Rename constraint and adjust help-url

features/fedramp_extensions.feature

@@ -36,7 +36,7 @@ Examples:
   | cia-impact-has-selected |
   | cloud-service-model |
   | component-has-authentication-method |
-  | component-responsible-role-references-party |
+  | component-has-provider-responsible-role |
   | component-type |
   | control-implementation-status |
   | data-center-alternate |

src/validations/constraints/fedramp-external-constraints.xml

@@ -86,9 +86,9 @@
                 <prop namespace="https://docs.oasis-open.org/sarif/sarif/v2.1.0" name="help-url" value="https://automate.fedramp.gov/documentation/ssp/4-ssp-template-to-oscal-mapping/#leveraged-fedramp-authorized-services"/>
                 <message>A FedRAMP SSP MUST include at least one authentication method for each leveraged system.</message>
             </expect>
-            <expect id="component-responsible-role-references-party" target="//component[(@type='system' and ./prop[@name='leveraged-authorization-uuid']) or (@type='service' and not(./prop[@name='leveraged-authorization-uuid']) and ./prop[@name='implementation-point' and @value='external']) or (@type='interconnection') or (@type='service' and ./prop[@name='implementation-point' and @value='internal'] and ./prop[@name='direction']) or (@type='software' and ./prop[@name='asset-type' and @value='cli'] and ./prop[@name='direction'])]" test="count(responsible-role[@role-id='provider']/party-uuid) = 1" level="ERROR">
-                <formal-name>Component Responsible Role References Party</formal-name>
-                <prop namespace="https://docs.oasis-open.org/sarif/sarif/v2.1.0" name="help-url" value="https://automate.fedramp.gov/documentation/ssp/4-ssp-template-to-oscal-mapping/#leveraged-fedramp-authorized-services"/>
+            <expect id="component-has-provider-responsible-role" target="//component[(@type='system' and ./prop[@name='leveraged-authorization-uuid']) or (@type='service' and not(./prop[@name='leveraged-authorization-uuid']) and ./prop[@name='implementation-point' and @value='external']) or (@type='interconnection') or (@type='service' and ./prop[@name='implementation-point' and @value='internal'] and ./prop[@name='direction']) or (@type='software' and ./prop[@name='asset-type' and @value='cli'] and ./prop[@name='direction'])]" test="count(responsible-role[@role-id='provider']/party-uuid) = 1" level="ERROR">
+                <formal-name>Component Has Provider Responsible Role</formal-name>
+                <prop namespace="https://docs.oasis-open.org/sarif/sarif/v2.1.0" name="help-url" value="https://automate.fedramp.gov/documentation/ssp/4-ssp-template-to-oscal-mapping/#external-systems-and-services-not-having-fedramp-authorization"/>
                 <message>Each component dealing with leveraged systems, interconnections, or authorized services MUST have a "provider" responsible-role that references exactly one valid party.</message>
             </expect>
             <expect id="has-authorization-boundary-diagram-link-href-target" target="." test="not(starts-with(system-characteristics/authorization-boundary/diagram/link/@href, '#')) or exists(//resource[@uuid eq substring-after($authorization-boundary-link, '#')])" level="ERROR">

src/validations/constraints/unit-tests/component-responsible-role-references-party-FAIL.yaml

@@ -1,9 +1,9 @@
 test-case:
-  name: Negative Test for component-responsible-role-references-party
+  name: Negative Test for component-has-provider-responsible-role
   description: >-
     This test case validates the behavior of constraint
-    component-responsible-role-references-party
-  content: ../content/ssp-component-responsible-role-references-party-INVALID.xml
+    component-has-provider-responsible-role
+  content: ../content/ssp-component-has-provider-responsible-role-INVALID.xml
   expectations:
-    - constraint-id: component-responsible-role-references-party
+    - constraint-id: component-has-provider-responsible-role
       result: fail

src/validations/constraints/unit-tests/component-responsible-role-references-party-PASS.yaml

@@ -1,9 +1,9 @@
 test-case:
-  name: Positive Test for component-responsible-role-references-party
+  name: Positive Test for component-has-provider-responsible-role
   description: >-
     This test case validates the behavior of constraint
-    component-responsible-role-references-party
+    component-has-provider-responsible-role
   content: ../content/ssp-all-VALID.xml
   expectations:
-    - constraint-id: component-responsible-role-references-party
+    - constraint-id: component-has-provider-responsible-role
       result: pass