foreman_openscap 4.2.0 → 4.3.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/app/controllers/api/v2/compliance/oval_contents_controller.rb +72 -0
- data/app/controllers/api/v2/compliance/oval_policies_controller.rb +111 -0
- data/app/controllers/api/v2/compliance/oval_reports_controller.rb +47 -0
- data/app/controllers/concerns/foreman/controller/parameters/oval_content.rb +22 -0
- data/app/controllers/concerns/foreman/controller/parameters/oval_policy.rb +22 -0
- data/app/controllers/concerns/foreman_openscap/hosts_controller_extensions.rb +1 -1
- data/app/graphql/types/cve.rb +17 -0
- data/app/graphql/types/oval_content.rb +17 -0
- data/app/graphql/types/oval_policy.rb +21 -0
- data/app/helpers/arf_reports_helper.rb +0 -14
- data/app/mailers/foreman_openscap/policy_mailer.rb +2 -2
- data/app/models/concerns/foreman_openscap/compliance_status_scoped_search.rb +1 -1
- data/app/models/concerns/foreman_openscap/data_stream_content.rb +0 -17
- data/app/models/concerns/foreman_openscap/host_extensions.rb +11 -11
- data/app/models/concerns/foreman_openscap/hostgroup_extensions.rb +3 -5
- data/app/models/concerns/foreman_openscap/inherited_policies.rb +11 -0
- data/app/models/concerns/foreman_openscap/oval_facet_host_extensions.rb +38 -0
- data/app/models/concerns/foreman_openscap/oval_facet_hostgroup_extensions.rb +15 -0
- data/app/models/concerns/foreman_openscap/policy_common.rb +75 -0
- data/app/models/concerns/foreman_openscap/scap_file_content.rb +24 -0
- data/app/models/foreman_openscap/cve.rb +23 -0
- data/app/models/foreman_openscap/host/oval_facet.rb +14 -0
- data/app/models/foreman_openscap/host_cve.rb +7 -0
- data/app/models/foreman_openscap/hostgroup/oval_facet.rb +14 -0
- data/app/models/foreman_openscap/hostgroup_oval_facet_oval_policy.rb +6 -0
- data/app/models/foreman_openscap/oval_content.rb +26 -0
- data/app/models/foreman_openscap/oval_facet_oval_policy.rb +6 -0
- data/app/models/foreman_openscap/oval_policy.rb +54 -0
- data/app/models/foreman_openscap/oval_status.rb +45 -0
- data/app/models/foreman_openscap/policy.rb +7 -69
- data/app/models/foreman_openscap/scap_content.rb +1 -0
- data/app/models/foreman_openscap/tailoring_file.rb +1 -0
- data/app/services/foreman_openscap/client_config/ansible.rb +39 -6
- data/app/services/foreman_openscap/client_config/base.rb +5 -1
- data/app/services/foreman_openscap/client_config/puppet.rb +2 -1
- data/app/services/foreman_openscap/config_name_service.rb +1 -1
- data/app/services/foreman_openscap/hostgroup_overrider.rb +2 -24
- data/app/services/foreman_openscap/hostgroup_overrider_common.rb +28 -0
- data/app/services/foreman_openscap/lookup_key_overrider.rb +30 -62
- data/app/services/foreman_openscap/lookup_key_overrides_common.rb +63 -0
- data/app/services/foreman_openscap/oval/check_collection.rb +45 -0
- data/app/services/foreman_openscap/oval/configure.rb +80 -0
- data/app/services/foreman_openscap/oval/cves.rb +41 -0
- data/app/services/foreman_openscap/oval/setup.rb +93 -0
- data/app/services/foreman_openscap/oval/setup_check.rb +55 -0
- data/app/services/foreman_openscap/oval/sync_oval_contents.rb +42 -0
