nexpose 0.9.0 → 0.9.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: b26ec57d92c374454b5be75b30201eddfcf23e99
-  data.tar.gz: 621fad61669205dbf85052ee210019f00578fb50
+  metadata.gz: 2c31ee4438b71d0e7787d9cfad2720d477e7988a
+  data.tar.gz: d33c662be936d2ffd49987a3cf12d4f49899f733
 SHA512:
-  metadata.gz: 27b3f31b2baa7db3637a65f5b9c2bfbdf9af2f8f0918ad7cf1af724c285a219b9e4e0faaf85a8a89b51c8a53ab079327f7d6029decf39dda1e489852271edd5a
-  data.tar.gz: 1fd837247c8a92f57d138712d8e7de1585f695353dc75fdaa14b16d5aac9ce4720dbbb480911867f6e2cede17dec9b3460621dd0d84bff06063669894b28b9de
+  metadata.gz: 52e8d242d94b4965f27c314b285d6a1937ba9647e646a148557961071e64271fefd6fd926ebd483126cbc5ee8fafb0828aa30cae7871d4253146d238d025c486
+  data.tar.gz: fc5065fe8f438171d8e2942d5e624a6e2ea22c39d851fe099adaf8f485ef8c4e04e241bbb0cc7ca282c2ec61cd61100960e329f3001c42698982433ece4f0b59

data/lib/nexpose/connection.rb

@@ -1,6 +1,4 @@
 module Nexpose
-
-  # === Description
   # Object that represents a connection to a Nexpose Security Console.
   #
   # === Examples

data/lib/nexpose/filter.rb

@@ -1,7 +1,6 @@
 module Nexpose
-
+  # Object that represents a connection to a Nexpose Security Console.
   class Connection
-
     # Perform an asset filter search that will locate assets matching the
     # provided conditions.
     #
@@ -53,9 +52,9 @@ module Nexpose
     # Only these values are accepted for a field value.
     #
     module Field
-
       # Search for an Asset by name.
-      # Valid Operators: IS, IS_NOT, STARTS_WITH, ENDS_WITH, CONTAINS, NOT_CONTAINS
+      # Valid Operators: IS, IS_NOT, STARTS_WITH, ENDS_WITH, CONTAINS,
+      #                  NOT_CONTAINS
       ASSET = 'ASSET'
 
       # Search for an Asset by CVE ID
@@ -91,7 +90,8 @@ module Nexpose
       CVSS_SCORE = 'CVSS_SCORE'
 
       # Valid Operators: IN, NOT_IN
-      # Valid Values (See Value::HostType): UNKNOWN, VIRTUAL, HYPERVISOR, BARE_METAL
+      # Valid Values (See Value::HostType): UNKNOWN, VIRTUAL, HYPERVISOR,
+      #                                     BARE_METAL
       HOST_TYPE = 'HOST_TYPE'
 
       # Valid Operators: IN, NOT_IN
@@ -138,17 +138,21 @@ module Nexpose
       # Valid Operators: CONTAINS, NOT_CONTAINS
       SOFTWARE = 'SOFTWARE'
 
-      # Valid Operators: IS, IS_NOT, GREATER_THAN, LESS_THAN, IS_APPLIED, IS_NOT_APPLIED
+      # Valid Operators: IS, IS_NOT, GREATER_THAN, LESS_THAN, IS_APPLIED,
+      #                  IS_NOT_APPLIED
       # Valid Values: VERY_HIGH, HIGH, NORMAL, LOW, VERY_LOW
       USER_ADDED_CRITICALITY_LEVEL = 'TAG_CRITICALITY'
 
-      # Valid Operators: IS, IS_NOT, STARTS_WITH, ENDS_WITH, IS_APPLIED, IS_NOT_APPLIED, CONTAINS, NOT_CONTAINS
+      # Valid Operators: IS, IS_NOT, STARTS_WITH, ENDS_WITH, IS_APPLIED,
+      #                  IS_NOT_APPLIED, CONTAINS, NOT_CONTAINS
       USER_ADDED_CUSTOM_TAG = 'TAG'
 
-      # Valid Operators: IS, IS_NOT, STARTS_WITH, ENDS_WITH, IS_APPLIED, IS_NOT_APPLIED, CONTAINS, NOT_CONTAINS
+      # Valid Operators: IS, IS_NOT, STARTS_WITH, ENDS_WITH, IS_APPLIED,
+      #                  IS_NOT_APPLIED, CONTAINS, NOT_CONTAINS
       USER_ADDED_TAG_LOCATION = 'TAG_LOCATION'
 
