nexpose 7.0.0 → 7.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (53) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +2 -3
  3. data/Gemfile.lock +1 -1
  4. data/lib/nexpose/ajax.rb +12 -16
  5. data/lib/nexpose/alert.rb +20 -21
  6. data/lib/nexpose/api.rb +3 -3
  7. data/lib/nexpose/asset.rb +23 -23
  8. data/lib/nexpose/blackout.rb +6 -14
  9. data/lib/nexpose/common.rb +87 -92
  10. data/lib/nexpose/connection.rb +8 -10
  11. data/lib/nexpose/console.rb +9 -9
  12. data/lib/nexpose/dag.rb +2 -2
  13. data/lib/nexpose/data_table.rb +8 -12
  14. data/lib/nexpose/device.rb +35 -34
  15. data/lib/nexpose/discovery.rb +69 -69
  16. data/lib/nexpose/discovery/filter.rb +7 -8
  17. data/lib/nexpose/engine.rb +22 -21
  18. data/lib/nexpose/error.rb +7 -5
  19. data/lib/nexpose/external.rb +21 -16
  20. data/lib/nexpose/filter.rb +51 -52
  21. data/lib/nexpose/global_blackout.rb +6 -7
  22. data/lib/nexpose/global_settings.rb +2 -3
  23. data/lib/nexpose/group.rb +25 -19
  24. data/lib/nexpose/json_serializer.rb +4 -14
  25. data/lib/nexpose/maint.rb +8 -9
  26. data/lib/nexpose/manage.rb +2 -2
  27. data/lib/nexpose/multi_tenant_user.rb +42 -42
  28. data/lib/nexpose/password_policy.rb +14 -14
  29. data/lib/nexpose/pool.rb +6 -5
  30. data/lib/nexpose/report.rb +30 -34
  31. data/lib/nexpose/report_template.rb +17 -18
  32. data/lib/nexpose/role.rb +64 -55
  33. data/lib/nexpose/scan.rb +77 -60
  34. data/lib/nexpose/scan_template.rb +17 -17
  35. data/lib/nexpose/scheduled_backup.rb +8 -8
  36. data/lib/nexpose/scheduled_maintenance.rb +9 -9
  37. data/lib/nexpose/shared_credential.rb +30 -33
  38. data/lib/nexpose/shared_secret.rb +5 -5
  39. data/lib/nexpose/silo.rb +68 -66
  40. data/lib/nexpose/silo_profile.rb +47 -50
  41. data/lib/nexpose/site.rb +101 -123
  42. data/lib/nexpose/site_credentials.rb +15 -17
  43. data/lib/nexpose/tag.rb +73 -80
  44. data/lib/nexpose/ticket.rb +45 -42
  45. data/lib/nexpose/user.rb +45 -45
  46. data/lib/nexpose/util.rb +1 -1
  47. data/lib/nexpose/version.rb +1 -1
  48. data/lib/nexpose/vuln.rb +45 -43
  49. data/lib/nexpose/vuln_def.rb +7 -7
  50. data/lib/nexpose/vuln_exception.rb +35 -36
  51. data/lib/nexpose/wait.rb +32 -28
  52. data/lib/nexpose/web_credentials.rb +34 -36
  53. metadata +2 -2
@@ -22,7 +22,7 @@ module Nexpose
22
22
  arr
23
23
  end
24
24
 
25
- alias_method :sites, :list_sites
25
+ alias sites list_sites
26
26
 
27
27
  # Delete the specified site and all associated scan data.
28
28
  #
@@ -69,7 +69,7 @@ module Nexpose
69
69
  #
70
70
  def completed_scans(site_id)
71
71
  table = { 'table-id' => 'site-completed-scans' }
72
- data = DataTable._get_json_table(self, "/data/scan/site/#{site_id}", table)
72
+ data = DataTable._get_json_table(self, "/data/scan/site/#{site_id}", table)
73
73
  data.map(&CompletedScan.method(:parse_json))
74
74
  end
75
75
  end
@@ -158,21 +158,21 @@ module Nexpose
158
158
  # @param [String] name Unique name of the site.
159
159
  # @param [String] scan_template_id ID of the scan template to use.
160
160
  def initialize(name = nil, scan_template_id = 'full-audit-without-web-spider')
161
- @name = name
162
- @scan_template_id = scan_template_id
163
- @id = -1
164
- @risk_factor = 1.0
165
- @config_version = 3
166
- @schedules = []
167
- @blackouts = []
161
+ @name = name
162
+ @scan_template_id = scan_template_id
163
+ @id = -1
164
+ @risk_factor = 1.0
165
+ @config_version = 3
166
+ @schedules = []
167
+ @blackouts = []
168
168
  @included_scan_targets = { addresses: [], asset_groups: [] }
169
169
  @excluded_scan_targets = { addresses: [], asset_groups: [] }
170
- @site_credentials = []
171
- @shared_credentials = []
172
- @web_credentials = []
173
- @alerts = []
174
- @users = []
175
- @tags = []
170
+ @site_credentials = []
171
+ @shared_credentials = []
172
+ @web_credentials = []
173
+ @alerts = []
174
+ @users = []
175
+ @tags = []
176
176
  end
177
177
 
178
178
  # Returns the array of included scan target addresses.
@@ -231,23 +231,20 @@ module Nexpose
231
231
  def is_dynamic?
232
232
  !@discovery_config.nil?
233
233
  end
234
+ alias dynamic? is_dynamic?
234
235
 
235
236
  # Adds assets to this site by IP address range.
236
237
  #
237
238
  # @param [String] from Beginning IP address of a range.
238
239
  # @param [String] to Ending IP address of a range.
239
240
  def include_ip_range(from, to)
240
- begin
241
- from_ip = IPAddr.new(from)
242
- to_ip = IPAddr.new(to)
243
- (from_ip..to_ip)
244
- if (from_ip..to_ip).to_a.size == 0
245
- raise 'Invalid IP range specified'
246
- end
247
- @included_scan_targets[:addresses] << IPRange.new(from, to)
248
- rescue ArgumentError => e
249
- raise "#{e.message} in given IP range"
250
- end
241
+ from_ip = IPAddr.new(from)
242
+ to_ip = IPAddr.new(to)
243
+ (from_ip..to_ip)
244
+ raise 'Invalid IP range specified' if (from_ip..to_ip).to_a.size.zero?
245
+ @included_scan_targets[:addresses] << IPRange.new(from, to)
246
+ rescue ArgumentError => e
247
+ raise "#{e.message} in given IP range"
251
248
  end
252
249
 
253
250
  # Remove assets to this site by IP address range.
@@ -255,17 +252,13 @@ module Nexpose
255
252
  # @param [String] from Beginning IP address of a range.
256
253
  # @param [String] to Ending IP address of a range.
257
254
  def remove_included_ip_range(from, to)
258
- begin
259
- from_ip = IPAddr.new(from)
260
- to_ip = IPAddr.new(to)
261
- (from_ip..to_ip)
262
- if (from_ip..to_ip).to_a.size == 0
263
- raise 'Invalid IP range specified'
264
- end
265
- @included_scan_targets[:addresses].reject! { |t| t.eql? IPRange.new(from, to) }
266
- rescue ArgumentError => e
267
- raise "#{e.message} in given IP range"
268
- end
255
+ from_ip = IPAddr.new(from)
256
+ to_ip = IPAddr.new(to)
257
+ (from_ip..to_ip)
258
+ raise 'Invalid IP range specified' if (from_ip..to_ip).to_a.size.zero?
259
+ @included_scan_targets[:addresses].reject! { |t| t.eql? IPRange.new(from, to) }
260
+ rescue ArgumentError => e
261
+ raise "#{e.message} in given IP range"
269
262
  end
270
263
 
271
264
  # Adds an asset to this site included scan targets, resolving whether an IP or hostname is
@@ -291,17 +284,13 @@ module Nexpose
291
284
  # @param [String] from Beginning IP address of a range.
292
285
  # @param [String] to Ending IP address of a range.
293
286
  def exclude_ip_range(from, to)
294
- begin
295
- from_ip = IPAddr.new(from)
296
- to_ip = IPAddr.new(to)
297
- (from_ip..to_ip)
298
- if (from_ip..to_ip).to_a.size == 0
299
- raise 'Invalid IP range specified'
300
- end
301
- @excluded_scan_targets[:addresses] << IPRange.new(from, to)
302
- rescue ArgumentError => e
303
- raise "#{e.message} in given IP range"
304
- end
287
+ from_ip = IPAddr.new(from)
288
+ to_ip = IPAddr.new(to)
289
+ (from_ip..to_ip)
290
+ raise 'Invalid IP range specified' if (from_ip..to_ip).to_a.size.zero?
291
+ @excluded_scan_targets[:addresses] << IPRange.new(from, to)
292
+ rescue ArgumentError => e
293
+ raise "#{e.message} in given IP range"
305
294
  end
306
295
 
307
296
  # Remove assets from this site excluded scan targets by IP address range.
@@ -309,17 +298,13 @@ module Nexpose
309
298
  # @param [String] from Beginning IP address of a range.
310
299
  # @param [String] to Ending IP address of a range.
311
300
  def remove_excluded_ip_range(from, to)
312
- begin
313
- from_ip = IPAddr.new(from)
314
- to_ip = IPAddr.new(to)
315
- (from_ip..to_ip)
316
- if (from_ip..to_ip).to_a.size == 0
317
- raise 'Invalid IP range specified'
318
- end
319
- @excluded_scan_targets[:addresses].reject! { |t| t.eql? IPRange.new(from, to) }
320
- rescue ArgumentError => e
321
- raise "#{e.message} in given IP range"
322
- end
301
+ from_ip = IPAddr.new(from)
302
+ to_ip = IPAddr.new(to)
303
+ (from_ip..to_ip)
304
+ raise 'Invalid IP range specified' if (from_ip..to_ip).to_a.size.zero?
305
+ @excluded_scan_targets[:addresses].reject! { |t| t.eql? IPRange.new(from, to) }
306
+ rescue ArgumentError => e
307
+ raise "#{e.message} in given IP range"
323
308
  end
324
309
 
