foreman_openscap 0.5.4 → 0.6.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -7
- data/README.md +14 -0
- data/app/assets/javascripts/foreman_openscap/policy_edit.js +1 -1
- data/app/controllers/api/v2/compliance/policies_controller.rb +12 -9
- data/app/controllers/api/v2/compliance/scap_contents_controller.rb +4 -2
- data/app/controllers/concerns/foreman/controller/parameters/policy.rb +12 -0
- data/app/controllers/concerns/foreman/controller/parameters/policy_api.rb +21 -0
- data/app/controllers/concerns/foreman/controller/parameters/scap_content.rb +15 -0
- data/app/controllers/policies_controller.rb +7 -3
- data/app/controllers/scap_contents_controller.rb +4 -2
- data/app/helpers/{dashboard_helper.rb → compliance_dashboard_helper.rb} +2 -2
- data/app/helpers/policy_dashboard_helper.rb +9 -4
- data/app/models/concerns/foreman_openscap/host_extensions.rb +3 -5
- data/app/models/concerns/foreman_openscap/hostgroup_extensions.rb +1 -1
- data/app/models/concerns/foreman_openscap/log_extensions.rb +0 -1
- data/app/models/concerns/foreman_openscap/openscap_proxy_core_extensions.rb +1 -1
- data/app/models/concerns/foreman_openscap/openscap_proxy_extensions.rb +1 -2
- data/app/models/foreman_openscap/arf_report.rb +6 -4
- data/app/models/foreman_openscap/compliance_status.rb +3 -1
- data/app/models/foreman_openscap/policy.rb +62 -33
- data/app/models/foreman_openscap/scap_content.rb +1 -3
- data/app/views/arf_reports/_list.html.erb +1 -1
- data/app/views/arf_reports/show.html.erb +4 -4
- data/app/views/compliance_hosts/show.html.erb +1 -1
- data/app/views/dashboard/_compliance_host_reports_widget.html.erb +6 -6
- data/app/views/policies/index.html.erb +2 -2
- data/app/views/policies/steps/_schedule_form.html.erb +1 -1
- data/app/views/policies/steps/_step_form.html.erb +1 -0
- data/app/views/policies/welcome.html.erb +1 -1
- data/app/views/policy_dashboard/index.html.erb +2 -2
- data/app/views/scap_contents/index.html.erb +2 -2
- data/app/views/scap_contents/welcome.html.erb +1 -1
- data/db/migrate/20160830113437_remove_deleted_policy.rb +10 -0
- data/db/seeds.d/openscap_policy_notification.rb +2 -0
- data/lib/foreman_openscap/data_migration.rb +1 -1
- data/lib/foreman_openscap/engine.rb +11 -1
- data/lib/foreman_openscap/helper.rb +4 -8
- data/lib/foreman_openscap/version.rb +1 -1
- data/locale/Makefile +60 -0
- data/locale/de/LC_MESSAGES/foreman_openscap.mo +0 -0
- data/locale/de/foreman_openscap.po +616 -0
- data/locale/en_GB/LC_MESSAGES/foreman_openscap.mo +0 -0
- data/locale/en_GB/foreman_openscap.po +616 -0
- data/locale/es/LC_MESSAGES/foreman_openscap.mo +0 -0
- data/locale/es/foreman_openscap.po +616 -0
- data/locale/foreman_openscap.pot +873 -0
- data/locale/fr/LC_MESSAGES/foreman_openscap.mo +0 -0
- data/locale/fr/foreman_openscap.po +616 -0
- data/locale/gl/LC_MESSAGES/foreman_openscap.mo +0 -0
- data/locale/gl/foreman_openscap.po +616 -0
- data/locale/it/LC_MESSAGES/foreman_openscap.mo +0 -0
