From: Matthew W. <svn...@pl...> - 2011-04-30 23:11:53
|
Author: matthewwilkes Date: Sat Apr 30 23:10:26 2011 New Revision: 49234 Added: plone.app.hud/trunk/src/plone/app/hud/checks/ plone.app.hud/trunk/src/plone/app/hud/checks/__init__.py plone.app.hud/trunk/src/plone/app/hud/checks/security.py Modified: plone.app.hud/trunk/src/plone/app/hud/tests/test_hotfixes_installed.py Log: Tests for hotfix detection viewlet, draft of viewlet itself. Added: plone.app.hud/trunk/src/plone/app/hud/checks/__init__.py ============================================================================== Added: plone.app.hud/trunk/src/plone/app/hud/checks/security.py ============================================================================== --- (empty file) +++ plone.app.hud/trunk/src/plone/app/hud/checks/security.py Sat Apr 30 23:10:26 2011 @@ -0,0 +1,53 @@ +import sys +import urllib +import urllib2 + +from plone.app.layout.viewlets.common import ViewletBase +from Products.CMFCore.utils import getToolByName + +HOTFIX_URL = "http://plone.org/getHotfixes" + +class HotfixCheckViewlet(ViewletBase): + + title = "Security Hotfixes" + + def getHotfixesForVersion(self, version): + version = urllib.urlencode(version) + for line in urllib2.urlopen(HOTFIX_URL, data=version).readlines(): + # Releaser, name, url + yield line.split(" ") + + def getInstalledHotfixes(self): + modules = sys.modules.keys() + modules = map(str.lower, modules) + hotfix_modules = [mod for mod in modules if 'hotfix' in mod] + for hotfix in hotfix_modules: + for part in hotfix.split("."): + if 'hotfix' in part: + yield part + + def update(self): + migration = getToolByName(self.context, 'portal_migration') + plone_version = migration.coreVersions() + self.available = list(self.getHotfixesForVersion(plone_version)) + self.installed = list(self.getInstalledHotfixes()) + self.missing = [] + for hotfix in self.available: + if hotfix[1] not in self.installed: + self.missing.append(hotfix) + else: + self.installed.remove(hotfix[1]) + if len(self.missing) > 0: + self.severity = "Critical" + self.text = "Some security fixes have not been installed." + self.text += "Missing: " + ", ".join(cve[1] for cve in self.missing) + elif len(self.installed) > 0: + self.severity = "Warning" + self.text = "Some unneeded security fixes are installed. This may cause some features to be unavailable." + self.text = "Unneeded: " + ", ".join(self.installed) + else: + self.severity = "None" + self.text = "No missing hotfixes found." + + + Modified: plone.app.hud/trunk/src/plone/app/hud/tests/test_hotfixes_installed.py ============================================================================== --- plone.app.hud/trunk/src/plone/app/hud/tests/test_hotfixes_installed.py (original) +++ plone.app.hud/trunk/src/plone/app/hud/tests/test_hotfixes_installed.py Sat Apr 30 23:10:26 2011 @@ -9,5 +9,42 @@ layer = HUD_INTEGRATION_TESTING - def test_hotfixes_installed(self): - NotImplemented \ No newline at end of file + def test_all_hotfixes_installed_is_fine(self): + from plone.app.hud.checks.security import HotfixCheckViewlet + portal = self.layer['portal'] + viewlet = HotfixCheckViewlet(portal, None, None, manager=None) + + hotfix = ['Plone', 'HotfixCVE00000000', 'http://plone.org'] + viewlet.getInstalledHotfixes = lambda: [hotfix[1]] + viewlet.getHotfixesForVersion = lambda version: [hotfix] + viewlet.update() + + self.assertEqual(viewlet.severity, "None") + self.assertEqual(viewlet.missing, []) + + def test_missing_hotfix_is_critical(self): + from plone.app.hud.checks.security import HotfixCheckViewlet + portal = self.layer['portal'] + viewlet = HotfixCheckViewlet(portal, None, None, manager=None) + + hotfix = ['Plone', 'HotfixCVE00000000', 'http://plone.org'] + viewlet.getInstalledHotfixes = lambda: [] + viewlet.getHotfixesForVersion = lambda version: [hotfix] + viewlet.update() + + self.assertEqual(viewlet.severity, "Critical") + self.assertEqual(viewlet.missing, [hotfix]) + self.assertIn('HotfixCVE00000000', viewlet.text) + + def test_unneeded_hotfix_warns(self): + from plone.app.hud.checks.security import HotfixCheckViewlet + portal = self.layer['portal'] + viewlet = HotfixCheckViewlet(portal, None, None, manager=None) + + hotfix = ['Plone', 'HotfixCVE00000000', 'http://plone.org'] + viewlet.getInstalledHotfixes = lambda: [hotfix[1]] + viewlet.getHotfixesForVersion = lambda version: [] + viewlet.update() + + self.assertEqual(viewlet.severity, "Warning") + self.assertIn('HotfixCVE00000000', viewlet.text) \ No newline at end of file |