openscap 0.3.0 → 0.4.0

data/test/ds/arf_test.rb

@@ -13,7 +13,7 @@ require 'openscap'
 require 'openscap/ds/arf'
 require 'common/testcase'
 
-class TestSession < OpenSCAP::TestCase
+class TestArf < OpenSCAP::TestCase
   def test_arf_new_nil
     msg = nil
     begin
@@ -22,32 +22,58 @@ class TestSession < OpenSCAP::TestCase
     rescue OpenSCAP::OpenSCAPError => e
       msg = e.to_s
     end
-    assert msg.start_with?("No filename specified!"), "Message was: " + msg
+    assert msg.start_with?("Cannot initialize OpenSCAP::DS:Arf with ''"), "Message was: " + msg
   end
 
   def test_arf_new_wrong_format
     msg = nil
     begin
-      s = OpenSCAP::DS::Arf.new("data/xccdf.xml")
+      s = OpenSCAP::DS::Arf.new("../data/xccdf.xml")
       assert false
     rescue OpenSCAP::OpenSCAPError => e
       msg = e.to_s
     end
-    assert msg.start_with?('failed to load external entity "data/xccdf.xml"'), "Message was: " + msg
     assert msg.include?('Could not create Result DataStream session: File is not Result DataStream.'),
         "Message was: " + msg
   end
 
   def test_create_arf_and_get_html
+    arf = new_arf
+    html = arf.html
+    arf.destroy
+    assert html.start_with?('<!DOCTYPE html><html'), "DOCTYPE missing."
+    assert html.include?('OpenSCAP')
+    assert html.include?('Compliance and Scoring')
+  end
+
+  def test_create_arf_and_get_profile
+    arf = new_arf
+    tr = arf.test_result
+    assert tr.profile == 'xccdf_moc.elpmaxe.www_profile_1',
+      "TestResult.profile was '#{tr.profile}'"
+    tr.destroy
+    arf.destroy
+  end
+
+  def test_new_memory
+    create_arf
+    raw_data = File.read("report.rds.xml")
+    assert raw_data.length > 0
+    arf = OpenSCAP::DS::Arf.new :content => raw_data, :path => "report.rds.xml"
+    arf.destroy
+  end
+
+  private
+  def new_arf
+    create_arf
+    arf = OpenSCAP::DS::Arf.new("report.rds.xml")
+  end
+
+  def create_arf
     @s = OpenSCAP::Xccdf::Session.new("../data/sds-complex.xml")
     @s.load(:component_id => "scap_org.open-scap_cref_second-xccdf.xml")
     @s.profile = "xccdf_moc.elpmaxe.www_profile_1"
     @s.evaluate
     @s.export_results(:rds_file => "report.rds.xml")
-    arf = OpenSCAP::DS::Arf.new("report.rds.xml")
-    html = arf.html
-    assert html.start_with?('<!DOCTYPE html><html'), "DOCTYPE missing."
-    assert html.include?('OpenSCAP')
-    assert html.include?('Compliance and Scoring')
   end
-end
+end

data/test/ds/sds_test.rb

@@ -0,0 +1,79 @@
+#
+# Copyright (c) 2014 Red Hat Inc.
+#
+# This software is licensed to you under the GNU General Public License,
+# version 2 (GPLv2). There is NO WARRANTY for this software, express or
+# implied, including the implied warranties of MERCHANTABILITY or FITNESS
+# FOR A PARTICULAR PURPOSE. You should have received a copy of GPLv2
+# along with this software; if not, see
+# http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt.
+#
+
+require 'openscap'
+require 'openscap/source'
+require 'openscap/ds/sds'
+require 'common/testcase'
+
+class TestSds < OpenSCAP::TestCase
+  def test_new
+    new_sds.destroy
+  end
+
+  def test_new_non_sds
+    filename = '../data/xccdf.xml'
+    @s = OpenSCAP::Source.new filename
+    assert !@s.nil?
+    msg = nil
+    begin
+      sds = OpenSCAP::DS::Sds.new :source => @s
+      assert false
+    rescue OpenSCAP::OpenSCAPError => e
+      msg = e.to_s
+    end
+    assert msg.start_with?('Could not create Source DataStream session: File is not Source DataStream.'), msg
+  end
+
+  def test_select_checklist
+    sds = new_sds
+    benchmark = sds.select_checklist!
+    assert !benchmark.nil?
+    sds.destroy
+  end
+
+  def test_show_guides
+    sds = new_sds
+    benchmark_source = sds.select_checklist!
+    benchmark = OpenSCAP::Xccdf::Benchmark.new benchmark_source
+    benchmark.profiles.keys.each { |id|
+      guide = sds.html_guide id
+      assert !guide.nil?
+      assert guide.include?(id)
+    }
+    benchmark.destroy
+    sds.destroy
+  end
+
+  def tests_select_checklist_wrong
+    sds = new_sds
+    msg = nil
+    begin
+      benchmark = sds.select_checklist! :datastream_id => "wrong"
+      assert false
+    rescue OpenSCAP::OpenSCAPError => e
+      msg = e.to_s
+    end
+    assert msg.start_with?('Failed to locate a datastream with ID matching'), msg
+    assert benchmark.nil?
+    sds.destroy
+  end
+
+  private
+  def new_sds
+    filename = '../data/sds-complex.xml'
+    @s = OpenSCAP::Source.new filename
+    assert !@s.nil?
+    sds = OpenSCAP::DS::Sds.new :source => @s
+    assert !sds.nil?
+    return sds
+  end
+end

data/test/integration/arf_waiver_test.rb

@@ -0,0 +1,99 @@
+#
+# Copyright (c) 2014 Red Hat Inc.
+#
+# This software is licensed to you under the GNU General Public License,
+# version 2 (GPLv2). There is NO WARRANTY for this software, express or
+# implied, including the implied warranties of MERCHANTABILITY or FITNESS
+# FOR A PARTICULAR PURPOSE. You should have received a copy of GPLv2
+# along with this software; if not, see
+# http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt.
+#
+
+require 'openscap'
+require 'openscap/xccdf/benchmark'
+require 'openscap/xccdf/ruleresult'
+require 'openscap/xccdf/session'
+require 'openscap/xccdf/testresult'
+require 'openscap/ds/arf'
+require 'openscap/ds/sds'
+require 'common/testcase'
+
+class TestArfWaiver < OpenSCAP::TestCase
+  def test_waiver_and_score
+    assert_default_score tr.score, -1, 1
+    assert_default_score tr.score!(benchmark), -1, 1
+
+    rr.override!(:new_result => :pass,
+                 :time => 'yesterday',
+                 :authority => 'John Hacker',
+                 :raw_text => 'This should have passed')
+    rr.result == 'pass'
+
+    assert_default_score tr.score, -1, 1
+    assert_default_score tr.score!(benchmark), 99, 101
+
+    # create updated DOM (that includes the override element and new score)
+    arf.test_result=tr
+    arf.source.save('modified.rds.xml')
+    tr.destroy
+    arf.destroy
+
+    arf2 = OpenSCAP::DS::Arf.new('modified.rds.xml')
+    tr2 = arf2.test_result('xccdf1')
+    assert_default_score tr.score, 99, 101
+    rr2 = tr2.rr['xccdf_moc.elpmaxe.www_rule_first']
+    assert rr2.result == 'pass'
+    tr2.destroy
+    arf2.destroy
+  end
+
+  private
+  def benchmark
+    @benchmark ||= benchmark_init
+  end
+
+  def benchmark_init
+    sds = arf.report_request
+    bench_source = sds.select_checklist!
+    bench = OpenSCAP::Xccdf::Benchmark.new bench_source
+    sds.destroy
+    bench
+  end
+
+  def rr
+    @rr ||= rr_init
+  end
+
+  def rr_init
+    assert tr.rr.size == 1
+    rr = tr.rr['xccdf_moc.elpmaxe.www_rule_first']
+    assert rr.result == 'fail'
+    rr
+  end
+
+  def tr
+    @tr ||= tr_init
+  end
+
+  def tr_init
+    tr = arf.test_result
+    assert tr.score.size == 1
+    score = tr.score['urn:xccdf:scoring:default']
+    assert score[:system] == 'urn:xccdf:scoring:default'
+    assert score[:max] == 100.0
+    assert score[:value] == 0.0
+    tr
+  end
+
+  def arf
+    @arf ||= arf_init
+  end
+
+  def arf_init
+    @s = OpenSCAP::Xccdf::Session.new("../data/sds-complex.xml")
+    @s.load
+    @s.evaluate
+    @s.export_results(:rds_file => "report.rds.xml")
+    OpenSCAP::DS::Arf.new("report.rds.xml")
+  end
+end

