pwn 0.5.301 → 0.5.302
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +3 -3
- data/lib/pwn/plugins/jira_server.rb +154 -27
- data/lib/pwn/version.rb +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: f1fbd47d7c9374e09b1e1d6478921b0e06074db6ba2a9397d4cc4c2ce002dc37
|
|
4
|
+
data.tar.gz: 7439dd249821d50724cd0170bf12aad128e7fef806a7ff690edcbfec9cb21534
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: b53a71b82e5693e00de4ab453594e46c405cff6ff55eff71962ad6ea25f8d0dec2ec27706ca6826d215e15aa62fb9a268b6fba53aeff5961fc3d488222c388e8
|
|
7
|
+
data.tar.gz: 4a4719c806c9637161d7dfcbade0e0d7a4366525b9224b00217a5527d55cbff32fad3aa96b9576aa0ceeda392cf58db542f71d49fd9168ad95533db8af0f1eb6
|
data/README.md
CHANGED
|
@@ -37,7 +37,7 @@ $ cd /opt/pwn
|
|
|
37
37
|
$ ./install.sh
|
|
38
38
|
$ ./install.sh ruby-gem
|
|
39
39
|
$ pwn
|
|
40
|
-
pwn[v0.5.
|
|
40
|
+
pwn[v0.5.302]:001 >>> PWN.help
|
|
41
41
|
```
|
|
42
42
|
|
|
43
43
|
[](https://youtu.be/G7iLUY4FzsI)
|
|
@@ -52,7 +52,7 @@ $ rvm use ruby-3.4.4@pwn
|
|
|
52
52
|
$ gem uninstall --all --executables pwn
|
|
53
53
|
$ gem install --verbose pwn
|
|
54
54
|
$ pwn
|
|
55
|
-
pwn[v0.5.
|
|
55
|
+
pwn[v0.5.302]:001 >>> PWN.help
|
|
56
56
|
```
|
|
57
57
|
|
|
58
58
|
If you're using a multi-user install of RVM do:
|
|
@@ -62,7 +62,7 @@ $ rvm use ruby-3.4.4@pwn
|
|
|
62
62
|
$ rvmsudo gem uninstall --all --executables pwn
|
|
63
63
|
$ rvmsudo gem install --verbose pwn
|
|
64
64
|
$ pwn
|
|
65
|
-
pwn[v0.5.
|
|
65
|
+
pwn[v0.5.302]:001 >>> PWN.help
|
|
66
66
|
```
|
|
67
67
|
|
|
68
68
|
PWN periodically upgrades to the latest version of Ruby which is reflected in `/opt/pwn/.ruby-version`. The easiest way to upgrade to the latest version of Ruby from a previous PWN installation is to run the following script:
|
|
@@ -82,10 +82,15 @@ module PWN
|
|
|
82
82
|
raise @@logger.error("Unsupported HTTP Method #{http_method} for #{self} Plugin")
|
|
83
83
|
end
|
|
84
84
|
|
|
85
|
-
|
|
86
|
-
|
|
85
|
+
case response.code
|
|
86
|
+
when 201, 204
|
|
87
|
+
response = { http_response_code: response.code }
|
|
88
|
+
else
|
|
89
|
+
response = JSON.parse(response, symbolize_names: true) if response.is_a?(RestClient::Response)
|
|
90
|
+
response[:http_response_code] = response.code if response.is_a?(RestClient::Response)
|
|
91
|
+
end
|
|
87
92
|
|
|
88
|
-
|
|
93
|
+
response
|
|
89
94
|
rescue RestClient::ExceptionWithResponse => e
|
|
90
95
|
if e.response
|
|
91
96
|
puts "HTTP BASE URL: #{base_api_uri}"
|
|
@@ -219,7 +224,8 @@ module PWN
|
|
|
219
224
|
# description: 'optional - description of the issue',
|
|
220
225
|
# epic_name: 'optional - name of the epic',
|
|
221
226
|
# additional_fields: 'optional - additional fields to set in the issue (e.g. labels, components, custom fields, etc.)'
|
|
222
|
-
#
|
|
227
|
+
# attachments: 'optional - array of attachment paths to upload to the issue (e.g. ["/tmp/file1.txt", "/tmp/file2.txt"])',
|
|
228
|
+
# comment: 'optional - comment to add to the issue (e.g. "This is a comment")'
|
|
223
229
|
# )
|
|
224
230
|
|
|
225
231
|
public_class_method def self.create_issue(opts = {})
|
|
@@ -243,7 +249,10 @@ module PWN
|
|
|
243
249
|
additional_fields = opts[:additional_fields] ||= { fields: {} }
|
|
244
250
|
raise 'ERROR: additional_fields Hash must contain a :fields key that is also a Hash.' unless additional_fields.is_a?(Hash) && additional_fields.key?(:fields) && additional_fields[:fields].is_a?(Hash)
|
|
245
251
|
|
|
246
|
-
|
|
252
|
+
attachments = opts[:attachments] ||= []
|
|
253
|
+
raise 'ERROR: attachments must be an Array.' unless attachments.is_a?(Array)
|
|
254
|
+
|
|
255
|
+
comment = opts[:comment]
|
|
247
256
|
|
|
248
257
|
all_fields = get_all_fields(base_api_uri: base_api_uri, token: token)
|
|
249
258
|
epic_name_field_key = all_fields.find { |field| field[:name] == 'Epic Name' }[:id]
|
|
@@ -274,21 +283,39 @@ module PWN
|
|
|
274
283
|
http_body: http_body
|
|
275
284
|
)
|
|
276
285
|
|
|
277
|
-
if
|
|
278
|
-
|
|
286
|
+
if attachments.any?
|
|
287
|
+
issue = issue_resp[:key]
|
|
288
|
+
|
|
289
|
+
attachments.each do |attachment|
|
|
290
|
+
raise "ERROR: #{attachment} not found." unless File.exist?(attachment)
|
|
291
|
+
|
|
292
|
+
http_body = {
|
|
293
|
+
multipart: true,
|
|
294
|
+
file: File.new(attachment, 'rb')
|
|
295
|
+
}
|
|
296
|
+
|
|
297
|
+
rest_call(
|
|
298
|
+
http_method: :post,
|
|
299
|
+
base_api_uri: base_api_uri,
|
|
300
|
+
token: token,
|
|
301
|
+
rest_call: "issue/#{issue}/attachments",
|
|
302
|
+
http_body: http_body
|
|
303
|
+
)
|
|
304
|
+
end
|
|
305
|
+
end
|
|
279
306
|
|
|
307
|
+
if comment
|
|
280
308
|
issue = issue_resp[:key]
|
|
281
309
|
|
|
282
310
|
http_body = {
|
|
283
|
-
|
|
284
|
-
file: File.new(attachment, 'rb')
|
|
311
|
+
body: comment
|
|
285
312
|
}
|
|
286
313
|
|
|
287
314
|
rest_call(
|
|
288
315
|
http_method: :post,
|
|
289
316
|
base_api_uri: base_api_uri,
|
|
290
317
|
token: token,
|
|
291
|
-
rest_call: "issue/#{issue}/
|
|
318
|
+
rest_call: "issue/#{issue}/comment",
|
|
292
319
|
http_body: http_body
|
|
293
320
|
)
|
|
294
321
|
end
|
|
@@ -303,7 +330,7 @@ module PWN
|
|
|
303
330
|
# base_api_uri: 'required - base URI for Jira (e.g. https:/jira.corp.com/rest/api/latest)',
|
|
304
331
|
# token: 'required - personal access token',
|
|
305
332
|
# fields: 'required - fields to update in the issue (e.g. summary, description, labels, components, custom fields, etc.)',
|
|
306
|
-
#
|
|
333
|
+
# attachments: 'optional - array of attachment paths to upload to the issue (e.g. ["/tmp/file1.txt", "/tmp/file2.txt"])',
|
|
307
334
|
# )
|
|
308
335
|
|
|
309
336
|
public_class_method def self.update_issue(opts = {})
|
|
@@ -319,7 +346,8 @@ module PWN
|
|
|
319
346
|
fields = opts[:fields] ||= { fields: {} }
|
|
320
347
|
raise 'ERROR: fields Hash must contain a :fields key that is also a Hash.' unless fields.is_a?(Hash) && fields.key?(:fields) && fields[:fields].is_a?(Hash)
|
|
321
348
|
|
|
322
|
-
|
|
349
|
+
attachments = opts[:attachments] ||= []
|
|
350
|
+
raise 'ERROR: attachments must be an Array.' unless attachments.is_a?(Array)
|
|
323
351
|
|
|
324
352
|
http_body = fields
|
|
325
353
|
|
|
@@ -331,24 +359,81 @@ module PWN
|
|
|
331
359
|
http_body: http_body
|
|
332
360
|
)
|
|
333
361
|
|
|
334
|
-
if
|
|
335
|
-
|
|
362
|
+
if attachments.any?
