foreman_openscap 0.8.3 → 0.8.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/app/controllers/api/v2/compliance/arf_reports_controller.rb +15 -6
- data/app/controllers/api/v2/compliance/policies_controller.rb +4 -2
- data/app/controllers/api/v2/compliance/scap_contents_controller.rb +3 -2
- data/app/controllers/api/v2/compliance/tailoring_files_controller.rb +3 -2
- data/app/controllers/arf_reports_controller.rb +4 -4
- data/app/controllers/policies_controller.rb +6 -5
- data/app/controllers/scap_contents_controller.rb +3 -3
- data/app/helpers/arf_report_dashboard_helper.rb +1 -1
- data/app/helpers/arf_reports_helper.rb +8 -8
- data/app/helpers/compliance_dashboard_helper.rb +0 -2
- data/app/helpers/compliance_hosts_helper.rb +7 -8
- data/app/helpers/policies_helper.rb +18 -18
- data/app/helpers/policy_dashboard_helper.rb +3 -3
- data/app/lib/proxy_api/available_proxy.rb +2 -2
- data/app/lib/proxy_api/openscap.rb +1 -1
- data/app/mailers/foreman_openscap/policy_mailer.rb +0 -2
- data/app/models/concerns/foreman_openscap/compliance_status_scoped_search.rb +7 -7
- data/app/models/concerns/foreman_openscap/data_stream_content.rb +1 -1
- data/app/models/concerns/foreman_openscap/host_extensions.rb +16 -6
- data/app/models/concerns/foreman_openscap/openscap_proxy_extensions.rb +1 -1
- data/app/models/foreman_openscap/arf_report.rb +5 -5
- data/app/models/foreman_openscap/policy.rb +6 -6
- data/app/models/foreman_openscap/scap_content.rb +2 -2
- data/app/models/foreman_openscap/tailoring_file.rb +1 -1
- data/app/services/foreman_openscap/arf_report_status_calculator.rb +0 -1
- data/app/services/foreman_openscap/host_report_dashboard/data.rb +2 -3
- data/app/services/foreman_openscap/openscap_proxy_version_check.rb +0 -1
- data/app/services/foreman_openscap/policy_dashboard/data.rb +7 -6
- data/app/services/foreman_openscap/report_dashboard/data.rb +1 -0
- data/app/views/api/v2/compliance/common/_loc.json.rabl +1 -1
- data/app/views/api/v2/compliance/common/_org.json.rabl +1 -1
- data/app/views/api/v2/compliance/policies/base.json.rabl +1 -1
- data/app/views/arf_reports/_list.html.erb +1 -1
- data/app/views/arf_reports/delete_multiple.html.erb +1 -1
- data/app/views/arf_reports/welcome.html.erb +12 -0
- data/app/views/compliance_hosts/show.html.erb +3 -1
- data/app/views/policy_dashboard/_policy_reports.html.erb +1 -1
- data/app/views/scap_contents/_list.html.erb +1 -1
- data/app/views/smart_proxies/_openscap_spool.html.erb +1 -1
- data/app/views/tailoring_files/_list.html.erb +1 -1
- data/config/routes.rb +9 -11
- data/db/migrate/20141015115511_add_arf_report_unique_constraint.rb +1 -1
- data/db/migrate/20141113221054_create_scaptimony_scap_content_profiles.rb +2 -3
- data/db/migrate/20141206211151_create_scaptimony_assets_policies.rb +1 -1
- data/db/migrate/20150115155947_add_scaptimony_scap_content_digest.rb +1 -1
- data/db/migrate/20150821100137_migrate_from_scaptimony.rb +1 -1
- data/db/migrate/20150929152345_move_arf_reports_to_reports_table.rb +0 -1
- data/db/migrate/20161223153249_add_permissions_to_arf_report.rb +2 -2
- data/db/migrate/20171016125613_add_content_title_unique_constraint.foreman_openscap.rb +6 -0
- data/lib/foreman_openscap/bulk_upload.rb +1 -1
- data/lib/foreman_openscap/engine.rb +54 -56
- data/lib/foreman_openscap/version.rb +1 -1
- data/lib/tasks/foreman_openscap_tasks.rake +11 -2
- data/locale/de/foreman_openscap.po +52 -13
- data/locale/en_GB/foreman_openscap.po +52 -13
- data/locale/es/foreman_openscap.po +52 -13
- data/locale/foreman_openscap.pot +140 -90
- data/locale/fr/foreman_openscap.po +52 -13
- data/locale/gl/foreman_openscap.po +52 -13
- data/locale/it/foreman_openscap.po +52 -13
- data/locale/ja/foreman_openscap.po +52 -13
- data/locale/ko/foreman_openscap.po +52 -13
- data/locale/pt_BR/foreman_openscap.po +52 -13
