foreman_openscap 8.0.2 → 9.0.0

data/test/unit/oval_policy_test.rb

@@ -1,133 +0,0 @@
-require 'test_plugin_helper'
-
-class OvalPolicyTest < ActiveSupport::TestCase
-  setup do
-    @oval_content = FactoryBot.create(:oval_content)
-  end
-
-  test "should not create OVAL policy with custom period" do
-    policy = ForemanOpenscap::OvalPolicy.new(:name => "custom_policy",
-                                             :period => 'custom',
-                                             :cron_line => 'aaa',
-                                             :oval_content => @oval_content)
-    refute policy.save
-    assert policy.errors[:cron_line].include?("does not consist of 5 parts separated by space")
-  end
-
-  test "should create OVAL policy with weekly period" do
-    policy = ForemanOpenscap::OvalPolicy.new(:name => "custom_policy",
-                                             :period => 'weekly',
-                                             :weekday => 'monday',
-                                             :oval_content => @oval_content)
-    assert policy.save
-  end
-
-  test "should not create OVAL policy with weekly period" do
-    policy = ForemanOpenscap::OvalPolicy.new(:name => "custom_policy",
-                                             :period => 'weekly',
-                                             :weekday => 'someday',
-                                             :oval_content => @oval_content)
-    refute policy.save
-    assert policy.errors[:weekday].include?("is not a valid value")
-  end
-
-  test "should create OVAL policy with monthly period" do
-    policy = ForemanOpenscap::OvalPolicy.new(:name => "custom_policy",
-                                             :period => 'monthly',
-                                             :day_of_month => '1',
-                                             :oval_content => @oval_content)
-    assert policy.save
-  end
-
-  test "should not create OVAL policy with monthly period" do
-    policy = ForemanOpenscap::OvalPolicy.new(:name => "custom_policy",
-                                             :period => 'monthly',
-                                             :day_of_month => '0',
-                                             :oval_content => @oval_content)
-    refute policy.save
-    assert policy.errors[:day_of_month].include?("must be between 1 and 31")
-  end
-
-  test "should not create OVAL policy when attributes do not correspond to selected period in new record" do
-    policy_0 = ForemanOpenscap::OvalPolicy.new(:name => "custom_policy",
-                                               :period => 'monthly',
-                                               :weekday => 'tuesday',
-                                               :cron_line => "0 0 0 0 0",
-                                               :oval_content => @oval_content)
-    policy_1 = ForemanOpenscap::OvalPolicy.new(:name => "test policy",
-                                               :period => 'custom',
-                                               :weekday => 'tuesday',
-                                               :day_of_month => "15",
-                                               :oval_content => @oval_content)
-    refute policy_0.save
-    refute policy_1.save
-  end
-
-  test "should update OVAL policy period" do
-    policy = ForemanOpenscap::OvalPolicy.new(:name => "custom_policy",
-                                             :period => 'monthly',
-                                             :day_of_month => '5',
-                                             :oval_content => @oval_content)
-    assert policy.save
-    policy.period = 'weekly'
-    policy.weekday = 'monday'
-    policy.day_of_month = nil
-    assert policy.save
-  end
-
-  test "should add and remove hosts for OVAL policy" do
-    host = FactoryBot.create(:oval_host)
-    policy = ForemanOpenscap::OvalPolicy.new(:name => "custom_policy",
-                                             :period => 'monthly',
-                                             :day_of_month => '5',
-                                             :host_ids => [host.id],
-                                             :oval_content => @oval_content)
-
-    assert policy.save
-    assert policy.reload.hosts.include?(host)
-
-    policy.host_ids = []
-    assert policy.save
-    refute policy.reload.hosts.include?(host)
-  end
-
-  test "should add and remove hostgroups for OVAL policy" do
-    hostgroup = FactoryBot.create(:hostgroup)
-    policy = ForemanOpenscap::OvalPolicy.new(:name => "custom_policy",
-                                             :period => 'monthly',
-                                             :day_of_month => '5',
-                                             :hostgroup_ids => [hostgroup.id],
-                                             :oval_content => @oval_content)
-    assert policy.save
-    assert policy.reload.hostgroups.include?(hostgroup)
-
-    policy.hostgroup_ids = []
-    assert policy.save
-    refute policy.reload.hostgroups.include?(hostgroup)
-  end
-
-  test "should add and remove inherited OVAL policy" do
-    hostgroup = FactoryBot.create(:hostgroup)
-    host = FactoryBot.create(:oval_host, :hostgroup => hostgroup)
-    policy_1 = ForemanOpenscap::OvalPolicy.new(:name => "custom_policy",
-                                               :period => 'monthly',
-                                               :day_of_month => '5',
-                                               :hostgroup_ids => [hostgroup.id],
-                                               :oval_content => @oval_content)
-    policy_2 = ForemanOpenscap::OvalPolicy.new(:name => "custom_policy_again",
-                                               :period => 'monthly',
-                                               :day_of_month => '6',
-                                               :host_ids => [host.id],
-                                               :oval_content => @oval_content)
-    assert policy_1.save
-    assert policy_2.save
-
-    assert host.reload.combined_oval_policies.include?(policy_1)
-    assert host.combined_oval_policies.include?(policy_2)
-
-    policy_1.hostgroup_ids = []
-    assert policy_1.save
-    refute host.reload.combined_oval_policies.include?(policy_1)
-    assert host.combined_oval_policies.include?(policy_2)
-  end
-end

data/test/unit/oval_status_test.rb

@@ -1,47 +0,0 @@
-require 'test_plugin_helper'
-
-class OvalStatusTest < ActiveSupport::TestCase
-  setup do
-    @policy = FactoryBot.create(:oval_policy, :oval_content => FactoryBot.create(:oval_content))
-  end
-
-  test 'should have no vulnerabilities' do
-    host = FactoryBot.create(:oval_host)
-    FactoryBot.create(:oval_facet, :host => host, :oval_policies => [@policy])
-
-    status = ForemanOpenscap::OvalStatus.new
-    status.host = host
-    assert_equal 0, status.to_status
-    assert_equal ::HostStatus::Global::OK, status.to_global
-    assert status.relevant?
-  end
-
-  test 'should have vulnerabilities with available patch' do
-    host = FactoryBot.create(:oval_host, :cves => [FactoryBot.create(:cve, :has_errata => false), FactoryBot.create(:cve, :has_errata => true)])
-    FactoryBot.create(:oval_facet, :host => host, :oval_policies => [@policy])
-
-    status = ForemanOpenscap::OvalStatus.new
-    status.host = host
-    assert_equal 2, status.to_status
-    assert_equal ::HostStatus::Global::ERROR, status.to_global
-    assert status.relevant?
-  end
-
-  test 'should have vulnerabilities without available patch' do
-    host = FactoryBot.create(:oval_host, :cves => [FactoryBot.create(:cve, :has_errata => false), FactoryBot.create(:cve, :has_errata => false)])
-    FactoryBot.create(:oval_facet, :host => host, :oval_policies => [@policy])
-
-    status = ForemanOpenscap::OvalStatus.new
-    status.host = host
-    assert_equal 1, status.to_status
-    assert_equal ::HostStatus::Global::WARN, status.to_global
-    assert status.relevant?
-  end
-
-  test 'should not be relevant without oval policy' do
-    host = FactoryBot.create(:oval_host, :cves => [FactoryBot.create(:cve)])
-    status = ForemanOpenscap::OvalStatus.new
-    status.host = host
-    refute status.relevant?
-  end
-end

data/test/unit/services/oval/cves_test.rb

@@ -1,81 +0,0 @@
-require 'test_plugin_helper'
-
-class ForemanOpenscap::Oval::CvesTest < ActiveSupport::TestCase
-  setup do
-    @fxs = ForemanOpenscap::CveFixtures.new
-    @instance = ForemanOpenscap::Oval::Cves.new
-  end
-
-  test "should add CVEs to host" do
-    oval_data = create_cve_data @fxs.one
-    host = FactoryBot.create(:host)
-    assert_empty host.cves
-    @instance.create host, oval_data
-    refute_empty host.cves
-
-    assert_equal host.cves, host.cves.distinct
-  end
-
-  test "should filter out CVEs that do not affect the host" do
-    oval_data = create_cve_data @fxs.two
-    host = FactoryBot.create(:host)
-    assert_empty host.cves
-    @instance.create host, oval_data
-    refute_empty host.cves
-
-    assert_equal host.cves, ForemanOpenscap::Cve.where(:ref_id => @fxs.ids_from(@fxs.res_two))
-  end
-
-  test "should update host with a new set of CVEs" do
-    oval_data = create_cve_data @fxs.one
-    host = FactoryBot.create(:host)
-    assert_empty host.cves
-    @instance.create host, oval_data
-    refute_empty host.cves
-
-    cve_ids_before = host.reload.cve_ids
-    new_oval_data = create_cve_data @fxs.two
-    @instance.create host, new_oval_data
-
-    refute_equal host.reload.cve_ids, cve_ids_before
-    assert_equal host.cves, ForemanOpenscap::Cve.where(:ref_id => @fxs.ids_from(@fxs.res_two))
-
-    @fxs.ids_from(@fxs.res_three).map do |ref_id|
-      refute ForemanOpenscap::Cve.find_by :ref_id => ref_id
-    end
-  end
-
-  test "should not delete CVEs associated to another host" do
-    oval_data = create_cve_data @fxs.one
-    host = FactoryBot.create(:host)
-    @instance.create host, oval_data
-    refute_empty host.cves
-
-    cves_before = host.reload.cves
-
-    oval_data_2 = create_cve_data @fxs.two
-    host_2 = FactoryBot.create(:host)
-    @instance.create host_2, oval_data_2
-
-    assert_equal host.reload.cves, cves_before
-  end
-
-  test "should not delete CVEs associated to another policy" do
-    oval_data = create_cve_data [@fxs.res_three]
-    host = FactoryBot.create(:host)
-    assert_empty host.cves
-    @instance.create host, oval_data
-    refute_empty host.cves
-
-    cve_ids_before = host.reload.cve_ids
-    new_oval_data = create_cve_data [@fxs.res_four], 2
-    @instance.create host, new_oval_data
-
-    refute_equal host.reload.cve_ids, cve_ids_before
-    assert_equal host.cves, ForemanOpenscap::Cve.where(:ref_id => @fxs.ids_from(@fxs.res_three).concat(@fxs.ids_from(@fxs.res_four)))
-  end
-
-  def create_cve_data(fixture, policy_id = 1)
-    { 'oval_results' => fixture, 'oval_policy_id' => policy_id }
-  end
-end

data/test/unit/services/oval/setup_check_test.rb

@@ -1,37 +0,0 @@
-require 'test_plugin_helper'
-
-class ForemanOpenscap::Oval::SetupCheckTest < ActiveSupport::TestCase
-  test 'should show error message with filled in data' do
-    check = ::ForemanOpenscap::Oval::SetupCheck.new(
-      :id => :test_check,
-      :title => _("Will it pass?"),
-      :fail_msg => ->(hash) { "There was an error in #{hash[:name]}, you need to #{hash[:action]}" }
-    )
-
-    check.fail_with!(:name => 'your engine', :action => 'run')
-    assert_equal 'There was an error in your engine, you need to run', check.fail_msg
-  end
-
-  test 'should show error message when it is a string' do
-    msg = "Do not panic"
-    check = ::ForemanOpenscap::Oval::SetupCheck.new(
-      :id => :test_check,
-      :title => _("Will it pass?"),
-      :fail_msg => msg
-    )
-    check.fail!
-    assert_equal msg, check.fail_msg
-  end
-
-  test 'should not show error message when check not failed' do
-    check = ::ForemanOpenscap::Oval::SetupCheck.new(
-      :id => :test_check,
-      :title => _("Will it pass?"),
-      :fail_msg => 'foo'
-    )
-
-    assert_nil check.fail_msg
-    check.fail!
-    assert_not_nil check.fail_msg
-  end
-end

data/test/unit/services/oval/setup_test.rb

@@ -1,87 +0,0 @@
-require 'test_plugin_helper'
-
-class ForemanOpenscap::Oval::SetupTest < ActiveSupport::TestCase
-  setup do
-    @config = ForemanOpenscap::ClientConfig::Ansible.new(::ForemanOpenscap::OvalPolicy)
-  end
-
-  test "should fail check when Ansible not available" do
-    ForemanOpenscap::ClientConfig::Ansible.any_instance.stubs(:available?).returns(false)
-
-    check_collection = ForemanOpenscap::Oval::Setup.new.run
-    assert check_collection.find_check(:foreman_ansible_present).failed?
-    assert check_collection.checks.reject { |res| res.id == :foreman_ansible_present }.all?(&:skipped?)
-  end
-
-  test "should fail check when Ansible role for client not imported" do
-    ForemanOpenscap::ClientConfig::Ansible.any_instance.stubs(:find_config_item).returns(nil)
-
-    check_collection = ForemanOpenscap::Oval::Setup.new.run
-    assert check_collection.find_check(:foreman_ansible_present).passed?
-    assert check_collection.find_check(:foreman_scap_client_role_present).failed?
-
-    assert check_collection.checks
-                           .select { |res| res.id != :foreman_ansible_present && res.id != :foreman_scap_client_role_present }
-                           .all?(&:skipped?)
-  end
-
-  test "should fail check when required Ansible variables are not imported" do
-    FactoryBot.create(:ansible_role, :name => @config.ansible_role_name)
-    check_collection = ForemanOpenscap::Oval::Setup.new.run
-    assert check_collection.find_check(:foreman_ansible_present).passed?
-    assert check_collection.find_check(:foreman_scap_client_role_present).passed?
-
-    res = check_collection.find_check(:foreman_scap_client_vars_present)
-    assert res.failed?
-    msg = "The following Ansible Variables were not found: foreman_scap_client_oval_policies, foreman_scap_client_port, foreman_scap_client_server, please import them before running this action again."
-    assert res.fail_msg, msg
-    assert override_results(check_collection.checks).all?(&:skipped?)
-  end
-
-  test "should fail check when fails to override a variable" do
-    role = FactoryBot.create(:ansible_role, :name => @config.ansible_role_name)
-    FactoryBot.create(:ansible_variable, :key => @config.port_param, :ansible_role => role)
-    FactoryBot.create(:ansible_variable, :key => @config.server_param, :ansible_role => role)
-    FactoryBot.create(:ansible_variable, :key => @config.policies_param, :ansible_role => role)
-    AnsibleVariable.any_instance.stubs(:save).returns(false)
-    AnsibleVariable.any_instance.stubs(:changed?).returns(true)
-    check_collection = ForemanOpenscap::Oval::Setup.new.run
-    assert check_collection.find_check(:foreman_ansible_present).passed?
-    assert check_collection.find_check(:foreman_scap_client_role_present).passed?
-    assert check_collection.find_check(:foreman_scap_client_vars_present).passed?
-    assert override_results(check_collection.checks).all?(&:failed?)
-  end
-
-  test "should pass all checks" do
-    role = FactoryBot.create(:ansible_role, :name => @config.ansible_role_name)
-    port_param = FactoryBot.create(:ansible_variable, :key => @config.port_param, :ansible_role => role)
-    server_param = FactoryBot.create(:ansible_variable, :key => @config.server_param, :ansible_role => role)
-    policies_param = FactoryBot.create(:ansible_variable, :key => @config.policies_param, :ansible_role => role)
-    check_collection = ForemanOpenscap::Oval::Setup.new.run
-
-    [policies_param, port_param, server_param].map(&:reload)
-
-    assert check_collection.all_passed?
-
-    assert @config.policies_param_default_value, policies_param.default_value
-    assert_equal 'array', policies_param.key_type
-    refute policies_param.hidden_value?
-    assert policies_param.override
-
-    refute port_param.value
-    assert_equal 'integer', port_param.key_type
-    assert port_param.override
-
-    refute server_param.hidden_value?
-    assert_equal 'string', server_param.key_type
-    assert server_param.override
-  end
-
-  def override_results(checks)
-    checks.select do |res|
-      res.id == :foreman_scap_client_server_overriden ||
-      res.id == :foreman_scap_client_port_overriden ||
-      res.id == :foreman_scap_client_policies_overriden
-    end
-  end
-end

data/webpack/graphql/mutations/createOvalPolicy.gql

@@ -1,22 +0,0 @@
-mutation CreateOvalPolicy($name: String!, $period: String!, $cronLine: String, $ovalContentId: Int!, $hostgroupIds: [Int!]) {
-  createOvalPolicy(input: {name: $name, period: $period, cronLine: $cronLine, ovalContentId: $ovalContentId, hostgroupIds: $hostgroupIds}) {
-    ovalPolicy {
-      name
-      id
-      period
-      cronLine
-      hostgroups {
-        nodes {
-          name
-          id
-        }
-      }
-    }
-    checkCollection {
-      id
-      errors
-      failMsg
-      result
-    }
-  }
-}

data/webpack/graphql/mutations/deleteOvalContent.gql

@@ -1,9 +0,0 @@
-mutation DeleteOvalContent($id: ID!) {
-  deleteOvalContent(input: { id: $id }) {
-    id
-    errors {
-      path
-      message
-    }
-  }
-}

data/webpack/graphql/mutations/deleteOvalPolicy.gql

@@ -1,9 +0,0 @@
-mutation DeleteOvalPolicy($id: ID!) {
-  deleteOvalPolicy(input: { id: $id }) {
-    id
-    errors {
-      path
-      message
-    }
-  }
-}

data/webpack/graphql/mutations/updateOvalPolicy.gql

@@ -1,14 +0,0 @@
-mutation UpdateOvalPolicy($id: ID!, $name: String, $description: String, $cronLine: String) {
-  updateOvalPolicy(input:{ id:$id, name:$name, description: $description, cronLine: $cronLine }) {
-    ovalPolicy {
-      id
-      name
-      description
-      cronLine
-    }
-    errors {
-      path
-      message
-    }
-  }
-}

data/webpack/graphql/queries/currentUserAttributes.gql

@@ -1,11 +0,0 @@
-fragment CurrentUserAttributes on User {
-  id
-  login
-  admin
-  permissions {
-    nodes {
-      id
-      name
-    }
-  }
-}

data/webpack/graphql/queries/cves.gql

@@ -1,23 +0,0 @@
-#import "./currentUserAttributes.gql"
-
-query($search: String, $first: Int, $last: Int) {
-  cves(search: $search, first: $first, last: $last) {
-    totalCount
-    nodes {
-      id
-      refId
-      refUrl
-      hasErrata
-      definitionId
-      hosts {
-        nodes {
-          id
-          name
-        }
-      }
-    }
-  }
-  currentUser {
-    ...CurrentUserAttributes
-  }
-}

data/webpack/graphql/queries/hostgroups.gql

@@ -1,14 +0,0 @@
-#import "./currentUserAttributes.gql"
-
-query($search: String, $first: Int, $last: Int) {
-  hostgroups(search: $search, first: $first, last: $last) {
-    totalCount
-    nodes {
-      id
-      name
-    }
-  }
-  currentUser {
-    ...CurrentUserAttributes
-  }
-}

data/webpack/graphql/queries/ovalContent.gql

@@ -1,8 +0,0 @@
-query($id: String!) {
-  ovalContent(id: $id) {
-    id
-    name
-    url
-    originalFilename
-  }
-}

data/webpack/graphql/queries/ovalContents.gql

@@ -1,19 +0,0 @@
-#import "./currentUserAttributes.gql"
-
-query($first: Int, $last: Int) {
-  ovalContents(first: $first, last: $last) {
-    totalCount
-    nodes {
-      id
-      name
-      url
-      originalFilename
-      meta {
-        canDestroy
-      }
-    }
-  }
-  currentUser {
-    ...CurrentUserAttributes
-  }
-}

data/webpack/graphql/queries/ovalPolicies.gql

@@ -1,20 +0,0 @@
-#import "./currentUserAttributes.gql"
-
-query($first: Int, $last: Int) {
-  ovalPolicies(first: $first, last: $last) {
-    totalCount
-    nodes {
-      id
-      name
-      meta {
-        canDestroy
-      }
-      ovalContent {
-        name
-      }
-    }
-  }
-  currentUser {
-    ...CurrentUserAttributes
-  }
-}

data/webpack/graphql/queries/ovalPolicy.gql

@@ -1,29 +0,0 @@
-#import "./currentUserAttributes.gql"
-
-query($id: String!) {
-  ovalPolicy(id: $id) {
-    id
-    name
-    period
-    cronLine
-    weekday
-    dayOfMonth
-    description
-    meta {
-      canEdit
-    }
-    hostgroups {
-      nodes {
-        id
-        descendants {
-          nodes {
-            id
-          }
-        }
-      }
-    }
-  }
-  currentUser {
-    ...CurrentUserAttributes
-  }
-}

data/webpack/helpers/pathsHelper.js

@@ -1,29 +0,0 @@
-import { decodeModelId } from './globalIdHelper';
-
-const experimental = path => `/experimental${path}`;
-
-const showPath = path => `${path}/:id`;
-const newPath = path => `${path}/new`;
-
-export const modelPath = (basePath, model) =>
-  `${basePath}/${decodeModelId(model)}`;
-
-// react-router uses path-to-regexp, should we use it as well in a future?
-// https://github.com/pillarjs/path-to-regexp/tree/v1.7.0#compile-reverse-path-to-regexp
-export const resolvePath = (path, params) =>
-  Object.entries(params).reduce(
-    (memo, [key, value]) => memo.replace(key, value),
-    path
-  );
-
-export const ovalContentsApiPath = '/api/v2/compliance/oval_contents';
-
-export const ovalContentsPath = experimental('/compliance/oval_contents');
-export const ovalContentsShowPath = showPath(ovalContentsPath);
-export const ovalContentsNewPath = newPath(ovalContentsPath);
-export const ovalPoliciesPath = experimental('/compliance/oval_policies');
-export const ovalPoliciesShowPath = `${showPath(ovalPoliciesPath)}/:tab?`;
-export const ovalPoliciesNewPath = newPath(ovalPoliciesPath);
-export const hostsPath = '/hosts';
-export const newJobPath = newPath('/job_invocations');
-export const hostsShowPath = showPath(hostsPath);

data/webpack/routes/OvalContents/OvalContentsIndex/OvalContentsIndex.js

@@ -1,71 +0,0 @@
-import React from 'react';
-import PropTypes from 'prop-types';
-import { useQuery } from '@apollo/client';
-import { translate as __ } from 'foremanReact/common/I18n';
-
-import IndexLayout from '../../../components/IndexLayout';
-import LinkButton from '../../../components/LinkButton';
-import OvalContentsTable from './OvalContentsTable';
-import { ovalContentsNewPath } from '../../../helpers/pathsHelper';
-import {
-  useParamsToVars,
-  useCurrentPagination,
-} from '../../../helpers/pageParamsHelper';
-
-import { submitDelete, prepareMutation } from '../../../helpers/mutationHelper';
-import ovalContentsQuery from '../../../graphql/queries/ovalContents.gql';
-import deleteOvalContentMutation from '../../../graphql/mutations/deleteOvalContent.gql';
-
-const OvalContentsIndex = props => {
-  const useFetchFn = componentProps =>
-    useQuery(ovalContentsQuery, {
-      variables: useParamsToVars(componentProps.history),
-    });
-
-  const renameData = data => ({
-    ovalContents: data.ovalContents.nodes,
-    totalCount: data.ovalContents.totalCount,
-  });
-
-  const pagination = useCurrentPagination(props.history);
-
-  return (
-    <IndexLayout pageTitle={__('OVAL Contents')}>
-      <OvalContentsTable
-        {...props}
-        fetchFn={useFetchFn}
-        renameData={renameData}
-        resultPath="ovalContents.nodes"
-        pagination={pagination}
-        emptyStateTitle={__('No OVAL Contents found.')}
-        permissions={['view_oval_contents']}
-        confirmDeleteTitle={__('Delete OVAL Content')}
-        submitDelete={submitDelete}
-        prepareMutation={prepareMutation(
-          props.history,
-          props.showToast,
-          ovalContentsQuery,
-          'deleteOvalContent',
-          __('OVAL Content successfully deleted.'),
-          deleteOvalContentMutation,
-          __('OVAL Content')
-        )}
-        primaryButton={
-          <LinkButton
-            path={ovalContentsNewPath}
-            btnText={__('Create OVAL Content')}
-          />
-        }
-        shouldRefetch={props.location?.state?.refreshOvalContents}
-      />
-    </IndexLayout>
-  );
-};
-
-OvalContentsIndex.propTypes = {
-  history: PropTypes.object.isRequired,
-  showToast: PropTypes.func.isRequired,
-  location: PropTypes.object.isRequired,
-};
-
-export default OvalContentsIndex;