nexpose 5.1.0 → 5.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 7623dcceb5d3d3c27dc38ec36c4d79e337ff1044
-  data.tar.gz: 44a91ad0a5b482f9b4e2ff249405fc8bf1855595
+  metadata.gz: 226804f061b34388cd0155b1df7baf53feadac6c
+  data.tar.gz: 9999ed21b40eb28c4486abb55e16fd9663f0ce83
 SHA512:
-  metadata.gz: d6dbf1f038b82d96689c56aa58caed2502b0e2021c7b3b8e5fd9a0099fa487c93fad78cb61b28892cd582e23332f15facd48c54664d64a2b560b8f8da726ea10
-  data.tar.gz: 8078c7d299558f71874710768a19541283901c4045efa571f17e8e2869ea1033b9a89866463bb08bf4b42d264c21c3d0390f96d0e6d465876656d6191608505d
+  metadata.gz: b24bf8a742c9faf2e1cd66c8b603cc41229ecf3fe7840b235c4c33fae6c23bcbc782c1152f8b8c860457ef64b8f526c71b8763c25dc6d6533a616ba0a77c40a1
+  data.tar.gz: 9c1c6b3418dd18d1627de2955a0cd1fe151d86c2ae972e0bc35488832af377f57ae71d52aad31861719ab8ba964f510a1cc500d75a8cdab2463d019c83648b57

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    nexpose (5.1.0)
+    nexpose (5.2.0)
 
 GEM
   remote: https://rubygems.org/
@@ -21,6 +21,7 @@ GEM
       ast (~> 2.2)
     powerpack (0.1.1)
     rainbow (2.0.0)
+    rake (12.0.0)
     rspec (3.3.0)
       rspec-core (~> 3.3.0)
       rspec-expectations (~> 3.3.0)
@@ -59,8 +60,12 @@ DEPENDENCIES
   bundler (~> 1.3)
   codeclimate-test-reporter (~> 0.4.6)
   nexpose!
+  rake
   rspec (~> 3.2)
   rubocop
   simplecov (~> 0.9.1)
   vcr (~> 2.9.3)
   webmock (~> 1.20.4)
+
+BUNDLED WITH
+   1.13.6

data/README.markdown

@@ -17,7 +17,7 @@ Release notes are available on the [Releases](https://github.com/rapid7/nexpose-
 
 ## Contributions
 
-We welcome contributions to this package. Please see [CONTRIBUTING](CONTRIBUTING.md) for details.
+We welcome contributions to this package. Please see [CONTRIBUTING](.github/CONTRIBUTING.md) for details.
 
 Our coding standards include:
 

data/lib/nexpose/common.rb

@@ -58,7 +58,7 @@ module Nexpose
 
     def to_xml
       xml = '<Email'
-      xml << %( toAllAuthorized='#{@toAllAuthorized ? 1 : 0}')
+      xml << %( toAllAuthorized='#{@to_all_authorized ? 1 : 0}')
       xml << %( sendToOwnerAs='#{@send_to_owner_as}') if @send_to_owner_as
       xml << %( sendToAclAs='#{@send_to_acl_as}') if @send_to_acl_as
       xml << %( sendAs='#{@send_as}') if @send_as

data/lib/nexpose/device.rb

@@ -145,6 +145,18 @@ module Nexpose
         data.map(&AssetScan.method(:parse_json))
       end
     end
+
+    # Remove (or delete) one or more assets from a site.
+    # With asset linking enabled, this will remove the association
+    # of an asset from the given site. If this is the only site
+    # of which an asset is a member, the asset will be deleted.
+    # If asset linking is disabled, the assets will be deleted.
+    #
+    # @param [Array[Fixnum]] asset_ids The asset IDs to be removed from the site.
+    # @param [Fixnum] site_id The site ID to remove the assets from.
+    def remove_assets_from_site(asset_ids, site_id)
+      AJAX.post(self, "/data/assets/bulk-delete?siteid=#{site_id}", asset_ids, Nexpose::AJAX::CONTENT_TYPE::JSON)
+    end
   end
 
   # Object that represents a single device in a Nexpose security console.

data/lib/nexpose/engine.rb

@@ -32,6 +32,22 @@ module Nexpose
       response.eql?("true")
     end
 
+    # Kicks off an update on a single engine.
+    # A return result of true should be taken only to mean that the update
+    # was sent, not that it correctly applied.
+    #
+    # Nexpose::APIError will be raised if the engine is already updating,
+    # or if the engine is offline or unresponsive.
+    #
+    # @param [Fixnum] engine_id Unique ID of the engine.
+    # @return [Boolean] true if the update was sent
+    #   or if engine is already up to date.
+    #
+    def update_engine(engine_id)
+      uri = "/data/engine/#{engine_id}/update"
+      AJAX.post(self, uri)
+    end
+
     # Provide a list of current scan activities for a specific Scan Engine.
     #
     # @return [Array[ScanSummary]] Array of ScanSummary objects associated with

data/lib/nexpose/filter.rb

@@ -53,8 +53,7 @@ module Nexpose
     #
     module Field
       # Search for an Asset by name.
-      # Valid Operators: IS, IS_NOT, STARTS_WITH, ENDS_WITH, CONTAINS,
-      #                  NOT_CONTAINS
+      # Valid Operators: IS, IS_NOT, STARTS_WITH, ENDS_WITH, CONTAINS, NOT_CONTAINS
       ASSET = 'ASSET'
 
       # Search for an Asset by CVE ID
@@ -90,8 +89,7 @@ module Nexpose
       CVSS_SCORE = 'CVSS_SCORE'
 
       # Valid Operators: IN, NOT_IN
-      # Valid Values (See Value::HostType): UNKNOWN, VIRTUAL, HYPERVISOR,
-      #                                     BARE_METAL
+      # Valid Values (See Value::HostType): UNKNOWN, VIRTUAL, HYPERVISOR, BARE_METAL
       HOST_TYPE = 'HOST_TYPE'
 
       # Valid Operators: IN, NOT_IN
@@ -121,10 +119,10 @@ module Nexpose
       RISK_SCORE = 'RISK_SCORE'
 
       # Search based on the last scan date of an asset.
-      # Valid Operators: ON_OR_BEFORE, ON_OR_AFTER, BETWEEN, EARLIER_THAN,
-      #                  WITHIN_THE_LAST
-      # Valid Values: Use Value::ScanDate::FORMAT for date arguments.
-      #               Use FixNum for day arguments.
+      # Valid Operators: ON_OR_BEFORE, ON_OR_AFTER, BETWEEN, EARLIER_THAN, WITHIN_THE_LAST
+      # Valid Values: Use FixNum of days for EARLIER_THAN and WITHIN_THE_LAST.
+      #               See Value::ScanDate::FORMAT for how to generate String
+      #               values for all other arguments.
       SCAN_DATE = 'SCAN_DATE'
 
       # Valid Operators: CONTAINS, NOT_CONTAINS
@@ -139,8 +137,7 @@ module Nexpose
       # Valid Operators: CONTAINS, NOT_CONTAINS
       SOFTWARE = 'SOFTWARE'
 
-      # Valid Operators: IS, IS_NOT, GREATER_THAN, LESS_THAN, IS_APPLIED,
-      #                  IS_NOT_APPLIED
+      # Valid Operators: IS, IS_NOT, GREATER_THAN, LESS_THAN, IS_APPLIED, IS_NOT_APPLIED
       # Valid Values: VERY_HIGH, HIGH, NORMAL, LOW, VERY_LOW
       USER_ADDED_CRITICALITY_LEVEL = 'TAG_CRITICALITY'
 
@@ -165,13 +162,11 @@ module Nexpose
       VULNERABILITY = 'VULNERABILITY'
 