- data/locale/it/foreman_openscap.po +616 -0
- data/locale/ja/LC_MESSAGES/foreman_openscap.mo +0 -0
- data/locale/ja/foreman_openscap.po +616 -0
- data/locale/ko/LC_MESSAGES/foreman_openscap.mo +0 -0
- data/locale/ko/foreman_openscap.po +616 -0
- data/locale/pt_BR/LC_MESSAGES/foreman_openscap.mo +0 -0
- data/locale/pt_BR/foreman_openscap.po +616 -0
- data/locale/ru/LC_MESSAGES/foreman_openscap.mo +0 -0
- data/locale/ru/foreman_openscap.po +617 -0
- data/locale/sv_SE/LC_MESSAGES/foreman_openscap.mo +0 -0
- data/locale/sv_SE/foreman_openscap.po +616 -0
- data/locale/zanata.xml +29 -0
- data/locale/zh_CN/LC_MESSAGES/foreman_openscap.mo +0 -0
- data/locale/zh_CN/foreman_openscap.po +616 -0
- data/locale/zh_TW/LC_MESSAGES/foreman_openscap.mo +0 -0
- data/locale/zh_TW/foreman_openscap.po +616 -0
- data/test/factories/policy_factory.rb +2 -2
- data/test/functional/api/v2/compliance/policies_controller_test.rb +7 -3
- data/test/test_plugin_helper.rb +35 -37
- data/test/unit/concerns/openscap_proxy_extenstions_test.rb +21 -0
- data/test/unit/openscap_host_test.rb +3 -1
- data/test/unit/policy_test.rb +125 -0
- data/test/unit/scap_content_test.rb +5 -0
- metadata +231 -198
data/test/test_plugin_helper.rb
CHANGED
@@ -5,53 +5,51 @@ require 'test_helper'
|
|
5
5
|
FactoryGirl.definition_file_paths << File.join(File.dirname(__FILE__), 'factories')
|
6
6
|
FactoryGirl.reload
|
7
7
|
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
Hostgroup.any_instance.stubs(:update_scap_client).returns(nil)
|
14
|
-
end
|
8
|
+
module ScapClientPuppetclass
|
9
|
+
def skip_scap_callback
|
10
|
+
Host::Managed.any_instance.stubs(:update_scap_client).returns(nil)
|
11
|
+
Host::Managed.any_instance.stubs(:scap_client_class_present).returns(nil)
|
12
|
+
Hostgroup.any_instance.stubs(:update_scap_client).returns(nil)
|
15
13
|
end
|
14
|
+
end
|
16
15
|
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
16
|
+
class ActionMailer::TestCase
|
17
|
+
include ScapClientPuppetclass
|
18
|
+
setup :skip_scap_callback
|
19
|
+
end
|
21
20
|
|
22
|
-
|
23
|
-
|
21
|
+
class ActionController::TestCase
|
22
|
+
include ScapClientPuppetclass
|
24
23
|
|
25
|
-
|
24
|
+
setup :add_smart_proxy, :skip_scap_callback
|
26
25
|
|
27
|
-
|
26
|
+
private
|
28
27
|
|
29
|
-
|
30
|
-
|
31
|
-
|
32
|
-
|
33
|
-
|
34
|
-
|
35
|
-
|
36
|
-
|
37
|
-
end
|
28
|
+
def add_smart_proxy
|
29
|
+
FactoryGirl.create(:smart_proxy, :url => 'http://localhost:8443', :features => [FactoryGirl.create(:feature, :name => 'Openscap')])
|
30
|
+
::ProxyAPI::Features.any_instance.stubs(:features).returns(%w(puppet openscap))
|
31
|
+
versions = { "version" => "1.11.0", "modules" => { "openscap" => "0.5.3" } }
|
32
|
+
::ProxyAPI::Version.any_instance.stubs(:proxy_versions).returns(versions)
|
33
|
+
ProxyAPI::Openscap.any_instance.stubs(:validate_scap_content).returns({'errors' => []})
|
34
|
+
ProxyAPI::Openscap.any_instance.stubs(:fetch_policies_for_scap_content)
|
35
|
+
.returns({'xccdf_org.ssgproject.content_profile_common' => 'Common Profile for General-Purpose Fedora Systems'})
|
38
36
|
end
|
37
|
+
end
|
39
38
|
|
40
|
-
|
41
|
-
|
39
|
+
class ActiveSupport::TestCase
|
40
|
+
include ScapClientPuppetclass
|
42
41
|
|
43
|
-
|
42
|
+
setup :add_smart_proxy, :skip_scap_callback
|
44
43
|
|
45
|
-
|
44
|
+
private
|
46
45
|
|
47
|
-
|
48
|
-
|
49
|
-
|
50
|
-
|
51
|
-
|
52
|
-
|
53
|
-
|
54
|
-
|
55
|
-
end
|
46
|
+
def add_smart_proxy
|
47
|
+
FactoryGirl.create(:smart_proxy, :url => 'http://localhost:8443', :features => [FactoryGirl.create(:feature, :name => 'Openscap')])
|
48
|
+
::ProxyAPI::Features.any_instance.stubs(:features).returns(%w(puppet openscap))
|
49
|
+
versions = { "version" => "1.11.0", "modules" => { "openscap" => "0.5.3" } }
|
50
|
+
::ProxyAPI::Version.any_instance.stubs(:proxy_versions).returns(versions)
|
51
|
+
ProxyAPI::Openscap.any_instance.stubs(:validate_scap_content).returns({'errors' => []})
|
52
|
+
ProxyAPI::Openscap.any_instance.stubs(:fetch_policies_for_scap_content)
|
53
|
+
.returns({'xccdf_org.ssgproject.content_profile_common' => 'Common Profile for General-Purpose Fedora Systems'})
|
56
54
|
end
|
57
55
|
end
|
@@ -0,0 +1,21 @@
|
|
1
|
+
require 'test_plugin_helper'
|
2
|
+
|
3
|
+
class OpenscapProxyExtensionsTest < ActiveSupport::TestCase
|
4
|
+
|
5
|
+
setup do
|
6
|
+
@host = FactoryGirl.create(:compliance_host)
|
7
|
+
end
|
8
|
+
|
9
|
+
test "should return proxy api for openscap" do
|
10
|
+
arf = FactoryGirl.create(:arf_report,
|
11
|
+
:host_id => @host.id,
|
12
|
+
:openscap_proxy => @host.openscap_proxy)
|
13
|
+
api = arf.openscap_proxy_api
|
14
|
+
assert_equal (@host.openscap_proxy.url + "/compliance/"), api.url
|
15
|
+
end
|
16
|
+
|
17
|
+
test "should raise exception when no openscap proxy asociated" do
|
18
|
+
arf = FactoryGirl.create(:arf_report, :host_id => @host.id)
|
19
|
+
assert_raises(Foreman::Exception) { arf.openscap_proxy_api }
|
20
|
+
end
|
21
|
+
end
|
@@ -5,6 +5,7 @@ class OpenscapHostTest < ActiveSupport::TestCase
|
|
5
5
|
disable_orchestration
|
6
6
|
User.current = users :admin
|
7
7
|
ForemanOpenscap::Policy.any_instance.stubs(:ensure_needed_puppetclasses).returns(true)
|
8
|
+
ForemanOpenscap::Policy.any_instance.stubs(:find_scap_puppetclass).returns(FactoryGirl.create(:puppetclass, :name => 'foreman_scap_client'))
|
8
9
|
@policy = FactoryGirl.create(:policy)
|
9
10
|
end
|
10
11
|
|
@@ -19,7 +20,8 @@ class OpenscapHostTest < ActiveSupport::TestCase
|
|
19
20
|
test 'Host has policies via its hostgroup' do
|
20
21
|
host = FactoryGirl.create(:host, :with_hostgroup)
|
21
22
|
hostgroup = host.hostgroup
|
22
|
-
|
23
|
+
@policy.hostgroup_ids = ["#{hostgroup.id}"]
|
24
|
+
assert @policy.save
|
23
25
|
refute_empty(host.combined_policies)
|
24
26
|
assert_includes(host.combined_policies, @policy)
|
25
27
|
end
|
@@ -0,0 +1,125 @@
|
|
1
|
+
require 'test_plugin_helper'
|
2
|
+
|
3
|
+
class PolicyTest < ActiveSupport::TestCase
|
4
|
+
setup do
|
5
|
+
ForemanOpenscap::Policy.any_instance.stubs(:ensure_needed_puppetclasses).returns(true)
|
6
|
+
@scap_content = FactoryGirl.create(:scap_content)
|
7
|
+
@scap_profile = FactoryGirl.create(:scap_content_profile)
|
8
|
+
end
|
9
|
+
|
10
|
+
test "should assign hostgroups by their ids" do
|
11
|
+
ForemanOpenscap::Policy.any_instance.stubs(:find_scap_puppetclass).returns(FactoryGirl.create(:puppetclass, :name => 'foreman_scap_client'))
|
12
|
+
ForemanOpenscap::Policy.any_instance.stubs(:populate_overrides)
|
13
|
+
hg1 = FactoryGirl.create(:hostgroup)
|
14
|
+
hg2 = FactoryGirl.create(:hostgroup)
|
15
|
+
asset = FactoryGirl.create(:asset, :assetable_id => hg1.id, :assetable_type => 'Hostgroup')
|
16
|
+
policy = FactoryGirl.create(:policy, :assets => [asset])
|
17
|
+
policy.hostgroup_ids = [hg1, hg2].map(&:id)
|
18
|
+
policy.save!
|
19
|
+
assert_equal 2, policy.hostgroups.count
|
20
|
+
assert policy.hostgroups.include?(hg2)
|
21
|
+
end
|
22
|
+
|
23
|
+
test "should remove associated hostgroup" do
|
24
|
+
ForemanOpenscap::Policy.any_instance.stubs(:find_scap_puppetclass).returns(FactoryGirl.create(:puppetclass, :name => 'foreman_scap_client'))
|
25
|
+
ForemanOpenscap::Policy.any_instance.stubs(:populate_overrides)
|
26
|
+
hg = FactoryGirl.create(:hostgroup)
|
27
|
+
asset = FactoryGirl.create(:asset, :assetable_id => hg.id, :assetable_type => 'Hostgroup')
|
28
|
+
policy = FactoryGirl.create(:policy, :assets => [asset])
|
29
|
+
policy.save!
|
30
|
+
hg.hostgroup_classes.destroy_all
|
31
|
+
hg.destroy
|
32
|
+
assert_equal 0, policy.hostgroups.count
|
33
|
+
end
|
34
|
+
|
35
|
+
test "should create policy with custom period" do
|
36
|
+
p = ForemanOpenscap::Policy.new(:name => "custom_policy",
|
37
|
+
:scap_content_id => @scap_content.id,
|
38
|
+
:scap_content_profile_id => @scap_profile.id,
|
39
|
+
:period => 'custom',
|
40
|
+
:cron_line => '6 * 15 12 0')
|
41
|
+
assert p.save
|
42
|
+
end
|
43
|
+
|
44
|
+
test "should not create policy with custom period" do
|
45
|
+
p = ForemanOpenscap::Policy.new(:name => "custom_policy",
|
46
|
+
:scap_content_id => @scap_content.id,
|
47
|
+
:scap_content_profile_id => @scap_profile.id,
|
48
|
+
:period => 'custom',
|
49
|
+
:cron_line => 'aaa')
|
50
|
+
refute p.save
|
51
|
+
assert p.errors[:cron_line].include?("does not consist of 5 parts separated by space")
|
52
|
+
end
|
53
|
+
|
54
|
+
test "should create policy with weekly period" do
|
55
|
+
p = ForemanOpenscap::Policy.new(:name => "custom_policy",
|
56
|
+
:scap_content_id => @scap_content.id,
|
57
|
+
:scap_content_profile_id => @scap_profile.id,
|
58
|
+
:period => 'weekly',
|
59
|
+
:weekday => 'monday')
|
60
|
+
assert p.save
|
61
|
+
end
|
62
|
+
|
63
|
+
test "should not create policy with weekly period" do
|
64
|
+
p = ForemanOpenscap::Policy.new(:name => "custom_policy",
|
65
|
+
:scap_content_id => @scap_content.id,
|
66
|
+
:scap_content_profile_id => @scap_profile.id,
|
67
|
+
:period => 'weekly',
|
68
|
+
:weekday => 'someday')
|
69
|
+
refute p.save
|
70
|
+
assert p.errors[:weekday].include?("is not a valid value")
|
71
|
+
end
|
72
|
+
|
73
|
+
test "should create policy with monthly period" do
|
74
|
+
p = ForemanOpenscap::Policy.new(:name => "custom_policy",
|
75
|
+
:scap_content_id => @scap_content.id,
|
76
|
+
:scap_content_profile_id => @scap_profile.id,
|
77
|
+
:period => 'monthly',
|
78
|
+
:day_of_month => '1')
|
79
|
+
assert p.save
|
80
|
+
end
|
81
|
+
|
82
|
+
test "should not create policy with monthly period" do
|
83
|
+
p = ForemanOpenscap::Policy.new(:name => "custom_policy",
|
84
|
+
:scap_content_id => @scap_content.id,
|
85
|
+
:scap_content_profile_id => @scap_profile.id,
|
86
|
+
:period => 'monthly',
|
87
|
+
:day_of_month => '0')
|
88
|
+
refute p.save
|
89
|
+
assert p.errors[:day_of_month].include?("must be between 1 and 31")
|
90
|
+
end
|
91
|
+
|
92
|
+
test "should not create policy when attributes do not correspond to selected period in new record" do
|
93
|
+
p = ForemanOpenscap::Policy.new(:name => "custom_policy",
|
94
|
+
:scap_content_id => @scap_content.id,
|
95
|
+
:scap_content_profile_id => @scap_profile.id,
|
96
|
+
:period => 'monthly',
|
97
|
+
:weekday => 'tuesday',
|
98
|
+
:cron_line => "0 0 0 0 0")
|
99
|
+
policy = ForemanOpenscap::Policy.new(:name => "test policy",
|
100
|
+
:scap_content_id => @scap_content.id,
|
101
|
+
:scap_content_profile_id => @scap_profile.id,
|
102
|
+
:period => 'custom',
|
103
|
+
:weekday => 'tuesday',
|
104
|
+
:day_of_month => "15")
|
105
|
+
refute p.save
|
106
|
+
refute policy.save
|
107
|
+
assert p.weekday.empty?
|
108
|
+
assert p.cron_line.empty?
|
109
|
+
assert policy.weekday.empty?
|
110
|
+
assert policy.day_of_month.empty?
|
111
|
+
end
|
112
|
+
|
113
|
+
test "should update policy period" do
|
114
|
+
p = ForemanOpenscap::Policy.new(:name => "custom_policy",
|
115
|
+
:scap_content_id => @scap_content.id,
|
116
|
+
:scap_content_profile_id => @scap_profile.id,
|
117
|
+
:period => 'monthly',
|
118
|
+
:day_of_month => '5')
|
119
|
+
assert p.save
|
120
|
+
p.period = 'weekly'
|
121
|
+
p.weekday = 'monday'
|
122
|
+
p.day_of_month = nil
|
123
|
+
assert p.save
|
124
|
+
end
|
125
|
+
end
|
@@ -10,6 +10,11 @@ class ScapContentTest < ActiveSupport::TestCase
|
|
10
10
|
assert(scap_content.valid?)
|
11
11
|
end
|
12
12
|
|
13
|
+
test 'should not allow title.length > 255' do
|
14
|
+
scap_content = ForemanOpenscap::ScapContent.new(:title => ("a" * 256), :scap_file => @scap_file)
|
15
|
+
refute(scap_content.valid?)
|
16
|
+
end
|
17
|
+
|
13
18
|
test 'scap content should fail if no openscap proxy' do
|
14
19
|
SmartProxy.stubs(:with_features).returns([])
|
15
20
|
ProxyAPI::AvailableProxy.any_instance.stubs(:available?).returns(false)
|