regscale-cli 6.20.5.0__py3-none-any.whl → 6.20.6.0__py3-none-any.whl

regscale/__init__.py

@@ -1 +1 @@
-__version__ = "6.20.5.0"
+from ._version import __version__

regscale/_version.py

@@ -0,0 +1,39 @@
+"""Version information for regscale-cli."""
+
+import re
+
+from pathlib import Path
+
+
+def get_version_from_pyproject() -> str:
+    """
+    Extract version from pyproject.toml
+
+    :return: Version string if found, otherwise a fallback version
+    :rtype: str
+    """
+    pyproject_file_name = "pyproject.toml"
+    try:
+        # Try multiple possible locations for pyproject.toml
+        possible_paths = [
+            # From the package directory
+            Path(__file__).parent.parent / pyproject_file_name,
+            # From current working directory
+            Path.cwd() / pyproject_file_name,
+            # From the project root (assuming we're in a subdirectory)
+            Path.cwd().parent / pyproject_file_name,
+        ]
+
+        for pyproject_path in possible_paths:
+            if pyproject_path.exists():
+                content = pyproject_path.read_text()
+                # Look for version = "x.y.z" pattern
+                match = re.search(r'version\s*=\s*["\']([^"\']+)["\']', content)
+                if match:
+                    return match.group(1)
+    except Exception:
+        pass
+    return "6.20.6.0"  # fallback version
+
+
+__version__ = get_version_from_pyproject()

regscale/core/app/internal/__init__.py

@@ -134,3 +134,16 @@ def model():
 def issues():
     """Performs actions on Issues CLI Feature to create new or update issues to RegScale."""
     pass
+
+
+@click.group(
+    cls=LazyGroup,
+    lazy_subcommands={
+        "new": "regscale.core.app.internal.set_permissions.generate_new_file",
+        "load": "regscale.core.app.internal.set_permissions.import_permissions",
+    },
+    name="set_permissions",
+)
+def set_permissions():
+    """Builk sets permissions on records in RegScale from a generated spreadsheet"""
+    pass

