foreman_openscap 0.8.3 → 0.8.4
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/app/controllers/api/v2/compliance/arf_reports_controller.rb +15 -6
- data/app/controllers/api/v2/compliance/policies_controller.rb +4 -2
- data/app/controllers/api/v2/compliance/scap_contents_controller.rb +3 -2
- data/app/controllers/api/v2/compliance/tailoring_files_controller.rb +3 -2
- data/app/controllers/arf_reports_controller.rb +4 -4
- data/app/controllers/policies_controller.rb +6 -5
- data/app/controllers/scap_contents_controller.rb +3 -3
- data/app/helpers/arf_report_dashboard_helper.rb +1 -1
- data/app/helpers/arf_reports_helper.rb +8 -8
- data/app/helpers/compliance_dashboard_helper.rb +0 -2
- data/app/helpers/compliance_hosts_helper.rb +7 -8
- data/app/helpers/policies_helper.rb +18 -18
- data/app/helpers/policy_dashboard_helper.rb +3 -3
- data/app/lib/proxy_api/available_proxy.rb +2 -2
- data/app/lib/proxy_api/openscap.rb +1 -1
- data/app/mailers/foreman_openscap/policy_mailer.rb +0 -2
- data/app/models/concerns/foreman_openscap/compliance_status_scoped_search.rb +7 -7
- data/app/models/concerns/foreman_openscap/data_stream_content.rb +1 -1
- data/app/models/concerns/foreman_openscap/host_extensions.rb +16 -6
- data/app/models/concerns/foreman_openscap/openscap_proxy_extensions.rb +1 -1
- data/app/models/foreman_openscap/arf_report.rb +5 -5
- data/app/models/foreman_openscap/policy.rb +6 -6
- data/app/models/foreman_openscap/scap_content.rb +2 -2
- data/app/models/foreman_openscap/tailoring_file.rb +1 -1
- data/app/services/foreman_openscap/arf_report_status_calculator.rb +0 -1
- data/app/services/foreman_openscap/host_report_dashboard/data.rb +2 -3
- data/app/services/foreman_openscap/openscap_proxy_version_check.rb +0 -1
- data/app/services/foreman_openscap/policy_dashboard/data.rb +7 -6
- data/app/services/foreman_openscap/report_dashboard/data.rb +1 -0
- data/app/views/api/v2/compliance/common/_loc.json.rabl +1 -1
- data/app/views/api/v2/compliance/common/_org.json.rabl +1 -1
- data/app/views/api/v2/compliance/policies/base.json.rabl +1 -1
- data/app/views/arf_reports/_list.html.erb +1 -1
- data/app/views/arf_reports/delete_multiple.html.erb +1 -1
- data/app/views/arf_reports/welcome.html.erb +12 -0
- data/app/views/compliance_hosts/show.html.erb +3 -1
- data/app/views/policy_dashboard/_policy_reports.html.erb +1 -1
- data/app/views/scap_contents/_list.html.erb +1 -1
- data/app/views/smart_proxies/_openscap_spool.html.erb +1 -1
- data/app/views/tailoring_files/_list.html.erb +1 -1
- data/config/routes.rb +9 -11
- data/db/migrate/20141015115511_add_arf_report_unique_constraint.rb +1 -1
- data/db/migrate/20141113221054_create_scaptimony_scap_content_profiles.rb +2 -3
- data/db/migrate/20141206211151_create_scaptimony_assets_policies.rb +1 -1
- data/db/migrate/20150115155947_add_scaptimony_scap_content_digest.rb +1 -1
- data/db/migrate/20150821100137_migrate_from_scaptimony.rb +1 -1
- data/db/migrate/20150929152345_move_arf_reports_to_reports_table.rb +0 -1
- data/db/migrate/20161223153249_add_permissions_to_arf_report.rb +2 -2
- data/db/migrate/20171016125613_add_content_title_unique_constraint.foreman_openscap.rb +6 -0
- data/lib/foreman_openscap/bulk_upload.rb +1 -1
- data/lib/foreman_openscap/engine.rb +54 -56
- data/lib/foreman_openscap/version.rb +1 -1
- data/lib/tasks/foreman_openscap_tasks.rake +11 -2
- data/locale/de/foreman_openscap.po +52 -13
- data/locale/en_GB/foreman_openscap.po +52 -13
- data/locale/es/foreman_openscap.po +52 -13
- data/locale/foreman_openscap.pot +140 -90
- data/locale/fr/foreman_openscap.po +52 -13
- data/locale/gl/foreman_openscap.po +52 -13
- data/locale/it/foreman_openscap.po +52 -13
- data/locale/ja/foreman_openscap.po +52 -13
- data/locale/ko/foreman_openscap.po +52 -13
- data/locale/pt_BR/foreman_openscap.po +52 -13
