From 290bc843fd221b736d84e97ea5c0a2c30774eb71 Mon Sep 17 00:00:00 2001
From: Michaela Iorga <michaela.iorga@nist.gov>
Date: Wed, 29 Nov 2023 13:47:12 -0500
Subject: [PATCH] Catalog constraints added in oscal_catalog_metaschema.xml -
 see issue #1949  (#1952)

* Two additional allowed values for catalog/group/part/@name and catalog/group/control/part/@name

* aligned the description of group/part@name='statement' and control/part@name='statement'

* Fixed typo in the oscal_ssp_metaschema and updated controversial constraint for group/part in oscal_catalog_metaschema

* Update src/metaschema/oscal_catalog_metaschema.xml

Fixed grammar.

Co-authored-by: Chris Compton <daniel.compton@nist.gov>

---------

Co-authored-by: Iorga <miorga@pn129618.campus.nist.gov>
Co-authored-by: Chris Compton <daniel.compton@nist.gov>
---
 src/metaschema/oscal_catalog_metaschema.xml | 4 +++-
 src/metaschema/oscal_ssp_metaschema.xml     | 2 +-
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/src/metaschema/oscal_catalog_metaschema.xml b/src/metaschema/oscal_catalog_metaschema.xml
index 5a2a9b52fa..cf6498f580 100644
--- a/src/metaschema/oscal_catalog_metaschema.xml
+++ b/src/metaschema/oscal_catalog_metaschema.xml
@@ -146,6 +146,7 @@
                   </allowed-values>
                   <allowed-values target="part[has-oscal-namespace('http://csrc.nist.gov/ns/oscal')]/@name">
                         <enum value="overview">An introduction to a control or a group of controls.</enum>
+                        <enum value="instruction">Information providing directions for a control or a group of controls.</enum>
                   </allowed-values>
             </constraint>
             <remarks>
@@ -254,9 +255,10 @@
                         target="part[has-oscal-namespace('http://csrc.nist.gov/ns/oscal')]/@name">
                         <enum value="overview">An introduction to a control or a group of
                               controls.</enum>
-                        <enum value="statement">A set of control implementation requirements.</enum>
+                        <enum value="statement">A set of implementation requirements or recommendations.</enum>
                         <enum value="guidance">Additional information to consider when selecting,
                               implementing, assessing, and monitoring a control.</enum>
+                        <enum value="example">An example of an implemented requirement or control statement.</enum>
                         <enum value="assessment" deprecated="1.0.1">**(deprecated)** Use
                               'assessment-method' instead.</enum>
                         <enum value="assessment-method">The part describes a method-based assessment
diff --git a/src/metaschema/oscal_ssp_metaschema.xml b/src/metaschema/oscal_ssp_metaschema.xml
index 2cfb9df3c3..2f0d1c613c 100644
--- a/src/metaschema/oscal_ssp_metaschema.xml
+++ b/src/metaschema/oscal_ssp_metaschema.xml
@@ -156,7 +156,7 @@
         </enum>
         <enum value="community-cloud">The community cloud deployment model as defined by <a href="https://doi.org/10.6028/NIST.SP.800-145">The NIST Definition of Cloud Computing</a>.
         </enum>
-        <enum value="hybrid-cloud">The hybrid cloud deployment model as defined by as defined by <a href="https://doi.org/10.6028/NIST.SP.800-145">The NIST Definition of Cloud Computing</a>.
+        <enum value="hybrid-cloud">The hybrid cloud deployment model as defined by <a href="https://doi.org/10.6028/NIST.SP.800-145">The NIST Definition of Cloud Computing</a>.
         </enum>
         <!-- TODO: consider generalizing this in a way that applies to other usage contexts. -->
         <enum value="government-only-cloud">A specific type of community-cloud for use only by government services.</enum>