regscale/core/app/internal/set_permissions.py

@@ -0,0 +1,173 @@
+import click
+from pathlib import Path
+import os
+from openpyxl import Workbook, load_workbook
+from openpyxl.styles import Protection, Font, NamedStyle
+from openpyxl.worksheet.worksheet import Worksheet
+from openpyxl.worksheet.datavalidation import DataValidation
+from openpyxl import Workbook, load_workbook
+from openpyxl.utils.dataframe import dataframe_to_rows
+
+from regscale.core.app.logz import create_logger
+from regscale.models.regscale_models.modules import Modules
+from regscale.models.regscale_models.rbac import RBAC
+from regscale.models.regscale_models.group import Group
+from regscale.models.app_models import ImportValidater
+
+logger = create_logger()
+PUBLIC_PRIVATE = "public | private"
+READ_UPDATE = "Read | Read Update"
+
+
+@click.group(name="set_permissions")
+def set_permissions():
+    """
+    Sets permissions on RegScale records
+    """
+
+
+# Make Empty Spreadsheet for creating new assessments.
+@set_permissions.command(name="new")
+@click.option(
+    "--path",
+    type=click.Path(exists=False, dir_okay=True, path_type=Path),
+    help="Provide the desired path into which the excel template file is saved.",
+    default=os.path.join(os.getcwd(), "artifacts"),
+    required=True,
+)
+def generate_new_file(path: Path):
+    """This function will build an Excel spreadsheet for users to be
+    load bulk ACLs on RegScale Records."""
+    create_workbook(path)
+
+
+def create_workbook(path: Path):
+    """
+    Creates a new Excel workbook with a worksheet for setting permissions in RegScale
+
+    :param Path path: The path where the workbook will be saved
+    """
+    import pandas as pd
+
+    workbook_filename = os.path.join(os.getcwd(), path, "import_acls.xlsx")
+    workbook = Workbook()
+    worksheet = workbook.active
+    worksheet.title = "RegScale_Set_Permissions"
+    workbook.save(filename=workbook_filename)
+
+    filler = []
+    for _index_ in range(100):
+        filler.append("")
+
+    data = {
+        "regscale_id": filler,
+        "regscale_module": filler,
+        PUBLIC_PRIVATE: filler,
+        "group_id": filler,
+        READ_UPDATE: filler,
+    }
+    df = pd.DataFrame(data)
+    # Create the headers and filler data
+    for r in dataframe_to_rows(df, index=False, header=True):
+        worksheet.append(r)
+
+    # Set pick lists
+    dv_mode = DataValidation(type="list", formula1='"public, private"', allow_blank=True)
+    dv_mode.add(cell="C2:C100")
+    worksheet.add_data_validation(dv_mode)
+    dv_right = DataValidation(type="list", formula1='"R, RU"', allow_blank=True)
+    dv_right.add(cell="E2:E100")
+    worksheet.add_data_validation(dv_right)
+
+    # Fix width
+    for col in worksheet.columns:
+        max_length = 0
+        column_letter = col[0].column_letter
+
+        for cell in col:
+            # Determine max length for column width
+            cell_length = len(str(cell.value))
+            max_length = max(max_length, cell_length)
+
+        # Set adjusted column width
+        adjusted_width = (max_length + 2) * 1.2
+        worksheet.column_dimensions[column_letter].width = adjusted_width
+
+    # Write out the formatting to the file
+    workbook.save(filename=workbook_filename)
+
+
+@set_permissions.command(name="load")
+@click.option(
+    "--file",
+    type=click.Path(exists=False, dir_okay=True, path_type=Path),
+    help="Provide the path and filename of the file containing the permissions to load",
+    required=True,
+)
+def import_permissions(file: Path):
+    """This function creates permissions on RegScale records recorded
+    in a spreadsheet"""
+    import_permissions_workbook(file)
+
+
+def import_permissions_workbook(file: Path):
+    """
+    Imports permissions from a workbook file and applies them to RegScale records
+
+    :param Path file: The path to the workbook file containing permissions
+    """
+    # Read in the spreadsheet
+    records = get_records(file=file)
+    for record in records:
+        if not Group.get_object(record["group_id"]):
+            logger.error(f"Group {record['group_id']} doesn't exist in this instance.  Skipping row")
+            continue
+
+        regscale_module_id = Modules.get_module_to_id(record["regscale_module"])
+        regscale_id = record["regscale_id"]
+        if record[READ_UPDATE] == "R":
+            permissions = 1
+        elif record[READ_UPDATE] == "RU":
+            permissions = 2
+        else:
+            permissions = 0
+
+        # Set the record to private
+        my_class = Modules.module_to_class(record["regscale_module"])
+        obj = my_class.get_object(regscale_id)
+        if not obj:
+            logger.error(f"RegScale {record['regscale_module']} record {regscale_id} doesn't exist. Skipping row")
+            continue
+
+        # Add the permission
+        RBAC.add(
+            module_id=regscale_module_id,
+            parent_id=regscale_id,
+            group_id=record["group_id"],
+            permission_type=permissions,
+        )
+        RBAC.public(
+            module_id=regscale_module_id,
+            parent_id=regscale_id,
+            is_public=0 if record[PUBLIC_PRIVATE] == "private" else 1,
+        )
+
+
+def get_records(file: Path) -> list:
+    """
+    Takes the file name and returns the records in the file
+
+    :param Path file: spreadsheet containing permission records
+    :return: records from file
+    :return_type: list
+    """
+    required_headers = ["regscale_id", "regscale_module", PUBLIC_PRIVATE, "group_id", READ_UPDATE]
+    validator = ImportValidater(
+        file_path=file,
+        required_headers=required_headers,
+        worksheet_name="RegScale_Set_Permissions",
+        skip_rows=1,
+        disable_mapping=True,
+        mapping_file_path="./",
+    )
+    return validator.data.to_dict(orient="records")

regscale/core/app/utils/file_utils.py

@@ -37,7 +37,17 @@ def read_file(file_path: Union[str, Path]) -> str:
     """
     import smart_open  # type: ignore # Optimize import performance
 
