RubyGems - foreman_openscap - Versions diffs - 4.1.3 → 4.3.3 - Mend

foreman_openscap 4.1.3 → 4.3.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (193) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 65c54fcbd65a0adcb3f9b4de1a910347846e0bde26474badf13af2b41b46774f
-  data.tar.gz: bfed9e4eb472d42bace5aa31d6eba2b2e3beb20fa28518b9dc20df73c9413b0c
+  metadata.gz: f9bed6dedc6b23fd08b1c0fd3143de20e86c8aa2e65dbc0a00d0abaad21cc393
+  data.tar.gz: 352a6052c7386969b55b241b57e3d9fa63b6ec07fc9d01d5a8ba6c4b79e7724d
 SHA512:
-  metadata.gz: 5976ff19ccb147ff0a677ed3d61a219ae8e8aeac6c2526d48b57de37f3cbc83b425817365a2ede1be36813c0f9aa0ebc1d73636deb9b350f799b04d2581a7337
-  data.tar.gz: a5ad35a6f95d9f992f99f7fbf6f44c33c3a9c9d769dc1b8d871d0806b91b92f78b084231c87af15680ab760ebc931bf5027af28538a047e99fffd075839379c0
+  metadata.gz: 6dd1df925f9212a7afab91c449a9e0482427fde4fb8adfca8a620482124caed5584a2c71d1167c09308f124d5a19fb4ee0102bff4a89e91d30c81a6ac4ed01ea
+  data.tar.gz: c16c1caec4bde07fb8d9da968859f21d2d7f42c5ec5b09c5e9560053dd22490f0ac299405a55b76fa1d4b08d1417b13233799b085fe56b46b8bb13829827394e

data/app/assets/stylesheets/foreman_openscap/policy.css CHANGED Viewed

@@ -6,3 +6,8 @@
   display: none;
 }
+span.scap_policy_popover {
+  float: left;
+  margin-top: 2px;
+}

data/app/controllers/api/v2/compliance/oval_contents_controller.rb ADDED Viewed

@@ -0,0 +1,72 @@
+module Api::V2
+  module Compliance
+    class OvalContentsController < ::Api::V2::BaseController
+      include Foreman::Controller::Parameters::OvalContent
+      include ForemanOpenscap::Api::V2::ScapApiControllerExtensions
+      before_action :find_resource, :except => %w[index create sync]
+      skip_before_action :check_media_type, :only => %w[create update]
+      api :GET, '/compliance/oval_contents', N_('List OVAL contents')
+      param_group :search_and_pagination, ::Api::V2::BaseController
+      add_scoped_search_description_for(::ForemanOpenscap::OvalContent)
+      def index
+        @oval_contents = resource_scope_for_index(:permission => :view_oval_contents)
+      end
+      api :GET, '/compliance/oval_contents/:id', N_('Show an OVAL content')
+      param :id, :identifier, :required => true
+      def show
+      end
+      def_param_group :oval_content do
+        param :oval_content, Hash, :required => true, :action_aware => true do
+          param :name, String, :required => true, :desc => N_('OVAL content name')
+          param :scap_file, File, :desc => N_('XML containing OVAL content')
+          param :original_filename, String, :desc => N_('Original file name of the OVAL content file')
+          param :url, String, :desc => N_('URL of the OVAL content file')
+          param_group :taxonomies, ::Api::V2::BaseController
+        end
+      end
+      api :POST, '/compliance/oval_contents', N_('Create OVAL content')
+      param_group :oval_content, :as => :create
+      def create
+        @oval_content = ForemanOpenscap::OvalContent.new(oval_content_params)
+        process_response @oval_content.save
+      end
+      api :PUT, '/compliance/oval_contents/:id', N_('Update an OVAL content')
+      param :id, :identifier, :required => true
+      param_group :oval_content
+      def update
+        process_response @oval_content.update(oval_content_params)
+      end
+      api :DELETE, '/compliance/oval_contents/:id', N_('Deletes an OVAL content')
+      param :id, :identifier, :required => true
+      def destroy
+        process_response @oval_content.destroy
+      end
+      api :POST, '/compliance/oval_contents/sync', N_('Sync contents that have remote source URL')
+      def sync
+        @oval_contents = ForemanOpenscap::Oval::SyncOvalContents.new.sync_all
+      end
+      def action_permission
+        case params[:action]
+        when 'sync'
+          :update
+        else
+          super
+        end
+      end
+    end
+  end
+end

