tenable-ruby 0.2.8 → 0.2.9

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: e245a612faee35b894f89a5ee6837649860d2274
-  data.tar.gz: 430f712ff41e2aaf67367b834f693a512d1316d5
+  metadata.gz: e3ffc535c0804bfd2ec0c8ed49901f5071bd5ecb
+  data.tar.gz: 802afef027172f267dc908d5c203a0846aec68f5
 SHA512:
-  metadata.gz: 2f10fc3a6d038a4e07487aad98727bbc5df909e5e27a9060bad2b90753628068730cf3176aca05f15fd958df6c18d848c23209de97057d58b9db20df4af6061e
-  data.tar.gz: b7b485c057780d2ffdd745e1f7e62078ae20d2a505d1fdd276c9ccbfb967997330fe0e1c067b266837fa09392603d40a71ffbadafc559945b17d6e702c11120c
+  metadata.gz: 1792020ee77d3775f358673764d10594b7ba4662013a102f59cd82c7e2a1d09e19904d7bb7a3bc8c8d242c6bc3791c5247a4e795ae5cfa7afaa2e0885855e99c
+  data.tar.gz: 72753b4e0962e754b837817735d2722d3665e5ffd93ad3df8eb6a55cb1e9bdebed8885ce514a689427e028457e5e3ad0be324770fcae0a71746893419b1fa30a

data/lib/tenable-ruby.rb

@@ -1,17 +1,14 @@
 #!/usr/bin/env ruby
 # coding: utf-8
-# = tenable-ruby.rb: Unofficial Ruby library for communicating with the tenable.io API
+# = tenable-ruby.rb: Ruby library for communicating with the tenable.io API
 #
-# Authors:: Vlatko Kosturjak, Patrick Craston
 #
-# (C) Vlatko Kosturjak, Kost. Distributed under MIT license.
+# (C) Copyright (c) 2010 Vlatko Kosturjak, Kost, 2019 Intruder Systems Ltd. Distributed under MIT license.
 # 
 # == What is this library? 
 # 
-# Unofficial Ruby library for communicating with the tenable.io API (also works with Nessus 6 API).
+# Ruby library for communicating with the tenable.io API.
 # You can start, stop, pause and resume scans. Get status of scans, download reports, create policies, etc.
-# Based on the excellent library for interacting with Nessus
-# https://github.com/kost/nessus_rest-ruby by https://github.com/kost.
 #
 # == Requirements
 # 
@@ -56,9 +53,6 @@ module TenableRuby
     #  or
     #  TenableRuby::Client.new (:credentials => {access_key: 'XXX', secret_key: 'XXX'})
     #
-    #  default url is set to tenable.io, change to Nessus appliance url if required, e.g.
-    #  TenableRuby::Client.new (:url => 'https://nessus_url:8834',
-    #                           :credentials => {access_key: 'XXX', secret_key: 'XXX'})
     def initialize(params = {})
       # defaults
       @tenable_url = params.fetch(:url, 'https://cloud.tenable.com')
@@ -95,19 +89,19 @@ module TenableRuby
           :json => 1,
           :authenticationmethod => true
         }
-        res = http_post(:uri => "/session", :data => payload)
-        if res['token']
-          @token = "token=#{res['token']}"
+        response = http_post(:uri => "/session", :data => payload)
+        if response['token']
+          @token = "token=#{response['token']}"
           @header = {'X-Cookie' => @token}
         else
-          fail TenableRuby::Error::AuthenticationError, "Authentication failed. Could not authenticate using
+          raise TenableRuby::Error::AuthenticationError, "Authentication failed. Could not authenticate using
           username/password."
         end
       elsif @credentials[:access_key] and @credentials[:secret_key]
         @header = {'X-ApiKeys' => "accessKey=#{@credentials[:access_key]}; secretKey=#{@credentials[:secret_key]}"}
       else
-        fail TenableRuby::Error::AuthenticationError, "Authentication credentials were not provided. You must provide" \
-        " either a username and password or an API access key and secret key (these can be generated at " \
+        raise TenableRuby::Error::AuthenticationError, "Authentication credentials were not provided. You must " \
+        "provide either a username and password or an API access key and secret key (these can be generated at " \
         "https://cloud.tenable.com/app.html#/settings/my-account/api-keys."
       end
     end
@@ -140,8 +134,8 @@ module TenableRuby
     # Reference:
     # https://cloud.tenable.com/api#/resources/users/delete
     def user_delete(user_id)
-      res = http_delete(:uri => "/users/#{user_id}", :fields => header)
-      res.code
+      response = http_delete(:uri => "/users/#{user_id}", :fields => header)
+      response.code
     end
 
