2015-09-21 07:51:00 +00:00
|
|
|
# encoding: utf-8
|
2015-10-06 16:55:44 +00:00
|
|
|
# author: Christoph Hartmann
|
|
|
|
# author: Dominik Richter
|
2015-09-21 07:51:00 +00:00
|
|
|
|
2016-03-18 22:14:41 +00:00
|
|
|
require 'utils/object_traversal'
|
|
|
|
|
2016-03-08 18:06:55 +00:00
|
|
|
module Inspec::Resources
|
|
|
|
class JsonConfig < Inspec.resource(1)
|
|
|
|
name 'json'
|
|
|
|
desc 'Use the json InSpec audit resource to test data in a JSON file.'
|
|
|
|
example "
|
|
|
|
describe json('policyfile.lock.json') do
|
2016-04-16 11:47:41 +00:00
|
|
|
its(['cookbook_locks','omnibus','version']) { should eq('2.2.0') }
|
2016-03-08 18:06:55 +00:00
|
|
|
end
|
2016-11-02 17:21:46 +00:00
|
|
|
|
2016-11-02 18:44:13 +00:00
|
|
|
describe json({ command: 'retrieve_data.py --json' }) do
|
2016-11-02 17:21:46 +00:00
|
|
|
its('state') { should eq('open') }
|
|
|
|
end
|
|
|
|
|
|
|
|
describe json({ content: '{\"item1\": { \"status\": \"available\" } }' }) do
|
|
|
|
its(['item1', 'status']) { should cmp 'available' }
|
|
|
|
end
|
|
|
|
|
2016-03-08 18:06:55 +00:00
|
|
|
"
|
2015-09-21 07:51:00 +00:00
|
|
|
|
2016-03-18 22:14:41 +00:00
|
|
|
include ObjectTraverser
|
|
|
|
|
2016-03-08 18:06:55 +00:00
|
|
|
# make params readable
|
2017-11-27 16:13:02 +00:00
|
|
|
attr_reader :params, :raw_content
|
2015-09-21 07:51:00 +00:00
|
|
|
|
2016-11-02 20:04:59 +00:00
|
|
|
def initialize(opts)
|
2017-11-29 21:31:06 +00:00
|
|
|
# pre-initialize @params to an empty hash. In the event that reading/parsing the data
|
|
|
|
# throws an exception, this allows the resource to still be called outside of a
|
|
|
|
# describe/test and not throw errors when a caller attempts to fetch a value from the params.
|
|
|
|
@params = {}
|
|
|
|
|
|
|
|
# load the raw content from the source, and then parse it
|
2017-11-27 16:13:02 +00:00
|
|
|
@raw_content = load_raw_content(opts)
|
|
|
|
@params = parse(@raw_content)
|
2016-03-08 18:06:55 +00:00
|
|
|
end
|
2015-09-21 07:51:00 +00:00
|
|
|
|
2016-03-08 18:06:55 +00:00
|
|
|
# Shorthand to retrieve a parameter name via `#its`.
|
|
|
|
# Example: describe json('file') { its('paramX') { should eq 'Y' } }
|
|
|
|
#
|
|
|
|
# @param [String] name name of the field to retrieve
|
|
|
|
# @return [Object] the value stored at this position
|
|
|
|
def method_missing(*keys)
|
|
|
|
# catch bahavior of rspec its implementation
|
|
|
|
# @see https://github.com/rspec/rspec-its/blob/master/lib/rspec/its.rb#L110
|
|
|
|
keys.shift if keys.is_a?(Array) && keys[0] == :[]
|
|
|
|
value(keys)
|
|
|
|
end
|
2015-11-24 12:02:50 +00:00
|
|
|
|
2017-11-27 16:13:02 +00:00
|
|
|
def value(key)
|
|
|
|
# uses ObjectTraverser.extract_value to walk the hash looking for the key,
|
|
|
|
# which may be an Array of keys for a nested Hash.
|
|
|
|
extract_value(key, params)
|
|
|
|
end
|
|
|
|
|
2016-03-08 18:06:55 +00:00
|
|
|
def to_s
|
2017-11-27 16:13:02 +00:00
|
|
|
"#{resource_base_name} #{@resource_name_supplement || 'content'}"
|
|
|
|
end
|
|
|
|
|
|
|
|
private
|
|
|
|
|
|
|
|
def parse(content)
|
|
|
|
require 'json'
|
|
|
|
JSON.parse(content)
|
|
|
|
rescue => e
|
|
|
|
raise Inspec::Exceptions::ResourceFailed, "Unable to parse JSON: #{e.message}"
|
|
|
|
end
|
|
|
|
|
|
|
|
def load_raw_content(opts)
|
|
|
|
# if the opts isn't a hash, we assume it's a path to a file
|
|
|
|
unless opts.is_a?(Hash)
|
|
|
|
@resource_name_supplement = opts
|
|
|
|
return load_raw_from_file(opts)
|
|
|
|
end
|
|
|
|
|
|
|
|
if opts.key?(:command)
|
|
|
|
@resource_name_supplement = "from command: #{opts[:command]}"
|
|
|
|
load_raw_from_command(opts[:command])
|
|
|
|
elsif opts.key?(:content)
|
|
|
|
opts[:content]
|
2016-11-02 16:25:26 +00:00
|
|
|
else
|
2017-11-27 16:13:02 +00:00
|
|
|
raise Inspec::Exceptions::ResourceFailed, 'No JSON content; must specify a file, command, or raw JSON content'
|
2016-11-02 16:25:26 +00:00
|
|
|
end
|
2016-03-08 18:06:55 +00:00
|
|
|
end
|
2017-11-27 16:13:02 +00:00
|
|
|
|
|
|
|
def load_raw_from_file(path)
|
|
|
|
file = inspec.file(path)
|
|
|
|
|
|
|
|
# these are currently ResourceSkipped to maintain consistency with the resource
|
|
|
|
# pre-refactor (which used skip_resource). These should likely be changed to
|
|
|
|
# ResourceFailed during a major version bump.
|
|
|
|
raise Inspec::Exceptions::ResourceSkipped, "No such file: #{path}" unless file.file?
|
|
|
|
raise Inspec::Exceptions::ResourceSkipped, "File #{path} is empty or is not readable by current user" if file.content.nil? || file.content.empty?
|
|
|
|
|
|
|
|
file.content
|
|
|
|
end
|
|
|
|
|
|
|
|
def load_raw_from_command(command)
|
|
|
|
command_output = inspec.command(command).stdout
|
|
|
|
raise Inspec::Exceptions::ResourceSkipped, "No output from command: #{command}" if command_output.nil? || command_output.empty?
|
|
|
|
|
|
|
|
command_output
|
|
|
|
end
|
|
|
|
|
|
|
|
# for resources the subclass JsonConfig, this allows specification of the resource
|
|
|
|
# base name in each subclass so we can build a good to_s method
|
|
|
|
def resource_base_name
|
|
|
|
'JSON'
|
|
|
|
end
|
2015-09-21 07:51:00 +00:00
|
|
|
end
|
|
|
|
end
|