Merge branch 'master' into extend-rule-tree

RedHatInsights · Oct 15, 2024 · e46437c · e46437c
2 parents 40e064b + 30d847f
commit e46437c
Show file tree

Hide file tree

Showing 6 changed files with 104 additions and 1 deletion.
diff --git a/app/models/v2/fix.rb b/app/models/v2/fix.rb
@@ -0,0 +1,22 @@
+# frozen_string_literal: true
+
+# Stores information about rules. This comes from SCAP.
+module V2
+  # Model for Rules
+  class Fix < ApplicationRecord
+    # FIXME: clean up after the remodel
+    self.table_name = :fixes
+
+    belongs_to :rule
+    has_one :security_guide, through: :rule
+
+    def self.from_parser(obj, existing: nil, rule_id: nil, system: nil)
+      record = existing || new(rule_id: rule_id, system: system)
+
+      record.assign_attributes(strategy: obj.strategy, disruption: obj.disruption,
+                               complexity: obj.complexity, text: obj.text)
+
+      record
+    end
+  end
+end
diff --git a/app/models/v2/rule.rb b/app/models/v2/rule.rb
@@ -39,6 +39,7 @@ def self.sorted_severities(table = arel_table)
     has_many :tailoring_rules, class_name: 'V2::TailoringRule', dependent: :destroy
     has_many :tailorings, through: :tailoring_rules, class_name: 'V2::Tailoring'
     has_many :policies, class_name: 'V2::Policy', through: :tailorings
+    has_many :fixes, class_name: 'V2::Fix', dependent: :destroy
 
     sortable_by :title
     sortable_by :severity, sorted_severities

diff --git a/app/services/concerns/xccdf/fixes.rb b/app/services/concerns/xccdf/fixes.rb
@@ -0,0 +1,47 @@
+# frozen_string_literal: true
+
+# WARNING: this module is already onboarded to APIv2 !!!
+
+module Xccdf
+  # Methods related to saving rule fixes
+  module Fixes
+    extend ActiveSupport::Concern
+
+    included do
+      def fixes
+        @fixes ||= rules.flat_map do |rule|
+          rule.op_source.fixes.map do |op_fix|
+            existing = old_fixes[rule.id + '__' + op_fix.system]
+            ::V2::Fix.from_parser(op_fix, existing: existing, rule_id: rule.id, system: op_fix.system)
+          end
+        end
+      end
+
+      def save_fixes
+        # Import the new records first with validation
+        ::V2::Fix.import!(new_fixes, ignore: true)
+
+        # Update the fields on existing fixes, validation is not necessary
+        ::V2::Fix.import(old_fixes.values,
+                         on_duplicate_key_update: {
+                           conflict_target: %i[rule_id system],
+                           columns: %i[strategy disruption complexity text]
+                         }, validate: false)
+      end
+
+      private
+
+      def new_fixes
+        @new_fixes ||= fixes.select(&:new_record?)
+      end
+
+      # :nocov:
+      def old_fixes
+        @old_fixes ||= ::V2::Fix.where(
+          rule_id: ::V2::Rule.where(security_guide_id: @benchmark&.id)
+        ).index_by { |fix| fix.rule_id + '__' + fix.system }
+      end
+      # :nocov:
+    end
+  end
+end
diff --git a/app/services/concerns/xccdf/util.rb b/app/services/concerns/xccdf/util.rb
@@ -9,6 +9,7 @@ module Util
       include ::Xccdf::Benchmarks
       include ::Xccdf::Profiles
       include ::Xccdf::Rules
+      include ::Xccdf::Fixes
       include ::Xccdf::RuleGroups
       include ::Xccdf::ValueDefinitions
       include ::Xccdf::ProfileRules
@@ -28,6 +29,7 @@ def save_all_benchmark_info
         save_profiles
         save_rule_groups
         save_rules
+        save_fixes
         save_rule_group_relationships
         save_profile_rules
         save_profile_os_minor_versions

diff --git a/db/migrate/20241014100839_create_fixes.rb b/db/migrate/20241014100839_create_fixes.rb
@@ -0,0 +1,17 @@
+class CreateFixes < ActiveRecord::Migration[7.1]
+  def change
+    create_table :fixes, id: :uuid do |t|
+      t.string :strategy
+      t.string :disruption
+      t.string :complexity
+      t.string :system
+      t.text :text
+      t.references :rule, type: :uuid, index: true, null: false
+
+      t.timestamps null: true
+    end
+
+    add_index :fixes, :system
+    add_index :fixes, %i[rule_id system], unique: true
+  end
+end
diff --git a/db/schema.rb b/db/schema.rb
@@ -10,7 +10,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.
 
-ActiveRecord::Schema[7.1].define(version: 2024_09_26_141107) do
+ActiveRecord::Schema[7.1].define(version: 2024_10_14_100839) do
   create_schema "inventory"
 
   # These are extensions that must be enabled in order to support this database
@@ -43,6 +43,20 @@
     t.index ["title"], name: "index_business_objectives_on_title"
   end
 
+  create_table "fixes", id: :uuid, default: -> { "gen_random_uuid()" }, force: :cascade do |t|
+    t.string "strategy"
+    t.string "disruption"
+    t.string "complexity"
+    t.string "system"
+    t.text "text"
+    t.uuid "rule_id", null: false
+    t.datetime "created_at"
+    t.datetime "updated_at"
+    t.index ["rule_id", "system"], name: "index_fixes_on_rule_id_and_system", unique: true
+    t.index ["rule_id"], name: "index_fixes_on_rule_id"
+    t.index ["system"], name: "index_fixes_on_system"
+  end
+
   create_table "friendly_id_slugs", id: :serial, force: :cascade do |t|
     t.string "slug", null: false
     t.integer "sluggable_id", null: false