controls 1.0.2 → 1.1.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/docs/index.md +2 -1
- data/lib/controls/client.rb +43 -9
- data/lib/controls/client/assets.rb +11 -1
- data/lib/controls/client/security_controls.rb +26 -0
- data/lib/controls/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: b4c24961d1145261cb33c03a110b650f41eea255
|
|
4
|
+
data.tar.gz: 4df1a60e8405bbc41f875b9f6dad838bab803021
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 8e9d57de39f63b248311e1642149d05f09884543dcb6953266e1478ab14d01c6293ac32cc3913ecb4c218d8bc987b464bc01a1c970c2b887c0667226a46ac37f
|
|
7
|
+
data.tar.gz: d873718f6aaab45b0511fd5b658aa3c57827168185112ca89b973b261ac23fd4e4ba1422255a2e011c5f613a3a0539a7c15fa96b2d8945ac93c45349cac19f5c
|
data/docs/index.md
CHANGED
|
@@ -38,7 +38,8 @@ Controls.get '/'
|
|
|
38
38
|
### Curl
|
|
39
39
|
```bash
|
|
40
40
|
# Use -k to allow a self-signed certificate
|
|
41
|
-
curl -H 'Accept: application/json' --netrc-file ~/.rapid7_netrc -ik
|
|
41
|
+
curl -H 'Accept: application/json' --netrc-file ~/.rapid7_netrc -ik \
|
|
42
|
+
https://nexpose.local:3780/insight/controls/api/1.0
|
|
42
43
|
```
|
|
43
44
|
|
|
44
45
|
### Ruby
|
data/lib/controls/client.rb
CHANGED
|
@@ -23,9 +23,12 @@ module Controls
|
|
|
23
23
|
include Controls::Client::Threats
|
|
24
24
|
include Controls::Client::Trends
|
|
25
25
|
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
26
|
+
# A few messages to show the user of Controls::Client in the case that a bad certificate is encountered
|
|
27
|
+
SSL_WARNING = [
|
|
28
|
+
'The API endpoint used a self-signed or invalid SSL certificate.',
|
|
29
|
+
'To allow this connection temporarily use `Controls.verify_ssl = false`.',
|
|
30
|
+
'See the Controls.rb wiki on GitHub for more information on SSL verification.'
|
|
31
|
+
]
|
|
29
32
|
|
|
30
33
|
# Creates a new {Controls::Client} object
|
|
31
34
|
#
|
|
@@ -54,10 +57,14 @@ module Controls
|
|
|
54
57
|
end
|
|
55
58
|
end
|
|
56
59
|
|
|
60
|
+
# Whether the middleware is currently set to verify SSL connections
|
|
57
61
|
def verify_ssl
|
|
58
62
|
middleware.ssl[:verify].nil? || !!middleware.ssl[:verify]
|
|
59
63
|
end
|
|
60
64
|
|
|
65
|
+
# Sets the middleware to to verify the SSL on true, or disregard it on false
|
|
66
|
+
#
|
|
67
|
+
# @param [Boolean] verify whether to verify SSL or not
|
|
61
68
|
def verify_ssl=(verify)
|
|
62
69
|
middleware.ssl[:verify] = !!verify
|
|
63
70
|
end
|
|
@@ -89,14 +96,13 @@ module Controls
|
|
|
89
96
|
end
|
|
90
97
|
end
|
|
91
98
|
|
|
92
|
-
|
|
93
|
-
# A wrapper for GET requests
|
|
99
|
+
# A wrapper for PUT requests
|
|
94
100
|
#
|
|
95
101
|
# @return [Array,Hash] an array or hash of parsed JSON data
|
|
96
|
-
def
|
|
102
|
+
def put(path, body = {}, headers = {}, &block)
|
|
97
103
|
headers = connection_options[:headers].merge(headers)
|
|
98
|
-
url = URI.escape(File.join(
|
|
99
|
-
resp = middleware.
|
|
104
|
+
url = URI.escape(File.join(api_endpoint, path))
|
|
105
|
+
resp = middleware.put(url, body, headers, &block)
|
|
100
106
|
|
|
101
107
|
Response.parse(resp.body)
|
|
102
108
|
rescue Faraday::Error::ConnectionFailed => e
|
|
@@ -107,6 +113,10 @@ module Controls
|
|
|
107
113
|
end
|
|
108
114
|
end
|
|
109
115
|
|
|
116
|
+
# A list of methods for API connections available to the {Controls::Client}
|
|
117
|
+
#
|
|
118
|
+
# @note Any methods defined in a child module will be returned.
|
|
119
|
+
# @return [Array<Symbol>] the methods defined in {Controls::Client} that are API related
|
|
110
120
|
def api_methods
|
|
111
121
|
mods = Controls::Client.included_modules.map do |mod|
|
|
112
122
|
if mod.to_s =~ /^Controls::Client::/
|
|
@@ -117,12 +127,15 @@ module Controls
|
|
|
117
127
|
mods.compact.map { |mod| mod.instance_methods(false) }.flatten.sort
|
|
118
128
|
end
|
|
119
129
|
|
|
130
|
+
# A set of references from the "documentation" API endpoint /api
|
|
131
|
+
#
|
|
132
|
+
# @param [String] version the API version to collect documentation from
|
|
120
133
|
def references(version = '1.0')
|
|
121
134
|
version = '1.0' unless version =~ /\d.\d/
|
|
122
135
|
|
|
123
136
|
web_get "/api/#{version}"
|
|
124
137
|
|
|
125
|
-
# Use generate_ruby
|
|
138
|
+
# [review] - Use Response#generate_ruby
|
|
126
139
|
@references = Hash[Response.parse(resp.body).sort]
|
|
127
140
|
rescue Faraday::Error::ConnectionFailed => e
|
|
128
141
|
if e.message =~ /^SSL_connect/
|
|
@@ -132,6 +145,10 @@ module Controls
|
|
|
132
145
|
end
|
|
133
146
|
end
|
|
134
147
|
|
|
148
|
+
# Compares {#options} or with the given options hash
|
|
149
|
+
#
|
|
150
|
+
# @param [Hash] opts whether the options are the same or different
|
|
151
|
+
# @return whether the options are the same or different
|
|
135
152
|
def same_options?(opts)
|
|
136
153
|
opts.hash.eql? options.hash
|
|
137
154
|
end
|
|
@@ -149,5 +166,22 @@ module Controls
|
|
|
149
166
|
end # end
|
|
150
167
|
RUBY
|
|
151
168
|
end
|
|
169
|
+
|
|
170
|
+
# A wrapper for GET requests to the Controls endpoint root (web endpoint)
|
|
171
|
+
#
|
|
172
|
+
# @return [Array,Hash] an array or hash of parsed JSON data
|
|
173
|
+
def web_get(path, params = {}, headers = {})
|
|
174
|
+
headers = connection_options[:headers].merge(headers)
|
|
175
|
+
url = URI.escape(File.join(web_endpoint, path))
|
|
176
|
+
resp = middleware.get(url, params, headers)
|
|
177
|
+
|
|
178
|
+
Response.parse(resp.body)
|
|
179
|
+
rescue Faraday::Error::ConnectionFailed => e
|
|
180
|
+
if e.message =~ /^SSL_connect/
|
|
181
|
+
warn(*SSL_WARNING)
|
|
182
|
+
else
|
|
183
|
+
raise e
|
|
184
|
+
end
|
|
185
|
+
end
|
|
152
186
|
end
|
|
153
187
|
end
|
|
@@ -6,6 +6,7 @@ module Controls
|
|
|
6
6
|
module Assets
|
|
7
7
|
# @!group Asset Methods
|
|
8
8
|
|
|
9
|
+
# [todo] - use @overload here for assets(params) vs assets(uuid) vs assets({ uuid: 'uuid-string', other: 'param' })
|
|
9
10
|
# @note since the uuid is an optional param it has been added to the
|
|
10
11
|
# params options hash
|
|
11
12
|
# @raise [Controls::NotFound] if the uuid didn't match any assets
|
|
@@ -18,13 +19,22 @@ module Controls
|
|
|
18
19
|
params = {}
|
|
19
20
|
end
|
|
20
21
|
|
|
21
|
-
if uuid
|
|
22
|
+
if uuid && !uuid.empty?
|
|
22
23
|
get "/assets/#{uuid}", params
|
|
23
24
|
else
|
|
24
25
|
get '/assets', params
|
|
25
26
|
end
|
|
26
27
|
end
|
|
27
28
|
|
|
29
|
+
# [todo] - change the name to asset_search/search_assets?
|
|
30
|
+
# @param [String] query the query to retreive assets for
|
|
31
|
+
# @param [Hash] params the option hash to be turned into query parameters
|
|
32
|
+
# @return [Hash] a hash representing the matching assets
|
|
33
|
+
def assets_search(query, params = {})
|
|
34
|
+
params[:q] = query
|
|
35
|
+
get "/assets/search", params
|
|
36
|
+
end
|
|
37
|
+
|
|
28
38
|
# @param [String] guidance the guidance name to search by
|
|
29
39
|
# @return [Array<Hash>] an array of hashes that represent assets
|
|
30
40
|
def applicable_assets(guidance, params = {})
|
|
@@ -13,6 +13,7 @@ module Controls
|
|
|
13
13
|
|
|
14
14
|
# @param [String] control the name of the security control name to
|
|
15
15
|
# retrieve
|
|
16
|
+
# @todo warn that this method returns a different object now?
|
|
16
17
|
# @return [Hash] a hash representing a security control
|
|
17
18
|
def security_controls(control = nil)
|
|
18
19
|
if control
|
|
@@ -22,6 +23,31 @@ module Controls
|
|
|
22
23
|
end
|
|
23
24
|
end
|
|
24
25
|
|
|
26
|
+
# @param [String] control the name of the security control name to
|
|
27
|
+
# retrieve
|
|
28
|
+
# @todo add a since note? this replaces security_controls and security_controls now returns a new object
|
|
29
|
+
# @return [Hash] a hash representing a security control coverage
|
|
30
|
+
def security_controls_coverage(control = nil)
|
|
31
|
+
if control
|
|
32
|
+
get "/coverage/security_controls/#{control}"
|
|
33
|
+
else
|
|
34
|
+
get '/coverage/security_controls'
|
|
35
|
+
end
|
|
36
|
+
end
|
|
37
|
+
|
|
38
|
+
# Updates the specified security control(s)
|
|
39
|
+
#
|
|
40
|
+
# @param [Array[Hash{String=>String,Boolean}] controls a list of controls to update
|
|
41
|
+
# @return [void]
|
|
42
|
+
def update_security_controls(controls)
|
|
43
|
+
# [review] - this style is a discouraged for Arrays, but we want to treat controls as an Array of Hashes
|
|
44
|
+
if controls.is_a? Array
|
|
45
|
+
put '/security_controls', controls.to_json
|
|
46
|
+
elsif controls.is_a? Hash
|
|
47
|
+
put "/security_controls/#{control['name']}", control.to_json
|
|
48
|
+
end
|
|
49
|
+
end
|
|
50
|
+
|
|
25
51
|
# @param [String] vector the threat vector to search for securuty controls
|
|
26
52
|
# by
|
|
27
53
|
# @return [Array<Hash>] a list of hashes representing threats
|
data/lib/controls/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: controls
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.
|
|
4
|
+
version: 1.1.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Erran Carey
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2014-01-21 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: activesupport
|