foreman_openscap 4.1.3 → 4.3.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/app/assets/stylesheets/foreman_openscap/policy.css +5 -0
- data/app/controllers/api/v2/compliance/oval_contents_controller.rb +72 -0
- data/app/controllers/api/v2/compliance/oval_policies_controller.rb +111 -0
- data/app/controllers/api/v2/compliance/oval_reports_controller.rb +47 -0
- data/app/controllers/concerns/foreman/controller/parameters/oval_content.rb +22 -0
- data/app/controllers/concerns/foreman/controller/parameters/oval_policy.rb +22 -0
- data/app/controllers/concerns/foreman_openscap/hosts_controller_extensions.rb +1 -1
- data/app/graphql/types/cve.rb +17 -0
- data/app/graphql/types/oval_content.rb +17 -0
- data/app/graphql/types/oval_policy.rb +21 -0
- data/app/helpers/arf_reports_helper.rb +7 -24
- data/app/helpers/policies_helper.rb +4 -17
- data/app/mailers/foreman_openscap/policy_mailer.rb +2 -2
- data/app/models/concerns/foreman_openscap/compliance_status_scoped_search.rb +1 -1
- data/app/models/concerns/foreman_openscap/data_stream_content.rb +0 -17
- data/app/models/concerns/foreman_openscap/host_extensions.rb +11 -11
- data/app/models/concerns/foreman_openscap/hostgroup_extensions.rb +3 -5
- data/app/models/concerns/foreman_openscap/inherited_policies.rb +11 -0
- data/app/models/concerns/foreman_openscap/oval_facet_host_extensions.rb +38 -0
- data/app/models/concerns/foreman_openscap/oval_facet_hostgroup_extensions.rb +15 -0
- data/app/models/concerns/foreman_openscap/policy_common.rb +75 -0
- data/app/models/concerns/foreman_openscap/scap_file_content.rb +24 -0
- data/app/models/foreman_openscap/arf_report.rb +2 -2
- data/app/models/foreman_openscap/cve.rb +23 -0
- data/app/models/foreman_openscap/host/oval_facet.rb +14 -0
- data/app/models/foreman_openscap/host_cve.rb +7 -0
- data/app/models/foreman_openscap/hostgroup/oval_facet.rb +14 -0
- data/app/models/foreman_openscap/hostgroup_oval_facet_oval_policy.rb +6 -0
- data/app/models/foreman_openscap/oval_content.rb +26 -0
- data/app/models/foreman_openscap/oval_facet_oval_policy.rb +6 -0
- data/app/models/foreman_openscap/oval_policy.rb +54 -0
- data/app/models/foreman_openscap/oval_status.rb +45 -0
- data/app/models/foreman_openscap/policy.rb +10 -73
- data/app/models/foreman_openscap/scap_content.rb +1 -0
- data/app/models/foreman_openscap/tailoring_file.rb +1 -0
- data/app/services/foreman_openscap/client_config/ansible.rb +39 -6
- data/app/services/foreman_openscap/client_config/base.rb +5 -1
- data/app/services/foreman_openscap/client_config/puppet.rb +2 -1
- data/app/services/foreman_openscap/config_name_service.rb +1 -1
- data/app/services/foreman_openscap/hostgroup_overrider.rb +2 -24
- data/app/services/foreman_openscap/hostgroup_overrider_common.rb +28 -0
- data/app/services/foreman_openscap/lookup_key_overrider.rb +30 -62
- data/app/services/foreman_openscap/lookup_key_overrides_common.rb +63 -0
- data/app/services/foreman_openscap/oval/check_collection.rb +45 -0
- data/app/services/foreman_openscap/oval/configure.rb +80 -0
- data/app/services/foreman_openscap/oval/cves.rb +41 -0
- data/app/services/foreman_openscap/oval/setup.rb +93 -0
- data/app/services/foreman_openscap/oval/setup_check.rb +55 -0
- data/app/services/foreman_openscap/oval/sync_oval_contents.rb +42 -0
- data/app/views/api/v2/compliance/oval_contents/base.json.rabl +6 -0
