metasploit_data_models 0.24.4 → 0.24.5

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 61442f9aba4eb0add5a0c6f73069b50a8f45f252
-  data.tar.gz: e1fc9dfd4147569783fb3d2ff3a267a6d4a1efca
+  metadata.gz: d1295b513f0e595f45f1315528cec3ad0f4cf2de
+  data.tar.gz: 9e7bb0f98fc9b16e90fd65c502e715fc31f5a34a
 SHA512:
-  metadata.gz: 43783566f818d244740e6b766646a3cc0a984f5e0436b5a09083b7d39533222dde50acfd9a39ed0d1777b72e16d7825ce8d9e61b5d5e28c88190c4d12c19080c
-  data.tar.gz: ffff912b548476d593a6e3fc34a9d0ae25fb00d3233d184df48ff7634ae42d0eea0cd38d837d8f37051adc6739437f54440daf97e7d6fc9fc73a8a9569d684e2
+  metadata.gz: 29da581587c411a58073e15611381797eaa99d526e9f18bb4c41c7abf0d21cdce16050bdab6300431e0e65baca48b845dac7bbc9e30b6b5b7d226c1bd6cbffe9
+  data.tar.gz: 7645723fa0cb86dd2b484f8a4e51fdaee78be760a41bb25f6ca60df9c6f174d702cc584e26e4e810819e04af8bd3473b7b88510753961529a3eed04cd361968e

data/.rspec

@@ -1,3 +1,3 @@
---color
---format documentation
---require spec_helper
+--format nested
+--colour
+--drb

data/.travis.yml

@@ -1,8 +1,3 @@
-addons:
-  postgresql: '9.3'
-before_install:
-  # graphviz for yard-metasploit-erd
-  - sudo apt-get install graphviz
 before_script:
   - cp spec/dummy/config/database.yml.travis spec/dummy/config/database.yml
   - bundle exec rake db:setup
@@ -10,4 +5,6 @@ cache: bundler
 language: ruby
 rvm:
   - 2.1
-script: bundle exec rake spec yard
+sudo: false
+addons:
+  postgresql: '9.3'

data/CONTRIBUTING.md

@@ -25,18 +25,19 @@ issue tracking software.
 
 ### `PRERELEASE`
 
-1. Update `PRERELEASE` to match the `SUMMARY` in the branch name.  If you branched from `master`, and [version.rb](lib/metasploit_data_models/version.rb) does not have `PRERELEASE` defined, then adding the following lines after `PATCH`:
+1. Update `PRERELEASE` to match the `SUMMARY` in the branch name.  If you branched from `master`, and [version.rb](lib/metasploit_data_models/version.rb) does not have `PRERELEASE` defined, then adding the following lines after `PATCH`: 
 ```
-# The prerelease version, scoped to the {MAJOR}, {MINOR}, and {PATCH} version number.
+# The prerelease version, scoped to the {PATCH} version number.
 PRERELEASE = '<SUMMARY>'
 ```
 2. `rake spec`
 3.  Verify the specs pass, which indicates that `PRERELEASE` was updated correctly.
 4. Commit the change `git commit -a`
 
+
 ### Your changes
 
-Make your changes or however many commits you like, committing each with `git commit`.
+Make your changes or however many commits you like, commiting each with `git commit`.
 
 ### Pre-Pull Request Testing
 
@@ -45,12 +46,12 @@ Make your changes or however many commits you like, committing each with `git co
 
 ### Push
 
-Push your branch to your fork on github: `git push TYPE/ISSUE/SUMMARY`
+Push your branch to your fork on gitub: `git push push TYPE/ISSUE/SUMMARY`
 
 ### Pull Request
 
 * [Create new Pull Request](https://github.com/rapid7/metasploit_data_models/compare/)
-* Add a Verification Steps to the description comment
+* Add a Verification Steps comment
 
 ```
 # Verification Steps
@@ -61,12 +62,11 @@ Push your branch to your fork on github: `git push TYPE/ISSUE/SUMMARY`
 - [ ] `rake spec`
 - [ ] VERIFY no failures
 ```
-
 You should also include at least one scenario to manually check the changes outside of specs.
 
 * Add a Post-merge Steps comment
 
-The 'Post-merge Steps' are a reminder to the reviewer of the Pull Request of how to update the [`PRERELEASE`](lib/metasploit_data_models/version.rb) so that [version_spec.rb](spec/lib/metasploit_data_models/version.rb_spec.rb) passes on the target branch after the merge.
+The 'Post-merge Steps' are a reminder to the reviewer of the Pull Request of how to update the [`PRERELEASE`](lib/metasploit_data_models/version.rb) so that [version_spec.rb](spec/lib/metasploit_data_models/version_spec.rb) passes on the target branch after the merge.
 
 DESTINATION is the name of the destination branch into which the merge is being made.  SOURCE_SUMMARY is the SUMMARY from TYPE/ISSUE/SUMMARY branch name for the SOURCE branch that is being made.
 
@@ -106,7 +106,7 @@ Perform these steps prior to pushing to DESTINATION or the build will be broke o
 - [ ] Change `PRERELEASE` from `SOURCE_SUMMARY` to `DESTINATION_SUMMARY` to match the branch (DESTINATION) summary (DESTINATION_SUMMARY)
 
 ## Gem build
-- [ ] gem build metasploit_data_models.gemspec
+- [ ] gem build *.gemspec
 - [ ] VERIFY the prerelease suffix has change on the gem.
 
 ## RSpec
@@ -118,5 +118,47 @@ Perform these steps prior to pushing to DESTINATION or the build will be broke o
 - [ ] `git push origin DESTINATION`
 ```
 
-To update the [CHANGELOG.md](CHANGELOG.md) with the merged changes or release the merged code see
-[RELEASING.md](RELEASING.md)
+* Add a 'Release Steps' comment
+
+The 'Release Steps' are a reminder to the reviewer of the Pull Request of how to release the gem.
+
+```
+# Release
+
+Complete these steps on DESTINATION
+
+## Version
+
+### Compatible changes
+
+If the change are compatible with the previous branch's API, then increment [`PATCH`](lib/metasploit_data_models/version.rb).
+
+### Incompatible changes
+
+If your changes are incompatible with the previous branch's API, then increment
+[`MINOR`](lib/metasploit_data_models/version.rb) and reset [`PATCH`](lib/metasploit_data_models/version.rb) to `0`.
+
+- [ ] Following the rules for [semantic versioning 2.0](http://semver.org/spec/v2.0.0.html), update
+[`MINOR`](lib/metasploit_data_models/version.rb) and [`PATCH`](lib/metasploit_data_models/version.rb) and commit the changes.
+
+## JRuby
+- [ ] `rvm use jruby@metasploit_data_models`
+- [ ] `rm Gemfile.lock`
+- [ ] `bundle install`
+- [ ] `rake release`
+
+## MRI Ruby
+- [ ] `rvm use ruby-2.1@metasploit_data_models`
+- [ ] `rm Gemfile.lock`
+- [ ] `bundle install`
+- [ ] `rake release`
+```
+
+### Downstream dependencies
+
+When releasing new versions, the following projects may need to be updated:
+
+* [metasploit-credential](https://github.com/rapid7/metasploit-credential)
+* [metasploit-framework](https://github.com/rapid7/metasploit-framework)
+* [metasploit-pro-ui](https://github.com/rapid7/pro/tree/master/ui)
+* [metasploit-pro-engine](https://github.com/rapid7/pro/tree/master/engine)

data/Gemfile

@@ -3,6 +3,11 @@ source "https://rubygems.org"
 # Specify your gem's dependencies in metasploit_data_models.gemspec
 gemspec
 
+group :development do
+  # embed ERDs on index, namespace Module and Class<ActiveRecord::Base> pages
+  gem 'yard-metasploit-erd', '~> 0.0.2'
+end
+
 # used by dummy application
 group :development, :test do
   # Upload coverage reports to coveralls.io
@@ -27,9 +32,11 @@ group :test do
   gem 'shoulda-matchers'
   # code coverage of tests
   gem 'simplecov', :require => false
+  # @todo Update specs for rspec 3.0.0 compatibility and remove this gem in favor of just rspec-rails
+  gem 'rspec-core', '< 3.0.0'
   # need rspec-rails >= 2.12.0 as 2.12.0 adds support for redefining named subject in nested context that uses the
   # named subject from the outer context without causing a stack overflow.
-  gem 'rspec-rails', '~> 3.2'
+  gem 'rspec-rails', '>= 2.12.0'
   # used for building markup for webpage factories
   gem 'builder'
 end

data/Rakefile

@@ -42,29 +42,6 @@ else
   task :default => :spec
 end
 
-# Use find_all_by_name instead of find_by_name as find_all_by_name will return pre-release versions
-gem_specification = Gem::Specification.find_all_by_name('metasploit-yard').first
-
-if gem_specification
-  Dir[File.join(gem_specification.gem_dir, 'lib', 'tasks', '**', '*.rake')].each do |rake|
-    load rake
-  end
-
-  #
-  # Eager load before yard docs so that ActiveRecord::Base subclasses are loaded for yard-metasploit-erd
-  #
-
-  task 'yard:doc' => :eager_load
-
-  task eager_load: :environment do
-    Rails.application.eager_load!
-  end
-else
-  puts "metasploit-yard not in bundle, so can't setup yard tasks. " \
-       "To run yard ensure to install the development group."
-  print_without = true
-end
-
 if print_without
   puts "Bundle currently installed '--without #{Bundler.settings.without.join(' ')}'."
   puts "To clear the without option do `bundle install --without ''` (the --without flag with an empty string) or " \

data/app/models/mdm/api_key.rb

@@ -1,53 +1,13 @@
-# API key to access the RPC.
 class Mdm::ApiKey < ActiveRecord::Base
   #
-  # Attributes
-  #
-
-  # @!attribute [rw] created_at
-  #   When this API Key was created.
-  #
-  #   @return [DateTime]
-
-  # @!attribute [rw] token
-  #   The API Key to authenicate to the RPC.
-  #
-  #   @return [String]
-
-  # @!attribute [rw] updated_at
-  #   The last time this API Key was updated.
-  #
-  #   @return [DateTime]
-
-  #
-  #
-  # Validations
-  #
-  #
-
-  #
-  # Method Validations
+  # Validators
   #
 
   validate :supports_api
-
-  #
-  # Attribute Validations
-  #
-
   validates :token, :presence => true, :length => { :minimum => 8 }
 
-  #
-  # Instance Methods
-  #
-
   protected
 
-
-  # Validates whether License supports API.
-  #
-  # @return [void]
-  # @todo MSP-2724
   def supports_api
     license = License.get
 

data/app/models/mdm/client.rb

@@ -1,50 +1,10 @@
-# Client used for `report_client` in metasploit-framework Metasploit Modules.
 class Mdm::Client < ActiveRecord::Base
   #
-  # Associations
+  # Relations
   #
-
-  # {Mdm::Host} from which this client connected.
   belongs_to :host,
              class_name: 'Mdm::Host',
              inverse_of: :clients
 
-  #
-  # Attributes
-  #
-
-  # @!attribute created_at
-  #   When this client was created.
-  #
-  #   @return [DateTime]
-
-  # @!attribute updated_at
-  #   When this client was last updated.
-  #
-  #   @return [DateTime]
-
-  #
-  # @!group User Agent
-  #
-
-  # @!attribute ua_name
-  #   Parsed name from {#ua_string user agent string}
-  #
-  #   @return [String]
-
-  # @!attribute ua_string
-  #   Raw user agent string from client browser
-  #
-  #   @return [String]
-
-  # @!attribute ua_ver
-  #   Version of user agent.
-  #
-  #   @return [String]
-
-  #
-  # @!endgroup
-  #
-
   Metasploit::Concern.run(self)
 end

data/app/models/mdm/cred.rb

@@ -1,15 +1,8 @@
-# @deprecated Use metasploit-credential's `Metasploit::Credential::Core`.
-#
-# A credential captured from a {#service}.
 class Mdm::Cred < ActiveRecord::Base
   #
   # CONSTANTS
   #
-
-  # Checks if {#proof} is an SSH Key in {#ssh_key_id}.
   KEY_ID_REGEX = /([0-9a-fA-F:]{47})/
-
-  # Maps {#ptype_human} to {#ptype}.
   PTYPES = {
       'read/write password' => 'password_rw',
       'read-only password' => 'password_ro',
@@ -19,93 +12,35 @@ class Mdm::Cred < ActiveRecord::Base
   }
 
   #
-  #
-  # Associations
-  #
+  # Relations
   #
 
-  # The {Mdm::Service} this Cred is for.
+  # @!attribute [rw] servce
+  #   The service this cred is for
+  #
+  #   @return [Mdm::Service]
   belongs_to :service,
              class_name: 'Mdm::Service',
              inverse_of: :creds
 
-  # Joins {#tasks} to this Cred.
+  # @!attribute [rw] task_creds
+  #   Details about what Tasks touched this cred
+  #
+  #   @return [Array<Mdm::TaskCred>]
   has_many :task_creds,
            class_name: 'Mdm::TaskCred',
            dependent: :destroy,
            inverse_of: :cred
 
+  # @!attribute [rw] tasks
+  #   Tasks that touched this service
   #
-  # through: :task_creds
-  #
-
-  # Tasks that touched this service
+  #   @return [Array<Mdm::Task>]
   has_many :tasks, :through => :task_creds
 
-  #
-  # Attributes
-  #
-
-  # @!attribute active
-  #   Whether the credential is active.
-  #
-  #   @return [false] if a captured credential cannot be used to log into {#service}.
-  #   @return [true] otherwise
-
-  # @!attribute created_at
-  #   When this credential was created.
-  #
-  #   @return [DateTime]
-
-  # @!attribute pass
-  #   Pass of credential.
-  #
-  #   @return [String, nil]
-
-  # @!attribute proof
-  #   Proof of credential capture.
-  #
-  #   @return [String]
-
-  # @!attribute ptype
-  #   Type of {#pass}.
-  #
-  #   @return [String]
-
-  # @!attribute source_id
-  #   Id of source of this credential.
-  #
-  #   @return [Integer, nil]
-
-  # @!attribute source_type
-  #   Type of source with {#source_id}.
-  #
-  #   @return [String, nil]
-
-  # @!attribute updated_at
-  #   The last time this credential was updated.
-  #
-  #   @return [DateTime]
-
-  # @!attribute user
-  #   User name of credential.
-  #
-  #   @return [String, nil]
-
-  #
-  # Callbacks
-  #
-
   after_create :increment_host_counter_cache
   after_destroy :decrement_host_counter_cache
 
-  #
-  # Instance methods
-  #
-
-  # Humanized {#ptype}.
-  #
-  # @return [String, nil]
   def ptype_human
     humanized = PTYPES.select do |k, v|
       v == ptype
@@ -114,24 +49,13 @@ class Mdm::Cred < ActiveRecord::Base
     humanized ? humanized : ptype
   end
 
-  # Returns SSH Key ID.
-  #
-  # @return [String] SSH Key Id if ssh-type key and {#proof} matches {KEY_ID_REGEX}.
-  # @return [nil] otherwise
+  # Returns its key id. If this is not an ssh-type key, returns nil.
   def ssh_key_id
     return nil unless self.ptype =~ /^ssh_/
     return nil unless self.proof =~ KEY_ID_REGEX
     $1.downcase # Can't run into NilClass problems.
   end
 
-  # Returns whether `other`'s SSH private key or public key matches.
-  #
-  # @return [false] if `other` is not same class as `self`.
-  # @return [false] if {#ptype} does not match.
-  # @return [false] if {#ptype} is neither `"ssh_key"` nor `"ssh_pubkey"`.
-  # @return [false] if {#ssh_key_id} is `nil`.
-  # @return [false] if {#ssh_key_id} does not match.
-  # @return [true] if {#ssh_key_id} matches.
   def ssh_key_matches?(other_cred)
     return false unless other_cred.kind_of? self.class
     return false unless self.ptype == other_cred.ptype
@@ -146,16 +70,14 @@ class Mdm::Cred < ActiveRecord::Base
     matches.include?(self) and matches.include?(other_cred)
   end
 
-  # Returns all keys with matching key ids, including itself.
-  #
-  # @return [ActiveRecord::Relation<Mdm::Cred>] ssh_key and ssh_pubkey creds with matching {#ssh_key_id}.
+  # Returns all keys with matching key ids, including itself
+  # If this is not an ssh-type key, always returns an empty array.
   def ssh_keys
     (self.ssh_private_keys | self.ssh_public_keys)
   end
 
-  # Returns all private keys with matching {#ssh_key_id}, including itself.
-  #
-  # @return [ActiveRecord::Relation<Mdm::Cred>] ssh_key creds with matching {#ssh_key_id}.
+  # Returns all private keys with matching key ids, including itself
+  # If this is not an ssh-type key, always returns an empty array.
   def ssh_private_keys
     return [] unless self.ssh_key_id
     matches = self.class.all(
@@ -164,9 +86,8 @@ class Mdm::Cred < ActiveRecord::Base
     matches.select {|c| c.workspace == self.workspace}
   end
 
-  # Returns all public keys with matching {#ssh_key_id}, including itself.
-  #
-  # @return [ActiveRecord::Relation<Mdm::Cred>] ssh_pubkey creds with matching {#ssh_key_id}.
+  # Returns all public keys with matching key ids, including itself
+  # If this is not an ssh-type key, always returns an empty array.
   def ssh_public_keys
     return [] unless self.ssh_key_id
     matches = self.class.all(
@@ -176,29 +97,20 @@ class Mdm::Cred < ActiveRecord::Base
   end
 
   # Returns its workspace
-  #
-  # @return [Mdm::Workspace]
   def workspace
     self.service.host.workspace
   end
 
   private
 
-  # Decrements {Mdm::Host#cred_count}.
-  #
-  # @return [void]
   def decrement_host_counter_cache
     Mdm::Host.decrement_counter("cred_count", self.service.host_id)
   end
 
-  # Increments {Mdm::Host#cred_count}.
-  #
-  # @return [void]
   def increment_host_counter_cache
     Mdm::Host.increment_counter("cred_count", self.service.host_id)
   end
 
-  # Switch back to public for load hooks.
   public
 
   Metasploit::Concern.run(self)