- data/locale/ru/foreman_openscap.po +52 -13
- data/locale/sv_SE/foreman_openscap.po +52 -13
- data/locale/zh_CN/foreman_openscap.po +52 -13
- data/locale/zh_TW/foreman_openscap.po +52 -13
- data/test/factories/arf_report_factory.rb +1 -1
- data/test/factories/asset_factory.rb +2 -2
- data/test/factories/compliance_host_factory.rb +2 -2
- data/test/factories/compliance_log_factory.rb +1 -1
- data/test/factories/policy_arf_report_factory.rb +1 -1
- data/test/factories/policy_factory.rb +3 -3
- data/test/factories/scap_content_related.rb +2 -2
- data/test/functional/api/v2/compliance/arf_reports_controller_test.rb +28 -9
- data/test/functional/api/v2/compliance/policies_controller_test.rb +16 -16
- data/test/functional/api/v2/compliance/scap_contents_controller_test.rb +8 -9
- data/test/functional/api/v2/compliance/tailoring_files_controller_test.rb +10 -11
- data/test/functional/arf_reports_controller_test.rb +4 -4
- data/test/functional/openscap_proxies_controller_test.rb +5 -3
- data/test/functional/tailoring_files_controller_test.rb +1 -1
- data/test/test_plugin_helper.rb +7 -7
- data/test/unit/arf_report_status_calculator_test.rb +0 -1
- data/test/unit/arf_report_test.rb +50 -50
- data/test/unit/compliance_status_test.rb +13 -13
- data/test/unit/concerns/host_extensions_test.rb +38 -22
- data/test/unit/concerns/openscap_proxy_extenstions_test.rb +5 -6
- data/test/unit/message_cleaner_test.rb +7 -7
- data/test/unit/openscap_host_test.rb +13 -13
- data/test/unit/policy_mailer_test.rb +12 -12
- data/test/unit/policy_test.rb +30 -30
- data/test/unit/scap_content_test.rb +4 -4
- data/test/unit/services/report_dashboard/data_test.rb +6 -6
- data/test/unit/services/tailoring_files_proxy_check_test.rb +1 -1
- metadata +4 -2
|
@@ -26,8 +26,8 @@ module ForemanOpenscap
|
|
|
26
26
|
|
|
27
27
|
validates :name, :presence => true, :uniqueness => true, :length => { :maximum => 255 }
|
|
28
28
|
validate :ensure_needed_puppetclasses
|
|
29
|
-
validates :period, :inclusion => {:in => %w[weekly monthly custom], :message => _('is not a valid value')},
|
|
30
|
-
|
|
29
|
+
validates :period, :inclusion => { :in => %w[weekly monthly custom], :message => _('is not a valid value') },
|
|
30
|
+
:if => Proc.new { |policy| policy.should_validate?('Schedule') }
|
|
31
31
|
|
|
32
32
|
validates :scap_content_id, presence: true, if: Proc.new { |policy| policy.should_validate?('SCAP Content') }
|
|
33
33
|
validate :matching_content_profile, if: Proc.new { |policy| policy.should_validate?('SCAP Content') }
|
|
@@ -101,7 +101,7 @@ module ForemanOpenscap
|
|
|
101
101
|
base_steps = [N_('Create policy'), N_('SCAP Content'), N_('Schedule')]
|
|
102
102
|
base_steps << N_('Locations') if SETTINGS[:locations_enabled]
|
|
103
103
|
base_steps << N_('Organizations') if SETTINGS[:organizations_enabled]
|
|
104
|
-
base_steps << N_('Hostgroups') #always be last.
|
|
104
|
+
base_steps << N_('Hostgroups') # always be last.
|
|
105
105
|
end
|
|
106
106
|
|
|
107
107
|
def current_step
|
|
@@ -249,12 +249,12 @@ module ForemanOpenscap
|
|
|
249
249
|
|
|
250
250
|
def ensure_needed_puppetclasses
|
|
251
251
|
unless puppetclass = Puppetclass.find_by(name: SCAP_PUPPET_CLASS)
|
|
252
|
-
errors[:base] << _("Required Puppet class %{class} is not found, please ensure it imported first.") % {:class => SCAP_PUPPET_CLASS}
|
|
252
|
+
errors[:base] << _("Required Puppet class %{class} is not found, please ensure it imported first.") % { :class => SCAP_PUPPET_CLASS }
|
|
253
253
|
return false
|
|
254
254
|
end
|
|
255
255
|
|
|
256
256
|
unless policies_param = puppetclass.class_params.find_by(key: POLICIES_CLASS_PARAMETER)
|
|
257
|
-
errors[:base] << _("Puppet class %{class} does not have %{parameter} class parameter.") % {:class => SCAP_PUPPET_CLASS, :parameter => POLICIES_CLASS_PARAMETER}
