smart_proxy_openscap 0.6.0 → 0.6.1

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 8278c2ea84e4fdf6bba35a966c459cd875ebac0e
4
- data.tar.gz: 3fc2719dbaee2b0d64592c665eec0877943ee1a3
3
+ metadata.gz: feab59ae3e8ce1e915f22d558c1160c55373fa16
4
+ data.tar.gz: e7de38b8eae9570f604850f129beb66a69e27060
5
5
  SHA512:
6
- metadata.gz: 462b6607100ddf4d16471315b63116365f9c3bb028a70837a54bc2b5a0105c2922dfc3063871db203d812164a9a5681e54f9f616a0877955a2d87fce331050fc
7
- data.tar.gz: 0c2b19375d3ff1b9d253d720f15f91151b520089f646531ee4c797a8aa88bc750d58b13844ad1645d195e29bf80976e8221319c0bdc2b0b50daa870693585a97
6
+ metadata.gz: 37138364fff28b9677e4c2f401aad31c0c2fce71c18b5ca26cb25c0e6f8081ad0cf98caf8b092061b4241e9a9c2ce98a2ee800e025b4645c798e5ecb0c9ff7f7
7
+ data.tar.gz: aac42840356d8a85c7f74e08fe050584c45af8c5e857ab30d0b14004e71eb0e26afa88dfdb3fe207edad60669701ab2c9f55ffb997f32ac8869f93ef3f667f41
data/Gemfile CHANGED
@@ -2,6 +2,7 @@ source 'https://rubygems.org'
2
2
  gemspec
3
3
 
4
4
  group :development do
5
+ gem 'test-unit'
5
6
  gem 'pry'
6
7
  gem 'rubocop'
7
8
  gem 'smart_proxy', :github => "theforeman/smart-proxy", :branch => 'develop'
@@ -38,7 +38,7 @@ end
38
38
  begin
39
39
  Proxy::OpenSCAP::send_spool_to_foreman
40
40
  rescue StandardError => e
41
- logger.error "#{e}
41
+ logger.error e
42
42
  puts "#{e} See #{Proxy::OpenSCAP.fullpath(Proxy::OpenSCAP::Plugin.settings.openscap_send_log_file)}"
43
43
  exit false
44
44
  end
@@ -0,0 +1,58 @@
1
+ module Proxy::OpenSCAP
2
+ class FetchFile
3
+ include ::Proxy::Log
4
+
5
+ private
6
+
7
+ def create_store_dir(store_dir)
8
+ logger.info "Creating directory to store SCAP file: #{store_dir}"
9
+ FileUtils.mkdir_p(store_dir) # will fail silently if exists
10
+ rescue Errno::EACCES => e
11
+ logger.error "No permission to create directory #{store_dir}"
12
+ raise e
13
+ rescue StandardError => e
14
+ logger.error "Could not create '#{store_dir}' directory: #{e.message}"
15
+ raise e
16
+ end
17
+
18
+ def policy_content_file(policy_scap_file)
19
+ return nil if !File.file?(policy_scap_file) || File.zero?(policy_scap_file)
20
+ File.open(policy_scap_file, 'rb').read
21
+ end
22
+
23
+ def clean_store_folder(policy_store_dir)
24
+ FileUtils.rm_f Dir["#{policy_store_dir}/*.xml"]
25
+ end
26
+
27
+ def save_or_serve_scap_file(policy_scap_file, file_download_path)
28
+ lock = Proxy::FileLock::try_locking(policy_scap_file)
29
+ response = fetch_scap_content_xml(file_download_path)
30
+ if lock.nil?
31
+ return response
32
+ else
33
+ begin
34
+ File.open(policy_scap_file, 'wb') do |file|
35
+ file << response
36
+ end
37
+ ensure
38
+ Proxy::FileLock::unlock(lock)
39
+ end
40
+ scap_file = policy_content_file(policy_scap_file)
41
+ raise FileNotFound if scap_file.nil?
42
+ return scap_file
43
+ end
44
+ end
45
+
46
+ def fetch_scap_content_xml(file_download_path)
47
+ foreman_request = Proxy::HttpRequest::ForemanRequest.new
48
+ req = foreman_request.request_factory.create_get(file_download_path)
49
+ response = foreman_request.send_request(req)
50
+ response.value
51
+ response.body
52
+ end
53
+
54
+ def clean_store_folder(policy_store_dir)
55
+ FileUtils.rm_f Dir["#{policy_store_dir}/*.xml"]
56
+ end
57
+ end
58
+ end
@@ -1,58 +1,17 @@
1
+ require 'smart_proxy_openscap/fetch_file'
2
+
1
3
  module Proxy::OpenSCAP
2
- class FetchScapContent
3
- include ::Proxy::Log
4
- def get_policy_content(policy_id)
4
+ class FetchScapContent < FetchFile
5
+ def get_policy_content(policy_id, digest)
5
6
  policy_store_dir = File.join(Proxy::OpenSCAP.fullpath(Proxy::OpenSCAP::Plugin.settings.contentdir), policy_id.to_s)
6
- policy_scap_file = File.join(policy_store_dir, "#{policy_id}_scap_content.xml")
7
- begin
8
- logger.info "Creating directory to store SCAP file: #{policy_store_dir}"
9
- FileUtils.mkdir_p(policy_store_dir) # will fail silently if exists
10
- rescue Errno::EACCES => e
11
- logger.error "No permission to create directory #{policy_store_dir}"
12
- raise e
13
- rescue StandardError => e
14
- logger.error "Could not create '#{policy_store_dir}' directory: #{e.message}"
15
- raise e
16
- end
7
+ policy_scap_file = File.join(policy_store_dir, "#{policy_id}_#{digest}.xml")
8
+ file_download_path = "api/v2/compliance/policies/#{policy_id}/content"
17
9
 