325
310
  # Adds an asset to this site excluded scan targets, resolving whether an IP or hostname is
@@ -391,7 +376,7 @@ module Nexpose
391
376
  raise 'Invalid user id. A user id must be a positive number and refer to an existing system user.'
392
377
  end
393
378
 
394
- @users << { id: user_id}
379
+ @users << { id: user_id }
395
380
  end
396
381
 
397
382
  def remove_user(user_id)
@@ -427,36 +412,29 @@ module Nexpose
427
412
  end
428
413
 
429
414
  def to_h
430
- included_scan_targets = {
431
- addresses: @included_scan_targets[:addresses].compact,
432
- asset_groups: @included_scan_targets[:asset_groups].compact
433
- }
434
- excluded_scan_targets = {
435
- addresses: @excluded_scan_targets[:addresses].compact,
436
- asset_groups: @excluded_scan_targets[:asset_groups].compact
437
- }
438
-
439
- hash = {
440
- id: @id,
441
- name: @name,
442
- description: @description,
443
- auto_engine_selection_enabled: @auto_engine_selection_enabled,
444
- included_scan_targets: included_scan_targets,
445
- excluded_scan_targets: excluded_scan_targets,
446
- engine_id: @engine_id,
447
- scan_template_id: @scan_template_id,
448
- risk_factor: @risk_factor,
449
- schedules: (@schedules || []).map {|schedule| schedule.to_h},
450
- shared_credentials: (@shared_credentials || []).map {|cred| cred.to_h},
451
- site_credentials: (@site_credentials || []).map {|cred| cred.to_h},
452
- web_credentials: (@web_credentials || []).map {|webCred| webCred.to_h},
453
- discovery_config: @discovery_config.to_h,
454
- search_criteria: @search_criteria.to_h,
455
- tags: (@tags || []).map{|tag| tag.to_h},
456
- alerts: (@alerts || []).map {|alert| alert.to_h },
457
- organization: @organization.to_h,
458
- users: users
459
- }
415
+ included_scan_targets = { addresses: @included_scan_targets[:addresses].compact,
416
+ asset_groups: @included_scan_targets[:asset_groups].compact }
417
+ excluded_scan_targets = { addresses: @excluded_scan_targets[:addresses].compact,
418
+ asset_groups: @excluded_scan_targets[:asset_groups].compact }
419
+ hash = { id: @id,
420
+ name: @name,
421
+ description: @description,
422
+ auto_engine_selection_enabled: @auto_engine_selection_enabled,
423
+ included_scan_targets: included_scan_targets,
424
+ excluded_scan_targets: excluded_scan_targets,
425
+ engine_id: @engine_id,
426
+ scan_template_id: @scan_template_id,
427
+ risk_factor: @risk_factor,
428
+ schedules: (@schedules || []).map(&:to_h),
429
+ shared_credentials: (@shared_credentials || []).map(&:to_h),
430
+ site_credentials: (@site_credentials || []).map(&:to_h),
431
+ web_credentials: (@web_credentials || []).map(&:to_h),
432
+ discovery_config: @discovery_config.to_h,
433
+ search_criteria: @search_criteria.to_h,
434
+ tags: (@tags || []).map(&:to_h),
435
+ alerts: (@alerts || []).map(&:to_h),
436
+ organization: @organization.to_h,
437
+ users: users }
460
438
  # @TODO: Revisit this for 2.0.0 update
461
439
  # Only pass in blackouts if they were actually specified (for backwards compatibility)
462
440
  hash[:blackouts] = @blackouts.map(&:to_h) if @blackouts && @blackouts.any?
@@ -472,7 +450,7 @@ module Nexpose
472
450
  # @return [Site] The requested site, if found.
473
451
  #
474
452
  def self.load(nsc, id)
475
- uri = "/api/2.1/site_configurations/#{id}"
453
+ uri = "/api/2.1/site_configurations/#{id}"
476
454
  resp = AJAX.get(nsc, uri, AJAX::CONTENT_TYPE::JSON)
477
455
  hash = JSON.parse(resp, symbolize_names: true)
478
456
  site = self.json_initializer(hash).deserialize(hash)
@@ -486,19 +464,19 @@ module Nexpose
486
464
  site.excluded_scan_targets[:addresses] = []
487
465
  excluded_addresses.each { |asset| site.exclude_asset(asset) }
488
466
 