|
|
257
|
+
errors[:base] << _("Puppet class %{class} does not have %{parameter} class parameter.") % { :class => SCAP_PUPPET_CLASS, :parameter => POLICIES_CLASS_PARAMETER }
|
|
258
258
|
return false
|
|
259
259
|
end
|
|
260
260
|
|
|
@@ -263,7 +263,7 @@ module ForemanOpenscap
|
|
|
263
263
|
policies_param.default_value = '<%= @host.policies_enc %>'
|
|
264
264
|
|
|
265
265
|
if policies_param.changed? && !policies_param.save
|
|
266
|
-
errors[:base] << _("%{parameter} class parameter for class %{class} could not be configured.") % {:class => SCAP_PUPPET_CLASS, :parameter => POLICIES_CLASS_PARAMETER}
|
|
266
|
+
errors[:base] << _("%{parameter} class parameter for class %{class} could not be configured.") % { :class => SCAP_PUPPET_CLASS, :parameter => POLICIES_CLASS_PARAMETER }
|
|
267
267
|
return false
|
|
268
268
|
end
|
|
269
269
|
end
|
|
@@ -3,12 +3,12 @@ module ForemanOpenscap
|
|
|
3
3
|
include Authorizable
|
|
4
4
|
include Taxonomix
|
|
5
5
|
include DataStreamContent
|
|
6
|
-
audited :except => [
|
|
6
|
+
audited :except => [:scap_file]
|
|
7
7
|
|
|
8
8
|
has_many :scap_content_profiles, :dependent => :destroy
|
|
9
9
|
has_many :policies
|
|
10
10
|
|
|
11
|
-
validates :title, :presence => true, :length => { :maximum => 255 }
|
|
11
|
+
validates :title, :presence => true, :length => { :maximum => 255 }, uniqueness: true
|
|
12
12
|
validates :original_filename, :length => { :maximum => 255 }
|
|
13
13
|
|
|
14
14
|
scoped_search :on => :title, :complete_value => true
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
module ForemanOpenscap::HostReportDashboard
|
|
2
2
|
class Data
|
|
3
|
-
attr_reader :report
|
|
3
|
+
attr_reader :report, :latest_report
|
|
4
4
|
|
|
5
5
|
def initialize(policy, host)
|
|
6
6
|
@latest_report = ::ForemanOpenscap::ArfReport.latest_of_policy(policy)
|
|
@@ -15,8 +15,8 @@ module ForemanOpenscap::HostReportDashboard
|
|
|
15
15
|
end
|
|
16
16
|
|
|
17
17
|
private
|
|
18
|
+
|
|
18
19
|
attr_writer :report
|
|
19
|
-
attr_accessor :latest_report
|
|
20
20
|
|
|
21
21
|
def fetch_data
|
|
22
22
|
report.update(
|
|
@@ -39,6 +39,5 @@ module ForemanOpenscap::HostReportDashboard
|
|
|
39
39
|
def report_othered
|
|
40
40
|
has_data? ? @latest_report.othered : 0
|
|
41
41
|
end
|
|
42
|
-
|
|
43
42
|
end
|
|
44
43
|
end
|
|
@@ -10,6 +10,7 @@ module ForemanOpenscap::PolicyDashboard
|
|
|
10
10
|
end
|
|
11
11
|
|
|
12
12
|
private
|
|
13
|
+
|
|
13
14
|
attr_writer :report
|
|
14
15
|
|
|
15
16
|
def hosts
|
|
@@ -19,12 +20,12 @@ module ForemanOpenscap::PolicyDashboard
|
|
|
19
20
|
def fetch_data
|
|
20
21
|
assigned_count = Host::Managed.assigned_to_policy(@policy).count
|
|
21
22
|
report.update(
|
|
22
|
-
{:compliant_hosts => Host::Managed.comply_with(@policy).count,
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
23
|
+
{ :compliant_hosts => Host::Managed.comply_with(@policy).count,
|
|
24
|
+
:incompliant_hosts => Host::Managed.incomply_with(@policy).count,
|
|
25
|
+
:inconclusive_hosts => Host::Managed.inconclusive_with(@policy).count,
|
|
26
|
+
:report_missing => Host::Managed.policy_reports_missing(@policy).count,
|
|
27
|
+
:assigned_hosts => assigned_count,
|
|
28
|
+
:unassigned_hosts => hosts.count - assigned_count }
|
|
28
29
|
)
|
|
29
30
|
end
|
|
30
31
|
end
|
|
@@ -4,4 +4,4 @@ extends "api/v2/compliance/common/org"
|
|
|
4
4
|
extends "api/v2/compliance/common/loc"
|
|
5
5
|
|
|
6
6
|
attributes :id, :name, :period, :weekday, :description, :scap_content_id, :scap_content_profile_id, :day_of_month, :cron_line,
|
|
7
|
-
|
|
7
|
+
:tailoring_file_id, :tailoring_file_profile_id
|
|
@@ -24,7 +24,7 @@
|
|
|
24
24
|
:onclick => 'hostChecked(this)' %>
|
|
25
25
|
</td>
|
|
26
26
|
<td class="elipsis"><%= name_column(arf_report.host) %></td>
