foreman_openscap 0.8.3 → 0.8.4
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/app/controllers/api/v2/compliance/arf_reports_controller.rb +15 -6
- data/app/controllers/api/v2/compliance/policies_controller.rb +4 -2
- data/app/controllers/api/v2/compliance/scap_contents_controller.rb +3 -2
- data/app/controllers/api/v2/compliance/tailoring_files_controller.rb +3 -2
- data/app/controllers/arf_reports_controller.rb +4 -4
- data/app/controllers/policies_controller.rb +6 -5
- data/app/controllers/scap_contents_controller.rb +3 -3
- data/app/helpers/arf_report_dashboard_helper.rb +1 -1
- data/app/helpers/arf_reports_helper.rb +8 -8
- data/app/helpers/compliance_dashboard_helper.rb +0 -2
- data/app/helpers/compliance_hosts_helper.rb +7 -8
- data/app/helpers/policies_helper.rb +18 -18
- data/app/helpers/policy_dashboard_helper.rb +3 -3
- data/app/lib/proxy_api/available_proxy.rb +2 -2
- data/app/lib/proxy_api/openscap.rb +1 -1
- data/app/mailers/foreman_openscap/policy_mailer.rb +0 -2
- data/app/models/concerns/foreman_openscap/compliance_status_scoped_search.rb +7 -7
- data/app/models/concerns/foreman_openscap/data_stream_content.rb +1 -1
- data/app/models/concerns/foreman_openscap/host_extensions.rb +16 -6
- data/app/models/concerns/foreman_openscap/openscap_proxy_extensions.rb +1 -1
- data/app/models/foreman_openscap/arf_report.rb +5 -5
- data/app/models/foreman_openscap/policy.rb +6 -6
- data/app/models/foreman_openscap/scap_content.rb +2 -2
- data/app/models/foreman_openscap/tailoring_file.rb +1 -1
- data/app/services/foreman_openscap/arf_report_status_calculator.rb +0 -1
- data/app/services/foreman_openscap/host_report_dashboard/data.rb +2 -3
- data/app/services/foreman_openscap/openscap_proxy_version_check.rb +0 -1
- data/app/services/foreman_openscap/policy_dashboard/data.rb +7 -6
- data/app/services/foreman_openscap/report_dashboard/data.rb +1 -0
- data/app/views/api/v2/compliance/common/_loc.json.rabl +1 -1
- data/app/views/api/v2/compliance/common/_org.json.rabl +1 -1
- data/app/views/api/v2/compliance/policies/base.json.rabl +1 -1
- data/app/views/arf_reports/_list.html.erb +1 -1
- data/app/views/arf_reports/delete_multiple.html.erb +1 -1
- data/app/views/arf_reports/welcome.html.erb +12 -0
- data/app/views/compliance_hosts/show.html.erb +3 -1
- data/app/views/policy_dashboard/_policy_reports.html.erb +1 -1
- data/app/views/scap_contents/_list.html.erb +1 -1
- data/app/views/smart_proxies/_openscap_spool.html.erb +1 -1
- data/app/views/tailoring_files/_list.html.erb +1 -1
- data/config/routes.rb +9 -11
- data/db/migrate/20141015115511_add_arf_report_unique_constraint.rb +1 -1
- data/db/migrate/20141113221054_create_scaptimony_scap_content_profiles.rb +2 -3
- data/db/migrate/20141206211151_create_scaptimony_assets_policies.rb +1 -1
- data/db/migrate/20150115155947_add_scaptimony_scap_content_digest.rb +1 -1
- data/db/migrate/20150821100137_migrate_from_scaptimony.rb +1 -1
- data/db/migrate/20150929152345_move_arf_reports_to_reports_table.rb +0 -1
- data/db/migrate/20161223153249_add_permissions_to_arf_report.rb +2 -2
- data/db/migrate/20171016125613_add_content_title_unique_constraint.foreman_openscap.rb +6 -0
- data/lib/foreman_openscap/bulk_upload.rb +1 -1
- data/lib/foreman_openscap/engine.rb +54 -56
- data/lib/foreman_openscap/version.rb +1 -1
- data/lib/tasks/foreman_openscap_tasks.rake +11 -2
- data/locale/de/foreman_openscap.po +52 -13
- data/locale/en_GB/foreman_openscap.po +52 -13
- data/locale/es/foreman_openscap.po +52 -13
- data/locale/foreman_openscap.pot +140 -90
- data/locale/fr/foreman_openscap.po +52 -13
- data/locale/gl/foreman_openscap.po +52 -13
- data/locale/it/foreman_openscap.po +52 -13
- data/locale/ja/foreman_openscap.po +52 -13
- data/locale/ko/foreman_openscap.po +52 -13
- data/locale/pt_BR/foreman_openscap.po +52 -13
- data/locale/ru/foreman_openscap.po +52 -13
- data/locale/sv_SE/foreman_openscap.po +52 -13
- data/locale/zh_CN/foreman_openscap.po +52 -13
- data/locale/zh_TW/foreman_openscap.po +52 -13
- data/test/factories/arf_report_factory.rb +1 -1
- data/test/factories/asset_factory.rb +2 -2
- data/test/factories/compliance_host_factory.rb +2 -2
- data/test/factories/compliance_log_factory.rb +1 -1
- data/test/factories/policy_arf_report_factory.rb +1 -1
- data/test/factories/policy_factory.rb +3 -3
- data/test/factories/scap_content_related.rb +2 -2
- data/test/functional/api/v2/compliance/arf_reports_controller_test.rb +28 -9
- data/test/functional/api/v2/compliance/policies_controller_test.rb +16 -16
- data/test/functional/api/v2/compliance/scap_contents_controller_test.rb +8 -9
- data/test/functional/api/v2/compliance/tailoring_files_controller_test.rb +10 -11
- data/test/functional/arf_reports_controller_test.rb +4 -4
- data/test/functional/openscap_proxies_controller_test.rb +5 -3
- data/test/functional/tailoring_files_controller_test.rb +1 -1
- data/test/test_plugin_helper.rb +7 -7
- data/test/unit/arf_report_status_calculator_test.rb +0 -1
- data/test/unit/arf_report_test.rb +50 -50
- data/test/unit/compliance_status_test.rb +13 -13
- data/test/unit/concerns/host_extensions_test.rb +38 -22