- data/locale/ru/foreman_openscap.po +52 -13
- data/locale/sv_SE/foreman_openscap.po +52 -13
- data/locale/zh_CN/foreman_openscap.po +52 -13
- data/locale/zh_TW/foreman_openscap.po +52 -13
- data/test/factories/arf_report_factory.rb +1 -1
- data/test/factories/asset_factory.rb +2 -2
- data/test/factories/compliance_host_factory.rb +2 -2
- data/test/factories/compliance_log_factory.rb +1 -1
- data/test/factories/policy_arf_report_factory.rb +1 -1
- data/test/factories/policy_factory.rb +3 -3
- data/test/factories/scap_content_related.rb +2 -2
- data/test/functional/api/v2/compliance/arf_reports_controller_test.rb +28 -9
- data/test/functional/api/v2/compliance/policies_controller_test.rb +16 -16
- data/test/functional/api/v2/compliance/scap_contents_controller_test.rb +8 -9
- data/test/functional/api/v2/compliance/tailoring_files_controller_test.rb +10 -11
- data/test/functional/arf_reports_controller_test.rb +4 -4
- data/test/functional/openscap_proxies_controller_test.rb +5 -3
- data/test/functional/tailoring_files_controller_test.rb +1 -1
- data/test/test_plugin_helper.rb +7 -7
- data/test/unit/arf_report_status_calculator_test.rb +0 -1
- data/test/unit/arf_report_test.rb +50 -50
- data/test/unit/compliance_status_test.rb +13 -13
- data/test/unit/concerns/host_extensions_test.rb +38 -22
- data/test/unit/concerns/openscap_proxy_extenstions_test.rb +5 -6
- data/test/unit/message_cleaner_test.rb +7 -7
- data/test/unit/openscap_host_test.rb +13 -13
- data/test/unit/policy_mailer_test.rb +12 -12
- data/test/unit/policy_test.rb +30 -30
- data/test/unit/scap_content_test.rb +4 -4
- data/test/unit/services/report_dashboard/data_test.rb +6 -6
- data/test/unit/services/tailoring_files_proxy_check_test.rb +1 -1
- metadata +4 -2
|
@@ -26,8 +26,8 @@ module ForemanOpenscap
|
|
|
26
26
|
|
|
27
27
|
validates :name, :presence => true, :uniqueness => true, :length => { :maximum => 255 }
|
|
28
28
|
validate :ensure_needed_puppetclasses
|
|
29
|
-
validates :period, :inclusion => {:in => %w[weekly monthly custom], :message => _('is not a valid value')},
|
|
30
|
-
|
|
29
|
+
validates :period, :inclusion => { :in => %w[weekly monthly custom], :message => _('is not a valid value') },
|
|
30
|
+
:if => Proc.new { |policy| policy.should_validate?('Schedule') }
|
|
31
31
|
|
|
32
32
|
validates :scap_content_id, presence: true, if: Proc.new { |policy| policy.should_validate?('SCAP Content') }
|
|
33
33
|
validate :matching_content_profile, if: Proc.new { |policy| policy.should_validate?('SCAP Content') }
|
|
@@ -101,7 +101,7 @@ module ForemanOpenscap
|
|
|
101
101
|
base_steps = [N_('Create policy'), N_('SCAP Content'), N_('Schedule')]
|
|
102
102
|
base_steps << N_('Locations') if SETTINGS[:locations_enabled]
|
|
103
103
|
base_steps << N_('Organizations') if SETTINGS[:organizations_enabled]
|
|
104
|
-
base_steps << N_('Hostgroups') #always be last.
|
|
104
|
+
base_steps << N_('Hostgroups') # always be last.
|
|
105
105
|
end
|
|
106
106
|
|
|
107
107
|
def current_step
|
|
@@ -249,12 +249,12 @@ module ForemanOpenscap
|
|
|
249
249
|
|
|
250
250
|
def ensure_needed_puppetclasses
|
|
251
251
|
unless puppetclass = Puppetclass.find_by(name: SCAP_PUPPET_CLASS)
|
|
252
|
-
errors[:base] << _("Required Puppet class %{class} is not found, please ensure it imported first.") % {:class => SCAP_PUPPET_CLASS}
|
|
252
|
+
errors[:base] << _("Required Puppet class %{class} is not found, please ensure it imported first.") % { :class => SCAP_PUPPET_CLASS }
|
|
253
253
|
return false
|
|
254
254
|
end
|
|
255
255
|
|
|
256
256
|
unless policies_param = puppetclass.class_params.find_by(key: POLICIES_CLASS_PARAMETER)
|
|
257
|
-
errors[:base] << _("Puppet class %{class} does not have %{parameter} class parameter.") % {:class => SCAP_PUPPET_CLASS, :parameter => POLICIES_CLASS_PARAMETER}
