[WIP] Add rules model and refs into component-definition model.

src/metaschema/examples/rules-component.xml

@@ -0,0 +1,73 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- This is a mapping example used for development. This file should be moved to the oscal-content repo when this feature is ready. -->
+<component-definition xmlns="http://csrc.nist.gov/ns/oscal/1.0"
+    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+    xsi:schemaLocation="http://csrc.nist.gov/ns/oscal/1.0 ../../../xml/schema/oscal_complete_schema.xsd" uuid="3559d200-4849-41ac-a420-28b2ffa22c52">
+    <metadata>
+        <title></title>
+        <last-modified></last-modified>
+        <version></version>
+        <oscal-version></oscal-version>
+    </metadata>
+    <rule uuid="97a52f09-0248-45f4-8ac7-b7566170d733">
+        <title>Important Rule 1</title>
+        <description>This is a description of Important Rule 1.</description>
+    </rule>
+    <test uuid="7d50cd70-f0b3-4922-a566-3526d5eba97b">
+        <title>Test A for Rule 1</title>
+        <description>This is Test A, it can be executed to demonstrate a system meets requirements for Rule 1.</description>
+    </test>
+    <test uuid="2388cb25-ccbc-4de0-9630-675de624593f">
+        <title>Test B for Rule 1</title>
+        <description>This is Test B, it can be executed to demonstrate a system meets requirements for Rule 1.</description>
+    </test>
+    <test uuid="b426642a-7ff0-42a0-9ef5-ceed4e14f326">
+        <title>Test C for Rule 1</title>
+        <description>This is Test C, it can be optionally executed to demonstrate a system meets requirements for Rule 1.</description>
+    </test>
+    <test uuid="2f6c5c71-13fb-43c8-beca-1e79498b34c4">
+        <title>Test D for Rule 1</title>
+        <description>This is Test C, it can be optionally executed to demonstrate a system meets requirements for Rule 1.</description>
+    </test>
+    <!--
+        The testing-scenarios below exhibit three common usage patterns:
+    
+        1. A simple scenario where one test (Test A) is sufficient for one rule (Rule 1).
+        2. A complex scenario where one test (Test B) is sufficient for one rule (Rule 1), and that test depends on a prerequisite test (Test A).
+        3. A complex scenario with a condition, where one of either Test C or Test D, is sufficient for one rule (Rule 1).
+    -->
+    <!-- Testing Scenario Usage Pattern 1 -->
+    <testing-scenario uuid="0666cbf2-2b76-4e9d-ba99-a783419ff1fe" rule-uuid="97a52f09-0248-45f4-8ac7-b7566170d733">
+        <test-reference test-uuid="7d50cd70-f0b3-4922-a566-3526d5eba97b" />
+    </testing-scenario>
+    <!-- Testing Scenario Usage Pattern 2 -->
+    <testing-scenario uuid="ccb267c8-f672-4aac-b522-5bbaef26f8e4" rule-uuid="97a52f09-0248-45f4-8ac7-b7566170d733">
+        <condition operator="and">
+            <pre-requisite>
+                <test-reference test-uuid="7d50cd70-f0b3-4922-a566-3526d5eba97b" />
+            </pre-requisite>
+            <test-reference test-uuid="2388cb25-ccbc-4de0-9630-675de624593f" />
+        </condition>
+    </testing-scenario>
+    <!-- Testing Scenario Usage Pattern 3 -->
+    <testing-scenario uuid="f3edfdbf-b3b4-48c9-8733-fd3ebdeed43c" rule-uuid="97a52f09-0248-45f4-8ac7-b7566170d733">
+        <condition operator="or">
+            <test-reference test-uuid="b426642a-7ff0-42a0-9ef5-ceed4e14f326" />
+            <test-reference test-uuid="2f6c5c71-13fb-43c8-beca-1e79498b34c4" />
+        </condition>
+    </testing-scenario>
+    <component uuid="94512adf-d8df-4535-a5af-57aaa1eed131" type="software">
+        <title>Example Rule &amp; Test Component 1</title>
+        <description>A Sample Component with Rule and Test Integration</description>
+        <rule-implementation uuid="c4fee229-784a-4943-908c-2b9a23ee192b" test-scenario-uuid="0666cbf2-2b76-4e9d-ba99-a783419ff1fe">
+            <description>Rule Implementation for Testing Scenario Usage Pattern 1.</description>
+        </rule-implementation>
+        <rule-implementation uuid="e7607d3f-bf62-4832-98d8-c8e82ef520bd" test-scenario-uuid="ccb267c8-f672-4aac-b522-5bbaef26f8e4">
+            <description>Rule Implementation for Testing Scenario Usage Pattern 2.</description>
+        </rule-implementation>
+        <rule-implementation uuid="8a6a2f49-4996-4aaa-9598-047efe91d0ac" test-scenario-uuid="f3edfdbf-b3b4-48c9-8733-fd3ebdeed43c">
+            <description>Rule Implementation for Testing Scenario Usage Pattern 3.</description>
+        </rule-implementation>
+    </component>
+    <back-matter/>
+</component-definition>

src/metaschema/oscal_component_metaschema.xml

@@ -26,6 +26,7 @@
   </remarks>
 
   <import href="oscal_implementation-common_metaschema.xml"/>
+  <import href="oscal_rules-common_metaschema.xml"/>
 
   <define-assembly name="component-definition">
     <formal-name>Component Definition</formal-name>
@@ -41,6 +42,17 @@
       <assembly ref="import-component-definition" max-occurs="unbounded">
         <group-as name="import-component-definitions" in-json="ARRAY"/>
       </assembly>
+      <assembly ref="rule-definition" max-occurs="unbounded">
+        <use-name>rule</use-name>
+        <group-as name="rules" in-json="ARRAY"/>
+      </assembly>
+      <assembly ref="test-definition" max-occurs="unbounded">
+        <use-name>test</use-name>
+        <group-as name="tests" in-json="ARRAY"/>
+      </assembly>
+      <assembly ref="testing-scenario" max-occurs="unbounded">
+        <group-as name="testing-scenarios" in-json="ARRAY"/>
+      </assembly>
       <assembly ref="defined-component" max-occurs="unbounded">
         <use-name>component</use-name>
         <group-as name="components" in-json="ARRAY"/>
@@ -118,6 +130,7 @@
       <assembly ref="control-implementation" max-occurs="unbounded">
         <group-as name="control-implementations" in-json="ARRAY"/>
       </assembly>
+
       <!--
          <assembly ref="configuration" max-occurs="unbounded">
            <group-as name="configurations" in-json="BY_KEY" />
@@ -375,6 +388,9 @@
       <assembly ref="statement" max-occurs="unbounded">
         <group-as name="statements" in-json="ARRAY"/>
       </assembly>
+      <assembly ref="rule-condition">
+        <use-name>condition</use-name>
+      </assembly>
       <field ref="remarks" in-xml="WITH_WRAPPER"/>
     </model>
     <constraint>
@@ -429,6 +445,9 @@
       <assembly ref="responsible-role" max-occurs="unbounded">
         <group-as name="responsible-roles" in-json="ARRAY"/>
       </assembly>
+      <assembly ref="rule-implementation" max-occurs="unbounded">
+        <group-as name="rule-implementations" in-json="ARRAY"/>
+      </assembly>
       <field ref="remarks" in-xml="WITH_WRAPPER"/>
     </model>
     <constraint>

