Class: Nexpose::ScanTemplate

Inherits:

Object

• Object
• Nexpose::ScanTemplate

Includes:

Sanitize

Defined in:

lib/nexpose/scan_template.rb

Overview

Configuration object for a scan template.

The constructor is designed to take a valid XML representation of a scan template. If you wish to create a new scan template from scratch, use the #load method without a template ID. If you wish to copy and modify an existing template, use the #copy method.

This class is only a partial representation of some of the features available for configuration.

Instance Attribute Summary

• #xml ⇒ Object readonly

  Parsed XML of a scan template.

Class Method Summary

• .copy(nsc, id) ⇒ ScanTemplate

  Copy an existing scan template, changing the id and title.

• .load(nsc, id = nil) ⇒ ScanTemplate

  Load a scan template.

Instance Method Summary

• #_disable_check(check, elem) ⇒ Object
• #_enable_check(check, elem) ⇒ Object
• #_remove_check(check, elem) ⇒ Object
• #checks_by_category ⇒ Array[String]

  Get a list of the check categories enabled for this scan template.

• #checks_by_type ⇒ Array[String]

  Get a list of the check types enabled for this scan template.

• #correlate=(enable) ⇒ Object

  Adjust whether to correlate reliable checks with regular checks.

• #correlate? ⇒ Boolean

  Whether to correlate reliable checks with regular checks.

• #delete(nsc) ⇒ Object

  Delete this scan template from the console.

• #description ⇒ String

  Description of this scan template.

• #description=(description) ⇒ Object

  Assign a description to this scan template.

• #disable_checks_by_category(category) ⇒ Object

  Disable checks by category for this template.

• #disable_checks_by_type(type) ⇒ Object

  Disable checks by type for this template.

• #disable_vuln_check(check_id) ⇒ Object

  Disable individual check for this template.

• #enable_checks_by_category(category) ⇒ Object

  Enable checks by category for this template.

• #enable_checks_by_type(type) ⇒ Object

  Enable checks by type for this template.

• #enable_vuln_check(check_id) ⇒ Object

  Enable individual check for this template.

• #id ⇒ String

  Unique identifier of the scan template.

• #initialize(xml) ⇒ ScanTemplate constructor

  A new instance of ScanTemplate.

• #name ⇒ String

  Name or title of this scan template.

• #name=(name) ⇒ Object

  Assign name to this scan template.

• #policy_scanning=(enable) ⇒ Object

  Adjust whether to perform policy scanning with this template.

• #policy_scanning? ⇒ Boolean

  Whether policy scanning in enabled.

• #potential_checks=(enable) ⇒ Object

  Adjust whether to perform potential vulnerability checks with this template.

• #potential_checks? ⇒ Boolean

  Whether potential vulnerability checks are performed with this template.

• #remove_checks_by_category(category) ⇒ Object

  Remove checks by category for this template.

• #remove_checks_by_type(type) ⇒ Object

  Remove checks by type for this template.

• #remove_vuln_check(check_id) ⇒ Object

  Remove individual check for this template.

• #save(nsc) ⇒ Object

  Save this scan template configuration to a Nexpose console.

• #unsafe_checks=(enable) ⇒ Object

  Adjust whether to perform unsafe vulnerability checks with this template.

• #unsafe_checks? ⇒ Boolean

  Whether unsafe vulnerability checks are performed by this template.

• #vuln_checks ⇒ Array[String]

  Get a list of the individual vuln checks enabled for this scan template.

• #vuln_scanning=(enable) ⇒ Object

  Adjust whether to perform vuln scanning with this template.

• #vuln_scanning? ⇒ Boolean

  Whether vuln scanning in enabled.

• #web_spidering=(enable) ⇒ Object

  Adjust whether to perform web spidering with this template.

• #web_spidering? ⇒ Boolean

  Whether web spidering in enabled.

Methods included from Sanitize

#replace_entities

Constructor Details

#initialize(xml) ⇒ ScanTemplate

Returns a new instance of ScanTemplate.

Parameters:

• xml (String) —

  XML representation of a scan template.

# File 'lib/nexpose/scan_template.rb', line 55

def initialize(xml)
  @xml = REXML::Document.new(xml)
end

Instance Attribute Details

#xml ⇒ Object (readonly)

Parsed XML of a scan template.

# File 'lib/nexpose/scan_template.rb', line 52

def xml
  @xml
end

Class Method Details

.copy(nsc, id) ⇒ ScanTemplate

Copy an existing scan template, changing the id and title.

Parameters:

• nsc (Connection) —

  API connection to a Nexpose console.

• id (String) —

  Unique identifier of an existing scan template.

Returns:

• (ScanTemplate) —

  A copy of the requested scan template configuration.

# File 'lib/nexpose/scan_template.rb', line 349

def self.copy(nsc, id)
  dupe = load(nsc, id)
  dupe.id = '#NewScanTemplate#'
  dupe.title = "#{dupe.title} Copy"
  dupe
end

.load(nsc, id = nil) ⇒ ScanTemplate

Load a scan template.