|
|
257
|
+
errors[:base] << _("Puppet class %{class} does not have %{parameter} class parameter.") % { :class => SCAP_PUPPET_CLASS, :parameter => POLICIES_CLASS_PARAMETER }
|
|
258
258
|
return false
|
|
259
259
|
end
|
|
260
260
|
|
|
@@ -263,7 +263,7 @@ module ForemanOpenscap
|
|
|
263
263
|
policies_param.default_value = '<%= @host.policies_enc %>'
|
|
264
264
|
|
|
265
265
|
if policies_param.changed? && !policies_param.save
|
|
266
|
-
errors[:base] << _("%{parameter} class parameter for class %{class} could not be configured.") % {:class => SCAP_PUPPET_CLASS, :parameter => POLICIES_CLASS_PARAMETER}
|
|
266
|
+
errors[:base] << _("%{parameter} class parameter for class %{class} could not be configured.") % { :class => SCAP_PUPPET_CLASS, :parameter => POLICIES_CLASS_PARAMETER }
|
|
267
267
|
return false
|
|
268
268
|
end
|
|
269
269
|
end
|
|
@@ -3,12 +3,12 @@ module ForemanOpenscap
|
|
|
3
3
|
include Authorizable
|
|
4
4
|
include Taxonomix
|
|
5
5
|
include DataStreamContent
|
|
6
|
-
audited :except => [
|
|
6
|
+
audited :except => [:scap_file]
|
|
7
7
|
|
|
8
8
|
has_many :scap_content_profiles, :dependent => :destroy
|
|
9
9
|
has_many :policies
|
|
10
10
|
|
|
11
|
-
validates :title, :presence => true, :length => { :maximum => 255 }
|
|
11
|
+
validates :title, :presence => true, :length => { :maximum => 255 }, uniqueness: true
|
|
12
12
|
validates :original_filename, :length => { :maximum => 255 }
|
|
13
13
|
|
|
14
14
|
scoped_search :on => :title, :complete_value => true
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
module ForemanOpenscap::HostReportDashboard
|
|
2
2
|
class Data
|
|
3
|
-
attr_reader :report
|
|
3
|
+
attr_reader :report, :latest_report
|
|
4
4
|
|
|
5
5
|
def initialize(policy, host)
|
|
6
6
|
@latest_report = ::ForemanOpenscap::ArfReport.latest_of_policy(policy)
|
|
@@ -15,8 +15,8 @@ module ForemanOpenscap::HostReportDashboard
|
|
|
15
15
|
end
|
|
16
16
|
|
|
17
17
|
private
|
|
18
|
+
|
|
18
19
|
attr_writer :report
|
|
19
|
-
attr_accessor :latest_report
|
|
20
20
|
|
|
21
21
|
def fetch_data
|
|
22
22
|
report.update(
|
|
@@ -39,6 +39,5 @@ module ForemanOpenscap::HostReportDashboard
|
|
|
39
39
|
def report_othered
|
|
40
40
|
has_data? ? @latest_report.othered : 0
|
|
41
41
|
end
|
|
42
|
-
|
|
43
42
|
end
|
|
44
43
|
end
|
|
@@ -10,6 +10,7 @@ module ForemanOpenscap::PolicyDashboard
|
|
|
10
10
|
end
|
|
11
11
|
|
|
12
12
|
private
|
|
13
|
+
|
|
13
14
|
attr_writer :report
|
|
14
15
|
|
|
15
16
|
def hosts
|
|
@@ -19,12 +20,12 @@ module ForemanOpenscap::PolicyDashboard
|
|
|
19
20
|
def fetch_data
|
|
20
21
|
assigned_count = Host::Managed.assigned_to_policy(@policy).count
|
|
21
22
|
report.update(
|
|
22
|
-
{:compliant_hosts => Host::Managed.comply_with(@policy).count,
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
23
|
+
{ :compliant_hosts => Host::Managed.comply_with(@policy).count,
|
|
24
|
+
:incompliant_hosts => Host::Managed.incomply_with(@policy).count,
|
|
25
|
+
:inconclusive_hosts => Host::Managed.inconclusive_with(@policy).count,
|
|
26
|
+
:report_missing => Host::Managed.policy_reports_missing(@policy).count,
|
|
27
|
+
:assigned_hosts => assigned_count,
|
|
28
|
+
:unassigned_hosts => hosts.count - assigned_count }
|
|
28
29
|
)
|
|
29
30
|
end
|
|
30
31
|
end
|
|
@@ -4,4 +4,4 @@ extends "api/v2/compliance/common/org"
|
|
|
4
4
|
extends "api/v2/compliance/common/loc"
|
|
5
5
|
|
|
6
6
|
attributes :id, :name, :period, :weekday, :description, :scap_content_id, :scap_content_profile_id, :day_of_month, :cron_line,
|
|
7
|
-
|
|
7
|
+
:tailoring_file_id, :tailoring_file_profile_id
|
|
@@ -24,7 +24,7 @@
|
|
|
24
24
|
:onclick => 'hostChecked(this)' %>
|
|
25
25
|
</td>
|
|
26
26
|
<td class="elipsis"><%= name_column(arf_report.host) %></td>