- data/app/views/api/v2/compliance/oval_contents/create.json.rabl +3 -0
- data/app/views/api/v2/compliance/oval_contents/destroy.json.rabl +3 -0
- data/app/views/api/v2/compliance/oval_contents/index.json.rabl +3 -0
- data/app/views/api/v2/compliance/oval_contents/show.json.rabl +3 -0
- data/app/views/api/v2/compliance/oval_contents/sync.json.rabl +3 -0
- data/app/views/api/v2/compliance/oval_contents/sync_result.json.rabl +11 -0
- data/app/views/api/v2/compliance/oval_contents/update.json.rabl +3 -0
- data/app/views/api/v2/compliance/oval_policies/create.json.rabl +3 -0
- data/app/views/api/v2/compliance/oval_policies/index.json.rabl +3 -0
- data/app/views/api/v2/compliance/oval_policies/main.json.rabl +15 -0
- data/app/views/api/v2/compliance/oval_policies/show.json.rabl +3 -0
- data/app/views/api/v2/compliance/policies/base.json.rabl +2 -2
- data/app/views/api/v2/compliance/policies_common/_attrs.json.rabl +2 -0
- data/app/views/arf_reports/_output.html.erb +9 -1
- data/app/views/arf_reports/show.html.erb +1 -1
- data/app/views/arf_reports/show_html.html.erb +1 -0
- data/app/views/compliance_hosts/show.html.erb +1 -8
- data/app/views/job_templates/run_oval_scans.erb +24 -0
- data/app/views/policies/edit.html.erb +3 -2
- data/app/views/policies/show.html.erb +3 -1
- data/app/views/policies/steps/_deployment_options_form.html.erb +2 -2
- data/app/views/scap_contents/edit.html.erb +2 -12
- data/app/views/tailoring_files/edit.html.erb +2 -10
- data/config/initializers/inflections.rb +12 -0
- data/config/routes.rb +19 -0
- data/db/migrate/20201019074925_create_oval_policy.rb +13 -0
- data/db/migrate/20201020113801_create_oval_facet.rb +14 -0
- data/db/migrate/20201021084109_create_hostgroup_oval_facet.rb +14 -0
- data/db/migrate/20201106080924_create_oval_content.rb +12 -0
- data/db/migrate/20201116110256_add_oval_content_to_oval_policy.rb +5 -0
- data/db/migrate/20201120080329_create_cves.rb +13 -0
- data/db/migrate/20201217130800_add_has_errata_to_cve.rb +8 -0
- data/db/migrate/20201217161511_add_url_to_oval_content.rb +5 -0
- data/db/migrate/20210409095625_add_oval_policy_reference_to_cve.rb +7 -0
- data/db/seeds.d/75-job_templates.rb +3 -2
- data/lib/foreman_openscap/bulk_upload.rb +2 -2
- data/lib/foreman_openscap/engine.rb +67 -9
- data/lib/foreman_openscap/version.rb +1 -1
- data/lib/tasks/foreman_openscap_tasks.rake +14 -9
- data/locale/de/LC_MESSAGES/foreman_openscap.mo +0 -0
- data/locale/de/foreman_openscap.edit.po +0 -0
- data/locale/de/foreman_openscap.po +215 -17
- data/locale/en_GB/LC_MESSAGES/foreman_openscap.mo +0 -0
- data/locale/en_GB/foreman_openscap.edit.po +0 -0
- data/locale/en_GB/foreman_openscap.po +213 -15
- data/locale/es/LC_MESSAGES/foreman_openscap.mo +0 -0
- data/locale/es/foreman_openscap.edit.po +0 -0
- data/locale/es/foreman_openscap.po +239 -41
- data/locale/foreman_openscap.pot +395 -112
- data/locale/fr/LC_MESSAGES/foreman_openscap.mo +0 -0
- data/locale/fr/foreman_openscap.edit.po +0 -0
- data/locale/fr/foreman_openscap.po +243 -45
- data/locale/gl/LC_MESSAGES/foreman_openscap.mo +0 -0
- data/locale/gl/foreman_openscap.edit.po +0 -0
- data/locale/gl/foreman_openscap.po +213 -15
- data/locale/it/LC_MESSAGES/foreman_openscap.mo +0 -0
- data/locale/it/foreman_openscap.edit.po +0 -0
- data/locale/it/foreman_openscap.po +213 -15
- data/locale/ja/LC_MESSAGES/foreman_openscap.mo +0 -0
- data/locale/ja/foreman_openscap.edit.po +0 -0
- data/locale/ja/foreman_openscap.po +262 -66
- data/locale/ko/LC_MESSAGES/foreman_openscap.mo +0 -0
- data/locale/ko/foreman_openscap.edit.po +0 -0
- data/locale/ko/foreman_openscap.po +214 -16
- data/locale/pt_BR/LC_MESSAGES/foreman_openscap.mo +0 -0
- data/locale/pt_BR/foreman_openscap.edit.po +0 -0
- data/locale/pt_BR/foreman_openscap.po +252 -54
- data/locale/ru/LC_MESSAGES/foreman_openscap.mo +0 -0
- data/locale/ru/foreman_openscap.edit.po +0 -0
- data/locale/ru/foreman_openscap.po +214 -16
- data/locale/sv_SE/LC_MESSAGES/foreman_openscap.mo +0 -0
- data/locale/sv_SE/foreman_openscap.edit.po +0 -0
- data/locale/sv_SE/foreman_openscap.po +213 -15
- data/locale/zh_CN/LC_MESSAGES/foreman_openscap.mo +0 -0
- data/locale/zh_CN/foreman_openscap.edit.po +0 -0
- data/locale/zh_CN/foreman_openscap.po +369 -169
- data/locale/zh_TW/LC_MESSAGES/foreman_openscap.mo +0 -0
- data/locale/zh_TW/foreman_openscap.edit.po +0 -0
- data/locale/zh_TW/foreman_openscap.po +214 -16
- data/package.json +48 -0
- data/test/factories/compliance_host_factory.rb +12 -0
- data/test/factories/oval_content_factory.rb +7 -0
- data/test/factories/oval_policy_factory.rb +9 -0
- data/test/files/oval_contents/ansible-2.9.oval.xml.bz2 +0 -0
- data/test/fixtures/cve_fixtures.rb +104 -0
- data/test/functional/api/v2/compliance/oval_contents_controller_test.rb +39 -0
- data/test/functional/api/v2/compliance/oval_policies_controller_test.rb +141 -0
- data/test/functional/api/v2/compliance/oval_reports_controller_test.rb +32 -0
- data/test/graphql/queries/oval_contents_query_test.rb +35 -0
- data/test/graphql/queries/oval_policies_query_test.rb +35 -0
- data/test/test_plugin_helper.rb +4 -0
- data/test/unit/oval_host_test.rb +45 -0
- data/test/unit/oval_policy_test.rb +133 -0
- data/test/unit/oval_status_test.rb +47 -0
- data/test/unit/services/oval/cves_test.rb +81 -0
- data/test/unit/services/oval/setup_test.rb +87 -0
- data/webpack/components/EmptyState.js +67 -0
- data/webpack/components/IndexLayout.js +35 -0
- data/webpack/components/IndexLayout.scss +3 -0
- data/webpack/components/IndexTable/IndexTableHelper.js +9 -0
- data/webpack/components/IndexTable/index.js +65 -0
- data/webpack/components/RuleSeverity/RuleSeverity.scss +3 -0
- data/webpack/components/RuleSeverity/RuleSeverity.test.js +13 -0
- data/webpack/components/RuleSeverity/__snapshots__/RuleSeverity.test.js.snap +41 -0
- data/webpack/components/RuleSeverity/i_severity-critical.svg +61 -0
- data/webpack/components/RuleSeverity/i_severity-high.svg +61 -0
- data/webpack/components/RuleSeverity/i_severity-low.svg +62 -0
- data/webpack/components/RuleSeverity/i_severity-med.svg +62 -0
- data/webpack/components/RuleSeverity/i_unknown.svg +33 -0
- data/webpack/components/RuleSeverity/index.js +33 -0
- data/webpack/components/withLoading.js +68 -0
- data/webpack/global_index.js +5 -0
- data/webpack/graphql/queries/cves.gql +18 -0
- data/webpack/graphql/queries/ovalContents.gql +11 -0
- data/webpack/graphql/queries/ovalPolicies.gql +12 -0
- data/webpack/graphql/queries/ovalPolicy.gql +21 -0
- data/webpack/helpers/commonHelper.js +1 -0
- data/webpack/helpers/globalIdHelper.js +13 -0
- data/webpack/helpers/pageParamsHelper.js +31 -0
- data/webpack/helpers/pathsHelper.js +22 -0
- data/webpack/helpers/tableHelper.js +9 -0
- data/webpack/index.js +8 -0
- data/webpack/routes/OvalContents/OvalContentsIndex/OvalContentsIndex.js +45 -0
