|
2003 | 2003 | </xsd:complexType> |
2004 | 2004 | </xsd:element> |
2005 | 2005 | <!-- =============================================================================== --> |
| 2006 | + <!-- =========================== YAML FILE CONTENT TEST ========================== --> |
| 2007 | + <!-- =============================================================================== --> |
| 2008 | + <xsd:element name="yamlfilecontent_test" substitutionGroup="oval-def:test"> |
| 2009 | + <xsd:annotation> |
| 2010 | + <xsd:documentation>The yamlfilecontent_test element is used to explore the contents of an YAML file. This test allows specific pieces of an YAML document specified using YAML Path to be tested. It extends the standard TestType as defined in the oval-definitions-schema and one should refer to the TestType description for more information. The required object element references a yamlfilecontent_object and the optional state element specifies the metadata to check.</xsd:documentation> |
| 2011 | + <xsd:appinfo> |
| 2012 | + <oval:element_mapping> |
| 2013 | + <oval:test>yamlfilecontent_test</oval:test> |
| 2014 | + <oval:object>yamlfilecontent_object</oval:object> |
| 2015 | + <oval:state>yamlfilecontent_state</oval:state> |
| 2016 | + <oval:item target_namespace="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#independent">yamlfilecontent_item</oval:item> |
| 2017 | + </oval:element_mapping> |
| 2018 | + </xsd:appinfo> |
| 2019 | + <xsd:appinfo> |
| 2020 | + <sch:pattern id="ind-def_yamltst"> |
| 2021 | + <sch:rule context="ind-def:yamlfilecontent_test/ind-def:object"> |
| 2022 | + <sch:assert test="@object_ref=ancestor::oval-def:oval_definitions/oval-def:objects/ind-def:yamlfilecontent_object/@id"><sch:value-of select="../@id"/> - the object child element of a yamlfilecontent_test must reference a yamlfilecontent_object</sch:assert> |
| 2023 | + </sch:rule> |
| 2024 | + <sch:rule context="ind-def:yamlfilecontent_test/ind-def:state"> |
| 2025 | + <sch:assert test="@state_ref=ancestor::oval-def:oval_definitions/oval-def:states/ind-def:yamlfilecontent_state/@id"><sch:value-of select="../@id"/> - the state child element of a yamlfilecontent_test must reference a yamlfilecontent_state</sch:assert> |
| 2026 | + </sch:rule> |
| 2027 | + </sch:pattern> |
| 2028 | + </xsd:appinfo> |
| 2029 | + </xsd:annotation> |
| 2030 | + <xsd:complexType> |
| 2031 | + <xsd:complexContent> |
| 2032 | + <xsd:extension base="oval-def:TestType"> |
| 2033 | + <xsd:sequence> |
| 2034 | + <xsd:element name="object" type="oval-def:ObjectRefType" /> |
| 2035 | + <xsd:element name="state" type="oval-def:StateRefType" minOccurs="0" maxOccurs="unbounded"/> |
| 2036 | + </xsd:sequence> |
| 2037 | + </xsd:extension> |
| 2038 | + </xsd:complexContent> |
| 2039 | + </xsd:complexType> |
| 2040 | + </xsd:element> |
| 2041 | + <xsd:element name="yamlfilecontent_object" substitutionGroup="oval-def:object"> |
| 2042 | + <xsd:annotation> |
| 2043 | + <xsd:documentation>The yamlfilecontent_object element is used by a YAML file content test to define the specific piece of an YAML file(s) to be evaluated. The yamlfilecontent_object will only collect regular files on UNIX systems and FILE_TYPE_DISK files on Windows systems. Each object extends the standard ObjectType as defined in the oval-definitions-schema and one should refer to the ObjectType description for more information. The common set element allows complex objects to be created using filters and set logic. Again, please refer to the description of the set element in the oval-definitions-schema.</xsd:documentation> |
| 2044 | + <xsd:documentation>The set of files to be evaluated may be identified with either a complete filepath or a path and filename. Only one of these options may be selected.</xsd:documentation> |
| 2045 | + <xsd:documentation>It is important to note that the 'max_depth' and 'recurse_direction' attributes of the 'behaviors' element do not apply to the 'filepath' element, only to the 'path' and 'filename' elements. This is because the 'filepath' element represents an absolute path to a particular file and it is not possible to recurse over a file.</xsd:documentation> |
| 2046 | + <xsd:appinfo> |
| 2047 | + <sch:pattern id="ind-def_yamlfilecontent_object_verify_filter_state"> |
| 2048 | + <sch:rule context="ind-def:yamlfilecontent_object//oval-def:filter"> |
| 2049 | + <sch:let name="parent_object" value="ancestor::ind-def:yamlfilecontent_object"/> |
| 2050 | + <sch:let name="parent_object_id" value="$parent_object/@id"/> |
| 2051 | + <sch:let name="state_ref" value="."/> |
| 2052 | + <sch:let name="reffed_state" value="ancestor::oval-def:oval_definitions/oval-def:states/*[@id=$state_ref]"/> |
| 2053 | + <sch:let name="state_name" value="local-name($reffed_state)"/> |
| 2054 | + <sch:let name="state_namespace" value="namespace-uri($reffed_state)"/> |
| 2055 | + <sch:assert test="(($state_namespace='http://oval.mitre.org/XMLSchema/oval-definitions-5#independent') and ($state_name='yamlfilecontent_state'))">State referenced in filter for <sch:value-of select="name($parent_object)"/> '<sch:value-of select="$parent_object_id"/>' is of the wrong type. </sch:assert> |
| 2056 | + </sch:rule> |
| 2057 | + </sch:pattern> |
| 2058 | + </xsd:appinfo> |
| 2059 | + </xsd:annotation> |
| 2060 | + <xsd:complexType> |
| 2061 | + <xsd:complexContent> |
| 2062 | + <xsd:extension base="oval-def:ObjectType"> |
| 2063 | + <xsd:sequence> |
| 2064 | + <xsd:choice> |
| 2065 | + <xsd:element ref="oval-def:set"/> |
| 2066 | + <xsd:sequence> |
| 2067 | + <xsd:element name="behaviors" type="ind-def:FileBehaviors" minOccurs="0" maxOccurs="1"/> |
| 2068 | + <xsd:choice> |
| 2069 | + <xsd:element name="filepath" type="oval-def:EntityObjectStringType"> |
| 2070 | + <xsd:annotation> |
| 2071 | + <xsd:documentation>The filepath element specifies the absolute path for a file on the machine. A directory cannot be specified as a filepath.</xsd:documentation> |
| 2072 | + <xsd:appinfo> |
| 2073 | + <sch:pattern id="ind-def_yamlobjfilepath"> |
| 2074 | + <sch:rule context="ind-def:yamlfilecontent_object/ind-def:filepath"> |
| 2075 | + <sch:assert test="not(preceding-sibling::ind-def:behaviors[@max_depth or @recurse_direction])"><sch:value-of select="../@id"/> - the max_depth and recurse_direction behaviors are not allowed with a filepath entity</sch:assert> |
| 2076 | + </sch:rule> |
| 2077 | + </sch:pattern> |
| 2078 | + <sch:pattern id="ind-def_yamlobjfilepath2"> |
| 2079 | + <sch:rule context="ind-def:yamlfilecontent_object/ind-def:filepath[not(@operation='equals' or not(@operation))]"> |
| 2080 | + <sch:assert test="not(preceding-sibling::ind-def:behaviors[@recurse_file_system='defined'])"><sch:value-of select="../@id"/> - the recurse_file_system behavior MUST not be set to 'defined' when a pattern match is used with a filepath entity.</sch:assert> |
| 2081 | + </sch:rule> |
| 2082 | + </sch:pattern> |
| 2083 | + </xsd:appinfo> |
| 2084 | + </xsd:annotation> |
| 2085 | + </xsd:element> |
| 2086 | + <xsd:sequence> |
| 2087 | + <xsd:element name="path" type="oval-def:EntityObjectStringType"> |
| 2088 | + <xsd:annotation> |
| 2089 | + <xsd:documentation>The path element specifies the directory component of the absolute path to a file on the machine.</xsd:documentation> |
| 2090 | + <xsd:appinfo> |
| 2091 | + <sch:pattern id="ind-def_yamlobjpath"> |
| 2092 | + <sch:rule context="ind-def:yamlfilecontent_object/ind-def:path[not(@operation='equals' or not(@operation))]"> |
| 2093 | + <sch:assert test="not(preceding-sibling::ind-def:behaviors[@recurse_file_system='defined'])"><sch:value-of select="../@id"/> - the recurse_file_system behavior MUST not be set to 'defined' when a pattern match is used with a path entity.</sch:assert> |
| 2094 | + <sch:assert test="not(preceding-sibling::ind-def:behaviors[@max_depth])"><sch:value-of select="../@id"/> - the max_depth behavior MUST not be used when a pattern match is used with a path entity.</sch:assert> |
| 2095 | + <sch:assert test="not(preceding-sibling::ind-def:behaviors[@recurse_direction])"><sch:value-of select="../@id"/> - the recurse_direction behavior MUST not be used when a pattern match is used with a path entity.</sch:assert> |
| 2096 | + <sch:assert test="not(preceding-sibling::ind-def:behaviors[@recurse])"><sch:value-of select="../@id"/> - the recurse behavior MUST not be used when a pattern match is used with a path entity.</sch:assert> |
| 2097 | + </sch:rule> |
| 2098 | + </sch:pattern> |
| 2099 | + </xsd:appinfo> |
| 2100 | + </xsd:annotation> |
| 2101 | + </xsd:element> |
| 2102 | + <xsd:element name="filename" type="oval-def:EntityObjectStringType"> |
| 2103 | + <xsd:annotation> |
| 2104 | + <xsd:documentation>The filename element specifies the name of the file.</xsd:documentation> |
| 2105 | + <xsd:appinfo> |
| 2106 | + <sch:pattern id="ind-def_yamlobjfilename"> |
| 2107 | + <sch:rule context="ind-def:yamlfilecontent_object/ind-def:filename"> |
| 2108 | + <sch:assert test="(@var_ref and .='') or not(.='') or (.='' and @operation = 'pattern match')"><sch:value-of select="../@id"/> - filename entity cannot be empty unless the xsi:nil attribute is set to true or a var_ref is used</sch:assert> |
| 2109 | + </sch:rule> |
| 2110 | + </sch:pattern> |
| 2111 | + </xsd:appinfo> |
| 2112 | + </xsd:annotation> |
| 2113 | + </xsd:element> |
| 2114 | + </xsd:sequence> |
| 2115 | + </xsd:choice> |
| 2116 | + <xsd:element name="yamlpath" type="oval-def:EntityObjectStringType"> |
| 2117 | + <xsd:annotation> |
| 2118 | + <xsd:documentation>Specifies an YAML Path expression to evaluate against the YAML file specified by the filename entity. This YAML Path expression must evaluate to a list of zero or more scalar values which will be accessible in OVAL via instances of the value_of entity. Any results from evaluating the YAML Path expression other than a list of scalar values (e.g., a hash or list of lists) is considered an error. The intention is that the scalar values be drawn from instances of a single, uniquely named element. However, an OVAL interpreter is not required to verify this, so the author should define the YAML Path expression carefully. Note that "equals" is the only valid operator for the yamlpath entity.</xsd:documentation> |
| 2119 | + <xsd:appinfo> |
| 2120 | + <sch:pattern id="ind-def_yamlobjyamlpath"> |
| 2121 | + <sch:rule context="ind-def:yamlfilecontent_object/ind-def:yamlpath"> |
| 2122 | + <sch:assert test="not(@operation) or @operation='equals'"><sch:value-of select="../@id"/> - operation attribute for the yamlpath entity of a yamlfilecontent_object should be 'equals', note that this overrules the general operation attribute validation (i.e. follow this one)</sch:assert> |
| 2123 | + </sch:rule> |
| 2124 | + </sch:pattern> |
| 2125 | + </xsd:appinfo> |
| 2126 | + </xsd:annotation> |
| 2127 | + </xsd:element> |
| 2128 | + <xsd:element ref="oval-def:filter" minOccurs="0" maxOccurs="unbounded"/> |
| 2129 | + </xsd:sequence> |
| 2130 | + </xsd:choice> |
| 2131 | + </xsd:sequence> |
| 2132 | + </xsd:extension> |
| 2133 | + </xsd:complexContent> |
| 2134 | + </xsd:complexType> |
| 2135 | + </xsd:element> |
| 2136 | + <xsd:element name="yamlfilecontent_state" substitutionGroup="oval-def:state"> |
| 2137 | + <xsd:annotation> |
| 2138 | + <xsd:documentation>The yamlfilecontent_state element contains entities that are used to check the file path and name, as well as the YAML Path used and the value of the this YAML Path.</xsd:documentation> |
| 2139 | + </xsd:annotation> |
| 2140 | + <xsd:complexType> |
| 2141 | + <xsd:complexContent> |
| 2142 | + <xsd:extension base="oval-def:StateType"> |
| 2143 | + <xsd:sequence> |
| 2144 | + <xsd:element name="filepath" type="oval-def:EntityStateStringType" minOccurs="0"> |
| 2145 | + <xsd:annotation> |
| 2146 | + <xsd:documentation>The filepath element specifies the absolute path for a file on the machine. A directory cannot be specified as a filepath.</xsd:documentation> |
| 2147 | + </xsd:annotation> |
| 2148 | + </xsd:element> |
| 2149 | + <xsd:element name="path" type="oval-def:EntityStateStringType" minOccurs="0" maxOccurs="1"> |
| 2150 | + <xsd:annotation> |
| 2151 | + <xsd:documentation>The path element specifies the directory component of the absolute path to a file on the machine.</xsd:documentation> |
| 2152 | + </xsd:annotation> |
| 2153 | + </xsd:element> |
| 2154 | + <xsd:element name="filename" type="oval-def:EntityStateStringType" minOccurs="0" maxOccurs="1"> |
| 2155 | + <xsd:annotation> |
| 2156 | + <xsd:documentation>The filename element specifies the name of the file.</xsd:documentation> |
| 2157 | + </xsd:annotation> |
| 2158 | + </xsd:element> |
| 2159 | + <xsd:element name="yamlpath" type="oval-def:EntityStateStringType" minOccurs="0" maxOccurs="1"> |
| 2160 | + <xsd:annotation> |
| 2161 | + <xsd:documentation>Specifies an YAML Path expression to evaluate against the YAML file specified by the filename entity. This YAML Path expression must evaluate to a list of zero or more text values which will be accessible in OVAL via instances of the value_of entity. Any results from evaluating the YAML Path expression other than a list of text strings (e.g., a nodes set) is considered an error. The intention is that the text values be drawn from instances of a single, uniquely named element or attribute. However, an OVAL interpreter is not required to verify this, so the author should define the YAML Path expression carefully. Note that "equals" is the only valid operator for the yamlpath entity.</xsd:documentation> |
| 2162 | + </xsd:annotation> |
| 2163 | + </xsd:element> |
| 2164 | + <xsd:element name="value_of" type="oval-def:EntityStateAnySimpleType" minOccurs="0" maxOccurs="1"> |
| 2165 | + <xsd:annotation> |
| 2166 | + <xsd:documentation>The value_of element checks the value(s) of the text node(s) or attribute(s) found.</xsd:documentation> |
| 2167 | + </xsd:annotation> |
| 2168 | + </xsd:element> |
| 2169 | + <xsd:element name="windows_view" type="ind-def:EntityStateWindowsViewType" minOccurs="0"> |
| 2170 | + <xsd:annotation> |
| 2171 | + <xsd:documentation>The windows view value to which this was targeted. This is used to indicate which view (32-bit or 64-bit), the associated State applies to. This entity only applies to 64-bit Microsoft Windows operating systems.</xsd:documentation> |
| 2172 | + </xsd:annotation> |
| 2173 | + </xsd:element> |
| 2174 | + </xsd:sequence> |
| 2175 | + </xsd:extension> |
| 2176 | + </xsd:complexContent> |
| 2177 | + </xsd:complexType> |
| 2178 | + </xsd:element> |
| 2179 | + <!-- =============================================================================== --> |
2006 | 2180 | <!-- =============================================================================== --> |
2007 | 2181 | <!-- =============================================================================== --> |
2008 | 2182 | <xsd:complexType name="FileBehaviors"> |
|
0 commit comments