Class: Nexpose::Role
- Inherits:
-
RoleSummary
- Object
- RoleSummary
- Nexpose::Role
- Defined in:
- lib/nexpose/role.rb
Constant Summary collapse
- GLOBAL_ADMINISTRATOR =
Constants, mapping UI terms to role names expected by API.
'global-admin'
- ASSET_OWNER =
'system-admin'
- SECURITY_MANAGER =
'security-manager'
- SITE_OWNER =
'site-admin'
- USER =
'user'
Instance Attribute Summary collapse
-
#existing ⇒ Object
Flag to track whether this role exists already on the Nexpose console.
-
#privileges ⇒ Object
Array of all privileges which are enabled for this role.
Attributes inherited from RoleSummary
#description, #enabled, #full_name, #id, #name, #scope
Class Method Summary collapse
-
.copy(nsc, name, scope = Scope::SILO) ⇒ Role
Copy an existing Role to build a new role off of it.
-
.load(nsc, name, scope = Scope::SILO) ⇒ Role
Retrieve a detailed description of a single role.
- .parse(xml) ⇒ Object
Instance Method Summary collapse
-
#delete(nsc) ⇒ Object
Remove this role from the Nexpose console.
-
#initialize(name, full_name, id, enabled = true, scope = Scope::SILO) ⇒ Role
constructor
A new instance of Role.
-
#save(nsc) ⇒ Object
Create or save a Role to the Nexpose console.
- #to_xml ⇒ Object
Constructor Details
#initialize(name, full_name, id, enabled = true, scope = Scope::SILO) ⇒ Role
Returns a new instance of Role.
133 134 135 136 |
# File 'lib/nexpose/role.rb', line 133 def initialize(name, full_name, id, enabled = true, scope = Scope::SILO) @name, @full_name, @id, @enabled, @scope = name, full_name, id, enabled, scope @privileges = [] end |
Instance Attribute Details
#existing ⇒ Object
Flag to track whether this role exists already on the Nexpose console. Flag determines behavior of #save method.
131 132 133 |
# File 'lib/nexpose/role.rb', line 131 def existing @existing end |
#privileges ⇒ Object
Array of all privileges which are enabled for this role. Note: Although the underlying XML has different requirements, this only checks for presence.
127 128 129 |
# File 'lib/nexpose/role.rb', line 127 def privileges @privileges end |
Class Method Details
.copy(nsc, name, scope = Scope::SILO) ⇒ Role
Copy an existing Role to build a new role off of it. Role will not have a valid name or full_name, so they will need to be provided before saving.
190 191 192 193 194 195 196 |
# File 'lib/nexpose/role.rb', line 190 def self.copy(nsc, name, scope = Scope::SILO) role = load(nsc, name, scope) role.name = role.full_name = nil role.id = -1 role.existing = false role end |
.load(nsc, name, scope = Scope::SILO) ⇒ Role
Retrieve a detailed description of a single role.
146 147 148 149 150 151 152 153 154 155 156 |
# File 'lib/nexpose/role.rb', line 146 def self.load(nsc, name, scope = Scope::SILO) xml = %Q(<RoleDetailsRequest session-id="#{nsc.session_id}">) xml << %Q(<Role name="#{name}" scope="#{scope}"/>) xml << '</RoleDetailsRequest>' response = APIRequest.execute(nsc.url, xml, '1.2') if response.success elem = REXML::XPath.first(response.res, 'RoleDetailsResponse/Role/') parse(elem) end end |
.parse(xml) ⇒ Object
210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 |
# File 'lib/nexpose/role.rb', line 210 def self.parse(xml) role = new(xml.attributes['name'], xml.attributes['full-name'], xml.attributes['id'].to_i, xml.attributes['enabled'] == 'true', xml.attributes['scope']) role.description = REXML::XPath.first(xml, 'Description').text role.existing = true # Only grab enabled privileges. xml.elements.each("GlobalPrivileges/child::*[@enabled='true']") do |privilege| role.privileges << privilege.name end xml.elements.each("SitePrivileges/child::*[@enabled='true']") do |privilege| role.privileges << privilege.name end xml.elements.each("AssetGroupPrivileges/child::*[@enabled='true']") do |privilege| role.privileges << privilege.name end role end |
Instance Method Details
#delete(nsc) ⇒ Object
Remove this role from the Nexpose console.
202 203 204 205 206 207 208 |
# File 'lib/nexpose/role.rb', line 202 def delete(nsc) xml = %Q(<RoleDeleteRequest session-id="#{nsc.session_id}">) xml << %Q(<Role name="#{@name}" scope="#{@scope}"/>) xml << '</RoleDeleteRequest>' response = APIRequest.execute(nsc.url, xml, '1.2') response.success end |
#save(nsc) ⇒ Object
Create or save a Role to the Nexpose console.
164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 |
# File 'lib/nexpose/role.rb', line 164 def save(nsc) if @existing xml = %Q(<RoleUpdateRequest session-id="#{nsc.session_id}">) xml << to_xml xml << '</RoleUpdateRequest>' else xml = %Q(<RoleCreateRequest session-id="#{nsc.session_id}">) xml << to_xml xml << '</RoleCreateRequest>' end response = APIRequest.execute(nsc.url, xml, '1.2') xml = REXML::XPath.first(response.res, 'RoleCreateResponse') @id = xml.attributes['id'].to_i @existing = true response.success end |
#to_xml ⇒ Object
233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 |
# File 'lib/nexpose/role.rb', line 233 def to_xml xml = %Q(<Role name="#{@name}" full-name="#{@full_name}") xml << %Q( enabled="#{(enabled ? 'true' : 'false')}") xml << %Q( scope="#{@scope}">) xml << %Q(<Description>#{@description}</Description>) xml << '<SitePrivileges>' Privilege::Site::constants.each do |field| as_s = Privilege::Site.const_get(field) enabled = (privileges.member? as_s) ? 'true' : 'false' xml << %Q(<#{as_s} enabled="#{enabled}"/>) end xml << '</SitePrivileges>' xml << '<AssetGroupPrivileges>' Privilege::AssetGroup::constants.each do |field| as_s = Privilege::AssetGroup.const_get(field) enabled = (privileges.member? as_s) ? 'true' : 'false' xml << %Q(<#{as_s} enabled="#{enabled}"/>) end xml << '</AssetGroupPrivileges>' xml << '<GlobalPrivileges>' Privilege::Global::constants.each do |field| as_s = Privilege::Global.const_get(field) enabled = (privileges.member? as_s) ? 'true' : 'false' xml << %Q(<#{as_s} enabled="#{enabled}"/>) end xml << '</GlobalPrivileges>' xml << '</Role>' xml end |