- data/app/views/api/v2/compliance/oval_contents/base.json.rabl +6 -0
- data/app/views/api/v2/compliance/oval_contents/create.json.rabl +3 -0
- data/app/views/api/v2/compliance/oval_contents/index.json.rabl +3 -0
- data/app/views/api/v2/compliance/oval_contents/show.json.rabl +3 -0
- data/app/views/api/v2/compliance/oval_contents/sync.json.rabl +3 -0
- data/app/views/api/v2/compliance/oval_contents/sync_result.json.rabl +11 -0
- data/app/views/api/v2/compliance/oval_contents/update.json.rabl +3 -0
- data/app/views/api/v2/compliance/oval_policies/create.json.rabl +3 -0
- data/app/views/api/v2/compliance/oval_policies/index.json.rabl +3 -0
- data/app/views/api/v2/compliance/oval_policies/main.json.rabl +15 -0
- data/app/views/api/v2/compliance/oval_policies/show.json.rabl +3 -0
- data/app/views/api/v2/compliance/policies/base.json.rabl +2 -2
- data/app/views/api/v2/compliance/policies_common/_attrs.json.rabl +2 -0
- data/app/views/arf_reports/_output.html.erb +9 -1
- data/app/views/job_templates/run_oval_scans.erb +24 -0
- data/app/views/policies/steps/_deployment_options_form.html.erb +2 -2
- data/config/initializers/inflections.rb +12 -0
- data/config/routes.rb +19 -0
- data/db/migrate/20201019074925_create_oval_policy.rb +13 -0
- data/db/migrate/20201020113801_create_oval_facet.rb +14 -0
- data/db/migrate/20201021084109_create_hostgroup_oval_facet.rb +14 -0
- data/db/migrate/20201106080924_create_oval_content.rb +12 -0
- data/db/migrate/20201116110256_add_oval_content_to_oval_policy.rb +5 -0
- data/db/migrate/20201120080329_create_cves.rb +13 -0
- data/db/migrate/20201202110213_update_puppet_port_param_type.rb +2 -6
- data/db/migrate/20201217130800_add_has_errata_to_cve.rb +8 -0
- data/db/migrate/20201217161511_add_url_to_oval_content.rb +5 -0
- data/db/migrate/20210409095625_add_oval_policy_reference_to_cve.rb +7 -0
- data/lib/foreman_openscap/engine.rb +67 -9
- data/lib/foreman_openscap/version.rb +1 -1
- data/lib/tasks/foreman_openscap_tasks.rake +14 -9
- data/locale/de/LC_MESSAGES/foreman_openscap.mo +0 -0
- data/locale/de/foreman_openscap.edit.po +0 -0
- data/locale/de/foreman_openscap.po +215 -17
- data/locale/en_GB/LC_MESSAGES/foreman_openscap.mo +0 -0
- data/locale/en_GB/foreman_openscap.edit.po +0 -0
- data/locale/en_GB/foreman_openscap.po +213 -15
- data/locale/es/LC_MESSAGES/foreman_openscap.mo +0 -0
- data/locale/es/foreman_openscap.edit.po +0 -0
- data/locale/es/foreman_openscap.po +239 -41
- data/locale/foreman_openscap.pot +395 -112
- data/locale/fr/LC_MESSAGES/foreman_openscap.mo +0 -0
- data/locale/fr/foreman_openscap.edit.po +0 -0
- data/locale/fr/foreman_openscap.po +243 -45
- data/locale/gl/LC_MESSAGES/foreman_openscap.mo +0 -0
- data/locale/gl/foreman_openscap.edit.po +0 -0
- data/locale/gl/foreman_openscap.po +213 -15
- data/locale/it/LC_MESSAGES/foreman_openscap.mo +0 -0
- data/locale/it/foreman_openscap.edit.po +0 -0
- data/locale/it/foreman_openscap.po +213 -15
- data/locale/ja/LC_MESSAGES/foreman_openscap.mo +0 -0
- data/locale/ja/foreman_openscap.edit.po +0 -0
- data/locale/ja/foreman_openscap.po +262 -66
- data/locale/ko/LC_MESSAGES/foreman_openscap.mo +0 -0