- data/webpack/routes/OvalContents/OvalContentsIndex/OvalContentsTable.js +38 -0
- data/webpack/routes/OvalContents/OvalContentsIndex/__tests__/OvalContentsIndex.fixtures.js +106 -0
- data/webpack/routes/OvalContents/OvalContentsIndex/__tests__/OvalContentsIndex.test.js +75 -0
- data/webpack/routes/OvalContents/OvalContentsIndex/index.js +7 -0
- data/webpack/routes/OvalPolicies/OvalPoliciesIndex/OvalPoliciesIndex.js +46 -0
- data/webpack/routes/OvalPolicies/OvalPoliciesIndex/OvalPoliciesTable.js +44 -0
- data/webpack/routes/OvalPolicies/OvalPoliciesIndex/__tests__/OvalPoliciesIndex.fixtures.js +61 -0
- data/webpack/routes/OvalPolicies/OvalPoliciesIndex/__tests__/OvalPoliciesIndex.test.js +78 -0
- data/webpack/routes/OvalPolicies/OvalPoliciesIndex/index.js +7 -0
- data/webpack/routes/OvalPolicies/OvalPoliciesShow/CvesTab.js +48 -0
- data/webpack/routes/OvalPolicies/OvalPoliciesShow/CvesTable.js +63 -0
- data/webpack/routes/OvalPolicies/OvalPoliciesShow/OvalPoliciesShow.js +78 -0
- data/webpack/routes/OvalPolicies/OvalPoliciesShow/OvalPoliciesShowHelper.js +39 -0
- data/webpack/routes/OvalPolicies/OvalPoliciesShow/__tests__/OvalPoliciesShow.fixtures.js +78 -0
- data/webpack/routes/OvalPolicies/OvalPoliciesShow/__tests__/OvalPoliciesShow.test.js +112 -0
- data/webpack/routes/OvalPolicies/OvalPoliciesShow/index.js +35 -0
- data/webpack/routes/routes.js +28 -0
- data/webpack/testHelper.js +64 -0
- metadata +144 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: f9bed6dedc6b23fd08b1c0fd3143de20e86c8aa2e65dbc0a00d0abaad21cc393
|
4
|
+
data.tar.gz: 352a6052c7386969b55b241b57e3d9fa63b6ec07fc9d01d5a8ba6c4b79e7724d
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 6dd1df925f9212a7afab91c449a9e0482427fde4fb8adfca8a620482124caed5584a2c71d1167c09308f124d5a19fb4ee0102bff4a89e91d30c81a6ac4ed01ea
|
7
|
+
data.tar.gz: c16c1caec4bde07fb8d9da968859f21d2d7f42c5ec5b09c5e9560053dd22490f0ac299405a55b76fa1d4b08d1417b13233799b085fe56b46b8bb13829827394e
|
@@ -0,0 +1,72 @@
|
|
1
|
+
module Api::V2
|
2
|
+
module Compliance
|
3
|
+
class OvalContentsController < ::Api::V2::BaseController
|
4
|
+
include Foreman::Controller::Parameters::OvalContent
|
5
|
+
include ForemanOpenscap::Api::V2::ScapApiControllerExtensions
|
6
|
+
|
7
|
+
before_action :find_resource, :except => %w[index create sync]
|
8
|
+
skip_before_action :check_media_type, :only => %w[create update]
|
9
|
+
|
10
|
+
api :GET, '/compliance/oval_contents', N_('List OVAL contents')
|
11
|
+
param_group :search_and_pagination, ::Api::V2::BaseController
|
12
|
+
add_scoped_search_description_for(::ForemanOpenscap::OvalContent)
|
13
|
+
|
14
|
+
def index
|
15
|
+
@oval_contents = resource_scope_for_index(:permission => :view_oval_contents)
|
16
|
+
end
|
17
|
+
|
18
|
+
api :GET, '/compliance/oval_contents/:id', N_('Show an OVAL content')
|
19
|
+
param :id, :identifier, :required => true
|
20
|
+
|
21
|
+
def show
|
22
|
+
end
|
23
|
+
|
24
|
+
def_param_group :oval_content do
|
25
|
+
param :oval_content, Hash, :required => true, :action_aware => true do
|
26
|
+
param :name, String, :required => true, :desc => N_('OVAL content name')
|
27
|
+
param :scap_file, File, :desc => N_('XML containing OVAL content')
|
28
|
+
param :original_filename, String, :desc => N_('Original file name of the OVAL content file')
|
29
|
+
param :url, String, :desc => N_('URL of the OVAL content file')
