foreman_openscap 4.3.2 → 5.1.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/app/controllers/api/v2/compliance/arf_reports_controller.rb +0 -6
- data/app/controllers/api/v2/compliance/oval_policies_controller.rb +1 -1
- data/app/graphql/mutations/oval_contents/delete.rb +9 -0
- data/app/graphql/mutations/oval_policies/create.rb +33 -0
- data/app/graphql/mutations/oval_policies/delete.rb +9 -0
- data/app/graphql/mutations/oval_policies/update.rb +15 -0
- data/app/graphql/types/oval_check.rb +11 -0
- data/app/graphql/types/oval_content.rb +2 -0
- data/app/graphql/types/oval_policy.rb +3 -0
- data/app/helpers/arf_report_dashboard_helper.rb +2 -4
- data/app/helpers/compliance_hosts_helper.rb +1 -1
- data/app/helpers/policies_helper.rb +2 -2
- data/app/models/concerns/foreman_openscap/host_extensions.rb +0 -6
- data/app/models/concerns/foreman_openscap/oval_facet_hostgroup_extensions.rb +16 -0
- data/app/models/concerns/foreman_openscap/policy_common.rb +1 -1
- data/app/models/foreman_openscap/oval_content.rb +2 -0
- data/app/services/foreman_openscap/client_config/base.rb +1 -0
- data/app/services/foreman_openscap/client_config/puppet.rb +6 -2
- data/app/services/foreman_openscap/oval/configure.rb +16 -13
- data/app/services/foreman_openscap/oval/setup.rb +5 -5
- data/app/services/foreman_openscap/oval/setup_check.rb +5 -2
- data/app/views/api/v2/compliance/oval_contents/destroy.json.rabl +3 -0
- data/app/views/arf_reports/_metrics.html.erb +4 -4
- data/app/views/compliance_hosts/show.html.erb +4 -6
- data/app/views/dashboard/_compliance_reports_breakdown_widget.html.erb +4 -3
- data/app/views/policy_dashboard/_policy_chart_widget.html.erb +3 -2
- data/db/migrate/20200117135424_migrate_port_overrides_to_int.rb +2 -1
- data/db/migrate/20201202110213_update_puppet_port_param_type.rb +2 -1
- data/db/migrate/20210819143316_drop_unused_tables.rb +6 -0
- data/lib/foreman_openscap/engine.rb +6 -7
- data/lib/foreman_openscap/version.rb +1 -1
- data/package.json +3 -6
- data/test/functional/api/v2/compliance/oval_reports_controller_test.rb +1 -1
- data/test/functional/api/v2/compliance/policies_controller_test.rb +2 -0
- data/test/graphql/mutations/oval_policies/delete_mutation_test.rb +63 -0
- data/test/graphql/queries/oval_content_query_test.rb +29 -0
- data/test/helpers/arf_report_dashboard_helper_test.rb +9 -10
- data/test/helpers/policy_dashboard_helper_test.rb +1 -1
- data/test/test_plugin_helper.rb +9 -4
- data/test/unit/policy_test.rb +1 -1
- data/test/unit/services/config_name_service_test.rb +1 -0
- data/test/unit/services/hostgroup_overrider_test.rb +2 -1
- data/test/unit/services/lookup_key_overrider_test.rb +4 -1
- data/test/unit/services/oval/setup_check_test.rb +37 -0
- data/webpack/components/ConfirmModal.js +63 -0
- data/webpack/components/ConfirmModal.scss +3 -0
- data/webpack/components/EditableInput.js +163 -0
- data/webpack/components/EditableInput.scss +3 -0
- data/webpack/components/EmptyState.js +12 -3
- data/webpack/components/IndexLayout.js +11 -4
- data/webpack/components/IndexTable/index.js +21 -16
- data/webpack/components/LinkButton.js +38 -0
- data/webpack/components/withDeleteModal.js +51 -0
- data/webpack/components/withLoading.js +44 -5
- data/webpack/graphql/mutations/createOvalPolicy.gql +22 -0
- data/webpack/graphql/mutations/deleteOvalContent.gql +9 -0
- data/webpack/graphql/mutations/deleteOvalPolicy.gql +9 -0
- data/webpack/graphql/mutations/updateOvalPolicy.gql +14 -0
- data/webpack/graphql/queries/currentUserAttributes.gql +11 -0
- data/webpack/graphql/queries/cves.gql +5 -0
- data/webpack/graphql/queries/hostgroups.gql +14 -0
- data/webpack/graphql/queries/ovalContent.gql +8 -0
- data/webpack/graphql/queries/ovalContents.gql +8 -0
- data/webpack/graphql/queries/ovalPolicies.gql +8 -0
- data/webpack/graphql/queries/ovalPolicy.gql +8 -0
- data/webpack/helpers/formFieldsHelper.js +113 -0
- data/webpack/helpers/globalIdHelper.js +4 -2
- data/webpack/helpers/mutationHelper.js +68 -0
- data/webpack/helpers/pathsHelper.js +10 -3
- data/webpack/helpers/permissionsHelper.js +42 -0
- data/webpack/helpers/toastHelper.js +3 -0
- data/webpack/helpers/toastsHelper.js +3 -0
- data/webpack/routes/OvalContents/OvalContentsIndex/OvalContentsIndex.js +26 -0
- data/webpack/routes/OvalContents/OvalContentsIndex/OvalContentsTable.js +50 -5
- data/webpack/routes/OvalContents/OvalContentsIndex/__tests__/OvalContentsDestroy.fixtures.js +105 -0
- data/webpack/routes/OvalContents/OvalContentsIndex/__tests__/OvalContentsDestroy.test.js +124 -0
- data/webpack/routes/OvalContents/OvalContentsIndex/__tests__/OvalContentsIndex.fixtures.js +98 -77
- data/webpack/routes/OvalContents/OvalContentsIndex/__tests__/OvalContentsIndex.test.js +53 -6
- data/webpack/routes/OvalContents/OvalContentsIndex/index.js +7 -1
- data/webpack/routes/OvalContents/OvalContentsNew/OvalContentsNew.js +138 -0
- data/webpack/routes/OvalContents/OvalContentsNew/OvalContentsNew.scss +3 -0
- data/webpack/routes/OvalContents/OvalContentsNew/OvalContentsNewHelper.js +73 -0
- data/webpack/routes/OvalContents/OvalContentsNew/__tests__/OvalContentsNew.test.js +104 -0
- data/webpack/routes/OvalContents/OvalContentsNew/index.js +13 -0
- data/webpack/routes/OvalContents/OvalContentsShow/OvalContentsShow.js +62 -0
- data/webpack/routes/OvalContents/OvalContentsShow/OvalContentsShow.test.js +45 -0
- data/{locale/de/foreman_openscap.edit.po → webpack/routes/OvalContents/OvalContentsShow/OvalContentsShowHelper.js} +0 -0
- data/webpack/routes/OvalContents/OvalContentsShow/index.js +35 -0
- data/webpack/routes/OvalPolicies/OvalPoliciesIndex/OvalPoliciesIndex.js +18 -2
- data/webpack/routes/OvalPolicies/OvalPoliciesIndex/OvalPoliciesTable.js +34 -4
- data/webpack/routes/OvalPolicies/OvalPoliciesIndex/__tests__/OvalPoliciesDestroy.fixtures.js +101 -0
- data/webpack/routes/OvalPolicies/OvalPoliciesIndex/__tests__/OvalPoliciesDestroy.test.js +117 -0
- data/webpack/routes/OvalPolicies/OvalPoliciesIndex/__tests__/OvalPoliciesIndex.fixtures.js +71 -21
- data/webpack/routes/OvalPolicies/OvalPoliciesIndex/__tests__/OvalPoliciesIndex.test.js +34 -2
- data/webpack/routes/OvalPolicies/OvalPoliciesIndex/index.js +7 -1
- data/webpack/routes/OvalPolicies/OvalPoliciesNew/HostgroupSelect.js +135 -0
- data/webpack/routes/OvalPolicies/OvalPoliciesNew/NewOvalPolicyForm.js +119 -0
- data/webpack/routes/OvalPolicies/OvalPoliciesNew/NewOvalPolicyFormHelpers.js +107 -0
- data/webpack/routes/OvalPolicies/OvalPoliciesNew/OvalPoliciesNew.js +32 -0
- data/webpack/routes/OvalPolicies/OvalPoliciesNew/__tests__/OvalPoliciesNew.fixtures.js +147 -0
- data/webpack/routes/OvalPolicies/OvalPoliciesNew/__tests__/OvalPoliciesNew.test.js +172 -0
- data/webpack/routes/OvalPolicies/OvalPoliciesNew/index.js +11 -0
- data/webpack/routes/OvalPolicies/OvalPoliciesShow/CvesTab.js +1 -0
- data/webpack/routes/OvalPolicies/OvalPoliciesShow/CvesTable.js +2 -2
- data/webpack/routes/OvalPolicies/OvalPoliciesShow/DetailsTab.js +87 -0
- data/webpack/routes/OvalPolicies/OvalPoliciesShow/HostgroupsTab.js +49 -0
- data/webpack/routes/OvalPolicies/OvalPoliciesShow/HostgroupsTable.js +38 -0
- data/webpack/routes/OvalPolicies/OvalPoliciesShow/OvalPoliciesShow.js +15 -11
- data/webpack/routes/OvalPolicies/OvalPoliciesShow/OvalPoliciesShowHelper.js +80 -2
- data/webpack/routes/OvalPolicies/OvalPoliciesShow/__tests__/OvalPoliciesEdit.fixtures.js +48 -0
- data/webpack/routes/OvalPolicies/OvalPoliciesShow/__tests__/OvalPoliciesEdit.test.js +202 -0
- data/webpack/routes/OvalPolicies/OvalPoliciesShow/__tests__/OvalPoliciesShow.fixtures.js +50 -4
- data/webpack/routes/OvalPolicies/OvalPoliciesShow/__tests__/OvalPoliciesShow.test.js +64 -4
- data/webpack/routes/OvalPolicies/OvalPoliciesShow/index.js +4 -0
- data/webpack/routes/routes.js +21 -0
- data/webpack/testHelper.js +64 -2
- metadata +80 -37
- data/locale/en_GB/foreman_openscap.edit.po +0 -0
- data/locale/es/foreman_openscap.edit.po +0 -0
- data/locale/fr/foreman_openscap.edit.po +0 -0
- data/locale/gl/foreman_openscap.edit.po +0 -0
- data/locale/it/foreman_openscap.edit.po +0 -0
- data/locale/ja/foreman_openscap.edit.po +0 -0
- data/locale/ko/foreman_openscap.edit.po +0 -0
- data/locale/pt_BR/foreman_openscap.edit.po +0 -0
- data/locale/ru/foreman_openscap.edit.po +0 -0
- data/locale/sv_SE/foreman_openscap.edit.po +0 -0
- data/locale/zh_CN/foreman_openscap.edit.po +0 -0
- data/locale/zh_TW/foreman_openscap.edit.po +0 -0
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 0cadd1a7264151b9ab0bd0cc4d21eb212f621094c9f62c68a5922c2c0fe7d20f
|
4
|
+
data.tar.gz: 87a58a9b949841cd923a9d91d7fc18bc2717194a6cd1a8c96f90f89cebf925ae
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 7f22820ffa670981fb8a2495ebfe19e9f67633e6549341972ac8caf23c5a826da6429ea2672f8a5d5b42b7a769662c87a068b3b7bbdda7d8d84f4d56043a1c37
|
7
|
+
data.tar.gz: 2134035b26dc747b698c69173d54eaeac67c17d81474997269872a6c62b0c8fe9cfe6a0c3c0734f13e5270b4e84b9f6da95f889b017dc366c1a276679e048d74
|
@@ -75,7 +75,7 @@ module Api::V2
|
|
75
75
|
assign _('hosts'), params["host_ids"], ::Host::Managed
|
76
76
|
end
|
77
77
|
|
78
|
-
api :GET, '/compliance/oval_policies/:id/oval_content', N_("Show a policy's
|
78
|
+
api :GET, '/compliance/oval_policies/:id/oval_content', N_("Show a policy's OVAL content")
|
79
79
|
param :id, :identifier, :required => true
|
80
80
|
|
81
81
|
def oval_content
|
@@ -0,0 +1,33 @@
|
|
1
|
+
module Mutations
|
2
|
+
module OvalPolicies
|
3
|
+
class Create < ::Mutations::BaseMutation
|
4
|
+
description 'Creates a new OVAL Policy'
|
5
|
+
graphql_name 'CreateOvalPolicyMutation'
|
6
|
+
|
7
|
+
resource_class ::ForemanOpenscap::OvalPolicy
|
8
|
+
|
9
|
+
argument :name, String
|
10
|
+
argument :description, String, required: false
|
11
|
+
argument :period, String
|
12
|
+
argument :weekday, String, required: false
|
13
|
+
argument :day_of_month, Integer, required: false
|
14
|
+
argument :cron_line, String, required: false
|
15
|
+
argument :oval_content_id, Integer, required: true
|
16
|
+
argument :hostgroup_ids, [Integer], required: false
|
17
|
+
|
18
|
+
field :oval_policy, Types::OvalPolicy, 'The new OVAL Policy.', null: true
|
19
|
+
field :check_collection, [Types::OvalCheck], 'A collection of checks to detect OVAL policy configuration error', null: false
|
20
|
+
|
21
|
+
def resolve(hostgroup_ids:, **params)
|
22
|
+
policy = ::ForemanOpenscap::OvalPolicy.new params
|
23
|
+
validate_object(policy)
|
24
|
+
authorize!(policy, :create)
|
25
|
+
check_collection = ::ForemanOpenscap::Oval::Configure.new.assign(policy, hostgroup_ids, ::Hostgroup)
|
26
|
+
{
|
27
|
+
:oval_policy => policy,
|
28
|
+
:check_collection => check_collection.checks
|
29
|
+
}
|
30
|
+
end
|
31
|
+
end
|
32
|
+
end
|
33
|
+
end
|
@@ -0,0 +1,15 @@
|
|
1
|
+
module Mutations
|
2
|
+
module OvalPolicies
|
3
|
+
class Update < UpdateMutation
|
4
|
+
graphql_name 'UpdateOvalPolicyMutation'
|
5
|
+
description 'Updates an OVAL Policy'
|
6
|
+
resource_class ::ForemanOpenscap::OvalPolicy
|
7
|
+
|
8
|
+
argument :name, String, required: false
|
9
|
+
argument :description, String, required: false
|
10
|
+
argument :cron_line, String, required: false
|
11
|
+
|
12
|
+
field :oval_policy, ::Types::OvalPolicy, 'The OVAL policy.', null: true
|
13
|
+
end
|
14
|
+
end
|
15
|
+
end
|
@@ -0,0 +1,11 @@
|
|
1
|
+
module Types
|
2
|
+
class OvalCheck < GraphQL::Schema::Object
|
3
|
+
