RubyGems - foreman_openscap - Versions diffs - 4.3.3 → 5.0.0 - Mend

foreman_openscap 4.3.3 → 5.0.0

Files changed (45) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: f9bed6dedc6b23fd08b1c0fd3143de20e86c8aa2e65dbc0a00d0abaad21cc393
-  data.tar.gz: 352a6052c7386969b55b241b57e3d9fa63b6ec07fc9d01d5a8ba6c4b79e7724d
+  metadata.gz: 534b669988c89b1335565f67c02b63443b0cfd36636749397b50617c4797316b
+  data.tar.gz: 4ee455ef101cc0bb6b034f1b081e2d604848620e7438e3ae887493ee77d13015
 SHA512:
-  metadata.gz: 6dd1df925f9212a7afab91c449a9e0482427fde4fb8adfca8a620482124caed5584a2c71d1167c09308f124d5a19fb4ee0102bff4a89e91d30c81a6ac4ed01ea
-  data.tar.gz: c16c1caec4bde07fb8d9da968859f21d2d7f42c5ec5b09c5e9560053dd22490f0ac299405a55b76fa1d4b08d1417b13233799b085fe56b46b8bb13829827394e
+  metadata.gz: b2ddaa5f34a78a9f085f5564f7e12f28071baf8b1679e645c327bb6d229986f0b399ae9a3bf50078e7d4c536014b43df974125851277ff1584130918b93382a2
+  data.tar.gz: 6a115b58c74b88f4c9e4f81ab5c31a0db2195a285d2c2eb4612251aead4131a426b34aab2593b7e8b6e2b656fee92cae0adc1b3d5bd19787466514e35312fd70

data/app/controllers/api/v2/compliance/arf_reports_controller.rb CHANGED Viewed

@@ -140,12 +140,6 @@ module Api
             super
           end
         end
-        protected
-        def assign_lone_taxonomies
-          # do not assign lone taxonomies to arf report
-        end
       end
     end
   end

data/app/helpers/arf_report_dashboard_helper.rb CHANGED Viewed

@@ -6,11 +6,9 @@ module ArfReportDashboardHelper
   }.freeze
   def breakdown_chart_data(categories, report, colors = COLORS)
-    data = categories.reduce([]) do |memo, (key, value)|
+    categories.reduce([]) do |memo, (key, value)|
       memo << [value, report[key], colors[key]]
     end
-    data.to_json
   end
   def donut_breakdown_chart_data(report)
@@ -27,6 +25,6 @@ module ArfReportDashboardHelper
       :data => status.to_a,
       :yAxisLabel => _("Number of Events"),
       :xAxisLabel => _("Rule Results"),
-    }.to_json
+    }
   end
 end

data/app/helpers/compliance_hosts_helper.rb CHANGED Viewed

@@ -16,7 +16,7 @@ module ComplianceHostsHelper
       [_("Othered"), othered, ArfReportDashboardHelper::COLORS[:othered]],
       ['dates', date, nil]
     ]
-    { :data => data, :xAxisDataLabel => 'dates', :config => 'timeseries' }.to_json
+    { :data => data, :xAxisDataLabel => 'dates', :config => 'timeseries' }
   end
   def compliance_host_multiple_actions

data/app/helpers/policies_helper.rb CHANGED Viewed

@@ -41,7 +41,7 @@ module PoliciesHelper
   end
   def deploy_by_radio_checked(policy, tool)
-    type = policy.deploy_by ? policy.deploy_by.to_sym : :puppet
+    type = policy.deploy_by ? policy.deploy_by.to_sym : :manual
     tool.type == type
   end

data/app/services/foreman_openscap/client_config/base.rb CHANGED Viewed

@@ -38,6 +38,7 @@ module ForemanOpenscap
       end
       def find_config_item(scope = config_item_class_name.constantize)
+        return unless scope
         return scope.find_by :name => config_item_name if scope.respond_to?(:find_by)
         # all_puppetclasses, all_ansible_roles methods return Array, not ActiveRecord::Relation
         scope.find { |item| item.name == config_item_name }

data/app/services/foreman_openscap/client_config/puppet.rb CHANGED Viewed

@@ -10,7 +10,7 @@ module ForemanOpenscap
       end
       def available?
-        defined?(Puppetclass)
+        defined?(ForemanPuppet)
       end
       def inline_help
@@ -21,13 +21,17 @@ module ForemanOpenscap
         }
       end
+      def collection_method
+        :puppetclasses
+      end
       def constants
         OpenStruct.new(
           :server_param => 'server',
           :port_param => 'port',
           :policies_param => 'policies',
           :puppetclass_name => 'foreman_scap_client',
-          :config_item_class_name => 'Puppetclass',
+          :config_item_class_name => 'ForemanPuppet::Puppetclass',
           :override_method_name => 'class_params',
           :msg_name => _('Puppet class'),
           :lookup_key_plural_name => _('Smart Class Parameters'),

data/app/views/arf_reports/_metrics.html.erb CHANGED Viewed

@@ -4,15 +4,15 @@
   <div class="col-md-5 scap-breakdown-chart-col">
     <div class="stats-well">
       <h4 class="ca" ><%= _('Report Metrics') %></h4>
-      <div id="arf-report-breakdown-chart" class="scap-breakdown-chart"></div>
-      <%= mount_react_component('DonutChart', "#arf-report-breakdown-chart", donut_breakdown_chart_data(metrics)) %>
+      <div class="scap-breakdown-chart">
+        <%= react_component('DonutChart', :data => donut_breakdown_chart_data(metrics)) %>
+      </div>
     </div>
   </div>
   <div class="col-md-5 arf-report-rule-chart-col">
     <div class="stats-well">
       <h4 class="ca" ><%= _('Report Status') %></h4>
-      <div id="arf-report-rule-chart"></div>
-      <%= mount_react_component('BarChart', "#arf-report-rule-chart", arf_report_status_chart_data(status), :flatten_data => true) %>
+      <%= react_component('BarChart', arf_report_status_chart_data(status)) %>
     </div>
   </div>
   <div class="col-md-2">

data/app/views/compliance_hosts/show.html.erb CHANGED Viewed

@@ -17,18 +17,16 @@
                                                         hash_for_arf_report_path(:id => data.latest_report.id)
                                                           .merge(:auth_object => data.latest_report)) %></h4>
         <% report = data.report %>
-        <% id = "host-policy-breakdown-chart-#{policy.id}" %>
-        <div id="<%= id %>" class="scap-breakdown-chart"></div>
-        <%= mount_react_component('DonutChart', "##{id}", donut_breakdown_chart_data(report)) %>
+        <div class="scap-breakdown-chart">
+          <%= react_component('DonutChart', :data => donut_breakdown_chart_data(report)) %>
+        </div>
       </div>
     </div>
     <div class="col-md-8">
       <div class="stats-well">
         <h4 class="ca"><%= _("%s reports over time") % policy %></h4>
-        <% reports_graph_id = "arf-reports-over-time-#{policy.id}" %>
-        <div id="<%= reports_graph_id %>"></div>
-        <%= mount_react_component('LineChart', "##{reports_graph_id}", host_arf_reports_chart_data(policy.id), :flatten_data => true) %>
+        <%= react_component('LineChart', host_arf_reports_chart_data(policy.id)) %>
       </div>
     </div>
     <% else %>

data/app/views/dashboard/_compliance_reports_breakdown_widget.html.erb CHANGED Viewed

@@ -1,4 +1,5 @@
 <h4 class="header ca"><%= _('Compliance Reports Breakdown') %></h4>
-<div id="compliance-reports-breakdown" class="host-configuration-chart"/>
-<% report = ForemanOpenscap::ReportDashboard::Data.new().report %>
-<%= mount_react_component('DonutChart', "#compliance-reports-breakdown", donut_breakdown_chart_data(report)) %>
+<div class="host-configuration-chart">
+  <% report = ForemanOpenscap::ReportDashboard::Data.new().report %>
+  <%= react_component('DonutChart', :data => donut_breakdown_chart_data(report)) %>
+</div>

data/app/views/policy_dashboard/_policy_chart_widget.html.erb CHANGED Viewed

@@ -2,6 +2,7 @@
 <div id='status-chart'>
   <h4 class="header ca"><%= _('Host Breakdown Chart') %></h4>
-  <div id="policy-breakdown-chart" class="scap-breakdown-chart"></div>
-  <%= mount_react_component('DonutChart', "#policy-breakdown-chart", policy_breakdown_chart_data(@report)) %>
+  <div class="scap-breakdown-chart">
+    <%= react_component('DonutChart', :data => policy_breakdown_chart_data(@report)) %>
+  </div>
 </div>

data/db/migrate/20200117135424_migrate_port_overrides_to_int.rb CHANGED Viewed

@@ -10,7 +10,8 @@ class MigratePortOverridesToInt < ActiveRecord::Migration[5.2]
   private
   def transform_lookup_values(method)
-    puppet_class = Puppetclass.find_by :name => 'foreman_scap_client'
+    return unless defined?(ForemanPuppet)
+    puppet_class = ::ForemanPuppet::Puppetclass.find_by :name => 'foreman_scap_client'
     return unless puppet_class
     port_key = puppet_class.class_params.find_by :key => 'port'
     return unless port_key

data/db/migrate/20201202110213_update_puppet_port_param_type.rb CHANGED Viewed

@@ -10,7 +10,8 @@ class UpdatePuppetPortParamType < ActiveRecord::Migration[6.0]
   private
   def update_port_type(method)
-    puppet_class = Puppetclass.find_by :name => 'foreman_scap_client'
+    return unless defined?(ForemanPuppet)
+    puppet_class = ::ForemanPuppet::Puppetclass.find_by :name => 'foreman_scap_client'
     return unless puppet_class
     port_key = puppet_class.class_params.find_by :key => 'port'
     return unless port_key

data/lib/foreman_openscap/engine.rb CHANGED Viewed

@@ -223,13 +223,6 @@ module ForemanOpenscap
         register_graphql_query_field :oval_policy, '::Types::OvalPolicy', :record_field
         register_graphql_query_field :cves, '::Types::Cve', :collection_field
-        # move to core
-        extend_graphql_type type: ::Types::Hostgroup do
-          field :descendants, Types::Hostgroup.connection_type, null: true, resolve: (proc do |object|
-            RecordLoader.for(model_class).load_many(object.descendant_ids)
-          end)
-        end
         register_facet ForemanOpenscap::Host::OvalFacet, :oval_facet do
           configure_host do
             extend_model ForemanOpenscap::OvalFacetHostExtensions

data/lib/foreman_openscap/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module ForemanOpenscap
-  VERSION = "4.3.3".freeze
+  VERSION = "5.0.0".freeze
 end

data/test/functional/api/v2/compliance/oval_reports_controller_test.rb CHANGED Viewed

@@ -20,7 +20,7 @@ class Api::V2::Compliance::OvalReportsControllerTest < ActionController::TestCas
   test 'should show host errors on CVEs upload' do
     proxy = FactoryBot.create(:smart_proxy)
-    host = FactoryBot.create(:host, :puppet_proxy => proxy, :environment => FactoryBot.create(:environment))
+    host = FactoryBot.create(:host, :puppet_proxy => proxy)
     SmartProxy.any_instance.stubs(:smart_proxy_features).returns([])
     post :create, :params => @params.merge(:cname => host.name), :session => set_session_user

data/test/functional/api/v2/compliance/policies_controller_test.rb CHANGED Viewed

@@ -40,6 +40,7 @@ class Api::V2::Compliance::PoliciesControllerTest < ActionController::TestCase
   end
   test "should get index and show hostgroups" do
+    skip unless puppet_available?
     ForemanOpenscap::Policy.any_instance.stubs(:find_scap_puppetclass).returns(FactoryBot.create(:puppetclass, :name => 'foreman_scap_client'))
     ForemanOpenscap::Policy.any_instance.stubs(:populate_overrides)
     hostgroup = FactoryBot.create(:hostgroup)
@@ -61,6 +62,7 @@ class Api::V2::Compliance::PoliciesControllerTest < ActionController::TestCase
   end
   test "should show a policy hosts and hostgroups" do
+    skip unless puppet_available?
     ForemanOpenscap::Policy.any_instance.stubs(:find_scap_puppetclass).returns(FactoryBot.create(:puppetclass, :name => 'foreman_scap_client'))
     ForemanOpenscap::Policy.any_instance.stubs(:populate_overrides)
     hostgroup = FactoryBot.create(:hostgroup)

data/test/helpers/arf_report_dashboard_helper_test.rb CHANGED Viewed

@@ -7,14 +7,13 @@ class ArfReportDashboardHelperTest < ActionView::TestCase
     categories = { :passed => 'passed', :failed => 'failed' }
     report = { :passed => 23, :failed => 24 }
     colors = { :passed => '#FFF', :failed => '#000' }
-    res = JSON.parse(breakdown_chart_data(categories, report, colors))
+    res = breakdown_chart_data(categories, report, colors)
     assert_equal ["passed", 23, "#FFF"], res.first
     assert_equal ["failed", 24, "#000"], res.last
   end
   test 'should return breakdown chart data for donut as json' do
-    report = { :passed => 4, :failed => 7, :othered => 5 }
-    res = JSON.parse(donut_breakdown_chart_data(report))
+    res = donut_breakdown_chart_data(:passed => 4, :failed => 7, :othered => 5)
     assert_equal 3, res.size
     assert_include res, ["Passed", 4, ArfReportDashboardHelper::COLORS[:passed]]
     assert_include res, ["Failed", 7, ArfReportDashboardHelper::COLORS[:failed]]
@@ -22,12 +21,12 @@ class ArfReportDashboardHelperTest < ActionView::TestCase
   end
   test 'should return data for report status chart' do
-    res = JSON.parse(arf_report_status_chart_data(:passed => 6, :failed => 7, :othered => 8))
-    assert_equal "Number of Events", res['yAxisLabel']
-    assert_equal "Rule Results", res['xAxisLabel']
-    assert_equal 3, res['data'].size
-    assert_include res['data'], ["passed", 6]
-    assert_include res['data'], ["failed", 7]
-    assert_include res['data'], ["othered", 8]
+    res = arf_report_status_chart_data(:passed => 6, :failed => 7, :othered => 8)
+    assert_equal "Number of Events", res[:yAxisLabel]
+    assert_equal "Rule Results", res[:xAxisLabel]
+    assert_equal 3, res[:data].size
+    assert_include res[:data], [:passed, 6]
+    assert_include res[:data], [:failed, 7]
+    assert_include res[:data], [:othered, 8]
   end
 end

data/test/helpers/policy_dashboard_helper_test.rb CHANGED Viewed

@@ -11,7 +11,7 @@ class PolicyDashboardHelperTest < ActionView::TestCase
       :inconclusive_hosts => 7,
       :report_missing => 8
     }
-    res = JSON.parse(policy_breakdown_chart_data(report))
+    res = policy_breakdown_chart_data(report)
     assert_equal 4, res.size
     assert_include res, ['Compliant hosts', 5, PolicyDashboardHelper::COLORS[:compliant_hosts]]
     assert_include res, ['Incompliant hosts', 6, PolicyDashboardHelper::COLORS[:incompliant_hosts]]

data/test/test_plugin_helper.rb CHANGED Viewed

@@ -5,19 +5,24 @@ require 'test_helper'
 FactoryBot.definition_file_paths << File.join(File.dirname(__FILE__), 'factories')
 # Add factories from foreman_ansible
 FactoryBot.definition_file_paths << File.join(ForemanAnsible::Engine.root, '/test/factories')
+FactoryBot.definition_file_paths << File.join(ForemanPuppet::Engine.root, '/test/factories') if defined?(ForemanPuppet)
 FactoryBot.reload
 require "#{ForemanOpenscap::Engine.root}/test/fixtures/cve_fixtures"
 module ScapClientPuppetclass
+  def puppet_available?
+    defined?(ForemanPuppet)
+  end
   def setup_puppet_class
     puppet_config = ::ForemanOpenscap::ClientConfig::Puppet.new
-    Puppetclass.find_by(:name => puppet_config.puppetclass_name)&.destroy
+    ForemanPuppet::Puppetclass.find_by(:name => puppet_config.puppetclass_name)&.destroy
     puppet_class = FactoryBot.create(:puppetclass, :name => puppet_config.puppetclass_name)
-    server_param = FactoryBot.create(:puppetclass_lookup_key, :key => puppet_config.server_param, :default_value => nil)
-    port_param = FactoryBot.create(:puppetclass_lookup_key, :key => puppet_config.port_param, :default_value => nil)
-    policies_param = FactoryBot.create(:puppetclass_lookup_key, :key => puppet_config.policies_param, :default_value => nil)
+    server_param = FactoryBot.create(:puppetclass_lookup_key, :key => puppet_config.server_param, :default_value => nil, :override => false)
+    port_param = FactoryBot.create(:puppetclass_lookup_key, :key => puppet_config.port_param, :default_value => nil, :override => false)
+    policies_param = FactoryBot.create(:puppetclass_lookup_key, :key => puppet_config.policies_param, :default_value => nil, :override => false)
     env = FactoryBot.create :environment

data/test/unit/policy_test.rb CHANGED Viewed

@@ -75,7 +75,6 @@ class PolicyTest < ActiveSupport::TestCase
     asset = FactoryBot.create(:asset, :assetable_id => hg.id, :assetable_type => 'Hostgroup')
     policy = FactoryBot.create(:policy, :assets => [asset], :scap_content => @scap_content, :scap_content_profile => @scap_profile)
     policy.save!
-    hg.hostgroup_classes.destroy_all
     hg.destroy
     assert_equal 0, policy.hostgroups.count
   end
@@ -314,6 +313,7 @@ class PolicyTest < ActiveSupport::TestCase
   end
   test "should change deploy type" do
+    skip unless puppet_available?
     policy = FactoryBot.create(:policy, :scap_content => @scap_content, :scap_content_profile => @scap_profile)
     setup_puppet_class
     policy.change_deploy_type({ :deploy_by => 'puppet' })

data/test/unit/services/config_name_service_test.rb CHANGED Viewed

@@ -24,6 +24,7 @@ class ConfigNameServiceTest < ActiveSupport::TestCase
   end
   test 'should find all available except Manual' do
+    skip unless puppet_available?
     ForemanOpenscap::ClientConfig::Ansible.any_instance.stubs(:available?).returns(false)
     configs = @name_service.all_available_except(:manual)
     assert_equal 1, configs.size

data/test/unit/services/hostgroup_overrider_test.rb CHANGED Viewed

@@ -9,11 +9,12 @@ class HostgroupOverriderTest < ActiveSupport::TestCase
   end
   test 'should populate puppet overrides' do
+    skip unless puppet_available?
     puppet_class, env, port_param, server_param = setup_puppet_class.values_at :puppet_class, :env, :port_param, :server_param
     proxy = FactoryBot.create(:openscap_proxy, :url => 'https://override-keys.example.com:8998')
-    hostgroup = FactoryBot.create(:hostgroup, :environment_id => env.id, :openscap_proxy_id => proxy.id)
+    hostgroup = FactoryBot.create(:hostgroup, :environment_id => env.id, :openscap_proxy_id => proxy.id, :puppet => FactoryBot.create(:hostgroup_puppet_facet))
     refute hostgroup.puppetclasses.include? puppet_class
     assert LookupValue.where(:match => "hostgroup=#{hostgroup.to_label}",
                              :lookup_key_id => port_param.id,

data/test/unit/services/lookup_key_overrider_test.rb CHANGED Viewed

@@ -8,6 +8,7 @@ class LookupKeyOverriderTest < ActiveSupport::TestCase
   end
   test 'should override puppet class parameters' do
+    skip unless puppet_available?
     server_param, port_param, policies_param = setup_puppet_class.values_at :server_param, :port_param, :policies_param
     refute server_param.override
     refute port_param.override
@@ -21,7 +22,8 @@ class LookupKeyOverriderTest < ActiveSupport::TestCase
   end
   test 'should add error when no puppet class found' do
-    puppet_class = Puppetclass.find_by :name => ForemanOpenscap::ClientConfig::Puppet.new.puppetclass_name
+    skip unless puppet_available?
+    puppet_class = ::ForemanPuppet::Puppetclass.find_by :name => ForemanOpenscap::ClientConfig::Puppet.new.puppetclass_name
     puppet_class.destroy if puppet_class
     policy = FactoryBot.create(:policy, :scap_content => @scap_content, :scap_content_profile => @scap_content_profile, :deploy_by => :puppet)
     ForemanOpenscap::LookupKeyOverrider.new(policy).override
@@ -41,6 +43,7 @@ class LookupKeyOverriderTest < ActiveSupport::TestCase
   end
   test 'should add error when lookup keys not present' do
+    skip unless puppet_available?
     server_param, port_param, policies_param = setup_puppet_class.values_at :server_param, :port_param, :policies_param
     server_param.destroy
     port_param.destroy

data/webpack/components/EmptyState.js CHANGED Viewed

@@ -12,10 +12,11 @@ import {
   CubeIcon,
   ExclamationCircleIcon,
   SearchIcon,
+  LockIcon,
 } from '@patternfly/react-icons';
 import { global_danger_color_200 as dangerColor } from '@patternfly/react-tokens';
-const EmptyStateIcon = ({ error, search }) => {
+const EmptyStateIcon = ({ error, search, lock }) => {
   if (error)
     return (
       <PfEmptyStateIcon
@@ -23,14 +24,15 @@ const EmptyStateIcon = ({ error, search }) => {
         color={dangerColor.value}
       />
     );
+  if (lock) return <PfEmptyStateIcon icon={LockIcon} />;
   if (search) return <PfEmptyStateIcon icon={SearchIcon} />;
   return <PfEmptyStateIcon icon={CubeIcon} />;
 };
-const EmptyState = ({ title, body, error, search }) => (
+const EmptyState = ({ title, body, error, search, lock }) => (
   <Bullseye>
     <PfEmptyState variant={EmptyStateVariant.small}>
-      <EmptyStateIcon error={!!error} search={search} />
+      <EmptyStateIcon error={!!error} search={search} lock={lock} />
       <Title headingLevel="h2" size="lg">
         {title}
       </Title>
@@ -42,11 +44,13 @@ const EmptyState = ({ title, body, error, search }) => (
 EmptyStateIcon.propTypes = {
   error: PropTypes.bool,
   search: PropTypes.bool,
+  lock: PropTypes.bool,
 };
 EmptyStateIcon.defaultProps = {
   error: false,
   search: false,
+  lock: false,
 };
 EmptyState.propTypes = {
@@ -54,6 +58,7 @@ EmptyState.propTypes = {
   body: PropTypes.string,
   error: PropTypes.oneOfType([PropTypes.shape({}), PropTypes.string]),
   search: PropTypes.bool,
+  lock: PropTypes.bool,
 };
 EmptyState.defaultProps = {
@@ -62,6 +67,7 @@ EmptyState.defaultProps = {
     'There was an error retrieving data from the server. Check your connection and try again.',
   error: undefined,
   search: false,
+  lock: false,
 };
 export default EmptyState;

data/webpack/components/withLoading.js CHANGED Viewed

@@ -1,8 +1,12 @@
 import React from 'react';
 import PropTypes from 'prop-types';
 import { translate as __ } from 'foremanReact/common/I18n';
 import Loading from 'foremanReact/components/Loading';
+import {
+  permissionCheck,
+  permissionDeniedMsg,
+} from '../helpers/permissionsHelper';
 import EmptyState from './EmptyState';
 const errorStateTitle = __('Error!');
@@ -24,6 +28,7 @@ const withLoading = Component => {
     resultPath,
     renameData,
     emptyStateTitle,
+    permissions,
     ...rest
   }) => {
     const { loading, error, data } = fetchFn(rest);
@@ -42,6 +47,18 @@ const withLoading = Component => {
       );
     }
+    const check = permissionCheck(data.currentUser, permissions);
+    if (!check.allowed) {
+      return (
+        <EmptyState
+          lock
+          title={__('Permission denied')}
+          body={permissionDeniedMsg(check.permissions.map(item => item.name))}
+        />
+      );
+    }
     const result = pluckData(data, resultPath);
     if ((Array.isArray(result) && result.length === 0) || !result) {
@@ -56,10 +73,12 @@ const withLoading = Component => {
     resultPath: PropTypes.string.isRequired,
     renameData: PropTypes.func,
     emptyStateTitle: PropTypes.string.isRequired,
+    permissions: PropTypes.array,
   };
   Subcomponent.defaultProps = {
     renameData: data => data,
+    permissions: [],
   };
   return Subcomponent;

data/webpack/graphql/queries/currentUserAttributes.gql ADDED Viewed

@@ -0,0 +1,11 @@
+fragment CurrentUserAttributes on User {
+  id
+  login
+  admin
+  permissions {
+    nodes {
+      id
+      name
+    }
+  }
+}

data/webpack/graphql/queries/cves.gql CHANGED Viewed

@@ -1,3 +1,5 @@
+#import "./currentUserAttributes.gql"
 query($search: String, $first: Int, $last: Int) {
   cves(search: $search, first: $first, last: $last) {
     totalCount
@@ -15,4 +17,7 @@ query($search: String, $first: Int, $last: Int) {
       }
     }
   }
+  currentUser {
+    ...CurrentUserAttributes
+  }
 }

data/webpack/graphql/queries/ovalContents.gql CHANGED Viewed

@@ -1,3 +1,5 @@
+#import "./currentUserAttributes.gql"
 query($first: Int, $last: Int) {
   ovalContents(first: $first, last: $last) {
     totalCount
@@ -8,4 +10,7 @@ query($first: Int, $last: Int) {
       originalFilename
     }
   }
+  currentUser {
+    ...CurrentUserAttributes
+  }
 }

data/webpack/graphql/queries/ovalPolicies.gql CHANGED Viewed

@@ -1,3 +1,5 @@
+#import "./currentUserAttributes.gql"
 query($first: Int, $last: Int) {
   ovalPolicies(first: $first, last: $last) {
     totalCount
@@ -9,4 +11,7 @@ query($first: Int, $last: Int) {
       }
     }
   }
+  currentUser {
+    ...CurrentUserAttributes
+  }
 }

data/webpack/graphql/queries/ovalPolicy.gql CHANGED Viewed

@@ -1,3 +1,5 @@
+#import "./currentUserAttributes.gql"
 query($id: String!) {
   ovalPolicy(id: $id) {
     id
@@ -18,4 +20,7 @@ query($id: String!) {
       }
     }
   }
+  currentUser {
+    ...CurrentUserAttributes
+  }
 }

data/webpack/helpers/permissionsHelper.js ADDED Viewed

@@ -0,0 +1,42 @@
+import { translate as __, sprintf } from 'foremanReact/common/I18n';
+export const permissionCheck = (user, permissionsRequired) => {
+  if (permissionsRequired.length === 0) {
+    return { allowed: true };
+  }
+  if (!user) {
+    throw new Error(
+      'No user data when loading the page - cannot determine if current user is allowed to view the page.'
+    );
+  }
+  if (user.admin) {
+    return { allowed: true };
+  }
+  const permList = permissionsRequired.reduce((memo, item) => {
+    const found = user.permissions.nodes.find(
+      permission => permission.name === item
+    );
+    memo.push({ name: item, present: !!found });
+    return memo;
+  }, []);
+  if (permList.reduce((memo, item) => memo && item.present, true)) {
+    return { allowed: true, permissions: permList };
+  }
+  return { allowed: false, permissions: permList };
+};
+export const permissionDeniedMsg = permissions => {
+  let msg = __('You are not authorized to view the page. ');
+  if (permissions?.length > 0) {
+    msg += sprintf(
+      __('Request the following permissions from administrator: %s.'),
+      permissions.join(', ')
+    );
+  }
+  return msg;
+};

data/webpack/routes/OvalContents/OvalContentsIndex/OvalContentsIndex.js CHANGED Viewed

@@ -33,6 +33,7 @@ const OvalContentsIndex = props => {
         resultPath="ovalContents.nodes"
         pagination={pagination}
         emptyStateTitle={__('No OVAL Contents found.')}
+        permissions={['view_oval_contents']}
       />
     </IndexLayout>
   );

data/webpack/routes/OvalContents/OvalContentsIndex/OvalContentsTable.js CHANGED Viewed

@@ -6,10 +6,18 @@ import withLoading from '../../../components/withLoading';
 import IndexTable from '../../../components/IndexTable';
 const OvalContentsTable = props => {
-  const columns = [{ title: __('Name') }];
+  const columns = [
+    { title: __('Name') },
+    { title: __('URL') },
+    { title: __('Original File Name') },
+  ];
   const rows = props.ovalContents.map(ovalContent => ({
-    cells: [{ title: ovalContent.name }],
+    cells: [
+      { title: ovalContent.name },
+      { title: ovalContent.url || '' },
+      { title: ovalContent.originalFilename || '' },
+    ],
     ovalContent,
   }));

data/webpack/routes/OvalContents/OvalContentsIndex/__tests__/OvalContentsIndex.fixtures.js CHANGED Viewed

@@ -1,98 +1,112 @@
 import ovalContentsQuery from '../../../../graphql/queries/ovalContents.gql';
 import { ovalContentsPath } from '../../../../helpers/pathsHelper';
-import { mockFactory } from '../../../../testHelper';
+import {
+  mockFactory,
+  admin,
+  intruder,
+  userFactory,
+} from '../../../../testHelper';
 const ovalContentMockFactory = mockFactory('ovalContents', ovalContentsQuery);
-export const mocks = [
-  {
-    request: {
-      query: ovalContentsQuery,
-      variables: {
-        first: 20,
-        last: 20,
-      },
+const ovalContents = {
+  totalCount: 4,
+  nodes: [
+    {
+      __typename: 'ForemanOpenscap::OvalContent',
+      id: 'abc',
+      name: 'ansible OVAL content',
+      url:
+        'http://oval-content-source/security/data/oval/ansible-2-including-unpatched.oval.xml.bz2',
+      originalFilename: '',
     },
-    result: {
-      data: {
-        ovalContents: {
-          totalCount: 4,
-          nodes: [
-            {
-              id: 'abc',
-              name: 'ansible OVAL content',
-              url:
-                'http://oval-content-source/security/data/oval/ansible-2-including-unpatched.oval.xml.bz2',
-              originalFilename: '',
-            },
-            {
-              id: 'bcd',
-              name: 'dotnet OVAL content',
-              url:
-                'http://oval-content-source/security/data/oval/dotnet-2.2.oval.xml.bz2',
-              originalFilename: '',
-            },
-            {
-              id: 'cde',
-              name: 'jboss OVAL content',
-              url: '',
-              originalFilename: 'jboss.oval.xml.bz2',
-            },
-            {
-              id: 'def',
-              name: 'openshift OVAL content',
-              url: '',
-              originalFilename: 'openshift.oval.xml.bz2',
-            },
-          ],
-        },
-      },
+    {
+      __typename: 'ForemanOpenscap::OvalContent',
+      id: 'bcd',
+      name: 'dotnet OVAL content',
+      url:
+        'http://oval-content-source/security/data/oval/dotnet-2.2.oval.xml.bz2',
+      originalFilename: '',
     },
-  },
-];
+    {
+      __typename: 'ForemanOpenscap::OvalContent',
+      id: 'cde',
+      name: 'jboss OVAL content',
+      url: '',
+      originalFilename: 'jboss.oval.xml.bz2',
+    },
+    {
+      __typename: 'ForemanOpenscap::OvalContent',
+      id: 'def',
+      name: 'openshift OVAL content',
+      url: '',
+      originalFilename: 'openshift.oval.xml.bz2',
+    },
+  ],
+};
-export const paginatedMocks = [
-  {
-    request: {
-      query: ovalContentsQuery,
-      variables: {
-        first: 10,
-        last: 5,
-      },
+const paginatedOvalContents = {
+  totalCount: 7,
+  nodes: [
+    {
+      __typename: 'ForemanOpenscap::OvalContent',
+      id: 'bcd',
+      name: 'dotnet OVAL content',
+      url:
+        'http://oval-content-source/security/data/oval/dotnet-2.2.oval.xml.bz2',
+      originalFilename: '',
     },
-    result: {
-      data: {
-        ovalContents: {
-          totalCount: 7,
-          nodes: [
-            {
-              id: 'bcd',
-              name: 'dotnet OVAL content',
-              url:
-                'http://oval-content-source/security/data/oval/dotnet-2.2.oval.xml.bz2',
-              originalFilename: '',
-            },
-            {
-              id: 'def',
-              name: 'openshift OVAL content',
-              url: '',
-              originalFilename: 'openshift.oval.xml.bz2',
-            },
-          ],
-        },
-      },
+    {
+      __typename: 'ForemanOpenscap::OvalContent',
+      id: 'def',
+      name: 'openshift OVAL content',
+      url: '',
+      originalFilename: 'openshift.oval.xml.bz2',
     },
+  ],
+};
+const viewer = userFactory('viewer', [
+  {
+    __typename: 'Permission',
+    id: 'MDE6UGVybWlzc2lvbi0yOTY=',
+    name: 'view_oval_contents',
   },
-];
+]);
+export const mocks = ovalContentMockFactory(
+  { first: 20, last: 20 },
+  ovalContents,
+  { currentUser: admin }
+);
+export const paginatedMocks = ovalContentMockFactory(
+  { first: 10, last: 5 },
+  paginatedOvalContents,
+  { currentUser: admin }
+);
 export const emptyMocks = ovalContentMockFactory(
   { first: 20, last: 20 },
-  { totalCount: 0, nodes: [] }
+  { totalCount: 0, nodes: [] },
+  { currentUser: admin }
 );
 export const errorMocks = ovalContentMockFactory(
   { first: 20, last: 20 },
   { totalCount: 0, nodes: [] },
-  [{ message: 'Something very bad happened.' }]
+  { errors: [{ message: 'Something very bad happened.' }], currentUser: admin }
+);
+export const viewerMocks = ovalContentMockFactory(
+  { first: 20, last: 20 },
+  ovalContents,
+  { currentUser: viewer }
+);
+export const unauthorizedMocks = ovalContentMockFactory(
+  { first: 20, last: 20 },
+  ovalContents,
+  { currentUser: intruder }
 );
 export const pushMock = jest.fn();

data/webpack/routes/OvalContents/OvalContentsIndex/__tests__/OvalContentsIndex.test.js CHANGED Viewed

@@ -16,6 +16,8 @@ import {
   pagePaginationHistoryMock,
   emptyMocks,
   errorMocks,
+  viewerMocks,
+  unauthorizedMocks,
 } from './OvalContentsIndex.fixtures';
 const TestComponent = withMockedProvider(OvalContentsIndex);
@@ -29,7 +31,13 @@ describe('OvalContentsIndex', () => {
     await waitFor(tick);
     expect(screen.queryByText('Loading')).not.toBeInTheDocument();
     expect(screen.getByText('ansible OVAL content')).toBeInTheDocument();
+    expect(
+      screen.getByText(
+        'http://oval-content-source/security/data/oval/ansible-2-including-unpatched.oval.xml.bz2'
+      )
+    ).toBeInTheDocument();
     expect(screen.getByText('openshift OVAL content')).toBeInTheDocument();
+    expect(screen.getByText('openshift.oval.xml.bz2')).toBeInTheDocument();
     const pageItems = container.querySelector('.pf-c-pagination__total-items');
     expect(within(pageItems).getByText(/1 - 4/)).toBeInTheDocument();
     expect(within(pageItems).getByText('of')).toBeInTheDocument();
@@ -72,4 +80,22 @@ describe('OvalContentsIndex', () => {
     ).toBeInTheDocument();
     expect(screen.getByText('Error!')).toBeInTheDocument();
   });
+  it('should load page for user with permissions', async () => {
+    render(<TestComponent history={historyMock} mocks={viewerMocks} />);
+    await waitFor(tick);
+    expect(screen.queryByText('Loading')).not.toBeInTheDocument();
+    expect(screen.getByText('ansible OVAL content')).toBeInTheDocument();
+  });
+  it('should not load page for user without permissions', async () => {
+    render(<TestComponent history={historyMock} mocks={unauthorizedMocks} />);
+    await waitFor(tick);
+    expect(screen.queryByText('Loading')).not.toBeInTheDocument();
+    expect(screen.queryByText('ansible OVAL content')).not.toBeInTheDocument();
+    expect(
+      screen.getByText(
+        'You are not authorized to view the page. Request the following permissions from administrator: view_oval_contents.'
+      )
+    ).toBeInTheDocument();
+    expect(screen.getByText('Permission denied')).toBeInTheDocument();
+  });
 });

data/webpack/routes/OvalPolicies/OvalPoliciesIndex/OvalPoliciesIndex.js CHANGED Viewed

@@ -34,6 +34,7 @@ const OvalPoliciesIndex = props => {
         resultPath="ovalPolicies.nodes"
         pagination={pagination}
         emptyStateTitle={__('No OVAL Policies found')}
+        permissions={['view_oval_policies']}
       />
     </IndexLayout>
   );

data/webpack/routes/OvalPolicies/OvalPoliciesIndex/__tests__/OvalPoliciesIndex.fixtures.js CHANGED Viewed

@@ -1,6 +1,11 @@
 import policiesQuery from '../../../../graphql/queries/ovalPolicies.gql';
 import { ovalPoliciesPath } from '../../../../helpers/pathsHelper';
-import { mockFactory } from '../../../../testHelper';
+import {
+  mockFactory,
+  admin,
+  intruder,
+  userFactory,
+} from '../../../../testHelper';
 const policiesMockFactory = mockFactory('ovalPolicies', policiesQuery);
@@ -14,48 +19,77 @@ export const pageParamsHistoryMock = {
   push: pushMock,
 };
+const policiesMocks = {
+  totalCount: 2,
+  nodes: [
+    {
+      __typename: 'ForemanOpenscap::OvalPolicy',
+      id: 'abc',
+      name: 'first policy',
+      ovalContent: { name: 'first content' },
+    },
+    {
+      __typename: 'ForemanOpenscap::OvalPolicy',
+      id: 'xyz',
+      name: 'second policy',
+      ovalContent: { name: 'second content' },
+    },
+  ],
+};
+const pagedPoliciesMocks = {
+  totalCount: 7,
+  nodes: [
+    {
+      __typename: 'ForemanOpenscap::OvalPolicy',
+      id: 'xyz',
+      name: 'sixth policy',
+      ovalContent: { name: 'sixth content' },
+    },
+    {
+      __typename: 'ForemanOpenscap::OvalPolicy',
+      id: 'abc',
+      name: 'seventh policy',
+      ovalContent: { name: 'seventh content' },
+    },
+  ],
+};
+const viewer = userFactory('viewer', [
+  {
+    __typename: 'Permission',
+    id: 'MDE6UGVybWlzc2lvbi0yOTY=',
+    name: 'view_oval_policies',
+  },
+]);
 export const mocks = policiesMockFactory(
   { first: 20, last: 20 },
-  {
-    totalCount: 2,
-    nodes: [
-      {
-        id: 'abc',
-        name: 'first policy',
-        ovalContent: { name: 'first content' },
-      },
-      {
-        id: 'xyz',
-        name: 'second policy',
-        ovalContent: { name: 'second content' },
-      },
-    ],
-  }
+  policiesMocks,
+  { currentUser: admin }
 );
 export const pageParamsMocks = policiesMockFactory(
   { first: 10, last: 5 },
-  {
-    totalCount: 7,
-    nodes: [
-      {
-        id: 'xyz',
-        name: 'sixth policy',
-        ovalContent: { name: 'sixth content' },
-      },
-      {
-        id: 'abc',
-        name: 'seventh policy',
-        ovalContent: { name: 'seventh content' },
-      },
-    ],
-  }
+  pagedPoliciesMocks,
+  { currentUser: admin }
 );
 export const emptyMocks = policiesMockFactory(
   { first: 20, last: 20 },
-  { totalCount: 0, nodes: [] }
+  { totalCount: 0, nodes: [] },
+  { currentUser: admin }
 );
 export const errorMocks = policiesMockFactory(
   { first: 20, last: 20 },
   { totalCount: 0, nodes: [] },
-  [{ message: 'Something very bad happened.' }]
+  { errors: [{ message: 'Something very bad happened.' }], currentUser: admin }
+);
+export const viewerMocks = policiesMockFactory(
+  { first: 20, last: 20 },
+  policiesMocks,
+  { currentUser: viewer }
+);
+export const unauthorizedMocks = policiesMockFactory(
+  { first: 20, last: 20 },
+  policiesMocks,
+  { currentUser: intruder }
 );

data/webpack/routes/OvalPolicies/OvalPoliciesIndex/__tests__/OvalPoliciesIndex.test.js CHANGED Viewed

@@ -18,6 +18,8 @@ import {
   pageParamsHistoryMock,
   emptyMocks,
   errorMocks,
+  viewerMocks,
+  unauthorizedMocks,
 } from './OvalPoliciesIndex.fixtures';
 import OvalPoliciesIndex from '../OvalPoliciesIndex';
@@ -75,4 +77,22 @@ describe('OvalPoliciesIndex', () => {
     ).toBeInTheDocument();
     expect(screen.getByText('Error!')).toBeInTheDocument();
   });
+  it('should load page for user with permissions', async () => {
+    render(<TestComponent history={historyMock} mocks={viewerMocks} />);
+    await waitFor(tick);
+    expect(screen.queryByText('Loading')).not.toBeInTheDocument();
+    expect(screen.getByText('first policy')).toBeInTheDocument();
+  });
+  it('should not load page for user without permissions', async () => {
+    render(<TestComponent history={historyMock} mocks={unauthorizedMocks} />);
+    await waitFor(tick);
+    expect(screen.queryByText('Loading')).not.toBeInTheDocument();
+    expect(screen.queryByText('first policy')).not.toBeInTheDocument();
+    expect(
+      screen.getByText(
+        'You are not authorized to view the page. Request the following permissions from administrator: view_oval_policies.'
+      )
+    ).toBeInTheDocument();
+    expect(screen.getByText('Permission denied')).toBeInTheDocument();
+  });
 });

data/webpack/routes/OvalPolicies/OvalPoliciesShow/CvesTab.js CHANGED Viewed

@@ -36,6 +36,7 @@ const CvesTab = props => {
       resultPath="cves.nodes"
       pagination={pagination}
       emptyStateTitle={__('No CVEs found.')}
+      permissions={['view_oval_policies']}
     />
   );
 };

data/webpack/routes/OvalPolicies/OvalPoliciesShow/__tests__/OvalPoliciesShow.fixtures.js CHANGED Viewed

@@ -1,4 +1,4 @@
-import { mockFactory } from '../../../../testHelper';
+import { mockFactory, admin, intruder } from '../../../../testHelper';
 import ovalPolicyQuery from '../../../../graphql/queries/ovalPolicy.gql';
 import cvesQuery from '../../../../graphql/queries/cves.gql';
@@ -70,9 +70,18 @@ export const historyWithSearch = {
 export const policyDetailMock = policyDetailMockFactory(
   { id: ovalPolicy.id },
-  ovalPolicy
+  ovalPolicy,
+  { currentUser: admin }
 );
+export const policyUnauthorizedMock = policyDetailMockFactory(
+  { id: ovalPolicy.id },
+  ovalPolicy,
+  { currentUser: intruder }
+);
 export const policyCvesMock = cvesMockFactory(
   { search: `oval_policy_id = ${ovalPolicyId}`, first: 5, last: 5 },
-  cvesResult
+  cvesResult,
+  { currentUser: admin }
 );

data/webpack/routes/OvalPolicies/OvalPoliciesShow/__tests__/OvalPoliciesShow.test.js CHANGED Viewed

@@ -20,6 +20,7 @@ import {
   pushMock,
   policyCvesMock,
   ovalPolicyId,
+  policyUnauthorizedMock,
 } from './OvalPoliciesShow.fixtures';
 const TestComponent = withRouter(withMockedProvider(OvalPoliciesShow));
@@ -67,6 +68,22 @@ describe('OvalPoliciesShow', () => {
     expect(screen.queryByText('Loading')).not.toBeInTheDocument();
     expect(screen.getByText('Weekly, on tuesday')).toBeInTheDocument();
   });
+  it('should not load the page when user does not have permissions', async () => {
+    render(
+      <TestComponent
+        history={historyMock}
+        match={{ params: { id: ovalPolicyId }, path: ovalPoliciesShowPath }}
+        mocks={policyUnauthorizedMock}
+      />
+    );
+    await waitFor(tick);
+    expect(screen.queryByText('Loading')).not.toBeInTheDocument();
+    expect(
+      screen.getByText(
+        'You are not authorized to view the page. Request the following permissions from administrator: view_oval_policies.'
+      )
+    ).toBeInTheDocument();
+  });
   it('should load CVEs tab when specified in URL', async () => {
     const mocks = policyDetailMock.concat(policyCvesMock);
     render(

data/webpack/routes/OvalPolicies/OvalPoliciesShow/index.js CHANGED Viewed

@@ -24,6 +24,7 @@ const WrappedOvalPoliciesShow = props => {
       renameData={renameData}
       resultPath="ovalPolicy"
       emptyStateTitle={__('No OVAL Policy found')}
+      permissions={['view_oval_policies']}
     />
   );
 };

data/webpack/testHelper.js CHANGED Viewed

@@ -24,7 +24,7 @@ export const withMockedProvider = Component => props => {
   return (
     <ForemanContext.Provider value={ctx}>
-      <MockedProvider mocks={mocks} addTypename={false}>
+      <MockedProvider mocks={mocks}>
         <Component {...rest} />
       </MockedProvider>
     </ForemanContext.Provider>
@@ -40,10 +40,38 @@ export const historyMock = {
   },
 };
+export const admin = {
+  __typename: 'User',
+  id: 'MDE6VXNlci00',
+  login: 'admin',
+  admin: true,
+  permissions: {
+    nodes: [],
+  },
+};
+export const userFactory = (login, permissions = []) => ({
+  __typename: 'User',
+  id: 'MDE6VXNlci01',
+  login,
+  admin: false,
+  permissions: {
+    nodes: permissions,
+  },
+});
+export const intruder = userFactory('intruder', [
+  {
+    __typename: 'Permission',
+    id: 'MDE6UGVybWlzc2lvbi0x',
+    name: 'view_architectures',
+  },
+]);
 export const mockFactory = (resultName, query) => (
   variables,
   modelResults,
-  errors = []
+  { errors = [], currentUser = null }
 ) => {
   const mock = {
     request: {
@@ -60,5 +88,9 @@ export const mockFactory = (resultName, query) => (
   if (errors.length !== 0) {
     mock.result.errors = errors;
   }
+  if (currentUser) {
+    mock.result.data.currentUser = currentUser;
+  }
   return [mock];
 };

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: foreman_openscap
 version: !ruby/object:Gem::Version
-  version: 4.3.3
+  version: 5.0.0
 platform: ruby
 authors:
 - slukasik@redhat.com
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2021-07-13 00:00:00.000000000 Z
+date: 2021-08-27 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rake
@@ -430,6 +430,7 @@ files:
 - webpack/components/RuleSeverity/index.js
 - webpack/components/withLoading.js
 - webpack/global_index.js
+- webpack/graphql/queries/currentUserAttributes.gql
 - webpack/graphql/queries/cves.gql
 - webpack/graphql/queries/ovalContents.gql
 - webpack/graphql/queries/ovalPolicies.gql
@@ -438,6 +439,7 @@ files:
 - webpack/helpers/globalIdHelper.js
 - webpack/helpers/pageParamsHelper.js
 - webpack/helpers/pathsHelper.js
+- webpack/helpers/permissionsHelper.js
 - webpack/helpers/tableHelper.js
 - webpack/index.js
 - webpack/routes/OvalContents/OvalContentsIndex/OvalContentsIndex.js
@@ -501,7 +503,6 @@ test_files:
 - test/files/tailoring_files/ssg-firefox-ds-tailoring-2.xml
 - test/files/tailoring_files/ssg-firefox-ds-tailoring.xml
 - test/files/oval_contents/ansible-2.9.oval.xml.bz2
-- test/functional/api/v2/compliance/policies_controller_test.rb
 - test/functional/api/v2/compliance/scap_content_profiles_controller_test.rb
 - test/functional/api/v2/compliance/scap_contents_controller_test.rb
 - test/functional/api/v2/compliance/tailoring_files_controller_test.rb
@@ -509,6 +510,7 @@ test_files:
 - test/functional/api/v2/compliance/oval_contents_controller_test.rb
 - test/functional/api/v2/compliance/oval_policies_controller_test.rb
 - test/functional/api/v2/compliance/oval_reports_controller_test.rb
+- test/functional/api/v2/compliance/policies_controller_test.rb
 - test/functional/api/v2/hosts_controller_test.rb
 - test/functional/arf_reports_controller_test.rb
 - test/functional/openscap_proxies_controller_test.rb
@@ -525,18 +527,18 @@ test_files:
 - test/unit/openscap_host_test.rb
 - test/unit/policy_mailer_test.rb
 - test/unit/scap_content_test.rb
-- test/unit/services/config_name_service_test.rb
-- test/unit/services/hostgroup_overrider_test.rb
-- test/unit/services/lookup_key_overrider_test.rb
 - test/unit/services/report_dashboard/data_test.rb
 - test/unit/services/tailoring_files_proxy_check_test.rb
 - test/unit/services/oval/cves_test.rb
 - test/unit/services/oval/setup_test.rb
+- test/unit/services/config_name_service_test.rb
+- test/unit/services/hostgroup_overrider_test.rb
+- test/unit/services/lookup_key_overrider_test.rb
 - test/unit/tailoring_file_test.rb
-- test/unit/policy_test.rb
 - test/unit/oval_host_test.rb
 - test/unit/oval_policy_test.rb
 - test/unit/oval_status_test.rb
+- test/unit/policy_test.rb
 - test/fixtures/cve_fixtures.rb
 - test/graphql/queries/oval_contents_query_test.rb
 - test/graphql/queries/oval_policies_query_test.rb