Per GSA#833 feedback from @Gabeblis, add formal name

kyhu65867 · Dec 5, 2024 · 3a5cd76 · 3a5cd76
1 parent 6567519
commit 3a5cd76
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 123 deletions.
diff --git a/features/fedramp_extensions.feature b/features/fedramp_extensions.feature
@@ -117,6 +117,7 @@ Examples:
   | network-component-has-connection-security-prop |
   | network-component-has-implementation-point |
   | non-provider-responsible-role-references-user |
+  | oscal-version-matches-fedramp-version |  
   | party-has-name |
   | privilege-level |
   | prop-response-point-has-cardinality-one |
@@ -345,10 +346,10 @@ Examples:
   | network-component-has-implementation-point-PASS.yaml |
   | non-provider-responsible-role-references-user-FAIL.yaml |
   | non-provider-responsible-role-references-user-PASS.yaml |
+  | oscal-version-matches-fedramp-version-FAIL.yaml |
+  | oscal-version-matches-fedramp-version-PASS.yaml |  
   | party-has-name-FAIL.yaml |
   | party-has-name-PASS.yaml |
-  | oscal-version-matches-fedramp-version-FAIL.yaml |
-  | oscal-version-matches-fedramp-version-PASS.yaml |
   | privilege-level-FAIL.yaml |
   | privilege-level-PASS.yaml |
   | resource-has-base64-or-rlink-FAIL.yaml |
@@ -402,124 +403,3 @@ Examples:
   | user-type-FAIL.yaml |
   | user-type-PASS.yaml |
 #END_DYNAMIC_TEST_CASES
-
-@full-coverage
-Scenario: Preparing constraint coverage analysis
-Given I have loaded all Metaschema extensions documents
-And I have collected all YAML test files in the test directory
-When I extract all constraint IDs from the Metaschema extensions
-And I analyze the YAML test files for each constraint ID
-
-@full-coverage
-Scenario Outline: Ensuring full test coverage for "<constraint_id>"
-Then I should have both FAIL and PASS tests for constraint ID "<constraint_id>"
-Examples:
-| constraint_id |
-#BEGIN_DYNAMIC_CONSTRAINT_IDS
-  | address-type |
-  | attachment-type |
-  | authorization-type |
-  | categorization-has-correct-system-attribute |
-  | categorization-has-information-type-id |
-  | cia-impact-has-adjustment-justification |
-  | cia-impact-has-selected |
-  | cloud-service-model |
-  | component-type |
-  | control-implementation-status |
-  | data-center-alternate |
-  | data-center-count |
-  | data-center-country-code |
-  | data-center-primary |
-  | data-center-us |
-  | deployment-model |
-  | fedramp-version |
-  | fully-operational-date-is-valid |
-  | fully-operational-date-type |
-  | has-authenticator-assurance-level |
-  | has-authorization-boundary-diagram |
-  | has-authorization-boundary-diagram-caption |
-  | has-authorization-boundary-diagram-description |
-  | has-authorization-boundary-diagram-link |
-  | has-authorization-boundary-diagram-link-href-target |
-  | has-authorization-boundary-diagram-link-rel |
-  | has-authorization-boundary-diagram-link-rel-allowed-value |
-  | has-cloud-deployment-model |
-  | has-cloud-deployment-model-remarks |
-  | has-cloud-service-model |
-  | has-cloud-service-model-remarks |
-  | has-configuration-management-plan |
-  | has-data-flow |
-  | has-data-flow-description |
-  | has-data-flow-diagram |
-  | has-data-flow-diagram-caption |
-  | has-data-flow-diagram-description |
-  | has-data-flow-diagram-link |
-  | has-data-flow-diagram-link-href-target |
-  | has-data-flow-diagram-link-rel |
-  | has-data-flow-diagram-link-rel-allowed-value |
-  | has-data-flow-diagram-uuid |
-  | has-federation-assurance-level |
-  | has-fully-operational-date |
-  | has-identity-assurance-level |
-  | has-incident-response-plan |
-  | has-information-system-contingency-plan |
-  | has-inventory-items |  
-  | has-network-architecture |
-  | has-network-architecture-diagram |
-  | has-network-architecture-diagram-caption |
-  | has-network-architecture-diagram-description |
-  | has-network-architecture-diagram-link |
-  | has-network-architecture-diagram-link-href-target |
-  | has-network-architecture-diagram-link-rel |
-  | has-network-architecture-diagram-link-rel-allowed-value |
-  | has-published-date |
-  | has-rules-of-behavior |
-  | has-security-impact-level |
-  | has-security-sensitivity-level |
-  | has-separation-of-duties-matrix |
-  | has-system-id |
-  | has-system-name-short |
-  | has-user-guide |
-  | import-profile-has-available-document |
-  | import-profile-resolves-to-fedramp-content |
-  | information-type-800-60-v2r1 |
-  | information-type-has-availability-impact |
-  | information-type-has-confidentiality-impact |
-  | information-type-has-integrity-impact |
-  | information-type-system |
-  | interconnection-direction |
-  | interconnection-security |
-  | inventory-item-allows-authenticated-scan |
-  | inventory-item-public |
-  | inventory-item-virtual |
-  | marking |
-  | missing-response-components |
-  | party-has-name |
-  | oscal-version-matches-fedramp-version |
-  | privilege-level |
-  | prop-response-point-has-cardinality-one |
-  | resource-has-base64-or-rlink |
-  | resource-has-title |
-  | responsible-party-is-person |
-  | responsible-party-prepared-by |
-  | responsible-party-prepared-by-location-valid |
-  | responsible-party-prepared-for |
-  | responsible-party-prepared-for-location-valid |
-  | role-defined-authorizing-official-poc |
-  | role-defined-information-system-security-officer |
-  | role-defined-prepared-by |
-  | role-defined-prepared-for |
-  | role-defined-system-owner |
-  | scan-type |
-  | security-level |
-  | security-sensitivity-level-matches-security-impact-level |
-  | unique-inventory-item-asset-id |
-  | user-has-authorized-privilege |
-  | user-has-privilege-level |
-  | user-has-role-id |
-  | user-has-sensitivity-level |
-  | user-has-user-type |
-  | user-privilege-level |
-  | user-sensitivity-level |
-  | user-type |
-#END_DYNAMIC_CONSTRAINT_IDS
diff --git a/src/validations/constraints/fedramp-external-constraints.xml b/src/validations/constraints/fedramp-external-constraints.xml
@@ -38,6 +38,7 @@
             	<message>A FedRAMP document MUST have a marking that defines its data classification.</message>
             </expect>
             <expect id="oscal-version-matches-fedramp-version" target="oscal-version" test="$major-version-valid and $minor-version-valid and $patch-version-valid" level="ERROR">
+                <formal-name>Minimally Required OSCAL Version for Requirements of Document's FedRAMP Version</formal-name>
                 <prop namespace="https://docs.oasis-open.org/sarif/sarif/v2.1.0" name="help-url" value="https://automate.fedramp.gov/documentation/general-concepts/oscal-file-concepts/#oscal-syntax-version"/>                
                 <message>A FedRAMP document SHOULD have an OSCAL version that matches the minimally required version for FedRAMP packages ({$fedramp-required-minimum-version} not {.}).</message>
             </expect>