adjust help uri coverage

GSA · Oct 4, 2024 · ae0b569 · ae0b569
1 parent f4d4bb8
commit ae0b569
Show file tree

Hide file tree

Showing 2 changed files with 20 additions and 26 deletions.
diff --git a/src/validations/constraints/fedramp-external-allowed-values.xml b/src/validations/constraints/fedramp-external-allowed-values.xml
@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<metaschema-meta-constraints xmlns="http://csrc.nist.gov/ns/oscal/metaschema/1.0">
+<metaschema-meta-constraints xmlns="http://csrc.nist.gov/ns/oscal/metaschema/1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://csrc.nist.gov/ns/oscal/metaschema/1.0 https://raw.githubusercontent.com/metaschema-framework/metaschema/refs/heads/develop/schema/xml/metaschema-meta-constraints.xsd">
     <!-- ================== -->
     <!-- FedRAMP Extensions -->
     <!-- ================== -->
@@ -148,6 +148,7 @@
             <allowed-values id="user-type" target="system-implementation/user/prop[@name='type']/@value" allow-other="no" level="ERROR">
                 <formal-name>User Type</formal-name>
                 <description>The type of user.</description>
+                <prop namespace="https://docs.oasis-open.org/sarif/sarif/v2.1.0" name="help-url" value="https://automate.fedramp.gov/documentation/ssp/4-ssp-template-to-oscal-mapping/#user"/>
                 <enum value="internal">Internal</enum>
                 <enum value="external">External</enum>
                 <enum value="privileged">Privileged</enum>
@@ -160,6 +161,7 @@
               <allowed-values id="privilege-level" target="system-implementation/user/prop[@name='privilege-level']/@value" allow-other="no" level="ERROR">
                 <formal-name>Privilege Level</formal-name>
                 <description>The privilege level of the user.</description>
+                <prop namespace="https://docs.oasis-open.org/sarif/sarif/v2.1.0" name="help-url" value="https://automate.fedramp.gov/documentation/ssp/4-ssp-template-to-oscal-mapping/#user"/>
                 <enum value="read">Read</enum>
                 <enum value="read-write">Read-Write</enum>
                 <enum value="write">Write</enum>
@@ -198,21 +200,23 @@
 
 
             <allowed-values id="user-privilege-level" target="//user/prop[@name='privilege-level']/@value" allow-other="no" level="ERROR">
-                        <formal-name>Privilege Level</formal-name>
-                        <description>The privilege level of the user.</description>
-                        <enum value="read">Read</enum>
-                        <enum value="read-write">Read-Write</enum>
-                        <enum value="write">Write</enum>
-                        <enum value="no-access">No Access</enum>
-                    </allowed-values>
+                <formal-name>Privilege Level</formal-name>
+                <description>The privilege level of the user.</description>
+                <prop namespace="https://docs.oasis-open.org/sarif/sarif/v2.1.0" name="help-url" value="https://automate.fedramp.gov/documentation/ssp/4-ssp-template-to-oscal-mapping/#user"/>
+                <enum value="read">Read</enum>
+                <enum value="read-write">Read-Write</enum>
+                <enum value="write">Write</enum>
+                <enum value="no-access">No Access</enum>
+            </allowed-values>
             <allowed-values id="user-sensitivity-level" target="//user/prop[@ns='https://fedramp.gov/ns/oscal' and @name='sensitivity']/@value"  allow-other="no" level="ERROR">
-                        <formal-name>User Sensitvity Level</formal-name>
-                        <description>Sensitivity level of the user.</description>
-                        <enum value="high-risk">High Risk</enum>
-                        <enum value="severe">Severe</enum>
-                        <enum value="moderate">Moderate</enum>
-                        <enum value="limited">Limited</enum>
-                        <enum value="not-applicable">Not Applicable</enum>
+                <formal-name>User Sensitvity Level</formal-name>
+                <description>Sensitivity level of the user.</description>
+                <prop namespace="https://docs.oasis-open.org/sarif/sarif/v2.1.0" name="help-url" value="https://automate.fedramp.gov/documentation/ssp/4-ssp-template-to-oscal-mapping/#user"/>
+                <enum value="high-risk">High Risk</enum>
+                <enum value="severe">Severe</enum>
+                <enum value="moderate">Moderate</enum>
+                <enum value="limited">Limited</enum>
+                <enum value="not-applicable">Not Applicable</enum>
             </allowed-values>
         </constraints>
 

diff --git a/src/validations/constraints/fedramp-external-constraints.xml b/src/validations/constraints/fedramp-external-constraints.xml
@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<metaschema-meta-constraints xmlns="http://csrc.nist.gov/ns/oscal/metaschema/1.0">
+<metaschema-meta-constraints xmlns="http://csrc.nist.gov/ns/oscal/metaschema/1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://csrc.nist.gov/ns/oscal/metaschema/1.0 https://raw.githubusercontent.com/metaschema-framework/metaschema/refs/heads/develop/schema/xml/metaschema-meta-constraints.xsd">
     <!-- ================== -->
     <!-- FedRAMP Extensions -->
     <!-- ================== -->
@@ -35,32 +35,22 @@
 
