smart_proxy_openscap 0.6.0 → 0.6.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 8278c2ea84e4fdf6bba35a966c459cd875ebac0e
-  data.tar.gz: 3fc2719dbaee2b0d64592c665eec0877943ee1a3
+  metadata.gz: feab59ae3e8ce1e915f22d558c1160c55373fa16
+  data.tar.gz: e7de38b8eae9570f604850f129beb66a69e27060
 SHA512:
-  metadata.gz: 462b6607100ddf4d16471315b63116365f9c3bb028a70837a54bc2b5a0105c2922dfc3063871db203d812164a9a5681e54f9f616a0877955a2d87fce331050fc
-  data.tar.gz: 0c2b19375d3ff1b9d253d720f15f91151b520089f646531ee4c797a8aa88bc750d58b13844ad1645d195e29bf80976e8221319c0bdc2b0b50daa870693585a97
+  metadata.gz: 37138364fff28b9677e4c2f401aad31c0c2fce71c18b5ca26cb25c0e6f8081ad0cf98caf8b092061b4241e9a9c2ce98a2ee800e025b4645c798e5ecb0c9ff7f7
+  data.tar.gz: aac42840356d8a85c7f74e08fe050584c45af8c5e857ab30d0b14004e71eb0e26afa88dfdb3fe207edad60669701ab2c9f55ffb997f32ac8869f93ef3f667f41

data/Gemfile

@@ -2,6 +2,7 @@ source 'https://rubygems.org'
 gemspec
 
 group :development do
+  gem 'test-unit'
   gem 'pry'
   gem 'rubocop'
   gem 'smart_proxy', :github => "theforeman/smart-proxy", :branch => 'develop'

data/bin/smart-proxy-openscap-send

@@ -38,7 +38,7 @@ end
 begin
   Proxy::OpenSCAP::send_spool_to_foreman
 rescue StandardError => e
-  logger.error "#{e}
+  logger.error e
   puts "#{e} See #{Proxy::OpenSCAP.fullpath(Proxy::OpenSCAP::Plugin.settings.openscap_send_log_file)}"
   exit false
 end

data/lib/smart_proxy_openscap/fetch_file.rb

@@ -0,0 +1,58 @@
+module Proxy::OpenSCAP
+  class FetchFile
+    include ::Proxy::Log
+
+    private
+
+    def create_store_dir(store_dir)
+      logger.info "Creating directory to store SCAP file: #{store_dir}"
+      FileUtils.mkdir_p(store_dir) # will fail silently if exists
+    rescue Errno::EACCES => e
+      logger.error "No permission to create directory #{store_dir}"
+      raise e
+    rescue StandardError => e
+      logger.error "Could not create '#{store_dir}' directory: #{e.message}"
+      raise e
+    end
+
+    def policy_content_file(policy_scap_file)
+      return nil if !File.file?(policy_scap_file) || File.zero?(policy_scap_file)
+      File.open(policy_scap_file, 'rb').read
+    end
+
+    def clean_store_folder(policy_store_dir)
+      FileUtils.rm_f Dir["#{policy_store_dir}/*.xml"]
+    end
+
+    def save_or_serve_scap_file(policy_scap_file, file_download_path)
+      lock = Proxy::FileLock::try_locking(policy_scap_file)
+      response = fetch_scap_content_xml(file_download_path)
+      if lock.nil?
+        return response
+      else
+        begin
+          File.open(policy_scap_file, 'wb') do |file|
+            file << response
+          end
+        ensure
+          Proxy::FileLock::unlock(lock)
+        end
+        scap_file = policy_content_file(policy_scap_file)
+        raise FileNotFound if scap_file.nil?
+        return scap_file
+      end
+    end
+
+    def fetch_scap_content_xml(file_download_path)
+      foreman_request = Proxy::HttpRequest::ForemanRequest.new
+      req = foreman_request.request_factory.create_get(file_download_path)
+      response = foreman_request.send_request(req)
+      response.value
+      response.body
+    end
+
+    def clean_store_folder(policy_store_dir)
+      FileUtils.rm_f Dir["#{policy_store_dir}/*.xml"]
+    end
+  end
+end