|
|
363
|
+
attachments.each do |attachment|
|
|
364
|
+
raise "ERROR: #{attachment} not found." unless File.exist?(attachment)
|
|
365
|
+
|
|
366
|
+
http_body = {
|
|
367
|
+
multipart: true,
|
|
368
|
+
file: File.new(attachment, 'rb')
|
|
369
|
+
}
|
|
370
|
+
|
|
371
|
+
rest_call(
|
|
372
|
+
http_method: :post,
|
|
373
|
+
base_api_uri: base_api_uri,
|
|
374
|
+
token: token,
|
|
375
|
+
rest_call: "issue/#{issue}/attachments",
|
|
376
|
+
http_body: http_body
|
|
377
|
+
)
|
|
378
|
+
end
|
|
379
|
+
end
|
|
336
380
|
|
|
337
|
-
|
|
338
|
-
|
|
339
|
-
|
|
340
|
-
|
|
381
|
+
issue_resp
|
|
382
|
+
rescue StandardError => e
|
|
383
|
+
raise e
|
|
384
|
+
end
|
|
341
385
|
|
|
342
|
-
|
|
343
|
-
|
|
344
|
-
|
|
345
|
-
|
|
346
|
-
|
|
347
|
-
|
|
348
|
-
|
|
386
|
+
# Supported Method Parameters::
|
|
387
|
+
# issue_resp = PWN::Plugins::JiraServer.issue_comment(
|
|
388
|
+
# base_api_uri: 'required - base URI for Jira (e.g. https:/jira.corp.com/rest/api/latest)',
|
|
389
|
+
# token: 'required - personal access token',
|
|
390
|
+
# issue: 'required - issue to delete (e.g. Bug, Issue, Story, or Epic ID)',
|
|
391
|
+
# comment_action: 'required - action to perform on the issue comment (e.g. :delete, :add, :update - Defaults to :add)',
|
|
392
|
+
# comment_id: 'optional - comment ID to delete or update (e.g. 10000)',
|
|
393
|
+
# comment: 'optional - comment to add or update in the issue (e.g. "This is a comment")'
|
|
394
|
+
# )
|
|
395
|
+
|
|
396
|
+
public_class_method def self.issue_comment(opts = {})
|
|
397
|
+
base_api_uri = opts[:base_api_uri]
|
|
398
|
+
|
|
399
|
+
token = opts[:token]
|
|
400
|
+
token ||= PWN::Plugins::AuthenticationHelper.mask_password(
|
|
401
|
+
prompt: 'Personal Access Token'
|
|
402
|
+
)
|
|
403
|
+
|
|
404
|
+
issue = opts[:issue]
|
|
405
|
+
raise 'ERROR: issue cannot be nil.' if issue.nil?
|
|
406
|
+
|
|
407
|
+
comment_action = opts[:comment_action] ||= :add
|
|
408
|
+
raise 'ERROR: comment_action must be one of :delete, :add, or :update.' unless %i[delete add update].include?(comment_action)
|
|
409
|
+
|
|
410
|
+
comment_id = opts[:comment_id]
|
|
411
|
+
raise 'ERROR: comment_id cannot be nil when comment_action is :delete or :update.' unless %i[delete update].include?(comment_action) || comment_id.nil?
|
|
412
|
+
|
|
413
|
+
comment = opts[:comment].to_s.scrub
|
|
414
|
+
|
|
415
|
+
case comment_action
|
|
416
|
+
when :add
|
|
417
|
+
http_method = :post
|
|
418
|
+
rest_call = "issue/#{issue}/comment"
|
|
419
|
+
http_body = { body: comment }
|
|
420
|
+
when :delete
|
|
421
|
+
http_method = :delete
|
|
422
|
+
rest_call = "issue/#{issue}/comment/#{comment_id}"
|
|
423
|
+
http_body = nil
|
|
424
|
+
when :update
|
|
425
|
+
http_method = :put
|
|
426
|
+
rest_call = "issue/#{issue}/comment/#{comment_id}"
|
|
427
|
+
http_body = { body: comment }
|
|
349
428
|
end
|
|
350
429
|
|
|
351
|
-
|
|
430
|
+
rest_call(
|
|
431
|
+
http_method: http_method,
|
|
432
|
+
base_api_uri: base_api_uri,
|
|
433
|
+
token: token,
|
|
434
|
+
rest_call: rest_call,
|
|
435
|
+
http_body: http_body
|
|
436
|
+
)
|
|
352
437
|
rescue StandardError => e
|
|
353
438
|
raise e
|
|
354
439
|
end
|
|
@@ -369,7 +454,6 @@ module PWN
|
|
|
369
454
|
)
|
|
370
455
|
|
|
371
456
|
issue = opts[:issue]
|
|
372
|
-
|
|
373
457
|
raise 'ERROR: issue cannot be nil.' if issue.nil?