|
|
27
|
-
<td><%= display_link_if_authorized(
|
|
27
|
+
<td><%= display_link_if_authorized(date_time_relative_value(arf_report.reported_at), hash_for_arf_report_path(:id => arf_report.id)) %></td>
|
|
28
28
|
<td class="ellipsis"><%= arf_report.policy.present? ? display_link_if_authorized(arf_report.policy.name, hash_for_edit_policy_path(:id => arf_report.policy.id)) : _('Deleted policy') %></th>
|
|
29
29
|
<td class="ellipsis"><%= openscap_proxy_link arf_report %></th>
|
|
30
30
|
<td><%= report_arf_column(arf_report.passed, "label-info") %></th>
|
|
@@ -25,5 +25,5 @@
|
|
|
25
25
|
|
|
26
26
|
<%= form_tag submit_delete_multiple_arf_reports_path({:arf_report_ids => params[:arf_report_ids]}) do %>
|
|
27
27
|
<span class="label label-danger"><%= _('Delete') %></span>
|
|
28
|
-
<%= _('these
|
|
28
|
+
<%= _('these Compliance reports') %>
|
|
29
29
|
<% end %>
|
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
<div class="blank-slate-pf">
|
|
2
|
+
<div class="blank-slate-pf-icon">
|
|
3
|
+
<%= icon_text("book", "", :kind => "fa") %>
|
|
4
|
+
</div>
|
|
5
|
+
<h1><%= _('Compliance Reports') %></h1>
|
|
6
|
+
<p>
|
|
7
|
+
<%= _("You don't seem to have any ARF report. ARF report is a summary of a single scan occurrence on a particular host for a given Compliance Policy.") %></br>
|
|
8
|
+
</p>
|
|
9
|
+
<div class="blank-slate-pf-main-action">
|
|
10
|
+
<%= link_to _('Documentation'), documentation_url("4.4ARFReports", :root_url => "https://www.theforeman.org/plugins/foreman_openscap/0.8/index.html#"), :rel => 'external', :class => 'btn btn-primary btn-lg' %>
|
|
11
|
+
</div>
|
|
12
|
+
</div>
|
|
@@ -8,7 +8,9 @@
|
|
|
8
8
|
<% if data.has_data? %>
|
|
9
9
|
<div class="col-md-4">
|
|
10
10
|
<div class="stats-well">
|
|
11
|
-
<h4 class="header ca"><%= _('%s latest report') % policy.name
|
|
11
|
+
<h4 class="header ca"><%= link_to_if_authorized(_('%s latest report') % policy.name,
|
|
12
|
+
hash_for_arf_report_path(:id => data.latest_report.id)
|
|
13
|
+
.merge(:auth_object => data.latest_report)) %></h4>
|
|
12
14
|
<% report = data.report %>
|
|
13
15
|
<%= host_policy_breakdown_chart(report, :class => 'statistics-pie small') %>
|
|
14
16
|
</div>
|
|
@@ -10,7 +10,7 @@
|
|
|
10
10
|
<% for arf_report in @policy.arf_reports.latest %>
|
|
11
11
|
<tr>
|
|
12
12
|
<td><%= name_column(arf_report.host) %></td>
|
|
13
|
-
<td><%=
|
|
13
|
+
<td><%= date_time_relative_value(arf_report.reported_at) %></td>
|
|
14
14
|
<td><%= report_arf_column(arf_report.passed, "label-info") %></th>
|
|
15
15
|
<td><%= report_arf_column(arf_report.failed, "label-danger") %></th>
|
|
16
16
|
<td><%= report_arf_column(arf_report.othered, "label-warning") %></th>
|
|
@@ -10,7 +10,7 @@
|
|
|
10
10
|
<td class="ellipsis"><%= content.title %></td>
|
|
11
11
|
<td class="ellipsis"><%= content.original_filename %></td>
|
|
12
12
|
<td>
|
|
13
|
-
<%=
|
|
13
|
+
<%= date_time_relative_value(content.created_at.getlocal) %>
|
|
14
14
|
</td>
|
|
15
15
|
<td>
|
|
16
16
|
<%= action_buttons(
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
<span>
|
|
2
2
|
<% if last_error && last_error.has_key?('timestamp') %>
|
|
3
3
|
<span>
|
|
4
|
-
<a href="#logs" onclick="findSpoolLogs();"><%=
|
|
4
|
+
<a href="#logs" onclick="findSpoolLogs();"><%= date_time_relative_value(Time.at(last_error["timestamp"])) %></a>
|
|
5
5
|
</span>
|
|
6
6
|
<% elsif !last_error.nil? && last_error.empty? %>
|
|
7
7
|
<span>
|
data/config/routes.rb
CHANGED
|
@@ -1,8 +1,6 @@
|
|
|
1
1
|
Rails.application.routes.draw do
|
|
2
|
-
|
|
3
2
|
scope '/compliance' do
|
|
4
|
-
|
|
5
|
-
resources :arf_reports, :only => %i(index show destroy) do
|
|
3
|
+
resources :arf_reports, :only => %i[index show destroy] do
|
|
6
4
|
member do
|
|
7
5
|
get 'show_html'
|
|
8
6
|
get 'parse_html'
