regscale-cli 6.27.2.0__py3-none-any.whl → 6.27.3.0__py3-none-any.whl

regscale/integrations/public/csam/csam_agency_defined.py

@@ -0,0 +1,179 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+"""Integrates CSAM agencydefineddata into RegScale"""
+
+from rich.progress import track
+import logging
+from regscale.models.regscale_models import SecurityPlan, FormFieldValue
+from regscale.integrations.public.csam.csam_common import retrieve_from_csam, set_custom_fields
+
+logger = logging.getLogger("regscale")
+
+"""This should be refactored as a custom field to custom field parser"""
+"""Add logic to grab all the fields from agencydefineddataitems"""
+"""Create custom fields in RegScale under "CSAM custom fields tab in SSP"""
+"""Shove in whatever attributename: value pairs"""
+
+
+def update_ssp_agency_details(ssps: list, custom_fields_basic_map: dict) -> list:
+    """
+    Update the Agency Details of the SSPs
+    This requires a call to the /system/{id}/agencydefineddataitems
+    endpoint
+
+    :param list ssps: list of RegScale SSPs
+    :param dict custom_fields_basic_map: map of custom fields in RegScale
+    :return: list of updated SSPs
+    :return_type: List[SecurityPlan]
+    """
+    updated_ssps = []
+    # Check for no ssps:
+    if len(ssps) == 0:
+        return updated_ssps
+
+    # Check if existing customer
+    custom_fields_system_list = ["AI/ML Components", "IOT/OT"]
+    custom_fields_system_map = FormFieldValue.check_custom_fields(
+        custom_fields_system_list, "securityplans", "System Information"
+    )
+    if custom_fields_system_map:
+        # Specific
+        updated_ssps = update_specific_details(ssps, custom_fields_basic_map, custom_fields_system_map)
+        return updated_ssps
+
+    # Generic Agency
+    # STUB - REG-18030
+
+    return updated_ssps
+
+
+def update_specific_details(ssps: list, custom_fields_basic_map: dict, custom_fields_system_map: dict):
+    """
+    Handles the CSAM custom fields for existing customer
+
+    :param ssps: List of SSP ids
+    :param custom_fields_basic_map: dictionary mapping custom field names to ids
+    :param custom_fields_system_map: dictionary mapping custom field names to ids
+    :return: list of ssps
+    :return_type: list
+    """
+    updated_ssps = []
+    if len(ssps) == 0:
+        return updated_ssps
+
+    for index in track(
+        range(len(ssps)),
+        description=f"Importing {len(ssps)} SSP agency details...",
+    ):
+        ssp = ssps[index]
+        csam_id = ssp.otherIdentifier
+        if not csam_id:
+            logger.error(f"Could not find CSAM ID for SSP {ssp.systemName} id: {ssp.id}")
+            continue
+        else:
+            updated_ssps.append(ssp)
+
+        result = retrieve_from_csam(
+            csam_endpoint=f"/CSAM/api/v1/systems/{csam_id}/agencydefineddataitems",
+        )
+        if len(result) == 0:
+            logger.error(
+                f"Could not retrieve details for CSAM ID {csam_id}. RegScale SSP: Name: {ssp.systemName} id: {ssp.id}"
+            )
+            continue
+        # Get the custom fields
+        set_agency_details(result, ssp, custom_fields_basic_map, custom_fields_system_map)
+
+    logger.info(f"Updated {len(updated_ssps)} Security Plans with Agency Details")
+    return updated_ssps
+
+
+def set_agency_details(result: list, ssp: SecurityPlan, custom_fields_basic_map: dict, custom_fields_system_map: dict):
+    """
+    Loop through results of agencydefineddataitems
+    and set the custom fields in RegScale
+
+    :param list result: list of dict objects from CSAM
+    :param SecurityPlan ssp: RegScale Security Plan
+    :param dict custom_fields_basic_map: map of custom field names to ids
+    :param dict custom_fields_system_map: map of custom fields names to ids
+    """
+
+    field_values = []
+    # Update the fields we need
+    for item in result:
+        if item.get("attributeName") == "High Value Asset":
+            ssp.hva = True if item.get("value") == "1" else False
+
+        # Binary Values
+        elif item.get("attributeName") in ["External Web Interface", "CFO Designation", "Law Enforcement Sensitive"]:
+            field_values.append(set_binary_fields(item, ssp, custom_fields_basic_map))
+
+        elif item.get("attributeName") == "Cloud System":
+            ssp = set_cloud_system(ssp, item)
+
+        elif item.get("attributeName") == "Cloud Service Model":
+            ssp = set_cloud_service(ssp, item)
+
+        elif item.get("attributeName") == "HVA Identifier":
+            field_values.append(set_custom_fields(item, ssp, custom_fields_basic_map))
+
+        elif item.get("attributeName") in ["AI/ML Components", "IOT/OT"]:
+            field_values.append(set_custom_fields(item, ssp, custom_fields_system_map))
+
+    # Save the SSP & Custom Fields
+    ssp.defaultAssessmentDays = 0
+    ssp.save()
+    if len(field_values) > 0:
+        FormFieldValue.save_custom_fields(field_values)
+
+
+def set_cloud_system(ssp: SecurityPlan, item: dict) -> SecurityPlan:
+    """
+    Set the cloud system values in the SSP
+    :param SeucrityPlan ssp: RegScale Security Plan
+    :param dict item: record from CSAM
+    :return: SecurityPlan object with updated cloud system values
+    :return_type: SecurityPlan
+    """
+    ssp.bDeployPublic = True if item.get("value") == "Public" else False
+    ssp.bDeployPrivate = True if item.get("value") == "Private" else False
+    ssp.bDeployHybrid = True if item.get("value") == "Hybrid" else False
+    ssp.bDeployGov = True if item.get("value") == "GovCloud" else False
+    ssp.bDeployOther = True if item.get("value") == "Community" else False
+    if ssp.bDeployHybrid or ssp.bDeployOther:
+        ssp.deployOtherRemarks = "Hybrid or Community"
+
+    return ssp
+
+
+def set_cloud_service(ssp: SecurityPlan, item: dict) -> SecurityPlan:
+    """
+    Set the cloud service model values in the SSP
+
+    :param SecurityPlan ssp: RegScale Security Plan
+    :param dict item: record from CSAM
+    :return: Updated SecurityPlan object
+    :return_type: SecurityPlan
+    """
+    ssp.bModelIaaS = True if "IaaS" in item.get("value") else False
+    ssp.bModelPaaS = True if "PaaS" in item.get("value") else False
+    ssp.bModelSaaS = True if "SaaS" in item.get("value") else False
+    return ssp
+
+
+def set_binary_fields(item: dict, ssp: SecurityPlan, custom_fields_map: dict) -> dict:
+    """
+    Logic to set the custom fields were the source are binary
+
+    :param dict item: record from CSAM
+    :param SecurityPlan ssp: RegScale Security Plan
+    :param custom_fields_map: map of custom field names to ids
+    :return: RegScale custom fields records
+    :return_type: dict
+    """
+    return {
+        "record_id": ssp.id,
+        "form_field_id": custom_fields_map[item.get("attributeName")],
+        "field_value": "Yes" if (item.get("value")) == "1" else "No",
+    }

regscale/integrations/public/csam/csam_common.py

@@ -0,0 +1,154 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+"""Integrates CSAM into RegScale"""
+
+# standard python imports
+import logging
+from typing import List
+from urllib.parse import urljoin
+from regscale.core.app.application import Application
+from regscale.core.app.api import Api
+
+from regscale.models.regscale_models import SecurityPlan, Module
+from regscale.models.regscale_models.regscale_model import RegScaleModel
+from regscale.integrations.control_matcher import ControlMatcher
+from regscale.models.regscale_models.form_field_value import FormFieldValue
+
+SSP_BASIC_TAB = "Basic Info"
+CSAM_FIELD_NAME = "CSAM Id"
+FISMA_FIELD_NAME = "FISMA Id"
+SYSTEM_ID = "System ID"
+
+logger = logging.getLogger("regscale")
+
+
+def set_custom_fields(item: dict, ssp: SecurityPlan, custom_fields_map: dict) -> dict:
+    """
+    Set the custom fields for the SSP
+
+    :param dict item: record from CSAM
+    :param SecurityPlan ssp: RegScale Security Plan
+    :param dict custom_fields_map: map of custom fields in RegScale
+    :return: dictionary of field values to be saved
+    :return_type: dict
+    """
+    return {
+        "record_id": ssp.id,
+        "record_module": "securityplans",
+        "form_field_id": custom_fields_map[item.get("attributeName")],
+        "field_value": str(item.get("value")),
+    }
+
+
+def retrieve_custom_form_ssps_map(tab_name: str, field_form_id: int) -> dict:
+    """
+    Retreives a list of the SSPs in RegScale
+    Returns a map of Custom Field Value: RegScale Id
+
+    :param str tab_name: The RegScale tab name where the custom field is located
+    :param int field_form_id: The RegScale Form Id of custom field
+    :param int tab_id: The RegScale tab id
+    :return: dictionary of FieldForm Id: regscale_ssp_id
+    :return_type: dict
+    """
+    tab = Module.get_tab_by_name(regscale_module_name="securityplans", regscale_tab_name=tab_name)
+
+    field_form_map = {}
+    ssps = SecurityPlan.get_ssp_list()
+    form_values = []
+    for ssp in ssps:
+        form_values = FormFieldValue.get_field_values(
+            record_id=ssp["id"], module_name=SecurityPlan.get_module_slug(), form_id=tab.id
+        )
+
+        for form in form_values:
+            if form.formFieldId == field_form_id and form.data:
+                field_form_map[form.data] = ssp["id"]
+        form_values = []
+    return field_form_map
+
+
+def retrieve_ssps_custom_form_map(tab_name: str, field_form_id: int) -> dict:
+    """
+    Retreives a list of the SSPs in RegScale
+    Returns a map of Custom Field Value: RegScale Id
+
+    :param str tab_name: The RegScale tab name where the custom field is located
+    :param int field_form_id: The RegScale Form Id of custom field
+    :param int tab_id: The RegScale tab id
+    :return: dictionary of FieldForm Id: regscale_ssp_id
+    :return_type: dict
+    """
+    tab = Module.get_tab_by_name(regscale_module_name="securityplans", regscale_tab_name=tab_name)
+
+    field_form_map = {}
+    ssps = SecurityPlan.get_ssp_list()
+    form_values = []
+    for ssp in ssps:
+        form_values = FormFieldValue.get_field_values(
+            record_id=ssp["id"], module_name=SecurityPlan.get_module_slug(), form_id=tab.id
+        )
+
+        for form in form_values:
+            if form.formFieldId == field_form_id and form.data:
+                field_form_map[ssp["id"]] = form.data
+        form_values = []
+    return field_form_map
+
+
+def retrieve_from_csam(csam_endpoint: str) -> list:
+    """
+    Connect to CSAM and retrieve data
+
+    :param str csam_endpoint: API Endpoint
+    :return: List of dict objects
+    :return_type: list
+    """
+    logger.debug("Retrieving data from CSAM")
+    app = Application()
+    api = Api()
+    csam_token = app.config.get("csamToken")
+    csam_url = app.config.get("csamURL")
+
+    if "Bearer" not in csam_token:
+        csam_token = f"Bearer {csam_token}"
+
+    url = urljoin(csam_url, csam_endpoint)
+    headers = {
+        "Content-Type": "application/json",
+        "Accept": "application/json",
+        "Authorization": csam_token,
+    }
+
+    issue_response = api.get(url=url, headers=headers)
+    if not issue_response or issue_response.status_code in [204, 404]:
+        logger.warning(f"Call to {url} Returned error: {issue_response.text}")
+        return []
+    if issue_response.ok:
+        return issue_response.json()
+
+    return []
+
+
+def fix_form_field_value(form_fields: list) -> list:
+    """
+    Cleans up a list of FormFieldValue dicts to prevent
+    400 errors due to misformed values
+
+    :param form_fields: list of formFieldValue dicts
+    :return: list of fixed formFieldValues dicts
+    """
+    new_field_values = []
+    for field_value in form_fields:
+        # Check if record_id, record_module, and form_field_id are set
+        if (field_value.get("record_id") is None) or (field_value.get("record_id") == 0):
+            continue
+        if (field_value.get("form_field_id") is None) or (field_value.get("form_field_id") == 0):
+            continue
+
+        # Check if value == "None"
+        if field_value.get("field_value") == "None":
+            field_value["field_value"] = ""
+
+        new_field_values.append(field_value)
+    return new_field_values