     # Changes the password for the given user
@@ -153,8 +147,8 @@ module TenableRuby
         :password => password,
         :json => 1
       }
-      res = http_put(:uri => "/users/#{user_id}/chpasswd", :data => payload, :fields => header)
-      res.code
+      response = http_put(:uri => "/users/#{user_id}/chpasswd", :data => payload, :fields => header)
+      response.code
     end
 
     # Logs the current user out and destroys the session
@@ -162,8 +156,8 @@ module TenableRuby
     # Reference:
     # https://cloud.tenable.com/api#/resources/session/destroy
     def user_logout
-      res = http_delete(:uri => "/session", :fields => header)
-      res.code
+      response = http_delete(:uri => "/session", :fields => header)
+      response.code
     end
 
     # Returns the policy list
@@ -334,12 +328,8 @@ module TenableRuby
     # Reference:
     # https://cloud.tenable.com/api#/resources/scans/delete
     def scan_delete(scan_id)
-      res = http_delete(:uri => "/scans/#{scan_id}", :fields => header)
-      if res.code == 200
-        true
-      else
-        false
-      end
+      response = http_delete(:uri => "/scans/#{scan_id}", :fields => header)
+      return response.code == 200
     end
 
     # Returns details for the given host
@@ -428,17 +418,8 @@ module TenableRuby
     # Reference:
     # https://cloud.tenable.com/api#/resources/policies/delete
     def policy_delete(policy_id)
-      res = http_delete(:uri => "/policies/#{policy_id}", :fields => header)
-      res.code
-    end
-
-    # Schedules a software update for all components (only Nessus 6)
-    #
-    def software_update
-      if @tenable_url == 'https://cloud.tenable.com'
-        return "software_update only works on a Nessus 6 appliance"
-      end
-      http_post(:uri => "/settings/software-update", :fields => header)
+      response = http_delete(:uri => "/policies/#{policy_id}", :fields => header)
+      response.code
     end
 
     # Performs scan with templatename provided (name, title or uuid of scan).
@@ -496,38 +477,38 @@ module TenableRuby
 
     # Returns scan status by performing a 'scan_details' API call
     def scan_status(scan_id)
-      sd = scan_details(scan_id)
-      unless sd['error'].nil?
+      details = scan_details(scan_id)
+      unless details['error'].nil?
         return 'error'
       end
-      if sd.nil?
+      if details.nil?
         return 'error'
       end
-      sd['info']['status']
+      details['info']['status']
     end
 
     # Returns the status of the latest history object of a scan by performing a 'scan_details' API call.
     # Note this is currently updated more frequently than the scan status in the tenable.io API
     def scan_latest_history_status(scan_id)
-      sd = scan_details(scan_id)
-      unless sd['error'].nil?
+      details = scan_details(scan_id)
+      unless details['error'].nil?
         return 'error'
       end
-      if sd.nil?
+      if details.nil?
         return 'error'
       end
-      history = sd['history']
+      history = details['history']
       if history.nil? or history.length == 0
         'error'
       else
-        sd['history'].last['status']
+        details['history'].last['status']
       end
     end
 
     # Parse the scan status command to determine if a scan has finished
     def scan_finished?(scan_id)
-      ss = scan_status(scan_id)
-      if ss == 'completed' or ss == 'canceled' or ss == 'imported'
+      status = scan_status(scan_id)
+      if status == 'completed' or status == 'canceled' or status == 'imported'
         true
       else
         false
@@ -536,24 +517,21 @@ module TenableRuby
 
     # use download scan API call to download a report in raw format
     def report_download_quick(scan_id, format)
-      se = scan_export(scan_id, format)
+      export_details = scan_export(scan_id, format)
       # ready, loading
-      while (status = scan_export_status(scan_id, se['file'])['status']) != "ready" do
-        if status.nil? or status == ''
-          return nil
-        end
-        if status == "error"
+      while (export_status = scan_export_status(scan_id, export_details['file'])['status']) != "ready" do
+        if export_status.nil? or export_status == '' or export_status == "error"
           raise TenableRuby::Error::TenableError, "Tenable.io returned an error while exporting the scan"
         end
         sleep @defsleep
       end
-      report_download(scan_id, se['file'])
+      report_download(scan_id, export_details['file'])
     end
 