       # Valid Operators: INCLUDE, DO_NOT_INCLUDE
-      # Valid Values (See Value::VulnerabilityExposure): MALWARE, METASPLOIT,
-      #                                                  DATABASE
+      # Valid Values (See Value::VulnerabilityExposure): MALWARE, METASPLOIT, DATABASE
       VULNERABILITY_EXPOSURES = 'VULNERABILITY_EXPOSURES'
 
       # Search by VULNERABILITY CATEGORY
-      # Valid Operators: IS, IS_NOT, CONTAINS, NOT_CONTAINS, STARTS_WITH,
-      #                  ENDS_WITH
+      # Valid Operators: IS, IS_NOT, CONTAINS, NOT_CONTAINS, STARTS_WITH, ENDS_WITH
       VULN_CATEGORY = 'VULN_CATEGORY'
     end
 
@@ -258,6 +253,8 @@ module Nexpose
       # Constants for filtering on scan date.
       module ScanDate
         # Pass this format to #strftime() to get expected format for requests.
+        # For example:
+        # Time.now().strftime(Nexpose::Search::Value::ScanDate::FORMAT)
         FORMAT = '%m/%d/%Y'
       end
 

data/lib/nexpose/version.rb

@@ -1,4 +1,4 @@
 module Nexpose
   # The latest version of the Nexpose gem
-  VERSION = '5.1.0'
+  VERSION = '5.2.0'
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: nexpose
 version: !ruby/object:Gem::Version
-  version: 5.1.0
+  version: 5.2.0
 platform: ruby
 authors:
 - HD Moore
@@ -13,7 +13,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2016-08-26 00:00:00.000000000 Z
+date: 2017-01-31 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -57,6 +57,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: 0.9.1
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement
@@ -127,7 +141,6 @@ extensions: []
 extra_rdoc_files:
 - README.markdown
 files:
-- CONTRIBUTING.md
 - COPYING
 - Gemfile
 - Gemfile.lock
@@ -193,7 +206,6 @@ files:
 - lib/nexpose/vuln_exception.rb
 - lib/nexpose/wait.rb
 - lib/nexpose/web_credentials.rb
-- nexpose.gemspec
 homepage: https://github.com/rapid7/nexpose-client
 licenses:
 - BSD
@@ -214,9 +226,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.4.6
+rubygems_version: 2.5.1
 signing_key: 
 specification_version: 4
 summary: Ruby API for Rapid7 Nexpose
 test_files: []
-has_rdoc: 

data/CONTRIBUTING.md

@@ -1,91 +0,0 @@
-# Contributing to nexpose-client
-
-The users and maintainers of nexpose-client would greatly appreciate any contributions
-you can make to the project. These contributions typically come in the form of
-filed bugs/issues or pull requests (PRs). These contributions routinely result
-in new versions of the [nexpose-client
-gem](https://rubygems.org/gems/nexpose-client) and the
-[nexpose-client release](https://github.com/rapid7/nexpose-client/releases) to be released. The
-process for each is outlined below.
-
-## Contributing Issues / Bug Reports
-
-If you encounter any bugs or problems with nexpose-client, please file them
-[here](https://github.com/rapid7/nexpose-client/issues/new), providing as much detail as
-possible. If the bug is straight-forward enough and you understand the fix for
-the bug well enough, you may take the simpler, less-paperwork route and simply
-file a PR with the fix and the necessary details.
-
-## Contributing Code
-
-nexpose-client uses a model nearly identical to that of
-[Metasploit](https://github.com/rapid7/metasploit-framework) as outlined
-[here](https://github.com/rapid7/metasploit-framework/wiki/Setting-Up-a-Metasploit-Development-Environment),
-at least from a ```git``` perspective. If you've been through that process
-(or, even better, you've been through it many times with many people), you can
-do exactly what you did for Metasploit but with nexpose-client and ignore the rest of
-this document.
-
-On the other hand, if you haven't, read on!
-
-### Fork and Clone
-
-Generally, this should only need to be done once, or if you need to start over.
-
-1. Fork nexpose-client: Visit https://github.com/rapid7/nexpose-client and click Fork,
-   selecting your github account if prompted
-2. Clone ```git@github.com:<your-github-username>/nexpose-client.git```, replacing
-```<your-github-username>``` with, you guessed it, your Github username.
-3. Add the master nexpose-client repository as your upstream:
-```
-git remote add upstream git://github.com/rapid7/nexpose-client.git
-git fetch --all
-```
-
-### Branch and Improve
-
-If you have a contribution to make, first create a branch to contain your
-work. The name is yours to choose, however generally it should roughly
-describe what you are doing. In this example, and from here on out, the
-branch will be wow, but you should change this.
-
-```
-git fetch --all
-git checkout master
-git rebase upstream/master
-git checkout -b wow
-```
-
-Now, make your changes, committing as necessary, using useful commit messages:
-
-```
-vim CONTRIBUTING.md
-git add CONTRIBUTING.md
-git commit -m "Adds a document on how to contribute to nexpose-client." -a
-```
-
-Please note that changes to [lib/nexpose/version.rb](https://github.com/rapid7/nexpose-client/blob/master/lib/nexpose/version.rb) in PRs are almost never necessary.
-
-Now push your changes to your fork:
-
-```
-git push origin wow
-```
-
-Finally, submit the PR. Navigate to ```https://github.com/<your-github-username>/nexpose-client/compare/wow```, fill in the details, and submit.
-
-## Releasing New Versions
-
-Typically this process is reserved for contributors with push permissions to
-nexpose-client:
-
-### Release New Gem
-
-1. Get an account on [Rubygems](https://rubygems.org)
-2. Contact one of the nexpose-client project contributors and have them add you to the nexpose-client gem
-3. Edit [lib/nexpose/version.rb](https://github.com/rapid7/nexpose-client/blob/master/lib/nexpose/version.rb) and increment ```VERSION```. Commit and push to origin/upstream master.
-4. Run ```rake release```
-
-### Github Release
-
-Some users may prefer to consume nexpose-client in a manner other than using git itself. For that reason, Github offers [Releases](https://github.com/blog/1547-release-your-software). Whenever a new version of the software is to be released, be kind and also create a new [Release](https://github.com/rapid7/nexpose-client/releases), using a versioning scheme identical to that used for the gem.

data/nexpose.gemspec

@@ -1,28 +0,0 @@
-# encoding: utf-8
-lib = File.expand_path('../lib', __FILE__)
-$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
-require 'nexpose/version'
-
-Gem::Specification.new do |s|
-  s.name                  = 'nexpose'
-  s.version               = Nexpose::VERSION
-  s.homepage              = 'https://github.com/rapid7/nexpose-client'
-  s.summary               = 'Ruby API for Rapid7 Nexpose'
-  s.description           = 'This gem provides a Ruby API to the Nexpose vulnerability management product by Rapid7.'
-  s.license               = 'BSD'
-  s.authors               = ['HD Moore', 'Chris Lee', 'Michael Daines', 'Brandon Turner', 'Gavin Schneider', 'Scott Green']
-  s.email                 = ['hd_moore@rapid7.com', 'christopher_lee@rapid7.com', 'michael_daines@rapid7.com', 'brandon_turner@rapid7.com', 'gavin_schneider@rapid7.com', 'scott_green@rapid7.com']
-  s.files                 = Dir['[A-Z]*'] + Dir['lib/**/*']
-  s.require_paths         = ['lib']
-  s.extra_rdoc_files      = ['README.markdown']
-  s.required_ruby_version = '>= 2.1'
-  s.platform              = 'ruby'
-
-  s.add_development_dependency('bundler', '~> 1.3')
-  s.add_development_dependency('codeclimate-test-reporter', '~> 0.4.6')
-  s.add_development_dependency('simplecov', '~> 0.9.1')
-  s.add_development_dependency('rspec', '~> 3.2')
-  s.add_development_dependency('rubocop')
-  s.add_development_dependency('webmock', '~> 1.20.4')
-  s.add_development_dependency('vcr', '~> 2.9.3')
-end