-
Notifications
You must be signed in to change notification settings - Fork 9
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Present references in a table #217
Changes from 1 commit
510a456
fe3f507
6b7a537
e3b1852
5fb4271
74218c0
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,13 +1,41 @@ | ||
# Copyright 2022, Red Hat, Inc. | ||
# SPDX-License-Identifier: LGPL-2.1-or-later | ||
|
||
import collections | ||
from dataclasses import replace | ||
|
||
from ..data_structures import Identifier, Reference, Rule, RuleWarning | ||
from ..namespaces import NAMESPACES | ||
from .full_text_parser import FullTextParser | ||
from .remediation_parser import RemediationParser | ||
|
||
KNOWN_REFERENCES = { | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Please add comments to the code to turn off long-line warnings for this constant. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I have add the comments. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Pylint is not happy. Please use |
||
"http://www.ssi.gouv.fr/administration/bonnes-pratiques/": "ANSSI", | ||
"https://public.cyber.mil/stigs/cci/": "CCI", | ||
"https://www.ccn-cert.cni.es/pdf/guias/series-ccn-stic/guias-de-acceso-publico-ccn-stic/6768-ccn-stic-610a22-perfilado-de-seguridad-red-hat-enterprise-linux-9-0/file.html": "CCN for RHEL 9", | ||
"https://www.cisecurity.org/controls/": "CIS", | ||
"https://www.cisecurity.org/benchmark/red_hat_linux/": "CIS for RHEL", | ||
"https://www.fbi.gov/file-repository/cjis-security-policy-v5_5_20160601-2-1.pdf": "CJIS", | ||
"http://www.cnss.gov/Assets/pdf/CNSSI-1253.pdf": "CNSS", | ||
"https://www.isaca.org/resources/cobit": "COBIT", | ||
"http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-171.pdf": "CUI", | ||
"https://www.gpo.gov/fdsys/pkg/CFR-2007-title45-vol1/pdf/CFR-2007-title45-vol1-chapA-subchapC.pdf": "HIPAA", | ||
"https://www.isa.org/products/ansi-isa-62443-3-3-99-03-03-2013-security-for-indu": "ISA-62443-2013", | ||
"https://www.isa.org/products/isa-62443-2-1-2009-security-for-industrial-automat": "ISA-62443-2009", | ||
"https://www.cyber.gov.au/acsc/view-all-content/ism": "ISM", | ||
"https://www.iso.org/standard/54534.html": "ISO 27001-2013", | ||
"https://www.nerc.com/pa/Stand/Standard%20Purpose%20Statement%20DL/US_Standard_One-Stop-Shop.xlsx": "NERC-CIP", | ||
"http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53r4.pdf": "NIST 800-53", | ||
"https://nvlpubs.nist.gov/nistpubs/CSWP/NIST.CSWP.04162018.pdf": "NIST CSF", | ||
"https://www.niap-ccevs.org/Profile/PP.cfm": "OSPP", | ||
"https://www.pcisecuritystandards.org/documents/PCI_DSS_v3-2-1.pdf": "PCI-DSS v3", | ||
"https://docs-prv.pcisecuritystandards.org/PCI%20DSS/Standard/PCI-DSS-v4_0.pdf": "PCI-DSS v4", | ||
"https://public.cyber.mil/stigs/downloads/?_dl_facet_stigs=application-servers": "SRG-APP", | ||
"https://public.cyber.mil/stigs/downloads/?_dl_facet_stigs=operating-systems%2Cgeneral-purpose-os": "SRG-OS", | ||
"https://public.cyber.mil/stigs/downloads/?_dl_facet_stigs=operating-systems%2Cunix-linux": "STIG ID", | ||
"https://public.cyber.mil/stigs/srg-stig-tools/": "STIG ref", | ||
} | ||
|
||
|
||
class RuleParser(): | ||
def __init__(self, root, test_results, ref_values): | ||
|
@@ -20,10 +48,16 @@ def __init__(self, root, test_results, ref_values): | |
|
||
@staticmethod | ||
def _get_references(rule): | ||
url_to_ref_ids = collections.defaultdict(list) | ||
for reference_el in rule.findall(".//xccdf:reference", NAMESPACES): | ||
url = reference_el.get("href") | ||
ref_id = reference_el.text | ||
url_to_ref_ids[url].append(ref_id) | ||
references = [] | ||
for referenc in rule.findall(".//xccdf:reference", NAMESPACES): | ||
references.append(Reference(referenc.get("href"), referenc.text)) | ||
return references | ||
for url, ref_ids in url_to_ref_ids.items(): | ||
name = KNOWN_REFERENCES.get(url, url) | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I would suggest creating a default value for the There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Nice catch! You're right, the I have add code that accounts for this situation. However, this situation shouldn't happen in our content. The There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I checked the latest content and all the href attributes are not empty strings. I found this in: |
||
references.append(Reference(name, url, sorted(ref_ids))) | ||
return sorted(references, key=lambda x: x.name) | ||
|
||
@staticmethod | ||
def _get_identifiers(rule): | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please create a responsive table using CSS classes from Patternfly. Missing CCS classes cause a grey bar. See image.
I think that the rows of the internal table with references should span the full width of the table cell with the OVAL definition.
Example rule:
xccdf_org.ssgproject.content_rule_account_unique_name
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I have add some class name that I have seen around. I'm not sure if it's correct because I don't have any experience with that. Please check this and point me to some resources.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Here is Patternfly documentation. Looks good to me.