foreman_openscap 0.7.1 → 0.7.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/app/controllers/api/v2/compliance/arf_reports_controller.rb +1 -1
- data/app/controllers/api/v2/compliance/policies_controller.rb +2 -2
- data/app/controllers/api/v2/compliance/scap_contents_controller.rb +1 -1
- data/app/controllers/api/v2/compliance/tailoring_files_controller.rb +1 -1
- data/app/controllers/arf_reports_controller.rb +9 -9
- data/app/controllers/concerns/foreman/controller/parameters/policy.rb +1 -1
- data/app/controllers/openscap_proxies_controller.rb +5 -5
- data/app/controllers/policies_controller.rb +16 -17
- data/app/controllers/policy_dashboard_controller.rb +2 -1
- data/app/controllers/scap_contents_controller.rb +2 -2
- data/app/controllers/tailoring_files_controller.rb +4 -4
- data/app/helpers/arf_report_dashboard_helper.rb +2 -3
- data/app/helpers/arf_reports_helper.rb +1 -1
- data/app/helpers/compliance_hosts_helper.rb +1 -2
- data/app/helpers/policies_helper.rb +4 -4
- data/app/helpers/policy_dashboard_helper.rb +2 -3
- data/app/lib/proxy_api/available_proxy.rb +2 -2
- data/app/lib/proxy_api/openscap.rb +1 -1
- data/app/mailers/foreman_openscap/policy_mailer.rb +1 -1
- data/app/models/concerns/foreman_openscap/compliance_status_scoped_search.rb +7 -8
- data/app/models/concerns/foreman_openscap/host_extensions.rb +44 -25
- data/app/models/concerns/foreman_openscap/log_extensions.rb +1 -1
- data/app/models/concerns/foreman_openscap/openscap_proxy_core_extensions.rb +3 -3
- data/app/models/foreman_openscap/arf_report.rb +34 -12
- data/app/models/foreman_openscap/policy.rb +19 -17
- data/app/models/foreman_openscap/scap_content.rb +4 -2
- data/app/services/foreman_openscap/arf_report_status_calculator.rb +1 -1
- data/app/services/foreman_openscap/host_report_dashboard/data.rb +2 -2
- data/app/services/foreman_openscap/policy_dashboard/data.rb +4 -3
- data/app/validators/foreman_openscap/data_stream_validator.rb +2 -2
- data/app/views/policy_dashboard/_policy_status_widget.html.erb +5 -5
- data/config/routes.rb +6 -6
- data/db/migrate/20141015115511_add_arf_report_unique_constraint.rb +1 -1
- data/db/migrate/20141113221054_create_scaptimony_scap_content_profiles.rb +1 -1
- data/db/migrate/20141116170632_remove_xccdf_profile_from_scaptimony_policies.rb +1 -1
- data/db/migrate/20141121120326_create_scaptimony_arf_report_breakdowns.rb +15 -15
- data/db/migrate/20141121164042_replace_arf_report_breakdown_view.rb +15 -15
- data/db/migrate/20141206211151_create_scaptimony_assets_policies.rb +1 -1
- data/db/migrate/20150115155947_add_scaptimony_scap_content_digest.rb +1 -1
- data/db/migrate/20150821100137_migrate_from_scaptimony.rb +1 -1
- data/db/migrate/20160830113437_remove_deleted_policy.rb +1 -1
- data/db/migrate/20160925213031_change_scap_widget_names.rb +8 -8
- data/db/migrate/20161223153249_add_permissions_to_arf_report.rb +4 -4
- data/db/seeds.d/75-job_templates.rb +6 -1
- data/db/seeds.d/openscap_feature.rb +1 -1
- data/lib/foreman_openscap/data_migration.rb +1 -2
- data/lib/foreman_openscap/engine.rb +33 -34
- data/lib/foreman_openscap/helper.rb +5 -7
- data/lib/foreman_openscap/message_cleaner.rb +32 -0
- data/lib/foreman_openscap/version.rb +1 -1
- data/lib/tasks/foreman_openscap_tasks.rake +12 -0
- data/locale/de/foreman_openscap.po +205 -43
- data/locale/en_GB/foreman_openscap.po +205 -43
- data/locale/es/foreman_openscap.po +205 -43
- data/locale/foreman_openscap.pot +418 -185
- data/locale/fr/foreman_openscap.po +205 -43
- data/locale/gl/foreman_openscap.po +205 -43
- data/locale/it/foreman_openscap.po +205 -43
- data/locale/ja/foreman_openscap.po +205 -43
- data/locale/ko/foreman_openscap.po +205 -43
- data/locale/pt_BR/foreman_openscap.po +205 -43
- data/locale/ru/foreman_openscap.po +205 -43
- data/locale/sv_SE/foreman_openscap.po +205 -43
- data/locale/zh_CN/foreman_openscap.po +205 -43
