nexpose 7.0.1 → 7.3.0

data/COPYING

@@ -1,6 +1,6 @@
 BSD 3-Clause License
 
-Copyright (c) 2014-2017, Rapid7, Inc.
+Copyright (c) 2014-2018, Rapid7, Inc.
 All rights reserved.
 
 Redistribution and use in source and binary forms, with or without

data/Gemfile.lock

@@ -1,103 +1,114 @@
 PATH
   remote: .
   specs:
-    nexpose (7.0.1)
+    nexpose (7.3.0)
 
 GEM
   remote: https://rubygems.org/
   specs:
-    activesupport (4.2.8)
-      i18n (~> 0.7)
-      minitest (~> 5.1)
-      thread_safe (~> 0.3, >= 0.3.4)
-      tzinfo (~> 1.1)
-    addressable (2.5.1)
-      public_suffix (~> 2.0, >= 2.0.2)
-    ast (2.3.0)
+    activesupport (6.1.1)
+      concurrent-ruby (~> 1.0, >= 1.0.2)
+      i18n (>= 1.6, < 2)
+      minitest (>= 5.1)
+      tzinfo (~> 2.0)
+      zeitwerk (~> 2.3)
+    addressable (2.7.0)
+      public_suffix (>= 2.0.2, < 5.0)
+    ast (2.4.1)
     codeclimate-test-reporter (0.4.8)
       simplecov (>= 0.7.1, < 1.0.0)
-    coderay (1.1.1)
-    crack (0.4.3)
-      safe_yaml (~> 1.0.0)
-    diff-lcs (1.3)
+    coderay (1.1.3)
+    concurrent-ruby (1.1.7)
+    crack (0.4.5)
+      rexml
+    diff-lcs (1.4.4)
     docile (1.1.5)
-    faraday (0.12.0.1)
+    faraday (1.3.0)
+      faraday-net_http (~> 1.0)
       multipart-post (>= 1.2, < 3)
-    faraday-http-cache (2.0.0)
-      faraday (~> 0.8)
-    github_changelog_generator (1.14.3)
+      ruby2_keywords
+    faraday-http-cache (2.2.0)
+      faraday (>= 0.8)
+    faraday-net_http (1.0.1)
+    github_changelog_generator (1.15.2)
       activesupport
       faraday-http-cache
       multi_json
       octokit (~> 4.6)
-      rainbow (>= 2.1)
+      rainbow (>= 2.2.1)
       rake (>= 10.0)
-      retriable (~> 2.1)
-    i18n (0.8.1)
-    method_source (0.8.2)
-    minitest (5.10.1)
-    multi_json (1.12.1)
-    multipart-post (2.0.0)
-    octokit (4.7.0)
+      retriable (~> 3.0)
+    i18n (1.8.7)
+      concurrent-ruby (~> 1.0)
+    method_source (0.9.2)
+    minitest (5.14.3)
+    multi_json (1.15.0)
+    multipart-post (2.1.1)
+    octokit (4.20.0)
+      faraday (>= 0.9)
       sawyer (~> 0.8.0, >= 0.5.3)
-    parallel (1.12.0)
-    parser (2.4.0.0)
-      ast (~> 2.2)
-    powerpack (0.1.1)
+    parallel (1.20.1)
+    parser (3.0.0.0)
+      ast (~> 2.4.1)
     pry (0.9.12.6)
       coderay (~> 1.0)
       method_source (~> 0.8)
       slop (~> 3.4)
-    public_suffix (2.0.5)
-    rainbow (2.2.2)
-      rake
-    rake (12.0.0)
-    retriable (2.1.0)
-    rspec (3.6.0)
-      rspec-core (~> 3.6.0)
-      rspec-expectations (~> 3.6.0)
-      rspec-mocks (~> 3.6.0)
-    rspec-core (3.6.0)
-      rspec-support (~> 3.6.0)
-    rspec-expectations (3.6.0)
+    public_suffix (4.0.6)
+    rainbow (3.0.0)
+    rake (13.0.3)
+    regexp_parser (2.0.3)
+    retriable (3.1.2)
+    rexml (3.2.4)
+    rspec (3.10.0)
+      rspec-core (~> 3.10.0)
+      rspec-expectations (~> 3.10.0)
+      rspec-mocks (~> 3.10.0)
+    rspec-core (3.10.1)
+      rspec-support (~> 3.10.0)
+    rspec-expectations (3.10.1)
       diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.6.0)
-    rspec-mocks (3.6.0)
+      rspec-support (~> 3.10.0)
+    rspec-mocks (3.10.1)
       diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.6.0)
-    rspec-support (3.6.0)
-    rubocop (0.49.1)
+      rspec-support (~> 3.10.0)
+    rspec-support (3.10.1)
+    rubocop (1.8.1)
       parallel (~> 1.10)
-      parser (>= 2.3.3.1, < 3.0)
-      powerpack (~> 0.1)
-      rainbow (>= 1.99.1, < 3.0)
+      parser (>= 3.0.0.0)
+      rainbow (>= 2.2.2, < 4.0)
+      regexp_parser (>= 1.8, < 3.0)
+      rexml
+      rubocop-ast (>= 1.2.0, < 2.0)
       ruby-progressbar (~> 1.7)
-      unicode-display_width (~> 1.0, >= 1.0.1)
-    ruby-progressbar (1.8.1)
-    safe_yaml (1.0.4)
-    sawyer (0.8.1)
-      addressable (>= 2.3.5, < 2.6)
-      faraday (~> 0.8, < 1.0)
+      unicode-display_width (>= 1.4.0, < 3.0)
+    rubocop-ast (1.4.0)
+      parser (>= 2.7.1.5)
+    ruby-progressbar (1.11.0)
+    ruby2_keywords (0.0.2)
+    sawyer (0.8.2)
+      addressable (>= 2.3.5)
+      faraday (> 0.8, < 2.0)
     simplecov (0.9.2)
       docile (~> 1.1.0)
       multi_json (~> 1.0)
       simplecov-html (~> 0.9.0)
     simplecov-html (0.9.0)
     slop (3.6.0)
-    thread_safe (0.3.6)
-    tzinfo (1.2.3)
-      thread_safe (~> 0.1)
-    unicode-display_width (1.3.0)
+    tzinfo (2.0.4)
+      concurrent-ruby (~> 1.0)
+    unicode-display_width (2.0.0)
     vcr (2.9.3)
     webmock (1.20.4)
       addressable (>= 2.3.6)
       crack (>= 0.3.2)
+    zeitwerk (2.4.2)
 
 PLATFORMS
   ruby
 
 DEPENDENCIES
-  bundler (~> 1.3)
+  bundler
   codeclimate-test-reporter (~> 0.4.6)
   github_changelog_generator
   nexpose!
@@ -110,4 +121,4 @@ DEPENDENCIES
   webmock (~> 1.20.4)
 
 BUNDLED WITH
-   1.15.0
+   1.17.3

data/README.markdown

@@ -1,5 +1,10 @@
+# DEPRECATED
+The [RESTful API for the Nexpose/InsightVM Security Console](https://help.rapid7.com/insightvm/en-us/api/index.html) has rendered this library obsolete. If you require a Ruby library for that API you can use a [generated client](https://github.com/rapid7/vm-console-client-ruby). Clients for other languages can be generated from the Swagger specification. Note that generated clients are not officially supported or maintained by Rapid7.
+
+While this project is no longer under active development, it is still maintained by Rapid7 for internal testing needs. Pull requests will continue to be reviewed and accepted, and new versions published as requested.
+
 # Nexpose-Client
-[![Gem Version](https://badge.fury.io/rb/nexpose.svg)](http://badge.fury.io/rb/nexpose) [![Build Status](https://travis-ci.org/rapid7/nexpose-client.svg?branch=master)](https://travis-ci.org/rapid7/nexpose-client) [![Test Coverage](https://codeclimate.com/github/rapid7/nexpose-client/badges/coverage.svg)](https://codeclimate.com/github/rapid7/nexpose-client) [![Inline docs](http://inch-ci.org/github/rapid7/nexpose-client.svg?branch=master)](http://inch-ci.org/github/rapid7/nexpose-client) [![Code Climate](https://codeclimate.com/github/rapid7/nexpose-client/badges/gpa.svg)](https://codeclimate.com/github/rapid7/nexpose-client)
+[![No Maintenance Intended](http://unmaintained.tech/badge.svg)](http://unmaintained.tech/) [![Gem Version](https://badge.fury.io/rb/nexpose.svg)](http://badge.fury.io/rb/nexpose) [![Build Status](https://travis-ci.org/rapid7/nexpose-client.svg?branch=master)](https://travis-ci.org/rapid7/nexpose-client) [![Test Coverage](https://codeclimate.com/github/rapid7/nexpose-client/badges/coverage.svg)](https://codeclimate.com/github/rapid7/nexpose-client) [![Inline docs](http://inch-ci.org/github/rapid7/nexpose-client.svg?branch=master)](http://inch-ci.org/github/rapid7/nexpose-client) [![Code Climate](https://codeclimate.com/github/rapid7/nexpose-client/badges/gpa.svg)](https://codeclimate.com/github/rapid7/nexpose-client)
 
 This is the official gem package for the Ruby Nexpose API client library.
 
@@ -11,10 +16,14 @@ This gem is heavily used for internal, automated testing of the Nexpose product.
 
 Since version 1.0 nexpose-client uses [Semantic Versioning](http://semver.org/). This allows for confident use of the [pessimistic operator](https://robots.thoughtbot.com/rubys-pessimistic-operator) in scripts or larger ruby projects.
 
+Install the gem with Rubygems: `gem install nexpose`
+
 ## Release Notes
 
 Release notes are available on the [Releases](https://github.com/rapid7/nexpose-client/releases) page.
 
+The full Changelog is available as well, on the [Changelog](https://github.com/rapid7/nexpose-client/blob/master/CHANGELOG.md) page.
+
 ## Contributions
 
 We welcome contributions to this package. Please see [CONTRIBUTING](.github/CONTRIBUTING.md) for details.

data/Rakefile

@@ -12,4 +12,6 @@ GitHubChangelogGenerator::RakeTask.new :changelog do |config|
   if token.nil?
     warn "!!WARNING!! Missing Github Token Environment Variable. Fix before you run rake changelog. !!WARNING!!"
   end
+  config.user = 'rapid7'
+  config.project = 'nexpose-client'
 end

data/lib/eso.rb

@@ -0,0 +1,23 @@
+require 'date'
+require 'json'
+require 'net/http'
+require 'net/https'
+require 'nexpose'
+require 'time'
+require 'uri'
+
+require 'eso/conductor'
+require 'eso/configuration/configuration'
+require 'eso/configuration/configuration_manager'
+require 'eso/filter'
+require 'eso/integration_option'
+require 'eso/integration_options_manager'
+require 'eso/nexpose'
+require 'eso/service'
+require 'eso/step'
+require 'eso/step_configuration'
+require 'eso/workflow'
+
+module Eso
+
+end

data/lib/eso/conductor.rb

@@ -0,0 +1,227 @@
+require 'eso/service'
+
+module Eso
+  class Conductor < Service
+
+    # Constructor for Conductor.
+    #
+    # @param [String] host Hostname or IP address where this conductor resides.
+    # @param [Integer] port The TCP port to connect to this conductor on.
+    # @param [Nexpose::Connection] nsc A logged-in Nexpose::Connection object with a valid session used to authenticate.
+    # @return [Eso::Conductor] The newly created conductor object
+    #
+    def initialize(host:, port: 3780, nsc:)
+      super(host: host, port: port, nsc: nsc)
+      @url = "https://#{@host}:#{@port}/eso/conductor-service/api/"
+    end
+
+    # Return all of the workflows that currently exist on this conductor.
+    #
+    # @return [Array] An array containing all of the current workflows on the conductor in Eso::Workflow object format. Returns an empty array if no workflows are present.
+    #
+    def workflows
+      rv = []
+      json_data = get(url: "#{@url}workflows/")
+      json_data.each do |wf|
+        workflow = Workflow.new(id: wf[:id], name: wf[:name])
+        steps = wf[:steps]
+        steps.each do |step|
+          workflow_step = Step.new(uuid: step[:uuid],
+                                   service_name: step[:serviceName],
+                                   workflow: workflow,
+                                   type_name: step[:stepConfiguration][:typeName],
+                                   previous_type_name: step[:stepConfiguration][:previousTypeName],
+                                   configuration_params: step[:stepConfiguration][:configurationParams])
+          workflow.steps << workflow_step
+        end
+        rv << workflow
+      end
+      rv
+    end
+
+    # Return the workflow histories with only the state histories for the given date range.
+    #
+    # @param [Fixnum] starttime The time in milliseconds since epoch for which you want the workflow histories
+    # @param [Fixnum] endtime The time in milliseconds since epoch for which you want the workflow histories
+    # @return [Array[Eso::Workflow::History]] An array containing all of the workflow histories from the
+    #   Conductor, which has StateHistory objects containing startTime's within the specified time range. Only the
+    #   StateHistories within that range are returned in the WorkflowHistory object. Returns an empty array if none are present.
+    def workflow_histories(starttime, endtime)
+      histories = []
+      json_data = get(url: "#{@url}workflows/history/#{starttime}/#{endtime}")
+      json_data.each do |wf|
+        # Initialize WorkflowHistory elements
+        workflow_steps = []
+        state_histories = []
+
+        # Create a new WorkflowHistory with the details we already know
+        workflow_history = Eso::Workflow::History.new(id: wf[:id],
+                                                      name: wf[:name],
+                                                      timeCreated: wf[:timeCreated],
+                                                      state: wf[:state],
+                                                      message: wf[:message],
+                                                      steps: workflow_steps,
+                                                      history: state_histories
+        )
+
+        # Parse the steps out of the response to be returned with the WorkflowHistory
+        wf[:steps].each do |step|
+          workflow_steps << Step.new(uuid: step[:uuid],
+                                   service_name: step[:serviceName],
+                                   workflow: workflow_history,
+                                   type_name: step[:stepConfiguration][:typeName],
+                                   previous_type_name: step[:stepConfiguration][:previousTypeName],
+                                   configuration_params: step[:stepConfiguration][:configurationParams])
+        end
+        workflow_history.steps = workflow_steps
+
+        # Parse the histories out of the response, to be returned with the WorkflowHistory. For some reason.
+        # this failed with named parameters. For now I returned it to positional.
+        wf[:history].each do |history|
+          state_histories << Eso::Workflow::StateHistory.new(history[:message],
+                                           history[:state],
+                                           history[:startTime])
+        end
+        workflow_history.state_histories = state_histories
+
+        # Add the Workflow History we just built to the list to be returned.
+        histories << workflow_history
+      end
+      histories
+    end
+
+    # Get the state of the specified workflow.
+    #
+    # @param [String] workflow_id The ID of the workflow to retrieve the state of.
+    # @return [String] The current state of the workflow.
+    #
+    def workflow_state(workflow_id:)
+      get(url: "#{@url}workflows/#{workflow_id}/state")
+    end
+
+    # Get the count of items in a state of the specified workflow.
+    #
+    # @param [Eso::Workflow::State] state The state of the workflows to retrieve the count of.
+    # @return [Integer] The number of workflows in the requested state.
+    #
+    def workflows_state_count(state)
+      get(url: "#{@url}workflows/count/#{state}")
+    end
+
+    # Retrieve the states for all of the workflows created on the conductor.
+    #
+    # @return [Hash] A hash containing the states of all existing workflows, keyed by workflow ID.
+    #
+    def workflow_states
+      wfs = workflows
+      states = {}
+      wfs.each { |wf| states[wf.id] = workflow_state(workflow_id: wf.id) }
+      states
+    end
+
+    # Create a new workflow on this conductor.
+    #
+    # @param [String] name The user-facing name the workflow will be created with.
+    # @param [Array] steps An array containing each of the steps that the workflow will be created with, in Eso::Step format.
+    # @return [Eso::Workflow] The newly created workflow object
+    #
+    def create_workflow(name:, steps:)
+      workflow = Workflow.new(name: name, steps: steps)
+
+      resp = post(url: "#{@url}workflows/", payload: workflow.to_json)
+      created_workflow = Workflow.load(self, resp[:id])
+
+      created_workflow
+    end
+
+    # Update an existing workflow on the conductor to have the configuration of the workflow object passed into this method.
+    #
+    # @param [Eso::Workflow] updated_workflow A workflow object that has already had all required changes made to it. This workflow must have an ID set.
+    #
+    def update_workflow(updated_workflow:)
+      payload = updated_workflow.to_json
+      put(url: "#{@url}workflows/#{updated_workflow.id}", payload: payload)
+    end
+
+    # Delete an existing workflow from the conductor.
+    #
+    # @param [String] workflow_id The ID of the workflow to be deleted.
+    #
+    def delete_workflow(workflow_id:)
+      delete(url: "#{@url}workflows/#{workflow_id}")
+    end
+
+    # Delete all current workflows on the conductor.
+    #
+    def delete_all_workflows
+      wfs = workflows
+      wfs.each { |wf| delete_workflow(workflow_id: wf.id) }
+    end
+
+    # Start the specified workflow.
+    #
+    # @param [String] workflow_id The ID of the workflow to be started.
+    #
+    def start_workflow(workflow_id:)
+      post(url: "#{@url}workflows/#{workflow_id}/state")
+    end
+
+    # Stop the specified workflow.
+    #
+    # @param [String] workflow_id The ID of the workflow to be stopped.
+    #
+    def stop_workflow(workflow_id:)
+      delete(url: "#{@url}workflows/#{workflow_id}/state")
+    end
+
+    # Start all workflows that exist on the conductor.
+    #
+    # @return [Hash] A hash containing the states of all existing workflows, keyed by workflow ID.
+    #
+    def start_all_workflows
+      wf_states = workflow_states
+
+      wf_states.each { |wf_id, state| start_workflow(workflow_id: wf_id) if state[:workflow_state] == "STOPPED" }
+      workflow_states
+    end
+
+    # Stop all workflows that exist on the conductor.
+    #
+    # @return [Hash] A hash containing the states of all existing workflows, keyed by workflow ID.
+    #
+    def stop_all_workflows
+      wf_states = workflow_states
+
+      wf_states.each { |wf_id, state| stop_workflow(workflow_id: wf_id) if state[:workflow_state] == "RUNNING" }
+      workflow_states
+    end
+
+    # Returns the translated value of the specified key for a step type (defined in Eso::StepNames).
+    # The translated value will be based on the language settings the user has configured.
+    #
+    # @param [String] step_type The step type to query metadata for. Valid values defined in Eso::StepNames
+    # @param [String] key The key value in the metadata that maps to the desired label.
+    # @return [String] The translated value of the key.
+    #
+    def get_translation_label(step_type, key)
+      json_data = get(url: "#{@url}services/nexpose/metadata/#{step_type}")
+
+      target_hash = json_data[:labels].values.find { |label_hash| label_hash.has_key?(key) }
+      target_hash[key] if target_hash
+    end
+
+    # Returns the metadata key for a specified translated string.
+    # The translated value needs to be in language that the user has configured.
+    #
+    # @param [String] step_type The step type to query metadata for. Valid values defined in Eso::StepNames
+    # @param [String] label The translated value of which you are requesting the key for.
+    # @return [String] The metadata key corresponding to this label.
+    #
+    def get_translation_key(step_type, label)
+      json_data = get(url: "#{@url}services/nexpose/metadata/#{step_type}")
+
+      target_hash = json_data[:labels].values.find { |label_hash| label_hash.values.include?(label) }
+      target_hash.key(label).to_s if target_hash
+    end
+  end
+end