Merge pull request #4217 from cisagov/feature/CSET-2885

cisagov · Nov 7, 2024 · f7b6c1a · f7b6c1a
2 parents b177f93 + fc85cd3
commit f7b6c1a
Show file tree

Hide file tree

Showing 17 changed files with 288 additions and 16 deletions.
diff --git a/CSETWebApi/CSETWeb_Api/CSETWebCore.Business/Maturity/MaturityBusiness.cs b/CSETWebApi/CSETWeb_Api/CSETWebCore.Business/Maturity/MaturityBusiness.cs
@@ -624,10 +624,10 @@ public int GetMaturityLevel(int assessmentId)
         }
 
 
-
-
-
-
+        /// <summary>
+        /// 
+        /// </summary>
+        /// <returns></returns>
         public AVAILABLE_MATURITY_MODELS ProcessModelDefaults(int assessmentId, int maturityModelId = 3)
         {
             //if the available maturity model is not selected and the application is CSET
@@ -671,6 +671,7 @@ public object GetEdmPercentScores(int assessmentId)
             };
         }
 
+
         /// <summary>
         /// 
         /// </summary>

diff --git a/CSETWebNg/src/app/app-routing.module.ts b/CSETWebNg/src/app/app-routing.module.ts
@@ -238,6 +238,7 @@ import { TutorialMvraComponent } from './assessment/prepare/maturity/tutorial-mv
 import { AllAnsweredquestionsComponent } from './reports/all-answeredquestions/all-answeredquestions.component';
 import { AllCommentsmarkedComponent } from './reports/all-commentsmarked/all-commentsmarked.component';
 import { AllReviewedComponent } from './reports/all-reviewed/all-reviewed.component';
+import { Cmmc2LevelsComponent } from './assessment/prepare/maturity/cmmc2-levels/cmmc2-levels.component';
 
 const appRoutes: Routes = [
 
@@ -409,6 +410,7 @@ const appRoutes: Routes = [
               },
               { path: 'config-cis', component: ConfigCisComponent },
               { path: 'cmmc-levels', component: CmmcLevelsComponent },
+              { path: 'cmmc2-levels', component: Cmmc2LevelsComponent },
               { path: 'csi', component: CsiComponent },
               { path: 'sal', component: SalsComponent },
               { path: 'standards', component: StandardsComponent },

diff --git a/CSETWebNg/src/app/app.module.ts b/CSETWebNg/src/app/app.module.ts
@@ -283,6 +283,7 @@ import { CompareReportMComponent } from './reports/compare-report-m/compare-repo
 import { AwwaStandardComponent } from './assessment/prepare/standards/awwa-standard/awwa-standard.component';
 import { ModelSelectComponent } from './assessment/prepare/maturity/model-select/model-select.component';
 import { CmmcLevelsComponent } from './assessment/prepare/maturity/cmmc-levels/cmmc-levels.component';
+import { Cmmc2LevelsComponent } from './assessment/prepare/maturity/cmmc2-levels/cmmc2-levels.component';
 import { CmmcAComponent } from './assessment/prepare/maturity/cmmc-a/cmmc-a.component';
 import { CategoryBlockComponent } from './assessment/questions/category-block/category-block.component';
 import { MaturityQuestionsComponent } from './assessment/questions/maturity-questions/maturity-questions.component';
@@ -829,6 +830,7 @@ import { RolesChangedComponent } from './dialogs/roles-changed/roles-changed.com
         AssessmentConfigComponent,
         CmmcAComponent,
         CmmcLevelsComponent,
+        Cmmc2LevelsComponent,
         CmmcLevelResultsComponent,
         CmmcLevelDrilldownComponent,
         CmmcComplianceComponent,

diff --git a/CSETWebNg/src/app/assessment/prepare/maturity/cmmc-levels/cmmc-levels.component.html b/CSETWebNg/src/app/assessment/prepare/maturity/cmmc-levels/cmmc-levels.component.html
@@ -20,8 +20,8 @@
   OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 
   SOFTWARE. 
 -------------------------->
-<div class="white-panel d-flex justify-content-start flex-column flex-11a">
-  <h3 class="wrap-text">CMMC Target Level Selection</h3>
+<div class="white-panel d-flex justify-content-start flex-column flex-11a" *transloco="let t">
+  <h3 class="wrap-text">{{t('titles.cmmc target level selection')}}</h3>
 