- data/locale/ko/foreman_openscap.edit.po +0 -0
- data/locale/ko/foreman_openscap.po +214 -16
- data/locale/pt_BR/LC_MESSAGES/foreman_openscap.mo +0 -0
- data/locale/pt_BR/foreman_openscap.edit.po +0 -0
- data/locale/pt_BR/foreman_openscap.po +252 -54
- data/locale/ru/LC_MESSAGES/foreman_openscap.mo +0 -0
- data/locale/ru/foreman_openscap.edit.po +0 -0
- data/locale/ru/foreman_openscap.po +214 -16
- data/locale/sv_SE/LC_MESSAGES/foreman_openscap.mo +0 -0
- data/locale/sv_SE/foreman_openscap.edit.po +0 -0
- data/locale/sv_SE/foreman_openscap.po +213 -15
- data/locale/zh_CN/LC_MESSAGES/foreman_openscap.mo +0 -0
- data/locale/zh_CN/foreman_openscap.edit.po +0 -0
- data/locale/zh_CN/foreman_openscap.po +369 -169
- data/locale/zh_TW/LC_MESSAGES/foreman_openscap.mo +0 -0
- data/locale/zh_TW/foreman_openscap.edit.po +0 -0
- data/locale/zh_TW/foreman_openscap.po +214 -16
- data/test/factories/compliance_host_factory.rb +12 -0
- data/test/factories/oval_content_factory.rb +7 -0
- data/test/factories/oval_policy_factory.rb +9 -0
- data/test/files/oval_contents/ansible-2.9.oval.xml.bz2 +0 -0
- data/test/fixtures/cve_fixtures.rb +104 -0
- data/test/functional/api/v2/compliance/oval_contents_controller_test.rb +39 -0
- data/test/functional/api/v2/compliance/oval_policies_controller_test.rb +141 -0
- data/test/functional/api/v2/compliance/oval_reports_controller_test.rb +32 -0
- data/test/graphql/queries/oval_contents_query_test.rb +35 -0
- data/test/graphql/queries/oval_policies_query_test.rb +35 -0
- data/test/test_plugin_helper.rb +4 -0
- data/test/unit/oval_host_test.rb +45 -0
- data/test/unit/oval_policy_test.rb +133 -0
- data/test/unit/oval_status_test.rb +47 -0
- data/test/unit/services/oval/cves_test.rb +81 -0
- data/test/unit/services/oval/setup_test.rb +87 -0
- metadata +97 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 0bc31c3bac07804311899dc01dd5dbe0c0500cc8981eefa1ec867316d0465fb8
|
4
|
+
data.tar.gz: 4b00712959d937f44fa2da29de505704e153277043bf319c84fa0d4a44f8d5ac
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 90f233717d65a7bf4d1793251a27d6f7268e81a93e4dd06b86258e8f6f5b108d0a886fe8ebe455766eccfe10a55076d9b61bd211165620f5d899cd94147d203c
|
7
|
+
data.tar.gz: b77f05c002ef0fb3fdcc4050974bc5b4390d2af5322aac601ef912172391e0bfb3f391e4166ad94b7e701156e9b84f640dcda03d434323d5e2921e50974f6109
|
@@ -0,0 +1,72 @@
|
|
1
|
+
module Api::V2
|
2
|
+
module Compliance
|
3
|
+
class OvalContentsController < ::Api::V2::BaseController
|
4
|
+
include Foreman::Controller::Parameters::OvalContent
|
5
|
+
include ForemanOpenscap::Api::V2::ScapApiControllerExtensions
|
6
|
+
|
7
|
+
before_action :find_resource, :except => %w[index create sync]
|
8
|
+
skip_before_action :check_media_type, :only => %w[create update]
|
9
|
+
|
10
|
+
api :GET, '/compliance/oval_contents', N_('List OVAL contents')
|
11
|
+
param_group :search_and_pagination, ::Api::V2::BaseController
|
12
|
+
add_scoped_search_description_for(::ForemanOpenscap::OvalContent)
|
13
|
+
|
14
|
+
def index
|
15
|
+
@oval_contents = resource_scope_for_index(:permission => :view_oval_contents)
|
16
|
+
end
|
17
|
+
|
18
|
+
