nexpose_ticketing 0.5.0 → 0.8.0

data/lib/nexpose_ticketing/nx_logger.rb

@@ -1,35 +1,35 @@
-module NexposeTicketing
-  class NXLogger
-    TICKET_SERVICE_CONFIG_PATH =  File.join(File.dirname(__FILE__), '/config/ticket_service.config')
-    LOGGER_FILE = File.join(File.dirname(__FILE__), '/log/ticket_helper.log')
-    
-    attr_accessor :options
-    
-    def initialize
-      service_data = begin
-        YAML.load_file(TICKET_SERVICE_CONFIG_PATH)
-      rescue ArgumentError => e
-        raise "Could not parse YAML #{TICKET_SERVICE_CONFIG_PATH} : #{e.message}"
-      end
-      
-      @options = service_data[:options]
-      setup_logging(@options[:logging_enabled])
-    end 
-    
-    def setup_logging(enabled = false)
-      if enabled
-        require 'logger'
-        directory = File.dirname(LOGGER_FILE)
-        FileUtils.mkdir_p(directory) unless File.directory?(directory)
-        @log = Logger.new(LOGGER_FILE, 'monthly')
-        @log.level = Logger::INFO
-        log_message('Logging enabled for helper.')
-      end
-    end
-
-    # Logs a message if logging is enabled.
-    def log_message(message)
-      @log.info(message) if @options[:logging_enabled]
-    end
-  end
-end
+module NexposeTicketing
+  class NXLogger
+    TICKET_SERVICE_CONFIG_PATH =  File.join(File.dirname(__FILE__), '/config/ticket_service.config')
+    LOGGER_FILE = File.join(File.dirname(__FILE__), '/log/ticket_helper.log')
+    
+    attr_accessor :options
+    
+    def initialize
+      service_data = begin
+        YAML.load_file(TICKET_SERVICE_CONFIG_PATH)
+      rescue ArgumentError => e
+        raise "Could not parse YAML #{TICKET_SERVICE_CONFIG_PATH} : #{e.message}"
+      end
+      
+      @options = service_data[:options]
+      setup_logging(@options[:logging_enabled])
+    end 
+    
+    def setup_logging(enabled = false)
+      if enabled
+        require 'logger'
+        directory = File.dirname(LOGGER_FILE)
+        FileUtils.mkdir_p(directory) unless File.directory?(directory)
+        @log = Logger.new(LOGGER_FILE, 'monthly')
+        @log.level = Logger::INFO
+        log_message('Logging enabled for helper.')
+      end
+    end
+
+    # Logs a message if logging is enabled.
+    def log_message(message)
+      @log.info(message) if @options[:logging_enabled]
+    end
+  end
+end

data/lib/nexpose_ticketing/queries.rb

@@ -40,7 +40,8 @@ module NexposeTicketing
     #
     def self.all_new_vulns(options = {})
 	"SELECT DISTINCT on (da.ip_address, davs.solution_id) subs.asset_id, da.ip_address, subs.current_scan, subs.vulnerability_id, davs.solution_id, ds.nexpose_id,
-       ds.url,proofAsText(ds.summary) as summary, proofAsText(ds.fix) as fix, fa.riskscore
+       ds.url,proofAsText(ds.summary) as summary, proofAsText(ds.fix) as fix, fa.riskscore, dv.cvss_score, dvr.source, dvr.reference,
+        fasva.first_discovered, fasva.most_recently_discovered
         FROM (SELECT fasv.asset_id, fasv.vulnerability_id, s.current_scan
           FROM fact_asset_scan_vulnerability_finding fasv
           JOIN
@@ -51,7 +52,10 @@ module NexposeTicketing
               GROUP BY fasv.asset_id, fasv.vulnerability_id, s.current_scan, fasv.scan_id
               HAVING NOT baselineComparison(fasv.scan_id, current_scan) = 'Old'
           ) subs
+        JOIN dim_vulnerability dv USING (vulnerability_id)
+        JOIN dim_vulnerability_reference dvr USING (vulnerability_id)
         JOIN dim_asset_vulnerability_solution davs USING (vulnerability_id)
+        JOIN fact_asset_vulnerability_age fasva ON subs.vulnerability_id = fasva.vulnerability_id AND subs.asset_id = fasva.asset_id
         JOIN dim_solution ds USING (solution_id)
         JOIN dim_asset da ON subs.asset_id = da.asset_id
         JOIN fact_asset fa ON fa.asset_id = da.asset_id

data/lib/nexpose_ticketing/ticket_repository.rb

@@ -24,7 +24,7 @@ module NexposeTicketing
     # * *Returns* :
     #   - An array of Nexpose::SiteSummary objects.
     #
-    def all_site_details()
+    def all_site_details
       @nsc.sites
     end
 
@@ -331,10 +331,12 @@ module NexposeTicketing
     def createTagFilters(options = {})
       @defined_tags = nil
       if options.has_key?(:tags)
-        if not options[:tags].nil? and not options[:tags].empty?
+        return if options[:tags].nil?
+        if options[:tags].is_a?(Fixnum)
+          @defined_tags = @nsc.list_tags.select{ |nexposeTag| nexposeTag.id == options[:tags] }
+        else
             ## Split the tags into an array
             tag_strings = options[:tags].strip.split(',')
-
             ## Grab the tag info for the ones we are looking for (if the exist in Nexpose).
             @defined_tags = @nsc.list_tags.select {|nexposeTag| tag_strings.include?(nexposeTag.name)}
         end

metadata

@@ -1,29 +1,29 @@
 --- !ruby/object:Gem::Specification
 name: nexpose_ticketing
 version: !ruby/object:Gem::Version
-  version: 0.5.0
+  version: 0.8.0
 platform: ruby
 authors:
 - Damian Finol
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-12-11 00:00:00.000000000 Z
+date: 2015-05-22 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: nexpose
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.6.0
+        version: 0.8.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.6.0
+        version: 0.8.0
 - !ruby/object:Gem::Dependency
   name: savon
   requirement: !ruby/object:Gem::Requirement
@@ -52,6 +52,46 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '1.6'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.2'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 3.2.0
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.2'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 3.2.0
+- !ruby/object:Gem::Dependency
+  name: rspec-mocks
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.2'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 3.2.0
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.2'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 3.2.0
 description: This gem provides a Ruby implementation of different integrations with
   ticketing services for Nexpose.
 email:
@@ -65,6 +105,8 @@ extensions: []
 extra_rdoc_files:
 - README.md
 files:
+- Gemfile
+- Gemfile.lock
 - README.md
 - bin/nexpose_jira
 - bin/nexpose_remedy