foreman_openscap 0.10.2 → 0.10.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 779fdbca1d48ffd319ebc5beb1228baa895f46c6
-  data.tar.gz: 5dc50eb81fb126fe7a37f5acf8d191e9793c6a77
+  metadata.gz: a8a1469f7adb801cd2a0546ae4ee61e2fe2161d5
+  data.tar.gz: 5f0e0fb1d2749991765d97548e144df5e837fe35
 SHA512:
-  metadata.gz: 2868f1d27bd4d4f05fa6d0fe1f9eb259e3390be31cc1dbd8811609e8095c1bffe7766478bf191ba7ac2050ab2471a3e63f6c0a737b934535b6519cb1cb977f7a
-  data.tar.gz: 570ced011de2aa3e8b068567d6893495a4eb2ae8b5afefd128d3d613b541a240d401d1e3c22001ee64bac621bcb1ca576f254a09bc32fc56aeebbfe0c8ab184a
+  metadata.gz: 0ef9439800ec792c4982c86e77702a04079bee39797c3ef07de41b9cacd4de64ace28a60f15646ccae66d6eace541bb6c4473aaad3db491a8b18498cfb270f18
+  data.tar.gz: 12600506e0dc3c9abdeda73b14d7f43ab98910ec0c6fe89379a50d84800cfbb2a7401f00d4a2bf8deafb6059b9057049227a832d93938223e9e9a1e295f72dd0

data/app/controllers/api/v2/compliance/arf_reports_controller.rb

@@ -11,6 +11,7 @@ module Api
         add_smart_proxy_filters :create, :features => 'Openscap'
 
         before_action :find_resource, :only => %w[show destroy download download_html]
+        before_action :find_resources_before_create, :only => %w[create]
         skip_after_action :log_response_body, :only => %w[download download_html]
 
         def resource_name
@@ -47,14 +48,9 @@ module Api
         param :date, :identifier, :required => true
 
         def create
-          asset = ForemanOpenscap::Helper::get_asset(params[:cname], params[:policy_id])
-          if asset.host.openscap_proxy
-            arf_report = ForemanOpenscap::ArfReport.create_arf(asset, params.to_unsafe_h)
-            asset.host.refresh_statuses([HostStatus.find_status_by_humanized_name("compliance")])
-            render :json => { :result => :OK, :id => arf_report.id.to_s }
-          else
-            no_proxy_for_host asset
-          end
+          arf_report = ForemanOpenscap::ArfReport.create_arf(@asset, @smart_proxy, params.to_unsafe_h)
+          @asset.host.refresh_statuses([HostStatus.find_status_by_humanized_name("compliance")])
+          render :json => { :result => :OK, :id => arf_report.id.to_s }
         end
 
         api :GET, "/compliance/arf_reports/:id/download/", N_("Download bzipped ARF report")
@@ -84,12 +80,33 @@ module Api
           instance_variable_set("@arf_report", resource_scope.find(params[:id]))
         end
 
+        def find_resources_before_create
+          @asset = ForemanOpenscap::Helper::get_asset(params[:cname], params[:policy_id])
+
+          if !params[:openscap_proxy_url] && !params[:openscap_proxy_name] && !@asset.host.openscap_proxy
+            msg = _('Failed to upload Arf Report, OpenSCAP proxy name or url not found in params when uploading for %s and host is missing openscap_proxy') % @asset.host.name
+            no_proxy_for_host(msg)
+            return
+          elsif !params[:openscap_proxy_url] && !params[:openscap_proxy_name] && @asset.host.openscap_proxy
+            logger.debug 'No proxy params found when uploading arf report, falling back to asset.host.openscap_proxy'
+            @smart_proxy = @asset.host.openscap_proxy
+          else
+            @smart_proxy = SmartProxy.unscoped.find_by :name => params[:openscap_proxy_name]
+            @smart_proxy ||= SmartProxy.unscoped.find_by :url => params[:openscap_proxy_url]
+          end
+
+          unless @smart_proxy
+            msg = _('No proxy found for %{name} or %{url}') % { :name => params[:openscap_proxy_name], :url => params[:openscap_proxy_url] }
+            no_proxy_for_host(msg)
+            return
+          end
+        end
+
         def handle_download_error(error)
           render_error 'standard_error', :status => :internal_error, :locals => { :exception => error }
         end
 
-        def no_proxy_for_host(asset)
-          msg = _('Failed to upload Arf Report, no OpenSCAP proxy set for host %s') % asset.host.name
+        def no_proxy_for_host(msg)
           logger.error msg
           render :json => { :result => msg }, :status => :unprocessable_entity
         end

data/app/controllers/concerns/foreman/controller/parameters/policy_api.rb

@@ -5,7 +5,7 @@ module Foreman::Controller::Parameters::PolicyApi
     def filter_params_list
       [:description, :name, :period, :scap_content_id, :scap_content_profile_id,
        :weekday, :day_of_month, :cron_line, :tailoring_file_id, :tailoring_file_profile_id,
-       :location_ids => [], :organization_ids => [], :hostgroup_ids => []]
+       :location_ids => [], :organization_ids => [], :hostgroup_ids => [], :host_ids => []]
     end
 
     def policy_params_filter

data/app/helpers/policies_helper.rb

@@ -101,4 +101,16 @@ module PoliciesHelper
   def translate_steps(policy)
     policy.steps.map { |step| _(step) }
   end
+
+  def policy_breadcrumbs
+    if @policy
+      breadcrumbs(:resource_url => api_compliance_policies_path,
+                  :items => [
+                    { :caption => _('Policies'),
+                      :url => url_for(policies_path) },
+                    { :caption => @policy.name,
+                      :url => (edit_policy_path(@policy) if authorized_for(hash_for_edit_policy_path(@policy))) }
+                  ])
+    end
+  end
 end

data/app/models/concerns/foreman_openscap/compliance_status_scoped_search.rb

@@ -3,12 +3,6 @@ module ForemanOpenscap
     extend ActiveSupport::Concern
 
     module ClassMethods
-      def compliance_status_scoped_search(status, options = {})
-        options[:offset] = ArfReport::METRIC.index(status.to_s)
-        options[:word_size] = ArfReport::BIT_NUM
-        scoped_search options
-      end
-
       def policy_search(search_alias)
         scoped_search :relation => :policy, :on => :name, :complete_value => true, :rename => search_alias,
               :only_explicit => true, :ext_method => :search_by_policy_name
@@ -42,9 +36,10 @@ module ForemanOpenscap
         by.gsub!(/[^[:alnum:]]/, '')
         case by.downcase
         when 'host'
-          { :conditions => 'reports.id IN (
+          { :conditions => "reports.id IN (
                 SELECT MAX(id) FROM reports sub
-                WHERE sub.host_id = reports.host_id)' }
+                WHERE sub.type = 'ForemanOpenscap::ArfReport'
+                  AND sub.host_id = reports.host_id )" }
         when 'policy'
           { :conditions => 'reports.id IN (
               SELECT latest.id
@@ -60,6 +55,18 @@ module ForemanOpenscap
         end
       end
 
+      def search_by_compliance_status(key, operator, value)
+        scope = case value
+                when 'compliant'
+                  ArfReport.passed
+                when 'incompliant'
+                  ArfReport.failed
+                when 'inconclusive'
+                  ArfReport.othered
+                end
+        query_conditions scope.select(ArfReport.arel_table[:id]).to_sql
+      end
+
       private
 
       def query_conditions(query)
@@ -73,7 +80,7 @@ module ForemanOpenscap
       policy_search :policy
 
       scoped_search :on => :id, :rename => :last_for, :complete_value => { :host => 0, :policy => 1 },
-                    :only_explicit => true, :ext_method => :search_by_last_for
+                    :only_explicit => true, :operators => ['= '], :ext_method => :search_by_last_for
 
       scoped_search :relation => :policy, :on => :name, :complete_value => true, :rename => :comply_with,
                     :only_explicit => true, :operators => ['= '], :ext_method => :search_by_comply_with
@@ -86,9 +93,12 @@ module ForemanOpenscap
 
       scoped_search :relation => :openscap_proxy, :on => :name, :complete_value => true, :only_explicit => true, :rename => :openscap_proxy
 
-      compliance_status_scoped_search 'passed', :on => :status, :rename => :compliance_passed
-      compliance_status_scoped_search 'failed', :on => :status, :rename => :compliance_failed
-      compliance_status_scoped_search 'othered', :on => :status, :rename => :compliance_othered
+      scoped_search :on => :status, :rename => :compliance_status, :operators => ['= '],
+                          :ext_method => :search_by_compliance_status,
+                          :complete_value => { :compliant => ::ForemanOpenscap::ComplianceStatus::COMPLIANT,
+                                               :incompliant => ::ForemanOpenscap::ComplianceStatus::INCOMPLIANT,
+                                               :inconclusive => ::ForemanOpenscap::ComplianceStatus::INCONCLUSIVE },
+                          :validator => ->(value) { ['compliant', 'incompliant', 'inconclusive'].reduce(false) { |memo, item| memo || (item == value) } }
     end
   end
 end

data/app/models/foreman_openscap/arf_report.rb

@@ -102,7 +102,7 @@ module ForemanOpenscap
       status.values.sum
     end
 
-    def self.create_arf(asset, params)
+    def self.create_arf(asset, proxy, params)
       # fail if policy does not exist.
       arf_report = nil
       policy = Policy.find(params[:policy_id])
@@ -112,7 +112,7 @@ module ForemanOpenscap
                                        :reported_at => Time.at(params[:date].to_i),
                                        :status => params[:metrics],
                                        :metrics => params[:metrics],
-                                       :openscap_proxy => asset.host.openscap_proxy)
+                                       :openscap_proxy => proxy)
         PolicyArfReport.where(:arf_report_id => arf_report.id, :policy_id => policy.id, :digest => params[:digest]).first_or_create!
         if params[:logs]
           params[:logs].each do |log|

data/app/models/foreman_openscap/policy.rb

@@ -9,7 +9,7 @@ module ForemanOpenscap
     belongs_to :scap_content
     belongs_to :scap_content_profile
     belongs_to :tailoring_file
-    belongs_to :tailoring_file_profile, :class_name => ForemanOpenscap::ScapContentProfile
+    belongs_to :tailoring_file_profile, :class_name => 'ForemanOpenscap::ScapContentProfile'
     has_many :policy_arf_reports
     has_many :arf_reports, :through => :policy_arf_reports, :dependent => :destroy
     has_many :asset_policies
@@ -65,12 +65,7 @@ module ForemanOpenscap
     end
 
     def hostgroup_ids=(ids)
-      hostgroup_assets = []
-      ids.reject { |id| id.respond_to?(:empty?) && id.empty? }.map do |id|
-        hostgroup_assets << assets.where(:assetable_type => 'Hostgroup', :assetable_id => id).first_or_initialize
-      end
-      existing_host_assets = self.assets.where(:assetable_type => 'Host::Base')
-      self.assets = existing_host_assets + hostgroup_assets
+      assign_ids ids, 'Hostgroup'
     end
 
     def hostgroups
@@ -85,6 +80,10 @@ module ForemanOpenscap
       assets.where(:assetable_type => 'Host::Base').pluck(:assetable_id)
     end
 
+    def host_ids=(ids)
+      assign_ids ids, 'Host::Base'
+    end
+
     def hosts
       Host.where(:id => host_ids)
     end
@@ -253,19 +252,41 @@ module ForemanOpenscap
         return false
       end
 
-      unless policies_param = puppetclass.class_params.find_by(key: POLICIES_CLASS_PARAMETER)
-        errors[:base] << _("Puppet class %{class} does not have %{parameter} class parameter.") % { :class => SCAP_PUPPET_CLASS, :parameter => POLICIES_CLASS_PARAMETER }
-        return false
+      return false unless override_policies_param(puppetclass)
+      return false unless override_port_param(puppetclass)
+      return false unless override_server_param(puppetclass)
+    end
+
+    def override_policies_param(puppetclass)
+      override_param(puppetclass, POLICIES_CLASS_PARAMETER) do |param|
+        param.key_type      = 'array'
+        param.default_value = '<%= @host.policies_enc %>'
       end
+    end
 
-      policies_param.override      = true
-      policies_param.key_type      = 'array'
-      policies_param.default_value = '<%= @host.policies_enc %>'
+    def override_port_param(puppetclass)
+      override_param puppetclass, PORT_CLASS_PARAMETER
+    end
 
-      if policies_param.changed? && !policies_param.save
-        errors[:base] << _("%{parameter} class parameter for class %{class} could not be configured.") % { :class => SCAP_PUPPET_CLASS, :parameter => POLICIES_CLASS_PARAMETER }
-        return false
+    def override_server_param(puppetclass)
+      override_param puppetclass, SERVER_CLASS_PARAMETER
+    end
+
+    def override_param(puppetclass, param_name)
+      unless param = puppetclass.class_params.find_by(key: param_name)
+        errors[:base] << _("Puppet class %{class} does not have %{parameter} class parameter.") % { :class => SCAP_PUPPET_CLASS, :parameter => param_name }
+        return
       end
+
+      param.override = true
+
+      yield param if block_given?
+
+      if param.changed? && !param.save
+        errors[:base] << _("%{parameter} class parameter for class %{class} could not be configured.") % { :class => SCAP_PUPPET_CLASS, :parameter => param_name }
+        return
+      end
+      param
     end
 
     def cron_line_split
@@ -347,5 +368,14 @@ module ForemanOpenscap
         end
       end
     end
+
+    def assign_ids(ids, class_name)
+      new_assets = ids.reject { |id| id.respond_to?(:empty?) && id.empty? }.reduce([]) do |memo, id|
+        memo << assets.where(:assetable_type => class_name, :assetable_id => id).first_or_initialize
+      end
+      complimentary_class_name = class_name == 'Host::Base' ? 'Hostgroup' : 'Host::Base'
+      existing_assets = self.assets.where(:assetable_type => complimentary_class_name)
+      self.assets = existing_assets + new_assets
+    end
   end
 end

data/app/models/foreman_openscap/scap_content_profile.rb

@@ -3,6 +3,6 @@ module ForemanOpenscap
     belongs_to :scap_content
     has_many :policies
     belongs_to :tailoring_file
-    has_many :tailoring_file_policies, :class_name => ForemanOpenscap::Policy
+    has_many :tailoring_file_policies, :class_name => 'ForemanOpenscap::Policy'
   end
 end

data/app/views/arf_reports/_list.html.erb

@@ -10,7 +10,7 @@
     <th><%= sort :compliance_passed, :as => _("Passed") %></th>
     <th><%= sort :compliance_failed, :as => _("Failed") %></th>
     <th><%= sort :compliance_othered, :as => _("Other") %></th>
-    <th></th>
+    <th><%= _("Actions") %></th>
   </tr>
   <% for arf_report in @arf_reports %>
     <tr>

data/app/views/compliance_hosts/show.html.erb

@@ -1,5 +1,14 @@
 <% javascript 'charts', 'dashboard', 'foreman_openscap/scap_hosts_show' %>
 
+<%= breadcrumbs(:resource_url => api_hosts_path,
+    :name_field => 'name',
+    :switchable => false,
+    :items => [
+      { :caption => _('Compliance Hosts') },
+      { :caption => (N_("%s compliance reports by policy") % @host.to_label) }
+    ])
+%>
+
 <% title n_("%s compliance report by policy", "%s compliance reports by policy" , @host.combined_policies.length) % @host.to_label %>
 <% @host.combined_policies.each do |policy| %>
   <h2 class="center-block"><%= _('Policy %s') % policy %></h2>

data/app/views/policies/_list.html.erb

@@ -5,7 +5,7 @@
     <th><%= _('Profile') %></th>
     <th><%= _('Tailoring File') %></th>
     <th><%= _('Effective Profile') %></th>
-    <th></th>
+    <th><%= _('Actions') %></th>
   </tr>
   <% for policy in @policies %>
     <tr>

data/app/views/policies/edit.html.erb

@@ -1,13 +1,4 @@
 <% title _("Edit Compliance Policy") %>
-<%= breadcrumbs(:resource_url => api_compliance_policies_path,
-                :items => [
-                  { :caption => _('Policies'),
-                    :url => url_for(policies_path)
-                  },
-                  { :caption => @policy.name,
-                    :url => (edit_policy_path(@policy) if authorized_for(hash_for_edit_policy_path(@policy)))
-                  }
-                ]
-              ) if @policy %>
+<%= policy_breadcrumbs %>
 
 <%= render :partial => "form" %>

data/app/views/policies/show.html.erb

@@ -1,3 +1,5 @@
+<%= policy_breadcrumbs %>
+
 <div class="row">
   <iframe style="min-height: 800px" height="100%" width="100%" frameborder="0" src="<%= parse_policy_path(@policy) %>"></iframe>
 </div>

data/app/views/policy_dashboard/_policy_reports.html.erb

@@ -5,7 +5,7 @@
     <th><%= _("Passed") %></th>
     <th><%= _("Failed") %></th>
     <th><%= _("Other") %></th>
-    <th></th>
+    <th><%= _('Actions') %></th>
   </tr>
   <% for arf_report in @policy.arf_reports.latest %>
     <tr>

data/app/views/scap_contents/_list.html.erb

@@ -3,7 +3,7 @@
     <th class="col-md-4">Title</th>
     <th class="col-md-4">Filename</th>
     <th class="col-md-3">Created</th>
-    <th class="col-md-1"></th>
+    <th class="col-md-1"><%= _('Actions') %></th>
   </tr>
   <% for content in @contents %>
     <tr>

data/app/views/tailoring_files/_list.html.erb

@@ -3,7 +3,7 @@
     <th class="col-md-4"><%= _('Name')%></th>
     <th class="col-md-4"><%= _('Filename') %></th>
     <th class="col-md-3"><%= _('Created') %></th>
-    <th class="col-md-1"></th>
+    <th class="col-md-1"><%= _('Actions') %></th>
   </tr>
   <% @tailoring_files.each do |file| %>
     <tr>

data/db/migrate/20171016125613_add_content_title_unique_constraint.foreman_openscap.rb

@@ -1,6 +1,18 @@
 class AddContentTitleUniqueConstraint < ActiveRecord::Migration[4.2]
   def change
-    remove_index :foreman_openscap_scap_contents, :name => 'index_scaptimony_scap_contents_on_title'
+    titles = ForemanOpenscap::ScapContent.unscoped.group(:title).count.select { |key, value| value > 1 }.keys
+    titles.each do |title|
+      duplicates = ForemanOpenscap::ScapContent.unscoped.where :title => title
+      say "#{duplicates.count} Scap Contents with duplicate title detected: #{title}"
+      duplicates.each.with_index do |item, index|
+        next if index == 0
+        new_title = item.title + " #{index + 1}"
+        say "Renaming Scap Content #{item.title} with id #{item.id} to #{new_title}"
+        item.update_attribute(:title, new_title)
+      end
+    end
+
+    remove_index :foreman_openscap_scap_contents, :name => 'index_scaptimony_scap_contents_on_title' if index_exists?(:foreman_openscap_scap_contents, :title, :name => 'index_scaptimony_scap_contents_on_title')
     add_index :foreman_openscap_scap_contents, :title, :unique => true
   end
 end

data/lib/foreman_openscap/engine.rb

@@ -158,15 +158,17 @@ module ForemanOpenscap
         parameter_filter Hostgroup, :openscap_proxy_id, :openscap_proxy
         parameter_filter Log, :result
 
+        proxy_description = N_('OpenSCAP Proxy to use for fetching SCAP content and uploading ARF reports. Leave blank and override appropriate parameters when using proxy load balancer.')
+
         smart_proxy_for Hostgroup, :openscap_proxy,
                         :feature => 'Openscap',
                         :label => N_('OpenSCAP Proxy'),
-                        :description => N_('OpenSCAP Proxy to use for fetching SCAP content and uploading ARF reports'),
+                        :description => proxy_description,
                         :api_description => N_('ID of OpenSCAP Proxy')
         smart_proxy_for Host::Managed, :openscap_proxy,
                         :feature => 'Openscap',
                         :label => N_('OpenSCAP Proxy'),
-                        :description => N_('OpenSCAP Proxy to use for fetching SCAP content and uploading ARF reports'),
+                        :description => proxy_description,
                         :api_description => N_('ID of OpenSCAP Proxy')
 
         if ForemanOpenscap.with_remote_execution?

data/lib/foreman_openscap/version.rb

@@ -1,3 +1,3 @@
 module ForemanOpenscap
-  VERSION = "0.10.2".freeze
+  VERSION = "0.10.3".freeze
 end

data/test/functional/api/v2/compliance/arf_reports_controller_test.rb

@@ -14,7 +14,7 @@ class Api::V2::Compliance::ArfReportsControllerTest < ActionController::TestCase
 
     @from_json = arf_from_json "#{ForemanOpenscap::Engine.root}/test/files/arf_report/arf_report.json"
     @cname = '9521a5c5-8f44-495f-b087-20e86b30bf67'
-    @proxy = FactoryBot.create(:smart_proxy, :url => "http://smart-proxy.org:8000")
+    @proxy = FactoryBot.create(:smart_proxy, :url => "http://smart-proxy.org:8000", :name => 'smart_proxy_with_openscap')
   end
 
   test "should get index" do
@@ -46,14 +46,15 @@ class Api::V2::Compliance::ArfReportsControllerTest < ActionController::TestCase
     refute t.size.zero?
   end
 
-  test "should create report" do
+  test "should create report using proxy name" do
     reports_cleanup
     date = Time.new(1984, 9, 15)
     ForemanOpenscap::Helper.stubs(:get_asset).returns(@asset)
     post :create,
          :params => @from_json.merge(:cname => @cname,
                                      :policy_id => @policy.id,
-                                     :date => date.to_i),
+                                     :date => date.to_i,
+                                     :openscap_proxy_name => @proxy.name),
          :session => set_session_user
     report = ForemanOpenscap::ArfReport.unscoped.last
     assert_equal date, report.reported_at
@@ -64,7 +65,20 @@ class Api::V2::Compliance::ArfReportsControllerTest < ActionController::TestCase
     assert_equal msg_count, src_count
   end
 
-  test "should not create report for host without proxy" do
+  test "should create report using proxy url" do
+    reports_cleanup
+    date = Time.new(1984, 9, 15)
+    ForemanOpenscap::Helper.stubs(:get_asset).returns(@asset)
+    post :create,
+         :params => @from_json.merge(:cname => @cname,
+                                     :policy_id => @policy.id,
+                                     :date => date.to_i,
+                                     :openscap_proxy_url => @proxy.url),
+         :session => set_session_user
+    assert_response :success
+  end
+
+  test "should not create report when no proxy params present" do
     asset = FactoryBot.create(:asset)
     date = Time.new(1944, 6, 6)
     ForemanOpenscap::Helper.stubs(:get_asset).returns(asset)
@@ -75,7 +89,8 @@ class Api::V2::Compliance::ArfReportsControllerTest < ActionController::TestCase
          :session => set_session_user
     assert_response :unprocessable_entity
     res = JSON.parse(@response.body)
-    assert_equal "Failed to upload Arf Report, no OpenSCAP proxy set for host #{asset.host.name}", res["result"]
+    msg = "Failed to upload Arf Report, OpenSCAP proxy name or url not found in params when uploading for #{asset.host.name} and host is missing openscap_proxy"
+    assert_equal msg, res["result"]
   end
 
   test "should not duplicate messages" do
@@ -83,13 +98,14 @@ class Api::V2::Compliance::ArfReportsControllerTest < ActionController::TestCase
     params = @from_json.with_indifferent_access.merge(:cname => @cname,
                                                       :policy_id => @policy.id,
                                                       :date => dates[0].to_i)
-    assert ForemanOpenscap::ArfReport.create_arf(@asset, params)
+    assert ForemanOpenscap::ArfReport.create_arf(@asset, @proxy, params)
 
     ForemanOpenscap::Helper.stubs(:get_asset).returns(@asset)
     post :create,
          :params => @from_json.merge(:cname => @cname,
                                      :policy_id => @policy.id,
-                                     :date => dates[1].to_i),
+                                     :date => dates[1].to_i,
+                                     :openscap_proxy_name => @proxy.name),
          :session => set_session_user
     assert_equal Message.where(:digest => ForemanOpenscap::ArfReport.unscoped.last.logs.first.message.digest).count, 1
   end
@@ -98,14 +114,15 @@ class Api::V2::Compliance::ArfReportsControllerTest < ActionController::TestCase
     params = @from_json.with_indifferent_access.merge(:cname => @cname,
                                                       :policy_id => @policy.id,
                                                       :date => Time.new(2017, 5, 6).to_i)
-    assert ForemanOpenscap::ArfReport.create_arf(@asset, params)
+    assert ForemanOpenscap::ArfReport.create_arf(@asset, @proxy, params)
 
     ForemanOpenscap::Helper.stubs(:get_asset).returns(@asset)
     changed_from_json = arf_from_json "#{ForemanOpenscap::Engine.root}/test/files/arf_report/arf_report_msg_desc_changed.json"
     post :create,
          :params => changed_from_json.merge(:cname => @cname,
                                             :policy_id => @policy.id,
-                                            :date => Time.new(2017, 6, 6).to_i),
+                                            :date => Time.new(2017, 6, 6).to_i,
+                                            :openscap_proxy_name => @proxy.name),
          :session => set_session_user
 
     assert_response :success
@@ -123,14 +140,15 @@ class Api::V2::Compliance::ArfReportsControllerTest < ActionController::TestCase
     params = @from_json.with_indifferent_access.merge(:cname => @cname,
                                                       :policy_id => @policy.id,
                                                       :date => Time.new(2017, 7, 6).to_i)
-    assert ForemanOpenscap::ArfReport.create_arf(@asset, params)
+    assert ForemanOpenscap::ArfReport.create_arf(@asset, @proxy, params)
 
     ForemanOpenscap::Helper.stubs(:get_asset).returns(@asset)
     changed_from_json = arf_from_json "#{ForemanOpenscap::Engine.root}/test/files/arf_report/arf_report_msg_value_changed.json"
     post :create,
          :params => changed_from_json.merge(:cname => @cname,
                                  :policy_id => @policy.id,
-                                 :date => Time.new(2017, 8, 6).to_i),
+                                 :date => Time.new(2017, 8, 6).to_i,
+                                 :openscap_proxy_name => @proxy.name),
          :session => set_session_user
 
     assert_response :success
@@ -229,6 +247,9 @@ class Api::V2::Compliance::ArfReportsControllerTest < ActionController::TestCase
     create_arf_report_for_search({ "passed" => 1, "othered" => 0, "failed" => 4 }, policy, host_a)
     create_arf_report_for_search({ "passed" => 1, "othered" => 0, "failed" => 0 }, policy, host_b)
     create_arf_report_for_search({ "passed" => 2, "othered" => 3, "failed" => 7 }, policy, host_b)
+    # Add config reports to test for STI type
+    FactoryBot.create(:config_report, :host_id => host_a.id)
+    FactoryBot.create(:config_report, :host_id => host_b.id)
 
     get :index, :params => { :search => "last_for=host" }, :session => set_session_user
     response = ActiveSupport::JSON.decode(@response.body)
@@ -238,6 +259,60 @@ class Api::V2::Compliance::ArfReportsControllerTest < ActionController::TestCase
     assert_equal 7, response['results'].find { |hash| hash["host"]["name"] == host_b.name }["failed"]
   end
 
+  test "should find passed reports by compliance status" do
+    reports_cleanup
+    policy = FactoryBot.create(:policy)
+    passing_1 = create_arf_report_for_search({ "passed" => 4, "othered" => 0, "failed" => 0 }, policy)
+    passing_2 = create_arf_report_for_search({ "passed" => 1, "othered" => 0, "failed" => 0 }, policy)
+    create_arf_report_for_search({ "passed" => 15, "othered" => 9, "failed" => 0 }, policy)
+    create_arf_report_for_search({ "passed" => 2, "othered" => 3, "failed" => 7 }, policy)
+
+    get :index, :params => { :search => "compliance_status=compliant" }, :session => set_session_user
+    response = ActiveSupport::JSON.decode(@response.body)
+    assert_response :success
+    assert_equal 2, response['results'].count
+    response['results'].each do |result|
+      assert(result['passed'] > 0)
+      assert(result['othered'] = 0)
+      assert(result['failed'] = 0)
+    end
+  end
+
+  test "should find failed reports by compliance status" do
+    reports_cleanup
+    policy = FactoryBot.create(:policy)
+    create_arf_report_for_search({ "passed" => 4, "othered" => 0, "failed" => 1 }, policy)
+    create_arf_report_for_search({ "passed" => 1, "othered" => 0, "failed" => 0 }, policy)
+    create_arf_report_for_search({ "passed" => 15, "othered" => 9, "failed" => 0 }, policy)
+    create_arf_report_for_search({ "passed" => 2, "othered" => 3, "failed" => 7 }, policy)
+
+    get :index, :params => { :search => "compliance_status=incompliant" }, :session => set_session_user
+    response = ActiveSupport::JSON.decode(@response.body)
+    assert_response :success
+    assert_equal 2, response['results'].count
+    response['results'].each do |result|
+      assert(result['failed'] > 0)
+    end
+  end
+
+  test "should find othered reports by compliance status" do
+    reports_cleanup
+    policy = FactoryBot.create(:policy)
+    create_arf_report_for_search({ "passed" => 4, "othered" => 0, "failed" => 0 }, policy)
+    create_arf_report_for_search({ "passed" => 1, "othered" => 42, "failed" => 0 }, policy)
+    create_arf_report_for_search({ "passed" => 0, "othered" => 9, "failed" => 0 }, policy)
+    create_arf_report_for_search({ "passed" => 2, "othered" => 3, "failed" => 7 }, policy)
+
+    get :index, :params => { :search => "compliance_status=inconclusive" }, :session => set_session_user
+    response = ActiveSupport::JSON.decode(@response.body)
+    assert_response :success
+    assert_equal 2, response['results'].count
+    response['results'].each do |result|
+      assert(result['failed'] = 0)
+      assert(result['othered'] > 0)
+    end
+  end
+
   private
 
   def reports_cleanup

data/test/unit/policy_test.rb

@@ -15,12 +15,31 @@ class PolicyTest < ActiveSupport::TestCase
     ForemanOpenscap::Policy.any_instance.stubs(:populate_overrides)
     hg1 = FactoryBot.create(:hostgroup)
     hg2 = FactoryBot.create(:hostgroup)
+    host = FactoryBot.create(:compliance_host)
     asset = FactoryBot.create(:asset, :assetable_id => hg1.id, :assetable_type => 'Hostgroup')
-    policy = FactoryBot.create(:policy, :assets => [asset], :scap_content => @scap_content, :scap_content_profile => @scap_profile)
+    host_asset = FactoryBot.create(:asset, :assetable_id => host.id, :assetable_type => 'Host::Base')
+    policy = FactoryBot.create(:policy, :assets => [asset, host_asset], :scap_content => @scap_content, :scap_content_profile => @scap_profile)
     policy.hostgroup_ids = [hg1, hg2].map(&:id)
     policy.save!
     assert_equal 2, policy.hostgroups.count
-    assert policy.hostgroups.include?(hg2)
+    assert_equal 3, policy.assets.count
+    assert_equal host, policy.hosts.first
+  end
+
+  test "should assign hosts by their ids" do
+    ForemanOpenscap::Policy.any_instance.stubs(:find_scap_puppetclass).returns(FactoryBot.create(:puppetclass, :name => 'foreman_scap_client'))
+    ForemanOpenscap::Policy.any_instance.stubs(:populate_overrides)
+    host1 = FactoryBot.create(:compliance_host)
+    host2 = FactoryBot.create(:compliance_host)
+    hostgroup = FactoryBot.create(:hostgroup)
+    asset = FactoryBot.create(:asset, :assetable_id => host1.id, :assetable_type => 'Host::Base')
+    hostgroup_asset = FactoryBot.create(:asset, :assetable_id => hostgroup.id, :assetable_type => 'Hostgroup')
+    policy = FactoryBot.create(:policy, :assets => [asset, hostgroup_asset], :scap_content => @scap_content, :scap_content_profile => @scap_profile)
+    policy.host_ids = [host1, host2].map(&:id)
+    policy.save!
+    assert_equal 2, policy.hosts.count
+    assert_equal 3, policy.assets.count
+    assert_equal hostgroup, policy.hostgroups.first
   end
 
   test "should remove associated hostgroup" do

data/test/unit/puppet_overrides_test.rb

@@ -0,0 +1,38 @@
+require 'test_plugin_helper'
+
+class PuppetOverridesTest < ActiveSupport::TestCase
+  setup do
+    ForemanOpenscap::ScapContent.any_instance.stubs(:fetch_profiles).returns({ 'test_profile_key' => 'test_profile_title' })
+    @scap_content = FactoryBot.create(:scap_content)
+    @scap_profile = FactoryBot.create(:scap_content_profile, :scap_content => @scap_content)
+  end
+
+  test "should override puppet class parameters" do
+    env = FactoryBot.create(:environment)
+    puppet_class = FactoryBot.create(:puppetclass, :name => 'foreman_scap_client')
+    server_param = FactoryBot.create(:puppetclass_lookup_key, :key => 'server')
+    port_param = FactoryBot.create(:puppetclass_lookup_key, :key => 'port')
+    policies_param = FactoryBot.create(:puppetclass_lookup_key, :key => 'policies')
+    FactoryBot.create(:environment_class,
+                      :puppetclass_id => puppet_class.id,
+                      :environment_id => env.id,
+                      :puppetclass_lookup_key_id => server_param.id)
+    FactoryBot.create(:environment_class,
+                      :puppetclass_id => puppet_class.id,
+                      :environment_id => env.id,
+                      :puppetclass_lookup_key_id => port_param.id)
+    FactoryBot.create(:environment_class,
+                      :puppetclass_id => puppet_class.id,
+                      :environment_id => env.id,
+                      :puppetclass_lookup_key_id => policies_param.id)
+    refute server_param.override
+    refute port_param.override
+    refute policies_param.override
+    FactoryBot.create(:policy, :scap_content => @scap_content, :scap_content_profile => @scap_content_profile)
+
+    assert server_param.reload.override
+    assert port_param.reload.override
+    assert policies_param.reload.override
+    assert_equal '<%= @host.policies_enc %>', policies_param.default_value
+  end
+end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: foreman_openscap
 version: !ruby/object:Gem::Version
-  version: 0.10.2
+  version: 0.10.3
 platform: ruby
 authors:
 - slukasik@redhat.com
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2018-07-19 00:00:00.000000000 Z
+date: 2018-09-06 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: deface
@@ -295,6 +295,7 @@ files:
 - test/unit/openscap_host_test.rb
 - test/unit/policy_mailer_test.rb
 - test/unit/policy_test.rb
+- test/unit/puppet_overrides_test.rb
 - test/unit/scap_content_test.rb
 - test/unit/services/report_dashboard/data_test.rb
 - test/unit/services/tailoring_files_proxy_check_test.rb
@@ -338,6 +339,7 @@ test_files:
 - test/unit/services/tailoring_files_proxy_check_test.rb
 - test/unit/services/report_dashboard/data_test.rb
 - test/unit/arf_report_test.rb
+- test/unit/puppet_overrides_test.rb
 - test/test_plugin_helper.rb
 - test/functional/arf_reports_controller_test.rb
 - test/functional/api/v2/compliance/arf_reports_controller_test.rb