foreman_openscap 0.5.4 → 0.6.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +7 -7
- data/README.md +14 -0
- data/app/assets/javascripts/foreman_openscap/policy_edit.js +1 -1
- data/app/controllers/api/v2/compliance/policies_controller.rb +12 -9
- data/app/controllers/api/v2/compliance/scap_contents_controller.rb +4 -2
- data/app/controllers/concerns/foreman/controller/parameters/policy.rb +12 -0
- data/app/controllers/concerns/foreman/controller/parameters/policy_api.rb +21 -0
- data/app/controllers/concerns/foreman/controller/parameters/scap_content.rb +15 -0
- data/app/controllers/policies_controller.rb +7 -3
- data/app/controllers/scap_contents_controller.rb +4 -2
- data/app/helpers/{dashboard_helper.rb → compliance_dashboard_helper.rb} +2 -2
- data/app/helpers/policy_dashboard_helper.rb +9 -4
- data/app/models/concerns/foreman_openscap/host_extensions.rb +3 -5
- data/app/models/concerns/foreman_openscap/hostgroup_extensions.rb +1 -1
- data/app/models/concerns/foreman_openscap/log_extensions.rb +0 -1
- data/app/models/concerns/foreman_openscap/openscap_proxy_core_extensions.rb +1 -1
- data/app/models/concerns/foreman_openscap/openscap_proxy_extensions.rb +1 -2
- data/app/models/foreman_openscap/arf_report.rb +6 -4
- data/app/models/foreman_openscap/compliance_status.rb +3 -1
- data/app/models/foreman_openscap/policy.rb +62 -33
- data/app/models/foreman_openscap/scap_content.rb +1 -3
- data/app/views/arf_reports/_list.html.erb +1 -1
- data/app/views/arf_reports/show.html.erb +4 -4
- data/app/views/compliance_hosts/show.html.erb +1 -1
- data/app/views/dashboard/_compliance_host_reports_widget.html.erb +6 -6
- data/app/views/policies/index.html.erb +2 -2
- data/app/views/policies/steps/_schedule_form.html.erb +1 -1
- data/app/views/policies/steps/_step_form.html.erb +1 -0
- data/app/views/policies/welcome.html.erb +1 -1
- data/app/views/policy_dashboard/index.html.erb +2 -2
- data/app/views/scap_contents/index.html.erb +2 -2
- data/app/views/scap_contents/welcome.html.erb +1 -1
- data/db/migrate/20160830113437_remove_deleted_policy.rb +10 -0
- data/db/seeds.d/openscap_policy_notification.rb +2 -0
- data/lib/foreman_openscap/data_migration.rb +1 -1
- data/lib/foreman_openscap/engine.rb +11 -1
- data/lib/foreman_openscap/helper.rb +4 -8
- data/lib/foreman_openscap/version.rb +1 -1
- data/locale/Makefile +60 -0
- data/locale/de/LC_MESSAGES/foreman_openscap.mo +0 -0
- data/locale/de/foreman_openscap.po +616 -0
- data/locale/en_GB/LC_MESSAGES/foreman_openscap.mo +0 -0
- data/locale/en_GB/foreman_openscap.po +616 -0
- data/locale/es/LC_MESSAGES/foreman_openscap.mo +0 -0
- data/locale/es/foreman_openscap.po +616 -0
- data/locale/foreman_openscap.pot +873 -0
- data/locale/fr/LC_MESSAGES/foreman_openscap.mo +0 -0
- data/locale/fr/foreman_openscap.po +616 -0
- data/locale/gl/LC_MESSAGES/foreman_openscap.mo +0 -0
- data/locale/gl/foreman_openscap.po +616 -0
- data/locale/it/LC_MESSAGES/foreman_openscap.mo +0 -0
- data/locale/it/foreman_openscap.po +616 -0
- data/locale/ja/LC_MESSAGES/foreman_openscap.mo +0 -0
- data/locale/ja/foreman_openscap.po +616 -0
- data/locale/ko/LC_MESSAGES/foreman_openscap.mo +0 -0
- data/locale/ko/foreman_openscap.po +616 -0
- data/locale/pt_BR/LC_MESSAGES/foreman_openscap.mo +0 -0
- data/locale/pt_BR/foreman_openscap.po +616 -0
