openscap 0.5.0 → 0.5.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/openscap/version.rb +1 -1
- data/lib/openscap/xccdf/benchmark.rb +10 -10
- data/lib/openscap/xccdf/fix.rb +7 -14
- data/lib/openscap/xccdf/fixtext.rb +19 -0
- data/lib/openscap/xccdf/group.rb +6 -12
- data/lib/openscap/xccdf/ident.rb +4 -10
- data/lib/openscap/xccdf/item.rb +6 -6
- data/lib/openscap/xccdf/item_common.rb +1 -1
- data/lib/openscap/xccdf/policy.rb +3 -4
- data/lib/openscap/xccdf/policy_model.rb +6 -14
- data/lib/openscap/xccdf/profile.rb +2 -2
- data/lib/openscap/xccdf/reference.rb +5 -21
- data/lib/openscap/xccdf/rule.rb +32 -8
- data/lib/openscap/xccdf/ruleresult.rb +5 -7
- data/lib/openscap/xccdf/session.rb +11 -11
- data/lib/openscap/xccdf/status.rb +1 -2
- data/lib/openscap/xccdf/tailoring.rb +6 -12
- data/lib/openscap/xccdf/testresult.rb +12 -16
- data/lib/openscap/xccdf/value.rb +1 -2
- metadata +5 -27
- data/test/common/testcase.rb +0 -38
- data/test/data/arf.xml +0 -275156
- data/test/data/invalid.xml +0 -20
- data/test/data/sds-complex.xml +0 -132
- data/test/data/tailoring.xml +0 -31
- data/test/data/testresult.xml +0 -225
- data/test/data/xccdf.xml +0 -3047
- data/test/ds/arf_test.rb +0 -96
- data/test/ds/sds_test.rb +0 -89
- data/test/integration/arf_waiver_test.rb +0 -91
- data/test/openscap_test.rb +0 -21
- data/test/source_test.rb +0 -78
- data/test/text_test.rb +0 -19
- data/test/xccdf/arf_test.rb +0 -43
- data/test/xccdf/benchmark_test.rb +0 -201
- data/test/xccdf/item_test.rb +0 -82
- data/test/xccdf/policy_test.rb +0 -48
- data/test/xccdf/profile_test.rb +0 -62
- data/test/xccdf/session_ds_test.rb +0 -116
- data/test/xccdf/session_test.rb +0 -33
- data/test/xccdf/tailoring_test.rb +0 -30
- data/test/xccdf/testresult_test.rb +0 -99
- data/test/xccdf/value_test.rb +0 -67
data/test/xccdf/item_test.rb
DELETED
@@ -1,82 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
require 'openscap'
|
4
|
-
require 'openscap/xccdf/benchmark'
|
5
|
-
require 'common/testcase'
|
6
|
-
|
7
|
-
class ItemTest < OpenSCAP::TestCase
|
8
|
-
def test_description_html
|
9
|
-
expected_markup = "\n" \
|
10
|
-
"Most of the actions listed in this document are written with the\n" \
|
11
|
-
"assumption that they will be executed by the root user running the\n" \
|
12
|
-
"<xhtml:code xmlns:xhtml=\"http://www.w3.org/1999/xhtml\">/bin/bash</xhtml:code> shell. Commands preceded with a hash mark (#)\n" \
|
13
|
-
"assume that the administrator will execute the commands as root, i.e.\n" \
|
14
|
-
"apply the command via <xhtml:code xmlns:xhtml=\"http://www.w3.org/1999/xhtml\">sudo</xhtml:code> whenever possible, or use\n" \
|
15
|
-
"<xhtml:code xmlns:xhtml=\"http://www.w3.org/1999/xhtml\">su</xhtml:code> to gain root privileges if <xhtml:code xmlns:xhtml=\"http://www.w3.org/1999/xhtml\">sudo</xhtml:code> cannot be\n" \
|
16
|
-
"used. Commands which can be executed as a non-root user are are preceded\n" \
|
17
|
-
"by a dollar sign ($) prompt.\n"
|
18
|
-
with_item 'xccdf_org.ssgproject.content_group_intro-root-shell-assumed' do |item|
|
19
|
-
assert_equal item.description(markup: true), expected_markup
