update content & constraints

src/content/rev5/examples/ssp/xml/fedramp-ssp-example.oscal.xml

@@ -1533,7 +1533,7 @@
             <party-uuid>11111111-2222-4000-8000-004000000018</party-uuid>
          </responsible-role>
          <responsible-role role-id="admin">
-            <party-uuid>11111111-2222-4000-8000-004000000011</party-uuid> <!-- placeholder to satisfy constraint: component-has-non-provider-responsible-role -->
+            <party-uuid>11111111-2222-4000-8000-004000000011</party-uuid>            <!-- placeholder to satisfy constraint: component-has-non-provider-responsible-role -->
          </responsible-role>
 
          <protocol name="remote" uuid="11111111-2222-4000-8000-010000000002">
@@ -1613,7 +1613,7 @@
             <party-uuid>11111111-2222-4000-8000-004000000018</party-uuid>
          </responsible-role>
          <responsible-role role-id="admin">
-            <party-uuid>11111111-2222-4000-8000-004000000011</party-uuid> <!-- placeholder to satisfy constraint: component-has-non-provider-responsible-role -->
+            <party-uuid>11111111-2222-4000-8000-004000000011</party-uuid>            <!-- placeholder to satisfy constraint: component-has-non-provider-responsible-role -->
          </responsible-role>
       </component>
 
@@ -1784,7 +1784,7 @@
          <link href="#11111111-2222-4000-8000-009000500006" rel="used-by" />
          <status state="operational"/>
          <responsible-role role-id="admin">
-            <party-uuid>11111111-2222-4000-8000-004000000011</party-uuid> <!-- placeholder to satisfy constraint: component-has-non-provider-responsible-role -->
+            <party-uuid>11111111-2222-4000-8000-004000000011</party-uuid>            <!-- placeholder to satisfy constraint: component-has-non-provider-responsible-role -->
          </responsible-role>
          <responsible-role role-id="provider">
             <party-uuid>33333333-2222-4000-8000-004000000001</party-uuid>
@@ -2197,7 +2197,7 @@
          <!-- <prop name="is-scanned" value="yes"/> -->
          <status state="operational"/>
          <responsible-role role-id="admin">
-            <party-uuid>11111111-2222-4000-8000-004000000011</party-uuid> <!-- place holder to satisfy constraint: component-has-non-provider-responsible-role -->
+            <party-uuid>11111111-2222-4000-8000-004000000011</party-uuid>            <!-- place holder to satisfy constraint: component-has-non-provider-responsible-role -->
          </responsible-role>
          <responsible-role role-id="provider">
             <party-uuid>33333333-2222-4000-8000-004000000001</party-uuid>
@@ -4883,8 +4883,37 @@
             </p>
          </remarks>
       </resource>
-
-
-
+      <resource uuid="8f742c15-9d3f-4f9a-b2b4-76f8e2734291">
+         <title>Privacy Impact Assessment</title>
+         <description>
+            <p>Privacy Impact Assessment (PIA)</p>
+         </description>
+         <prop name="type" value="plan" class="privacy-impact-assessment"/>
+         <prop name="published" value="2023-01-01T00:00:00Z"/>
+         <prop name="version" value="Document Version"/>
+         <rlink href="./documents/PIA.docx" media-type="application/msword"/>
+         <base64 filename="PIA.docx" media-type="application/msword">00000000</base64>
+         <remarks>
+            <p>Table 12-1 Attachments: Privacy Impact Assessment (PIA)</p>
+            <p>May use <code>rlink</code> with a relative path, or embedded as <code>base64</code>.
+            </p>
+         </remarks>
+      </resource>
+      <resource uuid="7d93e4f2-1b8c-4d6a-9f3b-2e5a9c8d0a1e">
+         <title>E-Authentication Workflow</title>
+         <description>
+            <p>E-Authentication Workflow Diagram</p>
+         </description>
+         <prop name="type" value="artifact" class="e-authentication-workflow"/>
+         <prop name="published" value="2023-01-01T00:00:00Z"/>
+         <prop name="version" value="Document Version"/>
+         <rlink href="./documents/EAuthWorkflow.docx" media-type="application/msword"/>
+         <base64 filename="EAuthWorkflow.docx" media-type="application/msword">00000000</base64>
+         <remarks>
+            <p>Table 12-1 Attachments: E-Authentication Workflow Diagram</p>
+            <p>May use <code>rlink</code> with a relative path, or embedded as <code>base64</code>.
+            </p>
+         </remarks>
+      </resource>
    </back-matter>
 </system-security-plan>

src/validations/constraints/content/ssp-fedramp-citations-has-correct-link-INVALID.xml

@@ -1,186 +1,12 @@
 <system-security-plan xmlns="http://csrc.nist.gov/ns/oscal/1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" uuid="12345678-1234-4321-8765-123456789012">
   <back-matter>
-    <resource uuid="eeeeeeee-0000-4000-9000-00000000000e">
-      <title>Access Control Policy</title>
-      <description>
-        <p>Detailed access control policy document</p>
-      </description>
-      <prop name="type" value="policy" ns="https://fedramp.gov/ns/oscal"/>
-      <rlink href="https://example.com/policies/access-control.pdf"/>
-    </resource>
-    <resource uuid="90a128ac-c850-48f6-8fff-a55692f80b41">
-      <title>User's Guide</title>
-      <description>
-        <p>User's Guide</p>
-      </description>
-      <prop name="type" value="users-guide"/>
-      <prop name="published" value="2023-01-01T00:00:00Z"/>
-      <rlink href="./documents/guides/sample_guide.pdf"/>
-      <remarks>
-        <p>Table 12-1 Attachments: User's Guide Attachment</p>
-        <p>May use <code>rlink</code> with a relative path, or embedded as <code>base64</code>.</p>
-      </remarks>
-    </resource>
-    <resource uuid="489112e1-57f2-4c29-8dd0-95b1442fbf3b">
-      <title>Document Title</title>
-      <description>
-        <p>Rules of Behavior</p>
-      </description>
-      <prop name="type" value="rules-of-behavior"/>
-      <prop name="published" value="2023-01-01T00:00:00Z"/>
-      <prop name="version" value="Document Version"/>
-      <rlink href="./documents/rob.docx" media-type="application/msword"/>
-      <base64 filename="rob.docx" media-type="application/msword">00000000</base64>
-      <remarks>
-        <p>Table 12-1 Attachments: Rules of Behavior (ROB)</p>
-        <p>May use <code>rlink</code> with a relative path, or embedded as <code>base64</code>.</p>
-      </remarks>
-    </resource>
-    <resource uuid="c7860916-f2f4-43aa-b578-d48cf8e6d381">
-      <title>Document Title</title>
-      <description>
-        <p>Contingency Plan (CP)</p>
-      </description>
-      <prop name="type" value="plan" class="information-system-contingency-plan"/>
-      <prop name="published" value="2023-01-01T00:00:00Z"/>
-      <prop name="version" value="Document Version"/>
-      <rlink href="./documents/cp.docx" media-type="application/msword"/>
-      <base64 filename="cp.docx" media-type="application/msword">00000000</base64>
-      <remarks>
-        <p>Table 12-1 Attachments: Contingency Plan (CP) Attachment</p>
-        <p>May use <code>rlink</code> with a relative path, or embedded as <code>base64</code>.</p>
-      </remarks>
-    </resource>
-    <resource uuid="ab56cf27-0dae-40d6-89b7-d750137309af">
-      <title>Document Title</title>
-      <description>
-        <p>Configuration Management (CM) Plan</p>
-      </description>
-      <prop name="type" value="plan" class="configuration-management-plan"/>
-      <prop name="published" value="2023-01-01T00:00:00Z"/>
-      <prop name="version" value="Document Version"/>
-      <rlink href="./documents/CM_Plan.docx" media-type="application/msword"/>
-      <base64 filename="CM_Plan.docx" media-type="application/msword">00000000</base64>
-      <remarks>
-        <p>Table 12-1 Attachments: Configuration Management (CM) Plan Attachment</p>
-        <p>May use <code>rlink</code> with a relative path, or embedded as <code>base64</code>.</p>
-      </remarks>
-    </resource>
-    <resource uuid="3f771ab5-8016-4571-98d1-f0fb962e15e2">
-      <title>Document Title</title>
-      <description>
-        <p>Incident Response (IR) Plan</p>
-      </description>
-      <prop name="type" value="plan" class="incident-response-plan"/>
-      <prop name="published" value="2023-01-01T00:00:00Z"/>
-      <prop name="version" value="Document Version"/>
-      <rlink href="./documents/IR_Plan.docx" media-type="application/msword"/>
-      <base64 filename="IR_Plan.docx" media-type="application/msword">00000000</base64>
-      <remarks>
-        <p>Table 12-1 Attachments: Incident Response (IR) Plan Attachment</p>
-        <p>May use <code>rlink</code> with a relative path, or embedded as <code>base64</code>.</p>
-      </remarks>
-    </resource>
-    <resource uuid="49fb4631-1da2-41ca-b0b3-e1b1006d4025">
-      <title>Separation of Duties Matrix</title>
-      <description>
-        <p>Separation of Duties Matrix</p>
-      </description>
-      <prop ns="https://fedramp.gov/ns/oscal" name="type" value="separation-of-duties-matrix"/>
-      <prop name="published" value="2023-01-01T00:00:00Z"/>
-      <prop name="version" value="Document Version"/>
-      <rlink href="./documents/Sep_Matrix.docx" media-type="application/msword"/>
-      <base64 filename="Sep_Matrix.docx" media-type="application/msword">00000000</base64>
-      <remarks>
-        <p>May use <code>rlink</code> with a relative path, or embedded as <code>base64</code>.</p>
-      </remarks>
-    </resource>
-    <resource uuid="d2eb3c18-6754-4e3a-a933-03d289e3fad5">
-      <title>Authorization Boundary</title>
-      <description>
-        <p>Authorization Boundary Diagram</p>
-      </description>
-      <prop ns="https://fedramp.gov/ns/oscal" name="type" value="plan"/>
-      <prop name="published" value="2023-01-01T00:00:00Z"/>
-      <prop name="version" value="Document Version"/>
-      <rlink href="./documents/AuthBoundary.docx" media-type="application/msword"/>
-      <base64 filename="AuthBoundary.docx" media-type="application/msword">00000000</base64>
-      <remarks>
-        <p>May use <code>rlink</code> with a relative path, or embedded as <code>base64</code>.</p>
-      </remarks>
-    </resource>
-    <resource uuid="61081e81-850b-43c1-bf43-1ecbddcb9e7f">
-      <title>Network Architecture</title>
-      <description>
-        <p>Network Architecture Diagram</p>
-      </description>
-      <prop ns="https://fedramp.gov/ns/oscal" name="type" value="plan"/>
-      <prop name="published" value="2023-01-01T00:00:00Z"/>
-      <prop name="version" value="Document Version"/>
-      <rlink href="./documents/NetworkArchitecture.docx" media-type="application/msword"/>
-      <base64 filename="NetworkArchitecture.docx" media-type="application/msword">00000000</base64>
-      <remarks>
-        <p>May use <code>rlink</code> with a relative path, or embedded as <code>base64</code>.</p>
-      </remarks>
-    </resource>
-    <resource uuid="ac5d7535-f3b8-45d3-bf3b-735c82c64547">
-      <title>Data Flow</title>
-      <description>
-        <p>Data flow Diagram</p>
-      </description>
-      <prop ns="https://fedramp.gov/ns/oscal" name="type" value="artifact"/>
-      <prop name="published" value="2023-01-01T00:00:00Z"/>
-      <prop name="version" value="Document Version"/>
-      <rlink href="./documents/Dataflo.docx" media-type="application/msword"/>
-      <base64 filename="Dataflow.docx" media-type="application/msword">00000000</base64>
-      <remarks>
-        <p>May use <code>rlink</code> with a relative path, or embedded as <code>base64</code>.</p>
-      </remarks>
-    </resource>
-    <resource uuid="9b657253-c129-4e88-8930-92d5267294c3">
-      <title>Privacy Impact Assessment</title>
-      <description>
-        <p>Privacy Impact Assessment (PIA)</p>
-      </description>
-      <prop name="type" value="report" class="privacy-impact-assessment"/>
-      <prop name="published" value="2023-01-01T00:00:00Z"/>
-      <prop name="version" value="1.0"/>
-      <rlink href="./documents/PIA.pdf" media-type="application/pdf"/>
-      <base64 filename="PIA.pdf" media-type="application/pdf">00000000</base64>
-      <remarks>
-        <p>Table 12-1 Attachments: Privacy Impact Assessment</p>
-        <p>May use <code>rlink</code> with a relative path, or embedded as <code>base64</code>.</p>
-      </remarks>
-    </resource>
-    <resource uuid="31f0bc7d-8c8f-45fa-9c0d-93a52a7f7c54">
-      <title>E-Authentication Workflow</title>
-      <description>
-        <p>E-Authentication Workflow Diagram</p>
-      </description>
-      <prop name="type" value="artifact" class="e-authentication-workflow"/>
-      <prop name="published" value="2023-01-01T00:00:00Z"/>
-      <prop name="version" value="1.0"/>
-      <rlink href="./documents/eauth-workflow.pdf" media-type="application/pdf"/>
-      <base64 filename="eauth-workflow.pdf" media-type="application/pdf">00000000</base64>
-      <remarks>
-        <p>Table 12-1 Attachments: E-Authentication Workflow Diagram</p>
-        <p>May use <code>rlink</code> with a relative path, or embedded as <code>base64</code>.</p>
-      </remarks>
-    </resource>
     <resource uuid="b246c9e4-057f-4e4d-89be-a9c9234ef387">
       <title>Digital Identity Worksheet</title>
       <description>
         <p>Digital Identity Determination Worksheet</p>
       </description>
-      <prop name="type" value="questionnaire" class="digital-identity-worksheet"/>
-      <prop name="published" value="2023-01-01T00:00:00Z"/>
-      <prop name="version" value="1.0"/>
+      <prop name="type" value="citation" class="fedramp-citations"/>
       <rlink href="./documents/digital-identity.xlsx" media-type="application/vnd.openxmlformats-officedocument.spreadsheetml.sheet"/>
-      <base64 filename="digital-identity.xlsx" media-type="application/vnd.openxmlformats-officedocument.spreadsheetml.sheet">00000000</base64>
-      <remarks>
-        <p>Table 12-1 Attachments: Digital Identity Worksheet</p>
-        <p>May use <code>rlink</code> with a relative path, or embedded as <code>base64</code>.</p>
-      </remarks>
     </resource>
   </back-matter>
 </system-security-plan>

src/validations/constraints/content/ssp-network-component-has-implementation-point-INVALID-2.xml

@@ -10,7 +10,6 @@
         <p>CLI for updating firebase Secure connection to an external API for data enrichment.</p>
       </description>
       <prop name="asset-type" value="cli"/>
-      <prop name="implementation-point" value="test"/>      
       <status state="operational"/>
     </component>
     <component uuid="66666666-0000-4000-9000-000000000006" type="software">

src/validations/constraints/content/ssp-network-component-has-implementation-point-INVALID.xml

@@ -12,7 +12,7 @@
       <prop name="asset-type" value="cli"/>
       <status state="operational"/>
     </component>
-    <component uuid="66666666-0000-4000-9000-000000000006" type="software">
+    <component uuid="66666666-0000-4000-9000-000000000007" type="software">
       <title>Firebase CLI Connection</title>
       <description>
         <p>CLI for updating firebase Secure connection to an external API for data enrichment.</p>

src/validations/constraints/fedramp-external-constraints.xml

@@ -667,12 +667,12 @@
             <prop namespace="https://docs.oasis-open.org/sarif/sarif/v2.1.0" name="help-url" value="https://automate.fedramp.gov/documentation/ssp/5-attachments/"/>
             <message>A FedRAMP SSP MUST have a Digital Identity Worksheet attached.</message>
         </expect>
-        <expect id="has-fedramp-citations" target="." test="count(resource[prop[@name='type' and @value='citation' and @class='fedramp-citations' ]]) = 1" level="ERROR">
+        <expect id="has-fedramp-citations" target="." test="count(resource[prop[@name='type' and @value='citation' and @class='fedramp-citations']]) = 1" level="ERROR">
             <formal-name>Has FedRAMP Citations Reference</formal-name>
             <prop namespace="https://docs.oasis-open.org/sarif/sarif/v2.1.0" name="help-url" value="https://www.fedramp.gov/assets/resources/templates/"/>
-            <message>A FedRAMP MUST be have exactly one resource with a link to the FedRAMP Laws, Regulations, Standards and Guidance. None found.</message>
+            <message>A FedRAMP MUST be have exactly one resource with a link to the FedRAMP Laws, Regulations, Standards and Guidance. {count(resource[prop[@name='type' and @value='citation' and @class='fedramp-citations']])} found.</message>
         </expect>
-        <expect id="fedramp-citations-has-correct-link" target="resource[prop[@name='type' and @value='citation' and @class='fedramp-citations']]" test="count(rlink/[@href = 'https://www.fedramp.gov/assets/resources/templates/FedRAMP-Laws-Regulations-Standards-and-Guidance-Reference.xlsx']) eq 1" level="ERROR">
+        <expect id="fedramp-citations-has-correct-link" target="resource[prop[@name='type' and @value='citation' and @class='fedramp-citations']]" test="count(rlink[@href = 'https://www.fedramp.gov/assets/resources/templates/FedRAMP-Laws-Regulations-Standards-and-Guidance-Reference.xlsx']) eq 1" level="ERROR">
             <formal-name>FedRAMP Citations Has Correct Link</formal-name>
             <prop namespace="https://docs.oasis-open.org/sarif/sarif/v2.1.0" name="help-url" value="https://www.fedramp.gov/assets/resources/templates/"/>
             <message>The FedRAMP Laws, Regulations, Standards and Guidance MUST be https://www.fedramp.gov/assets/resources/templates/FedRAMP-Laws-Regulations-Standards-and-Guidance-Reference.xlsx</message>

src/validations/constraints/unit-tests/network-component-has-implementation-point-FAIL.yaml

@@ -8,6 +8,4 @@ test-case:
     - ../content/ssp-network-component-has-implementation-point-INVALID-2.xml
   expectations:
     - constraint-id: network-component-has-implementation-point
-      fail_count:
-        type: "exact"
-        value: 2
+      result: fail