prelude-sdk-beta 1440__tar.gz → 1449__tar.gz

{prelude_sdk_beta-1440 → prelude_sdk_beta-1449}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: prelude-sdk-beta
-Version: 1440
+Version: 1449
 Summary: For interacting with the Prelude API
 Home-page: https://github.com/preludeorg
 Author: Prelude Research

{prelude_sdk_beta-1440 → prelude_sdk_beta-1449}/prelude_sdk_beta/controllers/scm_controller.py

@@ -593,3 +593,74 @@ class ScmController(HttpController):
                 ],
             )
         return history
+
+    @verify_credentials
+    def get_report(self, report_id: str):
+        """Get SCM report by ID"""
+        res = self.get(
+            f"{self.account.hq}/scm/reports/{report_id}",
+            headers=self.account.headers,
+            timeout=10,
+        )
+        return res.json()
+
+    @verify_credentials
+    def list_reports(self):
+        """List SCM reports"""
+        res = self.get(
+            f"{self.account.hq}/scm/reports",
+            headers=self.account.headers,
+            timeout=10,
+        )
+        return res.json()
+
+    @verify_credentials
+    def delete_report(self, report_id: str):
+        """Delete SCM report by ID"""
+        res = self.delete(
+            f"{self.account.hq}/scm/reports/{report_id}",
+            headers=self.account.headers,
+            timeout=10,
+        )
+        return res.json()
+
+    @verify_credentials
+    def put_report(self, report_data: dict, report_id: str = None):
+        """Put SCM report by ID"""
+        res = self.put(
+            f"{self.account.hq}/scm/reports",
+            headers=self.account.headers,
+            json=dict(report=report_data, id=report_id),
+            timeout=10,
+        )
+        return res.json()
+
+    @verify_credentials
+    def get_chart_data(
+        self,
+        scm_category: SCMCategory,
+        sort_by: str,
+        group_by: str,
+        group_limit: int,
+        display_overrides: dict = None,
+        odata_filter: str = None,
+        scopes: dict = None,
+    ):
+        """Get SCM chart data"""
+        body = {
+            "category": scm_category.name,
+            "display_overrides": display_overrides,
+            "group_by": group_by,
+            "group_limit": group_limit,
+            "scopes": scopes,
+            "sort_by": sort_by,
+        }
+        if odata_filter:
+            body["$filter"] = odata_filter
+        res = self.post(
+            f"{self.account.hq}/scm/reports/data",
+            headers=self.account.headers,
+            json=body,
+            timeout=30,
+        )
+        return res.json()

{prelude_sdk_beta-1440 → prelude_sdk_beta-1449}/prelude_sdk_beta/models/codes.py

@@ -236,6 +236,68 @@ class Control(Enum, metaclass=MissingItem):
             case _:
                 return []
 
+    @property
+    def display_name(self):
+        match self:
+            case Control.CROWDSTRIKE:
+                return "CrowdStrike"
+            case Control.DEFENDER:
+                return "Microsoft Defender"
+            case Control.SPLUNK:
+                return "Splunk"
+            case Control.SENTINELONE:
+                return "SentinelOne"
+            case Control.VECTR:
+                return "VECTR"
+            case Control.S3:
+                return "Amazon S3"
+            case Control.INTUNE:
+                return "Microsoft Intune"
+            case Control.SERVICENOW:
+                return "ServiceNow"
+            case Control.OKTA:
+                return "Okta"
+            case Control.M365:
+                return "Microsoft 365"
+            case Control.ENTRA:
+                return "Microsoft Entra ID"
+            case Control.JAMF:
+                return "Jamf"
+            case Control.GMAIL:
+                return "Gmail"
+            case Control.GOOGLE_IDENTITY:
+                return "Google Cloud Identity Platform"
+            case Control.DEFENDER_DISCOVERY:
+                return "Microsoft Defender Discovery"
+            case Control.TENABLE:
+                return "Tenable"
+            case Control.EC2:
+                return "Amazon EC2"
+            case Control.AWS_SSM:
+                return "Amazon SSM"
+            case Control.AZURE_VM:
+                return "Azure VM"
+            case Control.GITHUB:
+                return "GitHub"
+            case Control.TENABLE_DISCOVERY:
+                return "Tenable Discovery"
+            case Control.QUALYS:
+                return "Qualys"
+            case Control.QUALYS_DISCOVERY:
+                return "Qualys Discovery"
+            case Control.RAPID7:
+                return "Rapid7"
+            case Control.RAPID7_DISCOVERY:
+                return "Rapid7 Discovery"
+            case Control.INTEL_INTUNE:
+                return "Intel"
+            case Control.CISCO_MERAKI:
+                return "Cisco Meraki"
+            case Control.CISCO_MERAKI_IDENTITY:
+                return "Cisco Meraki Identity"
+            case _:
+                return "Unknown Control"
+
 
 class ControlCategory(Enum, metaclass=MissingItem):
     INVALID = -1
@@ -308,6 +370,34 @@ class ControlCategory(Enum, metaclass=MissingItem):
             ],
         }
 
+    @property
+    def display_name(self):
+        match self:
+            case ControlCategory.CLOUD:
+                return "Cloud"
+            case ControlCategory.EMAIL:
+                return "Email"
+            case ControlCategory.IDENTITY:
+                return "Identity Provider"
+            case ControlCategory.NETWORK:
+                return "Network"
+            case ControlCategory.XDR:
+                return "EDR"
+            case ControlCategory.ASSET_MANAGER:
+                return "Endpoint Management"
+            case ControlCategory.DISCOVERED_DEVICES:
+                return "Discovered Devices"
+            case ControlCategory.VULN_MANAGER:
+                return "Vulnerability Management"
+            case ControlCategory.SIEM:
+                return "SIEM"
+            case ControlCategory.PRIVATE_REPO:
+                return "Private Repository"
+            case ControlCategory.HARDWARE:
+                return "Client Hardware Security"
+            case _:
+                return "Unknown Control Category"
+
 
 class SCMCategory(Enum, metaclass=MissingItem):
     INVALID = -1
@@ -519,6 +609,7 @@ class PolicyType(Enum, metaclass=MissingItem):
     def _missing_(cls, value):
         return PolicyType.INVALID
 
+
 class Platform(Enum, metaclass=MissingItem):
     INVALID = 0
     WINDOWS = 1
@@ -549,3 +640,16 @@ class NotationType(Enum, metaclass=MissingItem):
     @classmethod
     def _missing_(cls, value):
         return NotationType.INVALID
+
+
+class ChartType(Enum, metaclass=MissingItem):
+    INVALID = -1
+    NUMBER = 1
+    COLUMN = 2
+    BAR = 3
+    PIE = 4
+    PERCENT = 5
+
+    @classmethod
+    def _missing_(cls, value):
+        return ChartType.INVALID

{prelude_sdk_beta-1440 → prelude_sdk_beta-1449}/prelude_sdk_beta.egg-info/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: prelude-sdk-beta
-Version: 1440
+Version: 1449
 Summary: For interacting with the Prelude API
 Home-page: https://github.com/preludeorg
 Author: Prelude Research

{prelude_sdk_beta-1440 → prelude_sdk_beta-1449}/setup.cfg

@@ -1,6 +1,6 @@
 [metadata]
 name = prelude-sdk-beta
-version = 1440
+version = 1449
 author = Prelude Research
 author_email = support@preludesecurity.com
 description = For interacting with the Prelude API

{prelude_sdk_beta-1440 → prelude_sdk_beta-1449}/tests/test_scm.py

@@ -116,7 +116,7 @@ class TestScmAcrossControls:
         job_id = unwrap(self.export.export_scm)(
             self.export,
             SCMCategory.ENDPOINT,
-            filter="contains(hostname, 'spencer')",
+            filter="contains(hostname, 'i')",
             top=1,
         )["job_id"]
         while (result := unwrap(self.jobs.job_status)(self.jobs, job_id))[

prelude_sdk_beta-1449/tests/test_scm_build.py

@@ -0,0 +1,104 @@
+import pytest
+import uuid
+
+from prelude_sdk_beta.controllers.scm_controller import ScmController
+from prelude_sdk_beta.models.codes import ControlCategory
+
+
+@pytest.mark.order(8)
+@pytest.mark.usefixtures("setup_account")
+class TestScmBuild:
+    def setup_class(self):
+        if not pytest.expected_account["features"]["policy_evaluator"]:
+            pytest.skip("POLICY_EVALUATOR feature not enabled")
+        self.scm = ScmController(pytest.account)
+
+    def test_create_object_exception(self, unwrap):
+        res = unwrap(self.scm.create_object_exception)(
+            self.scm,
+            ControlCategory.ASSET_MANAGER,
+            "hostname eq 'host1'",
+            name="filter me",
+            expires="5555-05-05",
+        )
+        assert res["exception_id"]
+        pytest.exception_id = res["exception_id"]
+
+    def test_update_object_exception(self, unwrap):
+        res = unwrap(self.scm.update_object_exception)(
+            self.scm,
+            pytest.exception_id,
+            filter="hostname eq 'host2'",
+            expires=None,
+        )
+        assert res["status"]
+
+    def test_list_object_exceptions(self, unwrap):
+        res = unwrap(self.scm.list_object_exceptions)(self.scm)
+        exception = [x for x in res if x["id"] == pytest.exception_id]
+        assert len(exception) == 1
+        exception = exception[0]
+        del exception["author"]
+        del exception["created"]
+        assert exception == {
+            "category": ControlCategory.ASSET_MANAGER.value,
+            "expires": None,
+            "filter": "hostname eq 'host2'",
+            "id": pytest.exception_id,
+            "name": "filter me",
+        }
+
+    def test_delete_object_exception(self, unwrap):
+        res = unwrap(self.scm.delete_object_exception)(self.scm, pytest.exception_id)
+        assert res["status"]
+        res = unwrap(self.scm.list_object_exceptions)(self.scm)
+        assert not any(x["id"] == pytest.exception_id for x in res)
+
+    def test_put_report(self, unwrap):
+        report_blob = {
+            "name": "test report",
+            "sections": [
+                {
+                    "name": "test section",
+                    "charts": [
+                        {
+                            "name": "test chart",
+                            "columns": ["platforms"],
+                            "type": "PIE",
+                            "filter": "instances/any(i: i/control eq 1)",
+                            "group_by": "platforms",
+                            "scm_category": "ENDPOINT",
+                        }
+                    ],
+                }
+            ],
+        }
+        res = unwrap(self.scm.put_report)(self.scm, report_data=report_blob)
+        pytest.report_id = res["report_id"]
+        for section in res["report"]["sections"]:
+            assert "id" in section
+        for chart in res["report"]["sections"][0]["charts"]:
+            assert "id" in chart
+            assert "ignore" in chart
+
+    def test_list_reports(self, unwrap):
+        res = unwrap(self.scm.list_reports)(self.scm)
+        report = [r for r in res if r["report_id"] == pytest.report_id]
+        assert len(report) == 1
+        assert report[0]["name"] == "test report"
+        assert "report" not in report[0]
+
+    def test_get_report(self, unwrap):
+        res = unwrap(self.scm.get_report)(self.scm, pytest.report_id)
+        assert res["report_id"] == pytest.report_id
+        for section in res["report"]["sections"]:
+            assert "id" in section
+        for chart in res["report"]["sections"][0]["charts"]:
+            assert "id" in chart
+            assert "ignore" in chart
+
+    def test_delete_report(self, unwrap):
+        res = unwrap(self.scm.delete_report)(self.scm, pytest.report_id)
+        assert res["status"]
+        res = unwrap(self.scm.list_reports)(self.scm)
+        assert not any(r["report_id"] == pytest.report_id for r in res)

prelude_sdk_beta-1440/tests/test_scm_build.py

@@ -1,55 +0,0 @@
-import pytest
-from datetime import datetime, timezone, timedelta
-
-from prelude_sdk_beta.controllers.scm_controller import ScmController
-from prelude_sdk_beta.models.codes import Control, ControlCategory
-
-
-@pytest.mark.order(8)
-@pytest.mark.usefixtures("setup_account")
-class TestScmBuild:
-    def setup_class(self):
-        if not pytest.expected_account["features"]["policy_evaluator"]:
-            pytest.skip("POLICY_EVALUATOR feature not enabled")
-        self.scm = ScmController(pytest.account)
-
-    def test_create_object_exception(self, unwrap):
-        res = unwrap(self.scm.create_object_exception)(
-            self.scm,
-            ControlCategory.ASSET_MANAGER,
-            "hostname eq 'host1'",
-            name="filter me",
-            expires="5555-05-05",
-        )
-        assert res["exception_id"]
-        pytest.exception_id = res["exception_id"]
-
-    def test_update_object_exception(self, unwrap):
-        res = unwrap(self.scm.update_object_exception)(
-            self.scm,
-            pytest.exception_id,
-            filter="hostname eq 'host2'",
-            expires=None,
-        )
-        assert res["status"]
-
-    def test_list_object_exceptions(self, unwrap):
-        res = unwrap(self.scm.list_object_exceptions)(self.scm)
-        exception = [x for x in res if x["id"] == pytest.exception_id]
-        assert len(exception) == 1
-        exception = exception[0]
-        del exception["author"]
-        del exception["created"]
-        assert exception == {
-            "category": ControlCategory.ASSET_MANAGER.value,
-            "expires": None,
-            "filter": "hostname eq 'host2'",
-            "id": pytest.exception_id,
-            "name": "filter me",
-        }
-
-    def test_delete_object_exception(self, unwrap):
-        res = unwrap(self.scm.delete_object_exception)(self.scm, pytest.exception_id)
-        assert res["status"]
-        res = unwrap(self.scm.list_object_exceptions)(self.scm)
-        assert not any(x["id"] == pytest.exception_id for x in res)