foreman_probing 0.0.1

data/app/models/foreman_probing/port.rb

@@ -0,0 +1,21 @@
+module ForemanProbing
+  class Port < ActiveRecord::Base
+    belongs_to :probing_facet, :class_name => '::ForemanProbing::ProbingFacet'
+    has_many :services
+
+    def update_from_facts(protocol, number, facts)
+      self.protocol = protocol
+      self.number = number
+      self.state = facts[:state]
+    end
+
+    def update_from_port(port)
+      protocol = port.protocol
+      number = port.number
+      state = port.state
+      port.services.reject { |service| self.services.map(&:name).include? service.name }.each do |service|
+        self.services << service
+      end
+    end
+  end
+end

data/app/models/foreman_probing/probing_facet.rb

@@ -0,0 +1,27 @@
+module ForemanProbing
+  class ProbingFacet < ActiveRecord::Base
+    include Facets::Base
+    
+    def self.table_name
+      'foreman_probing_probing_facets'
+    end
+
+    validates :host, :presence => true, :allow_blank => false
+
+    has_many :scanned_ports, :class_name => 'Port'
+    has_many :services, :through => :scanned_ports
+
+    def online?
+
+    end
+
+    def refresh
+
+    end
+
+    def ping!
+
+    end
+
+  end
+end

data/app/models/foreman_probing/scan.rb

@@ -0,0 +1,42 @@
+module ForemanProbing
+  class Scan < ActiveRecord::Base
+    include Taxonomix
+
+    default_scope -> do
+      with_taxonomy_scope do
+        order(:id => 'desc')
+      end
+    end
+
+    belongs_to :task, :class_name => '::ForemanTasks::Task'
+    has_one :targeting
+    has_one :scan_host
+    has_many :hosts, :through => :scan_host, :class_name => 'Host::Managed'
+    belongs_to :smart_proxy
+
+    attr_accessor :direct, :target_kind, :search_query, :subnet_id
+
+    def ports
+      if @ports.nil?
+        return [] if raw_ports.nil?
+        ranges = raw_ports.split(',')
+        ports = ranges.map do |range|
+          range.split('-').map do |from, to|
+            to.nil? ? from : (from..to).entries
+          end
+        end
+        @ports = ports.flatten.map(&:chomp).map(&:to_i)
+      end
+      @ports
+    end
+
+    def available_scan_types
+      ['TCP', 'UDP', 'ICMP']
+    end
+
+    def target_kinds
+      ['Direct', 'Subnet', 'Host', 'Proxy']
+    end
+
+  end
+end

data/app/models/foreman_probing/scan_composer.rb

@@ -0,0 +1,75 @@
+module ForemanProbing
+  class ScanComposer
+
+    attr_accessor :targeting, :ports, :probe, :proxy
+
+    TARGETING_TYPES = %w(direct subnet host proxy).freeze
+
+    def self.new_from_params(params)
+      self.new.tap do |c|
+        c.targeting = c.targeting_from_params(params)
+        c.ports = c.ports_from_params(params)
+        c.probe = params[:scan_type]
+        c.proxy = c.proxy_from_params(params)
+      end
+    end
+
+    def self.new_from_scan(scan)
+      self.new.tap do |c|
+        c.targeting = scan.targeting.dup
+        c.ports = scan.raw_ports
+        c.probe = scan.scan_type
+        c.proxy = scan.smart_proxy
+      end
+    end
+
+    def compose!
+      if @scan.nil?
+        @scan = ForemanProbing::Scan.new
+        @scan.targeting = targeting
+        @scan.target_kind = targeting.target_kind
+        @scan.smart_proxy = proxy
+        @scan.scan_type = probe
+        @scan.raw_ports = ports
+
+        case targeting
+        when ::ForemanProbing::Targeting::Direct
+          @scan.direct = targeting.raw_targets
+        when ::ForemanProbing::Targeting::Subnet
+          @scan.subnet_id = targeting.raw_targets.to_i
+        when ::ForemanProbing::Targeting::Search
+          @scan.search_query = targeting.raw_targets
+        end
+      end
+      @scan
+    end
+
+    def proxy_from_params(params)
+      SmartProxy.authorized.find(params['smart_proxy_id'])
+    end
+
+    def ports_from_params(params)
+      # ranges = params[:ports].split(',')
+      # ports = ranges.map do |range|
+      #   range.split('-').map do |from, to|
+      #     to.nil? ? from : (from..to).entries
+      #   end
+      # end
+      # ports.flatten.map(&:chomp).map(&:to_i)
+      params[:raw_ports]
+    end
+
+    def targeting_from_params(params)
+      case params[:target_kind].downcase
+      when 'direct'
+        ::ForemanProbing::Targeting::Direct.new(:raw_targets => params[:direct])
+      when 'subnet'
+        ::ForemanProbing::Targeting::Subnet.new(:raw_targets => params[:subnet_id])
+      when 'host'
+        ::ForemanProbing::Targeting::Search.new(:raw_targets => params[:search_query])
+      when 'proxy'
+        ::ForemanProbing::Targeting::SubnetDiscovery.new
+      end
+    end
+  end
+end

data/app/models/foreman_probing/scan_host.rb

@@ -0,0 +1,8 @@
+module ForemanProbing
+  class ScanHost < ActiveRecord::Base
+
+    belongs_to :scan
+    belongs_to :host
+    
+  end
+end

data/app/models/foreman_probing/service.rb

@@ -0,0 +1,14 @@
+module ForemanProbing
+  class Service < ActiveRecord::Base
+    belongs_to :port
+
+    def self.new_from_facts(name, facts)
+      service = self.new
+      service.name = name
+      service.confidence = facts.fetch('confidence', 0)
+      service.method = facts.fetch('method', 'table')
+      # TODO: Process the rest of the attributes
+      service
+    end
+  end
+end

data/app/models/foreman_probing/targeting/direct.rb

@@ -0,0 +1,50 @@
+module ForemanProbing
+  class Targeting::Direct < Targeting
+
+    # Either ip address or subnet in CIDR notation
+    # def initialize(address_string)
+    #   @addresses = parse_address_string!(address_string)
+    # end
+
+    def targets
+      parse_address_string!(raw_targets).map do |addr|
+        str = ''
+        case addr[:family].to_s
+        when 'inet'
+          str += addr[:addr]
+          str += '/' + addr[:netmask] unless addr[:netmask].nil?
+        when 'inet6'
+          # TODO: ipv6
+          raise NotImplementedError
+        else
+          raise ArgumentError, "Unknown address family #{addr[:family]}"
+        end
+        str
+      end
+    end
+
+    def target_kind
+      'direct'
+    end
+
+    private
+
+    # TODO: Do some validation
+    def parse_address_string!(str)
+      if str.is_a?(Array)
+        str.map { |item| parse_address_string! item }.flatten
+      elsif str.is_a? Hash
+        str
+      else
+        # TODO: Somehow use IPAddr
+        str.split(',').map do |ip|
+          if ip =~ /(\d{1,3}.\d{1,3}.\d{1,3}.\d{1,3})(\/(\d{1,2}))?/
+            { :family => :inet, :addr => $1, :netmask => $3 }
+          else
+            # TODO: Match ipv6 here
+          end
+        end
+      end
+    end
+  end
+end

data/app/models/foreman_probing/targeting/search.rb

@@ -0,0 +1,23 @@
+module ForemanProbing
+  class Targeting::Search < ::ForemanProbing::Targeting
+    # def initialize(search_query, hosts = nil)
+    #   @search_query = search_query
+    #   @hosts = hosts
+    # end
+
+    def targets
+      @hosts ||= resolve_hosts!
+      @targets ||= @hosts.map { |host| host.interfaces.map(&:ip) }.flatten
+    end
+
+    def target_kind
+      'host'
+    end
+
+    def resolve_hosts!
+      # @hosts = Host.authorized(RESOLVE_PERMISSION, Host)
+      #              .search_for(@search_query)
+      ::Host.authorized.search_for(raw_targets)
+    end
+  end
+end

data/app/models/foreman_probing/targeting/subnet.rb

@@ -0,0 +1,17 @@
+module ForemanProbing
+  class Targeting::Subnet < ForemanProbing::Targeting
+    def target_kind
+      'subnet'
+    end
+
+    def subnet
+      @subnet ||= ::Subnet.authorized.find(raw_targets.to_i)
+    end
+
+    def targets
+      # TODO: This is ugly
+      cidr = IPAddr.new(subnet.mask).to_i.to_s(2).count('1')
+      @targets ||= "#{subnet.network}/#{cidr}"
+    end
+  end
+end

data/app/models/foreman_probing/targeting/subnet_discovery.rb

@@ -0,0 +1,12 @@
+module ForemanProbing
+  class Targeting::SubnetDiscovery < Targeting
+
+    def target_kind
+      'proxy'
+    end
+
+    def targets
+      []
+    end
+  end
+end

