foreman_openscap 0.5.3 → 0.5.4
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -7
- data/app/assets/javascripts/foreman_openscap/policy_edit.js +2 -2
- data/app/controllers/api/v2/compliance/arf_reports_controller.rb +3 -9
- data/app/controllers/api/v2/compliance/policies_controller.rb +3 -9
- data/app/controllers/api/v2/compliance/scap_contents_controller.rb +18 -10
- data/app/controllers/arf_reports_controller.rb +5 -5
- data/app/controllers/policies_controller.rb +2 -2
- data/app/helpers/concerns/foreman_openscap/lookup_keys_helper_extensions.rb +14 -0
- data/app/helpers/dashboard_helper.rb +26 -0
- data/app/lib/proxy_api/available_proxy.rb +20 -2
- data/app/lib/proxy_api/migration.rb +13 -0
- data/app/lib/proxy_api/openscap.rb +2 -2
- data/app/mailers/foreman_openscap/policy_mailer.rb +1 -1
- data/app/models/concerns/foreman_openscap/compliance_status_scoped_search.rb +1 -1
- data/app/models/concerns/foreman_openscap/host_extensions.rb +1 -1
- data/app/models/concerns/foreman_openscap/log_extensions.rb +10 -0
- data/app/models/concerns/foreman_openscap/openscap_proxy_core_extensions.rb +29 -9
- data/app/models/concerns/foreman_openscap/openscap_proxy_extensions.rb +1 -1
- data/app/models/foreman_openscap/arf_report.rb +2 -4
- data/app/models/foreman_openscap/policy.rb +3 -3
- data/app/models/foreman_openscap/scap_content.rb +7 -6
- data/app/services/foreman_openscap/report_dashboard/data.rb +1 -1
- data/app/views/api/v2/compliance/arf_reports/base.json.rabl +4 -1
- data/app/views/api/v2/compliance/arf_reports/main.json.rabl +5 -1
- data/app/views/api/v2/compliance/common/_loc.json.rabl +3 -0
- data/app/views/api/v2/compliance/common/_org.json.rabl +3 -0
- data/app/views/api/v2/compliance/policies/base.json.rabl +4 -1
- data/app/views/api/v2/compliance/scap_contents/base.json.rabl +4 -1
- data/app/views/api/v2/compliance/scap_contents/show.json.rabl +7 -1
- data/app/views/arf_reports/_list.html.erb +7 -1
- data/app/views/arf_reports/delete_multiple.html.erb +1 -1
- data/app/views/arf_reports/show.html.erb +1 -1
- data/app/views/compliance_hosts/_openscap_proxy.html.erb +1 -6
- data/app/views/compliance_hosts/show.html.erb +1 -1
- data/app/views/dashboard/_compliance_host_reports_widget.html.erb +2 -6
- data/app/views/foreman_openscap/policy_mailer/policy_summary.erb +1 -1
- data/app/views/policies/_form.html.erb +1 -1
- data/app/views/policies/welcome.html.erb +7 -6
- data/app/views/scap_contents/welcome.html.erb +1 -1
- data/config/routes.rb +5 -1
- data/db/migrate/20150821100137_migrate_from_scaptimony.rb +7 -6
- data/db/migrate/20150929152345_move_arf_reports_to_reports_table.rb +0 -97
- data/db/migrate/20151120090851_add_openscap_proxy_to_host_and_hostgroup.rb +0 -12
- data/db/seeds.d/openscap_policy_notification.rb +1 -1
- data/lib/foreman_openscap/bulk_upload.rb +1 -0
- data/lib/foreman_openscap/data_migration.rb +82 -0
- data/lib/foreman_openscap/engine.rb +5 -6
- data/lib/foreman_openscap/version.rb +1 -1
- data/lib/tasks/foreman_openscap_tasks.rake +14 -0
- data/test/factories/arf_report_factory.rb +1 -0
- data/test/factories/compliance_host_factory.rb +11 -1
- data/test/functional/api/v2/compliance/arf_reports_controller_test.rb +3 -1
- data/test/test_plugin_helper.rb +23 -2
- data/test/unit/scap_content_test.rb +1 -1
- data/test/unit/services/report_dashboard/data_test.rb +25 -0
- metadata +202 -194
- data/app/assets/javascripts/foreman_openscap/openscap_proxy.js +0 -52
- data/app/controllers/concerns/foreman_openscap/hosts_common_controller_extensions.rb +0 -45
- data/db/migrate/20151023131950_link_arf_report_directly_to_host.rb +0 -21
- data/db/seeds.d/openscap_scap_default.rb +0 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
|
-
---
|
2
|
-
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
5
|
-
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
1
|
+
---
|
2
|
+
SHA1:
|
3
|
+
metadata.gz: 96a6e2184a76a03fd739e6c59c6e84f6cb5085fa
|
4
|
+
data.tar.gz: 3d60a8e2769d5f1f965776ae1dc574905c2fb06a
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: a182595dc0be182b440010db2c6ae0ddbc6bf2ade6224cdaf7d9df6f7a1cc04fa4dca4f1d93f99ffdecd39ea7a0bf68eb872af7cbf61c626f2479806c54bd748
|
7
|
+
data.tar.gz: b893e5bddaa8888d8fa602520dec17b3c8e1d97f5b060dfb3a85efce17d32733d4f6929c8a6782c3e5d92d25cf36bd4af93f92705291de3f2228f9902eb2925e
|
@@ -1,12 +1,12 @@
|
|
1
1
|
function scap_content_selected(element){
|
2
2
|
var attrs = attribute_hash(['scap_content_id']);
|
3
3
|
var url = $(element).attr('data-url');
|
4
|
-
|
4
|
+
foreman.tools.showSpinner();
|
5
5
|
$.ajax({
|
6
6
|
data: attrs,
|
7
7
|
type: 'post',
|
8
8
|
url: url,
|
9
|
-
complete: function() { $(element)
|
9
|
+
complete: function() { reloadOnAjaxComplete($(element));},
|
10
10
|
success: function(request) {
|
11
11
|
$('#scap_content_profile_select').html(request);
|
12
12
|
}
|
@@ -30,26 +30,20 @@ module Api
|
|
30
30
|
instance_variable_get :"@arf_report" or fail 'no resource loaded'
|
31
31
|
end
|
32
32
|
|
33
|
-
|
34
|
-
resource_id 'foreman_openscap_arf_reports'
|
35
|
-
api_version 'v2'
|
36
|
-
api_base_url "/api/v2"
|
37
|
-
end
|
38
|
-
|
39
|
-
api :GET, '/compliance/arf_reports', N_('List Arf reports')
|
33
|
+
api :GET, '/compliance/arf_reports', N_('List ARF reports')
|
40
34
|
param_group :search_and_pagination, ::Api::V2::BaseController
|
41
35
|
|
42
36
|
def index
|
43
37
|
@arf_reports = resource_scope_for_index(:permission => :edit_compliance).includes(:asset)
|
44
38
|
end
|
45
39
|
|
46
|
-
api :GET, '/compliance/arf_reports/:id', N_('Show an
|
40
|
+
api :GET, '/compliance/arf_reports/:id', N_('Show an ARF report')
|
47
41
|
param :id, :identifier, :required => true
|
48
42
|
|
49
43
|
def show
|
50
44
|
end
|
51
45
|
|
52
|
-
api :DELETE, '/compliance/arf_reports/:id', N_('Deletes an
|
46
|
+
api :DELETE, '/compliance/arf_reports/:id', N_('Deletes an ARF Report')
|
53
47
|
param :id, :identifier, :required => true
|
54
48
|
|
55
49
|
def destroy
|
@@ -21,12 +21,6 @@ module Api::V2
|
|
21
21
|
api_compliance_policy_url(@policy)
|
22
22
|
end
|
23
23
|
|
24
|
-
resource_description do
|
25
|
-
resource_id 'foreman_openscap_policies'
|
26
|
-
api_version 'v2'
|
27
|
-
api_base_url "/api/v2"
|
28
|
-
end
|
29
|
-
|
30
24
|
api :GET, '/compliance/policies', N_('List SCAP contents')
|
31
25
|
param_group :search_and_pagination, ::Api::V2::BaseController
|
32
26
|
|
@@ -44,11 +38,11 @@ module Api::V2
|
|
44
38
|
param :policy, Hash, :required => true, :action_aware => true do
|
45
39
|
param :name, String, :required => true, :desc => N_('Policy name')
|
46
40
|
param :description, String, :desc => N_('Policy description')
|
47
|
-
param :scap_content_id, Integer, :required => true, :desc => N_('Policy
|
48
|
-
param :scap_content_profile_id, Integer, :required => true, :desc => N_('Policy
|
41
|
+
param :scap_content_id, Integer, :required => true, :desc => N_('Policy SCAP content ID')
|
42
|
+
param :scap_content_profile_id, Integer, :required => true, :desc => N_('Policy SCAP content profile ID')
|
49
43
|
param :period, String, :required => true, :desc => N_('Policy schedule period')
|
50
44
|
param :weekday, String, :required => true, :desc => N_('Policy schedule weekday')
|
51
|
-
param :hostgroup_ids, Array, :desc => N_('Apply policy to
|
45
|
+
param :hostgroup_ids, Array, :desc => N_('Apply policy to host groups')
|
52
46
|
param_group :taxonomies, ::Api::V2::BaseController
|
53
47
|
end
|
54
48
|
end
|
@@ -11,12 +11,6 @@ module Api::V2
|
|
11
11
|
instance_variable_get :"@scap_content" or fail 'no resource loaded'
|
12
12
|
end
|
13
13
|
|
14
|
-
resource_description do
|
15
|
-
resource_id 'foreman_openscap_scap_contents'
|
16
|
-
api_version 'v2'
|
17
|
-
api_base_url "/api/v2"
|
18
|
-
end
|
19
|
-
|
20
14
|
api :GET, '/compliance/scap_contents', N_('List SCAP contents')
|
21
15
|
param_group :search_and_pagination, ::Api::V2::BaseController
|
22
16
|
|
@@ -24,19 +18,24 @@ module Api::V2
|
|
24
18
|
@scap_contents = resource_scope_for_index(:permission => :edit_compliance)
|
25
19
|
end
|
26
20
|
|
27
|
-
api :GET, '/compliance/scap_contents/:id', N_('Show an SCAP content')
|
21
|
+
api :GET, '/compliance/scap_contents/:id/xml', N_('Show an SCAP content as XML')
|
28
22
|
param :id, :identifier, :required => true
|
29
23
|
|
30
|
-
def
|
24
|
+
def xml
|
31
25
|
send_data @scap_content.scap_file,
|
32
26
|
:type => 'application/xml',
|
33
27
|
:filename => @scap_content.original_filename
|
34
28
|
end
|
35
29
|
|
30
|
+
api :GET, '/compliance/scap_contents/:id', N_('Show an SCAP content')
|
31
|
+
param :id, :identifier, :required => true
|
32
|
+
def show
|
33
|
+
end
|
34
|
+
|
36
35
|
def_param_group :scap_content do
|
37
36
|
param :scap_content, Hash, :required => true, :action_aware => true do
|
38
|
-
param :title, String, :required => true, :desc => N_('
|
39
|
-
param :scap_file, String, :required => true
|
37
|
+
param :title, String, :required => true, :desc => N_('SCAP content name')
|
38
|
+
param :scap_file, String, :required => true, :desc => N_('XML containing SCAP content')
|
40
39
|
param_group :taxonomies, ::Api::V2::BaseController
|
41
40
|
end
|
42
41
|
end
|
@@ -69,6 +68,15 @@ module Api::V2
|
|
69
68
|
not_found and return if params[:id].blank?
|
70
69
|
instance_variable_set("@scap_content", resource_scope.find(params[:id]))
|
71
70
|
end
|
71
|
+
|
72
|
+
def action_permission
|
73
|
+
case params[:action]
|
74
|
+
when 'xml'
|
75
|
+
:view
|
76
|
+
else
|
77
|
+
super
|
78
|
+
end
|
79
|
+
end
|
72
80
|
end
|
73
81
|
end
|
74
82
|
end
|
@@ -33,16 +33,16 @@ class ArfReportsController < ApplicationController
|
|
33
33
|
response = @arf_report.to_bzip
|
34
34
|
send_data response, :filename => "#{@arf_report.id}_arf_report.bz2", :type => 'application/octet-stream', :disposition => 'attachement'
|
35
35
|
rescue => e
|
36
|
-
process_error(:error_msg => (_("Failed to downloaded
|
36
|
+
process_error(:error_msg => (_("Failed to downloaded ARF report as bzip: %s") % (e.message)),
|
37
37
|
:error_redirect => arf_report_path(@arf_report.id))
|
38
38
|
end
|
39
39
|
end
|
40
40
|
|
41
41
|
def destroy
|
42
42
|
if @arf_report.destroy
|
43
|
-
process_success(:success_msg => (_("Successfully deleted
|
43
|
+
process_success(:success_msg => (_("Successfully deleted ARF report.")), :success_redirect => arf_reports_path)
|
44
44
|
else
|
45
|
-
process_error(:error_msg => _("Failed to delete
|
45
|
+
process_error(:error_msg => _("Failed to delete ARF Report for host %{host_name} reported at %{reported_at}") % {:host_name => @arf_report.host.name, :reported_at => @arf_report.reported_at})
|
46
46
|
end
|
47
47
|
end
|
48
48
|
|
@@ -70,11 +70,11 @@ class ArfReportsController < ApplicationController
|
|
70
70
|
if params[:arf_report_ids].present?
|
71
71
|
@arf_reports = ::ForemanOpenscap::ArfReport.where(:id => params[:arf_report_ids])
|
72
72
|
if @arf_reports.empty?
|
73
|
-
error _('No
|
73
|
+
error _('No compliance reports were found.')
|
74
74
|
redirect_to(arf_reports_path) and return false
|
75
75
|
end
|
76
76
|
else
|
77
|
-
error _('No
|
77
|
+
error _('No compliance reports selected')
|
78
78
|
redirect_to(arf_reports_path) and return false
|
79
79
|
end
|
80
80
|
return @arf_reports
|
@@ -74,7 +74,7 @@ class PoliciesController < ApplicationController
|
|
74
74
|
if (id = params['policy']['id'])
|
75
75
|
policy = ::ForemanOpenscap::Policy.find(id)
|
76
76
|
policy.assign_hosts(@hosts)
|
77
|
-
notice _("Updated hosts: Assigned with compliance policy:
|
77
|
+
notice _("Updated hosts: Assigned with compliance policy: %s") % policy.name
|
78
78
|
# We prefer to go back as this does not lose the current search
|
79
79
|
redirect_to hosts_path
|
80
80
|
else
|
@@ -92,7 +92,7 @@ class PoliciesController < ApplicationController
|
|
92
92
|
notice _("Updated hosts: Unassigned from compliance policy '%s'") % policy.name
|
93
93
|
redirect_to hosts_path
|
94
94
|
else
|
95
|
-
error _('No valid policy
|
95
|
+
error _('No valid policy ID provided')
|
96
96
|
redirect_to hosts_path
|
97
97
|
end
|
98
98
|
end
|
@@ -0,0 +1,14 @@
|
|
1
|
+
module ForemanOpenscap
|
2
|
+
module LookupKeysHelperExtensions
|
3
|
+
extend ActiveSupport::Concern
|
4
|
+
|
5
|
+
included do
|
6
|
+
alias_method_chain :overridable_lookup_keys, :scap
|
7
|
+
end
|
8
|
+
|
9
|
+
def overridable_lookup_keys_with_scap(klass, obj)
|
10
|
+
return [] if klass.name == "foreman_scap_client"
|
11
|
+
overridable_lookup_keys_without_scap klass, obj
|
12
|
+
end
|
13
|
+
end
|
14
|
+
end
|
@@ -0,0 +1,26 @@
|
|
1
|
+
#
|
2
|
+
# Copyright (c) 2014 Red Hat Inc.
|
3
|
+
#
|
4
|
+
# This software is licensed to you under the GNU General Public License,
|
5
|
+
# version 3 (GPLv3). There is NO WARRANTY for this software, express or
|
6
|
+
# implied, including the implied warranties of MERCHANTABILITY or FITNESS
|
7
|
+
# FOR A PARTICULAR PURPOSE. You should have received a copy of GPLv3
|
8
|
+
# along with this software; if not, see http://www.gnu.org/licenses/gpl.txt
|
9
|
+
#
|
10
|
+
|
11
|
+
module DashboardHelper
|
12
|
+
|
13
|
+
def latest_headers
|
14
|
+
string = "<th>#{_("Host")}</th>"
|
15
|
+
string += "<th>#{_("Policy")}</th>"
|
16
|
+
# TRANSLATORS: initial character of Passed
|
17
|
+
string += translated_header(s_('Passed|P'), _('Passed'))
|
18
|
+
# TRANSLATORS: initial character of Failed
|
19
|
+
string += translated_header(s_('Failed|F'), _('Failed'))
|
20
|
+
# TRANSLATORS: initial character of Othered which is an SCAP term
|
21
|
+
string += translated_header(s_('Othered|O'), _('Othered'))
|
22
|
+
|
23
|
+
string.html_safe
|
24
|
+
end
|
25
|
+
|
26
|
+
end
|
@@ -12,15 +12,33 @@ module ::ProxyAPI
|
|
12
12
|
]
|
13
13
|
|
14
14
|
def initialize(args)
|
15
|
-
@
|
15
|
+
@args = args
|
16
16
|
end
|
17
17
|
|
18
18
|
def available?
|
19
19
|
begin
|
20
|
-
return true if
|
20
|
+
return true if (has_scap_feature? && minimum_version)
|
21
21
|
rescue *HTTP_ERRORS
|
22
22
|
return false
|
23
23
|
end
|
24
|
+
false
|
25
|
+
end
|
26
|
+
|
27
|
+
private
|
28
|
+
|
29
|
+
def has_scap_feature?
|
30
|
+
@features ||= ::ProxyAPI::Features.new(@args).features
|
31
|
+
@features.include?('openscap')
|
32
|
+
end
|
33
|
+
|
34
|
+
def openscap_proxy_version
|
35
|
+
@versions ||= ::ProxyAPI::Version.new(@args).proxy_versions['modules']
|
36
|
+
@versions['openscap'] if @versions && @versions['openscap']
|
37
|
+
end
|
38
|
+
|
39
|
+
def minimum_version
|
40
|
+
return false unless openscap_proxy_version
|
41
|
+
openscap_proxy_version.to_f >= 0.5
|
24
42
|
end
|
25
43
|
end
|
26
44
|
end
|
@@ -0,0 +1,13 @@
|
|
1
|
+
module ::ProxyAPI
|
2
|
+
class Migration < ::ProxyAPI::Resource
|
3
|
+
def initialize(args)
|
4
|
+
@url = args[:url] + '/compliance-importer'
|
5
|
+
super args
|
6
|
+
@connect_params[:headers].merge!(:content_type => 'text/xml', :content_encoding => 'x-bzip2', :multipart => true)
|
7
|
+
end
|
8
|
+
|
9
|
+
def migrate_arf_report(arf_file, host_name, policy_id, date)
|
10
|
+
parse(post(arf_file, "/arf/#{host_name}/#{policy_id}/#{date}"))
|
11
|
+
end
|
12
|
+
end
|
13
|
+
end
|
@@ -24,7 +24,7 @@ module ::ProxyAPI
|
|
24
24
|
@connect_params[:headers] = { :accept => 'application/html' }
|
25
25
|
get "/arf/#{report.id}/#{cname}/#{report.reported_at.to_i}/#{report.policy_arf_report.digest}/html"
|
26
26
|
rescue => e
|
27
|
-
raise ::ProxyAPI::ProxyException.new(url, e, N_("Unable to get
|
27
|
+
raise ::ProxyAPI::ProxyException.new(url, e, N_("Unable to get HTML version of requested report from Smart Proxy"))
|
28
28
|
end
|
29
29
|
end
|
30
30
|
|
@@ -33,7 +33,7 @@ module ::ProxyAPI
|
|
33
33
|
@connect_params[:headers] = { :content_type => 'application/arf-bzip2', :content_encoding => 'x-bzip2' }
|
34
34
|
get "/arf/#{report.id}/#{cname}/#{report.reported_at.to_i}/#{report.policy_arf_report.digest}/xml"
|
35
35
|
rescue => e
|
36
|
-
raise ::ProxyAPI::ProxyException.new(url, e, N_("Unable to get
|
36
|
+
raise ::ProxyAPI::ProxyException.new(url, e, N_("Unable to get XML version of requested report from Smart Proxy"))
|
37
37
|
end
|
38
38
|
end
|
39
39
|
|
@@ -15,7 +15,7 @@ module ForemanOpenscap
|
|
15
15
|
logger.warn "User with valid email not supplied, mail report will not be sent"
|
16
16
|
else
|
17
17
|
set_locale_for(user) do
|
18
|
-
subject = _("
|
18
|
+
subject = _("SCAP policies summary")
|
19
19
|
mail(:to => user.mail, :subject => subject)
|
20
20
|
end
|
21
21
|
end
|
@@ -69,7 +69,7 @@ module ForemanOpenscap
|
|
69
69
|
|
70
70
|
included do
|
71
71
|
scoped_search :in => :policy, :on => :name, :complete_value => true, :rename => :compliance_policy,
|
72
|
-
|
72
|
+
:only_explicit => true, :ext_method => :search_by_policy_name
|
73
73
|
|
74
74
|
scoped_search :on => :id, :rename => :last_for, :complete_value => { :host => 0, :policy => 1 },
|
75
75
|
:only_explicit => true, :ext_method => :search_by_last_for
|
@@ -20,7 +20,7 @@ module ForemanOpenscap
|
|
20
20
|
:complete_value => {:compliant => ::ForemanOpenscap::ComplianceStatus::COMPLIANT,
|
21
21
|
:incompliant => ::ForemanOpenscap::ComplianceStatus::INCOMPLIANT,
|
22
22
|
:inconclusive => ::ForemanOpenscap::ComplianceStatus::INCONCLUSIVE}
|
23
|
-
|
23
|
+
after_update :puppetrun!, :if => ->(host) { Setting[:puppetrun] && host.openscap_proxy_id_changed? }
|
24
24
|
|
25
25
|
scope :comply_with, lambda { |policy|
|
26
26
|
joins(:arf_reports).merge(ArfReport.latest_of_policy policy).merge(ArfReport.passed)
|
@@ -3,6 +3,16 @@ module ForemanOpenscap
|
|
3
3
|
extend ActiveSupport::Concern
|
4
4
|
included do
|
5
5
|
attr_accessible :result
|
6
|
+
SCAP_RESULT = %w(pass fail error unknown notapplicable notchecked notselected informational fixed)
|
7
|
+
validate :scap_result
|
8
|
+
end
|
9
|
+
|
10
|
+
private
|
11
|
+
|
12
|
+
def scap_result
|
13
|
+
if report.is_a? ForemanOpenscap::ArfReport
|
14
|
+
errors.add(:result, _('is not included in SCAP_RESULT')) unless SCAP_RESULT.include? result
|
15
|
+
end
|
6
16
|
end
|
7
17
|
end
|
8
18
|
end
|
@@ -4,19 +4,26 @@ module ForemanOpenscap
|
|
4
4
|
|
5
5
|
included do
|
6
6
|
validate :openscap_proxy_has_feature
|
7
|
+
validate :scap_client_class_present
|
8
|
+
after_save :update_scap_client
|
7
9
|
end
|
8
10
|
|
9
|
-
def
|
10
|
-
|
11
|
+
def update_scap_client
|
12
|
+
update_scap_client_params if openscap_proxy_id_changed?
|
13
|
+
end
|
14
|
+
|
15
|
+
def update_scap_client_params
|
11
16
|
model_match = self.class.name.underscore.match(/\Ahostgroup\z/) ? "hostgroup" : "fqdn"
|
12
|
-
|
13
|
-
fail _("Puppetclass 'foreman_scap_client' not found, make sure it is imported form Puppetmaster") if puppetclass.nil?
|
14
|
-
scap_params = puppetclass.class_params
|
17
|
+
scap_params = find_scap_client.class_params
|
15
18
|
server_lookup_key = scap_params.find { |param| param.key == "server" }
|
16
19
|
port_lookup_key = scap_params.find { |param| param.key == "port" }
|
17
20
|
pairs = scap_client_lookup_values_for([server_lookup_key, port_lookup_key], model_match)
|
18
|
-
|
19
|
-
|
21
|
+
if openscap_proxy_id
|
22
|
+
mapping = { "server" => openscap_proxy.hostname, "port" => openscap_proxy.port }
|
23
|
+
update_scap_client_lookup_values(pairs, model_match, mapping)
|
24
|
+
else
|
25
|
+
destroy_scap_client_lookup_values pairs
|
26
|
+
end
|
20
27
|
end
|
21
28
|
|
22
29
|
def inherited_openscap_proxy_id
|
@@ -32,6 +39,10 @@ module ForemanOpenscap
|
|
32
39
|
end
|
33
40
|
end
|
34
41
|
|
42
|
+
def destroy_scap_client_lookup_values(pairs)
|
43
|
+
pairs.values.map(&:destroy)
|
44
|
+
end
|
45
|
+
|
35
46
|
def update_scap_client_lookup_values(pairs, model_match, mapping)
|
36
47
|
pairs.each do |k, v|
|
37
48
|
if v.nil?
|
@@ -43,13 +54,22 @@ module ForemanOpenscap
|
|
43
54
|
end
|
44
55
|
end
|
45
56
|
|
57
|
+
def find_scap_client
|
58
|
+
Puppetclass.find_by_name("foreman_scap_client")
|
59
|
+
end
|
60
|
+
|
46
61
|
def lookup_matcher(model_match)
|
47
62
|
model_match == "fqdn" ? "#{model_match}=#{name}" : "#{model_match}=#{title}"
|
48
63
|
end
|
49
64
|
|
50
65
|
def openscap_proxy_has_feature
|
51
|
-
|
52
|
-
|
66
|
+
errors.add(:openscap_proxy_id, _("must have Openscap feature")) if openscap_proxy_id && !openscap_proxy.has_feature?("Openscap")
|
67
|
+
end
|
68
|
+
|
69
|
+
def scap_client_class_present
|
70
|
+
if openscap_proxy_id_changed? && openscap_proxy_id
|
71
|
+
errors.add(:openscap_proxy_id, _("Puppet class 'foreman_scap_client' not found, make sure it is imported from Puppet master")) unless find_scap_client
|
72
|
+
end
|
53
73
|
end
|
54
74
|
end
|
55
75
|
end
|
@@ -10,7 +10,7 @@ module ForemanOpenscap
|
|
10
10
|
def openscap_proxy_api
|
11
11
|
return @openscap_api if @openscap_api
|
12
12
|
proxy_url = openscap_proxy.url if openscap_proxy
|
13
|
-
fail(_("No
|
13
|
+
fail(_("No OpenSCAP proxy found for %s") % id) unless proxy_url
|
14
14
|
@openscap_api = ::ProxyAPI::Openscap.new(:url => proxy_url)
|
15
15
|
end
|
16
16
|
end
|
@@ -6,20 +6,18 @@ module ForemanOpenscap
|
|
6
6
|
include OpenscapProxyExtensions
|
7
7
|
|
8
8
|
# attr_accessible :host_id, :reported_at, :status, :metrics
|
9
|
-
RESULT = %w(pass fail error unknown notapplicable notchecked notselected informational fixed)
|
10
9
|
METRIC = %w(passed othered failed)
|
11
10
|
BIT_NUM = 10
|
12
11
|
MAX = (1 << BIT_NUM) - 1
|
13
12
|
|
13
|
+
scoped_search :on => :status, :offset => 0, :word_size => 4*BIT_NUM, :complete_value => {:true => true, :false => false}, :rename => :eventful
|
14
|
+
|
14
15
|
has_one :policy_arf_report, :dependent => :destroy
|
15
16
|
has_one :policy, :through => :policy_arf_report
|
16
17
|
has_one :asset, :through => :host, :class_name => 'ForemanOpenscap::Asset', :as => :assetable
|
17
18
|
after_save :assign_locations_organizations
|
18
19
|
has_one :log, :foreign_key => :report_id
|
19
20
|
|
20
|
-
delegate :result, :to => :log, :allow_nil => true
|
21
|
-
validate :result, :inclusion => { :in => RESULT }
|
22
|
-
|
23
21
|
delegate :asset=, :to => :host
|
24
22
|
|
25
23
|
default_scope do
|