foreman_openscap 0.7.1 → 0.7.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/app/controllers/api/v2/compliance/arf_reports_controller.rb +1 -1
- data/app/controllers/api/v2/compliance/policies_controller.rb +2 -2
- data/app/controllers/api/v2/compliance/scap_contents_controller.rb +1 -1
- data/app/controllers/api/v2/compliance/tailoring_files_controller.rb +1 -1
- data/app/controllers/arf_reports_controller.rb +9 -9
- data/app/controllers/concerns/foreman/controller/parameters/policy.rb +1 -1
- data/app/controllers/openscap_proxies_controller.rb +5 -5
- data/app/controllers/policies_controller.rb +16 -17
- data/app/controllers/policy_dashboard_controller.rb +2 -1
- data/app/controllers/scap_contents_controller.rb +2 -2
- data/app/controllers/tailoring_files_controller.rb +4 -4
- data/app/helpers/arf_report_dashboard_helper.rb +2 -3
- data/app/helpers/arf_reports_helper.rb +1 -1
- data/app/helpers/compliance_hosts_helper.rb +1 -2
- data/app/helpers/policies_helper.rb +4 -4
- data/app/helpers/policy_dashboard_helper.rb +2 -3
- data/app/lib/proxy_api/available_proxy.rb +2 -2
- data/app/lib/proxy_api/openscap.rb +1 -1
- data/app/mailers/foreman_openscap/policy_mailer.rb +1 -1
- data/app/models/concerns/foreman_openscap/compliance_status_scoped_search.rb +7 -8
- data/app/models/concerns/foreman_openscap/host_extensions.rb +44 -25
- data/app/models/concerns/foreman_openscap/log_extensions.rb +1 -1
- data/app/models/concerns/foreman_openscap/openscap_proxy_core_extensions.rb +3 -3
- data/app/models/foreman_openscap/arf_report.rb +34 -12
- data/app/models/foreman_openscap/policy.rb +19 -17
- data/app/models/foreman_openscap/scap_content.rb +4 -2
- data/app/services/foreman_openscap/arf_report_status_calculator.rb +1 -1
- data/app/services/foreman_openscap/host_report_dashboard/data.rb +2 -2
- data/app/services/foreman_openscap/policy_dashboard/data.rb +4 -3
- data/app/validators/foreman_openscap/data_stream_validator.rb +2 -2
- data/app/views/policy_dashboard/_policy_status_widget.html.erb +5 -5
- data/config/routes.rb +6 -6
- data/db/migrate/20141015115511_add_arf_report_unique_constraint.rb +1 -1
- data/db/migrate/20141113221054_create_scaptimony_scap_content_profiles.rb +1 -1
- data/db/migrate/20141116170632_remove_xccdf_profile_from_scaptimony_policies.rb +1 -1
- data/db/migrate/20141121120326_create_scaptimony_arf_report_breakdowns.rb +15 -15
- data/db/migrate/20141121164042_replace_arf_report_breakdown_view.rb +15 -15
- data/db/migrate/20141206211151_create_scaptimony_assets_policies.rb +1 -1
- data/db/migrate/20150115155947_add_scaptimony_scap_content_digest.rb +1 -1
- data/db/migrate/20150821100137_migrate_from_scaptimony.rb +1 -1
- data/db/migrate/20160830113437_remove_deleted_policy.rb +1 -1
- data/db/migrate/20160925213031_change_scap_widget_names.rb +8 -8
- data/db/migrate/20161223153249_add_permissions_to_arf_report.rb +4 -4
- data/db/seeds.d/75-job_templates.rb +6 -1
- data/db/seeds.d/openscap_feature.rb +1 -1
- data/lib/foreman_openscap/data_migration.rb +1 -2
- data/lib/foreman_openscap/engine.rb +33 -34
- data/lib/foreman_openscap/helper.rb +5 -7
- data/lib/foreman_openscap/message_cleaner.rb +32 -0
- data/lib/foreman_openscap/version.rb +1 -1
- data/lib/tasks/foreman_openscap_tasks.rake +12 -0
- data/locale/de/foreman_openscap.po +205 -43
- data/locale/en_GB/foreman_openscap.po +205 -43
- data/locale/es/foreman_openscap.po +205 -43
- data/locale/foreman_openscap.pot +418 -185
- data/locale/fr/foreman_openscap.po +205 -43
- data/locale/gl/foreman_openscap.po +205 -43
- data/locale/it/foreman_openscap.po +205 -43
- data/locale/ja/foreman_openscap.po +205 -43
- data/locale/ko/foreman_openscap.po +205 -43
- data/locale/pt_BR/foreman_openscap.po +205 -43
- data/locale/ru/foreman_openscap.po +205 -43
- data/locale/sv_SE/foreman_openscap.po +205 -43
- data/locale/zh_CN/foreman_openscap.po +205 -43
- data/locale/zh_TW/foreman_openscap.po +205 -43
- data/test/factories/arf_report_factory.rb +2 -2
- data/test/factories/asset_factory.rb +5 -0
- data/test/factories/compliance_host_factory.rb +4 -4
- data/test/factories/compliance_log_factory.rb +9 -4
- data/test/files/arf_report/arf_report.json +1 -0
- data/test/files/arf_report/arf_report_msg_desc_changed.json +1 -0
- data/test/files/arf_report/arf_report_msg_value_changed.json +1 -0
- data/test/functional/api/v2/compliance/arf_reports_controller_test.rb +111 -1
- data/test/functional/api/v2/compliance/policies_controller_test.rb +1 -1
- data/test/functional/api/v2/compliance/tailoring_files_controller_test.rb +4 -4
- data/test/test_plugin_helper.rb +4 -4
- data/test/unit/arf_report_test.rb +5 -5
- data/test/unit/concerns/host_extensions_test.rb +64 -4
- data/test/unit/message_cleaner_test.rb +31 -0
- data/test/unit/policy_mailer_test.rb +1 -2
- data/test/unit/scap_content_test.rb +3 -5
- data/test/unit/services/report_dashboard/data_test.rb +1 -1
- data/test/unit/services/tailoring_files_proxy_check_test.rb +4 -4
- metadata +12 -6
@@ -6,7 +6,7 @@ module ForemanOpenscap
|
|
6
6
|
include OpenscapProxyExtensions
|
7
7
|
|
8
8
|
# attr_accessible :host_id, :reported_at, :status, :metrics
|
9
|
-
METRIC = %w(passed othered failed)
|
9
|
+
METRIC = %w(passed othered failed).freeze
|
10
10
|
BIT_NUM = 10
|
11
11
|
MAX = (1 << BIT_NUM) - 1
|
12
12
|
|
@@ -30,11 +30,12 @@ module ForemanOpenscap
|
|
30
30
|
scope :of_policy, lambda { |policy_id| joins(:policy_arf_report).merge(PolicyArfReport.of_policy(policy_id)) }
|
31
31
|
|
32
32
|
scope :latest, -> {
|
33
|
-
|
34
|
-
|
35
|
-
|
36
|
-
|
37
|
-
|
33
|
+
joins('INNER JOIN (SELECT host_id, policy_id, max(reports.id) AS id
|
34
|
+
FROM reports INNER JOIN foreman_openscap_policy_arf_reports
|
35
|
+
ON reports.id = foreman_openscap_policy_arf_reports.arf_report_id
|
36
|
+
GROUP BY host_id, policy_id) latest
|
37
|
+
ON reports.id = latest.id')
|
38
|
+
}
|
38
39
|
|
39
40
|
scope :latest_of_policy, lambda { |policy|
|
40
41
|
joins("INNER JOIN (SELECT host_id, policy_id, max(reports.id) AS id
|
@@ -63,12 +64,12 @@ module ForemanOpenscap
|
|
63
64
|
|
64
65
|
def status=(st)
|
65
66
|
s = case st
|
66
|
-
when Integer,
|
67
|
+
when Integer, Integer
|
67
68
|
st
|
68
69
|
when Hash
|
69
70
|
ArfReportStatusCalculator.new(:counters => st).calculate
|
70
71
|
else
|
71
|
-
|
72
|
+
raise Foreman::Exception(N_('Unsupported report status format'))
|
72
73
|
end
|
73
74
|
write_attribute(:status, s)
|
74
75
|
end
|
@@ -111,10 +112,19 @@ module ForemanOpenscap
|
|
111
112
|
if params[:logs]
|
112
113
|
params[:logs].each do |log|
|
113
114
|
src = Source.find_or_create(log[:source])
|
114
|
-
|
115
|
-
|
116
|
-
|
117
|
-
|
115
|
+
msg = nil
|
116
|
+
if src.logs.count > 0
|
117
|
+
msg = Log.where(:source_id => src.id).order(:id => :desc).first.message
|
118
|
+
update_msg_with_changes(msg, log)
|
119
|
+
else
|
120
|
+
digest = Digest::SHA1.hexdigest(log[:title])
|
121
|
+
msg = Message.create!(:value => N_(log[:title]),
|
122
|
+
:digest => digest,
|
123
|
+
:severity => log[:severity],
|
124
|
+
:description => newline_to_space(log[:description]),
|
125
|
+
:rationale => newline_to_space(log[:rationale]),
|
126
|
+
:scap_references => references_links(log[:references]))
|
127
|
+
end
|
118
128
|
#TODO: log level
|
119
129
|
Log.create!(:source_id => src.id,
|
120
130
|
:message_id => msg.id,
|
@@ -191,5 +201,17 @@ module ForemanOpenscap
|
|
191
201
|
end
|
192
202
|
html_links.join(', ')
|
193
203
|
end
|
204
|
+
|
205
|
+
def self.update_msg_with_changes(msg, incoming_data)
|
206
|
+
msg.severity = incoming_data['severity']
|
207
|
+
msg.description = incoming_data['description']
|
208
|
+
msg.rationale = incoming_data['rationale']
|
209
|
+
msg.scap_references = incoming_data['references']
|
210
|
+
msg.value = incoming_data['title']
|
211
|
+
|
212
|
+
return unless msg.changed?
|
213
|
+
msg.digest = Digest::SHA1.hexdigest(msg.value) if msg.value_changed?
|
214
|
+
msg.save
|
215
|
+
end
|
194
216
|
end
|
195
217
|
end
|
@@ -15,10 +15,10 @@ module ForemanOpenscap
|
|
15
15
|
|
16
16
|
scoped_search :on => :name, :complete_value => true
|
17
17
|
|
18
|
-
SCAP_PUPPET_CLASS = 'foreman_scap_client'
|
19
|
-
POLICIES_CLASS_PARAMETER = 'policies'
|
20
|
-
SERVER_CLASS_PARAMETER = 'server'
|
21
|
-
PORT_CLASS_PARAMETER = 'port'
|
18
|
+
SCAP_PUPPET_CLASS = 'foreman_scap_client'.freeze
|
19
|
+
POLICIES_CLASS_PARAMETER = 'policies'.freeze
|
20
|
+
SERVER_CLASS_PARAMETER = 'server'.freeze
|
21
|
+
PORT_CLASS_PARAMETER = 'port'.freeze
|
22
22
|
|
23
23
|
before_validation :update_period_attrs
|
24
24
|
|
@@ -48,7 +48,7 @@ module ForemanOpenscap
|
|
48
48
|
def to_html
|
49
49
|
if scap_content.nil? || scap_content_profile.nil?
|
50
50
|
return ("<h2>%s</h2>" % (_('Cannot generate HTML guide for %{scap_content}/%{profile}') %
|
51
|
-
{ :scap_content => self.scap_content, :profile => self.scap_content_profile })).html_safe
|
51
|
+
{ :scap_content => h(self.scap_content), :profile => h(self.scap_content_profile) })).html_safe
|
52
52
|
end
|
53
53
|
|
54
54
|
if (proxy = scap_content.proxy_url)
|
@@ -143,13 +143,15 @@ module ForemanOpenscap
|
|
143
143
|
def used_location_ids
|
144
144
|
Location.joins(:taxable_taxonomies).where(
|
145
145
|
'taxable_taxonomies.taxable_type' => 'ForemanOpenscap::Policy',
|
146
|
-
'taxable_taxonomies.taxable_id' => id
|
146
|
+
'taxable_taxonomies.taxable_id' => id
|
147
|
+
).pluck("#{Location.arel_table.name}.id")
|
147
148
|
end
|
148
149
|
|
149
150
|
def used_organization_ids
|
150
151
|
Organization.joins(:taxable_taxonomies).where(
|
151
152
|
'taxable_taxonomies.taxable_type' => 'ForemanOpenscap::Policy',
|
152
|
-
'taxable_taxonomies.taxable_id' => id
|
153
|
+
'taxable_taxonomies.taxable_id' => id
|
154
|
+
).pluck("#{Location.arel_table.name}.id")
|
153
155
|
end
|
154
156
|
|
155
157
|
def used_hostgroup_ids
|
@@ -197,18 +199,18 @@ module ForemanOpenscap
|
|
197
199
|
def update_period_attrs
|
198
200
|
case period
|
199
201
|
when 'monthly'
|
200
|
-
erase_period_attrs(
|
202
|
+
erase_period_attrs(%w(cron_line weekday))
|
201
203
|
when 'weekly'
|
202
|
-
erase_period_attrs(
|
204
|
+
erase_period_attrs(%w(cron_line day_of_month))
|
203
205
|
when 'custom'
|
204
|
-
erase_period_attrs(
|
206
|
+
erase_period_attrs(%w(weekday day_of_month))
|
205
207
|
end
|
206
208
|
end
|
207
209
|
|
208
210
|
private
|
209
211
|
|
210
212
|
def erase_period_attrs(attrs)
|
211
|
-
|
213
|
+
attrs.each { |attr| self.public_send("#{attr}=", nil) }
|
212
214
|
end
|
213
215
|
|
214
216
|
def period_enc
|
@@ -221,7 +223,7 @@ module ForemanOpenscap
|
|
221
223
|
when 'custom'
|
222
224
|
cron_line_split
|
223
225
|
else
|
224
|
-
|
226
|
+
raise 'invalid period specification'
|
225
227
|
end
|
226
228
|
|
227
229
|
{
|
@@ -239,12 +241,12 @@ module ForemanOpenscap
|
|
239
241
|
end
|
240
242
|
|
241
243
|
def ensure_needed_puppetclasses
|
242
|
-
unless puppetclass = Puppetclass.
|
244
|
+
unless puppetclass = Puppetclass.find_by(name: SCAP_PUPPET_CLASS)
|
243
245
|
errors[:base] << _("Required Puppet class %{class} is not found, please ensure it imported first.") % {:class => SCAP_PUPPET_CLASS}
|
244
246
|
return false
|
245
247
|
end
|
246
248
|
|
247
|
-
unless policies_param = puppetclass.class_params.
|
249
|
+
unless policies_param = puppetclass.class_params.find_by(key: POLICIES_CLASS_PARAMETER)
|
248
250
|
errors[:base] << _("Puppet class %{class} does not have %{parameter} class parameter.") % {:class => SCAP_PUPPET_CLASS, :parameter => POLICIES_CLASS_PARAMETER}
|
249
251
|
return false
|
250
252
|
end
|
@@ -270,13 +272,13 @@ module ForemanOpenscap
|
|
270
272
|
end
|
271
273
|
|
272
274
|
def valid_weekday
|
273
|
-
if
|
275
|
+
if period == 'weekly' && should_validate?('Schedule')
|
274
276
|
errors.add(:weekday, _("is not a valid value")) unless Date::DAYNAMES.map(&:downcase).include? weekday
|
275
277
|
end
|
276
278
|
end
|
277
279
|
|
278
280
|
def valid_day_of_month
|
279
|
-
if
|
281
|
+
if period == 'monthly' && should_validate?('Schedule')
|
280
282
|
errors.add(:day_of_month, _("must be between 1 and 31")) if !day_of_month || (day_of_month < 1 || day_of_month > 31)
|
281
283
|
end
|
282
284
|
end
|
@@ -313,7 +315,7 @@ module ForemanOpenscap
|
|
313
315
|
end
|
314
316
|
|
315
317
|
def find_scap_puppetclass
|
316
|
-
Puppetclass.
|
318
|
+
Puppetclass.find_by(name: SCAP_PUPPET_CLASS)
|
317
319
|
end
|
318
320
|
|
319
321
|
def populate_overrides(puppetclass, hostgroup)
|
@@ -21,13 +21,15 @@ module ForemanOpenscap
|
|
21
21
|
def used_location_ids
|
22
22
|
Location.joins(:taxable_taxonomies).where(
|
23
23
|
'taxable_taxonomies.taxable_type' => 'ForemanOpenscap::ScapContent',
|
24
|
-
'taxable_taxonomies.taxable_id' => id
|
24
|
+
'taxable_taxonomies.taxable_id' => id
|
25
|
+
).pluck("#{Location.arel_table.name}.id")
|
25
26
|
end
|
26
27
|
|
27
28
|
def used_organization_ids
|
28
29
|
Organization.joins(:taxable_taxonomies).where(
|
29
30
|
'taxable_taxonomies.taxable_type' => 'ForemanOpenscap::ScapContent',
|
30
|
-
'taxable_taxonomies.taxable_id' => id
|
31
|
+
'taxable_taxonomies.taxable_id' => id
|
32
|
+
).pluck("#{Location.arel_table.name}.id")
|
31
33
|
end
|
32
34
|
|
33
35
|
def to_label
|
@@ -28,7 +28,7 @@ module ForemanOpenscap
|
|
28
28
|
end
|
29
29
|
|
30
30
|
def status_of(counter)
|
31
|
-
|
31
|
+
raise(Foreman::Exception.new(N_("invalid type %s"), counter)) unless ArfReport::METRIC.include?(counter)
|
32
32
|
status[counter]
|
33
33
|
end
|
34
34
|
|
@@ -4,8 +4,8 @@ module ForemanOpenscap::HostReportDashboard
|
|
4
4
|
|
5
5
|
def initialize(policy, host)
|
6
6
|
@latest_report = ::ForemanOpenscap::ArfReport.latest_of_policy(policy)
|
7
|
-
|
8
|
-
|
7
|
+
.where(:host_id => host.id)
|
8
|
+
.order('created_at DESC').first
|
9
9
|
@report = {}
|
10
10
|
fetch_data
|
11
11
|
end
|
@@ -17,14 +17,15 @@ module ForemanOpenscap::PolicyDashboard
|
|
17
17
|
end
|
18
18
|
|
19
19
|
def fetch_data
|
20
|
+
assigned_count = Host::Managed.assigned_to_policy(@policy).count
|
20
21
|
report.update(
|
21
22
|
{:compliant_hosts => Host::Managed.comply_with(@policy).count,
|
22
23
|
:incompliant_hosts => Host::Managed.incomply_with(@policy).count,
|
23
24
|
:inconclusive_hosts => Host::Managed.inconclusive_with(@policy).count,
|
24
25
|
:report_missing => Host::Managed.policy_reports_missing(@policy).count,
|
25
|
-
:assigned_hosts =>
|
26
|
-
:unassigned_hosts => hosts.count -
|
27
|
-
|
26
|
+
:assigned_hosts => assigned_count,
|
27
|
+
:unassigned_hosts => hosts.count - assigned_count}
|
28
|
+
)
|
28
29
|
end
|
29
30
|
end
|
30
31
|
end
|
@@ -6,12 +6,12 @@ module ForemanOpenscap
|
|
6
6
|
content_type = data_type(data_stream_content)
|
7
7
|
|
8
8
|
unless SmartProxy.with_features('Openscap').any?
|
9
|
-
data_stream_content.errors.add(:base, _('No proxy with OpenSCAP
|
9
|
+
data_stream_content.errors.add(:base, _('No proxy with OpenSCAP feature was found.'))
|
10
10
|
return false
|
11
11
|
end
|
12
12
|
|
13
13
|
if data_stream_content.proxy_url.nil?
|
14
|
-
data_stream_content.errors.add(:base, _('No
|
14
|
+
data_stream_content.errors.add(:base, _('No proxy with OpenSCAP feature is running.'))
|
15
15
|
return false
|
16
16
|
end
|
17
17
|
|
@@ -1,12 +1,12 @@
|
|
1
1
|
<div id='status-table'>
|
2
2
|
<h4 class="header"><%= _('Hosts Breakdown') %></h4>
|
3
3
|
<ul>
|
4
|
-
<%= status_link _('Compliant with the policy'), :compliant_hosts, arf_reports_path(:search => "comply_with = #{@policy.name}") %>
|
5
|
-
<%= status_link _('Not compliant with the policy'), :incompliant_hosts, arf_reports_path(:search => "not_comply_with = #{@policy.name}") %>
|
6
|
-
<%= status_link _('Inconclusive results'), :inconclusive_hosts, arf_reports_path(:search => " inconclusive_with = #{@policy.name}") %>
|
7
|
-
<%= status_link _('Never audited'), :report_missing, hosts_path(:search => "compliance_report_missing_for = #{@policy.name}") %>
|
4
|
+
<%= status_link _('Compliant with the policy'), :compliant_hosts, arf_reports_path(:search => "comply_with = \"#{@policy.name}\"") %>
|
5
|
+
<%= status_link _('Not compliant with the policy'), :incompliant_hosts, arf_reports_path(:search => "not_comply_with = \"#{@policy.name}\"") %>
|
6
|
+
<%= status_link _('Inconclusive results'), :inconclusive_hosts, arf_reports_path(:search => " inconclusive_with = \"#{@policy.name}\"") %>
|
7
|
+
<%= status_link _('Never audited'), :report_missing, hosts_path(:search => "compliance_report_missing_for = \"#{@policy.name}\"") %>
|
8
8
|
<h4 class="total">
|
9
|
-
<%= link_to(_("Total hosts: %s") % @report[:assigned_hosts], hosts_path(:search => "compliance_policy = #{@policy.name}")) %>
|
9
|
+
<%= link_to(_("Total hosts: %s") % @report[:assigned_hosts], hosts_path(:search => "compliance_policy = \"#{@policy.name}\"")) %>
|
10
10
|
</h4>
|
11
11
|
</ul>
|
12
12
|
</div>
|
data/config/routes.rb
CHANGED
@@ -2,7 +2,7 @@ Rails.application.routes.draw do
|
|
2
2
|
|
3
3
|
scope '/compliance' do
|
4
4
|
|
5
|
-
resources :arf_reports, :only =>
|
5
|
+
resources :arf_reports, :only => %i(index show destroy) do
|
6
6
|
member do
|
7
7
|
get 'show_html'
|
8
8
|
get 'parse_html'
|
@@ -18,7 +18,7 @@ Rails.application.routes.draw do
|
|
18
18
|
|
19
19
|
get 'dashboard', :to => 'compliance_dashboard#index', :as => "compliance_dashboard"
|
20
20
|
|
21
|
-
resources :policies, :only =>
|
21
|
+
resources :policies, :only => %i(index new show create edit update destroy) do
|
22
22
|
member do
|
23
23
|
get 'parse', :to => 'policies#parse'
|
24
24
|
get 'dashboard', :to => 'policy_dashboard#index', :as => 'policy_dashboard'
|
@@ -62,23 +62,23 @@ Rails.application.routes.draw do
|
|
62
62
|
scope "(:apiv)", :module => :v2, :defaults => {:apiv => 'v2'},
|
63
63
|
:apiv => /v1|v2/, :constraints => ApiConstraints.new(:version => 2) do
|
64
64
|
namespace :compliance do
|
65
|
-
resources :scap_contents, :except =>
|
65
|
+
resources :scap_contents, :except => %i(new edit) do
|
66
66
|
member do
|
67
67
|
get 'xml'
|
68
68
|
end
|
69
69
|
end
|
70
|
-
resources :tailoring_files, :except =>
|
70
|
+
resources :tailoring_files, :except => %i(new edit) do
|
71
71
|
member do
|
72
72
|
get 'xml'
|
73
73
|
end
|
74
74
|
end
|
75
|
-
resources :policies, :except =>
|
75
|
+
resources :policies, :except => %i(new edit) do
|
76
76
|
member do
|
77
77
|
get 'content'
|
78
78
|
get 'tailoring'
|
79
79
|
end
|
80
80
|
end
|
81
|
-
resources :arf_reports, :only =>
|
81
|
+
resources :arf_reports, :only => %i(index show destroy) do
|
82
82
|
member do
|
83
83
|
get 'download'
|
84
84
|
get 'download_html'
|
@@ -1,6 +1,6 @@
|
|
1
1
|
class AddArfReportUniqueConstraint < ActiveRecord::Migration
|
2
2
|
def change
|
3
|
-
add_index :scaptimony_arf_reports,
|
3
|
+
add_index :scaptimony_arf_reports, %i(asset_id policy_id date digest),
|
4
4
|
:unique => true, :name => :index_scaptimony_arf_reports_unique_set
|
5
5
|
end
|
6
6
|
end
|
@@ -6,7 +6,7 @@ class CreateScaptimonyScapContentProfiles < ActiveRecord::Migration
|
|
6
6
|
t.string :title
|
7
7
|
|
8
8
|
end
|
9
|
-
add_index :scaptimony_scap_content_profiles,
|
9
|
+
add_index :scaptimony_scap_content_profiles, %i(scap_content_id profile_id),
|
10
10
|
:unique => true, :name => :index_scaptimony_scap_content_profiles_scipi
|
11
11
|
end
|
12
12
|
end
|
@@ -1,20 +1,20 @@
|
|
1
1
|
class CreateScaptimonyArfReportBreakdowns < ActiveRecord::Migration
|
2
2
|
def self.up
|
3
|
-
execute <<-SQL
|
4
|
-
CREATE VIEW scaptimony_arf_report_breakdowns AS
|
5
|
-
|
6
|
-
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
3
|
+
execute <<-SQL.strip_heredoc
|
4
|
+
CREATE VIEW scaptimony_arf_report_breakdowns AS
|
5
|
+
SELECT
|
6
|
+
arf.id as arf_report_id,
|
7
|
+
COUNT(CASE WHEN result.name IN ('pass','fixed') THEN 1 ELSE null END) as passed,
|
8
|
+
COUNT(CASE result.name WHEN 'fail' THEN 1 ELSE null END) as failed,
|
9
|
+
COUNT(CASE WHEN result.name NOT IN ('pass', 'fixed', 'fail', 'notselected', 'notapplicable') THEN 1 ELSE null END) as othered
|
10
|
+
FROM
|
11
|
+
scaptimony_arf_reports arf,
|
12
|
+
scaptimony_xccdf_rule_results rule,
|
13
|
+
scaptimony_xccdf_results result
|
14
|
+
WHERE
|
15
|
+
arf.id = rule.arf_report_id
|
16
|
+
AND rule.xccdf_result_id = result.id
|
17
|
+
GROUP BY arf.id;
|
18
18
|
SQL
|
19
19
|
end
|
20
20
|
|
@@ -1,21 +1,21 @@
|
|
1
1
|
class ReplaceArfReportBreakdownView < ActiveRecord::Migration
|
2
2
|
def self.up
|
3
3
|
execute 'DROP VIEW IF EXISTS scaptimony_arf_report_breakdowns'
|
4
|
-
execute <<-SQL
|
5
|
-
CREATE VIEW scaptimony_arf_report_breakdowns AS
|
6
|
-
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
4
|
+
execute <<-SQL.strip_heredoc
|
5
|
+
CREATE VIEW scaptimony_arf_report_breakdowns AS
|
6
|
+
SELECT
|
7
|
+
arf.id as arf_report_id,
|
8
|
+
COUNT(CASE WHEN result.name IN ('pass','fixed') THEN 1 ELSE null END) as passed,
|
9
|
+
COUNT(CASE result.name WHEN 'fail' THEN 1 ELSE null END) as failed,
|
10
|
+
COUNT(CASE WHEN result.name NOT IN ('pass', 'fixed', 'fail', 'notselected', 'notapplicable') THEN 1 ELSE null END) as othered
|
11
|
+
FROM
|
12
|
+
scaptimony_arf_reports arf
|
13
|
+
LEFT OUTER JOIN
|
14
|
+
scaptimony_xccdf_rule_results rule
|
15
|
+
ON arf.id = rule.arf_report_id
|
16
|
+
LEFT OUTER JOIN scaptimony_xccdf_results result
|
17
|
+
ON rule.xccdf_result_id = result.id
|
18
|
+
GROUP BY arf.id;
|
19
19
|
SQL
|
20
20
|
end
|
21
21
|
|
@@ -4,6 +4,6 @@ class CreateScaptimonyAssetsPolicies < ActiveRecord::Migration
|
|
4
4
|
t.references :asset, :index => true, :null => false
|
5
5
|
t.references :policy, :index => true, :null => false
|
6
6
|
end
|
7
|
-
add_index :scaptimony_assets_policies,
|
7
|
+
add_index :scaptimony_assets_policies, %i(asset_id policy_id), :unique => true
|
8
8
|
end
|
9
9
|
end
|
@@ -15,7 +15,7 @@ class AddScaptimonyScapContentDigest < ActiveRecord::Migration
|
|
15
15
|
class ScapContentHack < ActiveRecord::Base
|
16
16
|
self.table_name = 'scaptimony_scap_contents'
|
17
17
|
def digest
|
18
|
-
self[:digest] ||= Digest::SHA256.hexdigest
|
18
|
+
self[:digest] ||= Digest::SHA256.hexdigest scap_file.to_s
|
19
19
|
end
|
20
20
|
end
|
21
21
|
end
|
@@ -32,7 +32,7 @@ class MigrateFromScaptimony < ActiveRecord::Migration
|
|
32
32
|
SQL
|
33
33
|
|
34
34
|
taxonomies = TaxableTaxonomy.where(:taxable_type => ["Scaptimony::ArfReport", "Scaptimony::Policy", "Scaptimony::ScapContent"])
|
35
|
-
taxonomies.each { |t| t.taxable_type = t.taxable_type.sub(/^Scaptimony/, "ForemanOpenscap")}.map(&:save!)
|
35
|
+
taxonomies.each { |t| t.taxable_type = t.taxable_type.sub(/^Scaptimony/, "ForemanOpenscap") }.map(&:save!)
|
36
36
|
ensure
|
37
37
|
ActiveRecord::ConnectionAdapters::SchemaStatements.module_eval do
|
38
38
|
alias_method :rename_table_indexes, :old_rename_table_indexes
|
@@ -1,7 +1,7 @@
|
|
1
1
|
class RemoveDeletedPolicy < ActiveRecord::Migration
|
2
2
|
def up
|
3
3
|
ForemanOpenscap::AssetPolicy.all.collect(&:policy_id).uniq.each do |policy_id|
|
4
|
-
execute("DELETE FROM foreman_openscap_asset_policies WHERE policy_id = '#{policy_id}';") if ForemanOpenscap::Policy.
|
4
|
+
execute("DELETE FROM foreman_openscap_asset_policies WHERE policy_id = '#{policy_id}';") if ForemanOpenscap::Policy.find_by(id: policy_id).nil?
|
5
5
|
end
|
6
6
|
end
|
7
7
|
|
@@ -1,15 +1,15 @@
|
|
1
1
|
class ChangeScapWidgetNames < ActiveRecord::Migration
|
2
2
|
def up
|
3
|
-
Widget.where(:name => 'OpenSCAP Host reports widget')
|
4
|
-
|
5
|
-
Widget.where(:name => 'OpenSCAP Reports breakdown widget')
|
6
|
-
|
3
|
+
Widget.where(:name => 'OpenSCAP Host reports widget')\
|
4
|
+
.update_all(:name => 'Latest Compliance Reports')
|
5
|
+
Widget.where(:name => 'OpenSCAP Reports breakdown widget')\
|
6
|
+
.update_all(:name => 'Compliance Reports Breakdown')
|
7
7
|
end
|
8
8
|
|
9
9
|
def down
|
10
|
-
Widget.where(:name => 'Latest Compliance Reports')
|
11
|
-
|
12
|
-
Widget.where(:name => 'Compliance Reports Breakdown')
|
13
|
-
|
10
|
+
Widget.where(:name => 'Latest Compliance Reports')\
|
11
|
+
.update_all(:name => 'OpenSCAP Host reports widget')
|
12
|
+
Widget.where(:name => 'Compliance Reports Breakdown')\
|
13
|
+
.update_all(:name => 'OpenSCAP Reports breakdown widget')
|
14
14
|
end
|
15
15
|
end
|
@@ -1,11 +1,11 @@
|
|
1
1
|
class AddPermissionsToArfReport < ActiveRecord::Migration
|
2
2
|
def up
|
3
|
-
Permission.where(:name => %w(view_arf_reports destroy_arf_reports))
|
4
|
-
|
3
|
+
Permission.where(:name => %w(view_arf_reports destroy_arf_reports))
|
4
|
+
.update_all(:resource_type => 'ForemanOpenscap::ArfReport')
|
5
5
|
end
|
6
6
|
|
7
7
|
def down
|
8
|
-
Permission.where(:name => %w(view_arf_reports destroy_arf_reports))
|
9
|
-
|
8
|
+
Permission.where(:name => %w(view_arf_reports destroy_arf_reports))
|
9
|
+
.update_all(:resource_type => '')
|
10
10
|
end
|
11
11
|
end
|
@@ -3,7 +3,12 @@ if ForemanOpenscap.with_remote_execution?
|
|
3
3
|
JobTemplate.without_auditing do
|
4
4
|
Dir[File.join("#{ForemanOpenscap::Engine.root}/app/views/job_templates/**/*.erb")].each do |template|
|
5
5
|
sync = !Rails.env.test? && Setting[:remote_execution_sync_templates]
|
6
|
-
|
6
|
+
# import! was renamed to import_raw! around 1.3.1
|
7
|
+
if JobTemplate.respond_to?('import_raw!')
|
8
|
+
JobTemplate.import_raw!(File.read(template), :default => true, :locked => true, :update => sync)
|
9
|
+
else
|
10
|
+
JobTemplate.import!(File.read(template), :default => true, :locked => true, :update => sync)
|
11
|
+
end
|
7
12
|
end
|
8
13
|
end
|
9
14
|
end
|
@@ -1,2 +1,2 @@
|
|
1
1
|
f = Feature.where(:name => 'Openscap').first_or_create
|
2
|
-
|
2
|
+
raise "Unable to create proxy feature: #{format_errors f}" if f.nil? || f.errors.any?
|
@@ -45,7 +45,7 @@ module ForemanOpenscap
|
|
45
45
|
|
46
46
|
def foreman_available?
|
47
47
|
foreman_status_url = Setting[:foreman_url] + '/status'
|
48
|
-
response = JSON.parse(RestClient.get
|
48
|
+
response = JSON.parse(RestClient.get(foreman_status_url))
|
49
49
|
return true if response["status"] == "ok"
|
50
50
|
rescue *::ProxyAPI::AvailableProxy::HTTP_ERRORS
|
51
51
|
return false
|
@@ -79,4 +79,3 @@ module ForemanOpenscap
|
|
79
79
|
end
|
80
80
|
end
|
81
81
|
end
|
82
|
-
|