|
20
|
-
end
|
21
|
-
end
|
22
|
-
|
23
|
-
def test_rationale_html
|
24
|
-
expected_markup = "\n" \
|
25
|
-
"For AIDE to be effective, an initial database of <i xmlns=\"http://www.w3.org/1999/xhtml\">\"known-good\"</i> information about files\n" \
|
26
|
-
"must be captured and it should be able to be verified against the installed files.\n"
|
27
|
-
with_item 'xccdf_org.ssgproject.content_rule_aide_build_database' do |item|
|
28
|
-
assert_equal item.rationale(markup: true), expected_markup
|
29
|
-
end
|
30
|
-
end
|
31
|
-
|
32
|
-
def test_missing_rationale
|
33
|
-
with_item 'xccdf_org.ssgproject.content_group_intro' do |item_sans_rationale|
|
34
|
-
assert_equal item_sans_rationale.rationale(markup: true), nil
|
35
|
-
end
|
36
|
-
end
|
37
|
-
|
38
|
-
def test_version
|
39
|
-
with_item 'xccdf_org.ssgproject.content_group_intro' do |item_sans_version|
|
40
|
-
assert_nil item_sans_version.version
|
41
|
-
end
|
42
|
-
end
|
43
|
-
|
44
|
-
def test_references
|
45
|
-
with_item 'xccdf_org.ssgproject.content_rule_disable_prelink' do |item|
|
46
|
-
item.references.tap do |refs|
|
47
|
-
assert_equal refs.length, 4
|
48
|
-
assert_equal refs.collect(&:title), ['CM-6(d)', 'CM-6(3)', 'SC-28', 'SI-7']
|
49
|
-
assert_equal refs.collect(&:href).uniq, ['http://csrc.nist.gov/publications/nistpubs/800-53-Rev3/sp800-53-rev3-final.pdf']
|
50
|
-
end
|
51
|
-
end
|
52
|
-
end
|
53
|
-
|
54
|
-
def test_warnings
|
55
|
-
expected_text = 'If verbose logging to <xhtml:code xmlns:xhtml="http://www.w3.org/1999/xhtml">vsftpd.log</xhtml:code> is done, sparse logging of downloads to <xhtml:code xmlns:xhtml="http://www.w3.org/1999/xhtml">/var/log/xferlog</xhtml:code> will not also occur. However, the information about what files were downloaded is included in the information logged to <xhtml:code xmlns:xhtml="http://www.w3.org/1999/xhtml">vsftpd.log</xhtml:code>'
|
56
|
-
with_item 'xccdf_org.ssgproject.content_rule_ftp_log_transactions' do |item|
|
57
|
-
warns = item.warnings
|
58
|
-
assert_equal warns.length, 1
|
59
|
-
warning = warns[0]
|
60
|
-
assert warning.instance_of?(Hash)
|
61
|
-
assert warning.keys.length == 2
|
62
|
-
assert warning[:category] == :general
|
63
|
-
assert warning[:text].text == expected_text
|
64
|
-
end
|
65
|
-
end
|
66
|
-
|
67
|
-
private
|
68
|
-
|
69
|
-
def with_item(id, &)
|
70
|
-
with_benchmark do |b|
|
71
|
-
item = b.items[id]
|
72
|
-
refute_nil item
|
73
|
-
yield item
|
74
|
-
end
|
75
|
-
end
|
76
|
-
|
77
|
-
def with_benchmark(&)
|
78
|
-
OpenSCAP::Source.new '../data/xccdf.xml' do |source|
|
79
|
-
OpenSCAP::Xccdf::Benchmark.new(source, &)
|
80
|
-
end
|
81
|
-
end
|
82
|
-
end
|
data/test/xccdf/policy_test.rb
DELETED
@@ -1,48 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
require 'common/testcase'
|
4
|
-
require 'openscap'
|
5
|
-
require 'openscap/source'
|
6
|
-
require 'openscap/xccdf/benchmark'
|
7
|
-
require 'openscap/xccdf/policy'
|
8
|
-
require 'openscap/xccdf/policy_model'
|
9
|
-
|
10
|
-
class TestPolicy < OpenSCAP::TestCase
|
11
|
-
def test_new_policy_model
|
12
|
-
with_policy_model do |pm|
|
13
|
-
assert pm.policies.size == 1, pm.policies.to_s
|
14
|
-
assert pm.policies['xccdf_org.ssgproject.content_profile_common']
|
15
|
-
end
|
16
|
-
end
|
17
|
-
|
18
|
-
def test_profile_getter
|
19
|
-
with_policy do |policy|
|
20
|
-
profile = policy.profile
|
21
|
-
assert_equal profile.id, 'xccdf_org.ssgproject.content_profile_common'
|
22
|
-
end
|
23
|
-
end
|
24
|
-
|
25
|
-
def test_selects_item
|
26
|
-
with_policy do |policy|
|
27
|
-
assert policy.selects_item?('xccdf_org.ssgproject.content_rule_disable_prelink')
|
28
|
-
refute policy.selects_item?('xccdf_org.ssgproject.content_rule_disable_vsftpd')
|
29
|
-
end
|
30
|
-
end
|
31
|
-
|
32
|
-
private
|
33
|
-
|
34
|
-
def with_policy(&)
|
35
|
-
with_policy_model do |pm|
|
36
|
-
yield pm.policies['xccdf_org.ssgproject.content_profile_common']
|
37
|
-
end
|
38
|
-
end
|
39
|
-
|
40
|
-
def with_policy_model(&)
|
41
|
-
OpenSCAP::Source.new '../data/xccdf.xml' do |source|
|
42
|
-
OpenSCAP::Xccdf::Benchmark.new source do |bench|
|
43
|
-
assert !bench.nil?
|
44
|
-
yield bench.policy_model
|
45
|
-
end
|
46
|
-
end
|
47
|
-
end
|
48
|
-
end
|
data/test/xccdf/profile_test.rb
DELETED
@@ -1,62 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
require 'common/testcase'
|
4
|
-
require 'openscap'
|
5
|
-
require 'openscap/source'
|
6
|
-
require 'openscap/xccdf/benchmark'
|
7
|
-
require 'openscap/xccdf/profile'
|
8
|
-
|
9
|
-
class TestProfile < OpenSCAP::TestCase
|
10
|
-
def test_new_from_file
|
11
|
-
with_profile do |p|
|
12
|
-
assert p.title == 'Common Profile for General-Purpose Fedora Systems'
|
13
|
-
end
|
14
|
-
end
|
15
|
-
|
16
|
-
def test_description_html
|
17
|
-
with_profile do |p|
|
18
|
-
assert_equal p.description, 'This profile contains items common to general-purpose Fedora installations.'
|
19
|
-
end
|
20
|
-
end
|
21
|
-
|
22
|
-
def test_status
|
23
|
-
with_profile do |p|
|
24
|
-
assert_nil p.status_current&.status
|
25
|
-
end
|
26
|
-
end
|
27
|
-
|
28
|
-
def test_version
|
29
|
-
with_profile do |p|
|
30
|
-
assert_equal p.version, '3.2.1'
|
31
|
-
end
|
32
|
-
end
|
33
|
-
|
34
|
-
def test_references
|
35
|
-
with_profile do |p|
|
36
|
-
assert_equal p.references, []
|
37
|
-
end
|
38
|
-
end
|
39
|
-
|
40
|
-
def test_abstract
|
41
|
-
with_profile do |p|
|
42
|
-
assert_false p.abstract?
|
43
|
-
end
|
44
|
-
end
|
45
|
-
|
46
|
-
private
|
47
|
-
|
48
|
-
def with_profile(&)
|
49
|
-
benchmark do |b|
|
50
|
-
assert b.profiles.size == 1, b.profiles.to_s
|
51
|
-
profile = b.profiles['xccdf_org.ssgproject.content_profile_common']
|
52
|
-
assert profile
|
53
|
-
yield profile
|
54
|
-
end
|
55
|
-
end
|
56
|
-
|
57
|
-
def benchmark(&)
|
58
|
-
OpenSCAP::Source.new '../data/xccdf.xml' do |source|
|
59
|
-
OpenSCAP::Xccdf::Benchmark.new(source, &)
|
60
|
-
end
|
61
|
-
end
|
62
|
-
end
|
@@ -1,116 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
require 'openscap'
|
4
|
-
require 'common/testcase'
|
5
|
-
|
6
|
-
class TestSessionDS < OpenSCAP::TestCase
|
7
|
-
def test_sds_true
|
8
|
-
@s = OpenSCAP::Xccdf::Session.new('../data/sds-complex.xml')
|
9
|
-
assert @s.sds?
