enfcli 3.3.2.pre.alpha

data/lib/enfcli.rb

@@ -0,0 +1,390 @@
+#
+# Copyright 2018 Xaptum,Inc
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+require 'openssl'
+require 'enfapi'
+require 'enfthor'
+require 'readline'
+require 'singleton'
+require 'ipaddr'
+
+require 'rubygems/commands/update_command'
+require 'rubygems/commands/search_command'
+
+
+require 'enfcli/version'
+require 'enfcli/commands/xcr'
+require 'enfcli/commands/xiam'
+require 'enfcli/commands/xfw'
+require 'enfcli/commands/user'
+
+module EnfCli
+  FIREWALL_CMD = "firewall"
+  IAM_CMD = "iam"
+  NETWORK_CMD = "network"
+  USER_CMD = "user"
+
+  class IPV6
+    def initialize(ipv6)
+      begin
+        # create IPAddr object
+        ip = IPAddr.new ipv6
+
+        # make sure it is an ipv6 address
+        raise EnfCli::ERROR, "#{ipv6} is not a valid Ipv6 address." unless ip.ipv6?
+
+        @ip = ip
+      rescue IPAddr::InvalidAddressError
+        raise EnfCli::ERROR, "#{ipv6} is not a valid Ipv6 address."
+      end
+    end
+
+    def to_s
+      @ip.to_s
+    end
+
+    def hton
+      @ip.hton
+    end
+
+    def self.ntoh ipv6_bytes
+      ip = IPAddr::new_ntoh( ipv6_bytes )
+      EnfCli::IPV6.new ip.to_s
+    end
+
+    private
+    
+    attr_accessor :ip
+  end
+
+  class IPV6Cidr
+    def initialize(ipv6cidr)
+      # split on /
+      tokens = ipv6cidr.split("/")
+
+      # raise exception if not cidr format
+      raise EnfCli::ERROR, "#{ipv6cidr} is not a valid CIDR notation." unless tokens.length == 2
+
+      # store in prefix/len
+      @prefix = EnfCli::IPV6.new tokens[0]
+      @len = tokens[1].to_i
+      
+      # raise if len is not 0
+      raise EnfCli::ERROR, "#{ipv6cidr} is not a valid CIDR notation." unless len > 2
+      
+    end
+
+    def prefix_bytes
+      @prefix.hton
+    end
+
+    def prefix_len
+      @len
+    end
+
+    def to_s
+      "#{@prefix.to_s}/#{@len}"
+    end
+      
+    private
+    attr_accessor :prefix, :len
+  end
+  
+  def self.ask_password(prompt = nil)
+    begin
+      prompt = 'Enter Password:' unless prompt
+      print prompt
+      # We hide the entered characters before to ask for the password
+      system 'stty -echo'
+      password = $stdin.gets.chomp
+      system 'stty echo'
+      puts ""
+      return password
+      
+    rescue NoMethodError, Interrupt
+      # When the process is exited, we display the characters again
+      # And we exit
+      system 'stty echo'
+      exit
+    end
+  end
+
+  def self.generate_ec_cert(key, ipv6)
+    # monkey patch 
+    OpenSSL::PKey::EC.send(:alias_method, :private?, :private_key?)
+    
+    # Generate cert
+    cert = OpenSSL::X509::Certificate.new
+    cert.subject = cert.issuer = OpenSSL::X509::Name.new([['CN', "#{ipv6}"]])
+    cert.not_before = Time.now
+    cert.not_after = Time.now + 365 * 24 * 60 * 60
+    cert.public_key = key
+    cert.serial = 0x0
+    cert.version = 2
+    
+    cert.sign key, OpenSSL::Digest::SHA1.new
+    cert
+  end  
+  
+  def self.expand_path(file)
+    new_file = File.expand_path(EnfCli::expand_env(file))
+  end
+
+  def self.expand_env(str)
+    str.gsub(/\$([a-zA-Z_][a-zA-Z0-9_]*)|\${\g<1>}|%\g<1>%/) { ENV[$1] }
+  end
+
+  def self.to_canonical_ipv6(ipv6)
+    ip = EnfCli::IPV6.new ipv6
+    ip.to_s
+  end
+  
+  ##
+  # EnfCli error
+  #
+  class ERROR < StandardError
+    def initialize(msg = "Cli Error")
+      super
+    end
+  end
+
+  ##
+  # EnfCli Context
+  #
+  class CTX
+    include Singleton
+
+    attr_accessor :session
+
+    def initialize
+      @prompt = "enfcli"
+      @host = ''
+    end
+
+    def xaptum_admin?
+      self.user_role == "XAPTUM_ADMIN"
+    end
+
+    def user_role
+      @session[:type]
+    end
+
+    def host
+      "#{@host}"
+    end
+
+    def host=(value)
+      @host = value
+    end
+
+    def prompt
+      "\001\033[1;32m\002#{@prompt}>\001\033[0m\002 "
+    end
+
+    def prompt=(value)
+      if value
+        @prompt = "enfcli-#{value}"
+      else
+        @prompt= "enfcli"
+      end
+      
+    end
+    
+  end
+
+  ##
+  # CLI for launching shell
+  #
+  class CLI < EnfThor
+    no_commands {
+      def execute_gem_cmd cmd
+        begin 
+          cmd.execute
+        rescue Gem::SystemExitException => e
+          say "Unable to execute commnad. Please try again!", :red
+        end
+      end
+    }
+    
+    desc "connect", "Connect to ENF Controller"
+    method_option :host, :type => :string, :required => true
+    method_option :user, :type => :string, :required => true
+    method_option :password, :type => :string
+    def connect(*names)
+      host = options[:host]
+      user = options[:user]
+
+      try_with_rescue do
+        # Make sure to use https as default
+        host = "https://#{host}" unless host =~ /^(http|https):\/\//
+        
+        # Ask for password
+        say "Connecting to '#{host}'.....", :bold
+        password = EnfCli::ask_password()
+        
+        # Authenticate
+        resp = EnfApi::API.instance.authenticate(host, user, password)
+
+        # set session
+        EnfCli::CTX.instance.session = resp[:data][0]
+
+        # launch shell/exec cmd
+        if names.empty?
+          EnfCli::Shell::Console::start host, user
+        else
+          EnfCli::Shell::CLI.start names
+        end
+      end
+    end    
+
+    map %w[--version -v] => :__print_version
+    desc "--version, -v", "print the version"
+    def __print_version
+      puts EnfCli::VERSION
+    end
+
+    desc "update", "", :hide => true
+    def update
+      cmd = Gem::Commands::UpdateCommand.new
+      cmd.handle_options ['enfcli']
+      execute_gem_cmd cmd
+    end
+
+    desc "search", "", :hide => true
+    def search
+      cmd = Gem::Commands::SearchCommand.new
+      cmd.handle_options ["enfcli"]
+      execute_gem_cmd cmd
+    end
+
+    default_task :connect
+    
+  end
+
+  ##
+  # Shell Module
+  #
+  module Shell
+    
+    class Console
+      class << self
+        def execute(input)
+          argv = input.split(" ")
+          EnfCli::Shell::CLI.start( argv )
+        end
+        
+        def start(host, user)
+          # Set prompt
+          EnfCli::CTX.instance.prompt = user
+
+          # Set host
+          EnfCli::CTX.instance.host = host
+          
+          # Read each line
+          comp = proc { |s| Readline::HISTORY.grep(/^#{Regexp.escape(s)}/) }        
+          Readline.completion_append_character = " "
+          Readline.completion_proc = comp
+
+          stty_save = `stty -g`.chomp
+          trap('INT') { system('stty', stty_save); exit }
+          
+          while input = Readline.readline(EnfCli::CTX.instance.prompt, true)
+            break if input == "exit" or input == "\\q" or input == "quit"
+            
+            # Remove blank lines from history
+            Readline::HISTORY.pop if input == ""
+            
+            execute(input) unless input == ""
+          end
+        end  
+      end    
+    end
+
+    # Shell CLI class
+    class CLI < EnfThor
+
+      desc "ls [<dir>]", "List files in a directory", :hide => true
+      method_option :dir, :type => :string, :required => false
+      def ls(dir = nil)
+        try_with_rescue do
+          dir = "." unless dir
+          dir = EnfCli::expand_path( dir )
+          
+          Dir.entries( dir ).each{ |f|
+            puts f unless f.start_with?('.')
+          }
+        end
+      end
+
+      desc "cat <file>", "Display contents of a file", :hide => true
+      def cat(file)
+        try_with_rescue do
+          # expand path
+          file = EnfCli::expand_path(file)
+          
+          ## return if keyfile not found
+          raise EnfCli::ERROR, "#{file} not found!" unless File.exists?(file)
+
+          say File.readlines(file).join
+        end
+      end
+
+      desc "pwd", "Current Working Directory", :hide => true
+      def pwd
+        try_with_rescue do
+          say Dir.pwd
+        end
+      end
+
+      desc "cd [<dir>]", "Change working directory", :hide => true
+      def cd(dir = "~")
+        try_with_rescue do
+          dir = EnfCli::expand_path( dir )
+          raise EnfCli::ERROR, "No such directory #{dir}" unless Dir.exist?(dir)
+          Dir.chdir(dir)
+        end
+      end
+
+      desc "host", "Display ENF Controller host", :hide => true
+      def host
+        try_with_rescue do
+          say EnfCli::CTX.instance.host, :bold
+        end
+      end
+      
+      desc "clear", "Clear Terminal Screen", :hide => true
+      def clear
+        try_with_rescue do
+          clear_code = %x{clear}
+          print clear_code or system("cls")
+        end
+      end
+      
+      desc "#{EnfCli::NETWORK_CMD} COMMANDS", "#{EnfCli::NETWORK_CMD} commands"
+      subcommand EnfCli::NETWORK_CMD, EnfCli::Cmd::Xcr
+      
+      desc "#{EnfCli::IAM_CMD} COMMANDS", "#{EnfCli::IAM_CMD} commands"
+      subcommand EnfCli::IAM_CMD, EnfCli::Cmd::Xiam
+      
+      desc "#{EnfCli::FIREWALL_CMD} COMMANDS", "#{EnfCli::FIREWALL_CMD} commands"
+      subcommand EnfCli::FIREWALL_CMD, EnfCli::Cmd::Xfw
+
+      desc "#{EnfCli::USER_CMD} COMMANDS", "#{EnfCli::USER_CMD} commands"
+      subcommand EnfCli::USER_CMD, EnfCli::Cmd::User
+      
+    end
+  end
+  
+end

data/lib/enfthor.rb

@@ -0,0 +1,118 @@
+#
+# Copyright 2018 Xaptum,Inc
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+require 'thor'
+require 'terminal-table'
+
+module EnfCli
+  class EnfThor < Thor
+    # check for unknow of misspelt options
+    check_unknown_options!
+
+    # helper functions
+    no_commands {
+      
+      def format_date(date)
+        DateTime.strptime("#{date}",'%s') if date
+      end
+          
+      def render_table(headings, rows, file = nil)
+        table = Terminal::Table.new
+        table.headings = headings
+        table.rows = rows
+        if file
+          open(expand_path(file), 'w') { |f|
+            f.puts table
+          }
+          say "#{rows.length} rows written to file #{file}", :yellow
+        else
+          say table
+          say "#{rows.length} rows in set", :yellow
+        end
+      end
+
+      def try_with_rescue_in_session
+        try_with_rescue do
+          # Verify domain context is set
+          session = EnfCli::CTX.instance.session
+          raise EnfCli::ERROR, "User Session not establised!" if !session
+
+          yield
+        end        
+      end
+
+      def try_with_rescue
+        begin          
+          yield
+        rescue EnfApi::ERROR => e
+          say e, :red
+          
+        rescue OpenSSL::SSL::SSLError => e
+          say e, :red
+          say "Host may not support https. Try http instead", :bold
+          
+        rescue => e
+          say e, :red
+        end
+      end
+
+      
+    }
+
+    # override help methods
+    class << self
+      def capture_stdout
+        $stdout = StringIO.new
+        yield
+        text = $stdout.string
+        $stdout = STDOUT
+        text
+      end     
+      
+      def help(shell, subcommand = false)        
+        list = printable_commands(true, subcommand)
+        Thor::Util.thor_classes_in(self).each do |klass|
+          list += klass.printable_commands(false)
+        end
+
+        # Remove this line to disable alphabetical sorting
+        list.sort! { |a, b| a[0] <=> b[0] }
+
+        # Add this line to remove the help-command itself from the output
+        list.reject! {|l| l[0].split[1] == 'help' or l[0].split[2] == 'help'}
+
+
+        # Capture help message in a variable
+        help_text = capture_stdout {
+          shell.say "Commands:"
+          shell.print_table(list, :indent => 2, :truncate => true)
+          shell.say
+          class_options_help(shell)
+        }
+
+        ## HACK: format to display proper help message for help command run from shell
+        help_text = help_text.gsub(/enfcli /,"") unless self == EnfCli::CLI
+
+        # Print the actual help message
+        shell.say help_text
+        
+        # Add this line if you want to print custom text at the end of your help output.
+        # (similar to how Rails does it)
+        shell.say 'All commands can be run with -h (or --help) for more information.'
+      end
+    end
+    
+  end
+end

metadata

@@ -0,0 +1,218 @@
+--- !ruby/object:Gem::Specification
+name: enfcli
+version: !ruby/object:Gem::Version
+  version: 3.3.2.pre.alpha
+platform: ruby
+authors:
+- Venkatakumar Srinivasan
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2019-03-29 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: thor
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.20.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.20.0
+- !ruby/object:Gem::Dependency
+  name: rest-client
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.0'
+- !ruby/object:Gem::Dependency
+  name: terminal-table
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+- !ruby/object:Gem::Dependency
+  name: bump
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rspec_junit_formatter
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: fuubar
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: vcr
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: webmock
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: 
+email:
+- venkat@xaptum.com
+executables:
+- enfcli
+extensions: []
+extra_rdoc_files: []
+files:
+- ".circleci/Dockerfile"
+- ".circleci/build.sh"
+- ".circleci/config.yml"
+- ".circleci/setup-rubygems.sh"
+- ".gitignore"
+- Gemfile
+- Gemfile.lock
+- LICENSE
+- Makefile
+- README.md
+- Rakefile
+- bin/enfcli
+- enfcli.gemspec
+- lib/enfapi.rb
+- lib/enfcli.rb
+- lib/enfcli/commands/user.rb
+- lib/enfcli/commands/xcr.rb
+- lib/enfcli/commands/xfw.rb
+- lib/enfcli/commands/xiam.rb
+- lib/enfcli/version.rb
+- lib/enfthor.rb
+homepage: https://www.xaptum.com
+licenses: []
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">"
+    - !ruby/object:Gem::Version
+      version: 1.3.1
+requirements: []
+rubygems_version: 3.0.1
+signing_key: 
+specification_version: 4
+summary: Xaptum ENF CLI.
+test_files: []