foreman_openscap 0.7.1 → 0.7.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/app/controllers/api/v2/compliance/arf_reports_controller.rb +1 -1
- data/app/controllers/api/v2/compliance/policies_controller.rb +2 -2
- data/app/controllers/api/v2/compliance/scap_contents_controller.rb +1 -1
- data/app/controllers/api/v2/compliance/tailoring_files_controller.rb +1 -1
- data/app/controllers/arf_reports_controller.rb +9 -9
- data/app/controllers/concerns/foreman/controller/parameters/policy.rb +1 -1
- data/app/controllers/openscap_proxies_controller.rb +5 -5
- data/app/controllers/policies_controller.rb +16 -17
- data/app/controllers/policy_dashboard_controller.rb +2 -1
- data/app/controllers/scap_contents_controller.rb +2 -2
- data/app/controllers/tailoring_files_controller.rb +4 -4
- data/app/helpers/arf_report_dashboard_helper.rb +2 -3
- data/app/helpers/arf_reports_helper.rb +1 -1
- data/app/helpers/compliance_hosts_helper.rb +1 -2
- data/app/helpers/policies_helper.rb +4 -4
- data/app/helpers/policy_dashboard_helper.rb +2 -3
- data/app/lib/proxy_api/available_proxy.rb +2 -2
- data/app/lib/proxy_api/openscap.rb +1 -1
- data/app/mailers/foreman_openscap/policy_mailer.rb +1 -1
- data/app/models/concerns/foreman_openscap/compliance_status_scoped_search.rb +7 -8
- data/app/models/concerns/foreman_openscap/host_extensions.rb +44 -25
- data/app/models/concerns/foreman_openscap/log_extensions.rb +1 -1
- data/app/models/concerns/foreman_openscap/openscap_proxy_core_extensions.rb +3 -3
- data/app/models/foreman_openscap/arf_report.rb +34 -12
- data/app/models/foreman_openscap/policy.rb +19 -17
- data/app/models/foreman_openscap/scap_content.rb +4 -2
- data/app/services/foreman_openscap/arf_report_status_calculator.rb +1 -1
- data/app/services/foreman_openscap/host_report_dashboard/data.rb +2 -2
- data/app/services/foreman_openscap/policy_dashboard/data.rb +4 -3
- data/app/validators/foreman_openscap/data_stream_validator.rb +2 -2
- data/app/views/policy_dashboard/_policy_status_widget.html.erb +5 -5
- data/config/routes.rb +6 -6
- data/db/migrate/20141015115511_add_arf_report_unique_constraint.rb +1 -1
- data/db/migrate/20141113221054_create_scaptimony_scap_content_profiles.rb +1 -1
- data/db/migrate/20141116170632_remove_xccdf_profile_from_scaptimony_policies.rb +1 -1
- data/db/migrate/20141121120326_create_scaptimony_arf_report_breakdowns.rb +15 -15
- data/db/migrate/20141121164042_replace_arf_report_breakdown_view.rb +15 -15
- data/db/migrate/20141206211151_create_scaptimony_assets_policies.rb +1 -1
- data/db/migrate/20150115155947_add_scaptimony_scap_content_digest.rb +1 -1
- data/db/migrate/20150821100137_migrate_from_scaptimony.rb +1 -1
- data/db/migrate/20160830113437_remove_deleted_policy.rb +1 -1
- data/db/migrate/20160925213031_change_scap_widget_names.rb +8 -8
- data/db/migrate/20161223153249_add_permissions_to_arf_report.rb +4 -4
- data/db/seeds.d/75-job_templates.rb +6 -1
- data/db/seeds.d/openscap_feature.rb +1 -1
- data/lib/foreman_openscap/data_migration.rb +1 -2
- data/lib/foreman_openscap/engine.rb +33 -34
- data/lib/foreman_openscap/helper.rb +5 -7
- data/lib/foreman_openscap/message_cleaner.rb +32 -0
- data/lib/foreman_openscap/version.rb +1 -1
- data/lib/tasks/foreman_openscap_tasks.rake +12 -0
- data/locale/de/foreman_openscap.po +205 -43
- data/locale/en_GB/foreman_openscap.po +205 -43
- data/locale/es/foreman_openscap.po +205 -43
- data/locale/foreman_openscap.pot +418 -185
- data/locale/fr/foreman_openscap.po +205 -43
- data/locale/gl/foreman_openscap.po +205 -43
- data/locale/it/foreman_openscap.po +205 -43
- data/locale/ja/foreman_openscap.po +205 -43
- data/locale/ko/foreman_openscap.po +205 -43
- data/locale/pt_BR/foreman_openscap.po +205 -43
- data/locale/ru/foreman_openscap.po +205 -43
- data/locale/sv_SE/foreman_openscap.po +205 -43
- data/locale/zh_CN/foreman_openscap.po +205 -43
- data/locale/zh_TW/foreman_openscap.po +205 -43
- data/test/factories/arf_report_factory.rb +2 -2
- data/test/factories/asset_factory.rb +5 -0
- data/test/factories/compliance_host_factory.rb +4 -4
- data/test/factories/compliance_log_factory.rb +9 -4
- data/test/files/arf_report/arf_report.json +1 -0
- data/test/files/arf_report/arf_report_msg_desc_changed.json +1 -0
- data/test/files/arf_report/arf_report_msg_value_changed.json +1 -0
- data/test/functional/api/v2/compliance/arf_reports_controller_test.rb +111 -1
- data/test/functional/api/v2/compliance/policies_controller_test.rb +1 -1
- data/test/functional/api/v2/compliance/tailoring_files_controller_test.rb +4 -4
- data/test/test_plugin_helper.rb +4 -4
- data/test/unit/arf_report_test.rb +5 -5
- data/test/unit/concerns/host_extensions_test.rb +64 -4
- data/test/unit/message_cleaner_test.rb +31 -0
- data/test/unit/policy_mailer_test.rb +1 -2
- data/test/unit/scap_content_test.rb +3 -5
- data/test/unit/services/report_dashboard/data_test.rb +1 -1
- data/test/unit/services/tailoring_files_proxy_check_test.rb +4 -4
- metadata +12 -6
@@ -22,7 +22,7 @@ module ForemanOpenscap
|
|
22
22
|
report_1 = FactoryGirl.create(:arf_report, :policy => @policy, :host_id => @host.id, :logs => [@log_1, @log_2])
|
23
23
|
report_2 = FactoryGirl.create(:arf_report, :policy => @policy, :host_id => @host.id, :logs => [@log_3, log_4])
|
24
24
|
|
25
|
-
assert(report_1.equal?
|
25
|
+
assert(report_1.equal?(report_2))
|
26
26
|
end
|
27
27
|
|
28
28
|
test 'equal? should return false when there is change in report results' do
|
@@ -31,14 +31,14 @@ module ForemanOpenscap
|
|
31
31
|
report_1 = FactoryGirl.create(:arf_report, :policy => @policy, :host_id => @host.id, :logs => [@log_1, @log_2])
|
32
32
|
report_2 = FactoryGirl.create(:arf_report, :policy => @policy, :host_id => @host.id, :logs => [@log_3, log_4])
|
33
33
|
|
34
|
-
refute(report_1.equal?
|
34
|
+
refute(report_1.equal?(report_2))
|
35
35
|
end
|
36
36
|
|
37
37
|
test 'equal? should return false when reports have different sets of rules' do
|
38
38
|
report_1 = FactoryGirl.create(:arf_report, :policy => @policy, :host_id => @host.id, :logs => [@log_1, @log_2])
|
39
39
|
report_2 = FactoryGirl.create(:arf_report, :policy => @policy, :host_id => @host.id, :logs => [@log_3])
|
40
40
|
|
41
|
-
refute(report_1.equal?
|
41
|
+
refute(report_1.equal?(report_2))
|
42
42
|
end
|
43
43
|
|
44
44
|
test 'equal? should return false when reports have different hosts' do
|
@@ -47,7 +47,7 @@ module ForemanOpenscap
|
|
47
47
|
report_1 = FactoryGirl.create(:arf_report, :policy => @policy, :host_id => @host.id, :logs => [@log_1, @log_2])
|
48
48
|
report_2 = FactoryGirl.create(:arf_report, :policy => @policy, :host_id => host.id, :logs => [@log_3, log_4])
|
49
49
|
|
50
|
-
refute(report_1.equal?