api :GET, '/compliance/oval_contents/:id', N_('Show an OVAL content')
|
19
|
+
param :id, :identifier, :required => true
|
20
|
+
|
21
|
+
def show
|
22
|
+
end
|
23
|
+
|
24
|
+
def_param_group :oval_content do
|
25
|
+
param :oval_content, Hash, :required => true, :action_aware => true do
|
26
|
+
param :name, String, :required => true, :desc => N_('OVAL content name')
|
27
|
+
param :scap_file, File, :desc => N_('XML containing OVAL content')
|
28
|
+
param :original_filename, String, :desc => N_('Original file name of the OVAL content file')
|
29
|
+
param :url, String, :desc => N_('URL of the OVAL content file')
|
30
|
+
param_group :taxonomies, ::Api::V2::BaseController
|
31
|
+
end
|
32
|
+
end
|
33
|
+
|
34
|
+
api :POST, '/compliance/oval_contents', N_('Create OVAL content')
|
35
|
+
param_group :oval_content, :as => :create
|
36
|
+
|
37
|
+
def create
|
38
|
+
@oval_content = ForemanOpenscap::OvalContent.new(oval_content_params)
|
39
|
+
process_response @oval_content.save
|
40
|
+
end
|
41
|
+
|
42
|
+
api :PUT, '/compliance/oval_contents/:id', N_('Update an OVAL content')
|
43
|
+
param :id, :identifier, :required => true
|
44
|
+
param_group :oval_content
|
45
|
+
|
46
|
+
def update
|
47
|
+
process_response @oval_content.update(oval_content_params)
|
48
|
+
end
|
49
|
+
|
50
|
+
api :DELETE, '/compliance/oval_contents/:id', N_('Deletes an OVAL content')
|
51
|
+
param :id, :identifier, :required => true
|
52
|
+
|
53
|
+
def destroy
|
54
|
+
process_response @oval_content.destroy
|
55
|
+
end
|
56
|
+
|
57
|
+
api :POST, '/compliance/oval_contents/sync', N_('Sync contents that have remote source URL')
|
58
|
+
def sync
|
59
|
+
@oval_contents = ForemanOpenscap::Oval::SyncOvalContents.new.sync_all
|
60
|
+
end
|
61
|
+
|
62
|
+
def action_permission
|
63
|
+
case params[:action]
|
64
|
+
when 'sync'
|
65
|
+
:update
|
66
|
+
else
|
67
|
+
super
|
68
|
+
end
|
69
|
+
end
|
70
|
+
end
|
71
|
+
end
|
72
|
+
end
|
@@ -0,0 +1,111 @@
|
|
1
|
+
module Api::V2
|
2
|
+
module Compliance
|
3
|
+
class OvalPoliciesController < ::Api::V2::BaseController
|
4
|
+
include Foreman::Controller::SmartProxyAuth
|
5
|
+
include ForemanOpenscap::Api::V2::ScapApiControllerExtensions
|
6
|
+
include Foreman::Controller::Parameters::OvalPolicy
|
7
|
+
|
8
|
+
add_smart_proxy_filters %i[oval_content], :features => 'Openscap'
|
9
|
+
|
10
|
+
before_action :find_resource, :except => %w[index create]
|
11
|
+
skip_after_action :log_response_body, :only => %i[oval_content]
|
12
|
+
|
13
|
+
api :GET, '/compliance/oval_policies', N_('List OVAL Policies')
|
14
|
+
param_group :search_and_pagination, ::Api::V2::BaseController
|
15
|
+
|
16
|
+
def index
|
17
|
+
@oval_policies = resource_scope_for_index(:permission => :view_oval_policies)
|
18
|
+
end
|
19
|
+
|
20
|
+
api :GET, '/compliance/oval_policies/:id', N_('Show an OVAL Policy')
|
21
|
+
param :id, :identifier, :required => true
|
22
|
+
|
23
|
+
def show
|
24
|
+
end
|
25
|
+
|
26
|
+
def_param_group :oval_policy do
|
27
|
+
param :oval_policy, Hash, :required => true, :action_aware => true do
|
28
|
+
param :name, String, :required => true, :desc => N_('OVAL Policy name')
|
29
|
+
param :oval_content_id, Integer, :required => true, :desc => N_('Policy OVAL content ID')
|
30
|
+
param :description, String, :desc => N_('OVAL Policy description')
|
31
|
+
param :period, String, :desc => N_('OVAL Policy schedule period (weekly, monthly, custom)')
|
32
|
+
param :weekday, String, :desc => N_('OVAL Policy schedule weekday (only if period == "weekly")')
|
33
|
+
param :day_of_month, Integer, :desc => N_('OVAL Policy schedule day of month (only if period == "monthly")')
|
34
|
+
param :cron_line, String, :desc => N_('OVAL Policy schedule cron line (only if period == "custom")')
|
35
|
+
param_group :taxonomies, ::Api::V2::BaseController
|
36
|
+
end
|
37
|
+
end
|
38
|
+
|
39
|
+
api :POST, '/compliance/oval_policies', N_('Create an OVAL Policy')
|
40
|
+
param_group :oval_policy, :as => :create
|
41
|
+
|
42
|
+
def create
|
43
|
+
@oval_policy = ForemanOpenscap::OvalPolicy.new(oval_policy_params)
|
44
|
+
process_response(@oval_policy.save)
|
45
|
+
end
|
46
|
+
|
47
|
+
api :PUT, '/compliance/oval_policies/:id', N_('Update an OVAL Policy')
|
48
|
+
param :id, :identifier, :required => true
|
49
|
+
param_group :oval_policy
|
50
|
+
|
51
|
+
def update
|
52
|
+
process_response(@oval_policy.update(oval_policy_params))
|
53
|
+
end
|
54
|
+
|
55
|
+
api :DELETE, '/compliance/oval_policies/:id', N_('Delete an OVAL Policy')
|
56
|
+
param :id, :identifier, :required => true
|
57
|
+
|
58
|
+
def destroy
|
59
|
+
process_response @oval_policy.destroy
|
60
|
+
end
|
61
|
+
|
62
|
+
api :POST, '/compliance/oval_policies/:id/assign_hostgroups', N_('Assign hostgroups to an OVAL Policy')
|
63
|
+
param :id, :identifier, :required => true
|
64
|
+
param :hostgroup_ids, Array, :desc => N_('Array of hostgroup IDs')
|
65
|
+
|
66
|
+
def assign_hostgroups
|
67
|
+
assign _('hostgroups'), params["hostgroup_ids"], ::Hostgroup
|
68
|
+
end
|
69
|
+
|
70
|
+
api :POST, '/compliance/oval_policies/:id/assign_hosts', N_('Assign hosts to an OVAL Policy')
|
71
|
+
param :id, :identifier, :required => true
|
72
|
+
param :host_ids, Array, :desc => N_('Array of host IDs')
|
73
|
+
|
74
|
+
def assign_hosts
|
75
|
+
assign _('hosts'), params["host_ids"], ::Host::Managed
|
76
|
+
end
|
77
|
+
|
78
|
+
api :GET, '/compliance/oval_policies/:id/oval_content', N_("Show a policy's SCAP content")
|
79
|
+
param :id, :identifier, :required => true
|
80
|
+
|
81
|
+
def oval_content
|
82
|
+
@oval_content = @oval_policy.oval_content
|
83
|
+
send_data @oval_content.scap_file,
|
84
|
+
:type => 'application/x-bzip2',
|
85
|
+
:filename => @oval_content.original_filename
|
86
|
+
end
|
87
|
+
|
88
|
+
def action_permission
|
89
|
+
case params[:action]
|
90
|
+
when 'assign_hostgroups', 'assign_hosts'
|
91
|
+
:edit
|
92
|
+
when 'oval_content'
|
93
|
+
:show
|
94
|
+
else
|
95
|
+
super
|
96
|
+
end
|
97
|
+
end
|
98
|
+
|
99
|
+
private
|
100
|
+
|
101
|
+
def assign(resource_plural, ids, model_class)
|
102
|
+
check_collection = ::ForemanOpenscap::Oval::Configure.new.assign(@oval_policy, ids, model_class)
|
103
|
+
if check_collection.all_passed?
