Skip to content

Commit

Permalink
[skip ci] @Rene2mt's feedback: add ID req for GSA#675
Browse files Browse the repository at this point in the history
  • Loading branch information
aj-stein-gsa committed Oct 7, 2024
1 parent 1ed13e3 commit 0e7acd1
Showing 1 changed file with 47 additions and 0 deletions.
47 changes: 47 additions & 0 deletions src/validations/constraints/STYLE.md
Original file line number Diff line number Diff line change
Expand Up @@ -304,3 +304,50 @@ Below is a non-conformant example.
</context>
</metaschema-meta-constraints>
```

### FCSR-5

ID: `fcsr-5`

Formal Name: FedRAMP Requires Constraints Have a Unique ID

State: Required

Guidance: Developers MUST define a Metaschema constraint with an `id` flag that is unique to all those FedRAMP maintains across all constraint documents.

#### FCSR-5 Conformant Example

Below is a conformant example.

```xml
<?xml version="1.0" encoding="UTF-8"?>
<metaschema-meta-constraints xmlns="http://csrc.nist.gov/ns/oscal/metaschema/1.0">
<context>
<metapath target="/catalog//control"/>
<constraints>
<expect id="prop-response-point-has-cardinality-one" target=".//part" test="count(prop[@ns='https://fedramp.gov/ns/oscal' and @name='response-point']) &lt;= 1">
<message>Duplicate response point at '{ path(.) }'.</message>
</expect>
</constraints>
</context>
</metaschema-meta-constraints>
```

#### FCSR-5 Non-conformant Example

Below is a non-conformant example.

```xml
<?xml version="1.0" encoding="UTF-8"?>
<metaschema-meta-constraints xmlns="http://csrc.nist.gov/ns/oscal/metaschema/1.0">
<context>
<metapath target="/catalog//control"/>
<constraints>
<!-- This constraint is missing an @id flag, it does not meet FedRAMP developer style requirements. -->
<expect target=".//part" test="count(prop[@ns='https://fedramp.gov/ns/oscal' and @name='response-point']) &lt;= 1">
<message>Duplicate response point at '{ path(.) }'.</message>
</expect>
</constraints>
</context>
</metaschema-meta-constraints>
```

0 comments on commit 0e7acd1

Please sign in to comment.