|
50
|
+
refute(report_1.equal?(report_2))
|
51
51
|
end
|
52
52
|
|
53
53
|
test 'equal? should return false when reports have different policies' do
|
@@ -56,7 +56,7 @@ module ForemanOpenscap
|
|
56
56
|
report_1 = FactoryGirl.create(:arf_report, :policy => @policy, :host_id => @host.id, :logs => [@log_1, @log_2])
|
57
57
|
report_2 = FactoryGirl.create(:arf_report, :policy => policy, :host_id => @host.id, :logs => [@log_3, log_4])
|
58
58
|
|
59
|
-
refute(report_1.equal?
|
59
|
+
refute(report_1.equal?(report_2))
|
60
60
|
end
|
61
61
|
|
62
62
|
test 'should recognize report that failed' do
|
@@ -10,16 +10,76 @@ class HostExtensionsTest < ActiveSupport::TestCase
|
|
10
10
|
end
|
11
11
|
|
12
12
|
test "should have download_path in enc without digest" do
|
13
|
-
ForemanOpenscap::OpenscapProxyAssignedVersionCheck.any_instance.stubs(:openscap_proxy_versions)
|
14
|
-
|
13
|
+
ForemanOpenscap::OpenscapProxyAssignedVersionCheck.any_instance.stubs(:openscap_proxy_versions)
|
14
|
+
.returns('test-proxy' => '0.5.4')
|
15
15
|
enc_out = JSON.parse @host.policies_enc
|
16
16
|
assert_equal 5, enc_out.first['download_path'].split('/').length
|
17
17
|
end
|
18
18
|
|
19
19
|
test "should have download_path in enc with digest" do
|
20
|
-
ForemanOpenscap::OpenscapProxyAssignedVersionCheck.any_instance.stubs(:openscap_proxy_versions)
|
21
|
-
|
20
|
+
ForemanOpenscap::OpenscapProxyAssignedVersionCheck.any_instance.stubs(:openscap_proxy_versions)
|
21
|
+
.returns({})
|
22
22
|
enc_out = JSON.parse @host.policies_enc
|
23
23
|
assert_equal 6, enc_out.first['download_path'].split('/').length
|
24
24
|
end
|
25
|
+
|
26
|
+
test "should find hosts with direct policy assignment that were never audited" do
|
27
|
+
policy, host, host_2 = setup_hosts_with_policy.values_at(:policy, :host, :host_2)
|
28
|
+
report = FactoryGirl.create(:arf_report, :host_id => host_2.id)
|
29
|
+
FactoryGirl.create(:policy_arf_report, :policy_id => policy.id, :arf_report_id => report.id)
|
30
|
+
|
31
|
+
res = Host.policy_reports_missing policy
|
32
|
+
assert_equal res.count, 1
|
33
|
+
assert_include res, host
|
34
|
+
end
|
35
|
+
|
36
|
+
test "should find hosts with inherited policy that were never audited" do
|
37
|
+
policy, host, host_2 = setup_hosts_with_inherited_policy.values_at(:policy, :host, :host_2)
|
38
|
+
report = FactoryGirl.create(:arf_report, :host_id => host_2.id)
|
39
|
+
FactoryGirl.create(:policy_arf_report, :policy_id => policy.id, :arf_report_id => report.id)
|
40
|
+
|
41
|
+
res = Host.policy_reports_missing policy
|
42
|
+
assert_equal res.count, 1
|
43
|
+
assert_include res, host
|
44
|
+
end
|
45
|
+
|
46
|
+
test "should find hosts that are assigned to policy directly" do
|
47
|
+
policy, host, host_2 = setup_hosts_with_policy.values_at(:policy, :host, :host_2)
|
48
|
+
res = Host.assigned_to_policy(policy)
|
49
|
+
assert_equal 2, res.count
|
50
|
+
assert_include res, host
|
51
|
+
assert_include res, host_2
|
52
|
+
end
|
53
|
+
|
54
|
+
test "should find hosts with policy inherited from hostgroup" do
|
55
|
+
policy, host, host_2 = setup_hosts_with_inherited_policy.values_at(:policy, :host, :host_2)
|
56
|
+
res = Host.assigned_to_policy(policy)
|
57
|
+
assert_equal 2, res.count
|
58
|
+
assert_include res, host
|
59
|
+
assert_include res, host_2
|
60
|
+
end
|
61
|
+
|
62
|
+
private
|
63
|
+
|
64
|
+
def setup_hosts_with_policy
|
65
|
+
policy = FactoryGirl.create(:policy)
|
66
|
+
host = FactoryGirl.create(:compliance_host)
|
67
|
+
host_2 = FactoryGirl.create(:compliance_host)
|
68
|
+
asset = FactoryGirl.create(:asset, :assetable_id => host.id, :assetable_type => 'Host::Base')
|
69
|
+
asset_2 = FactoryGirl.create(:asset, :assetable_id => host_2.id, :assetable_type => 'Host::Base')
|
70
|
+
FactoryGirl.create(:asset_policy, :asset_id => asset.id, :policy_id => policy.id)
|
71
|
+
FactoryGirl.create(:asset_policy, :asset_id => asset_2.id, :policy_id => policy.id)
|
72
|
+
{ :host => host, :policy => policy, :host_2 => host_2 }
|
73
|
+
end
|
74
|
+
|
75
|
+
def setup_hosts_with_inherited_policy
|
76
|
+
policy = FactoryGirl.create(:policy)
|
77
|
+
parent = FactoryGirl.create(:hostgroup)
|
78
|
+
child = FactoryGirl.create(:hostgroup, :ancestry => parent.id.to_s)
|
79
|
+
asset = FactoryGirl.create(:asset, :assetable_id => parent.id, :assetable_type => 'Hostgroup')
|
80
|
+
FactoryGirl.create(:asset_policy, :asset_id => asset.id, :policy_id => policy.id)
|
81
|
+
host = FactoryGirl.create(:compliance_host, :hostgroup_id => child.id)
|
82
|
+
host_2 = FactoryGirl.create(:compliance_host, :hostgroup_id => child.id)
|
83
|
+
{ :policy => policy, :host => host, :host_2 => host_2 }
|
84
|
+
end
|
25
85
|
end
|
@@ -0,0 +1,31 @@
|
|
1
|
+
require 'test_plugin_helper'
|
2
|
+
|
3
|
+
class MessageCleanerTest < ActiveSupport::TestCase
|
4
|
+
setup do
|
5
|
+
ForemanOpenscap::Policy.any_instance.stubs(:ensure_needed_puppetclasses).returns(true)
|
6
|
+
end
|
7
|
+
|
8
|
+
test "should clean up messages" do
|
9
|
+
host = FactoryGirl.create(:compliance_host)
|
10
|
+
policy = FactoryGirl.create(:policy)
|
11
|
+
reports = []
|
12
|
+
source = FactoryGirl.create(:source, :value => "xccdf_org.ssgproject.content_rule_firefox_preferences-lock_settings_obscure")
|
13
|
+
2.times do
|
14
|
+
report = FactoryGirl.create(:arf_report, :host_id => host.id)
|
15
|
+
message = FactoryGirl.create(:compliance_message, :value => "Disable Firefox Configuration File ROT-13 Encoding")
|
16
|
+
FactoryGirl.create(:policy_arf_report, :policy_id => policy.id, :arf_report_id => report.id)
|
17
|
+
FactoryGirl.create(:compliance_log, :source_id => source.id, :message_id => message.id, :report_id => report.id)
|
18
|
+
report.reload
|
19
|
+
reports << report
|
20
|
+
end
|
21
|
+
|
22
|
+
assert_equal 2, reports.flat_map(&:logs).map(&:message).uniq.count
|
23
|
+
|
24
|
+
ForemanOpenscap::MessageCleaner.new.clean
|
25
|
+
reports.map(&:reload)
|
26
|
+
|
27
|
+
assert_equal 1, reports.flat_map(&:logs).map(&:message).uniq.count
|
28
|
+
log_a, log_b = reports.flat_map(&:logs)
|
29
|
+
assert_equal log_a.message, log_b.message
|
30
|
+
end
|
31
|
+
end
|
@@ -9,8 +9,7 @@ class PolicyMailerTest < ActiveSupport::TestCase
|
|
9
9
|
:description => N_('A summary of reports for OpenScap policies'),
|
10
10
|
:mailer => 'ForemanOpenscap::PolicyMailer',
|
11
11
|
:method => 'policy_summary',
|
12
|
-
:subscription_type => 'report',
|
13
|
-
)
|
12
|
+
:subscription_type => 'report',)
|
14
13
|
#just to have some content to send
|
15
14
|
ForemanOpenscap::Policy.any_instance.stubs(:ensure_needed_puppetclasses).returns(true)
|
16
15
|
host = FactoryGirl.create(:compliance_host)
|
@@ -20,16 +20,14 @@ class ScapContentTest < ActiveSupport::TestCase
|
|
20
20
|
ProxyAPI::AvailableProxy.any_instance.stubs(:available?).returns(false)
|
21
21
|
scap_content = ForemanOpenscap::ScapContent.new(:title => 'Fedora', :scap_file => @scap_file)
|
22
22
|
refute(scap_content.save)
|
23
|
-
assert_includes(scap_content.errors.messages[:base], 'No proxy with OpenSCAP
|
23
|
+
assert_includes(scap_content.errors.messages[:base], 'No proxy with OpenSCAP feature was found.')
|
24
24
|
end
|
25
25
|
|
26
26
|
test 'proxy_url should return the first available proxy it finds' do
|
27
27
|
available_proxy = SmartProxy.with_features('Openscap').first
|
28
28
|
unavailable_proxy = FactoryGirl.create(:smart_proxy, :url => 'http://proxy.example.com:8443', :features => [FactoryGirl.create(:feature, :name => 'Openscap')])
|
29
|
-
|
30
|
-
|
31
|
-
proxy1_url.stubs(:available?).returns(available_proxy.url)
|
32
|
-
proxy2_url.stubs(:available?).returns(false)
|
29
|
+
available_proxy.stubs(:proxy_url).returns(available_proxy.url)
|
30
|
+
unavailable_proxy.stubs(:proxy_url).returns(nil)
|
33
31
|
scap_content = ForemanOpenscap::ScapContent.new(:title => 'Fedora', :scap_file => @scap_file)
|
34
32
|
assert_equal(available_proxy.url, scap_content.proxy_url)
|
35
33
|
end
|
@@ -17,7 +17,7 @@ class DataTest < ActiveSupport::TestCase
|
|
17
17
|
end
|
18
18
|
|
19
19
|
test 'should fetch data' do
|
20
|
-
report_data = ForemanOpenscap::ReportDashboard::Data.new
|
20
|
+
report_data = ForemanOpenscap::ReportDashboard::Data.new.report
|
21
21
|
assert_equal 3, report_data[:failed]
|
22
22
|
assert_equal 2, report_data[:passed]
|
23
23
|
assert_equal 1, report_data[:othered]
|
@@ -2,16 +2,16 @@ require 'test_plugin_helper'
|
|
2
2
|
|
3
3
|
class TailoringFilesProxyCheckTest < ActiveSupport::TestCase
|
4
4
|
test 'should find proxies with old versions' do
|
5
|
-
ForemanOpenscap::OpenscapProxyVersionCheck.any_instance.stubs(:openscap_proxy_versions)
|
6
|
-
|
5
|
+
ForemanOpenscap::OpenscapProxyVersionCheck.any_instance.stubs(:openscap_proxy_versions)
|
6
|
+
.returns('old-proxy.test.com' => "0.5.4", "outdate-proxy.test.com" => "0.6.0")
|
7
7
|
check = ForemanOpenscap::OpenscapProxyVersionCheck.new.run
|
8
8
|
refute check.pass?
|
9
9
|
refute check.message.empty?
|
10
10
|
end
|
11
11
|
|
12
12
|
test 'should not find any outdated proxies' do
|
13
|
-
ForemanOpenscap::OpenscapProxyVersionCheck.any_instance.stubs(:openscap_proxy_versions)
|
14
|
-
|
13
|
+
ForemanOpenscap::OpenscapProxyVersionCheck.any_instance.stubs(:openscap_proxy_versions)
|
14
|
+
.returns({})
|
15
15
|
check = ForemanOpenscap::OpenscapProxyVersionCheck.new.run
|
16
16
|
assert check.pass?
|
17
17
|
assert check.message.empty?
|
metadata
CHANGED
@@ -1,17 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: foreman_openscap
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.7.
|
4
|
+
version: 0.7.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
|
-
-
|
8
|
-
- Shlomi Zadok
|
9
|
-
- Marek Hulan
|
10
|
-
- Ondrej Prazak
|
7
|
+
- slukasik@redhat.com
|
11
8
|
autorequire:
|
12
9
|
bindir: bin
|
13
10
|
cert_chain: []
|
14
|
-
date: 2017-
|
11
|
+
date: 2017-05-31 00:00:00.000000000 Z
|
15
12
|
dependencies:
|
16
13
|
- !ruby/object:Gem::Dependency
|
17
14
|
name: deface
|
@@ -228,6 +225,7 @@ files:
|
|
228
225
|
- lib/foreman_openscap/data_migration.rb
|
229
226
|
- lib/foreman_openscap/engine.rb
|
230
227
|
- lib/foreman_openscap/helper.rb
|
228
|
+
- lib/foreman_openscap/message_cleaner.rb
|
231
229
|
- lib/foreman_openscap/version.rb
|
232
230
|
- lib/tasks/foreman_openscap_tasks.rake
|
233
231
|
- locale/Makefile
|
@@ -268,6 +266,9 @@ files:
|
|
268
266
|
- test/factories/scap_content_related.rb
|
269
267
|
- test/files/arf_report/arf_report.bz2
|
270
268
|
- test/files/arf_report/arf_report.html
|
269
|
+
- test/files/arf_report/arf_report.json
|
270
|
+
- test/files/arf_report/arf_report_msg_desc_changed.json
|
271
|
+
- test/files/arf_report/arf_report_msg_value_changed.json
|
271
272
|
- test/files/scap_contents/ssg-fedora-ds.xml
|
272
273
|
- test/files/tailoring_files/ssg-firefox-ds-tailoring-2.xml
|
273
274
|
- test/files/tailoring_files/ssg-firefox-ds-tailoring.xml
|
@@ -285,6 +286,7 @@ files:
|
|
285
286
|
- test/unit/compliance_status_test.rb
|
286
287
|
- test/unit/concerns/host_extensions_test.rb
|
287
288
|
- test/unit/concerns/openscap_proxy_extenstions_test.rb
|
289
|
+
- test/unit/message_cleaner_test.rb
|
288
290
|
- test/unit/openscap_host_test.rb
|
289
291
|
- test/unit/policy_mailer_test.rb
|
290
292
|
- test/unit/policy_test.rb
|
@@ -318,6 +320,7 @@ specification_version: 4
|
|
318
320
|
summary: Foreman plug-in for displaying OpenSCAP audit reports
|
319
321
|
test_files:
|
320
322
|
- test/lib/foreman_openscap/bulk_upload_test.rb
|
323
|
+
- test/unit/message_cleaner_test.rb
|
321
324
|
- test/unit/scap_content_test.rb
|
322
325
|
- test/unit/concerns/openscap_proxy_extenstions_test.rb
|
323
326
|
- test/unit/concerns/host_extensions_test.rb
|
@@ -348,5 +351,8 @@ test_files:
|
|
348
351
|
- test/files/scap_contents/ssg-fedora-ds.xml
|
349
352
|
- test/files/tailoring_files/ssg-firefox-ds-tailoring-2.xml
|
350
353
|
- test/files/tailoring_files/ssg-firefox-ds-tailoring.xml
|
354
|
+
- test/files/arf_report/arf_report_msg_value_changed.json
|
351
355
|
- test/files/arf_report/arf_report.bz2
|
356
|
+
- test/files/arf_report/arf_report_msg_desc_changed.json
|
357
|
+
- test/files/arf_report/arf_report.json
|
352
358
|
- test/files/arf_report/arf_report.html
|