|
|
@@ -18,7 +16,7 @@ Rails.application.routes.draw do
|
|
|
18
16
|
|
|
19
17
|
get 'dashboard', :to => 'compliance_dashboard#index', :as => "compliance_dashboard"
|
|
20
18
|
|
|
21
|
-
resources :policies, :only => %i
|
|
19
|
+
resources :policies, :only => %i[index new show create edit update destroy] do
|
|
22
20
|
member do
|
|
23
21
|
get 'parse', :to => 'policies#parse'
|
|
24
22
|
get 'dashboard', :to => 'policy_dashboard#index', :as => 'policy_dashboard'
|
|
@@ -59,33 +57,33 @@ Rails.application.routes.draw do
|
|
|
59
57
|
end
|
|
60
58
|
|
|
61
59
|
namespace :api do
|
|
62
|
-
scope "(:apiv)", :module => :v2, :defaults => {:apiv => 'v2'},
|
|
63
|
-
|
|
60
|
+
scope "(:apiv)", :module => :v2, :defaults => { :apiv => 'v2' },
|
|
61
|
+
:apiv => /v1|v2/, :constraints => ApiConstraints.new(:version => 2) do
|
|
64
62
|
namespace :compliance do
|
|
65
|
-
resources :scap_contents, :except => %i
|
|
63
|
+
resources :scap_contents, :except => %i[new edit] do
|
|
66
64
|
member do
|
|
67
65
|
get 'xml'
|
|
68
66
|
end
|
|
69
67
|
end
|
|
70
|
-
resources :tailoring_files, :except => %i
|
|
68
|
+
resources :tailoring_files, :except => %i[new edit] do
|
|
71
69
|
member do
|
|
72
70
|
get 'xml'
|
|
73
71
|
end
|
|
74
72
|
end
|
|
75
|
-
resources :policies, :except => %i
|
|
73
|
+
resources :policies, :except => %i[new edit] do
|
|
76
74
|
member do
|
|
77
75
|
get 'content'
|
|
78
76
|
get 'tailoring'
|
|
79
77
|
end
|
|
80
78
|
end
|
|
81
|
-
resources :arf_reports, :only => %i
|
|
79
|
+
resources :arf_reports, :only => %i[index show destroy] do
|
|
82
80
|
member do
|
|
83
81
|
get 'download'
|
|
84
82
|
get 'download_html'
|
|
85
83
|
end
|
|
86
84
|
end
|
|
87
85
|
post 'arf_reports/:cname/:policy_id/:date', \
|
|
88
|
-
|
|
86
|
+
:constraints => { :cname => /[^\/]+/ }, :to => 'arf_reports#create'
|
|
89
87
|
end
|
|
90
88
|
end
|
|
91
89
|
end
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
class AddArfReportUniqueConstraint < ActiveRecord::Migration
|
|
2
2
|
def change
|
|
3
|
-
add_index :scaptimony_arf_reports, %i
|
|
3
|
+
add_index :scaptimony_arf_reports, %i[asset_id policy_id date digest],
|
|
4
4
|
:unique => true, :name => :index_scaptimony_arf_reports_unique_set
|
|
5
5
|
end
|
|
6
6
|
end
|
|
@@ -4,9 +4,8 @@ class CreateScaptimonyScapContentProfiles < ActiveRecord::Migration
|
|
|
4
4
|
t.references :scap_content, :index => true
|
|
5
5
|
t.string :profile_id
|
|
6
6
|
t.string :title
|
|
7
|
-
|
|
8
7
|
end
|
|
9
|
-
add_index :scaptimony_scap_content_profiles, %i
|
|
10
|
-
|
|
8
|
+
add_index :scaptimony_scap_content_profiles, %i[scap_content_id profile_id],
|
|
9
|
+
:unique => true, :name => :index_scaptimony_scap_content_profiles_scipi
|
|
11
10
|
end
|
|
12
11
|
end
|
|
@@ -4,6 +4,6 @@ class CreateScaptimonyAssetsPolicies < ActiveRecord::Migration
|
|
|
4
4
|
t.references :asset, :index => true, :null => false
|
|
5
5
|
t.references :policy, :index => true, :null => false
|
|
6
6
|
end
|
|
7
|
-
add_index :scaptimony_assets_policies, %i
|
|
7
|
+
add_index :scaptimony_assets_policies, %i[asset_id policy_id], :unique => true
|
|
8
8
|
end
|
|
9
9
|
end
|
|
@@ -12,7 +12,7 @@ class AddScaptimonyScapContentDigest < ActiveRecord::Migration
|
|
|
12
12
|
end
|
|
13
13
|
end
|
|
14
14
|
|
|
15
|
-
class ScapContentHack <
|
|
15
|
+
class ScapContentHack < ApplicationRecord
|
|
16
16
|
self.table_name = 'scaptimony_scap_contents'
|
|
17
17
|
def digest
|
|
18
18
|
self[:digest] ||= Digest::SHA256.hexdigest scap_file.to_s
|
|
@@ -3,7 +3,7 @@ class MigrateFromScaptimony < ActiveRecord::Migration
|
|
|
3
3
|
ActiveRecord::ConnectionAdapters::SchemaStatements.module_eval do
|
|
4
4
|
# rename_tables renames the indexes, and their new names overflow, we cancel out the renaming of the indexes
|
|
5
5
|
alias_method :old_rename_table_indexes, :rename_table_indexes
|
|
6
|
-
def rename_table_indexes(a,b)
|
|
6
|
+
def rename_table_indexes(a, b)
|
|
7
7
|
end
|
|
8
8
|
end
|
|
9
9
|
|
|
@@ -1,11 +1,11 @@
|
|
|
1
1
|
class AddPermissionsToArfReport < ActiveRecord::Migration
|
|
2
2
|
def up
|
|
3
|
-
Permission.where(:name => %w
|
|
3
|
+
Permission.where(:name => %w[view_arf_reports destroy_arf_reports])
|
|
4
4
|
.update_all(:resource_type => 'ForemanOpenscap::ArfReport')
|
|
5
5
|
end
|
|
6
6
|
|
|
7
7
|
def down
|
|
8
|
-
Permission.where(:name => %w
|
|
8
|
+
Permission.where(:name => %w[view_arf_reports destroy_arf_reports])
|
|
9
9
|
.update_all(:resource_type => '')
|
|
10
10
|
end
|
|
11
11
|
end
|
|
@@ -50,7 +50,7 @@ module ForemanOpenscap
|
|
|
50
50
|
def extract_name_from_file(file)
|
|
51
51
|
# SCAP datastream files are in format of ssg-<OS>-ds.xml
|
|
52
52
|
# We wish to extract the <OS> and create a name of it
|
|
53
|
-
original_filename(file).gsub('ssg-','').gsub('-ds.xml', '')
|
|
53
|
+
original_filename(file).gsub('ssg-', '').gsub('-ds.xml', '')
|
|
54
54
|
end
|
|
55
55
|
|
|
56
56
|
def original_filename(file)
|
|
@@ -33,7 +33,7 @@ module ForemanOpenscap
|
|
|
33
33
|
|
|
34
34
|
initializer 'foreman_openscap.configure_assets', :group => :assets do
|
|
35
35
|
SETTINGS[:foreman_openscap] =
|
|
36
|
-
{:assets => {:precompile => assets_to_precompile}}
|
|
36
|
+
{ :assets => { :precompile => assets_to_precompile } }
|
|
37
37
|
end
|
|
38
38
|
|
|
39
39
|
initializer 'foreman_openscap.apipie' do
|
|
@@ -51,106 +51,105 @@ module ForemanOpenscap
|
|
|
51
51
|
|
|
52
52
|
# Add permissions
|
|
53
53
|
security_block :foreman_openscap do
|
|
54
|
-
permission :view_arf_reports, {:arf_reports => %i[index show parse_html show_html
|
|
55
|
-
parse_bzip auto_complete_search download_html],
|
|
56
|
-
|
|
57
|
-
|
|
54
|
+
permission :view_arf_reports, { :arf_reports => %i[index show parse_html show_html
|
|
55
|
+
parse_bzip auto_complete_search download_html],
|
|
56
|
+
'api/v2/compliance/arf_reports' => %i[index show download download_html],
|
|
57
|
+
:compliance_hosts => [:show] },
|
|
58
58
|
:resource_type => 'ForemanOpenscap::ArfReport'
|
|
59
|
-
permission :destroy_arf_reports, {:arf_reports => %i[destroy delete_multiple submit_delete_multiple],
|
|
60
|
-
|
|
59
|
+
permission :destroy_arf_reports, { :arf_reports => %i[destroy delete_multiple submit_delete_multiple],
|
|
60
|
+
'api/v2/compliance/arf_reports' => [:destroy] },
|
|
61
61
|
:resource_type => 'ForemanOpenscap::ArfReport'
|
|
62
|
-
permission :create_arf_reports, {'api/v2/compliance/arf_reports' => [:create]},
|
|
62
|
+
permission :create_arf_reports, { 'api/v2/compliance/arf_reports' => [:create] },
|
|
63
63
|
:resource_type => 'ForemanOpenscap::ArfReport'
|
|
64
64
|
|
|
65
|
-
permission :view_policies, {:policies => %i[index show parse auto_complete_search],
|
|
66
|
-
|
|
67
|
-
|
|
68
|
-
|
|
65
|
+
permission :view_policies, { :policies => %i[index show parse auto_complete_search],
|
|
66
|
+
:policy_dashboard => [:index],
|
|
67
|
+
:compliance_dashboard => [:index],
|
|
68
|
+
'api/v2/compliance/policies' => %i[index show content] },
|
|
69
69
|
:resource_type => 'ForemanOpenscap::Policy'
|
|
70
|
-
permission :edit_policies, {:policies => %i[edit update scap_content_selected],
|
|
71
|
-
|
|
70
|
+
permission :edit_policies, { :policies => %i[edit update scap_content_selected],
|
|
71
|
+
'api/v2/compliance/policies' => [:update] },
|
|
72
72
|
:resource_type => 'ForemanOpenscap::Policy'
|
|
73
|
-
permission :create_policies, {:policies => %i[new create],
|
|
74
|
-
|
|
73
|
+
permission :create_policies, { :policies => %i[new create],
|
|
74
|
+
'api/v2/compliance/policies' => [:create] },
|
|
75
75
|
:resource_type => 'ForemanOpenscap::Policy'
|
|
76
|
-
permission :destroy_policies, {:policies => [:destroy],
|
|
77
|
-
|
|
76
|
+
permission :destroy_policies, { :policies => [:destroy],
|
|
77
|
+
'api/v2/compliance/policies' => [:destroy] },
|
|
78
78
|
:resource_type => 'ForemanOpenscap::Policy'
|
|
79
|
-
permission :assign_policies, {:policies => %i[select_multiple_hosts update_multiple_hosts
|
|
80
|
-
disassociate_multiple_hosts
|
|
81
|
-
remove_policy_from_multiple_hosts]},
|
|
79
|
+
permission :assign_policies, { :policies => %i[select_multiple_hosts update_multiple_hosts
|
|
80
|
+
disassociate_multiple_hosts
|
|
81
|
+
remove_policy_from_multiple_hosts] },
|
|
82
82
|
:resource_type => 'ForemanOpenscap::Policy'
|
|
83
|
-
permission :view_scap_contents, {:scap_contents => %i[index show auto_complete_search],
|
|
84
|
-
|
|
83
|
+
permission :view_scap_contents, { :scap_contents => %i[index show auto_complete_search],
|
|
84
|
+
'api/v2/compliance/scap_contents' => %i[index show xml] },
|
|
85
85
|
:resource_type => 'ForemanOpenscap::ScapContent'
|
|
86
|
-
permission :edit_scap_contents, {:scap_contents => %i[edit update],
|
|
87
|
-
|
|
86
|
+
permission :edit_scap_contents, { :scap_contents => %i[edit update],
|
|
87
|
+
'api/v2/compliance/scap_contents' => [:update] },
|
|
88
88
|
:resource_type => 'ForemanOpenscap::ScapContent'
|
|
89
|
-
permission :create_scap_contents, {:scap_contents => %i[new create],
|
|
90
|
-
|
|
89
|
+
permission :create_scap_contents, { :scap_contents => %i[new create],
|
|
90
|
+
'api/v2/compliance/scap_contents' => [:create] },
|
|
91
91
|
:resource_type => 'ForemanOpenscap::ScapContent'
|
|
92
|
-
permission :destroy_scap_contents, {:scap_contents => [:destroy],
|
|
93
|
-
|
|
92
|
+
permission :destroy_scap_contents, { :scap_contents => [:destroy],
|
|
93
|
+
'api/v2/compliance/scap_contents' => [:destroy] },
|
|
94
94
|
:resource_type => 'ForemanOpenscap::ScapContent'
|
|
95
95
|
permission :edit_hosts, { :hosts => [:openscap_proxy_changed] }, :resource_type => "Host"
|
|
96
96
|
permission :edit_hostgroups, { :hostgroups => [:openscap_proxy_changed] }, :resource_type => "Hostgroup"
|
|
97
97
|
permission :create_tailoring_files, { :tailoring_files => %i[create new],
|
|
98
|
-
'api/v2/compliance/tailoring_files' => [:create]},
|
|
98
|
+
'api/v2/compliance/tailoring_files' => [:create] },
|
|
99
99
|
:resource_type => 'ForemanOpenscap::TailoringFile'
|
|
100
100
|
permission :view_tailoring_files, { :tailoring_files => %i[index auto_complete_search xml],
|
|
101
101
|
:policies => [:tailoring_file_selected],
|
|
102
102
|
'api/v2/compliance/tailoring_files' => %i[show xml index],
|
|
103
103
|
'api/v2/compliance/policies' => [:tailoring] },
|
|
104
|
-
|
|
104
|
+
:resource_type => 'ForemanOpenscap::TailoringFile'
|
|
105
105
|
permission :edit_tailoring_files, { :tailoring_files => %i[edit update],
|
|
106
106
|
'api/v2/compliance/tailoring_files' => [:update] },
|
|
107
|
-
|
|
107
|
+
:resource_type => 'ForemanOpenscap::TailoringFile'
|
|
108
108
|
permission :destroy_tailoring_files, { :tailoring_files => [:destroy],
|
|
109
109
|
'api/v2/compliance/tailoring_files' => [:destroy] },
|
|
110
|
-
|
|
110
|
+
:resource_type => 'ForemanOpenscap::TailoringFile'
|
|
111
111
|
permission :view_openscap_proxies, { :openscap_proxies => [:openscap_spool] },
|
|
112
|
-
|
|
112
|
+
:resource_type => 'SmartProxy'
|
|
113
113
|
end
|
|
114
114
|
|
|
115
115
|
role "Compliance viewer", %i[view_arf_reports view_policies view_scap_contents view_tailoring_files view_openscap_proxies]
|
|
116
116
|
role "Compliance manager", %i[view_arf_reports view_policies view_scap_contents
|
|
117
|
-
destroy_arf_reports edit_policies edit_scap_contents assign_policies
|
|
118
|
-
create_policies create_scap_contents destroy_policies destroy_scap_contents
