RubyGems - foreman_openscap - Versions diffs - 4.2.0 → 4.3.0 - Mend

foreman_openscap 4.2.0 → 4.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (135) hide show

checksums.yaml +4 -4
data/app/controllers/api/v2/compliance/oval_contents_controller.rb +72 -0
data/app/controllers/api/v2/compliance/oval_policies_controller.rb +111 -0
data/app/controllers/api/v2/compliance/oval_reports_controller.rb +47 -0
data/app/controllers/concerns/foreman/controller/parameters/oval_content.rb +22 -0
data/app/controllers/concerns/foreman/controller/parameters/oval_policy.rb +22 -0
data/app/controllers/concerns/foreman_openscap/hosts_controller_extensions.rb +1 -1
data/app/graphql/types/cve.rb +17 -0
data/app/graphql/types/oval_content.rb +17 -0
data/app/graphql/types/oval_policy.rb +21 -0
data/app/helpers/arf_reports_helper.rb +0 -14
data/app/mailers/foreman_openscap/policy_mailer.rb +2 -2
data/app/models/concerns/foreman_openscap/compliance_status_scoped_search.rb +1 -1
data/app/models/concerns/foreman_openscap/data_stream_content.rb +0 -17
data/app/models/concerns/foreman_openscap/host_extensions.rb +11 -11
data/app/models/concerns/foreman_openscap/hostgroup_extensions.rb +3 -5
data/app/models/concerns/foreman_openscap/inherited_policies.rb +11 -0
data/app/models/concerns/foreman_openscap/oval_facet_host_extensions.rb +38 -0
data/app/models/concerns/foreman_openscap/oval_facet_hostgroup_extensions.rb +15 -0
data/app/models/concerns/foreman_openscap/policy_common.rb +75 -0
data/app/models/concerns/foreman_openscap/scap_file_content.rb +24 -0
data/app/models/foreman_openscap/cve.rb +23 -0
data/app/models/foreman_openscap/host/oval_facet.rb +14 -0
data/app/models/foreman_openscap/host_cve.rb +7 -0
data/app/models/foreman_openscap/hostgroup/oval_facet.rb +14 -0
data/app/models/foreman_openscap/hostgroup_oval_facet_oval_policy.rb +6 -0
data/app/models/foreman_openscap/oval_content.rb +26 -0
data/app/models/foreman_openscap/oval_facet_oval_policy.rb +6 -0
data/app/models/foreman_openscap/oval_policy.rb +54 -0
data/app/models/foreman_openscap/oval_status.rb +45 -0
data/app/models/foreman_openscap/policy.rb +7 -69
data/app/models/foreman_openscap/scap_content.rb +1 -0
data/app/models/foreman_openscap/tailoring_file.rb +1 -0
data/app/services/foreman_openscap/client_config/ansible.rb +39 -6
data/app/services/foreman_openscap/client_config/base.rb +5 -1
data/app/services/foreman_openscap/client_config/puppet.rb +2 -1
data/app/services/foreman_openscap/config_name_service.rb +1 -1
data/app/services/foreman_openscap/hostgroup_overrider.rb +2 -24
data/app/services/foreman_openscap/hostgroup_overrider_common.rb +28 -0
data/app/services/foreman_openscap/lookup_key_overrider.rb +30 -62
data/app/services/foreman_openscap/lookup_key_overrides_common.rb +63 -0
data/app/services/foreman_openscap/oval/check_collection.rb +45 -0
data/app/services/foreman_openscap/oval/configure.rb +80 -0
data/app/services/foreman_openscap/oval/cves.rb +41 -0
data/app/services/foreman_openscap/oval/setup.rb +93 -0
data/app/services/foreman_openscap/oval/setup_check.rb +55 -0
data/app/services/foreman_openscap/oval/sync_oval_contents.rb +42 -0
data/app/views/api/v2/compliance/oval_contents/base.json.rabl +6 -0
data/app/views/api/v2/compliance/oval_contents/create.json.rabl +3 -0
data/app/views/api/v2/compliance/oval_contents/index.json.rabl +3 -0
data/app/views/api/v2/compliance/oval_contents/show.json.rabl +3 -0
data/app/views/api/v2/compliance/oval_contents/sync.json.rabl +3 -0
data/app/views/api/v2/compliance/oval_contents/sync_result.json.rabl +11 -0
data/app/views/api/v2/compliance/oval_contents/update.json.rabl +3 -0
data/app/views/api/v2/compliance/oval_policies/create.json.rabl +3 -0
data/app/views/api/v2/compliance/oval_policies/index.json.rabl +3 -0
data/app/views/api/v2/compliance/oval_policies/main.json.rabl +15 -0
data/app/views/api/v2/compliance/oval_policies/show.json.rabl +3 -0
data/app/views/api/v2/compliance/policies/base.json.rabl +2 -2
data/app/views/api/v2/compliance/policies_common/_attrs.json.rabl +2 -0
data/app/views/arf_reports/_output.html.erb +9 -1
data/app/views/job_templates/run_oval_scans.erb +24 -0
data/app/views/policies/steps/_deployment_options_form.html.erb +2 -2
data/config/initializers/inflections.rb +12 -0
data/config/routes.rb +19 -0
data/db/migrate/20201019074925_create_oval_policy.rb +13 -0
data/db/migrate/20201020113801_create_oval_facet.rb +14 -0
data/db/migrate/20201021084109_create_hostgroup_oval_facet.rb +14 -0
data/db/migrate/20201106080924_create_oval_content.rb +12 -0
data/db/migrate/20201116110256_add_oval_content_to_oval_policy.rb +5 -0
data/db/migrate/20201120080329_create_cves.rb +13 -0
data/db/migrate/20201202110213_update_puppet_port_param_type.rb +2 -6
data/db/migrate/20201217130800_add_has_errata_to_cve.rb +8 -0
data/db/migrate/20201217161511_add_url_to_oval_content.rb +5 -0
data/db/migrate/20210409095625_add_oval_policy_reference_to_cve.rb +7 -0
data/lib/foreman_openscap/engine.rb +67 -9
data/lib/foreman_openscap/version.rb +1 -1
data/lib/tasks/foreman_openscap_tasks.rake +14 -9
data/locale/de/LC_MESSAGES/foreman_openscap.mo +0 -0
data/locale/de/foreman_openscap.edit.po +0 -0
data/locale/de/foreman_openscap.po +215 -17
data/locale/en_GB/LC_MESSAGES/foreman_openscap.mo +0 -0
data/locale/en_GB/foreman_openscap.edit.po +0 -0
data/locale/en_GB/foreman_openscap.po +213 -15
data/locale/es/LC_MESSAGES/foreman_openscap.mo +0 -0
data/locale/es/foreman_openscap.edit.po +0 -0
data/locale/es/foreman_openscap.po +239 -41
data/locale/foreman_openscap.pot +395 -112
data/locale/fr/LC_MESSAGES/foreman_openscap.mo +0 -0
data/locale/fr/foreman_openscap.edit.po +0 -0
data/locale/fr/foreman_openscap.po +243 -45
data/locale/gl/LC_MESSAGES/foreman_openscap.mo +0 -0
data/locale/gl/foreman_openscap.edit.po +0 -0
data/locale/gl/foreman_openscap.po +213 -15
data/locale/it/LC_MESSAGES/foreman_openscap.mo +0 -0
data/locale/it/foreman_openscap.edit.po +0 -0
data/locale/it/foreman_openscap.po +213 -15
data/locale/ja/LC_MESSAGES/foreman_openscap.mo +0 -0
data/locale/ja/foreman_openscap.edit.po +0 -0
data/locale/ja/foreman_openscap.po +262 -66
data/locale/ko/LC_MESSAGES/foreman_openscap.mo +0 -0
data/locale/ko/foreman_openscap.edit.po +0 -0
data/locale/ko/foreman_openscap.po +214 -16
data/locale/pt_BR/LC_MESSAGES/foreman_openscap.mo +0 -0
data/locale/pt_BR/foreman_openscap.edit.po +0 -0
data/locale/pt_BR/foreman_openscap.po +252 -54
data/locale/ru/LC_MESSAGES/foreman_openscap.mo +0 -0
data/locale/ru/foreman_openscap.edit.po +0 -0
data/locale/ru/foreman_openscap.po +214 -16
data/locale/sv_SE/LC_MESSAGES/foreman_openscap.mo +0 -0
data/locale/sv_SE/foreman_openscap.edit.po +0 -0
data/locale/sv_SE/foreman_openscap.po +213 -15
data/locale/zh_CN/LC_MESSAGES/foreman_openscap.mo +0 -0
data/locale/zh_CN/foreman_openscap.edit.po +0 -0
data/locale/zh_CN/foreman_openscap.po +369 -169
data/locale/zh_TW/LC_MESSAGES/foreman_openscap.mo +0 -0
data/locale/zh_TW/foreman_openscap.edit.po +0 -0
data/locale/zh_TW/foreman_openscap.po +214 -16
data/test/factories/compliance_host_factory.rb +12 -0
data/test/factories/oval_content_factory.rb +7 -0
data/test/factories/oval_policy_factory.rb +9 -0
data/test/files/oval_contents/ansible-2.9.oval.xml.bz2 +0 -0
data/test/fixtures/cve_fixtures.rb +104 -0
data/test/functional/api/v2/compliance/oval_contents_controller_test.rb +39 -0
data/test/functional/api/v2/compliance/oval_policies_controller_test.rb +141 -0
data/test/functional/api/v2/compliance/oval_reports_controller_test.rb +32 -0
data/test/graphql/queries/oval_contents_query_test.rb +35 -0
data/test/graphql/queries/oval_policies_query_test.rb +35 -0
data/test/test_plugin_helper.rb +4 -0
data/test/unit/oval_host_test.rb +45 -0
data/test/unit/oval_policy_test.rb +133 -0
data/test/unit/oval_status_test.rb +47 -0
data/test/unit/services/oval/cves_test.rb +81 -0
data/test/unit/services/oval/setup_test.rb +87 -0
metadata +97 -3

data/app/models/foreman_openscap/policy.rb CHANGED Viewed

@@ -4,6 +4,8 @@ module ForemanOpenscap
     audited
     include Authorizable
     include Taxonomix
+    include PolicyCommon
     attr_writer :current_step, :wizard_initiated
     STEPS_LIST = [N_('Deployment Options'), N_('Policy Attributes'), N_('SCAP Content'), N_('Schedule'), N_('Locations'), N_('Organizations'), N_('Hostgroups')]
@@ -22,7 +24,6 @@ module ForemanOpenscap
     scoped_search :relation => :scap_content_profile, :on => :title, :rename => 'profile', :complete_value => true
     scoped_search :relation => :tailoring_file, :on => :name, :rename => 'tailoring_file', :complete_value => true
     scoped_search :relation => :tailoring_file_profile, :on => :title, :rename => 'tailoring_file_profile', :complete_value => true
-    before_validation :update_period_attrs
     def self.deploy_by_variants
       %w[puppet ansible manual]
@@ -38,7 +39,8 @@ module ForemanOpenscap
     validates :scap_content_id, presence: true, if: Proc.new { |policy| policy.should_validate?('SCAP Content') }
     validate :matching_content_profile, if: Proc.new { |policy| policy.should_validate?('SCAP Content') }
-    validate :valid_cron_line, :valid_weekday, :valid_day_of_month, :valid_tailoring, :valid_tailoring_profile, :no_mixed_deployments
+    validate :valid_tailoring, :valid_tailoring_profile, :no_mixed_deployments
+    validate :valid_cron_line, :valid_weekday, :valid_day_of_month, :if => Proc.new { |policy| policy.should_validate?('Schedule') }
     after_save :assign_policy_to_hostgroups
     # before_destroy - ensure that the policy has no hostgroups, or classes
@@ -64,7 +66,7 @@ module ForemanOpenscap
     def change_deploy_type(params)
       self.class.transaction do
-        if deploy_by != params[:deploy_by]
+        if params[:deploy_by] && deploy_by != params[:deploy_by]
           assign_attributes params
           ForemanOpenscap::LookupKeyOverrider.new(self).override
         end
@@ -82,7 +84,7 @@ module ForemanOpenscap
     end
     def hostgroups
-      Hostgroup.find(hostgroup_ids)
+      ::Hostgroup.find(hostgroup_ids)
     end
     def hostgroups=(hostgroups)
@@ -98,7 +100,7 @@ module ForemanOpenscap
     end
     def hosts
-      Host.where(:id => host_ids)
+      ::Host.where(:id => host_ids)
     end
     def hosts=(hosts)
@@ -212,17 +214,6 @@ module ForemanOpenscap
       @wizard_initiated
     end
-    def update_period_attrs
-      case period
-      when 'monthly'
-        erase_period_attrs(%w[cron_line weekday])
-      when 'weekly'
-        erase_period_attrs(%w[cron_line day_of_month])
-      when 'custom'
-        erase_period_attrs(%w[weekday day_of_month])
-      end
-    end
     private
     def html_error_message(message)
@@ -232,59 +223,6 @@ module ForemanOpenscap
       error_message.html_safe
     end
-    def erase_period_attrs(attrs)
-      attrs.each { |attr| self.public_send("#{attr}=", nil) }
-    end
-    def period_enc
-      # get crontab expression as an array (minute hour day_of_month month day_of_week)
-      cron_parts = case period
-                   when 'weekly'
-                     ['0', '1', '*', '*', weekday_number.to_s]
-                   when 'monthly'
-                     ['0', '1', day_of_month.to_s, '*', '*']
-                   when 'custom'
-                     cron_line_split
-                   else
-                     raise 'invalid period specification'
-                   end
-      {
-        'minute'   => cron_parts[0],
-        'hour'     => cron_parts[1],
-        'monthday' => cron_parts[2],
-        'month'    => cron_parts[3],
-        'weekday'  => cron_parts[4],
-      }
-    end
-    def weekday_number
-      # 0 is sunday, 1 is monday in cron, while DAYS_INTO_WEEK has 0 as monday, 6 as sunday
-      (Date::DAYS_INTO_WEEK.with_indifferent_access[weekday] + 1) % 7
-    end
-    def cron_line_split
-      cron_line.to_s.split(' ')
-    end
-    def valid_cron_line
-      if period == 'custom' && should_validate?('Schedule')
-        errors.add(:cron_line, _("does not consist of 5 parts separated by space")) unless cron_line_split.size == 5
-      end
-    end
-    def valid_weekday
-      if period == 'weekly' && should_validate?('Schedule')
-        errors.add(:weekday, _("is not a valid value")) unless Date::DAYNAMES.map(&:downcase).include? weekday
-      end
-    end
-    def valid_day_of_month
-      if period == 'monthly' && should_validate?('Schedule')
-        errors.add(:day_of_month, _("must be between 1 and 31")) if !day_of_month || (day_of_month < 1 || day_of_month > 31)
-      end
-    end
     def valid_tailoring
       errors.add(:tailoring_file_id, _("must be present when tailoring file profile present")) if tailoring_file_profile_id && !tailoring_file_id
       errors.add(:tailoring_file_profile_id, _("must be present when tailoring file present")) if !tailoring_file_profile_id && tailoring_file_id

data/app/models/foreman_openscap/scap_content.rb CHANGED Viewed

@@ -4,6 +4,7 @@ module ForemanOpenscap
     include Authorizable
     include Taxonomix
     include DataStreamContent
+    include ScapFileContent
     has_many :scap_content_profiles, :dependent => :destroy
     has_many :policies

data/app/models/foreman_openscap/tailoring_file.rb CHANGED Viewed

@@ -4,6 +4,7 @@ module ForemanOpenscap
     include Authorizable
     include Taxonomix
     include DataStreamContent
+    include ScapFileContent
     has_many :policies
     has_many :scap_content_profiles, :dependent => :destroy

data/app/services/foreman_openscap/client_config/ansible.rb CHANGED Viewed

@@ -2,9 +2,15 @@ module ForemanOpenscap
   module ClientConfig
     class Ansible < Base
       delegate :ansible_role_name, :to => :constants
+      attr_reader :constants
       alias config_item_name ansible_role_name
+      def initialize(policy_class)
+        raise "Unknown policy class, expected one of: #{policy_types.map(&to_s).join(', ')}" unless policy_types.include?(policy_class)
+        initialize_constants(policy_class)
+      end
       def type
         :ansible
       end
@@ -21,17 +27,44 @@ module ForemanOpenscap
         }
       end
-      def constants
-        OpenStruct.new(
+      def ansible_role_missing_msg
+        _("theforeman.foreman_scap_client Ansible Role not found, please import it before running this action again.")
+      end
+      private
+      def policy_types
+        [ForemanOpenscap::Policy, ForemanOpenscap::OvalPolicy]
+      end
+      def initialize_constants(policy_class)
+        base_constants = {
           :server_param => 'foreman_scap_client_server',
           :port_param => 'foreman_scap_client_port',
-          :policies_param => 'foreman_scap_client_policies',
           :ansible_role_name => 'theforeman.foreman_scap_client',
           :config_item_class_name => 'AnsibleRole',
           :override_method_name => 'ansible_variables',
-          :msg_name => _('Ansible role'),
-          :lookup_key_plural_name => _('Ansible variables')
-        )
+        }
+        if policy_class == ::ForemanOpenscap::Policy
+          @constants = OpenStruct.new(
+            base_constants.merge(
+              :policies_param => 'foreman_scap_client_policies',
+              :policies_param_default_value => ds_policies_param_default_value,
+              :msg_name => _('Ansible role'),
+              :lookup_key_plural_name => _('Ansible variables')
+            )
+          )
+        end
+        if policy_class == ::ForemanOpenscap::OvalPolicy
+          @constants = OpenStruct.new(
+            base_constants.merge(
+              :policies_param => 'foreman_scap_client_oval_policies',
+              :policies_param_default_value => '<%= @host.oval_policies_enc %>'
+            )
+          )
+        end
       end
     end
   end

data/app/services/foreman_openscap/client_config/base.rb CHANGED Viewed

@@ -3,7 +3,7 @@ module ForemanOpenscap
     class Base
       delegate :server_param, :port_param, :policies_param, :config_item_name,
                :config_item_class_name, :override_method_name, :msg_name,
-               :lookup_key_plural_name, :to => :constants
+               :lookup_key_plural_name, :policies_param_default_value, :to => :constants
       def type
         raise NotImplementedError
@@ -42,6 +42,10 @@ module ForemanOpenscap
         # all_puppetclasses, all_ansible_roles methods return Array, not ActiveRecord::Relation
         scope.find { |item| item.name == config_item_name }
       end
+      def ds_policies_param_default_value
+        '<%= @host.policies_enc %>'
+      end
     end
   end
 end

data/app/services/foreman_openscap/client_config/puppet.rb CHANGED Viewed

@@ -30,7 +30,8 @@ module ForemanOpenscap
           :config_item_class_name => 'Puppetclass',
           :override_method_name => 'class_params',
           :msg_name => _('Puppet class'),
-          :lookup_key_plural_name => _('Smart Class Parameters')
+          :lookup_key_plural_name => _('Smart Class Parameters'),
+          :policies_param_default_value => ds_policies_param_default_value
         )
       end
     end

data/app/services/foreman_openscap/config_name_service.rb CHANGED Viewed

@@ -4,7 +4,7 @@ module ForemanOpenscap
     def initialize
       @configs = [
-        ForemanOpenscap::ClientConfig::Ansible.new,
+        ForemanOpenscap::ClientConfig::Ansible.new(Policy),
         ForemanOpenscap::ClientConfig::Puppet.new,
         ForemanOpenscap::ClientConfig::Manual.new
       ]

data/app/services/foreman_openscap/hostgroup_overrider.rb CHANGED Viewed

@@ -1,5 +1,7 @@
 module ForemanOpenscap
   class HostgroupOverrider
+    include HostgroupOverriderCommon
     def initialize(policy)
       @policy = policy
       @name_sevice = ConfigNameService.new
@@ -43,29 +45,5 @@ module ForemanOpenscap
         remove_overrides item.public_send(remove_config.override_method_name), hostgroup, remove_config
       end
     end
-    def add_overrides(collection, hostgroup, config)
-      collection.where(:override => true).find_each do |override|
-        return unless hostgroup.openscap_proxy && (url = hostgroup.openscap_proxy.url).present?
-        openscap_proxy_uri = URI.parse(url)
-        case override.key
-        when config.server_param
-          lookup_value = LookupValue.where(:match => "hostgroup=#{hostgroup.to_label}", :lookup_key_id => override.id).first_or_initialize
-          lookup_value.update_attribute(:value, openscap_proxy_uri.host)
-        when config.port_param
-          lookup_value = LookupValue.where(:match => "hostgroup=#{hostgroup.to_label}", :lookup_key_id => override.id).first_or_initialize
-          lookup_value.update_attribute(:value, openscap_proxy_uri.port)
-        end
-      end
-    end
-    def remove_overrides(collection, hostgroup, config)
-      collection.where(:override => true).find_each do |override|
-        if override.key == config.server_param || override.key == config.port_param
-          LookupValue.find_by(:match => "hostgroup=#{hostgroup.to_label}", :lookup_key_id => override.id)&.destroy
-        end
-      end
-    end
   end
 end

data/app/services/foreman_openscap/hostgroup_overrider_common.rb ADDED Viewed

@@ -0,0 +1,28 @@
+module ForemanOpenscap
+  module HostgroupOverriderCommon
+    def add_overrides(collection, host_or_hg, config)
+      model_match = host_or_hg.class.name.underscore =~ /\Ahostgroup\z/ ? "hostgroup" : "fqdn"
+      collection.where(:override => true).find_each do |override|
+        return unless host_or_hg.openscap_proxy && (url = host_or_hg.openscap_proxy.url).present?
+        openscap_proxy_uri = URI.parse(url)
+        case override.key
+        when config.server_param
+          lookup_value = LookupValue.where(:match => "#{model_match}=#{host_or_hg.to_label}", :lookup_key_id => override.id).first_or_initialize
+          lookup_value.update_attribute(:value, openscap_proxy_uri.host)
+        when config.port_param
+          lookup_value = LookupValue.where(:match => "#{model_match}=#{host_or_hg.to_label}", :lookup_key_id => override.id).first_or_initialize
+          lookup_value.update_attribute(:value, openscap_proxy_uri.port)
+        end
+      end
+    end
+    def remove_overrides(collection, hostgroup, config)
+      collection.where(:override => true).find_each do |override|
+        if override.key == config.server_param || override.key == config.port_param
+          LookupValue.find_by(:match => "hostgroup=#{hostgroup.to_label}", :lookup_key_id => override.id)&.destroy
+        end
+      end
+    end
+  end
+end

data/app/services/foreman_openscap/lookup_key_overrider.rb CHANGED Viewed

@@ -1,5 +1,7 @@
 module ForemanOpenscap
   class LookupKeyOverrider
+    include LookupKeyOverridesCommon
     def initialize(policy)
       @policy = policy
       @name_service = ConfigNameService.new
@@ -8,88 +10,54 @@ module ForemanOpenscap
     def override
       return unless @policy.deploy_by && Policy.deploy_by_variants.include?(@policy.deploy_by)
       config = @name_service.config_for @policy.deploy_by.to_sym
-      unless config.available?
-        @policy.errors[:deploy_by] <<
-          _("%{type} was selected to deploy policy to clients, but %{type} is not available. Are you missing a plugin?") %
-          { :type => config.type.to_s.camelize }
-        return
-      end
-      return unless config.managed_overrides?
-      override_required_params config
+      super config
     end
-    private
-    def override_required_params(config)
-      item = config.find_config_item
-      unless item
-        err = _("Required %{msg_name} %{class} was not found, please ensure it is imported first.") %
-          { :class => config.config_item_name, :msg_name => config.msg_name }
-        @policy.errors[:base] << err
-        return
-      end
-      override_params item.public_send(config.override_method_name), config
+    def handle_config_not_available(config)
+      return true if config.available?
+      @policy.errors[:deploy_by] <<
+        _("%{type} was selected to deploy policy to clients, but %{type} is not available. Are you missing a plugin?") %
+          { :type => config.type.to_s.camelize }
+      false
     end
-    def override_params(lookup_keys, config)
-      policies_param = lookup_keys.find_by :key => config.policies_param
-      port_param = lookup_keys.find_by :key => config.port_param
-      server_param = lookup_keys.find_by :key => config.server_param
-      return unless all_lookup_keys_present?(config, config.policies_param => policies_param,
-                                                     config.port_param => port_param,
-                                                     config.server_param => server_param)
-      override_policies_param(policies_param, config)
-      override_port_param(port_param, config)
-      override_server_param(server_param, config)
+    def handle_config_item_not_available(config, item)
+      return true if item
+      err = _("Required %{msg_name} %{class} was not found, please ensure it is imported first.") %
+          { :class => config.config_item_name, :msg_name => config.msg_name }
+      @policy.errors[:base] << err
+      false
     end
-    def all_lookup_keys_present?(config, hash)
-      unless hash.values.all?
-        names = hash.reduce([]) do |memo, (key, value)|
-          memo << key if value.blank?
-          memo
-        end
-        err = _("The following %{key_name} were missing for %{item_name}: %{key_names}. Make sure they are imported before proceeding.") %
-          { :key_name => config.lookup_key_plural_name, :key_names => names.compact.join(', '), :item_name => config.config_item_name }
+    def handle_missing_lookup_keys(config, key_names)
+      return true if key_names.empty?
+      err = _("The following %{key_name} were missing for %{item_name}: %{key_names}. Make sure they are imported before proceeding.") %
+        { :key_name => config.lookup_key_plural_name, :key_names => key_names, :item_name => config.config_item_name }
-        @policy.errors[:base] << err
-        return false
-      end
-      true
+      @policy.errors[:base] << err
+      false
     end
-    def override_policies_param(parameter, config)
-      override_param(config.policies_param, parameter, config) do |param|
-        param.key_type      = 'array'
-        param.default_value = '<%= @host.policies_enc %>'
-      end
+    def handle_server_param_override(config, param)
+      handle_param_override config, param
     end
-    def override_port_param(param, config)
-      override_param config.port_param, param, config, 'integer'
+    def handle_port_param_override(config, param)
+      handle_param_override config, param
     end
-    def override_server_param(param, config)
-      override_param config.server_param, param, config
+    def handle_policies_param_override(config, param)
+      handle_param_override config, param
     end
-    def override_param(param_name, param, config, key_type = nil)
-      param.override = true
-      param.hidden_value = false
-      param.key_type = key_type if key_type
-      yield param if block_given?
+    def handle_param_override(config, param)
       if param.changed? && !param.save
         @policy.errors[:base] <<
           _('Failed to save when overriding parameters for %{config_tool}, cause: %{errors}') %
           { :config_tool => config.type, :errors => param.errors.full_messages.join(', ') }
+        return false
       end
+      true
     end
   end
 end