RubyGems - foreman_openscap - Versions diffs - 8.0.2 → 9.0.0 - Mend

foreman_openscap 8.0.2 → 9.0.0

Files changed (158) hide show

data/locale/zh_TW/foreman_openscap.po.time_stamp DELETED Viewed

File without changes

data/test/factories/oval_content_factory.rb DELETED Viewed

@@ -1,7 +0,0 @@
-FactoryBot.define do
-  factory :oval_content, :class => ::ForemanOpenscap::OvalContent do |f|
-    f.sequence(:name) { |n| "oval_content_#{n}" }
-    f.original_filename { 'test-oval.xml' }
-    f.scap_file { '<xml>foo</xml>' }
-  end
-end

data/test/factories/oval_policy_factory.rb DELETED Viewed

@@ -1,9 +0,0 @@
-FactoryBot.define do
-  factory :oval_policy, :class => ::ForemanOpenscap::OvalPolicy do
-    sequence(:name) { |n| "policy#{n}" }
-    period { 'weekly' }
-    weekday { 'monday' }
-    day_of_month { nil }
-    cron_line { nil }
-  end
-end

data/test/fixtures/cve_fixtures.rb DELETED Viewed

@@ -1,104 +0,0 @@
-module ForemanOpenscap
-  class CveFixtures
-    def res_one(result_state = 'true')
-      init_result(
-        { "references" => [
-          { "ref_id" => "RHSA-2020:0215", "ref_url" => "https://access.redhat.com/errata/RHSA-2020:0215" },
-          { "ref_id" => "CVE-2019-16541", "ref_url" => "https://access.redhat.com/security/cve/CVE-2019-16541" },
-          { "ref_id" => "CVE-2020-14040", "ref_url" => "https://access.redhat.com/security/cve/CVE-2020-14040" },
-          { "ref_id" => "CVE-2020-14370", "ref_url" => "https://access.redhat.com/security/cve/CVE-2020-14370" },
-          { "ref_id" => "CVE-2020-15586", "ref_url" => "https://access.redhat.com/security/cve/CVE-2020-15586" },
-          { "ref_id" => "CVE-2020-16845", "ref_url" => "https://access.redhat.com/security/cve/CVE-2020-16845" },
-          { "ref_id" => "CVE-2020-2252", "ref_url" => "https://access.redhat.com/security/cve/CVE-2020-2252" },
-          { "ref_id" => "CVE-2020-2254", "ref_url" => "https://access.redhat.com/security/cve/CVE-2020-2254" },
-          { "ref_id" => "CVE-2020-2255", "ref_url" => "https://access.redhat.com/security/cve/CVE-2020-2255" },
-          { "ref_id" => "CVE-2020-8564", "ref_url" => "https://access.redhat.com/security/cve/CVE-2020-8564" }
-        ] },
-        result_state,
-        "oval:com.redhat.rhsa:def:20201545"
-      )
-    end
-    def res_two(result_state = 'true')
-      init_result(
-        { "references" => [
-          { "ref_id" => "RHSA-2020:3601", "ref_url" => "https://access.redhat.com/errata/RHSA-2020:3601" },
-          { "ref_id" => "CVE-2020-2181", "ref_url" => "https://access.redhat.com/security/cve/CVE-2020-2181" },
-          { "ref_id" => "CVE-2020-2182", "ref_url" => "https://access.redhat.com/security/cve/CVE-2020-2182" },
-          { "ref_id" => "CVE-2020-2224", "ref_url" => "https://access.redhat.com/security/cve/CVE-2020-2224" },
-          { "ref_id" => "CVE-2020-2225", "ref_url" => "https://access.redhat.com/security/cve/CVE-2020-2225" },
-          { "ref_id" => "CVE-2020-2226", "ref_url" => "https://access.redhat.com/security/cve/CVE-2020-2226" }
-        ] },
-        result_state,
-        "oval:com.redhat.rhsa:def:20201544"
-      )
-    end
-    def res_three(result_state = 'true')
-      init_result(
-        { "references" => [
-          { "ref_id" => "CVE-2019-17638", "ref_url" => "https://access.redhat.com/security/cve/CVE-2019-17638" },
-          { "ref_id" => "CVE-2020-2229", "ref_url" => "https://access.redhat.com/security/cve/CVE-2020-2229" },
-          { "ref_id" => "CVE-2020-2230", "ref_url" => "https://access.redhat.com/security/cve/CVE-2020-2230" },
-          { "ref_id" => "CVE-2020-2231", "ref_url" => "https://access.redhat.com/security/cve/CVE-2020-2231" }
-        ] },
-        result_state,
-        "oval:com.redhat.rhsa:def:20201543"
-      )
-    end
-    def res_four(result_state = 'true')
-      init_result(
-        { "references" => [
-          { "ref_id" => "RHSA-2020:3601", "ref_url" => "https://access.redhat.com/errata/RHSA-2020:3601" },
-          { "ref_id" => "CVE-2019-17638", "ref_url" => "https://access.redhat.com/security/cve/CVE-2019-17638" },
-          { "ref_id" => "CVE-2020-2220", "ref_url" => "https://access.redhat.com/security/cve/CVE-2020-2220" },
-          { "ref_id" => "CVE-2020-2221", "ref_url" => "https://access.redhat.com/security/cve/CVE-2020-2221" },
-          { "ref_id" => "CVE-2020-2222", "ref_url" => "https://access.redhat.com/security/cve/CVE-2020-2222" },
-          { "ref_id" => "CVE-2020-2223", "ref_url" => "https://access.redhat.com/security/cve/CVE-2020-2223" },
-          { "ref_id" => "CVE-2020-2229", "ref_url" => "https://access.redhat.com/security/cve/CVE-2020-2229" },
-          { "ref_id" => "CVE-2020-2230", "ref_url" => "https://access.redhat.com/security/cve/CVE-2020-2230" },
-          { "ref_id" => "CVE-2020-2231", "ref_url" => "https://access.redhat.com/security/cve/CVE-2020-2231" },
-          { "ref_id" => "CVE-2020-8557", "ref_url" => "https://access.redhat.com/security/cve/CVE-2020-8557" }
-        ] },
-        result_state,
-        "oval:com.redhat.rhsa:def:20201542"
-      )
-    end
-    def res_five(result_state = 'true')
-      init_result(
-        { "references" => [
-          { "ref_id" => "CVE-2020-2181", "ref_url" => "https://access.redhat.com/security/cve/CVE-2020-2181" },
-          { "ref_id" => "CVE-2020-2182", "ref_url" => "https://access.redhat.com/security/cve/CVE-2020-2182" },
-          { "ref_id" => "CVE-2020-2190", "ref_url" => "https://access.redhat.com/security/cve/CVE-2020-2190" },
-          { "ref_id" => "CVE-2020-2224", "ref_url" => "https://access.redhat.com/security/cve/CVE-2020-2224" },
-          { "ref_id" => "CVE-2020-2225", "ref_url" => "https://access.redhat.com/security/cve/CVE-2020-2225" },
-          { "ref_id" => "CVE-2020-2226", "ref_url" => "https://access.redhat.com/security/cve/CVE-2020-2226" }
-        ] },
-        result_state,
-        "oval:com.redhat.rhsa:def:20201541"
-      )
-    end
-    def one
-      [res_one, res_two, res_three, res_four, res_five]
-    end
-    def two
-      [res_one('false'), res_two, res_three('false')]
-    end
-    def ids_from(fixture)
-      fixture['references'].pluck('ref_id')
-    end
-    private
-    def init_result(data, result_state, definition_id)
-      data['result'] = result_state
-      data['definition_id'] = definition_id
-      data
-    end
-  end
-end

data/test/functional/api/v2/compliance/oval_contents_controller_test.rb DELETED Viewed

@@ -1,39 +0,0 @@
-require 'test_plugin_helper'
-require 'tempfile'
-class Api::V2::Compliance::OvalContentsControllerTest < ActionController::TestCase
-  test "should get index" do
-    FactoryBot.create(:oval_content)
-    get :index, :session => set_session_user
-    response = ActiveSupport::JSON.decode(@response.body)
-    assert response['results'].any?
-    assert_response :success
-  end
-  test "should create OVAL content" do
-    post :create, :params => { :oval_content => { :name => 'OVAL test', :scap_file => content_file } }, :session => set_session_user
-    assert_response :success
-  end
-  test "should update OVAL content" do
-    new_name = 'RHEL7 OVAL'
-    oval_content = FactoryBot.create(:oval_content)
-    put :update, :params => { :id => oval_content.id, :oval_content => { :name => new_name } }, :session => set_session_user
-    assert_response :success
-    assert oval_content.name, new_name
-  end
-  test "should destory OVAL content" do
-    oval_content = FactoryBot.create(:oval_content)
-    delete :destroy, :params => { :id => oval_content.id }, :session => set_session_user
-    assert_response :ok
-    refute ForemanOpenscap::OvalContent.exists?(oval_content.id)
-  end
-  def content_file
-    file = Tempfile.new('test')
-    file.write('<xml>test</xml>')
-    file.rewind
-    Rack::Test::UploadedFile.new(file, '')
-  end
-end

data/test/functional/api/v2/compliance/oval_policies_controller_test.rb DELETED Viewed

@@ -1,141 +0,0 @@
-require 'test_plugin_helper'
-require 'base64'
-class Api::V2::Compliance::OvalPoliciesControllerTest < ActionController::TestCase
-  setup do
-    @file = Base64.encode64(read_oval_content('ansible-2.9.oval.xml.bz2'))
-    oval_content = FactoryBot.create(:oval_content, :scap_file => @file)
-    @attributes = { :oval_policy => { :name => 'my_policy', :period => 'weekly', :weekday => 'friday', :oval_content_id => oval_content.id } }
-    @config = ForemanOpenscap::ClientConfig::Ansible.new(::ForemanOpenscap::OvalPolicy)
-    @policy = FactoryBot.create(:oval_policy, :oval_content => oval_content)
-  end
-  test "should get index of OVAL policies" do
-    get :index, :session => set_session_user
-    response = ActiveSupport::JSON.decode(@response.body)
-    assert !response['results'].empty?
-    assert_response :success
-  end
-  test "should show OVAL policy" do
-    get :show, :params => { :id => @policy.to_param }, :session => set_session_user
-    response = ActiveSupport::JSON.decode(@response.body)
-    assert response['name'], @policy.name
-    assert_response :success
-  end
-  test "should update OVAL policy" do
-    put :update, :params => { :id => @policy.id, :oval_policy => { :period => 'monthly', :day_of_month => 15 } }
-    updated_policy = ActiveSupport::JSON.decode(@response.body)
-    assert(updated_policy['period'], 'monthly')
-    assert_response :ok
-  end
-  test "should not update invalid OVAL policy" do
-    put :update, :params => { :id => @policy.id, :oval_policy => { :name => '' } }
-    assert_response :unprocessable_entity
-  end
-  test "should create OVAL policy" do
-    post :create, :params => @attributes, :session => set_session_user
-    assert_response :created
-  end
-  test "should not create invalid OVAL policy" do
-    post :create, :session => set_session_user
-    assert_response :unprocessable_entity
-  end
-  test "should destroy OVAL policy" do
-    delete :destroy, :params => { :id => @policy.id }, :session => set_session_user
-    assert_response :ok
-    refute ForemanOpenscap::OvalPolicy.exists?(@policy.id)
-  end
-  test "should return error when OVAL policy not found" do
-    get :show, :params => { :id => @policy.id + 1 }, :session => set_session_user
-    response = ActiveSupport::JSON.decode(@response.body)
-    assert response['error']
-    assert_response :missing
-  end
-  test "should assign policy to multiple hosts correctly" do
-    proxy = FactoryBot.create(:openscap_proxy)
-    host1 = FactoryBot.create(:compliance_host, :openscap_proxy => proxy)
-    host2 = FactoryBot.create(:compliance_host, :openscap_proxy => proxy)
-    setup_ansible
-    assert_empty host1.oval_policies
-    assert_empty host2.oval_policies
-    post :assign_hosts, :params => { :id => @policy.id, :host_ids => [host1, host2].pluck(:id) }, :session => set_session_user
-    assert_equal "OVAL policy successfully configured with hosts.", ActiveSupport::JSON.decode(@response.body)['message']
-    assert_equal 2, host1.lookup_values.count
-    server_value = @server_key.lookup_values.find_by :match => "fqdn=#{host1.name}"
-    port_value = @port_key.lookup_values.find_by :match => "fqdn=#{host1.name}"
-    assert_equal proxy.hostname, server_value.value
-    assert_equal proxy.port, port_value.value
-  end
-  test "should assign policy to multiple hostgroups correctly" do
-    proxy = FactoryBot.create(:openscap_proxy)
-    hg1 = FactoryBot.create(:hostgroup, :openscap_proxy => proxy)
-    hg2 = FactoryBot.create(:hostgroup, :openscap_proxy => proxy)
-    setup_ansible
-    assert_empty hg1.oval_policies
-    assert_empty hg2.oval_policies
-    post :assign_hostgroups, :params => { :id => @policy.id, :hostgroup_ids => [hg1, hg2].pluck(:id) }, :session => set_session_user
-    assert_equal "OVAL policy successfully configured with hostgroups.", ActiveSupport::JSON.decode(@response.body)['message']
-    assert_equal 2, hg1.lookup_values.count
-    server_value = @server_key.lookup_values.find_by :match => "hostgroup=#{hg1.name}"
-    port_value = @port_key.lookup_values.find_by :match => "hostgroup=#{hg1.name}"
-    assert_equal proxy.hostname, server_value.value
-    assert_equal proxy.port, port_value.value
-  end
-  test "should not assign policy to hostgroup without openscap proxy" do
-    hg = FactoryBot.create(:hostgroup)
-    setup_ansible
-    assert_empty hg.oval_policies
-    post :assign_hostgroups, :params => { :id => @policy.id, :hostgroup_ids => hg.id }, :session => set_session_user
-    res = ActiveSupport::JSON.decode(@response.body)['results'].first
-    assert_equal "Was Hostgroup configured successfully?", res['title']
-    assert_equal "fail", res['result']
-    assert_equal "Assign openscap_proxy to #{hg.name} before proceeding.", res['fail_message']
-    hg.reload
-    assert_empty hg.oval_policies
-  end
-  test "should not assign policy to hostgroup when ansible role not present" do
-    hg = FactoryBot.create(:hostgroup)
-    assert_empty hg.oval_policies
-    post :assign_hostgroups, :params => { :id => @policy.id, :hostgroup_ids => hg.id }, :session => set_session_user
-    res = ActiveSupport::JSON.decode(@response.body)['results'].first
-    assert_equal 'theforeman.foreman_scap_client Ansible Role not found, please import it before running this action again.', res['fail_message']
-    hg.reload
-    assert_empty hg.oval_policies
-  end
-  test "should show oval content" do
-    get :oval_content, :params => { :id => @policy.id }
-    assert response.body, @file
-  end
-  def setup_ansible
-    @ansible_role = FactoryBot.create(:ansible_role, :name => @config.ansible_role_name)
-    @port_key = FactoryBot.create(:ansible_variable, :key => @config.port_param, :ansible_role => @ansible_role)
-    @server_key = FactoryBot.create(:ansible_variable, :key => @config.server_param, :ansible_role => @ansible_role)
-    FactoryBot.create(:ansible_variable, :key => @config.policies_param, :ansible_role => @ansible_role)
-  end
-  def read_oval_content(file_name)
-    File.read "#{ForemanOpenscap::Engine.root}/test/files/oval_contents/#{file_name}"
-  end
-end

data/test/functional/api/v2/compliance/oval_reports_controller_test.rb DELETED Viewed

@@ -1,32 +0,0 @@
-require 'test_plugin_helper'
-class Api::V2::Compliance::OvalReportsControllerTest < ActionController::TestCase
-  setup do
-    @params = {
-      :oval_results => ForemanOpenscap::CveFixtures.new.one,
-      :oval_policy_id => 5,
-      :date => Time.now.to_i
-    }
-  end
-  test 'should accept new CVEs for host' do
-    host = FactoryBot.create(:host)
-    post :create, :params => @params.merge(:cname => host.name), :session => set_session_user
-    response = ActiveSupport::JSON.decode(@response.body)
-    assert_equal 'ok', response['result']
-    assert_response :success
-  end
-  test 'should show host errors on CVEs upload' do
-    proxy = FactoryBot.create(:smart_proxy)
-    host = FactoryBot.create(:host, :puppet_proxy => proxy)
-    SmartProxy.any_instance.stubs(:smart_proxy_features).returns([])
-    post :create, :params => @params.merge(:cname => host.name), :session => set_session_user
-    response = ActiveSupport::JSON.decode(@response.body)
-    assert_equal 'fail', response['result']
-    refute response['errors'].empty?
-    assert_response :unprocessable_entity
-  end
-end

data/test/graphql/mutations/oval_policies/delete_mutation_test.rb DELETED Viewed

@@ -1,63 +0,0 @@
-require 'test_plugin_helper'
-module Mutations
-  module OvalPolicies
-    class DeleteMutationTest < ActiveSupport::TestCase
-      let(:policy) { FactoryBot.create(:oval_policy, :oval_content => FactoryBot.create(:oval_content)) }
-      let(:policy_id) { Foreman::GlobalId.for(policy) }
-      let(:variables) do
-        {
-          id: policy_id,
-        }
-      end
-      let(:query) do
-        <<-GRAPHQL
-        mutation DeleteOvalPolicyMutation($id:ID!){
-          deleteOvalPolicy(input:{id:$id}) {
-            id
-            errors {
-              message
-              path
-            }
-          }
-        }
-        GRAPHQL
-      end
-      context 'with admin user' do
-        let(:user) { FactoryBot.create(:user, :admin) }
-        test 'should delete oval policy' do
-          context = { current_user: user }
-          policy
-          assert_difference('::ForemanOpenscap::OvalPolicy.count', -1) do
-            result = ForemanGraphqlSchema.execute(query, variables: variables, context: context)
-            assert_empty result['errors']
-            assert_empty result['data']['deleteOvalPolicy']['errors']
-            assert_equal policy_id, result['data']['deleteOvalPolicy']['id']
-          end
-          assert_equal user.id, Audit.last.user_id
-        end
-      end
-      context 'with user with view permissions' do
-        setup do
-          policy
-          @user = setup_user 'view', 'oval_policies'
-        end
-        test 'should not delete oval policy' do
-          context = { current_user: @user }
-          assert_difference('ForemanOpenscap::OvalPolicy.count', 0) do
-            result = ForemanGraphqlSchema.execute(query, variables: variables, context: context)
-            assert_not_empty result['errors']
-            assert_includes result['errors'].map { |error| error['message'] }.to_sentence, 'Unauthorized.'
-          end
-        end
-      end
-    end
-  end
-end

data/test/graphql/queries/oval_content_query_test.rb DELETED Viewed

@@ -1,29 +0,0 @@
-require 'test_plugin_helper'
-module Queries
-  class OvalContentQueryTest < GraphQLQueryTestCase
-    let(:query) do
-      <<-GRAPHQL
-        query($id:String!) {
-          ovalContent(id: $id) {
-            id
-            name
-            originalFilename
-            url
-          }
-        }
-      GRAPHQL
-    end
-    let(:oval_content) { FactoryBot.create(:oval_content) }
-    let(:global_id) { Foreman::GlobalId.for(oval_content) }
-    let(:variables) { { id: global_id } }
-    let(:data) { result['data']['ovalContent'] }
-    test 'should return OVAL Content' do
-      assert_equal global_id, data['id']
-      assert_equal oval_content.name, data['name']
-    end
-  end
-end

data/test/graphql/queries/oval_contents_query_test.rb DELETED Viewed

@@ -1,35 +0,0 @@
-require 'test_plugin_helper'
-module Queries
-  class OvalContentsQueryTest < GraphQLQueryTestCase
-    let(:query) do
-      <<-GRAPHQL
-      query {
-        ovalContents {
-          totalCount
-          nodes {
-            id
-            name
-          }
-        }
-      }
-      GRAPHQL
-    end
-    let(:data) { result['data']['ovalContents'] }
-    setup do
-      FactoryBot.create_list(:oval_content, 2)
-    end
-    test 'should fetch oval contentes' do
-      assert_empty result['errors']
-      expected_count = ForemanOpenscap::OvalContent.count
-      assert_not_equal 0, expected_count
-      assert_equal expected_count, data['totalCount']
-      assert_equal expected_count, data['nodes'].count
-    end
-  end
-end

data/test/graphql/queries/oval_policies_query_test.rb DELETED Viewed

@@ -1,35 +0,0 @@
-require 'test_plugin_helper'
-module Queries
-  class OvalPoliciesQueryTest < GraphQLQueryTestCase
-    let(:query) do
-      <<-GRAPHQL
-      query {
-        ovalPolicies {
-          totalCount
-          nodes {
-            id
-            name
-          }
-        }
-      }
-      GRAPHQL
-    end
-    let(:data) { result['data']['ovalPolicies'] }
-    setup do
-      FactoryBot.create_list(:oval_policy, 2, :oval_content => FactoryBot.create(:oval_content))
-    end
-    test 'should fetch oval policies' do
-      assert_empty result['errors']
-      expected_count = ForemanOpenscap::OvalPolicy.count
-      assert_not_equal 0, expected_count
-      assert_equal expected_count, data['totalCount']
-      assert_equal expected_count, data['nodes'].count
-    end
-  end
-end

data/test/unit/oval_host_test.rb DELETED Viewed

@@ -1,45 +0,0 @@
-require 'test_plugin_helper'
-class OvalHostTest < ActiveSupport::TestCase
-  test 'should show oval policies in enc' do
-    setup_ansible
-    content = FactoryBot.create(:oval_content)
-    policy = FactoryBot.create(:oval_policy, :oval_content => content)
-    proxy = FactoryBot.create(:openscap_proxy)
-    host = FactoryBot.create(:oval_host, :ansible_roles => [@ansible_role], :openscap_proxy => proxy)
-    facet = FactoryBot.create(:oval_facet, :host => host, :oval_policies => [policy])
-    host_params = host.info["parameters"]
-    policies = JSON.parse(host_params[@config.policies_param])
-    assert_equal 1, policies.length
-    assert_equal policies.first["id"], policy.id
-    assert_equal host_params[@config.port_param], proxy.port.to_s
-    assert_equal host_params[@config.server_param], proxy.hostname
-  end
-  def setup_ansible
-    @config = ForemanOpenscap::ClientConfig::Ansible.new(::ForemanOpenscap::OvalPolicy)
-    @ansible_role = FactoryBot.create(:ansible_role, :name => @config.ansible_role_name)
-    @port_key = FactoryBot.create(
-      :ansible_variable,
-      :key => @config.port_param,
-      :ansible_role => @ansible_role,
-      :override => true
-    )
-    @server_key = FactoryBot.create(
-      :ansible_variable,
-      :key => @config.server_param,
-      :ansible_role => @ansible_role,
-      :override => true
-    )
-    @policies_param = FactoryBot.create(
-      :ansible_variable,
-      :key => @config.policies_param,
-      :ansible_role => @ansible_role,
-      :override => true,
-      :default_value => @config.policies_param_default_value
-    )
-  end
-end