data/test/source_test.rb

@@ -26,7 +26,62 @@ class TestSource < OpenSCAP::TestCase
   end
 
   def test_source_new_ok
-    s = OpenSCAP::Source.new("data/xccdf.xml")
+    s = OpenSCAP::Source.new("../data/xccdf.xml")
     s.destroy
   end
+
+  def test_source_new_memory
+    raw_data = File.read("../data/xccdf.xml")
+    assert raw_data.length > 0
+    s = OpenSCAP::Source.new(:content => raw_data, :path => '/mytestpath')
+    s.destroy
+  end
+
+  def test_type_xccdf
+    s = OpenSCAP::Source.new("../data/xccdf.xml")
+    assert s.type == 'XCCDF Checklist', "Type was #{s.type}"
+    s.validate!
+    s.destroy
+  end
+
+  def test_type_sds
+    s = OpenSCAP::Source.new("../data/sds-complex.xml")
+    assert s.type == 'SCAP Source Datastream', "Type was #{s.type}"
+    s.validate!
+    s.destroy
+  end
+
+  def test_type_test_result
+    s = OpenSCAP::Source.new("../data/testresult.xml")
+    assert s.type == 'XCCDF Checklist', "Type was #{s.type}"
+    s.validate!
+    s.destroy
+  end
+
+  def test_validate_invalid
+    s = OpenSCAP::Source.new("../data/invalid.xml")
+    msg = nil
+    begin
+      s.validate!
+      assert false
+    rescue OpenSCAP::OpenSCAPError => e
+      msg = e.to_s
+    end
+    assert msg.start_with?('Invalid XCCDF Checklist (1.2) content in ../data/invalid.xml.'),
+      "Message was: " + msg
+    assert msg.include?("../data/invalid.xml:3: Element '{http"),
+      "Message was: " + msg
+    assert msg.include?("This element is not expected. Expected is"),
+      "Message was: " + msg
+    s.destroy
+  end
+
+  def test_save
+    s = OpenSCAP::Source.new("../data/testresult.xml")
+    filename = './newly_created.xml'
+    assert !File.exists?(filename)
+    s.save(filename)
+    assert File.exists?(filename)
+    FileUtils.rm_rf filename
+  end
 end

data/test/text_test.rb

@@ -0,0 +1,28 @@
+#
+# Copyright (c) 2014 Red Hat Inc.
+#
+# This software is licensed to you under the GNU General Public License,
+# version 2 (GPLv2). There is NO WARRANTY for this software, express or
+# implied, including the implied warranties of MERCHANTABILITY or FITNESS
+# FOR A PARTICULAR PURPOSE. You should have received a copy of GPLv2
+# along with this software; if not, see
+# http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt.
+#
+
+require 'openscap'
+require 'openscap/text'
+require 'common/testcase'
+
+class TestText < OpenSCAP::TestCase
+  def test_text_new
+    t = OpenSCAP::Text.new
+    t.destroy
+  end
+
+  def test_text_set_text
+    t = OpenSCAP::Text.new
+    t.text = 'blah'
+    assert t.text == 'blah', "Text was: #{t.text}"
+    t.destroy
+  end
+end

data/test/xccdf/benchmark_test.rb

@@ -0,0 +1,48 @@
+#
+# Copyright (c) 2014 Red Hat Inc.
+#
+# This software is licensed to you under the GNU General Public License,
+# version 2 (GPLv2). There is NO WARRANTY for this software, express or
+# implied, including the implied warranties of MERCHANTABILITY or FITNESS
+# FOR A PARTICULAR PURPOSE. You should have received a copy of GPLv2
+# along with this software; if not, see
+# http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt.
+#
+
+require 'common/testcase'
+require 'openscap'
+require 'openscap/ds/sds'
+require 'openscap/source'
+require 'openscap/xccdf/benchmark'
+
+class TestBenchmark< OpenSCAP::TestCase
+  def test_new_from_file
+    @s = OpenSCAP::Source.new '../data/xccdf.xml'
+    b = OpenSCAP::Xccdf::Benchmark.new @s
+    assert !b.nil?
+    b.destroy
+  end
+
+  def test_new_from_sds
+    @s = OpenSCAP::Source.new '../data/sds-complex.xml'
+    sds = OpenSCAP::DS::Sds.new @s
+    bench_source = sds.select_checklist!
+    assert !bench_source.nil?
+    b = OpenSCAP::Xccdf::Benchmark.new bench_source
+    assert !b.nil?
+    b.destroy
+    sds.destroy
+  end
+
+  def test_new_from_wrong
+    @s = OpenSCAP::Source.new '../data/testresult.xml'
+    msg = nil
+    begin
+      bench = OpenSCAP::Xccdf::Benchmark.new @s
+      assert false
+    rescue OpenSCAP::OpenSCAPError => e
+      msg = e.to_s
+    end
+    assert msg.start_with?('Failed to import XCCDF content from'), msg
+  end
+end

data/test/xccdf/profile_test.rb

@@ -0,0 +1,29 @@
+#
+# Copyright (c) 2014 Red Hat Inc.
+#
+# This software is licensed to you under the GNU General Public License,
+# version 2 (GPLv2). There is NO WARRANTY for this software, express or
+# implied, including the implied warranties of MERCHANTABILITY or FITNESS
+# FOR A PARTICULAR PURPOSE. You should have received a copy of GPLv2
+# along with this software; if not, see
+# http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt.
+#
+
+require 'common/testcase'
+require 'openscap'
+require 'openscap/source'
+require 'openscap/xccdf/benchmark'
+require 'openscap/xccdf/profile'
+
+class TestProfile < OpenSCAP::TestCase
+  def test_new_from_file
+    @s = OpenSCAP::Source.new '../data/xccdf.xml'
+    b = OpenSCAP::Xccdf::Benchmark.new @s
+    assert !b.nil?
+    assert b.profiles.size == 1, b.profiles.to_s
+    profile1 = b.profiles['xccdf_org.ssgproject.content_profile_common']
+    assert profile1
+    assert profile1.title == 'Common Profile for General-Purpose Fedora Systems'
+    b.destroy
+  end
+end

data/test/xccdf/testresult_test.rb

@@ -0,0 +1,106 @@
+#
+# Copyright (c) 2014 Red Hat Inc.
+#
+# This software is licensed to you under the GNU General Public License,
+# version 2 (GPLv2). There is NO WARRANTY for this software, express or
+# implied, including the implied warranties of MERCHANTABILITY or FITNESS
+# FOR A PARTICULAR PURPOSE. You should have received a copy of GPLv2
+# along with this software; if not, see
+# http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt.
+#
+
+require 'openscap/source'
+require 'openscap/xccdf/benchmark'
+require 'openscap/xccdf/testresult'
+require 'common/testcase'
+
+class TestTestResult < OpenSCAP::TestCase
+  def test_testresult_new_bad
+    source = OpenSCAP::Source.new('../data/xccdf.xml')
+    assert !source.nil?
+    msg = nil
+    begin
+      s = OpenSCAP::Xccdf::TestResult.new(source)
+      assert false
+    rescue OpenSCAP::OpenSCAPError => e
+      msg = e.to_s
+    end
+    assert msg.start_with?("Expected 'TestResult' element while found 'Benchmark'."),
+        "Message was: " + msg
+  end
+
+  def test_result_create_and_query_properties
+    tr = new_tr
+    assert tr.id == 'xccdf_org.open-scap_testresult_xccdf_org.ssgproject.content_profile_common',
+        "TestResult.id was '#{tr.id}"
+    assert tr.profile == 'xccdf_org.ssgproject.content_profile_common',
+        "TestResult.profile was '#{tr.profile}'"
+    tr.destroy
+  end
+
+  def test_result_create_and_query_rr
+    tr = new_tr
+    assert tr.rr.size == 28
+    assert tr.rr.key?('xccdf_org.ssgproject.content_rule_disable_prelink')
+    assert tr.rr.key?('xccdf_org.ssgproject.content_rule_no_direct_root_logins')
+    assert 'fail' == tr.rr['xccdf_org.ssgproject.content_rule_disable_prelink'].result
+    assert 'notchecked' == tr.rr['xccdf_org.ssgproject.content_rule_no_direct_root_logins'].result
+    tr.destroy
+  end
+
+  def test_override
+    tr = new_tr
+    rr = tr.rr['xccdf_org.ssgproject.content_rule_disable_prelink']
+    assert 'fail' == rr.result
+    rr.override!(:new_result => :pass,
+                 :time => 'yesterday',
+                 :authority => 'John Hacker',
+                 :raw_text => 'We are testing prelink on this machine')
+    assert 'pass' == rr.result
+    tr.destroy
+  end
+
+  def test_score
+    tr = new_tr
+    assert_default_score tr.score, 34, 35
+    tr.destroy
+  end
+
+  def test_waive_and_score
+    tr = new_tr
+    benchmark = benchmark_for_tr
+
+    assert_default_score tr.score, 34, 35
+    assert_default_score tr.score!(benchmark), 34, 35
+
+    rr = tr.rr['xccdf_org.ssgproject.content_rule_disable_prelink']
+    assert 'fail' == rr.result
+    rr.override!(:new_result => :pass,
+                 :time => 'yesterday',
+                 :authority => 'John Hacker',
+                 :raw_text => 'We are testing prelink on this machine')
+    assert 'pass' == rr.result
+
+    assert_default_score tr.score, 34, 35
+    assert_default_score tr.score!(benchmark), 47, 48
+
+    benchmark.destroy
+    tr.destroy
+  end
+
+  private
+  def benchmark_for_tr
+    source = OpenSCAP::Source.new('../data/xccdf.xml')
+    benchmark = OpenSCAP::Xccdf::Benchmark.new source
+    source.destroy
+    benchmark
+  end
+
+  def new_tr
+    source = OpenSCAP::Source.new('../data/testresult.xml')
+    assert !source.nil?
+    tr = OpenSCAP::Xccdf::TestResult.new(source)
+    source.destroy
+    return tr
+  end
+end