-      # Valid Operators: IS, IS_NOT, STARTS_WITH, ENDS_WITH, IS_APPLIED, IS_NOT_APPLIED, CONTAINS, NOT_CONTAINS
+      # Valid Operators: IS, IS_NOT, STARTS_WITH, ENDS_WITH, IS_APPLIED,
+      #                  IS_NOT_APPLIED, CONTAINS, NOT_CONTAINS
       USER_ADDED_TAG_OWNER = 'TAG_OWNER'
 
       # Valid Operators: ARE
@@ -160,11 +164,13 @@ module Nexpose
       VULNERABILITY = 'VULNERABILITY'
 
       # Valid Operators: INCLUDE, DO_NOT_INCLUDE
-      # Valid Values (See Value::VulnerabilityExposure): MALWARE, METASPLOIT, DATABASE
+      # Valid Values (See Value::VulnerabilityExposure): MALWARE, METASPLOIT,
+      #                                                  DATABASE
       VULNERABILITY_EXPOSURES = 'VULNERABILITY_EXPOSURES'
 
       # Search by VULNERABILITY CATEGORY
-      # Valid Operators: IS, IS_NOT, CONTAINS, NOT_CONTAINS, STARTS_WITH, ENDS_WITH
+      # Valid Operators: IS, IS_NOT, CONTAINS, NOT_CONTAINS, STARTS_WITH,
+      #                  ENDS_WITH
       VULN_CATEGORY = 'VULN_CATEGORY'
     end
 
@@ -199,31 +205,35 @@ module Nexpose
     # Specialized values used by certain search fields
     #
     module Value
-
+      # Constants for filtering on access complexity.
       module AccessComplexity
         LOW = 'L'
         MEDIUM = 'M'
         HIGH = 'H'
       end
 
+      # Constants for filtering on access vector.
       module AccessVector
         LOCAL = 'L'
         ADJACENT = 'A'
         NETWORK = 'N'
       end
 
+      # Constants for filtering on whether authentication is required.
       module AuthenticationRequired
         NONE = 'N'
         SINGLE = 'S'
         MULTIPLE = 'M'
       end
 
+      # Constants for filtering on CVSS impact.
       module CVSSImpact
         NONE = 'N'
         PARTIAL = 'P'
         COMPLETE = 'C'
       end
 
+      # Constants for filtering on host type.
       module HostType
         UNKNOWN = '0'
         VIRTUAL = '1'
@@ -231,26 +241,31 @@ module Nexpose
         BARE_METAL = '3'
       end
 
+      # Constants for filtering on IP type.
       module IPType
         IPv4 = '0'
         IPv6 = '1'
       end
 
+      # Constants for filtering on PCI compliance.
       module PCICompliance
         PASS = '1'
         FAIL = '0'
       end
 
+      # Constants for filtering on scan date.
       module ScanDate
         # Pass this format to #strftime() to get expected format for requests.
         FORMAT = '%m/%d/%Y'
       end
 
+      # Constants for filtering on vulnerability validations.
       module ValidatedVulnerability
         NOT_PRESENT = 1
         PRESENT = 0
       end
 
+      # Constants for filtering on vulnerability exposure.
       module VulnerabilityExposure
         MALWARE = 'type:"malware_type", name:"malwarekit"'
         # TODO: A problem in Nexpose causes these values to not be constant.
@@ -263,7 +278,6 @@ module Nexpose
   # Individual search criterion.
   #
   class Criterion
-
     # Search field. One of Nexpose::Search::Field
     # @see Nexpose::Search::Field for any restrictions on the other attibutes.
     attr_accessor :field
@@ -274,8 +288,8 @@ module Nexpose
 
     def initialize(field, operator, value = '')
       @field, @operator = field.upcase, operator.upcase
-      if value.kind_of? Array
-        @value = value.map { |v| v.to_s }
+      if value.is_a? Array
+        @value = value.map(&:to_s)
       else
         @value = value.to_s
       end
@@ -283,12 +297,11 @@ module Nexpose
 
     # Convert this object into the map format expected by Nexpose.
     #
-    def to_hash
+    def to_h
       { 'metadata' => { 'fieldName' => field },
         'operator' => operator,
         'values' => Array(value) }
     end
-    alias_method :to_map, :to_hash
 
     def self.parse(json)
       Criterion.new(json['metadata']['fieldName'],
@@ -300,7 +313,6 @@ module Nexpose
   # Join search criteria for an asset filter search or dynamic asset group.
   #
   class Criteria
-
     # Whether to match any or all filters. One of 'OR' or 'AND'.
     attr_accessor :match
     # Array of criteria to match against.
@@ -311,16 +323,15 @@ module Nexpose
       @match = match.upcase
     end
 
-    def to_hash
+    def to_h
       { 'operator' => @match,
-        'criteria' => @criteria.map { |c| c.to_hash } }
+        'criteria' => @criteria.map(&:to_h) }
     end
-    alias_method :to_map, :to_hash
 
