userId"],
-                    "assetType": "Other",
-                    "fqdn": None,
-                    "operatingSystem": "Linux",
-                    "systemAdministratorId": self.config["userId"],
-                    "parentId": self.attributes.parent_id,
-                    "parentModule": self.attributes.parent_module,
+                    "asset_category": "Hardware",
+                    "asset_type": "Other",
+                    "scanning_tool": self.name,
+                    "fqdn": asset_name if is_valid_fqdn(asset_name) else None,
+                    "operating_system": "Linux",
                 }
             )
         return None
 
-    def create_vuln(self, dat: Optional[dict] = None, **kwargs) -> List[Vulnerability]:
+    def create_asset_from_name(self, asset_name: str) -> IntegrationAsset:
+        """Create an IntegrationAsset from an asset name
+
+        :param str asset_name: The name of the asset
+        :return: IntegrationAsset object
+        :rtype: IntegrationAsset
         """
-        Create a vulnerability from a row in the JFrog Xray JSON file
+        return IntegrationAsset(
+            **{
+                "name": asset_name,
+                "ip_address": "0.0.0.0",
+                "identifier": asset_name,
+                "other_tracking_number": asset_name,
+                "status": "Active (On Network)",
+                "asset_category": "Hardware",
+                "asset_type": "Other",
+                "scanning_tool": self.name,
+                "fqdn": asset_name if is_valid_fqdn(asset_name) else None,
+                "operating_system": "Linux",
+            }
+        )
 
