smart_proxy_openscap 0.6.0 → 0.6.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 8278c2ea84e4fdf6bba35a966c459cd875ebac0e
4
- data.tar.gz: 3fc2719dbaee2b0d64592c665eec0877943ee1a3
3
+ metadata.gz: feab59ae3e8ce1e915f22d558c1160c55373fa16
4
+ data.tar.gz: e7de38b8eae9570f604850f129beb66a69e27060
5
5
  SHA512:
6
- metadata.gz: 462b6607100ddf4d16471315b63116365f9c3bb028a70837a54bc2b5a0105c2922dfc3063871db203d812164a9a5681e54f9f616a0877955a2d87fce331050fc
7
- data.tar.gz: 0c2b19375d3ff1b9d253d720f15f91151b520089f646531ee4c797a8aa88bc750d58b13844ad1645d195e29bf80976e8221319c0bdc2b0b50daa870693585a97
6
+ metadata.gz: 37138364fff28b9677e4c2f401aad31c0c2fce71c18b5ca26cb25c0e6f8081ad0cf98caf8b092061b4241e9a9c2ce98a2ee800e025b4645c798e5ecb0c9ff7f7
7
+ data.tar.gz: aac42840356d8a85c7f74e08fe050584c45af8c5e857ab30d0b14004e71eb0e26afa88dfdb3fe207edad60669701ab2c9f55ffb997f32ac8869f93ef3f667f41
data/Gemfile CHANGED
@@ -2,6 +2,7 @@ source 'https://rubygems.org'
2
2
  gemspec
3
3
 
4
4
  group :development do
5
+ gem 'test-unit'
5
6
  gem 'pry'
6
7
  gem 'rubocop'
7
8
  gem 'smart_proxy', :github => "theforeman/smart-proxy", :branch => 'develop'
@@ -38,7 +38,7 @@ end
38
38
  begin
39
39
  Proxy::OpenSCAP::send_spool_to_foreman
40
40
  rescue StandardError => e
41
- logger.error "#{e}
41
+ logger.error e
42
42
  puts "#{e} See #{Proxy::OpenSCAP.fullpath(Proxy::OpenSCAP::Plugin.settings.openscap_send_log_file)}"
43
43
  exit false
44
44
  end
@@ -0,0 +1,58 @@
1
+ module Proxy::OpenSCAP
2
+ class FetchFile
3
+ include ::Proxy::Log
4
+
5
+ private
6
+
7
+ def create_store_dir(store_dir)
8
+ logger.info "Creating directory to store SCAP file: #{store_dir}"
9
+ FileUtils.mkdir_p(store_dir) # will fail silently if exists
10
+ rescue Errno::EACCES => e
11
+ logger.error "No permission to create directory #{store_dir}"
12
+ raise e
13
+ rescue StandardError => e
14
+ logger.error "Could not create '#{store_dir}' directory: #{e.message}"
15
+ raise e
16
+ end
17
+
18
+ def policy_content_file(policy_scap_file)
19
+ return nil if !File.file?(policy_scap_file) || File.zero?(policy_scap_file)
20
+ File.open(policy_scap_file, 'rb').read
21
+ end
22
+
23
+ def clean_store_folder(policy_store_dir)
24
+ FileUtils.rm_f Dir["#{policy_store_dir}/*.xml"]
25
+ end
26
+
27
+ def save_or_serve_scap_file(policy_scap_file, file_download_path)
28
+ lock = Proxy::FileLock::try_locking(policy_scap_file)
29
+ response = fetch_scap_content_xml(file_download_path)
30
+ if lock.nil?
31
+ return response
32
+ else
33
+ begin
34
+ File.open(policy_scap_file, 'wb') do |file|
35
+ file << response
36
+ end
37
+ ensure
38
+ Proxy::FileLock::unlock(lock)
39
+ end
40
+ scap_file = policy_content_file(policy_scap_file)
41
+ raise FileNotFound if scap_file.nil?
42
+ return scap_file
43
+ end
44
+ end
45
+
46
+ def fetch_scap_content_xml(file_download_path)
47
+ foreman_request = Proxy::HttpRequest::ForemanRequest.new
48
+ req = foreman_request.request_factory.create_get(file_download_path)
49
+ response = foreman_request.send_request(req)
50
+ response.value
51
+ response.body
52
+ end
53
+
54
+ def clean_store_folder(policy_store_dir)
55
+ FileUtils.rm_f Dir["#{policy_store_dir}/*.xml"]
56
+ end
57
+ end
58
+ end
@@ -1,58 +1,17 @@
1
+ require 'smart_proxy_openscap/fetch_file'
2
+
1
3
  module Proxy::OpenSCAP
2
- class FetchScapContent
3
- include ::Proxy::Log
4
- def get_policy_content(policy_id)
4
+ class FetchScapContent < FetchFile
5
+ def get_policy_content(policy_id, digest)
5
6
  policy_store_dir = File.join(Proxy::OpenSCAP.fullpath(Proxy::OpenSCAP::Plugin.settings.contentdir), policy_id.to_s)
6
- policy_scap_file = File.join(policy_store_dir, "#{policy_id}_scap_content.xml")
7
- begin
8
- logger.info "Creating directory to store SCAP file: #{policy_store_dir}"
9
- FileUtils.mkdir_p(policy_store_dir) # will fail silently if exists
10
- rescue Errno::EACCES => e
11
- logger.error "No permission to create directory #{policy_store_dir}"
12
- raise e
13
- rescue StandardError => e
14
- logger.error "Could not create '#{policy_store_dir}' directory: #{e.message}"
15
- raise e
16
- end
7
+ policy_scap_file = File.join(policy_store_dir, "#{policy_id}_#{digest}.xml")
8
+ file_download_path = "api/v2/compliance/policies/#{policy_id}/content"
17
9
 
