Module: ForemanOpenscap::HostExtensions

Defined in:
app/models/concerns/foreman_openscap/host_extensions.rb

Defined Under Namespace

Modules: ClassMethods

Class Method Summary collapse

Instance Method Summary collapse

Class Method Details

.prepended(base) ⇒ Object 



5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
 
# File 'app/models/concerns/foreman_openscap/host_extensions.rb', line 5

def self.prepended(base)
  base.has_one :asset, :as => :assetable, :class_name => "::ForemanOpenscap::Asset"
  base.has_many :asset_policies, :through => :asset, :class_name => "::ForemanOpenscap::AssetPolicy"
  base.has_many :policies, :through => :asset_policies, :class_name => "::ForemanOpenscap::Policy"
  base.has_many :arf_reports, :class_name => '::ForemanOpenscap::ArfReport', :foreign_key => :host_id
  base.has_one :compliance_status_object, :class_name => '::ForemanOpenscap::ComplianceStatus', :foreign_key => 'host_id'

  base.validate :openscap_proxy_in_taxonomy, :if => Proc.new { |host| host.openscap_proxy_id.present? }

  base.scoped_search :relation => :policies, :on => :name, :complete_value => true, :rename => :compliance_policy,
                :only_explicit => true, :operators => ['= '], :ext_method => :search_by_policy_name

  base.scoped_search :relation => :policies, :on => :id, :complete_value => false, :rename => :compliance_policy_id,
                :only_explicit => true, :operators => ['= ', '!= '], :ext_method => :search_by_policy_id

  base.scoped_search :relation => :policies, :on => :name, :complete_value => true, :rename => :compliance_report_missing_for,
                :only_explicit => true, :operators => ['= ', '!= '], :ext_method => :search_by_missing_arf

  base.scoped_search :relation => :compliance_status_object, :on => :status, :rename => :compliance_status,
                :complete_value => { :compliant => ::ForemanOpenscap::ComplianceStatus::COMPLIANT,
                                     :incompliant => ::ForemanOpenscap::ComplianceStatus::INCOMPLIANT,
                                     :inconclusive => ::ForemanOpenscap::ComplianceStatus::INCONCLUSIVE }

  base.scoped_search :relation => :policies, :on => :name, :complete_value => { :true => true, :false => false },
                     :only_explicit => true, :rename => :is_compliance_host, :operators => ['= '], :ext_method => :search_for_any_with_policy,
                     :validator => ->(value) { ['true', 'false'].include? value }

  base.scoped_search :on => :id, :rename => :passes_xccdf_rule,
          :only_explicit => true, :operators => ['= '], :ext_method => :search_by_rule_passed

  base.scoped_search :on => :id, :rename => :fails_xccdf_rule,
          :only_explicit => true, :operators => ['= '], :ext_method => :search_by_rule_failed

  base.scoped_search :on => :id, :rename => :others_xccdf_rule,
          :only_explicit => true, :operators => ['= '], :ext_method => :search_by_rule_othered

  base.scoped_search :on => :id, :rename => :comply_with,
                     :only_explicit => true, :operators => ['= '], :ext_method => :search_by_comply_with

  base.scoped_search :on => :id, :rename => :not_comply_with,
                     :only_explicit => true, :operators => ['= '], :ext_method => :search_by_not_comply_with

  base.scoped_search :on => :id, :rename => :inconclusive_with,
                     :only_explicit => true, :operators => ['= '], :ext_method => :search_by_inconclusive_with

  base.scoped_search :on => :id, :rename => :removed_from_policy,
                     :only_explicit => true, :operators => ['= '], :ext_method => :search_by_removed_from_policy

  base.after_update :puppetrun!, :if => ->(host) do
    Setting[:puppetrun] &&
    host.changed.include?('openscap_proxy_id') &&
    (host.individual_puppetclasses + host.parent_classes).pluck(:name).include?(ClientConfig::Puppet.new.puppetclass_name)
  end

  base.scope :comply_with, lambda { |policy|
    joins(:arf_reports).merge(ArfReport.latest_of_policy(policy)).merge(ArfReport.passed)
  }

  base.scope :not_comply_with, lambda { |policy|
    joins(:arf_reports).merge(ArfReport.latest_of_policy(policy)).merge(ArfReport.failed)
  }

  base.scope :inconclusive_with, lambda { |policy|
    joins(:arf_reports).merge(ArfReport.latest_of_policy(policy)).merge(ArfReport.othered)
  }

  base.scope :policy_reports_missing, lambda { |policy|
    search_for("compliance_report_missing_for = \"#{policy.name}\"")
  }

  base.scope :assigned_to_policy, lambda { |policy|
    search_for("compliance_policy = \"#{policy.name}\"")
  }

  base.scope :removed_from_policy, lambda { |policy|
    joins(:arf_reports).merge(ArfReport.latest_of_policy(policy)).where.not(:id => assigned_to_policy(policy).pluck(:id))
  }

  base.send :extend, ClassMethods
end

Instance Method Details

#combined_policiesObject 



109
110
111
112
113
 
# File 'app/models/concerns/foreman_openscap/host_extensions.rb', line 109

def combined_policies
  inc = i[scap_content scap_content_profile tailoring_file tailoring_file_profile]
  combined = self.hostgroup ? self.policies.includes(inc) + self.hostgroup.policies.includes(inc) + self.hostgroup.inherited_policies : self.policies.includes(inc)
  combined.uniq
end

#compliance_status(options = {}) ⇒ Object 



133
134
135
 
# File 'app/models/concerns/foreman_openscap/host_extensions.rb', line 133

def compliance_status(options = {})
  @compliance_status ||= get_status(ForemanOpenscap::ComplianceStatus).to_status(options)
end

#compliance_status_label(options = {}) ⇒ Object 



137
138
139
 
# File 'app/models/concerns/foreman_openscap/host_extensions.rb', line 137

def compliance_status_label(options = {})
  @compliance_status_label ||= get_status(ForemanOpenscap::ComplianceStatus).to_label(options)
end

#get_assetObject 



95
96
97
 
# File 'app/models/concerns/foreman_openscap/host_extensions.rb', line 95

def get_asset
  ForemanOpenscap::Asset.where(:assetable_type => 'Host::Base', :assetable_id => id).first_or_create!
end

#inherited_attributesObject 



86
87
88
 
# File 'app/models/concerns/foreman_openscap/host_extensions.rb', line 86

def inherited_attributes
  super.concat(%w[openscap_proxy_id])
end

#last_report_for_policy(policy) ⇒ Object 



121
122
123
 
# File 'app/models/concerns/foreman_openscap/host_extensions.rb', line 121

def last_report_for_policy(policy)
  reports_for_policy(policy, 1)
end

#openscap_proxy_in_taxonomyObject 



141
142
143
 
# File 'app/models/concerns/foreman_openscap/host_extensions.rb', line 141

def openscap_proxy_in_taxonomy
  validate_association_taxonomy(:openscap_proxy)
end

#policies=(policies) ⇒ Object 



90
91
92
93
 
# File 'app/models/concerns/foreman_openscap/host_extensions.rb', line 90

def policies=(policies)
  self.build_asset(:assetable => self) if self.asset.blank?
  self.asset.policies = policies
end

#policies_encObject 



99
100
101
 
# File 'app/models/concerns/foreman_openscap/host_extensions.rb', line 99

def policies_enc
  policies_enc_raw.to_json
end

#policies_enc_rawObject 



103
104
105
106
107
 
# File 'app/models/concerns/foreman_openscap/host_extensions.rb', line 103

def policies_enc_raw
  check = ForemanOpenscap::OpenscapProxyAssignedVersionCheck.new(self).run
  method = check.pass? ? :to_enc : :to_enc_legacy
  combined_policies.map(&method)
end

#reports_for_policy(policy, limit = nil) ⇒ Object 



125
126
127
128
129
130
131
 
# File 'app/models/concerns/foreman_openscap/host_extensions.rb', line 125

def reports_for_policy(policy, limit = nil)
  report_scope = ForemanOpenscap::ArfReport.unscoped.joins(:policy_arf_report)
                                           .merge(ForemanOpenscap::PolicyArfReport.of_policy(policy.id)).where(:host_id => id)
                                           .order("#{ForemanOpenscap::ArfReport.table_name}.created_at DESC")
  report_scope = report_scope.limit(limit) if limit
  report_scope
end

#scap_status_changed?(policy) ⇒ Boolean

Returns:

  • (Boolean) 


115
116
117
118
119
 
# File 'app/models/concerns/foreman_openscap/host_extensions.rb', line 115

def scap_status_changed?(policy)
  last_reports = reports_for_policy(policy, 2)
  return false if last_reports.length != 2
  !last_reports.first.equal? last_reports.last
end