Class: Emasser::Controls

Inherits:

SubCommandBase

• Object
• Thor
• SubCommandBase
• Emasser::Controls

Defined in:

lib/emasser/get.rb,
lib/emasser/put.rb

Overview

Update Security Control information of a system for both the Implementation Plan and Risk Assessment.

Endpoint:

/api/systems/{systemId}/controls - Update control information in a system for one or many controls

rubocop:disable Style/WordArray

Class Method Summary

• .exit_on_failure? ⇒ Boolean

Instance Method Summary

• #forSystem ⇒ Object
• #update ⇒ Object

  rubocop:disable Metrics/CyclomaticComplexity, Metrics/PerceivedComplexity.

Methods inherited from SubCommandBase

banner

Methods included from OutputConverters

#change_to_datetime, #to_output_hash

Methods included from InputConverters

#to_input_hash

Methods included from OptionsParser

#optional_options, #required_options

Class Method Details

.exit_on_failure? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/emasser/get.rb', line 220

def self.exit_on_failure?
  true
end

Instance Method Details

#forSystem ⇒ Object

# File 'lib/emasser/get.rb', line 232

def forSystem
  optional_options_keys = optional_options(@_initializer).keys
  optional_options = to_input_hash(optional_options_keys, options)

  begin
    result = EmassClient::ControlsApi.new.get_system_controls(options[:systemId], optional_options)
    puts to_output_hash(result).green
  rescue EmassClient::ApiError => e
    puts 'Exception when calling ControlsApi->get_system_controls'.red
    puts to_output_hash(e)
  end
end

#update ⇒ Object

rubocop:disable Metrics/CyclomaticComplexity, Metrics/PerceivedComplexity

# File 'lib/emasser/put.rb', line 115

def update
  # Check if business logic is satisfied
  process_business_logic

  # Required fields
  required = EmassClient::ControlsRequiredFields.new
  required.acronym = options[:acronym]
  required.responsible_entities = options[:responsibleEntities]
  required.control_designation = options[:controlDesignation]
  required.estimated_completion_date = options[:estimatedCompletionDate]
  required.implementation_narrative = options[:implementationNarrative]

  # Add optional fields
  optional = EmassClient::ControlsOptionalFields.new
  optional.implementation_status = options[:implementationStatus] if options[:implementationStatus]
  optional.severity = options[:severity] if options[:severity]
  optional.vulnerabilty_summary = options[:vulnerabiltySummary] if options[:vulnerabiltySummary]
  optional.recommendations = options[:recommendations] if options[:recommendations]
  optional.relevance_of_threat = options[:relevanceOfThreat] if options[:relevanceOfThreat]
  optional.likelihood = options[:likelihood] if options[:likelihood]
  optional.impact = options[:impact] if options[:impact]
  optional.impact_description = options[:impactDescription] if options[:impactDescription]
  optional.residual_risk_level = options[:residualRiskLevel] if options[:residualRiskLevel]
  optional.test_method = options[:testMethod] if options[:testMethod]
  optional.mitigations = options[:mitigations] if options[:mitigations]
  optional.application_layer = options[:applicationLayer] if options[:applicationLayer]
  optional.database_layer = options[:databaseLayer] if options[:databaseLayer]
  optional.operating_system_layer = options[:operatingSystemLayer] if options[:operatingSystemLayer]

  # Add conditional fields
  conditional = EmassClient::ControlsConditionalFields.new
  conditional.common_control_provider = options[:commonControlProvider] if options[:commonControlProvider]
  conditional.na_justification = options[:naJustification] if options[:naJustification]
  conditional.slcm_criticality = options[:slcmCriticality] if options[:slcmCriticality]
  conditional.slcm_frequency = options[:slcmFrequency] if options[:slcmFrequency]
  conditional.slcm_method = options[:slcmMethod] if options[:slcmMethod]
  conditional.slcm_reporting = options[:slcmReporting] if options[:slcmReporting]
  conditional.slcm_tracking = options[:slcmTracking] if options[:slcmTracking]
  conditional.slcm_comments = options[:slcmComments] if options[:slcmComments]

  # Build the request body
  body = {}
  body = body.merge(required)
  body = body.merge(optional)
  body = body.merge(conditional)

  # All good, wrap object into an array
  body_array = Array.new(1, body)

  begin
    result = EmassClient::ControlsApi.new.update_control_by_system_id(options[:systemId], body_array)
    puts to_output_hash(result).green
  rescue EmassClient::ApiError => e
    puts 'Exception when calling ControlsApi->update_control_by_system_id'.red
    puts to_output_hash(e)
  end
end