foreman_openscap 0.4.1 → 0.4.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 92cfa722f49b4849b12e6de9b12752f7403250c9
-  data.tar.gz: 216d2b98129dc7cf0de15c0c294522d8147e3a7c
+  metadata.gz: dbe37415bc716af95fb8d1bd1df52052393b8b38
+  data.tar.gz: 9998605cea7e42cc67d82988a534b6a4a6b2a4e3
 SHA512:
-  metadata.gz: 8c90cfa657a43e9490a5246dc8a195d0476b2d2c84ff33c97ffc633c96af029a8ebe71f87b5bc980212192a25aa50bd773d19b01648fea3082f186120e05713a
-  data.tar.gz: b7044c839f2b328e2591f93dc85081f1cc97fded7d0346ed5ab0afdc1896bd4cb82c168ad3af354976e4fb6eaf76c8c3bd1c6f9b0fc0ec558f582257b0df6f50
+  metadata.gz: f62645263b17141c6641dffeb53f9a3180032a5f682bcb988a5c4ede4a9fa2dba62a382e8361db0aaa46c753234adaeb4f17d75b36adfb9e449af8a4b6c50de5
+  data.tar.gz: cae09dbd205f033bb4f5534629a313d7ed8fad6875c23b3ad69a683f7c6eebdb4341ba8595e326d6150d340396a99eeda57f8677c8c176aa065be9d6cc0a7a65

data/app/assets/javascript/foreman_openscap/load_report.js

@@ -0,0 +1,6 @@
+$(document).ready(function() {
+    $('#frame').load(function() {
+        $('#loading').hide();
+        $('#frame').show().css('min-height', '800px');
+    });    
+});

data/app/controllers/api/v2/compliance/policies_controller.rb

@@ -1,8 +1,14 @@
 module Api::V2
   module Compliance
     class PoliciesController < ::Api::V2::BaseController
+      include Foreman::Controller::SmartProxyAuth
+
+      add_smart_proxy_filters :content, :features => 'Openscap'
+      
       before_filter :find_resource, :except => %w{index create}
 
+      skip_after_filter :log_response_body, :only => [:content]
+      
       def resource_name
         'Scaptimony::Policy'
       end
@@ -12,7 +18,7 @@ module Api::V2
       end
 
       def policy_url(policy = nil)
-        api_policy_url(@policy)
+        api_compliance_policy_url(@policy)
       end
 
       resource_description do
@@ -85,6 +91,15 @@ module Api::V2
         not_found and return if params[:id].blank?
         instance_variable_set("@policy", resource_scope.find(params[:id]))
       end
+
+      def action_permission
+        case params[:action]
+          when 'content'
+            :view
+          else
+            super
+        end
+      end
     end
   end
 end

data/app/helpers/concerns/foreman_openscap/hosts_helper_extensions.rb

@@ -4,6 +4,7 @@ module ForemanOpenscap
 
     included do
       alias_method_chain :multiple_actions, :scap
+      alias_method_chain :name_column, :scap
     end
 
     Colors = {
@@ -40,5 +41,9 @@ module ForemanOpenscap
        {:label => _("Failed"), :data => failed, :color => Colors[:failed]},
        {:label => _("Othered"), :data => othered, :color => Colors[:othered]}]
     end
+
+    def name_column_with_scap(record)
+      record.nil? ? _('Host is deleted') : name_column_without_scap(record)
+    end
   end
 end

data/app/views/scaptimony_arf_reports/_list.html.erb

@@ -9,17 +9,17 @@
   </tr>
   <% for arf_report in @arf_reports %>
     <tr>
-      <td><%= arf_report.host.nil? ? _('Host does not exist anymore') : name_column(arf_report.host) %></td>
+      <td><%= name_column(arf_report.host) %></td>
       <td><%= _("%s ago") % time_ago_in_words(arf_report.date) %></td>
       <td><%= report_arf_column(arf_report.passed, "label-info") %></th>
       <td><%= report_arf_column(arf_report.failed, "label-danger") %></th>
       <td><%= report_arf_column(arf_report.othered, "label-warning") %></th>
       <td>
         <%= action_buttons(
-          link_to(_("View Report"), hash_for_scaptimony_arf_report_path(:id => arf_report.id)),
-          display_delete_if_authorized(hash_for_scaptimony_arf_report_path(:id => arf_report.id),
-            :confirm => _("Delete compliance report for %s?") % arf_report.asset.host)
-          ) %>
+                display_link_if_authorized(_("View Report"), hash_for_scaptimony_arf_report_path(:id => arf_report.id)),
+                display_delete_if_authorized(hash_for_scaptimony_arf_report_path(:id => arf_report.id),
+                                             :confirm => _("Delete compliance report for %s?") % arf_report.asset.host)
+            ) %>
       </td>
     </tr>
   <% end %>

data/app/views/scaptimony_arf_reports/show.html.erb

@@ -1,3 +1,12 @@
+<%= javascript 'foreman_openscap/load_report'%>
 <div class="row">
-  <iframe style="min-height: 800px" height="100%" width="100%" frameborder="0" src="<%= parse_scaptimony_arf_report_path(@arf_report) %>"></iframe>
+
+  <div id="loading">
+    <div class="col-md-4"></div>
+    <div class="col-md-4">
+      <%= image_tag('/assets/spinner.gif') %>
+      <%= _('Loading...') %>
+    </div>
+  </div>
+  <iframe id="frame" style="display: none" height="100%" width="100%" frameborder="0" src="<%= parse_scaptimony_arf_report_path(@arf_report) %>"></iframe>
 </div>

data/app/views/scaptimony_policies/_list.html.erb

@@ -8,23 +8,23 @@
   <% for policy in @policies %>
     <tr>
       <td>
-          <%= link_to policy.name, scaptimony_policy_dashboard_scaptimony_policy_path(:id => policy.id) %>
+        <%= link_to_if_authorized(policy.name.to_s, hash_for_scaptimony_policy_dashboard_scaptimony_policy_path(:id => policy.id)) %>
       </td>
       <td>
-          <% if !policy.scap_content.nil? %>
-            <%= link_to_if_authorized policy.scap_content.title,
-                  hash_for_edit_scaptimony_scap_content_path(:id => policy.scap_content) %>
-          <% end %>
+        <% if !policy.scap_content.nil? %>
+          <%= link_to_if_authorized policy.scap_content.title,
+                                         hash_for_edit_scaptimony_scap_content_path(:id => policy.scap_content) %>
+        <% end %>
       </td>
       <td>
-          <%= policy.scap_content_profile.nil? ? "Default" : policy.scap_content_profile.title %>
+        <%= policy.scap_content_profile.nil? ? "Default" : policy.scap_content_profile.title %>
       </td>
       <td>
-          <%= action_buttons(
-            link_to_if_authorized(_("Show Guide"), hash_for_scaptimony_policy_path(:id => policy.id)),
-            link_to_if_authorized(_("Edit"), hash_for_edit_scaptimony_policy_path(:id => policy.id)),
-            display_delete_if_authorized(hash_for_scaptimony_policy_path(:id => policy.id),
-              :confirm => _("Delete compliance policy %s with all the reports?") % policy.name)
+        <%= action_buttons(
+                display_link_if_authorized(_("Show Guide"), hash_for_scaptimony_policy_path(:id => policy.id)),
+                display_link_if_authorized(_("Edit"), hash_for_edit_scaptimony_policy_path(:id => policy.id)),
+                display_delete_if_authorized(hash_for_scaptimony_policy_path(:id => policy.id),
+                                             :confirm => _("Delete compliance policy %s with all the reports?") % policy.name)
             ) %>
       </td>
     </tr>

data/app/views/scaptimony_scap_contents/_list.html.erb

@@ -8,21 +8,21 @@
   <% for content in @contents %>
     <tr>
       <td>
-          <%= content.title %>
+        <%= content.title %>
       </td>
       <td>
-          <%= content.original_filename %>
+        <%= content.original_filename %>
       </td>
       <td>
-          <%= _("%s ago") % time_ago_in_words(content.created_at.getlocal) %>
+        <%= _("%s ago") % time_ago_in_words(content.created_at.getlocal) %>
       </td>
       <td>
         <%= action_buttons(
-          link_to_if_authorized(_("Edit"), hash_for_edit_scaptimony_scap_content_path(:id => content.id)),
-          link_to_if_authorized(_("Download"), hash_for_scaptimony_scap_content_path(:id => content.id)),
-          display_delete_if_authorized(hash_for_scaptimony_scap_content_path(:id => content.id),
-                                       :confirm => _("Delete compliance policy %s with all the reports?") % content.title)
-          ) %>
+                display_link_if_authorized(_("Edit"), hash_for_edit_scaptimony_scap_content_path(:id => content.id)),
+                display_link_if_authorized(_("Download"), hash_for_scaptimony_scap_content_path(:id => content.id)),
+                display_delete_if_authorized(hash_for_scaptimony_scap_content_path(:id => content.id),
+                                             :confirm => _("Delete compliance policy %s with all the reports?") % content.title)
+            ) %>
       </td>
     </tr>
   <% end %>

data/lib/foreman_openscap/bulk_upload.rb

@@ -24,8 +24,9 @@ module ForemanOpenscap
         digest = Digest::SHA2.hexdigest(datastream)
         title = content_name(datastream)
         filename = original_filename(datastream)
-        scap_content = Scaptimony::ScapContent.where(:title => title, :digest => digest, :scap_file => file).first_or_initialize
+        scap_content = Scaptimony::ScapContent.where(:title => title, :digest => digest).first_or_initialize
         unless scap_content.persisted?
+          scap_content.scap_file = file
           scap_content.original_filename = filename
           next puts "## SCAP content is invalid: #{scap_content.errors.full_messages.uniq.join(',')} ##" unless scap_content.valid?
           if scap_content.save

data/lib/foreman_openscap/engine.rb

@@ -32,41 +32,88 @@ module ForemanOpenscap
                                        'foreman_openscap/policy.css']}}
     end
 
-    initializer 'foreman_openscap.register_plugin', :after=> :finisher_hook do |app|
+    initializer 'foreman_openscap.apipie' do
+      Apipie.configuration.checksum_path += ['/compliance/']
+    end
+
+    initializer 'foreman_openscap.register_plugin', :after => :finisher_hook do |app|
       Foreman::Plugin.register :foreman_openscap do
         requires_foreman '>= 1.5'
 
+        apipie_documented_controllers ["#{ForemanOpenscap::Engine.root}/app/controllers/api/v2/compliance/*.rb"]
+
         # Add permissions
         security_block :foreman_openscap do
-          permission :view_arf_reports, {:scaptimony_arf_reports => [:index, :show],
-                                         :scaptimony_policies => [:index, :show],
-                                         :scaptimony_scap_contents => [:index, :show],
-                                        }
-          permission :edit_compliance, {:scaptimony_arf_reports => [:destroy],
-                                        :scaptimony_policies => [:new, :create, :edit, :update, :destroy,
-                                          :select_multiple_hosts, :upldate_multiple_hosts],
-                                        :scaptimony_scap_contents => [:new, :create, :edit, :update]
-                                       }
+          permission :view_arf_reports, {:scaptimony_arf_reports         => [:index, :show, :parse, :auto_complete_search],
+                                         'api/v2/compliance/arf_reports' => [:index, :show],
+                                         :scaptimony_hosts               => [:show]}
+          permission :destroy_arf_reports, {:scaptimony_arf_reports         => [:destroy],
+                                            'api/v2/compliance/arf_reports' => [:destroy]}
+          permission :create_arf_reports, {'api/v2/compliance/arf_reports' => [:create]}
+
+          permission :view_scaptimony_policies, {:scaptimony_policies         => [:index, :show, :parse, :auto_complete_search],
+                                                 :scaptimony_policy_dashboard => [:index],
+                                                 :scaptimony_dashboard        => [:index],
+                                                 'api/v2/compliance/policies' => [:index, :show, :content]},
+                     :resource_type => 'Scaptimony::Policy'
+          permission :edit_scaptimony_policies, {:scaptimony_policies         => [:edit, :update, :scap_content_selected],
+                                                 'api/v2/compliance/policies' => [:update]},
+                     :resource_type => 'Scaptimony::Policy'
+          permission :create_scaptimony_policies, {:scaptimony_policies         => [:new, :create],
+                                                   'api/v2/compliance/policies' => [:create]},
+                     :resource_type => 'Scaptimony::Policy'
+          permission :destroy_scaptimony_policies, {:scaptimony_policies         => [:destroy],
+                                                    'api/v2/compliance/policies' => [:destroy]},
+                     :resource_type => 'Scaptimony::Policy'
+          permission :assign_scaptimony_policies, {:scaptimony_policies => [:select_multiple_hosts, :update_multiple_hosts,
+                                                                            :disassociate_multiple_hosts,
+                                                                            :remove_policy_from_multiple_hosts]},
+                     :resource_type => 'Scaptimony::Policy'
+          permission :view_scaptimony_scap_contents, {:scaptimony_scap_contents         => [:index, :show, :auto_complete_search],
+                                                      'api/v2/compliance/scap_contents' => [:index, :show]},
+                     :resource_type => 'Scaptimony::ScapContent'
+          permission :edit_scaptimony_scap_contents, {:scaptimony_scap_contents         => [:edit, :update],
+                                                      'api/v2/compliance/scap_contents' => [:update]},
+                     :resource_type => 'Scaptimony::ScapContent'
+          permission :create_scaptimony_scap_contents, {:scaptimony_scap_contents         => [:new, :create],
+                                                        'api/v2/compliance/scap_contents' => [:create]},
+                     :resource_type => 'Scaptimony::ScapContent'
+          permission :destroy_scaptimony_scap_contents, {:scaptimony_scap_contents         => [:destroy],
+                                                         'api/v2/compliance/scap_contents' => [:destroy]},
+                     :resource_type => 'Scaptimony::ScapContent'
         end
 
-        role "View compliance reports", [:view_arf_reports]
-        role "Edit compliance policies", [:edit_compliance]
+        role "Compliance viewer", [:view_arf_reports, :view_scaptimony_policies, :view_scaptimony_scap_contents]
+        role "Compliance manager", [:view_arf_reports, :view_scaptimony_policies, :view_scaptimony_scap_contents,
+                                    :destroy_arf_reports, :edit_scaptimony_policies, :edit_scaptimony_scap_contents, :assign_scaptimony_policies,
+                                    :create_scaptimony_policies, :create_scaptimony_scap_contents, :destroy_scaptimony_policies, :destroy_scaptimony_scap_contents]
+        role "Create ARF report", [:create_arf_reports] # special as only Proxy can create
 
         #add menu entries
         divider :top_menu, :caption => N_('Compliance'), :parent => :hosts_menu
         menu :top_menu, :compliance_policies, :caption => N_('Policies'),
-             :url_hash => {:controller => :'scaptimony_policies', :action => :index },
+             :url_hash => {:controller => :'scaptimony_policies', :action => :index},
              :parent => :hosts_menu
         menu :top_menu, :compliance_contents, :caption => N_('SCAP contents'),
-             :url_hash => {:controller => :'scaptimony_scap_contents', :action => :index },
+             :url_hash => {:controller => :'scaptimony_scap_contents', :action => :index},
              :parent => :hosts_menu
         menu :top_menu, :compliance_reports, :caption => N_('Reports'),
-             :url_hash => {:controller => :'scaptimony_arf_reports', :action => :index },
-             :parent   => :hosts_menu
+             :url_hash => {:controller => :'scaptimony_arf_reports', :action => :index},
+             :parent => :hosts_menu
 
         # add dashboard widget
-        widget 'foreman_openscap_host_reports_widget', :name => N_('OpenSCAP Host reports widget'), :sizex => 4, :sizey =>1
-        widget 'foreman_openscap_reports_breakdown_widget', :name => N_('OpenSCAP Host reports widget'), :sizex => 4, :sizey =>1
+        widget 'foreman_openscap_host_reports_widget', :name => N_('OpenSCAP Host reports widget'), :sizex => 4, :sizey => 1
+        widget 'foreman_openscap_reports_breakdown_widget', :name => N_('OpenSCAP Host reports widget'), :sizex => 4, :sizey => 1
+
+        # As 'scaptimony_arf_report_breakdowns' is a view and does not appear in schema.rb, db:test:prepare will not create the view
+        # which will make the following tests fail.
+        tests_to_skip ({
+                          "DashboardIntegrationTest" => ["dashboard page", "dashboard link hosts that had performed modifications",
+                                              "dashboard link hosts in error state", "dashboard link good host reports",
+                                              "dashboard link hosts that had pending changes", "dashboard link out of sync hosts",
+                                              "dashboard link hosts with no reports", "dashboard link hosts with alerts disabled",
+                                              "widgets not in dashboard show up in list"]
+                      })
       end
     end
 

data/lib/foreman_openscap/version.rb

@@ -1,3 +1,3 @@
 module ForemanOpenscap
-  VERSION = "0.4.1"
+  VERSION = "0.4.2"
 end

data/test/factories/arf_report_factory.rb

@@ -2,9 +2,7 @@ FactoryGirl.define do
   factory :arf_report, :class => Scaptimony::ArfReport do |f|
     f.asset
     f.policy
-    f.sequence :digest do |n|
-      "#{n}#{n}#{n}aabbcc#{n}3322dd"
-    end
+    f.sequence(:digest) { |n| "#{n}1212aa#{n}"}
     date '1973-01-13'
   end
 end

data/test/factories/asset_factory.rb

@@ -1,6 +1,6 @@
 FactoryGirl.define do
   factory :asset, :class => Scaptimony::Asset do |f|
-    f.assetable_id FactoryGirl.create(:host).id
+    f.assetable_id { FactoryGirl.create(:host).id }
     f.assetable_type 'Host::Base'
   end
-end
+end

data/test/factories/policy_factory.rb

@@ -1,6 +1,6 @@
 FactoryGirl.define do
   factory :policy, :class => Scaptimony::Policy do
-    name 'test_policy'
+    sequence(:name) { |n| "policy#{n}" }
     period 'weekly'
     weekday 'monday'
     scap_content

data/test/functional/api/v2/{arf_reports_controller_test.rb → compliance/arf_reports_controller_test.rb}

@@ -1,6 +1,6 @@
 require 'test_plugin_helper'
 
-class Api::V2::ArfReportsControllerTest < ActionController::TestCase
+class Api::V2::Compliance::ArfReportsControllerTest < ActionController::TestCase
   setup do
     # override validation of policy (puppetclass, lookup_key overrides)
     Scaptimony::Policy.any_instance.stubs(:valid?).returns(true)

data/test/functional/api/v2/{policies_controller_test.rb → compliance/policies_controller_test.rb}

@@ -1,6 +1,6 @@
 require 'test_plugin_helper'
 
-class Api::V2::PoliciesControllerTest < ActionController::TestCase
+class Api::V2::Compliance::PoliciesControllerTest < ActionController::TestCase
   setup do
     Scaptimony::Policy.any_instance.stubs(:ensure_needed_puppetclasses).returns(true)
   end

data/test/functional/api/v2/{scap_contents_controller_test.rb → compliance/scap_contents_controller_test.rb}

@@ -1,6 +1,6 @@
 require 'test_plugin_helper'
 
-class Api::V2::ScapContentsControllerTest < ActionController::TestCase
+class Api::V2::Compliance::ScapContentsControllerTest < ActionController::TestCase
 
   test "should get index" do
     FactoryGirl.create(:scap_content)
@@ -24,7 +24,6 @@ class Api::V2::ScapContentsControllerTest < ActionController::TestCase
 
   test "should create scap content" do
     # Skipped as API does not support uploading files
-    skip
   end
 
   test "should update scap content" do

data/test/lib/foreman_openscap/bulk_upload_test.rb

@@ -0,0 +1,16 @@
+require 'test_plugin_helper'
+
+class BulkUploadTest < ActiveSupport::TestCase
+  setup do
+    require 'foreman_openscap/bulk_upload'
+  end
+
+  test 'upload_from_files should create only one scap content' do
+    scap_files = ['../foreman_openscap/test/files/scap_contents/ssg-fedora-ds.xml']
+    assert_difference('Scaptimony::ScapContent.count', 1) do
+      2.times do
+        ForemanOpenscap::BulkUpload.new.upload_from_files(scap_files)
+      end
+    end
+  end
+end

data/test/unit/openscap_host_test.rb

@@ -4,7 +4,6 @@ class OpenscapHostTest < ActiveSupport::TestCase
   setup do
     disable_orchestration
     User.current = users :admin
-    Setting[:token_duration] = 0
     Scaptimony::Policy.any_instance.stubs(:ensure_needed_puppetclasses).returns(true)
   end
 

metadata

@@ -1,43 +1,43 @@
 --- !ruby/object:Gem::Specification
 name: foreman_openscap
 version: !ruby/object:Gem::Version
-  version: 0.4.1
+  version: 0.4.2
 platform: ruby
 authors:
 - Šimon Lukašík
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-05-11 00:00:00.000000000 Z
+date: 2015-08-14 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: deface
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "<"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '2.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "<"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '2.0'
 - !ruby/object:Gem::Dependency
   name: scaptimony
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.3.0
+        version: 0.3.2
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.3.0
+        version: 0.3.2
 description: Foreman plug-in for managing security compliance reports
 email:
 - slukasik@redhat.com
@@ -47,6 +47,7 @@ extra_rdoc_files: []
 files:
 - LICENSE
 - README.md
+- app/assets/javascript/foreman_openscap/load_report.js
 - app/assets/javascript/foreman_openscap/period_selector.js
 - app/assets/javascript/foreman_openscap/policy_edit.js
 - app/assets/javascript/foreman_openscap/scap_hosts_show.js
@@ -138,9 +139,10 @@ files:
 - test/factories/policy_factory.rb
 - test/factories/scap_content_related.rb
 - test/files/scap_contents/ssg-fedora-ds.xml
-- test/functional/api/v2/arf_reports_controller_test.rb
-- test/functional/api/v2/policies_controller_test.rb
-- test/functional/api/v2/scap_contents_controller_test.rb
+- test/functional/api/v2/compliance/arf_reports_controller_test.rb
+- test/functional/api/v2/compliance/policies_controller_test.rb
+- test/functional/api/v2/compliance/scap_contents_controller_test.rb
+- test/lib/foreman_openscap/bulk_upload_test.rb
 - test/test_plugin_helper.rb
 - test/unit/openscap_host_test.rb
 homepage: https://github.com/OpenSCAP/foreman_openscap
@@ -153,12 +155,12 @@ require_paths:
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
-  - - '>='
+  - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - '>='
+  - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
@@ -172,10 +174,11 @@ test_files:
 - test/factories/asset_factory.rb
 - test/factories/scap_content_related.rb
 - test/factories/arf_report_factory.rb
+- test/lib/foreman_openscap/bulk_upload_test.rb
 - test/unit/openscap_host_test.rb
 - test/files/scap_contents/ssg-fedora-ds.xml
-- test/functional/api/v2/policies_controller_test.rb
-- test/functional/api/v2/scap_contents_controller_test.rb
-- test/functional/api/v2/arf_reports_controller_test.rb
+- test/functional/api/v2/compliance/policies_controller_test.rb
+- test/functional/api/v2/compliance/scap_contents_controller_test.rb
+- test/functional/api/v2/compliance/arf_reports_controller_test.rb
 - test/test_plugin_helper.rb
 has_rdoc: