Skip to content

Commit

Permalink
feat: add local-definitions and findings (oscal-compass#34)
Browse files Browse the repository at this point in the history
Signed-off-by: Takumi Yanagawa <yana@jp.ibm.com>
  • Loading branch information
yana1205 committed Nov 5, 2024
1 parent 2b0b410 commit 248e1ef
Show file tree
Hide file tree
Showing 3 changed files with 28 additions and 4 deletions.
4 changes: 2 additions & 2 deletions Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -4,11 +4,11 @@ build:

.PHONY: install
install:
python -m pip install .
python -m pip install -e .

.PHONY: install-dev
install-dev:
python -m pip install ".[dev]"
python -m pip install -e ".[dev]"

# Direct dependency is not allowed for Pypi packaging even if the dependant module is defined as extra dependencies.
# Workaround: Move to manual installation by make
Expand Down
9 changes: 7 additions & 2 deletions c2p/framework/c2p.py
Original file line number Diff line number Diff line change
Expand Up @@ -162,6 +162,8 @@ def _get_result(self, pvp_result: PVPResult) -> Result:
start=oscal_utils.get_datetime_str(),
observations=self._get_observations(pvp_result),
reviewed_controls=oscal_utils.reviewed_controls(self._component_root.component_definition),
local_definitions=pvp_result.local_definitions,
findings=pvp_result.findings,
)
if pvp_result.links != None:
result.links = list(map(lambda x: Link(href=x.href, text=x.description), pvp_result.links))
Expand All @@ -183,7 +185,10 @@ def _get_observations(self, pvp_result: PVPResult) -> List[Observation]:
oscal_utils.add_prop(props, 'evaluated-on', subject, ['evaluated_on'])
oscal_utils.add_prop(props, 'reason', subject, ['reason'])
s = SubjectReference(
subject_uuid=oscal_utils.uuid(), title=subject.title, type=subject.type, props=props
subject_uuid=subject.subject_uuid if subject.subject_uuid else oscal_utils.uuid(),
title=subject.title,
type=subject.type,
props=props,
)
subjects.append(s)

Expand All @@ -197,7 +202,7 @@ def _get_observations(self, pvp_result: PVPResult) -> List[Observation]:
if observation.props != None:
props = props + observation.props
o = Observation(
uuid=oscal_utils.uuid(),
uuid=observation.uuid if observation.uuid else oscal_utils.uuid(),
title=observation.title,
description=observation.title,
methods=observation.methods,
Expand Down
19 changes: 19 additions & 0 deletions c2p/framework/models/pvp_result.py
Original file line number Diff line number Diff line change
Expand Up @@ -19,8 +19,11 @@
from typing import List, Optional

from pydantic.v1 import Field
from trestle.oscal.assessment_results import LocalDefinitions1

from c2p.common.c2p_base_model import C2PBaseModel
from trestle.oscal.assessment_results import LocalDefinitions1
from trestle.oscal.common import Finding


class ResultEnum(str, Enum):
Expand Down Expand Up @@ -68,6 +71,11 @@ class Subject(C2PBaseModel):
A human-oriented identifier reference to a resource. Use type to indicate whether the identified resource is a component, inventory item, location, user, or something else.
"""

subject_uuid: Optional[str] = Field(
None,
description="A machine-oriented identifier reference to a component, inventory-item, location, party, user, or resource using it's UUID.",
title='Subject Universally Unique Identifier Reference',
)
title: str = Field(title='Name of the object')
type: str = Field(
...,
Expand All @@ -89,6 +97,7 @@ class ObservationByCheck(C2PBaseModel):
Describes an individual observation based on each Check_Id defined in Component Definition.
"""

uuid: Optional[str] = Field(None)
title: Optional[str] = Field(
None,
description='The title for this observation for the check item. If not given, check id is used.',
Expand Down Expand Up @@ -118,6 +127,16 @@ class ObservationByCheck(C2PBaseModel):

class PVPResult(C2PBaseModel):
observations_by_check: Optional[List[ObservationByCheck]] = Field(None)
findings: Optional[List[Finding]] = Field(
None,
description='Equivalent to the "findings" defined in the OSCAL Assessment Results.',
title='Describes an individual finding',
)
local_definitions: Optional[LocalDefinitions1] = Field(
None,
description='Equivalent to the "local-definitions" defined in the OSCAL Assessment Results.',
title='Local Definitions',
)
links: Optional[List[Link]] = Field(None)


Expand Down

0 comments on commit 248e1ef

Please sign in to comment.