sort constraints per style guide

GSA · Nov 7, 2024 · dc6750a · dc6750a
1 parent b7eaad4
commit dc6750a
Showing 1 changed file with 15 additions and 15 deletions.
diff --git a/src/validations/constraints/fedramp-external-constraints.xml b/src/validations/constraints/fedramp-external-constraints.xml
@@ -316,6 +316,21 @@
                 <prop namespace="https://docs.oasis-open.org/sarif/sarif/v2.1.0" name="help-url" value="https://automate.fedramp.gov/documentation/general-concepts/oscal-citations-and-attachments/#citation-and-attachment-details"/>
                 <message>Every supporting artifact found in a citation SHOULD have a title.</message>
             </expect>
+            <expect id="responsible-party-prepared-for" target="metadata" test="exists(responsible-party[@role-id eq 'prepared-for'])" level="ERROR">
+                <formal-name>Responsible Party Prepared For</formal-name>
+                <prop namespace="https://docs.oasis-open.org/sarif/sarif/v2.1.0" name="help-url" value="https://automate.fedramp.gov/documentation/general-concepts/4-expressing-common-fedramp-template-elements-in-oscal/#prepared-for-csp"/>
+                <message>A FedRAMP SSP MUST have a responsible party that defines the party that the document was prepared for.</message>
+            </expect>
+            <expect id="responsible-party-prepared-for-location-valid" target="." test="($prepared-for-party/address[@type='work'] and $prepared-for-party/address/addr-line and $prepared-for-party/address/city and $prepared-for-party/address/state and $prepared-for-party/address/postal-code) or ($prepared-for-location/address[@type='work'] and $prepared-for-location/address/addr-line and $prepared-for-location/address/city and $prepared-for-location/address/state and $prepared-for-location/address/postal-code)" level="WARNING">
+                <formal-name>Responsible Party Prepared For Location Valid</formal-name>
+                <prop namespace="https://docs.oasis-open.org/sarif/sarif/v2.1.0" name="help-url" value="https://automate.fedramp.gov/documentation/general-concepts/4-expressing-common-fedramp-template-elements-in-oscal/#prepared-for-csp"/>
+                <message>A FedRAMP SSP MUST have a responsible party for who the document was prepared for, and that party MUST define an address.</message>
+            </expect>
+            <expect id="role-defined-prepared-for" target="metadata" test="exists(role[@id eq 'prepared-for'])" level="ERROR">
+                <formal-name>Role Defined Prepared For</formal-name>
+                <prop namespace="https://docs.oasis-open.org/sarif/sarif/v2.1.0" name="help-url" value="https://automate.fedramp.gov/documentation/general-concepts/4-expressing-common-fedramp-template-elements-in-oscal/#prepared-for-csp"/>
+                <message>A FedRAMP SSP MUST define a role for which the document was prepared.</message>
+            </expect>
             <expect id="security-sensitivity-level-matches-security-impact-level" target="system-characteristics/security-sensitivity-level" test=". eq $security-impact-level" level="WARNING">
                 <formal-name>Security Sensitivity Level Matches Security Impact Level</formal-name>
                 <prop namespace="https://docs.oasis-open.org/sarif/sarif/v2.1.0" name="help-url" value="https://automate.fedramp.gov/documentation/ssp/4-ssp-template-to-oscal-mapping/#system-sensitivity-level"/>
@@ -344,21 +359,6 @@
                     <p>A FedRAMP SSP MUST use precise classifications for cloud deployment models. It MUST NOT use generic classifications like "hybrid-cloud".</p>
                 </remarks>
             </expect>
-            <expect id="role-defined-prepared-for" target="metadata" test="exists(role[@id eq 'prepared-for'])" level="ERROR">
-                <formal-name>Role Defined Prepared For</formal-name>
-                <prop namespace="https://docs.oasis-open.org/sarif/sarif/v2.1.0" name="help-url" value="https://automate.fedramp.gov/documentation/general-concepts/4-expressing-common-fedramp-template-elements-in-oscal/#prepared-for-csp"/>
-                <message>A FedRAMP SSP MUST define a role for which the document was prepared.</message>
-            </expect>
-            <expect id="responsible-party-prepared-for" target="metadata" test="exists(responsible-party[@role-id eq 'prepared-for'])" level="ERROR">
-                <formal-name>Responsible Party Prepared For</formal-name>
-                <prop namespace="https://docs.oasis-open.org/sarif/sarif/v2.1.0" name="help-url" value="https://automate.fedramp.gov/documentation/general-concepts/4-expressing-common-fedramp-template-elements-in-oscal/#prepared-for-csp"/>
-                <message>A FedRAMP SSP MUST have a responsible party that defines the party that the document was prepared for.</message>
-            </expect>
-            <expect id="responsible-party-prepared-for-location-valid" target="." test="($prepared-for-party/address[@type='work'] and $prepared-for-party/address/addr-line and $prepared-for-party/address/city and $prepared-for-party/address/state and $prepared-for-party/address/postal-code) or ($prepared-for-location/address[@type='work'] and $prepared-for-location/address/addr-line and $prepared-for-location/address/city and $prepared-for-location/address/state and $prepared-for-location/address/postal-code)" level="WARNING">
-                <formal-name>Responsible Party Prepared For Location Valid</formal-name>
-                <prop namespace="https://docs.oasis-open.org/sarif/sarif/v2.1.0" name="help-url" value="https://automate.fedramp.gov/documentation/general-concepts/4-expressing-common-fedramp-template-elements-in-oscal/#prepared-for-csp"/>
-                <message>A FedRAMP SSP MUST have a responsible party for who the document was prepared for, and that party MUST define an address.</message>
-            </expect>
         </constraints>
     </context>