-    with smart_open.open(str(file_path), "r") as f:
+    encodings = ["utf-8", "latin-1", "cp1252", "iso-8859-1"]
+
+    for encoding in encodings:
+        try:
+            with smart_open.open(str(file_path), "r", encoding=encoding) as f:
+                return f.read()
+        except UnicodeDecodeError:
+            continue
+
+    # Fallback to utf-8 with error replacement
+    with smart_open.open(str(file_path), "r", encoding="utf-8", errors="replace") as f:
         return f.read()
 
 

regscale/core/app/utils/regscale_utils.py

@@ -6,16 +6,12 @@
 import json
 import os
 import re
-import warnings
 from typing import Any, Optional
-from urllib.parse import urljoin
-
-from requests import JSONDecodeError
 
 from regscale.core.app.api import Api
 from regscale.core.app.application import Application
 from regscale.core.app.logz import create_logger
-from regscale.core.app.utils.app_utils import convert_to_string, error_and_exit, get_file_name, get_file_type
+from regscale.core.app.utils.app_utils import error_and_exit, get_file_name, get_file_type
 from regscale.models import Data
 from regscale.models.regscale_models.modules import Modules
 
@@ -24,28 +20,6 @@ from regscale.models.regscale_models.form_field_value import FormFieldValue
 logger = create_logger()
 
 
-def send_email(_: Api, __: str, payload: dict) -> bool:
-    """
-    Function to use the RegScale email API and send an email, returns bool on whether API call was successful
-
-    :param Api _: API object
-    :param str __: RegScale URL of instance
-    :param dict payload: email payload
-    :return: Boolean if RegScale api was successful
-    :rtype: bool
-    """
-    warnings.warn(
-        "This function is deprecated and will be removed in a future release. Use Email().send instead.",
-        DeprecationWarning,
-        stacklevel=2,
-    )
-    from regscale.models import Email
-
-    email = Email(**payload)
-    # use the api to post the dict payload passed
-    return email.send() is not None
-
-
 def update_regscale_config(str_param: str, val: Any, app: Application = None) -> str:
     """
     Update config in init.yaml
@@ -68,29 +42,6 @@ def update_regscale_config(str_param: str, val: Any, app: Application = None) ->
     return "Config updated"
 
 
-def create_regscale_assessment(_: str, new_assessment: dict, __: Api) -> Optional[int]:
-    """
-    Function to create a new assessment in RegScale and returns the new assessment's ID
-
-    :param str _: RegScale instance URL to create the assessment
-    :param dict new_assessment: API assessment payload
-    :param Api __: API object
-    :return: New RegScale assessment ID
-    :rtype: int
-    """
-    warnings.warn(
-        "This function is deprecated and will be removed in a future release. Use Assessment().create.id instead.",
-        DeprecationWarning,
-        stacklevel=2,
-    )
-    from regscale.models import Assessment
-
-    new_assessment = Assessment(**new_assessment)
-    if created_assessment := new_assessment.create():
-        return created_assessment.id
-    return None
-
-
 def check_module_id(parent_id: int, parent_module: str) -> bool:
     """
     Verify object exists in RegScale
@@ -194,45 +145,6 @@ def format_control(control: str) -> str:
     return new_string.lower()  # Output: ac-2.1
 
 
-def get_user(_: Api, user_id: str) -> dict:
-    """
-    Function to get the provided user_id from RegScale via API
-
-    :param Api _: API Object
-    :param str user_id: the RegScale user's GUID
-    :return: Dictionary containing the user's information
-    :rtype: dict
-    """
-    warnings.warn(
-        "This function is deprecated and will be removed in a future release. Use User.get_user_by_id() instead.",
-        DeprecationWarning,
-        stacklevel=2,
-    )
-    from regscale.models import User
-
-    user = User.get_user_by_id(user_id)
-    return user.dict()
-
-
-def get_threats(_: Api) -> list[dict]:
-    """
-    Function to get all threats from RegScale via GraphQL
-
-    :param Api _: API Object
-    :return: List containing threat descriptions
-    :rtype: list[dict]
-    """
-    warnings.warn(
-        "This function is deprecated and will be removed in a future release. Use Threat.fetch_all_threats() instead.",
-        DeprecationWarning,
-        stacklevel=2,
-    )
-    from regscale.models import Threat
-
-    threats = Threat.fetch_all_threats()
-    return [threat.dict() for threat in threats] or []
-
-
 def create_new_data_submodule(
     parent_id: int, parent_module: str, file_path: str, raw_data: dict = None, is_file: bool = True
 ) -> Optional[dict]:
@@ -276,50 +188,6 @@ def create_new_data_submodule(
     return None
 
 
-def create_properties(
-    _: Api,
-    data: dict,
-    parent_id: int,
-    parent_module: str,
-    __: Optional[int] = 3,
-    label: Optional[str] = None,
-) -> bool:
-    """
-    Create a list of properties and upload them to RegScale for the provided asset
-
-    :param Api _: API Object to post the data in RegScale
-    :param dict data: Dictionary of data to parse and create properties from
-    :param int parent_id: ID to create properties for
-    :param str parent_module: Parent module to create properties for
-    :param Optional[int] __: Number of times to retry the API call if it fails, defaults to 3
-    :param Optional[str] label: Label to use for the properties, defaults to None
-    :return: If batch update was successful
-    :rtype: bool
-    """
-    from regscale.models import Property
-
-    warnings.warn(
-        "This function is deprecated and will be removed in a future release. Use Property.batch_create() instead.",
-        DeprecationWarning,
-        stacklevel=2,
-    )
-    properties: list = []
-    for key, value in data.items():
-        # evaluate the value and convert it to a string
-        value = convert_to_string(value)
-        prop = Property(
-            key=key,
-            value=value or "NULL",
-            label=label or None,
-            parentId=parent_id,
-            parentModule=parent_module,
-        )
-        properties.append(prop)
-
-    new_props = Property.batch_create(properties)
-    return len(new_props) > 0
-
-
 def normalize_controlid(name: str) -> str:
     """
     Normalizes a control Id String

regscale/core/utils/date.py

@@ -6,7 +6,10 @@ import datetime
 import logging
 from typing import Any, List, Optional, Union
 
-from dateutil.parser import ParserError, parse
+
+import pytz
+from dateutil.parser import parse, ParserError
+
 from pandas import Timestamp
 
 logger = logging.getLogger("regscale")
@@ -23,17 +26,18 @@ def date_str(date_object: Union[str, datetime.datetime, datetime.date, None], da
     """
     if isinstance(date_object, str):
         date_object = date_obj(date_object)
-    if isinstance(date_object, datetime.datetime):
-        if date_format:
-            return date_object.strftime(date_format)
-        return date_object.date().isoformat()
-    if isinstance(date_object, datetime.date):
-        if date_format:
-            return date_object.strftime(date_format)
-        return date_object.isoformat()
-    if isinstance(date_object, Timestamp):
-        return date_object.date().isoformat()
-    return ""
+
+    # Handles passed None and date_obj returning None
+    if not date_object:
+        return ""
+
+    if isinstance(date_object, (datetime.datetime, Timestamp)):
+        date_object = date_object.date()
+
+    if date_format:
+        return date_object.strftime(date_format)
+
+    return date_object.isoformat()
 