- data/test/unit/concerns/openscap_proxy_extenstions_test.rb +5 -6
- data/test/unit/message_cleaner_test.rb +7 -7
- data/test/unit/openscap_host_test.rb +13 -13
- data/test/unit/policy_mailer_test.rb +12 -12
- data/test/unit/policy_test.rb +30 -30
- data/test/unit/scap_content_test.rb +4 -4
- data/test/unit/services/report_dashboard/data_test.rb +6 -6
- data/test/unit/services/tailoring_files_proxy_check_test.rb +1 -1
- metadata +4 -2
|
@@ -1,7 +1,6 @@
|
|
|
1
1
|
require 'test_helper'
|
|
2
2
|
|
|
3
3
|
class ArfReportStatusCalculatorTest < ActiveSupport::TestCase
|
|
4
|
-
|
|
5
4
|
test 'it should save metrics as bits' do
|
|
6
5
|
calc = ForemanOpenscap::ArfReportStatusCalculator.new(:counters => { 'passed' => 25, 'othered' => 1024, 'failed' => 10 })
|
|
7
6
|
assert_equal 25, calc.status['passed']
|
|
@@ -6,85 +6,85 @@ module ForemanOpenscap
|
|
|
6
6
|
disable_orchestration
|
|
7
7
|
User.current = users :admin
|
|
8
8
|
ForemanOpenscap::Policy.any_instance.stubs(:ensure_needed_puppetclasses).returns(true)
|
|
9
|
-
@policy =
|
|
10
|
-
@asset =
|
|
11
|
-
@host =
|
|
12
|
-
@failed_source =
|
|
13
|
-
@passed_source =
|
|
14
|
-
@log_1 =
|
|
15
|
-
@log_2 =
|
|
16
|
-
@log_3 =
|
|
17
|
-
@status = {:passed => 5, :failed => 1, :othered => 7}.with_indifferent_access
|
|
9
|
+
@policy = FactoryBot.create(:policy)
|
|
10
|
+
@asset = FactoryBot.create(:asset)
|
|
11
|
+
@host = FactoryBot.create(:compliance_host)
|
|
12
|
+
@failed_source = FactoryBot.create(:source)
|
|
13
|
+
@passed_source = FactoryBot.create(:source)
|
|
14
|
+
@log_1 = FactoryBot.create(:compliance_log, :result => "pass", :source => @passed_source)
|
|
15
|
+
@log_2 = FactoryBot.create(:compliance_log, :result => "fail", :source => @failed_source)
|
|
16
|
+
@log_3 = FactoryBot.create(:compliance_log, :result => "pass", :source => @passed_source)
|
|
17
|
+
@status = { :passed => 5, :failed => 1, :othered => 7 }.with_indifferent_access
|
|
18
18
|
end
|
|
19
19
|
|
|
20
20
|
test 'equal? should return true when there is no change in report results' do
|
|
21
|
-
log_4 =
|
|
22
|
-
report_1 =
|
|
23
|
-
report_2 =
|
|
21
|
+
log_4 = FactoryBot.create(:compliance_log, :result => "fail", :source => @failed_source)
|
|
22
|
+
report_1 = FactoryBot.create(:arf_report, :policy => @policy, :host_id => @host.id, :logs => [@log_1, @log_2])
|
|
23
|
+
report_2 = FactoryBot.create(:arf_report, :policy => @policy, :host_id => @host.id, :logs => [@log_3, log_4])
|
|
24
24
|
|
|
25
25
|
assert(report_1.equal?(report_2))
|
|
26
26
|
end
|
|
27
27
|
|
|
28
28
|
test 'equal? should return false when there is change in report results' do
|
|
29
|
-
new_source =
|
|
30
|
-
log_4 =
|
|
31
|
-
report_1 =
|
|
32
|
-
report_2 =
|
|
29
|
+
new_source = FactoryBot.create(:source)
|
|
30
|
+
log_4 = FactoryBot.build(:compliance_log, :result => "pass", :source => new_source)
|
|
31
|
+
report_1 = FactoryBot.create(:arf_report, :policy => @policy, :host_id => @host.id, :logs => [@log_1, @log_2])
|
|
32
|
+
report_2 = FactoryBot.create(:arf_report, :policy => @policy, :host_id => @host.id, :logs => [@log_3, log_4])
|
|
33
33
|
|
|
34
34
|
refute(report_1.equal?(report_2))
|
|
35
35
|
end
|
|
36
36
|
|
|
37
37
|
test 'equal? should return false when reports have different sets of rules' do
|
|
38
|
-
report_1 =
|
|
39
|
-
report_2 =
|
|
38
|
+
report_1 = FactoryBot.create(:arf_report, :policy => @policy, :host_id => @host.id, :logs => [@log_1, @log_2])
|
|
39
|
+
report_2 = FactoryBot.create(:arf_report, :policy => @policy, :host_id => @host.id, :logs => [@log_3])
|
|
40
40
|
|
|
41
41
|
refute(report_1.equal?(report_2))
|
|
42
42
|
end
|
|
43
43
|
|
|
44
44
|
test 'equal? should return false when reports have different hosts' do
|
|
45
|
-
host =
|
|
46
|
-
log_4 =
|
|
47
|
-
report_1 =
|
|
48
|
-
report_2 =
|
|
45
|
+
host = FactoryBot.create(:compliance_host)
|
|
46
|
+
log_4 = FactoryBot.create(:compliance_log, :result => "fail", :source => @failed_source)
|
|
47
|
+
report_1 = FactoryBot.create(:arf_report, :policy => @policy, :host_id => @host.id, :logs => [@log_1, @log_2])
|
|
48
|
+
report_2 = FactoryBot.create(:arf_report, :policy => @policy, :host_id => host.id, :logs => [@log_3, log_4])
|
|
49
49
|
|
|
50
50
|
refute(report_1.equal?(report_2))
|
|
51
51
|
end
|
|
52
52
|
|
|
53
53
|
test 'equal? should return false when reports have different policies' do
|
|
54
|
-
policy =
|
|
55
|
-
log_4 =
|
|
56
|
-
report_1 =
|
|
57
|
-
report_2 =
|
|
54
|
+
policy = FactoryBot.create(:policy)
|
|
55
|
+
log_4 = FactoryBot.create(:compliance_log, :result => "fail", :source => @failed_source)
|
|
56
|
+
report_1 = FactoryBot.create(:arf_report, :policy => @policy, :host_id => @host.id, :logs => [@log_1, @log_2])
|
|
57
|
+
report_2 = FactoryBot.create(:arf_report, :policy => policy, :host_id => @host.id, :logs => [@log_3, log_4])
|
|
58
58
|
|
|
59
59
|
refute(report_1.equal?(report_2))
|
|
60
60
|
end
|
|
61
61
|
|
|
62
62
|
test 'should recognize report that failed' do
|
|
63
|
-
report =
|
|
63
|
+
report = FactoryBot.create(:arf_report, :host_id => @host.id, :status => @status)
|
|
64
64
|
assert report.failed?
