RubyGems - nexpose - Versions diffs - 0.0.96 → 0.0.97 - Mend

nexpose 0.0.96 → 0.0.97

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

data/lib/nexpose.rb CHANGED Viewed

@@ -55,6 +55,7 @@ require 'uri'
 require 'rex/mime'
 require 'nexpose/error'
 require 'nexpose/util'
+require 'nexpose/user'
 require 'nexpose/api_request'
 require 'nexpose/misc'
 require 'nexpose/report'

data/lib/nexpose/site.rb CHANGED Viewed

@@ -632,7 +632,7 @@ module Nexpose
 				r = @connection.execute('<SiteDeviceListingRequest session-id="' + connection.session_id + '" site-id="' + "#{@site_id}" + '"/>')
         if r.success
           r.res.elements.each('SiteDeviceListingResponse/SiteDevices/device') do |d|
-            @devices.push(Device.new(d.attrubytes['id'], @site_id, d.attributes["address"], d.attributes["riskfactor"], d.attributes["riskscore"]))
+            @devices.push(Device.new(d.attributes['id'], @site_id, d.attributes["address"], d.attributes["riskfactor"], d.attributes["riskscore"]))
           end
         end
 			else

data/lib/nexpose/user.rb ADDED Viewed

@@ -0,0 +1,221 @@
+module Nexpose
+  # Summary only returned by API when issuing a listing request.
+  class UserSummary
+    attr_reader :id, :auth_source, :auth_module, :user_name, :full_name, :email
+    attr_reader :is_admin, :is_disabled, :is_locked, :site_count, :group_count
+    def initialize(id, auth_source, auth_module, user_name, full_name, email, is_admin, is_disabled, is_locked, site_count, group_count)
+      @id = id
+      @auth_source = auth_source
+      @auth_module = auth_module
+      @user_name = user_name
+      @full_name = full_name
+      @email = email
+      @is_admin = is_admin
+      @is_disabled = is_disabled
+      @is_locked = is_locked
+      @site_count = site_count
+      @group_count = group_count
+    end
+    def to_s
+      out = "#{@user_name} (#{@full_name}) [ID: #{@id}]"
+      out << " e-mail: #{@email}" unless @email.empty?
+      out << " Administrator" if @is_admin
+      out << " Disabled" if @is_disabled
+      out << " Locked" if @is_locked
+      out << ", sites: #{@site_count}"
+      out << ", groups: #{@group_count}"
+    end
+    # Provide a list of user accounts and information about those accounts.
+    def self.listing(connection)
+      xml = '<UserListingRequest session-id="' + connection.session_id + '" />'
+      r = connection.execute(xml, '1.1')
+      if r.success
+        res = []
+        r.res.elements.each('UserListingResponse/UserSummary') do |summary|
+          res << UserSummary.new(
+            summary.attributes['id'].to_i,
+            summary.attributes['authSource'],
+            summary.attributes['authModule'],
+            summary.attributes['userName'],
+            summary.attributes['fullName'],
+            summary.attributes['email'],
+            summary.attributes['administrator'].to_s.chomp.eql?('1'),
+            summary.attributes['disabled'].to_s.chomp.eql?('1'),
+            summary.attributes['locked'].to_s.chomp.eql?('1'),
+            summary.attributes['siteCount'].to_i,
+            summary.attributes['groupCount'].to_i)
+        end
+        res
+      else
+        false
+      end
+    end
+    # Retrieve the User ID based upon the user's login name.
+    def self.get_user_id(connection, user_name)
+      xml = '<UserListingRequest session-id="' + connection.session_id + '" />'
+      r = connection.execute(xml, '1.1')
+      if r.success
+        r.res.elements.each('UserListingResponse/UserSummary') do |user|
+          return user.attributes['id'] if user_name.eql? user.attributes['userName']
+        end
+      end
+      return -1
+    end
+  end
+  class UserConfig
+    # user id, set to -1 to create a new user
+    attr_reader :id
+    # valid roles: global-admin|security-manager|site-admin|system-admin|user|custom
+    attr_accessor :role_name
+    # Required fields
+    attr_reader :name
+    attr_accessor :full_name
+    # Will default to XML (1) for global-admin, Data Source (2) otherwise,
+    # but caller can override (e.g., using LDAP authenticator).
+    attr_accessor :authsrcid
+    # Optional fields
+    attr_accessor :email, :password, :sites, :groups
+    # 1 to enable this user, 0 to disable
+    attr_accessor :enabled
+    # Boolean values
+    attr_accessor :all_sites, :all_groups
+    def initialize(name, full_name, password, role_name = 'user', id = -1, enabled = 1, email = nil, all_sites = false, all_groups = false)
+      @name = name
+      @password = password
+      @role_name = role_name
+      @authsrcid = ('global-admin'.eql? @role_name) ? '1' : '2'
+      @id = id
+      @enabled = enabled
+      @full_name = full_name
+      @email = email
+      @all_sites = all_sites || role_name == 'global-admin'
+      @all_groups = all_groups || role_name == 'global-admin'
+      @sites = []
+      @groups = []
+    end
+    def to_s
+      out = "#{@user_name} (#{@full_name}) [ID: #{@id}, Role: #{@role_name}]"
+      out << " Disabled" unless @enabled
+      out << " All-Sites" if @all_sites
+      out << " All-Groups" if @all_groups
+      out << " e-mail: #{@email}" unless @email.nil? || @email.empty?
+      out
+    end
+    def to_xml
+      xml = "<UserConfig"
+      xml << %Q{ id="#{@id}"}
+      xml << %Q{ authsrcid="#{@authsrcid}"}
+      xml << %Q{ name="#{@name}"}
+      xml << %Q{ fullname="#{@full_name}"}
+      xml << %Q{ role-name="#{@role_name}"}
+      xml << %Q{ password="#{@password}"} if @password
+      xml << %Q{ email="#{@email}"} if @email
+      xml << %Q{ enabled="#{@enabled}"}
+      # These two fields are keying off role_name to work around a defect.
+      xml << %Q{ allGroups="#{@all_groups || @role_name == 'global-admin'}"}
+      xml << %Q{ allSites="#{@all_sites || @role_name == 'global-admin'}"}
+      xml << ">"
+      @sites.each do |site|
+        xml << %Q{<site id="#{site}" />}
+      end
+      @groups.each do |group|
+        xml << %Q{<group id="#{group}" />}
+      end
+      xml << '</UserConfig>'
+    end
+    # Save a user configuration. Returns the (new) user ID if successful.
+    def save(connection)
+      xml = '<UserSaveRequest session-id="' + connection.session_id + '">'
+      xml << to_xml
+      xml << '</UserSaveRequest>'
+      r = connection.execute(xml, '1.1')
+      if r.success
+        res = []
+        r.res.elements.each('UserSaveResponse') do |attr|
+          @id = attr.attributes['id'].to_i
+        end
+        @id
+      else
+        -1
+      end
+    end
+    # Issue a UserConfigRequest to load an existing UserConfig from Nexpose.
+    def self.load(connection, user_id)
+      xml = '<UserConfigRequest session-id="' + connection.session_id + '"'
+      xml << %Q{ id="#{user_id}"}
+      xml << ' />'
+      r = connection.execute(xml, '1.1')
+      if r.success
+        r.res.elements.each('UserConfigResponse/UserConfig') do |config|
+          id = config.attributes['id']
+          role_name = config.attributes['role-name']
+          authsrcid = config.attributes['authsrcid']
+          name = config.attributes['name']
+          fullname = config.attributes['fullname']
+          email = config.attributes['email']
+          password = config.attributes['password']
+          enabled = config.attributes['enabled'].to_i
+          all_sites = config.attributes['allSites'] == 'true' ? true : false
+          all_groups = config.attributes['allGroups'] == 'true' ? true : false
+          # Not trying to load sites and groups.
+          # Looks like API currently doesn't return that info to load.
+          return UserConfig.new(name, fullname, password, role_name, id, enabled, email, all_sites, all_groups)
+        end
+      end
+    end
+    # Delete a user account.
+    def self.delete(connection, user_id)
+      xml = '<UserDeleteRequest session-id="' + connection.session_id + '"'
+      xml << %Q{ id="#{user_id}"}
+      xml << ' />'
+      r = connection.execute(xml, '1.1')
+      if r.success
+        r.res.elements.each('UserConfigResponse/UserConfig') do |config|
+          '1'.eql? config.attributes['id']
+        end
+      end
+    end
+    # Delete the user account associated with this object.
+    def delete(connection)
+      UserConfig.delete(connection, @id)
+    end
+  end
+  class UserAuthenticator
+    attr_reader :id, :auth_source, :auth_module, :external
+    def initialize(id, auth_module, auth_source, external = false)
+      @id = id
+      @auth_source = auth_source
+      @auth_module = auth_module
+      @external = external
+    end
+    # Provide a list of user authentication sources.
+    # * *Returns* : An array of known user authenticator sources.
+    def self.list(connection)
+      r = connection.execute('<UserAuthenticatorListingRequest session-id="' + connection.session_id + '" />', '1.1')
+      if r.success
+        modules = []
+        r.res.elements.each('UserAuthenticatorListingResponse/AuthenticatorSummary') do |summary|
+          modules << UserAuthenticator.new(summary.attributes['id'], summary.attributes['authModule'], summary.attributes['authSource'], ('1'.eql? summary.attributes['external']))
+        end
+        modules
+      end
+    end
+  end
+end

data/nexpose.gemspec CHANGED Viewed

@@ -2,7 +2,7 @@
 Gem::Specification.new do |s|
 	s.name                  = "nexpose"
-	s.version               = "0.0.96"
+	s.version               = "0.0.97"
 	s.homepage              = "https://github.com/rapid7/nexpose-client"
 	s.summary               = "Ruby API for Rapid7 NeXpose"
 	s.description           = "This gem provides a Ruby API to the NeXpose vulnerability management product by Rapid7."

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: nexpose
 version: !ruby/object:Gem::Version
-  version: 0.0.96
+  version: 0.0.97
   prerelease:
 platform: ruby
 authors:
@@ -10,11 +10,11 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2012-05-30 00:00:00.000000000Z
+date: 2012-07-13 00:00:00.000000000Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: librex
-  requirement: &27775368 !ruby/object:Gem::Requirement
+  requirement: &26808912 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -22,10 +22,10 @@ dependencies:
         version: 0.0.32
   type: :runtime
   prerelease: false
-  version_requirements: *27775368
+  version_requirements: *26808912
 - !ruby/object:Gem::Dependency
   name: rex
-  requirement: &27775092 !ruby/object:Gem::Requirement
+  requirement: &26808636 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -33,7 +33,7 @@ dependencies:
         version: 1.0.2
   type: :runtime
   prerelease: false
-  version_requirements: *27775092
+  version_requirements: *26808636
 description: This gem provides a Ruby API to the NeXpose vulnerability management
   product by Rapid7.
 email:
@@ -59,6 +59,7 @@ files:
 - lib/nexpose/silo.rb
 - lib/nexpose/site.rb
 - lib/nexpose/ticket.rb
+- lib/nexpose/user.rb
 - lib/nexpose/util.rb
 - lib/nexpose/vuln.rb
 - lib/nexpose.rb