Module: Inspec::Impact

Defined in:

lib/inspec/impact.rb

Overview

Impact scores based off CVSS 3.0

Constant Summary

IMPACT_SCORES =

{
  "none" => 0.0,
  "low" => 0.1,
  "medium" => 0.4,
  "high" => 0.7,
  "critical" => 0.9,
}.freeze

Class Method Summary

• .impact_from_string(value) ⇒ Object
• .is_number?(value) ⇒ Boolean
• .string_from_impact(value) ⇒ Object

Class Method Details

.impact_from_string(value) ⇒ Object

Raises:

• (Inspec::ImpactError)

# File 'lib/inspec/impact.rb', line 13

def self.impact_from_string(value)
  # return if its a number
  return value if is_number?(value)
  raise Inspec::ImpactError, "'#{value}' is not a valid impact name. Valid impact names: none, low, medium, high, critical." unless IMPACT_SCORES.key?(value.downcase)

  IMPACT_SCORES[value]
end

.is_number?(value) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/inspec/impact.rb', line 21

def self.is_number?(value)
  Float(value)
  true
rescue
  false
end

.string_from_impact(value) ⇒ Object

Raises:

• (Inspec::ImpactError)

# File 'lib/inspec/impact.rb', line 28

def self.string_from_impact(value)
  value = value.to_f
  raise Inspec::ImpactError, "'#{value}' is not a valid impact score. Valid impact scores: [0.0 - 1.0]." if value < 0 || value > 1

  IMPACT_SCORES.reverse_each do |name, impact|
    return name if value >= impact
  end
end