|
|
65
65
|
end
|
|
66
66
|
|
|
67
67
|
test 'should recognize report that othered' do
|
|
68
68
|
@status[:failed] = 0
|
|
69
|
-
report =
|
|
69
|
+
report = FactoryBot.create(:arf_report, :host_id => @host.id, :status => @status)
|
|
70
70
|
assert report.othered?
|
|
71
71
|
end
|
|
72
72
|
|
|
73
73
|
test 'should recognize report that passed' do
|
|
74
74
|
@status[:failed] = 0
|
|
75
75
|
@status[:othered] = 0
|
|
76
|
-
report =
|
|
76
|
+
report = FactoryBot.create(:arf_report, :host_id => @host.id, :status => @status)
|
|
77
77
|
assert report.passed?
|
|
78
78
|
end
|
|
79
79
|
|
|
80
80
|
test 'should return latest report for each of the hosts' do
|
|
81
81
|
reports = []
|
|
82
|
-
host =
|
|
82
|
+
host = FactoryBot.create(:compliance_host)
|
|
83
83
|
5.times do
|
|
84
|
-
reports <<
|
|
85
|
-
|
|
86
|
-
reports <<
|
|
87
|
-
|
|
84
|
+
reports << FactoryBot.create(:arf_report, :host_id => @host.id, :status => @status)
|
|
85
|
+
FactoryBot.create(:policy_arf_report, :arf_report_id => reports.last.id)
|
|
86
|
+
reports << FactoryBot.create(:arf_report, :host_id => host.id, :status => @status)
|
|
87
|
+
FactoryBot.create(:policy_arf_report, :arf_report_id => reports.last.id)
|
|
88
88
|
end
|
|
89
89
|
assert ForemanOpenscap::ArfReport.latest.to_a.include? reports[-2]
|
|
90
90
|
assert ForemanOpenscap::ArfReport.latest.to_a.include? reports[-1]
|
|
@@ -92,20 +92,20 @@ module ForemanOpenscap
|
|
|
92
92
|
|
|
93
93
|
test 'should return latest report of policy for each of the hosts' do
|
|
94
94
|
reports = []
|
|
95
|
-
host =
|
|
96
|
-
policy =
|
|
95
|
+
host = FactoryBot.create(:compliance_host)
|
|
96
|
+
policy = FactoryBot.create(:policy)
|
|
97
97
|
3.times do
|
|
98
|
-
reports <<
|
|
99
|
-
|
|
98
|
+
reports << FactoryBot.create(:arf_report, :host_id => @host.id, :status => @status)
|
|
99
|
+
FactoryBot.create(:policy_arf_report, :arf_report_id => reports.last.id, :policy_id => @policy.id)
|
|
100
100
|
|
|
101
|
-
reports <<
|
|
102
|
-
|
|
101
|
+
reports << FactoryBot.create(:arf_report, :host_id => host.id, :status => @status)
|
|
102
|
+
FactoryBot.create(:policy_arf_report, :arf_report_id => reports.last.id, :policy_id => @policy.id)
|
|
103
103
|
|
|
104
|
-
reports <<
|
|
105
|
-
|
|
104
|
+
reports << FactoryBot.create(:arf_report, :host_id => @host.id, :status => @status)
|
|
105
|
+
FactoryBot.create(:policy_arf_report, :arf_report_id => reports.last.id, :policy_id => policy.id)
|
|
106
106
|
|
|
107
|
-
reports <<
|
|
108
|
-
|
|
107
|
+
reports << FactoryBot.create(:arf_report, :host_id => host.id, :status => @status)
|
|
108
|
+
FactoryBot.create(:policy_arf_report, :arf_report_id => reports.last.id, :policy_id => policy.id)
|
|
109
109
|
end
|
|
110
110
|
|
|
111
111
|
assert ForemanOpenscap::ArfReport.latest_of_policy(policy).include? reports[-1]
|
|
@@ -118,15 +118,15 @@ module ForemanOpenscap
|
|
|
118
118
|
|
|
119
119
|
context 'retrieving reports by status' do
|
|
120
120
|
setup do
|
|
121
|
-
@passed_status = {:passed => 5, :failed => 0, :othered => 0}.with_indifferent_access
|
|
122
|
-
@othered_status = {:passed => 5, :failed => 0, :othered => 3}.with_indifferent_access
|
|
121
|
+
@passed_status = { :passed => 5, :failed => 0, :othered => 0 }.with_indifferent_access
|
|
122
|
+
@othered_status = { :passed => 5, :failed => 0, :othered => 3 }.with_indifferent_access
|
|
123
123
|
@failed_reports = []
|
|
124
124
|
@othered_reports = []
|
|
125
125
|
@passed_reports = []
|
|
126
126
|
3.times do
|
|
127
|
-
@failed_reports <<
|
|
128
|
-
@passed_reports <<
|
|
129
|
-
@othered_reports <<
|
|
127
|
+
@failed_reports << FactoryBot.create(:arf_report, :host_id => @host.id, :status => @status)
|
|
128
|
+
@passed_reports << FactoryBot.create(:arf_report, :host_id => @host.id, :status => @passed_status)
|
|
129
|
+
@othered_reports << FactoryBot.create(:arf_report, :host_id => @host.id, :status => @othered_status)
|
|
130
130
|
end
|
|
131
131
|
end
|
|
132
132
|
|
|
@@ -151,7 +151,7 @@ module ForemanOpenscap
|
|
|
151
151
|
openscap_proxy_api.stubs(:destroy_report).returns(true)
|
|
152
152
|
ForemanOpenscap::Helper.stubs(:find_name_or_uuid_by_host).returns("abcde")
|
|
153
153
|
ForemanOpenscap::ArfReport.any_instance.stubs(:openscap_proxy_api).returns(openscap_proxy_api)
|
|
154
|
-
report =
|
|
154
|
+
report = FactoryBot.create(:arf_report, :policy => @policy, :host_id => @host.id, :logs => [@log_1, @log_2])
|
|
155
155
|
report.destroy
|
|
156
156
|
refute ForemanOpenscap::ArfReport.all.include? report
|
|
157
157
|
end
|
|
@@ -5,22 +5,22 @@ class ComplianceStatusTest < ActiveSupport::TestCase
|
|
|
5
5
|
disable_orchestration
|
|
6
6
|
User.current = users :admin
|
|
7
7
|
ForemanOpenscap::Policy.any_instance.stubs(:ensure_needed_puppetclasses).returns(true)
|
|
8
|
-
@policy_a =
|
|
9
|
-
@policy_b =
|
|
10
|
-
@host =
|
|
11
|
-
@failed_report =
|
|
8
|
+
@policy_a = FactoryBot.create(:policy)
|
|
9
|
+
@policy_b = FactoryBot.create(:policy)
|
|
10
|
+
@host = FactoryBot.create(:compliance_host)
|
|
11
|
+
@failed_report = FactoryBot.create(:arf_report, :host_id => @host.id)
|
|
12
12
|
@failed_report.stubs(:failed?).returns(true)
|
|
13
|
-
@passed_report =
|
|
13
|
+
@passed_report = FactoryBot.create(:arf_report, :host_id => @host.id)
|
|
14
14
|
@passed_report.stubs(:failed?).returns(false)
|
|
15
15
|
@passed_report.stubs(:othered?).returns(false)
|
|
16
|
-
@othered_report =
|
|
16
|
+
@othered_report = FactoryBot.create(:arf_report, :host_id => @host.id)
|
|
17
17
|
@othered_report.stubs(:failed?).returns(false)
|
|
18
18
|
@othered_report.stubs(:othered?).returns(true)
|
|
19
19
|
end
|
|
20
20
|
|
|
21
21
|
test 'status should be incompliant' do
|
|
22
22
|
status = ForemanOpenscap::ComplianceStatus.new
|
|
23
|
-
host =
|
|
23
|
+
host = FactoryBot.create(:compliance_host, :policies => [@policy_a])
|
|
24
24
|
status.host = host
|
|
25
25
|
host.stubs(:last_report_for_policy).returns(@failed_report)
|
|
26
26
|
status.to_status
|
|
@@ -29,7 +29,7 @@ class ComplianceStatusTest < ActiveSupport::TestCase
|
|
|
29
29
|
|
|
30
30
|
test 'status should be inconclusive' do
|
|
31
31
|
status = ForemanOpenscap::ComplianceStatus.new
|
|
32
|
-
host =
|
|
32
|
+
host = FactoryBot.create(:compliance_host, :policies => [@policy_a])
|
|
33
33
|
host.stubs(:last_report_for_policy).returns(@othered_report)
|
|
34
34
|
status.host = host
|
|
35
35
|
assert_equal 1, status.to_status
|
|
@@ -37,7 +37,7 @@ class ComplianceStatusTest < ActiveSupport::TestCase
|
|
|
37
37
|
|
|
38
38
|
test 'status should be compliant' do
|
|
39
39
|
status = ForemanOpenscap::ComplianceStatus.new
|
|
40
|
-
host =
|
|
40
|
+
host = FactoryBot.create(:compliance_host, :policies => [@policy_a])
|
|
41
41
|
host.stubs(:last_report_for_policy).returns(@passed_report)
|
|
42
42
|
status.host = host
|
|
43
43
|
assert_equal 0, status.to_status
|
|
@@ -45,7 +45,7 @@ class ComplianceStatusTest < ActiveSupport::TestCase
|
|
|
45
45
|
|
|
46
46
|
test 'status should be incompliant for multiple policies' do
|
|
47
47
|
status = ForemanOpenscap::ComplianceStatus.new
|
|
48
|
-
host =
|
|
48
|
+
host = FactoryBot.create(:compliance_host, :policies => [@policy_a, @policy_b])
|
|
49
49
|
status.host = host
|
|
50
50
|
host.stubs(:last_report_for_policy).returns(@failed_report, @passed_report)
|
|
51
51
|
assert_equal 2, status.to_status
|
|
@@ -53,7 +53,7 @@ class ComplianceStatusTest < ActiveSupport::TestCase
|
|
|
53
53
|
|
|
54
54
|
test 'status should be inconclusive for multiple policies' do
|
|
55
55
|
status = ForemanOpenscap::ComplianceStatus.new
|
|
56
|
-
host =
|
|
56
|
+
host = FactoryBot.create(:compliance_host, :policies => [@policy_a, @policy_b])
|
|
57
57
|
host.stubs(:last_report_for_policy).returns(@othered_report, @passed_report)
|
|
58
58
|
status.host = host
|
|
59
59
|
assert_equal 1, status.to_status
|
|
@@ -61,8 +61,8 @@ class ComplianceStatusTest < ActiveSupport::TestCase
|
|
|
61
61
|
|
|
62
62
|
test 'status should be compliant for multiple policies' do
|
|
63
63
|
status = ForemanOpenscap::ComplianceStatus.new
|
|
64
|
-
host =
|
|
65
|
-
passed_report =
|
|
64
|
+
host = FactoryBot.create(:compliance_host, :policies => [@policy_a, @policy_b])
|
|
65
|
+
passed_report = FactoryBot.create(:arf_report, :host_id => @host.id)
|
|
66
66
|
passed_report.stubs(:othered?).returns(false)
|
|
67
67
|
passed_report.stubs(:failed?).returns(false)
|
|
68
68
|
host.stubs(:last_report_for_policy).returns(passed_report, @passed_report)
|
|
@@ -3,10 +3,10 @@ require 'test_plugin_helper'
|
|
|
3
3
|
class HostExtensionsTest < ActiveSupport::TestCase
|
|
4
4
|
setup do
|
|
5
5
|
ForemanOpenscap::Policy.any_instance.stubs(:ensure_needed_puppetclasses).returns(true)
|
|
6
|
-
@scap_content =
|
|
7
|
-
@scap_content_profile =
|
|
8
|
-
@policy =
|
|
9
|
-
@host =
|
|
6
|
+
@scap_content = FactoryBot.create(:scap_content)
|
|
7
|
+
@scap_content_profile = FactoryBot.create(:scap_content_profile, :scap_content => @scap_content)
|
|
8
|
+
@policy = FactoryBot.create(:policy, :scap_content => @scap_content, :scap_content_profile => @scap_content_profile)
|
|
9
|
+
@host = FactoryBot.create(:compliance_host, :policies => [@policy])
|
|
10
10
|
end
|
|
11
11
|
|
|
12
12
|
test "should have download_path in enc without digest" do
|
|
@@ -25,8 +25,8 @@ class HostExtensionsTest < ActiveSupport::TestCase
|
|
|
25
25
|
|
|
26
26
|
test "should find hosts with direct policy assignment that were never audited" do
|
|
27
27
|
policy, host, host_2 = setup_hosts_with_policy.values_at(:policy, :host, :host_2)
|
|
28
|
-
report =
|
|
29
|
-
|
|
28
|
+
report = FactoryBot.create(:arf_report, :host_id => host_2.id)
|
|
29
|
+
FactoryBot.create(:policy_arf_report, :policy_id => policy.id, :arf_report_id => report.id)
|
|
30
30
|
|
|
31
31
|
res = Host.policy_reports_missing policy
|
|
32
32
|
assert_equal res.count, 1
|
|
@@ -35,8 +35,8 @@ class HostExtensionsTest < ActiveSupport::TestCase
|
|
|
35
35
|
|
|
36
36
|
test "should find hosts with inherited policy that were never audited" do
|
|
37
37
|
policy, host, host_2 = setup_hosts_with_inherited_policy.values_at(:policy, :host, :host_2)
|
|
38
|
-
report =
|
|
39
|
-
|
|
38
|
+
report = FactoryBot.create(:arf_report, :host_id => host_2.id)
|
|
39
|
+
FactoryBot.create(:policy_arf_report, :policy_id => policy.id, :arf_report_id => report.id)
|
|
40
40
|
|
|
41
41
|
res = Host.policy_reports_missing policy
|
|
42
42
|
assert_equal res.count, 1
|
|
@@ -59,27 +59,43 @@ class HostExtensionsTest < ActiveSupport::TestCase
|
|
|
59
59
|
assert_include res, host_2
|
|
60
60
|
end
|
|
61
61
|
|
|
62
|
+
test "should find hosts with directly assigned policy when searching by policy id" do
|
|
63
|
+
policy, host, host_2 = setup_hosts_with_policy.values_at(:policy, :host, :host_2)
|
|
64
|
+
res = Host.search_for "compliance_policy_id = #{policy.id}"
|
|
65
|
+
assert_equal 2, res.count
|
|
66
|
+
assert_include res, host
|
|
67
|
+
assert_include res, host_2
|
|
68
|
+
end
|
|
69
|
+
|
|
70
|
+
test "should find hosts with inherited policy when searching by policy id" do
|
|
71
|
+
policy, host, host_2 = setup_hosts_with_inherited_policy.values_at(:policy, :host, :host_2)
|
|
72
|
+
res = Host.search_for "compliance_policy_id = #{policy.id}"
|
|
73
|
+
assert_equal 2, res.count
|
|
74
|
+
assert_include res, host
|
|
75
|
+
assert_include res, host_2
|
|
76
|
+
end
|
|
77
|
+
|
|
62
78
|
private
|
|
63
79
|
|
|
64
80
|
def setup_hosts_with_policy
|
|
65
|
-
policy =
|
|
66
|
-
host =
|
|
67
|
-
host_2 =
|
|
68
|
-
asset =
|
|
69
|
-
asset_2 =
|
|
70
|
-
|
|
71
|
-
|
|
81
|
+
policy = FactoryBot.create(:policy)
|
|
82
|
+
host = FactoryBot.create(:compliance_host)
|
|
83
|
+
host_2 = FactoryBot.create(:compliance_host)
|
|
84
|
+
asset = FactoryBot.create(:asset, :assetable_id => host.id, :assetable_type => 'Host::Base')
|
|
85
|
+
asset_2 = FactoryBot.create(:asset, :assetable_id => host_2.id, :assetable_type => 'Host::Base')
|
|
86
|
+
FactoryBot.create(:asset_policy, :asset_id => asset.id, :policy_id => policy.id)
|
|
87
|
+
FactoryBot.create(:asset_policy, :asset_id => asset_2.id, :policy_id => policy.id)
|
|
72
88
|
{ :host => host, :policy => policy, :host_2 => host_2 }
|
|
73
89
|
end
|
|
74
90
|
|
|
75
91
|
def setup_hosts_with_inherited_policy
|
|
76
|
-
policy =
|
|
77
|
-
parent =
|
|
78
|
-
child =
|
|
79
|
-
asset =
|
|
80
|
-
|
|
81
|
-
host =
|
|
82
|
-
host_2 =
|
|
92
|
+
policy = FactoryBot.create(:policy)
|
|
93
|
+
parent = FactoryBot.create(:hostgroup)
|
|
94
|
+
child = FactoryBot.create(:hostgroup, :ancestry => parent.id.to_s)
|
|
95
|
+
asset = FactoryBot.create(:asset, :assetable_id => parent.id, :assetable_type => 'Hostgroup')
|
|
96
|
+
FactoryBot.create(:asset_policy, :asset_id => asset.id, :policy_id => policy.id)
|
|
97
|
+
host = FactoryBot.create(:compliance_host, :hostgroup_id => child.id)
|
|
98
|
+
host_2 = FactoryBot.create(:compliance_host, :hostgroup_id => child.id)
|
|
83
99
|
{ :policy => policy, :host => host, :host_2 => host_2 }
|
|
84
100
|
end
|
|
85
101
|
end
|
|
@@ -1,21 +1,20 @@
|
|
|
1
1
|
require 'test_plugin_helper'
|
|
2
2
|
|
|
3
3
|
class OpenscapProxyExtensionsTest < ActiveSupport::TestCase
|
|
4
|
-
|
|
5
4
|
setup do
|
|
6
|
-
@host =
|
|
5
|
+
@host = FactoryBot.create(:compliance_host)
|
|
7
6
|
end
|
|
8
7
|
|
|
9
8
|
test "should return proxy api for openscap" do
|
|
10
|
-
arf =
|
|
11
|
-
|
|
12
|
-
|
|
9
|
+
arf = FactoryBot.create(:arf_report,
|
|
10
|
+
:host_id => @host.id,
|
|
11
|
+
:openscap_proxy => @host.openscap_proxy)
|
|
13
12
|
api = arf.openscap_proxy_api
|
|
14
13
|
assert_equal (@host.openscap_proxy.url + "/compliance/"), api.url
|
|
15
14
|
end
|
|
16
15
|
|
|
17
16
|
test "should raise exception when no openscap proxy asociated" do
|
|
18
|
-
arf =
|
|
17
|
+
arf = FactoryBot.create(:arf_report, :host_id => @host.id)
|
|
19
18
|
assert_raises(Foreman::Exception) { arf.openscap_proxy_api }
|
|
20
19
|
end
|
|
21
20
|
end
|
|
@@ -6,15 +6,15 @@ class MessageCleanerTest < ActiveSupport::TestCase
|
|
|
6
6
|
end
|
|
7
7
|
|
|
8
8
|
test "should clean up messages" do
|
|
9
|
-
host =
|
|
10
|
-
policy =
|
|
9
|
+
host = FactoryBot.create(:compliance_host)
|
|
10
|
+
policy = FactoryBot.create(:policy)
|
|
11
11
|
reports = []
|
|
12
|
-
source =
|
|
12
|
+
source = FactoryBot.create(:source, :value => "xccdf_org.ssgproject.content_rule_firefox_preferences-lock_settings_obscure")
|
|
13
13
|
2.times do
|
|
14
|
-
report =
|
|
15
|
-
message =
|
|
16
|
-
|
|
17
|
-
|
|
14
|
+
report = FactoryBot.create(:arf_report, :host_id => host.id)
|
|
15
|
+
message = FactoryBot.create(:compliance_message, :value => "Disable Firefox Configuration File ROT-13 Encoding")
|
|
16
|
+
FactoryBot.create(:policy_arf_report, :policy_id => policy.id, :arf_report_id => report.id)
|
|
17
|
+
FactoryBot.create(:compliance_log, :source_id => source.id, :message_id => message.id, :report_id => report.id)
|
|
18
18
|
report.reload
|
|
19
19
|
reports << report
|
|
20
20
|
end
|
|
@@ -5,12 +5,12 @@ class OpenscapHostTest < ActiveSupport::TestCase
|
|
|
5
5
|
disable_orchestration
|
|
6
6
|
User.current = users :admin
|
|
7
7
|
ForemanOpenscap::Policy.any_instance.stubs(:ensure_needed_puppetclasses).returns(true)
|
|
8
|
-
ForemanOpenscap::Policy.any_instance.stubs(:find_scap_puppetclass).returns(
|
|
9
|
-
@policy =
|
|
8
|
+
ForemanOpenscap::Policy.any_instance.stubs(:find_scap_puppetclass).returns(FactoryBot.create(:puppetclass, :name => 'foreman_scap_client'))
|
|
9
|
+
@policy = FactoryBot.create(:policy)
|
|
10
10
|
end
|
|
11
11
|
|
|
12
12
|
test 'Host has policy' do
|
|
13
|
-
host =
|
|
13
|
+
host = FactoryBot.create(:host)
|
|
14
14
|
assert_empty(host.policies)
|
|
15
15
|
|
|
16
16
|
assert(@policy.assign_hosts([host]), 'Host policies should be assigned')
|
|
@@ -18,19 +18,19 @@ class OpenscapHostTest < ActiveSupport::TestCase
|
|
|
18
18
|
end
|
|
19
19
|
|
|
20
20
|
test 'Host has policies via its hostgroup' do
|
|
21
|
-
host =
|
|
21
|
+
host = FactoryBot.create(:host, :with_hostgroup)
|
|
22
22
|
hostgroup = host.hostgroup
|
|
23
|
-
@policy.hostgroup_ids = [
|
|
23
|
+
@policy.hostgroup_ids = [hostgroup.id]
|
|
24
24
|
assert @policy.save
|
|
25
25
|
refute_empty(host.combined_policies)
|
|
26
26
|
assert_includes(host.combined_policies, @policy)
|
|
27
27
|
end
|
|
28
28
|
|
|
29
29
|
test 'Host has policies via its host group and its parent host groups' do
|
|
30
|
-
host =
|
|
30
|
+
host = FactoryBot.create(:host, :with_hostgroup)
|
|
31
31
|
hostgroup = host.hostgroup
|
|
32
|
-
hostgroup.parent =
|
|
33
|
-
@policy.hostgroup_ids = [
|
|
32
|
+
hostgroup.parent = FactoryBot.create(:hostgroup)
|
|
33
|
+
@policy.hostgroup_ids = [hostgroup.parent.id]
|
|
34
34
|
assert @policy.save
|
|
35
35
|
refute_empty(host.combined_policies)
|
|
36
36
|
assert_includes(host.combined_policies, @policy)
|
|
@@ -38,11 +38,11 @@ class OpenscapHostTest < ActiveSupport::TestCase
|
|
|
38
38
|
|
|
39
39
|
context 'testing scap_status_changed?' do
|
|
40
40
|
setup do
|
|
41
|
-
@host =
|
|
42
|
-
@report_1 =
|
|
43
|
-
@report_2 =
|
|
44
|
-
@policy_report_1 =
|
|
45
|
-
@policy_report_2 =
|
|
41
|
+
@host = FactoryBot.create(:compliance_host)
|
|
42
|
+
@report_1 = FactoryBot.create(:arf_report, :policy => @policy, :host_id => @host.id)
|
|
43
|
+
@report_2 = FactoryBot.create(:arf_report, :policy => @policy, :host_id => @host.id)
|
|
44
|
+
@policy_report_1 = FactoryBot.create(:policy_arf_report, :policy_id => @policy.id, :arf_report_id => @report_1.id)
|
|
45
|
+
@policy_report_2 = FactoryBot.create(:policy_arf_report, :policy_id => @policy.id, :arf_report_id => @report_2.id)
|
|
46
46
|
end
|
|
47
47
|
|
|
48
48
|
test "reports for policy should return expected reports" do
|
|
@@ -4,19 +4,19 @@ class PolicyMailerTest < ActiveSupport::TestCase
|
|
|
4
4
|
setup do
|
|
5
5
|
@user = User.current = users :admin
|
|
6
6
|
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
#just to have some content to send
|
|
7
|
+
FactoryBot.create(:mail_notification,
|
|
8
|
+
:name => :openscap_policy_summary,
|
|
9
|
+
:description => N_('A summary of reports for OpenScap policies'),
|
|
10
|
+
:mailer => 'ForemanOpenscap::PolicyMailer',
|
|
11
|
+
:method => 'policy_summary',
|
|
12
|
+
:subscription_type => 'report',)
|
|
13
|
+
# just to have some content to send
|
|
14
14
|
ForemanOpenscap::Policy.any_instance.stubs(:ensure_needed_puppetclasses).returns(true)
|
|
15
|
-
host =
|
|
16
|
-
asset =
|
|
17
|
-
policy =
|
|
18
|
-
arf_report =
|
|
19
|
-
policy_arf_report =
|
|
15
|
+
host = FactoryBot.create(:compliance_host)
|
|
16
|
+
asset = FactoryBot.create(:asset, :assetable_id => host.id)
|
|
17
|
+
policy = FactoryBot.create(:policy, :assets => [asset])
|
|
18
|
+
arf_report = FactoryBot.create(:arf_report, :policy => policy, :host_id => host.id)
|
|
19
|
+
policy_arf_report = FactoryBot.create(:policy_arf_report, :policy_id => policy.id, :arf_report_id => arf_report.id)
|
|
20
20
|
|
|
21
21
|
@user.mail_notifications << MailNotification[:openscap_policy_summary]
|
|
22
22
|
ActionMailer::Base.deliveries = []
|
data/test/unit/policy_test.rb
CHANGED
|
@@ -5,18 +5,18 @@ class PolicyTest < ActiveSupport::TestCase
|
|
|
5
5
|
ForemanOpenscap::Policy.any_instance.stubs(:ensure_needed_puppetclasses).returns(true)
|
|
6
6
|
ForemanOpenscap::DataStreamValidator.any_instance.stubs(:validate)
|
|
7
7
|
ForemanOpenscap::ScapContent.any_instance.stubs(:fetch_profiles).returns({ 'test_profile_key' => 'test_profile_title' })
|
|
8
|
-
@scap_content =
|
|
9
|
-
@scap_profile =
|
|
10
|
-
@tailoring_profile =
|
|
8
|
+
@scap_content = FactoryBot.create(:scap_content)
|
|
9
|
+
@scap_profile = FactoryBot.create(:scap_content_profile, :scap_content => @scap_content)
|
|
10
|
+
@tailoring_profile = FactoryBot.create(:scap_content_profile, :profile_id => 'xccdf_org.test.tailoring_test_profile')
|
|
11
11
|
end
|
|
12
12
|
|
|
13
13
|
test "should assign hostgroups by their ids" do
|
|
14
|
-
ForemanOpenscap::Policy.any_instance.stubs(:find_scap_puppetclass).returns(
|
|
14
|
+
ForemanOpenscap::Policy.any_instance.stubs(:find_scap_puppetclass).returns(FactoryBot.create(:puppetclass, :name => 'foreman_scap_client'))
|
|
15
15
|
ForemanOpenscap::Policy.any_instance.stubs(:populate_overrides)
|
|
16
|
-
hg1 =
|
|
17
|
-
hg2 =
|
|
18
|
-
asset =
|
|
19
|
-
policy =
|
|
16
|
+
hg1 = FactoryBot.create(:hostgroup)
|
|
17
|
+
hg2 = FactoryBot.create(:hostgroup)
|
|
18
|
+
asset = FactoryBot.create(:asset, :assetable_id => hg1.id, :assetable_type => 'Hostgroup')
|
|
19
|
+
policy = FactoryBot.create(:policy, :assets => [asset], :scap_content => @scap_content, :scap_content_profile => @scap_profile)
|
|
20
20
|
policy.hostgroup_ids = [hg1, hg2].map(&:id)
|
|
21
21
|
policy.save!
|
|
22
22
|
assert_equal 2, policy.hostgroups.count
|
|
@@ -24,11 +24,11 @@ class PolicyTest < ActiveSupport::TestCase
|
|
|
24
24
|
end
|
|
25
25
|
|
|
26
26
|
test "should remove associated hostgroup" do
|
|
27
|
-
ForemanOpenscap::Policy.any_instance.stubs(:find_scap_puppetclass).returns(
|
|
27
|
+
ForemanOpenscap::Policy.any_instance.stubs(:find_scap_puppetclass).returns(FactoryBot.create(:puppetclass, :name => 'foreman_scap_client'))
|
|
28
28
|
ForemanOpenscap::Policy.any_instance.stubs(:populate_overrides)
|
|
29
|
-
hg =
|
|
30
|
-
asset =
|
|
31
|
-
policy =
|
|
29
|
+
hg = FactoryBot.create(:hostgroup)
|
|
30
|
+
asset = FactoryBot.create(:asset, :assetable_id => hg.id, :assetable_type => 'Hostgroup')
|
|
31
|
+
policy = FactoryBot.create(:policy, :assets => [asset], :scap_content => @scap_content, :scap_content_profile => @scap_profile)
|
|
32
32
|
policy.save!
|
|
33
33
|
hg.hostgroup_classes.destroy_all
|
|
34
34
|
hg.destroy
|
|
@@ -144,17 +144,17 @@ class PolicyTest < ActiveSupport::TestCase
|
|
|
144
144
|
end
|
|
145
145
|
|
|
146
146
|
test "should have correct scap profile in enc" do
|
|
147
|
-
p =
|
|
147
|
+
p = FactoryBot.create(:policy, :scap_content => @scap_content, :scap_content_profile => @scap_profile)
|
|
148
148
|
profile_id = p.scap_content_profile.profile_id
|
|
149
149
|
assert_equal profile_id, p.to_enc['profile_id']
|
|
150
|
-
tailoring_profile =
|
|
150
|
+
tailoring_profile = FactoryBot.create(:scap_content_profile, :profile_id => 'xccdf_org.test.tailoring_test_profile')
|
|
151
151
|
p.tailoring_file_profile = tailoring_profile
|
|
152
152
|
assert_equal tailoring_profile.profile_id, p.to_enc['profile_id']
|
|
153
153
|
end
|
|
154
154
|
|
|
155
155
|
test "should not create policy with incorrect tailoring profile" do
|
|
156
|
-
tailoring_profile =
|
|
157
|
-
tailoring_file =
|
|
156
|
+
tailoring_profile = FactoryBot.create(:scap_content_profile, :profile_id => 'xccdf_org.test.common_tailoring_profile')
|
|
157
|
+
tailoring_file = FactoryBot.create(:tailoring_file, :scap_content_profiles => [tailoring_profile])
|
|
158
158
|
p = ForemanOpenscap::Policy.create(:name => "custom_policy",
|
|
159
159
|
:period => 'monthly',
|
|
160
160
|
:day_of_month => '5',
|
|
@@ -178,7 +178,7 @@ class PolicyTest < ActiveSupport::TestCase
|
|
|
178
178
|
end
|
|
179
179
|
|
|
180
180
|
test "should have digest in enc download path for tailoring file" do
|
|
181
|
-
tailoring_file =
|
|
181
|
+
tailoring_file = FactoryBot.create(:tailoring_file)
|
|
182
182
|
p = ForemanOpenscap::Policy.new(:name => "custom_policy",
|
|
183
183
|
:scap_content_id => @scap_content.id,
|
|
184
184
|
:scap_content_profile_id => @scap_profile.id,
|
|
@@ -191,27 +191,27 @@ class PolicyTest < ActiveSupport::TestCase
|
|
|
191
191
|
end
|
|
192
192
|
|
|
193
193
|
test "should have assigned a content profile that belongs to assigned scap content" do
|
|
194
|
-
scap_content_2 =
|
|
194
|
+
scap_content_2 = FactoryBot.create(:scap_content)
|
|
195
195
|
p = ForemanOpenscap::Policy.create(:name => "valid_profile_policy",
|
|
196
|
-
|
|
197
|
-
|
|
198
|
-
|
|
199
|
-
|
|
196
|
+
:scap_content_id => @scap_content.id,
|
|
197
|
+
:scap_content_profile_id => @scap_profile.id,
|
|
198
|
+
:period => 'monthly',
|
|
199
|
+
:day_of_month => '5')
|
|
200
200
|
assert p.valid?
|
|
201
201
|
q = ForemanOpenscap::Policy.create(:name => "invalid_profile_policy",
|
|
202
|
-
|
|
203
|
-
|
|
204
|
-
|
|
205
|
-
|
|
202
|
+
:scap_content_id => scap_content_2.id,
|
|
203
|
+
:scap_content_profile_id => @scap_profile.id,
|
|
204
|
+
:period => 'monthly',
|
|
205
|
+
:day_of_month => '5')
|
|
206
206
|
refute q.valid?
|
|
207
207
|
assert_equal "does not have the selected SCAP content profile", q.errors.messages[:scap_content_id].first
|
|
208
208
|
end
|
|
209
209
|
|
|
210
210
|
test "should delete arf_report when deleting policy" do
|
|
211
|
-
policy =
|
|
212
|
-
host =
|
|
213
|
-
arf_report =
|
|
214
|
-
policy_arf_report =
|
|
211
|
+
policy = FactoryBot.create(:policy, :scap_content => @scap_content, :scap_content_profile => @scap_profile)
|
|
212
|
+
host = FactoryBot.create(:compliance_host)
|
|
213
|
+
arf_report = FactoryBot.create(:arf_report, :host_id => host.id)
|
|
214
|
+
policy_arf_report = FactoryBot.create(:policy_arf_report, :policy_id => policy.id, :arf_report_id => arf_report.id)
|
|
215
215
|
policy.destroy
|
|
216
216
|
assert_empty ForemanOpenscap::PolicyArfReport.where(:id => policy_arf_report.id)
|
|
217
217
|
assert_empty ForemanOpenscap::ArfReport.where(:id => arf_report.id)
|