18
- scap_file = policy_content_file(policy_scap_file)
19
- scap_file ||= save_or_serve_scap_file(policy_id, policy_scap_file)
20
- scap_file
21
- end
10
+ create_store_dir policy_store_dir
22
11
 
23
- private
24
-
25
- def policy_content_file(policy_scap_file)
26
- return nil if !File.file?(policy_scap_file) || File.zero?(policy_scap_file)
27
- File.open(policy_scap_file, 'rb').read
28
- end
29
-
30
- def save_or_serve_scap_file(policy_id, policy_scap_file)
31
- lock = Proxy::FileLock::try_locking(policy_scap_file)
32
- response = fetch_scap_content_xml(policy_id, policy_scap_file)
33
- if lock.nil?
34
- return response
35
- else
36
- begin
37
- File.open(policy_scap_file, 'wb') do |file|
38
- file << response
39
- end
40
- ensure
41
- Proxy::FileLock::unlock(lock)
42
- end
43
- scap_file = policy_content_file(policy_scap_file)
44
- raise FileNotFound if scap_file.nil?
45
- return scap_file
46
- end
47
- end
48
-
49
- def fetch_scap_content_xml(policy_id, policy_scap_file)
50
- foreman_request = Proxy::HttpRequest::ForemanRequest.new
51
- policy_content_path = "api/v2/compliance/policies/#{policy_id}/content"
52
- req = foreman_request.request_factory.create_get(policy_content_path)
53
- response = foreman_request.send_request(req)
54
- response.value
55
- response.body
12
+ scap_file = policy_content_file(policy_scap_file)
13
+ clean_store_folder(policy_store_dir) unless scap_file
14
+ scap_file ||= save_or_serve_scap_file(policy_scap_file, file_download_path)
56
15
  end
57
16
  end
58
17
  end
@@ -0,0 +1,17 @@
1
+ require 'smart_proxy_openscap/fetch_file'
2
+
3
+ module Proxy::OpenSCAP
4
+ class FetchTailoringFile < FetchFile
5
+ def get_tailoring_file(policy_id, digest)
6
+ store_dir = File.join(Proxy::OpenSCAP.fullpath(Proxy::OpenSCAP::Plugin.settings.tailoring_dir), policy_id.to_s)
7
+ policy_tailoring_file = File.join(store_dir, "#{policy_id}_#{digest}.xml")
8
+ file_download_path = "api/v2/compliance/policies/#{policy_id}/tailoring"
9
+
10
+ create_store_dir store_dir
11
+
12
+ scap_file = policy_content_file(policy_tailoring_file)
13
+ clean_store_folder(policy_store_dir) unless scap_file
14
+ scap_file ||= save_or_serve_scap_file(policy_tailoring_file, file_download_path)
15
+ end
16
+ end
17
+ end
@@ -76,10 +76,33 @@ module Proxy::OpenSCAP
76
76
  end
77
77
  end
78
78
 
