foreman_openscap 0.2.1 → 0.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (59) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +20 -6
  3. data/app/assets/javascript/foreman_openscap/period_selector.js +3 -0
  4. data/app/assets/javascript/foreman_openscap/policy_edit.js +37 -0
  5. data/app/assets/stylesheets/foreman_openscap/policy.css.scss +7 -0
  6. data/app/controllers/api/v2/{openscap → compliance}/arf_reports_controller.rb +6 -5
  7. data/app/controllers/scaptimony_arf_reports_controller.rb +9 -6
  8. data/app/controllers/scaptimony_policies_controller.rb +72 -11
  9. data/app/{models/scaptimony/asset.rb → controllers/scaptimony_policy_dashboard_controller.rb} +8 -9
  10. data/app/controllers/scaptimony_scap_contents_controller.rb +25 -16
  11. data/app/helpers/concerns/foreman_openscap/hosts_helper_extensions.rb +3 -4
  12. data/app/helpers/scaptimony_policies_helper.rb +22 -0
  13. data/app/helpers/scaptimony_policy_dashboard_helper.rb +43 -0
  14. data/app/helpers/scaptimony_report_dashboard_helper.rb +20 -0
  15. data/app/models/concerns/foreman_openscap/arf_report_extensions.rb +30 -1
  16. data/app/models/concerns/foreman_openscap/asset_extensions.rb +34 -0
  17. data/app/models/concerns/foreman_openscap/host_extensions.rb +38 -7
  18. data/app/models/concerns/foreman_openscap/policy_extensions.rb +214 -3
  19. data/app/models/concerns/foreman_openscap/scap_content_extensions.rb +21 -1
  20. data/app/overrides/hosts/index/host_arf_report.rb +5 -0
  21. data/app/services/scaptimony/policy_dashboard/data.rb +30 -0
  22. data/app/services/scaptimony/policy_dashboard/loader.rb +20 -0
  23. data/app/services/scaptimony/policy_dashboard/manager.rb +32 -0
  24. data/app/services/scaptimony/report_dashboard/data.rb +37 -0
  25. data/app/views/dashboard/_foreman_openscap_host_reports_widget.html.erb +24 -0
  26. data/app/views/dashboard/_foreman_openscap_reports_breakdown_widget.html.erb +3 -0
  27. data/app/views/scaptimony_arf_reports/_host_report.html.erb +8 -0
  28. data/app/views/scaptimony_arf_reports/_list.html.erb +2 -2
  29. data/app/views/scaptimony_arf_reports/show.html.erb +3 -0
  30. data/app/views/scaptimony_policies/_form.html.erb +23 -4
  31. data/app/views/scaptimony_policies/_list.html.erb +2 -4
  32. data/app/views/scaptimony_policies/create.html.erb +2 -0
  33. data/app/views/scaptimony_policies/edit.html.erb +1 -2
  34. data/app/views/scaptimony_policies/index.html.erb +1 -1
  35. data/app/views/scaptimony_policies/new.html.erb +1 -2
  36. data/app/views/scaptimony_policies/select_multiple_hosts.html.erb +8 -0
  37. data/app/views/scaptimony_policies/show.html.erb +3 -0
  38. data/app/views/scaptimony_policies/steps/_create_policy_form.html.erb +5 -0
  39. data/app/views/scaptimony_policies/steps/_hostgroups_form.html.erb +7 -0
  40. data/app/views/scaptimony_policies/steps/_locations_form.html.erb +13 -0
  41. data/app/views/scaptimony_policies/steps/_organizations_form.html.erb +13 -0
  42. data/app/views/scaptimony_policies/steps/_scap_content_form.html.erb +21 -0
  43. data/app/views/scaptimony_policies/steps/_schedule_form.html.erb +11 -0
  44. data/app/views/scaptimony_policies/steps/_step_form.html.erb +11 -0
  45. data/app/views/scaptimony_policy_dashboard/_policy_chart_widget.html.erb +4 -0
  46. data/app/views/scaptimony_policy_dashboard/_policy_reports.html.erb +24 -0
  47. data/app/views/scaptimony_policy_dashboard/_policy_status_widget.html.erb +12 -0
  48. data/app/views/scaptimony_policy_dashboard/index.html.erb +26 -0
  49. data/app/views/scaptimony_scap_contents/_form.html.erb +8 -0
  50. data/app/views/scaptimony_scap_contents/_list.html.erb +8 -6
  51. data/config/routes.rb +24 -6
  52. data/db/seeds.d/openscap_feature.rb +2 -0
  53. data/lib/foreman_openscap/engine.rb +18 -12
  54. data/lib/foreman_openscap/helper.rb +1 -7
  55. data/lib/foreman_openscap/version.rb +1 -1
  56. metadata +57 -31
  57. data/app/assets/javascript/policy_edit.js +0 -14
  58. data/app/overrides/dashboard/index/sample_override.html.erb.deface +0 -4
  59. data/db/migrate/20141017172055_create_scaptimony_auditable_hosts.rb +0 -9
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: e6f78f76f48726587034c86337c59f870ea7774d
4
- data.tar.gz: fe1cde3c865b1351ae79826961fb1bd9fbdec4cf
3
+ metadata.gz: fcc7365919b95567728c6bbf5f71c44e0bdbc4f7
4
+ data.tar.gz: 59df09c7a34dde0ee73b4b694cde4c88ac52aecc
5
5
  SHA512:
6
- metadata.gz: c6d5969f1a17b78fdbb48d5f2e0df38e0caa4c32fa72b3dea0c479b97c864cc8ae2c98c53067b20805b00c80e90046471c1304270ee3ec34133f43013be515a0
7
- data.tar.gz: 81e507d2834565420bbf7e6bbbbfb1bdad76340c718fa40c393fe68cdab4505bf949577821570b93441b11149ff7567cecc01e1993f00ff5285f38f7d3d30cc4
6
+ metadata.gz: 53bc94afc3f4ba64384ab4687360145999361a66c2eaedfe28e7981e081af42b7c8b2948f7bd1c07c6caaac426b578ee7715e7fea7a69bf22c98a02bd13ced35
7
+ data.tar.gz: 144c25d86f781acd2a03316bbf94901c34ba6d6d7e7ea830674a7d2d13df477e80cffa45fe28ac89dcf1734e678163c135c8b0a225a65bd4d8bd307874d19d5e
data/README.md CHANGED
@@ -5,14 +5,14 @@ of Foreman based infrastructure.
5
5
 
