nexpose 7.2.1 → 7.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -0,0 +1,73 @@
1
+ module Eso
2
+ class StepConfiguration
3
+ attr_accessor :typeName, :previousTypeName, :configurationParams, :workflowID
4
+
5
+ module ConfigParamProperties
6
+ DISCOVERY_CONFIG_ID = 'discoveryConfigID'
7
+ EXCLUDE_ASSETS_WITH_TAGS= 'excludeAssetsWithTags'
8
+ IMPORT_TAGS = 'importTags'
9
+ ONLY_IMPORT_THESE_TAGS = 'onlyImportTheseTags'
10
+ SITE_ID = 'siteID'
11
+ TAG_ID = 'tagID'
12
+ end
13
+
14
+ module ConfigParamPropertyTypes
15
+ BOOLEAN = [ConfigParamProperties::IMPORT_TAGS]
16
+ INTEGER = [ConfigParamProperties::DISCOVERY_CONFIG_ID,
17
+ ConfigParamProperties::SITE_ID,
18
+ ConfigParamProperties::TAG_ID]
19
+ STRING = [ConfigParamProperties::EXCLUDE_ASSETS_WITH_TAGS,
20
+ ConfigParamProperties::ONLY_IMPORT_THESE_TAGS]
21
+ end
22
+
23
+ def initialize (typeName, previousTypeName, configurationParams=nil, workflowID=nil)
24
+ @typeName = typeName
25
+ @previousTypeName = previousTypeName
26
+ @configurationParams = configurationParams ? configurationParams : {
27
+ :valueClass => Values::OBJECT,
28
+ :objectType => 'params',
29
+ :properties => {}}
30
+ @workflowID = workflowID if workflowID
31
+ end
32
+
33
+ # This adds the specified property to this StepConfiguration.configurationParams.properties Hash
34
+ #
35
+ # @param [String] name The name of the property to add, which should be one of ConfigParamProperties
36
+ # @param [Object] value The value of the property to add, which should already be in the appropriate format (Eso::Values)
37
+ # @return [StepConfiguration] Returns this object for chaining.
38
+ def add_property(name, value)
39
+ @configurationParams[:properties][name] =
40
+ case name
41
+ when *ConfigParamPropertyTypes::BOOLEAN
42
+ {
43
+ valueClass: Values::BOOLEAN,
44
+ value: value
45
+ }
46
+ when *ConfigParamPropertyTypes::INTEGER
47
+ {
48
+ valueClass: Values::INTEGER,
49
+ value: value
50
+ }
51
+ when *ConfigParamPropertyTypes::STRING
52
+ {
53
+ valueClass: Values::STRING,
54
+ value: value
55
+ }
56
+ else
57
+ raise ArgumentError, "Invalid StepConfiguration ConfigurationParameter Property name: #{name}. " +
58
+ 'Should be one of StepConfiguration::ConfigParamProperties'
59
+ end
60
+ self
61
+ end
62
+
63
+ def to_h
64
+ hash = {
65
+ :typeName => @typeName,
66
+ :previousTypeName => @previousTypeName,
67
+ :configurationParams => @configurationParams
68
+ }
69
+ hash['workflowID'] = @workflowID if @workflowID
70
+ hash
71
+ end
72
+ end
73
+ end
@@ -0,0 +1,149 @@
1
+ module Eso
2
+
3
+ # The following classes have mixed casing (snake and camel) to accommodate for the API.
4
+ # I guess a TODO would be to write a helper to automatically convert them.
5
+ class Workflow
6
+ # The id of the workflow. This will be created upon saving to the server upon creation.
7
+ attr_accessor :id
8
+
9
+ # The name of the workflow. This is required.
10
+ attr_accessor :name
11
+
12
+ # An array of the steps this workflow takes action on.
13
+ attr_accessor :steps
14
+
15
+ # The time the workflow was created in milliseconds since epoch
16
+ attr_accessor :timeCreated
17
+
18
+ # Constructor for the workflow
19
+ #
20
+ # @param [String] id ID of the workflow.
21
+ # @param [String] name Name of the workflow.
22
+ # @param [Array] steps Array of the steps that this workflow takes.
23
+ # @param [Fixnum] time_created The time the workflow was created in millis since epoch
24
+ #
25
+ def initialize(id: nil, name:, steps: [], time_created: (Time.now.strftime('%s').to_i * 1000))
26
+ @id = id
27
+ @name = name
28
+ @steps = steps
29
+ @timeCreated = time_created
30
+ end
31
+
32
+ # Load an existing workflow from the API.
33
+ #
34
+ # @param [Conductor] conductor The Conductor object governing the workflows
35
+ # @param [String] id ID of the workflow to load
36
+ # @return [Workflow] Workflow object that was loaded.
37
+ #
38
+ def self.load(conductor, id)
39
+ uri = "#{conductor.url}workflows/#{id}"
40
+ resp = conductor.get(url: uri)
41
+ workflow = self.new(id: resp[:id], name: resp[:name])
42
+ steps = resp[:steps]
43
+ steps.each do |step|
44
+ workflow_step = Step.new(uuid: step[:uuid],
45
+ service_name: step[:serviceName],
46
+ workflow: workflow,
47
+ type_name: step[:stepConfiguration][:typeName],
48
+ previous_type_name: step[:stepConfiguration][:previousTypeName],
49
+ configuration_params: step[:stepConfiguration][:configurationParams])
50
+ workflow.steps << workflow_step
51
+ end
52
+ workflow
53
+ end
54
+
55
+ # Return the relevant step based on the given service name.
56
+ # For example, if you want the step related to the scan service you would pass 'nexpose-scan-service'.
57
+ #
58
+ # @param [String] service_name Service name to be returned.
59
+ # @return [Step] Step object corresponding to the given service.
60
+ #
61
+ def get_step(type_name)
62
+ @steps.find do |step|
63
+ step.type_name == type_name
64
+ end
65
+ end
66
+
67
+ # Return the trigger step of a workflow. The trigger step is defined as a step that monitors for events
68
+ # that will cause the action to fire.
69
+ #
70
+ # Currently triggers do not have a previous-action so that is what this is returning. This behavior could change in ESO's future.
71
+ #
72
+ # @return [Step] Step object representation of the trigger step.
73
+ #
74
+ def trigger
75
+ @steps.find do |step|
76
+ step.stepConfiguration.previousTypeName.nil?
77
+ end
78
+ end
79
+
80
+ # Return this object and the associated steps in a digestible JSON format.
81
+ #
82
+ # @return [String] JSON interpretation of this workflow.
83
+ #
84
+ def to_json
85
+ hash = self.to_hash
86
+ steps = hash['steps']
87
+ hashified_steps = []
88
+ steps.each { |step| hashified_steps << step.to_hash }
89
+ hash['steps'] = hashified_steps
90
+ hash.to_json
91
+ end
92
+
93
+ # Return this object as a hash.
94
+ # The corresponding steps will still be objects.
95
+ #
96
+ # @return [Hash{}] Hash interpretation of this workflow.
97
+ def to_hash
98
+ hash = {}
99
+ instance_variables.each { |var| hash[var.to_s.delete('@')] = instance_variable_get(var) }
100
+ hash
101
+ end
102
+
103
+ # Representation of state of a workflow or integration option. Taken from service-orchestration State.java
104
+ module State
105
+ # Workflow or an integration option is configured and ready to accept events
106
+ READY = 'ready'
107
+
108
+ # Workflow or an integration option is processing or has processed events
109
+ RUNNING = 'running'
110
+
111
+ # The workflow or an integration option is running, but is temporarily unsuccessful processing events
112
+ RETRY = 'retry'
113
+
114
+ # Workflow or an integration option is stopped by the user
115
+ STOPPED = 'stopped'
116
+
117
+ # Workflow or an integration option has experienced an error that caused it to stop
118
+ ERROR = 'error'
119
+ end
120
+
121
+ StateHistory = Struct.new(:message, :state, :startTime)
122
+
123
+ class History < Workflow
124
+ # The current state of the workflow
125
+ attr_accessor :state
126
+
127
+ # The most recent message
128
+ attr_accessor :message
129
+
130
+ # An array of Eso::Workflow::StateHistory
131
+ attr_accessor :state_histories
132
+
133
+ # Constructor for the WorkflowHistory
134
+ #
135
+ # @param [String] id ID of the workflow.
136
+ # @param [String] name Name of the workflow.
137
+ # @param [Array] steps Array of the steps that this workflow takes.
138
+ # @param [Fixnum] time_created The time the workflow was created in millis since epoch
139
+ # @param [Eso::Workflow::State] state The current state of the workflow
140
+ # @param [String] message The most recent message
141
+ def initialize(id:, name:, time_created:, steps:, state:, message:, history:)
142
+ super(id: id, name: name, timeCreated: time_created, steps: steps)
143
+ @state = state
144
+ @message = message
145
+ @state_histories = history
146
+ end
147
+ end
148
+ end
149
+ end
data/lib/nexpose/ajax.rb CHANGED
@@ -149,6 +149,7 @@ module Nexpose
149
149
  def headers(nsc, request)
150
150
  request.add_field('nexposeCCSessionID', nsc.session_id)
151
151
  request.add_field('Cookie', "nexposeCCSessionID=#{nsc.session_id}")
152
+ request.add_field('X-Requested-With', 'XMLHttpRequest')
152
153
  end
153
154
 
154
155
  def request(nsc, request, timeout = nil)
data/lib/nexpose/role.rb CHANGED
@@ -24,6 +24,7 @@ module Nexpose
24
24
  ADD_USERS_TO_REPORT = 'AddUsersToReport'
25
25
  MANAGE_POLICIES = 'ManagePolicies'
26
26
  MANAGE_TAGS = 'ManageTags'
27
+ MANAGE_ADVPOLICIES = 'ManageAdvPolicies'
27
28
  end
28
29
 
29
30
  module Site
data/lib/nexpose/util.rb CHANGED
@@ -55,7 +55,8 @@ module Nexpose
55
55
  IPAddr.new(ips[1]) if ips[1]
56
56
  IPRange.new(ips[0], ips[1])
57
57
  rescue ArgumentError => e
58
- if e.message == 'invalid address'
58
+ if e.message =~ /invalid address/
59
+ # Try to parse the the asset as a hostname if the IP address conversion fails
59
60
  HostName.new(asset)
60
61
  else
61
62
  raise "Unable to parse asset: '#{asset}'. #{e.message}"
@@ -1,4 +1,4 @@
1
1
  module Nexpose
2
2
  # The latest version of the Nexpose gem
3
- VERSION = '7.2.1'.freeze
3
+ VERSION = '7.3.0'.freeze
4
4
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: nexpose
3
3
  version: !ruby/object:Gem::Version
4
- version: 7.2.1
4
+ version: 7.3.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - HD Moore
@@ -13,22 +13,22 @@ authors:
13
13
  autorequire:
14
14
  bindir: bin
15
15
  cert_chain: []
16
- date: 2018-06-01 00:00:00.000000000 Z
16
+ date: 2021-04-02 00:00:00.000000000 Z
17
17
  dependencies:
18
18
  - !ruby/object:Gem::Dependency
19
19
  name: bundler
20
20
  requirement: !ruby/object:Gem::Requirement
21
21
  requirements:
22
- - - "~>"
22
+ - - ">="
23
23
  - !ruby/object:Gem::Version
24
- version: '1.3'
24
+ version: '0'
25
25
  type: :development
26
26
  prerelease: false
27
27
  version_requirements: !ruby/object:Gem::Requirement
28
28
  requirements:
29
- - - "~>"
29
+ - - ">="
30
30
  - !ruby/object:Gem::Version
31
- version: '1.3'
31
+ version: '0'
32
32
  - !ruby/object:Gem::Dependency
33
33
  name: codeclimate-test-reporter
34
34
  requirement: !ruby/object:Gem::Requirement
@@ -176,6 +176,18 @@ files:
176
176
  - README.markdown
177
177
  - Rakefile
178
178
  - lib/README.md
179
+ - lib/eso.rb
180
+ - lib/eso/conductor.rb
181
+ - lib/eso/configuration/configuration.rb
182
+ - lib/eso/configuration/configuration_manager.rb
183
+ - lib/eso/filter.rb
184
+ - lib/eso/integration_option.rb
185
+ - lib/eso/integration_options_manager.rb
186
+ - lib/eso/nexpose.rb
187
+ - lib/eso/service.rb
188
+ - lib/eso/step.rb
189
+ - lib/eso/step_configuration.rb
190
+ - lib/eso/workflow.rb
179
191
  - lib/nexpose.rb
180
192
  - lib/nexpose/ajax.rb
181
193
  - lib/nexpose/alert.rb
@@ -255,8 +267,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
255
267
  - !ruby/object:Gem::Version
256
268
  version: '0'
257
269
  requirements: []
258
- rubyforge_project:
259
- rubygems_version: 2.6.10
270
+ rubygems_version: 3.2.15
260
271
  signing_key:
261
272
  specification_version: 4
262
273
  summary: Ruby API for Rapid7 Nexpose