praetorian-cli 2.2.13__py3-none-any.whl → 2.2.15__py3-none-any.whl

praetorian_cli/handlers/update.py

@@ -36,7 +36,8 @@ def asset(chariot, key, status, surface):
 @click.argument('key', required=True)
 @click.option('-s', '--status', type=click.Choice([s.value for s in Risk]), help=f'Status of the risk')
 @click.option('-c', '--comment', default='', help='Comment for the risk')
-def risk(chariot, key, status, comment):
+@click.option('-r', '--remove-comment', type=int, default=None, help='Remove comment at index (0, 1, ... or -1 for most recent)')
+def risk(chariot, key, status, comment, remove_comment):
     """ Update the status and comment of a risk
 
     \b
@@ -47,8 +48,13 @@ def risk(chariot, key, status, comment):
     Example usages:
         - praetorian chariot update risk "#risk#www.example.com#CVE-2024-23049" --status OH --comment "Open it as a high severity risk"
         - praetorian chariot update risk "#risk#www.example.com#open-ssh-port" --status RH --comment "John stopped sshd on the server"
+        - praetorian chariot update risk "#risk#www.example.com#CVE-2024-23049" --remove-comment 0
+        - praetorian chariot update risk "#risk#www.example.com#CVE-2024-23049" --remove-comment -1
     """
-    chariot.risks.update(key, status, comment)
+    if comment and remove_comment is not None:
+        raise click.UsageError("Cannot use --comment and --remove-comment together")
+
+    chariot.risks.update(key, status, comment, remove_comment)
 
 
 @update.command()

praetorian_cli/sdk/chariot.py

@@ -64,25 +64,19 @@ class Chariot:
             import urllib3
             urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)
 
-    def chariot_request(self, method: str, url: str, **kwargs) -> requests.Response:
+    def chariot_request(self, method: str, url: str, headers: dict = {}, **kwargs) -> requests.Response:
         """
-        Centralized method to make HTTP requests to the Chariot API with all global headers/parameters set.
+        Centralized wrapper around requests.request. Take care of proxy, beta flag, and 
+        supplies the authentication headers
         """
-        
         self.add_beta_url_param(kwargs)
 
-        return self.request(method, url, self.keychain.headers(), **kwargs)
-    
-    def request(self, method: str, url: str, headers: dict = None, **kwargs) -> requests.Response:
-        """
-        Centralized wrapper around requests.request, ensuring the HTTP proxy is respected.
-        """
-
         if self.proxy:
             kwargs['proxies'] = {'http': self.proxy, 'https': self.proxy}
             kwargs['verify'] = False
 
-        return requests.request(method, url, headers=headers, **kwargs)
+        return requests.request(method, url, headers=(headers | self.keychain.headers()), **kwargs)
+
 
     def add_beta_url_param(self, kwargs: dict):
         if 'params' in kwargs:
@@ -206,8 +200,12 @@ class Chariot:
         return resp
 
     def _upload(self, chariot_filepath: str, content: str) -> dict:
-        # It is a two-step upload. The PUT request to the /file endpoint is to get a presigned URL for S3.
-        # There is no data transfer.
+        # Encrypted files have _encrypted/ prefix in the path. Encrypted files do not use presigned URLs.
+        # Instead, they use the /encrypted-file endpoint that directly gets and puts content.
+        if is_encrypted_partition(chariot_filepath):
+            return self.chariot_request('PUT', self.url('/encrypted-file'), params=dict(name=chariot_filepath), data=content)
+
+        # Regular files use presigned URLs
         presigned_url = self.chariot_request('PUT', self.url('/file'), params=dict(name=chariot_filepath))
         process_failure(presigned_url)
         resp = requests.put(presigned_url.json()['url'], data=content)
@@ -216,6 +214,15 @@ class Chariot:
 
     def download(self, name: str, global_=False) -> bytes:
         params = dict(name=name)
+        # Encrypted files have _encrypted/ prefix in the path. Encrypted files do not use presigned URLs.
+        # Instead, they use the /encrypted-file endpoint that directly gets and puts content.
+        if is_encrypted_partition(name):
+            accept_binary = {'Accept': 'application/octet-stream'}
+            resp = self.chariot_request('GET', self.url('/encrypted-file'), params=params, headers=accept_binary)
+            process_failure(resp)
+            return resp.content
+
+        # Regular files, use presigned URLs
         if global_:
             params |= GLOBAL_FLAG
 