6
6
  + Current features:
7
7
  + Centralized policy management
8
+ + Set-up organization defined targeting (connect set of system, a policy and time schedule)
9
+ + Set-up periodical audits
10
+ + Search for not audited systems
8
11
  + Collect & achieve OpenSCAP audit results from your infrastructure
9
12
  + Display audit results
10
13
  + Search audit results
11
14
  + Search for non-compliant systems
12
15
  + Future features:
13
- + Set-up organization defined targeting (connect set of system, a policy and time schedule)
14
- + Set-up periodical audits
15
- + Search for not audited systems
16
16
  + Comparison of audit results
17
17
  + Waive known issues (one-time waivers, re-occurring, waivers)
18
18
  + Ad-hoc audit of given machine
@@ -20,7 +20,21 @@ of Foreman based infrastructure.
20
20
  + Vulnerability Assessment (processing OVAL CVE streams)
21
21
  + E-mail notifications
22
22
 
23
- ## Installation
23
+ ## Installation from RPMS
24
+
25
+ - Install Foreman from [upstream](http://theforeman.org/)
26
+
27
+ - Install foreman-proxy_openscap to all your foreman-proxies from [upstream](https://github.com/OpenSCAP/foreman-proxy_openscap)
28
+
29
+ - Enable [isimluk/OpenSCAP](https://copr.fedoraproject.org/coprs/isimluk/OpenSCAP/) COPR repository
30
+
31
+ - Install Foreman_OpenSCAP
32
+
33
+ ```
34
+ yum install rubygem-foreman_openscap ruby193-rubygem-foreman_openscap
35
+ ```
36
+
37
+ ## Installation from upstream git
24
38
 
25
39
  - Install Foreman from [upstream](http://theforeman.org/)
26
40
  - Install SCAPtimony from [upstream](https://github.com/OpenSCAP/scaptimony)
@@ -36,7 +50,7 @@ of Foreman based infrastructure.
36
50
  ```
37
51
  $ cd foreman_openscap
38
52
  $ gem build foreman_openscap.gemspec
39
- # yum install yum-utils rpm-build scl-utils scl-utils-build ruby193-rubygems-devel
53
+ # yum install yum-utils rpm-build scl-utils scl-utils-build ruby193-rubygems-devel ruby193-build ruby193
40
54
  # yum-builddep extra/rubygem-foreman_openscap.spec
41
55
  $ rpmbuild --define "_sourcedir `pwd`" --define "scl ruby193" -ba extra/rubygem-foreman_openscap.spec
42
56
  ```
@@ -44,7 +58,7 @@ of Foreman based infrastructure.
44
58
  - Install foreman_openscap RPM
45
59
 
46
60
  ```
47
- # yum local install ~/rpmbuild/RPMS/noarch/ruby193-rubygem-foreman_openscap-*.noarch.rpm
61
+ # yum localinstall ~/rpmbuild/RPMS/noarch/ruby193-rubygem-foreman_openscap-*.noarch.rpm
48
62
  # service foreman restart
49
63
  ```
50
64
 
@@ -0,0 +1,3 @@
1
+ $(function() {
2
+ period_selected($("#policy_period")[0]);
3
+ });
@@ -0,0 +1,37 @@
1
+ function scap_content_selected(element){
2
+ var attrs = attribute_hash(['scap_content_id']);
3
+ var url = $(element).attr('data-url');
4
+ $(element).indicator_show();
5
+ $.ajax({
6
+ data: attrs,
7
+ type: 'post',
8
+ url: url,
9
+ complete: function() { $(element).indicator_hide();},
10
+ success: function(request) {
11
+ $('#scap_content_profile_select').html(request);
12
+ }
13
+ })
14
+ }
15
+
16
+ function previous_step(previous) {
17
+ $('#policy_current_step').val(previous);
18
+ return false;
19
+ }
20
+
21
+ function period_selected(period) {
22
+ $("#policy_weekday, #policy_day_of_month, #policy_cron_line").closest("div.clearfix").hide();
23
+ switch($(period).val()) {
24
+ case 'weekly':
25
+ field = "#policy_weekday";
26
+ break;
27
+ case 'monthly':
28
+ field = "#policy_day_of_month";
29
+ break;
30
+ case 'custom':
31
+ field = "#policy_cron_line";
32
+ break;
33
+ default:
34
+ field = "";
35
+ }
36
+ $(field).closest("div.clearfix").show();
37
+ }
@@ -0,0 +1,7 @@
1
+ .show-pane {
2
+ display: block;
3
+ }
4
+
5
+ .hide-pane {
6
+ display: none;
7
+ }
@@ -13,7 +13,7 @@ require 'foreman_openscap/helper'
13
13
 
14
14
  module Api
15
15
  module V2
16
- module Openscap
16
+ module Compliance
17
17
 
18
18
  class ArfReportsController < V2::BaseController
19
19
  include Api::Version2
@@ -21,16 +21,17 @@ module Api
21
21
 
22
22
  add_puppetmaster_filters :create
23
23
 
24
- api :POST, "/arf/:cname/:policy_name/:date", N_("Upload an ARF report")
24
+ api :POST, "/arf/:cname/:policy_id/:date", N_("Upload an ARF report")
25
25
  param :cname, :identifier, :required => true
26
- param :policy_name, :identifier, :required => true
26
+ param :policy_id, :identifier, :required => true
27
27
  param :date, :identifier, :required => true
28
28
 
29
29
  def create
30
30
  asset = ForemanOpenscap::Helper::get_asset(params[:cname])
31
31
  arf_bzip2 = request.body.read
32
- received = Scaptimony::ArfReportsHelper.create_arf(asset, params, arf_bzip2)
33
- render :json => { :result => :OK, :received => received }
32
+ arf_bzip2_size = request.body.size
33
+ Scaptimony::ArfReportsHelper.create_arf(asset, params, arf_bzip2, arf_bzip2_size)
34
+ render :json => { :result => :OK, :received => arf_bzip2_size }
34
35
  end
35
36
 
36
37
  def check_content_type
@@ -1,25 +1,28 @@
1
1
  class ScaptimonyArfReportsController < ApplicationController
2
2
  include Foreman::Controller::AutoCompleteSearch
3
3
 
4
- before_filter :find_by_id, :only => [:show, :destroy]
4
+ before_filter :find_by_id, :only => [:show, :parse, :destroy]
5
5
 
6
6
  def model_of_controller
7
7
  ::Scaptimony::ArfReport
8
8
  end
9
9
 
10
- # GET /scaptimony/arf_reports
11
10
  def index
12
- @arf_reports = resource_base.search_for(params[:search], :order => params[:order]).paginate(:page => params[:page], :per_page => params[:per_page])
11
+ @arf_reports = resource_base.includes(:arf_report_breakdown, :asset)
12
+ .search_for(params[:search], :order => params[:order])
13
+ .paginate(:page => params[:page], :per_page => params[:per_page])
13
14
  end
14
15
 
15
- # GET /scaptimony/arf_reports/1
16
16
  def show
17
- self.response_body = @arf_report
17
+ end
18
+
19
+ def parse
20
+ self.response_body = @arf_report.to_html
18
21
  end
19
22
 
20
23
  def destroy
21
24
  if @arf_report.destroy
22
- process_success :success_redirect => scaptimony_arf_reports_path
25
+ process_success
23
26
  else
24
27
  process_error
25
28
  end
@@ -1,14 +1,20 @@
1
1
  class ScaptimonyPoliciesController < ApplicationController
2
2
  include Foreman::Controller::AutoCompleteSearch
3
- before_filter :find_by_id, :only => [:show, :edit, :update, :destroy]
3
+ before_filter :find_by_id, :only => [:show, :edit, :update, :parse, :destroy]
4
+ before_filter :find_multiple, :only => [:select_multiple_hosts, :update_multiple_hosts]
4
5
 
5
6
  def model_of_controller
6
7
  ::Scaptimony::Policy
7
8
  end
8
9
 
9
- # GET /scaptimony/policies
10
10
  def index
11
- @policies = resource_base.search_for(params[:search])
11
+ @policies = resource_base
12
+ .search_for(params[:search], :order => params[:order])
13
+ .paginate(:page => params[:page], :per_page => params[:per_page])
14
+ .includes(:scap_content, :scap_content_profile)
15
+ if @policies.empty? && Scaptimony::ScapContent.unconfigured?
16
+ redirect_to new_scaptimony_scap_content_path
17
+ end
12
18
  end
13
19
 
14
20
  def new
@@ -16,38 +22,64 @@ class ScaptimonyPoliciesController < ApplicationController
16
22
  end
17
23
 
18
24
  def show
19
- self.response_body = ::Scaptimony::GuideGenerator.new @policy
25
+ end
26
+
27
+ def parse
28
+ self.response_body = @policy.to_html
20
29
  end
21
30
 
22
31
  def create
23
32
  @policy = ::Scaptimony::Policy.new(params[:policy])
24
- if @policy.save
33
+ if @policy.wizard_completed? && @policy.save
25
34
  process_success :success_redirect => scaptimony_policies_path
26
35
  else
27
- process_error
36
+ if @policy.valid?
37
+ render 'new' and return
38
+ else
39
+ @policy.rewind_step
40
+ process_error :object => @policy
41
+ end
28
42
  end
29
43
  end
30
44
 
45
+ def edit
46
+ end
47
+
31
48
  def update
32
49
  if @policy.update_attributes(params[:policy])
33
50
  process_success :success_redirect => scaptimony_policies_path
34
51
  else
35
- process_error
52
+ process_error :object => @policy
36
53
  end
37
54
  end
38
55
 
39
56
  def destroy
40
57
  if @policy.destroy
41
- process_success :success_redirect => scaptimony_policies_path
58
+ process_success
42
59
  else
43
- process_error
60
+ process_error :object => @policy
44
61
  end
45
62
  end
46
63
 
47
64
  def scap_content_selected
48
- if params[:scap_content_id] and @scap_content = ::Scaptimony::ScapContent.find(params[:scap_content_id])
65
+ if params[:scap_content_id] && (@scap_content = ::Scaptimony::ScapContent.find(params[:scap_content_id]))
49
66
  @policy ||= ::Scaptimony::Policy.new
50
- render :partial => 'scap_content_results', :locals => { :policy => @policy }
67
+ render :partial => 'scap_content_results', :locals => {:policy => @policy}
68
+ end
69
+ end
70
+
71
+ def select_multiple_hosts; end
72
+
73
+ def update_multiple_hosts
74
+ if (id = params['policy']['id'])
75
+ policy = ::Scaptimony::Policy.find(id)
76
+ policy.assign_hosts @hosts
77
+ notice _("Updated hosts: Assigned with compliance policy: #{policy.name}")
78
+ # We prefer to go back as this does not lose the current search
79
+ redirect_to hosts_path
80
+ else
81
+ error _('No compliance policy selected.')
82
+ redirect_to(select_multiple_hosts_scaptimony_policies_path)
51
83
  end
52
84
  end
53
85
 
@@ -55,4 +87,33 @@ class ScaptimonyPoliciesController < ApplicationController
55
87
  def find_by_id
56
88
  @policy = resource_base.find(params[:id])
57
89
  end
90
+
91
+ def find_multiple
92
+ # Lets search by name or id and make sure one of them exists first
93
+ if params[:host_ids].present?
94
+ @hosts = Host.where("id IN (?)", params[:host_ids])
95
+ if @hosts.empty?
96
+ error _('No hosts were found.')
97
+ redirect_to(hosts_path) and return false
98
+ end
99
+ else
100
+ error _('No hosts selected')
101
+ redirect_to(hosts_path) and return false
102
+ end
103
+ return @hosts
104
+ rescue => e
105
+ error _("Something went wrong while selecting hosts - %s") % (e)
106
+ logger.debug e.message
107
+ logger.debug e.backtrace.join("\n")
108
+ redirect_to hosts_path and return false
109
+ end
110
+
111
+ def action_permission
112
+ case params[:action]
113
+ when 'parse'
114
+ :view
115
+ else
116
+ super
117
+ end
118
+ end
58
119
  end
@@ -8,15 +8,14 @@
8
8
  # along with this software; if not, see http://www.gnu.org/licenses/gpl.txt
9
9
  #
10
10
 
11
- module ::Scaptimony
12
- class AuditableHost < ActiveRecord::Base
13
- # Links Foreman's Host table with SCAPtimony's Asset table
14
- belongs_to :asset, :inverse_of => :auditable_host
15
- belongs_to_host :inverse_of => :auditable_host
16
- end
11
+ class ScaptimonyPolicyDashboardController < ApplicationController
12
+ before_filter :prefetch_data, :only => :index
13
+
14
+ def index; end
17
15
 
18
- class Asset < ActiveRecord::Base
19
- has_one :auditable_host, :inverse_of => :asset
20
- has_one :host, :through => :auditable_host
16
+ def prefetch_data
17
+ @policy = ::Scaptimony::Policy.find(params[:id])
18
+ dashboard = Scaptimony::PolicyDashboard::Data.new(@policy, params[:search])
19
+ @report = dashboard.report
21
20
  end
22
21
  end
@@ -1,20 +1,22 @@
1
1
  class ScaptimonyScapContentsController < ApplicationController
2
2
  include Foreman::Controller::AutoCompleteSearch
3
- before_filter :handle_file_upload, :only => [:create]
4
- before_filter :find_by_id, :only => [:show, :edit, :update]
3
+ before_filter :handle_file_upload, :only => [:create, :update]
4
+ before_filter :find_by_id, :only => [:show, :edit, :update, :destroy]
5
5
 
6
6
  def model_of_controller
7
7
  ::Scaptimony::ScapContent
8
8
  end
9
9
 
10
- # GET /scaptimony/scap_contents
11
10
  def index
12
11
  @contents = resource_base.search_for(params[:search])
12
+ if Scaptimony::ScapContent.all.count == 0
13
+ redirect_to :action => :new
14
+ end
13
15
  end
14
16
 
15
17
  def show
16
- send_file @scaptimony_scap_content.path,
17
- :type => "application/xml",
18
+ send_data @scaptimony_scap_content.scap_file,
19
+ :type => 'application/xml',
18
20
  :filename => @scaptimony_scap_content.original_filename
19
21
  end
20
22
 
@@ -22,33 +24,40 @@ class ScaptimonyScapContentsController < ApplicationController
22
24
  @scaptimony_scap_content = ::Scaptimony::ScapContent.new
23
25
  end
24
26
 
25
- # POST /scaptimony/scap_contents
26
27
  def create
27
28
  @scaptimony_scap_content = ::Scaptimony::ScapContent.new(params[:scap_content])
28
- if @scaptimony_scap_content.store
29
- process_success :success_redirect => scaptimony_scap_contents_path
29
+ if @scaptimony_scap_content.save
30
+ process_success
30
31
  else
31
32
  process_error
32
33
  end
33
34
  end
34
35
 
35
- def handle_file_upload
36
- return unless params[:scap_content] and
37
- t = params[:scap_content][:scap_file]
38
- params[:scap_content][:original_filename] = t.original_filename
39
- params[:scap_content][:scap_file] = t.read if t.respond_to?(:read)
40
- end
41
-
42
36
  def update
43
37
  if @scaptimony_scap_content.update_attributes(params[:scap_content])
44
- process_success :success_redirect => scaptimony_scap_contents_path
38
+ process_success
45
39
  else
46
40
  process_error
47
41
  end
48
42
  end
49
43
 
44
+ def destroy
45
+ if @scaptimony_scap_content.destroy
46
+ process_success
47
+ else
48
+ process_error :object => @scaptimony_scap_content
49
+ end
50
+ end
51
+
50
52
  private
51
53
  def find_by_id
52
54
  @scaptimony_scap_content = resource_base.find(params[:id])
53
55
  end
56
+
57
+ def handle_file_upload
58
+ return unless params[:scap_content] && scap_raw_file = params[:scap_content][:scap_file]
59
+ params[:scap_content][:original_filename] = scap_raw_file.original_filename
60
+ params[:scap_content][:scap_file] = scap_raw_file.tempfile.read if scap_raw_file.tempfile.respond_to?(:read)
61
+ end
62
+
54
63
  end
@@ -3,12 +3,11 @@ module ForemanOpenscap
3
3
  extend ActiveSupport::Concern
4
4
 
5
5
  included do
6
- # execute callbacks
6
+ alias_method_chain :multiple_actions, :scap
7
7
  end
8
8
 
9
- # create or overwrite instance methods...
10
- def instance_method_name
9
+ def multiple_actions_with_scap
10
+ multiple_actions_without_scap << [_('Assign Compliance Policy'), select_multiple_hosts_scaptimony_policies_path]
11
11
  end
12
12
  end
13
-
14
13
  end
@@ -4,4 +4,26 @@ module ScaptimonyPoliciesHelper
4
4
  return @policy.scap_content.scap_content_profiles unless @policy.scap_content.blank?
5
5
  return []
6
6
  end
7
+
8
+ def submit_or_cancel_policy(form, overwrite = nil, args = { })
9
+ args[:cancel_path] ||= send("#{controller_name}_path")
10
+ content_tag(:div, :class => "clearfix") do
11
+ content_tag(:div, :class => "form-actions") do
12
+ text = overwrite ? overwrite : _("Submit")
13
+ options = {:class => "btn btn-primary"}
14
+ options.merge! :'data-id' => form_to_submit_id(form) unless options.has_key?(:'data-id')
15
+ previous = form.object.first_step? ? ' ' : previous_link(form)
16
+ link_to(_("Cancel"), args[:cancel_path], :class => "btn btn-default") + previous +
17
+ form.submit(text, options)
18
+ end
19
+ end
20
+ end
21
+
22
+ def show_partial_wizard(step)
23
+ @policy.current_step == step ? 'show-pane' : 'hide-pane'
24
+ end
25
+
26
+ def previous_link(form)
27
+ (' ' + form.submit(_('Previous'), :class => 'btn btn-default', :onclick => "previous_step('#{@policy.previous_step}')") + ' ').html_safe
28
+ end
7
29
  end