to_xccdf: Enable STIGViewer support for automatic CCI descriptions. (#…

…222) * XCCDF ident elements with CCI values should use a cyber.mil/cci system attribute to display correctly in STIG Viewer. * inspec2xccdf: Add support for Legacy IDs in the DISA STIGViewer. * to_xccdf: refactored ident system logic for CCIs into the Ident constructor Signed-off-by: Jarod Neuner <[email protected]> Co-authored-by: Kyle <[email protected]>
mitre · Apr 16, 2021 · d4ee848 · d4ee848
1 parent d982e0d
commit d4ee848
Show file tree

Hide file tree

Showing 3 changed files with 12 additions and 4 deletions.
diff --git a/lib/happy_mapper_tools/benchmark.rb b/lib/happy_mapper_tools/benchmark.rb
@@ -65,6 +65,14 @@ class Ident
       tag 'ident'
       attribute :system, String, tag: 'system'
       content :ident, String
+      def initialize(ident_str)
+        @ident = ident_str
+	if ident_str =~ /^(CCI-[0-9]{6})$/
+          @system = 'http://cyber.mil/cci'
+	else
+          @system = 'http://cyber.mil/legacy'
+	end
+      end
     end
 
     # Class Fixtext maps from the 'fixtext' from Benchmark XML file using HappyMapper

diff --git a/lib/utilities/xccdf/from_inspec.rb b/lib/utilities/xccdf/from_inspec.rb
@@ -34,6 +34,7 @@ def parse_data_for_xccdf(json) # rubocop:disable Metrics/AbcSize, Metrics/Cyclom
         c_data[c_id]['rweight']        = control['tags']['rweight'] if control['tags']['rweight'] # Optional attribute where N/A is not schema compliant
         c_data[c_id]['stig_id']        = control['tags']['stig_id'] || DATA_NOT_FOUND_MESSAGE
         c_data[c_id]['cci']            = control['tags']['cci'] if control['tags']['cci'] # Optional attribute
+        c_data[c_id]['legacy']         = control['tags']['legacy'] if control['tags']['legacy'] # Optional attribute
         c_data[c_id]['nist']           = control['tags']['nist'] || ['unmapped']
         c_data[c_id]['check']          = control['tags']['check'] || DATA_NOT_FOUND_MESSAGE
         c_data[c_id]['checkref']       = control['tags']['checkref'] || DATA_NOT_FOUND_MESSAGE

diff --git a/lib/utilities/xccdf/to_xccdf.rb b/lib/utilities/xccdf/to_xccdf.rb
@@ -74,6 +74,7 @@ def build_groups # rubocop:disable Metrics/AbcSize
         end
 
         group.rule.ident = build_rule_idents(control['cci']) if control['cci']
+        group.rule.ident += build_rule_idents(control['legacy']) if control['legacy']
 
         group.rule.fixtext = HappyMapperTools::Benchmark::Fixtext.new
         group.rule.fixtext.fixref = control['fix_id']
@@ -126,10 +127,7 @@ def build_rule_idents(idents)
 
       # Each rule identifier is a different element
       idents.map do |identifier|
-        ident = HappyMapperTools::Benchmark::Ident.new
-        ident.system = 'https://public.cyber.mil/stigs/cci/'
-        ident.ident = identifier
-        ident
+        ident = HappyMapperTools::Benchmark::Ident.new identifier
       end
     end
 
@@ -227,6 +225,7 @@ def populate_rule_result(control, result, result_status)
       rule_result.instance = result['code_desc']
 
       rule_result.ident = build_rule_idents(control['cci']) if control['cci']
+      rule_result.ident += build_rule_idents(control['legacy']) if control['legacy']
 
       # Fix information is only necessary when there are failed tests
       rule_result.fix = build_rule_fix(control['fix_id']) if control['fix_id'] && result_status == 'fail'