Coverage for org_fedora_oscap/content_handling.py : 54%

Hot-keys on this page
r m x p toggle line displays
j k next/prev highlighted chunk
0 (zero) top of page
1 (one) first highlighted chunk
# # Copyright (C) 2013 Red Hat, Inc. # # This copyrighted material is made available to anyone wishing to use, # modify, copy, or redistribute it subject to the terms and conditions of # the GNU General Public License v.2, or (at your option) any later version. # This program is distributed in the hope that it will be useful, but WITHOUT # ANY WARRANTY expressed or implied, including the implied warranties of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General # Public License for more details. You should have received a copy of the # GNU General Public License along with this program; if not, write to the # Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA # 02110-1301, USA. Any Red Hat trademarks that are incorporated in the # source code or documentation are not subject to the GNU General Public # License and may only be used or replicated with the express permission of # Red Hat, Inc. # # Red Hat Author(s): Vratislav Podzimek <vpodzime@redhat.com> #
Module with various classes for SCAP content processing and retrieving data from it.
"""
except ImportError: from HTMLParser import HTMLParser
"""Exception class for errors related to SCAP content handling."""
"""Exception class for errors related to data stream handling."""
"""Exception class for errors related to benchmark handling."""
"""Exception class for errors related to content (integrity,...) checking.
"""
"""Parser class for HTML tags within content"""
if tag == "html:ul": self.content += "\n" elif tag == "html:li": self.content += "\n" elif tag == "html:br": self.content += "\n"
if tag == "html:ul": self.content += "\n" elif tag == "html:li": self.content += "\n"
"""This is a very simple HTML to text parser.
HTML tags will be removed while trying to maintain readability of content.
:param content: content whose HTML tags will be parsed :return: content without HTML tags """
# namedtuple class (not a constant, pylint!) for info about a XCCDF profile # pylint: disable-msg=C0103
# namedtuple class for info about content files found # pylint: disable-msg=C0103
""" Helper function for getting a text from the oscap_text_iterator.
:param itr: oscap_text_iterator to get the text from :type itr: oscap_text_iterator :return: text gotten from the iterator :rtype: str
"""
""" Function for finding content files in a list of file paths. SIMPLY PICKS THE FIRST USABLE CONTENT FILE OF A PARTICULAR TYPE AND JUST PREFERS DATA STREAMS OVER STANDALONE BENCHMARKS.
:param fpaths: a list of file paths to search for content files in :type fpaths: [str] :return: a tuple containing the content handling class and an ContentFiles instance containing the file names of the XCCDF file, CPE dictionary and tailoring file or "" in place of those items if not found :rtype: (class, ContentFiles)
"""
def get_doc_type(file_path): try: for line in execReadlines("oscap", ["info", file_path]): if line.startswith("Document type:"): _prefix, _sep, type_info = line.partition(":") return type_info.strip() except OSError: # 'oscap info' exitted with a non-zero exit code -> unknown doc # type return None
xccdf_file = "" cpe_file = "" tailoring_file = "" found_ds = False content_class = None
for fpath in fpaths: doc_type = get_doc_type(fpath) if not doc_type: continue
# prefer DS over standalone XCCDF if doc_type == "Source Data Stream" and (not xccdf_file or not found_ds): xccdf_file = fpath content_class = DataStreamHandler found_ds = True elif doc_type == "XCCDF Checklist" and not xccdf_file: xccdf_file = fpath content_class = BenchmarkHandler elif doc_type == "CPE Dictionary" and not cpe_file: cpe_file = fpath elif doc_type == "XCCDF Tailoring" and not tailoring_file: tailoring_file = fpath
# TODO: raise exception if no xccdf_file is found? files = ContentFiles(xccdf_file, cpe_file, tailoring_file) return (content_class, files)
""" Class for handling data streams in the data stream collection and retrieving data from it. For example a list of data stream indices, checklists in a given data stream of profiles.
"""
""" Constructor for the DataStreamHandler class.
:param dsc_file_path: path to a file with a data stream collection :type dsc_file_path: str :param tailoring_file_path: path to a tailoring file :type tailoring_file_path: str
"""
# is used to speed up getting lists of profiles
# create an XCCDF session for the file raise DataStreamHandlingError(OSCAP.oscap_err_desc())
OSCAP.xccdf_session_set_user_tailoring_file(self._session, tailoring_file_path)
# dictionary holding the items gathered from DSC processing
# create an sds index for the content
# iterate over streams and get checklists from each stream
# will be used to store the checklists for streams
# iterate over checklists and append their ids to the list
# store the list of checklist for the current stream
"""Destructor for the DataStreamHandler class."""
# we should free the session OSCAP.xccdf_session_free(self._session)
""" Method to get a list of data streams found in the data stream collection.
:return: list of data stream IDs :rtype: list of strings
"""
""" Method to get data streams and their checklists found in the data stream collection.
:return: a dictionary consisting of the IDs of the data streams as keys and lists of their checklists' IDs as values :rtype: dict(str -> list of strings)
"""
# easy, we already have exactly what should be returned, just create a # copy, so that the caller cannot modify our internal attributes
""" Method to get a list of checklists found in the data stream given by the data_stream_id.
:param data_stream_id: ID of the data stream to get checklists from :type data_stream_id: str :return: list of checklist IDs found in the data stream given by the ID :rtype: list of strings
"""
""" Method to get a list of profiles defined in the checklist given by the checklist_id that is defined in the data stream given by the data_stream_id.
:param data_stream_id: ID of the data stream to get checklists from :type data_stream_id: str :param checklist_id: ID of the checklist to get profiles from :type checklist_id: str :return: list of profiles found in the checklist :rtype: list of ProfileInfo instances
"""
# found in cache, return the value return self._profiles_cache[cache_id]
# not found in the cache, needs to be gathered
# set the data stream and component (checklist) for the session
msg = "'%s' is not a valid SCAP content file" % self._dsc_file_path raise DataStreamHandlingError(msg)
raise DataStreamHandlingError(OSCAP.oscap_err_desc())
# get the benchmark (checklist)
# will hold items for the profiles for the speficied DS and checklist
profiles.append(ProfileInfo("default", "Default", "The implicit XCCDF profile. Usually, the default contains no rules."))
# iterate over the profiles in the benchmark and store them
# cache the result
""" Class for handling XCCDF benchmark and retrieving data from it (mainly the list of profiles).
"""
""" Constructor for the BenchmarkHandler class.
:param xccdf_file_path: path to a file with an XCCDF benchmark :type xccdf_file_path: str :param tailoring_file_path: path to a tailoring file :type tailoring_file_path: str """
if not os.path.exists(xccdf_file_path): msg = "Invalid file path: '%s'" % xccdf_file_path raise BenchmarkHandlingError(msg)
session = OSCAP.xccdf_session_new(xccdf_file_path) if not session: msg = "'%s' is not a valid SCAP content file" % xccdf_file_path raise BenchmarkHandlingError(msg)
if tailoring_file_path: OSCAP.xccdf_session_set_user_tailoring_file(session, tailoring_file_path) if OSCAP.xccdf_session_load(session) != 0: raise BenchmarkHandlingError(OSCAP.oscap_err_desc())
# get the benchmark object policy_model = OSCAP.xccdf_session_get_policy_model(session) benchmark = OSCAP.xccdf_policy_model_get_benchmark(policy_model)
default_policy = OSCAP.xccdf_policy_new(policy_model, None) default_rules_count = OSCAP.xccdf_policy_get_selected_rules_count(default_policy)
# stores a list of profiles in the benchmark self._profiles = []
if default_rules_count > 0: self._profiles.append(ProfileInfo("default", "Default", "The implicit XCCDF profile. Usually, the default contains no rules."))
if not benchmark: msg = "Not a valid benchmark file: '%s'" % xccdf_file_path raise BenchmarkHandlingError(msg)
# iterate over the profiles in the benchmark and store them profile_itr = OSCAP.xccdf_benchmark_get_profiles(benchmark) while OSCAP.xccdf_profile_iterator_has_more(profile_itr): profile = OSCAP.xccdf_profile_iterator_next(profile_itr)
id_ = OSCAP.xccdf_profile_get_id(profile) title = oscap_text_itr_get_text(OSCAP.xccdf_profile_get_title(profile)) desc = parse_HTML_from_content(oscap_text_itr_get_text(OSCAP.xccdf_profile_get_description(profile))) info = ProfileInfo(id_, title, desc)
self._profiles.append(info)
if tailoring_file_path: tailoring = OSCAP.xccdf_policy_model_get_tailoring(policy_model) profile_itr = OSCAP.xccdf_tailoring_get_profiles(tailoring) while OSCAP.xccdf_profile_iterator_has_more(profile_itr): profile = OSCAP.xccdf_profile_iterator_next(profile_itr)
id_ = OSCAP.xccdf_profile_get_id(profile) title = oscap_text_itr_get_text(OSCAP.xccdf_profile_get_title(profile)) desc = parse_HTML_from_content(oscap_text_itr_get_text(OSCAP.xccdf_profile_get_description(profile))) info = ProfileInfo(id_, title, desc)
self._profiles.append(info)
OSCAP.xccdf_profile_iterator_free(profile_itr) OSCAP.xccdf_session_free(session)
def profiles(self): """Property for the list of profiles defined in the benchmark."""
return self._profiles |