|
10
|
-
end
|
11
|
-
|
12
|
-
def test_session_load
|
13
|
-
@s = OpenSCAP::Xccdf::Session.new('../data/sds-complex.xml')
|
14
|
-
@s.load
|
15
|
-
@s.evaluate
|
16
|
-
end
|
17
|
-
|
18
|
-
def test_session_load_ds_comp
|
19
|
-
@s = OpenSCAP::Xccdf::Session.new('../data/sds-complex.xml')
|
20
|
-
@s.load(datastream_id: 'scap_org.open-scap_datastream_tst2', component_id: 'scap_org.open-scap_cref_second-xccdf.xml2')
|
21
|
-
@s.evaluate
|
22
|
-
end
|
23
|
-
|
24
|
-
def test_session_load_bad_datastream
|
25
|
-
@s = OpenSCAP::Xccdf::Session.new('../data/sds-complex.xml')
|
26
|
-
msg = nil
|
27
|
-
begin
|
28
|
-
@s.load(datastream_id: 'nonexistent')
|
29
|
-
assert false
|
30
|
-
rescue OpenSCAP::OpenSCAPError => e
|
31
|
-
msg = e.to_s
|
32
|
-
end
|
33
|
-
assert msg.start_with?("Failed to locate a datastream with ID matching 'nonexistent' ID and checklist inside matching '<any>' ID.")
|
34
|
-
end
|
35
|
-
|
36
|
-
def test_session_load_bad_component
|
37
|
-
@s = OpenSCAP::Xccdf::Session.new('../data/sds-complex.xml')
|
38
|
-
msg = nil
|
39
|
-
begin
|
40
|
-
@s.load(component_id: 'nonexistent')
|
41
|
-
assert false
|
42
|
-
rescue OpenSCAP::OpenSCAPError => e
|
43
|
-
msg = e.to_s
|
44
|
-
end
|
45
|
-
assert msg.start_with?("Failed to locate a datastream with ID matching '<any>' ID and checklist inside matching 'nonexistent' ID.")
|
46
|
-
end
|
47
|
-
|
48
|
-
def test_session_set_profile
|
49
|
-
@s = OpenSCAP::Xccdf::Session.new('../data/sds-complex.xml')
|
50
|
-
@s.load(component_id: 'scap_org.open-scap_cref_second-xccdf.xml')
|
51
|
-
@s.profile = 'xccdf_moc.elpmaxe.www_profile_1'
|
52
|
-
@s.evaluate
|
53
|
-
end
|
54
|
-
|
55
|
-
def test_session_set_profile_bad
|
56
|
-
@s = OpenSCAP::Xccdf::Session.new('../data/sds-complex.xml')
|
57
|
-
@s.load
|
58
|
-
msg = nil
|
59
|
-
begin
|
60
|
-
@s.profile = 'xccdf_moc.elpmaxe.www_profile_1'
|
61
|
-
assert false
|
62
|
-
rescue OpenSCAP::OpenSCAPError => e
|
63
|
-
msg = e.to_s
|
64
|
-
end
|
65
|
-
assert msg.start_with?("No profile 'xccdf_moc.elpmaxe.www_profile_1' found")
|
66
|
-
end
|
67
|
-
|
68
|
-
def test_session_export_rds
|
69
|
-
@s = OpenSCAP::Xccdf::Session.new('../data/sds-complex.xml')
|
70
|
-
@s.load
|
71
|
-
@s.evaluate
|
72
|
-
@s.export_results(rds_file: 'report.rds.xml')
|
73
|
-
assert_exported ['report.rds.xml']
|
74
|
-
end
|
75
|
-
|
76
|
-
def test_session_export_xccdf_results
|
77
|
-
@s = OpenSCAP::Xccdf::Session.new('../data/sds-complex.xml')
|
78
|
-
@s.load(component_id: 'scap_org.open-scap_cref_second-xccdf.xml')