79
+ get "/policies/:policy_id/content/:digest" do
80
+ content_type 'application/xml'
81
+ begin
82
+ Proxy::OpenSCAP::FetchScapContent.new.get_policy_content(params[:policy_id], params[:digest])
83
+ rescue *HTTP_ERRORS => e
84
+ log_halt e.response.code.to_i, "File not found on Foreman. Wrong policy id?"
85
+ rescue StandardError => e
86
+ log_halt 500, "Error occurred: #{e.message}"
87
+ end
88
+ end
89
+
79
90
  get "/policies/:policy_id/content" do
80
91
  content_type 'application/xml'
92
+ logger.warn 'DEPRECATION WARNING: /policies/:policy_id/content/:digest should be used, please update foreman_openscap'
81
93
  begin
82
- Proxy::OpenSCAP::FetchScapContent.new.get_policy_content(params[:policy_id])
94
+ Proxy::OpenSCAP::FetchScapContent.new.get_policy_content(params[:policy_id], 'scap_content')
95
+ rescue *HTTP_ERRORS => e
96
+ log_halt e.response.code.to_i, "File not found on Foreman. Wrong policy id?"
97
+ rescue StandardError => e
98
+ log_halt 500, "Error occurred: #{e.message}"
99
+ end
100
+ end
101
+
102
+ get "/policies/:policy_id/tailoring/:digest" do
103
+ content_type 'application/xml'
104
+ begin
105
+ Proxy::OpenSCAP::FetchTailoringFile.new.get_tailoring_file(params[:policy_id], params[:digest])
83
106
  rescue *HTTP_ERRORS => e
84
107
  log_halt e.response.code.to_i, "File not found on Foreman. Wrong policy id?"
85
108
  rescue StandardError => e
@@ -97,9 +120,9 @@ module Proxy::OpenSCAP
97
120
  end
98
121
  end
99
122
 
100
- post "/scap_content/validator" do
123
+ post "/tailoring_file/profiles" do
101
124
  begin
102
- Proxy::OpenSCAP::ContentParser.new(request.body.string).validate
125
+ Proxy::OpenSCAP::ContentParser.new(request.body.string).get_profiles
103
126
  rescue *HTTP_ERRORS => e
104
127
  log_halt 500, e.message
105
128
  rescue StandardError => e
@@ -107,6 +130,16 @@ module Proxy::OpenSCAP
107
130
  end
108
131
  end
109
132
 
133
+ post "/scap_file/validator/:type" do
134
+ validate_scap_file params
135
+ end
136
+
137
+ post "/scap_content/validator" do
138
+ logger.warn "DEPRECATION WARNING: '/scap_content/validator' will be removed in the future. Use '/scap_file/validator/scap_content' instead"
139
+ params[:type] = 'scap_content'
140
+ validate_scap_file params
141
+ end
142
+
110
143
  post "/scap_content/guide/:policy" do
111
144
  begin
112
145
  Proxy::OpenSCAP::ContentParser.new(request.body.string).guide(params[:policy])
@@ -116,5 +149,17 @@ module Proxy::OpenSCAP
116
149
  log_halt 500, "Error occurred: #{e.message}"
117
150
  end
118
151
  end
152
+
153
+ private
154
+
155
+ def validate_scap_file(params)
156
+ begin
157
+ Proxy::OpenSCAP::ContentParser.new(request.body.string, params[:type]).validate
158
+ rescue *HTTP_ERRORS => e
159
+ log_halt 500, e.message
160
+ rescue StandardError => e
161
+ log_halt 500, "Error occurred: #{e.message}"
162
+ end
163
+ end
119
164
  end
120
165
  end
@@ -1,12 +1,21 @@
1
1
  require 'openscap/ds/sds'
2
2
  require 'openscap/source'
3
3
  require 'openscap/xccdf/benchmark'
4
+ require 'openscap/xccdf/tailoring'
4
5
 
5
6
  module Proxy::OpenSCAP
6
7
  class ContentParser
7
- def initialize(scap_content)
8
+ def initialize(scap_file, type = 'scap_content')
8
9
  OpenSCAP.oscap_init
9
- @source = OpenSCAP::Source.new(:content => scap_content)
10
+ @source = OpenSCAP::Source.new(:content => scap_file)
11
+ @type = type
12
+ end
13
+
14
+ def allowed_types
15
+ {
16
+ 'tailoring_file' => 'XCCDF Tailoring',
17
+ 'scap_content' => 'SCAP Source Datastream'
18
+ }
10
19
  end
11
20
 
12
21
  def extract_policies
@@ -19,11 +28,20 @@ module Proxy::OpenSCAP
19
28
  policies.to_json
20
29
  end
21
30
 
31
+ def get_profiles
32
+ tailoring = ::OpenSCAP::Xccdf::Tailoring.new(@source, nil)
33
+ profiles = tailoring.profiles.inject({}) do |memo, (key, profile)|
34
+ memo.tap { |hash| hash[key] = profile.title }
35
+ end
36
+ tailoring.destroy
37
+ profiles.to_json
38
+ end
39
+
22
40
  def validate
23
41
  errors = []
24
- allowed_type = 'SCAP Source Datastream'
25
- if @source.type != allowed_type
26
- errors << "Uploaded file is not #{allowed_type}"
42
+
43
+ if @source.type != allowed_types[@type]
44
+ errors << "Uploaded file is #{@source.type}, unexpected file type"
27
45
  end
28
46
 
29
47
  begin
@@ -21,6 +21,7 @@ require 'smart_proxy_openscap/openscap_exception'
21
21
  require 'smart_proxy_openscap/openscap_report_parser'
22
22
  require 'smart_proxy_openscap/spool_forwarder'
23
23
  require 'smart_proxy_openscap/storage_fs'
24
+ require 'smart_proxy_openscap/fetch_tailoring_file'
24
25
 
25
26
  module Proxy::OpenSCAP
26
27
  extend ::Proxy::Log
@@ -21,6 +21,7 @@ module Proxy::OpenSCAP
21
21
  :openscap_send_log_file => File.join(APP_ROOT, 'logs/openscap-send.log'),
22
22
  :contentdir => File.join(APP_ROOT, 'openscap/content'),
23
23
  :reportsdir => File.join(APP_ROOT, 'openscap/reports'),
24
- :failed_dir => File.join(APP_ROOT, 'openscap/failed')
24
+ :failed_dir => File.join(APP_ROOT, 'openscap/failed'),
25
+ :tailoring_dir => File.join(APP_ROOT, 'openscap/tailoring')
25
26
  end
26
27
  end
@@ -10,6 +10,6 @@
10
10
 
11
11
  module Proxy
12
12
  module OpenSCAP
13
- VERSION = '0.6.0'
13
+ VERSION = '0.6.1'
14
14
  end
15
15
  end
@@ -12,6 +12,9 @@
12
12
  # So we will not request the XML from Foreman each time
13
13
  #:contentdir: /var/lib/openscap/content
14
14
 
15
+ # Directory where OpenSCAP tailoring XML files are stored
16
+ #:tailoring_dir: /var/lib/openscap/tailoring
17
+
15
18
  # Directory where OpenSCAP report XML are stored
16
19
  # So Foreman can request arf xml reports
17
20
  #:reportsdir: /usr/share/foreman-proxy/openscap/reports
@@ -19,5 +19,5 @@ Gem::Specification.new do |s|
19
19
  s.add_development_dependency('rack-test')
20
20
  s.add_development_dependency('mocha')
21
21
  s.add_development_dependency('webmock')
22
- s.add_dependency 'openscap', '>= 0.4.3'
22
+ s.add_dependency 'openscap', '~> 0.4.7'
23
23
  end
@@ -0,0 +1,31 @@
1
+ <?xml version="1.0" encoding="UTF-8"?>
2
+ <xccdf:Tailoring xmlns:xccdf="http://checklists.nist.gov/xccdf/1.2" id="xccdf_scap-workbench_tailoring_default">
3
+ <xccdf:benchmark href="/usr/share/xml/scap/ssg/content/ssg-firefox-ds.xml"/>
4
+ <xccdf:version time="2016-11-10T11:24:26">1</xccdf:version>
5
+ <xccdf:Profile id="xccdf_org.ssgproject.content_profile_stig-firefox-upstream_customized" extends="xccdf_org.ssgproject.content_profile_stig-firefox-upstream">
6
+ <xccdf:title xmlns:xhtml="http://www.w3.org/1999/xhtml" xml:lang="en-US">Upstream Firefox STIG [CUSTOMIZED]</xccdf:title>
7
+ <xccdf:description xmlns:xhtml="http://www.w3.org/1999/xhtml" xml:lang="en-US">This profile is developed under the DoD consensus model and DISA FSO Vendor STIG process,
8
+ serving as the upstream development environment for the Firefox STIG.
9
+
10
+ As a result of the upstream/downstream relationship between the SCAP Security Guide project
11
+ and the official DISA FSO STIG baseline, users should expect variance between SSG and DISA FSO content.
12
+ For official DISA FSO STIG content, refer to http://iase.disa.mil/stigs/app-security/browser-guidance/Pages/index.aspx.
13
+
14
+ While this profile is packaged by Red Hat as part of the SCAP Security Guide package, please note
15
+ that commercial support of this SCAP content is NOT available. This profile is provided as example
16
+ SCAP content with no endorsement for suitability or production readiness. Support for this
17
+ profile is provided by the upstream SCAP Security Guide community on a best-effort basis. The
18
+ upstream project homepage is https://fedorahosted.org/scap-security-guide/.
19
+ </xccdf:description>
20
+ <xccdf:select idref="xccdf_org.ssgproject.content_rule_firefox_preferences-non-secure_page_warning" selected="true"/>
21
+ <xccdf:select idref="xccdf_org.ssgproject.content_rule_firefox_preferences-javascript_status_bar_text" selected="true"/>
22
+ <xccdf:select idref="xccdf_org.ssgproject.content_rule_firefox_preferences-javascript_context_menus" selected="true"/>
23
+ <xccdf:select idref="xccdf_org.ssgproject.content_rule_firefox_preferences-javascript_status_bar_changes" selected="true"/>
24
+ <xccdf:select idref="xccdf_org.ssgproject.content_rule_firefox_preferences-javascript_window_resizing" selected="true"/>
25
+ <xccdf:select idref="xccdf_org.ssgproject.content_rule_firefox_preferences-javascript_window_changes" selected="true"/>
26
+ <xccdf:select idref="xccdf_org.ssgproject.content_rule_firefox_preferences-auto-update_of_firefox" selected="false"/>
27
+ <xccdf:select idref="xccdf_org.ssgproject.content_rule_firefox_preferences-autofill_passwords" selected="false"/>
28
+ <xccdf:select idref="xccdf_org.ssgproject.content_rule_firefox_preferences-autofill_forms" selected="false"/>
29
+ <xccdf:select idref="xccdf_org.ssgproject.content_rule_firefox_preferences-addons_plugin_updates" selected="false"/>
30
+ </xccdf:Profile>
31
+ </xccdf:Tailoring>
@@ -1,6 +1,7 @@
1
1
  require 'test_helper'
2
2
  require 'smart_proxy_openscap'
3
3
  require 'smart_proxy_openscap/openscap_api'
4
+ require 'digest/sha2'
4
5
 
5
6
  ENV['RACK_ENV'] = 'test'
6
7
 
@@ -16,6 +17,7 @@ class FetchScapApiTest < Test::Unit::TestCase
16
17
  Proxy::OpenSCAP::Plugin.settings.stubs(:spooldir).returns(@results_path)
17
18
  Proxy::OpenSCAP::Plugin.settings.stubs(:reportsdir).returns(@results_path)
18
19
  @scap_content = File.new("#{Dir.getwd}/test/data/ssg-rhel7-ds.xml").read
20
+ @digest = Digest::SHA256.hexdigest @scap_content
19
21
  @policy_id = 1
20
22
  end
21
23
 
@@ -29,17 +31,17 @@ class FetchScapApiTest < Test::Unit::TestCase
29
31
 
30
32
  def test_get_scap_content_from_foreman
31
33
  stub_request(:get, "#{@foreman_url}/api/v2/compliance/policies/#{@policy_id}/content").to_return(:body => @scap_content)
32
- get "/policies/#{@policy_id}/content"
34
+ get "/policies/#{@policy_id}/content/#{@digest}"
33
35
  assert_equal("application/xml;charset=utf-8", last_response.header["Content-Type"], "Response header should be application/xml")
34
- assert File.file?("#{@results_path}/#{@policy_id}/#{@policy_id}_scap_content.xml")
36
+ assert File.file?("#{@results_path}/#{@policy_id}/#{@policy_id}_#{@digest}.xml")
35
37
  assert_equal(@scap_content.length, last_response.length, "Scap content should be equal")
36
38
  end
37
39
 
38
40
  def test_get_scap_content_from_file
39
41
  # Simulate that scap file was previously saved after fetched from Foreman.
40
42
  FileUtils.mkdir("#{@results_path}/#{@policy_id}")
41
- FileUtils.cp("#{Dir.getwd}/test/data/ssg-rhel7-ds.xml", "#{@results_path}/#{@policy_id}/#{@policy_id}_scap_content.xml")
42
- get "/policies/#{@policy_id}/content"
43
+ FileUtils.cp("#{Dir.getwd}/test/data/ssg-rhel7-ds.xml", "#{@results_path}/#{@policy_id}/#{@policy_id}_#{@digest}.xml")
44
+ get "/policies/#{@policy_id}/content/#{@digest}"
43
45
  assert_equal("application/xml;charset=utf-8", last_response.header["Content-Type"], "Response header should be application/xml")
44
46
  assert_equal(@scap_content.length, last_response.length, "Scap content should be equal")
45
47
  assert(last_response.successful?, "Response should be success")
@@ -47,14 +49,14 @@ class FetchScapApiTest < Test::Unit::TestCase
47
49
 
48
50
  def test_get_scap_content_no_policy
49
51
  stub_request(:get, "#{@foreman_url}/api/v2/compliance/policies/#{@policy_id}/content").to_return(:status => 404, :body => 'not found')
50
- get "/policies/#{@policy_id}/content"
52
+ get "/policies/#{@policy_id}/content/#{@digest}"
51
53
  assert(last_response.not_found?, "Response should be 404")
52
54
  end
53
55
 
54
56
  def test_get_scap_content_permissions
55
57
  Proxy::OpenSCAP::FetchScapContent.any_instance.stubs(:get_policy_content).raises(Errno::EACCES)
56
58
  stub_request(:get, "#{@foreman_url}/api/v2/compliance/policies/#{@policy_id}/content").to_return(:body => @scap_content)
57
- get "/policies/#{@policy_id}/content"
59
+ get "/policies/#{@policy_id}/content/#{@digest}"
58
60
  assert_equal(500, last_response.status, "No permissions should raise error 500")
59
61
  assert_equal('Error occurred: Permission denied', last_response.body)
60
62
  end
@@ -62,8 +64,8 @@ class FetchScapApiTest < Test::Unit::TestCase
62
64
  def test_locked_file_should_serve_from_foreman
63
65
  Proxy::FileLock.stubs(:try_locking).returns(nil)
64
66
  stub_request(:get, "#{@foreman_url}/api/v2/compliance/policies/#{@policy_id}/content").to_return(:body => @scap_content)
65
- get "/policies/#{@policy_id}/content"
66
- refute(File.file?("#{@results_path}/#{@policy_id}/#{@policy_id}_scap_content.xml"), "Scap file should be saved")
67
+ get "/policies/#{@policy_id}/content/#{@digest}"
68
+ refute(File.file?("#{@results_path}/#{@policy_id}/#{@policy_id}_#{@digest}.xml"), "Scap file should be saved")
67
69
  assert_equal("application/xml;charset=utf-8", last_response.header["Content-Type"], "Response header should be application/xml")
68
70
  assert_equal(@scap_content.length, last_response.length, "Scap content should be equal")
69
71
  assert(last_response.successful?, "Response should be success")
@@ -0,0 +1,37 @@
1
+ require 'test_helper'
2
+ require 'smart_proxy_openscap'
3
+ require 'smart_proxy_openscap/openscap_api'
4
+
5
+ ENV['RACK_ENV'] = 'test'
6
+
7
+ class FetchTailoringApiTest < Test::Unit::TestCase
8
+ include Rack::Test::Methods
9
+
10
+ def setup
11
+ @foreman_url = 'https://foreman.example.com'
12
+ Proxy::SETTINGS.stubs(:foreman_url).returns(@foreman_url)
13
+ @results_path = ("#{Dir.getwd}/test/test_run_files")
14
+ FileUtils.mkdir_p(@results_path)
15
+ Proxy::OpenSCAP::Plugin.settings.stubs(:tailoring_dir).returns(@results_path)
16
+ @tailoring_file = File.new("#{Dir.getwd}/test/data/tailoring.xml").read
17
+ @digest = Digest::SHA256.hexdigest @tailoring_file
18
+ @policy_id = 1
19
+ end
20
+
21
+ def teardown
22
+ FileUtils.rm_rf(Dir.glob("#{@results_path}/*"))
23
+ end
24
+
25
+ def app
26
+ ::Proxy::OpenSCAP::Api.new
27
+ end
28
+
29
+ def test_get_tailoring_file_from_file
30
+ FileUtils.mkdir("#{@results_path}/#{@policy_id}")
31
+ FileUtils.cp("#{Dir.getwd}/test/data/tailoring.xml", "#{@results_path}/#{@policy_id}/#{@policy_id}_#{@digest}.xml")
32
+ get "/policies/#{@policy_id}/tailoring/#{@digest}"
33
+ assert_equal("application/xml;charset=utf-8", last_response.header["Content-Type"], "Response header should be application/xml")
34
+ assert_equal(@tailoring_file.length, last_response.length, "Scap content should be equal")
35
+ assert(last_response.successful?, "Response should be success")
36
+ end
37
+ end
@@ -53,6 +53,6 @@ class OpenSCAPGetArfTest < Test::Unit::TestCase
53
53
  def test_delete_arf_file
54
54
  delete "/arf/#{@arf_id}/#{@cname}/#{@date}/#{@filename}"
55
55
  assert last_response.ok?
56
- refute File.exists?("#{@results_path}/reports/arf/#{@cname}/#{@arf_id}")
56
+ refute File.exist?("#{@results_path}/reports/arf/#{@cname}/#{@arf_id}")
57
57
  end
58
58
  end
@@ -9,6 +9,7 @@ class ScapContentParserApiTest < Test::Unit::TestCase
9
9
  @foreman_url = 'https://foreman.example.com'
10
10
  Proxy::SETTINGS.stubs(:foreman_url).returns(@foreman_url)
11
11
  @scap_content = File.new("#{Dir.getwd}/test/data/ssg-rhel7-ds.xml").read
12
+ @tailoring_file = File.new("#{Dir.getwd}/test/data/tailoring.xml").read
12
13
  end
13
14
 
14
15
  def app
@@ -31,7 +32,7 @@ class ScapContentParserApiTest < Test::Unit::TestCase
31
32
  end
32
33
 
33
34
  def test_scap_content_validator
34
- post '/scap_content/validator', @scap_content, 'CONTENT_TYPE' => 'text/xml'
35
+ post '/scap_file/validator/scap_content', @scap_content, 'CONTENT_TYPE' => 'text/xml'
35
36
  result = JSON.parse(last_response.body)
36
37
  assert_empty(result['errors'])
37
38
  assert(last_response.successful?)
@@ -39,7 +40,7 @@ class ScapContentParserApiTest < Test::Unit::TestCase
39
40
 
40
41
  def test_invalid_scap_content_validator
41
42
  Proxy::OpenSCAP::ContentParser.any_instance.stubs(:validate).returns({:errors => 'Invalid SCAP file type'}.to_json)
42
- post '/scap_content/validator', @scap_content, 'CONTENT_TYPE' => 'text/xml'
43
+ post '/scap_file/validator/scap_content', @scap_content, 'CONTENT_TYPE' => 'text/xml'
43
44
  result = JSON.parse(last_response.body)
44
45
  refute_empty(result['errors'])
45
46
  assert(last_response.successful?)
@@ -51,4 +52,18 @@ class ScapContentParserApiTest < Test::Unit::TestCase
51
52
  assert(result['html'].start_with?('<!DOCTYPE html>'))
52
53
  assert(last_response.successful?)
53
54
  end
55
+
56
+ def test_validate_tailoring_file
57
+ post '/scap_file/validator/tailoring_file', @tailoring_file, 'CONTENT_TYPE' => 'text/xml'
58
+ result = JSON.parse(last_response.body)
59
+ assert_empty(result['errors'])
60
+ assert(last_response.successful?)
61
+ end
62
+
63
+ def test_get_profiles_from_tailoring_file
64
+ post '/tailoring_file/profiles', @tailoring_file, 'CONTENT_TYPE' => 'text/xml'
65
+ result = JSON.parse(last_response.body)
66
+ assert_equal 1, result.keys.length
67
+ assert(last_response.successful?)
68
+ end
54
69
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: smart_proxy_openscap
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.6.0
4
+ version: 0.6.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - "Šimon Lukašík"
@@ -10,7 +10,7 @@ authors:
10
10
  autorequire:
11
11
  bindir: bin
12
12
  cert_chain: []
13
- date: 2016-09-02 00:00:00.000000000 Z
13
+ date: 2017-02-14 00:00:00.000000000 Z
14
14
  dependencies:
15
15
  - !ruby/object:Gem::Dependency
16
16
  name: rake
@@ -72,16 +72,16 @@ dependencies:
72
72
  name: openscap
73
73
  requirement: !ruby/object:Gem::Requirement
74
74
  requirements:
75
- - - ">="
75
+ - - "~>"
76
76
  - !ruby/object:Gem::Version
77
- version: 0.4.3
77
+ version: 0.4.7
78
78
  type: :runtime
79
79
  prerelease: false
80
80
  version_requirements: !ruby/object:Gem::Requirement
81
81
  requirements:
82
- - - ">="
82
+ - - "~>"
83
83
  - !ruby/object:Gem::Version
84
- version: 0.4.3
84
+ version: 0.4.7
85
85
  description: |-
86
86
  A plug-in to the Foreman's smart-proxy which receives
87
87
  bzip2ed ARF files and forwards them to the Foreman.
@@ -102,7 +102,9 @@ files:
102
102
  - extra/rubygem-smart_proxy_openscap.spec
103
103
  - extra/smart-proxy-openscap-send.cron
104
104
  - lib/smart_proxy_openscap.rb
105
+ - lib/smart_proxy_openscap/fetch_file.rb
105
106
  - lib/smart_proxy_openscap/fetch_scap_content.rb
107
+ - lib/smart_proxy_openscap/fetch_tailoring_file.rb
106
108
  - lib/smart_proxy_openscap/foreman_forwarder.rb
107
109
  - lib/smart_proxy_openscap/http_config.ru
108
110
  - lib/smart_proxy_openscap/openscap_api.rb
@@ -120,7 +122,9 @@ files:
120
122
  - smart_proxy_openscap.gemspec
121
123
  - test/data/arf_report
122
124
  - test/data/ssg-rhel7-ds.xml
125
+ - test/data/tailoring.xml
123
126
  - test/fetch_scap_api_test.rb
127
+ - test/fetch_tailoring_api_test.rb
124
128
  - test/get_report_xml_html_test.rb
125
129
  - test/post_report_api_test.rb
126
130
  - test/scap_content_parser_api_test.rb
@@ -145,9 +149,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
145
149
  version: '0'
146
150
  requirements: []
147
151
  rubyforge_project:
148
- rubygems_version: 2.4.6
152
+ rubygems_version: 2.4.5
149
153
  signing_key:
150
154
  specification_version: 4
151
155
  summary: OpenSCAP plug-in for Foreman's smart-proxy.
152
156
  test_files: []
153
- has_rdoc: