No longer need to specifiy if its a rule or group when selecting
---
src/bin/secstate | 8 ++------
src/secstate/main.py | 47 +++++++++++++++++++++--------------------------
src/secstate/util.py | 3 +--
3 files changed, 24 insertions(+), 34 deletions(-)
diff --git a/src/bin/secstate b/src/bin/secstate
index 0853ac0..340eadf 100644
--- a/src/bin/secstate
+++ b/src/bin/secstate
@@ -125,14 +125,10 @@ def remove_content(arguments):
return -1
def select(arguments, value):
- parser = OptionParser(usage="secstate select [options] <benchmark>
<all/id>")
- parser.add_option('-r', '--rule', action='store_true',
dest='rule', default=False,
- help="Selectes a rule")
- parser.add_option('-g', '--group', action='store_true',
dest='group', default=False,
- help="Selectes a group and all it contains")
+ parser = OptionParser(usage="secstate select <benchmark>
<all/id>")
(options, args) = parser.parse_args(arguments)
for arg in args[1:]:
- if (not (sec_instance.select(args[0], arg, value, options.rule,
options.group))):
+ if (not (sec_instance.select(args[0], arg, value))):
return -1
def audit(arguments):
diff --git a/src/secstate/main.py b/src/secstate/main.py
index ae324f2..2eaa425 100644
--- a/src/secstate/main.py
+++ b/src/secstate/main.py
@@ -282,7 +282,7 @@ class Secstate:
self.log.error("Could not find %(benchmark)s in database" %
{'benchmark':benchmark_id})
return False
- def select(self, benchmark_id, item_id, selected, rule=False, group=False):
+ def select(self, benchmark_id, item_id, selected):
"""
Function: Set the specified item to be selected, as well as its
subelements
Input: Benchmark id, id of rule or group, boolean value to set the items
selected status
@@ -310,24 +310,29 @@ class Secstate:
self.log.debug("Setting %(id)s to %(val)s" %
{'id':oscap.xccdf_rule_get_id(item),
'val':selected})
- elif rule:
- oscap.xccdf_rule_set_selected(self.xccdf_get_item(benchmark,
oscap.XCCDF_RULE, item_id), selected)
+ else:
+ item = oscap.xccdf_benchmark_get_item(benchmark, item_id)
+ if item == None:
+ self.log.error("Benchmark %(bench_id)s does not contain
%(item_id)s" % {'bench_id':benchmark_id,
+
'item_id':item_id})
+ return False
+
+ oscap.xccdf_item_set_selected(item, selected)
self.log.debug("Setting %(id)s to %(val)s" %
{'id':item_id,
'val':selected})
- elif group:
- root_group = self.xccdf_get_item(benchmark, oscap.XCCDF_GROUP, item_id)
- oscap.xccdf_group_set_selected(root_group, selected)
- for item in xccdf_get_items(benchmark, oscap.XCCDF_GROUP,
oscap.xccdf_group_get_content(item)):
- oscap.xccdf_group_set_selected(item, selected)
- self.log.debug("Setting %(id)s to %(val)s" %
{'id':oscap.xccdf_group_get_id(item),
- 'val':selected})
-
- for item in xccdf_get_items(benchmark, oscap.XCCDF_RULE,
oscap.xccdf_group_get_content(item)):
- oscap.xccdf_rule_set_selected(item, selected)
- self.log.debug("Setting %(id)s to %(val)s" %
{'id':oscap.xccdf_rule_get_id(item),
- 'val':selected})
-
+ if oscap.xccdf_item_get_type(item) == oscap.XCCDF_GROUP:
+ root_group = oscap.xccdf_item_to_group(item)
+ for group in xccdf_get_items(benchmark, oscap.XCCDF_GROUP,
oscap.xccdf_group_get_content(root_group)):
+ oscap.xccdf_group_set_selected(group, selected)
+ self.log.debug("Setting %(id)s to %(val)s" %
{'id':oscap.xccdf_group_get_id(group),
+
'val':selected})
+
+ for rule in xccdf_get_items(benchmark, oscap.XCCDF_RULE,
oscap.xccdf_group_get_content(root_group)):
+ oscap.xccdf_rule_set_selected(rule, selected)
+ self.log.debug("Setting %(id)s to %(val)s" %
{'id':oscap.xccdf_group_get_id(group),
+
'val':selected})
+
if not oscap.xccdf_benchmark_export(benchmark, benchmark_file):
self.log.error("Error writing changes to file: %(file)s" %
{'file':benchmark_file})
return False
@@ -335,16 +340,6 @@ class Secstate:
oscap.xccdf_benchmark_free(benchmark)
return True
- def xccdf_get_item(self, benchmark, type, id):
- items = xccdf_get_items(benchmark, type)
- for item in items:
- if type == oscap.XCCDF_RULE:
- if oscap.xccdf_rule_get_id(item) == id:
- return item
- if type == oscap.XCCDF_GROUP:
- if oscap.xccdf_group_get_id(item) == id:
- return item
-
def combine_def_models(self, target, source):
"""
Function: Add all the definitions from the source model to the target model
diff --git a/src/secstate/util.py b/src/secstate/util.py
index 8acc3b1..60ae360 100644
--- a/src/secstate/util.py
+++ b/src/secstate/util.py
@@ -212,6 +212,7 @@ def xccdf_get_items(template, type, items=None):
result.extend(xccdf_get_items(template, type,
oscap.xccdf_benchmark_get_content(oscap.xccdf_item_to_benchmark(item))))
elif item_type == oscap.XCCDF_GROUP:
result.extend(xccdf_get_items(template, type,
oscap.xccdf_group_get_content(oscap.xccdf_item_to_group(item))))
+
elif type == oscap.XCCDF_GROUP:
if item_type == oscap.XCCDF_GROUP:
result.append(oscap.xccdf_item_to_group(item))
@@ -219,8 +220,6 @@ def xccdf_get_items(template, type, items=None):
elif item_type == oscap.XCCDF_BENCHMARK:
result.extend(xccdf_get_items(template, type,
oscap.xccdf_benchmark_get_content(oscap.xccdf_item_to_benchmark(item))))
- elif item_type == oscap.XCCDF_GROUP:
- result.extend(xccdf_get_items(template, type,
oscap.xccdf_group_get_content(oscap.xccdf_item_to_group(item))))
if type == oscap.XCCDF_CONTENT:
result.extend(xccdf_get_items(template, type, item))
--
1.7.0.1