zanshin 1.0.1

data/lib/zanshin/organization_scan_targets.rb

@@ -0,0 +1,177 @@
+# frozen_string_literal: true
+
+require_relative 'scan_target'
+
+module Zanshin
+  module SDK
+    # Zanshin SDK Organization Scan Target
+    module OrganizationScanTargets
+      ###################################################
+      # Organization Scan Targets
+      ###################################################
+
+      # Scan Targets Enumerator of an organization
+      # [#reference](https://api.zanshin.tenchisecurity.com/#operation/getOrganizationScanTargets)
+      #
+      # @param organization_id [UUID] of the organization
+      #
+      # @return an Scan Targets Enumerator object
+      def iter_organization_scan_targets(organization_id)
+        Enumerator.new do |yielder|
+          @http.request('GET', "/organizations/#{validate_uuid(organization_id)}/scantargets").each do |e|
+            yielder.yield e
+          end
+        end
+      end
+
+      # Create a new scan target in organization
+      # [#reference](https://api.zanshin.tenchisecurity.com/#operation/createOrganizationScanTargets)
+      #
+      # @param organization_id [UUID] of the organization
+      # @param name [UUID] of the organization
+      # @param credential [ScanTarget::AWS, ScanTarget::Azure, ScanTarget::GCP, ScanTarget::HUAWEI, ScanTarget::DOMAIN]
+      #   to access the cloud account to be scanned
+      # @param schedule [Cron] in cron format
+      #
+      # @return an Object representing the newly created scan target
+      def create_organization_scan_target(organization_id, name, credential, schedule = '0 0 * * *')
+        unless [ScanTarget::AWS, ScanTarget::Azure, ScanTarget::GCP,
+                ScanTarget::HUAWEI, ScanTarget::DOMAIN].include? credential.class
+          raise "#{credential.class} is invalid instance of Zanshin::SDK::ScanTarget classes"
+        end
+
+        body = {
+          'kind' => credential.class::KIND, 'name' => name,
+          'credential' => credential.to_json, 'schedule' => schedule
+        }
+        @http.request('POST', "/organizations/#{validate_uuid(organization_id)}/scantargets", body)
+      end
+
+      # Get scan target details of organization
+      # [#reference](https://api.zanshin.tenchisecurity.com/#operation/getOrganizationScanTargetById)
+      #
+      # @param organization_id [UUID] of the organization
+      # @param scan_target_id [UUID] of the scan target
+      #
+      # @return a Object representing the scan target
+      def get_organization_scan_target(organization_id, scan_target_id)
+        @http.request('GET',
+                      "/organizations/#{validate_uuid(organization_id)}/scantargets/#{validate_uuid(scan_target_id)}")
+      end
+
+      # Update scan target of organization
+      # [#reference](https://api.zanshin.tenchisecurity.com/#operation/editOrganizationMembersById)
+      #
+      # @param organization_id [UUID] of the organization
+      # @param scan_target_id [UUID] of the scan target
+      # @param name [String] of the scan target
+      # @param schedule [Cron] of the schedule
+      #
+      # @return a Object representing the scan target updated
+      def update_organization_scan_target(organization_id, scan_target_id, name = nil, schedule = nil)
+        body = {
+          'name' => name,
+          'schedule' => schedule
+        }
+
+        @http.request('PUT',
+                      "/organizations/#{validate_uuid(organization_id)}/scantargets/#{validate_uuid(scan_target_id)}",
+                      body)
+      end
+
+      # Delete scan target of organization
+      # [#reference](https://api.zanshin.tenchisecurity.com/#operation/deleteOrganizationScanTargetById)
+      #
+      # @param organization_id [UUID] of the organization
+      # @param scan_target_id [UUID] of the scan target
+      #
+      # @return a Boolean with result
+      def delete_organization_scan_target(organization_id, scan_target_id)
+        @http.request('DELETE',
+                      "/organizations/#{validate_uuid(organization_id)}/scantargets/#{validate_uuid(scan_target_id)}")
+      end
+
+      # Starts a scan on the specified scan target
+      # [#reference](https://api.zanshin.tenchisecurity.com/#operation/scanOrganizationScanTarget)
+      #
+      # @param organization_id [UUID] of the organization
+      # @param scan_target_id [UUID] of the scan target
+      #
+      # @return a Boolean with result
+      def start_organization_scan_target_scan(organization_id, scan_target_id)
+        @http.request(
+          'POST',
+          "/organizations/#{validate_uuid(organization_id)}/scantargets/#{validate_uuid(scan_target_id)}/scan"
+        )
+      end
+
+      # TODO: API documentation is not up to date, does not have this endpoint
+      #   After updating you will need to add the reference here
+
+      # Stop a scan on the specific scan target
+      #
+      # @param organization_id [UUID] of the organization
+      # @param scan_target_id [UUID] of the scan target
+      #
+      # @return a Boolean with result
+      def stop_organization_scan_target_scan(organization_id, scan_target_id)
+        @http.request(
+          'POST',
+          "/organizations/#{validate_uuid(organization_id)}/scantargets/#{validate_uuid(scan_target_id)}/stop"
+        )
+      end
+
+      # Check scan target
+      # [#reference](https://api.zanshin.tenchisecurity.com/#operation/checkOrganizationScanTarget)
+      #
+      # @param organization_id [UUID] of the organization
+      # @param scan_target_id [UUID] of the scan target
+      #
+      # @return a Object representing the scan target
+      def check_organization_scan_target(organization_id, scan_target_id)
+        @http.request(
+          'POST',
+          "/organizations/#{validate_uuid(organization_id)}/scantargets/#{validate_uuid(scan_target_id)}/check"
+        )
+      end
+
+      ###################################################
+      # Organization Scan Target Scan
+      ###################################################
+
+      # Scans Enumerator of an Scan Target
+      # [#reference](https://api.zanshin.tenchisecurity.com/#operation/getOrganizationScanTargetScans)
+      #
+      # @param organization_id [UUID] of the organization
+      # @param scan_target_id [UUID] of the scan target
+      #
+      # @return an Scans Enumerator object
+      def iter_organization_scan_target_scans(organization_id, scan_target_id)
+        Enumerator.new do |yielder|
+          @http.request(
+            'GET',
+            "/organizations/#{validate_uuid(organization_id)}/scantargets/#{validate_uuid(scan_target_id)}/scans"
+          ).each do |e|
+            yielder.yield e
+          end
+        end
+      end
+
+      # Get scan of scan target
+      # [#reference](https://api.zanshin.tenchisecurity.com/#operation/getOrganizationScanTargetScanSlot)
+      #
+      # @param organization_id [UUID] of the organization
+      # @param scan_target_id [UUID] of the scan target
+      # @param scan_id [UUID] of the scan
+      #
+      # @return a Object representing the scan
+      def get_organization_scan_target_scan(organization_id, scan_target_id, scan_id)
+        @http.request(
+          'GET',
+          "/organizations/#{validate_uuid(organization_id)}/scantargets/#{
+            validate_uuid(scan_target_id)}/scans/#{validate_uuid(scan_id)}"
+        )
+      end
+    end
+  end
+end

data/lib/zanshin/organizations.rb

@@ -0,0 +1,52 @@
+# frozen_string_literal: true
+
+module Zanshin
+  module SDK
+    # Zanshin SDK Organization
+    module Organizations
+      ###################################################
+      # Organizations
+      ###################################################
+
+      # Organizations Enumerator of current logged user
+      # [#reference](https://api.zanshin.tenchisecurity.com/#operation/getOrganizations)
+      #
+      # @return an Organizations Enumerator object
+      def iter_organizations
+        Enumerator.new do |yielder|
+          @http.request('GET', '/organizations').each do |e|
+            yielder.yield e
+          end
+        end
+      end
+
+      # Gets an organization given its ID
+      # [#reference](https://api.zanshin.tenchisecurity.com/#operation/getOrganizationById)
+      #
+      # @param organization_id [UUID] of the organization
+      #
+      # @return an Object representing the organization
+      def get_organization(organization_id)
+        @http.request('GET', "/organizations/#{validate_uuid(organization_id)}")
+      end
+
+      # Gets an organization given its ID
+      # [#reference](https://api.zanshin.tenchisecurity.com/#operation/editOrganizationById)
+      #
+      # @param organization_id [UUID] of the organization
+      # @param name [String] Optional name of the organization
+      # @param picture [String] Optional picture URL of the organization, accepted formats: jpg, jpeg, png, svg
+      # @param email [String] Optional e-mail contact of the organization
+      #
+      # @return an Object representing the organization
+      def update_organization(organization_id, name: nil, picture: nil, email: nil)
+        body = {
+          'name' => name,
+          'picture' => picture,
+          'email' => email
+        }
+        @http.request('PUT', "/organizations/#{validate_uuid(organization_id)}", body)
+      end
+    end
+  end
+end

data/lib/zanshin/request/zanshin_request.rb

@@ -0,0 +1,51 @@
+# frozen_string_literal: true
+
+require 'net/http'
+require 'zanshin/request/zanshin_request_error'
+require 'json'
+
+module Zanshin
+  module SDK
+    # Zanshin SDK Request
+    module Request
+      # Zanshin SDK request HTTPClient
+      class HTTPClient
+        attr_accessor :headers, :http_client
+
+        # Initialize a new HTTP connection to the Zanshin API
+        # @overload initialize(api_key, api_url, user_agent, proxy_url)
+        #   @param api_key [String] API key to use
+        #   @param api_url [String] URL of the Zanshin API
+        #   @param user_agent [String] User agent to use in requests performed
+        #   @param proxy_url [String] Optional URL indicating which proxy server to use
+        def initialize(api_key, api_url, user_agent, proxy_url = nil)
+          @headers = { 'Authorization' => "Bearer #{api_key}",
+                       'User-Agent' => user_agent,
+                       'Content-Type' => 'application/json' }
+          # HACK: Needs to figure out why Net::HTTP is not automatically decoded `gzip` and `deflate` encoding
+          # 'Accept-Encoding' => 'gzip, deflate'
+
+          uri = URI.parse(api_url)
+          proxy = URI.parse(proxy_url || '')
+
+          @http_client = Net::HTTP.new(uri.host, uri.port, proxy.host, proxy.port, proxy.user, proxy.password)
+          @http_client.use_ssl = true
+        end
+
+        # Request to Zanshin
+        # @overload initialize(api_key, api_url, user_agent, proxy_url)
+        #   @param method ['GET', 'POST', 'PUT', 'DELETE'] HTTP method to pass along to `:HTTPClient`
+        #   @param path [String] API path to access
+        #   @param body [Object] request body to pass along to `:HTTPClient`
+        def request(method, path, body = nil)
+          body = body.to_json if body
+          response = @http_client.send_request(method, path, body, @headers)
+          result = JSON.parse(response.body)
+          raise ZanshinError.new(response.code, result['message'] || result['errorName']) if response.code.to_i >= 400
+
+          result
+        end
+      end
+    end
+  end
+end

data/lib/zanshin/request/zanshin_request_error.rb

@@ -0,0 +1,22 @@
+# frozen_string_literal: true
+
+module Zanshin
+  module SDK
+    module Request
+      # Zanshin SDK request ZanshinError
+      class ZanshinError < StandardError
+        attr_reader :code, :body
+
+        # Initialize a new Zanshin Error
+        # @overload initialize(code, body)
+        #   @param code [String] of the Error
+        #   @param body [String] message of the error
+        def initialize(code, body)
+          @code = code
+          @body = body
+          super("Error [#{code}] #{body}")
+        end
+      end
+    end
+  end
+end

data/lib/zanshin/scan_target.rb

@@ -0,0 +1,114 @@
+# frozen_string_literal: true
+
+require 'json'
+
+module Zanshin
+  module SDK
+    # Zanshin SDK Scan Target
+    #
+    # This module contains the classes for each provider that Zanshin supports, and which can be used
+    #   to create a scan target
+    module ScanTarget
+      # AWS scan target
+      class AWS
+        # Type of provider that will be sent to the API
+        KIND = 'AWS'
+
+        attr_accessor :account
+
+        def initialize(account)
+          @account = account
+        end
+
+        # Convert AWS class to json
+        def to_json(*_args)
+          {
+            'account' => @account
+          }
+        end
+      end
+
+      # Azure scan target
+      class Azure
+        # Type of provider that will be sent to the API
+        KIND = 'Azure'
+
+        attr_accessor :application_id, :subscription_id, :directory_id, :secret
+
+        def initialize(application_id, subscription_id, directory_id, secret)
+          @application_id = application_id
+          @subscription_id = subscription_id
+          @directory_id = directory_id
+          @secret = secret
+        end
+
+        # Convert Azure class to json
+        def to_json(*_args)
+          {
+            'application_id' => @application_id,
+            'subscription_id' => @subscription_id,
+            'directory_id' => @directory_id,
+            'secret' => @secret
+          }
+        end
+      end
+
+      # GCP scan target
+      class GCP
+        # Type of provider that will be sent to the API
+        KIND = 'GCP'
+
+        attr_accessor :project_id
+
+        def initialize(project_id)
+          @project_id = project_id
+        end
+
+        # Convert GCP class to json
+        def to_json(*_args)
+          {
+            'project_id' => @project_id
+          }
+        end
+      end
+
+      # HUAWEI scan target
+      class HUAWEI
+        # Type of provider that will be sent to the API
+        KIND = 'HUAWEI'
+
+        attr_accessor :account_id
+
+        def initialize(account_id)
+          @account_id = account_id
+        end
+
+        # Convert HUAWEI class to json
+        def to_json(*_args)
+          {
+            'account_id' => @account_id
+          }
+        end
+      end
+
+      # DOMAIN scan target
+      class DOMAIN
+        # Type of provider that will be sent to the API
+        KIND = 'DOMAIN'
+
+        attr_accessor :domain
+
+        def initialize(domain)
+          @domain = domain
+        end
+
+        # Convert DOMAIN class to json
+        def to_json(*_args)
+          {
+            'domain' => @domain
+          }
+        end
+      end
+    end
+  end
+end

data/lib/zanshin/summaries.rb

@@ -0,0 +1,80 @@
+# frozen_string_literal: true
+
+module Zanshin
+  module SDK
+    # Zanshin SDK Summary
+    module Summaries
+      ###################################################
+      # Summaries
+      ###################################################
+
+      # Gets a summary of the current state of alerts for an organization, both in total and broken down by scan target
+      # [#reference](https://api.zanshin.tenchisecurity.com/#operation/alertSummary)
+      #
+      # @param organization_id [UUID] of the organization whose alert summaries are desired
+      # @param scan_target_ids [Array<UUID>] optional list of scan target IDs to summarize alerts from, defaults to all
+      #
+      # @return a Object representing the alert summaries
+      def get_alert_summaries(organization_id, scan_target_ids = [])
+        body = {
+          'organizationId' => validate_uuid(organization_id),
+          'scanTargetIds' => scan_target_ids.each { |scan_target_id| validate_uuid(scan_target_id) }
+        }
+
+        @http.request('POST', '/alerts/summaries', body)
+      end
+
+      # Gets a summary of the current state of alerts for followed organizations
+      # [#reference](https://api.zanshin.tenchisecurity.com/#operation/alertFollowingSummary)
+      #
+      # @param organization_id [UUID] of the organization
+      # @param following_ids [Array<UUID>] list of IDs of organizations being followed to summarize alerts from
+      #
+      # @return a Object representing the alert following summaries
+      def get_following_alert_summaries(organization_id, following_ids = [])
+        body = {
+          'organizationId' => validate_uuid(organization_id),
+          'followingIds' => following_ids.each { |following_id| validate_uuid(following_id) }
+        }
+
+        @http.request('POST', '/alerts/summaries/following', body)
+      end
+
+      # Returns summaries of scan results over a period of time, summarizing number of alerts that changed states
+      # [#reference](https://api.zanshin.tenchisecurity.com/#operation/scanSummary)
+      #
+      # @param organization_id [UUID] of the organization whose alert summaries are desired
+      # @param scan_target_ids [Array<UUID>] optional list of scan target IDs to summarize alerts from, defaults to all
+      # @param days [Integer] number of days to go back in time in historical search
+      #
+      # @return a Object representing the scan summaries
+      def get_scan_summaries(organization_id, scan_target_ids = [], days = 7)
+        body = {
+          'organizationId' => validate_uuid(organization_id),
+          'scanTargetIds' => scan_target_ids.each { |scan_target_id| validate_uuid(scan_target_id) },
+          'daysBefore' => days
+        }
+
+        @http.request('POST', '/alerts/summaries/scans', body)
+      end
+
+      # Gets a summary of the current state of alerts for followed organizations
+      # [#reference](https://api.zanshin.tenchisecurity.com/#operation/scanSummaryFollowing)
+      #
+      # @param organization_id [UUID] of the organization whose alert summaries are desired
+      # @param following_ids [Array<UUID>] optional list of IDs of organizations being followed to summarize alerts from
+      # @param days [Integer] number of days to go back in time in historical search
+      #
+      # @return a Object representing the scan summaries
+      def get_following_scan_summaries(organization_id, following_ids = [], days = 7)
+        body = {
+          'organizationId' => validate_uuid(organization_id),
+          'followingIds' => following_ids.each { |following_id| validate_uuid(following_id) },
+          'daysBefore' => days
+        }
+
+        @http.request('POST', '/alerts/summaries/scans/following', body)
+      end
+    end
+  end
+end

data/lib/zanshin/version.rb

@@ -0,0 +1,8 @@
+# frozen_string_literal: true
+
+module Zanshin
+  module SDK
+    # The Zanshin SDK version
+    VERSION = '1.0.1'
+  end
+end

data/lib/zanshin.rb

@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+
+require_relative 'zanshin/client'
+require_relative 'zanshin/version'
+
+# {include:file:README.md}
+module Zanshin
+  # Zanshin SDK
+  module SDK
+    # The default endpoint for Zanshin API
+    ZANSHIN_API = 'https://api.zanshin.tenchi-dev.com'
+    # The directory that Zanshin uses to store/get private settings
+    CONFIG_DIR = "#{Dir.home}/.tenchi"
+    # The file that Zanshin uses to store/get private settings
+    CONFIG_FILE = "#{CONFIG_DIR}/config"
+  end
+end