foreman_openscap 0.8.1 → 0.8.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 3c175cbcb36c5e9f9f33af7a8d19455af686eb8e
-  data.tar.gz: 6ff8c1d5190727c1128c8fc49e8f17cedadd9087
+  metadata.gz: ab3aabb6896d03f783813b7f15ce07398832a62f
+  data.tar.gz: acbe97d223373e5c632dd829cc291ff60b927387
 SHA512:
-  metadata.gz: 1d32e842e48bb9dda3c6d5ce06390d6c16bb857e506975c1643e19d3ff3282f71ea6228b5530454db98c0a31313f7d94d8971a31dd62f1a66a0330c4d4ffe6be
-  data.tar.gz: fb7925996af5ac5dd29b72554517ad716ac5343c32f2ea844b212eb5af89ca047d43a1f589325b76a157a2ef3b52ada90fd82c621e0424a64850d72969475f4c
+  metadata.gz: 74e750b1270d55d37c399adcdc2d01299d071ae87fd100115ee1f6aec2f30bd050f1fee08ae380ad6cf949f48209419627128405a367530c45a1bace3c25720a
+  data.tar.gz: 20b34c1021f6390319c5a39b3b005ad77ab283881597f7f0e286e1d669f2ba9e10eeb457b2f8f9e7c55206cec848b5f2b72f6bcbb6079d819377c7c1ceccc192

data/app/models/concerns/foreman_openscap/data_stream_content.rb

@@ -28,16 +28,23 @@ module ForemanOpenscap
       self[:digest] ||= Digest::SHA256.hexdigest(scap_file.to_s)
     end
 
+    def create_profiles
+      fetch_profiles.each do |key, title|
+        create_or_update_profile key, title
+      end
+    end
+
+    def create_or_update_profile(profile_id, title)
+      profile = ScapContentProfile.find_by(:profile_id => profile_id, "#{self.class.to_s.demodulize.underscore}_id".to_sym => id)
+      return ScapContentProfile.create(:profile_id => profile_id, :title => title, "#{self.class.to_s.demodulize.underscore}_id".to_sym => id) unless profile
+      profile.update(:title => title) unless profile.title == title
+      profile
+    end
+
     private
 
     def redigest
       self[:digest] = Digest::SHA256.hexdigest(scap_file.to_s)
     end
-
-    def create_profiles
-      fetch_profiles.each do |key, title|
-        ScapContentProfile.where(:profile_id => key, :title => title, "#{self.class.to_s.demodulize.underscore}_id".to_sym => id).first_or_create
-      end
-    end
   end
 end

data/app/models/concerns/foreman_openscap/openscap_proxy_extensions.rb

@@ -2,10 +2,6 @@ module ForemanOpenscap
   module OpenscapProxyExtensions
     extend ActiveSupport::Concern
 
-    included do
-      belongs_to :openscap_proxy, :class_name => "SmartProxy"
-    end
-
     def openscap_proxy_api
       return @openscap_api if @openscap_api
       proxy_url = openscap_proxy.url if openscap_proxy

data/app/models/foreman_openscap/arf_report.rb

@@ -17,6 +17,8 @@ module ForemanOpenscap
     has_one :asset, :through => :host, :class_name => 'ForemanOpenscap::Asset', :as => :assetable
     after_save :assign_locations_organizations
     has_one :log, :foreign_key => :report_id
+    belongs_to :openscap_proxy, :class_name => "SmartProxy"
+
 
     delegate :asset=, :to => :host
 
@@ -64,12 +66,12 @@ module ForemanOpenscap
 
     def status=(st)
       s = case st
-          when Integer, Integer
+          when Integer
             st
-          when Hash
+          when Hash, ActionController::Parameters
             ArfReportStatusCalculator.new(:counters => st).calculate
           else
-            raise Foreman::Exception(N_('Unsupported report status format'))
+            raise "Unsupported report status format #{st.class}"
           end
       write_attribute(:status, s)
     end
@@ -118,12 +120,24 @@ module ForemanOpenscap
               update_msg_with_changes(msg, log)
             else
               digest = Digest::SHA1.hexdigest(log[:title])
-              msg = Message.create!(:value => N_(log[:title]),
-                                    :digest => digest,
-                                    :severity => log[:severity],
-                                    :description => newline_to_space(log[:description]),
-                                    :rationale => newline_to_space(log[:rationale]),
-                                    :scap_references => references_links(log[:references]))
+              if (msg = Message.find_by(:digest => digest))
+                msg.attributes = {
+                  :value => N_(log[:title]),
+                  :digest => digest,
+                  :severity => log[:severity],
+                  :description => newline_to_space(log[:description]),
+                  :rationale => newline_to_space(log[:rationale]),
+                  :scap_references => references_links(log[:references])
+                }
+              else
+                msg = Message.new(:value => N_(log[:title]),
+                                  :digest => digest,
+                                  :severity => log[:severity],
+                                  :description => newline_to_space(log[:description]),
+                                  :rationale => newline_to_space(log[:rationale]),
+                                  :scap_references => references_links(log[:references]))
+              end
+              msg.save!
             end
             #TODO: log level
             Log.create!(:source_id => src.id,

data/app/models/foreman_openscap/policy.rb

@@ -1,3 +1,4 @@
+require 'rack/utils'
 module ForemanOpenscap
   class Policy < ApplicationRecord
     include Authorizable
@@ -29,7 +30,6 @@ module ForemanOpenscap
               :if => Proc.new { |policy| policy.should_validate?('Schedule') }
 
     validates :scap_content_id, presence: true, if: Proc.new { |policy| policy.should_validate?('SCAP Content') }
-    validates :scap_content_profile_id, presence: true, if: Proc.new { |policy| policy.should_validate?('SCAP Content') }
     validate :matching_content_profile, if: Proc.new { |policy| policy.should_validate?('SCAP Content') }
 
     validate :valid_cron_line, :valid_weekday, :valid_day_of_month, :valid_tailoring, :valid_tailoring_profile
@@ -47,18 +47,17 @@ module ForemanOpenscap
     end
 
     def to_html
-      if scap_content.nil? || scap_content_profile.nil?
-        return ("<h2>%s</h2>" % (_('Cannot generate HTML guide for %{scap_content}/%{profile}') %
-          { :scap_content => h(self.scap_content), :profile => h(self.scap_content_profile) })).html_safe
+      if scap_content.nil?
+        return html_error_message(_('Cannot generate HTML guide, scap content is missing.'))
       end
 
       if (proxy = scap_content.proxy_url)
         api = ProxyAPI::Openscap.new(:url => proxy)
       else
-        return ("<h2>%s</h2>" % _('No valid OpenSCAP proxy server found.')).html_safe
+        return html_error_message(_('Cannot generate HTML guide, no valid OpenSCAP proxy server found.'))
       end
 
-      api.policy_html_guide(scap_content.scap_file, scap_content_profile.profile_id)
+      api.policy_html_guide(scap_content.scap_file, scap_content_profile.try(:profile_id))
     end
 
     def hostgroup_ids
@@ -210,6 +209,13 @@ module ForemanOpenscap
 
     private
 
+    def html_error_message(message)
+      error_message = '<div class="alert alert-danger"><span class="pficon pficon-error-circle-o"></span><strong>' <<
+        message <<
+        '</strong></div>'
+      error_message.html_safe
+    end
+
     def erase_period_attrs(attrs)
       attrs.each { |attr| self.public_send("#{attr}=", nil) }
     end

data/app/views/api/v2/compliance/scap_contents/update.json.rabl

@@ -0,0 +1,3 @@
+object @scap_content
+
+extends "api/v2/compliance/scap_contents/main"

data/app/views/arf_reports/_list.html.erb

@@ -25,7 +25,7 @@
         </td>
       <td class="elipsis"><%= name_column(arf_report.host) %></td>
       <td><%= display_link_if_authorized(_("%s ago") % time_ago_in_words(arf_report.reported_at), hash_for_arf_report_path(:id => arf_report.id)) %></td>
-      <td class="ellipsis"><%= display_link_if_authorized(arf_report.policy.name, hash_for_edit_policy_path(:id => arf_report.policy.id)) %></th>
+      <td class="ellipsis"><%= arf_report.policy.present? ? display_link_if_authorized(arf_report.policy.name, hash_for_edit_policy_path(:id => arf_report.policy.id)) : _('Deleted policy') %></th>
       <td class="ellipsis"><%= openscap_proxy_link arf_report %></th>
       <td><%= report_arf_column(arf_report.passed, "label-info") %></th>
       <td><%= report_arf_column(arf_report.failed, "label-danger") %></th>

data/app/views/smart_proxies/plugins/_openscap.html.erb

@@ -5,7 +5,7 @@
 <%= show_feature_version(feature.downcase) %>
 <div class="row">
   <% msg = _("Proxy failed to send a report from spool to Foreman. This indicates a corrupted report format. Report has been moved to directory for storing corrupted files on proxy for later inspection.") %>
-  <div class="col-md-4"><%= _('Last spool error') %>&nbsp;<%= popover("", msg) %></div>
+  <div class="col-md-4"><strong><%= _('Last spool error') %></strong>&nbsp;<%= popover("", msg) %></div>
   <div class="col-md-8" data-ajax-url="<%= openscap_spool_openscap_proxy_path(:smart_proxy_id => @smart_proxy) %>">
       <%= spinner %>
   </div>

data/lib/foreman_openscap/engine.rb

@@ -156,6 +156,18 @@ view_openscap_proxies]
         parameter_filter Hostgroup, :openscap_proxy_id, :openscap_proxy
         parameter_filter Log, :result
 
+        smart_proxy_for Hostgroup, :openscap_proxy,
+                        :feature => 'Openscap',
+                        :label => N_('OpenSCAP Proxy'),
+                        :description => N_('OpenSCAP Proxy to use for fetching SCAP content and uploading ARF reports'),
+                        :api_description => N_('ID of OpenSCAP Proxy')
+        smart_proxy_for Host::Managed, :openscap_proxy,
+                        :feature => 'Openscap',
+                        :label => N_('OpenSCAP Proxy'),
+                        :description => N_('OpenSCAP Proxy to use for fetching SCAP content and uploading ARF reports'),
+                        :api_description => N_('ID of OpenSCAP Proxy')
+
+
         if ForemanOpenscap.with_remote_execution?
           options = {
             :description => N_("Run OpenSCAP scan"),

data/lib/foreman_openscap/version.rb

@@ -1,3 +1,3 @@
 module ForemanOpenscap
-  VERSION = "0.8.1".freeze
+  VERSION = "0.8.2".freeze
 end

data/test/functional/api/v2/compliance/arf_reports_controller_test.rb

@@ -3,6 +3,9 @@ require 'tmpdir'
 
 class Api::V2::Compliance::ArfReportsControllerTest < ActionController::TestCase
   setup do
+    # required for mysql where database cleaner does not cleanup things properly
+    # because of arf_create does explicit transaction commit
+    Message.delete_all
     # override validation of policy (puppetclass, lookup_key overrides)
     ForemanOpenscap::Policy.any_instance.stubs(:valid?).returns(true)
     @host = FactoryGirl.create(:compliance_host)
@@ -62,26 +65,28 @@ class Api::V2::Compliance::ArfReportsControllerTest < ActionController::TestCase
 
   test "should not duplicate messages" do
     dates = [Time.new(1984, 9, 15), Time.new(1932, 3, 27)]
-    ForemanOpenscap::Helper.stubs(:get_asset).returns(@asset)
-    2.times do |num|
-      post :create,
-           @from_json.merge(:cname => @cname,
-                            :policy_id => @policy.id,
-                            :date => dates[num].to_i),
-           set_session_user
-    end
-    assert_equal Message.where(:digest => ForemanOpenscap::ArfReport.unscoped.last.logs.first.message.digest).count, 1
-  end
+    params = @from_json.with_indifferent_access.merge(:cname => @cname,
+                                                      :policy_id => @policy.id,
+                                                      :date => dates[0].to_i)
+    assert ForemanOpenscap::ArfReport.create_arf(@asset, params)
+
 
-  test "should recognize changes in messages" do
     ForemanOpenscap::Helper.stubs(:get_asset).returns(@asset)
     post :create,
          @from_json.merge(:cname => @cname,
                           :policy_id => @policy.id,
-                          :date => Time.new(2017, 5, 6).to_i),
-          set_session_user
-    assert_response :success
+                          :date => dates[1].to_i),
+         set_session_user
+    assert_equal Message.where(:digest => ForemanOpenscap::ArfReport.unscoped.last.logs.first.message.digest).count, 1
+  end
 
+  test "should recognize changes in messages" do
+    params = @from_json.with_indifferent_access.merge(:cname => @cname,
+                                                      :policy_id => @policy.id,
+                                                      :date => Time.new(2017, 5, 6).to_i)
+    assert ForemanOpenscap::ArfReport.create_arf(@asset, params)
+
+    ForemanOpenscap::Helper.stubs(:get_asset).returns(@asset)
     changed_from_json = arf_from_json "#{ForemanOpenscap::Engine.root}/test/files/arf_report/arf_report_msg_desc_changed.json"
     post :create,
          changed_from_json.merge(:cname => @cname,
@@ -101,15 +106,12 @@ class Api::V2::Compliance::ArfReportsControllerTest < ActionController::TestCase
 
   test "should recognize change in message title/value" do
     reports_cleanup
-    ForemanOpenscap::Helper.stubs(:get_asset).returns(@asset)
-    post :create,
-         @from_json.merge(:cname => @cname,
-                          :policy_id => @policy.id,
-                          :date => Time.new(2017, 7, 6).to_i),
-          set_session_user
-
-    assert_response :success
+    params = @from_json.with_indifferent_access.merge(:cname => @cname,
+                                                      :policy_id => @policy.id,
+                                                      :date => Time.new(2017, 7, 6).to_i)
+    assert ForemanOpenscap::ArfReport.create_arf(@asset, params)
 
+    ForemanOpenscap::Helper.stubs(:get_asset).returns(@asset)
     changed_from_json = arf_from_json "#{ForemanOpenscap::Engine.root}/test/files/arf_report/arf_report_msg_value_changed.json"
     post :create,
          changed_from_json.merge(:cname => @cname,

data/test/functional/tailoring_files_controller_test.rb

@@ -22,9 +22,8 @@ class TailoringFilesControllerTest < ActionController::TestCase
   end
 
   test 'create' do
-    uploaded_file = ActionDispatch::Http::UploadedFile.new(:tempfile => @scap_file,
-                                                           :content_type => 'text/xml')
-    uploaded_file.original_filename = 'uploaded-tailoring-file.xml'
+    uploaded_file = Rack::Test::UploadedFile.new(@scap_file, 'text/xml')
+    # uploaded_file.original_filename = 'uploaded-tailoring-file.xml'
     post :create, { :tailoring_file => { :name => 'some_file', :scap_file => uploaded_file } }, set_session_user
     assert_redirected_to tailoring_files_url
   end

data/test/unit/policy_test.rb

@@ -135,13 +135,12 @@ class PolicyTest < ActiveSupport::TestCase
     assert p.errors[:scap_content_id].include?("can't be blank")
   end
 
-  test "should not create policy without SCAP content profile" do
+  test "should create a policy with default SCAP content profile (profile id is nil)" do
     p = ForemanOpenscap::Policy.new(:name => "custom_policy",
                                     :scap_content_id => @scap_content.id,
                                     :period => 'monthly',
                                     :day_of_month => '5')
-    refute p.save
-    assert p.errors[:scap_content_profile_id].include?("can't be blank")
+    assert p.save
   end
 
   test "should have correct scap profile in enc" do

data/test/unit/scap_content_test.rb

@@ -32,4 +32,19 @@ class ScapContentTest < ActiveSupport::TestCase
       assert_equal(available_proxy.url, scap_content.proxy_url)
     end
   end
+
+  test 'should update profile title when fetching profiles from proxy' do
+    scap_content = FactoryGirl.create(:scap_content)
+    scap_content.stubs(:fetch_profiles).returns({ "xccdf.test.profile" => "Changed title" })
+    scap_profile = FactoryGirl.create(:scap_content_profile, :scap_content => scap_content, :profile_id => 'xccdf.test.profile', :title => "Original title")
+    scap_content.create_profiles
+    assert_equal scap_profile.reload.title, 'Changed title'
+  end
+
+  test 'should create profile when fetching profiles from proxy' do
+    scap_content = FactoryGirl.create(:scap_content)
+    scap_content.stubs(:fetch_profiles).returns({ "xccdf.test.profile" => "My title" })
+    scap_content.create_profiles
+    assert scap_content.reload.scap_content_profiles.where(:title => 'My title').first
+  end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: foreman_openscap
 version: !ruby/object:Gem::Version
-  version: 0.8.1
+  version: 0.8.2
 platform: ruby
 authors:
 - slukasik@redhat.com
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2017-09-07 00:00:00.000000000 Z
+date: 2017-09-27 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: deface
@@ -91,8 +91,6 @@ files:
 - app/models/foreman_openscap/scap_content.rb
 - app/models/foreman_openscap/scap_content_profile.rb
 - app/models/foreman_openscap/tailoring_file.rb
-- app/overrides/hostgroups/form/select_openscap_proxy.rb
-- app/overrides/hosts/form/select_openscap_proxy.rb
 - app/overrides/hosts/overview/host_compliance_status.rb
 - app/services/foreman_openscap/arf_report_status_calculator.rb
 - app/services/foreman_openscap/host_report_dashboard/data.rb
@@ -117,6 +115,7 @@ files:
 - app/views/api/v2/compliance/scap_contents/index.json.rabl
 - app/views/api/v2/compliance/scap_contents/main.json.rabl
 - app/views/api/v2/compliance/scap_contents/show.json.rabl
+- app/views/api/v2/compliance/scap_contents/update.json.rabl
 - app/views/api/v2/compliance/tailoring_files/base.json.rabl
 - app/views/api/v2/compliance/tailoring_files/index.json.rabl
 - app/views/api/v2/compliance/tailoring_files/main.json.rabl
@@ -130,7 +129,6 @@ files:
 - app/views/arf_reports/show.html.erb
 - app/views/arf_reports/show_html.html.erb
 - app/views/compliance_hosts/_compliance_status.erb
-- app/views/compliance_hosts/_openscap_proxy.html.erb
 - app/views/compliance_hosts/show.html.erb
 - app/views/dashboard/_compliance_host_reports_widget.html.erb
 - app/views/dashboard/_compliance_reports_breakdown_widget.html.erb

data/app/overrides/hostgroups/form/select_openscap_proxy.rb

@@ -1,4 +0,0 @@
-Deface::Override.new(:virtual_path => "hostgroups/_form",
-                     :name => "choose_openscap_proxy",
-                     :insert_bottom => "#primary",
-                     :partial => "compliance_hosts/openscap_proxy")

data/app/overrides/hosts/form/select_openscap_proxy.rb

@@ -1,4 +0,0 @@
-Deface::Override.new(:virtual_path => "hosts/_form",
-                     :name => "openscap_proxy",
-                     :insert_bottom => "#primary",
-                     :partial => "compliance_hosts/openscap_proxy")

data/app/views/compliance_hosts/_openscap_proxy.html.erb

@@ -1,3 +0,0 @@
-<%= select_f f, :openscap_proxy_id, SmartProxy.with_features("Openscap"), :id, :name,
-    { :include_blank => blank_or_inherit_f(f, :openscap_proxy) },
-    { :label => _('Openscap Proxy') } %>