scaptimony 0.1.0 → 0.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 8de28e491702c016eddf62a343a78767adbb4f49
-  data.tar.gz: 488911ff0c3ec7952be27c6afcd7117564c2a7cd
+  metadata.gz: 412955cff2de89a310f911da39fc9cf4d2ac20b3
+  data.tar.gz: d839f32280880847e102a56c9a939d1e296956fc
 SHA512:
-  metadata.gz: 38d1d7911c795d48957ad45bbf0b70cad8b41ecdb355b30941a2f9f6526aa9a3b8b73582bfe96dcde7f5eacff1d70254202d8a7b3a2f87377e3840d18ebc1217
-  data.tar.gz: 6371f7993686f4fb97a5b116c749b3d8a52f22d4596da2b2f0e5a1eaa3164b14b447ad843ae9ddd599ff40be94b76319556f9aeb3b235f3700f66ff18a1b6b0d
+  metadata.gz: 91080cb2eabe76f0038636ed5e0ae8b77374580a4557bd0963c785e222ece1081654856887e669dd59425c5e529d086ac6cd9dc76cd75b37b4c92fde0005561b
+  data.tar.gz: e1aba9516775e5068e43eed1959be8761e027ec9063a76b3a9c3a6b8de63feed1acf413a9675542522e7d980c80ad85e06bea07a741d90b047b5556ebf23e5e4

data/README.md

@@ -1,16 +1,36 @@
 # SCAPtimony
 
+SCAPtimony project gives full testimony about compliance of your infrastructure.
 SCAPtimony is SCAP storage and database server build on top of OpenSCAP library.
 SCAPtimony can be deployed as a part of your Rails application (i.e. Foreman) or
 as a stand-alone sealed server.
 
 + Current features:
-  + Collect & achieve OpenSCAP audit results from your infrastructure
-+ Future features:
+  + Achieve SCAP audit results from your infrastructure
+    + Provide API for tools to upload collected SCAP results
+  + Define security/compliance policies
+    + Upload SCAP content and assign it with the policy
+  + Result post-processing
+    + Search SCAP results
+    + Search for non-compliant systems
   + Rails artefacts to display audit results within your application
-  + API to set-up organization defined targeting (connect set of system, a policy and time schedule)
-  + Comparison of audit results
-  + Waive known issues (one-time waivers, re-occurring, waivers)
++ Future features:
+  + Define security/compliance policies
+    + Archive distinct versions of the policy
+    + Set-up a periodical schedule of audits for the policy
+    + Organization defined targeting (Assign a set of nodes with the policy)
+    + Define known-issues and waivers (Assign waivers with a set of nodes and the policy)
+    + Set-up rules for automated deletion of results
+  + vulnerability assessment (processing OVAL CVE streams)
+  + Result post-processing
+    + Search for not audited systems
+    * Comparison of audit results
+    + Waive known issues
+      + One time waivers of a report
+      + Set-up periodic waivers for a given policy and system
+      + Set a waiver expirations time (to give the time to remediate things)
+      + Calculate score before and after waiver (ammount of risk accepted needs to be made available to the authorizing official)
+  + Let us know, if your feature is missing.
 
 ## Installation
 
@@ -22,6 +42,8 @@ as a stand-alone sealed server.
 
 - Build SCAPtimony RPM (instructions for Red Hat Enterprise Linux 6)
 
+  Enable Software Collections as per [instructions](https://access.redhat.com/documentation/en-US/Red_Hat_Software_Collections/1/html-single/1.1_Release_Notes/index.html#sect-Installation_and_Usage-Subscribe).