-        :param Optional[dict] dat: Data row from JSON file, defaults to None
-        :return: List of RegScale Vulnerability object, if any
-        :rtype: List[Vulnerability]
-        """
-        asset_match = [
-            asset for asset in self.data["assets"] if asset.name == self.mapping.get_value(dat, "impacted_artifact")
-        ]
-        asset = asset_match[0] if asset_match else None
-        vulns = []
-        for vuln in self.mapping.get_value(dat, "cves", []):
-            # CVE IS A VULN, A VULN IS A CVE, Finkle is Einhorn
-            regscale_vuln = None
-            severity = (
-                Vulnerability.determine_cvss3_severity_text(float(vuln[self.cvss3_score]))
-                if vuln.get(self.cvss3_score)
-                else "low"
-            )
-            if asset_match:
-                cves = [c["cve"] for c in self.mapping.get_value(dat, "cves", []) if c.get("cve")]
-                for cve in cves:
-                    regscale_vuln = Vulnerability(
-                        id=0,
-                        scanId=0,  # set later
-                        parentId=asset.id,
-                        parentModule="assets",
-                        ipAddress="0.0.0.0",  # No ip address available
-                        lastSeen=self.scan_date,
-                        firstSeen=epoch_to_datetime(self.create_epoch),
-                        daysOpen=None,
-                        dns=self.mapping.get_value(dat, "impacted_artifact"),
-                        mitigated=None,
-                        operatingSystem="Linux",
-                        severity=severity,
-                        plugInName=self.mapping.get_value(dat, "issue_id", "XRay"),
-                        plugInId=int(self.mapping.get_value(dat, "issue_id", "Xray-0000")[5:]),
-                        cve=cve,
-                        vprScore=None,
-                        tenantsId=0,  # Need a way to figure this out programmatically
-                        title=f"{self.mapping.get_value(dat, 'issue_id') or self.mapping.get_value(dat, 'summary', f'XRay Vulnerability from Import {get_current_datetime()}')} on asset {asset.name}",
-                        description=self.mapping.get_value(dat, "summary"),
-                        plugInText=vuln.get("cve"),
-                        extra_data={
-                            "references": self.mapping.get_value(dat, "references", "None"),
-                            "solution": self.mapping.get_value(dat, "fixed_versions", "None"),
-                        },
-                    )
-                vulns.append(regscale_vuln)
-        return vulns
+    def _extract_asset_name(self, data_item) -> Optional[str]:
+        """Extract asset name from data item
+
+        :param data_item: Data item to extract asset name from
+        :return: Asset name if found, None otherwise
+        :rtype: Optional[str]
+        """
+        if isinstance(data_item, dict):
+            return self.mapping.get_value(data_item, "impacted_artifact")
+        return data_item if data_item else None
+
+    def _process_list_data(self) -> Iterator[IntegrationAsset]:
+        """Process list data and yield assets
+
+        :return: Iterator of IntegrationAsset objects
+        :rtype: Iterator[IntegrationAsset]
+        """
+        for data_item in self.file_data:
+            if asset_name := self._extract_asset_name(data_item):
+                yield self.create_asset_from_name(asset_name)
+
+    def _process_dict_data(self) -> Iterator[IntegrationAsset]:
+        """Process dict data and yield assets
+
+        :return: Iterator of IntegrationAsset objects
+        :rtype: Iterator[IntegrationAsset]
+        """
+        if asset_name := self._extract_asset_name(self.file_data):
+            yield self.create_asset_from_name(asset_name)
+
+    def asset_generator(self) -> Iterator[IntegrationAsset]:
+        """Generate IntegrationAsset objects from the data
+
+        :return: Iterator of IntegrationAsset objects
+        :rtype: Iterator[IntegrationAsset]
+        """
+        if isinstance(self.file_data, list):
+            yield from self._process_list_data()
+        elif isinstance(self.file_data, dict):
+            yield from self._process_dict_data()
+
+    def process_assets(self, func: Callable) -> None:
+        """
+        Process the assets in the data and create an iterator of IntegrationAsset objects
+
+        :param Callable func: Function to create asset (not used)
+        :return: None
+        """
+
+        # Set the assets as an iterator directly
+        self.data["assets"] = self.asset_generator()
+        self.integration_assets = self.data["assets"]
+
+    def create_vuln(self, _dat: Optional[dict] = None, **kwargs) -> Iterator[IntegrationFinding]:
+        """
+        Fetches findings from the processed json files
+
+        :param Optional[dict] _dat: Data row from JSON file (unused, kept for compatibility)
+        :param **kwargs: Additional keyword arguments including index
+        :return: A list of findings
+        :rtype: Iterator[IntegrationFinding]
+        """
+        if findings := self.fetch_findings(**kwargs):
+            yield from findings
+
+    def _validate_cve_data(self, cve_data) -> bool:
+        """Validate CVE data structure
+
+        :param cve_data: CVE data to validate
+        :return: True if valid, False otherwise
+        :rtype: bool
+        """
+        if not isinstance(cve_data, list):
+            logger.warning("CVE data is not a list, skipping vulnerability creation")
+            return False
+        return True
+
+    def _get_valid_cve_data(self, cve_data: list) -> list:
+        """Filter CVE data to only include valid entries
+
+        :param list cve_data: Raw CVE data
+        :return: Filtered CVE data with actual CVE IDs
+        :rtype: list
+        """
+        return [c for c in cve_data if c.get("cve")]
+
+    def _determine_severity_from_cve(self, cve_dat: dict) -> str:
+        """Determine severity from CVE data
+
+        :param dict cve_dat: CVE data dictionary
+        :return: Severity string
+        :rtype: str
+        """
+        cvss3_score = cve_dat.get("cvss_v3_score", 0.0)
+        if cve_dat.get(self.scanner_config["cvss3_score"]):
+            return Vulnerability.determine_cvss3_severity_text(float(cvss3_score))
+        return "low"
+
+    def _extract_plugin_id(self, data_item: dict) -> int:
+        """Extract plugin ID from issue ID
+
+        :param dict data_item: Data item containing issue information
+        :return: Plugin ID as integer
+        :rtype: int
+        """
+        issue_id = self.mapping.get_value(data_item, "issue_id", "Xray-0000")
+        try:
+            if len(issue_id) > 5:
+                return int(issue_id[5:])
+            return 0
+        except (ValueError, TypeError):
+            logger.warning("Could not parse plugin_id from issue_id: %s", issue_id)
+            return 0
+
+    def _get_title_base(self, data_item: dict) -> str:
+        """Get title base for the finding
+
+        :param dict data_item: Data item containing issue information
+        :return: Title base string
+        :rtype: str
+        """
+        return self.mapping.get_value(data_item, "issue_id") or self.mapping.get_value(
+            data_item, "summary", f"XRay Vulnerability from Import {get_current_datetime()}"
+        )
+
+    def _create_finding_from_cve(self, data_item: dict, asset_name: str, cve_dat: dict) -> IntegrationFinding:
+        """Create a single finding from CVE data
+
+        :param dict data_item: Data item containing vulnerability information
+        :param str asset_name: Asset name for the finding
+        :param dict cve_dat: CVE data dictionary
+        :return: IntegrationFinding object
+        :rtype: IntegrationFinding
+        """
+        cve = cve_dat.get("cve")
+        cvss3_score = cve_dat.get("cvss_v3_score", 0.0)
+        severity = self._determine_severity_from_cve(cve_dat)
+        plugin_id = self._extract_plugin_id(data_item)
+        title_base = self._get_title_base(data_item)
+
+        return IntegrationFinding(
+            title=f"{title_base} on asset {asset_name}",
+            description=self.mapping.get_value(data_item, "summary"),
+            severity=self.determine_severity(severity),
+            status=IssueStatus.Open.value,
+            cvss_v3_score=cvss3_score,
+            cvss_v3_vector=cve_dat.get("cvss_v3_vector", ""),
+            plugin_name=self.mapping.get_value(data_item, "issue_id", "XRay"),
+            plugin_id=plugin_id,
+            asset_identifier=asset_name,
+            cve=cve,
+            first_seen=epoch_to_datetime(self.create_epoch),
+            last_seen=self.scan_date,
+            scan_date=self.scan_date,
+            category="Software",
+            control_labels=[],
+        )
+
+    def _create_findings_from_data_item(self, data_item: dict, asset_name: str) -> Iterator[IntegrationFinding]:
+        """Create findings from a single data item
+
+        :param dict data_item: The data item containing vulnerability information
+        :param str asset_name: The asset name for the finding
+        :yields: IntegrationFinding objects
+        """
+        cve_data = self.mapping.get_value(data_item, "cves", [])
+        if not self._validate_cve_data(cve_data):
+            return
+
+        valid_cve_data = self._get_valid_cve_data(cve_data)
+        for cve_dat in valid_cve_data:
+            yield self._create_finding_from_cve(data_item, asset_name, cve_dat)
+
+    def _process_list_findings(self) -> Iterator[IntegrationFinding]:
+        """Process findings from list data
+
+        :yields: IntegrationFinding objects
+        """
+        for data_item in self.file_data:
+            if isinstance(data_item, list):
+                continue
+            asset_name = self._extract_asset_name(data_item)
+            if asset_name:
+                yield from self._create_findings_from_data_item(data_item, asset_name)
+
+    def _process_dict_findings(self) -> Iterator[IntegrationFinding]:
+        """Process findings from dict data
+
+        :yields: IntegrationFinding objects
+        """
+        asset_name = self._extract_asset_name(self.file_data)
+        if asset_name:
+            yield from self._create_findings_from_data_item(self.file_data, asset_name)
+
+    def fetch_findings(self, **_) -> Iterator[IntegrationFinding]:
+        """
+        Fetch findings from Xray scan data.
+
+        :raises ValidationException: If there is an error fetching/parsing findings
+        :yields: Iterator[IntegrationFinding]
+        """
+        try:
+            if isinstance(self.file_data, list):
+                yield from self._process_list_findings()
+            elif isinstance(self.file_data, dict):
+                yield from self._process_dict_findings()
+        except Exception as exc:
+            error_message = traceback.format_exc()
+            logger.error("Error fetching findings: %s", error_message)
+            raise ValidationException(f"Error fetching findings: {error_message}") from exc