             <expect id="user-has-user-type" target="." test="count(prop[@name='type']) = 1">
                 <prop namespace="https://docs.oasis-open.org/sarif/sarif/v2.1.0" name="help-url" value="https://automate.fedramp.gov/documentation/ssp/4-ssp-template-to-oscal-mapping/#user"/>
-                <prop namespace="https://docs.oasis-open.org/sarif/sarif/v2.1.0" name="help-text" value="User must have exactly one type property."/>
-                <prop namespace="https://docs.oasis-open.org/sarif/sarif/v2.1.0" name="help-markdown" value="# User Type Requirement\n\nEach user must have exactly one type property.\n\nThis is essential for proper user classification and access control."/>
                 <message>User with uuid {@uuid} must have a single type prop.</message>
             </expect>
             <expect id="user-has-privilege-level" target="." test="count(prop[@name='privilege-level']) = 1">
                 <prop namespace="https://docs.oasis-open.org/sarif/sarif/v2.1.0" name="help-url" value="https://automate.fedramp.gov/documentation/ssp/4-ssp-template-to-oscal-mapping/#user"/>
-                <prop namespace="https://docs.oasis-open.org/sarif/sarif/v2.1.0" name="help-text" value="User must have exactly one privilege level property."/>
-                <prop namespace="https://docs.oasis-open.org/sarif/sarif/v2.1.0" name="help-markdown" value="# Privilege Level Requirement\n\nEach user must have exactly one privilege level property.\n\nThis defines the user's access rights within the system."/>
                 <message>User with uuid {@uuid} must have a single privilege prop.</message>
             </expect>
             <expect id="user-has-sensitivity-level" target="." test="count(prop[@name='sensitivity']) = 1">
                 <prop namespace="https://docs.oasis-open.org/sarif/sarif/v2.1.0" name="help-url" value="https://automate.fedramp.gov/documentation/ssp/4-ssp-template-to-oscal-mapping/#user"/>
-                <prop namespace="https://docs.oasis-open.org/sarif/sarif/v2.1.0" name="help-text" value="User must have exactly one sensitivity level property."/>
-                <prop namespace="https://docs.oasis-open.org/sarif/sarif/v2.1.0" name="help-markdown" value="# Sensitivity Level Requirement\n\nEach user must have exactly one sensitivity level property.\n\nThis determines the level of sensitive information the user can access."/>
                 <message>User with uuid {@uuid} must have a single sensitivity prop.</message>
             </expect>
             <expect id="user-has-role-id" target="." test="count(role-id) gt 0">
                 <prop namespace="https://docs.oasis-open.org/sarif/sarif/v2.1.0" name="help-url" value="https://automate.fedramp.gov/documentation/ssp/4-ssp-template-to-oscal-mapping/#user"/>
-                <prop namespace="https://docs.oasis-open.org/sarif/sarif/v2.1.0" name="help-text" value="User must have at least one role ID."/>
-                <prop namespace="https://docs.oasis-open.org/sarif/sarif/v2.1.0" name="help-markdown" value="# Role ID Requirement\n\nEach user must have at least one role ID.\n\nRoles define the user's responsibilities and permissions within the system."/>
                 <message>User with uuid {@uuid} must have at least one role id.</message>
             </expect>
             <expect id="user-has-authorized-privilege" target="." test="count(authorized-privilege) gt 0">
                 <prop namespace="https://docs.oasis-open.org/sarif/sarif/v2.1.0" name="help-url" value="https://automate.fedramp.gov/documentation/ssp/4-ssp-template-to-oscal-mapping/#user"/>
-                <prop namespace="https://docs.oasis-open.org/sarif/sarif/v2.1.0" name="help-text" value="User must have at least one authorized privilege."/>
-                <prop namespace="https://docs.oasis-open.org/sarif/sarif/v2.1.0" name="help-markdown" value="# Authorized Privilege Requirement\n\nEach user must have at least one authorized privilege.\n\nAuthorized privileges specify the actions a user is allowed to perform in the system."/>
                 <message>User with uuid {@uuid} must have at least one authorized privilege id.</message>
             </expect>
         </constraints>