Skip to content

Commit

Permalink
Merge pull request #171 from 18F/main
Browse files Browse the repository at this point in the history 
10x Milestone 8
  • Loading branch information
@ohsh6o
ohsh6o authored Aug 26, 2021
2 parents cd72575 + e9687d2 commit 7c2895a
Show file tree
Hide file tree
Showing 43 changed files with 18,312 additions and 24,833 deletions.
16 changes: 11 additions & 5 deletions src/examples/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -61,13 +61,19 @@ A reference that a Schematron rule fired, and its corresponding XPath context. E

### //svrl:successful-report

Similar to `failed-assert`, but purely for informational reporting purposes. At time of writing, `fedramp-automation` does not utilize reporting. Example:
Similar to `failed-assert`, but purely for informational reporting purposes. At time of writing, `fedramp-automation` utilizes reporting to extract metadata from the source SSP. Example:

```xml
<svrl:successful-report test="count($results/errors/error) = 0"
id="control-implemented-requirements-stats"
<svrl:successful-report test="true()"
id="info-system-name"
role="information"
location="/*:system-security-plan[namespace-uri()='http://csrc.nist.gov/ns/oscal/1.0'][1]/*:control-implementation[namespace-uri()='http://csrc.nist.gov/ns/oscal/1.0'][1]">
<svrl:text>There are 20  Control Implementation Statusitems total, with0set as implemented,1set as partial,18set as planned,0set as alternative,and 1set as not-applicable.There are 0invalid items..</svrl:text>
location="/*:system-security-plan[namespace-uri()='http://csrc.nist.gov/ns/oscal/1.0'][1]">
<svrl:text>System's Full Name</svrl:text>
</svrl:successful-report>
<svrl:successful-report test="true()"
id="info-ssp-title"
role="information"
location="/*:system-security-plan[namespace-uri()='http://csrc.nist.gov/ns/oscal/1.0'][1]">
<svrl:text>FedRAMP System Security Plan (SSP)</svrl:text>
</svrl:successful-report>
```
92 changes: 54 additions & 38 deletions src/validations/rules/assertion-grouping.xsl
View file
Original file line number Diff line number Diff line change
@@ -1,12 +1,12 @@
<?xml version="1.0" encoding="UTF-8"?>
<xsl:stylesheet
xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
xmlns:xs="http://www.w3.org/2001/XMLSchema"
xmlns:math="http://www.w3.org/2005/xpath-functions/math"
exclude-result-prefixes="xs math sch doc"
version="3.0"
xmlns:sch="http://purl.oclc.org/dsdl/schematron"
xmlns:doc="https://fedramp.gov/oscal/fedramp-automation-documentation"
xmlns:math="http://www.w3.org/2005/xpath-functions/math"
xmlns:sch="http://purl.oclc.org/dsdl/schematron"
xmlns:xs="http://www.w3.org/2001/XMLSchema"
xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
xpath-default-namespace="http://purl.oclc.org/dsdl/schematron">
<xsl:output
method="text" />
Expand All @@ -15,18 +15,18 @@
<!-- define a variable for the input (Schematron) document -->
<!-- because subsequent contexts are strings -->
<xsl:variable
name="sch"
as="document-node()"
name="sch"
select="current()" />
<!-- declare the distinct attribute names -->
<xsl:variable
name="groups"
as="xs:string*"
select="distinct-values(//(assert | report)/@doc:* ! local-name())" />
name="groups"
select="distinct-values(//assert/@doc:* ! local-name())" />
<!-- create the proto-JSON XML -->
<xsl:variable
name="xml"
as="node()">
as="node()"
name="xml">
<!-- the outermost structure is an array -->
<array
xmlns="http://www.w3.org/2005/xpath-functions">
Expand All @@ -35,20 +35,29 @@
select="$groups">
<!-- preserve the current context as it will be occluded -->
<xsl:variable
name="attribute-local-name"
as="xs:string"
name="attribute-local-name"
select="current()" />
<!-- create a grouping -->
<map>
<string
key="title">
<xsl:text expand-text="true">FedRAMP {$attribute-local-name} assertion view</xsl:text>
<xsl:choose>
<xsl:when
test="current() eq 'checklist-reference'">
<xsl:text>FedRAMP Submission Checklist</xsl:text>
</xsl:when>
<xsl:when
test="current() eq 'guide-reference'">FedRAMP OSCAL SSP Guide</xsl:when>
<xsl:when
test="current() eq 'template-reference'">FedRAMP SSP Template</xsl:when>
</xsl:choose>
</string>
<!-- get the distinct values found in this attribute -->
<xsl:variable
name="groupitems"
as="xs:string*"
select="distinct-values($sch//@doc:*[local-name() eq $attribute-local-name])" />
name="groupitems"
select="distinct-values($sch//@doc:*[local-name() eq $attribute-local-name] ! tokenize(., ',\s*'))" />
<!-- create a list of related assertions for each distinct attribute value-->
<array
key="groups">
Expand All @@ -57,8 +66,8 @@
<xsl:sort>
<!-- attempt to order by text -->
<xsl:analyze-string
select="."
regex="^(\D+)">
regex="^(\D+)"
select=".">
<xsl:matching-substring>
<xsl:value-of
select="regex-group(1)" />
Expand All @@ -68,11 +77,11 @@
<xsl:sort>
<!-- attempt to order by number -->
<xsl:variable
name="s"
as="xs:string">
as="xs:string"
name="s">
<xsl:analyze-string
select="."
regex="^\D+([0-9.]+).*$">
regex="^\D+([0-9.]+).*$"
select=".">
<xsl:matching-substring>
<xsl:choose>
<xsl:when
Expand Down Expand Up @@ -102,31 +111,38 @@
</xsl:sort>

<xsl:variable
name="item"
as="xs:string"
name="item"
select="current()" />
<map>
<string
key="title">
<xsl:value-of
select="current()" />
</string>
<array
key="assertionIds">
<xsl:for-each
select="$sch//(assert | report)">
<xsl:choose>
<xsl:when
test="@doc:* = $item">
<xsl:if
test="
some $d in $sch//assert/@doc:*
satisfies some $t in tokenize($d, ',\s*')
satisfies $t = tokenize($item, ',\s*')">
<map>
<string
key="title">
<xsl:value-of
select="current()" />
</string>
<array
key="assertionIds">
<xsl:for-each
select="$sch//assert">
<xsl:if
test="
some $d in @doc:*
satisfies some $t in tokenize($d, ',\s*')
satisfies $t = tokenize($item, ',\s*')">
<string>
<xsl:value-of
select="@id" />
</string>
</xsl:when>
</xsl:choose>
</xsl:for-each>
</array>
</map>
</xsl:if>
</xsl:for-each>
</array>
</map>
</xsl:if>
</xsl:for-each>
</array>
</map>
Expand Down
Loading

0 comments on commit 7c2895a

Please sign in to comment.