- data/locale/zh_TW/foreman_openscap.po +205 -43
- data/test/factories/arf_report_factory.rb +2 -2
- data/test/factories/asset_factory.rb +5 -0
- data/test/factories/compliance_host_factory.rb +4 -4
- data/test/factories/compliance_log_factory.rb +9 -4
- data/test/files/arf_report/arf_report.json +1 -0
- data/test/files/arf_report/arf_report_msg_desc_changed.json +1 -0
- data/test/files/arf_report/arf_report_msg_value_changed.json +1 -0
- data/test/functional/api/v2/compliance/arf_reports_controller_test.rb +111 -1
- data/test/functional/api/v2/compliance/policies_controller_test.rb +1 -1
- data/test/functional/api/v2/compliance/tailoring_files_controller_test.rb +4 -4
- data/test/test_plugin_helper.rb +4 -4
- data/test/unit/arf_report_test.rb +5 -5
- data/test/unit/concerns/host_extensions_test.rb +64 -4
- data/test/unit/message_cleaner_test.rb +31 -0
- data/test/unit/policy_mailer_test.rb +1 -2
- data/test/unit/scap_content_test.rb +3 -5
- data/test/unit/services/report_dashboard/data_test.rb +1 -1
- data/test/unit/services/tailoring_files_proxy_check_test.rb +4 -4
- metadata +12 -6
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 9ab167c73f11d1deec80d98b87c0c75a5c2df119
|
4
|
+
data.tar.gz: 2904ab063872e0ba90daca541917ebbde98d0927
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: ff2cdd7e0bedaabf6d5d5f76981afdf07019a8eee6faddd68b9ef88f349c4eef41b02994d04a4fd32894135dca037cedadcb24d5091a28407bdc3e2cc61f057d
|
7
|
+
data.tar.gz: 1661d0a384c8c66285cb2a4385aa47aeaccfdc4e4b8527a0eaca9cbb867fae5310e14b6d84f8dc1f687f7a55b37f30c0a861f6395bb309f7ade56960e3e9ba5b
|
@@ -4,7 +4,7 @@ module Api::V2
|
|
4
4
|
include Foreman::Controller::SmartProxyAuth
|
5
5
|
include Foreman::Controller::Parameters::PolicyApi
|
6
6
|
|
7
|
-
add_smart_proxy_filters
|
7
|
+
add_smart_proxy_filters %i(content tailoring), :features => 'Openscap'
|
8
8
|
|
9
9
|
before_filter :find_resource, :except => %w(index create)
|
10
10
|
|
@@ -15,7 +15,7 @@ module Api::V2
|
|
15
15
|
end
|
16
16
|
|
17
17
|
def get_resource(message = 'no resource loaded')
|
18
|
-
instance_variable_get :"@policy" or
|
18
|
+
instance_variable_get :"@policy" or raise message
|
19
19
|
end
|
20
20
|
|
21
21
|
def policy_url(policy = nil)
|
@@ -9,7 +9,7 @@ module Api::V2
|
|
9
9
|
end
|
10
10
|
|
11
11
|
def get_resource(message = 'no resource loaded')
|
12
|
-
instance_variable_get :"@scap_content" or
|
12
|
+
instance_variable_get :"@scap_content" or raise message
|
13
13
|
end
|
14
14
|
|
15
15
|
api :GET, '/compliance/scap_contents', N_('List SCAP contents')
|
@@ -10,7 +10,7 @@ module Api::V2
|
|
10
10
|
end
|
11
11
|
|
12
12
|
def get_resource(message = 'no resource loaded')
|
13
|
-
instance_variable_get :"@tailoring_file" or
|
13
|
+
instance_variable_get :"@tailoring_file" or raise message
|
14
14
|
end
|
15
15
|
|
16
16
|
api :GET, '/compliance/tailoring_files', N_('List Tailoring files')
|
@@ -2,17 +2,17 @@ class ArfReportsController < ApplicationController
|
|
2
2
|
include Foreman::Controller::AutoCompleteSearch
|
3
3
|
include ForemanOpenscap::ArfReportsControllerCommonExtensions
|
4
4
|
|
5
|
-
before_filter :find_arf_report, :only =>
|
6
|
-
before_filter :find_multiple, :only =>
|
5
|
+
before_filter :find_arf_report, :only => %i(show show_html destroy parse_html parse_bzip download_html)
|
6
|
+
before_filter :find_multiple, :only => %i(delete_multiple submit_delete_multiple)
|
7
7
|
|
8
8
|
def model_of_controller
|
9
9
|
::ForemanOpenscap::ArfReport
|
10
10
|
end
|
11
11
|
|
12
12
|
def index
|
13
|
-
@arf_reports = resource_base.includes(:host =>
|
14
|
-
|
15
|
-
|
13
|
+
@arf_reports = resource_base.includes(:host => %i(policies last_report_object host_statuses))
|
14
|
+
.search_for(params[:search], :order => params[:order])
|
15
|
+
.paginate(:page => params[:page], :per_page => params[:per_page])
|
16
16
|
end
|
17
17
|
|
18
18
|
def show
|
@@ -34,7 +34,7 @@ class ArfReportsController < ApplicationController
|
|
34
34
|
response = @arf_report.to_bzip
|
35
35
|
send_data response, :filename => "#{format_filename}.xml.bz2", :type => 'application/octet-stream', :disposition => 'attachement'
|
36
36
|
rescue => e
|
37
|
-
process_error(:error_msg => (_("Failed to downloaded ARF report as bzip: %s") %
|
37
|
+
process_error(:error_msg => (_("Failed to downloaded ARF report as bzip: %s") % e.message),
|
38
38
|
:error_redirect => arf_report_path(@arf_report.id))
|
39
39
|
end
|
40
40
|
end
|
@@ -52,7 +52,7 @@ class ArfReportsController < ApplicationController
|
|
52
52
|
|
53
53
|
def destroy
|
54
54
|
if @arf_report.destroy
|
55
|
-
process_success(:success_msg =>
|
55
|
+
process_success(:success_msg => _("Successfully deleted ARF report."), :success_redirect => arf_reports_path)
|
56
56
|
else
|
57
57
|
process_error(:error_msg => _("Failed to delete ARF Report for host %{host_name} reported at %{reported_at}") % {:host_name => @arf_report.host.name, :reported_at => @arf_report.reported_at})
|
58
58
|
end
|
@@ -75,7 +75,7 @@ class ArfReportsController < ApplicationController
|
|
75
75
|
private
|
76
76
|
|
77
77
|
def find_arf_report
|
78
|
-
@arf_report = resource_base.includes(:logs =>
|
78
|
+
@arf_report = resource_base.includes(:logs => %i(message source)).find(params[:id])
|
79
79
|
end
|
80
80
|
|
81
81
|
def find_multiple
|
@@ -91,7 +91,7 @@ class ArfReportsController < ApplicationController
|
|
91
91
|
end
|
92
92
|
return @arf_reports
|
93
93
|
rescue => e
|
94
|
-
error _("Something went wrong while selecting compliance reports - %s") %
|
94
|
+
error _("Something went wrong while selecting compliance reports - %s") % e
|
95
95
|
logger.debug e.message
|
96
96
|
logger.debug e.backtrace.join("\n")
|
97
97
|
redirect_to arf_reports_path and return false
|
@@ -5,7 +5,7 @@ module Foreman::Controller::Parameters::Policy
|
|
5
5
|
class_methods do
|
6
6
|
def policy_params_filter
|
7
7
|
Foreman::ParameterFilter.new(::ForemanOpenscap::Policy).tap do |filter|
|
8
|
-
filter.permit(
|
8
|
+
filter.permit(%i(current_step wizard_initiated) + filter_params_list)
|
9
9
|
end
|
10
10
|
end
|
11
11
|
end
|
@@ -22,10 +22,10 @@ class OpenscapProxiesController < ApplicationController
|
|
22
22
|
end
|
23
23
|
|
24
24
|
def find_spool_error
|
25
|
-
@smart_proxy.statuses[:logs]
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
|
25
|
+
@smart_proxy.statuses[:logs]
|
26
|
+
.logs
|
27
|
+
.log_entries
|
28
|
+
.reverse
|
29
|
+
.find { |entry| entry["level"] == "ERROR" && entry["message"].start_with?("Failed to parse Arf Report") }
|
30
30
|
end
|
31
31
|
end
|
@@ -2,8 +2,8 @@ class PoliciesController < ApplicationController
|
|
2
2
|
include Foreman::Controller::AutoCompleteSearch
|
3
3
|
include Foreman::Controller::Parameters::Policy
|
4
4
|
|
5
|
-
before_filter :find_by_id, :only =>
|
6
|
-
before_filter :find_multiple, :only =>
|
5
|
+
before_filter :find_by_id, :only => %i(show edit update parse destroy)
|
6
|
+
before_filter :find_multiple, :only => %i(select_multiple_hosts update_multiple_hosts disassociate_multiple_hosts remove_policy_from_multiple_hosts)
|
7
7
|
before_filter :find_tailoring_file, :only => [:tailoring_file_selected]
|
8
8
|
|
9
9
|
def model_of_controller
|
@@ -11,9 +11,9 @@ class PoliciesController < ApplicationController
|
|
11
11
|
end
|
12
12
|
|
13
13
|
def index
|
14
|
-
@policies = resource_base.search_for(params[:search], :order => params[:order])
|
15
|
-
|
16
|
-
|
14
|
+
@policies = resource_base.search_for(params[:search], :order => params[:order])
|
15
|
+
.paginate(:page => params[:page], :per_page => params[:per_page])
|
16
|
+
.includes(:scap_content, :scap_content_profile, :tailoring_file)
|
17
17
|
if @policies.empty? && ForemanOpenscap::ScapContent.unconfigured?
|
18
18
|
redirect_to scap_contents_path
|
19
19
|
end
|
@@ -34,13 +34,11 @@ class PoliciesController < ApplicationController
|
|
34
34
|
@policy = ::ForemanOpenscap::Policy.new(policy_params)
|
35
35
|
if @policy.wizard_completed? && @policy.save
|
36
36
|
process_success :success_redirect => policies_path
|
37
|
+
elsif @policy.valid?
|
38
|
+
render 'new' and return
|
37
39
|
else
|
38
|
-
|
39
|
-
|
40
|
-
else
|
41
|
-
@policy.rewind_step
|
42
|
-
process_error :object => @policy
|
43
|
-
end
|
40
|
+
@policy.rewind_step
|
41
|
+
process_error :object => @policy
|
44
42
|
end
|
45
43
|
end
|
46
44
|
|
@@ -75,13 +73,14 @@ class PoliciesController < ApplicationController
|
|
75
73
|
render :partial => 'tailoring_file_selected', :locals => { :policy => @policy, :tailoring_file => @tailoring_file }
|
76
74
|
end
|
77
75
|
|
78
|
-
def select_multiple_hosts
|
76
|
+
def select_multiple_hosts
|
77
|
+
end
|
79
78
|
|
80
79
|
def update_multiple_hosts
|
81
80
|
if (id = params['policy']['id'])
|
82
81
|
policy = ::ForemanOpenscap::Policy.find(id)
|
83
82
|
policy.assign_hosts(@hosts)
|
84
|
-
notice _("Updated hosts: Assigned with compliance policy: %s")
|
83
|
+
notice _("Updated hosts: Assigned with compliance policy: %s") % policy.name
|
85
84
|
# We prefer to go back as this does not lose the current search
|
86
85
|
redirect_to hosts_path
|
87
86
|
else
|
@@ -90,18 +89,18 @@ class PoliciesController < ApplicationController
|
|
90
89
|
end
|
91
90
|
end
|
92
91
|
|
93
|
-
def disassociate_multiple_hosts
|
92
|
+
def disassociate_multiple_hosts
|
93
|
+
end
|
94
94
|
|
95
95
|
def remove_policy_from_multiple_hosts
|
96
96
|
if (id = params.fetch(:policy, {})[:id])
|
97
97
|
policy = ::ForemanOpenscap::Policy.find(id)
|
98
98
|
policy.unassign_hosts(@hosts)
|
99
99
|
notice _("Updated hosts: Unassigned from compliance policy '%s'") % policy.name
|
100
|
-
redirect_to hosts_path
|
101
100
|
else
|
102
101
|
error _('No valid policy ID provided')
|
103
|
-
redirect_to hosts_path
|
104
102
|
end
|
103
|
+
redirect_to hosts_path
|
105
104
|
end
|
106
105
|
|
107
106
|
private
|
@@ -127,7 +126,7 @@ class PoliciesController < ApplicationController
|
|
127
126
|
end
|
128
127
|
return @hosts
|
129
128
|
rescue => e
|
130
|
-
error _("Something went wrong while selecting hosts - %s") %
|
129
|
+
error _("Something went wrong while selecting hosts - %s") % e
|
131
130
|
logger.debug e.message
|
132
131
|
logger.debug e.backtrace.join("\n")
|
133
132
|
redirect_to hosts_path and return false
|
@@ -2,8 +2,8 @@ class ScapContentsController < ApplicationController
|
|
2
2
|
include Foreman::Controller::AutoCompleteSearch
|
3
3
|
include Foreman::Controller::Parameters::ScapContent
|
4
4
|
|
5
|
-
before_filter :handle_file_upload, :only =>
|
6
|
-
before_filter :find_by_id, :only =>
|
5
|
+
before_filter :handle_file_upload, :only => %i(create update)
|
6
|
+
before_filter :find_by_id, :only => %i(show edit update destroy)
|
7
7
|
|
8
8
|
def model_of_controller
|
9
9
|
::ForemanOpenscap::ScapContent
|
@@ -2,16 +2,16 @@ class TailoringFilesController < ApplicationController
|
|
2
2
|
include Foreman::Controller::AutoCompleteSearch
|
3
3
|
include Foreman::Controller::Parameters::TailoringFile
|
4
4
|
|
5
|
-
before_filter :find_tailoring_file, :only =>
|
6
|
-
before_filter :handle_file_upload, :only =>
|
5
|
+
before_filter :find_tailoring_file, :only => %i(destroy update edit xml)
|
6
|
+
before_filter :handle_file_upload, :only => %i(create update)
|
7
7
|
|
8
8
|
def model_of_controller
|
9
9
|
::ForemanOpenscap::TailoringFile
|
10
10
|
end
|
11
11
|
|
12
12
|
def index
|
13
|
-
@tailoring_files = resource_base.search_for(params[:search], :order => params[:order])
|
14
|
-
|
13
|
+
@tailoring_files = resource_base.search_for(params[:search], :order => params[:order])
|
14
|
+
.paginate(:page => params[:page], :per_page => params[:per_page])
|
15
15
|
end
|
16
16
|
|
17
17
|
def new
|
@@ -3,14 +3,13 @@ module ArfReportDashboardHelper
|
|
3
3
|
:passed => '#89A54E',
|
4
4
|
:failed => '#AA4643',
|
5
5
|
:othered => '#DB843D',
|
6
|
-
}
|
6
|
+
}.freeze
|
7
7
|
|
8
8
|
def reports_breakdown_chart(report, options = {})
|
9
9
|
data = []
|
10
10
|
[[:failed, _('Failed')],
|
11
11
|
[:passed, _('Passed')],
|
12
|
-
[:othered, _('Othered')],
|
13
|
-
].each do |i|
|
12
|
+
[:othered, _('Othered')],].each do |i|
|
14
13
|
data << {:label => i[1], :data => report[i[0]], :color => COLORS[i[0]]}
|
15
14
|
end
|
16
15
|
flot_pie_chart 'overview', _('Compliance reports breakdown'), data, options
|
@@ -5,7 +5,7 @@ module ArfReportsHelper
|
|
5
5
|
end
|
6
6
|
|
7
7
|
def show_logs
|
8
|
-
return
|
8
|
+
return if @arf_report.logs.empty?
|
9
9
|
form_tag arf_report_path(@arf_report), :id => 'level_filter', :method => :get, :class => "form form-horizontal" do
|
10
10
|
content_tag(:span, _("Show log messages:") + ' ') +
|
11
11
|
select(nil, 'level', [[_('All messages'), 'info'],[_('Failed and Othered'), 'warning'],[_('Failed only'), 'error']],
|
@@ -4,8 +4,7 @@ module ComplianceHostsHelper
|
|
4
4
|
data = []
|
5
5
|
[[:passed, _('Passed')],
|
6
6
|
[:failed, _('Failed')],
|
7
|
-
[:othered, _('Other')],
|
8
|
-
].each do |i|
|
7
|
+
[:othered, _('Other')],].each do |i|
|
9
8
|
data << {:label => i[1], :data => report[i[0]], :color => ArfReportDashboardHelper::COLORS[i[0]]}
|
10
9
|
end
|
11
10
|
flot_pie_chart 'overview', _('Compliance reports breakdown'), data, options
|
@@ -1,7 +1,7 @@
|
|
1
1
|
module PoliciesHelper
|
2
2
|
def profiles_selection
|
3
|
-
return @scap_content.scap_content_profiles
|
4
|
-
return @policy.scap_content.scap_content_profiles
|
3
|
+
return @scap_content.scap_content_profiles if @scap_content.present?
|
4
|
+
return @policy.scap_content.scap_content_profiles if @policy.scap_content.present?
|
5
5
|
return []
|
6
6
|
end
|
7
7
|
|
@@ -72,7 +72,7 @@ module PoliciesHelper
|
|
72
72
|
content_tag(:div, :class => "form-actions") do
|
73
73
|
text = overwrite ? overwrite : _("Submit")
|
74
74
|
options = {:class => "btn btn-primary"}
|
75
|
-
options
|
75
|
+
options[:'data-id'] = form_to_submit_id(form) unless options.key?(:'data-id')
|
76
76
|
previous = form.object.first_step? ? ' ' : previous_link(form)
|
77
77
|
cancel_and_submit = content_tag(:div, :class => "pull-right") do
|
78
78
|
link_to(_("Cancel"), args[:cancel_path], :class => "btn btn-default") + ' ' +
|
@@ -90,7 +90,7 @@ module PoliciesHelper
|
|
90
90
|
def previous_link(form)
|
91
91
|
previous = content_tag(:span, :class => 'glyphicon glyphicon-chevron-left') {}
|
92
92
|
content_tag(:div, :class => 'pull-left') do
|
93
|
-
link_to(
|
93
|
+
link_to(previous.html_safe, '#', :class => 'btn btn-default', :onclick => "previous_step('#{@policy.previous_step}')")
|
94
94
|
end
|
95
95
|
end
|
96
96
|
|
@@ -4,15 +4,14 @@ module PolicyDashboardHelper
|
|
4
4
|
:incompliant_hosts => ArfReportDashboardHelper::COLORS[:failed],
|
5
5
|
:inconclusive_hosts => ArfReportDashboardHelper::COLORS[:othered],
|
6
6
|
:report_missing => '#92A8CD',
|
7
|
-
}
|
7
|
+
}.freeze
|
8
8
|
|
9
9
|
def host_breakdown_chart(report, options = {})
|
10
10
|
data = []
|
11
11
|
[[:compliant_hosts, _('Compliant hosts')],
|
12
12
|
[:incompliant_hosts, _('Incompliant hosts')],
|
13
13
|
[:inconclusive_hosts, _('Inconclusive')],
|
14
|
-
[:report_missing, _('Not audited')],
|
15
|
-
].each do |i|
|
14
|
+
[:report_missing, _('Not audited')],].each do |i|
|
16
15
|
data << {:label => i[1], :data => report[i[0]], :color => COLORS[i[0]]}
|
17
16
|
end
|
18
17
|
flot_pie_chart 'overview', _('Compliance Status'), data, options
|
@@ -9,7 +9,7 @@ module ::ProxyAPI
|
|
9
9
|
Net::HTTPHeaderSyntaxError,
|
10
10
|
Net::ProtocolError,
|
11
11
|
Timeout::Error
|
12
|
-
]
|
12
|
+
].freeze
|
13
13
|
|
14
14
|
def initialize(args)
|
15
15
|
@args = args
|
@@ -17,7 +17,7 @@ module ::ProxyAPI
|
|
17
17
|
|
18
18
|
def available?
|
19
19
|
begin
|
20
|
-
return true if
|
20
|
+
return true if has_scap_feature? && minimum_version
|
21
21
|
rescue *HTTP_ERRORS
|
22
22
|
return false
|
23
23
|
end
|
@@ -32,7 +32,7 @@ module ForemanOpenscap
|
|
32
32
|
@changed_hosts = []
|
33
33
|
hash.each do |key, values|
|
34
34
|
values.each do |host|
|
35
|
-
@changed_hosts << host if host.scap_status_changed?(::ForemanOpenscap::Policy.find
|
35
|
+
@changed_hosts << host if host.scap_status_changed?(::ForemanOpenscap::Policy.find(key))
|
36
36
|
end
|
37
37
|
end
|
38
38
|
@changed_hosts.uniq
|
@@ -4,7 +4,8 @@ module ForemanOpenscap
|
|
4
4
|
|
5
5
|
module ClassMethods
|
6
6
|
def compliance_status_scoped_search(status, options = {})
|
7
|
-
options
|
7
|
+
options[:offset] = ArfReport::METRIC.index(status.to_s)
|
8
|
+
options[:word_size] = ArfReport::BIT_NUM
|
8
9
|
scoped_search options
|
9
10
|
end
|
10
11
|
|
@@ -12,9 +13,8 @@ module ForemanOpenscap
|
|
12
13
|
cond = sanitize_policy_name(policy_name)
|
13
14
|
{ :conditions => ArfReport.arel_table[:id].in(
|
14
15
|
PolicyArfReport.select(PolicyArfReport.arel_table[:arf_report_id])
|
15
|
-
.of_policy(Policy.
|
16
|
-
).to_sql
|
17
|
-
}
|
16
|
+
.of_policy(Policy.find_by(name: cond).id).ast
|
17
|
+
).to_sql}
|
18
18
|
end
|
19
19
|
|
20
20
|
def search_by_comply_with(_key, _operator, policy_name)
|
@@ -33,9 +33,8 @@ module ForemanOpenscap
|
|
33
33
|
cond = sanitize_policy_name(policy_name)
|
34
34
|
{ :conditions => ArfReport.arel_table[:id].in(
|
35
35
|
ArfReport.select(ArfReport.arel_table[:id])
|
36
|
-
.latest_of_policy(Policy.
|
37
|
-
).to_sql
|
38
|
-
}
|
36
|
+
.latest_of_policy(Policy.find_by(name: cond)).instance_eval(&selection).ast
|
37
|
+
).to_sql}
|
39
38
|
end
|
40
39
|
|
41
40
|
def search_by_last_for(key, operator, by)
|
@@ -56,7 +55,7 @@ module ForemanOpenscap
|
|
56
55
|
) latest
|
57
56
|
ON foreman_openscap_policies.id = latest.policy_id)' }
|
58
57
|
else
|
59
|
-
|
58
|
+
raise "Cannot search last by #{by}"
|
60
59
|
end
|
61
60
|
end
|
62
61
|
|
@@ -23,27 +23,23 @@ module ForemanOpenscap
|
|
23
23
|
after_update :puppetrun!, :if => ->(host) { Setting[:puppetrun] && host.changed.include?('openscap_proxy_id') }
|
24
24
|
|
25
25
|
scope :comply_with, lambda { |policy|
|
26
|
-
joins(:arf_reports).merge(ArfReport.latest_of_policy
|
26
|
+
joins(:arf_reports).merge(ArfReport.latest_of_policy(policy)).merge(ArfReport.passed)
|
27
27
|
}
|
28
28
|
|
29
29
|
scope :incomply_with, lambda { |policy|
|
30
|
-
joins(:arf_reports).merge(ArfReport.latest_of_policy
|
30
|
+
joins(:arf_reports).merge(ArfReport.latest_of_policy(policy)).merge(ArfReport.failed)
|
31
31
|
}
|
32
32
|
|
33
33
|
scope :inconclusive_with, lambda { |policy|
|
34
|
-
joins(:arf_reports).merge(ArfReport.latest_of_policy
|
34
|
+
joins(:arf_reports).merge(ArfReport.latest_of_policy(policy)).merge(ArfReport.othered)
|
35
35
|
}
|
36
36
|
|
37
37
|
scope :policy_reports_missing, lambda { |policy|
|
38
|
-
|
39
|
-
|
40
|
-
|
41
|
-
|
42
|
-
|
43
|
-
FROM foreman_openscap_asset_policies INNER JOIN foreman_openscap_assets
|
44
|
-
ON foreman_openscap_asset_policies.asset_id = foreman_openscap_assets.id
|
45
|
-
WHERE foreman_openscap_assets.assetable_type = 'Host::Base'
|
46
|
-
AND foreman_openscap_asset_policies.policy_id = '#{policy.id}')")
|
38
|
+
search_for("compliance_report_missing_for = \"#{policy.name}\"")
|
39
|
+
}
|
40
|
+
|
41
|
+
scope :assigned_to_policy, lambda { |policy|
|
42
|
+
search_for("compliance_policy = \"#{policy.name}\"")
|
47
43
|
}
|
48
44
|
|
49
45
|
alias_method_chain :inherited_attributes, :openscap
|
@@ -86,10 +82,10 @@ module ForemanOpenscap
|
|
86
82
|
def reports_for_policy(policy, limit = nil)
|
87
83
|
if limit
|
88
84
|
ForemanOpenscap::ArfReport.joins(:policy_arf_report)
|
89
|
-
|
85
|
+
.merge(ForemanOpenscap::PolicyArfReport.of_policy(policy.id)).where(:host_id => id).limit limit
|
90
86
|
else
|
91
87
|
ForemanOpenscap::ArfReport.joins(:policy_arf_report)
|
92
|
-
|
88
|
+
.merge(ForemanOpenscap::PolicyArfReport.of_policy(policy.id)).where(:host_id => id)
|
93
89
|
end
|
94
90
|
end
|
95
91
|
|
@@ -104,21 +100,44 @@ module ForemanOpenscap
|
|
104
100
|
module ClassMethods
|
105
101
|
def search_by_policy_name(key, operator, policy_name)
|
106
102
|
cond = sanitize_sql_for_conditions(["foreman_openscap_policies.name #{operator} ?", value_to_sql(operator, policy_name)])
|
107
|
-
|
103
|
+
|
104
|
+
host_group_host_ids = policy_assigned_using_hostgroup_host_ids cond, []
|
105
|
+
host_group_cond = if host_group_host_ids.any?
|
106
|
+
' OR ' + sanitize_sql_for_conditions("hosts.id IN (#{host_group_host_ids.join(',')})")
|
107
|
+
else
|
108
|
+
''
|
109
|
+
end
|
110
|
+
{ :conditions => Host::Managed.arel_table[:id].in(Host::Managed.select(Host::Managed.arel_table[:id]).joins(:policies).where(cond).pluck(:id)).to_sql + host_group_cond }
|
108
111
|
end
|
109
112
|
|
110
113
|
def search_by_missing_arf(key, operator, policy_name)
|
111
114
|
cond = sanitize_sql_for_conditions(["foreman_openscap_policies.name #{operator} ?", value_to_sql(operator, policy_name)])
|
112
|
-
|
113
|
-
|
114
|
-
|
115
|
-
|
116
|
-
|
117
|
-
|
118
|
-
|
119
|
-
|
120
|
-
|
121
|
-
|
115
|
+
|
116
|
+
host_ids_from_arf_of_policy = ForemanOpenscap::ArfReport.joins(:policy).where(cond).pluck(:host_id).uniq
|
117
|
+
|
118
|
+
direct_result = policy_assigned_directly_host_ids cond, host_ids_from_arf_of_policy
|
119
|
+
|
120
|
+
hg_result = policy_assigned_using_hostgroup_host_ids cond, host_ids_from_arf_of_policy
|
121
|
+
|
122
|
+
result = (direct_result + hg_result).uniq
|
123
|
+
{ :conditions => "hosts.id IN (#{result.empty? ? 'NULL' : result.join(',')})" }
|
124
|
+
end
|
125
|
+
|
126
|
+
def policy_assigned_directly_host_ids(condition, host_ids_from_arf)
|
127
|
+
ForemanOpenscap::Asset.where(:assetable_type => 'Host::Base')
|
128
|
+
.joins(:policies)
|
129
|
+
.where(condition)
|
130
|
+
.where.not(:assetable_id => host_ids_from_arf)
|
131
|
+
.pluck(:assetable_id)
|
132
|
+
end
|
133
|
+
|
134
|
+
def policy_assigned_using_hostgroup_host_ids(condition, host_ids_from_arf)
|
135
|
+
hostgroup_with_policy_ids = ForemanOpenscap::Asset.where(:assetable_type => 'Hostgroup')
|
136
|
+
.joins(:policies)
|
137
|
+
.where(condition)
|
138
|
+
.pluck(:assetable_id)
|
139
|
+
subtree_ids = Hostgroup.where(:id => hostgroup_with_policy_ids).flat_map(&:subtree_ids).uniq
|
140
|
+
Host.where(:hostgroup_id => subtree_ids).where.not(:id => host_ids_from_arf).pluck(:id)
|
122
141
|
end
|
123
142
|
end
|
124
143
|
end
|
@@ -2,7 +2,7 @@ module ForemanOpenscap
|
|
2
2
|
module LogExtensions
|
3
3
|
extend ActiveSupport::Concern
|
4
4
|
included do
|
5
|
-
SCAP_RESULT = %w(pass fail error unknown notapplicable notchecked notselected informational fixed)
|
5
|
+
SCAP_RESULT = %w(pass fail error unknown notapplicable notchecked notselected informational fixed).freeze
|
6
6
|
validate :scap_result
|
7
7
|
end
|
8
8
|
|
@@ -13,7 +13,7 @@ module ForemanOpenscap
|
|
13
13
|
end
|
14
14
|
|
15
15
|
def update_scap_client_params
|
16
|
-
model_match = self.class.name.underscore
|
16
|
+
model_match = self.class.name.underscore =~ /\Ahostgroup\z/ ? "hostgroup" : "fqdn"
|
17
17
|
scap_params = find_scap_client.class_params
|
18
18
|
server_lookup_key = scap_params.find { |param| param.key == "server" }
|
19
19
|
port_lookup_key = scap_params.find { |param| param.key == "port" }
|
@@ -34,7 +34,7 @@ module ForemanOpenscap
|
|
34
34
|
|
35
35
|
def scap_client_lookup_values_for(lookup_keys, model_match)
|
36
36
|
lookup_keys.inject({}) do |result, key|
|
37
|
-
result[key] = key.lookup_values.find { |value| value.match ==
|
37
|
+
result[key] = key.lookup_values.find { |value| value.match == lookup_matcher(model_match).to_s }
|
38
38
|
result
|
39
39
|
end
|
40
40
|
end
|
@@ -55,7 +55,7 @@ module ForemanOpenscap
|
|
55
55
|
end
|
56
56
|
|
57
57
|
def find_scap_client
|
58
|
-
Puppetclass.
|
58
|
+
Puppetclass.find_by(name: "foreman_scap_client")
|
59
59
|
end
|
60
60
|
|
61
61
|
def lookup_matcher(model_match)
|