description 'A check that contains information about whether a particual prerequisite for OVAL policy deployment is configured correctly'
|
4
|
+
|
5
|
+
field :id, String, null: false
|
6
|
+
field :title, String, null: false
|
7
|
+
field :fail_msg, String, null: true
|
8
|
+
field :errors, ::Types::RawJson, null: true
|
9
|
+
field :result, String, null: false
|
10
|
+
end
|
11
|
+
end
|
@@ -3,6 +3,8 @@ module Types
|
|
3
3
|
description 'An OVAL Policy'
|
4
4
|
model_class ::ForemanOpenscap::OvalPolicy
|
5
5
|
|
6
|
+
include ::Types::Concerns::MetaField
|
7
|
+
|
6
8
|
global_id_field :id
|
7
9
|
timestamps
|
8
10
|
field :name, String
|
@@ -12,6 +14,7 @@ module Types
|
|
12
14
|
field :day_of_month, String
|
13
15
|
field :cron_line, String
|
14
16
|
belongs_to :oval_content, ::Types::OvalContent
|
17
|
+
|
15
18
|
has_many :hostgroups, ::Types::Hostgroup
|
16
19
|
|
17
20
|
def self.graphql_definition
|
@@ -6,11 +6,9 @@ module ArfReportDashboardHelper
|
|
6
6
|
}.freeze
|
7
7
|
|
8
8
|
def breakdown_chart_data(categories, report, colors = COLORS)
|
9
|
-
|
9
|
+
categories.reduce([]) do |memo, (key, value)|
|
10
10
|
memo << [value, report[key], colors[key]]
|
11
11
|
end
|
12
|
-
|
13
|
-
data.to_json
|
14
12
|
end
|
15
13
|
|
16
14
|
def donut_breakdown_chart_data(report)
|
@@ -27,6 +25,6 @@ module ArfReportDashboardHelper
|
|
27
25
|
:data => status.to_a,
|
28
26
|
:yAxisLabel => _("Number of Events"),
|
29
27
|
:xAxisLabel => _("Rule Results"),
|
30
|
-
}
|
28
|
+
}
|
31
29
|
end
|
32
30
|
end
|
@@ -16,7 +16,7 @@ module ComplianceHostsHelper
|
|
16
16
|
[_("Othered"), othered, ArfReportDashboardHelper::COLORS[:othered]],
|
17
17
|
['dates', date, nil]
|
18
18
|
]
|
19
|
-
{ :data => data, :xAxisDataLabel => 'dates', :config => 'timeseries' }
|
19
|
+
{ :data => data, :xAxisDataLabel => 'dates', :config => 'timeseries' }
|
20
20
|
end
|
21
21
|
|
22
22
|
def compliance_host_multiple_actions
|
@@ -41,7 +41,7 @@ module PoliciesHelper
|
|
41
41
|
end
|
42
42
|
|
43
43
|
def deploy_by_radio_checked(policy, tool)
|
44
|
-
type = policy.deploy_by ? policy.deploy_by.to_sym : :
|
44
|
+
type = policy.deploy_by ? policy.deploy_by.to_sym : :manual
|
45
45
|
tool.type == type
|
46
46
|
end
|
47
47
|
|
@@ -93,7 +93,7 @@ module PoliciesHelper
|
|
93
93
|
def tailoring_file_profile_selector(form, tailoring_file)
|
94
94
|
if tailoring_file
|
95
95
|
select_f form, :tailoring_file_profile_id, tailoring_file.scap_content_profiles, :id, :title,
|
96
|
-
{ :selected =>
|
96
|
+
{ :selected => @policy.tailoring_file_profile_id },
|
97
97
|
{ :label => _("XCCDF Profile in Tailoring File"),
|
98
98
|
:help_inline => _("This profile will be used to override the one from scap content") }
|
99
99
|
else
|
@@ -50,12 +50,6 @@ module ForemanOpenscap
|
|
50
50
|
base.scoped_search :on => :id, :rename => :removed_from_policy,
|
51
51
|
:only_explicit => true, :operators => ['= '], :ext_method => :search_by_removed_from_policy
|
52
52
|
|
53
|
-
base.after_update :puppetrun!, :if => ->(host) do
|
54
|
-
Setting[:puppetrun] &&
|
55
|
-
host.changed.include?('openscap_proxy_id') &&
|
56
|
-
(host.individual_puppetclasses + host.parent_classes).pluck(:name).include?(ClientConfig::Puppet.new.puppetclass_name)
|
57
|
-
end
|
58
|
-
|
59
53
|
base.scope :comply_with, lambda { |policy|
|
60
54
|
joins(:arf_reports).merge(ArfReport.latest_of_policy(policy)).merge(ArfReport.passed)
|
61
55
|
}
|
@@ -6,10 +6,26 @@ module ForemanOpenscap
|
|
6
6
|
|
7
7
|
included do
|
8
8
|
has_many :oval_policies, :through => :oval_facet, :class_name => 'ForemanOpenscap::OvalPolicy'
|
9
|
+
|
10
|
+
scoped_search :relation => :oval_policies,
|
11
|
+
:on => :id,
|
12
|
+
:rename => :oval_policy_id,
|
13
|
+
:complete_value => false,
|
14
|
+
:only_explicit => true,
|
15
|
+
:ext_method => :find_by_oval_policy_id,
|
16
|
+
:operators => ['= ']
|
9
17
|
end
|
10
18
|
|
11
19
|
def inherited_oval_policies
|
12
20
|
find_inherited_policies :oval_policies
|
13
21
|
end
|
22
|
+
|
23
|
+
module ClassMethods
|
24
|
+
def find_by_oval_policy_id(_key, operator, value)
|
25
|
+
conditions = sanitize_sql_for_conditions(["#{::ForemanOpenscap::HostgroupOvalFacetOvalPolicy.table_name}.oval_policy_id #{operator} ?", value])
|
26
|
+
hg_ids = ::ForemanOpenscap::Hostgroup::OvalFacet.joins(:hostgroup_oval_facet_oval_policies).where(conditions).pluck(:hostgroup_id)
|
27
|
+
{ :conditions => ::Hostgroup.arel_table[:id].in(hg_ids).to_sql }
|
28
|
+
end
|
29
|
+
end
|
14
30
|
end
|
15
31
|
end
|
@@ -69,7 +69,7 @@ module ForemanOpenscap
|
|
69
69
|
|
70
70
|
def weekday_number
|
71
71
|
# 0 is sunday, 1 is monday in cron, while DAYS_INTO_WEEK has 0 as monday, 6 as sunday
|
72
|
-
(Date::DAYS_INTO_WEEK.with_indifferent_access[weekday]
|
72
|
+
(Date::DAYS_INTO_WEEK.with_indifferent_access[weekday]) % 7
|
73
73
|
end
|
74
74
|
end
|
75
75
|
end
|
@@ -38,6 +38,7 @@ module ForemanOpenscap
|
|
38
38
|
end
|
39
39
|
|
40
40
|
def find_config_item(scope = config_item_class_name.constantize)
|
41
|
+
return unless scope
|
41
42
|
return scope.find_by :name => config_item_name if scope.respond_to?(:find_by)
|
42
43
|
# all_puppetclasses, all_ansible_roles methods return Array, not ActiveRecord::Relation
|
43
44
|
scope.find { |item| item.name == config_item_name }
|
@@ -10,7 +10,7 @@ module ForemanOpenscap
|
|
10
10
|
end
|
11
11
|
|
12
12
|
def available?
|
13
|
-
defined?(
|
13
|
+
defined?(ForemanPuppet)
|
14
14
|
end
|
15
15
|
|
16
16
|
def inline_help
|
@@ -21,13 +21,17 @@ module ForemanOpenscap
|
|
21
21
|
}
|
22
22
|
end
|
23
23
|
|
24
|
+
def collection_method
|
25
|
+
:puppetclasses
|
26
|
+
end
|
27
|
+
|
24
28
|
def constants
|
25
29
|
OpenStruct.new(
|
26
30
|
:server_param => 'server',
|
27
31
|
:port_param => 'port',
|
28
32
|
:policies_param => 'policies',
|
29
33
|
:puppetclass_name => 'foreman_scap_client',
|
30
|
-
:config_item_class_name => 'Puppetclass',
|
34
|
+
:config_item_class_name => 'ForemanPuppet::Puppetclass',
|
31
35
|
:override_method_name => 'class_params',
|
32
36
|
:msg_name => _('Puppet class'),
|
33
37
|
:lookup_key_plural_name => _('Smart Class Parameters'),
|
@@ -16,21 +16,26 @@ module ForemanOpenscap
|
|
16
16
|
if model_class == ::Hostgroup
|
17
17
|
roles_method = :inherited_and_own_ansible_roles
|
18
18
|
ids_setter = :hostgroup_ids=
|
19
|
+
check_id = :hostgroups_without_proxy
|
19
20
|
elsif model_class == ::Host::Managed
|
20
21
|
roles_method = :all_ansible_roles
|
21
22
|
ids_setter = :host_ids=
|
23
|
+
check_id = :hosts_without_proxy
|
22
24
|
else
|
23
25
|
raise "Unexpected model_class, expected ::Hostgroup or ::Host::Managed, got: #{model_class}"
|
24
26
|
end
|
25
27
|
|
26
28
|
items_with_proxy, items_without_proxy = openscap_proxy_associated(ids, model_class)
|
27
29
|
|
28
|
-
oval_policy.send(ids_setter, items_with_proxy.pluck(:id))
|
29
30
|
|
30
|
-
|
31
|
+
if items_without_proxy.any?
|
32
|
+
return without_proxy_to_check items_without_proxy, check_id
|
33
|
+
end
|
34
|
+
|
35
|
+
oval_policy.send(ids_setter, items_with_proxy.pluck(:id))
|
31
36
|
|
32
37
|
unless oval_policy.save
|
33
|
-
return check_collection.add_check model_to_check(oval_policy)
|
38
|
+
return check_collection.add_check model_to_check(oval_policy, :oval_policy_errors)
|
34
39
|
end
|
35
40
|
|
36
41
|
check_collection.merge modify_items(items_with_proxy, oval_policy, ansible_role, roles_method)
|
@@ -47,31 +52,29 @@ module ForemanOpenscap
|
|
47
52
|
role_ids = item.ansible_role_ids + [ansible_role.id]
|
48
53
|
item.ansible_role_ids = role_ids unless item.send(roles_method).include? ansible_role
|
49
54
|
item.save if item.changed?
|
50
|
-
memo.add_check model_to_check(item)
|
55
|
+
memo.add_check model_to_check(item, item.is_a?(::Hostgroup) ? 'hostgroup' : 'host')
|
51
56
|
add_overrides ansible_role.ansible_variables, item, @config
|
52
57
|
memo
|
53
58
|
end
|
54
59
|
end
|
55
60
|
|
56
|
-
def without_proxy_to_check(items)
|
61
|
+
def without_proxy_to_check(items, check_id)
|
57
62
|
items.reduce(CheckCollection.new) do |memo, item|
|
58
63
|
memo.add_check(
|
59
64
|
SetupCheck.new(
|
60
65
|
:title => (_("Was %s configured successfully?") % item.class.name),
|
61
|
-
:fail_msg =>
|
66
|
+
:fail_msg => (_("Assign openscap_proxy to %s before proceeding.") % item.name),
|
67
|
+
:id => check_id
|
62
68
|
).fail!
|
63
69
|
)
|
64
70
|
end
|
65
71
|
end
|
66
72
|
|
67
|
-
def
|
68
|
-
model.is_a?(::Hostgroup) ? 'hostgroup' : 'host'
|
69
|
-
end
|
70
|
-
|
71
|
-
def model_to_check(model)
|
73
|
+
def model_to_check(model, check_id)
|
72
74
|
check = SetupCheck.new(
|
73
|
-
:title => (_("Was %{model_name} %{name} configured successfully?") % { :model_name =>
|
74
|
-
:errors => model.errors.to_h
|
75
|
+
:title => (_("Was %{model_name} %{name} configured successfully?") % { :model_name => model.class.name, :name => model.name }),
|
76
|
+
:errors => model.errors.to_h,
|
77
|
+
:id => check_id
|
75
78
|
)
|
76
79
|
model.errors.any? ? check.fail! : check.pass!
|
77
80
|
end
|
@@ -59,12 +59,12 @@ module ForemanOpenscap
|
|
59
59
|
{
|
60
60
|
:id => :foreman_ansible_present,
|
61
61
|
:title => _("Is foreman_ansible present?"),
|
62
|
-
:fail_msg =>
|
62
|
+
:fail_msg => _("foreman_ansible plugin not found, please install it before running this action again.")
|
63
63
|
},
|
64
64
|
{
|
65
65
|
:id => :foreman_scap_client_role_present,
|
66
66
|
:title => _("Is theforeman.foreman_scap_client present?"),
|
67
|
-
:fail_msg =>
|
67
|
+
:fail_msg => @config.ansible_role_missing_msg
|
68
68
|
},
|
69
69
|
{
|
70
70
|
:id => :foreman_scap_client_vars_present,
|
@@ -74,17 +74,17 @@ module ForemanOpenscap
|
|
74
74
|
{
|
75
75
|
:id => :foreman_scap_client_server_overriden,
|
76
76
|
:title => _("Is %s param set to be overriden?") % @config.server_param,
|
77
|
-
:fail_msg =>
|
77
|
+
:fail_msg => override_msg
|
78
78
|
},
|
79
79
|
{
|
80
80
|
:id => :foreman_scap_client_port_overriden,
|
81
81
|
:title => _("Is %s param set to be overriden?") % @config.port_param,
|
82
|
-
:fail_msg =>
|
82
|
+
:fail_msg => override_msg
|
83
83
|
},
|
84
84
|
{
|
85
85
|
:id => :foreman_scap_client_policies_overriden,
|
86
86
|
:title => _("Is %s param set to be overriden?") % @config.policies_param,
|
87
|
-
:fail_msg =>
|
87
|
+
:fail_msg => override_msg
|
88
88
|
}
|
89
89
|
]
|
90
90
|
end
|
@@ -1,7 +1,7 @@
|
|
1
1
|
module ForemanOpenscap
|
2
2
|
module Oval
|
3
3
|
class SetupCheck
|
4
|
-
attr_reader :result, :id
|
4
|
+
attr_reader :result, :id, :title, :errors
|
5
5
|
|
6
6
|
def initialize(hash)
|
7
7
|
@id = hash[:id]
|
@@ -17,6 +17,7 @@ module ForemanOpenscap
|
|
17
17
|
end
|
18
18
|
|
19
19
|
def fail!
|
20
|
+
raise 'Cannot fail a check that expects fail message data, use fail_with! method instead' if @fail_msg.respond_to?(:call) && @fail_msg_data.empty?
|
20
21
|
@result = :fail
|
21
22
|
self
|
22
23
|
end
|
@@ -39,7 +40,9 @@ module ForemanOpenscap
|
|
39
40
|
end
|
40
41
|
|
41
42
|
def fail_msg
|
42
|
-
|
43
|
+
return unless failed?
|
44
|
+
return @fail_msg.call(@fail_msg_data) if @fail_msg.respond_to?(:call) && @fail_msg_data
|
45
|
+
@fail_msg
|
43
46
|
end
|
44
47
|
|
45
48
|
def to_h
|
@@ -4,15 +4,15 @@
|
|
4
4
|
<div class="col-md-5 scap-breakdown-chart-col">
|
5
5
|
<div class="stats-well">
|
6
6
|
<h4 class="ca" ><%= _('Report Metrics') %></h4>
|
7
|
-
<div
|
8
|
-
|
7
|
+
<div class="scap-breakdown-chart">
|
8
|
+
<%= react_component('DonutChart', :data => donut_breakdown_chart_data(metrics)) %>
|
9
|
+
</div>
|
9
10
|
</div>
|
10
11
|
</div>
|
11
12
|
<div class="col-md-5 arf-report-rule-chart-col">
|
12
13
|
<div class="stats-well">
|
13
14
|
<h4 class="ca" ><%= _('Report Status') %></h4>
|
14
|
-
|
15
|
-
<%= mount_react_component('BarChart', "#arf-report-rule-chart", arf_report_status_chart_data(status), :flatten_data => true) %>
|
15
|
+
<%= react_component('BarChart', arf_report_status_chart_data(status)) %>
|
16
16
|
</div>
|
17
17
|
</div>
|
18
18
|
<div class="col-md-2">
|
@@ -17,18 +17,16 @@
|
|
17
17
|
hash_for_arf_report_path(:id => data.latest_report.id)
|
18
18
|
.merge(:auth_object => data.latest_report)) %></h4>
|
19
19
|
<% report = data.report %>
|
20
|
-
|
21
|
-
|
22
|
-
|
20
|
+
<div class="scap-breakdown-chart">
|
21
|
+
<%= react_component('DonutChart', :data => donut_breakdown_chart_data(report)) %>
|
22
|
+
</div>
|
23
23
|
</div>
|
24
24
|
</div>
|
25
25
|
|
26
26
|
<div class="col-md-8">
|
27
27
|
<div class="stats-well">
|
28
28
|
<h4 class="ca"><%= _("%s reports over time") % policy %></h4>
|
29
|
-
|
30
|
-
<div id="<%= reports_graph_id %>"></div>
|
31
|
-
<%= mount_react_component('LineChart', "##{reports_graph_id}", host_arf_reports_chart_data(policy.id), :flatten_data => true) %>
|
29
|
+
<%= react_component('LineChart', host_arf_reports_chart_data(policy.id)) %>
|
32
30
|
</div>
|
33
31
|
</div>
|
34
32
|
<% else %>
|
@@ -1,4 +1,5 @@
|
|
1
1
|
<h4 class="header ca"><%= _('Compliance Reports Breakdown') %></h4>
|
2
|
-
<div
|
3
|
-
<% report = ForemanOpenscap::ReportDashboard::Data.new().report %>
|
4
|
-
<%=
|
2
|
+
<div class="host-configuration-chart">
|
3
|
+
<% report = ForemanOpenscap::ReportDashboard::Data.new().report %>
|
4
|
+
<%= react_component('DonutChart', :data => donut_breakdown_chart_data(report)) %>
|
5
|
+
</div>
|
@@ -2,6 +2,7 @@
|
|
2
2
|
|
3
3
|
<div id='status-chart'>
|
4
4
|
<h4 class="header ca"><%= _('Host Breakdown Chart') %></h4>
|
5
|
-
<div
|
6
|
-
|
5
|
+
<div class="scap-breakdown-chart">
|
6
|
+
<%= react_component('DonutChart', :data => policy_breakdown_chart_data(@report)) %>
|
7
|
+
</div>
|
7
8
|
</div>
|
@@ -10,7 +10,8 @@ class MigratePortOverridesToInt < ActiveRecord::Migration[5.2]
|
|
10
10
|
private
|
11
11
|
|
12
12
|
def transform_lookup_values(method)
|
13
|
-
|
13
|
+
return unless defined?(ForemanPuppet)
|
14
|
+
puppet_class = ::ForemanPuppet::Puppetclass.find_by :name => 'foreman_scap_client'
|
14
15
|
return unless puppet_class
|
15
16
|
port_key = puppet_class.class_params.find_by :key => 'port'
|
16
17
|
return unless port_key
|
@@ -10,7 +10,8 @@ class UpdatePuppetPortParamType < ActiveRecord::Migration[6.0]
|
|
10
10
|
private
|
11
11
|
|
12
12
|
def update_port_type(method)
|
13
|
-
|
13
|
+
return unless defined?(ForemanPuppet)
|
14
|
+
puppet_class = ::ForemanPuppet::Puppetclass.find_by :name => 'foreman_scap_client'
|
14
15
|
return unless puppet_class
|
15
16
|
port_key = puppet_class.class_params.find_by :key => 'port'
|
16
17
|
return unless port_key
|
@@ -219,16 +219,15 @@ module ForemanOpenscap
|
|
219
219
|
register_global_js_file 'global'
|
220
220
|
|
221
221
|
register_graphql_query_field :oval_contents, '::Types::OvalContent', :collection_field
|
222
|
+
register_graphql_query_field :oval_content, '::Types::OvalContent', :record_field
|
222
223
|
register_graphql_query_field :oval_policies, '::Types::OvalPolicy', :collection_field
|
223
224
|
register_graphql_query_field :oval_policy, '::Types::OvalPolicy', :record_field
|
224
225
|
register_graphql_query_field :cves, '::Types::Cve', :collection_field
|
225
226
|
|
226
|
-
|
227
|
-
|
228
|
-
|
229
|
-
|
230
|
-
end)
|
231
|
-
end
|
227
|
+
register_graphql_mutation_field :delete_oval_policy, ::Mutations::OvalPolicies::Delete
|
228
|
+
register_graphql_mutation_field :delete_oval_content, ::Mutations::OvalContents::Delete
|
229
|
+
register_graphql_mutation_field :update_oval_policy, ::Mutations::OvalPolicies::Update
|
230
|
+
register_graphql_mutation_field :create_oval_policy, ::Mutations::OvalPolicies::Create
|
232
231
|
|
233
232
|
register_facet ForemanOpenscap::Host::OvalFacet, :oval_facet do
|
234
233
|
configure_host do
|
@@ -283,7 +282,7 @@ module ForemanOpenscap
|
|
283
282
|
|
284
283
|
if Gem::Version.new(ForemanRemoteExecution::VERSION) >= Gem::Version.new('1.2.3')
|
285
284
|
options[:host_action_button] = true
|
286
|
-
oval_options[:host_action_button] = Setting
|
285
|
+
oval_options[:host_action_button] = (!::Foreman.in_rake? && ActiveRecord::Base.connection.table_exists?(:settings)) ? (Setting.find_by(:name => 'lab_features')&.value || false) : false
|
287
286
|
end
|
288
287
|
|
289
288
|
RemoteExecutionFeature.register(:foreman_openscap_run_scans, N_("Run OpenSCAP scan"), options)
|
data/package.json
CHANGED
@@ -24,23 +24,20 @@
|
|
24
24
|
"@theforeman/vendor": ">= 4.13.2"
|
25
25
|
},
|
26
26
|
"devDependencies": {
|
27
|
-
"@apollo/react-testing": "^4.0.0",
|
28
27
|
"@babel/core": "^7.7.0",
|
29
|
-
"@testing-library/dom": "^
|
28
|
+
"@testing-library/dom": "^8.9.1",
|
30
29
|
"@testing-library/jest-dom": "^5.11.9",
|
31
|
-
"@testing-library/
|
32
|
-
"@testing-library/user-event": "^13.1.2",
|
30
|
+
"@testing-library/user-event": "^13.2.1",
|
33
31
|
"@theforeman/builder": "^8.4.1",
|
34
32
|
"@theforeman/eslint-plugin-foreman": "8.4.1",
|
35
33
|
"@theforeman/find-foreman": "^8.4.1",
|
36
34
|
"@theforeman/stories": "^8.4.1",
|
37
|
-
"@theforeman/test": "^8.
|
35
|
+
"@theforeman/test": "^8.9.0",
|
38
36
|
"@theforeman/vendor-dev": "^8.4.1",
|
39
37
|
"babel-eslint": "^10.0.3",
|
40
38
|
"eslint": "^6.7.2",
|
41
39
|
"jed": "^1.1.1",
|
42
40
|
"jest-svg-transformer": "^1.0.0",
|
43
|
-
"jest-transform-graphql": "^2.1.0",
|
44
41
|
"prettier": "^1.13.5",
|
45
42
|
"stylelint": "^9.3.0",
|
46
43
|
"stylelint-config-standard": "^18.0.0"
|
@@ -20,7 +20,7 @@ class Api::V2::Compliance::OvalReportsControllerTest < ActionController::TestCas
|
|
20
20
|
|
21
21
|
test 'should show host errors on CVEs upload' do
|
22
22
|
proxy = FactoryBot.create(:smart_proxy)
|
23
|
-
host = FactoryBot.create(:host, :puppet_proxy => proxy
|
23
|
+
host = FactoryBot.create(:host, :puppet_proxy => proxy)
|
24
24
|
SmartProxy.any_instance.stubs(:smart_proxy_features).returns([])
|
25
25
|
post :create, :params => @params.merge(:cname => host.name), :session => set_session_user
|
26
26
|
|
@@ -40,6 +40,7 @@ class Api::V2::Compliance::PoliciesControllerTest < ActionController::TestCase
|
|
40
40
|
end
|
41
41
|
|
42
42
|
test "should get index and show hostgroups" do
|
43
|
+
skip unless puppet_available?
|
43
44
|
ForemanOpenscap::Policy.any_instance.stubs(:find_scap_puppetclass).returns(FactoryBot.create(:puppetclass, :name => 'foreman_scap_client'))
|
44
45
|
ForemanOpenscap::Policy.any_instance.stubs(:populate_overrides)
|
45
46
|
hostgroup = FactoryBot.create(:hostgroup)
|
@@ -61,6 +62,7 @@ class Api::V2::Compliance::PoliciesControllerTest < ActionController::TestCase
|
|
61
62
|
end
|
62
63
|
|
63
64
|
test "should show a policy hosts and hostgroups" do
|
65
|
+
skip unless puppet_available?
|
64
66
|
ForemanOpenscap::Policy.any_instance.stubs(:find_scap_puppetclass).returns(FactoryBot.create(:puppetclass, :name => 'foreman_scap_client'))
|
65
67
|
ForemanOpenscap::Policy.any_instance.stubs(:populate_overrides)
|
66
68
|
hostgroup = FactoryBot.create(:hostgroup)
|