     # use download scan API call to save a report as file
-    def report_download_file(scan_id, format, outputfn)
+    def report_download_file(scan_id, format, output_file_name)
       report_content = report_download_quick(scan_id, format)
-      File.open(outputfn, 'w') do |f|
+      File.open(output_file_name, 'w') do |f|
         f.write(report_content)
       end
     end
@@ -565,12 +543,12 @@ module TenableRuby
     #
     # returns: HTTP result object
     def http_put(opts = {})
-      ret = http_put_low(opts)
-      if ret.is_a?(Hash) and ret.has_key?('error') and ret['error'] == 'Invalid Credentials'
+      response = http_put_low(opts)
+      if response.is_a?(Hash) and response.has_key?('error') and response['error'] == 'Invalid Credentials'
         authenticate
         http_put_low(opts)
       else
-        ret
+        response
       end
     end
 
@@ -578,27 +556,27 @@ module TenableRuby
       uri = opts[:uri]
       data = opts[:data]
       fields = opts[:fields] || {}
-      res = nil
+      response = nil
       tries = @httpretry
 
-      req = Net::HTTP::Put.new(uri)
-      req.set_form_data(data) unless (data.nil? || data.empty?)
+      request = Net::HTTP::Put.new(uri)
+      request.set_form_data(data) unless (data.nil? || data.empty?)
       fields.each_pair do |name, value|
-        req.add_field(name, value)
+        request.add_field(name, value)
       end
 
       begin
         tries -= 1
-        res = @connection.request(req)
+        response = @connection.request(request)
       rescue Timeout::Error, Errno::EINVAL, Errno::ECONNRESET, EOFError, Net::HTTPBadResponse, Net::HTTPHeaderSyntaxError, Net::ProtocolError => e
         if tries > 0
           sleep @httpsleep
           retry
         else
-          return res
+          return response
         end
       rescue URI::InvalidURIError
-        return res
+        return response
       end
     end
 
@@ -606,40 +584,40 @@ module TenableRuby
     #
     # returns: HTTP result object
     def http_delete(opts = {})
-      ret = http_delete_low(opts)
-      if ret.is_a?(Hash) and ret.has_key?('error') and ret['error'] == 'Invalid Credentials'
+      response = http_delete_low(opts)
+      if response.is_a?(Hash) and response.has_key?('error') and response['error'] == 'Invalid Credentials'
         authenticate
         http_delete_low(opts)
-        ret
+        response
       else
-        ret
+        response
       end
     end
 
     def http_delete_low(opts = {})
       uri = opts[:uri]
       fields = opts[:fields] || {}
-      res = nil
+      response = nil
       tries = @httpretry
 
-      req = Net::HTTP::Delete.new(uri)
+      request = Net::HTTP::Delete.new(uri)
 
       fields.each_pair do |name, value|
-        req.add_field(name, value)
+        request.add_field(name, value)
       end
 
       begin
         tries -= 1
-        res = @connection.request(req)
+        response = @connection.request(request)
       rescue Timeout::Error, Errno::EINVAL, Errno::ECONNRESET, EOFError, Net::HTTPBadResponse, Net::HTTPHeaderSyntaxError, Net::ProtocolError => e
         if tries > 0
           sleep @httpsleep
           retry
         else
-          return res
+          return response
         end
       rescue URI::InvalidURIError
-        return res
+        return response
       end
     end
 
@@ -648,17 +626,17 @@ module TenableRuby
     # returns: JSON parsed object (if JSON parseable)
     def http_get(opts = {})
       raw_content = opts[:raw_content] || false
-      ret = http_get_low(opts)
+      response = http_get_low(opts)
       if !raw_content
-        if ret.is_a?(Hash) and ret.has_key?('error') and ret['error'] == 'Invalid Credentials'
+        if response.is_a?(Hash) and response.has_key?('error') and response['error'] == 'Invalid Credentials'
           authenticate
-          ret = http_get_low(opts)
-          return ret
+          response = http_get_low(opts)
+          return response
         else
-          return ret
+          return response
         end
       else
-        ret
+        response
       end
     end
 
@@ -669,14 +647,14 @@ module TenableRuby
       json = {}
       tries = @httpretry
 
-      req = Net::HTTP::Get.new(uri)
+      request = Net::HTTP::Get.new(uri)
       fields.each_pair do |name, value|
-        req.add_field(name, value)
+        request.add_field(name, value)
       end
 
       begin
         tries -= 1
-        res = @connection.request(req)
+        response = @connection.request(request)
       rescue Timeout::Error, Errno::EINVAL, Errno::ECONNRESET, EOFError, Net::HTTPBadResponse, Net::HTTPHeaderSyntaxError, Net::ProtocolError => e
         if tries > 0
           sleep @httpsleep
@@ -688,9 +666,9 @@ module TenableRuby
         return json
       end
       if !raw_content
-        parse_json(res.body)
+        parse_json(response.body)
       else
-        res.body
+        response.body
       end
     end
 
@@ -703,15 +681,15 @@ module TenableRuby
         authzmethod = opts[:authenticationmethod]
         opts.delete(:authenticationmethod)
       end
-      ret = http_post_low(opts)
-      if ret.is_a?(Hash) and ret.has_key?('error') and ret['error'] == 'Invalid Credentials'
+      response = http_post_low(opts)
+      if response.is_a?(Hash) and response.has_key?('error') and response['error'] == 'Invalid Credentials'
         unless authzmethod
           authenticate
-          ret = http_post_low(opts)
-          return ret
+          response = http_post_low(opts)
+          return response
         end
       else
-        ret
+        response
       end
     end
 
@@ -724,17 +702,17 @@ module TenableRuby
       json = {}
       tries = @httpretry
 
-      req = Net::HTTP::Post.new(uri)
-      req.set_form_data(data) unless (data.nil? || data.empty?)
-      req.body = body unless (body.nil? || body.empty?)
-      req['Content-Type'] = ctype unless (ctype.nil? || ctype.empty?)
+      request = Net::HTTP::Post.new(uri)
+      request.set_form_data(data) unless (data.nil? || data.empty?)
+      request.body = body unless (body.nil? || body.empty?)
+      request['Content-Type'] = ctype unless (ctype.nil? || ctype.empty?)
       fields.each_pair do |name, value|
-        req.add_field(name, value)
+        request.add_field(name, value)
       end
 
       begin
         tries -= 1
-        res = @connection.request(req)
+        response = @connection.request(request)
       rescue Timeout::Error, Errno::EINVAL, Errno::ECONNRESET, EOFError, Net::HTTPBadResponse, Net::HTTPHeaderSyntaxError, Net::ProtocolError => e
         if tries > 0
           sleep @httpsleep
@@ -746,21 +724,21 @@ module TenableRuby
         return json
       end
 
-      parse_json(res.body)
+      parse_json(response.body)
     end
 
     # Perform JSON parsing of body
     #
     # returns: JSON parsed object (if JSON parseable)
     def parse_json(body)
-      buf = {}
+      parsed_json = {}
 
       begin
-        buf = JSON.parse(body)
+        parsed_json = JSON.parse(body)
       rescue JSON::ParserError
       end
 
-      buf
+      parsed_json
     end
 
   end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: tenable-ruby
 version: !ruby/object:Gem::Version
-  version: 0.2.8
+  version: 0.2.9
 platform: ruby
 authors:
 - Vlatko Kosturjak
@@ -9,12 +9,11 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-01-14 00:00:00.000000000 Z
+date: 2019-02-07 00:00:00.000000000 Z
 dependencies: []
-description: "Unofficial Ruby library for communicating with the tenable.io API (also
-  works with Nessus 6).\n  You can start, stop, pause and resume scan. Get status
-  of scans, download reports, create policies, etc.\n  Based on the excellent library
-  for interacting with Nessus https://github.com/kost/nessus_rest-ruby by https://github.com/kost. "
+description: |-
+  Ruby library for communicating with the tenable.io API.
+    You can start, stop, pause and resume scan. Get status of scans, download reports, create policies, etc.
 email: patrick.craston@intruder.io
 executables: []
 extensions: []
@@ -46,5 +45,5 @@ rubyforge_project:
 rubygems_version: 2.5.2.3
 signing_key: 
 specification_version: 4
-summary: Unofficial Ruby library for communicating with the tenable.io API
+summary: Ruby library for communicating with the tenable.io API
 test_files: []