Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Ability to Prevent Override for Designated Metaschema Content #465

Closed
4 tasks
brian-ruf opened this issue Aug 1, 2019 · 6 comments
Closed
4 tasks

Ability to Prevent Override for Designated Metaschema Content #465

brian-ruf opened this issue Aug 1, 2019 · 6 comments

Comments

@brian-ruf
Copy link
Contributor

User Story:

As an OSCAL developer, it would help to have confidence that metadata and back-matter assemblies are consistently implemented in all layers of OSCAL.

The current metaschema to schema mechanisms take a modular approach, with each of those assemblies in separate modules; however, the mechanism allows these assemblies to be overridden, which introduces the risk that these assemblies are implemented differently at different OSCAL levels.

While this override feature is desirable for some modules, it is not desirable for these assemblies. A metaschema directive to prevent the override of certain assemblies would eliminate this risk.

Goals:

Establish a metaschema mechanism to prevent the override of a specific assembly and/or an entire module.

Dependencies:

None

Acceptance Criteria

  • All OSCAL website and readme documentation affected by the changes in this issue have been updated. Changes to the OSCAL website can be made in the docs/content directory of your branch.

  • A Pull Request (PR) is submitted that fully addresses the goals of this User Story. This issue is referenced in the PR.

  • The CI-CD build process runs without any reported errors on the PR. This can be confirmed by reviewing that all checks have passed in the PR.

  • A module and/or assembly can be flagged to prevent the override, and the mechanism converts the metaschema to a schema while honoring this directive.

@david-waltermire
Copy link
Contributor

We are implementing a stop-gap in #475. This issue will be revisited in a future sprint.

david-waltermire pushed a commit that referenced this issue Aug 27, 2019
* Schematron now reports duplicate definitions in a Metaschema as an error: see #465, #475

* Catalog metaschema and SP800-53 catalog adjustments renaming 'subcontrol' to 'control' per Issue #473

* Refactored metaschemas to avoid definition clashes; more/better Schematron to detect such clashes

* Adding new module now required by catalog and profile metaschemas

* Revising profiles to be valid to newly revised schema (no more references to subcontrol elements only controls)

* Bug fix in Metaschema Schematron

* Delete FedRAMP_HIGH-baseline_profile.xml

* Delete FedRAMP_LOW-baseline_profile.xml

* Delete FedRAMP_MODERATE-baseline_profile.xml

* Create temp.txt

* Revised FedRAMP Profiles

These files include revisions to the FedRAMP baselines, plus a small FedRAMP catalog that provides three subcontrols added by FedRAMP.

* Delete temp.txt

* moved updated fedramp content to correct location

* New and improved FedRAMP profiles

* Repaired broken markdown conversion; added missing title content to FedRAMP catalog

* add note about b -> strong and i -> em (#9)

* Changed inline markup in FedRAMP profiles for lossless conversion

* One more adjustment in Markdown->XML conversion (images)

* One more time (cleaning up cleanup)
@wendellpiez
Copy link
Contributor

Currently, any attempt to override a definition is detected and warned against by the Metaschema Schematron, which effectively prohibits it since these checks must pass before any merge.

Internally, the Metaschema still follows the rule that clashing definitions (whether a purposeful override or accidental) are resolved in favor of the definition appearing last. This permits graceful overriding if we want it -- and is arguably better (whether overriding is permitted, discouraged or formally prohibited) than producing a runtime error.

@wendellpiez
Copy link
Contributor

September 5

Suggest we review current status against requirements and close the Issue or rewrite it as appropriate.

@david-waltermire
Copy link
Contributor

Assigning to sprint 25 to either add a new issue or close.

@wendellpiez
Copy link
Contributor

@brianrugsa could you review the current status for this issue?

In the current implementation, a Schematron currently prevents any overriding in any metaschema committed and run through CI/CD. We can relax this rule after further discussion. Besides the flag you propose, there are other potential solutions to the problem as stated.

@brian-ruf
Copy link
Contributor Author

@wendellpiez I believe the current mechanisms address the concern, even though it wasn't accomplished with a flag. I agree with closing this issue.

bradh pushed a commit to bradh/OSCAL that referenced this issue Dec 4, 2019
* Schematron now reports duplicate definitions in a Metaschema as an error: see usnistgov#465, usnistgov#475

* Catalog metaschema and SP800-53 catalog adjustments renaming 'subcontrol' to 'control' per Issue usnistgov#473

* Refactored metaschemas to avoid definition clashes; more/better Schematron to detect such clashes

* Adding new module now required by catalog and profile metaschemas

* Revising profiles to be valid to newly revised schema (no more references to subcontrol elements only controls)

* Bug fix in Metaschema Schematron

* Delete FedRAMP_HIGH-baseline_profile.xml

* Delete FedRAMP_LOW-baseline_profile.xml

* Delete FedRAMP_MODERATE-baseline_profile.xml

* Create temp.txt

* Revised FedRAMP Profiles

These files include revisions to the FedRAMP baselines, plus a small FedRAMP catalog that provides three subcontrols added by FedRAMP.

* Delete temp.txt

* moved updated fedramp content to correct location

* New and improved FedRAMP profiles

* Repaired broken markdown conversion; added missing title content to FedRAMP catalog

* add note about b -> strong and i -> em (usnistgov#9)

* Changed inline markup in FedRAMP profiles for lossless conversion

* One more adjustment in Markdown->XML conversion (images)

* One more time (cleaning up cleanup)
aj-stein-nist pushed a commit to aj-stein-nist/OSCAL-forked that referenced this issue Jan 25, 2023
* Schematron now reports duplicate definitions in a Metaschema as an error: see usnistgov#465, usnistgov#475

* Catalog metaschema and SP800-53 catalog adjustments renaming 'subcontrol' to 'control' per Issue usnistgov#473

* Refactored metaschemas to avoid definition clashes; more/better Schematron to detect such clashes

* Adding new module now required by catalog and profile metaschemas

* Revising profiles to be valid to newly revised schema (no more references to subcontrol elements only controls)

* Bug fix in Metaschema Schematron

* Delete FedRAMP_HIGH-baseline_profile.xml

* Delete FedRAMP_LOW-baseline_profile.xml

* Delete FedRAMP_MODERATE-baseline_profile.xml

* Create temp.txt

* Revised FedRAMP Profiles

These files include revisions to the FedRAMP baselines, plus a small FedRAMP catalog that provides three subcontrols added by FedRAMP.

* Delete temp.txt

* moved updated fedramp content to correct location

* New and improved FedRAMP profiles

* Repaired broken markdown conversion; added missing title content to FedRAMP catalog

* add note about b -> strong and i -> em (#9)

* Changed inline markup in FedRAMP profiles for lossless conversion

* One more adjustment in Markdown->XML conversion (images)

* One more time (cleaning up cleanup)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

3 participants