Merge pull request #624 from 18F/all-rules-group

Add new assertion groupings
18F · Jul 21, 2022 · 5d3d48d · 5d3d48d
2 parents b98b7ac + 95368e3
commit 5d3d48d
Show file tree

Hide file tree

Showing 2 changed files with 22 additions and 10 deletions.
diff --git a/src/validations/rules/assertion-grouping.xsl b/src/validations/rules/assertion-grouping.xsl
@@ -3,6 +3,7 @@
     exclude-result-prefixes="xs math sch doc"
     version="3.0"
     xmlns:doc="https://fedramp.gov/oscal/fedramp-automation-documentation"
+    xmlns:feddoc="http://us.gov/documentation/federal-documentation"
     xmlns:math="http://www.w3.org/2005/xpath-functions/math"
     xmlns:sch="http://purl.oclc.org/dsdl/schematron"
     xmlns:xs="http://www.w3.org/2001/XMLSchema"
@@ -22,7 +23,7 @@
         <xsl:variable
             as="xs:string*"
             name="groups"
-            select="distinct-values(//assert/@doc:* ! local-name())" />
+            select="distinct-values(//assert/(@doc:*|@feddoc:*) ! local-name()), ('all')" />
         <!-- create the proto-JSON XML -->
         <xsl:variable
             as="node()"
@@ -51,13 +52,24 @@
                                     test="current() eq 'guide-reference'">FedRAMP OSCAL Guide</xsl:when>
                                 <xsl:when
                                     test="current() eq 'template-reference'">FedRAMP SSP Template</xsl:when>
+                                <xsl:when
+                                    test="current() eq 'documentation-reference'">Other Federal Documentation</xsl:when>
+                                <xsl:when
+                                    test="current() eq 'all'">
+                                    <xsl:text>All Rules</xsl:text>
+                                </xsl:when>
                             </xsl:choose>
                         </string>
                         <!-- get the distinct values found in this attribute -->
                         <xsl:variable
                             as="xs:string*"
                             name="groupitems"
-                            select="distinct-values($sch//@doc:*[local-name() eq $attribute-local-name] ! tokenize(., ',\s*'))" />
+                            select="
+                                if ($attribute-local-name = 'all') then
+                                    ('Unorganized')
+                                else
+                                    distinct-values($sch//(@doc:*|@feddoc:*)[local-name() eq $attribute-local-name] ! tokenize(., ',\s*'))"
+                        />
                         <!-- create a list of related assertions for each distinct attribute value-->
                         <array
                             key="groups">
@@ -116,9 +128,9 @@
                                     select="current()" />
                                 <xsl:if
                                     test="
-                                        some $d in $sch//assert/@doc:*
+                                        $item = 'Unorganized' or (some $d in $sch//assert/(@doc:*|@feddoc:*)
                                             satisfies some $t in tokenize($d, ',\s*')
-                                                satisfies $t = tokenize($item, ',\s*')">
+                                                satisfies $t = tokenize($item, ',\s*'))">
                                     <map>
                                         <string
                                             key="title">
@@ -131,9 +143,9 @@
                                                 select="$sch//assert">
                                                 <xsl:if
                                                     test="
-                                                        some $d in @doc:*
+                                                        $item = 'Unorganized' or (some $d in (@doc:*|@feddoc:*)
                                                             satisfies some $t in tokenize($d, ',\s*')
-                                                                satisfies $t = tokenize($item, ',\s*')">
+                                                                satisfies $t = tokenize($item, ',\s*'))">
                                                     <string>
                                                         <xsl:value-of
                                                             select="@id" />

diff --git a/src/validations/rules/ssp.sch b/src/validations/rules/ssp.sch
@@ -1990,7 +1990,7 @@
                 doc:checklist-reference="Section B Check 3.3, Section C Check 7"
                 doc:guide-reference="Guide to OSCAL-based FedRAMP System Security Plans §4.5"
                 doc:template-reference="System Security Plan Template §2.3"
-                feddoc:referenced-documentation="NIST Special Publication 800-63-3"
+                feddoc:documentation-reference="NIST Special Publication 800-63-3"
                 fedramp:specific="true"
                 id="has-allowed-identity-assurance-level"
                 role="error"
@@ -2010,7 +2010,7 @@
                 doc:checklist-reference="Section B Check 3.3, Section C Check 7"
                 doc:guide-reference="Guide to OSCAL-based FedRAMP System Security Plans §4.5"
                 doc:template-reference="System Security Plan Template §2.3"
-                feddoc:referenced-documentation="NIST Special Publication 800-63-3"
+                feddoc:documentation-reference="NIST Special Publication 800-63-3"
                 fedramp:specific="true"
                 id="has-allowed-authenticator-assurance-level"
                 role="error"
@@ -2030,7 +2030,7 @@
                 doc:checklist-reference="Section B Check 3.3, Section C Check 7"
                 doc:guide-reference="Guide to OSCAL-based FedRAMP System Security Plans §4.5"
                 doc:template-reference="System Security Plan Template §2.3"
-                feddoc:referenced-documentation="NIST Special Publication 800-63-3"
+                feddoc:documentation-reference="NIST Special Publication 800-63-3"
                 fedramp:specific="true"
                 id="has-allowed-federation-assurance-level"
                 role="error"
@@ -2380,7 +2380,7 @@
                     'China Telecom', 'China Telecom (Americas) Corp')" />
             <sch:assert
                 diagnostics="has-prohibited-vendor-name-diagnostic"
-                feddoc:reference-documentation="FAR 889(a)(1)(B)"
+                feddoc:documentation-reference="FAR 889(a)(1)(B)"
                 id="has-prohibited-vendor-name"
                 role="warning"
                 test="not(oscal:prop[@name eq 'vendor-name']/@value = $prohibit-vendor)">The inventory item does not cite a banned