Skip to content

Commit

Permalink
Update the rule's inspec code after saving the rule" -m re we save th…
Browse files Browse the repository at this point in the history
…e rule to trigger the callback after establishing the rule sati

tion or reverting the change on a rule

Signed-off-by: Vanessa Fotso <vfotso@mitre.org>
  • Loading branch information
vanessuniq committed Sep 27, 2023
1 parent 71153f0 commit 4dc6c73
Show file tree
Hide file tree
Showing 4 changed files with 16 additions and 12 deletions.
4 changes: 4 additions & 0 deletions app/controllers/rule_satisfactions_controller.rb
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,8 @@ class RuleSatisfactionsController < ApplicationController

def create
if @rule.satisfies.empty? && (@rule.satisfied_by << @satisfied_by_rule)
# Save the rule to trigger callbacks (update inspec)
@satisfied_by_rule.save
render json: { toast: "Successfully marked #{@rule.version} as satisfied by #{@satisfied_by_rule.version}." }
else
render json: {
Expand All @@ -23,6 +25,8 @@ def create

def destroy
if @rule.satisfied_by.delete(@satisfied_by_rule)
# Save the rule to trigger callbacks (update inspec)
@satisfied_by_rule.save
render json: { toast: "#{@rule.version} is no longer marked as satisfied by #{@satisfied_by_rule.version}." }
else
render json: {
Expand Down
2 changes: 2 additions & 0 deletions app/controllers/rules_controller.rb
Original file line number Diff line number Diff line change
Expand Up @@ -103,6 +103,8 @@ def destroy

def revert
Rule.revert(@rule, params[:audit_id], params[:fields], params[:audit_comment])
# Save the rule to trigger callbacks (update inspec)
@rule.save
render json: { toast: 'Successfully reverted history for control.' }
rescue RuleRevertError => e
render json: {
Expand Down
2 changes: 2 additions & 0 deletions app/models/component.rb
Original file line number Diff line number Diff line change
Expand Up @@ -352,6 +352,8 @@ def create_rule_satisfactions
next if sb_rule.nil?

rule.satisfied_by << sb_rule
# Save the rule to trigger callbacks (update inspec)
sb_rule.save
end
end
end
Expand Down
20 changes: 8 additions & 12 deletions app/models/rule.rb
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,8 @@
# Rules, also known as Controls, are the smallest unit of enforceable configuration found in a
# Benchmark XCCDF.
class Rule < BaseRule
attr_accessor :skip_update_inspec_code

amoeba do
# Using set review_requestor_id: nil does not work as expected, must use nullify
nullify :review_requestor_id
Expand Down Expand Up @@ -38,12 +40,10 @@ class Rule < BaseRule
association_foreign_key: :rule_id

before_validation :set_rule_id
before_save :apply_audit_comment
before_save :sort_ident, :update_inspec_code
before_save :apply_audit_comment, :sort_ident
before_destroy :prevent_destroy_if_under_review_or_locked
after_destroy :update_component_rules_count
after_save :update_component_rules_count
after_save :update_satisfied_by_inspec_code
after_save :update_component_rules_count, :update_inspec_code

validates_with RuleSatisfactionValidator
validate :cannot_be_locked_and_under_review
Expand Down Expand Up @@ -202,6 +202,9 @@ def displayed_name
end

def update_inspec_code
return if skip_update_inspec_code

self.skip_update_inspec_code = true
desc = disa_rule_descriptions.first
control = Inspec::Object::Control.new
control.add_header('# -*- encoding : utf-8 -*-')
Expand All @@ -228,14 +231,7 @@ def update_inspec_code
end
control.add_post_body(inspec_control_body) if inspec_control_body.present?
self.inspec_control_file = control.to_ruby
end

def update_satisfied_by_inspec_code
sb = satisfied_by.first
return if sb.nil?

# trigger update_inspec_code callback
sb.save
save
end

def basic_fields
Expand Down

0 comments on commit 4dc6c73

Please sign in to comment.