nexpose 0.2.8 → 0.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -1,325 +0,0 @@
1
- module Nexpose
2
- module NexposeAPI
3
- include XMLUtils
4
-
5
- # Removes a scan engine from the list of available engines.
6
- def delete_engine(engine_id)
7
- xml = make_xml('EngineDeleteRequest', {'engine-id' => engine_id})
8
- execute(xml, '1.2')
9
- end
10
-
11
- # Provide a list of current scan activities for a specific Scan Engine.
12
- #
13
- # @return [Array[ScanSummary]] Array of ScanSummary objects associated with
14
- # each active scan on the engine.
15
- #
16
- def engine_activity(engine_id)
17
- xml = make_xml('EngineActivityRequest', {'engine-id' => engine_id})
18
- r = execute(xml)
19
- arr = []
20
- if r.success
21
- r.res.elements.each('//ScanSummary') do |scan_event|
22
- arr << ScanSummary.parse(scan_event)
23
- end
24
- end
25
- arr
26
- end
27
-
28
- # Retrieve a list of all Scan Engines managed by the Security Console.
29
- #
30
- # @return [Array[EngineSummary]] Array of EngineSummary objects associated with
31
- # each engine associated with this security console.
32
- #
33
- def list_engines
34
- response = execute(make_xml('EngineListingRequest'))
35
- arr = []
36
- if response.success
37
- response.res.elements.each('//EngineSummary') do |engine|
38
- arr << EngineSummary.new(engine.attributes['id'].to_i,
39
- engine.attributes['name'],
40
- engine.attributes['address'],
41
- engine.attributes['port'].to_i,
42
- engine.attributes['status'])
43
- end
44
- end
45
- arr
46
- end
47
-
48
- alias_method :engines, :list_engines
49
- end
50
-
51
- # Object representing the current details of a scan engine attached to the security console.
52
- #
53
- class EngineSummary
54
-
55
- # A unique ID that identifies this scan engine.
56
- attr_reader :id
57
- # The name of this scan engine.
58
- attr_reader :name
59
- # The hostname or IP address of the engine.
60
- attr_reader :address
61
- # The port there the engine is listening.
62
- attr_reader :port
63
- # The engine status. One of: active|pending-auth|incompatible|not-responding|unknown
64
- attr_reader :status
65
- # A parameter that specifies whether the engine has a global
66
- # or silo-specific scope.
67
- attr_reader :scope
68
-
69
- def initialize(id, name, address, port, status, scope = 'silo')
70
- @id = id
71
- @name = name
72
- @address = address
73
- @port = port
74
- @status = status
75
- @scope = scope
76
- end
77
- end
78
-
79
- #-------------------------------------------------------------------------------------------------------------------
80
- #
81
- #-------------------------------------------------------------------------------------------------------------------
82
- class EngineConfig
83
- attr_accessor :id
84
- attr_accessor :address
85
- attr_accessor :name
86
- attr_accessor :port
87
- attr_accessor :scope
88
- attr_accessor :priority
89
-
90
- # An array of site IDs. Currently do not support 'name' value,
91
- # which is optional in the API.
92
- attr_accessor :sites
93
-
94
- def initialize(connection, id = -1)
95
- @connection = connection
96
- @id = id
97
- @address = nil
98
- @name = nil
99
- @port = 40814
100
- @scope = 'silo'
101
- @priority = 'normal'
102
- @sites = []
103
-
104
- # If valid ID provided, retrieve data from server.
105
- if id > 0
106
- xml = '<EngineConfigRequest session-id="' + @connection.session_id + '"'
107
- xml << %Q{ engine-id="#{id}"}
108
- xml << ' />'
109
- r = @connection.execute(xml, '1.2')
110
-
111
- if r.success
112
- r.res.elements.each('EngineConfigResponse/EngineConfig') do |v|
113
- @id = v.attributes['id']
114
- @address = v.attributes['address']
115
- @name = v.attributes['name']
116
- @port = v.attributes['port']
117
- @scope = v.attributes['scope']
118
- v.elements.each('Site') do |s|
119
- @sites << s.attributes['id']
120
- end
121
- end
122
- else
123
- @error = true
124
- @error_msg = 'EngineConfigRequest Parse Error'
125
- end
126
- end
127
- end
128
-
129
- def add_site(site_id)
130
- sites << site_id
131
- end
132
-
133
- def to_xml
134
- xml = '<EngineConfig'
135
- xml << %Q{ id="#{id}"}
136
- xml << %Q{ address="#{address}"}
137
- xml << %Q{ name="#{name}"}
138
- xml << %Q{ port="#{port}"}
139
- xml << %Q{ scope="#{scope}"}
140
- xml << %Q{ priority="#{priority}"} if (priority)
141
- xml << '>'
142
- sites.each do |site|
143
- xml << %Q{<Site id="#{site}" />}
144
- end
145
- xml << '</EngineConfig>'
146
- xml
147
- end
148
-
149
- # Save this engine configuration
150
- # Example usage:
151
- # engine = EngineConfig.new(@nsc)
152
- # engine.address = 'atlanta.company.com'
153
- # engine.name = 'Atlanta Engine'
154
- # engine.save()
155
- def save
156
- xml = '<EngineSaveRequest session-id="' + @connection.session_id + '">'
157
- xml << to_xml
158
- xml << '</EngineSaveRequest>'
159
-
160
- r = @connection.execute(xml, '1.2')
161
- if r.success
162
- r.res.elements.each('EngineSaveResponse/EngineConfig') do |v|
163
- return @id = v.attributes['id']
164
- end
165
- else (r.success)
166
- @error = true
167
- @error_msg = 'EngineSaveRequest Parse Error'
168
- end
169
- end
170
-
171
- def delete
172
- @connection.delete_engine(@id)
173
- end
174
- end
175
-
176
- # Core objects for creating an engine pool
177
- # Example usage:
178
- # pool = EnginePool.new('East Coast Pool')
179
- # pool.add('New York Engine')
180
- # pool.add('Georgia Engine')
181
- # pool.create(@nsc)
182
- class EnginePool
183
- attr_accessor :id
184
- attr_accessor :name
185
- attr_accessor :scope
186
- # Array containing (EngineSummary*)
187
- attr_accessor :engines
188
-
189
- def initialize(name, id = -1, scope = 'silo')
190
- @name = name
191
- @id = id
192
- @scope = scope
193
- @engines = []
194
- end
195
-
196
- # Add an engine to the pool by name (not ID).
197
- # Only use this for creating pools.
198
- def add(engine)
199
- @engines << EngineSummary.new(-1, engine, 'nowhere', 40814, 'unknown')
200
- end
201
-
202
- # Creates a new engine pool, and adds scan engines to the pool.
203
- def create(connection)
204
- xml = '<EnginePoolCreateRequest session-id="' + connection.session_id + '">'
205
- xml << %Q{<EnginePool name="#{@name}" scope="#{@scope}">}
206
- @engines.each do |engine|
207
- xml << %Q{<Engine name="#{engine.name}" />}
208
- end
209
- xml << '</EnginePool>'
210
- xml << '</EnginePoolCreateRequest>'
211
-
212
- r = connection.execute(xml, '1.2')
213
- if r.success
214
- r.res.elements.each('EnginePoolCreateResponse') do |v|
215
- @id = v.attributes['id']
216
- end
217
- else
218
- @error = true
219
- @error_msg = 'EnginePoolCreateResponse Parse Error'
220
- end
221
- end
222
-
223
- # Deletes an engine pool
224
- def delete(connection)
225
- xml = '<EnginePoolDeleteRequest session-id="' + connection.session_id + '">'
226
- xml << %Q{<EnginePool name="#{@name}" scope="#{@scope}" />}
227
- xml << '</EnginePoolDeleteRequest>'
228
-
229
- r = connection.execute(xml, '1.2')
230
- unless r.success
231
- @error = true
232
- @error_msg = 'EnginePoolDeleteResponse Parse Error'
233
- end
234
- end
235
-
236
- # Updates a specific role with new information. An EnginePoolUpdate is
237
- # similar to an EnginePoolCreate, except that an EnginePoolUpdate replaces
238
- # any previously existing information with the new information specified in
239
- # the EnginePoolUpdateRequest.
240
- def update(connection)
241
- xml = '<EnginePoolUpdateRequest session-id="' + connection.session_id + '">'
242
- xml << %Q{<EnginePool id="#{@id}" name="#{@name}" scope="#{@scope}">}
243
- @engines.each do |engine|
244
- xml << %Q{<Engine name="#{engine.name}" />}
245
- end
246
- xml << '</EnginePool>'
247
- xml << '</EnginePoolUpdateRequest>'
248
-
249
- r = connection.execute(xml, '1.2')
250
- if r.success
251
- r.res.elements.each('EnginePoolUpdateResponse') do |v|
252
- @id = v.attributes['id']
253
- end
254
- else
255
- @error = true
256
- @error_msg = 'EnginePoolCreateResponse Parse Error'
257
- end
258
- end
259
-
260
- # Returns detailed information about a single engine pool.
261
- def load_details(connection)
262
- xml = '<EnginePoolDetailsRequest session-id="' + connection.session_id + '">'
263
- xml << %Q{<EnginePool name="#{@name}" scope="#{@scope}" />}
264
- xml << '</EnginePoolDetailsRequest>'
265
-
266
- r = connection.execute(xml, '1.2')
267
- if r.success
268
- r.res.elements.each('EnginePoolDetailsResponse/EnginePool') do |pool|
269
- @id = pool.attributes['id']
270
- @name = pool.attributes['name']
271
- @scope = pool.attributes['scope']
272
- @engines = []
273
- r.res.elements.each('EnginePoolDetailsResponse/EnginePool/EngineSummary') do |summary|
274
- @engines.push(EngineSummary.new(summary.attributes['id'].to_i,
275
- summary.attributes['name'],
276
- summary.attributes['address'],
277
- summary.attributes['port'].to_i,
278
- summary.attributes['status'],
279
- summary.attributes['scope']))
280
- end
281
- end
282
- else
283
- @error = true
284
- @error_msg = 'EnginePoolListingResponse Parse Error'
285
- end
286
- end
287
-
288
- def to_s
289
- "Engine Pool: #{@name} [ID: #{@id}], Scope: #{@scope}\n" + @engines.map { |engine| " #{engine}" }.join("\n")
290
- end
291
- end
292
-
293
- # A summary of an engine pool.
294
- class EnginePoolSummary
295
- attr_reader :id
296
- attr_reader :name
297
- attr_reader :scope
298
-
299
- def initialize(id, name, scope = 'silo')
300
- @id = id
301
- @name = name
302
- @scope = scope
303
- end
304
-
305
- def to_s
306
- "Engine Pool: #{@name} [ID: #{@id}], scope: #{@scope}"
307
- end
308
-
309
- # Returns a summary list of all engine pools.
310
- def self.listing(connection)
311
- xml = '<EnginePoolListingRequest session-id="' + connection.session_id + '" />'
312
- r = connection.execute(xml, '1.2')
313
- if r.success
314
- list = []
315
- r.res.elements.each('EnginePoolListingResponse/EnginePoolSummary') do |eps|
316
- list << EnginePoolSummary.new(eps.attributes['id'], eps.attributes['name'], eps.attributes['scope'])
317
- end
318
- list
319
- else
320
- @error = true
321
- @error_msg = 'EnginePoolListingResponse Parse Error'
322
- end
323
- end
324
- end
325
- end