regscale/models/regscale_models/__init__.py

@@ -1,6 +1,7 @@
 """RegScale models."""
 
 from .assessment_plan import *
+from .assessment_result import *
 from .assessment import *
 from .asset import *
 from .asset_mapping import *
@@ -10,6 +11,7 @@ from .case import *
 from .cci import *
 from .change import *
 from .checklist import *
+from .classification import *
 from .comment import *
 from .compliance_settings import *
 from .component import *
@@ -21,23 +23,32 @@ from .control_parameter import *
 from .control_test import *
 from .control_test_plan import *
 from .control_test_result import *
+from .cryptography import *
 from .custom_field import *
 from .data import *
 from .data_center import *
+from .deviation import *
 from .email import *
 from .evidence import *
 from .evidence_mapping import *
 from .facility import *
 from .file import *
+from .filetag import *
+from .form_field_value import *
+from .functional_roles import *
+from .group import *
 from .implementation_objective import *
 from .implementation_option import *
+from .implementation_role import *
 from .incident import *
 from .inherited_control import *
 from .interconnection import *
 from .issue import *
 from .leveraged_authorization import *
+from .line_of_inquiry import *
 from .link import *
 from .master_assessment import *
+from .milestone import *
 from .meta_data import *
 from .objective import *
 from .parameter import *
@@ -52,6 +63,7 @@ from .property import *
 from .question import *
 from .questionnaire import *
 from .questionnaire_instance import *
+from .rbac import *
 from .reference import *
 from .requirement import *
 from .risk import *
@@ -69,6 +81,7 @@ from .system_role import *
 from .system_role_external_assignment import *
 from .task import *
 from .threat import *
+from .team import *
 from .user import *
 from .vulnerability import *
 from .vulnerability_mapping import *