|
30
|
+
param_group :taxonomies, ::Api::V2::BaseController
|
31
|
+
end
|
32
|
+
end
|
33
|
+
|
34
|
+
api :POST, '/compliance/oval_contents', N_('Create OVAL content')
|
35
|
+
param_group :oval_content, :as => :create
|
36
|
+
|
37
|
+
def create
|
38
|
+
@oval_content = ForemanOpenscap::OvalContent.new(oval_content_params)
|
39
|
+
process_response @oval_content.save
|
40
|
+
end
|
41
|
+
|
42
|
+
api :PUT, '/compliance/oval_contents/:id', N_('Update an OVAL content')
|
43
|
+
param :id, :identifier, :required => true
|
44
|
+
param_group :oval_content
|
45
|
+
|
46
|
+
def update
|
47
|
+
process_response @oval_content.update(oval_content_params)
|
48
|
+
end
|
49
|
+
|
50
|
+
api :DELETE, '/compliance/oval_contents/:id', N_('Deletes an OVAL content')
|
51
|
+
param :id, :identifier, :required => true
|
52
|
+
|
53
|
+
def destroy
|
54
|
+
process_response @oval_content.destroy
|
55
|
+
end
|
56
|
+
|
57
|
+
api :POST, '/compliance/oval_contents/sync', N_('Sync contents that have remote source URL')
|
58
|
+
def sync
|
59
|
+
@oval_contents = ForemanOpenscap::Oval::SyncOvalContents.new.sync_all
|
60
|
+
end
|
61
|
+
|
62
|
+
def action_permission
|
63
|
+
case params[:action]
|
64
|
+
when 'sync'
|
65
|
+
:update
|
66
|
+
else
|
67
|
+
super
|
68
|
+
end
|
69
|
+
end
|
70
|
+
end
|
71
|
+
end
|
72
|
+
end
|
@@ -0,0 +1,111 @@
|
|
1
|
+
module Api::V2
|
2
|
+
module Compliance
|
3
|
+
class OvalPoliciesController < ::Api::V2::BaseController
|
4
|
+
include Foreman::Controller::SmartProxyAuth
|
5
|
+
include ForemanOpenscap::Api::V2::ScapApiControllerExtensions
|
6
|
+
include Foreman::Controller::Parameters::OvalPolicy
|
7
|
+
|
8
|
+
add_smart_proxy_filters %i[oval_content], :features => 'Openscap'
|
9
|
+
|
10
|
+
before_action :find_resource, :except => %w[index create]
|
11
|
+
skip_after_action :log_response_body, :only => %i[oval_content]
|
12
|
+
|
13
|
+
api :GET, '/compliance/oval_policies', N_('List OVAL Policies')
|
14
|
+
param_group :search_and_pagination, ::Api::V2::BaseController
|
15
|
+
|
16
|
+
def index
|
17
|
+
@oval_policies = resource_scope_for_index(:permission => :view_oval_policies)
|
18
|
+
end
|
19
|
+
|
20
|
+
api :GET, '/compliance/oval_policies/:id', N_('Show an OVAL Policy')
|
21
|
+
param :id, :identifier, :required => true
|
22
|
+
|
23
|
+
def show
|
24
|
+
end
|
25
|
+
|
26
|
+
def_param_group :oval_policy do
|
27
|
+
param :oval_policy, Hash, :required => true, :action_aware => true do
|
28
|
+
param :name, String, :required => true, :desc => N_('OVAL Policy name')
|
29
|
+
param :oval_content_id, Integer, :required => true, :desc => N_('Policy OVAL content ID')
|
30
|
+
param :description, String, :desc => N_('OVAL Policy description')
|
31
|
+
param :period, String, :desc => N_('OVAL Policy schedule period (weekly, monthly, custom)')
|
32
|
+
param :weekday, String, :desc => N_('OVAL Policy schedule weekday (only if period == "weekly")')
|
33
|
+
param :day_of_month, Integer, :desc => N_('OVAL Policy schedule day of month (only if period == "monthly")')
|
34
|
+
param :cron_line, String, :desc => N_('OVAL Policy schedule cron line (only if period == "custom")')
|
35
|
+
param_group :taxonomies, ::Api::V2::BaseController
|
36
|
+
end
|
37
|
+
end
|
38
|
+
|
39
|
+
api :POST, '/compliance/oval_policies', N_('Create an OVAL Policy')
|
40
|
+
param_group :oval_policy, :as => :create
