openscap 0.5.0 → 0.5.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/openscap/version.rb +1 -1
- data/lib/openscap/xccdf/benchmark.rb +10 -10
- data/lib/openscap/xccdf/fix.rb +7 -14
- data/lib/openscap/xccdf/fixtext.rb +19 -0
- data/lib/openscap/xccdf/group.rb +6 -12
- data/lib/openscap/xccdf/ident.rb +4 -10
- data/lib/openscap/xccdf/item.rb +6 -6
- data/lib/openscap/xccdf/item_common.rb +1 -1
- data/lib/openscap/xccdf/policy.rb +3 -4
- data/lib/openscap/xccdf/policy_model.rb +6 -14
- data/lib/openscap/xccdf/profile.rb +2 -2
- data/lib/openscap/xccdf/reference.rb +5 -21
- data/lib/openscap/xccdf/rule.rb +32 -8
- data/lib/openscap/xccdf/ruleresult.rb +5 -7
- data/lib/openscap/xccdf/session.rb +11 -11
- data/lib/openscap/xccdf/status.rb +1 -2
- data/lib/openscap/xccdf/tailoring.rb +6 -12
- data/lib/openscap/xccdf/testresult.rb +12 -16
- data/lib/openscap/xccdf/value.rb +1 -2
- metadata +5 -27
- data/test/common/testcase.rb +0 -38
- data/test/data/arf.xml +0 -275156
- data/test/data/invalid.xml +0 -20
- data/test/data/sds-complex.xml +0 -132
- data/test/data/tailoring.xml +0 -31
- data/test/data/testresult.xml +0 -225
- data/test/data/xccdf.xml +0 -3047
- data/test/ds/arf_test.rb +0 -96
- data/test/ds/sds_test.rb +0 -89
- data/test/integration/arf_waiver_test.rb +0 -91
- data/test/openscap_test.rb +0 -21
- data/test/source_test.rb +0 -78
- data/test/text_test.rb +0 -19
- data/test/xccdf/arf_test.rb +0 -43
- data/test/xccdf/benchmark_test.rb +0 -201
- data/test/xccdf/item_test.rb +0 -82
- data/test/xccdf/policy_test.rb +0 -48
- data/test/xccdf/profile_test.rb +0 -62
- data/test/xccdf/session_ds_test.rb +0 -116
- data/test/xccdf/session_test.rb +0 -33
- data/test/xccdf/tailoring_test.rb +0 -30
- data/test/xccdf/testresult_test.rb +0 -99
- data/test/xccdf/value_test.rb +0 -67
data/test/xccdf/item_test.rb
DELETED
@@ -1,82 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
require 'openscap'
|
4
|
-
require 'openscap/xccdf/benchmark'
|
5
|
-
require 'common/testcase'
|
6
|
-
|
7
|
-
class ItemTest < OpenSCAP::TestCase
|
8
|
-
def test_description_html
|
9
|
-
expected_markup = "\n" \
|
10
|
-
"Most of the actions listed in this document are written with the\n" \
|
11
|
-
"assumption that they will be executed by the root user running the\n" \
|
12
|
-
"<xhtml:code xmlns:xhtml=\"http://www.w3.org/1999/xhtml\">/bin/bash</xhtml:code> shell. Commands preceded with a hash mark (#)\n" \
|
13
|
-
"assume that the administrator will execute the commands as root, i.e.\n" \
|
14
|
-
"apply the command via <xhtml:code xmlns:xhtml=\"http://www.w3.org/1999/xhtml\">sudo</xhtml:code> whenever possible, or use\n" \
|
15
|
-
"<xhtml:code xmlns:xhtml=\"http://www.w3.org/1999/xhtml\">su</xhtml:code> to gain root privileges if <xhtml:code xmlns:xhtml=\"http://www.w3.org/1999/xhtml\">sudo</xhtml:code> cannot be\n" \
|
16
|
-
"used. Commands which can be executed as a non-root user are are preceded\n" \
|
17
|
-
"by a dollar sign ($) prompt.\n"
|
18
|
-
with_item 'xccdf_org.ssgproject.content_group_intro-root-shell-assumed' do |item|
|
19
|
-
assert_equal item.description(markup: true), expected_markup