data/app/models/foreman_probing/targeting.rb

@@ -0,0 +1,12 @@
+module ForemanProbing
+  class Targeting < ActiveRecord::Base
+    belongs_to :scan
+
+    # Returns array of strings, suitable for direct passing into nmap
+    def targets
+      raise NotImplementedError
+    end
+
+    require_dependency(File.join(__FILE__.gsub(/\.rb$/, ''), '..', 'targeting', 'subnet.rb'))
+  end
+end

data/app/overrides/dashboard/index/sample_override.html.erb.deface

@@ -0,0 +1,4 @@
+<!-- insert_before 'div:contains("title_action")' -->
+<%= title_actions "<h2>ForemanProbing</h2>" %>
+
+<!-- vim: set ft=eruby : -->

data/app/overrides/open_ports_tab.rb

@@ -0,0 +1,14 @@
+# Displays opened ports as a tab in host details
+Deface::Override.new(
+  :virtual_path => 'hosts/show',
+  :name => 'open_ports_tab',
+  :surround_contents => 'ul.nav.nav-tabs',
+  :partial => 'foreman_probing/probing_facets/open_ports_tab_title',
+)
+
+Deface::Override.new(
+  :virtual_path => 'hosts/show',
+  :name => 'open_ports_content',
+  :surround_contents => 'div.tab-content',
+  :partial => 'foreman_probing/probing_facets/open_ports_tab_content',
+)

data/app/services/foreman_probing/fact_parser.rb

@@ -0,0 +1,47 @@
+module ForemanProbing
+  class FactParser < ::FactParser
+
+    attr_reader :facts
+
+    def initialize(facts)
+      @facts = HashWithIndifferentAccess.new(facts)
+    end
+    
+    # We don't know anything about those
+    def architecture; end
+    def domain; end
+    def environment; end
+    def model; end
+    def operatingsystem; end
+
+    def support_interfaces_parsing?
+      true
+    end
+
+    def ipmi_interface; end
+
+    def get_interfaces # rubocop:disable Style/AccessorMethodName
+      identifiers = facts['addresses'].values_at(*%w(ipv4 ipv6 hwaddr))
+        .compact.map do |hash|
+          hash.values.map { |value| value['identifier'] }
+        end
+      identifiers.flatten.compact.uniq
+    end
+
+    def get_facts_for_interface(interface)
+      addresses = facts['addresses']
+      result = { :ipaddress => 'ipv4',
+               :ip6address => 'ipv6',
+               :macaddress => 'hwaddr' }.reduce({}) do |acc, (key, kind)|
+        acc.merge(key => address_by_identifier(addresses, kind, interface))
+      end
+      HashWithIndifferentAccess.new(result)
+    end
+
+    private
+
+    def address_by_identifier(addresses, kind, identifier)
+      addresses.fetch(kind, {}).find { |(_ip, value)| value['identifier'] == identifier }.try(:first)
+    end
+  end
+end

data/app/services/foreman_probing/structured_fact_importer.rb

@@ -0,0 +1,20 @@
+module ForemanProbing
+  class StructuredFactImporter < ::StructuredFactImporter
+    def fact_name_class
+      ForemanProbing::FactName
+    end
+
+    def initialize(host, facts = {})
+      @host = find_host(host, facts)
+      @facts = normalize(facts)
+      @counters = {}
+    end
+
+    private
+    
+    def find_host(fallback, facts)
+      # TODO: go through facts
+      fallback
+    end
+  end
+end

data/app/views/dashboard/_foreman_probing_widget.html.erb

@@ -0,0 +1,2 @@
+<h4 class="header ca"><%= _('ForemanProbing') %></h4>
+<%= _('Widget content') %>

data/app/views/foreman_probing/api/v2/scans/base.json.rabl

@@ -0,0 +1,3 @@
+object @scan
+
+attributes :id, :scan_type, :raw_ports, :smart_proxy_id, :task_id

data/app/views/foreman_probing/api/v2/scans/index.json.rabl

@@ -0,0 +1,3 @@
+collection @scans
+
+extends 'foreman_probing/api/v2/scans/base'

data/app/views/foreman_probing/api/v2/scans/show.json.rabl

@@ -0,0 +1,3 @@
+object @scan
+
+extends 'foreman_probing/api/v2/scans/base'

data/app/views/foreman_probing/hosts/_open_ports.html.erb

@@ -0,0 +1,19 @@
+<% if @host.probing_facet.scanned_ports.count.zero? %>
+    <div class="alert alert-info"><%= _('This host has no known open ports') %></div>
+<% else %>
+    <table id="open_ports_table" class="<%= table_css_classes %>">
+        <thead>
+            <tr>
+                <th><%= _('Port') %></th>
+                <th><%= _('Updated at') %></th>
+            </tr>
+        </thead>
+        <% @host.probing_facet.scanned_ports.each do |port| %>
+            <tr>
+                <td><%= port.number %>/<%= port.protocol %></td>
+                <td><%= port.updated_at %></td>
+            </tr>
+        <% end %>
+    </table>
+<% end %>
+<br>

data/app/views/foreman_probing/hosts/hosts/new_action.html.erb

@@ -0,0 +1 @@
+Welcome to <b>ForemanProbing</b>

data/app/views/foreman_probing/hosts/new_action.html.erb

@@ -0,0 +1 @@
+Welcome to <b>ForemanProbing</b>

data/app/views/foreman_probing/probing_facets/_open_ports_tab_content.html.erb

@@ -0,0 +1,6 @@
+<%= render_original %>
+<% unless @host.probing_facet.nil? %>
+    <div id="open-ports" class="tab-pane" data-ajax-url='<%= open_ports_foreman_probing_host_path(@host)%>'>
+        <%= spinner(_('Loading information about opened ports ...')) %>
+    </div>
+<% end %>

data/app/views/foreman_probing/probing_facets/_open_ports_tab_title.html.erb

@@ -0,0 +1,4 @@
+<%= render_original %>
+<% unless @host.probing_facet.nil? %>
+    <li><a href="#open-ports" data-toggle="tab"><%= _('Open ports') %></a></li>
+<% end %>

data/app/views/foreman_probing/scans/index.html.erb

@@ -0,0 +1,31 @@
+<% title _('Scans') %>
+
+<% title_actions([new_link(_('Run Scan'))]) %>
+
+<table class="table table-bordered table-condensed">
+    <thead>
+        <tr>
+            <th>ID</th>
+            <th>Scan type</th>
+            <th>Ports</th>
+            <th>Smart Proxy</th>
+            <th>Targeting</th>
+            <th>Run at</th>
+            <th>Actions</th>
+        </tr>
+    </thead>
+    <tbody>
+        <% @scans.each do |scan| %>
+            <tr>
+                <td><a href="<%= url_for(scan) %>"><%= scan.id %></a></td>
+                <td><%= scan.scan_type %></td>
+                <td><%= scan.ports.join(', ') %></td>
+                <td><%= scan.smart_proxy.name %></td>
+                <td><%= targeting_label(scan.targeting) %></td>
+                <td><%= scan.task && scan.task.started_at %></td>
+                <td><a href="<%= rerun_foreman_probing_scan_path(:id => scan.id) %>" class="btn">Rerun</a></td>
+            </tr>
+        <% end %>
+    </tbody>
+</table>
+<%= will_paginate_with_info @scans %>

data/app/views/foreman_probing/scans/new.html.erb

@@ -0,0 +1,51 @@
+<script>
+  var target_kind_change_handler = function(element) {
+      var value = element.value.toLowerCase();
+      $('div.kind').each(function(child) {
+          if(this.classList.contains('kind-' + value)) {
+              $(this).show();
+          } else {
+              $(this).hide();
+          }
+      });
+  };
+  var scan_type_change_handler = function(element) {
+    var value = element.value;
+    var target = $('input#foreman_probing_scan_raw_ports').closest('div.clearfix');
+    if(element.value != 'ICMP') {
+      target.show();
+    } else {
+      target.hide();
+    }
+  };
+</script>
+
+<%= title _('Scan') %>
+<%= form_for @scan do |f| %>
+
+  <%= selectable_f f, :target_kind, @scan.target_kinds.map { |kind| [kind, kind.downcase] }, {}, :label => _('Target kind'), :onchange => 'target_kind_change_handler(this)' %>
+
+  <div class="kind kind-subnet <%= @scan.target_kind != 'subnet' ? 'hidden' : '' %>">
+    <%= selectable_f f, :subnet_id, Subnet.authorized.map { |s| ["#{s.name} (#{s.network}/#{s.mask}", s.id] },
+                     {}, :label => 'Subnet' %>
+  </div>
+
+  <div class="kind kind-host <%= @scan.target_kind != 'host' ? 'hidden' : '' %>">
+    <%= textarea_f f, :search_query, :label => _('Search query') %>
+  </div>
+
+  <div class="kind kind-direct <%= @scan.target_kind != 'direct' ? 'hidden' : '' %>">
+    <%= text_f f, :direct, :label => _('IP Address'), :help_inline => _('Comma separated list of IPv4 addresses, subnets or ranges') %>
+  </div>
+
+  <%= selectable_f f, 'smart_proxy_id', SmartProxy.authorized.map { |p| [p.name, p.id] }, {}, :label => 'Smart proxy', :help_inline => _('Smart Proxy to run the scan from')  %>
+
+  <%= selectable_f f, :scan_type, @scan.available_scan_types, {}, :label => _('Scan type'), :onchange => 'scan_type_change_handler(this)' %>
+
+  <div class="raw-ports <%= @scan.scan_type == 'ICMP' ? 'hidden' : '' %>">
+      <%= text_f f, :raw_ports, :label => _('Ports'), :help_inline => 'Single, port, coma-separated list or range FROM-TO' %>
+  </div>
+
+  <%= submit_or_cancel f, false, :cancel_path => foreman_probing_scans_path %>
+
+<% end %>

data/app/views/foreman_probing/scans/show.html.erb

@@ -0,0 +1,41 @@
+<% title 'Scan' %>
+
+<!-- TODO: Buttons -->
+<% if @scan.task %>
+    <% title_actions(button_group(scan_task_buttons(@scan))) %>
+<% end %>
+
+<div class="col-md-6">
+    <h4>Details</h4>
+    <b><%= _("Smart proxy") %></b>: <a href="<%= url_for(@scan.smart_proxy) %>"><%= @scan.smart_proxy.name %></a><br>
+    <b><%= _("Scan type") %></b>: <%= @scan.scan_type %><br>
+    <% if @scan.scan_type != 'ICMP' %>
+        <b><%= _("Ports") %></b>: <%= @scan.ports.join(', ') %><br>
+    <% end %>
+</div>
+
+<div class="col-md-6 infoblock">
+    <h4>Scanned hosts</h4>
+    <% if @scan.task && %w(stopped paused).include?(@scan.task.state) %>
+        <table class="table table-bordered table-condensed">
+            <tr><th>Host</th><th>State</th></tr>
+            <% @scan.hosts.each do |host| %>
+                <tr><td><a href="<%= url_for(host) %>"><%= host.name %></a></td>
+                    <td><%= host.probing_facet && host.probing_facet.status %></td>
+                </tr>
+            <% end %>
+        </table>
+    <% else %>
+        <div class="alert alert-info">
+            The task is still running.
+        </div>
+    <% end %>
+</div>
+
+<% if @auto_refresh %>
+<script id="scan_show_refresh">
+ setTimeout(function () {
+     location.reload();
+ }, 10000);
+</script>
+<% end %>

data/app/views/templates/ssh/add_public_keys.erb

@@ -0,0 +1,22 @@
+<%#
+kind: job_template
+name: Add Public Keys - SSH Default
+job_category: Commands
+description_format: "Add Public Key %{public key}"
+provider_type: SSH
+template_inputs:
+- name: public key
+  description: Public key to add to the host
+  input_type: user
+  required: true
+%>
+PUBLIC_KEY="<%= input("public key") %>"
+SSH_DIR="${HOME}/.ssh"
+AUTHORIZED_KEYS="${SSH_DIR/authorized_keys"
+
+umask 077
+[ -d "$SSH_DIR" ] || mkdir -p "$SSH_DIR"
+
+if ! grep -q "$PUBLIC_KEY" "$SSH_DIR"; then
+  echo "$PUBLIC_KEY" >> "$AUTHORIZED_KEYS"
+fi

data/app/views/templates/ssh/register_content_host.erb

@@ -0,0 +1,34 @@
+<%#
+kind: job_template
+name: Register Content Host - SSH Default
+job_category: Commands
+description_format: "Register Content Host using activation key %{activation key}"
+provider_type: SSH
+template_inputs:
+- name: activation key
+  description: Name of the Activation Key to use for registering the host
+  input_type: user
+  required: true
+- name: organization name
+  description: Name of the Organization to register the host to
+  input_type: user
+  required: true
+%>
+# Install Katello's certificates
+yum localinstall -y <%= foreman_server_url %>/pub/katello-ca-consumer-latest.noarch.rpm
+
+# Install subscription-manager
+yum install -y subscription-manager
+
+# Register the host
+subscription-manager register \
+  --org="<%= input("organization name") %> \
+  --activationkey="<%= input("activation key") %>
+
+# Enable repository with katello-agent
+yum install -y http://fedorapeople.org/groups/katello/releases/yum/3.4/client/el7/x86_64/katello-client-repos-latest.rpm
+
+# Install katello-agent
+yum -y install katello-agent
+systemctl enable goferd
+systemctl start goferd