   <p>
     Select the desired maturity level. Selecting a level will include

diff --git a/CSETWebNg/src/app/assessment/prepare/maturity/cmmc2-levels/cmmc2-levels.component.html b/CSETWebNg/src/app/assessment/prepare/maturity/cmmc2-levels/cmmc2-levels.component.html
@@ -0,0 +1,94 @@
+<!---------------------- 
+
+   Copyright 2024 Battelle Energy Alliance, LLC  
+
+  Permission is hereby granted, free of charge, to any person obtaining a copy 
+  of this software and associated documentation files (the "Software"), to deal 
+  in the Software without restriction, including without limitation the rights 
+  to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 
+  copies of the Software, and to permit persons to whom the Software is 
+  furnished to do so, subject to the following conditions: 
+ 
+  The above copyright notice and this permission notice shall be included in all 
+  copies or substantial portions of the Software. 
+ 
+  THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 
+  IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 
+  FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 
+  AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 
+  LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 
+  OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 
+  SOFTWARE. 
+-------------------------->
+<div class="white-panel d-flex justify-content-start flex-column flex-11a" *transloco="let t">
+     <h3 class="wrap-text mb-3">{{t('titles.cmmc target level selection')}}</h3>
+
+     <p>
+          Select the level appropriate to your organization's assessment.
+     </p>
+
+     <div class="d-flex flex-row my-3">
+          <div class="w-25 text-center align-content-center">
+               <label class="btn btn-l1 form-check-label" [class.answer-selected]="selectedLevel == 1"
+                    (click)="saveLevel(1)">
+                    <input name="q_L1" class="btn-check" type="radio" autocomplete="off"
+                         [checked]="selectedLevel == 1">Level 1
+               </label>
+          </div>
+          <div class="w-75">
+               Foundational. Level 1 is comprised of the 15 basic safeguarding requirements specified in Federal
+               Acquisition Regulation
+               (FAR) Clause 52.204-21. Level 1 is achievable by self-assessment.
+          </div>
+     </div>
+
+     <hr>
+
+     <div class="d-flex flex-row my-3">
+          <div class="w-25 text-center align-content-center">
+               <label class="btn btn-l2 form-check-label" [class.answer-selected]="selectedLevel == 2"
+                    (click)="saveLevel(2)">
+                    <input name="q_L2" class="btn-check" type="radio" autocomplete="off"
+                         [checked]="selectedLevel == 2">Level 2
+               </label>
+          </div>
+          <div class="w-75">
+               <p>
+                    Advanced. Consists of 110 practices aligned with NIST SP 800-171. Requires annual self-assessment
+                    for select contractors or triennial third-party assessments for critical national security projects.
+
+                    The advanced level will calculate a scorecard with the Supplier Performance Risk System (SPRS)
+                    score.
+               </p>
+               <p>
+                    Level 2 can be used for a self-assessment or a certification assessment. It incorporates
+                    the security requirements specified in NIST SP 800-171 Revision 2.
+               </p>
+          </div>
+     </div>
+
+     <hr>
+
+     <div class="d-flex flex-row my-3">
+          <div class="w-25 text-center align-content-center">
+               <label class="btn btn-l3 form-check-label" [class.answer-selected]="selectedLevel == 3"
+                    (click)="saveLevel(3)">
+                    <input name="q_L3" class="btn-check" type="radio" autocomplete="off"
+                         [checked]="selectedLevel == 3">Level 3
+               </label>
+          </div>
+          <div class="w-75">
+               <p>
+                    Level 3 consists of selected security requirements derived from National Institute of Standards and
+                    Technology (NIST) Special Publication (SP) 800-172,
+               </p>
+               <p>
+                    Level 3 only applies to systems that have already achieved a Final Level 2 (C3PAO) CMMC Status.
+               </p>
+          </div>
+     </div>
+
+
+     <app-nav-back-next [page]="'cmmc2-levels'"></app-nav-back-next>
+
+</div>
diff --git a/CSETWebNg/src/app/assessment/prepare/maturity/cmmc2-levels/cmmc2-levels.component.scss b/CSETWebNg/src/app/assessment/prepare/maturity/cmmc2-levels/cmmc2-levels.component.scss
@@ -0,0 +1,63 @@
+/* Answer option button styles */
+$white: #ffffff;
+
+$l1-color: #921285;
+$l1-hover-color: #490943;
+$l1-text-color: #ffffff;
+
+$l2-color: #8cc63f;
+$l2-hover-color: #69952f;
+$l2-text-color: #000000;
+
+$l3-color: #034b61;
+$l3-hover-color: #002236;
+$l3-text-color: #ffffff;
+
+.btn-l1 {
+     background-color: $white;
+     border-color: $l1-color;
+     color: $l1-color;
+}
+
+.btn-l1.answer-selected,
+.btn-l1:hover {
+     background-color: $l1-color;
+     color: $l1-text-color;
+}
+
+.btn-l1.answer-selected:hover {
+     background-color: $l1-hover-color;
+}
+
+.btn-l2 {
+     background-color: $white;
+     border-color: $l2-color;
+     color: $l2-color;
+}
+
+.btn-l2.answer-selected,
+.btn-l2:hover {
+     background-color: $l2-color;
+     color: $l2-text-color;
+}
+
+.btn-l2.answer-selected:hover {
+     background-color: $l2-hover-color;
+}
+
+
+.btn-l3 {
+     background-color: $white;
+     border-color: $l3-color;
+     color: $l3-color;
+}
+
+.btn-l3.answer-selected,
+.btn-l3:hover {
+     background-color: $l3-color;
+     color: $l3-text-color;
+}
+
+.btn-l3.answer-selected:hover {
+     background-color: $l3-hover-color;
+}
diff --git a/CSETWebNg/src/app/assessment/prepare/maturity/cmmc2-levels/cmmc2-levels.component.ts b/CSETWebNg/src/app/assessment/prepare/maturity/cmmc2-levels/cmmc2-levels.component.ts
@@ -0,0 +1,49 @@
+import { Component } from '@angular/core';
+import { NavigationService } from '../../../../services/navigation/navigation.service';
+import { MaturityService } from '../../../../services/maturity.service';
+import { AssessmentService } from '../../../../services/assessment.service';
+import { MaturityLevel } from '../../../../models/maturity.model';
+
+@Component({
+  selector: 'app-cmmc2-levels',
+  templateUrl: './cmmc2-levels.component.html',
+  styleUrls: ['./cmmc2-levels.component.scss']
+})
+export class Cmmc2LevelsComponent {
+
+  selectedLevel: number;
+
+  constructor (
+    public assessSvc: AssessmentService,
+    public maturitySvc: MaturityService,
+    public navSvc: NavigationService
+  ) { }
+
+
+  /**
+   * 
+   */
+  ngOnInit() {
+    if (this.assessSvc.assessment == null) {
+      this.assessSvc.getAssessmentDetail().subscribe((data: any) => {
+        this.assessSvc.assessment = data;
+        this.selectedLevel = this.assessSvc.assessment.maturityModel.maturityTargetLevel;
+      });
+    } else {
+      this.selectedLevel = +this.assessSvc.assessment.maturityModel.maturityTargetLevel;
+    }
+  }
+
+  /**
+   * 
+   */
+  saveLevel(selection: number) {
+    this.selectedLevel = selection;
+
+    this.maturitySvc.saveLevel(selection).subscribe(() => {
+      // refresh Prepare section of the sidenav
+      this.navSvc.buildTree();
+      return;
+    });
+  }
+}
diff --git a/CSETWebNg/src/app/assessment/questions/grouping-block/grouping-block.component.ts b/CSETWebNg/src/app/assessment/questions/grouping-block/grouping-block.component.ts
@@ -100,7 +100,7 @@ export class GroupingBlockComponent implements OnInit {
       return false;
     }
 
-    return this.moduleBehavior.showDomainHeaders ?? true;
+    return this.moduleBehavior?.showDomainHeaders ?? true;
   }
 
   /**

diff --git a/CSETWebNg/src/app/assessment/questions/maturity-questions/maturity-questions.component.ts b/CSETWebNg/src/app/assessment/questions/maturity-questions/maturity-questions.component.ts
@@ -282,7 +282,7 @@ export class MaturityQuestionsComponent implements OnInit, AfterViewInit {
 
     let displayName = this.modelName;
 
-    if (this.moduleBehavior.displayNameKey != null) {
+    if (this.moduleBehavior?.displayNameKey != null) {
       displayName = this.tSvc.translate(this.moduleBehavior.displayNameKey);
     }
 

diff --git a/CSETWebNg/src/app/assessment/questions/question-extras/question-extras.component.ts b/CSETWebNg/src/app/assessment/questions/question-extras/question-extras.component.ts
@@ -197,7 +197,7 @@ export class QuestionExtrasComponent implements OnInit {
         }
       });
 
-      if (this.extras.is_Component === true) {
+      if (this.extras?.is_Component) {
         this.myQuestion.is_Component = true;
         this.toggleComponent = true;
       }

diff --git a/CSETWebNg/src/app/layout/layout-main/layout-main.component.scss b/CSETWebNg/src/app/layout/layout-main/layout-main.component.scss
@@ -2879,6 +2879,20 @@ table.assessment-documents th {
   color: $primary-550;
 }
 
+ol.alpha-bracket {
+  list-style-type: none; 
+  counter-reset: list-counter; 
+}
+
+ol.alpha-bracket li {
+  counter-increment: list-counter; 
+  margin-bottom: 5px;
+}
+
+ol.alpha-bracket li::before {
+  content: "[" counter(list-counter, lower-alpha) "] "; 
+}
+
 
 /// nested formatting
 .nested-question-title {

diff --git a/CSETWebNg/src/app/services/filtering/maturity-filtering/maturity-filtering.service.ts b/CSETWebNg/src/app/services/filtering/maturity-filtering/maturity-filtering.service.ts
@@ -272,23 +272,29 @@ export class MaturityFilteringService {
         case 'ACET':
           this.acetFilteringSvc.setQuestionVisibility(q, this.currentDomainName);
           break;
+
         case 'ISE':
           this.acetFilteringSvc.setIseQuestionVisibility(q, this.currentDomainName);
           break;
+
         case 'CMMC':
         case 'CMMC2':
+        case 'CMMC2F':
           this.cmmcFilteringSvc.setQuestionVisibility(q);
           break;
 
         case 'EDM':
           this.edmFilteringSvc.setQuestionVisibility(q);
           break;
+
         case 'CRR':
           this.crrFilteringSvc.setQuestionVisibility(q);
           break;
+
         case 'RRA':
           this.rraFilteringSvc.setQuestionVisibility(q);
           break;
+
         default:
           this.basicFilteringSvc.setQuestionVisibility(q);
       }

diff --git a/CSETWebNg/src/assets/i18n/en.json b/CSETWebNg/src/assets/i18n/en.json
@@ -236,6 +236,7 @@
         "none": "None"
       }
     },
+    "cmmc target level selection": "CMMC Target Level Selection",
     "network diagram": "Network Diagram",
     "diagram component questions": "Diagram Component Questions",
     "standard questions": "Standard Questions",
@@ -422,7 +423,9 @@
       "fi-c2m2": "FI",
       "li-c2m2": "LI",
       "pi-c2m2": "PI",
-      "ni-c2m2": "NI"
+      "ni-c2m2": "NI",
+      "yes-cmmc": "Met",
+      "no-cmmc": "Not"
     },
     "button-tooltips": {
       "yes": "Yes",
@@ -445,7 +448,9 @@
       "fi-c2m2": "Fully Implemented - Complete",
       "li-c2m2": "Largely Implemented - Complete, but with a recognized opportunity for improvement",
       "pi-c2m2": "Partially Implemented - Incomplete; there are multiple opportunities for improvement",
-      "ni-c2m2": "Not Implemented - Absent; the practice is not performed by the organization"
+      "ni-c2m2": "Not Implemented - Absent; the practice is not performed by the organization",
+      "yes-cmmc": "Met",
+      "no-cmmc": "Not Met"
     },
     "labels": {
       "yes": "Yes",