remove user-authentication check

GSA · Nov 25, 2024 · ed97692 · ed97692
1 parent fa25a39
commit ed97692
Show file tree

Hide file tree

Showing 5 changed files with 8 additions and 43 deletions.
diff --git a/features/fedramp_extensions.feature b/features/fedramp_extensions.feature
@@ -102,6 +102,9 @@ Examples:
   | inventory-item-allows-authenticated-scan |
   | inventory-item-public |
   | inventory-item-virtual |
+  | leveraged-authorization-has-authorization-type |
+  | leveraged-authorization-has-impact-level |
+  | leveraged-authorization-has-system-identifier |
   | leveraged-authorization-nature-of-agreement |
   | marking |
   | missing-response-components |
@@ -301,16 +304,14 @@ Examples:
   | inventory-item-public-PASS.yaml |
   | inventory-item-virtual-FAIL.yaml |
   | inventory-item-virtual-PASS.yaml |
-  | leveraged-authorization-nature-of-agreement-FAIL.yaml |
-  | leveraged-authorization-nature-of-agreement-PASS.yaml |
   | leveraged-authorization-has-authorization-type-FAIL.yaml |
   | leveraged-authorization-has-authorization-type-PASS.yaml |
   | leveraged-authorization-has-impact-level-FAIL.yaml |
   | leveraged-authorization-has-impact-level-PASS.yaml |
   | leveraged-authorization-has-system-identifier-FAIL.yaml |
   | leveraged-authorization-has-system-identifier-PASS.yaml |
-  | leveraged-authorization-has-user-authentication-FAIL.yaml |
-  | leveraged-authorization-has-user-authentication-PASS.yaml |
+  | leveraged-authorization-nature-of-agreement-FAIL.yaml |
+  | leveraged-authorization-nature-of-agreement-PASS.yaml |
   | marking-FAIL.yaml |
   | marking-PASS.yaml |
   | missing-response-components-FAIL.yaml |

diff --git a/...tions/constraints/content/ssp-leveraged-authorization-has-user-authentication-INVALID.xml b/...tions/constraints/content/ssp-leveraged-authorization-has-user-authentication-INVALID.xml
diff --git a/src/validations/constraints/fedramp-external-constraints.xml b/src/validations/constraints/fedramp-external-constraints.xml
@@ -517,25 +517,20 @@
 				<prop namespace="https://docs.oasis-open.org/sarif/sarif/v2.1.0" name="help-url" value="https://automate.fedramp.gov/documentation/ssp/5-attachments/#system-inventory-approach"/>
 				<message>A FedRAMP SSP system implementation section MUST have at least two inventory items.</message>
 			</expect>
-            <expect id="leveraged-authorization-has-authorization-type" target="leveraged-authorization" test="count(prop[@name='authorization-type'][@ns='http://fedramp.gov/ns/oscal']) = 1" level="ERROR">
+            <expect id="leveraged-authorization-has-authorization-type" target="leveraged-authorization" test="count(prop[@name='authorization-type'][@ns='https://fedramp.gov/ns/oscal']) = 1" level="ERROR">
                 <formal-name>Leveraged Authorization Has Authorization Type</formal-name>
                 <prop namespace="https://docs.oasis-open.org/sarif/sarif/v2.1.0" name="help-url" value="https://automate.fedramp.gov/documentation/ssp/4-ssp-template-to-oscal-mapping/#leveraged-fedramp-authorized-services"/>
                 <message>A FedRAMP SSP MUST define exactly one authorization type for each leveraged authorization entry.</message>
             </expect>
-            <expect id="leveraged-authorization-has-impact-level" target="leveraged-authorization" test="count(prop[@name='impact-level'][@ns='http://fedramp.gov/ns/oscal']) = 1" level="ERROR">
+            <expect id="leveraged-authorization-has-impact-level" target="leveraged-authorization" test="count(prop[@name='impact-level'][@ns='https://fedramp.gov/ns/oscal']) = 1" level="ERROR">
                 <formal-name>Leveraged Authorization Has Impact Level</formal-name>
                 <prop namespace="https://docs.oasis-open.org/sarif/sarif/v2.1.0" name="help-url" value="https://automate.fedramp.gov/documentation/ssp/4-ssp-template-to-oscal-mapping/#leveraged-fedramp-authorized-services"/>
                 <message>A FedRAMP SSP MUST define exactly one impact level for each leveraged authorization entry.</message>
             </expect>
-            <expect id="leveraged-authorization-has-system-identifier" target="leveraged-authorization" test="count(prop[@name='leveraged-system-identifier'][@ns='http://fedramp.gov/ns/oscal']) = 1" level="ERROR">
+            <expect id="leveraged-authorization-has-system-identifier" target="leveraged-authorization" test="count(prop[@name='leveraged-system-identifier'][@ns='https://fedramp.gov/ns/oscal']) = 1" level="ERROR">
                 <formal-name>Leveraged Authorization Has System Identifier</formal-name>
                 <prop namespace="https://docs.oasis-open.org/sarif/sarif/v2.1.0" name="help-url" value="https://automate.fedramp.gov/documentation/ssp/4-ssp-template-to-oscal-mapping/#leveraged-fedramp-authorized-services"/>
                 <message>A FedRAMP SSP MUST define exactly one system identifier for each leveraged authorization entry.</message>
-            </expect>
-            <expect id="leveraged-authorization-has-user-authentication" target="leveraged-authorization" test="count(prop[@name='user-authentication'][@ns='http://fedramp.gov/ns/oscal']/remarks) = 1" level="ERROR">
-                <formal-name>Leveraged Authorization Has User Authentication</formal-name>
-                <prop namespace="https://docs.oasis-open.org/sarif/sarif/v2.1.0" name="help-url" value="https://automate.fedramp.gov/documentation/ssp/4-ssp-template-to-oscal-mapping/#leveraged-fedramp-authorized-services"/>
-                <message>A FedRAMP SSP MUST provide exactly one explanation of the user authentication for each leveraged authorization entry.</message>
             </expect>
 		</constraints>
 	</context>    

diff --git a/...idations/constraints/unit-tests/leveraged-authorization-has-user-authentication-FAIL.yaml b/...idations/constraints/unit-tests/leveraged-authorization-has-user-authentication-FAIL.yaml
diff --git a/...idations/constraints/unit-tests/leveraged-authorization-has-user-authentication-PASS.yaml b/...idations/constraints/unit-tests/leveraged-authorization-has-user-authentication-PASS.yaml