|
79
|
-
@s.profile = 'xccdf_moc.elpmaxe.www_profile_1'
|
80
|
-
@s.evaluate
|
81
|
-
@s.export_results(xccdf_file: 'result.xccdf.xml')
|
82
|
-
assert_exported ['result.xccdf.xml']
|
83
|
-
end
|
84
|
-
|
85
|
-
def test_session_export_html_report
|
86
|
-
@s = OpenSCAP::Xccdf::Session.new('../data/sds-complex.xml')
|
87
|
-
@s.load(component_id: 'scap_org.open-scap_cref_second-xccdf.xml')
|
88
|
-
@s.profile = 'xccdf_moc.elpmaxe.www_profile_1'
|
89
|
-
@s.evaluate
|
90
|
-
@s.export_results(report_file: 'report.html', xccdf_file: 'result.xccdf.xml')
|
91
|
-
assert_exported ['report.html', 'result.xccdf.xml']
|
92
|
-
end
|
93
|
-
|
94
|
-
def test_session_export_oval_variables
|
95
|
-
@s = OpenSCAP::Xccdf::Session.new('../data/sds-complex.xml')
|
96
|
-
@s.load(component_id: 'scap_org.open-scap_cref_second-xccdf.xml')
|
97
|
-
@s.profile = 'xccdf_moc.elpmaxe.www_profile_1'
|
98
|
-
@s.evaluate
|
99
|
-
@s.export_results(oval_variables: true)
|
100
|
-
assert_exported []
|
101
|
-
end
|
102
|
-
|
103
|
-
def test_remediate
|
104
|
-
@s = OpenSCAP::Xccdf::Session.new('../data/sds-complex.xml')
|
105
|
-
@s.load(component_id: 'scap_org.open-scap_cref_second-xccdf.xml')
|
106
|
-
@s.profile = 'xccdf_moc.elpmaxe.www_profile_1'
|
107
|
-
@s.evaluate
|
108
|
-
@s.remediate
|
109
|
-
end
|
110
|
-
|
111
|
-
def assert_exported(files)
|
112
|
-
# libopenscap compiled with --enable-debug creates debug files
|
113
|
-
FileUtils.rm_rf(Dir.glob('oscap_debug.log.*'))
|
114
|
-
assert files.sort == Dir.glob('*')
|
115
|
-
end
|
116
|
-
end
|
data/test/xccdf/session_test.rb
DELETED
@@ -1,33 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
require 'openscap'
|
4
|
-
require 'common/testcase'
|
5
|
-
|
6
|
-
class TestSession < OpenSCAP::TestCase
|
7
|
-
def test_session_new_bad
|
8
|
-
msg = nil
|
9
|
-
begin
|
10
|
-
OpenSCAP::Xccdf::Session.new('')
|
11
|
-
assert false
|
12
|
-
rescue OpenSCAP::OpenSCAPError => e
|
13
|
-
msg = e.to_s
|
14
|
-
end
|
15
|
-
assert msg.start_with?("Unable to open file: ''"), "Message was: #{msg}"
|
16
|
-
end
|
17
|
-
|
18
|
-
def test_session_new_nil
|
19
|
-
msg = nil
|
20
|
-
begin
|
21
|
-
OpenSCAP::Xccdf::Session.new(nil)
|
22
|
-
assert false
|
23
|
-
rescue OpenSCAP::OpenSCAPError => e
|
24
|
-
msg = e.to_s
|
25
|
-
end
|
26
|
-
assert msg.start_with?('No filename specified!'), "Message was: #{msg}"
|
27
|
-
end
|
28
|
-
|
29
|
-
def test_sds_false
|
30
|
-
@s = OpenSCAP::Xccdf::Session.new('../data/xccdf.xml')
|
31
|
-
refute @s.sds?