     # Convert this object into the format expected by Nexpose.
     #
     def to_json
-      JSON.generate(to_hash)
+      JSON.generate(to_h)
     end
 
     # Generate the payload needed for a POST request for Asset Filter.
@@ -352,7 +363,6 @@ module Nexpose
   # Asset data as returned by an Asset Filter search.
   #
   class FilteredAsset
-
     # Unique identifier of this asset. Also known as device ID.
     attr_reader :id
 

data/lib/nexpose/site.rb

@@ -352,7 +352,7 @@ module Nexpose
                   'tag' => @description.nil? ? '' : @description,
                   'riskFactor' => @risk_factor,
                   # 'vCenter' => @discovery_connection_id,
-                  'searchCriteria' => @criteria.nil? ? { 'operator' => 'AND' } : @criteria.to_hash }
+                  'searchCriteria' => @criteria.nil? ? { 'operator' => 'AND' } : @criteria.to_h }
       json = JSON.generate(details)
 
       response = AJAX.post(nsc, uri, json, AJAX::CONTENT_TYPE::JSON)

data/lib/nexpose/tag.rb

@@ -8,7 +8,7 @@ module Nexpose
     #
     def tags
       tag_summary = []
-      tags = JSON.parse(AJAX.get(self, '/api/2.0/tags', AJAX::CONTENT_TYPE::JSON, { per_page: 2147483647 }))
+      tags = JSON.parse(AJAX.get(self, '/api/2.0/tags', AJAX::CONTENT_TYPE::JSON, { per_page: 2_147_483_647 }))
       tags['resources'].each do |json|
         tag_summary << TagSummary.parse(json)
       end
@@ -31,7 +31,7 @@ module Nexpose
     #
     def asset_tags(asset_id)
       tag_summary = []
-      asset_tag = JSON.parse(AJAX.get(self, "/api/2.0/assets/#{asset_id}/tags", AJAX::CONTENT_TYPE::JSON, { per_page: 2147483647 }))
+      asset_tag = JSON.parse(AJAX.get(self, "/api/2.0/assets/#{asset_id}/tags", AJAX::CONTENT_TYPE::JSON, { per_page: 2_147_483_647 }))
       asset_tag['resources'].select { |r| r['asset_ids'].find { |i| i == asset_id } }.each do |json|
         tag_summary << TagSummary.parse(json)
       end
@@ -55,7 +55,7 @@ module Nexpose
     #
     def site_tags(site_id)
       tag_summary = []
-      site_tag = JSON.parse(AJAX.get(self, "/api/2.0/sites/#{site_id}/tags", AJAX::CONTENT_TYPE::JSON, { per_page: 2147483647 }))
+      site_tag = JSON.parse(AJAX.get(self, "/api/2.0/sites/#{site_id}/tags", AJAX::CONTENT_TYPE::JSON, { per_page: 2_147_483_647 }))
       site_tag['resources'].each do |json|
         tag_summary << TagSummary.parse(json)
       end
@@ -79,7 +79,7 @@ module Nexpose
     #
     def asset_group_tags(asset_group_id)
       tag_summary = []
-      asset_group_tag = JSON.parse(AJAX.get(self, "/api/2.0/asset_groups/#{asset_group_id}/tags", AJAX::CONTENT_TYPE::JSON, { per_page: 2147483647 }))
+      asset_group_tag = JSON.parse(AJAX.get(self, "/api/2.0/asset_groups/#{asset_group_id}/tags", AJAX::CONTENT_TYPE::JSON, { per_page: 2_147_483_647 }))
       asset_group_tag['resources'].each do |json|
         tag_summary << TagSummary.parse(json)
       end
@@ -252,14 +252,12 @@ module Nexpose
           'tag_name' => @name,
           'tag_type' => @type,
           'tag_id' => @id,
-          'attributes' => [
-                            { 'tag_attribute_name' => 'SOURCE',
-                              'tag_attribute_value' => @source }
-                          ],
+          'attributes' => [{ 'tag_attribute_name' => 'SOURCE',
+                             'tag_attribute_value' => @source }],
           'tag_config' => { 'site_ids' => @site_ids,
                             'tag_associated_asset_ids' => @associated_asset_ids,
                             'asset_group_ids' => @asset_group_ids,
-                            'search_criteria' => @search_criteria ? @search_criteria.to_hash : nil
+                            'search_criteria' => @search_criteria ? @search_criteria.to_h : nil
           }
       }
       if @type == Type::Generic::CUSTOM
@@ -306,8 +304,9 @@ module Nexpose
     # @return [Fixnum] ID of applied tag
     #
     def add_to_asset(connection, asset_id)
-      params = _to_json_for_add
-      uri = AJAX.post(connection, "/api/2.0/assets/#{asset_id}/tags", params, AJAX::CONTENT_TYPE::JSON)
+      params = to_json_for_add
+      url = "/api/2.0/assets/#{asset_id}/tags"
+      uri = AJAX.post(connection, url, params, AJAX::CONTENT_TYPE::JSON)
       @id = uri.split('/').last.to_i
     end
 