src/metaschema/oscal_rules-common_metaschema.xml

@@ -0,0 +1,105 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<METASCHEMA xmlns="http://csrc.nist.gov/ns/oscal/metaschema/1.0" abstract="yes">
+    <schema-name>OSCAL Rules -- Common Modules</schema-name>
+    <schema-version>1.2.0</schema-version>
+    <short-name>oscal-rules-common</short-name>
+    <namespace>http://csrc.nist.gov/ns/oscal/1.0</namespace>
+    <json-base-uri>http://csrc.nist.gov/ns/oscal</json-base-uri>
+    <remarks>
+        <p>TODO</p>
+    </remarks>
+    <import href="oscal_metadata_metaschema.xml"/>
+    <define-assembly name="rule-definition">
+        <formal-name>Rule Definition</formal-name>
+        <description>TODO</description>
+        <define-flag name="uuid" required="yes" as-type="uuid">
+            <formal-name>Rule Definition Universally Unique Identifier</formal-name>
+            <description>TODO</description>
+        </define-flag>
+    </define-assembly>
+    <define-assembly name="test-definition">
+        <formal-name>Test Definition</formal-name>
+        <description>TODO</description>
+        <define-flag name="uuid" required="yes" as-type="uuid">
+            <formal-name>Test Definition Universally Unique Identifier</formal-name>
+            <description>TODO</description>
+        </define-flag>
+    </define-assembly>
+    <define-assembly name="testing-scenario">
+        <formal-name>Rule Testing Scenario</formal-name>
+        <description>A rule testing scenario</description>
+        <use-name>scenario</use-name>
+        <define-flag name="uuid" required="yes" as-type="uuid">
+            <formal-name>Testing Scenario Universally Unique Identifier</formal-name>
+            <description>TODO</description>
+        </define-flag>
+        <model>
+            <assembly ref="rule-condition" min-occurs="1">
+                <use-name>condition</use-name>
+            </assembly>
+        </model>
+    </define-assembly>
+    <define-assembly name="rule-condition">
+        <formal-name>Rule Condition</formal-name>
+        <description>A rule implementation condition</description>
+        <define-flag name="operator" required="yes" as-type="token">
+            <formal-name>Rule Condition Operator</formal-name>
+            <description>TODO</description>
+            <constraint>
+                <allowed-values allow-other="no">
+                    <enum value="and">and</enum>
+                    <enum value="or">or</enum>
+                    <enum value="not">not</enum>
+                </allowed-values>
+            </constraint>
+        </define-flag>
+        <model>
+            <assembly ref="rule-condition">
+                <use-name>pre-condition</use-name>
+            </assembly>
+            <choice>
+                <assembly ref="rule-condition">
+                    <use-name>condition</use-name>
+                </assembly>
+                <define-assembly name="test-reference" min-occurs="1" max-occurs="unbounded">
+                    <formal-name>Test Reference</formal-name>
+                    <description>TODO</description>
+                    <define-flag name="uuid" required="yes" as-type="uuid">
+                        <formal-name>Test Reference Universally Unique Identifier</formal-name>
+                        <description>TODO</description>
+                    </define-flag>
+                    <define-flag name="test-uuid" required="yes" as-type="uuid">
+                        <formal-name>Test Universally Unique Identifier Reference</formal-name>
+                        <description>A test UUID reference</description>
+                    </define-flag>
+                </define-assembly>
+            </choice>
+        </model>
+    </define-assembly>
+    <define-assembly name="rule-implementation">
+        <formal-name>Rule Implementation</formal-name>
+        <description>TODO</description>
+        <define-flag name="uuid" required="yes" as-type="uuid">
+            <formal-name>Rule Implementation Universally Unique Identifier</formal-name>
+            <description>TODO</description>
+        </define-flag>
+        <model>
+            <define-assembly name="testing-scenario-reference">
+                <formal-name>Testing Scenario Reference</formal-name>
+                <description>A reference to a testing scenario.</description>
+                <define-flag name="uuid" required="yes" as-type="uuid">
+                    <formal-name>Rule Reference Universally Unique Identifier</formal-name>
+                    <description>TODO</description>
+                </define-flag>
+                <define-flag name="rule-uuid" required="yes" as-type="uuid">
+                    <formal-name>Rule Universally Unique Identifier Reference</formal-name>
+                    <description>A rule UUID reference</description>
+                </define-flag>
+                <define-flag name="test-scenario-uuid" required="yes" as-type="uuid">
+                    <formal-name>Rule Universally Unique Identifier Reference</formal-name>
+                    <description>A rule UUID reference</description>
+                </define-flag>
+            </define-assembly>
+        </model>
+    </define-assembly>
+</METASCHEMA>