|
20
|
-
end
|
21
|
-
end
|
22
|
-
|
23
|
-
def test_rationale_html
|
24
|
-
expected_markup = "\n" \
|
25
|
-
"For AIDE to be effective, an initial database of <i xmlns=\"http://www.w3.org/1999/xhtml\">\"known-good\"</i> information about files\n" \
|
26
|
-
"must be captured and it should be able to be verified against the installed files.\n"
|
27
|
-
with_item 'xccdf_org.ssgproject.content_rule_aide_build_database' do |item|
|
28
|
-
assert_equal item.rationale(markup: true), expected_markup
|
29
|
-
end
|
30
|
-
end
|
31
|
-
|
32
|
-
def test_missing_rationale
|
33
|
-
with_item 'xccdf_org.ssgproject.content_group_intro' do |item_sans_rationale|
|
34
|
-
assert_equal item_sans_rationale.rationale(markup: true), nil
|
35
|
-
end
|
36
|
-
end
|
37
|
-
|
38
|
-
def test_version
|
39
|
-
with_item 'xccdf_org.ssgproject.content_group_intro' do |item_sans_version|
|
40
|
-
assert_nil item_sans_version.version
|
41
|
-
end
|
42
|
-
end
|
43
|
-
|
44
|
-
def test_references
|
45
|
-
with_item 'xccdf_org.ssgproject.content_rule_disable_prelink' do |item|
|
46
|
-
item.references.tap do |refs|
|
47
|
-
assert_equal refs.length, 4
|
48
|
-
assert_equal refs.collect(&:title), ['CM-6(d)', 'CM-6(3)', 'SC-28', 'SI-7']
|
49
|
-
assert_equal refs.collect(&:href).uniq, ['http://csrc.nist.gov/publications/nistpubs/800-53-Rev3/sp800-53-rev3-final.pdf']
|
50
|
-
end
|
51
|
-
end
|
52
|
-
end
|
53
|
-
|
54
|
-
def test_warnings
|
55
|
-
expected_text = 'If verbose logging to <xhtml:code xmlns:xhtml="http://www.w3.org/1999/xhtml">vsftpd.log</xhtml:code> is done, sparse logging of downloads to <xhtml:code xmlns:xhtml="http://www.w3.org/1999/xhtml">/var/log/xferlog</xhtml:code> will not also occur. However, the information about what files were downloaded is included in the information logged to <xhtml:code xmlns:xhtml="http://www.w3.org/1999/xhtml">vsftpd.log</xhtml:code>'
|
56
|
-
with_item 'xccdf_org.ssgproject.content_rule_ftp_log_transactions' do |item|
|
57
|
-
warns = item.warnings
|
58
|
-
assert_equal warns.length, 1
|
59
|
-
warning = warns[0]
|
60
|
-
assert warning.instance_of?(Hash)
|
61
|
-
assert warning.keys.length == 2
|
62
|
-
assert warning[:category] == :general
|
63
|
-
assert warning[:text].text == expected_text
|
64
|
-
end
|
65
|
-
end
|
66
|
-
|
67
|
-
private
|
68
|
-
|
69
|
-
def with_item(id, &)
|
70
|
-
with_benchmark do |b|
|
71
|
-
item = b.items[id]
|
72
|
-
refute_nil item
|
73
|
-
yield item
|
74
|
-
end
|
75
|
-
end
|
76
|
-
|
77
|
-
def with_benchmark(&)
|
78
|
-
OpenSCAP::Source.new '../data/xccdf.xml' do |source|
|
79
|
-
OpenSCAP::Xccdf::Benchmark.new(source, &)
|
80
|
-
end
|
81
|
-
end
|
82
|
-
end
|
data/test/xccdf/policy_test.rb
DELETED
@@ -1,48 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
require 'common/testcase'
|
4
|
-
require 'openscap'
|
5
|
-
require 'openscap/source'
|
6
|
-
require 'openscap/xccdf/benchmark'
|
7
|
-
require 'openscap/xccdf/policy'
|
8
|
-
require 'openscap/xccdf/policy_model'
|
9
|
-
|
10
|
-
class TestPolicy < OpenSCAP::TestCase
|
11
|
-
def test_new_policy_model
|
12
|
-
with_policy_model do |pm|
|
13
|
-
assert pm.policies.size == 1, pm.policies.to_s
|
14
|
-
assert pm.policies['xccdf_org.ssgproject.content_profile_common']
|
15
|
-
end
|
16
|
-
end
|
17
|
-
|
18
|
-
def test_profile_getter
|
19
|
-
with_policy do |policy|
|
20
|
-
profile = policy.profile
|
21
|
-
assert_equal profile.id, 'xccdf_org.ssgproject.content_profile_common'
|
22
|
-
end
|
23
|
-
end
|
24
|
-
|
25
|
-
def test_selects_item
|
26
|
-
with_policy do |policy|
|
27
|
-
assert policy.selects_item?('xccdf_org.ssgproject.content_rule_disable_prelink')
|
28
|
-
refute policy.selects_item?('xccdf_org.ssgproject.content_rule_disable_vsftpd')
|
29
|
-
end
|
30
|
-
end
|
31
|
-
|
32
|
-
private
|
33
|
-
|
34
|
-
def with_policy(&)
|
35
|
-
with_policy_model do |pm|
|
36
|
-
yield pm.policies['xccdf_org.ssgproject.content_profile_common']
|
37
|
-
end
|
38
|
-
end
|
39
|
-
|
40
|
-
def with_policy_model(&)
|
41
|
-
OpenSCAP::Source.new '../data/xccdf.xml' do |source|
|
42
|
-
OpenSCAP::Xccdf::Benchmark.new source do |bench|
|
43
|
-
assert !bench.nil?
|
44
|
-
yield bench.policy_model
|
45
|
-
end
|
46
|
-
end
|
47
|
-
end
|
48
|
-
end
|
data/test/xccdf/profile_test.rb
DELETED
@@ -1,62 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
require 'common/testcase'
|
4
|
-
require 'openscap'
|
5
|
-
require 'openscap/source'
|
6
|
-
require 'openscap/xccdf/benchmark'
|
7
|
-
require 'openscap/xccdf/profile'
|
8
|
-
|
9
|
-
class TestProfile < OpenSCAP::TestCase
|
10
|
-
def test_new_from_file
|
11
|
-
with_profile do |p|
|
12
|
-
assert p.title == 'Common Profile for General-Purpose Fedora Systems'
|
13
|
-
end
|
14
|
-
end
|
15
|
-
|
16
|
-
def test_description_html
|
17
|
-
with_profile do |p|
|
18
|
-
assert_equal p.description, 'This profile contains items common to general-purpose Fedora installations.'
|
19
|
-
end
|
20
|
-
end
|
21
|
-
|
22
|
-
def test_status
|
23
|
-
with_profile do |p|
|
24
|
-
assert_nil p.status_current&.status
|
25
|
-
end
|
26
|
-
end
|
27
|
-
|
28
|
-
def test_version
|
29
|
-
with_profile do |p|
|
30
|
-
assert_equal p.version, '3.2.1'
|
31
|
-
end
|
32
|
-
end
|
33
|
-
|
34
|
-
def test_references
|
35
|
-
with_profile do |p|
|
36
|
-
assert_equal p.references, []
|
37
|
-
end
|
38
|
-
end
|
39
|
-
|
40
|
-
def test_abstract
|
41
|
-
with_profile do |p|
|
42
|
-
assert_false p.abstract?
|
43
|
-
end
|
44
|
-
end
|
45
|
-
|
46
|
-
private
|
47
|
-
|
48
|
-
def with_profile(&)
|
49
|
-
benchmark do |b|
|
50
|
-
assert b.profiles.size == 1, b.profiles.to_s
|
51
|
-
profile = b.profiles['xccdf_org.ssgproject.content_profile_common']
|
52
|
-
assert profile
|
53
|
-
yield profile
|
54
|
-
end
|
55
|
-
end
|
56
|
-
|
57
|
-
def benchmark(&)
|
58
|
-
OpenSCAP::Source.new '../data/xccdf.xml' do |source|
|
59
|
-
OpenSCAP::Xccdf::Benchmark.new(source, &)
|
60
|
-
end
|
61
|
-
end
|
62
|
-
end
|
@@ -1,116 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
require 'openscap'
|
4
|
-
require 'common/testcase'
|
5
|
-
|
6
|
-
class TestSessionDS < OpenSCAP::TestCase
|
7
|
-
def test_sds_true
|
8
|
-
@s = OpenSCAP::Xccdf::Session.new('../data/sds-complex.xml')
|
9
|
-
assert @s.sds?
|
10
|
-
end
|
11
|
-
|
12
|
-
def test_session_load
|
13
|
-
@s = OpenSCAP::Xccdf::Session.new('../data/sds-complex.xml')
|
14
|
-
@s.load
|
15
|
-
@s.evaluate
|
16
|
-
end
|
17
|
-
|
18
|
-
def test_session_load_ds_comp
|
19
|
-
@s = OpenSCAP::Xccdf::Session.new('../data/sds-complex.xml')
|
20
|
-
@s.load(datastream_id: 'scap_org.open-scap_datastream_tst2', component_id: 'scap_org.open-scap_cref_second-xccdf.xml2')
|
21
|
-
@s.evaluate
|
22
|
-
end
|
23
|
-
|
24
|
-
def test_session_load_bad_datastream
|
25
|
-
@s = OpenSCAP::Xccdf::Session.new('../data/sds-complex.xml')
|
26
|
-
msg = nil
|
27
|
-
begin
|
28
|
-
@s.load(datastream_id: 'nonexistent')
|
29
|
-
assert false
|
30
|
-
rescue OpenSCAP::OpenSCAPError => e
|
31
|
-
msg = e.to_s
|
32
|
-
end
|
33
|
-
assert msg.start_with?("Failed to locate a datastream with ID matching 'nonexistent' ID and checklist inside matching '<any>' ID.")
|
34
|
-
end
|
35
|
-
|
36
|
-
def test_session_load_bad_component
|
37
|
-
@s = OpenSCAP::Xccdf::Session.new('../data/sds-complex.xml')
|
38
|
-
msg = nil
|
39
|
-
begin
|
40
|
-
@s.load(component_id: 'nonexistent')
|
41
|
-
assert false
|
42
|
-
rescue OpenSCAP::OpenSCAPError => e
|
43
|
-
msg = e.to_s
|
44
|
-
end
|
45
|
-
assert msg.start_with?("Failed to locate a datastream with ID matching '<any>' ID and checklist inside matching 'nonexistent' ID.")
|
46
|
-
end
|
47
|
-
|
48
|
-
def test_session_set_profile
|
49
|
-
@s = OpenSCAP::Xccdf::Session.new('../data/sds-complex.xml')
|
50
|
-
@s.load(component_id: 'scap_org.open-scap_cref_second-xccdf.xml')
|
51
|
-
@s.profile = 'xccdf_moc.elpmaxe.www_profile_1'
|
52
|
-
@s.evaluate
|
53
|
-
end
|
54
|
-
|
55
|
-
def test_session_set_profile_bad
|
56
|
-
@s = OpenSCAP::Xccdf::Session.new('../data/sds-complex.xml')
|
57
|
-
@s.load
|
58
|
-
msg = nil
|
59
|
-
begin
|
60
|
-
@s.profile = 'xccdf_moc.elpmaxe.www_profile_1'
|
61
|
-
assert false
|
62
|
-
rescue OpenSCAP::OpenSCAPError => e
|
63
|
-
msg = e.to_s
|
64
|
-
end
|
65
|
-
assert msg.start_with?("No profile 'xccdf_moc.elpmaxe.www_profile_1' found")
|
66
|
-
end
|
67
|
-
|
68
|
-
def test_session_export_rds
|
69
|
-
@s = OpenSCAP::Xccdf::Session.new('../data/sds-complex.xml')
|
70
|
-
@s.load
|
71
|
-
@s.evaluate
|
72
|
-
@s.export_results(rds_file: 'report.rds.xml')
|
73
|
-
assert_exported ['report.rds.xml']
|
74
|
-
end
|
75
|
-
|
76
|
-
def test_session_export_xccdf_results
|
77
|
-
@s = OpenSCAP::Xccdf::Session.new('../data/sds-complex.xml')
|
78
|
-
@s.load(component_id: 'scap_org.open-scap_cref_second-xccdf.xml')
|
79
|
-
@s.profile = 'xccdf_moc.elpmaxe.www_profile_1'
|
80
|
-
@s.evaluate
|
81
|
-
@s.export_results(xccdf_file: 'result.xccdf.xml')
|
82
|
-
assert_exported ['result.xccdf.xml']
|
83
|
-
end
|
84
|
-
|
85
|
-
def test_session_export_html_report
|
86
|
-
@s = OpenSCAP::Xccdf::Session.new('../data/sds-complex.xml')
|
87
|
-
@s.load(component_id: 'scap_org.open-scap_cref_second-xccdf.xml')
|
88
|
-
@s.profile = 'xccdf_moc.elpmaxe.www_profile_1'
|
89
|
-
@s.evaluate
|
90
|
-
@s.export_results(report_file: 'report.html', xccdf_file: 'result.xccdf.xml')
|
91
|
-
assert_exported ['report.html', 'result.xccdf.xml']
|
92
|
-
end
|
93
|
-
|
94
|
-
def test_session_export_oval_variables
|
95
|
-
@s = OpenSCAP::Xccdf::Session.new('../data/sds-complex.xml')
|
96
|
-
@s.load(component_id: 'scap_org.open-scap_cref_second-xccdf.xml')
|
97
|
-
@s.profile = 'xccdf_moc.elpmaxe.www_profile_1'
|
98
|
-
@s.evaluate
|
99
|
-
@s.export_results(oval_variables: true)
|
100
|
-
assert_exported []
|
101
|
-
end
|
102
|
-
|
103
|
-
def test_remediate
|
104
|
-
@s = OpenSCAP::Xccdf::Session.new('../data/sds-complex.xml')
|
105
|
-
@s.load(component_id: 'scap_org.open-scap_cref_second-xccdf.xml')
|
106
|
-
@s.profile = 'xccdf_moc.elpmaxe.www_profile_1'
|
107
|
-
@s.evaluate
|
108
|
-
@s.remediate
|
109
|
-
end
|
110
|
-
|
111
|
-
def assert_exported(files)
|
112
|
-
# libopenscap compiled with --enable-debug creates debug files
|
113
|
-
FileUtils.rm_rf(Dir.glob('oscap_debug.log.*'))
|
114
|
-
assert files.sort == Dir.glob('*')
|
115
|
-
end
|
116
|
-
end
|
data/test/xccdf/session_test.rb
DELETED
@@ -1,33 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
require 'openscap'
|
4
|
-
require 'common/testcase'
|
5
|
-
|
6
|
-
class TestSession < OpenSCAP::TestCase
|
7
|
-
def test_session_new_bad
|
8
|
-
msg = nil
|
9
|
-
begin
|
10
|
-
OpenSCAP::Xccdf::Session.new('')
|
11
|
-
assert false
|
12
|
-
rescue OpenSCAP::OpenSCAPError => e
|
13
|
-
msg = e.to_s
|
14
|
-
end
|
15
|
-
assert msg.start_with?("Unable to open file: ''"), "Message was: #{msg}"
|
16
|
-
end
|
17
|
-
|
18
|
-
def test_session_new_nil
|
19
|
-
msg = nil
|
20
|
-
begin
|
21
|
-
OpenSCAP::Xccdf::Session.new(nil)
|
22
|
-
assert false
|
23
|
-
rescue OpenSCAP::OpenSCAPError => e
|
24
|
-
msg = e.to_s
|
25
|
-
end
|
26
|
-
assert msg.start_with?('No filename specified!'), "Message was: #{msg}"
|
27
|
-
end
|
28
|
-
|
29
|
-
def test_sds_false
|
30
|
-
@s = OpenSCAP::Xccdf::Session.new('../data/xccdf.xml')
|
31
|
-
refute @s.sds?
|
32
|
-
end
|
33
|
-
end
|
@@ -1,30 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
require 'openscap'
|
4
|
-
require 'openscap/source'
|
5
|
-
require 'openscap/xccdf/tailoring'
|
6
|
-
require 'common/testcase'
|
7
|
-
|
8
|
-
class TailoringTest < OpenSCAP::TestCase
|
9
|
-
def test_new_from_file
|
10
|
-
tailoring = tailoring_from_file
|
11
|
-
tailoring.destroy
|
12
|
-
refute tailoring.raw
|
13
|
-
end
|
14
|
-
|
15
|
-
def test_profiles
|
16
|
-
profiles = tailoring_from_file.profiles
|
17
|
-
assert_equal 1, profiles.length
|
18
|
-
assert profiles.values.first.is_a?(OpenSCAP::Xccdf::Profile)
|
19
|
-
end
|
20
|
-
|
21
|
-
private
|
22
|
-
|
23
|
-
def tailoring_from_file
|
24
|
-
source = OpenSCAP::Source.new '../data/tailoring.xml'
|
25
|
-
tailoring = OpenSCAP::Xccdf::Tailoring.new source, nil
|
26
|
-
source.destroy
|
27
|
-
assert tailoring
|
28
|
-
tailoring
|
29
|
-
end
|
30
|
-
end
|
@@ -1,99 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
require 'openscap'
|
4
|
-
require 'openscap/source'
|
5
|
-
require 'openscap/xccdf/benchmark'
|
6
|
-
require 'openscap/xccdf/testresult'
|
7
|
-
require 'common/testcase'
|
8
|
-
|
9
|
-
class TestTestResult < OpenSCAP::TestCase
|
10
|
-
def test_testresult_new_bad
|
11
|
-
source = OpenSCAP::Source.new('../data/xccdf.xml')
|
12
|
-
assert !source.nil?
|
13
|
-
msg = nil
|
14
|
-
begin
|
15
|
-
OpenSCAP::Xccdf::TestResult.new(source)
|
16
|
-
assert false
|
17
|
-
rescue OpenSCAP::OpenSCAPError => e
|
18
|
-
msg = e.to_s
|
19
|
-
end
|
20
|
-
assert msg.start_with?("Expected 'TestResult' element while found 'Benchmark'."),
|
21
|
-
"Message was: #{msg}"
|
22
|
-
end
|
23
|
-
|
24
|
-
def test_result_create_and_query_properties
|
25
|
-
tr = new_tr
|
26
|
-
assert tr.id == 'xccdf_org.open-scap_testresult_xccdf_org.ssgproject.content_profile_common',
|
27
|
-
"TestResult.id was '#{tr.id}"
|
28
|
-
assert tr.profile == 'xccdf_org.ssgproject.content_profile_common',
|
29
|
-
"TestResult.profile was '#{tr.profile}'"
|
30
|
-
tr.destroy
|
31
|
-
end
|
32
|
-
|
33
|
-
def test_result_create_and_query_rr
|
34
|
-
tr = new_tr
|
35
|
-
assert tr.rr.size == 28
|
36
|
-
assert tr.rr.key?('xccdf_org.ssgproject.content_rule_disable_prelink')
|
37
|
-
assert tr.rr.key?('xccdf_org.ssgproject.content_rule_no_direct_root_logins')
|
38
|
-
assert tr.rr['xccdf_org.ssgproject.content_rule_disable_prelink'].result == 'fail'
|
39
|
-
assert tr.rr['xccdf_org.ssgproject.content_rule_no_direct_root_logins'].result == 'notchecked'
|
40
|
-
tr.destroy
|
41
|
-
end
|
42
|
-
|
43
|
-
def test_override
|
44
|
-
tr = new_tr
|
45
|
-
rr = tr.rr['xccdf_org.ssgproject.content_rule_disable_prelink']
|
46
|
-
assert rr.result == 'fail'
|
47
|
-
rr.override!(new_result: :pass,
|
48
|
-
time: 'yesterday',
|
49
|
-
authority: 'John Hacker',
|
50
|
-
raw_text: 'We are testing prelink on this machine')
|
51
|
-
assert rr.result == 'pass'
|
52
|
-
tr.destroy
|
53
|
-
end
|
54
|
-
|
55
|
-
def test_score
|
56
|
-
tr = new_tr
|
57
|
-
assert_default_score tr.score, 34, 35
|
58
|
-
tr.destroy
|
59
|
-
end
|
60
|
-
|
61
|
-
def test_waive_and_score
|
62
|
-
tr = new_tr
|
63
|
-
benchmark = benchmark_for_tr
|
64
|
-
|
65
|
-
assert_default_score tr.score, 34, 35
|
66
|
-
assert_default_score tr.score!(benchmark), 34, 35
|
67
|
-
|
68
|
-
rr = tr.rr['xccdf_org.ssgproject.content_rule_disable_prelink']
|
69
|
-
assert rr.result == 'fail'
|
70
|
-
rr.override!(new_result: :pass,
|
71
|
-
time: 'yesterday',
|
72
|
-
authority: 'John Hacker',
|
73
|
-
raw_text: 'We are testing prelink on this machine')
|
74
|
-
assert rr.result == 'pass'
|
75
|
-
|
76
|
-
assert_default_score tr.score, 34, 35
|
77
|
-
assert_default_score tr.score!(benchmark), 47, 48
|
78
|
-
|
79
|
-
benchmark.destroy
|
80
|
-
tr.destroy
|
81
|
-
end
|
82
|
-
|
83
|
-
private
|
84
|
-
|
85
|
-
def benchmark_for_tr
|
86
|
-
source = OpenSCAP::Source.new('../data/xccdf.xml')
|
87
|
-
benchmark = OpenSCAP::Xccdf::Benchmark.new source
|
88
|
-
source.destroy
|
89
|
-
benchmark
|
90
|
-
end
|
91
|
-
|
92
|
-
def new_tr
|
93
|
-
source = OpenSCAP::Source.new('../data/testresult.xml')
|
94
|
-
assert !source.nil?
|
95
|
-
tr = OpenSCAP::Xccdf::TestResult.new(source)
|
96
|
-
source.destroy
|
97
|
-
tr
|
98
|
-
end
|
99
|
-
end
|
data/test/xccdf/value_test.rb
DELETED
@@ -1,67 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
require 'common/testcase'
|
4
|
-
require 'openscap'
|
5
|
-
require 'openscap/source'
|
6
|
-
require 'openscap/xccdf/benchmark'
|
7
|
-
|
8
|
-
class TestBenchmark < OpenSCAP::TestCase
|
9
|
-
def test_benchmark_values
|
10
|
-
with_benchmark do |b|
|
11
|
-
val_ids = []
|
12
|
-
b.each_value do |val|
|
13
|
-
val_ids << val.id
|
14
|
-
end
|
15
|
-
assert_equal val_ids, ['xccdf_org.ssgproject.content_value_conditional_clause']
|
16
|
-
end
|
17
|
-
end
|
18
|
-
|
19
|
-
def test_value_props
|
20
|
-
with_value do |val|
|
21
|
-
assert_equal val.id, 'xccdf_org.ssgproject.content_value_conditional_clause'
|
22
|
-
assert_equal val.title, 'A conditional clause for check statements.'
|
23
|
-
assert_equal val.description, 'A conditional clause for check statements.'
|
24
|
-
end
|
25
|
-
end
|
26
|
-
|
27
|
-
def test_collect_all_values
|
28
|
-
with_all_values do |vals|
|
29
|
-
assert_equal vals.length, 7
|
30
|
-
assert_equal vals.to_set(&:id).length, 7
|
31
|
-
end
|
32
|
-
end
|
33
|
-
|
34
|
-
private
|
35
|
-
|
36
|
-
def with_value(&)
|
37
|
-
with_benchmark { |b| b.each_value(&) }
|
38
|
-
end
|
39
|
-
|
40
|
-
def with_all_values(&)
|
41
|
-
vals = []
|
42
|
-
with_benchmark do |b|
|
43
|
-
vals += collect_values(b)
|
44
|
-
yield vals
|
45
|
-
end
|
46
|
-
end
|
47
|
-
|
48
|
-
def with_benchmark(&)
|
49
|
-
OpenSCAP::Source.new '../data/xccdf.xml' do |source|
|
50
|
-
OpenSCAP::Xccdf::Benchmark.new(source, &)
|
51
|
-
end
|
52
|
-
end
|
53
|
-
|
54
|
-
def collect_values(item)
|
55
|
-
vals = []
|
56
|
-
if item.is_a?(OpenSCAP::Xccdf::Benchmark) || item.is_a?(OpenSCAP::Xccdf::Group)
|
57
|
-
item.each_value { |v| vals << v }
|
58
|
-
|
59
|
-
if item.is_a? OpenSCAP::Xccdf::Benchmark
|
60
|
-
item.each_item { |item| vals += collect_values(item) }
|
61
|
-
else
|
62
|
-
item.each_child { |item| vals += collect_values(item) }
|
63
|
-
end
|
64
|
-
end
|
65
|
-
vals
|
66
|
-
end
|
67
|
-
end
|