|
32
|
-
end
|
33
|
-
end
|
@@ -1,30 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
require 'openscap'
|
4
|
-
require 'openscap/source'
|
5
|
-
require 'openscap/xccdf/tailoring'
|
6
|
-
require 'common/testcase'
|
7
|
-
|
8
|
-
class TailoringTest < OpenSCAP::TestCase
|
9
|
-
def test_new_from_file
|
10
|
-
tailoring = tailoring_from_file
|
11
|
-
tailoring.destroy
|
12
|
-
refute tailoring.raw
|
13
|
-
end
|
14
|
-
|
15
|
-
def test_profiles
|
16
|
-
profiles = tailoring_from_file.profiles
|
17
|
-
assert_equal 1, profiles.length
|
18
|
-
assert profiles.values.first.is_a?(OpenSCAP::Xccdf::Profile)
|
19
|
-
end
|
20
|
-
|
21
|
-
private
|
22
|
-
|
23
|
-
def tailoring_from_file
|
24
|
-
source = OpenSCAP::Source.new '../data/tailoring.xml'
|
25
|
-
tailoring = OpenSCAP::Xccdf::Tailoring.new source, nil
|
26
|
-
source.destroy
|
27
|
-
assert tailoring
|
28
|
-
tailoring
|
29
|
-
end
|
30
|
-
end
|
@@ -1,99 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
require 'openscap'
|
4
|
-
require 'openscap/source'
|
5
|
-
require 'openscap/xccdf/benchmark'
|
6
|
-
require 'openscap/xccdf/testresult'
|
7
|
-
require 'common/testcase'
|
8
|
-
|
9
|
-
class TestTestResult < OpenSCAP::TestCase
|
10
|
-
def test_testresult_new_bad
|
11
|
-
source = OpenSCAP::Source.new('../data/xccdf.xml')
|
12
|
-
assert !source.nil?
|
13
|
-
msg = nil
|
14
|
-
begin
|
15
|
-
OpenSCAP::Xccdf::TestResult.new(source)
|
16
|
-
assert false
|
17
|
-
rescue OpenSCAP::OpenSCAPError => e
|
18
|
-
msg = e.to_s
|
19
|
-
end
|
20
|
-
assert msg.start_with?("Expected 'TestResult' element while found 'Benchmark'."),
|
21
|
-
"Message was: #{msg}"
|
22
|
-
end
|
23
|
-
|
24
|
-
def test_result_create_and_query_properties
|
25
|
-
tr = new_tr
|
26
|
-
assert tr.id == 'xccdf_org.open-scap_testresult_xccdf_org.ssgproject.content_profile_common',
|
27
|
-
"TestResult.id was '#{tr.id}"
|
28
|
-
assert tr.profile == 'xccdf_org.ssgproject.content_profile_common',
|
29
|
-
"TestResult.profile was '#{tr.profile}'"
|
30
|
-
tr.destroy
|
31
|
-
end
|
32
|
-
|
33
|
-
def test_result_create_and_query_rr
|
34
|
-
tr = new_tr
|
35
|
-
assert tr.rr.size == 28
|
36
|
-
assert tr.rr.key?('xccdf_org.ssgproject.content_rule_disable_prelink')
|
37
|
-
assert tr.rr.key?('xccdf_org.ssgproject.content_rule_no_direct_root_logins')
|
38
|
-
assert tr.rr['xccdf_org.ssgproject.content_rule_disable_prelink'].result == 'fail'
|
39
|
-
assert tr.rr['xccdf_org.ssgproject.content_rule_no_direct_root_logins'].result == 'notchecked'
|
40
|
-
tr.destroy
|
41
|
-
end
|
42
|
-
|
43
|
-
def test_override
|
44
|
-
tr = new_tr
|
45
|
-
rr = tr.rr['xccdf_org.ssgproject.content_rule_disable_prelink']
|
46
|
-
assert rr.result == 'fail'
|
47
|
-
rr.override!(new_result: :pass,
|
48
|
-
time: 'yesterday',
|
49
|
-
authority: 'John Hacker',
|
50
|
-
raw_text: 'We are testing prelink on this machine')
|
51
|
-
assert rr.result == 'pass'
|
52
|
-
tr.destroy
|
53
|
-
end
|
54
|
-
|
55
|
-
def test_score
|
56
|
-
tr = new_tr
|
57
|
-
assert_default_score tr.score, 34, 35
|
58
|
-
tr.destroy
|
59
|
-
end
|
60
|
-
|
61
|
-
def test_waive_and_score
|
62
|
-
tr = new_tr
|
63
|
-
benchmark = benchmark_for_tr
|
64
|
-
|
65
|
-
assert_default_score tr.score, 34, 35
|
66
|
-
assert_default_score tr.score!(benchmark), 34, 35
|
67
|
-
|
68
|
-
rr = tr.rr['xccdf_org.ssgproject.content_rule_disable_prelink']
|
69
|
-
assert rr.result == 'fail'
|
70
|
-
rr.override!(new_result: :pass,
|
71
|
-
time: 'yesterday',
|
72
|
-
authority: 'John Hacker',
|
73
|
-
raw_text: 'We are testing prelink on this machine')
|
74
|
-
assert rr.result == 'pass'
|
75
|
-
|
76
|
-
assert_default_score tr.score, 34, 35
|
77
|
-
assert_default_score tr.score!(benchmark), 47, 48
|
78
|
-
|
79
|
-
benchmark.destroy
|
80
|
-
tr.destroy
|
81
|
-
end
|
82
|
-
|
83
|
-
private
|
84
|
-
|
85
|
-
def benchmark_for_tr
|
86
|
-
source = OpenSCAP::Source.new('../data/xccdf.xml')
|
87
|
-
benchmark = OpenSCAP::Xccdf::Benchmark.new source
|
88
|
-
source.destroy
|
89
|
-
benchmark
|
90
|
-
end
|
91
|
-
|
92
|
-
def new_tr
|
93
|
-
source = OpenSCAP::Source.new('../data/testresult.xml')
|
94
|
-
assert !source.nil?
|
95
|
-
tr = OpenSCAP::Xccdf::TestResult.new(source)
|
96
|
-
source.destroy
|
97
|
-
tr
|
98
|
-
end
|
99
|
-
end
|
data/test/xccdf/value_test.rb
DELETED
@@ -1,67 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
require 'common/testcase'
|
4
|
-
require 'openscap'
|
5
|
-
require 'openscap/source'
|
6
|
-
require 'openscap/xccdf/benchmark'
|
7
|
-
|
8
|
-
class TestBenchmark < OpenSCAP::TestCase
|
9
|
-
def test_benchmark_values
|
10
|
-
with_benchmark do |b|
|
11
|
-
val_ids = []
|
12
|
-
b.each_value do |val|
|
13
|
-
val_ids << val.id
|
14
|
-
end
|
15
|
-
assert_equal val_ids, ['xccdf_org.ssgproject.content_value_conditional_clause']
|
16
|
-
end
|
17
|
-
end
|
18
|
-
|
19
|
-
def test_value_props
|
20
|
-
with_value do |val|
|
21
|
-
assert_equal val.id, 'xccdf_org.ssgproject.content_value_conditional_clause'
|
22
|
-
assert_equal val.title, 'A conditional clause for check statements.'
|
23
|
-
assert_equal val.description, 'A conditional clause for check statements.'
|
24
|
-
end
|
25
|
-
end
|
26
|
-
|
27
|
-
def test_collect_all_values
|
28
|
-
with_all_values do |vals|
|
29
|
-
assert_equal vals.length, 7
|
30
|
-
assert_equal vals.to_set(&:id).length, 7
|
31
|
-
end
|
32
|
-
end
|
33
|
-
|
34
|
-
private
|
35
|
-
|
36
|
-
def with_value(&)
|
37
|
-
with_benchmark { |b| b.each_value(&) }
|
38
|
-
end
|
39
|
-
|
40
|
-
def with_all_values(&)
|
41
|
-
vals = []
|
42
|
-
with_benchmark do |b|
|
43
|
-
vals += collect_values(b)
|
44
|
-
yield vals
|
45
|
-
end
|
46
|
-
end
|
47
|
-
|
48
|
-
def with_benchmark(&)
|
49
|
-
OpenSCAP::Source.new '../data/xccdf.xml' do |source|
|
50
|
-
OpenSCAP::Xccdf::Benchmark.new(source, &)
|
51
|
-
end
|
52
|
-
end
|
53
|
-
|
54
|
-
def collect_values(item)
|
55
|
-
vals = []
|
56
|
-
if item.is_a?(OpenSCAP::Xccdf::Benchmark) || item.is_a?(OpenSCAP::Xccdf::Group)
|
57
|
-
item.each_value { |v| vals << v }
|
58
|
-
|
59
|
-
if item.is_a? OpenSCAP::Xccdf::Benchmark
|
60
|
-
item.each_item { |item| vals += collect_values(item) }
|
61
|
-
else
|
62
|
-
item.each_child { |item| vals += collect_values(item) }
|
63
|
-
end
|
64
|
-
end
|
65
|
-
vals
|
66
|
-
end
|
67
|
-
end
|