data/lib/smart_proxy_openscap/fetch_scap_content.rb

@@ -1,58 +1,17 @@
+require 'smart_proxy_openscap/fetch_file'
+
 module Proxy::OpenSCAP
-  class FetchScapContent
-    include ::Proxy::Log
-    def get_policy_content(policy_id)
+  class FetchScapContent < FetchFile
+    def get_policy_content(policy_id, digest)
       policy_store_dir = File.join(Proxy::OpenSCAP.fullpath(Proxy::OpenSCAP::Plugin.settings.contentdir), policy_id.to_s)
-      policy_scap_file = File.join(policy_store_dir, "#{policy_id}_scap_content.xml")
-      begin
-        logger.info "Creating directory to store SCAP file: #{policy_store_dir}"
-        FileUtils.mkdir_p(policy_store_dir) # will fail silently if exists
-      rescue Errno::EACCES => e
-        logger.error "No permission to create directory #{policy_store_dir}"
-        raise e
-      rescue StandardError => e
-        logger.error "Could not create '#{policy_store_dir}' directory: #{e.message}"
-        raise e
-      end
+      policy_scap_file = File.join(policy_store_dir, "#{policy_id}_#{digest}.xml")
+      file_download_path = "api/v2/compliance/policies/#{policy_id}/content"
 
-      scap_file = policy_content_file(policy_scap_file)
-      scap_file ||= save_or_serve_scap_file(policy_id, policy_scap_file)
-      scap_file
-    end
+      create_store_dir policy_store_dir
 
-    private
-
-    def policy_content_file(policy_scap_file)
-      return nil if !File.file?(policy_scap_file) || File.zero?(policy_scap_file)
-      File.open(policy_scap_file, 'rb').read
-    end
-
-    def save_or_serve_scap_file(policy_id, policy_scap_file)
-      lock = Proxy::FileLock::try_locking(policy_scap_file)
-      response = fetch_scap_content_xml(policy_id, policy_scap_file)
-      if lock.nil?
-        return response
-      else
-        begin
-          File.open(policy_scap_file, 'wb') do |file|
-            file << response
-          end
-        ensure
-          Proxy::FileLock::unlock(lock)
-        end
-        scap_file = policy_content_file(policy_scap_file)
-        raise FileNotFound if scap_file.nil?
-        return scap_file
-      end
-    end
-
-    def fetch_scap_content_xml(policy_id, policy_scap_file)
-      foreman_request = Proxy::HttpRequest::ForemanRequest.new
-      policy_content_path = "api/v2/compliance/policies/#{policy_id}/content"
-      req = foreman_request.request_factory.create_get(policy_content_path)
-      response = foreman_request.send_request(req)
-      response.value
-      response.body
+      scap_file = policy_content_file(policy_scap_file)
+      clean_store_folder(policy_store_dir) unless scap_file
+      scap_file ||= save_or_serve_scap_file(policy_scap_file, file_download_path)
     end
   end
 end

data/lib/smart_proxy_openscap/fetch_tailoring_file.rb

@@ -0,0 +1,17 @@
+require 'smart_proxy_openscap/fetch_file'
+
+module Proxy::OpenSCAP
+  class FetchTailoringFile < FetchFile
+    def get_tailoring_file(policy_id, digest)
+      store_dir = File.join(Proxy::OpenSCAP.fullpath(Proxy::OpenSCAP::Plugin.settings.tailoring_dir), policy_id.to_s)
+      policy_tailoring_file = File.join(store_dir, "#{policy_id}_#{digest}.xml")
+      file_download_path = "api/v2/compliance/policies/#{policy_id}/tailoring"
+
+      create_store_dir store_dir
+
+      scap_file = policy_content_file(policy_tailoring_file)
+      clean_store_folder(policy_store_dir) unless scap_file
+      scap_file ||= save_or_serve_scap_file(policy_tailoring_file, file_download_path)
+    end
+  end
+end