|
41
|
+
|
42
|
+
def create
|
43
|
+
@oval_policy = ForemanOpenscap::OvalPolicy.new(oval_policy_params)
|
44
|
+
process_response(@oval_policy.save)
|
45
|
+
end
|
46
|
+
|
47
|
+
api :PUT, '/compliance/oval_policies/:id', N_('Update an OVAL Policy')
|
48
|
+
param :id, :identifier, :required => true
|
49
|
+
param_group :oval_policy
|
50
|
+
|
51
|
+
def update
|
52
|
+
process_response(@oval_policy.update(oval_policy_params))
|
53
|
+
end
|
54
|
+
|
55
|
+
api :DELETE, '/compliance/oval_policies/:id', N_('Delete an OVAL Policy')
|
56
|
+
param :id, :identifier, :required => true
|
57
|
+
|
58
|
+
def destroy
|
59
|
+
process_response @oval_policy.destroy
|
60
|
+
end
|
61
|
+
|
62
|
+
api :POST, '/compliance/oval_policies/:id/assign_hostgroups', N_('Assign hostgroups to an OVAL Policy')
|
63
|
+
param :id, :identifier, :required => true
|
64
|
+
param :hostgroup_ids, Array, :desc => N_('Array of hostgroup IDs')
|
65
|
+
|
66
|
+
def assign_hostgroups
|
67
|
+
assign _('hostgroups'), params["hostgroup_ids"], ::Hostgroup
|
68
|
+
end
|
69
|
+
|
70
|
+
api :POST, '/compliance/oval_policies/:id/assign_hosts', N_('Assign hosts to an OVAL Policy')
|
71
|
+
param :id, :identifier, :required => true
|
72
|
+
param :host_ids, Array, :desc => N_('Array of host IDs')
|
73
|
+
|
74
|
+
def assign_hosts
|
75
|
+
assign _('hosts'), params["host_ids"], ::Host::Managed
|
76
|
+
end
|
77
|
+
|
78
|
+
api :GET, '/compliance/oval_policies/:id/oval_content', N_("Show a policy's OVAL content")
|
79
|
+
param :id, :identifier, :required => true
|
80
|
+
|
81
|
+
def oval_content
|
82
|
+
@oval_content = @oval_policy.oval_content
|
83
|
+
send_data @oval_content.scap_file,
|
84
|
+
:type => 'application/x-bzip2',
|
85
|
+
:filename => @oval_content.original_filename
|
86
|
+
end
|
87
|
+
|
88
|
+
def action_permission
|
89
|
+
case params[:action]
|
90
|
+
when 'assign_hostgroups', 'assign_hosts'
|
91
|
+
:edit
|
92
|
+
when 'oval_content'
|
93
|
+
:show
|
94
|
+
else
|
95
|
+
super
|
96
|
+
end
|
97
|
+
end
|
98
|
+
|
99
|
+
private
|
100
|
+
|
101
|
+
def assign(resource_plural, ids, model_class)
|
102
|
+
check_collection = ::ForemanOpenscap::Oval::Configure.new.assign(@oval_policy, ids, model_class)
|
103
|
+
if check_collection.all_passed?
|
104
|
+
render :json => { :message => (_("OVAL policy successfully configured with %s.") % resource_plural) }
|
105
|
+
else
|
106
|
+
render :json => { :results => check_collection.find_failed.map(&:to_h) }
|
107
|
+
end
|
108
|
+
end
|
109
|
+
end
|
110
|
+
end
|
111
|
+
end
|
@@ -0,0 +1,47 @@
|
|
1
|
+
module Api
|
2
|
+
module V2
|
3
|
+
module Compliance
|
4
|
+
class OvalReportsController < ::Api::V2::BaseController
|
5
|
+
include Foreman::Controller::SmartProxyAuth
|
6
|
+
add_smart_proxy_filters :create, :features => 'Openscap'
|
7
|
+
|
8
|
+
skip_before_action :setup_has_many_params
|
9
|
+
before_action :find_resources_before_create, :only => [:create]
|
10
|
+
|
11
|
+
api :POST, "/compliance/oval_reports/:cname/:oval_policy_id/:date", N_("Upload an OVAL report - a list of CVEs for given host")
|
12
|
+
param :cname, :identifier, :required => true
|
13
|
+
param :oval_policy_id, :identifier, :required => true
|
14
|
+
param :date, :identifier, :required => true
|
15
|
+
|
16
|
+
def create
|
17
|
+
ForemanOpenscap::Oval::Cves.new.create(@host, params.to_unsafe_h)
|
18
|
+
if @host.errors.any?
