foreman_openscap 0.7.5 → 0.7.6
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/app/models/concerns/foreman_openscap/data_stream_content.rb +13 -6
- data/app/models/concerns/foreman_openscap/openscap_proxy_extensions.rb +0 -4
- data/app/models/foreman_openscap/arf_report.rb +2 -0
- data/app/models/foreman_openscap/policy.rb +12 -6
- data/app/views/api/v2/compliance/scap_contents/update.json.rabl +3 -0
- data/lib/foreman_openscap/engine.rb +12 -0
- data/lib/foreman_openscap/version.rb +1 -1
- data/test/unit/policy_test.rb +2 -3
- data/test/unit/scap_content_test.rb +15 -0
- metadata +3 -5
- data/app/overrides/hostgroups/form/select_openscap_proxy.rb +0 -4
- data/app/overrides/hosts/form/select_openscap_proxy.rb +0 -4
- data/app/views/compliance_hosts/_openscap_proxy.html.erb +0 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 1b21df70f5c504cd8137c17a32671ee2971523cd
|
4
|
+
data.tar.gz: 3b921e1aa43c099a6f610b53f4a77e62ef31e310
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 941825497a559852ab21e236e2d8416dbae24215bcdf118a6755c0436894829cf804e3f7492343618e92c7514ef90765e1ee98259f9c6c3751910ec44ae083c5
|
7
|
+
data.tar.gz: c88a9e72bfc3e43186c07c9674cf3eb73910a3f4e93f89bf5fa940ac26ccfe3bac1992368ddd696e7dd15bcfc2414dc07d300e77e57228c662f70076c57d8e22
|
@@ -28,16 +28,23 @@ module ForemanOpenscap
|
|
28
28
|
self[:digest] ||= Digest::SHA256.hexdigest(scap_file.to_s)
|
29
29
|
end
|
30
30
|
|
31
|
+
def create_profiles
|
32
|
+
fetch_profiles.each do |key, title|
|
33
|
+
create_or_update_profile key, title
|
34
|
+
end
|
35
|
+
end
|
36
|
+
|
37
|
+
def create_or_update_profile(profile_id, title)
|
38
|
+
profile = ScapContentProfile.find_by(:profile_id => profile_id, "#{self.class.to_s.demodulize.underscore}_id".to_sym => id)
|
39
|
+
return ScapContentProfile.create(:profile_id => profile_id, :title => title, "#{self.class.to_s.demodulize.underscore}_id".to_sym => id) unless profile
|
40
|
+
profile.update(:title => title) unless profile.title == title
|
41
|
+
profile
|
42
|
+
end
|
43
|
+
|
31
44
|
private
|
32
45
|
|
33
46
|
def redigest
|
34
47
|
self[:digest] = Digest::SHA256.hexdigest(scap_file.to_s)
|
35
48
|
end
|
36
|
-
|
37
|
-
def create_profiles
|
38
|
-
fetch_profiles.each do |key, title|
|
39
|
-
ScapContentProfile.where(:profile_id => key, :title => title, "#{self.class.to_s.demodulize.underscore}_id".to_sym => id).first_or_create
|
40
|
-
end
|
41
|
-
end
|
42
49
|
end
|
43
50
|
end
|
@@ -2,10 +2,6 @@ module ForemanOpenscap
|
|
2
2
|
module OpenscapProxyExtensions
|
3
3
|
extend ActiveSupport::Concern
|
4
4
|
|
5
|
-
included do
|
6
|
-
belongs_to :openscap_proxy, :class_name => "SmartProxy"
|
7
|
-
end
|
8
|
-
|
9
5
|
def openscap_proxy_api
|
10
6
|
return @openscap_api if @openscap_api
|
11
7
|
proxy_url = openscap_proxy.url if openscap_proxy
|
@@ -17,6 +17,8 @@ module ForemanOpenscap
|
|
17
17
|
has_one :asset, :through => :host, :class_name => 'ForemanOpenscap::Asset', :as => :assetable
|
18
18
|
after_save :assign_locations_organizations
|
19
19
|
has_one :log, :foreign_key => :report_id
|
20
|
+
belongs_to :openscap_proxy, :class_name => "SmartProxy"
|
21
|
+
|
20
22
|
|
21
23
|
delegate :asset=, :to => :host
|
22
24
|
|
@@ -1,3 +1,4 @@
|
|
1
|
+
require 'rack/utils'
|
1
2
|
module ForemanOpenscap
|
2
3
|
class Policy < ActiveRecord::Base
|
3
4
|
include Authorizable
|
@@ -29,7 +30,6 @@ module ForemanOpenscap
|
|
29
30
|
:if => Proc.new { |policy| policy.should_validate?('Schedule') }
|
30
31
|
|
31
32
|
validates :scap_content_id, presence: true, if: Proc.new { |policy| policy.should_validate?('SCAP Content') }
|
32
|
-
validates :scap_content_profile_id, presence: true, if: Proc.new { |policy| policy.should_validate?('SCAP Content') }
|
33
33
|
validate :matching_content_profile, if: Proc.new { |policy| policy.should_validate?('SCAP Content') }
|
34
34
|
|
35
35
|
validate :valid_cron_line, :valid_weekday, :valid_day_of_month, :valid_tailoring, :valid_tailoring_profile
|
@@ -47,18 +47,17 @@ module ForemanOpenscap
|
|
47
47
|
end
|
48
48
|
|
49
49
|
def to_html
|
50
|
-
if scap_content.nil?
|
51
|
-
return (
|
52
|
-
{ :scap_content => h(self.scap_content), :profile => h(self.scap_content_profile) })).html_safe
|
50
|
+
if scap_content.nil?
|
51
|
+
return html_error_message(_('Cannot generate HTML guide, scap content is missing.'))
|
53
52
|
end
|
54
53
|
|
55
54
|
if (proxy = scap_content.proxy_url)
|
56
55
|
api = ProxyAPI::Openscap.new(:url => proxy)
|
57
56
|
else
|
58
|
-
return (
|
57
|
+
return html_error_message(_('Cannot generate HTML guide, no valid OpenSCAP proxy server found.'))
|
59
58
|
end
|
60
59
|
|
61
|
-
api.policy_html_guide(scap_content.scap_file, scap_content_profile.profile_id)
|
60
|
+
api.policy_html_guide(scap_content.scap_file, scap_content_profile.try(:profile_id))
|
62
61
|
end
|
63
62
|
|
64
63
|
def hostgroup_ids
|
@@ -210,6 +209,13 @@ module ForemanOpenscap
|
|
210
209
|
|
211
210
|
private
|
212
211
|
|
212
|
+
def html_error_message(message)
|
213
|
+
error_message = '<div class="alert alert-danger"><span class="pficon pficon-error-circle-o"></span><strong>' <<
|
214
|
+
message <<
|
215
|
+
'</strong></div>'
|
216
|
+
error_message.html_safe
|
217
|
+
end
|
218
|
+
|
213
219
|
def erase_period_attrs(attrs)
|
214
220
|
attrs.each { |attr| self.public_send("#{attr}=", nil) }
|
215
221
|
end
|
@@ -156,6 +156,18 @@ view_openscap_proxies]
|
|
156
156
|
parameter_filter Hostgroup, :openscap_proxy_id, :openscap_proxy
|
157
157
|
parameter_filter Log, :result
|
158
158
|
|
159
|
+
smart_proxy_for Hostgroup, :openscap_proxy,
|
160
|
+
:feature => 'Openscap',
|
161
|
+
:label => N_('OpenSCAP Proxy'),
|
162
|
+
:description => N_('OpenSCAP Proxy to use for fetching SCAP content and uploading ARF reports'),
|
163
|
+
:api_description => N_('ID of OpenSCAP Proxy')
|
164
|
+
smart_proxy_for Host::Managed, :openscap_proxy,
|
165
|
+
:feature => 'Openscap',
|
166
|
+
:label => N_('OpenSCAP Proxy'),
|
167
|
+
:description => N_('OpenSCAP Proxy to use for fetching SCAP content and uploading ARF reports'),
|
168
|
+
:api_description => N_('ID of OpenSCAP Proxy')
|
169
|
+
|
170
|
+
|
159
171
|
if ForemanOpenscap.with_remote_execution?
|
160
172
|
options = {
|
161
173
|
:description => N_("Run OpenSCAP scan"),
|
data/test/unit/policy_test.rb
CHANGED
@@ -135,13 +135,12 @@ class PolicyTest < ActiveSupport::TestCase
|
|
135
135
|
assert p.errors[:scap_content_id].include?("can't be blank")
|
136
136
|
end
|
137
137
|
|
138
|
-
test "should
|
138
|
+
test "should create a policy with default SCAP content profile (profile id is nil)" do
|
139
139
|
p = ForemanOpenscap::Policy.new(:name => "custom_policy",
|
140
140
|
:scap_content_id => @scap_content.id,
|
141
141
|
:period => 'monthly',
|
142
142
|
:day_of_month => '5')
|
143
|
-
|
144
|
-
assert p.errors[:scap_content_profile_id].include?("can't be blank")
|
143
|
+
assert p.save
|
145
144
|
end
|
146
145
|
|
147
146
|
test "should have correct scap profile in enc" do
|
@@ -32,4 +32,19 @@ class ScapContentTest < ActiveSupport::TestCase
|
|
32
32
|
assert_equal(available_proxy.url, scap_content.proxy_url)
|
33
33
|
end
|
34
34
|
end
|
35
|
+
|
36
|
+
test 'should update profile title when fetching profiles from proxy' do
|
37
|
+
scap_content = FactoryGirl.create(:scap_content)
|
38
|
+
scap_content.stubs(:fetch_profiles).returns({ "xccdf.test.profile" => "Changed title" })
|
39
|
+
scap_profile = FactoryGirl.create(:scap_content_profile, :scap_content => scap_content, :profile_id => 'xccdf.test.profile', :title => "Original title")
|
40
|
+
scap_content.create_profiles
|
41
|
+
assert_equal scap_profile.reload.title, 'Changed title'
|
42
|
+
end
|
43
|
+
|
44
|
+
test 'should create profile when fetching profiles from proxy' do
|
45
|
+
scap_content = FactoryGirl.create(:scap_content)
|
46
|
+
scap_content.stubs(:fetch_profiles).returns({ "xccdf.test.profile" => "My title" })
|
47
|
+
scap_content.create_profiles
|
48
|
+
assert scap_content.reload.scap_content_profiles.where(:title => 'My title').first
|
49
|
+
end
|
35
50
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: foreman_openscap
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.7.
|
4
|
+
version: 0.7.6
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- slukasik@redhat.com
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2017-09-
|
11
|
+
date: 2017-09-14 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: deface
|
@@ -91,8 +91,6 @@ files:
|
|
91
91
|
- app/models/foreman_openscap/scap_content.rb
|
92
92
|
- app/models/foreman_openscap/scap_content_profile.rb
|
93
93
|
- app/models/foreman_openscap/tailoring_file.rb
|
94
|
-
- app/overrides/hostgroups/form/select_openscap_proxy.rb
|
95
|
-
- app/overrides/hosts/form/select_openscap_proxy.rb
|
96
94
|
- app/overrides/hosts/overview/host_compliance_status.rb
|
97
95
|
- app/services/foreman_openscap/arf_report_status_calculator.rb
|
98
96
|
- app/services/foreman_openscap/host_report_dashboard/data.rb
|
@@ -117,6 +115,7 @@ files:
|
|
117
115
|
- app/views/api/v2/compliance/scap_contents/index.json.rabl
|
118
116
|
- app/views/api/v2/compliance/scap_contents/main.json.rabl
|
119
117
|
- app/views/api/v2/compliance/scap_contents/show.json.rabl
|
118
|
+
- app/views/api/v2/compliance/scap_contents/update.json.rabl
|
120
119
|
- app/views/api/v2/compliance/tailoring_files/base.json.rabl
|
121
120
|
- app/views/api/v2/compliance/tailoring_files/index.json.rabl
|
122
121
|
- app/views/api/v2/compliance/tailoring_files/main.json.rabl
|
@@ -130,7 +129,6 @@ files:
|
|
130
129
|
- app/views/arf_reports/show.html.erb
|
131
130
|
- app/views/arf_reports/show_html.html.erb
|
132
131
|
- app/views/compliance_hosts/_compliance_status.erb
|
133
|
-
- app/views/compliance_hosts/_openscap_proxy.html.erb
|
134
132
|
- app/views/compliance_hosts/show.html.erb
|
135
133
|
- app/views/dashboard/_compliance_host_reports_widget.html.erb
|
136
134
|
- app/views/dashboard/_compliance_reports_breakdown_widget.html.erb
|