|
104
|
+
render :json => { :message => (_("OVAL policy successfully configured with %s.") % resource_plural) }
|
105
|
+
else
|
106
|
+
render :json => { :results => check_collection.find_failed.map(&:to_h) }
|
107
|
+
end
|
108
|
+
end
|
109
|
+
end
|
110
|
+
end
|
111
|
+
end
|
@@ -0,0 +1,47 @@
|
|
1
|
+
module Api
|
2
|
+
module V2
|
3
|
+
module Compliance
|
4
|
+
class OvalReportsController < ::Api::V2::BaseController
|
5
|
+
include Foreman::Controller::SmartProxyAuth
|
6
|
+
add_smart_proxy_filters :create, :features => 'Openscap'
|
7
|
+
|
8
|
+
skip_before_action :setup_has_many_params
|
9
|
+
before_action :find_resources_before_create, :only => [:create]
|
10
|
+
|
11
|
+
api :POST, "/compliance/oval_reports/:cname/:oval_policy_id/:date", N_("Upload an OVAL report - a list of CVEs for given host")
|
12
|
+
param :cname, :identifier, :required => true
|
13
|
+
param :oval_policy_id, :identifier, :required => true
|
14
|
+
param :date, :identifier, :required => true
|
15
|
+
|
16
|
+
def create
|
17
|
+
ForemanOpenscap::Oval::Cves.new.create(@host, params.to_unsafe_h)
|
18
|
+
if @host.errors.any?
|
19
|
+
upload_fail @host.errors.full_messages
|
20
|
+
else
|
21
|
+
@host.refresh_statuses([ForemanOpenscap::OvalStatus])
|
22
|
+
render :json => { :result => :ok }
|
23
|
+
end
|
24
|
+
end
|
25
|
+
|
26
|
+
private
|
27
|
+
|
28
|
+
def find_resources_before_create
|
29
|
+
@host = ForemanOpenscap::Helper.find_host_by_name_or_uuid params[:cname]
|
30
|
+
|
31
|
+
unless @host
|
32
|
+
upload_fail(_('Could not find host identified by: %s') % params[:cname])
|
33
|
+
return
|
34
|
+
end
|
35
|
+
end
|
36
|
+
|
37
|
+
def upload_fail(msg)
|
38
|
+
logger.error msg
|
39
|
+
render :json => { :result => :fail, :errors => msg }, :status => :unprocessable_entity
|
40
|
+
end
|
41
|
+
|
42
|
+
def find_resource
|
43
|
+
end
|
44
|
+
end
|
45
|
+
end
|
46
|
+
end
|
47
|
+
end
|
@@ -0,0 +1,22 @@
|
|
1
|
+
module Foreman::Controller::Parameters::OvalContent
|
2
|
+
extend ActiveSupport::Concern
|
3
|
+
|
4
|
+
class_methods do
|
5
|
+
def oval_content_params_filter
|
6
|
+
Foreman::ParameterFilter.new(::ForemanOpenscap::OvalContent).tap do |filter|
|
7
|
+
filter.permit :original_filename, :scap_file, :name, :url, :location_ids => [], :organization_ids => []
|
8
|
+
end
|
9
|
+
end
|
10
|
+
end
|
11
|
+
|
12
|
+
def oval_content_params
|
13
|
+
read_file_content self.class.oval_content_params_filter.filter_params(params, parameter_filter_context)
|
14
|
+
end
|
15
|
+
|
16
|
+
def read_file_content(params)
|
17
|
+
return params unless file = params[:scap_file]
|
18
|
+
content = file.read
|
19
|
+
filename = file.original_filename
|
20
|
+
params.merge(:scap_file => content, :original_filename => params[:original_filename] || filename)
|
21
|
+
end
|
22
|
+
end
|
@@ -0,0 +1,22 @@
|
|
1
|
+
module Foreman::Controller::Parameters::OvalPolicy
|
2
|
+
extend ActiveSupport::Concern