data/lib/smart_proxy_openscap/openscap_api.rb

@@ -76,10 +76,33 @@ module Proxy::OpenSCAP
       end
     end
 
+    get "/policies/:policy_id/content/:digest" do
+      content_type 'application/xml'
+      begin
+        Proxy::OpenSCAP::FetchScapContent.new.get_policy_content(params[:policy_id], params[:digest])
+      rescue *HTTP_ERRORS => e
+        log_halt e.response.code.to_i, "File not found on Foreman. Wrong policy id?"
+      rescue StandardError => e
+        log_halt 500, "Error occurred: #{e.message}"
+      end
+    end
+
     get "/policies/:policy_id/content" do
       content_type 'application/xml'
+      logger.warn 'DEPRECATION WARNING: /policies/:policy_id/content/:digest should be used, please update foreman_openscap'
       begin
-        Proxy::OpenSCAP::FetchScapContent.new.get_policy_content(params[:policy_id])
+        Proxy::OpenSCAP::FetchScapContent.new.get_policy_content(params[:policy_id], 'scap_content')
+      rescue *HTTP_ERRORS => e
+        log_halt e.response.code.to_i, "File not found on Foreman. Wrong policy id?"
+      rescue StandardError => e
+        log_halt 500, "Error occurred: #{e.message}"
+      end
+    end
+
+    get "/policies/:policy_id/tailoring/:digest" do
+      content_type 'application/xml'
+      begin
+        Proxy::OpenSCAP::FetchTailoringFile.new.get_tailoring_file(params[:policy_id], params[:digest])
       rescue *HTTP_ERRORS => e
         log_halt e.response.code.to_i, "File not found on Foreman. Wrong policy id?"
       rescue StandardError => e
@@ -97,9 +120,9 @@ module Proxy::OpenSCAP
       end
     end
 
-    post "/scap_content/validator" do
+    post "/tailoring_file/profiles" do
       begin
-        Proxy::OpenSCAP::ContentParser.new(request.body.string).validate
+        Proxy::OpenSCAP::ContentParser.new(request.body.string).get_profiles
       rescue *HTTP_ERRORS => e
         log_halt 500, e.message
       rescue StandardError => e
@@ -107,6 +130,16 @@ module Proxy::OpenSCAP
       end
     end
 
+    post "/scap_file/validator/:type" do
+      validate_scap_file params
+    end
+
+    post "/scap_content/validator" do
+      logger.warn "DEPRECATION WARNING: '/scap_content/validator' will be removed in the future. Use '/scap_file/validator/scap_content' instead"
+      params[:type] = 'scap_content'
+      validate_scap_file params
+    end
+
     post "/scap_content/guide/:policy" do
       begin
         Proxy::OpenSCAP::ContentParser.new(request.body.string).guide(params[:policy])
@@ -116,5 +149,17 @@ module Proxy::OpenSCAP
         log_halt 500, "Error occurred: #{e.message}"
       end
     end
+
+    private
+
+    def validate_scap_file(params)
+      begin
+        Proxy::OpenSCAP::ContentParser.new(request.body.string, params[:type]).validate
+      rescue *HTTP_ERRORS => e
+        log_halt 500, e.message
+      rescue StandardError => e
+        log_halt 500, "Error occurred: #{e.message}"
+      end
+    end
   end
 end

data/lib/smart_proxy_openscap/openscap_content_parser.rb

@@ -1,12 +1,21 @@
 require 'openscap/ds/sds'
 require 'openscap/source'
 require 'openscap/xccdf/benchmark'
+require 'openscap/xccdf/tailoring'
 
 module Proxy::OpenSCAP
   class ContentParser
-    def initialize(scap_content)
+    def initialize(scap_file, type = 'scap_content')
       OpenSCAP.oscap_init
-      @source = OpenSCAP::Source.new(:content => scap_content)
+      @source = OpenSCAP::Source.new(:content => scap_file)
+      @type = type
+    end
+
+    def allowed_types
+      {
+        'tailoring_file' => 'XCCDF Tailoring',
+        'scap_content' => 'SCAP Source Datastream'
+      }
     end
 
     def extract_policies
@@ -19,11 +28,20 @@ module Proxy::OpenSCAP
       policies.to_json
     end
 
+    def get_profiles
+      tailoring = ::OpenSCAP::Xccdf::Tailoring.new(@source, nil)
+      profiles = tailoring.profiles.inject({}) do |memo, (key, profile)|
+        memo.tap { |hash| hash[key] = profile.title }
+      end
+      tailoring.destroy
+      profiles.to_json
+    end
+
     def validate
       errors = []
-      allowed_type = 'SCAP Source Datastream'
-      if @source.type != allowed_type
-        errors << "Uploaded file is not #{allowed_type}"
+
+      if @source.type != allowed_types[@type]
+        errors << "Uploaded file is #{@source.type}, unexpected file type"
       end
 
       begin

data/lib/smart_proxy_openscap/openscap_lib.rb

@@ -21,6 +21,7 @@ require 'smart_proxy_openscap/openscap_exception'
 require 'smart_proxy_openscap/openscap_report_parser'
 require 'smart_proxy_openscap/spool_forwarder'
 require 'smart_proxy_openscap/storage_fs'
+require 'smart_proxy_openscap/fetch_tailoring_file'
 
 module Proxy::OpenSCAP
   extend ::Proxy::Log

data/lib/smart_proxy_openscap/openscap_plugin.rb

@@ -21,6 +21,7 @@ module Proxy::OpenSCAP
                      :openscap_send_log_file => File.join(APP_ROOT, 'logs/openscap-send.log'),
                      :contentdir => File.join(APP_ROOT, 'openscap/content'),
                      :reportsdir => File.join(APP_ROOT, 'openscap/reports'),
-                     :failed_dir => File.join(APP_ROOT, 'openscap/failed')
+                     :failed_dir => File.join(APP_ROOT, 'openscap/failed'),
+                     :tailoring_dir => File.join(APP_ROOT, 'openscap/tailoring')
   end
 end

data/lib/smart_proxy_openscap/version.rb

@@ -10,6 +10,6 @@
 
 module Proxy
   module OpenSCAP
-    VERSION = '0.6.0'
+    VERSION = '0.6.1'
   end
 end

data/settings.d/openscap.yml.example

@@ -12,6 +12,9 @@
 # So we will not request the XML from Foreman each time
 #:contentdir: /var/lib/openscap/content
 
+# Directory where OpenSCAP tailoring XML files are stored
+#:tailoring_dir: /var/lib/openscap/tailoring
+
 # Directory where OpenSCAP report XML are stored
 # So Foreman can request arf xml reports
 #:reportsdir: /usr/share/foreman-proxy/openscap/reports

data/smart_proxy_openscap.gemspec

@@ -19,5 +19,5 @@ Gem::Specification.new do |s|
   s.add_development_dependency('rack-test')
   s.add_development_dependency('mocha')
   s.add_development_dependency('webmock')
-  s.add_dependency 'openscap', '>= 0.4.3'
+  s.add_dependency 'openscap', '~> 0.4.7'
 end

data/test/data/tailoring.xml

@@ -0,0 +1,31 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xccdf:Tailoring xmlns:xccdf="http://checklists.nist.gov/xccdf/1.2" id="xccdf_scap-workbench_tailoring_default">
+  <xccdf:benchmark href="/usr/share/xml/scap/ssg/content/ssg-firefox-ds.xml"/>
+  <xccdf:version time="2016-11-10T11:24:26">1</xccdf:version>
+  <xccdf:Profile id="xccdf_org.ssgproject.content_profile_stig-firefox-upstream_customized" extends="xccdf_org.ssgproject.content_profile_stig-firefox-upstream">
+    <xccdf:title xmlns:xhtml="http://www.w3.org/1999/xhtml" xml:lang="en-US">Upstream Firefox STIG [CUSTOMIZED]</xccdf:title>
+    <xccdf:description xmlns:xhtml="http://www.w3.org/1999/xhtml" xml:lang="en-US">This profile is developed under the DoD consensus model and DISA FSO Vendor STIG process,
+serving as the upstream development environment for the Firefox STIG.
+
+As a result of the upstream/downstream relationship between the SCAP Security Guide project
+and the official DISA FSO STIG baseline, users should expect variance between SSG and DISA FSO content.
+For official DISA FSO STIG content, refer to http://iase.disa.mil/stigs/app-security/browser-guidance/Pages/index.aspx.
+
+While this profile is packaged by Red Hat as part of the SCAP Security Guide package, please note
+that commercial support of this SCAP content is NOT available. This profile is provided as example
+SCAP content with no endorsement for suitability or production readiness. Support for this
+profile is provided by the upstream SCAP Security Guide community on a best-effort basis. The
+upstream project homepage is https://fedorahosted.org/scap-security-guide/.
+</xccdf:description>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_firefox_preferences-non-secure_page_warning" selected="true"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_firefox_preferences-javascript_status_bar_text" selected="true"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_firefox_preferences-javascript_context_menus" selected="true"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_firefox_preferences-javascript_status_bar_changes" selected="true"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_firefox_preferences-javascript_window_resizing" selected="true"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_firefox_preferences-javascript_window_changes" selected="true"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_firefox_preferences-auto-update_of_firefox" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_firefox_preferences-autofill_passwords" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_firefox_preferences-autofill_forms" selected="false"/>
+    <xccdf:select idref="xccdf_org.ssgproject.content_rule_firefox_preferences-addons_plugin_updates" selected="false"/>
+  </xccdf:Profile>
+</xccdf:Tailoring>

data/test/fetch_scap_api_test.rb

@@ -1,6 +1,7 @@
 require 'test_helper'
 require 'smart_proxy_openscap'
 require 'smart_proxy_openscap/openscap_api'
+require 'digest/sha2'
 
 ENV['RACK_ENV'] = 'test'
 
@@ -16,6 +17,7 @@ class FetchScapApiTest < Test::Unit::TestCase
     Proxy::OpenSCAP::Plugin.settings.stubs(:spooldir).returns(@results_path)
     Proxy::OpenSCAP::Plugin.settings.stubs(:reportsdir).returns(@results_path)
     @scap_content = File.new("#{Dir.getwd}/test/data/ssg-rhel7-ds.xml").read
+    @digest = Digest::SHA256.hexdigest @scap_content
     @policy_id = 1
   end
 
@@ -29,17 +31,17 @@ class FetchScapApiTest < Test::Unit::TestCase
 
   def test_get_scap_content_from_foreman
     stub_request(:get, "#{@foreman_url}/api/v2/compliance/policies/#{@policy_id}/content").to_return(:body => @scap_content)
-    get "/policies/#{@policy_id}/content"
+    get "/policies/#{@policy_id}/content/#{@digest}"
     assert_equal("application/xml;charset=utf-8", last_response.header["Content-Type"], "Response header should be application/xml")
-    assert File.file?("#{@results_path}/#{@policy_id}/#{@policy_id}_scap_content.xml")
+    assert File.file?("#{@results_path}/#{@policy_id}/#{@policy_id}_#{@digest}.xml")
     assert_equal(@scap_content.length, last_response.length, "Scap content should be equal")
   end
 
   def test_get_scap_content_from_file
     # Simulate that scap file was previously saved after fetched from Foreman.
     FileUtils.mkdir("#{@results_path}/#{@policy_id}")
-    FileUtils.cp("#{Dir.getwd}/test/data/ssg-rhel7-ds.xml", "#{@results_path}/#{@policy_id}/#{@policy_id}_scap_content.xml")
-    get "/policies/#{@policy_id}/content"
+    FileUtils.cp("#{Dir.getwd}/test/data/ssg-rhel7-ds.xml", "#{@results_path}/#{@policy_id}/#{@policy_id}_#{@digest}.xml")
+    get "/policies/#{@policy_id}/content/#{@digest}"
     assert_equal("application/xml;charset=utf-8", last_response.header["Content-Type"], "Response header should be application/xml")
     assert_equal(@scap_content.length, last_response.length, "Scap content should be equal")
     assert(last_response.successful?, "Response should be success")
@@ -47,14 +49,14 @@ class FetchScapApiTest < Test::Unit::TestCase
 
   def test_get_scap_content_no_policy
     stub_request(:get, "#{@foreman_url}/api/v2/compliance/policies/#{@policy_id}/content").to_return(:status => 404, :body => 'not found')
-    get "/policies/#{@policy_id}/content"
+    get "/policies/#{@policy_id}/content/#{@digest}"
     assert(last_response.not_found?, "Response should be 404")
   end
 
   def test_get_scap_content_permissions
     Proxy::OpenSCAP::FetchScapContent.any_instance.stubs(:get_policy_content).raises(Errno::EACCES)
     stub_request(:get, "#{@foreman_url}/api/v2/compliance/policies/#{@policy_id}/content").to_return(:body => @scap_content)
-    get "/policies/#{@policy_id}/content"
+    get "/policies/#{@policy_id}/content/#{@digest}"
     assert_equal(500, last_response.status, "No permissions should raise error 500")
     assert_equal('Error occurred: Permission denied', last_response.body)
   end
@@ -62,8 +64,8 @@ class FetchScapApiTest < Test::Unit::TestCase
   def test_locked_file_should_serve_from_foreman
     Proxy::FileLock.stubs(:try_locking).returns(nil)
     stub_request(:get, "#{@foreman_url}/api/v2/compliance/policies/#{@policy_id}/content").to_return(:body => @scap_content)
-    get "/policies/#{@policy_id}/content"
-    refute(File.file?("#{@results_path}/#{@policy_id}/#{@policy_id}_scap_content.xml"), "Scap file should be saved")
+    get "/policies/#{@policy_id}/content/#{@digest}"
+    refute(File.file?("#{@results_path}/#{@policy_id}/#{@policy_id}_#{@digest}.xml"), "Scap file should be saved")
     assert_equal("application/xml;charset=utf-8", last_response.header["Content-Type"], "Response header should be application/xml")
     assert_equal(@scap_content.length, last_response.length, "Scap content should be equal")
     assert(last_response.successful?, "Response should be success")

data/test/fetch_tailoring_api_test.rb

@@ -0,0 +1,37 @@
+require 'test_helper'
+require 'smart_proxy_openscap'
+require 'smart_proxy_openscap/openscap_api'
+
+ENV['RACK_ENV'] = 'test'
+
+class FetchTailoringApiTest < Test::Unit::TestCase
+  include Rack::Test::Methods
+
+  def setup
+    @foreman_url = 'https://foreman.example.com'
+    Proxy::SETTINGS.stubs(:foreman_url).returns(@foreman_url)
+    @results_path = ("#{Dir.getwd}/test/test_run_files")
+    FileUtils.mkdir_p(@results_path)
+    Proxy::OpenSCAP::Plugin.settings.stubs(:tailoring_dir).returns(@results_path)
+    @tailoring_file = File.new("#{Dir.getwd}/test/data/tailoring.xml").read
+    @digest = Digest::SHA256.hexdigest @tailoring_file
+    @policy_id = 1
+  end
+
+  def teardown
+    FileUtils.rm_rf(Dir.glob("#{@results_path}/*"))
+  end
+
+  def app
+    ::Proxy::OpenSCAP::Api.new
+  end
+
+  def test_get_tailoring_file_from_file
+    FileUtils.mkdir("#{@results_path}/#{@policy_id}")
+    FileUtils.cp("#{Dir.getwd}/test/data/tailoring.xml", "#{@results_path}/#{@policy_id}/#{@policy_id}_#{@digest}.xml")
+    get "/policies/#{@policy_id}/tailoring/#{@digest}"
+    assert_equal("application/xml;charset=utf-8", last_response.header["Content-Type"], "Response header should be application/xml")
+    assert_equal(@tailoring_file.length, last_response.length, "Scap content should be equal")
+    assert(last_response.successful?, "Response should be success")
+  end
+end

data/test/get_report_xml_html_test.rb

@@ -53,6 +53,6 @@ class OpenSCAPGetArfTest < Test::Unit::TestCase
   def test_delete_arf_file
     delete "/arf/#{@arf_id}/#{@cname}/#{@date}/#{@filename}"
     assert last_response.ok?
-    refute  File.exists?("#{@results_path}/reports/arf/#{@cname}/#{@arf_id}")
+    refute  File.exist?("#{@results_path}/reports/arf/#{@cname}/#{@arf_id}")
   end
 end

data/test/scap_content_parser_api_test.rb

@@ -9,6 +9,7 @@ class ScapContentParserApiTest < Test::Unit::TestCase
     @foreman_url = 'https://foreman.example.com'
     Proxy::SETTINGS.stubs(:foreman_url).returns(@foreman_url)
     @scap_content = File.new("#{Dir.getwd}/test/data/ssg-rhel7-ds.xml").read
+    @tailoring_file = File.new("#{Dir.getwd}/test/data/tailoring.xml").read
   end
 
   def app
@@ -31,7 +32,7 @@ class ScapContentParserApiTest < Test::Unit::TestCase
   end
 
   def test_scap_content_validator
-    post '/scap_content/validator', @scap_content, 'CONTENT_TYPE' => 'text/xml'
+    post '/scap_file/validator/scap_content', @scap_content, 'CONTENT_TYPE' => 'text/xml'
     result = JSON.parse(last_response.body)
     assert_empty(result['errors'])
     assert(last_response.successful?)
@@ -39,7 +40,7 @@ class ScapContentParserApiTest < Test::Unit::TestCase
 
   def test_invalid_scap_content_validator
     Proxy::OpenSCAP::ContentParser.any_instance.stubs(:validate).returns({:errors => 'Invalid SCAP file type'}.to_json)
-    post '/scap_content/validator', @scap_content, 'CONTENT_TYPE' => 'text/xml'
+    post '/scap_file/validator/scap_content', @scap_content, 'CONTENT_TYPE' => 'text/xml'
     result = JSON.parse(last_response.body)
     refute_empty(result['errors'])
     assert(last_response.successful?)
@@ -51,4 +52,18 @@ class ScapContentParserApiTest < Test::Unit::TestCase
     assert(result['html'].start_with?('<!DOCTYPE html>'))
     assert(last_response.successful?)
   end
+
+  def test_validate_tailoring_file
+    post '/scap_file/validator/tailoring_file', @tailoring_file, 'CONTENT_TYPE' => 'text/xml'
+    result = JSON.parse(last_response.body)
+    assert_empty(result['errors'])
+    assert(last_response.successful?)
+  end
+
+  def test_get_profiles_from_tailoring_file
+    post '/tailoring_file/profiles', @tailoring_file, 'CONTENT_TYPE' => 'text/xml'
+    result = JSON.parse(last_response.body)
+    assert_equal 1, result.keys.length
+    assert(last_response.successful?)
+  end
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: smart_proxy_openscap
 version: !ruby/object:Gem::Version
-  version: 0.6.0
+  version: 0.6.1
 platform: ruby
 authors:
 - "Šimon Lukašík"
@@ -10,7 +10,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2016-09-02 00:00:00.000000000 Z
+date: 2017-02-14 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rake
@@ -72,16 +72,16 @@ dependencies:
   name: openscap
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.4.3
+        version: 0.4.7
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.4.3
+        version: 0.4.7
 description: |-
   A plug-in to the Foreman's smart-proxy which receives
     bzip2ed ARF files and forwards them to the Foreman.
@@ -102,7 +102,9 @@ files:
 - extra/rubygem-smart_proxy_openscap.spec
 - extra/smart-proxy-openscap-send.cron
 - lib/smart_proxy_openscap.rb
+- lib/smart_proxy_openscap/fetch_file.rb
 - lib/smart_proxy_openscap/fetch_scap_content.rb
+- lib/smart_proxy_openscap/fetch_tailoring_file.rb
 - lib/smart_proxy_openscap/foreman_forwarder.rb
 - lib/smart_proxy_openscap/http_config.ru
 - lib/smart_proxy_openscap/openscap_api.rb
@@ -120,7 +122,9 @@ files:
 - smart_proxy_openscap.gemspec
 - test/data/arf_report
 - test/data/ssg-rhel7-ds.xml
+- test/data/tailoring.xml
 - test/fetch_scap_api_test.rb
+- test/fetch_tailoring_api_test.rb
 - test/get_report_xml_html_test.rb
 - test/post_report_api_test.rb
 - test/scap_content_parser_api_test.rb
@@ -145,9 +149,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.4.6
+rubygems_version: 2.4.5
 signing_key: 
 specification_version: 4
 summary: OpenSCAP plug-in for Foreman's smart-proxy.
 test_files: []
-has_rdoc: