Expand control processing to 'all' key

Allow a control to extend all controls of a policy with 'all' key.

docs/manual/developer/03_creating_content.md

@@ -700,6 +700,7 @@ Nesting can be accomplished both by
 * nesting whole control definitions, or by
 * nesting references to existing controls in the `policy:control` format, where the `policy:` part can be skipped
 if the reference points to a control in that policy.
+ * To nest all controls of a policy level, use `all` followed by the level. e.g: `cis_ocp4_1_4_0:all:level_2`.
 
 Nesting using references allows reuse of controls across multiple policies.
 

ssg/controls.py

@@ -456,14 +456,25 @@ def resolve_controls(self):
             for control in policy.controls:
                 self._resolve_control(pid, control)
 
+    def _get_foreign_subcontrols(self, policy_id, req):
+        if req.startswith("all"):
+            _, level_id = req.split(":", 1)
+            return self.get_all_controls_of_level(policy_id, level_id)
+        else:
+            return [ self.get_control(policy_id, req) ]
+
     def _resolve_control(self, pid, control):
         for sub_name in control.controls:
             policy_id = pid
             if ":" in sub_name:
-                policy_id, sub_name = sub_name.split(":", 1)
-            subcontrol = self.get_control(policy_id, sub_name)
-            self._resolve_control(pid, subcontrol)
-            control.update_with(subcontrol)
+                policy_id, req = sub_name.split(":", 1)
+                subcontrols = self._get_foreign_subcontrols(policy_id, req)
+            else:
+                subcontrols = [self.get_control(policy_id, sub_name) ]
+
+            for subcontrol in subcontrols:
+                self._resolve_control(policy_id, subcontrol)
+                control.update_with(subcontrol)
 
     def get_control(self, policy_id, control_id):
         policy = self._get_policy(policy_id)