|
|
119
|
-
create_tailoring_files view_tailoring_files edit_tailoring_files destroy_tailoring_files
|
|
120
|
-
view_openscap_proxies]
|
|
117
|
+
destroy_arf_reports edit_policies edit_scap_contents assign_policies
|
|
118
|
+
create_policies create_scap_contents destroy_policies destroy_scap_contents
|
|
119
|
+
create_tailoring_files view_tailoring_files edit_tailoring_files destroy_tailoring_files
|
|
120
|
+
view_openscap_proxies]
|
|
121
121
|
role "Create ARF report", [:create_arf_reports] # special as only Proxy can create
|
|
122
122
|
|
|
123
123
|
add_all_permissions_to_default_roles
|
|
124
124
|
|
|
125
|
-
#add menu entries
|
|
125
|
+
# add menu entries
|
|
126
126
|
divider :top_menu, :caption => N_('Compliance'), :parent => :hosts_menu
|
|
127
127
|
menu :top_menu, :compliance_policies, :caption => N_('Policies'),
|
|
128
|
-
|
|
129
|
-
|
|
128
|
+
:url_hash => { :controller => :policies, :action => :index },
|
|
129
|
+
:parent => :hosts_menu
|
|
130
130
|
menu :top_menu, :compliance_contents, :caption => N_('SCAP contents'),
|
|
131
|
-
|
|
132
|
-
|
|
131
|
+
:url_hash => { :controller => :scap_contents, :action => :index },
|
|
132
|
+
:parent => :hosts_menu
|
|
133
133
|
menu :top_menu, :compliance_reports, :caption => N_('Reports'),
|
|
134
|
-
|
|
135
|
-
|
|
134
|
+
:url_hash => { :controller => :arf_reports, :action => :index },
|
|
135
|
+
:parent => :hosts_menu
|
|
136
136
|
menu :top_menu, :compliance_files, :caption => N_('Tailoring Files'),
|
|
137
|
-
|
|
138
|
-
|
|
139
|
-
|
|
137
|
+
:url_hash => { :controller => :tailoring_files, :action => :index },
|
|
138
|
+
:parent => :hosts_menu
|
|
140
139
|
|
|
141
140
|
# add dashboard widget
|
|
142
141
|
widget 'compliance_host_reports_widget',
|
|
143
|
-
|
|
142
|
+
:name => N_('Latest Compliance Reports'), :sizex => 6, :sizey => 1
|
|
144
143
|
widget 'compliance_reports_breakdown_widget',
|
|
145
|
-
|
|
144
|
+
:name => N_('Compliance Reports Breakdown'), :sizex => 6, :sizey => 1
|
|
146
145
|
|
|
147
146
|
# As 'arf_report_breakdowns' is a view and does not appear in schema.rb, db:test:prepare will not create the view
|
|
148
147
|
# which will make the following tests fail.
|
|
149
148
|
tests_to_skip({ "DashboardIntegrationTest" => ["dashboard page", "dashboard link hosts that had performed modifications",
|
|
150
|
-
|
|
151
|
-
|
|
152
|
-
|
|
153
|
-
|
|
149
|
+
"dashboard link hosts in error state", "dashboard link good host reports",
|
|
150
|
+
"dashboard link hosts that had pending changes", "dashboard link out of sync hosts",
|
|
151
|
+
"dashboard link hosts with no reports", "dashboard link hosts with alerts disabled",
|
|
152
|
+
"widgets not in dashboard show up in list"] })
|
|
154
153
|
# strong params
|
|
155
154
|
parameter_filter Host::Managed, :openscap_proxy_id, :openscap_proxy
|
|
156
155
|
parameter_filter Hostgroup, :openscap_proxy_id, :openscap_proxy
|
|
@@ -167,7 +166,6 @@ view_openscap_proxies]
|
|
|
167
166
|
:description => N_('OpenSCAP Proxy to use for fetching SCAP content and uploading ARF reports'),
|
|
168
167
|
:api_description => N_('ID of OpenSCAP Proxy')
|
|
169
168
|
|
|
170
|
-
|
|
171
169
|
if ForemanOpenscap.with_remote_execution?
|
|
172
170
|
options = {
|
|
173
171
|
:description => N_("Run OpenSCAP scan"),
|
|
@@ -197,7 +195,7 @@ view_openscap_proxies]
|
|
|
197
195
|
Foreman::Gettext::Support.add_text_domain locale_domain, locale_dir
|
|
198
196
|
end
|
|
199
197
|
|
|
200
|
-
#Include concerns in this config.to_prepare block
|
|
198
|
+
# Include concerns in this config.to_prepare block
|
|
201
199
|
config.to_prepare do
|
|
202
200
|
Host::Managed.send(:include, ForemanOpenscap::OpenscapProxyExtensions)
|
|
203
201
|
Host::Managed.send(:include, ForemanOpenscap::OpenscapProxyCoreExtensions)
|