nexpose 7.2.1 → 7.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +5 -5
- data/CHANGELOG.md +134 -15
- data/Gemfile.lock +89 -36
- data/README.markdown +6 -1
- data/Rakefile +2 -0
- data/lib/eso.rb +23 -0
- data/lib/eso/conductor.rb +227 -0
- data/lib/eso/configuration/configuration.rb +124 -0
- data/lib/eso/configuration/configuration_manager.rb +145 -0
- data/lib/eso/filter.rb +137 -0
- data/lib/eso/integration_option.rb +88 -0
- data/lib/eso/integration_options_manager.rb +178 -0
- data/lib/eso/nexpose.rb +212 -0
- data/lib/eso/service.rb +83 -0
- data/lib/eso/step.rb +166 -0
- data/lib/eso/step_configuration.rb +73 -0
- data/lib/eso/workflow.rb +149 -0
- data/lib/nexpose/ajax.rb +1 -0
- data/lib/nexpose/role.rb +1 -0
- data/lib/nexpose/util.rb +2 -1
- data/lib/nexpose/version.rb +1 -1
- metadata +19 -8
@@ -0,0 +1,73 @@
|
|
1
|
+
module Eso
|
2
|
+
class StepConfiguration
|
3
|
+
attr_accessor :typeName, :previousTypeName, :configurationParams, :workflowID
|
4
|
+
|
5
|
+
module ConfigParamProperties
|
6
|
+
DISCOVERY_CONFIG_ID = 'discoveryConfigID'
|
7
|
+
EXCLUDE_ASSETS_WITH_TAGS= 'excludeAssetsWithTags'
|
8
|
+
IMPORT_TAGS = 'importTags'
|
9
|
+
ONLY_IMPORT_THESE_TAGS = 'onlyImportTheseTags'
|
10
|
+
SITE_ID = 'siteID'
|
11
|
+
TAG_ID = 'tagID'
|
12
|
+
end
|
13
|
+
|
14
|
+
module ConfigParamPropertyTypes
|
15
|
+
BOOLEAN = [ConfigParamProperties::IMPORT_TAGS]
|
16
|
+
INTEGER = [ConfigParamProperties::DISCOVERY_CONFIG_ID,
|
17
|
+
ConfigParamProperties::SITE_ID,
|
18
|
+
ConfigParamProperties::TAG_ID]
|
19
|
+
STRING = [ConfigParamProperties::EXCLUDE_ASSETS_WITH_TAGS,
|
20
|
+
ConfigParamProperties::ONLY_IMPORT_THESE_TAGS]
|
21
|
+
end
|
22
|
+
|
23
|
+
def initialize (typeName, previousTypeName, configurationParams=nil, workflowID=nil)
|
24
|
+
@typeName = typeName
|
25
|
+
@previousTypeName = previousTypeName
|
26
|
+
@configurationParams = configurationParams ? configurationParams : {
|
27
|
+
:valueClass => Values::OBJECT,
|
28
|
+
:objectType => 'params',
|
29
|
+
:properties => {}}
|
30
|
+
@workflowID = workflowID if workflowID
|
31
|
+
end
|
32
|
+
|
33
|
+
# This adds the specified property to this StepConfiguration.configurationParams.properties Hash
|
34
|
+
#
|
35
|
+
# @param [String] name The name of the property to add, which should be one of ConfigParamProperties
|
36
|
+
# @param [Object] value The value of the property to add, which should already be in the appropriate format (Eso::Values)
|
37
|
+
# @return [StepConfiguration] Returns this object for chaining.
|
38
|
+
def add_property(name, value)
|
39
|
+
@configurationParams[:properties][name] =
|
40
|
+
case name
|
41
|
+
when *ConfigParamPropertyTypes::BOOLEAN
|
42
|
+
{
|
43
|
+
valueClass: Values::BOOLEAN,
|
44
|
+
value: value
|
45
|
+
}
|
46
|
+
when *ConfigParamPropertyTypes::INTEGER
|
47
|
+
{
|
48
|
+
valueClass: Values::INTEGER,
|
49
|
+
value: value
|
50
|
+
}
|
51
|
+
when *ConfigParamPropertyTypes::STRING
|
52
|
+
{
|
53
|
+
valueClass: Values::STRING,
|
54
|
+
value: value
|
55
|
+
}
|
56
|
+
else
|
57
|
+
raise ArgumentError, "Invalid StepConfiguration ConfigurationParameter Property name: #{name}. " +
|
58
|
+
'Should be one of StepConfiguration::ConfigParamProperties'
|
59
|
+
end
|
60
|
+
self
|
61
|
+
end
|
62
|
+
|
63
|
+
def to_h
|
64
|
+
hash = {
|
65
|
+
:typeName => @typeName,
|
66
|
+
:previousTypeName => @previousTypeName,
|
67
|
+
:configurationParams => @configurationParams
|
68
|
+
}
|
69
|
+
hash['workflowID'] = @workflowID if @workflowID
|
70
|
+
hash
|
71
|
+
end
|
72
|
+
end
|
73
|
+
end
|
data/lib/eso/workflow.rb
ADDED
@@ -0,0 +1,149 @@
|
|
1
|
+
module Eso
|
2
|
+
|
3
|
+
# The following classes have mixed casing (snake and camel) to accommodate for the API.
|
4
|
+
# I guess a TODO would be to write a helper to automatically convert them.
|
5
|
+
class Workflow
|
6
|
+
# The id of the workflow. This will be created upon saving to the server upon creation.
|
7
|
+
attr_accessor :id
|
8
|
+
|
9
|
+
# The name of the workflow. This is required.
|
10
|
+
attr_accessor :name
|
11
|
+
|
12
|
+
# An array of the steps this workflow takes action on.
|
13
|
+
attr_accessor :steps
|
14
|
+
|
15
|
+
# The time the workflow was created in milliseconds since epoch
|
16
|
+
attr_accessor :timeCreated
|
17
|
+
|
18
|
+
# Constructor for the workflow
|
19
|
+
#
|
20
|
+
# @param [String] id ID of the workflow.
|
21
|
+
# @param [String] name Name of the workflow.
|
22
|
+
# @param [Array] steps Array of the steps that this workflow takes.
|
23
|
+
# @param [Fixnum] time_created The time the workflow was created in millis since epoch
|
24
|
+
#
|
25
|
+
def initialize(id: nil, name:, steps: [], time_created: (Time.now.strftime('%s').to_i * 1000))
|
26
|
+
@id = id
|
27
|
+
@name = name
|
28
|
+
@steps = steps
|
29
|
+
@timeCreated = time_created
|
30
|
+
end
|
31
|
+
|
32
|
+
# Load an existing workflow from the API.
|
33
|
+
#
|
34
|
+
# @param [Conductor] conductor The Conductor object governing the workflows
|
35
|
+
# @param [String] id ID of the workflow to load
|
36
|
+
# @return [Workflow] Workflow object that was loaded.
|
37
|
+
#
|
38
|
+
def self.load(conductor, id)
|
39
|
+
uri = "#{conductor.url}workflows/#{id}"
|
40
|
+
resp = conductor.get(url: uri)
|
41
|
+
workflow = self.new(id: resp[:id], name: resp[:name])
|
42
|
+
steps = resp[:steps]
|
43
|
+
steps.each do |step|
|
44
|
+
workflow_step = Step.new(uuid: step[:uuid],
|
45
|
+
service_name: step[:serviceName],
|
46
|
+
workflow: workflow,
|
47
|
+
type_name: step[:stepConfiguration][:typeName],
|
48
|
+
previous_type_name: step[:stepConfiguration][:previousTypeName],
|
49
|
+
configuration_params: step[:stepConfiguration][:configurationParams])
|
50
|
+
workflow.steps << workflow_step
|
51
|
+
end
|
52
|
+
workflow
|
53
|
+
end
|
54
|
+
|
55
|
+
# Return the relevant step based on the given service name.
|
56
|
+
# For example, if you want the step related to the scan service you would pass 'nexpose-scan-service'.
|
57
|
+
#
|
58
|
+
# @param [String] service_name Service name to be returned.
|
59
|
+
# @return [Step] Step object corresponding to the given service.
|
60
|
+
#
|
61
|
+
def get_step(type_name)
|
62
|
+
@steps.find do |step|
|
63
|
+
step.type_name == type_name
|
64
|
+
end
|
65
|
+
end
|
66
|
+
|
67
|
+
# Return the trigger step of a workflow. The trigger step is defined as a step that monitors for events
|
68
|
+
# that will cause the action to fire.
|
69
|
+
#
|
70
|
+
# Currently triggers do not have a previous-action so that is what this is returning. This behavior could change in ESO's future.
|
71
|
+
#
|
72
|
+
# @return [Step] Step object representation of the trigger step.
|
73
|
+
#
|
74
|
+
def trigger
|
75
|
+
@steps.find do |step|
|
76
|
+
step.stepConfiguration.previousTypeName.nil?
|
77
|
+
end
|
78
|
+
end
|
79
|
+
|
80
|
+
# Return this object and the associated steps in a digestible JSON format.
|
81
|
+
#
|
82
|
+
# @return [String] JSON interpretation of this workflow.
|
83
|
+
#
|
84
|
+
def to_json
|
85
|
+
hash = self.to_hash
|
86
|
+
steps = hash['steps']
|
87
|
+
hashified_steps = []
|
88
|
+
steps.each { |step| hashified_steps << step.to_hash }
|
89
|
+
hash['steps'] = hashified_steps
|
90
|
+
hash.to_json
|
91
|
+
end
|
92
|
+
|
93
|
+
# Return this object as a hash.
|
94
|
+
# The corresponding steps will still be objects.
|
95
|
+
#
|
96
|
+
# @return [Hash{}] Hash interpretation of this workflow.
|
97
|
+
def to_hash
|
98
|
+
hash = {}
|
99
|
+
instance_variables.each { |var| hash[var.to_s.delete('@')] = instance_variable_get(var) }
|
100
|
+
hash
|
101
|
+
end
|
102
|
+
|
103
|
+
# Representation of state of a workflow or integration option. Taken from service-orchestration State.java
|
104
|
+
module State
|
105
|
+
# Workflow or an integration option is configured and ready to accept events
|
106
|
+
READY = 'ready'
|
107
|
+
|
108
|
+
# Workflow or an integration option is processing or has processed events
|
109
|
+
RUNNING = 'running'
|
110
|
+
|
111
|
+
# The workflow or an integration option is running, but is temporarily unsuccessful processing events
|
112
|
+
RETRY = 'retry'
|
113
|
+
|
114
|
+
# Workflow or an integration option is stopped by the user
|
115
|
+
STOPPED = 'stopped'
|
116
|
+
|
117
|
+
# Workflow or an integration option has experienced an error that caused it to stop
|
118
|
+
ERROR = 'error'
|
119
|
+
end
|
120
|
+
|
121
|
+
StateHistory = Struct.new(:message, :state, :startTime)
|
122
|
+
|
123
|
+
class History < Workflow
|
124
|
+
# The current state of the workflow
|
125
|
+
attr_accessor :state
|
126
|
+
|
127
|
+
# The most recent message
|
128
|
+
attr_accessor :message
|
129
|
+
|
130
|
+
# An array of Eso::Workflow::StateHistory
|
131
|
+
attr_accessor :state_histories
|
132
|
+
|
133
|
+
# Constructor for the WorkflowHistory
|
134
|
+
#
|
135
|
+
# @param [String] id ID of the workflow.
|
136
|
+
# @param [String] name Name of the workflow.
|
137
|
+
# @param [Array] steps Array of the steps that this workflow takes.
|
138
|
+
# @param [Fixnum] time_created The time the workflow was created in millis since epoch
|
139
|
+
# @param [Eso::Workflow::State] state The current state of the workflow
|
140
|
+
# @param [String] message The most recent message
|
141
|
+
def initialize(id:, name:, time_created:, steps:, state:, message:, history:)
|
142
|
+
super(id: id, name: name, timeCreated: time_created, steps: steps)
|
143
|
+
@state = state
|
144
|
+
@message = message
|
145
|
+
@state_histories = history
|
146
|
+
end
|
147
|
+
end
|
148
|
+
end
|
149
|
+
end
|
data/lib/nexpose/ajax.rb
CHANGED
@@ -149,6 +149,7 @@ module Nexpose
|
|
149
149
|
def headers(nsc, request)
|
150
150
|
request.add_field('nexposeCCSessionID', nsc.session_id)
|
151
151
|
request.add_field('Cookie', "nexposeCCSessionID=#{nsc.session_id}")
|
152
|
+
request.add_field('X-Requested-With', 'XMLHttpRequest')
|
152
153
|
end
|
153
154
|
|
154
155
|
def request(nsc, request, timeout = nil)
|
data/lib/nexpose/role.rb
CHANGED
data/lib/nexpose/util.rb
CHANGED
@@ -55,7 +55,8 @@ module Nexpose
|
|
55
55
|
IPAddr.new(ips[1]) if ips[1]
|
56
56
|
IPRange.new(ips[0], ips[1])
|
57
57
|
rescue ArgumentError => e
|
58
|
-
if e.message
|
58
|
+
if e.message =~ /invalid address/
|
59
|
+
# Try to parse the the asset as a hostname if the IP address conversion fails
|
59
60
|
HostName.new(asset)
|
60
61
|
else
|
61
62
|
raise "Unable to parse asset: '#{asset}'. #{e.message}"
|
data/lib/nexpose/version.rb
CHANGED
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: nexpose
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 7.
|
4
|
+
version: 7.3.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- HD Moore
|
@@ -13,22 +13,22 @@ authors:
|
|
13
13
|
autorequire:
|
14
14
|
bindir: bin
|
15
15
|
cert_chain: []
|
16
|
-
date:
|
16
|
+
date: 2021-04-02 00:00:00.000000000 Z
|
17
17
|
dependencies:
|
18
18
|
- !ruby/object:Gem::Dependency
|
19
19
|
name: bundler
|
20
20
|
requirement: !ruby/object:Gem::Requirement
|
21
21
|
requirements:
|
22
|
-
- - "
|
22
|
+
- - ">="
|
23
23
|
- !ruby/object:Gem::Version
|
24
|
-
version: '
|
24
|
+
version: '0'
|
25
25
|
type: :development
|
26
26
|
prerelease: false
|
27
27
|
version_requirements: !ruby/object:Gem::Requirement
|
28
28
|
requirements:
|
29
|
-
- - "
|
29
|
+
- - ">="
|
30
30
|
- !ruby/object:Gem::Version
|
31
|
-
version: '
|
31
|
+
version: '0'
|
32
32
|
- !ruby/object:Gem::Dependency
|
33
33
|
name: codeclimate-test-reporter
|
34
34
|
requirement: !ruby/object:Gem::Requirement
|
@@ -176,6 +176,18 @@ files:
|
|
176
176
|
- README.markdown
|
177
177
|
- Rakefile
|
178
178
|
- lib/README.md
|
179
|
+
- lib/eso.rb
|
180
|
+
- lib/eso/conductor.rb
|
181
|
+
- lib/eso/configuration/configuration.rb
|
182
|
+
- lib/eso/configuration/configuration_manager.rb
|
183
|
+
- lib/eso/filter.rb
|
184
|
+
- lib/eso/integration_option.rb
|
185
|
+
- lib/eso/integration_options_manager.rb
|
186
|
+
- lib/eso/nexpose.rb
|
187
|
+
- lib/eso/service.rb
|
188
|
+
- lib/eso/step.rb
|
189
|
+
- lib/eso/step_configuration.rb
|
190
|
+
- lib/eso/workflow.rb
|
179
191
|
- lib/nexpose.rb
|
180
192
|
- lib/nexpose/ajax.rb
|
181
193
|
- lib/nexpose/alert.rb
|
@@ -255,8 +267,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
255
267
|
- !ruby/object:Gem::Version
|
256
268
|
version: '0'
|
257
269
|
requirements: []
|
258
|
-
|
259
|
-
rubygems_version: 2.6.10
|
270
|
+
rubygems_version: 3.2.15
|
260
271
|
signing_key:
|
261
272
|
specification_version: 4
|
262
273
|
summary: Ruby API for Rapid7 Nexpose
|