|
19
|
+
upload_fail @host.errors.full_messages
|
20
|
+
else
|
21
|
+
@host.refresh_statuses([ForemanOpenscap::OvalStatus])
|
22
|
+
render :json => { :result => :ok }
|
23
|
+
end
|
24
|
+
end
|
25
|
+
|
26
|
+
private
|
27
|
+
|
28
|
+
def find_resources_before_create
|
29
|
+
@host = ForemanOpenscap::Helper.find_host_by_name_or_uuid params[:cname]
|
30
|
+
|
31
|
+
unless @host
|
32
|
+
upload_fail(_('Could not find host identified by: %s') % params[:cname])
|
33
|
+
return
|
34
|
+
end
|
35
|
+
end
|
36
|
+
|
37
|
+
def upload_fail(msg)
|
38
|
+
logger.error msg
|
39
|
+
render :json => { :result => :fail, :errors => msg }, :status => :unprocessable_entity
|
40
|
+
end
|
41
|
+
|
42
|
+
def find_resource
|
43
|
+
end
|
44
|
+
end
|
45
|
+
end
|
46
|
+
end
|
47
|
+
end
|
@@ -0,0 +1,22 @@
|
|
1
|
+
module Foreman::Controller::Parameters::OvalContent
|
2
|
+
extend ActiveSupport::Concern
|
3
|
+
|
4
|
+
class_methods do
|
5
|
+
def oval_content_params_filter
|
6
|
+
Foreman::ParameterFilter.new(::ForemanOpenscap::OvalContent).tap do |filter|
|
7
|
+
filter.permit :original_filename, :scap_file, :name, :url, :location_ids => [], :organization_ids => []
|
8
|
+
end
|
9
|
+
end
|
10
|
+
end
|
11
|
+
|
12
|
+
def oval_content_params
|
13
|
+
read_file_content self.class.oval_content_params_filter.filter_params(params, parameter_filter_context)
|
14
|
+
end
|
15
|
+
|
16
|
+
def read_file_content(params)
|
17
|
+
return params unless file = params[:scap_file]
|
18
|
+
content = file.read
|
19
|
+
filename = file.original_filename
|
20
|
+
params.merge(:scap_file => content, :original_filename => params[:original_filename] || filename)
|
21
|
+
end
|
22
|
+
end
|
@@ -0,0 +1,22 @@
|
|
1
|
+
module Foreman::Controller::Parameters::OvalPolicy
|
2
|
+
extend ActiveSupport::Concern
|
3
|
+
|
4
|
+
class_methods do
|
5
|
+
def filter_params_list
|
6
|
+
[:description, :name, :period,
|
7
|
+
:weekday, :day_of_month, :cron_line,
|
8
|
+
:oval_content_id,
|
9
|
+
:location_ids => [], :organization_ids => []]
|
10
|
+
end
|
11
|
+
|
12
|
+
def oval_policy_params_filter
|
13
|
+
Foreman::ParameterFilter.new(::ForemanOpenscap::OvalPolicy).tap do |filter|
|
14
|
+
filter.permit filter_params_list
|
15
|
+
end
|
16
|
+
end
|
17
|
+
end
|
18
|
+
|
19
|
+
def oval_policy_params
|
20
|
+
self.class.oval_policy_params_filter.filter_params(params, parameter_filter_context)
|
21
|
+
end
|
22
|
+
end
|
@@ -5,7 +5,7 @@ module ForemanOpenscap
|
|
5
5
|
end
|
6
6
|
|
7
7
|
def process_hostgroup
|
8
|
-
@hostgroup = Hostgroup.find(params[:host][:hostgroup_id]) if params[:host][:hostgroup_id].to_i > 0
|
8
|
+
@hostgroup = ::Hostgroup.find(params[:host][:hostgroup_id]) if params[:host][:hostgroup_id].to_i > 0
|
9
9
|
return head(:not_found) unless @hostgroup
|
10
10
|
@openscap_proxy = @hostgroup.openscap_proxy
|
11
11
|
super
|
@@ -0,0 +1,17 @@
|
|
1
|
+
module Types
|
2
|
+
class Cve < BaseObject
|
3
|
+
description 'A CVE'
|
4
|
+
model_class ::ForemanOpenscap::Cve
|
5
|
+
|
6
|
+
global_id_field :id
|
7
|
+
field :ref_id, String
|
8
|
+
field :ref_url, String
|
9
|
+
field :has_errata, Boolean
|
10
|
+
field :definition_id, String
|
11
|
+
has_many :hosts, Types::Host
|
12
|
+
|
13
|
+
def self.graphql_definition
|
14
|
+
super.tap { |type| type.instance_variable_set(:@name, 'ForemanOpenscap::Cve') }
|
15
|
+
end
|
16
|
+
end
|
17
|
+
end
|
@@ -0,0 +1,17 @@
|
|
1
|
+
module Types
|
2
|
+
class OvalContent < BaseObject
|
3
|
+
description 'An OVAL Content'
|
4
|
+
model_class ::ForemanOpenscap::OvalContent
|
5
|
+
|
6
|
+
global_id_field :id
|
7
|
+
timestamps
|
8
|
+
field :name, String
|
9
|
+
field :digest, String
|
10
|
+
field :original_filename, String
|
11
|
+
field :url, String
|
12
|
+
|
13
|
+
def self.graphql_definition
|
14
|
+
super.tap { |type| type.instance_variable_set(:@name, 'ForemanOpenscap::OvalContent') }
|
15
|
+
end
|
16
|
+
end
|
17
|
+
end
|
@@ -0,0 +1,21 @@
|
|
1
|
+
module Types
|
2
|
+
class OvalPolicy < BaseObject
|
3
|
+
description 'An OVAL Policy'
|
4
|
+
model_class ::ForemanOpenscap::OvalPolicy
|
5
|
+
|
6
|
+
global_id_field :id
|
7
|
+
timestamps
|
8
|
+
field :name, String
|
9
|
+
field :description, String
|
10
|
+
field :period, String
|
11
|
+
field :weekday, String
|
12
|
+
field :day_of_month, String
|
13
|
+
field :cron_line, String
|
14
|
+
belongs_to :oval_content, ::Types::OvalContent
|
15
|
+
has_many :hostgroups, ::Types::Hostgroup
|
16
|
+
|
17
|
+
def self.graphql_definition
|
18
|
+
super.tap { |type| type.instance_variable_set(:@name, 'ForemanOpenscap::OvalPolicy') }
|
19
|
+
end
|
20
|
+
end
|
21
|
+
end
|
@@ -14,16 +14,13 @@ module ArfReportsHelper
|
|
14
14
|
end
|
15
15
|
|
16
16
|
def arf_report_breadcrumbs
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
:
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
:url => (arf_report_path(@arf_report) if authorized_for(hash_for_arf_report_path(@arf_report))) }
|
25
|
-
])
|
26
|
-
end
|
17
|
+
breadcrumbs(:resource_url => api_compliance_arf_reports_path,
|
18
|
+
:switchable => false,
|
19
|
+
:items => [
|
20
|
+
{ :caption => _('Compliance Reports'),
|
21
|
+
:url => url_for(arf_reports_path) },
|
22
|
+
{ :caption => @arf_report.host.to_s }
|
23
|
+
])
|
27
24
|
end
|
28
25
|
|
29
26
|
def result_tag(level)
|
@@ -38,20 +35,6 @@ module ArfReportsHelper
|
|
38
35
|
"class='label label-#{tag} result-filter-tag'".html_safe
|
39
36
|
end
|
40
37
|
|
41
|
-
def severity_tag(level)
|
42
|
-
tag = case level.downcase.to_sym
|
43
|
-
when :low
|
44
|
-
"info"
|
45
|
-
when :medium
|
46
|
-
"warning"
|
47
|
-
when :high
|
48
|
-
"danger"
|
49
|
-
else
|
50
|
-
"default"
|
51
|
-
end
|
52
|
-
"class='label label-#{tag}'".html_safe
|
53
|
-
end
|
54
|
-
|
55
38
|
def multiple_actions_arf_report
|
56
39
|
actions = [
|
57
40
|
[_('Delete reports'), delete_multiple_arf_reports_path]
|
@@ -11,10 +11,10 @@ module PoliciesHelper
|
|
11
11
|
|
12
12
|
def deploy_by_radios(f, policy)
|
13
13
|
ForemanOpenscap::ConfigNameService.new.configs.map do |tool|
|
14
|
-
popover_block = popover("", config_inline_help(tool.inline_help))
|
14
|
+
popover_block = tag.span(popover("", config_inline_help(tool.inline_help)), class: 'scap_policy_popover')
|
15
15
|
|
16
|
-
label = label_tag('', :class => 'col-md-2 control-label') do
|
17
|
-
tool.type.to_s.capitalize.html_safe
|
16
|
+
label = label_tag('', :class => 'col-md-2 control-label', :for => "policy_deploy_by_#{tool.type}") do
|
17
|
+
tool.type.to_s.capitalize.html_safe
|
18
18
|
end
|
19
19
|
|
20
20
|
radio = content_tag(:div, :class => "col-md-2") do
|
@@ -23,7 +23,7 @@ module PoliciesHelper
|
|
23
23
|
|
24
24
|
content_tag(:div, :class => "clearfix") do
|
25
25
|
content_tag(:div, :class => "form-group") do
|
26
|
-
label.html_safe + radio.html_safe
|
26
|
+
label.html_safe + popover_block.html_safe + radio.html_safe
|
27
27
|
end
|
28
28
|
end
|
29
29
|
end.join('').html_safe
|
@@ -136,17 +136,4 @@ module PoliciesHelper
|
|
136
136
|
def translate_steps(policy)
|
137
137
|
policy.steps.map { |step| _(step) }
|
138
138
|
end
|
139
|
-
|
140
|
-
def policy_breadcrumbs
|
141
|
-
if @policy
|
142
|
-
breadcrumbs(:resource_url => api_compliance_policies_path,
|
143
|
-
:name_field => 'name',
|
144
|
-
:items => [
|
145
|
-
{ :caption => _('Policies'),
|
146
|
-
:url => url_for(policies_path) },
|
147
|
-
{ :caption => @policy.name,
|
148
|
-
:url => (edit_policy_path(@policy) if authorized_for(hash_for_edit_policy_path(@policy))) }
|
149
|
-
])
|
150
|
-
end
|
151
|
-
end
|
152
139
|
end
|