Add role levels to control errors.

For now, all required controls will fail with a warning. Incomplete core controls will fail with error.
18F · Dec 9, 2020 · ffae000 · ffae000
1 parent 28c3644
commit ffae000
Showing 1 changed file with 2 additions and 2 deletions.
diff --git a/resources/validations/src/ssp.sch b/resources/validations/src/ssp.sch
@@ -221,8 +221,8 @@
         <sch:let name="core-missing" value="$required-controls[o:prop[@name='CORE' and @ns=$registry-namespace] and @id = $all-missing/@id]"/>
         <sch:let name="extraneous" value="$implemented[not(@control-id = $required-controls/@id)]"/>
         <sch:report id="each-required-control-report" test="count($required-controls) > 0">The following <sch:value-of select="count($required-controls)"/><sch:value-of select="if (count($required-controls)=1) then ' control' else ' controls'"/> are required: <sch:value-of select="$required-controls/@id"/></sch:report>
-        <sch:assert id="incomplete-core-implemented-requirements" test="not(exists($core-missing))">This SSP has not implemented the most important <sch:value-of select="count($core-missing)"/> core<sch:value-of select="if (count($core-missing)=1) then ' control' else ' controls'"/>: <sch:value-of select="$core-missing/@id"/></sch:assert>
-        <sch:assert id="incomplete-all-implemented-requirements" test="not(exists($all-missing))">This SSP has not implemented <sch:value-of select="count($all-missing)"/><sch:value-of select="if (count($all-missing)=1) then ' control' else ' controls'"/> overall: <sch:value-of select="$all-missing/@id"/></sch:assert>
+        <sch:assert role="error" id="incomplete-core-implemented-requirements" test="not(exists($core-missing))">This SSP has not implemented the most important <sch:value-of select="count($core-missing)"/> core<sch:value-of select="if (count($core-missing)=1) then ' control' else ' controls'"/>: <sch:value-of select="$core-missing/@id"/></sch:assert>
+        <sch:assert role="warn" id="incomplete-all-implemented-requirements" test="not(exists($all-missing))">This SSP has not implemented <sch:value-of select="count($all-missing)"/><sch:value-of select="if (count($all-missing)=1) then ' control' else ' controls'"/> overall: <sch:value-of select="$all-missing/@id"/></sch:assert>
         <sch:assert id="extraneous-implemented-requirements" test="not(exists($extraneous))">This SSP has implemented <sch:value-of select="count($extraneous)"/> extraneous<sch:value-of select="if (count($extraneous)=1) then ' control' else ' controls'"/> not needed given the selected profile: <sch:value-of select="$extraneous/@control-id"/></sch:assert>
         <sch:let name="results" value="$ok-values => lv:analyze(//o:implemented-requirement/o:annotation[@name='implementation-status'])"/>
         <sch:let name="total" value="$results/reports/@count"/>