erangaeb · February 17, 2025 22:50
diff --git a/NISTControlParser.scala b/NISTControlParser.scala
 import scala.util.matching.Regex

 object NISTControlParser extends App {

  def generateQuestions(controlId: String, text: String): List[String] = {
    val lines = text.stripMargin.split("\n").map(_.trim).filter(_.nonEmpty).toList
    val questionList = scala.collection.mutable.ListBuffer[String]()

    val regex: Regex = """^([a-z]+|\d+)\.\s*(.*)""".r  // Matches lines like "a. Identifies..." or "1. When accounts..."

    for (line <- lines) {
      line match {
        case regex(key, value) =>
          questionList.append(s"$controlId.$key $value")
        case _ =>
          // If it's a continuation of the previous line, append it
          if (questionList.nonEmpty) {
            val lastIndex = questionList.length - 1
            questionList(lastIndex) = questionList(lastIndex) + " " + line
          }
      }
    }

    questionList.toList
  }

  val controlId = "AC-2"
  val nistControlText = """a. Identifies and selects the following types of information system accounts to support organizational missions/business functions: [Assignment: organization-defined information system account types];
                          |b. Assigns account managers for information system accounts;
                          |c. Establishes conditions for group and role membership;
                          |d. Specifies authorized users of the information system, group and role membership, and access authorizations (i.e., privileges) and other attributes (as required) for each account;
                          |e. Requires approvals by [Assignment: organization-defined personnel or roles] for requests to create information system accounts;
                          |f. Creates, enables, modifies, disables, and removes information system accounts in accordance with [Assignment: organization-defined procedures or conditions];
                          |g. Monitors the use of information system accounts;
                          |h. Notifies account managers:
                          |    1. When accounts are no longer required;
                          |    2. When users are terminated or transferred; and
                          |    3. When individual information system usage or need-to-know changes;
                          |i. Authorizes access to the information system based on:
                          |    1. A valid access authorization;
                          |    2. Intended system usage; and
                          |    3. Other attributes as required by the organization or associated missions/business functions;
                          |j. Reviews accounts for compliance with account management requirements [Assignment: organization-defined frequency];
                          |k. Establishes a process for reissuing shared/group account credentials (if deployed) when individuals are removed from the group.""".stripMargin

  val questions = generateQuestions(controlId, nistControlText)

  // Print the formatted output
  questions.foreach(println)

 }
	import scala.util.matching.Regex

	object NISTControlParser extends App {

	def generateQuestions(controlId: String, text: String): List[String] = {
	val lines = text.stripMargin.split("\n").map(_.trim).filter(_.nonEmpty).toList
	val questionList = scala.collection.mutable.ListBuffer[String]()

	val regex: Regex = """^([a-z]+\|\d+)\.\s(.)""".r // Matches lines like "a. Identifies..." or "1. When accounts..."

	for (line <- lines) {
	line match {
	case regex(key, value) =>
	questionList.append(s"$controlId.$key $value")
	case _ =>
	// If it's a continuation of the previous line, append it
	if (questionList.nonEmpty) {
	val lastIndex = questionList.length - 1
	questionList(lastIndex) = questionList(lastIndex) + " " + line
	}
	}
	}

	questionList.toList
	}

	val controlId = "AC-2"
	val nistControlText = """a. Identifies and selects the following types of information system accounts to support organizational missions/business functions: [Assignment: organization-defined information system account types];
	\|b. Assigns account managers for information system accounts;
	\|c. Establishes conditions for group and role membership;
	\|d. Specifies authorized users of the information system, group and role membership, and access authorizations (i.e., privileges) and other attributes (as required) for each account;
	\|e. Requires approvals by [Assignment: organization-defined personnel or roles] for requests to create information system accounts;
	\|f. Creates, enables, modifies, disables, and removes information system accounts in accordance with [Assignment: organization-defined procedures or conditions];
	\|g. Monitors the use of information system accounts;
	\|h. Notifies account managers:
	\| 1. When accounts are no longer required;
	\| 2. When users are terminated or transferred; and
	\| 3. When individual information system usage or need-to-know changes;
	\|i. Authorizes access to the information system based on:
	\| 1. A valid access authorization;
	\| 2. Intended system usage; and
	\| 3. Other attributes as required by the organization or associated missions/business functions;
	\|j. Reviews accounts for compliance with account management requirements [Assignment: organization-defined frequency];
	\|k. Establishes a process for reissuing shared/group account credentials (if deployed) when individuals are removed from the group.""".stripMargin

	val questions = generateQuestions(controlId, nistControlText)

	// Print the formatted output
	questions.foreach(println)

	}