Class: Inspec::Rule

Inherits:
Object
  • Object
show all
Includes:
RSpec::Matchers
Defined in:
lib/inspec/rule.rb

Overview

rubocop:disable Metrics/ClassLength

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(id, _opts, &block) ⇒ Rule

Returns a new instance of Rule.



15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
 
# File 'lib/inspec/rule.rb', line 15

def initialize(id, _opts, &block)
  @id = id
  @impact = nil
  @__block = block
  @__code = __get_block_source(&block)
  @__source_location = __get_block_source_location(&block)
  @title = nil
  @desc = nil
  @refs = []
  @tags = {}
  # not changeable by the user:
  @profile_id = nil
  @checks = []
  # evaluate the given definition
  instance_eval(&block) if block_given?
end

Class Method Details

.full_id(profile_id, rule) ⇒ Object

Get the full id consisting of profile id + rule id for the rule. If the rule’s profile id is empty, the given profile_id will be used instead and also set for the rule.



130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
 
# File 'lib/inspec/rule.rb', line 130

def self.full_id(profile_id, rule)
  if rule.is_a?(String) or rule.nil?
    rid = rule
  else
    # As the profile context is exclusively pulled with a
    # profile ID, attach it to the rule if necessary.
    rid = rule.instance_variable_get(:@id)
    if rid.nil?
      # TODO: Message about skipping this rule
      # due to missing ID
      return nil
    end
  end
  pid = rule.instance_variable_get(:@profile_id)
  if pid.nil?
    rule.instance_variable_set(:@profile_id, profile_id)
    pid = profile_id
  end

  # if we don't have a profile id, just return the rule's ID
  return rid if pid.nil? or pid.empty?
  # otherwise combine them
  "#{pid}/#{rid}"
end

.merge(dst, src) ⇒ Object 



102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
 
# File 'lib/inspec/rule.rb', line 102

def self.merge(dst, src)
  if src.id != dst.id
    # TODO: register an error, this case should not happen
    return
  end
  sp = src.instance_variable_get(:@profile_id)
  dp = dst.instance_variable_get(:@profile_id)
  if sp != dp
    # TODO: register an error, this case should not happen
    return
  end
  # merge all fields
  dst.impact(src.impact) unless src.impact.nil?
  dst.title(src.title)   unless src.title.nil?
  dst.desc(src.desc)     unless src.desc.nil?
  # merge indirect fields
  # checks defined in the source will completely eliminate
  # all checks that were defined in the destination
  sc = src.instance_variable_get(:@checks)
  unless sc.nil? || sc.empty?
    dst.instance_variable_set(:@checks, sc)
  end
end

Instance Method Details

#desc(v = nil) ⇒ Object 



47
48
49
50
 
# File 'lib/inspec/rule.rb', line 47

def desc(v = nil)
  @desc = unindent(v) unless v.nil?
  @desc
end

#describe(*values, &block) ⇒ nil|DescribeBase

Describe will add one or more tests to this control. There is 2 ways of calling it:

describe resource do ... end

or

describe.one do ... end

Parameters:

  • Resource (any)

    to be describe, string, or nil

  • An (Proc)

    optional block containing tests for the described resource

Returns:

  • (nil|DescribeBase)

    if called without arguments, returns DescribeBase



85
86
87
88
89
90
91
92
93
94
 
# File 'lib/inspec/rule.rb', line 85

def describe(*values, &block)
  if values.empty? && !block_given?
    dsl = self.class.ancestors[1]
    Class.new(DescribeBase) do
      include dsl
    end.new(method(:add_check))
  else
    add_check('describe', values, block)
  end
end

#expect(value, &block) ⇒ Object 



96
97
98
99
100
 
# File 'lib/inspec/rule.rb', line 96

def expect(value, &block)
  target = Inspec::Expect.new(value, &block)
  add_check('expect', [value], target)
  target
end

#id(*_) ⇒ Object 



32
33
34
35
 
# File 'lib/inspec/rule.rb', line 32

def id(*_)
  # never overwrite the ID
  @id
end

#impact(v = nil) ⇒ Object 



37
38
39
40
 
# File 'lib/inspec/rule.rb', line 37

def impact(v = nil)
  @impact = v unless v.nil?
  @impact
end

#ref(ref = nil, opts = {}) ⇒ Object 



52
53
54
55
56
57
58
59
60
 
# File 'lib/inspec/rule.rb', line 52

def ref(ref = nil, opts = {})
  return @refs if ref.nil? && opts.empty?
  if opts.empty? && ref.is_a?(Hash)
    opts = ref
  else
    opts[:ref] = ref
  end
  @refs.push(opts)
end

#tag(*args) ⇒ Object 



62
63
64
65
66
67
68
69
70
71
 
# File 'lib/inspec/rule.rb', line 62

def tag(*args)
  args.each do |arg|
    if arg.is_a?(Hash)
      @tags.merge!(arg)
    else
      @tags[arg] ||= nil
    end
  end
  @tags
end

#title(v = nil) ⇒ Object 



42
43
44
45
 
# File 'lib/inspec/rule.rb', line 42

def title(v = nil)
  @title = v unless v.nil?
  @title
end