Nessus6 0.1.1 → 0.1.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -0,0 +1,115 @@
1
+ require 'json'
2
+ require 'Nessus6/errors/internal_server_error' # 500
3
+ require 'Nessus6/errors/forbidden' # 403
4
+ require 'Nessus6/errors/bad_request' # 400
5
+ require 'Nessus6/errors/not_found' # 404
6
+ require 'Nessus6/errors/unknown'
7
+
8
+ module Nessus6
9
+ # The Groups class is for interacting with Nessus6 user groups. Groups are
10
+ # utilized to make sharing easier.
11
+ # https://localhost:8834/api#/resources/groups
12
+ class Group
13
+ include Nessus6::Verification
14
+
15
+ public
16
+
17
+ def initialize(client)
18
+ @client = client
19
+ end
20
+
21
+ # Add a user to the group. This request requires administrator user
22
+ # permissions.
23
+ #
24
+ # @param group_id [String, Fixnum] The unique id of the group.
25
+ # @param user_id [String, Fixnum] The unique id of the user.
26
+ # @return [Hash]
27
+ def add_user(group_id, user_id)
28
+ response = @client.post("groups/#{group_id}/users/#{user_id}")
29
+ verify response,
30
+ forbidden: 'You do not have permission to add users to a group',
31
+ not_found: 'Group or user does not exist',
32
+ internal_server_error: 'Server failed to add the user to the group'
33
+ end
34
+
35
+ # Create a group. This request requires administrator user
36
+ # permissions.
37
+ #
38
+ # @param name [String, Fixnum] The name of the group.
39
+ # @return [Hash]
40
+ def create(name)
41
+ response = @client.post('groups', name: name)
42
+ verify response,
43
+ bad_request: 'Field is invalid',
44
+ forbidden: 'You do not have permission to create a group',
45
+ internal_server_error: 'Server failed to create the group'
46
+ end
47
+
48
+ # Delete a group. This request requires administrator user
49
+ # permissions.
50
+ #
51
+ # @param group_id [String, Fixnum] The unique id of the group.
52
+ # @return [Hash]
53
+ def delete(group_id)
54
+ response = @client.delete("groups/#{group_id}")
55
+ verify response,
56
+ bad_request: 'Group does not exist',
57
+ forbidden: 'You do not have permission to delete the group',
58
+ internal_server_error: 'Server failed to delete the group'
59
+ end
60
+
61
+ # Deletes a user from the group. This request requires administrator user
62
+ # permissions.
63
+ #
64
+ # @param group_id [String, Fixnum] The unique id of the group.
65
+ # @param user_id [String, Fixnum] The unique id of the user.
66
+ # @return [Hash]
67
+ def delete_user(group_id, user_id)
68
+ response = @client.delete("groups/#{group_id}/users/#{user_id}")
69
+ verify response,
70
+ forbidden: 'You do not have permission to delete users from a '\
71
+ 'group',
72
+ not_found: 'Group or user does not exist',
73
+ internal_server_error: 'Server failed to remove the user from '\
74
+ 'the group'
75
+ end
76
+
77
+ # Edit a group. This request requires administrator user permissions.
78
+ #
79
+ # @param group_id [String, Fixnum] The unique id of the group.
80
+ # @param name [String] The name of the group.
81
+ # @return [Hash]
82
+ def edit(group_id, name)
83
+ response = @client.put("groups/#{group_id}", name: name)
84
+ verify response,
85
+ bad_request: 'Field is invalid',
86
+ forbidden: 'You do not have permission to edit a group',
87
+ not_found: 'Group does not exist',
88
+ internal_server_error: 'Server failed to edit / rename the group'
89
+ end
90
+
91
+ alias_method :rename, :edit
92
+
93
+ # Returns the group list. This request requires read-only user permissions.
94
+ #
95
+ # @return [Hash]
96
+ def list
97
+ response = @client.get('groups')
98
+ verify response,
99
+ forbidden: 'You do not have permission to view the groups list'
100
+ end
101
+
102
+ # Return the group user list. This request requires administrator user
103
+ # permissions.
104
+ #
105
+ # @param group_id [String, Fixnum] The unique id of the group.
106
+ # @return [Hash]
107
+ def list_users(group_id)
108
+ response = @client.get("groups/#{group_id}/users")
109
+ verify response,
110
+ forbidden: 'You do not have permission to view the groups users '\
111
+ 'list',
112
+ not_found: 'Group does not exist'
113
+ end
114
+ end
115
+ end
@@ -0,0 +1,46 @@
1
+ require 'json'
2
+ require 'Nessus6/errors/forbidden' # 403
3
+ require 'Nessus6/errors/not_found' # 404
4
+ require 'Nessus6/errors/unknown'
5
+
6
+ module Nessus6
7
+ # The Permissions class is for interacting with Nessus6 user permissions.
8
+ # Permissions are used to provide access rights to a given object.
9
+ # https://localhost:8834/api#/resources/permissions
10
+ class Permission
11
+ include Nessus6::Verification
12
+
13
+ public
14
+
15
+ def initialize(client)
16
+ @client = client
17
+ end
18
+
19
+ # Changes the permissions for an object.
20
+ #
21
+ # @param object_type [String] The type of object.
22
+ # @param object_id [String, Fixnum] The unique id of the object.
23
+ # @param permissions [String] An array of permission resources to apply
24
+ # to the object.
25
+ # @return [Hash]
26
+ def change(object_type, object_id, permissions)
27
+ response = @client.put("permissions/#{object_type}/#{object_id}",
28
+ body: permissions)
29
+ verify response,
30
+ forbidden: 'You do not have permission to edit the object',
31
+ not_found: 'Object does not exist'
32
+ end
33
+
34
+ # Returns the current object's permissions.
35
+ #
36
+ # @param object_type [String] The type of object.
37
+ # @param object_id [String, Fixnum] The unique id of the object.
38
+ # @return [Hash]
39
+ def list(object_type, object_id)
40
+ response = @client.get("permissions/#{object_type}/#{object_id}")
41
+ verify response,
42
+ forbidden: 'You do not have permission to view the object',
43
+ not_found: 'Object does not exist'
44
+ end
45
+ end
46
+ end
@@ -0,0 +1,135 @@
1
+ require 'json'
2
+ require 'Nessus6/errors/forbidden' # 403
3
+ require 'Nessus6/errors/not_found' # 404
4
+ require 'Nessus6/errors/conflict' # 409
5
+ require 'Nessus6/errors/internal_server_error' # 500
6
+ require 'Nessus6/errors/unknown'
7
+
8
+ module Nessus6
9
+ # The Scans class is for interacting with Nessus6 scans.
10
+ # https://localhost:8834/api#/resources/scans
11
+ class Scan
12
+ include Nessus6::Verification
13
+
14
+ public
15
+
16
+ def initialize(client)
17
+ @client = client
18
+ end
19
+
20
+ # Copies the given scan. Requires can configure scan permissions
21
+ #
22
+ # @param scan_id [String, Fixnum] The id of the scan to export.
23
+ # @param query_params [Hash] Includes:
24
+ # :folder_id [String, Fixnum] - The id of the destination folder.
25
+ # :history [TrueClass, FalseClass, String] - If true, the history for
26
+ # the scan will be copied
27
+ # :name [String] - The name of the copied scan
28
+ # @return [Hash]
29
+ def copy(scan_id, query_params = nil)
30
+ if query_params.is_a? Hash
31
+ response = @client.post "scans/#{scan_id}/copy", query_params
32
+ else
33
+ response = @client.post "scans/#{scan_id}/copy"
34
+ end
35
+
36
+ verify response,
37
+ not_found: 'Scan does not exist.',
38
+ internal_server_error: 'An error occurred while copying.'
39
+ end
40
+
41
+ # Deletes a scan. NOTE: Scans in running, paused or stopping states can not
42
+ # be deleted. This request requires can configure scan permissions
43
+ #
44
+ # @param scan_id [String, Fixnum] The id of the scan to delete.
45
+ # @return [Hash] The scan UUID or throws an error
46
+ def delete(scan_id)
47
+ response = @client.delete "scans/#{scan_id}"
48
+ verify response,
49
+ internal_server_error: 'Failed to delete the scan. This may be ' \
50
+ 'because the scan is currently running'
51
+ end
52
+
53
+ # Deletes historical results from a scan. This request requires can
54
+ # configure scan permissions.
55
+ #
56
+ # @param scan_id [String, Fixnum] The id of the scan.
57
+ # @param query_params [Hash] Includes:
58
+ # :history_id [String, Fixnum] - The id of the results to delete.
59
+ # @return [Hash] The scan UUID or throws an error
60
+ def delete_history(scan_id, query_params = nil)
61
+ response = @client.delete "scans/#{scan_id}"
62
+ verify response,
63
+ not_found: 'Results were not found.',
64
+ internal_server_error: 'Failed to delete the results.'
65
+ end
66
+
67
+ # Returns details for the given scan. This request requires can view
68
+ # scan permissions
69
+ #
70
+ # @param scan_id [String, Fixnum] The id of the scan to retrieve
71
+ # @param history_id [String, Fixnum] The history_id of the historical data
72
+ # that should be returned.
73
+ # @return [Hash] The scan details
74
+ def details(scan_id, history_id = nil)
75
+ if history_id.nil?
76
+ response = @client.get("scans/#{scan_id}")
77
+ else
78
+ response = @client.get("scans/#{scan_id}", history_id: history_id)
79
+ end
80
+ JSON.parse response.body
81
+ end
82
+
83
+ # Launches a scan.
84
+ #
85
+ # @param scan_id [String, Fixnum] The id of the scan to launch.
86
+ # @param alt_targets [Array] If specified, these targets will be scanned
87
+ # instead of the default. Value can be an array where each index is a
88
+ # target, or an array with a single index of comma separated targets.
89
+ # @return [Hash] The scan UUID or throws an error
90
+ def launch(scan_id, alt_targets = nil)
91
+ if alt_targets.is_a? Array
92
+ response = @client.post "scans/#{scan_id}/launch",
93
+ alt_targets: alt_targets
94
+ else
95
+ response = @client.post "scans/#{scan_id}/launch"
96
+ end
97
+
98
+ verify response,
99
+ forbidden: 'This scan is disabled.',
100
+ not_found: 'Scan does not exist.',
101
+ internal_server_error: 'Failed to launch scan. This is usually '\
102
+ 'due to the scan already running.'
103
+ end
104
+
105
+ # Returns the scan list.
106
+ #
107
+ # @return [Hash] Returns the scan list.
108
+ def list
109
+ response = @client.get 'scans'
110
+ JSON.parse response.body
111
+ end
112
+
113
+ # Pauses a scan.
114
+ #
115
+ # @param scan_id [String, Fixnum] The id of the scan to pause.
116
+ # @return [Hash] The scan UUID or throws an error
117
+ def pause(scan_id)
118
+ response = @client.post "scans/#{scan_id}/pause"
119
+ verify response,
120
+ forbidden: 'This scan is disabled.',
121
+ conflict: 'Scan is not active.'
122
+ end
123
+
124
+ # Stops a scan.
125
+ #
126
+ # @param scan_id [String, Fixnum] The id of the scan to stop.
127
+ # @return [Hash] The scan UUID or throws an error
128
+ def stop(scan_id)
129
+ response = @client.post "scans/#{scan_id}/stop"
130
+ verify response,
131
+ not_found: 'Scan does not exist.',
132
+ conflict: 'Scan is not active.'
133
+ end
134
+ end
135
+ end
@@ -0,0 +1,106 @@
1
+ require 'json'
2
+ require 'Nessus6/errors/bad_request'
3
+ require 'Nessus6/errors/forbidden'
4
+ require 'Nessus6/errors/internal_server_error'
5
+ require 'Nessus6/errors/unauthorized'
6
+ require 'Nessus6/errors/unknown'
7
+
8
+ module Nessus6
9
+ # The Session class is used to create a session with Nessus6. User sessions
10
+ # allow us to interact throughout our applications.
11
+ # https://localhost:8834/api#/resources/session
12
+ class Session
13
+ include Nessus6::Verification
14
+
15
+ public
16
+
17
+ attr_reader :token
18
+
19
+ def initialize(client)
20
+ @client = client
21
+ end
22
+
23
+ # Creates a new session token for the given user.
24
+ #
25
+ # @param username [String] The username for the person who is attempting to
26
+ # log in.
27
+ # @param password [String] The password for the person who is attempting to
28
+ # log in.
29
+ # @return [String] The session token
30
+ def create(username, password)
31
+ response = @client.post('session',
32
+ username: username, password: password)
33
+ verified = verify response,
34
+ bad_request: 'Username format is not valid',
35
+ unauthorized: 'Username or password is invalid',
36
+ internal_server_error: 'Too many users are connected'
37
+ @token = verified['token']
38
+ end
39
+
40
+ # Logs the current user out and destroys the session
41
+ #
42
+ # @return [Hash]
43
+ def destroy
44
+ response = @client.delete('session')
45
+
46
+ case response.status_code
47
+ when 200
48
+ @token = ''
49
+ return true
50
+ when 401
51
+ fail 'No session exists'
52
+ else
53
+ fail UnknownError, 'An unknown error occurred. Please consult Nessus' \
54
+ 'for further details.'
55
+ end
56
+ end
57
+
58
+ # Changes settings for the current user.
59
+ #
60
+ # @param user [Hash] Representation of the user
61
+ # :name [String] Full name of the user
62
+ # :email [String] Email address for the user
63
+ # @return [Hash]
64
+ def edit(user)
65
+ if user[:name] && user[:email]
66
+ response = @client.put('session', name: user[:name],
67
+ email: user[:email])
68
+ elsif user[:name]
69
+ response = @client.put('session', name: user[:name])
70
+ elsif user[:email]
71
+ response = @client.put('session', email: user[:email])
72
+ else
73
+ fail "User's name or email was not provided in hash form."
74
+ end
75
+ verify response,
76
+ forbidden: 'You do not have permission to edit the session data',
77
+ internal_server_error: 'Server failed to edit the user'
78
+ end
79
+
80
+ # Returns the user session data.
81
+ #
82
+ # @return [Hash] The session resource
83
+ def get
84
+ verify @client.get('session'),
85
+ forbidden: 'You do not have permission to view the session data'
86
+ end
87
+
88
+ # Changes password for the current user
89
+ #
90
+ # @param new_password [String] New password for the user.
91
+ # @return [Hash] Returned if the password has been changed
92
+ def password(new_password)
93
+ response = @client.put('session/chpasswd', password: new_password)
94
+ verify response,
95
+ bad_request: 'Password is too short',
96
+ unauthorized: 'You do not have permission to change this password',
97
+ internal_server_error: 'Server failed to change the password'
98
+ end
99
+
100
+ def keys
101
+ response = @client.put('session/keys')
102
+ verify response,
103
+ unauthorized: 'You are not logged in / authenticated'
104
+ end
105
+ end
106
+ end
@@ -0,0 +1,136 @@
1
+ require 'json'
2
+ require 'Nessus6/errors/bad_request'
3
+ require 'Nessus6/errors/conflict'
4
+ require 'Nessus6/errors/forbidden'
5
+ require 'Nessus6/errors/internal_server_error'
6
+ require 'Nessus6/errors/not_found'
7
+ require 'Nessus6/errors/unknown'
8
+
9
+ module Nessus6
10
+ # The Users class allows us to interact with Nessus 6 users.
11
+ # Users can utilize Nessus based on their given role.
12
+ # https://localhost:8834/api#/resources/users
13
+ class User
14
+ include Nessus6::Verification
15
+
16
+ public
17
+
18
+ def initialize(client)
19
+ @client = client
20
+ end
21
+
22
+ # Creates a new user. This request requires administrator user permissions.
23
+ #
24
+ # @param credentials [Hash] Hash of user credentials
25
+ # :username [String] The username of the user
26
+ # :password [String] The password of the user
27
+ # @param user_perm [Hash] The role of the user
28
+ # :permissions [String] The role of the user.
29
+ # :type [String] The type of user
30
+ # @param user_info [Hash] Information about the user
31
+ # :name [String] The real name of the user
32
+ # :email [String] The email address of the user
33
+ # @return [Hash] The user object
34
+ def create(credentials, user_perm, user_info = {})
35
+ new_user = {}.tap do |user|
36
+ user[:username] = credentials[:username]
37
+ user[:password] = credentials[:password]
38
+ user[:permissions] = user_perm[:permissions]
39
+ user[:type] = user_perm[:type]
40
+ user[:name] = user_info[:name] if user_info.key?(:name)
41
+ user[:email] = user_info[:email] if user_info.key?(:email)
42
+ end
43
+
44
+ response = @client.post('users', new_user)
45
+
46
+ verify response,
47
+ bad_request: 'Field is invalid',
48
+ forbidden: 'You do not have permission to create this user',
49
+ conflict: 'User already exists'
50
+ end
51
+
52
+ # Deletes a user. This request requires administrator user permissions.
53
+ #
54
+ # @param user_id [String, Fixnum] The unique ID of the user
55
+ # @return [Hash]
56
+ def delete(user_id)
57
+ response = @client.delete("users/#{user_id}")
58
+ verify response,
59
+ forbidden: 'Not authorized to delete users',
60
+ not_found: 'You do not have permission to delete this user',
61
+ conflict: 'Cannot delete your own account',
62
+ internal_server_error: 'Failed to delete the user due to an '\
63
+ 'interal server error'
64
+ end
65
+
66
+ # Edits an existing user. This request requires administrator user
67
+ # permissions
68
+ #
69
+ # @param user_id [String, Fixnum] The unique id of the user
70
+ # @param permissions [String] The role of the user.
71
+ # @param user_info [Hash] The user's information
72
+ # :name [String] The real name of the user
73
+ # :email [String] The email address of the user
74
+ # @return [Hash]
75
+ def edit(user_id, permissions, user_info = {})
76
+ edit_user = {}.tap do |user|
77
+ user[:permissions] = permissions
78
+ user[:name] = user_info[:name] if user_info.key?(:name)
79
+ user[:email] = user_info[:email] if user_info.key?(:email)
80
+ end
81
+ response = @client.post("users/#{user_id}", edit_user)
82
+ verify response,
83
+ bad_request: 'Field is invalid',
84
+ forbidden: 'You do not have permission to edit this user',
85
+ not_found: 'User does not exist',
86
+ conflict: 'Cannot edit your own permissions'
87
+ end
88
+
89
+ # Returns the details for the given user.
90
+ #
91
+ # @param user_id [String, Fixnum] The unique id of the user.
92
+ # @return [Hash]
93
+ def get(user_id)
94
+ response = @client.get("users/#{user_id}")
95
+ verify response,
96
+ not_found: 'User does not exist'
97
+ end
98
+
99
+ # Returns the user list.
100
+ #
101
+ # @return [Hash] The user list
102
+ def list
103
+ response = @client.get('users')
104
+ verif response,
105
+ forbidden: 'You do not have permission to view the list'
106
+ end
107
+
108
+ # Changes the password for the given user
109
+ #
110
+ # @param user_id [String, Fixnum] The unique id of the user
111
+ # @param new_password [String] New password for the user
112
+ # @return [Hash]
113
+ def password(user_id, new_password)
114
+ response = @client.post("users/#{user_id}/chpasswd",
115
+ password: new_password)
116
+ verify response,
117
+ bad_request: 'Password is too short',
118
+ forbidden: 'You do not have permission to change the users '\
119
+ 'password',
120
+ not_found: 'User does not exist',
121
+ internal_server_error: 'Server failed to change the password'
122
+ end
123
+
124
+ # Generates the API Keys for the given user.
125
+ #
126
+ # @param user_id [String, Integer] The unqiue id of the user
127
+ # @return [Hash] The :accessKey and the :secretKey for the user
128
+ def keys(user_id)
129
+ response = @client.get("users/#{user_id}/keys")
130
+ verify response,
131
+ forbidden: 'You do not have permission to generate API keys',
132
+ not_found: 'User does not exist',
133
+ internal_server_error: 'Server failed to change the keys'
134
+ end
135
+ end
136
+ end