Extending OSCAL prose #284
Comments
|
@wendellpiez thank you for creating this based on our conversation yesterday! First, this topic applies to three portions of an SSP:
In general, the decisions and actions here can and should apply to all three areas. The most common formatting elements include:
The next most common formatting elements I see are:
In very rare cases have I noticed a change in font face or size. CSPs are discouraged from deviating from the font face/size set in the SSP Template by FedRAMP. Additionally, I am unaware of any example where the use of a different font face or size would result in a loss of information or context. In short, I believe if we allow the eight formatting capabilities above, we can faithfully represent existing Word-based SSP content in OSCAL without loss of context or fidelity. |
|
We should also address how to handle unsupported formatting. Do we ignore it? Do we convert angle brackets to escape codes (< and >)? Just in XML or also in JSON? |
|
Keep in mind that most of this is really only applicable in XML and to make it easier for running stylesheets and presenting HTML. With JSON, there are only two options: properly escape the prose as a JSON string ... or base64 encode the prose and store the result as a JSON string. In either case, there's no added benefit to the user because regardless, the JSON has to be deserialized and subsequently processed for whatever presentation mechanism the producer/consumer/tool desires. |
…us simple tables.
… tables. (#308) Appears correct to visual review.
…us simple tables. (usnistgov#308) Appears correct to visual review.
* Feature metaschema d2 next (usnistgov#277) * Patched with changes from feature-metaschema-d2 * Moving testing schema into schema/demo dir for more robust testing of (portable, replicable) metaschema infrastructure * Cleanup and refactoring metaschema production for demo * Patched with changes from feature-metaschema-d2 * Cleanup and refactoring metaschema production for demo * More adjustments and documentation of metaschema * Adjustments to metaschema notes doc * Now supporting namespace assignment per metaschema * Better support for modular metaschemas * Metaschema support for namespaces, acquired (imported) models * Scrubbing old prose modules * Metaschema XML documentation now respecting namespaces in XML artifacts * Minor tweaks to comments * More improvements in view of namespaces. JSON examples not yet working. * Better handling of examples now * Removing unneeded test files * Correcting syntax error * Adjustments in demo metaschema * Added draft metadata to SP800-53 profiles; also new SP800-53 catalog with (draft) metadata. * Adding Markdown-conversion and JSON-handling code * 'Hardening' markdown conversion * Adding placeholder files for new catalog and profile metaschemas with namespace support - nb namespaces assigned have not been changed. But namespace support in the metaschema infrastructure can be tested. * Cleaning up catalog and profile schemas (with namespaces) and examples * Updated demo schema readme * Tighter co-occurrence testing * First half of Issue usnistgov#284 -extening prose to permits h1-h6 plus simple tables. (usnistgov#308) Appears correct to visual review. * Update NIST 800-53 YAML catalog (usnistgov#315) - Update naming convention - Update README to mention YAML catalog - Remove old catalog - Fixes usnistgov#265 * This includes the SSP Metaschema and the SSP XML Schema. (usnistgov#309) * Removed 'show-docs' attribute from metaschema definitions, as inconsistent with new schema docs design. * Constraints governing the metaschema now adjusted for improved and easier import functionality, with corresponding changes to test metaschema * XSD and JSON schema generation now upgraded to new simpler metaschema modularization model per usnistgov#316 * JSON Schema production supports new modularization design. * Upgrading Metaschema infrastructure to produce schemas and converters with new import logic * Clean up and prep for fresh run of schema documentation into new site configuration * Fresh run of catalog schema docs * Configuration changes towards site preview, with cleanup * Pulling autogenerated docs from .gitignore (for testing) * Adding placeholder files back for navigation * Adding new layout file * Fixed small bug in subnav production * WIP towards splitting XML- and JSON-oriented documentation * Rearranging docs results * Now adding JSON docs in a separate collection (subdirectory) - still WIP * Moving generated documentation for handling by Jekyll * Latest efforts at site navigation reconfiguration * Navigation is functional again * Further along towards presentable schema docs - crosslinks and working nav * Updated element-map XSLT producing an element map from a metaschema (towards a navigation widget) - also adding missing markdown home pages for JSON schema docs * Now added links from properties (elements/attributes) to the objects (elements) that may contain them. * More improvements; also exposing a bug in XML formatting (in schema docs examples) * Adding new page for OSCAL prose * Improvements to content * Small changes to header and contents * More small edits to content * Renamed resource * More adjustments to contents; code presentation adjustment in XML schema docs * More touchups on docs (prose) * Preventing Jekyll from double-escaping code blocks * Repairing support for Boolean values on flags and fields; improvements to XML->JSON casting * First half of Issue usnistgov#284 -extening prose to permits h1-h6 plus simple tables. (usnistgov#308) Appears correct to visual review. * This includes the SSP Metaschema and the SSP XML Schema. (usnistgov#309) * Removed 'show-docs' attribute from metaschema definitions, as inconsistent with new schema docs design. * Constraints governing the metaschema now adjusted for improved and easier import functionality, with corresponding changes to test metaschema * XSD and JSON schema generation now upgraded to new simpler metaschema modularization model per usnistgov#316 * JSON Schema production supports new modularization design. * Upgrading Metaschema infrastructure to produce schemas and converters with new import logic * Repairing support for Boolean values on flags and fields; improvements to XML->JSON casting * Repaired bugs in import resolution; now circular imports will fail, while recursive assembly definitions will not. * Updates to catalog metaschema with simpler import; removed 'declarations' element. * Working towards updated catalog and profile schemas * Updating actual XSDs this time * Cleanup after latest git confusion * Adding in test files, proto SSP schema * More improvements to metaschema modules including 'assets' metaschema module. * Tweak to examples readme * Removing out of date YAML file (with case problems on the name) * Many changes to copy, and some to organization, responding to internal review. * Small vital adjustment in home page copy * Bug fixes to element map * Further adjustment of home page copy * Correcting errors in titles of SP800-53 baseline profiles * Adjustments to schemas, catalogs and profiles reflecting rework in metadata and back matter (resources) modeling * Rearranging, refactoring, reordering ... * Improvements to Resources page including updated links. * Improvements to site navigation and copy * Removed 'sketch' tools directory (to off site) * Rearranging library components for metaschema docs processing * Oops, adding the files back where they belong ... * Adding profile schema documentation * Fresh run of catalog schema docs, now with elements from modules * More incremental improvements to schema docs and navigation * Updating conversion scripts and documentation that uses them * Including missing files for catalog schema docs * More improvements to site contents (community pages); HTML=>markdown XSLT improvements * More adjustments to copy
david-waltermire
added
User Story
Scope: Modeling
|
#200 provides good sources of documentation for this issue. |
|
Since PR #339 (accepted) the only elements not permitted in prose, which we have discussed, are I don't much like We are going to need Anything we add needs to be supported in bidirectional conversion (#343). |
|
Work proceeds on bidirectional conversion. Everything should now be convertible except tables, Adding this Issue to Sprint 21 Project since completing this is a dependency for M1. The Acceptance Criterion will be satisfied by unit tests showing the range of permitted prose elements, valid (to a Metaschema-derived schema) and converting successfully. |
5/23/2019This work is in @wendellpiez 's branch. A PR will be submitted as soon as this issue is ready. |
|
Tables and HTML |
* Adjustment in metaschema XSD to support declaring any field or assembly to be required. Adjustments to catalog and profile metaschema. Also extending JSON schema production to support this feature in generated JSON schemas. * Updated schemas and NIST examples to new model (no more title at the top) * Adding 'img' element to prose module #284
|
Done. |
* Adjustment in metaschema XSD to support declaring any field or assembly to be required. Adjustments to catalog and profile metaschema. Also extending JSON schema production to support this feature in generated JSON schemas. * Updated schemas and NIST examples to new model (no more title at the top) * Adding 'img' element to prose module #284
User Story:
As a producer of OSCAL data, I need to be able to drop in chunks of data with richer block-level structure than the prose model allows.
FedRAMP SSPs offer an example of this. Submitters will often put entire mini-documents with headers, or tables, into their implementation description. Currently OSCAL has no direct provision for these. Even if data conversions produce semantic-equivalent structures, users will feel perturbed if their visual representations are missing or distorted. Even if we do not preserve decorative detail such as table border settings, OSCAL at this level should be free-form enough to let users do what they are already doing or something close enough for comfort. This includes "make this a header line" and "display this as a table".
Currently the prose model allows paragraphs, code blocks, bulleted lists and numbered lists (not yet implemented at time of writing) as well as a range of inline elements for bold, italic, underlining etc.
HTML-like elements that could be considered included
table(simple) withtdandtralong with headersh1-h6. Since they have conventional markdown representations we could permit them without breaking our nominal compatibility with HTML within prose.If it is judged that these elements should be permitted in some variants of OSCAL and not others (as they probably should not be used in catalogs for example, as they are semantically weak), we can consider a way of making these distinctions (for example, using Schematron to forbid them in catalogs).
Goals:
Permit greater expressiveness in OSCAL documents including implementation-level documents such as SSPs (eventually assessments etc.) by allowing more familiar block-level formatting in prose blocks.
Note that there are disadvantages to permitting users to include free-form elements including headers and tables, when it is easy (as OSCAL arguably makes it) to provide a richer and more rigorous data description by using nested, labelled sections (OSCAL
part) instead of "art" (such as tables). Semantics that are only implied by display (such as table layout or typography) is only latent, therefore useless.The counter argument is that even well structured OSCAL with ad-hoc labelling will be latent, so letting the users have their eye candy is actually good here.
NB: this issue, like #283, picks up from #200.
Dependencies:
Acceptance Criteria
The text was updated successfully, but these errors were encountered: