foreman_openscap 0.7.4 → 0.7.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/app/controllers/api/v2/compliance/arf_reports_controller.rb +1 -1
- data/app/controllers/api/v2/compliance/policies_controller.rb +7 -3
- data/app/controllers/arf_reports_controller.rb +1 -1
- data/app/helpers/arf_reports_helper.rb +13 -0
- data/app/models/foreman_openscap/policy.rb +8 -1
- data/app/models/foreman_openscap/scap_content.rb +2 -0
- data/app/models/foreman_openscap/tailoring_file.rb +1 -0
- data/app/views/api/v2/compliance/arf_reports/main.json.rabl +11 -3
- data/app/views/api/v2/compliance/policies/show.json.rabl +4 -0
- data/app/views/api/v2/compliance/scap_contents/create.json.rabl +3 -0
- data/app/views/arf_reports/_list.html.erb +5 -1
- data/app/views/arf_reports/show.html.erb +2 -1
- data/db/migrate/20170821081205_rename_mail_notification.foreman_openscap.rb +15 -0
- data/db/migrate/20170830221751_add_index_to_logs_result.rb +9 -0
- data/db/seeds.d/openscap_policy_notification.rb +2 -2
- data/lib/foreman_openscap/version.rb +1 -1
- data/test/factories/policy_factory.rb +2 -2
- data/test/functional/api/v2/compliance/policies_controller_test.rb +8 -0
- data/test/unit/policy_test.rb +21 -4
- metadata +6 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: '085004ef2bb328311e119ca13288b338e9f7a8cc'
|
|
4
|
+
data.tar.gz: a4c0a6abd4d4cc3f4fa1159bd36d0f008ecf0662
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 0b9284ddb0c3b9b0eb46b67fc3700ff1c2aa5ba4e81b9f0ba91b625d367e0024208748abb8b55b8f4f0edaa2fe82543ec17ade91ea62103cbb505047eac8c5f5
|
|
7
|
+
data.tar.gz: ed70fc17d804fdff59bf090c3c9d6b04f233808757c8bd56865168e2f33d0c5c8dd2211235d65189b04471332c792c843049709e71d56b2a38ac427b61b5cc05
|
|
@@ -26,7 +26,7 @@ module Api
|
|
|
26
26
|
param_group :search_and_pagination, ::Api::V2::BaseController
|
|
27
27
|
|
|
28
28
|
def index
|
|
29
|
-
@arf_reports = resource_scope_for_index(:permission => :edit_compliance).includes(:
|
|
29
|
+
@arf_reports = resource_scope_for_index(:permission => :edit_compliance).includes(:openscap_proxy, :policy, :host)
|
|
30
30
|
end
|
|
31
31
|
|
|
32
32
|
api :GET, '/compliance/arf_reports/:id', N_('Show an ARF report')
|
|
@@ -90,9 +90,13 @@ module Api::V2
|
|
|
90
90
|
|
|
91
91
|
def tailoring
|
|
92
92
|
@tailoring_file = @policy.tailoring_file
|
|
93
|
-
|
|
94
|
-
|
|
95
|
-
|
|
93
|
+
if @tailoring_file
|
|
94
|
+
send_data @tailoring_file.scap_file,
|
|
95
|
+
:type => 'application/xml',
|
|
96
|
+
:filename => @tailoring_file.original_filename
|
|
97
|
+
else
|
|
98
|
+
render(:json => { :error => { :message => _("No Tailoring file assigned for policy with id %s") % @policy.id } }, :status => 404)
|
|
99
|
+
end
|
|
96
100
|
end
|
|
97
101
|
|
|
98
102
|
private
|
|
@@ -10,7 +10,7 @@ class ArfReportsController < ApplicationController
|
|
|
10
10
|
end
|
|
11
11
|
|
|
12