|
|
27
|
-
<td><%= display_link_if_authorized(
|
|
27
|
+
<td><%= display_link_if_authorized(date_time_relative_value(arf_report.reported_at), hash_for_arf_report_path(:id => arf_report.id)) %></td>
|
|
28
28
|
<td class="ellipsis"><%= arf_report.policy.present? ? display_link_if_authorized(arf_report.policy.name, hash_for_edit_policy_path(:id => arf_report.policy.id)) : _('Deleted policy') %></th>
|
|
29
29
|
<td class="ellipsis"><%= openscap_proxy_link arf_report %></th>
|
|
30
30
|
<td><%= report_arf_column(arf_report.passed, "label-info") %></th>
|
|
@@ -25,5 +25,5 @@
|
|
|
25
25
|
|
|
26
26
|
<%= form_tag submit_delete_multiple_arf_reports_path({:arf_report_ids => params[:arf_report_ids]}) do %>
|
|
27
27
|
<span class="label label-danger"><%= _('Delete') %></span>
|
|
28
|
-
<%= _('these
|
|
28
|
+
<%= _('these Compliance reports') %>
|
|
29
29
|
<% end %>
|
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
<div class="blank-slate-pf">
|
|
2
|
+
<div class="blank-slate-pf-icon">
|
|
3
|
+
<%= icon_text("book", "", :kind => "fa") %>
|
|
4
|
+
</div>
|
|
5
|
+
<h1><%= _('Compliance Reports') %></h1>
|
|
6
|
+
<p>
|
|
7
|
+
<%= _("You don't seem to have any ARF report. ARF report is a summary of a single scan occurrence on a particular host for a given Compliance Policy.") %></br>
|
|
8
|
+
</p>
|
|
9
|
+
<div class="blank-slate-pf-main-action">
|
|
10
|
+
<%= link_to _('Documentation'), documentation_url("4.4ARFReports", :root_url => "https://www.theforeman.org/plugins/foreman_openscap/0.8/index.html#"), :rel => 'external', :class => 'btn btn-primary btn-lg' %>
|
|
11
|
+
</div>
|
|
12
|
+
</div>
|
|
@@ -8,7 +8,9 @@
|
|
|
8
8
|
<% if data.has_data? %>
|
|
9
9
|
<div class="col-md-4">
|
|
10
10
|
<div class="stats-well">
|
|
11
|
-
<h4 class="header ca"><%= _('%s latest report') % policy.name
|
|
11
|
+
<h4 class="header ca"><%= link_to_if_authorized(_('%s latest report') % policy.name,
|
|
12
|
+
hash_for_arf_report_path(:id => data.latest_report.id)
|
|
13
|
+
.merge(:auth_object => data.latest_report)) %></h4>
|
|
12
14
|
<% report = data.report %>
|
|
13
15
|
<%= host_policy_breakdown_chart(report, :class => 'statistics-pie small') %>
|
|
14
16
|
</div>
|
|
@@ -10,7 +10,7 @@
|
|
|
10
10
|
<% for arf_report in @policy.arf_reports.latest %>
|
|
11
11
|
<tr>
|
|
12
12
|
<td><%= name_column(arf_report.host) %></td>
|
|
13
|
-
<td><%=
|
|
13
|
+
<td><%= date_time_relative_value(arf_report.reported_at) %></td>
|
|
14
14
|
<td><%= report_arf_column(arf_report.passed, "label-info") %></th>
|
|
15
15
|
<td><%= report_arf_column(arf_report.failed, "label-danger") %></th>
|
|
16
16
|
<td><%= report_arf_column(arf_report.othered, "label-warning") %></th>
|
|
@@ -10,7 +10,7 @@
|
|
|
10
10
|
<td class="ellipsis"><%= content.title %></td>
|
|
11
11
|
<td class="ellipsis"><%= content.original_filename %></td>
|
|
12
12
|
<td>
|
|
13
|
-
<%=
|
|
13
|
+
<%= date_time_relative_value(content.created_at.getlocal) %>
|
|
14
14
|
</td>
|
|
15
15
|
<td>
|
|
16
16
|
<%= action_buttons(
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
<span>
|
|
2
2
|
<% if last_error && last_error.has_key?('timestamp') %>
|
|
3
3
|
<span>
|
|
4
|
-
<a href="#logs" onclick="findSpoolLogs();"><%=
|
|
4
|
+
<a href="#logs" onclick="findSpoolLogs();"><%= date_time_relative_value(Time.at(last_error["timestamp"])) %></a>
|
|
5
5
|
</span>
|
|
6
6
|
<% elsif !last_error.nil? && last_error.empty? %>
|
|
7
7
|
<span>
|
data/config/routes.rb
CHANGED
|
@@ -1,8 +1,6 @@
|
|
|
1
1
|
Rails.application.routes.draw do
|
|
2
|
-
|
|
3
2
|
scope '/compliance' do
|
|
4
|
-
|
|
5
|
-
resources :arf_reports, :only => %i(index show destroy) do
|
|
3
|
+
resources :arf_reports, :only => %i[index show destroy] do
|
|
6
4
|
member do
|
|
7
5
|
get 'show_html'
|
|
8
6
|
get 'parse_html'