489
- site.organization = Organization.create(site.organization)
490
- site.schedules = (hash[:schedules] || []).map {|schedule| Nexpose::Schedule.from_hash(schedule) }
491
- site.blackouts = (hash[:blackouts] || []).map {|blackout| Nexpose::Blackout.from_hash(blackout) }
492
- site.site_credentials = hash[:site_credentials].map {|cred| Nexpose::SiteCredentials.new.object_from_hash(nsc,cred)}
493
- site.shared_credentials = hash[:shared_credentials].map {|cred| Nexpose::SiteCredentials.new.object_from_hash(nsc,cred)}
494
- site.discovery_config = Nexpose::DiscoveryConnection.new.object_from_hash(nsc, hash[:discovery_config]) unless hash[:discovery_config].nil?
495
- site.search_criteria = Nexpose::DiscoveryConnection::Criteria.parseHash(hash[:search_criteria]) unless hash[:search_criteria].nil?
496
- site.alerts = Alert.load_alerts(hash[:alerts])
497
- site.tags = Tag.load_tags(hash[:tags])
498
- site.web_credentials = hash[:web_credentials].map {|webCred| (
499
- webCred[:service] == Nexpose::WebCredentials::WebAppAuthType::HTTP_HEADER ?
500
- Nexpose::WebCredentials::Headers.new(webCred[:name], webCred[:baseURL], webCred[:soft403Pattern], webCred[:id]).object_from_hash(nsc,webCred) :
501
- Nexpose::WebCredentials::HTMLForms.new(webCred[:name], webCred[:baseURL], webCred[:loginURL], webCred[:soft403Pattern], webCred[:id]).object_from_hash(nsc,webCred))}
467
+ site.organization = Organization.create(site.organization)
468
+ site.schedules = (hash[:schedules] || []).map { |schedule| Nexpose::Schedule.from_hash(schedule) }
469
+ site.blackouts = (hash[:blackouts] || []).map { |blackout| Nexpose::Blackout.from_hash(blackout) }
470
+ site.site_credentials = hash[:site_credentials].map { |cred| Nexpose::SiteCredentials.new.object_from_hash(nsc, cred) }
471
+ site.shared_credentials = hash[:shared_credentials].map { |cred| Nexpose::SiteCredentials.new.object_from_hash(nsc, cred) }
472
+ site.discovery_config = Nexpose::DiscoveryConnection.new.object_from_hash(nsc, hash[:discovery_config]) unless hash[:discovery_config].nil?
473
+ site.search_criteria = Nexpose::DiscoveryConnection::Criteria.parseHash(hash[:search_criteria]) unless hash[:search_criteria].nil?
474
+ site.alerts = Alert.load_alerts(hash[:alerts])
475
+ site.tags = Tag.load_tags(hash[:tags])
476
+ site.web_credentials = hash[:web_credentials].map { |web_cred| (
477
+ web_cred[:service] == Nexpose::WebCredentials::WebAppAuthType::HTTP_HEADER ?
478
+ Nexpose::WebCredentials::Headers.new(web_cred[:name], web_cred[:baseURL], web_cred[:soft403Pattern], web_cred[:id]).object_from_hash(nsc, web_cred) :
479
+ Nexpose::WebCredentials::HTMLForms.new(web_cred[:name], web_cred[:baseURL], web_cred[:loginURL], web_cred[:soft403Pattern], web_cred[:id]).object_from_hash(nsc, web_cred)) }
502
480
 
503
481
  site
504
482
  end
@@ -516,8 +494,8 @@ module Nexpose
516
494
  # @return [Site] Site configuration loaded from a Nexpose console.
517
495
  #
518
496
  def self.copy(connection, id)
519
- site = self.load(connection, id)
520
- site.id = -1
497
+ site = self.load(connection, id)
498
+ site.id = -1
521
499
  site.name = "#{site.name} Copy"
522
500
  site
523
501
  end
@@ -536,14 +514,14 @@ module Nexpose
536
514
  resp = AJAX.post(connection, '/api/2.1/site_configurations/', to_json, AJAX::CONTENT_TYPE::JSON)
537
515
  @id = resp.to_i
538
516
  else
539
- resp = AJAX.put(connection, "/api/2.1/site_configurations/#{@id}", to_json, AJAX::CONTENT_TYPE::JSON)
517
+ AJAX.put(connection, "/api/2.1/site_configurations/#{@id}", to_json, AJAX::CONTENT_TYPE::JSON)
540
518
  end
541
519
 
542
520
  # Retrieve the scan engine and shared credentials and add them to the site configuration
543
- site_config = Site.load(connection, @id)
544
- @engine_id = site_config.engine_id
521
+ site_config = Site.load(connection, @id)
522
+ @engine_id = site_config.engine_id
545
523
  @shared_credentials = site_config.shared_credentials
546
- @alerts = site_config.alerts
524
+ @alerts = site_config.alerts
547
525
 
548
526
  @id
549
527
  end
@@ -592,11 +570,11 @@ module Nexpose
592
570
  # Constructor
593
571
  # SiteSummary(id, name, description, riskfactor = 1)
594
572
  def initialize(id, name, description = nil, risk_factor = 1.0, risk_score = 0.0)
595
- @id = id
596
- @name = name
573
+ @id = id
574
+ @name = name
597
575
  @description = description
598
576
  @risk_factor = risk_factor
599
- @risk_score = risk_score
577
+ @risk_score = risk_score
600
578
  end
601
579
  end
602
580
 
