to_xccdf: refactored ident system logic for CCIs into the Ident const…

…ructor

- added fallback logic for unrecognized idents, using legacy behaviors
- added unit testing for the new Ident constructor

Signed-off-by: Jarod Neuner <[email protected]>

lib/happy_mapper_tools/benchmark.rb

@@ -65,6 +65,20 @@ class Ident
       tag 'ident'
       attribute :system, String, tag: 'system'
       content :ident, String
+      def initialize(ident_str)
+        @ident = ident_str
+        if ident_str =~ /^(CCI-[0-9]{6})$/
+          # Match CCI IDs; e.g. CCI-123456
+          @system = 'http://cyber.mil/cci'
+        elsif ident_str =~ /^(S?V-[0-9]{5})$/
+          # Match SV- IDs; e.g. SV-12345
+          # Match V- IDs; e.g. V-12345
+          @system = 'http://cyber.mil/legacy'
+        else
+          # for all other ident_str, use the old identifier
+          @system = 'https://public.cyber.mil/stigs/cci/'
+        end
+      end
     end
 
     # Class Fixtext maps from the 'fixtext' from Benchmark XML file using HappyMapper

lib/utilities/xccdf/to_xccdf.rb

@@ -73,8 +73,8 @@ def build_groups # rubocop:disable Metrics/AbcSize
           group.rule.reference = build_rule_reference
         end
 
-        group.rule.ident = build_rule_idents(control['cci'], 'http://cyber.mil/cci') if control['cci']
-        group.rule.ident += build_rule_idents(control['legacy'], 'http://cyber.mil/legacy') if control['legacy']
+        group.rule.ident = build_rule_idents(control['cci']) if control['cci']
+        group.rule.ident += build_rule_idents(control['legacy']) if control['legacy']
 
         group.rule.fixtext = HappyMapperTools::Benchmark::Fixtext.new
         group.rule.fixtext.fixref = control['fix_id']
@@ -122,16 +122,12 @@ def build_rule_fix(fix_id)
 
     # Construct rule identifiers for rule
     # @param idents [Array]
-    def build_rule_idents(idents, system)
+    def build_rule_idents(idents)
       raise "#{idents} is not an Array type." unless idents.is_a?(Array)
 
       # Each rule identifier is a different element
       idents.map do |identifier|
-        ident = HappyMapperTools::Benchmark::Ident.new
-        # ident.system = 'http://cyber.mil/cci'
-        ident.system = system
-        ident.ident = identifier
-        ident
+        ident = HappyMapperTools::Benchmark::Ident.new identifier
       end
     end
 
@@ -228,8 +224,8 @@ def populate_rule_result(control, result, result_status)
       rule_result.message = result_message(result, result_status) if result_message(result, result_status)
       rule_result.instance = result['code_desc']
 
-      rule_result.ident = build_rule_idents(control['cci'], 'http://cyber.mil/cci') if control['cci']
-      rule_result.ident += build_rule_idents(control['legacy'], 'http://cyber.mil/legacy') if control['legacy']
+      rule_result.ident = build_rule_idents(control['cci']) if control['cci']
+      rule_result.ident += build_rule_idents(control['legacy']) if control['legacy']
 
       # Fix information is only necessary when there are failed tests
       rule_result.fix = build_rule_fix(control['fix_id']) if control['fix_id'] && result_status == 'fail'

test/unit/inspec_tools/happymapper_test.rb

@@ -0,0 +1,21 @@
+require 'minitest/spec'
+require 'minitest/autorun'
+
+describe "HappyMapperTools::Benchmark::Ident correctly determines the system for each identifier" do
+  # test values (tv); tv[0] == identifier, tv[1] == system
+  tvList = [
+    ['CCI-000213',  'http://cyber.mil/cci'],
+    ['V-72859',     'http://cyber.mil/legacy'],
+    ['SV-87511',    'http://cyber.mil/legacy'],
+    ['CCI-00213',   'https://public.cyber.mil/stigs/cci/'],
+    ['CCI-0000213',   'https://public.cyber.mil/stigs/cci/'],
+  ]
+
+  tvList.each do |tv|
+    it tv[0] do
+      # Ident.new automatically determines ident.system
+      ident = HappyMapperTools::Benchmark::Ident.new tv[0]
+      assert_equal(tv[1], ident.system)
+    end
+  end
+end