3:15 p.m.
Fixes bug #7146
---
src/bin/secstate | 6 ++-
src/secstate/main.py | 89 ++++++++++++++++++++++++++++++-------------------
src/secstate/util.py | 17 +++++++++
3 files changed, 75 insertions(+), 37 deletions(-)
diff --git a/src/bin/secstate b/src/bin/secstate
index 8e379cb..0c28ecc 100644
--- a/src/bin/secstate
+++ b/src/bin/secstate
@@ -203,14 +203,16 @@ def list_content(arguments):
parser = OptionParser(usage="secstate list [options] <string>")
parser.add_option('-r', '--recurse', action='store_true',
dest='recurse', default=False,
help="Recurse through an items content")
+ parser.add_option('-a', '--all', action='store_true',
dest='all', default=False,
+ help="Show items regardless of selection status")
(options, args) = parser.parse_args(arguments)
if args == []:
- if not sec_instance.list_content(recurse=options.recurse):
+ if not sec_instance.list_content(recurse=options.recurse, show_all=options.all):
return -1
else:
for arg in args:
- if not sec_instance.list_content(arg, options.recurse):
+ if not sec_instance.list_content(arg, options.recurse, options.all):
return -1
return 0
diff --git a/src/secstate/main.py b/src/secstate/main.py
index c3b84d7..f93305a 100644
--- a/src/secstate/main.py
+++ b/src/secstate/main.py
@@ -437,7 +437,7 @@ class Secstate:
if (title != None) and (description != None):
if (search_string in title) or (search_string in description):
print "\t%(id)s:" % {'id':id}
- print "\t\tTitle: %(title)s" %
{'title':title}
+ print "\t\tTitle: '%(title)s'" %
{'title':title}
print "\t\tDescription: %(description)s\n" %
{'description':description}
for rule in xccdf_get_items(benchmark, oscap.XCCDF_RULE):
@@ -456,7 +456,7 @@ class Secstate:
if (title != None) and (description != None):
if (search_string in title) or (search_string in description):
print "\t%(id)s:" % {'id':id}
- print "\t\tTitle: %(title)s" %
{'title':title}
+ print "\t\tTitle: '%(title)s'" %
{'title':title}
print "\t\tDescription: %(description)s\n" %
{'description':description}
oscap.xccdf_benchmark_free(benchmark)
@@ -478,7 +478,7 @@ class Secstate:
break
else:
print "%(id)s:" %
{'id':oscap.oval_definition_get_id(item)}
- print "\t%(title)s" %
{'title':oscap.oval_definition_get_title(defn)}
+ print "\t'%(title)s'" %
{'title':oscap.oval_definition_get_title(defn)}
print "\t%(desc)s" %
{'desc':oscap.oval_definition_get_description(defn)}
oscap.xccdf_benchmark_free(benchmark)
oscap.oval_definition_model_free(def_model)
@@ -488,7 +488,7 @@ class Secstate:
print "%(id)s:" % {'id':oscap.xccdf_item_get_id(item)}
titles = oscap.xccdf_item_get_title(item)
for title in oscap_text_generator(titles):
- print "\tTitle: %(title)s" %
{'title':oscap.oscap_text_get_text(title)}
+ print "\tTitle: '%(title)s'" %
{'title':oscap.oscap_text_get_text(title)}
descriptions = oscap.xccdf_item_get_description(item)
for description in oscap_text_generator(descriptions):
@@ -523,50 +523,69 @@ class Secstate:
oscap.oval_definition_model_free(def_model)
return True
- def list_content(self, arg=None, recurse=False):
+ def sublist(self, benchmark, def_model, arg, recurse, show_all, tabs=0):
+ tabstr = "\t" * tabs
+ item = oscap.xccdf_benchmark_get_item(benchmark, arg)
+ if item == None:
+ defn = oscap.oval_definition_model_get_definition(def_model, arg)
+ if defn == None:
+ pass
+ print tabstr + "Definition - ID: %(id)s, Title:
'%(title)s'" % {'id':arg,
'title':oscap.oval_definition_get_title(defn)}
+
+ else:
+ titles = oscap.xccdf_item_get_title(item)
+ for title in oscap_text_generator(titles):
+ if show_all:
+ if oscap.xccdf_item_get_selected(item):
+ print tabstr + "[X]%(type)s - ID: %(id)s, Title:
'%(title)s'" % {'type':item_get_type_str(item), 'id':arg,
+
'title':oscap.oscap_text_get_text(title)}
+ else:
+ print tabstr + "[ ]%(type)s - ID: %(id)s, Title:
'%(title)s'" % {'type':item_get_type_str(item), 'id':arg,
+
'title':oscap.oscap_text_get_text(title)}
+
+
+ elif oscap.xccdf_item_get_selected(item):
+ print tabstr + "%(type)s - ID: %(id)s, Title:
'%(title)s'" % {'type':item_get_type_str(item), 'id':arg,
+
'title':oscap.oscap_text_get_text(title)}
+ else:
+ if not recurse or (tabs == 0):
+ print tabstr + "[ ]%(type)s - ID: %(id)s, Title:
'%(title)s'" % {'type':item_get_type_str(item), 'id':arg,
+
'title':oscap.oscap_text_get_text(title)}
+ if recurse:
+ if oscap.xccdf_item_get_type(item) == oscap.XCCDF_GROUP:
+ content =
oscap.xccdf_group_get_content(oscap.xccdf_item_to_group(item))
+ for sub in xccdf_item_generator(content):
+ self.sublist(benchmark, def_model, oscap.xccdf_item_get_id(sub),
recurse, show_all, tabs+1)
+
+
+ def list_content(self, arg=None, recurse=False, show_all=False):
+ ret = False
for key in self.database:
- (benchmark, oval) = self.import_content(os.path.join(self.benchmark_dir, key,
self.database[key]))
+ if arg == None:
+ return self.list_content(key, recurse, show_all)
+
+ (benchmark, def_model) = self.import_content(os.path.join(self.benchmark_dir,
key, self.database[key]))
if benchmark == None:
self.log.error("Error loading benchmark: %(id)s" %
{'id':key})
return False
- if arg == None:
+
+ elif arg == key:
titles = oscap.xccdf_benchmark_get_title(benchmark)
for title in oscap_text_generator(titles):
- print "%(id)s: %(title)s" % {'id':key,
'title':oscap.oscap_text_get_text(title)}
+ print "Benchmark - ID: %(id)s, Title: '%(title)s'"
% {'id':key, 'title':oscap.oscap_text_get_text(title)}
if recurse:
- content = oscap.xccdf_benchmark_get_content(benchmark)
- for sub in xccdf_item_generator(content):
- titles = oscap.xccdf_item_get_title(sub)
- for title in oscap_text_generator(titles):
- print "\t%(id)s:\t%(title)s" %
{'id':oscap.xccdf_item_get_id(sub),
-
'title':oscap.oscap_text_get_text(title)}
-
+ items = oscap.xccdf_benchmark_get_content(benchmark)
+ for item in xccdf_item_generator(items):
+ ret = self.sublist(benchmark, def_model,
oscap.xccdf_item_get_id(item), recurse, show_all, tabs=1)
else:
- item = oscap.xccdf_benchmark_get_item(benchmark, arg)
- if item == None:
- pass
-
- titles = oscap.xccdf_item_get_title(item)
- for title in oscap_text_generator(titles):
- print "%(id)s: %(title)s" % {'id':arg,
'title':oscap.oscap_text_get_text(title)}
-
- if recurse:
- type = oscap.xccdf_item_get_type(item)
- if type == oscap.XCCDF_GROUP:
- content =
oscap.xccdf_group_get_content(oscap.xccdf_item_to_group(item))
- for sub in xccdf_item_generator(content):
- titles = oscap.xccdf_item_get_title(sub)
- for title in oscap_text_generator(titles):
- print "\t%(id)s:\t%(title)s" %
{'id':oscap.xccdf_item_get_id(sub),
-
'title':oscap.oscap_text_get_text(title)}
-
+ ret = self.sublist(benchmark, def_model, arg, recurse, show_all)
oscap.xccdf_benchmark_free(benchmark)
- oscap.oval_definition_model_free(oval)
+ oscap.oval_definition_model_free(def_model)
- return True
+ return ret
def get_passed_result_ids(self, xccdf_results):
if xccdf_results == None:
diff --git a/src/secstate/util.py b/src/secstate/util.py
index 5e84a4a..6856212 100644
--- a/src/secstate/util.py
+++ b/src/secstate/util.py
@@ -429,6 +429,23 @@ def xccdf_get_fixes(benchmark, ignore_ids=[]):
fixes.extend(xccdf_fix_list(oscap.xccdf_rule_get_fixes(rule)))
return fixes
+def item_get_type_str(item):
+ type = oscap.xccdf_item_get_type(item)
+ if type == oscap.XCCDF_BENCHMARK:
+ return "Benchmark"
+ elif type == oscap.XCCDF_GROUP:
+ return "Group"
+ elif type == oscap.XCCDF_RULE:
+ return "Rule"
+ elif type == oscap.XCCDF_PROFILE:
+ return "Profile"
+ elif type == oscap.XCCDF_RESULT:
+ return "TestResult"
+ elif type == oscap.XCCDF_VALUE:
+ return "Value"
+ else:
+ return "Item"
+
def parse_puppet_fixes(benchmark, ignore_ids=[]):
fixes = xccdf_get_fixes(benchmark, ignore_ids)
all_puppet = {'classes' : set(), 'environment' : "",
'parameters' : {}}
--
1.7.0.1
9:30 a.m.
New subject: [Secstate-devel] [PATCH] Update list command to match Marshall's spec
On Wed, 2010-06-23 at 16:15 -0400, Josh Adams wrote:
Fixes bug #7146
---
src/bin/secstate | 6 ++-
src/secstate/main.py | 89 ++++++++++++++++++++++++++++++-------------------
src/secstate/util.py | 17 +++++++++
3 files changed, 75 insertions(+), 37 deletions(-)
diff --git a/src/bin/secstate b/src/bin/secstate
index 8e379cb..0c28ecc 100644
--- a/src/bin/secstate
+++ b/src/bin/secstate
@@ -203,14 +203,16 @@ def list_content(arguments):
parser = OptionParser(usage="secstate list [options] <string>")
parser.add_option('-r', '--recurse', action='store_true',
dest='recurse', default=False,
help="Recurse through an items content")
+ parser.add_option('-a', '--all', action='store_true',
dest='all', default=False,
+ help="Show items regardless of selection status")
(options, args) = parser.parse_args(arguments)
if args == []:
- if not sec_instance.list_content(recurse=options.recurse):
+ if not sec_instance.list_content(recurse=options.recurse,
show_all=options.all):
return -1
else:
for arg in args:
- if not sec_instance.list_content(arg, options.recurse):
+ if not sec_instance.list_content(arg, options.recurse, options.all):
return -1
return 0
diff --git a/src/secstate/main.py b/src/secstate/main.py
index c3b84d7..f93305a 100644
--- a/src/secstate/main.py
+++ b/src/secstate/main.py
@@ -437,7 +437,7 @@ class Secstate:
if (title != None) and (description != None):
if (search_string in title) or (search_string in description):
print "\t%(id)s:" % {'id':id}
- print "\t\tTitle: %(title)s" %
{'title':title}
+ print "\t\tTitle: '%(title)s'" %
{'title':title}
print "\t\tDescription: %(description)s\n" %
{'description':description}
for rule in xccdf_get_items(benchmark, oscap.XCCDF_RULE):
@@ -456,7 +456,7 @@ class Secstate:
if (title != None) and (description != None):
if (search_string in title) or (search_string in description):
print "\t%(id)s:" % {'id':id}
- print "\t\tTitle: %(title)s" %
{'title':title}
+ print "\t\tTitle: '%(title)s'" %
{'title':title}
print "\t\tDescription: %(description)s\n" %
{'description':description}
oscap.xccdf_benchmark_free(benchmark)
@@ -478,7 +478,7 @@ class Secstate:
break
else:
print "%(id)s:" %
{'id':oscap.oval_definition_get_id(item)}
- print "\t%(title)s" %
{'title':oscap.oval_definition_get_title(defn)}
+ print "\t'%(title)s'" %
{'title':oscap.oval_definition_get_title(defn)}
print "\t%(desc)s" %
{'desc':oscap.oval_definition_get_description(defn)}
oscap.xccdf_benchmark_free(benchmark)
oscap.oval_definition_model_free(def_model)
@@ -488,7 +488,7 @@ class Secstate:
print "%(id)s:" %
{'id':oscap.xccdf_item_get_id(item)}
titles = oscap.xccdf_item_get_title(item)
for title in oscap_text_generator(titles):
- print "\tTitle: %(title)s" %
{'title':oscap.oscap_text_get_text(title)}
+ print "\tTitle: '%(title)s'" %
{'title':oscap.oscap_text_get_text(title)}
descriptions = oscap.xccdf_item_get_description(item)
for description in oscap_text_generator(descriptions):
@@ -523,50 +523,69 @@ class Secstate:
oscap.oval_definition_model_free(def_model)
return True
- def list_content(self, arg=None, recurse=False):
+ def sublist(self, benchmark, def_model, arg, recurse, show_all, tabs=0):
+ tabstr = "\t" * tabs
+ item = oscap.xccdf_benchmark_get_item(benchmark, arg)
+ if item == None:
+ defn = oscap.oval_definition_model_get_definition(def_model, arg)
+ if defn == None:
+ pass
I think you want to return here rather than pass.
+ print tabstr + "Definition - ID: %(id)s, Title:
'%(title)s'" % {'id':arg,
'title':oscap.oval_definition_get_title(defn)}
+
+ else:
+ titles = oscap.xccdf_item_get_title(item)
+ for title in oscap_text_generator(titles):
+ if show_all:
+ if oscap.xccdf_item_get_selected(item):
+ print tabstr + "[X]%(type)s - ID: %(id)s, Title:
'%(title)s'" % {'type':item_get_type_str(item), 'id':arg,
+
'title':oscap.oscap_text_get_text(title)}
+ else:
+ print tabstr + "[ ]%(type)s - ID: %(id)s, Title:
'%(title)s'" % {'type':item_get_type_str(item), 'id':arg,
+
'title':oscap.oscap_text_get_text(title)}
+
+
+ elif oscap.xccdf_item_get_selected(item):
+ print tabstr + "%(type)s - ID: %(id)s, Title:
'%(title)s'" % {'type':item_get_type_str(item), 'id':arg,
+
'title':oscap.oscap_text_get_text(title)}
+ else:
+ if not recurse or (tabs == 0):
+ print tabstr + "[ ]%(type)s - ID: %(id)s, Title:
'%(title)s'" % {'type':item_get_type_str(item), 'id':arg,
+
'title':oscap.oscap_text_get_text(title)}
+ if recurse:
+ if oscap.xccdf_item_get_type(item) == oscap.XCCDF_GROUP:
+ content =
oscap.xccdf_group_get_content(oscap.xccdf_item_to_group(item))
If you don't convert item to group then you can use
xccdf_item_get_content and you can easily add support for other items
(such as benchmarks).
+ for sub in xccdf_item_generator(content):
+ self.sublist(benchmark, def_model, oscap.xccdf_item_get_id(sub),
recurse, show_all, tabs+1)
+
It seems like this whole function could be simplified by doing the
printing in one place. You could set up the various elements of the
output and then print using a common format string such as "%(indent)s
%(selected)s%(type)s - ID: %(id)s, Title: '%(title)s'".
+
+ def list_content(self, arg=None, recurse=False, show_all=False):
+ ret = False
for key in self.database:
- (benchmark, oval) = self.import_content(os.path.join(self.benchmark_dir,
key, self.database[key]))
+ if arg == None:
+ return self.list_content(key, recurse, show_all)
If you return here then only the first benchmark will get shown.
+
+ (benchmark, def_model) =
self.import_content(os.path.join(self.benchmark_dir, key, self.database[key]))
if benchmark == None:
self.log.error("Error loading benchmark: %(id)s" %
{'id':key})
return False
- if arg == None:
+
+ elif arg == key:
titles = oscap.xccdf_benchmark_get_title(benchmark)
for title in oscap_text_generator(titles):
- print "%(id)s: %(title)s" % {'id':key,
'title':oscap.oscap_text_get_text(title)}
+ print "Benchmark - ID: %(id)s, Title: '%(title)s'"
% {'id':key, 'title':oscap.oscap_text_get_text(title)}
I think all of the printing should be handled in sublist.
if recurse:
The recursion should also be handled in sublist.
- content =
oscap.xccdf_benchmark_get_content(benchmark)
- for sub in xccdf_item_generator(content):
- titles = oscap.xccdf_item_get_title(sub)
- for title in oscap_text_generator(titles):
- print "\t%(id)s:\t%(title)s" %
{'id':oscap.xccdf_item_get_id(sub),
-
'title':oscap.oscap_text_get_text(title)}
-
+ items = oscap.xccdf_benchmark_get_content(benchmark)
+ for item in xccdf_item_generator(items):
+ ret = self.sublist(benchmark, def_model,
oscap.xccdf_item_get_id(item), recurse, show_all, tabs=1)
else:
- item = oscap.xccdf_benchmark_get_item(benchmark, arg)
- if item == None:
- pass
-
- titles = oscap.xccdf_item_get_title(item)
- for title in oscap_text_generator(titles):
- print "%(id)s: %(title)s" % {'id':arg,
'title':oscap.oscap_text_get_text(title)}
-
- if recurse:
- type = oscap.xccdf_item_get_type(item)
- if type == oscap.XCCDF_GROUP:
- content =
oscap.xccdf_group_get_content(oscap.xccdf_item_to_group(item))
- for sub in xccdf_item_generator(content):
- titles = oscap.xccdf_item_get_title(sub)
- for title in oscap_text_generator(titles):
- print "\t%(id)s:\t%(title)s" %
{'id':oscap.xccdf_item_get_id(sub),
-
'title':oscap.oscap_text_get_text(title)}
-
+ ret = self.sublist(benchmark, def_model, arg, recurse, show_all)
oscap.xccdf_benchmark_free(benchmark)
- oscap.oval_definition_model_free(oval)
+ oscap.oval_definition_model_free(def_model)
- return True
+ return ret
def get_passed_result_ids(self, xccdf_results):
if xccdf_results == None:
diff --git a/src/secstate/util.py b/src/secstate/util.py
index 5e84a4a..6856212 100644
--- a/src/secstate/util.py
+++ b/src/secstate/util.py
@@ -429,6 +429,23 @@ def xccdf_get_fixes(benchmark, ignore_ids=[]):
fixes.extend(xccdf_fix_list(oscap.xccdf_rule_get_fixes(rule)))
return fixes
+def item_get_type_str(item):
+ type = oscap.xccdf_item_get_type(item)
+ if type == oscap.XCCDF_BENCHMARK:
+ return "Benchmark"
+ elif type == oscap.XCCDF_GROUP:
+ return "Group"
+ elif type == oscap.XCCDF_RULE:
+ return "Rule"
+ elif type == oscap.XCCDF_PROFILE:
+ return "Profile"
+ elif type == oscap.XCCDF_RESULT:
+ return "TestResult"
+ elif type == oscap.XCCDF_VALUE:
+ return "Value"
+ else:
+ return "Item"
+
def parse_puppet_fixes(benchmark, ignore_ids=[]):
fixes = xccdf_get_fixes(benchmark, ignore_ids)
all_puppet = {'classes' : set(), 'environment' : "",
'parameters' : {}}
5064
days inactive
5065
days old
secstate-devel@lists.fedorahosted.org
1 comments
2 participants
participants (2)
-
Josh Adams -
Marshall Miller