|
3
|
+
|
4
|
+
class_methods do
|
5
|
+
def filter_params_list
|
6
|
+
[:description, :name, :period,
|
7
|
+
:weekday, :day_of_month, :cron_line,
|
8
|
+
:oval_content_id,
|
9
|
+
:location_ids => [], :organization_ids => []]
|
10
|
+
end
|
11
|
+
|
12
|
+
def oval_policy_params_filter
|
13
|
+
Foreman::ParameterFilter.new(::ForemanOpenscap::OvalPolicy).tap do |filter|
|
14
|
+
filter.permit filter_params_list
|
15
|
+
end
|
16
|
+
end
|
17
|
+
end
|
18
|
+
|
19
|
+
def oval_policy_params
|
20
|
+
self.class.oval_policy_params_filter.filter_params(params, parameter_filter_context)
|
21
|
+
end
|
22
|
+
end
|
@@ -5,7 +5,7 @@ module ForemanOpenscap
|
|
5
5
|
end
|
6
6
|
|
7
7
|
def process_hostgroup
|
8
|
-
@hostgroup = Hostgroup.find(params[:host][:hostgroup_id]) if params[:host][:hostgroup_id].to_i > 0
|
8
|
+
@hostgroup = ::Hostgroup.find(params[:host][:hostgroup_id]) if params[:host][:hostgroup_id].to_i > 0
|
9
9
|
return head(:not_found) unless @hostgroup
|
10
10
|
@openscap_proxy = @hostgroup.openscap_proxy
|
11
11
|
super
|
@@ -0,0 +1,17 @@
|
|
1
|
+
module Types
|
2
|
+
class Cve < BaseObject
|
3
|
+
description 'A CVE'
|
4
|
+
model_class ::ForemanOpenscap::Cve
|
5
|
+
|
6
|
+
global_id_field :id
|
7
|
+
field :ref_id, String
|
8
|
+
field :ref_url, String
|
9
|
+
field :has_errata, Boolean
|
10
|
+
field :definition_id, String
|
11
|
+
has_many :hosts, Types::Host
|
12
|
+
|
13
|
+
def self.graphql_definition
|
14
|
+
super.tap { |type| type.instance_variable_set(:@name, 'ForemanOpenscap::Cve') }
|
15
|
+
end
|
16
|
+
end
|
17
|
+
end
|
@@ -0,0 +1,17 @@
|
|
1
|
+
module Types
|
2
|
+
class OvalContent < BaseObject
|
3
|
+
description 'An OVAL Content'
|
4
|
+
model_class ::ForemanOpenscap::OvalContent
|
5
|
+
|
6
|
+
global_id_field :id
|
7
|
+
timestamps
|
8
|
+
field :name, String
|
9
|
+
field :digest, String
|
10
|
+
field :original_filename, String
|
11
|
+
field :url, String
|
12
|
+
|
13
|
+
def self.graphql_definition
|
14
|
+
super.tap { |type| type.instance_variable_set(:@name, 'ForemanOpenscap::OvalContent') }
|
15
|
+
end
|
16
|
+
end
|
17
|
+
end
|
@@ -0,0 +1,21 @@
|
|
1
|
+
module Types
|
2
|
+
class OvalPolicy < BaseObject
|
3
|
+
description 'An OVAL Policy'
|
4
|
+
model_class ::ForemanOpenscap::OvalPolicy
|
5
|
+
|
6
|
+
global_id_field :id
|
7
|
+
timestamps
|
8
|
+
field :name, String
|
9
|
+
field :description, String
|
10
|
+
field :period, String
|
11
|
+
field :weekday, String
|
12
|
+
field :day_of_month, String
|
13
|
+
field :cron_line, String
|
14
|
+
belongs_to :oval_content, ::Types::OvalContent
|
15
|
+
has_many :hostgroups, ::Types::Hostgroup
|
16
|
+
|
17
|
+
def self.graphql_definition
|
18
|
+
super.tap { |type| type.instance_variable_set(:@name, 'ForemanOpenscap::OvalPolicy') }
|
19
|
+
end
|
20
|
+
end
|
21
|
+
end
|
@@ -35,20 +35,6 @@ module ArfReportsHelper
|
|
35
35
|
"class='label label-#{tag} result-filter-tag'".html_safe
|
36
36
|
end
|
37
37
|
|
38
|
-
def severity_tag(level)
|
39
|
-
tag = case level.downcase.to_sym
|
40
|
-
when :low
|
41
|
-
"info"
|
42
|
-
when :medium
|
43
|
-
"warning"
|
44
|
-
when :high
|
45
|
-
"danger"
|
46
|
-
else
|
47
|
-
"default"
|
48
|
-
end
|
49
|
-
"class='label label-#{tag}'".html_safe
|
50
|
-
end
|
51
|
-
|
52
38
|
def multiple_actions_arf_report
|
53
39
|
actions = [
|
54
40
|
[_('Delete reports'), delete_multiple_arf_reports_path]
|
@@ -6,8 +6,8 @@ module ForemanOpenscap
|
|
6
6
|
@time = options[:time] || 1.day.ago
|
7
7
|
|
8
8
|
@policies = ::ForemanOpenscap::Policy.all.reject { |policy| policy.assets.map(&:host).compact.empty? }
|
9
|
-
@compliant_hosts = @policies.map { |policy| Host.comply_with policy }.flatten
|
10
|
-
@incompliant_hosts = @policies.map { |policy| Host.not_comply_with policy }.flatten
|
9
|
+
@compliant_hosts = @policies.map { |policy| ::Host.comply_with policy }.flatten
|
10
|
+
@incompliant_hosts = @policies.map { |policy| ::Host.not_comply_with policy }.flatten
|
11
11
|
changed_hosts_of_policies(@policies)
|
12
12
|
|
13
13
|
if user.nil? || user.mail.nil?
|
@@ -74,7 +74,7 @@ module ForemanOpenscap
|
|
74
74
|
end
|
75
75
|
|
76
76
|
def search_by_host_collection_name(key, operator, value)
|
77
|
-
scope = apply_condition(Host.joins(:host_collections),
|
77
|
+
scope = apply_condition(::Host.joins(:host_collections),
|
78
78
|
operator == '<>',
|
79
79
|
:katello_host_collections => { :name => value })
|
80
80
|
query_conditions_from_scope ForemanOpenscap::ArfReport.where(:host_id => scope)
|
@@ -1,18 +1,11 @@
|
|
1
1
|
module ForemanOpenscap
|
2
2
|
module DataStreamContent
|
3
|
-
require 'digest/sha2'
|
4
|
-
|
5
3
|
extend ActiveSupport::Concern
|
6
4
|
|
7
5
|
included do
|
8
|
-
validates :digest, :presence => true
|
9
|
-
validates :scap_file, :presence => true
|
10
|
-
|
11
6
|
validates_with ForemanOpenscap::DataStreamValidator
|
12
7
|
|
13
8
|
after_save :create_profiles, :if => lambda { |ds_content| ds_content.scap_file_previously_changed? }
|
14
|
-
|
15
|
-
before_validation :redigest, :if => lambda { |ds_content| ds_content.persisted? && ds_content.scap_file_changed? }
|
16
9
|
before_destroy ActiveRecord::Base::EnsureNotUsedBy.new(:policies)
|
17
10
|
end
|
18
11
|
|
@@ -24,10 +17,6 @@ module ForemanOpenscap
|
|
24
17
|
@proxy_url
|
25
18
|
end
|
26
19
|
|
27
|
-
def digest
|
28
|
-
self[:digest] ||= Digest::SHA256.hexdigest(scap_file.to_s)
|
29
|
-
end
|
30
|
-
|
31
20
|
def create_profiles
|
32
21
|
fetch_profiles.each do |key, title|
|
33
22
|
create_or_update_profile key, title
|
@@ -40,11 +29,5 @@ module ForemanOpenscap
|
|
40
29
|
profile.update(:title => title) unless profile.title == title
|
41
30
|
profile
|
42
31
|
end
|
43
|
-
|
44
|
-
private
|
45
|
-
|
46
|
-
def redigest
|
47
|
-
self[:digest] = Digest::SHA256.hexdigest(scap_file.to_s)
|
48
|
-
end
|
49
32
|
end
|
50
33
|
end
|