data/app/controllers/api/v2/compliance/oval_policies_controller.rb ADDED Viewed

@@ -0,0 +1,111 @@
+module Api::V2
+  module Compliance
+    class OvalPoliciesController < ::Api::V2::BaseController
+      include Foreman::Controller::SmartProxyAuth
+      include ForemanOpenscap::Api::V2::ScapApiControllerExtensions
+      include Foreman::Controller::Parameters::OvalPolicy
+      add_smart_proxy_filters %i[oval_content], :features => 'Openscap'
+      before_action :find_resource, :except => %w[index create]
+      skip_after_action :log_response_body, :only => %i[oval_content]
+      api :GET, '/compliance/oval_policies', N_('List OVAL Policies')
+      param_group :search_and_pagination, ::Api::V2::BaseController
+      def index
+        @oval_policies = resource_scope_for_index(:permission => :view_oval_policies)
+      end
+      api :GET, '/compliance/oval_policies/:id', N_('Show an OVAL Policy')
+      param :id, :identifier, :required => true
+      def show
+      end
+      def_param_group :oval_policy do
+        param :oval_policy, Hash, :required => true, :action_aware => true do
+          param :name, String, :required => true, :desc => N_('OVAL Policy name')
+          param :oval_content_id, Integer, :required => true, :desc => N_('Policy OVAL content ID')
+          param :description, String, :desc => N_('OVAL Policy description')
+          param :period, String, :desc => N_('OVAL Policy schedule period (weekly, monthly, custom)')
+          param :weekday, String, :desc => N_('OVAL Policy schedule weekday (only if period == "weekly")')
+          param :day_of_month, Integer, :desc => N_('OVAL Policy schedule day of month (only if period == "monthly")')
+          param :cron_line, String, :desc => N_('OVAL Policy schedule cron line (only if period == "custom")')
+          param_group :taxonomies, ::Api::V2::BaseController
+        end
+      end
+      api :POST, '/compliance/oval_policies', N_('Create an OVAL Policy')
+      param_group :oval_policy, :as => :create
+      def create
+        @oval_policy = ForemanOpenscap::OvalPolicy.new(oval_policy_params)
+        process_response(@oval_policy.save)
+      end
+      api :PUT, '/compliance/oval_policies/:id', N_('Update an OVAL Policy')
+      param :id, :identifier, :required => true
+      param_group :oval_policy
+      def update
+        process_response(@oval_policy.update(oval_policy_params))
+      end
+      api :DELETE, '/compliance/oval_policies/:id', N_('Delete an OVAL Policy')
+      param :id, :identifier, :required => true
+      def destroy
+        process_response @oval_policy.destroy
+      end
+      api :POST, '/compliance/oval_policies/:id/assign_hostgroups', N_('Assign hostgroups to an OVAL Policy')
+      param :id, :identifier, :required => true
+      param :hostgroup_ids, Array, :desc => N_('Array of hostgroup IDs')
+      def assign_hostgroups
+        assign _('hostgroups'), params["hostgroup_ids"], ::Hostgroup
+      end
+      api :POST, '/compliance/oval_policies/:id/assign_hosts', N_('Assign hosts to an OVAL Policy')
+      param :id, :identifier, :required => true
+      param :host_ids, Array, :desc => N_('Array of host IDs')
+      def assign_hosts
+        assign _('hosts'), params["host_ids"], ::Host::Managed
+      end
+      api :GET, '/compliance/oval_policies/:id/oval_content', N_("Show a policy's OVAL content")
+      param :id, :identifier, :required => true
+      def oval_content
+        @oval_content = @oval_policy.oval_content
+        send_data @oval_content.scap_file,
+                  :type => 'application/x-bzip2',
+                  :filename => @oval_content.original_filename
+      end
+      def action_permission
+        case params[:action]
+        when 'assign_hostgroups', 'assign_hosts'
+          :edit
+        when 'oval_content'
+          :show
+        else
+          super
+        end
+      end
+      private
+      def assign(resource_plural, ids, model_class)
+        check_collection = ::ForemanOpenscap::Oval::Configure.new.assign(@oval_policy, ids, model_class)
+        if check_collection.all_passed?
+          render :json => { :message => (_("OVAL policy successfully configured with %s.") % resource_plural) }
+        else
+          render :json => { :results => check_collection.find_failed.map(&:to_h) }
+        end
+      end
+    end
+  end
+end

data/app/controllers/api/v2/compliance/oval_reports_controller.rb ADDED Viewed

@@ -0,0 +1,47 @@
+module Api
+  module V2
+    module Compliance
+      class OvalReportsController < ::Api::V2::BaseController
+        include Foreman::Controller::SmartProxyAuth
+        add_smart_proxy_filters :create, :features => 'Openscap'
+        skip_before_action :setup_has_many_params
+        before_action :find_resources_before_create, :only => [:create]
+        api :POST, "/compliance/oval_reports/:cname/:oval_policy_id/:date", N_("Upload an OVAL report - a list of CVEs for given host")
+        param :cname, :identifier, :required => true
+        param :oval_policy_id, :identifier, :required => true
+        param :date, :identifier, :required => true
+        def create
+          ForemanOpenscap::Oval::Cves.new.create(@host, params.to_unsafe_h)
+          if @host.errors.any?
+            upload_fail @host.errors.full_messages
+          else
+            @host.refresh_statuses([ForemanOpenscap::OvalStatus])
+            render :json => { :result => :ok }
+          end
+        end
+        private
+        def find_resources_before_create
+          @host = ForemanOpenscap::Helper.find_host_by_name_or_uuid params[:cname]
+          unless @host
+            upload_fail(_('Could not find host identified by: %s') % params[:cname])
+            return
+          end
+        end
+        def upload_fail(msg)
+          logger.error msg
+          render :json => { :result => :fail, :errors => msg }, :status => :unprocessable_entity
+        end
+        def find_resource
+        end
+      end
+    end
+  end
+end

data/app/controllers/concerns/foreman/controller/parameters/oval_content.rb ADDED Viewed

@@ -0,0 +1,22 @@
+module Foreman::Controller::Parameters::OvalContent
+  extend ActiveSupport::Concern
+  class_methods do
+    def oval_content_params_filter
+      Foreman::ParameterFilter.new(::ForemanOpenscap::OvalContent).tap do |filter|
+        filter.permit :original_filename, :scap_file, :name, :url, :location_ids => [], :organization_ids => []
+      end
+    end
+  end
+  def oval_content_params
+    read_file_content self.class.oval_content_params_filter.filter_params(params, parameter_filter_context)
+  end
+  def read_file_content(params)
+    return params unless file = params[:scap_file]
+    content = file.read
+    filename = file.original_filename
+    params.merge(:scap_file => content, :original_filename => params[:original_filename] || filename)
+  end
+end

data/app/controllers/concerns/foreman/controller/parameters/oval_policy.rb ADDED Viewed

@@ -0,0 +1,22 @@
+module Foreman::Controller::Parameters::OvalPolicy
+  extend ActiveSupport::Concern
+  class_methods do
+    def filter_params_list
+      [:description, :name, :period,
+       :weekday, :day_of_month, :cron_line,
+       :oval_content_id,
+       :location_ids => [], :organization_ids => []]
+    end
+    def oval_policy_params_filter
+      Foreman::ParameterFilter.new(::ForemanOpenscap::OvalPolicy).tap do |filter|
+        filter.permit filter_params_list
+      end
+    end
+  end
+  def oval_policy_params
+    self.class.oval_policy_params_filter.filter_params(params, parameter_filter_context)
+  end
+end

data/app/controllers/concerns/foreman_openscap/hosts_controller_extensions.rb CHANGED Viewed

@@ -5,7 +5,7 @@ module ForemanOpenscap
     end
     def process_hostgroup
-      @hostgroup = Hostgroup.find(params[:host][:hostgroup_id]) if params[:host][:hostgroup_id].to_i > 0
+      @hostgroup = ::Hostgroup.find(params[:host][:hostgroup_id]) if params[:host][:hostgroup_id].to_i > 0
       return head(:not_found) unless @hostgroup
       @openscap_proxy = @hostgroup.openscap_proxy
       super

data/app/graphql/types/cve.rb ADDED Viewed

@@ -0,0 +1,17 @@
+module Types
+  class Cve < BaseObject
+    description 'A CVE'
+    model_class ::ForemanOpenscap::Cve
+    global_id_field :id
+    field :ref_id, String
+    field :ref_url, String
+    field :has_errata, Boolean
+    field :definition_id, String
+    has_many :hosts, Types::Host
+    def self.graphql_definition
+      super.tap { |type| type.instance_variable_set(:@name, 'ForemanOpenscap::Cve') }
+    end
+  end
+end

data/app/graphql/types/oval_content.rb ADDED Viewed

@@ -0,0 +1,17 @@
+module Types
+  class OvalContent < BaseObject
+    description 'An OVAL Content'
+    model_class ::ForemanOpenscap::OvalContent
+    global_id_field :id
+    timestamps
+    field :name, String
+    field :digest, String
+    field :original_filename, String
+    field :url, String
+    def self.graphql_definition
+      super.tap { |type| type.instance_variable_set(:@name, 'ForemanOpenscap::OvalContent') }
+    end
+  end
+end

data/app/graphql/types/oval_policy.rb ADDED Viewed

@@ -0,0 +1,21 @@
+module Types
+  class OvalPolicy < BaseObject
+    description 'An OVAL Policy'
+    model_class ::ForemanOpenscap::OvalPolicy
+    global_id_field :id
+    timestamps
+    field :name, String
+    field :description, String
+    field :period, String
+    field :weekday, String
+    field :day_of_month, String
+    field :cron_line, String
+    belongs_to :oval_content, ::Types::OvalContent
+    has_many :hostgroups, ::Types::Hostgroup
+    def self.graphql_definition
+      super.tap { |type| type.instance_variable_set(:@name, 'ForemanOpenscap::OvalPolicy') }
+    end
+  end
+end

data/app/helpers/arf_reports_helper.rb CHANGED Viewed

@@ -14,16 +14,13 @@ module ArfReportsHelper
   end
   def arf_report_breadcrumbs
-    if @arf_report && @arf_report.host
-      breadcrumbs(:resource_url => api_compliance_arf_reports_path,
-                  :switchable => false,
-                  :items => [
-                    { :caption => _('Compliance Reports'),
-                      :url => url_for(arf_reports_path) },
-                    { :caption => @arf_report.host.name,
-                      :url => (arf_report_path(@arf_report) if authorized_for(hash_for_arf_report_path(@arf_report))) }
-                  ])
-    end
+    breadcrumbs(:resource_url => api_compliance_arf_reports_path,
+                :switchable => false,
+                :items => [
+                  { :caption => _('Compliance Reports'),
+                    :url => url_for(arf_reports_path) },
+                  { :caption => @arf_report.host.to_s }
+                ])
   end
   def result_tag(level)
@@ -38,20 +35,6 @@ module ArfReportsHelper
     "class='label label-#{tag} result-filter-tag'".html_safe
   end
-  def severity_tag(level)
-    tag = case level.downcase.to_sym
-          when :low
-            "info"
-          when :medium
-            "warning"
-          when :high
-            "danger"
-          else
-            "default"
-          end
-    "class='label label-#{tag}'".html_safe
-  end
   def multiple_actions_arf_report
     actions = [
       [_('Delete reports'), delete_multiple_arf_reports_path]

data/app/helpers/policies_helper.rb CHANGED Viewed

@@ -11,10 +11,10 @@ module PoliciesHelper
   def deploy_by_radios(f, policy)
     ForemanOpenscap::ConfigNameService.new.configs.map do |tool|
-      popover_block = popover("", config_inline_help(tool.inline_help))
+      popover_block = tag.span(popover("", config_inline_help(tool.inline_help)), class: 'scap_policy_popover')
-      label = label_tag('', :class => 'col-md-2 control-label') do
-        tool.type.to_s.capitalize.html_safe + ' ' + popover_block.html_safe
+      label = label_tag('', :class => 'col-md-2 control-label', :for => "policy_deploy_by_#{tool.type}") do
+        tool.type.to_s.capitalize.html_safe
       end
       radio = content_tag(:div, :class => "col-md-2") do
@@ -23,7 +23,7 @@ module PoliciesHelper
       content_tag(:div, :class => "clearfix") do
         content_tag(:div, :class => "form-group") do
-          label.html_safe + radio.html_safe
+          label.html_safe + popover_block.html_safe + radio.html_safe
         end
       end
     end.join('').html_safe
@@ -136,17 +136,4 @@ module PoliciesHelper
   def translate_steps(policy)
     policy.steps.map { |step| _(step) }
   end
-  def policy_breadcrumbs
-    if @policy
-      breadcrumbs(:resource_url => api_compliance_policies_path,
-                  :name_field => 'name',
-                  :items => [
-                    { :caption => _('Policies'),
-                      :url => url_for(policies_path) },
-                    { :caption => @policy.name,
-                      :url => (edit_policy_path(@policy) if authorized_for(hash_for_edit_policy_path(@policy))) }
-                  ])
-    end
-  end
 end