|
|
374
458
|
|
|
375
459
|
rest_call(
|
|
@@ -382,6 +466,34 @@ module PWN
|
|
|
382
466
|
raise e
|
|
383
467
|
end
|
|
384
468
|
|
|
469
|
+
# Supported Method Parameters::
|
|
470
|
+
# issue_resp = PWN::Plugins::JiraServer.delete_attachment(
|
|
471
|
+
# base_api_uri: 'required - base URI for Jira (e.g. https:/jira.corp.com/rest/api/latest)',
|
|
472
|
+
# token: 'required - personal access token',
|
|
473
|
+
# id: 'required - attachment ID to delete (e.g. 10000) found in #get_issue method'
|
|
474
|
+
# )
|
|
475
|
+
|
|
476
|
+
public_class_method def self.delete_attachment(opts = {})
|
|
477
|
+
base_api_uri = opts[:base_api_uri]
|
|
478
|
+
|
|
479
|
+
token = opts[:token]
|
|
480
|
+
token ||= PWN::Plugins::AuthenticationHelper.mask_password(
|
|
481
|
+
prompt: 'Personal Access Token'
|
|
482
|
+
)
|
|
483
|
+
|
|
484
|
+
id = opts[:id]
|
|
485
|
+
raise 'ERROR: attachment_id cannot be nil.' if id.nil?
|
|
486
|
+
|
|
487
|
+
rest_call(
|
|
488
|
+
http_method: :delete,
|
|
489
|
+
base_api_uri: base_api_uri,
|
|
490
|
+
token: token,
|
|
491
|
+
rest_call: "attachment/#{id}"
|
|
492
|
+
)
|
|
493
|
+
rescue StandardError => e
|
|
494
|
+
raise e
|
|
495
|
+
end
|
|
496
|
+
|
|
385
497
|
# Author(s):: 0day Inc. <support@0dayinc.com>
|
|
386
498
|
|
|
387
499
|
public_class_method def self.authors
|
|
@@ -433,12 +545,27 @@ module PWN
|
|
|
433
545
|
attachment: 'optional - attachment path to upload to the issue (e.g. \"/path/to/file1.txt\")'
|
|
434
546
|
)
|
|
435
547
|
|
|
548
|
+
issue_resp = #{self}.issue_comment(
|
|
549
|
+
base_api_uri: 'required - base URI for Jira (e.g. https:/jira.corp.com/rest/api/latest)',
|
|
550
|
+
token: 'required - personal access token',
|
|
551
|
+
issue: 'required - issue to comment on (e.g. Bug, Issue, Story, or Epic ID)',
|
|
552
|
+
comment_action: 'required - action to perform on the issue comment (e.g. :delete, :add, :update - Defaults to :add)',
|
|
553
|
+
comment_id: 'optional - comment ID to delete or update (e.g. 10000)',
|
|
554
|
+
comment: 'optional - comment to add or update in the issue (e.g. \"This is a comment\")'
|
|
555
|
+
)
|
|
556
|
+
|
|
436
557
|
issue_resp = #{self}.delete_issue(
|
|
437
558
|
base_api_uri: 'required - base URI for Jira (e.g. https:/jira.corp.com/rest/api/latest)',
|
|
438
559
|
token: 'required - personal access token',
|
|
439
560
|
issue: 'required - issue to delete (e.g. Bug, Issue, Story, or Epic ID)'
|
|
440
561
|
)
|
|
441
562
|
|
|
563
|
+
issue_resp = #{self}.delete_attachment(
|
|
564
|
+
base_api_uri: 'required - base URI for Jira (e.g. https:/jira.corp.com/rest/api/latest)',
|
|
565
|
+
token: 'required - personal access token',
|
|
566
|
+
id: 'required - attachment ID to delete (e.g. 10000) found in #get_issue method'
|
|
567
|
+
)
|
|
568
|
+
|
|
442
569
|
**********************************************************************
|
|
443
570
|
* For more information on the Jira Server REST API, see:
|
|
444
571
|
* https://developer.atlassian.com/server/jira/platform/rest-apis/
|
data/lib/pwn/version.rb
CHANGED