18
- scap_file = policy_content_file(policy_scap_file)
19
- scap_file ||= save_or_serve_scap_file(policy_id, policy_scap_file)
20
- scap_file
21
- end
10
+ create_store_dir policy_store_dir
22
11
 
23
- private
24
-
25
- def policy_content_file(policy_scap_file)
26
- return nil if !File.file?(policy_scap_file) || File.zero?(policy_scap_file)
27
- File.open(policy_scap_file, 'rb').read
28
- end
29
-
30
- def save_or_serve_scap_file(policy_id, policy_scap_file)
31
- lock = Proxy::FileLock::try_locking(policy_scap_file)
32
- response = fetch_scap_content_xml(policy_id, policy_scap_file)
33
- if lock.nil?
34
- return response
35
- else
36
- begin
37
- File.open(policy_scap_file, 'wb') do |file|
38
- file << response
39
- end
40
- ensure
41
- Proxy::FileLock::unlock(lock)
42
- end
43
- scap_file = policy_content_file(policy_scap_file)
44
- raise FileNotFound if scap_file.nil?
45
- return scap_file
46
- end
47
- end
48
-
49
- def fetch_scap_content_xml(policy_id, policy_scap_file)
50
- foreman_request = Proxy::HttpRequest::ForemanRequest.new
51
- policy_content_path = "api/v2/compliance/policies/#{policy_id}/content"
52
- req = foreman_request.request_factory.create_get(policy_content_path)
53
- response = foreman_request.send_request(req)
54
- response.value
55
- response.body
12
+ scap_file = policy_content_file(policy_scap_file)
13
+ clean_store_folder(policy_store_dir) unless scap_file
14
+ scap_file ||= save_or_serve_scap_file(policy_scap_file, file_download_path)
56
15
  end
57
16
  end
58
17
  end
@@ -0,0 +1,17 @@
1
+ require 'smart_proxy_openscap/fetch_file'
2
+
3
+ module Proxy::OpenSCAP
4
+ class FetchTailoringFile < FetchFile
5
+ def get_tailoring_file(policy_id, digest)
6
+ store_dir = File.join(Proxy::OpenSCAP.fullpath(Proxy::OpenSCAP::Plugin.settings.tailoring_dir), policy_id.to_s)
7
+ policy_tailoring_file = File.join(store_dir, "#{policy_id}_#{digest}.xml")
8
+ file_download_path = "api/v2/compliance/policies/#{policy_id}/tailoring"
9
+
10
+ create_store_dir store_dir
11
+
12
+ scap_file = policy_content_file(policy_tailoring_file)
13
+ clean_store_folder(policy_store_dir) unless scap_file
14
+ scap_file ||= save_or_serve_scap_file(policy_tailoring_file, file_download_path)
15
+ end
16
+ end
17
+ end
@@ -76,10 +76,33 @@ module Proxy::OpenSCAP
76
76
  end
77
77
  end
78
78
 
79
+ get "/policies/:policy_id/content/:digest" do
80
+ content_type 'application/xml'
81
+ begin
82
+ Proxy::OpenSCAP::FetchScapContent.new.get_policy_content(params[:policy_id], params[:digest])
83
+ rescue *HTTP_ERRORS => e
84
+ log_halt e.response.code.to_i, "File not found on Foreman. Wrong policy id?"
85
+ rescue StandardError => e
86
+ log_halt 500, "Error occurred: #{e.message}"
87
+ end
88
+ end
89
+
79
90
  get "/policies/:policy_id/content" do
80
91
  content_type 'application/xml'
92
+ logger.warn 'DEPRECATION WARNING: /policies/:policy_id/content/:digest should be used, please update foreman_openscap'
81
93
  begin
82
- Proxy::OpenSCAP::FetchScapContent.new.get_policy_content(params[:policy_id])
94
+ Proxy::OpenSCAP::FetchScapContent.new.get_policy_content(params[:policy_id], 'scap_content')
95
+ rescue *HTTP_ERRORS => e
96
+ log_halt e.response.code.to_i, "File not found on Foreman. Wrong policy id?"
97
+ rescue StandardError => e
98
+ log_halt 500, "Error occurred: #{e.message}"
99
+ end
100
+ end
101
+
102
+ get "/policies/:policy_id/tailoring/:digest" do
103
+ content_type 'application/xml'
104
+ begin
105
+ Proxy::OpenSCAP::FetchTailoringFile.new.get_tailoring_file(params[:policy_id], params[:digest])
83
106
  rescue *HTTP_ERRORS => e
84
107
  log_halt e.response.code.to_i, "File not found on Foreman. Wrong policy id?"
85
108
  rescue StandardError => e
@@ -97,9 +120,9 @@ module Proxy::OpenSCAP
97
120
  end
98
121
  end
99
122
 
100
- post "/scap_content/validator" do
123
+ post "/tailoring_file/profiles" do
101
124
  begin
102
- Proxy::OpenSCAP::ContentParser.new(request.body.string).validate
125
+ Proxy::OpenSCAP::ContentParser.new(request.body.string).get_profiles
103
126
  rescue *HTTP_ERRORS => e
104
127
  log_halt 500, e.message
105
128
  rescue StandardError => e
@@ -107,6 +130,16 @@ module Proxy::OpenSCAP
107
130
  end
108
131
  end
109
132
 
133
+ post "/scap_file/validator/:type" do
134
+ validate_scap_file params
135
+ end
136
+
137
+ post "/scap_content/validator" do
138
+ logger.warn "DEPRECATION WARNING: '/scap_content/validator' will be removed in the future. Use '/scap_file/validator/scap_content' instead"
139
+ params[:type] = 'scap_content'
140
+ validate_scap_file params
141
+ end
142
+
110
143
  post "/scap_content/guide/:policy" do
111
144
  begin
112
145
  Proxy::OpenSCAP::ContentParser.new(request.body.string).guide(params[:policy])
@@ -116,5 +149,17 @@ module Proxy::OpenSCAP
116
149
  log_halt 500, "Error occurred: #{e.message}"
117
150
  end
118
151
  end
152
+
153
+ private
154
+
155
+ def validate_scap_file(params)
156
+ begin
157
+ Proxy::OpenSCAP::ContentParser.new(request.body.string, params[:type]).validate
158
+ rescue *HTTP_ERRORS => e
159
+ log_halt 500, e.message
160
+ rescue StandardError => e
161
+ log_halt 500, "Error occurred: #{e.message}"
162
+ end
163
+ end
119
164
  end
120
165
  end
@@ -1,12 +1,21 @@
1
1
  require 'openscap/ds/sds'
2
2
  require 'openscap/source'
3
3
  require 'openscap/xccdf/benchmark'
4
+ require 'openscap/xccdf/tailoring'
4
5
 
5
6
  module Proxy::OpenSCAP
6
7
  class ContentParser
7
- def initialize(scap_content)
8
+ def initialize(scap_file, type = 'scap_content')
8
9
  OpenSCAP.oscap_init
9
- @source = OpenSCAP::Source.new(:content => scap_content)
10
+ @source = OpenSCAP::Source.new(:content => scap_file)
11
+ @type = type
12
+ end
13
+
14
+ def allowed_types
15
+ {
16
+ 'tailoring_file' => 'XCCDF Tailoring',
17
+ 'scap_content' => 'SCAP Source Datastream'
18
+ }
10
19
  end
11
20
 
12
21
  def extract_policies
@@ -19,11 +28,20 @@ module Proxy::OpenSCAP
19
28
  policies.to_json
20
29
  end
21
30
 
31
+ def get_profiles
32
+ tailoring = ::OpenSCAP::Xccdf::Tailoring.new(@source, nil)
33
+ profiles = tailoring.profiles.inject({}) do |memo, (key, profile)|
34
+ memo.tap { |hash| hash[key] = profile.title }
35
+ end
36
+ tailoring.destroy
37
+ profiles.to_json
38
+ end
39
+
22
40
  def validate
23
41
  errors = []
24
- allowed_type = 'SCAP Source Datastream'
25
- if @source.type != allowed_type
26
- errors << "Uploaded file is not #{allowed_type}"
42
+
43
+ if @source.type != allowed_types[@type]
44
+ errors << "Uploaded file is #{@source.type}, unexpected file type"
27
45
  end
28
46
 
29
47
  begin
@@ -21,6 +21,7 @@ require 'smart_proxy_openscap/openscap_exception'
21
21
  require 'smart_proxy_openscap/openscap_report_parser'
22
22
  require 'smart_proxy_openscap/spool_forwarder'
23
23
  require 'smart_proxy_openscap/storage_fs'
24
+ require 'smart_proxy_openscap/fetch_tailoring_file'
24
25
 
25
26
  module Proxy::OpenSCAP
26
27
  extend ::Proxy::Log
@@ -21,6 +21,7 @@ module Proxy::OpenSCAP
21
21
  :openscap_send_log_file => File.join(APP_ROOT, 'logs/openscap-send.log'),
22
22
  :contentdir => File.join(APP_ROOT, 'openscap/content'),
23
23
  :reportsdir => File.join(APP_ROOT, 'openscap/reports'),
24
- :failed_dir => File.join(APP_ROOT, 'openscap/failed')
24
+ :failed_dir => File.join(APP_ROOT, 'openscap/failed'),
25
+ :tailoring_dir => File.join(APP_ROOT, 'openscap/tailoring')
25
26
  end
26
27
  end
@@ -10,6 +10,6 @@
10
10
 
11
11
  module Proxy
12
12
  module OpenSCAP
13
- VERSION = '0.6.0'
13
+ VERSION = '0.6.1'
14
14
  end
15
15
  end
@@ -12,6 +12,9 @@
12
12
  # So we will not request the XML from Foreman each time
13
13
  #:contentdir: /var/lib/openscap/content
14
14
 
15
+ # Directory where OpenSCAP tailoring XML files are stored
16
+ #:tailoring_dir: /var/lib/openscap/tailoring
17
+
15
18
  # Directory where OpenSCAP report XML are stored
16
19
  # So Foreman can request arf xml reports
17
20
  #:reportsdir: /usr/share/foreman-proxy/openscap/reports
@@ -19,5 +19,5 @@ Gem::Specification.new do |s|
19
19
  s.add_development_dependency('rack-test')
20
20
  s.add_development_dependency('mocha')
21
21
  s.add_development_dependency('webmock')
22
- s.add_dependency 'openscap', '>= 0.4.3'
22
+ s.add_dependency 'openscap', '~> 0.4.7'
23
23
  end
@@ -0,0 +1,31 @@
1
+ <?xml version="1.0" encoding="UTF-8"?>
2
+ <xccdf:Tailoring xmlns:xccdf="http://checklists.nist.gov/xccdf/1.2" id="xccdf_scap-workbench_tailoring_default">
3
+ <xccdf:benchmark href="/usr/share/xml/scap/ssg/content/ssg-firefox-ds.xml"/>
4
+ <xccdf:version time="2016-11-10T11:24:26">1</xccdf:version>
5
+ <xccdf:Profile id="xccdf_org.ssgproject.content_profile_stig-firefox-upstream_customized" extends="xccdf_org.ssgproject.content_profile_stig-firefox-upstream">
6
+ <xccdf:title xmlns:xhtml="http://www.w3.org/1999/xhtml" xml:lang="en-US">Upstream Firefox STIG [CUSTOMIZED]</xccdf:title>
7
+ <xccdf:description xmlns:xhtml="http://www.w3.org/1999/xhtml" xml:lang="en-US">This profile is developed under the DoD consensus model and DISA FSO Vendor STIG process,
8
+ serving as the upstream development environment for the Firefox STIG.
9
+
10
+ As a result of the upstream/downstream relationship between the SCAP Security Guide project
11
+ and the official DISA FSO STIG baseline, users should expect variance between SSG and DISA FSO content.
12
+ For official DISA FSO STIG content, refer to http://iase.disa.mil/stigs/app-security/browser-guidance/Pages/index.aspx.
13
+
14
+ While this profile is packaged by Red Hat as part of the SCAP Security Guide package, please note
15
+ that commercial support of this SCAP content is NOT available. This profile is provided as example
16
+ SCAP content with no endorsement for suitability or production readiness. Support for this
17
+ profile is provided by the upstream SCAP Security Guide community on a best-effort basis. The
18
+ upstream project homepage is https://fedorahosted.org/scap-security-guide/.
19
+ </xccdf:description>
20
+ <xccdf:select idref="xccdf_org.ssgproject.content_rule_firefox_preferences-non-secure_page_warning" selected="true"/>
21
+ <xccdf:select idref="xccdf_org.ssgproject.content_rule_firefox_preferences-javascript_status_bar_text" selected="true"/>
22
+ <xccdf:select idref="xccdf_org.ssgproject.content_rule_firefox_preferences-javascript_context_menus" selected="true"/>
23
+ <xccdf:select idref="xccdf_org.ssgproject.content_rule_firefox_preferences-javascript_status_bar_changes" selected="true"/>
24
+ <xccdf:select idref="xccdf_org.ssgproject.content_rule_firefox_preferences-javascript_window_resizing" selected="true"/>
25
+ <xccdf:select idref="xccdf_org.ssgproject.content_rule_firefox_preferences-javascript_window_changes" selected="true"/>
26
+ <xccdf:select idref="xccdf_org.ssgproject.content_rule_firefox_preferences-auto-update_of_firefox" selected="false"/>
27
+ <xccdf:select idref="xccdf_org.ssgproject.content_rule_firefox_preferences-autofill_passwords" selected="false"/>
28
+ <xccdf:select idref="xccdf_org.ssgproject.content_rule_firefox_preferences-autofill_forms" selected="false"/>
29
+ <xccdf:select idref="xccdf_org.ssgproject.content_rule_firefox_preferences-addons_plugin_updates" selected="false"/>
30
+ </xccdf:Profile>
31
+ </xccdf:Tailoring>
@@ -1,6 +1,7 @@
1
1
  require 'test_helper'
2
2
  require 'smart_proxy_openscap'
3
3
  require 'smart_proxy_openscap/openscap_api'
4
+ require 'digest/sha2'
4
5
 
5
6
  ENV['RACK_ENV'] = 'test'
6
7
 
@@ -16,6 +17,7 @@ class FetchScapApiTest < Test::Unit::TestCase
16
17
  Proxy::OpenSCAP::Plugin.settings.stubs(:spooldir).returns(@results_path)
17
18
  Proxy::OpenSCAP::Plugin.settings.stubs(:reportsdir).returns(@results_path)
18
19
  @scap_content = File.new("#{Dir.getwd}/test/data/ssg-rhel7-ds.xml").read
20
+ @digest = Digest::SHA256.hexdigest @scap_content
19
21
  @policy_id = 1
20
22
  end
21
23
 
@@ -29,17 +31,17 @@ class FetchScapApiTest < Test::Unit::TestCase
29
31
 
30
32
  def test_get_scap_content_from_foreman
31
33
  stub_request(:get, "#{@foreman_url}/api/v2/compliance/policies/#{@policy_id}/content").to_return(:body => @scap_content)
32
- get "/policies/#{@policy_id}/content"
34
+ get "/policies/#{@policy_id}/content/#{@digest}"
33
35
  assert_equal("application/xml;charset=utf-8", last_response.header["Content-Type"], "Response header should be application/xml")
34
- assert File.file?("#{@results_path}/#{@policy_id}/#{@policy_id}_scap_content.xml")
36
+ assert File.file?("#{@results_path}/#{@policy_id}/#{@policy_id}_#{@digest}.xml")
35
37
  assert_equal(@scap_content.length, last_response.length, "Scap content should be equal")
36
38
  end
37
39
 
38
40
  def test_get_scap_content_from_file
39
41
  # Simulate that scap file was previously saved after fetched from Foreman.
40
42
  FileUtils.mkdir("#{@results_path}/#{@policy_id}")
41
- FileUtils.cp("#{Dir.getwd}/test/data/ssg-rhel7-ds.xml", "#{@results_path}/#{@policy_id}/#{@policy_id}_scap_content.xml")
42
- get "/policies/#{@policy_id}/content"
43
+ FileUtils.cp("#{Dir.getwd}/test/data/ssg-rhel7-ds.xml", "#{@results_path}/#{@policy_id}/#{@policy_id}_#{@digest}.xml")
44
+ get "/policies/#{@policy_id}/content/#{@digest}"
43
45
  assert_equal("application/xml;charset=utf-8", last_response.header["Content-Type"], "Response header should be application/xml")
44
46
  assert_equal(@scap_content.length, last_response.length, "Scap content should be equal")
45
47
  assert(last_response.successful?, "Response should be success")
@@ -47,14 +49,14 @@ class FetchScapApiTest < Test::Unit::TestCase
47
49
 
48
50
  def test_get_scap_content_no_policy
49
51
  stub_request(:get, "#{@foreman_url}/api/v2/compliance/policies/#{@policy_id}/content").to_return(:status => 404, :body => 'not found')
50
- get "/policies/#{@policy_id}/content"
52
+ get "/policies/#{@policy_id}/content/#{@digest}"
51
53
  assert(last_response.not_found?, "Response should be 404")
52
54
  end
53
55
 
54
56
  def test_get_scap_content_permissions
55
57
  Proxy::OpenSCAP::FetchScapContent.any_instance.stubs(:get_policy_content).raises(Errno::EACCES)
56
58
  stub_request(:get, "#{@foreman_url}/api/v2/compliance/policies/#{@policy_id}/content").to_return(:body => @scap_content)
57
- get "/policies/#{@policy_id}/content"
59
+ get "/policies/#{@policy_id}/content/#{@digest}"
58
60
  assert_equal(500, last_response.status, "No permissions should raise error 500")
59
61
  assert_equal('Error occurred: Permission denied', last_response.body)
60
62
  end
@@ -62,8 +64,8 @@ class FetchScapApiTest < Test::Unit::TestCase
62
64
  def test_locked_file_should_serve_from_foreman
63
65
  Proxy::FileLock.stubs(:try_locking).returns(nil)
64
66
  stub_request(:get, "#{@foreman_url}/api/v2/compliance/policies/#{@policy_id}/content").to_return(:body => @scap_content)
65
- get "/policies/#{@policy_id}/content"
66
- refute(File.file?("#{@results_path}/#{@policy_id}/#{@policy_id}_scap_content.xml"), "Scap file should be saved")
67
+ get "/policies/#{@policy_id}/content/#{@digest}"
68
+ refute(File.file?("#{@results_path}/#{@policy_id}/#{@policy_id}_#{@digest}.xml"), "Scap file should be saved")
67
69
  assert_equal("application/xml;charset=utf-8", last_response.header["Content-Type"], "Response header should be application/xml")
68
70
  assert_equal(@scap_content.length, last_response.length, "Scap content should be equal")
69
71
  assert(last_response.successful?, "Response should be success")
@@ -0,0 +1,37 @@
1
+ require 'test_helper'
2
+ require 'smart_proxy_openscap'
3
+ require 'smart_proxy_openscap/openscap_api'
4
+
5
+ ENV['RACK_ENV'] = 'test'
6
+
7
+ class FetchTailoringApiTest < Test::Unit::TestCase
8
+ include Rack::Test::Methods
9
+
10
+ def setup
11
+ @foreman_url = 'https://foreman.example.com'
12
+ Proxy::SETTINGS.stubs(:foreman_url).returns(@foreman_url)
13
+ @results_path = ("#{Dir.getwd}/test/test_run_files")
14
+ FileUtils.mkdir_p(@results_path)
15
+ Proxy::OpenSCAP::Plugin.settings.stubs(:tailoring_dir).returns(@results_path)
16
+ @tailoring_file = File.new("#{Dir.getwd}/test/data/tailoring.xml").read
17
+ @digest = Digest::SHA256.hexdigest @tailoring_file
18
+ @policy_id = 1
19
+ end
20
+
21
+ def teardown
22
+ FileUtils.rm_rf(Dir.glob("#{@results_path}/*"))
23
+ end
24
+
25
+ def app
26
+ ::Proxy::OpenSCAP::Api.new
27
+ end
28
+
29
+ def test_get_tailoring_file_from_file
30
+ FileUtils.mkdir("#{@results_path}/#{@policy_id}")
31
+ FileUtils.cp("#{Dir.getwd}/test/data/tailoring.xml", "#{@results_path}/#{@policy_id}/#{@policy_id}_#{@digest}.xml")
32
+ get "/policies/#{@policy_id}/tailoring/#{@digest}"
33
+ assert_equal("application/xml;charset=utf-8", last_response.header["Content-Type"], "Response header should be application/xml")
34
+ assert_equal(@tailoring_file.length, last_response.length, "Scap content should be equal")
35
+ assert(last_response.successful?, "Response should be success")
36
+ end
37
+ end
@@ -53,6 +53,6 @@ class OpenSCAPGetArfTest < Test::Unit::TestCase
53
53
  def test_delete_arf_file
54
54
  delete "/arf/#{@arf_id}/#{@cname}/#{@date}/#{@filename}"
55
55
  assert last_response.ok?
56
- refute File.exists?("#{@results_path}/reports/arf/#{@cname}/#{@arf_id}")
56
+ refute File.exist?("#{@results_path}/reports/arf/#{@cname}/#{@arf_id}")
57
57
  end
58
58
  end
@@ -9,6 +9,7 @@ class ScapContentParserApiTest < Test::Unit::TestCase
9
9
  @foreman_url = 'https://foreman.example.com'
10
10
  Proxy::SETTINGS.stubs(:foreman_url).returns(@foreman_url)
11
11
  @scap_content = File.new("#{Dir.getwd}/test/data/ssg-rhel7-ds.xml").read
12
+ @tailoring_file = File.new("#{Dir.getwd}/test/data/tailoring.xml").read
12
13
  end
13
14
 
14
15
  def app
@@ -31,7 +32,7 @@ class ScapContentParserApiTest < Test::Unit::TestCase
31
32
  end
32
33
 
33
34
  def test_scap_content_validator
34
- post '/scap_content/validator', @scap_content, 'CONTENT_TYPE' => 'text/xml'
35
+ post '/scap_file/validator/scap_content', @scap_content, 'CONTENT_TYPE' => 'text/xml'
35
36
  result = JSON.parse(last_response.body)
36
37
  assert_empty(result['errors'])
37
38
  assert(last_response.successful?)
@@ -39,7 +40,7 @@ class ScapContentParserApiTest < Test::Unit::TestCase
39
40
 
40
41
  def test_invalid_scap_content_validator
41
42
  Proxy::OpenSCAP::ContentParser.any_instance.stubs(:validate).returns({:errors => 'Invalid SCAP file type'}.to_json)
42
- post '/scap_content/validator', @scap_content, 'CONTENT_TYPE' => 'text/xml'
43
+ post '/scap_file/validator/scap_content', @scap_content, 'CONTENT_TYPE' => 'text/xml'
43
44
  result = JSON.parse(last_response.body)
44
45
  refute_empty(result['errors'])
45
46
  assert(last_response.successful?)
@@ -51,4 +52,18 @@ class ScapContentParserApiTest < Test::Unit::TestCase
51
52
  assert(result['html'].start_with?('<!DOCTYPE html>'))
52
53
  assert(last_response.successful?)
53
54
  end
55
+
56
+ def test_validate_tailoring_file
57
+ post '/scap_file/validator/tailoring_file', @tailoring_file, 'CONTENT_TYPE' => 'text/xml'
58
+ result = JSON.parse(last_response.body)
59
+ assert_empty(result['errors'])
60
+ assert(last_response.successful?)
61
+ end
62
+
63
+ def test_get_profiles_from_tailoring_file
64
+ post '/tailoring_file/profiles', @tailoring_file, 'CONTENT_TYPE' => 'text/xml'
65
+ result = JSON.parse(last_response.body)
66
+ assert_equal 1, result.keys.length
67
+ assert(last_response.successful?)
68
+ end
54
69
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: smart_proxy_openscap
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.6.0
4
+ version: 0.6.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - "Šimon Lukašík"
@@ -10,7 +10,7 @@ authors:
10
10
  autorequire:
11
11
  bindir: bin
12
12
  cert_chain: []
13
- date: 2016-09-02 00:00:00.000000000 Z
13
+ date: 2017-02-14 00:00:00.000000000 Z
14
14
  dependencies:
15
15
  - !ruby/object:Gem::Dependency
16
16
  name: rake
@@ -72,16 +72,16 @@ dependencies:
72
72
  name: openscap
73
73
  requirement: !ruby/object:Gem::Requirement
74
74
  requirements:
75
- - - ">="
75
+ - - "~>"
76
76
  - !ruby/object:Gem::Version
77
- version: 0.4.3
77
+ version: 0.4.7
78
78
  type: :runtime
79
79
  prerelease: false
80
80
  version_requirements: !ruby/object:Gem::Requirement
81
81
  requirements:
82
- - - ">="
82
+ - - "~>"
83
83
  - !ruby/object:Gem::Version
84
- version: 0.4.3
84
+ version: 0.4.7
85
85
  description: |-
86
86
  A plug-in to the Foreman's smart-proxy which receives
87
87
  bzip2ed ARF files and forwards them to the Foreman.
@@ -102,7 +102,9 @@ files:
102
102
  - extra/rubygem-smart_proxy_openscap.spec
103
103
  - extra/smart-proxy-openscap-send.cron
104
104
  - lib/smart_proxy_openscap.rb
105
+ - lib/smart_proxy_openscap/fetch_file.rb
105
106
  - lib/smart_proxy_openscap/fetch_scap_content.rb
107
+ - lib/smart_proxy_openscap/fetch_tailoring_file.rb
106
108
  - lib/smart_proxy_openscap/foreman_forwarder.rb
107
109
  - lib/smart_proxy_openscap/http_config.ru
108
110
  - lib/smart_proxy_openscap/openscap_api.rb
@@ -120,7 +122,9 @@ files:
120
122
  - smart_proxy_openscap.gemspec
121
123
  - test/data/arf_report
122
124
  - test/data/ssg-rhel7-ds.xml
125
+ - test/data/tailoring.xml
123
126
  - test/fetch_scap_api_test.rb
127
+ - test/fetch_tailoring_api_test.rb
124
128
  - test/get_report_xml_html_test.rb
125
129
  - test/post_report_api_test.rb
126
130
  - test/scap_content_parser_api_test.rb
@@ -145,9 +149,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
145
149
  version: '0'
146
150
  requirements: []
147
151
  rubyforge_project:
148
- rubygems_version: 2.4.6
152
+ rubygems_version: 2.4.5
149
153
  signing_key:
150
154
  specification_version: 4
151
155
  summary: OpenSCAP plug-in for Foreman's smart-proxy.
152
156
  test_files: []
153
- has_rdoc: