foreman_openscap 0.5.0 → 0.5.1

data/db/migrate/20150929152345_move_arf_reports_to_reports_table.rb

@@ -20,7 +20,7 @@ class MoveArfReportsToReportsTable < ActiveRecord::Migration
       #reported_at attribute must be unique
       reported_at = DateTime.strptime(item["created_at"], "%Y-%m-%d %H:%M:%S")
 
-      reported_at += 1.seconds until arfs_by_reported(reported_at).empty?
+      reported_at += 1.second until arfs_by_reported(reported_at).empty?
 
       arf = ForemanOpenscap::ArfReport.create!(:metrics => metrics,
                                                :reported_at => reported_at,

data/db/migrate/20151023131950_link_arf_report_directly_to_host.rb

@@ -1,17 +1,21 @@
 class LinkArfReportDirectlyToHost < ActiveRecord::Migration
   def up
-    ForemanOpenscap::ArfReport.all.each do |report|
-      asset = ForemanOpenscap::Asset.where(:id => report.host_id).first
-      report.host_id = asset.host.id
-      report.save!
+    ForemanOpenscap::ArfReport.find_in_batches do |batch|
+      batch.each do |report|
+        asset = ForemanOpenscap::Asset.find(:id => report.host_id)
+        report.host_id = asset.host.id
+        report.save!
+      end
     end
   end
 
   def down
-    ForemanOpenscap::ArfReport.all.each do |report|
-      asset = ForemanOpenscap::Asset.where(:assetable_id => report.host_id, :assetable_type => 'Host::Base').first
-      report.host_id = asset.id
-      report.save!
+    ForemanOpenscap::ArfReport.find_in_batches do |batch|
+      batch.all.each do |report|
+        asset = ForemanOpenscap::Asset.find(:assetable_id => report.host_id, :assetable_type => 'Host::Base')
+        report.host_id = asset.id
+        report.save!
+      end
     end
   end
 end

data/db/migrate/20151118165125_add_size_to_scap_content.rb

@@ -0,0 +1,5 @@
+class AddSizeToScapContent < ActiveRecord::Migration
+  def change
+    change_column :foreman_openscap_scap_contents, :scap_file, :binary, :limit => 16.megabyte
+  end
+end

data/db/migrate/20151119155419_add_arf_fields_to_message.rb

@@ -0,0 +1,8 @@
+class AddArfFieldsToMessage < ActiveRecord::Migration
+  def change
+    add_column :messages, :description, :text
+    add_column :messages, :rationale, :text
+    add_column :messages, :scap_references, :text
+    add_column :messages, :severity, :string
+  end
+end

data/db/migrate/20151120090851_add_openscap_proxy_to_host_and_hostgroup.rb

@@ -0,0 +1,25 @@
+class AddOpenscapProxyToHostAndHostgroup < ActiveRecord::Migration
+  def up
+    add_column :hostgroups, :openscap_proxy_id, :integer
+    add_column :hosts, :openscap_proxy_id, :integer
+    add_column :reports, :openscap_proxy_id, :integer
+
+    #to ensure backward compatiblity
+    #this relies on the fact that only one scap proxy was registered
+    #because there has not been support for multiple scap proxies
+    reports = ForemanOpenscap::ArfReport.where(:openscap_proxy_id => nil)
+    scap_proxy = SmartProxy.with_features("Openscap").first
+    unless scap_proxy.nil?
+      reports.each do |report|
+        report.openscap_proxy = scap_proxy
+        report.save!
+      end
+    end
+  end
+
+  def down
+    remove_column :hostgroups, :openscap_proxy_id, :integer
+    remove_column :hosts, :openscap_proxy_id, :integer
+    remove_column :reports, :openscap_proxy_id
+  end
+end

data/db/seeds.d/openscap_feature.rb

@@ -1,2 +1,2 @@
 f = Feature.find_or_create_by_name('Openscap')
-raise "Unable to create proxy feature: #{format_errors f}" if f.nil? || f.errors.any?
+fail "Unable to create proxy feature: #{format_errors f}" if f.nil? || f.errors.any?

data/db/seeds.d/openscap_scap_default.rb

@@ -1,2 +1,2 @@
 require 'foreman_openscap/bulk_upload'
-ForemanOpenscap::BulkUpload.new(true).generate_scap_default_content
+ForemanOpenscap::BulkUpload.new(true).generate_scap_default_content

data/lib/foreman_openscap/bulk_upload.rb

@@ -2,7 +2,7 @@ require 'digest/sha2'
 module ForemanOpenscap
   class BulkUpload
     attr_accessor :from_scap_security_guide
-    def initialize(from_scap_security_guide=false)
+    def initialize(from_scap_security_guide = false)
       @from_scap_security_guide = from_scap_security_guide
     end
 
@@ -25,17 +25,16 @@ module ForemanOpenscap
         title = content_name(datastream)
         filename = original_filename(datastream)
         scap_content = ScapContent.where(:title => title, :digest => digest).first_or_initialize
-        unless scap_content.persisted?
-          scap_content.scap_file = file
-          scap_content.original_filename = filename
-          scap_content.location_ids = Location.all.map(&:id) if SETTINGS[:locations_enabled]
-          scap_content.organization_ids = Organization.all.map(&:id) if SETTINGS[:organizations_enabled]
-          next puts "## SCAP content is invalid: #{scap_content.errors.full_messages.uniq.join(',')} ##" unless scap_content.valid?
-          if scap_content.save
-            puts "Saved #{datastream} as #{scap_content.title}"
-          else
-            puts "Failed saving #{datastream}"
-          end
+        next if scap_content.persisted?
+        scap_content.scap_file = file
+        scap_content.original_filename = filename
+        scap_content.location_ids = Location.all.map(&:id) if SETTINGS[:locations_enabled]
+        scap_content.organization_ids = Organization.all.map(&:id) if SETTINGS[:organizations_enabled]
+        next puts "## SCAP content is invalid: #{scap_content.errors.full_messages.uniq.join(',')} ##" unless scap_content.valid?
+        if scap_content.save
+          puts "Saved #{datastream} as #{scap_content.title}"
+        else
+          puts "Failed saving #{datastream}"
         end
       end
     end

data/lib/foreman_openscap/engine.rb

@@ -52,7 +52,7 @@ module ForemanOpenscap
                                                           :parse_bzip, :auto_complete_search],
                                          'api/v2/compliance/arf_reports' => [:index, :show],
                                          :compliance_hosts => [:show]}
-          permission :destroy_arf_reports, {:arf_reports => [:destroy],
+          permission :destroy_arf_reports, {:arf_reports => [:destroy, :delete_multiple, :submit_delete_multiple],
                                             'api/v2/compliance/arf_reports' => [:destroy]}
           permission :create_arf_reports, {'api/v2/compliance/arf_reports' => [:create]}
 
@@ -86,6 +86,8 @@ module ForemanOpenscap
           permission :destroy_scap_contents, {:scap_contents => [:destroy],
                                                          'api/v2/compliance/scap_contents' => [:destroy]},
                      :resource_type => 'ForemanOpenscap::ScapContent'
+          permission :edit_hosts, { :hosts => [:openscap_proxy_changed] }, :resource_type => "Host"
+          permission :edit_hostgroups, { :hostgroups => [:openscap_proxy_changed] }, :resource_type => "Hostgroup"
         end
 
         role "Compliance viewer", [:view_arf_reports, :view_policies, :view_scap_contents]
@@ -97,13 +99,13 @@ module ForemanOpenscap
         #add menu entries
         divider :top_menu, :caption => N_('Compliance'), :parent => :hosts_menu
         menu :top_menu, :compliance_policies, :caption => N_('Policies'),
-             :url_hash => {:controller => :'policies', :action => :index},
+             :url_hash => {:controller => :policies, :action => :index},
              :parent => :hosts_menu
         menu :top_menu, :compliance_contents, :caption => N_('SCAP contents'),
-             :url_hash => {:controller => :'scap_contents', :action => :index},
+             :url_hash => {:controller => :scap_contents, :action => :index},
              :parent => :hosts_menu
         menu :top_menu, :compliance_reports, :caption => N_('Reports'),
-             :url_hash => {:controller => :'arf_reports', :action => :index},
+             :url_hash => {:controller => :arf_reports, :action => :index},
              :parent => :hosts_menu
 
         # add dashboard widget
@@ -114,22 +116,31 @@ module ForemanOpenscap
 
         # As 'arf_report_breakdowns' is a view and does not appear in schema.rb, db:test:prepare will not create the view
         # which will make the following tests fail.
-        tests_to_skip ({
-                          "DashboardIntegrationTest" => ["dashboard page", "dashboard link hosts that had performed modifications",
-                                              "dashboard link hosts in error state", "dashboard link good host reports",
-                                              "dashboard link hosts that had pending changes", "dashboard link out of sync hosts",
-                                              "dashboard link hosts with no reports", "dashboard link hosts with alerts disabled",
-                                              "widgets not in dashboard show up in list"]
-                      })
+        tests_to_skip({ "DashboardIntegrationTest" => ["dashboard page", "dashboard link hosts that had performed modifications",
+                           "dashboard link hosts in error state", "dashboard link good host reports",
+                           "dashboard link hosts that had pending changes", "dashboard link out of sync hosts",
+                           "dashboard link hosts with no reports", "dashboard link hosts with alerts disabled",
+                           "widgets not in dashboard show up in list"]
+                     })
       end
     end
 
     #Include concerns in this config.to_prepare block
     config.to_prepare do
+      Host::Managed.send(:include, ForemanOpenscap::OpenscapProxyExtensions)
+      Host::Managed.send(:include, ForemanOpenscap::OpenscapProxyCoreExtensions)
       Host::Managed.send(:include, ForemanOpenscap::HostExtensions)
       HostsHelper.send(:include, ForemanOpenscap::HostsHelperExtensions)
       Hostgroup.send(:include, ForemanOpenscap::HostgroupExtensions)
+      Hostgroup.send(:include, ForemanOpenscap::OpenscapProxyExtensions)
+      Hostgroup.send(:include, ForemanOpenscap::OpenscapProxyCoreExtensions)
       Report.send(:include, ForemanOpenscap::ComplianceStatusScopedSearch)
+      SmartProxy.send(:include, ForemanOpenscap::SmartProxyExtensions)
+      HostsController.send(:include, ForemanOpenscap::HostsControllerExtensions)
+      HostsController.send(:include, ForemanOpenscap::HostsCommonControllerExtensions)
+      HostgroupsController.send(:include, ForemanOpenscap::HostgroupsControllerExtensions)
+      HostgroupsController.send(:include, ForemanOpenscap::HostsCommonControllerExtensions)
+      Log.send(:include, ForemanOpenscap::LogExtensions)
     end
 
     rake_tasks do

data/lib/foreman_openscap/helper.rb

@@ -35,7 +35,7 @@ module ForemanOpenscap::Helper
     unless host
       Rails.logger.error "Could not find Host with name: #{cname}"
       Rails.logger.error "Please check that Content host is linked to Foreman host" if defined?(Katello::System)
-      raise ActiveRecord::RecordNotFound
+      fail ActiveRecord::RecordNotFound
     end
     host
   end

data/lib/foreman_openscap/version.rb

@@ -1,3 +1,3 @@
 module ForemanOpenscap
-  VERSION = "0.5.0"
+  VERSION = "0.5.1"
 end

data/lib/tasks/foreman_openscap_tasks.rake

@@ -37,7 +37,7 @@ namespace :test do
   desc "Test ForemanOpenscap"
   Rake::TestTask.new(:foreman_openscap) do |t|
     test_dir = File.join(File.dirname(__FILE__), '../..', 'test')
-    t.libs << ["test",test_dir]
+    t.libs << ["test", test_dir]
     t.pattern = "#{test_dir}/**/*_test.rb"
     t.verbose = true
   end
@@ -48,8 +48,9 @@ Rake::Task[:test].enhance do
 end
 
 load 'tasks/jenkins.rake'
-if Rake::Task.task_defined?(:'jenkins:setup')
+if Rake::Task.task_defined?(:'jenkins:unit')
   Rake::Task["jenkins:unit"].enhance do
     Rake::Task['test:foreman_openscap'].invoke
+    Rake::Task['foreman_openscap:rubocop'].invoke
   end
 end

data/test/factories/arf_report_factory.rb

@@ -3,7 +3,8 @@ FactoryGirl.define do
     host_id 1
     policy nil
     policy_arf_report nil
-    sequence(:reported_at) { |n| Time.new(1490 + n, 01, 13, 15, 24, 00)}
+    sequence(:reported_at) { |n| Time.new(1490 + n, 01, 13, 15, 24, 00) }
+    sequence(:created_at) { |n| Time.new(1490 + n, 01, 13, 15, 24, 00) }
     logs []
     status 0
     metrics {}

data/test/factories/compliance_host_factory.rb

@@ -3,6 +3,7 @@ FactoryGirl.define do
     sequence(:name) { |n| "host#{n}" }
     sequence(:hostname) { |n| "hostname#{n}" }
     root_pass 'xybxa6JUkz63w'
+    openscap_proxy FactoryGirl.build(:smart_proxy, :url => "http://test.org:8080")
     policies []
     asset nil
   end

data/test/factories/scap_content_related.rb

@@ -4,7 +4,7 @@ FactoryGirl.define do
   factory :scap_content, :class => ::ForemanOpenscap::ScapContent do |f|
     f.title 'fedora'
     f.original_filename 'fedora ds'
-    f.scap_file { File.new('../foreman_openscap/test/files/scap_contents/ssg-fedora-ds.xml', 'rb').read }
+    f.scap_file { File.new("#{ForemanOpenscap::Engine.root}/test/files/scap_contents/ssg-fedora-ds.xml", 'rb').read }
   end
 
   factory :scap_content_profile, :class => ::ForemanOpenscap::ScapContentProfile do |f|

data/test/functional/api/v2/compliance/arf_reports_controller_test.rb

@@ -4,8 +4,8 @@ class Api::V2::Compliance::ArfReportsControllerTest < ActionController::TestCase
   setup do
     # override validation of policy (puppetclass, lookup_key overrides)
     ForemanOpenscap::Policy.any_instance.stubs(:valid?).returns(true)
-    @asset = FactoryGirl.create(:asset)
-    @report = FactoryGirl.create(:arf_report, :asset => @asset)
+    @host = FactoryGirl.create(:compliance_host)
+    @report = FactoryGirl.create(:arf_report, :host_id => @host.id)
   end
   test "should get index" do
     get :index, {}, set_session_user
@@ -22,4 +22,4 @@ class Api::V2::Compliance::ArfReportsControllerTest < ActionController::TestCase
     refute response['othered'].blank?
     assert_response :success
   end
-end
+end

data/test/functional/api/v2/compliance/policies_controller_test.rb

@@ -62,4 +62,4 @@ class Api::V2::Compliance::PoliciesControllerTest < ActionController::TestCase
     assert(@response.header['Content-Type'], 'application/xml')
     assert_response :success
   end
-end
+end

data/test/functional/api/v2/compliance/scap_contents_controller_test.rb

@@ -33,7 +33,7 @@ class Api::V2::Compliance::ScapContentsControllerTest < ActionController::TestCa
     assert scap_content.title, 'RHEL7 SCAP'
   end
 
-  test "should not update invalid scap content"  do
+  test "should not update invalid scap content" do
     skip("Solve 'ActiveRecord::RecordInvalid' error")
     ProxyAPI::Openscap.any_instance.stubs(:validate_scap_content).returns({'errors' => ['Invalid file']})
     scap_content = FactoryGirl.create(:scap_content)
@@ -47,4 +47,4 @@ class Api::V2::Compliance::ScapContentsControllerTest < ActionController::TestCa
     assert_response :ok
     refute ForemanOpenscap::ScapContent.exists?(scap_content.id)
   end
-end
+end

data/test/functional/arf_reports_controller_test.rb

@@ -0,0 +1,21 @@
+require 'test_plugin_helper'
+
+class ArfReportsControllerTest < ActionController::TestCase
+
+  test "should delete selected reports" do
+    host = FactoryGirl.create(:compliance_host)
+    ForemanOpenscap::Helper.stubs(:find_name_or_uuid_by_host)
+    ::ProxyAPI::Openscap.any_instance.stubs(:destroy_report).returns(true)
+    ForemanOpenscap::ArfReport.any_instance.stubs(:openscap_proxy).returns(host.openscap_proxy)
+    arf_reports = []
+    3.times do
+      arf_reports << FactoryGirl.create(:arf_report, :host_id => host.id)
+    end
+    last_arf = arf_reports[-1]
+    assert_difference("ForemanOpenscap::ArfReport.count", -2) do
+      post :submit_delete_multiple, { :arf_report_ids => arf_reports[0..-2].map(&:id) }, set_session_user
+    end
+    assert_redirected_to arf_reports_path
+    assert_equal last_arf, ForemanOpenscap::ArfReport.first
+  end
+end

data/test/lib/foreman_openscap/bulk_upload_test.rb

@@ -6,11 +6,11 @@ class BulkUploadTest < ActiveSupport::TestCase
   end
 
   test 'upload_from_files should create only one scap content' do
-    scap_files = ['../foreman_openscap/test/files/scap_contents/ssg-fedora-ds.xml']
+    scap_files = ["#{ForemanOpenscap::Engine.root}/test/files/scap_contents/ssg-fedora-ds.xml"]
     assert_difference('ForemanOpenscap::ScapContent.count', 1) do
       2.times do
         ForemanOpenscap::BulkUpload.new.upload_from_files(scap_files)
       end
     end
   end
-end
+end

data/test/test_plugin_helper.rb

@@ -13,7 +13,7 @@ Spork.each_run do
 
     def add_smart_proxy
       FactoryGirl.create(:smart_proxy, :url => 'http://localhost:8443', :features => [FactoryGirl.create(:feature, :name => 'Openscap')])
-      ::ProxyAPI::Features.any_instance.stubs(:features).returns(['puppet', 'openscap'])
+      ::ProxyAPI::Features.any_instance.stubs(:features).returns(%w(puppet openscap))
       ProxyAPI::Openscap.any_instance.stubs(:validate_scap_content).returns({'errors' => []})
       ProxyAPI::Openscap.any_instance.stubs(:fetch_policies_for_scap_content)
           .returns({'xccdf_org.ssgproject.content_profile_common' => 'Common Profile for General-Purpose Fedora Systems'})
@@ -27,7 +27,7 @@ Spork.each_run do
 
     def add_smart_proxy
       FactoryGirl.create(:smart_proxy, :url => 'http://localhost:8443', :features => [FactoryGirl.create(:feature, :name => 'Openscap')])
-      ::ProxyAPI::Features.any_instance.stubs(:features).returns(['puppet', 'openscap'])
+      ::ProxyAPI::Features.any_instance.stubs(:features).returns(%w(puppet openscap))
       ProxyAPI::Openscap.any_instance.stubs(:validate_scap_content).returns({'errors' => []})
       ProxyAPI::Openscap.any_instance.stubs(:fetch_policies_for_scap_content)
           .returns({'xccdf_org.ssgproject.content_profile_common' => 'Common Profile for General-Purpose Fedora Systems'})

data/test/unit/arf_report_test.rb

@@ -71,7 +71,8 @@ module ForemanOpenscap
     end
 
     test 'should recognize report that passed' do
-      @status[:failed], @status[:othered] = 0, 0
+      @status[:failed] = 0
+      @status[:othered] = 0
       report = FactoryGirl.create(:arf_report, :host_id => @host.id, :status => @status)
       assert report.passed?
     end
@@ -144,5 +145,15 @@ module ForemanOpenscap
         @passed_reports.each { |pass| assert ForemanOpenscap::ArfReport.passed.include?(pass) }
       end
     end
+
+    test 'should destroy report' do
+      openscap_proxy_api = ::ProxyAPI::Openscap.new(:url => 'https://test-proxy.com:9090')
+      openscap_proxy_api.stubs(:destroy_report).returns(true)
+      ForemanOpenscap::Helper.stubs(:find_name_or_uuid_by_host).returns("abcde")
+      ForemanOpenscap::ArfReport.any_instance.stubs(:openscap_proxy_api).returns(openscap_proxy_api)
+      report = FactoryGirl.create(:arf_report, :policy => @policy, :host_id => @host.id, :logs => [@log_1, @log_2])
+      report.destroy
+      refute ForemanOpenscap::ArfReport.all.include? report
+    end
   end
 end

data/test/unit/compliance_status_test.rb

@@ -7,12 +7,13 @@ class ComplianceStatusTest < ActiveSupport::TestCase
     ForemanOpenscap::Policy.any_instance.stubs(:ensure_needed_puppetclasses).returns(true)
     @policy_a = FactoryGirl.create(:policy)
     @policy_b = FactoryGirl.create(:policy)
-    @failed_report = FactoryGirl.create(:arf_report)
+    @host = FactoryGirl.create(:compliance_host)
+    @failed_report = FactoryGirl.create(:arf_report, :host_id => @host.id)
     @failed_report.stubs(:failed?).returns(true)
-    @passed_report = FactoryGirl.create(:arf_report)
+    @passed_report = FactoryGirl.create(:arf_report, :host_id => @host.id)
     @passed_report.stubs(:failed?).returns(false)
     @passed_report.stubs(:othered?).returns(false)
-    @othered_report = FactoryGirl.create(:arf_report)
+    @othered_report = FactoryGirl.create(:arf_report, :host_id => @host.id)
     @othered_report.stubs(:failed?).returns(false)
     @othered_report.stubs(:othered?).returns(true)
   end
@@ -22,7 +23,7 @@ class ComplianceStatusTest < ActiveSupport::TestCase
     host = FactoryGirl.create(:compliance_host, :policies => [@policy_a])
     status.host = host
     host.stubs(:last_report_for_policy).returns(@failed_report)
-    s = status.to_status
+    status.to_status
     assert_equal 2, status.to_status
   end
 
@@ -61,7 +62,7 @@ class ComplianceStatusTest < ActiveSupport::TestCase
   test 'status should be compliant for multiple policies' do
     status = ForemanOpenscap::ComplianceStatus.new
     host = FactoryGirl.create(:compliance_host, :policies => [@policy_a, @policy_b])
-    passed_report = FactoryGirl.create(:arf_report)
+    passed_report = FactoryGirl.create(:arf_report, :host_id => @host.id)
     passed_report.stubs(:othered?).returns(false)
     passed_report.stubs(:failed?).returns(false)
     host.stubs(:last_report_for_policy).returns(passed_report, @passed_report)

data/test/unit/openscap_host_test.rb

@@ -51,6 +51,10 @@ class OpenscapHostTest < ActiveSupport::TestCase
     end
 
     test 'scap_status_changed should not detect status change when there are reports < 2' do
+      openscap_proxy_api = ::ProxyAPI::Openscap.new(:url => 'https://test-proxy.com:9090')
+      openscap_proxy_api.stubs(:destroy_report).returns(true)
+      ForemanOpenscap::Helper.stubs(:find_name_or_uuid_by_host).returns("abcde")
+      ForemanOpenscap::ArfReport.any_instance.stubs(:openscap_proxy_api).returns(openscap_proxy_api)
       @report_2.destroy
       refute @host.scap_status_changed?(@policy)
     end

data/test/unit/policy_mailer_test.rb

@@ -10,7 +10,7 @@ class PolicyMailerTest < ActiveSupport::TestCase
                        :mailer => 'ForemanOpenscap::PolicyMailer',
                        :method => 'policy_summary',
                        :subscription_type => 'report',
-    )
+                      )
 
     @user.mail_notifications << MailNotification[:openscap_policy_summary]