@@ -228,7 +235,7 @@ class Chariot:
             message = f'Download request failed: response missing URL' + (f'\nBody: {resp.text}' if resp.text else '(empty)')
             raise Exception(message)
         
-        resp = self.request('GET', url)
+        resp = requests.request('GET', url)
         process_failure(resp)
         return resp.content
 
@@ -355,3 +362,7 @@ def extend(accumulate: dict, new: dict) -> dict:
             extend(accumulate[key], value)
 
     return accumulate
+
+
+def is_encrypted_partition(chariot_filepath: str) -> bool:
+    return chariot_filepath.startswith('_encrypted/')

praetorian_cli/sdk/entities/risks.py

@@ -44,9 +44,9 @@ class Risks:
             risk['affected_assets'] = self.affected_assets(key)
         return risk
 
-    def update(self, key, status=None, comment=None):
+    def update(self, key, status=None, comment=None, remove_comment=None):
         """
-        Update a risk's status and/or comment.
+        Update a risk's status and/or comment, or remove a comment.
 
         :param key: The key of the risk. If you supply a prefix that matches multiple risks, all of them will be updated
         :type key: str
@@ -54,6 +54,8 @@ class Risks:
         :type status: str or None
         :param comment: Comment for the risk update
         :type comment: str or None
+        :param remove_comment: Index of comment to remove (0, 1, ... or -1 for most recent)
+        :type remove_comment: int or None
         :return: API response containing update results
         :rtype: dict
         """
@@ -62,6 +64,9 @@ class Risks:
             params = params | dict(status=status)
         if comment:
             params = params | dict(comment=comment)
+        if remove_comment is not None:
+            index = self.resolve_comment_entry_index(key, remove_comment)
+            params = params | dict(remove=index)
 
         return self.api.upsert('risk', params)
 
@@ -159,3 +164,41 @@ class Risks:
         assets.extend(indirect_assets)
         assets.extend(web_assets)
         return assets
+
+    def resolve_comment_entry_index(self, key, note_index):
+        """
+        Translate a note index to the actual history array index.
+
+        :param key: The key of the risk
+        :param note_index: Index into note entries (0, 1, ... or -1 for most recent note)
+        :return: The actual index in the history array
+        """
+        risk = self.get(key)
+        history = risk.get('history', [])
+        note_indices = get_note_entry_indices(history)
+
+        if len(note_indices) == 0:
+            raise Exception(f"Risk {key} has no notes to remove")
+
+        # Handle negative indexing (e.g., -1 for last note)
+        if note_index < 0:
+            note_index = len(note_indices) + note_index
+
+        if note_index < 0 or note_index >= len(note_indices):
+            raise Exception(f"Note index {note_index} is out of range (0 to {len(note_indices) - 1})")
+
+        return note_indices[note_index]
+
+
+def get_note_entries(risk):
+    history = risk.get('history', [])
+    return [entry for entry in history if is_note_entry(entry)]
+
+
+def get_note_entry_indices(history):
+    """Return the indices in the history array that are note entries."""
+    return [i for i, entry in enumerate(history) if is_note_entry(entry)]
+
+
+def is_note_entry(entry):
+    return entry.get('comment') and entry.get('from') is None

praetorian_cli/sdk/test/test_file.py

@@ -12,6 +12,7 @@ class TestFile:
         self.sdk = setup_chariot()
         micro = epoch_micro()
         self.chariot_filepath = f'home/test-file-{micro}.txt'
+        self.encrypted_chariot_filepath = f'_encrypted/test-file-{micro}.txt'
         self.sanitized_filepath = f'home_test-file-{micro}.txt'
         self.bogus_filepath = f'bogus-filepath-{micro}.txt'
         self.local_filepath = f'./test-file-{micro}.txt'
@@ -52,6 +53,21 @@ class TestFile:
             self.sdk.files.get(self.chariot_filepath)
         assert str(ex_info.value) == f'File {self.chariot_filepath} not found.'
 
+    def test_add_encrypted_file(self):
+        self.sdk.files.add(self.local_filepath, self.encrypted_chariot_filepath)
+        files, offset = self.sdk.files.list(self.encrypted_chariot_filepath)
+        assert files[0]['name'] == self.encrypted_chariot_filepath
+
+    def test_get_encrypted_file(self):
+        content = self.sdk.files.get_utf8(self.encrypted_chariot_filepath)
+        assert content == self.content
+
+    def test_delete_encrypted_file(self):
+        self.sdk.files.delete(self.encrypted_chariot_filepath)
+        with pytest.raises(Exception) as ex_info:
+            self.sdk.files.get(self.encrypted_chariot_filepath)
+        assert str(ex_info.value) == f'File {self.encrypted_chariot_filepath} not found.'
+
     def teardown_class(self):
         os.remove(self.local_filepath)
         os.remove(self.sanitized_filepath)

praetorian_cli/sdk/test/test_risk.py

@@ -1,6 +1,7 @@
 import pytest
 
 from praetorian_cli.sdk.model.globals import Risk, Kind
+from praetorian_cli.sdk.entities.risks import get_note_entries
 from praetorian_cli.sdk.test.utils import make_test_values, clean_test_entities, setup_chariot
 
 
@@ -39,6 +40,33 @@ class TestRisk:
         self.sdk.risks.update(self.risk_key, Risk.OPEN_CRITICAL.value)
         assert self.get_risk()['status'] == Risk.OPEN_CRITICAL.value
 
+    def test_remove_comment(self):
+        self.sdk.risks.update(self.risk_key, comment='First comment')
+        self.sdk.risks.update(self.risk_key, comment='Second comment')
+        self.sdk.risks.update(self.risk_key, comment='Third comment')
+
+        risk = self.get_risk()
+        initial_history_len = len(get_note_entries(risk))
+        assert initial_history_len == 3
+
+        self.sdk.risks.update(self.risk_key, remove_comment=-2)
+
+        risk = self.get_risk()
+        new_history_len = len(get_note_entries(risk))
+        assert new_history_len == 2
+
+        self.sdk.risks.update(self.risk_key, remove_comment=-1)
+
+        risk = self.get_risk()
+        final_history_len = len(get_note_entries(risk))
+        assert final_history_len == 1
+
+        self.sdk.risks.update(self.risk_key, remove_comment=0)
+
+        risk = self.get_risk()
+        final_history_len = len(get_note_entries(risk))
+        assert final_history_len == 0
+
     def test_delete_risk(self):
         self.sdk.risks.delete(self.risk_key, Risk.DELETED_DUPLICATE_CRITICAL.value)
         assert self.get_risk()['status'] == Risk.DELETED_DUPLICATE_CRITICAL.value

{praetorian_cli-2.2.13.dist-info → praetorian_cli-2.2.15.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: praetorian-cli
-Version: 2.2.13
+Version: 2.2.15
 Summary: For interacting with the Chariot API
 Home-page: https://github.com/praetorian-inc/praetorian-cli
 Author: Praetorian

{praetorian_cli-2.2.13.dist-info → praetorian_cli-2.2.15.dist-info}/RECORD

@@ -18,14 +18,14 @@ praetorian_cli/handlers/search.py,sha256=wPXiHrBx4NpNB8a79S9wE6TMArBjg5WsEFKzDoU
 praetorian_cli/handlers/ssh_utils.py,sha256=53Kke-iFH4sJoCcweiT8q4WVRlaA7SvR5CCqdGFxHps,5903
 praetorian_cli/handlers/test.py,sha256=uhARoRolaJf6DMRNX-1aj8SDYe1wAvhYDOBYWH39sqo,932
 praetorian_cli/handlers/unlink.py,sha256=nUTGXZ7JBXwuHy2nzvL79sSO95Vyc0PftM6rm-9YWt8,1725
-praetorian_cli/handlers/update.py,sha256=rgdOsFTaEivTdTUjUxPNEo13XR7uoIpBFRUqUdFVjaI,2846
+praetorian_cli/handlers/update.py,sha256=xOThuMQ2n9Zq2-UAtRa7-9MujpoACcGUnad85-X16zA,3340
 praetorian_cli/handlers/utils.py,sha256=PaHyDTF2uj6mMMIr1pP1Bfh22H3dMx_UWnJgXK7_yuY,2639
 praetorian_cli/scripts/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 praetorian_cli/scripts/utils.py,sha256=lGCf4trEpsfECa9U42pDJ-f48EimlS-hG6AjnKjNt4I,501
 praetorian_cli/scripts/commands/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 praetorian_cli/scripts/commands/nmap-example.py,sha256=varKTkHKG4DAs9Ssf0c6SygP9GfuCG01aFxhfvixLM0,2727
 praetorian_cli/sdk/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-praetorian_cli/sdk/chariot.py,sha256=owN3nRg5Oh-p88PGOQ7DpHflkcMxBsE1xS1aAU_lOvA,13926
+praetorian_cli/sdk/chariot.py,sha256=amMgs7FxX9DY0tWNoizg7XfrVYWyLixbqqcaBQsuAKg,14626
 praetorian_cli/sdk/keychain.py,sha256=KCz2mOTv09jgg6mrZQooRg1VrnvF9W0_BjRlEQhbzqU,7468
 praetorian_cli/sdk/mcp_server.py,sha256=8UoTotD4UVl-tp1gqMjkOVpO__KeGCvy7mIpKXVc8Rg,8750
 praetorian_cli/sdk/entities/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
@@ -43,7 +43,7 @@ praetorian_cli/sdk/entities/integrations.py,sha256=NVaW_dWbnMkMIs-EYr2W7QAeamPVw
 praetorian_cli/sdk/entities/jobs.py,sha256=k4QFw4qR5MdVyMAYstfnRIWr_ZH4q1PwDyUEGC-qBSM,8269
 praetorian_cli/sdk/entities/keys.py,sha256=PgoGa3xyLMzWrIIQ8zgi7bfZiUFFumPtMDo64GjhdjE,6089
 praetorian_cli/sdk/entities/preseeds.py,sha256=SeSY4K6diJMQzsjCBxYK3N9Lz0fUz3B_LMBOAAcBSLg,8890
-praetorian_cli/sdk/entities/risks.py,sha256=7WcAGiehoGuLlugIujxQC2FcA1ndOh7s_ooEGERpWM4,6630
+praetorian_cli/sdk/entities/risks.py,sha256=_MQlMo0y82DunwI04IjscZU2bNWyu8UM9YTazCGf_Jk,8291
 praetorian_cli/sdk/entities/scanners.py,sha256=QCr5QlBy4jfBh8HRvZt9CoZTgNqLNnKNrI4sdfJf0jE,423
 praetorian_cli/sdk/entities/schema.py,sha256=CPVws1CdRHyOAI7oT9A20WGOCZozTFqZnfo5ox3v0HQ,807
 praetorian_cli/sdk/entities/search.py,sha256=9vTy9HZY2BTlqf5Zwpdl8HCRIfSEvWDRij2_-rAp2Ng,16938
@@ -68,12 +68,12 @@ praetorian_cli/sdk/test/test_configuration.py,sha256=ysyWpt7iq_tNkdvLU8gULCuwbXV
 praetorian_cli/sdk/test/test_conversation.py,sha256=i1cBaRmFmtLcFLr85OtgE60DynUgWB7EqqjGU-NBWvc,6951
 praetorian_cli/sdk/test/test_definition.py,sha256=8ShZFXJYHJUPH5rfmF3LYk9NE8W4lJBNHE2DhyJgXaY,1016
 praetorian_cli/sdk/test/test_extend.py,sha256=bHTCwtW0jN1GvFocB_uMJcEj4_IXvCkr35yMWKESbTU,1778
-praetorian_cli/sdk/test/test_file.py,sha256=rRikM2ceMy5TEX7YOFMPB2dnCRqROE9w8qoqVeCs9HM,2133
+praetorian_cli/sdk/test/test_file.py,sha256=ZpFBSKbfq9kzfQdy_tmwCH8rwYxW6GB4NlhTQHEw87Y,2940
 praetorian_cli/sdk/test/test_job.py,sha256=J7VqnVxRfvbpxNnYN9Rt3LvxmbNvSKwVqsSZxFEW1xc,1916
 praetorian_cli/sdk/test/test_key.py,sha256=yDrR0-JLwMB3eDx-tI-ss8GGbiJaJijE4dAK8-FUuzc,1425
 praetorian_cli/sdk/test/test_mcp.py,sha256=Ltg283j4Q12dcfCgUgDMKk6neRdDaThcndyywZl5XWs,938
 praetorian_cli/sdk/test/test_preseed.py,sha256=VhKSbSB6OmCYnVOrI6RDsYKBs1PekEuv0KOjbTt_k14,1186
-praetorian_cli/sdk/test/test_risk.py,sha256=S428ZF9Sot6_F8vvXFL-1a5FxtmsFct4rBewTAgm0mE,1992
+praetorian_cli/sdk/test/test_risk.py,sha256=WuVTPxL9yj84nJx84oXVAlz0KshLxs8GG3tDeSe3QZU,3000
 praetorian_cli/sdk/test/test_search.py,sha256=SB9Tgo_N3CCpfvla898oLB9IZyGK9Dju1r9REK6Wmek,1996
 praetorian_cli/sdk/test/test_seed.py,sha256=WfnEPZwMXHFtt4jyVT-1JitIW1zTrl7rwlX8jXz22vY,1303
 praetorian_cli/sdk/test/test_setting.py,sha256=hdPQj71rjSYxa-PODG2D-kJd8C9gkAg1jQXnqYU4P6A,1326
@@ -96,9 +96,9 @@ praetorian_cli/ui/aegis/commands/set.py,sha256=WJ0Qt30fBa_hyWEaawyA3h3rSeWHFPbJS
 praetorian_cli/ui/aegis/commands/ssh.py,sha256=KGsNlN0i-Cwp6gWyr-cjML9_L13oE7xFenysF2pC8Rc,3045
 praetorian_cli/ui/conversation/__init__.py,sha256=sNhNN_ZG1Va_7OLTaoXlIFL6ageKHWdufFVYw6F_aV8,90
 praetorian_cli/ui/conversation/textual_chat.py,sha256=gGgEs7HhNAto9rTVrGbz62mG10OqmtArI-aKxFLSfVs,24405
-praetorian_cli-2.2.13.dist-info/licenses/LICENSE,sha256=Zv97QripiVALv-WokW_Elsiz9vtOfbtNt1aLZhhk67I,1067
-praetorian_cli-2.2.13.dist-info/METADATA,sha256=MUJwo3wrkUulp376p98YNPnFC_tmNaMvSwGWbANr5xI,7752
-praetorian_cli-2.2.13.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
-praetorian_cli-2.2.13.dist-info/entry_points.txt,sha256=uJbDvZdkYaLiCh2DMvXPUGKFm2p5ZfzJCizUK3-PUEE,56
-praetorian_cli-2.2.13.dist-info/top_level.txt,sha256=QbUdRPGEj_TyHO-E7AD5BxFfR8ore37i273jP4Gn43c,15
-praetorian_cli-2.2.13.dist-info/RECORD,,
+praetorian_cli-2.2.15.dist-info/licenses/LICENSE,sha256=Zv97QripiVALv-WokW_Elsiz9vtOfbtNt1aLZhhk67I,1067
+praetorian_cli-2.2.15.dist-info/METADATA,sha256=tFrGUx-JASajeDC0bE5j-btCN4Lru3dM93aLyt7hrF0,7752
+praetorian_cli-2.2.15.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
+praetorian_cli-2.2.15.dist-info/entry_points.txt,sha256=uJbDvZdkYaLiCh2DMvXPUGKFm2p5ZfzJCizUK3-PUEE,56
+praetorian_cli-2.2.15.dist-info/top_level.txt,sha256=QbUdRPGEj_TyHO-E7AD5BxFfR8ore37i273jP4Gn43c,15
+praetorian_cli-2.2.15.dist-info/RECORD,,