+
   ```
   $ cd scaptimony
   $ gem build scaptimony.gemspec

data/app/models/scaptimony/arf_report.rb

@@ -1,16 +1,35 @@
 require 'fileutils'
 require 'openscap'
 require 'openscap/ds/arf'
+require 'openscap/xccdf/testresult'
+require 'openscap/xccdf/ruleresult'
+require 'scaptimony/engine'
 
 module Scaptimony
   class ArfReport < ActiveRecord::Base
     belongs_to :asset
     belongs_to :policy
+    has_many :xccdf_rule_results, :dependent => :destroy
+    has_one :arf_report_breakdown
+
+    before_destroy { |record|
+      record.delete
+    }
+
+    scoped_search :on => :date, :complete_value => true
+    scoped_search :in => :arf_report_breakdown, :on => :passed
+    scoped_search :in => :arf_report_breakdown, :on => :failed
+    scoped_search :in => :arf_report_breakdown, :on => :othered
+
+    def passed; arf_report_breakdown ? arf_report_breakdown.passed : 0; end
+    def failed; arf_report_breakdown ? arf_report_breakdown.failed : 0; end
+    def othered; arf_report_breakdown ? arf_report_breakdown.othered : 0; end
 
     def store!(data)
       begin
         FileUtils.mkdir_p dir
         File.open(path, 'wb') { |f| f.write(data) }
+        save_dependent_entities
       rescue StandardError => e
         logger.error "Could not store ARF to '#{path}': #{e.message}"
         raise e
@@ -25,14 +44,42 @@ module Scaptimony
       OpenSCAP.oscap_cleanup
     end
 
+    def delete
+      File.delete path
+      begin
+        Dir.delete dir
+      rescue StandardError => e
+      end
+    end
+
     private
+    def save_dependent_entities
+      return unless xccdf_rule_results.empty?
+      begin
+        OpenSCAP.oscap_init
+        arf = OpenSCAP::DS::Arf.new path
+        test_result = arf.test_result
+        test_result.rr.each {|rr_id, rr|
+          rule = ::Scaptimony::XccdfRule.where(:xid => rr_id).first_or_create!
+          xccdf_rule_results.create!(:xccdf_rule_id => rule.id, :xccdf_result_id => XccdfResult.f(rr.result).id)
+        }
+      rescue StandardError => e
+        xccdf_rule_results.destroy_all
+        raise e
+      ensure
+        test_result.destroy unless test_result.nil?
+        arf.destroy unless arf.nil?
+        OpenSCAP.oscap_cleanup
+      end
+    end
+
     def path
       "#{dir}/#{digest}.xml.bz2"
     end
 
     def dir
       # TODO this should be configurable
-      "/var/lib/foreman/scaptimony/arf/#{asset.name}/#{policy.name}/#{date}"
+      "#{Scaptimony::Engine.dir}/arf/#{asset.name}/#{policy.name}/#{date}"
     end
   end
 end

data/app/models/scaptimony/arf_report_breakdown.rb

@@ -0,0 +1,15 @@
+module Scaptimony
+  class ArfReportBreakdown < ActiveRecord::Base
+    # This class aggregates counts of xccdf:rule-result by xccdf:result. The columns
+    # (failed, passed, othered) mimics the 'Rule result breakdown' from OpenSCAP HTML
+    # Report.
+    #
+    # Frameworks like scoped_search cannot do group-by, so this is implemented
+    # as a database view.
+
+    set_primary_key :arf_report_id
+
+    protected
+    def readonly?; true end
+  end
+end

data/app/models/scaptimony/policy.rb

@@ -1,4 +1,33 @@
+require 'openscap'
+require 'openscap/ds/sds'
+
 module Scaptimony
   class Policy < ActiveRecord::Base
+    belongs_to :scap_content
+    belongs_to :scap_content_profile
+    has_many :arf_reports, dependent: :destroy
+
+    validates :name, :presence => true
+  end
+
+  class GuideGenerator
+    def initialize(p)
+      case p
+      when Scaptimony::Policy
+        @scap_content = p.scap_content
+        @profile = p.scap_content_profile
+      end
+      if @scap_content.nil? or @scap_content.source.nil?
+        OpenSCAP.raise! "Cannot generate HTML Guide for #{@scap_content}/#{@profile}"
+      end
+    end
+
+    def each
+      sds = OpenSCAP::DS::Sds.new @scap_content.source
+      sds.select_checklist
+      profile_id = @profile.nil? ? nil : @profile.profile_id
+      yield sds.html_guide profile_id
+      sds.destroy
+    end
   end
 end

data/app/models/scaptimony/policy_revision.rb

@@ -0,0 +1,6 @@
+module Scaptimony
+  class PolicyRevision < ActiveRecord::Base
+    belongs_to :policy
+    belongs_to :scap_content
+  end
+end

data/app/models/scaptimony/scap_content.rb

@@ -0,0 +1,108 @@
+require 'digest'
+require 'fileutils'
+require 'openscap/ds/sds'
+require 'openscap/source'
+require 'openscap/xccdf/benchmark'
+require 'scaptimony/engine'
+
+module Scaptimony
+  class DataStreamValidator < ActiveModel::Validator
+    def validate(scap_content)
+      if !scap_content.new_record?
+        return true if scap_content.scap_file.nil?
+        scap_content.errors[:base] << _("Cannot change uploaded file while editing content.")
+        return false
+      end
+      if scap_content.scap_file.nil?
+        scap_content.errors[:base] << _("Please select file for upload.")
+        return false
+      end
+
+      existing = ScapContent.where(:digest => scap_content.digest).first
+      if !existing.nil?
+        scap_content.errors[:base] << _("This file has been already uploaded as '#{existing.title}'.")
+        return false
+      end
+
+      allowed_type = 'SCAP Source Datastream'
+      if scap_content.source.type != allowed_type
+        scap_content.errors[:base] << _("Uploaded file is not #{allowed_type}.")
+        return false
+      end
+
+      begin
+        scap_content.source.validate!
+      rescue OpenSCAP::OpenSCAPError => e
+        scap_content.errors[:base] << e.message
+      end
+    end
+  end
+
+  class ScapContent < ActiveRecord::Base
+    has_many :scap_content_profiles, :dependent => :destroy
+    has_many :policies, :dependent => :destroy
+
+    validates_with Scaptimony::DataStreamValidator
+    validates :title, :presence => true
+    validates :digest, :presence => true
+    attr_accessor :scap_file
+
+    def store
+      if valid_store_attempt
+        begin
+          FileUtils.mkdir_p dir
+          source.save path
+          return false if !save
+          create_profiles
+        rescue StandardError => e
+          errors[:base] << e.message
+          return false
+        end
+      else
+        save
+      end
+    end
+
+    def valid_store_attempt
+      new_record? and !@scap_file.nil?
+    end
+
+    def source
+      @source ||= source_init
+    end
+
+    def digest
+      self[:digest] ||= Digest::SHA256.hexdigest "#{@scap_file}"
+    end
+
+    def path
+      "#{dir}/#{digest}"
+    end
+
+    private
+    def source_init
+      OpenSCAP.oscap_init
+      if new_record?
+        OpenSCAP::Source.new(:content => @scap_file, :path => path)
+      else
+        OpenSCAP::Source.new path
+      end
+    end
+
+    def dir
+      "#{Scaptimony::Engine.dir}/content"
+    end
+
+    def create_profiles
+        sds = ::OpenSCAP::DS::Sds.new source
+        bench_source = sds.select_checklist!
+        bench = ::OpenSCAP::Xccdf::Benchmark.new bench_source
+        bench.profiles.each { |key, profile|
+          scap_content_profiles.create!(:profile_id => key, :title => profile.title)
+        }
+        bench.destroy
+        sds.destroy
+        true
+      end
+  end
+end

data/app/models/scaptimony/scap_content_profile.rb

@@ -0,0 +1,6 @@
+module Scaptimony
+  class ScapContentProfile < ActiveRecord::Base
+    belongs_to :scap_content
+    has_many :policies
+  end
+end

data/app/models/scaptimony/xccdf_result.rb

@@ -0,0 +1,7 @@
+module Scaptimony
+  class XccdfResult < ActiveRecord::Base
+    def self.f result_name
+      where(:name => "#{result_name}").first!
+    end
+  end
+end

data/app/models/scaptimony/xccdf_rule.rb

@@ -0,0 +1,18 @@
+module Scaptimony
+  class XccdfRule < ActiveRecord::Base
+    # This is just an enumeration of ID's that have been found in the XCCDF contents uploaded
+    # to Scaptimony.
+    #
+    # Each Xccdf:Rule may have contain other data useful to users (Title, idents, and description,
+    # ...). These however needs to be carried by different entity (XccdfContentRule presumably).
+    # That is because different XCCDF contents may refer to the very same ID, even though it may
+    # have slightly different meaning in the context of given policy.
+    #
+    # There is still value in being able to enumerate the rules regardless of the policy. As we
+    # can expect that when the ID matches, most of the things will match as well (consider
+    # different version of the same policy). User may then want to search the results for a given
+    # rule.
+    #
+    validates :xid, :presence => true, :uniqueness => true
+  end
+end

data/app/models/scaptimony/xccdf_rule_result.rb

@@ -0,0 +1,11 @@
+module Scaptimony
+  class XccdfRuleResult < ActiveRecord::Base
+    belongs_to :arf_report
+    belongs_to :xccdf_result
+    belongs_to :xccdf_rule
+
+    def self.f result_name
+      includes(:xccdf_result).where("scaptimony_xccdf_results.name = '#{result_name}'")
+    end
+  end
+end

data/db/migrate/20141104164201_create_scaptimony_scap_contents.rb

@@ -0,0 +1,10 @@
+class CreateScaptimonyScapContents < ActiveRecord::Migration
+  def change
+    create_table :scaptimony_scap_contents do |t|
+      t.string :digest, limit: 128
+
+      t.timestamps
+    end
+    add_index :scaptimony_scap_contents, :digest, unique: true
+  end
+end

data/db/migrate/20141104171545_create_scaptimony_policy_revisions.rb

@@ -0,0 +1,14 @@
+class CreateScaptimonyPolicyRevisions < ActiveRecord::Migration
+  def change
+    create_table :scaptimony_policy_revisions do |t|
+      t.references :policy, index: true
+      t.references :scap_content, index: true
+      t.string :xccdf_profile
+      t.string :period
+      t.string :weekday
+      t.timestamp :active_until
+
+      t.timestamps
+    end
+  end
+end

data/db/migrate/20141105174625_add_description_to_scaptimony_policy_revisions.rb

@@ -0,0 +1,5 @@
+class AddDescriptionToScaptimonyPolicyRevisions < ActiveRecord::Migration
+  def change
+    add_column :scaptimony_policy_revisions, :description, :string
+  end
+end

data/db/migrate/20141105174834_add_columns_to_scaptimony_policies.rb

@@ -0,0 +1,12 @@
+class AddColumnsToScaptimonyPolicies < ActiveRecord::Migration
+  def change
+    add_column :scaptimony_policies, :xccdf_profile, :string
+    add_column :scaptimony_policies, :period, :string
+    add_column :scaptimony_policies, :weekday, :string
+    add_column :scaptimony_policies, :description, :string
+
+    #This works only with rails-4, I want to support rails-3 too
+    # add_reference :scaptimony_policies, :scap_content, index: true
+    add_column :scaptimony_policies, :scap_content_id, :integer, references: :scap_content
+  end
+end

data/db/migrate/20141107091756_add_columns_to_scaptimony_scap_contents.rb

@@ -0,0 +1,8 @@
+class AddColumnsToScaptimonyScapContents < ActiveRecord::Migration
+  def change
+    add_column :scaptimony_scap_contents, :title, :string
+    add_column :scaptimony_scap_contents, :original_filename, :string
+    add_index :scaptimony_scap_contents, :title
+    add_index :scaptimony_scap_contents, :original_filename
+  end
+end

data/db/migrate/20141111104519_add_constraint_to_scaptimony_scap_contents.rb

@@ -0,0 +1,6 @@
+class AddConstraintToScaptimonyScapContents < ActiveRecord::Migration
+  def change
+    change_column :scaptimony_scap_contents, :title, :string, :null => false
+    change_column :scaptimony_scap_contents, :digest, :string, :null => false
+  end
+end

data/db/migrate/20141113221054_create_scaptimony_scap_content_profiles.rb

@@ -0,0 +1,12 @@
+class CreateScaptimonyScapContentProfiles < ActiveRecord::Migration
+  def change
+    create_table :scaptimony_scap_content_profiles do |t|
+      t.references :scap_content, index: true
+      t.string :profile_id
+      t.string :title
+
+    end
+    add_index :scaptimony_scap_content_profiles, [:scap_content_id, :profile_id],
+      :unique => true, :name => :index_scaptimony_scap_content_profiles_scipi
+  end
+end

data/db/migrate/20141116170632_remove_xccdf_profile_from_scaptimony_policies.rb

@@ -0,0 +1,5 @@
+class RemoveXccdfProfileFromScaptimonyPolicies < ActiveRecord::Migration
+  def change
+    remove_column :scaptimony_policies, :xccdf_profile
+  end
+end

data/db/migrate/20141116171305_add_profile_to_scaptimony_policies.rb

@@ -0,0 +1,6 @@
+class AddProfileToScaptimonyPolicies < ActiveRecord::Migration
+  def change
+    #add_reference :scaptimony_policies, :scap_content_profile, index: true
+    add_column :scaptimony_policies, :scap_content_profile_id, :integer, references: :scap_content_profile
+  end
+end

data/db/migrate/20141118142954_add_constraint_to_scaptimony_policies.rb

@@ -0,0 +1,5 @@
+class AddConstraintToScaptimonyPolicies < ActiveRecord::Migration
+  def change
+    change_column :scaptimony_policies, :name, :string, :null => false
+  end
+end

data/db/migrate/20141119164918_create_scaptimony_xccdf_results.rb

@@ -0,0 +1,8 @@
+class CreateScaptimonyXccdfResults < ActiveRecord::Migration
+  def change
+    create_table :scaptimony_xccdf_results do |t|
+      t.string :name, :limit => 16, :null => false
+    end
+    add_index :scaptimony_xccdf_results, [:name], :unique => true
+  end
+end

data/db/migrate/20141119175434_create_scaptimony_xccdf_rules.rb

@@ -0,0 +1,8 @@
+class CreateScaptimonyXccdfRules < ActiveRecord::Migration
+  def change
+    create_table :scaptimony_xccdf_rules do |t|
+      t.string :xid, :null => false
+    end
+    add_index :scaptimony_xccdf_rules, [:xid], :unique => true
+  end
+end

data/db/migrate/20141119182606_create_scaptimony_xccdf_rule_results.rb

@@ -0,0 +1,9 @@
+class CreateScaptimonyXccdfRuleResults < ActiveRecord::Migration
+  def change
+    create_table :scaptimony_xccdf_rule_results do |t|
+      t.references :arf_report, index: true, null: false
+      t.references :xccdf_result, index: true, null: false
+      t.references :xccdf_rule, index: true, null: false
+    end
+  end
+end

data/db/migrate/20141121120326_create_scaptimony_arf_report_breakdowns.rb

@@ -0,0 +1,20 @@
+class CreateScaptimonyArfReportBreakdowns < ActiveRecord::Migration
+   def self.up
+     execute <<-SQL
+CREATE VIEW scaptimony_arf_report_breakdowns AS
+  SELECT
+    arf.id as arf_report_id,
+    COUNT(CASE WHEN result.name IN ('pass','fixed') THEN 1 ELSE null END) as passed,
+    COUNT(CASE result.name WHEN 'fail' THEN 1 ELSE null END) as failed,
+    COUNT(CASE WHEN result.name NOT IN ('pass', 'fixed', 'fail', 'notselected', 'notapplicable') THEN 1 ELSE null END) as othered
+  FROM
+    scaptimony_arf_reports arf,
+    scaptimony_xccdf_rule_results rule,
+    scaptimony_xccdf_results result
+  WHERE
+    arf.id = rule.arf_report_id
+    AND rule.xccdf_result_id = result.id
+  GROUP BY arf.id;
+SQL
+  end
+end

data/db/migrate/20141121164042_replace_arf_report_breakdown_view.rb

@@ -0,0 +1,20 @@
+class ReplaceArfReportBreakdownView < ActiveRecord::Migration
+   def self.up
+     execute <<-SQL
+CREATE OR REPLACE VIEW scaptimony_arf_report_breakdowns AS
+  SELECT
+    arf.id as arf_report_id,
+    COUNT(CASE WHEN result.name IN ('pass','fixed') THEN 1 ELSE null END) as passed,
+    COUNT(CASE result.name WHEN 'fail' THEN 1 ELSE null END) as failed,
+    COUNT(CASE WHEN result.name NOT IN ('pass', 'fixed', 'fail', 'notselected', 'notapplicable') THEN 1 ELSE null END) as othered
+  FROM
+    scaptimony_arf_reports arf
+  LEFT OUTER JOIN
+    scaptimony_xccdf_rule_results rule
+    ON arf.id = rule.arf_report_id
+  LEFT OUTER JOIN scaptimony_xccdf_results result
+    ON rule.xccdf_result_id = result.id
+  GROUP BY arf.id;
+SQL
+  end
+end

data/db/seeds.rb

@@ -0,0 +1,9 @@
+Scaptimony::XccdfResult.create(:name => 'pass')
+Scaptimony::XccdfResult.create(:name => 'fail')
+Scaptimony::XccdfResult.create(:name => 'error')
+Scaptimony::XccdfResult.create(:name => 'unknown')
+Scaptimony::XccdfResult.create(:name => 'notapplicable')
+Scaptimony::XccdfResult.create(:name => 'notchecked')
+Scaptimony::XccdfResult.create(:name => 'notselected')
+Scaptimony::XccdfResult.create(:name => 'informational')
+Scaptimony::XccdfResult.create(:name => 'fixed')

data/lib/scaptimony/arf_reports_helper.rb

@@ -14,7 +14,7 @@ module Scaptimony
   module ArfReportsHelper
     def self.create_arf(asset, params, arf_bzip)
       # TODO:RAILS-4.0: This should become policy = Policy.find_or_create_by!(name: params[:policy])
-      policy = Policy.first_or_create!(:name => params[:policy])
+      policy = Policy.where(:name => params[:policy]).first_or_create!
       digest = Digest::SHA256.hexdigest arf_bzip
       # TODO:RAILS-4.0: This should become arf_report = ArfReport.find_or_create_by! ...
       arf_report = ArfReport.where(:asset_id => asset.id, :policy_id => policy.id, :date => params[:date], :digest => digest).first_or_create!

data/lib/scaptimony/engine.rb

@@ -1,5 +1,9 @@
 module Scaptimony
   class Engine < ::Rails::Engine
     isolate_namespace Scaptimony
+    def self.dir
+      # TODO this should be configurable
+      '/var/lib/foreman/scaptimony'
+    end
   end
 end

data/lib/scaptimony/version.rb

@@ -1,3 +1,3 @@
 module Scaptimony
-  VERSION = "0.1.0"
+  VERSION = "0.2.0"
 end

data/test/fixtures/scaptimony/policy_revisions.yml

@@ -0,0 +1,17 @@
+# Read about fixtures at http://api.rubyonrails.org/classes/ActiveRecord/Fixtures.html
+
+one:
+  policy_id: 1
+  scap_content_id: 1
+  xccdf_profile: MyString
+  period: MyString
+  weekday: MyString
+  active_until: 2014-11-04 18:15:45
+
+two:
+  policy_id: 1
+  scap_content_id: 1
+  xccdf_profile: MyString
+  period: MyString
+  weekday: MyString
+  active_until: 2014-11-04 18:15:45

data/test/fixtures/scaptimony/scap_content_profiles.yml

@@ -0,0 +1,11 @@
+# Read about fixtures at http://api.rubyonrails.org/classes/ActiveRecord/Fixtures.html
+
+one:
+  scap_content_id: 1
+  id: MyString
+  title: MyString
+
+two:
+  scap_content_id: 2
+  id: MyString
+  title: MyString

data/test/fixtures/scaptimony/scap_contents.yml

@@ -0,0 +1,7 @@
+# Read about fixtures at http://api.rubyonrails.org/classes/ActiveRecord/Fixtures.html
+
+one:
+  digest: MyString
+
+two:
+  digest: MyString

data/test/fixtures/scaptimony/xccdf_results.yml

@@ -0,0 +1,7 @@
+# Read about fixtures at http://api.rubyonrails.org/classes/ActiveRecord/Fixtures.html
+
+one:
+  name: notapplicable
+
+two:
+  name: notchecked

data/test/fixtures/scaptimony/xccdf_rule_results.yml

@@ -0,0 +1,11 @@
+# Read about fixtures at http://api.rubyonrails.org/classes/ActiveRecord/Fixtures.html
+
+one:
+  arf_report_id:
+  xccdf_result_id:
+  xccdf_rule_id:
+
+two:
+  arf_report_id:
+  xccdf_result_id:
+  xccdf_rule_id:

data/test/fixtures/scaptimony/xccdf_rules.yml

@@ -0,0 +1,7 @@
+# Read about fixtures at http://api.rubyonrails.org/classes/ActiveRecord/Fixtures.html
+
+one:
+  xccdf_id: MyString
+
+two:
+  xccdf_id: MyString

data/test/models/scaptimony/arf_report_breakdown_test.rb

@@ -0,0 +1,9 @@
+require 'test_helper'
+
+module Scaptimony
+  class ArfReportBreakdownTest < ActiveSupport::TestCase
+    # test "the truth" do
+    #   assert true
+    # end
+  end
+end

data/test/models/scaptimony/policy_revision_test.rb

@@ -0,0 +1,9 @@
+require 'test_helper'
+
+module Scaptimony
+  class PolicyRevisionTest < ActiveSupport::TestCase
+    # test "the truth" do
+    #   assert true
+    # end
+  end
+end

data/test/models/scaptimony/scap_content_profiles_test.rb

@@ -0,0 +1,9 @@
+require 'test_helper'
+
+module Scaptimony
+  class ScapContentProfilesTest < ActiveSupport::TestCase
+    # test "the truth" do
+    #   assert true
+    # end
+  end
+end

data/test/models/scaptimony/scap_content_test.rb

@@ -0,0 +1,9 @@
+require 'test_helper'
+
+module Scaptimony
+  class ScapContentTest < ActiveSupport::TestCase
+    # test "the truth" do
+    #   assert true
+    # end
+  end
+end

data/test/models/scaptimony/xccdf_result_test.rb

@@ -0,0 +1,9 @@
+require 'test_helper'
+
+module Scaptimony
+  class XccdfResultTest < ActiveSupport::TestCase
+    # test "the truth" do
+    #   assert true
+    # end
+  end
+end

data/test/models/scaptimony/xccdf_rule_result_test.rb

@@ -0,0 +1,9 @@
+require 'test_helper'
+
+module Scaptimony
+  class XccdfRuleResultTest < ActiveSupport::TestCase
+    # test "the truth" do
+    #   assert true
+    # end
+  end
+end

data/test/models/scaptimony/xccdf_rule_test.rb

@@ -0,0 +1,9 @@
+require 'test_helper'
+
+module Scaptimony
+  class XccdfRuleTest < ActiveSupport::TestCase
+    # test "the truth" do
+    #   assert true
+    # end
+  end
+end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: scaptimony
 version: !ruby/object:Gem::Version
-  version: 0.1.0
+  version: 0.2.0
 platform: ruby
 authors:
 - Šimon Lukašík
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-10-23 00:00:00.000000000 Z
+date: 2014-12-04 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -24,6 +24,20 @@ dependencies:
     - - ~>
       - !ruby/object:Gem::Version
         version: 3.2.8
+- !ruby/object:Gem::Dependency
+  name: openscap
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: 0.4.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: 0.4.0
 - !ruby/object:Gem::Dependency
   name: sqlite3
   requirement: !ruby/object:Gem::Requirement
@@ -53,14 +67,37 @@ files:
 - app/controllers/scaptimony/application_controller.rb
 - app/assets/stylesheets/scaptimony/application.css
 - app/assets/javascripts/scaptimony/application.js
+- app/models/scaptimony/xccdf_rule_result.rb
+- app/models/scaptimony/scap_content.rb
 - app/models/scaptimony/policy.rb
+- app/models/scaptimony/policy_revision.rb
 - app/models/scaptimony/arf_report.rb
+- app/models/scaptimony/xccdf_rule.rb
+- app/models/scaptimony/xccdf_result.rb
 - app/models/scaptimony/asset.rb
+- app/models/scaptimony/scap_content_profile.rb
+- app/models/scaptimony/arf_report_breakdown.rb
 - config/routes.rb
+- db/migrate/20141116171305_add_profile_to_scaptimony_policies.rb
+- db/migrate/20141116170632_remove_xccdf_profile_from_scaptimony_policies.rb
+- db/migrate/20141119182606_create_scaptimony_xccdf_rule_results.rb
 - db/migrate/20141015115511_add_arf_report_unique_constraint.rb
 - db/migrate/20141015092642_create_scaptimony_arf_reports.rb
+- db/migrate/20141119175434_create_scaptimony_xccdf_rules.rb
 - db/migrate/20141014105333_create_scaptimony_assets.rb
+- db/migrate/20141119164918_create_scaptimony_xccdf_results.rb
+- db/migrate/20141107091756_add_columns_to_scaptimony_scap_contents.rb
+- db/migrate/20141113221054_create_scaptimony_scap_content_profiles.rb
+- db/migrate/20141111104519_add_constraint_to_scaptimony_scap_contents.rb
+- db/migrate/20141105174834_add_columns_to_scaptimony_policies.rb
+- db/migrate/20141104164201_create_scaptimony_scap_contents.rb
 - db/migrate/20141013172051_create_scaptimony_policies.rb
+- db/migrate/20141105174625_add_description_to_scaptimony_policy_revisions.rb
+- db/migrate/20141104171545_create_scaptimony_policy_revisions.rb
+- db/migrate/20141121120326_create_scaptimony_arf_report_breakdowns.rb
+- db/migrate/20141118142954_add_constraint_to_scaptimony_policies.rb
+- db/migrate/20141121164042_replace_arf_report_breakdown_view.rb
+- db/seeds.rb
 - lib/scaptimony.rb
 - lib/tasks/scaptimony_tasks.rake
 - lib/scaptimony/engine.rb
@@ -97,15 +134,28 @@ files:
 - test/dummy/config/locales/en.yml
 - test/dummy/config.ru
 - test/dummy/README.rdoc
+- test/fixtures/scaptimony/scap_contents.yml
+- test/fixtures/scaptimony/xccdf_rule_results.yml
+- test/fixtures/scaptimony/xccdf_results.yml
 - test/fixtures/scaptimony/policies.yml
+- test/fixtures/scaptimony/xccdf_rules.yml
+- test/fixtures/scaptimony/policy_revisions.yml
 - test/fixtures/scaptimony/arf_reports.yml
+- test/fixtures/scaptimony/scap_content_profiles.yml
 - test/fixtures/scaptimony/assets.yml
 - test/scaptimony_test.rb
 - test/lib/scaptimony/arf_reports_helper_test.rb
 - test/test_helper.rb
 - test/integration/navigation_test.rb
+- test/models/scaptimony/scap_content_profiles_test.rb
+- test/models/scaptimony/policy_revision_test.rb
+- test/models/scaptimony/xccdf_rule_test.rb
+- test/models/scaptimony/scap_content_test.rb
+- test/models/scaptimony/xccdf_result_test.rb
+- test/models/scaptimony/arf_report_breakdown_test.rb
 - test/models/scaptimony/arf_report_test.rb
 - test/models/scaptimony/asset_test.rb
+- test/models/scaptimony/xccdf_rule_result_test.rb
 - test/models/scaptimony/policy_test.rb
 homepage: https://github.com/OpenSCAP/scaptimony
 licenses:
@@ -160,13 +210,26 @@ test_files:
 - test/dummy/config/locales/en.yml
 - test/dummy/config.ru
 - test/dummy/README.rdoc
+- test/fixtures/scaptimony/scap_contents.yml
+- test/fixtures/scaptimony/xccdf_rule_results.yml
+- test/fixtures/scaptimony/xccdf_results.yml
 - test/fixtures/scaptimony/policies.yml
+- test/fixtures/scaptimony/xccdf_rules.yml
+- test/fixtures/scaptimony/policy_revisions.yml
 - test/fixtures/scaptimony/arf_reports.yml
+- test/fixtures/scaptimony/scap_content_profiles.yml
 - test/fixtures/scaptimony/assets.yml
 - test/scaptimony_test.rb
 - test/lib/scaptimony/arf_reports_helper_test.rb
 - test/test_helper.rb
 - test/integration/navigation_test.rb
+- test/models/scaptimony/scap_content_profiles_test.rb
+- test/models/scaptimony/policy_revision_test.rb
+- test/models/scaptimony/xccdf_rule_test.rb
+- test/models/scaptimony/scap_content_test.rb
+- test/models/scaptimony/xccdf_result_test.rb
+- test/models/scaptimony/arf_report_breakdown_test.rb
 - test/models/scaptimony/arf_report_test.rb
 - test/models/scaptimony/asset_test.rb
+- test/models/scaptimony/xccdf_rule_result_test.rb
 - test/models/scaptimony/policy_test.rb