2017-05-01 18:02:15 +00:00
|
|
|
# encoding: utf-8
|
|
|
|
|
# author: Nolan Davidson
|
|
|
|
|
# license: All rights reserved
|
|
|
|
|
|
|
|
|
|
module Inspec::Resources
|
|
|
|
|
class OracleSession < Inspec.resource(1)
|
|
|
|
|
name 'oracle_session'
|
|
|
|
|
desc 'Use the oracle_session InSpec resource to test commands against an Oracle database'
|
|
|
|
|
example "
|
2017-05-05 13:29:38 +00:00
|
|
|
sql = oracle_session(user: 'my_user', pass: 'password')
|
2017-05-01 18:02:15 +00:00
|
|
|
describe sql.query('SELECT NAME FROM v$database;') do
|
|
|
|
|
its('stdout') { should_not match(/test/) }
|
|
|
|
|
end
|
|
|
|
|
"
|
|
|
|
|
|
2017-05-05 13:29:38 +00:00
|
|
|
attr_reader :user, :pass, :host, :sid, :sqlplus_bin
|
|
|
|
|
|
|
|
|
|
def initialize(opts = {})
|
|
|
|
|
@user = opts[:user]
|
|
|
|
|
@pass = opts[:pass]
|
|
|
|
|
@host = opts[:host] || "localhost"
|
|
|
|
|
@sid = opts[:sid]
|
|
|
|
|
@sqlplus_bin = opts[:sqlplus_bin] || "sqlplus"
|
|
|
|
|
return skip_resource("Can't run Oracle checks without authentication") if @user.nil? or @pass.nil?
|
2017-05-01 18:02:15 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def query(q)
|
2017-05-05 13:29:38 +00:00
|
|
|
escaped_query = q.gsub(/\\/, '\\\\').gsub(/"/, '\\"')
|
|
|
|
|
cmd = inspec.command("echo \"#{escaped_query}\" | #{@sqlplus_bin} -s #{@user}/#{@pass}@#{@host}/#{@sid}")
|
2017-05-01 18:02:15 +00:00
|
|
|
out = cmd.stdout + "\n" + cmd.stderr
|
|
|
|
|
if out.downcase =~ /^error/
|
|
|
|
|
skip_resource("Can't connect to Oracle instance for SQL checks.")
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
cmd
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def to_s
|
|
|
|
|
'Oracle Session'
|
|
|
|
|
end
|
|
|
|
|
end
|
2017-05-02 15:03:45 +00:00
|
|
|
end
|