12
|
def index
|
|
13
|
-
@arf_reports = resource_base.includes(:host => %i[policies last_report_object host_statuses])
|
|
13
|
+
@arf_reports = resource_base.includes(:policy, :openscap_proxy, :host => %i[policies last_report_object host_statuses])
|
|
14
14
|
.search_for(params[:search], :order => params[:order])
|
|
15
15
|
.paginate(:page => params[:page], :per_page => params[:per_page])
|
|
16
16
|
end
|
|
@@ -52,4 +52,17 @@ module ArfReportsHelper
|
|
|
52
52
|
:'data-dialog-title' => _("%s - The following compliance reports are about to be changed") % action[0])
|
|
53
53
|
end.flatten)
|
|
54
54
|
end
|
|
55
|
+
|
|
56
|
+
def openscap_proxy_link(arf_report)
|
|
57
|
+
return _("No proxy found!") unless arf_report.openscap_proxy
|
|
58
|
+
display_link_if_authorized(arf_report.openscap_proxy.name, hash_for_smart_proxy_path(:id => arf_report.openscap_proxy_id))
|
|
59
|
+
end
|
|
60
|
+
|
|
61
|
+
def reported_info(arf_report)
|
|
62
|
+
msg = _("Reported at %s") % arf_report.reported_at
|
|
63
|
+
msg << _(" for policy %s") % display_link_if_authorized(arf_report.policy.name, hash_for_edit_policy_path(:id => arf_report.policy.id)) if arf_report.policy
|
|
64
|
+
return msg.html_safe unless arf_report.openscap_proxy
|
|
65
|
+
msg += _(" through %s") % openscap_proxy_link(arf_report)
|
|
66
|
+
msg.html_safe
|
|
67
|
+
end
|
|
55
68
|
end
|
|
@@ -3,6 +3,7 @@ module ForemanOpenscap
|
|
|
3
3
|
include Authorizable
|
|
4
4
|
include Taxonomix
|
|
5
5
|
attr_writer :current_step, :wizard_initiated
|
|
6
|
+
audited
|
|
6
7
|
|
|
7
8
|
belongs_to :scap_content
|
|
8
9
|
belongs_to :scap_content_profile
|
|
@@ -29,9 +30,9 @@ module ForemanOpenscap
|
|
|
29
30
|
|
|
30
31
|
validates :scap_content_id, presence: true, if: Proc.new { |policy| policy.should_validate?('SCAP Content') }
|
|
31
32
|
validates :scap_content_profile_id, presence: true, if: Proc.new { |policy| policy.should_validate?('SCAP Content') }
|
|
33
|
+
validate :matching_content_profile, if: Proc.new { |policy| policy.should_validate?('SCAP Content') }
|
|
32
34
|
|
|
33
35
|
validate :valid_cron_line, :valid_weekday, :valid_day_of_month, :valid_tailoring, :valid_tailoring_profile
|
|
34
|
-
|
|
35
36
|
after_save :assign_policy_to_hostgroups
|
|
36
37
|
# before_destroy - ensure that the policy has no hostgroups, or classes
|
|
37
38
|
|
|
@@ -294,6 +295,12 @@ module ForemanOpenscap
|
|
|
294
295
|
end
|
|
295
296
|
end
|
|
296
297
|
|
|
298
|
+
def matching_content_profile
|
|
299
|
+
if scap_content_id && scap_content_profile_id && !ScapContent.find(scap_content_id).scap_content_profile_ids.include?(scap_content_profile_id)
|
|
300
|
+
errors.add(:scap_content_id, _("does not have the selected SCAP content profile"))
|
|
301
|
+
end
|
|
302
|
+
end
|
|
303
|
+
|
|
297
304
|
def assign_policy_to_hostgroups
|
|
298
305
|
if hostgroups.any?
|
|
299
306
|
puppetclass = find_scap_puppetclass
|
|
@@ -3,11 +3,13 @@ module ForemanOpenscap
|
|
|
3
3
|
include Authorizable
|
|
4
4
|
include Taxonomix
|
|
5
5
|
include DataStreamContent
|
|
6
|
+
audited :except => [ :scap_file ]
|
|
6
7
|
|
|
7
8
|
has_many :scap_content_profiles, :dependent => :destroy
|
|
8
9
|
has_many :policies
|
|
9
10
|
|
|
10
11
|
validates :title, :presence => true, :length => { :maximum => 255 }
|
|
12
|
+
validates :original_filename, :length => { :maximum => 255 }
|
|
11
13
|
|
|
12
14
|
scoped_search :on => :title, :complete_value => true
|
|
13
15
|
scoped_search :on => :original_filename, :complete_value => true, :rename => :filename
|
|
@@ -2,8 +2,16 @@ object @arf_report
|
|
|
2
2
|
|
|
3
3
|
extends "api/v2/compliance/arf_reports/base"
|
|
4
4
|
|
|
5
|
-
attributes :created_at, :updated_at, :
|
|
5
|
+
attributes :created_at, :updated_at, :reported_at
|
|
6
6
|
|
|
7
|
-
|
|
8
|
-
|
|
7
|
+
child :openscap_proxy => :openscap_proxy do
|
|
8
|
+
attributes :id, :name
|
|
9
|
+
end
|
|
10
|
+
|
|
11
|
+
child :host do
|
|
12
|
+
attributes :id, :name
|
|
13
|
+
end
|
|
14
|
+
|
|
15
|
+
child :policy do
|
|
16
|
+
attributes :id, :name
|
|
9
17
|
end
|
|
@@ -5,6 +5,8 @@
|
|
|
5
5
|
<th class="ca" width="40px"><%= check_box_tag "check_all", "", false, { :onclick => "toggleCheck()", :'check-title' => _("Select all items in this page"), :'uncheck-title'=> _("items selected. Uncheck to Clear") } %></th>
|
|
6
6
|
<th><%= sort :host %></th>
|
|
7
7
|
<th><%= sort :reported, :as => _("Reported At") %></th>
|
|
8
|
+
<th><%= sort :policy, :as => _("Policy") %></th>
|
|
9
|
+
<th><%= sort :openscap_proxy, :as => _("Openscap Proxy") %></th>
|
|
8
10
|
<th><%= sort :compliance_passed, :as => _("Passed") %></th>
|
|
9
11
|
<th><%= sort :compliance_failed, :as => _("Failed") %></th>
|
|
10
12
|
<th><%= sort :compliance_othered, :as => _("Other") %></th>
|
|
@@ -21,8 +23,10 @@
|
|
|
21
23
|
:class => 'host_select_boxes',
|
|
22
24
|
:onclick => 'hostChecked(this)' %>
|
|
23
25
|
</td>
|
|
24
|
-
<td><%= name_column(arf_report.host) %></td>
|
|
26
|
+
<td class="elipsis"><%= name_column(arf_report.host) %></td>
|
|
25
27
|
<td><%= display_link_if_authorized(_("%s ago") % time_ago_in_words(arf_report.reported_at), hash_for_arf_report_path(:id => arf_report.id)) %></td>
|
|
28
|
+
<td class="ellipsis"><%= display_link_if_authorized(arf_report.policy.name, hash_for_edit_policy_path(:id => arf_report.policy.id)) %></th>
|
|
29
|
+
<td class="ellipsis"><%= openscap_proxy_link arf_report %></th>
|
|
26
30
|
<td><%= report_arf_column(arf_report.passed, "label-info") %></th>
|
|
27
31
|
<td><%= report_arf_column(arf_report.failed, "label-danger") %></th>
|
|
28
32
|
<td><%= report_arf_column(arf_report.othered, "label-warning") %></th>
|
|
@@ -0,0 +1,15 @@
|
|
|
1
|
+
class RenameMailNotification < ActiveRecord::Migration
|
|
2
|
+
def up
|
|
3
|
+
notification = MailNotification.where(:name => 'openscap_policy_summary').first
|
|
4
|
+
if notification
|
|
5
|
+
notification.update_attribute :name, 'compliance_policy_summary'
|
|
6
|
+
end
|
|
7
|
+
end
|
|
8
|
+
|
|
9
|
+
def down
|
|
10
|
+
notification = MailNotification.where(:name => 'compliance_policy_summary').first
|
|
11
|
+
if notification
|
|
12
|
+
notification.update_attribute :name, 'openscap_policy_summary'
|
|
13
|
+
end
|
|
14
|
+
end
|
|
15
|
+
end
|
|
@@ -1,7 +1,7 @@
|
|
|
1
|
-
N_('
|
|
1
|
+
N_('Compliance policy summary')
|
|
2
2
|
|
|
3
3
|
policy_notification = {
|
|
4
|
-
:name => :
|
|
4
|
+
:name => :compliance_policy_summary,
|
|
5
5
|
:description => N_('A summary of reports for OpenSCAP policies'),
|
|
6
6
|
:mailer => 'ForemanOpenscap::PolicyMailer',
|
|
7
7
|
:method => 'policy_summary',
|
|
@@ -3,8 +3,8 @@ FactoryGirl.define do
|
|
|
3
3
|
sequence(:name) { |n| "policy#{n}" }
|
|
4
4
|
period 'weekly'
|
|
5
5
|
weekday 'monday'
|
|
6
|
-
scap_content
|
|
7
|
-
scap_content_profile
|
|
6
|
+
scap_content { FactoryGirl.create(:scap_content) }
|
|
7
|
+
scap_content_profile { FactoryGirl.create(:scap_content_profile, :scap_content => scap_content) }
|
|
8
8
|
tailoring_file nil
|
|
9
9
|
tailoring_file_profile nil
|
|
10
10
|
day_of_month nil
|
|
@@ -93,4 +93,12 @@ class Api::V2::Compliance::PoliciesControllerTest < ActionController::TestCase
|
|
|
93
93
|
assert(@response.header['Content-Type'], 'application/xml')
|
|
94
94
|
assert_response :success
|
|
95
95
|
end
|
|
96
|
+
|
|
97
|
+
test "should return meaningufull error when no tailioring file assigned" do
|
|
98
|
+
policy = FactoryGirl.create(:policy)
|
|
99
|
+
get :tailoring, { :id => policy.id }, set_session_user
|
|
100
|
+
assert_response :not_found
|
|
101
|
+
response = ActiveSupport::JSON.decode(@response.body)
|
|
102
|
+
assert_equal "No Tailoring file assigned for policy with id #{policy.id}", response['error']['message']
|
|
103
|
+
end
|
|
96
104
|
end
|
data/test/unit/policy_test.rb
CHANGED
|
@@ -6,7 +6,7 @@ class PolicyTest < ActiveSupport::TestCase
|
|
|
6
6
|
ForemanOpenscap::DataStreamValidator.any_instance.stubs(:validate)
|
|
7
7
|
ForemanOpenscap::ScapContent.any_instance.stubs(:fetch_profiles).returns({ 'test_profile_key' => 'test_profile_title' })
|
|
8
8
|
@scap_content = FactoryGirl.create(:scap_content)
|
|
9
|
-
@scap_profile = FactoryGirl.create(:scap_content_profile)
|
|
9
|
+
@scap_profile = FactoryGirl.create(:scap_content_profile, :scap_content => @scap_content)
|
|
10
10
|
@tailoring_profile = FactoryGirl.create(:scap_content_profile, :profile_id => 'xccdf_org.test.tailoring_test_profile')
|
|
11
11
|
end
|
|
12
12
|
|
|
@@ -16,7 +16,7 @@ class PolicyTest < ActiveSupport::TestCase
|
|
|
16
16
|
hg1 = FactoryGirl.create(:hostgroup)
|
|
17
17
|
hg2 = FactoryGirl.create(:hostgroup)
|
|
18
18
|
asset = FactoryGirl.create(:asset, :assetable_id => hg1.id, :assetable_type => 'Hostgroup')
|
|
19
|
-
policy = FactoryGirl.create(:policy, :assets => [asset])
|
|
19
|
+
policy = FactoryGirl.create(:policy, :assets => [asset], :scap_content => @scap_content, :scap_content_profile => @scap_profile)
|
|
20
20
|
policy.hostgroup_ids = [hg1, hg2].map(&:id)
|
|
21
21
|
policy.save!
|
|
22
22
|
assert_equal 2, policy.hostgroups.count
|
|
@@ -28,7 +28,7 @@ class PolicyTest < ActiveSupport::TestCase
|
|
|
28
28
|
ForemanOpenscap::Policy.any_instance.stubs(:populate_overrides)
|
|
29
29
|
hg = FactoryGirl.create(:hostgroup)
|
|
30
30
|
asset = FactoryGirl.create(:asset, :assetable_id => hg.id, :assetable_type => 'Hostgroup')
|
|
31
|
-
policy = FactoryGirl.create(:policy, :assets => [asset])
|
|
31
|
+
policy = FactoryGirl.create(:policy, :assets => [asset], :scap_content => @scap_content, :scap_content_profile => @scap_profile)
|
|
32
32
|
policy.save!
|
|
33
33
|
hg.hostgroup_classes.destroy_all
|
|
34
34
|
hg.destroy
|
|
@@ -145,7 +145,7 @@ class PolicyTest < ActiveSupport::TestCase
|
|
|
145
145
|
end
|
|
146
146
|
|
|
147
147
|
test "should have correct scap profile in enc" do
|
|
148
|
-
p = FactoryGirl.create(:policy)
|
|
148
|
+
p = FactoryGirl.create(:policy, :scap_content => @scap_content, :scap_content_profile => @scap_profile)
|
|
149
149
|
profile_id = p.scap_content_profile.profile_id
|
|
150
150
|
assert_equal profile_id, p.to_enc['profile_id']
|
|
151
151
|
tailoring_profile = FactoryGirl.create(:scap_content_profile, :profile_id => 'xccdf_org.test.tailoring_test_profile')
|
|
@@ -190,4 +190,21 @@ class PolicyTest < ActiveSupport::TestCase
|
|
|
190
190
|
assert_equal 6, p.to_enc['tailoring_download_path'].split('/').length
|
|
191
191
|
assert_equal tailoring_file.digest, p.to_enc['tailoring_download_path'].split('/').last
|
|
192
192
|
end
|
|
193
|
+
|
|
194
|
+
test "should have assigned a content profile that belongs to assigned scap content" do
|
|
195
|
+
scap_content_2 = FactoryGirl.create(:scap_content)
|
|
196
|
+
p = ForemanOpenscap::Policy.create(:name => "valid_profile_policy",
|
|
197
|
+
:scap_content_id => @scap_content.id,
|
|
198
|
+
:scap_content_profile_id => @scap_profile.id,
|
|
199
|
+
:period => 'monthly',
|
|
200
|
+
:day_of_month => '5')
|
|
201
|
+
assert p.valid?
|
|
202
|
+
q = ForemanOpenscap::Policy.create(:name => "invalid_profile_policy",
|
|
203
|
+
:scap_content_id => scap_content_2.id,
|
|
204
|
+
:scap_content_profile_id => @scap_profile.id,
|
|
205
|
+
:period => 'monthly',
|
|
206
|
+
:day_of_month => '5')
|
|
207
|
+
refute q.valid?
|
|
208
|
+
assert_equal "does not have the selected SCAP content profile", q.errors.messages[:scap_content_id].first
|
|
209
|
+
end
|
|
193
210
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: foreman_openscap
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.7.
|
|
4
|
+
version: 0.7.5
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- slukasik@redhat.com
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2017-
|
|
11
|
+
date: 2017-09-07 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: deface
|
|
@@ -113,6 +113,7 @@ files:
|
|
|
113
113
|
- app/views/api/v2/compliance/policies/main.json.rabl
|
|
114
114
|
- app/views/api/v2/compliance/policies/show.json.rabl
|
|
115
115
|
- app/views/api/v2/compliance/scap_contents/base.json.rabl
|
|
116
|
+
- app/views/api/v2/compliance/scap_contents/create.json.rabl
|
|
116
117
|
- app/views/api/v2/compliance/scap_contents/index.json.rabl
|
|
117
118
|
- app/views/api/v2/compliance/scap_contents/main.json.rabl
|
|
118
119
|
- app/views/api/v2/compliance/scap_contents/show.json.rabl
|
|
@@ -216,6 +217,8 @@ files:
|
|
|
216
217
|
- db/migrate/20160925213031_change_scap_widget_names.rb
|
|
217
218
|
- db/migrate/20161109155255_create_tailoring_files.rb
|
|
218
219
|
- db/migrate/20161223153249_add_permissions_to_arf_report.rb
|
|
220
|
+
- db/migrate/20170821081205_rename_mail_notification.foreman_openscap.rb
|
|
221
|
+
- db/migrate/20170830221751_add_index_to_logs_result.rb
|
|
219
222
|
- db/seeds.d/75-job_templates.rb
|
|
220
223
|
- db/seeds.d/openscap_feature.rb
|
|
221
224
|
- db/seeds.d/openscap_policy_notification.rb
|
|
@@ -313,7 +316,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
313
316
|
version: '0'
|
|
314
317
|
requirements: []
|
|
315
318
|
rubyforge_project:
|
|
316
|
-
rubygems_version: 2.
|
|
319
|
+
rubygems_version: 2.6.8
|
|
317
320
|
signing_key:
|
|
318
321
|
specification_version: 4
|
|
319
322
|
summary: Foreman plug-in for displaying OpenSCAP audit reports
|