@@ -318,8 +317,9 @@ module Nexpose
     # @return [Fixnum] ID of applied tag
     #
     def add_to_site(connection, site_id)
-      params = _to_json_for_add
-      uri = AJAX.post(connection, "/api/2.0/sites/#{site_id}/tags", params, AJAX::CONTENT_TYPE::JSON)
+      params = to_json_for_add
+      url = "/api/2.0/sites/#{site_id}/tags"
+      uri = AJAX.post(connection, url, params, AJAX::CONTENT_TYPE::JSON)
       @id = uri.split('/').last.to_i
     end
 
@@ -330,26 +330,24 @@ module Nexpose
     # @return [Fixnum] ID of applied tag
     #
     def add_to_group(connection, group_id)
-      params = _to_json_for_add
-      uri = AJAX.post(connection, "/api/2.0/asset_groups/#{group_id}/tags", params, AJAX::CONTENT_TYPE::JSON)
+      params = to_json_for_add
+      url = "/api/2.0/asset_groups/#{group_id}/tags"
+      uri = AJAX.post(connection, url, params, AJAX::CONTENT_TYPE::JSON)
       @id = uri.split('/').last.to_i
     end
     alias_method :add_to_asset_group, :add_to_group
 
     private
 
-    def _to_json_for_add
+    def to_json_for_add
       if @id == -1
-        json = {
-            'tag_name' => @name,
-            'tag_type' => @type,
-            'attributes' => [
-                { 'tag_attribute_name' => 'SOURCE',
-                  'tag_attribute_value' => @source }
-            ],
-        }
+        json = { 'tag_name' => @name,
+                 'tag_type' => @type,
+                 'attributes' => [{ 'tag_attribute_name' => 'SOURCE',
+                                    'tag_attribute_value' => @source }] }
         if @type == Tag::Type::Generic::CUSTOM
-          json['attributes'] << { 'tag_attribute_name' => 'COLOR', 'tag_attribute_value' => @color }
+          json['attributes'] << { 'tag_attribute_name' => 'COLOR',
+                                  'tag_attribute_value' => @color }
         end
         params = JSON.generate(json)
       else

data/lib/nexpose/tag/criteria.rb

@@ -1,45 +1,37 @@
 module Nexpose
   class Tag
-
+    # Override of filter criterion to account for proper JSON naming.
+    #
     class Criterion < Nexpose::Criterion
-
-      def to_map
-        { 'operator' => operator,
-          'values' => Array(value),
-          'field_name' => field
-        }
+      # Convert to Hash, which can be converted to JSON for API calls.
+      def to_h
+        { operator: operator,
+          values: Array(value),
+          field_name: field }
       end
 
+      # Create a Criterion object from a JSON-derived Hash.
+      #
+      # @param [Hash] json JSON-derived Hash of a Criterion object.
+      # @return [Criterion] Parsed object.
+      #
       def self.parse(json)
-        Criterion.new(json['field_name'],
-                      json['operator'],
-                      json['values'])
+        new(json['field_name'], json['operator'], json['values'])
       end
-
     end
 
+    # Override of filter criteria to account for different parsing from JSON.
+    #
     class Criteria < Nexpose::Criteria
-
-      def initialize(criteria = [], match = 'AND')
-        super(criteria, match)
-      end
-
-      def to_map
-        { 'criteria' => @criteria.map { |c| c.to_map },
-          'operator' => @match
-        }
-      end
-
+      # Create a Criteria object from a JSON-derived Hash.
+      #
+      # @param [Hash] json JSON-derived Hash of a Criteria object.
+      # @return [Criteria] Parsed object.
+      #
       def self.parse(json)
-        ret = Criteria.new([], json['operator'])
-        json['criteria'].each do |c|
-          ret.criteria << Criterion.parse(c)
-        end
-        ret
+        criteria = json['criteria'].map { |c| Criterion.parse(c) }
+        new(criteria, json['operator'])
       end
-
     end
   end
 end
-
-

data/lib/nexpose/version.rb

@@ -1,4 +1,4 @@
 module Nexpose
   # The latest version of the Nexpose gem
-  VERSION = '0.9.0'
+  VERSION = '0.9.1'
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: nexpose
 version: !ruby/object:Gem::Version
-  version: 0.9.0
+  version: 0.9.1
 platform: ruby
 authors:
 - HD Moore
@@ -11,7 +11,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-12-31 00:00:00.000000000 Z
+date: 2015-01-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rex