Profile resolution spec and top-level unit tests

src/metaschema/oscal_control-common_metaschema.xml

@@ -73,7 +73,16 @@
                         <allowed-values target="prop[has-oscal-namespace('http://csrc.nist.gov/ns/oscal')]/@name">
             &allowed-values-control-group-property-name;
                         </allowed-values>
-                </constraint>
+<!--                        <allowed-values target=".[@name='assessment']/prop/@name" allow-other="yes">
+                                <enum value="method">The assessment method to use. This typically appears on parts with the name "assessment".</enum>
+                        </allowed-values>
+                        <has-cardinality target=".[@name='assessment']/prop[@name='method']" min-occurs="1"/>
+                        <allowed-values target=".[@name='assessment']/prop[@name='method']/@value">
+                                <enum value="INTERVIEW">The process of holding discussions with individuals or groups of individuals within an organization to once again, facilitate assessor understanding, achieve clarification, or obtain evidence.</enum>
+                                <enum value="EXAMINE">The process of reviewing, inspecting, observing, studying, or analyzing one or more assessment objects (i.e., specifications, mechanisms, or activities).</enum>
+                                <enum value="TEST">The process of exercising one or more assessment objects (i.e., activities or mechanisms) under specified conditions to compare actual with expected behavior.</enum>
+                        </allowed-values>
+-->                </constraint>
                 <remarks>
                         <p>A <code>part</code> provides for logical partitioning of prose, and can be thought of as a grouping structure (e.g., section). A <code>part</code> can have child parts allowing for arbitrary nesting of prose content (e.g., statement hierarchy). A <code>part</code> can contain <code>prop</code> objects that allow for enriching prose text with structured name/value information.</p>
                         <p>A <code>part</code> can be assigned an optional <code>id</code>, which allows for internal and external references to the textual concept contained within a <code>part</code>. A <code>id</code> provides a means for an OSCAL profile, or a higher layer OSCAL model to reference a specific part within a <code>catalog</code>. For example, an <code>id</code> can be used to reference or to make modifications to a control statement in a profile.</p>

src/metaschema/oscal_profile_metaschema.xml

@@ -123,7 +123,7 @@
                               <formal-name>As-Is Structuring Directive</formal-name>
                               <description>An As-is element indicates that the controls should be structured in resolution as they are structured in their source catalogs. It does not contain any elements or attributes.</description>
                         </define-field>
-                        <define-assembly name="custom">
+                        <define-assembly name="custom" min-occurs="1">
                               <formal-name>Custom grouping</formal-name>
                               <description>A Custom element frames a structure for embedding represented controls in resolution.</description>
                               <model>

src/release/content-upgrade/json-prop-to-props.xsl

@@ -0,0 +1,39 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform" version="3.0"
+    xpath-default-namespace="http://www.w3.org/2005/xpath-functions"
+    xmlns="http://www.w3.org/2005/xpath-functions">
+
+<!-- 
+    Command line invocation:
+
+    $ java -jar $SAXON_HOME/saxon-he-10.2.jar -xsl:json-prop-to-props.xsl -it json-input=YOUR.json
+
+    where YOUR.json is your JSON file and the jar file is Saxon 10 or later.
+
+    The process reads the file at this URL, parses it as JSON, maps it through a filter, and reports it back.
+
+    -->
+
+    <xsl:output method="text"/>
+
+    <xsl:mode on-no-match="shallow-copy"/>
+
+    <!-- The input JSON file -->
+    <xsl:param name="json-input" select="'url to json file'"/>
+
+    <!-- The initial template that process the JSON -->
+    <xsl:template name="xsl:initial-template">
+        <xsl:variable name="mapped-result">
+            <xsl:apply-templates select="json-to-xml(unparsed-text($json-input))"/>
+        </xsl:variable>
+        <!--<xsl:copy-of select="$mapped-result"/>-->
+        <xsl:value-of select="xml-to-json($mapped-result)"/>
+    </xsl:template>
+
+    <xsl:template match="array[@key='prop']">
+        <array key="props">
+            <xsl:apply-templates/>
+        </array>
+    </xsl:template>
+
+</xsl:stylesheet>

src/specifications/profile-resolution/.gitignore

@@ -0,0 +1,2 @@
+!oscal-specs_share.xpr
+requirement-tests/output-actual/

src/specifications/profile-resolution/example-set.xspec

@@ -0,0 +1,128 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- autogenerated 2021-12-14T16:02:57.305-05:00 following model in example-set.xspec-->
+<x:description xmlns:x="http://www.jenitennison.com/xslt/xspec"
+               xmlns:opr="http://csrc.nist.gov/ns/oscal/profile-resolution"
+               xmlns:o="http://csrc.nist.gov/ns/oscal/1.0"
+               stylesheet="../../utils/util/resolver-pipeline/oscal-profile-RESOLVE.xsl"
+               run-as="external"
+               xmlns:ov="http://csrc.nist.gov/ns/oscal/test/variable">
+   <x:helper stylesheet="lib/oscal-profile-test-helper.xsl"/>
+   <!-- old tests are out of whack need update to current functionality /spec  -->
+   <!-- but the XSpec provides a functional model -->
+   <x:scenario label="Base test">
+      <!-- Alternative model for test scrubbing both the result and the expected
+           result for comparison -->
+      <x:context href="profile-resolution-examples/base-test_profile.xml"/>
+      <x:variable name="ov:expected-output"
+         href="profile-resolution-examples/output-expected/base-test_profile_RESOLVED.xml"/>
+      <x:expect label="Base test - fully resolved"
+         test="opr:scrub($x:result)" select="opr:scrub($ov:expected-output)"/>
+   </x:scenario>
+
+   <x:scenario label="Testing base-test_profile.xml">
+
+      <x:context href="profile-resolution-examples/base-test_profile.xml"/>
+      <x:expect label="Resolution of base-test_profile.xml"
+                select="opr:scrub(.)"
+                href="profile-resolution-examples/output-expected/base-test_profile_RESOLVED.xml"/>
+   </x:scenario>
+   <x:scenario label="Testing base2-test_profile.xml">
+      <x:context href="profile-resolution-examples/base2-test_profile.xml"/>
+      <x:expect label="Resolution of base2-test_profile.xml"
+                select="opr:scrub(.)"
+                href="profile-resolution-examples/output-expected/base2-test_profile_RESOLVED.xml"/>
+   </x:scenario>
+   <x:scenario label="Testing broken_profile.xml" pending="galtm">
+      <x:context href="profile-resolution-examples/broken_profile.xml"/>
+      <x:expect label="Resolution of broken_profile.xml"
+                select="opr:scrub(.)"
+                href="profile-resolution-examples/output-expected/broken_profile_RESOLVED.xml"/>
+   </x:scenario>
+   <x:scenario label="Testing circular_profile.xml">
+      <x:context href="profile-resolution-examples/circular_profile.xml"/>
+      <x:expect label="Resolution of circular_profile.xml"
+                select="opr:scrub(.)"
+                href="profile-resolution-examples/output-expected/circular_profile_RESOLVED.xml"/>
+   </x:scenario>
+   <x:scenario label="Testing exclude-call-test_profile.xml">
+      <x:context href="profile-resolution-examples/exclude-call-test_profile.xml"/>
+      <x:expect label="Resolution of exclude-call-test_profile.xml"
+                select="opr:scrub(.)"
+                href="profile-resolution-examples/output-expected/exclude-call-test_profile_RESOLVED.xml"/>
+   </x:scenario>
+   <x:scenario label="Testing full-test_profile.xml">
+      <x:context href="profile-resolution-examples/full-test_profile.xml"/>
+      <x:expect label="Resolution of full-test_profile.xml"
+                select="opr:scrub(.)"
+                href="profile-resolution-examples/output-expected/full-test_profile_RESOLVED.xml"/>
+   </x:scenario>
+   <x:scenario label="Testing home_profile.xml">
+      <x:context href="profile-resolution-examples/home_profile.xml"/>
+      <x:expect label="Resolution of home_profile.xml"
+                select="opr:scrub(.)"
+                href="profile-resolution-examples/output-expected/home_profile_RESOLVED.xml"/>
+   </x:scenario>
+   <x:scenario label="Testing import-twice_profile.xml">
+      <x:context href="profile-resolution-examples/import-twice_profile.xml"/>
+      <x:expect label="Resolution of import-twice_profile.xml"
+                select="opr:scrub(.)"
+                href="profile-resolution-examples/output-expected/import-twice_profile_RESOLVED.xml"/>
+   </x:scenario>
+   <x:scenario label="Testing include-all-no-children-test_profile.xml">
+      <x:context href="profile-resolution-examples/include-all-no-children-test_profile.xml"/>
+      <x:expect label="Resolution of include-all-no-children-test_profile.xml"
+                select="opr:scrub(.)"
+                href="profile-resolution-examples/output-expected/include-all-no-children-test_profile_RESOLVED.xml"/>
+   </x:scenario>
+   <x:scenario label="Testing include-all-test_profile.xml">
+      <x:context href="profile-resolution-examples/include-all-test_profile.xml"/>
+      <x:expect label="Resolution of include-all-test_profile.xml"
+                select="opr:scrub(.)"
+                href="profile-resolution-examples/output-expected/include-all-test_profile_RESOLVED.xml"/>
+   </x:scenario>
+   <x:scenario label="Testing include-call-with-children-test_profile.xml">
+      <x:context href="profile-resolution-examples/include-call-with-children-test_profile.xml"/>
+      <x:expect label="Resolution of include-call-with-children-test_profile.xml"
+                select="opr:scrub(.)"
+                href="profile-resolution-examples/output-expected/include-call-with-children-test_profile_RESOLVED.xml"/>
+      <x:expect label="Includes grandparent in result" test="$x:result//o:control/@id = 'c3'"/>
+      <x:expect label="Includes grandchild in result"  test="$x:result//o:control/@id = 'c3.a-1'"/>
+      <x:expect label="Is missing a control not included"   test="not( $x:result//o:control/@id = 'c2' )"/>
+   </x:scenario>
+   <x:scenario label="Testing include-loose-param-test_profile.xml">
+      <x:context href="profile-resolution-examples/include-loose-param-test_profile.xml"/>
+      <x:expect label="Resolution of include-loose-param-test_profile.xml"
+                select="opr:scrub(.)"
+                href="profile-resolution-examples/output-expected/include-loose-param-test_profile_RESOLVED.xml"/>
+   </x:scenario>
+   <x:scenario label="Testing include-match-test_profile.xml">
+      <x:context href="profile-resolution-examples/include-match-test_profile.xml"/>
+      <x:expect label="Resolution of include-match-test_profile.xml"
+                select="opr:scrub(.)"
+                href="profile-resolution-examples/output-expected/include-match-test_profile_RESOLVED.xml"/>
+   </x:scenario>
+   <x:scenario label="Testing merge-implicit-keep_profile.xml">
+      <x:context href="profile-resolution-examples/merge-implicit-keep_profile.xml"/>
+      <x:expect label="Resolution of merge-implicit-keep_profile.xml"
+                select="opr:scrub(.)"
+                href="profile-resolution-examples/output-expected/merge-implicit-keep_profile_RESOLVED.xml"/>
+   </x:scenario>
+   <x:scenario label="Testing merge-keep-resources_profile.xml">
+      <x:context href="profile-resolution-examples/merge-keep-resources_profile.xml"/>
+      <x:expect label="Resolution of merge-keep-resources_profile.xml"
+                select="opr:scrub(.)"
+                href="profile-resolution-examples/output-expected/merge-keep-resources_profile_RESOLVED.xml"/>
+   </x:scenario>
+   <x:scenario label="Testing merge-keep_profile.xml">
+      <x:context href="profile-resolution-examples/merge-keep_profile.xml"/>
+      <x:expect label="Resolution of merge-keep_profile.xml"
+                select="opr:scrub(.)"
+                href="profile-resolution-examples/output-expected/merge-keep_profile_RESOLVED.xml"/>
+   </x:scenario>
+   <x:scenario label="Testing modify-adds_profile.xml">
+      <x:context href="profile-resolution-examples/modify-adds_profile.xml"/>
+      <x:expect label="Resolution of modify-adds_profile.xml"
+                select="opr:scrub(.)"
+                href="profile-resolution-examples/output-expected/modify-adds_profile_RESOLVED.xml"/>
+   </x:scenario>
+</x:description>

src/specifications/profile-resolution/lib/build-examples-xspec.xsl

@@ -0,0 +1,111 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
+    xmlns:x="http://www.jenitennison.com/xslt/xspec"
+    xmlns:xs="http://www.w3.org/2001/XMLSchema"
+    xmlns:opr="http://csrc.nist.gov/ns/oscal/profile-resolution"
+    xmlns:o="http://csrc.nist.gov/ns/oscal/1.0"
+    xpath-default-namespace="http://csrc.nist.gov/ns/oscal/specml"
+    version="3.0">
+
+    <xsl:output indent="yes"/>
+
+<!-- This XSLT produces a set of file-oriented XSpecs binding to files named in the Specification document
+//req/@eg values -->
+
+    <xsl:template match="/">
+        <xsl:text>&#xA;</xsl:text>
+        <xsl:comment expand-text="true"> autogenerated { current-dateTime() } following model in example-set.xspec</xsl:comment>
+        <xsl:processing-instruction name="xml-model">href="lib/xspec-test-dev.sch" type="application/xml" schematypens="http://purl.oclc.org/dsdl/schematron"</xsl:processing-instruction>
+        <xsl:processing-instruction name="xml-stylesheet">type="text/css" href="lib/xspec-oxygen.css"</xsl:processing-instruction>
+        <xsl:processing-instruction name="specification" expand-text="true">{ replace(document-uri(/),'.*/','') }</xsl:processing-instruction>
+        <x:description stylesheet="../../utils/util/resolver-pipeline/oscal-profile-RESOLVE.xsl"
+            run-as="external">
+
+            <!-- x:description/@run-as='external' permits the context item to be determined dynamically per scenario
+                cf https://github.com/xspec/xspec/wiki/External-Transformation#global-context-item
+
+                helper function for cleaning up whitespace:
+                  see https://github.com/xspec/xspec/wiki/Integrating-Your-Own-Test-Helpers for
+                  for an example see https://github.com/xspec/xspec/blob/master/tutorial/helper/ws-only-text/href_stylesheet.xspec
+    -->
+
+            <x:helper stylesheet="lib/oscal-profile-test-helper.xsl"/>
+            <!-- looking at all the profile documents in the same directory as this XSLT -->
+
+            <xsl:apply-templates select="*" mode="make-file-scenario"/>
+
+        </x:description>
+
+    </xsl:template>
+
+    <xsl:template match="SPECIFICATION" mode="make-file-scenario" expand-text="true">
+        <xsl:for-each-group select="//eg" group-by="@href">
+            <x:scenario label="{ current-grouping-key() }">
+                <x:context href="{ current-grouping-key() }"/>
+                <xsl:apply-templates select="current-group()"
+                    mode="make-file-scenario"/>
+            </x:scenario>
+        </xsl:for-each-group>
+    </xsl:template>
+
+    <xsl:template match="head" mode="make-file-scenario"/>
+
+
+    <xsl:template match="section" mode="test-header">
+        <!--<xsl:apply-templates select="parent::section" mode="#current"/>-->
+        <!--<xsl:text> </xsl:text>-->
+        <xsl:number level="multiple" format="1.1"/>
+        <xsl:text> </xsl:text>
+        <xsl:apply-templates select="head"/>
+        <xsl:text> | </xsl:text>
+    </xsl:template>
+
+    <xsl:template match="req" mode="test-header">
+        <xsl:apply-templates select="ancestor::section[1]" mode="#current"/>
+        <xsl:text> </xsl:text>
+        <xsl:apply-templates/>
+    </xsl:template>
+
+<!-- dropped in default (no mode) traversal -->
+    <xsl:template match="eg"/>
+
+
+
+    <xsl:template match="eg" mode="make-file-scenario" expand-text="true">
+        <xsl:apply-templates select="ancestor::req" mode="#current">
+            <xsl:with-param name="eg" select="."/>
+        </xsl:apply-templates>
+    </xsl:template>
+
+    <xsl:template match="req" mode="make-file-scenario" expand-text="true">
+        <xsl:param  required="true" name="eg" as="element(eg)?" />
+        <xsl:variable name="test-header">
+            <xsl:apply-templates select="." mode="test-header"/>
+        </xsl:variable>
+
+        <x:scenario label="{ $test-header => normalize-space() }">
+            <xsl:if test="starts-with($eg,'PENDING')">
+                <xsl:attribute name="pending">[spec]</xsl:attribute>
+            </xsl:if>
+            <xsl:call-template name="make-file-scenario">
+                <xsl:with-param name="req-id" select="@id"/>
+                <xsl:with-param name="egfile" select="$eg/@href"/>
+            </xsl:call-template>
+        </x:scenario>
+
+    </xsl:template>
+
+    <xsl:template name="make-file-scenario" expand-text="true">
+        <xsl:param name="req-id" as="xs:string" required="true"/>
+        <xsl:param name="egfile" as="xs:string?" required="true"/>
+        <xsl:variable name="basename" as="xs:string" select="$egfile => substring-after('requirement-tests/') => replace('\.xml$','')"/>
+           <xsl:processing-instruction name="requirement">{ $req-id} </xsl:processing-instruction>
+            <!--<x:context href="requirement-tests/{ $egfile }"/>-->
+
+            <x:expect label="Resolution of { $basename }.xml" select="opr:scrub(.)" href="requirement-tests/output-expected/{$basename}_RESOLVED.xml"/>
+    </xsl:template>
+
+    <xsl:template match="xref" expand-text="true">
+        <xsl:text>[Section {@rid}]</xsl:text>
+    </xsl:template>
+</xsl:stylesheet>