regscale/models/regscale_models/classification.py

@@ -0,0 +1,23 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+"""Model for Classification Records in the application"""
+
+from typing import Optional, Union
+
+from pydantic import ConfigDict
+from regscale.models.regscale_models.regscale_model import RegScaleModel
+
+
+class ClassifiedRecord(RegScaleModel):
+    _module_slug = "classifiedRecords"
+
+    id: Optional[int] = None
+    parentRecordId: Optional[int] = 0
+    parentModule: Optional[str] = None
+    classificationTypeId: Optional[int] = 0
+    adjustedConfidentiality: Optional[str] = None
+    confidentialityJustification: Optional[str] = None
+    adjustedAvailability: Optional[str] = None
+    availabilityJustification: Optional[str] = None
+    adjustedIntegrity: Optional[str] = None
+    integrityJustification: Optional[str] = None

regscale/models/regscale_models/control_implementation.py

@@ -70,6 +70,7 @@ class ControlImplementation(RegScaleModel):
 
     _module_slug = "controlImplementation"
     _module_string = "controls"
+    _unique_fields = [["controlID", "parentId", "parentModule"]]
     _get_objects_for_list = True
 
     controlOwnerId: str = Field(default_factory=RegScaleModel.get_user_id)
@@ -248,18 +249,19 @@ class ControlImplementation(RegScaleModel):
             return response.json()
         return None
 
-    def find_by_unique(self, **kwargs: dict) -> Optional["ControlImplementation"]:
-        """
-        Find an object by unique query.
-
-        :param dict **kwargs: The unique query parameters
-        :return: The object or None if not found
-        :rtype: Optional[ControlImplementation]
-        """
-
-        for instance in self.get_by_security_control_id(security_control_id=self.controlID):
-            return instance
-        return None
+    # Removed for now, will need to be added back once platform changes are made
+    # def find_by_unique(self, **kwargs: dict) -> Optional["ControlImplementation"]:
+    #     """
+    #     Find an object by unique query.
+    #
+    #     :param dict **kwargs: The unique query parameters
+    #     :return: The object or None if not found
+    #     :rtype: Optional[ControlImplementation]
+    #     """
+    #
+    #     for instance in self.get_by_security_control_id(security_control_id=self.controlID):
+    #         return instance
+    #     return None
 
     def _get_status_enum(self) -> List["ControlImplementationStatus"]:
         """

regscale/models/regscale_models/cryptography.py

@@ -0,0 +1,56 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+"""Model for Cryptography in the application"""
+
+from typing import Optional
+
+from pydantic import ConfigDict, Field
+from regscale.core.app.utils.app_utils import get_current_datetime
+from regscale.models.regscale_models.regscale_model import RegScaleModel
+
+
+class Cryptography(RegScaleModel):
+    _module_slug = "cryptography"
+
+    id: Optional[int] = None
+    cryptographyType: str
+    sourceArea: Optional[str] = None
+    sourceVendorName: Optional[str] = None
+    sourceModule: Optional[str] = None
+    fipsNumber: Optional[str] = None
+    bSourceEmbedded: Optional[bool] = False
+    bSourceThirdParty: Optional[bool] = False
+    bSourceOS: Optional[bool] = False
+    bSourceFIPS: Optional[bool] = False
+    bSourceOther: Optional[bool] = False
+    sourceExplanationOther: Optional[str] = None
+    destinationArea: Optional[str] = None
+    destinationVendorName: Optional[str] = None
+    destinationModule: Optional[str] = None
+    bDestinationEmbedded: Optional[bool] = False
+    bDestinationThirdParty: Optional[bool] = False
+    bDestinationOS: Optional[bool] = False
+    bDestinationFIPS: Optional[bool] = False
+    bDestinationOther: Optional[bool] = False
+    destinationExplanationOther: Optional[str] = None
+    bUsageTLS11: Optional[bool] = False
+    bUsageTLS12: Optional[bool] = False
+    bUsageTLS13: Optional[bool] = False
+    bUsageOther: Optional[bool] = False
+    usageExplanationOther: Optional[str] = None
+    usage: str
+    bRestFullDisk: Optional[bool] = False
+    bRestFile: Optional[bool] = False
+    bRestRecord: Optional[bool] = False
+    bRestNone: Optional[bool] = False
+    encryptionExplanationOther: Optional[str] = None
+    encryptionType: Optional[str] = None
+    notes: Optional[str] = None
+    referenceUrl: Optional[str] = None
+    isPublic: Optional[bool] = False
+    parentId: Optional[int] = 0
+    parentModule: Optional[str] = None
+    dateCreated: Optional[str] = Field(default_factory=get_current_datetime)
+    lastUpdatedById: Optional[str] = Field(default_factory=RegScaleModel.get_user_id)
+    dateLastUpdated: Optional[str] = Field(default_factory=get_current_datetime)
+    tenantsId: int = 1