Add responsible-party-is-person constraint

[Rene2mt]

Committer Notes

This PR adds responsible-party-is-person constraint, which checks that responsible-party assemblies with role-id set to certain values (e.g., "system-owner", "authorizing-official", "authorizing-official-poc", "system-poc-management", "system-poc-technical", "system-poc-other", and "information-system-security-officer") must reference a party of type "person".

All Submissions:

• Have you selected the correct base branch per Contributing guidance?
• Have you set "Allow edits and access to secrets by maintainers"?
• Have you checked to ensure there aren't other open Pull Requests for the same update/change?
• Have you squashed any non-relevant commits and commit messages? [instructions]
• Have you added an explanation of what your changes do and why you'd like us to include them?
• If applicable, have all FedRAMP Documents Related to OSCAL Adoption affected by the changes in this issue have been updated?
• If applicable, does this PR reference the issue it addresses and explain how it addresses the issue?

By submitting a pull request, you are agreeing to provide this contribution under the CC0 1.0 Universal public domain dedication.

[Rene2mt]

Added issue GSA/automate.fedramp.gov#57 for required documentation updates.

[aj-stein-gsa]

Will possibly approve after rebase and merge once documentation for the referenced doc PR is complete.

In the meantime, rebase, please and thank you. 🙏

[Rene2mt]

Hey @aj-stein-gsa once I rebased, some of the validations were no longer passing due to modifications I had made to the ssp-all-INVALID.xml test content, so the latest commit rolled those changes back and created a separate test SSP for this new responsible-party-is-person constraint.

[kyhu65867]

Minor changes and questions

[DimitriZhurkin]

Other reviewers' comments aside, looks good to me.

[kyhu65867]

This looks good to me, thanks!