@@ -629,7 +607,7 @@ module Nexpose
629
607
  xml.text = @host
630
608
  xml
631
609
  end
632
- alias_method :to_xml_elem, :as_xml
610
+ alias to_xml_elem as_xml
633
611
 
634
612
  def to_xml
635
613
  to_xml_elem.to_s
@@ -670,14 +648,14 @@ module Nexpose
670
648
  # @return [IPRange] an IP address range of one or more addresses.
671
649
  def initialize(from, to = nil)
672
650
  @from = from
673
- @to = to unless from == to
651
+ @to = to unless from == to
674
652
 
675
653
  return unless @to.nil?
676
654
 
677
655
  range = IPAddr.new(@from.to_s).to_range
678
656
  unless range.one?
679
657
  @from = range.first.to_s
680
- @to = range.last.to_s
658
+ @to = range.last.to_s
681
659
  end
682
660
  end
683
661
 
@@ -689,7 +667,7 @@ module Nexpose
689
667
  def size
690
668
  return 1 if @to.nil?
691
669
  from = IPAddr.new(@from)
692
- to = IPAddr.new(@to)
670
+ to = IPAddr.new(@to)
693
671
  (from..to).to_a.size
694
672
  end
695
673
 
@@ -697,10 +675,10 @@ module Nexpose
697
675
 
698
676
  def <=>(other)
699
677
  return 1 unless other.respond_to? :from
700
- from = IPAddr.new(@from)
701
- to = @to.nil? ? from : IPAddr.new(@to)
678
+ from = IPAddr.new(@from)
679
+ to = @to.nil? ? from : IPAddr.new(@to)
702
680
  cf_from = IPAddr.new(other.from)
703
- cf_to = IPAddr.new(other.to.nil? ? other.from : other.to)
681
+ cf_to = IPAddr.new(other.to.nil? ? other.from : other.to)
704
682
  if cf_to < from
705
683
  1
706
684
  elsif to < cf_from
@@ -721,8 +699,8 @@ module Nexpose
721
699
 
722
700
  def include?(single_ip)
723
701
  return false unless single_ip.respond_to? :from
724
- from = IPAddr.new(@from)
725
- to = @to.nil? ? from : IPAddr.new(@to)
702
+ from = IPAddr.new(@from)
703
+ to = @to.nil? ? from : IPAddr.new(@to)
726
704
  other = IPAddr.new(single_ip)
727
705
 
728
706
  if other < from
@@ -743,7 +721,7 @@ module Nexpose
743
721
  xml.add_attributes({ 'from' => @from, 'to' => @to })
744
722
  xml
745
723
  end
746
- alias_method :to_xml_elem, :as_xml
724
+ alias to_xml_elem as_xml
747
725
 
748
726
  def to_xml
749
727
  as_xml.to_s
@@ -49,7 +49,7 @@ module Nexpose
49
49
  attr_accessor :use_windows_auth
50
50
  # sid for oracle
51
51
  attr_accessor :sid
52
- #for ssh public key require pem format private key
52
+ # for ssh public key require pem format private key
53
53
  attr_accessor :pem_format_private_key
54
54
  # for snmp v1/v2
55
55
  attr_accessor :community_name
@@ -71,14 +71,13 @@ module Nexpose
71
71
  unless engine_id
72
72
  engine_id = nsc.engines.detect { |e| e.name == 'Local scan engine' }.id
73
73
  end
74
- @port = Credential::DEFAULT_PORTS[@service] if @port.nil?
74
+ @port = Credential::DEFAULT_PORTS[@service] if @port.nil?
75
75
  parameters = _to_param(target, engine_id, @port, siteid)
76
76
  parameters = JSON.generate(parameters)
77
- resp = JSON.parse(Nexpose::AJAX.post(nsc, '/data/credential/test', parameters, Nexpose::AJAX::CONTENT_TYPE::JSON))
77
+ resp = JSON.parse(Nexpose::AJAX.post(nsc, '/data/credential/test', parameters, Nexpose::AJAX::CONTENT_TYPE::JSON))
78
78
  resp['success'] == 'true'
79
79
  end
80
80
 
81
-
82
81
  def _to_param(target, engine_id, port, siteid)
83
82
  {
84
83
  dev: target,
@@ -100,17 +99,17 @@ module Nexpose
100
99
  }
101
100
  end
102
101
 
103
- #Create a credential object using name, id, description, host and port
102
+ # Create a credential object using name, id, description, host and port
104
103
  def self.for_service(name, id = -1, desc = nil, host = nil, port = nil, service = Credential::Service::CIFS)
105
- cred = new
106
- cred.name = name
107
- cred.id = id.to_i
108
- cred.enabled = true
109
- cred.description = desc
110
- cred.host_restriction = host
111
- cred.port_restriction = port
112
- cred.service = service
113
- cred.scope = Credential::Scope::SITE_SPECIFIC
104
+ cred = new
105
+ cred.name = name
106
+ cred.id = id.to_i
107
+ cred.enabled = true
108
+ cred.description = desc
109
+ cred.host_restriction = host
110
+ cred.port_restriction = port
111
+ cred.service = service
112
+ cred.scope = Credential::Scope::SITE_SPECIFIC
114
113
  cred.permission_elevation_type = Credential::ElevationType::NONE
115
114
  cred
116
115
  end
@@ -123,7 +122,7 @@ module Nexpose
123
122
  # @return [SiteCredential] The requested credential of site, if found.
124
123
  #
125
124
  def self.load(nsc, site_id, credential_id)
126
- uri = "/api/2.1/sites/#{site_id}/credentials/#{credential_id}"
125
+ uri = "/api/2.1/sites/#{site_id}/credentials/#{credential_id}"
127
126
  resp = AJAX.get(nsc, uri, AJAX::CONTENT_TYPE::JSON)
128
127
  hash = JSON.parse(resp, symbolize_names: true)
129
128
  new.object_from_hash(nsc, hash)
@@ -187,8 +186,7 @@ module Nexpose
187
186
  sid: sid,
188
187
  pem_format_private_key: pem_format_private_key,
189
188
  community_name: community_name,
190
- scope: scope
191
- }
189
+ scope: scope }
192
190
  end
193
191
 
194
192
  def ==(other)
@@ -8,13 +8,13 @@ module Nexpose
8
8
  #
9
9
  def tags
10
10
  tag_summary = []
11
- tags = JSON.parse(AJAX.get(self, '/api/2.0/tags', AJAX::CONTENT_TYPE::JSON, { per_page: 2_147_483_647 }))
11
+ tags = JSON.parse(AJAX.get(self, '/api/2.0/tags', AJAX::CONTENT_TYPE::JSON, { per_page: 2_147_483_647 }))
12
12
  tags['resources'].each do |json|
13
13
  tag_summary << TagSummary.parse(json)
14
14
  end
15
15
  tag_summary
16
16
  end
17
- alias_method :list_tags, :tags
17
+ alias list_tags tags
18
18
 
19
19
  # Deletes a tag by ID
20
20
  #
@@ -31,13 +31,13 @@ module Nexpose
31
31
  #
32
32
  def asset_tags(asset_id)
33
33
  tag_summary = []
34
- asset_tag = JSON.parse(AJAX.get(self, "/api/2.0/assets/#{asset_id}/tags", AJAX::CONTENT_TYPE::JSON, { per_page: 2_147_483_647 }))
34
+ asset_tag = JSON.parse(AJAX.get(self, "/api/2.0/assets/#{asset_id}/tags", AJAX::CONTENT_TYPE::JSON, { per_page: 2_147_483_647 }))
35
35
  asset_tag['resources'].select { |r| r['asset_ids'].find { |i| i == asset_id } }.each do |json|
36
36
  tag_summary << TagSummary.parse(json)
37
37
  end
38
38
  tag_summary
39
39
  end
40
- alias_method :list_asset_tags, :asset_tags
40
+ alias list_asset_tags asset_tags
41
41
 
42
42
  # Removes a tag from an asset
43
43
  #
@@ -61,7 +61,7 @@ module Nexpose
61
61
  end
62
62
  tag_summary
63
63
  end
64
- alias_method :list_site_tags, :site_tags
64
+ alias list_site_tags site_tags
65
65
 
66
66
  # Removes a tag from a site
67
67
  #
@@ -85,8 +85,8 @@ module Nexpose
85
85
  end
86
86
  tag_summary
87
87
  end
88
- alias_method :group_tags, :asset_group_tags
89
- alias_method :list_asset_group_tags, :asset_group_tags
88
+ alias group_tags asset_group_tags
89
+ alias list_asset_group_tags asset_group_tags
90
90
 
91
91
  # Removes a tag from an asset_group
92
92
  #
@@ -96,7 +96,7 @@ module Nexpose
96
96
  def remove_tag_from_asset_group(asset_group_id, tag_id)
97
97
  AJAX.delete(self, "/api/2.0/asset_groups/#{asset_group_id}/tags/#{tag_id}")
98
98
  end
99
- alias_method :remove_tag_from_group, :remove_tag_from_asset_group
99
+ alias remove_tag_from_group remove_tag_from_asset_group
100
100
 
101
101
  # Returns the criticality value which takes precedent for an asset
102
102
  #
@@ -123,7 +123,9 @@ module Nexpose
123
123
  attr_accessor :type
124
124
 
125
125
  def initialize(name, type, id)
126
- @name, @type, @id = name, type, id
126
+ @name = name
127
+ @type = type
128
+ @id = id
127
129
  end
128
130
 
129
131
  def self.parse(json)
@@ -154,27 +156,27 @@ module Nexpose
154
156
  # Criticality tag types
155
157
  module Level
156
158
  VERY_HIGH = 'Very High'
157
- HIGH = 'High'
158
- MEDIUM = 'Medium'
159
- LOW = 'Low'
160
- VERY_LOW = 'Very Low'
159
+ HIGH = 'High'
160
+ MEDIUM = 'Medium'
161
+ LOW = 'Low'
162
+ VERY_LOW = 'Very Low'
161
163
  end
162
164
 
163
165
  # Tag types
164
166
  module Generic
165
- CUSTOM = 'CUSTOM'
166
- OWNER = 'OWNER'
167
- LOCATION = 'LOCATION'
167
+ CUSTOM = 'CUSTOM'
168
+ OWNER = 'OWNER'
169
+ LOCATION = 'LOCATION'
168
170
  CRITICALITY = 'CRITICALITY'
169
171
  end
170
172
 
171
173
  module Color
172
- BLUE = "#496a77"
173
- DEFAULT = "#f6f6f6"
174
- GREEN = "#7d8a58"
175
- ORANGE = "#de7200"
176
- PURPLE = "#844f7d"
177
- RED = "#a0392e"
174
+ BLUE = '#496a77'
175
+ DEFAULT = '#f6f6f6'
176
+ GREEN = '#7d8a58'
177
+ ORANGE = '#de7200'
178
+ PURPLE = '#844f7d'
179
+ RED = '#a0392e'
178
180
  end
179
181
  end
180
182
 
@@ -198,26 +200,28 @@ module Nexpose
198
200
 
199
201
  # Array containing Asset Group IDs to be associated with tag
200
202
  attr_accessor :asset_group_ids
201
- alias_method :group_ids, :asset_group_ids
202
- alias_method :group_ids=, :asset_group_ids=
203
+ alias group_ids asset_group_ids
204
+ alias group_ids= asset_group_ids=
203
205
 
204
206
  # A TagCriteria
205
207
  attr_accessor :search_criteria
206
208
 
207
209
  def initialize(name, type, id = -1)
208
- @name, @type, @id = name, type, id
210
+ @name = name
211
+ @type = type
212
+ @id = id
209
213
  @source = 'nexpose-client'
210
- @color = @type == Type::Generic::CUSTOM ? Type::Color::DEFAULT : nil
214
+ @color = @type == Type::Generic::CUSTOM ? Type::Color::DEFAULT : nil
211
215
  end
212
216
 
213
217
  # Set the color but validate it
214
218
  def color=(hex)
215
- valid_colors = Type::Color::constants.map { |c| Type::Color.const_get(c) }
219
+ valid_colors = Type::Color.constants.map { |c| Type::Color.const_get(c) }
216
220
  unless hex.nil? || valid_colors.include?(hex.to_s.downcase)
217
221
  raise ArgumentError, "Unable to set color to an invalid color.\nUse one of #{valid_colors}"
218
- end
222
+ end
219
223
 
220
- @color = hex
224
+ @color = hex
221
225
  end
222
226
 
223
227
  # Create list of tag objects from hash
@@ -233,12 +237,12 @@ module Nexpose
233
237
  # Create tag object from hash
234
238
  def self.create(hash)
235
239
  attributes = hash[:attributes]
236
- color = attributes.find { |attr| attr[:tag_attribute_name] == 'COLOR' }
237
- color = color[:tag_attribute_value] if color
238
- source = attributes.find { |attr| attr[:tag_attribute_name] == 'SOURCE' }
239
- source = source[:tag_attribute_value] if source
240
- tag = Tag.new(hash[:tag_name], hash[:tag_type], hash[:tag_id])
241
- tag.color = color
240
+ color = attributes.find { |attr| attr[:tag_attribute_name] == 'COLOR' }
241
+ color = color[:tag_attribute_value] if color
242
+ source = attributes.find { |attr| attr[:tag_attribute_name] == 'SOURCE' }
243
+ source = source[:tag_attribute_value] if source
244
+ tag = Tag.new(hash[:tag_name], hash[:tag_type], hash[:tag_id])
245
+ tag.color = color
242
246
  tag.source = source
243
247
  tag
244
248
  end
@@ -248,15 +252,9 @@ module Nexpose
248
252
  tag_id: id,
249
253
  tag_name: name,
250
254
  tag_type: type,
251
- attributes:[
252
- {
253
- tag_attribute_name: "COLOR",
254
- tag_attribute_value: color
255
- },
256
- {
257
- tag_attribute_name: "SOURCE",
258
- tag_attribute_value: source
259
- }
255
+ attributes: [
256
+ { tag_attribute_name: 'COLOR', tag_attribute_value: color },
257
+ { tag_attribute_name: 'SOURCE', tag_attribute_value: source }
260
258
  ]
261
259
  }
262
260
  end
@@ -289,18 +287,15 @@ module Nexpose
289
287
  end
290
288
 
291
289
  def to_json
292
- json = {
293
- 'tag_name' => @name,
294
- 'tag_type' => @type,
295
- 'tag_id' => @id,
296
- 'attributes' => [{ 'tag_attribute_name' => 'SOURCE',
297
- 'tag_attribute_value' => @source }],
298
- 'tag_config' => { 'site_ids' => @site_ids,
299
- 'tag_associated_asset_ids' => @associated_asset_ids,
300
- 'asset_group_ids' => @asset_group_ids,
301
- 'search_criteria' => @search_criteria ? @search_criteria.to_h : nil
302
- }
303
- }
290
+ json = { 'tag_name' => @name,
291
+ 'tag_type' => @type,
292
+ 'tag_id' => @id,
293
+ 'attributes' => [{ 'tag_attribute_name' => 'SOURCE',
294
+ 'tag_attribute_value' => @source }],
295
+ 'tag_config' => { 'site_ids' => @site_ids,
296
+ 'tag_associated_asset_ids' => @associated_asset_ids,
297
+ 'asset_group_ids' => @asset_group_ids,
298
+ 'search_criteria' => @search_criteria ? @search_criteria.to_h : nil } }
304
299
  if @type == Type::Generic::CUSTOM
305
300
  json['attributes'] << { 'tag_attribute_name' => 'COLOR', 'tag_attribute_value' => @color }
306
301
  end
@@ -316,25 +311,23 @@ module Nexpose
316
311
  end
317
312
 
318
313
  def self.parse(json)
319
- color = json['attributes'].find { |attr| attr['tag_attribute_name'] == 'COLOR' }
320
- color = color['tag_attribute_value'] if color
321
- source = json['attributes'].find { |attr| attr['tag_attribute_name'] == 'SOURCE' }
322
- source = source['tag_attribute_value'] if source
323
- tag = Tag.new(json['tag_name'], json['tag_type'], json['tag_id'])
324
- tag.color = color
325
- tag.source = source
314
+ color = json['attributes'].find { |attr| attr['tag_attribute_name'] == 'COLOR' }
315
+ color = color['tag_attribute_value'] if color
316
+ source = json['attributes'].find { |attr| attr['tag_attribute_name'] == 'SOURCE' }
317
+ source = source['tag_attribute_value'] if source
318
+ tag = Tag.new(json['tag_name'], json['tag_type'], json['tag_id'])
319
+ tag.color = color
320
+ tag.source = source
326
321
  tag.asset_ids = json['asset_ids']
327
322
  if json['tag_config']
328
- tag.site_ids = json['tag_config']['site_ids']
323
+ tag.site_ids = json['tag_config']['site_ids']
329
324
  tag.associated_asset_ids = json['tag_config']['tag_associated_asset_ids']
330
- tag.asset_group_ids = json['tag_config']['asset_group_ids']
331
- criteria = json['tag_config']['search_criteria']
332
- tag.search_criteria = criteria ? Criteria.parse(criteria) : nil
325
+ tag.asset_group_ids = json['tag_config']['asset_group_ids']
326
+ criteria = json['tag_config']['search_criteria']
327
+ tag.search_criteria = criteria ? Criteria.parse(criteria) : nil
333
328
  end
334
329
  modifier = json['attributes'].find { |attr| attr['tag_attribute_name'] == 'RISK_MODIFIER' }
335
- if modifier
336
- tag.risk_modifier = modifier['tag_attribute_value'].to_i
337
- end
330
+ tag.risk_modifier = modifier['tag_attribute_value'].to_i if modifier
338
331
  tag
339
332
  end
340
333
 
@@ -346,9 +339,9 @@ module Nexpose
346
339
  #
347
340
  def add_to_asset(connection, asset_id)
348
341
  params = to_json_for_add
349
- url = "/api/2.0/assets/#{asset_id}/tags"
350
- uri = AJAX.post(connection, url, params, AJAX::CONTENT_TYPE::JSON)
351
- @id = uri.split('/').last.to_i
342
+ url = "/api/2.0/assets/#{asset_id}/tags"
343
+ uri = AJAX.post(connection, url, params, AJAX::CONTENT_TYPE::JSON)
344
+ @id = uri.split('/').last.to_i
352
345
  end
353
346
 
354
347
  # Adds a tag to a site
@@ -359,9 +352,9 @@ module Nexpose
359
352
  #
360
353
  def add_to_site(connection, site_id)
361
354
  params = to_json_for_add
362
- url = "/api/2.0/sites/#{site_id}/tags"
363
- uri = AJAX.post(connection, url, params, AJAX::CONTENT_TYPE::JSON)
364
- @id = uri.split('/').last.to_i
355
+ url = "/api/2.0/sites/#{site_id}/tags"
356
+ uri = AJAX.post(connection, url, params, AJAX::CONTENT_TYPE::JSON)
357
+ @id = uri.split('/').last.to_i
365
358
  end
366
359
 
367
360
  # Adds a tag to an asset group
@@ -372,11 +365,11 @@ module Nexpose
372
365
  #
373
366
  def add_to_group(connection, group_id)
374
367
  params = to_json_for_add
375
- url = "/api/2.0/asset_groups/#{group_id}/tags"
376
- uri = AJAX.post(connection, url, params, AJAX::CONTENT_TYPE::JSON)
377
- @id = uri.split('/').last.to_i
368
+ url = "/api/2.0/asset_groups/#{group_id}/tags"
369
+ uri = AJAX.post(connection, url, params, AJAX::CONTENT_TYPE::JSON)
370
+ @id = uri.split('/').last.to_i
378
371
  end
379
- alias_method :add_to_asset_group, :add_to_group
372
+ alias add_to_asset_group add_to_group
380
373
 
381
374
  private
382
375