- data/locale/ru/LC_MESSAGES/foreman_openscap.mo +0 -0
- data/locale/ru/foreman_openscap.po +617 -0
- data/locale/sv_SE/LC_MESSAGES/foreman_openscap.mo +0 -0
- data/locale/sv_SE/foreman_openscap.po +616 -0
- data/locale/zanata.xml +29 -0
- data/locale/zh_CN/LC_MESSAGES/foreman_openscap.mo +0 -0
- data/locale/zh_CN/foreman_openscap.po +616 -0
- data/locale/zh_TW/LC_MESSAGES/foreman_openscap.mo +0 -0
- data/locale/zh_TW/foreman_openscap.po +616 -0
- data/test/factories/policy_factory.rb +2 -2
- data/test/functional/api/v2/compliance/policies_controller_test.rb +7 -3
- data/test/test_plugin_helper.rb +35 -37
- data/test/unit/concerns/openscap_proxy_extenstions_test.rb +21 -0
- data/test/unit/openscap_host_test.rb +3 -1
- data/test/unit/policy_test.rb +125 -0
- data/test/unit/scap_content_test.rb +5 -0
- metadata +231 -198
data/test/test_plugin_helper.rb
CHANGED
|
@@ -5,53 +5,51 @@ require 'test_helper'
|
|
|
5
5
|
FactoryGirl.definition_file_paths << File.join(File.dirname(__FILE__), 'factories')
|
|
6
6
|
FactoryGirl.reload
|
|
7
7
|
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
Hostgroup.any_instance.stubs(:update_scap_client).returns(nil)
|
|
14
|
-
end
|
|
8
|
+
module ScapClientPuppetclass
|
|
9
|
+
def skip_scap_callback
|
|
10
|
+
Host::Managed.any_instance.stubs(:update_scap_client).returns(nil)
|
|
11
|
+
Host::Managed.any_instance.stubs(:scap_client_class_present).returns(nil)
|
|
12
|
+
Hostgroup.any_instance.stubs(:update_scap_client).returns(nil)
|
|
15
13
|
end
|
|
14
|
+
end
|
|
16
15
|
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
16
|
+
class ActionMailer::TestCase
|
|
17
|
+
include ScapClientPuppetclass
|
|
18
|
+
setup :skip_scap_callback
|
|
19
|
+
end
|
|
21
20
|
|
|
22
|
-
|
|
23
|
-
|
|
21
|
+
class ActionController::TestCase
|
|
22
|
+
include ScapClientPuppetclass
|
|
24
23
|
|
|
25
|
-
|
|
24
|
+
setup :add_smart_proxy, :skip_scap_callback
|
|
26
25
|
|
|
27
|
-
|
|
26
|
+
private
|
|
28
27
|
|
|
29
|
-
|
|
30
|
-
|
|
31
|
-
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
|
|
37
|
-
end
|
|
28
|
+
def add_smart_proxy
|
|
29
|
+
FactoryGirl.create(:smart_proxy, :url => 'http://localhost:8443', :features => [FactoryGirl.create(:feature, :name => 'Openscap')])
|
|
30
|
+
::ProxyAPI::Features.any_instance.stubs(:features).returns(%w(puppet openscap))
|
|
31
|
+
versions = { "version" => "1.11.0", "modules" => { "openscap" => "0.5.3" } }
|
|
32
|
+
::ProxyAPI::Version.any_instance.stubs(:proxy_versions).returns(versions)
|
|
33
|
+
ProxyAPI::Openscap.any_instance.stubs(:validate_scap_content).returns({'errors' => []})
|
|
34
|
+
ProxyAPI::Openscap.any_instance.stubs(:fetch_policies_for_scap_content)
|
|
35
|
+
.returns({'xccdf_org.ssgproject.content_profile_common' => 'Common Profile for General-Purpose Fedora Systems'})
|
|
38
36
|
end
|
|
37
|
+
end
|
|
39
38
|
|
|
40
|
-
|
|
41
|
-
|
|
39
|
+
class ActiveSupport::TestCase
|
|
40
|
+
include ScapClientPuppetclass
|
|
42
41
|
|
|
43
|
-
|
|
42
|
+
setup :add_smart_proxy, :skip_scap_callback
|
|
44
43
|
|
|
45
|
-
|
|
44
|
+
private
|
|
46
45
|
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
end
|
|
46
|
+
def add_smart_proxy
|
|
47
|
+
FactoryGirl.create(:smart_proxy, :url => 'http://localhost:8443', :features => [FactoryGirl.create(:feature, :name => 'Openscap')])
|
|
48
|
+
::ProxyAPI::Features.any_instance.stubs(:features).returns(%w(puppet openscap))
|
|
49
|
+
versions = { "version" => "1.11.0", "modules" => { "openscap" => "0.5.3" } }
|
|
50
|
+
::ProxyAPI::Version.any_instance.stubs(:proxy_versions).returns(versions)
|
|
51
|
+
ProxyAPI::Openscap.any_instance.stubs(:validate_scap_content).returns({'errors' => []})
|
|
52
|
+
ProxyAPI::Openscap.any_instance.stubs(:fetch_policies_for_scap_content)
|
|
53
|
+
.returns({'xccdf_org.ssgproject.content_profile_common' => 'Common Profile for General-Purpose Fedora Systems'})
|
|
56
54
|
end
|
|
57
55
|
end
|
|
@@ -0,0 +1,21 @@
|
|
|
1
|
+
require 'test_plugin_helper'
|
|
2
|
+
|
|
3
|
+
class OpenscapProxyExtensionsTest < ActiveSupport::TestCase
|
|
4
|
+
|
|
5
|
+
setup do
|
|
6
|
+
@host = FactoryGirl.create(:compliance_host)
|
|
7
|
+
end
|
|
8
|
+
|
|
9
|
+
test "should return proxy api for openscap" do
|
|
10
|
+
arf = FactoryGirl.create(:arf_report,
|
|
11
|
+
:host_id => @host.id,
|
|
12
|
+
:openscap_proxy => @host.openscap_proxy)
|
|
13
|
+
api = arf.openscap_proxy_api
|
|
14
|
+
assert_equal (@host.openscap_proxy.url + "/compliance/"), api.url
|
|
15
|
+
end
|
|
16
|
+
|
|
17
|
+
test "should raise exception when no openscap proxy asociated" do
|
|
18
|
+
arf = FactoryGirl.create(:arf_report, :host_id => @host.id)
|
|
19
|
+
assert_raises(Foreman::Exception) { arf.openscap_proxy_api }
|
|
20
|
+
end
|
|
21
|
+
end
|
|
@@ -5,6 +5,7 @@ class OpenscapHostTest < ActiveSupport::TestCase
|
|
|
5
5
|
disable_orchestration
|
|
6
6
|
User.current = users :admin
|
|
7
7
|
ForemanOpenscap::Policy.any_instance.stubs(:ensure_needed_puppetclasses).returns(true)
|
|
8
|
+
ForemanOpenscap::Policy.any_instance.stubs(:find_scap_puppetclass).returns(FactoryGirl.create(:puppetclass, :name => 'foreman_scap_client'))
|
|
8
9
|
@policy = FactoryGirl.create(:policy)
|
|
9
10
|
end
|
|
10
11
|
|
|
@@ -19,7 +20,8 @@ class OpenscapHostTest < ActiveSupport::TestCase
|
|
|
19
20
|
test 'Host has policies via its hostgroup' do
|
|
20
21
|
host = FactoryGirl.create(:host, :with_hostgroup)
|
|
21
22
|
hostgroup = host.hostgroup
|
|
22
|
-
|
|
23
|
+
@policy.hostgroup_ids = ["#{hostgroup.id}"]
|
|
24
|
+
assert @policy.save
|
|
23
25
|
refute_empty(host.combined_policies)
|
|
24
26
|
assert_includes(host.combined_policies, @policy)
|
|
25
27
|
end
|
|
@@ -0,0 +1,125 @@
|
|
|
1
|
+
require 'test_plugin_helper'
|
|
2
|
+
|
|
3
|
+
class PolicyTest < ActiveSupport::TestCase
|
|
4
|
+
setup do
|
|
5
|
+
ForemanOpenscap::Policy.any_instance.stubs(:ensure_needed_puppetclasses).returns(true)
|
|
6
|
+
@scap_content = FactoryGirl.create(:scap_content)
|
|
7
|
+
@scap_profile = FactoryGirl.create(:scap_content_profile)
|
|
8
|
+
end
|
|
9
|
+
|
|
10
|
+
test "should assign hostgroups by their ids" do
|
|
11
|
+
ForemanOpenscap::Policy.any_instance.stubs(:find_scap_puppetclass).returns(FactoryGirl.create(:puppetclass, :name => 'foreman_scap_client'))
|
|
12
|
+
ForemanOpenscap::Policy.any_instance.stubs(:populate_overrides)
|
|
13
|
+
hg1 = FactoryGirl.create(:hostgroup)
|
|
14
|
+
hg2 = FactoryGirl.create(:hostgroup)
|
|
15
|
+
asset = FactoryGirl.create(:asset, :assetable_id => hg1.id, :assetable_type => 'Hostgroup')
|
|
16
|
+
policy = FactoryGirl.create(:policy, :assets => [asset])
|
|
17
|
+
policy.hostgroup_ids = [hg1, hg2].map(&:id)
|
|
18
|
+
policy.save!
|
|
19
|
+
assert_equal 2, policy.hostgroups.count
|
|
20
|
+
assert policy.hostgroups.include?(hg2)
|
|
21
|
+
end
|
|
22
|
+
|
|
23
|
+
test "should remove associated hostgroup" do
|
|
24
|
+
ForemanOpenscap::Policy.any_instance.stubs(:find_scap_puppetclass).returns(FactoryGirl.create(:puppetclass, :name => 'foreman_scap_client'))
|
|
25
|
+
ForemanOpenscap::Policy.any_instance.stubs(:populate_overrides)
|
|
26
|
+
hg = FactoryGirl.create(:hostgroup)
|
|
27
|
+
asset = FactoryGirl.create(:asset, :assetable_id => hg.id, :assetable_type => 'Hostgroup')
|
|
28
|
+
policy = FactoryGirl.create(:policy, :assets => [asset])
|
|
29
|
+
policy.save!
|
|
30
|
+
hg.hostgroup_classes.destroy_all
|
|
31
|
+
hg.destroy
|
|
32
|
+
assert_equal 0, policy.hostgroups.count
|
|
33
|
+
end
|
|
34
|
+
|
|
35
|
+
test "should create policy with custom period" do
|
|
36
|
+
p = ForemanOpenscap::Policy.new(:name => "custom_policy",
|
|
37
|
+
:scap_content_id => @scap_content.id,
|
|
38
|
+
:scap_content_profile_id => @scap_profile.id,
|
|
39
|
+
:period => 'custom',
|
|
40
|
+
:cron_line => '6 * 15 12 0')
|
|
41
|
+
assert p.save
|
|
42
|
+
end
|
|
43
|
+
|
|
44
|
+
test "should not create policy with custom period" do
|
|
45
|
+
p = ForemanOpenscap::Policy.new(:name => "custom_policy",
|
|
46
|
+
:scap_content_id => @scap_content.id,
|
|
47
|
+
:scap_content_profile_id => @scap_profile.id,
|
|
48
|
+
:period => 'custom',
|
|
49
|
+
:cron_line => 'aaa')
|
|
50
|
+
refute p.save
|
|
51
|
+
assert p.errors[:cron_line].include?("does not consist of 5 parts separated by space")
|
|
52
|
+
end
|
|
53
|
+
|
|
54
|
+
test "should create policy with weekly period" do
|
|
55
|
+
p = ForemanOpenscap::Policy.new(:name => "custom_policy",
|
|
56
|
+
:scap_content_id => @scap_content.id,
|
|
57
|
+
:scap_content_profile_id => @scap_profile.id,
|
|
58
|
+
:period => 'weekly',
|
|
59
|
+
:weekday => 'monday')
|
|
60
|
+
assert p.save
|
|
61
|
+
end
|
|
62
|
+
|
|
63
|
+
test "should not create policy with weekly period" do
|
|
64
|
+
p = ForemanOpenscap::Policy.new(:name => "custom_policy",
|
|
65
|
+
:scap_content_id => @scap_content.id,
|
|
66
|
+
:scap_content_profile_id => @scap_profile.id,
|
|
67
|
+
:period => 'weekly',
|
|
68
|
+
:weekday => 'someday')
|
|
69
|
+
refute p.save
|
|
70
|
+
assert p.errors[:weekday].include?("is not a valid value")
|
|
71
|
+
end
|
|
72
|
+
|
|
73
|
+
test "should create policy with monthly period" do
|
|
74
|
+
p = ForemanOpenscap::Policy.new(:name => "custom_policy",
|
|
75
|
+
:scap_content_id => @scap_content.id,
|
|
76
|
+
:scap_content_profile_id => @scap_profile.id,
|
|
77
|
+
:period => 'monthly',
|
|
78
|
+
:day_of_month => '1')
|
|
79
|
+
assert p.save
|
|
80
|
+
end
|
|
81
|
+
|
|
82
|
+
test "should not create policy with monthly period" do
|
|
83
|
+
p = ForemanOpenscap::Policy.new(:name => "custom_policy",
|
|
84
|
+
:scap_content_id => @scap_content.id,
|
|
85
|
+
:scap_content_profile_id => @scap_profile.id,
|
|
86
|
+
:period => 'monthly',
|
|
87
|
+
:day_of_month => '0')
|
|
88
|
+
refute p.save
|
|
89
|
+
assert p.errors[:day_of_month].include?("must be between 1 and 31")
|
|
90
|
+
end
|
|
91
|
+
|
|
92
|
+
test "should not create policy when attributes do not correspond to selected period in new record" do
|
|
93
|
+
p = ForemanOpenscap::Policy.new(:name => "custom_policy",
|
|
94
|
+
:scap_content_id => @scap_content.id,
|
|
95
|
+
:scap_content_profile_id => @scap_profile.id,
|
|
96
|
+
:period => 'monthly',
|
|
97
|
+
:weekday => 'tuesday',
|
|
98
|
+
:cron_line => "0 0 0 0 0")
|
|
99
|
+
policy = ForemanOpenscap::Policy.new(:name => "test policy",
|
|
100
|
+
:scap_content_id => @scap_content.id,
|
|
101
|
+
:scap_content_profile_id => @scap_profile.id,
|
|
102
|
+
:period => 'custom',
|
|
103
|
+
:weekday => 'tuesday',
|
|
104
|
+
:day_of_month => "15")
|
|
105
|
+
refute p.save
|
|
106
|
+
refute policy.save
|
|
107
|
+
assert p.weekday.empty?
|
|
108
|
+
assert p.cron_line.empty?
|
|
109
|
+
assert policy.weekday.empty?
|
|
110
|
+
assert policy.day_of_month.empty?
|
|
111
|
+
end
|
|
112
|
+
|
|
113
|
+
test "should update policy period" do
|
|
114
|
+
p = ForemanOpenscap::Policy.new(:name => "custom_policy",
|
|
115
|
+
:scap_content_id => @scap_content.id,
|
|
116
|
+
:scap_content_profile_id => @scap_profile.id,
|
|
117
|
+
:period => 'monthly',
|
|
118
|
+
:day_of_month => '5')
|
|
119
|
+
assert p.save
|
|
120
|
+
p.period = 'weekly'
|
|
121
|
+
p.weekday = 'monday'
|
|
122
|
+
p.day_of_month = nil
|
|
123
|
+
assert p.save
|
|
124
|
+
end
|
|
125
|
+
end
|
|
@@ -10,6 +10,11 @@ class ScapContentTest < ActiveSupport::TestCase
|
|
|
10
10
|
assert(scap_content.valid?)
|
|
11
11
|
end
|
|
12
12
|
|
|
13
|
+
test 'should not allow title.length > 255' do
|
|
14
|
+
scap_content = ForemanOpenscap::ScapContent.new(:title => ("a" * 256), :scap_file => @scap_file)
|
|
15
|
+
refute(scap_content.valid?)
|
|
16
|
+
end
|
|
17
|
+
|
|
13
18
|
test 'scap content should fail if no openscap proxy' do
|
|
14
19
|
SmartProxy.stubs(:with_features).returns([])
|
|
15
20
|
ProxyAPI::AvailableProxy.any_instance.stubs(:available?).returns(false)
|