 
 def datetime_str(
@@ -48,13 +52,14 @@ def datetime_str(
     """
     if not date_format:
         date_format = default_date_format
+
     if isinstance(date_object, str):
         date_object = datetime_obj(date_object)
-    if isinstance(date_object, datetime.datetime):
-        return date_object.strftime(date_format)
-    if isinstance(date_object, datetime.date):
-        return date_object.strftime(date_format)
-    return ""
+
+    if not date_object:
+        return ""
+
+    return date_object.strftime(date_format)
 
 
 def date_obj(date_str: Union[str, datetime.datetime, datetime.date, int, None]) -> Optional[datetime.date]:
@@ -64,14 +69,14 @@ def date_obj(date_str: Union[str, datetime.datetime, datetime.date, int, None])
     :param Union[str, datetime.datetime, datetime.date, int] date_str: The value to convert.
     :return: The date object.
     """
-    if isinstance(date_str, (str, int)):
-        dt_obj = datetime_obj(date_str)
-        return dt_obj.date() if dt_obj else None
     if isinstance(date_str, datetime.datetime):
         return date_str.date()
+
     if isinstance(date_str, datetime.date):
         return date_str
-    return None
+
+    dt_obj = datetime_obj(date_str)
+    return dt_obj.date() if dt_obj else None
 
 
 def datetime_obj(date_str: Union[str, datetime.datetime, datetime.date, int, None]) -> Optional[datetime.datetime]:
@@ -168,8 +173,12 @@ def days_between(
     :param Union[str, datetime.datetime, datetime.date] end: The end date.
     :return: A list of dates between the start and end dates.
     """
-    delta = date_obj(end) - date_obj(start)
-    return [(date_obj(start) + datetime.timedelta(days=i)).strftime("%Y/%m/%d") for i in range(delta.days + 1)]
+    start_dt = date_obj(start)
+    end_dt = date_obj(end)
+    if start_dt is None or end_dt is None:
+        return []
+    delta = end_dt - start_dt
+    return [(start_dt + datetime.timedelta(days=i)).strftime("%Y/%m/%d") for i in range(delta.days + 1)]
 
 
 def weekend_days_between(
@@ -178,12 +187,11 @@ def weekend_days_between(
 ) -> List[str]:
     """
     Get the weekend days between two dates.
-
     :param Union[str, datetime.datetime, datetime.date] start: The start date.
     :param Union[str, datetime.datetime, datetime.date] end: The end date.
     :return: A list of weekend dates between the start and end dates.
     """
-    return [day for day in days_between(start, end) if not is_weekday(date_obj(day))]
+    return [day for day in days_between(start, end) if day and (dt := date_obj(day)) is not None and not is_weekday(dt)]
 
 
 def days_from_today(i: int) -> datetime.date:
@@ -210,11 +218,13 @@ def get_day_increment(
     :param Optional[List[Union[str, datetime.datetime, datetime.date]]] excluded_dates: A list of dates to exclude.
     :return: The date days days from the start date, excluding the excluded dates.
     """
-    start = date_obj(start)
-    end = start + datetime.timedelta(days=days)
+    start_dt = date_obj(start)
+    if start_dt is None:
+        raise ValueError("Invalid start date")
+    end = start_dt + datetime.timedelta(days=days)
     if excluded_dates:
-        for excluded_date in sorted([date_obj(x) for x in excluded_dates]):
-            if start <= excluded_date <= end:
+        for excluded_date in sorted([d for d in [date_obj(x) for x in excluded_dates] if d is not None]):
+            if start_dt <= excluded_date <= end:
                 end += datetime.timedelta(days=1)
     return end
 
@@ -237,6 +247,29 @@ def normalize_date(dt: str, fmt: str) -> str:
     return dt
 
 
+def format_to_regscale_iso(date_input: Union[str, datetime.datetime]) -> str:
+    """
+    Format a date string or datetime object to RegScale-compatible ISO 8601 with 3 milliseconds and 'Z'.
+
+    :param Union[str, datetime.datetime] date_input: Input date as string or datetime.
+    :return: Formatted ISO string.
+    :rtype: str
+    """
+    if isinstance(date_input, str):
+        try:
+            dt = parse(date_input)
+        except ParserError:
+            logger.warning(f"Unable to parse date: {date_input}")
+            return date_input
+    else:
+        dt = date_input
+    if dt.tzinfo is None:
+        dt = dt.replace(tzinfo=pytz.UTC)
+    else:
+        dt = dt.astimezone(pytz.UTC)
+    return dt.strftime("%Y-%m-%dT%H:%M:%S.%f")[:-3] + "Z"
+
+
 def normalize_timestamp(timestamp_value: Any) -> int:
     """
     Normalize timestamp to seconds, handling both seconds and milliseconds.

regscale/integrations/commercial/wizv2/click.py

@@ -4,7 +4,6 @@
 
 # standard python imports
 import logging
-import os
 from typing import Optional
 
 import click
@@ -343,16 +342,16 @@ def add_report_evidence(
 @click.option(  # type: ignore
     "--client_id",
     "-i",
-    help="Wiz Client ID. Can also be set as an environment variable: WIZ_CLIENT_ID",
-    default=os.environ.get("WIZ_CLIENT_ID"),
+    help="Wiz Client ID, or can be set as environment variable wizClientId",
+    default="",
     hide_input=False,
     required=False,
 )
 @click.option(  # type: ignore
     "--client_secret",
     "-s",
-    help="Wiz Client Secret. Can also be set as an environment variable: WIZ_CLIENT_SECRET",
-    default=os.environ.get("WIZ_CLIENT_SECRET"),
+    help="Wiz Client Secret, or can be set as environment variable wizClientSecret",
+    default="",
     hide_input=True,
     required=False,
 )
@@ -384,6 +383,11 @@ def sync_compliance(
     """Sync compliance posture from Wiz to RegScale"""
     from regscale.integrations.commercial.wizv2.utils import _sync_compliance
 
+    if not client_secret:
+        client_secret = WizVariables.wizClientSecret
+    if not client_id:
+        client_id = WizVariables.wizClientId
+
     _sync_compliance(
         wiz_project_id=wiz_project_id,
         regscale_id=regscale_id,

regscale/integrations/commercial/wizv2/constants.py

@@ -131,6 +131,9 @@ INVENTORY_QUERY = """
     graphEntity{
       id
       providerUniqueId
+      publicExposures(first: 5) {
+          totalCount
+      }
       name
       type
       projects {
@@ -435,6 +438,18 @@ VULNERABILITY_QUERY = """
       name
       detailedName
       description
+      commentThread {
+        comments(first:100) {
+          edges {
+            node {
+              body,
+              author {
+                name
+              }
+            }
+          }
+        }
+      },
       severity: vendorSeverity
       weightedSeverity
       status

regscale/integrations/commercial/wizv2/parsers.py

@@ -271,6 +271,29 @@ def get_ip_address_from_props(network_dict: Dict) -> Optional[str]:
     return network_dict.get("ip4_address") or network_dict.get("ip6_address")
 
 
+def get_ip_v4_from_props(network_dict: Dict) -> Optional[str]:
+    """
+    Get IPv4 address from properties
+    :param Dict network_dict: Network dictionary
+    :return: IPv4 address if it can be parsed from the network dictionary
+    :rtype: Optional[str]
+    """
+    ip = network_dict.get("address")
+    if ip:
+        logger.info("get_ip_v4_from_props: %s", ip)
+    return network_dict.get("address")
+
+
+def get_ip_v6_from_props(network_dict: Dict) -> Optional[str]:
+    """
+    Get IPv6 address from properties
+    :param Dict network_dict: Network dictionary
+    :return: IPv6 address if it can be parsed from the network dictionary
+    :rtype: Optional[str]
+    """
+    return network_dict.get("ip6_address")
+
+
 def fetch_wiz_data(
     query: str,
     variables: dict,