|
|
@@ -18,7 +16,7 @@ Rails.application.routes.draw do
|
|
|
18
16
|
|
|
19
17
|
get 'dashboard', :to => 'compliance_dashboard#index', :as => "compliance_dashboard"
|
|
20
18
|
|
|
21
|
-
resources :policies, :only => %i
|
|
19
|
+
resources :policies, :only => %i[index new show create edit update destroy] do
|
|
22
20
|
member do
|
|
23
21
|
get 'parse', :to => 'policies#parse'
|
|
24
22
|
get 'dashboard', :to => 'policy_dashboard#index', :as => 'policy_dashboard'
|
|
@@ -59,33 +57,33 @@ Rails.application.routes.draw do
|
|
|
59
57
|
end
|
|
60
58
|
|
|
61
59
|
namespace :api do
|
|
62
|
-
scope "(:apiv)", :module => :v2, :defaults => {:apiv => 'v2'},
|
|
63
|
-
|
|
60
|
+
scope "(:apiv)", :module => :v2, :defaults => { :apiv => 'v2' },
|
|
61
|
+
:apiv => /v1|v2/, :constraints => ApiConstraints.new(:version => 2) do
|
|
64
62
|
namespace :compliance do
|
|
65
|
-
resources :scap_contents, :except => %i
|
|
63
|
+
resources :scap_contents, :except => %i[new edit] do
|
|
66
64
|
member do
|
|
67
65
|
get 'xml'
|
|
68
66
|
end
|
|
69
67
|
end
|
|
70
|
-
resources :tailoring_files, :except => %i
|
|
68
|
+
resources :tailoring_files, :except => %i[new edit] do
|
|
71
69
|
member do
|
|
72
70
|
get 'xml'
|
|
73
71
|
end
|
|
74
72
|
end
|
|
75
|
-
resources :policies, :except => %i
|
|
73
|
+
resources :policies, :except => %i[new edit] do
|
|
76
74
|
member do
|
|
77
75
|
get 'content'
|
|
78
76
|
get 'tailoring'
|
|
79
77
|
end
|
|
80
78
|
end
|
|
81
|
-
resources :arf_reports, :only => %i
|
|
79
|
+
resources :arf_reports, :only => %i[index show destroy] do
|
|
82
80
|
member do
|
|
83
81
|
get 'download'
|
|
84
82
|
get 'download_html'
|
|
85
83
|
end
|
|
86
84
|
end
|
|
87
85
|
post 'arf_reports/:cname/:policy_id/:date', \
|
|
88
|
-
|
|
86
|
+
:constraints => { :cname => /[^\/]+/ }, :to => 'arf_reports#create'
|
|
89
87
|
end
|
|
90
88
|
end
|
|
91
89
|
end
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
class AddArfReportUniqueConstraint < ActiveRecord::Migration
|
|
2
2
|
def change
|
|
3
|
-
add_index :scaptimony_arf_reports, %i
|
|
3
|
+
add_index :scaptimony_arf_reports, %i[asset_id policy_id date digest],
|
|
4
4
|
:unique => true, :name => :index_scaptimony_arf_reports_unique_set
|
|
5
5
|
end
|
|
6
6
|
end
|
|
@@ -4,9 +4,8 @@ class CreateScaptimonyScapContentProfiles < ActiveRecord::Migration
|
|
|
4
4
|
t.references :scap_content, :index => true
|
|
5
5
|
t.string :profile_id
|
|
6
6
|
t.string :title
|
|
7
|
-
|
|
8
7
|
end
|
|
9
|
-
add_index :scaptimony_scap_content_profiles, %i
|
|
10
|
-
|
|
8
|
+
add_index :scaptimony_scap_content_profiles, %i[scap_content_id profile_id],
|
|
9
|
+
:unique => true, :name => :index_scaptimony_scap_content_profiles_scipi
|
|
11
10
|
end
|
|
12
11
|
end
|
|
@@ -4,6 +4,6 @@ class CreateScaptimonyAssetsPolicies < ActiveRecord::Migration
|
|
|
4
4
|
t.references :asset, :index => true, :null => false
|
|
5
5
|
t.references :policy, :index => true, :null => false
|
|
6
6
|
end
|
|
7
|
-
add_index :scaptimony_assets_policies, %i
|
|
7
|
+
add_index :scaptimony_assets_policies, %i[asset_id policy_id], :unique => true
|
|
8
8
|
end
|
|
9
9
|
end
|
|
@@ -12,7 +12,7 @@ class AddScaptimonyScapContentDigest < ActiveRecord::Migration
|
|
|
12
12
|
end
|
|
13
13
|
end
|
|
14
14
|
|
|
15
|
-
class ScapContentHack <
|
|
15
|
+
class ScapContentHack < ApplicationRecord
|
|
16
16
|
self.table_name = 'scaptimony_scap_contents'
|
|
17
17
|
def digest
|
|
18
18
|
self[:digest] ||= Digest::SHA256.hexdigest scap_file.to_s
|
|
@@ -3,7 +3,7 @@ class MigrateFromScaptimony < ActiveRecord::Migration
|
|
|
3
3
|
ActiveRecord::ConnectionAdapters::SchemaStatements.module_eval do
|
|
4
4
|
# rename_tables renames the indexes, and their new names overflow, we cancel out the renaming of the indexes
|
|
5
5
|
alias_method :old_rename_table_indexes, :rename_table_indexes
|
|
6
|
-
def rename_table_indexes(a,b)
|
|
6
|
+
def rename_table_indexes(a, b)
|
|
7
7
|
end
|
|
8
8
|
end
|
|
9
9
|
|
|
@@ -1,11 +1,11 @@
|
|
|
1
1
|
class AddPermissionsToArfReport < ActiveRecord::Migration
|
|
2
2
|
def up
|
|
3
|
-
Permission.where(:name => %w
|
|
3
|
+
Permission.where(:name => %w[view_arf_reports destroy_arf_reports])
|
|
4
4
|
.update_all(:resource_type => 'ForemanOpenscap::ArfReport')
|
|
5
5
|
end
|
|
6
6
|
|
|
7
7
|
def down
|
|
8
|
-
Permission.where(:name => %w
|
|
8
|
+
Permission.where(:name => %w[view_arf_reports destroy_arf_reports])
|
|
9
9
|
.update_all(:resource_type => '')
|
|
10
10
|
end
|
|
11
11
|
end
|
|
@@ -50,7 +50,7 @@ module ForemanOpenscap
|
|
|
50
50
|
def extract_name_from_file(file)
|
|
51
51
|
# SCAP datastream files are in format of ssg-<OS>-ds.xml
|
|
52
52
|
# We wish to extract the <OS> and create a name of it
|
|
53
|
-
original_filename(file).gsub('ssg-','').gsub('-ds.xml', '')
|
|
53
|
+
original_filename(file).gsub('ssg-', '').gsub('-ds.xml', '')
|
|
54
54
|
end
|
|
55
55
|
|
|
56
56
|
def original_filename(file)
|
|
@@ -33,7 +33,7 @@ module ForemanOpenscap
|
|
|
33
33
|
|
|
34
34
|
initializer 'foreman_openscap.configure_assets', :group => :assets do
|
|
35
35
|
SETTINGS[:foreman_openscap] =
|
|
36
|
-
{:assets => {:precompile => assets_to_precompile}}
|
|
36
|
+
{ :assets => { :precompile => assets_to_precompile } }
|
|
37
37
|
end
|
|
38
38
|
|
|
39
39
|
initializer 'foreman_openscap.apipie' do
|
|
@@ -51,106 +51,105 @@ module ForemanOpenscap
|
|
|
51
51
|
|
|
52
52
|
# Add permissions
|
|
53
53
|
security_block :foreman_openscap do
|
|
54
|
-
permission :view_arf_reports, {:arf_reports => %i[index show parse_html show_html
|
|
55
|
-
parse_bzip auto_complete_search download_html],
|
|
56
|
-
|
|
57
|
-
|
|
54
|
+
permission :view_arf_reports, { :arf_reports => %i[index show parse_html show_html
|
|
55
|
+
parse_bzip auto_complete_search download_html],
|
|
56
|
+
'api/v2/compliance/arf_reports' => %i[index show download download_html],
|
|
57
|
+
:compliance_hosts => [:show] },
|
|
58
58
|
:resource_type => 'ForemanOpenscap::ArfReport'
|
|
59
|
-
permission :destroy_arf_reports, {:arf_reports => %i[destroy delete_multiple submit_delete_multiple],
|
|
60
|
-
|
|
59
|
+
permission :destroy_arf_reports, { :arf_reports => %i[destroy delete_multiple submit_delete_multiple],
|
|
60
|
+
'api/v2/compliance/arf_reports' => [:destroy] },
|
|
61
61
|
:resource_type => 'ForemanOpenscap::ArfReport'
|
|
62
|
-
permission :create_arf_reports, {'api/v2/compliance/arf_reports' => [:create]},
|
|
62
|
+
permission :create_arf_reports, { 'api/v2/compliance/arf_reports' => [:create] },
|
|
63
63
|
:resource_type => 'ForemanOpenscap::ArfReport'
|
|
64
64
|
|
|
65
|
-
permission :view_policies, {:policies => %i[index show parse auto_complete_search],
|
|
66
|
-
|
|
67
|
-
|
|
68
|
-
|
|
65
|
+
permission :view_policies, { :policies => %i[index show parse auto_complete_search],
|
|
66
|
+
:policy_dashboard => [:index],
|
|
67
|
+
:compliance_dashboard => [:index],
|
|
68
|
+
'api/v2/compliance/policies' => %i[index show content] },
|
|
69
69
|
:resource_type => 'ForemanOpenscap::Policy'
|
|
70
|
-
permission :edit_policies, {:policies => %i[edit update scap_content_selected],
|
|
71
|
-
|
|
70
|
+
permission :edit_policies, { :policies => %i[edit update scap_content_selected],
|
|
71
|
+
'api/v2/compliance/policies' => [:update] },
|
|
72
72
|
:resource_type => 'ForemanOpenscap::Policy'
|
|
73
|
-
permission :create_policies, {:policies => %i[new create],
|
|
74
|
-
|
|
73
|
+
permission :create_policies, { :policies => %i[new create],
|
|
74
|
+
'api/v2/compliance/policies' => [:create] },
|
|
75
75
|
:resource_type => 'ForemanOpenscap::Policy'
|
|
76
|
-
permission :destroy_policies, {:policies => [:destroy],
|
|
77
|
-
|
|
76
|
+
permission :destroy_policies, { :policies => [:destroy],
|
|
77
|
+
'api/v2/compliance/policies' => [:destroy] },
|
|
78
78
|
:resource_type => 'ForemanOpenscap::Policy'
|
|
79
|
-
permission :assign_policies, {:policies => %i[select_multiple_hosts update_multiple_hosts
|
|
80
|
-
disassociate_multiple_hosts
|
|
81
|
-
remove_policy_from_multiple_hosts]},
|
|
79
|
+
permission :assign_policies, { :policies => %i[select_multiple_hosts update_multiple_hosts
|
|
80
|
+
disassociate_multiple_hosts
|
|
81
|
+
remove_policy_from_multiple_hosts] },
|
|
82
82
|
:resource_type => 'ForemanOpenscap::Policy'
|
|
83
|
-
permission :view_scap_contents, {:scap_contents => %i[index show auto_complete_search],
|
|
84
|
-
|
|
83
|
+
permission :view_scap_contents, { :scap_contents => %i[index show auto_complete_search],
|
|
84
|
+
'api/v2/compliance/scap_contents' => %i[index show xml] },
|
|
85
85
|
:resource_type => 'ForemanOpenscap::ScapContent'
|
|
86
|
-
permission :edit_scap_contents, {:scap_contents => %i[edit update],
|
|
87
|
-
|
|
86
|
+
permission :edit_scap_contents, { :scap_contents => %i[edit update],
|
|
87
|
+
'api/v2/compliance/scap_contents' => [:update] },
|
|
88
88
|
:resource_type => 'ForemanOpenscap::ScapContent'
|
|
89
|
-
permission :create_scap_contents, {:scap_contents => %i[new create],
|
|
90
|
-
|
|
89
|
+
permission :create_scap_contents, { :scap_contents => %i[new create],
|
|
90
|
+
'api/v2/compliance/scap_contents' => [:create] },
|
|
91
91
|
:resource_type => 'ForemanOpenscap::ScapContent'
|
|
92
|
-
permission :destroy_scap_contents, {:scap_contents => [:destroy],
|
|
93
|
-
|
|
92
|
+
permission :destroy_scap_contents, { :scap_contents => [:destroy],
|
|
93
|
+
'api/v2/compliance/scap_contents' => [:destroy] },
|
|
94
94
|
:resource_type => 'ForemanOpenscap::ScapContent'
|
|
95
95
|
permission :edit_hosts, { :hosts => [:openscap_proxy_changed] }, :resource_type => "Host"
|
|
96
96
|
permission :edit_hostgroups, { :hostgroups => [:openscap_proxy_changed] }, :resource_type => "Hostgroup"
|
|
97
97
|
permission :create_tailoring_files, { :tailoring_files => %i[create new],
|
|
98
|
-
'api/v2/compliance/tailoring_files' => [:create]},
|
|
98
|
+
'api/v2/compliance/tailoring_files' => [:create] },
|
|
99
99
|
:resource_type => 'ForemanOpenscap::TailoringFile'
|
|
100
100
|
permission :view_tailoring_files, { :tailoring_files => %i[index auto_complete_search xml],
|
|
101
101
|
:policies => [:tailoring_file_selected],
|
|
102
102
|
'api/v2/compliance/tailoring_files' => %i[show xml index],
|
|
103
103
|
'api/v2/compliance/policies' => [:tailoring] },
|
|
104
|
-
|
|
104
|
+
:resource_type => 'ForemanOpenscap::TailoringFile'
|
|
105
105
|
permission :edit_tailoring_files, { :tailoring_files => %i[edit update],
|
|
106
106
|
'api/v2/compliance/tailoring_files' => [:update] },
|
|
107
|
-
|
|
107
|
+
:resource_type => 'ForemanOpenscap::TailoringFile'
|
|
108
108
|
permission :destroy_tailoring_files, { :tailoring_files => [:destroy],
|
|
109
109
|
'api/v2/compliance/tailoring_files' => [:destroy] },
|
|
110
|
-
|
|
110
|
+
:resource_type => 'ForemanOpenscap::TailoringFile'
|
|
111
111
|
permission :view_openscap_proxies, { :openscap_proxies => [:openscap_spool] },
|
|
112
|
-
|
|
112
|
+
:resource_type => 'SmartProxy'
|
|
113
113
|
end
|
|
114
114
|
|
|
115
115
|
role "Compliance viewer", %i[view_arf_reports view_policies view_scap_contents view_tailoring_files view_openscap_proxies]
|
|
116
116
|
role "Compliance manager", %i[view_arf_reports view_policies view_scap_contents
|
|
117
|
-
destroy_arf_reports edit_policies edit_scap_contents assign_policies
|
|
118
|
-
create_policies create_scap_contents destroy_policies destroy_scap_contents
|
|
119
|
-
create_tailoring_files view_tailoring_files edit_tailoring_files destroy_tailoring_files
|
|
120
|
-
view_openscap_proxies]
|
|
117
|
+
destroy_arf_reports edit_policies edit_scap_contents assign_policies
|
|
118
|
+
create_policies create_scap_contents destroy_policies destroy_scap_contents
|
|
119
|
+
create_tailoring_files view_tailoring_files edit_tailoring_files destroy_tailoring_files
|
|
120
|
+
view_openscap_proxies]
|
|
121
121
|
role "Create ARF report", [:create_arf_reports] # special as only Proxy can create
|
|
122
122
|
|
|
123
123
|
add_all_permissions_to_default_roles
|
|
124
124
|
|
|
125
|
-
#add menu entries
|
|
125
|
+
# add menu entries
|
|
126
126
|
divider :top_menu, :caption => N_('Compliance'), :parent => :hosts_menu
|
|
127
127
|
menu :top_menu, :compliance_policies, :caption => N_('Policies'),
|
|
128
|
-
|
|
129
|
-
|
|
128
|
+
:url_hash => { :controller => :policies, :action => :index },
|
|
129
|
+
:parent => :hosts_menu
|
|
130
130
|
menu :top_menu, :compliance_contents, :caption => N_('SCAP contents'),
|
|
131
|
-
|
|
132
|
-
|
|
131
|
+
:url_hash => { :controller => :scap_contents, :action => :index },
|
|
132
|
+
:parent => :hosts_menu
|
|
133
133
|
menu :top_menu, :compliance_reports, :caption => N_('Reports'),
|
|
134
|
-
|
|
135
|
-
|
|
134
|
+
:url_hash => { :controller => :arf_reports, :action => :index },
|
|
135
|
+
:parent => :hosts_menu
|
|
136
136
|
menu :top_menu, :compliance_files, :caption => N_('Tailoring Files'),
|
|
137
|
-
|
|
138
|
-
|
|
139
|
-
|
|
137
|
+
:url_hash => { :controller => :tailoring_files, :action => :index },
|
|
138
|
+
:parent => :hosts_menu
|
|
140
139
|
|
|
141
140
|
# add dashboard widget
|
|
142
141
|
widget 'compliance_host_reports_widget',
|
|
143
|
-
|
|
142
|
+
:name => N_('Latest Compliance Reports'), :sizex => 6, :sizey => 1
|
|
144
143
|
widget 'compliance_reports_breakdown_widget',
|
|
145
|
-
|
|
144
|
+
:name => N_('Compliance Reports Breakdown'), :sizex => 6, :sizey => 1
|
|
146
145
|
|
|
147
146
|
# As 'arf_report_breakdowns' is a view and does not appear in schema.rb, db:test:prepare will not create the view
|
|
148
147
|
# which will make the following tests fail.
|
|
149
148
|
tests_to_skip({ "DashboardIntegrationTest" => ["dashboard page", "dashboard link hosts that had performed modifications",
|
|
150
|
-
|
|
151
|
-
|
|
152
|
-
|
|
153
|
-
|
|
149
|
+
"dashboard link hosts in error state", "dashboard link good host reports",
|
|
150
|
+
"dashboard link hosts that had pending changes", "dashboard link out of sync hosts",
|
|
151
|
+
"dashboard link hosts with no reports", "dashboard link hosts with alerts disabled",
|
|
152
|
+
"widgets not in dashboard show up in list"] })
|
|
154
153
|
# strong params
|
|
155
154
|
parameter_filter Host::Managed, :openscap_proxy_id, :openscap_proxy
|
|
156
155
|
parameter_filter Hostgroup, :openscap_proxy_id, :openscap_proxy
|
|
@@ -167,7 +166,6 @@ view_openscap_proxies]
|
|
|
167
166
|
:description => N_('OpenSCAP Proxy to use for fetching SCAP content and uploading ARF reports'),
|
|
168
167
|
:api_description => N_('ID of OpenSCAP Proxy')
|
|
169
168
|
|
|
170
|
-
|
|
171
169
|
if ForemanOpenscap.with_remote_execution?
|
|
172
170
|
options = {
|
|
173
171
|
:description => N_("Run OpenSCAP scan"),
|
|
@@ -197,7 +195,7 @@ view_openscap_proxies]
|
|
|
197
195
|
Foreman::Gettext::Support.add_text_domain locale_domain, locale_dir
|
|
198
196
|
end
|
|
199
197
|
|
|
200
|
-
#Include concerns in this config.to_prepare block
|
|
198
|
+
# Include concerns in this config.to_prepare block
|
|
201
199
|
config.to_prepare do
|
|
202
200
|
Host::Managed.send(:include, ForemanOpenscap::OpenscapProxyExtensions)
|
|
203
201
|
Host::Managed.send(:include, ForemanOpenscap::OpenscapProxyCoreExtensions)
|