From 6253d26281977f1e8494099d16109136a5791311 Mon Sep 17 00:00:00 2001 From: Takumi Yanagawa Date: Fri, 25 Oct 2024 06:35:21 +0900 Subject: [PATCH] add local-definitions --- Makefile | 4 ++-- c2p/framework/c2p.py | 6 +++++- c2p/framework/models/pvp_result.py | 11 +++++++++++ 3 files changed, 18 insertions(+), 3 deletions(-) diff --git a/Makefile b/Makefile index e73d306..b1671dc 100644 --- a/Makefile +++ b/Makefile @@ -4,11 +4,11 @@ build: .PHONY: install install: - python -m pip install . + python -m pip install -e . .PHONY: install-dev install-dev: - python -m pip install ".[dev]" + python -m pip install -e ".[dev]" # Direct dependency is not allowed for Pypi packaging even if the dependant module is defined as extra dependencies. # Workaround: Move to manual installation by make diff --git a/c2p/framework/c2p.py b/c2p/framework/c2p.py index 0846fe3..c39971f 100644 --- a/c2p/framework/c2p.py +++ b/c2p/framework/c2p.py @@ -162,6 +162,7 @@ def _get_result(self, pvp_result: PVPResult) -> Result: start=oscal_utils.get_datetime_str(), observations=self._get_observations(pvp_result), reviewed_controls=oscal_utils.reviewed_controls(self._component_root.component_definition), + local_definitions=pvp_result.local_definitions, ) if pvp_result.links != None: result.links = list(map(lambda x: Link(href=x.href, text=x.description), pvp_result.links)) @@ -183,7 +184,10 @@ def _get_observations(self, pvp_result: PVPResult) -> List[Observation]: oscal_utils.add_prop(props, 'evaluated-on', subject, ['evaluated_on']) oscal_utils.add_prop(props, 'reason', subject, ['reason']) s = SubjectReference( - subject_uuid=oscal_utils.uuid(), title=subject.title, type=subject.type, props=props + subject_uuid=subject.subject_uuid if subject.subject_uuid else oscal_utils.uuid(), + title=subject.title, + type=subject.type, + props=props, ) subjects.append(s) diff --git a/c2p/framework/models/pvp_result.py b/c2p/framework/models/pvp_result.py index e9a6e0f..b9be1b4 100644 --- a/c2p/framework/models/pvp_result.py +++ b/c2p/framework/models/pvp_result.py @@ -19,6 +19,7 @@ from typing import List, Optional from pydantic.v1 import Field +from trestle.oscal.assessment_results import LocalDefinitions1 from c2p.common.c2p_base_model import C2PBaseModel @@ -68,6 +69,11 @@ class Subject(C2PBaseModel): A human-oriented identifier reference to a resource. Use type to indicate whether the identified resource is a component, inventory item, location, user, or something else. """ + subject_uuid: Optional[str] = Field( + None, + description="A machine-oriented identifier reference to a component, inventory-item, location, party, user, or resource using it's UUID.", + title='Subject Universally Unique Identifier Reference', + ) title: str = Field(title='Name of the object') type: str = Field( ..., @@ -118,6 +124,11 @@ class ObservationByCheck(C2PBaseModel): class PVPResult(C2PBaseModel): observations_by_check: Optional[List[ObservationByCheck]] = Field(None) + local_definitions: Optional[LocalDefinitions1] = Field( + None, + description='Equivalent to the "local-definitions" defined in the OSCAL Assessment Results.', + title='Local Definitions', + ) links: Optional[List[Link]] = Field(None)