Parameters:

• nsc (Connection) —

  API connection to a Nexpose console.

• id (String) (defaults to: nil) —

  Unique identifier of an existing scan template. If no ID is provided, a blank, base template will be returned.

Returns:

• (ScanTemplate) —

  The requested scan template configuration.

# File 'lib/nexpose/scan_template.rb', line 333

def self.load(nsc, id = nil)
  if id
    response = JSON.parse(AJAX.get(nsc, "/data/scan/templates/#{URI.encode(id)}"))
    xml = response['value']
  else
    xml = AJAX.get(nsc, '/ajax/scantemplate_config.txml')
  end
  new(xml)
end

Instance Method Details

#_disable_check(check, elem) ⇒ Object

# File 'lib/nexpose/scan_template.rb', line 259

def _disable_check(check, elem)
  checks = REXML::XPath.first(@xml, '//VulnerabilityChecks')
  checks.elements.delete("Enabled/#{elem}[@name='#{check}']")
  checks.elements['Disabled'].add_element(elem, { 'name' => check })
end

#_enable_check(check, elem) ⇒ Object

# File 'lib/nexpose/scan_template.rb', line 253

def _enable_check(check, elem)
  checks = REXML::XPath.first(@xml, '//VulnerabilityChecks')
  checks.elements.delete("Disabled/#{elem}[@name='#{check}']")
  checks.elements['Enabled'].add_element(elem, { 'name' => check })
end

#_remove_check(check, elem) ⇒ Object

# File 'lib/nexpose/scan_template.rb', line 265

def _remove_check(check, elem)
  checks = REXML::XPath.first(@xml, '//VulnerabilityChecks')
  checks.elements.delete("Disabled/#{elem}[@name='#{check}']")
  checks.elements.delete("Enabled/#{elem}[@name='#{check}']")
end

#checks_by_category ⇒ Array[String]

Get a list of the check categories enabled for this scan template.

Returns:

• (Array[String]) —

  List of enabled categories.

# File 'lib/nexpose/scan_template.rb', line 189

def checks_by_category
  checks = REXML::XPath.first(@xml, '//VulnerabilityChecks/Enabled')
  checks.elements.to_a('VulnCategory').map { |c| c.attributes['name'] }
end

#checks_by_type ⇒ Array[String]

Get a list of the check types enabled for this scan template.

Returns:

• (Array[String]) —

  List of enabled check types.

# File 'lib/nexpose/scan_template.rb', line 223

def checks_by_type
  checks = REXML::XPath.first(@xml, '//VulnerabilityChecks/Enabled')
  checks.elements.to_a('CheckType').map { |c| c.attributes['name'] }
end

#correlate=(enable) ⇒ Object

Adjust whether to correlate reliable checks with regular checks.

Parameters:

• enable (Boolean) —

  Whether to turn on vulnerability correlation.

# File 'lib/nexpose/scan_template.rb', line 152

def correlate=(enable)
  vuln_checks = REXML::XPath.first(@xml, 'ScanTemplate/VulnerabilityChecks')
  vuln_checks.attributes['correlate'] = enable ? '1' : '0'
end

#correlate? ⇒ Boolean

Returns Whether to correlate reliable checks with regular checks.

Returns:

• (Boolean) —

  Whether to correlate reliable checks with regular checks.

# File 'lib/nexpose/scan_template.rb', line 145

def correlate?
  vuln_checks = REXML::XPath.first(@xml, 'ScanTemplate/VulnerabilityChecks')
  vuln_checks.attributes['correlate'] == '1'
end

#delete(nsc) ⇒ Object

Delete this scan template from the console. Cannot be used to delete a built-in template.

Parameters:

• nsc (Connection) —

  API connection to a Nexpose console.

# File 'lib/nexpose/scan_template.rb', line 361

def delete(nsc)
  nsc.delete_scan_template(@id)
end

#description ⇒ String

Returns Description of this scan template.

Returns:

• (String) —

  Description of this scan template.

# File 'lib/nexpose/scan_template.rb', line 86

def description
  desc = REXML::XPath.first(@xml, 'ScanTemplate/templateDescription')
  desc.nil? ? nil : desc.text.to_s
end

#description=(description) ⇒ Object

Assign a description to this scan template. Require attribute.

Parameters:

• description (String) —

  Description of the scan template.

# File 'lib/nexpose/scan_template.rb', line 93

def description=(description)
  desc = REXML::XPath.first(@xml, 'ScanTemplate/templateDescription')
  if desc
    desc.text = replace_entities(description)
  else
    root = REXML::XPath.first(xml, 'ScanTemplate')
    desc = REXML::Element.new('templateDescription')
    desc.add_text(description)
    root.add_element(desc)
  end
end

#disable_checks_by_category(category) ⇒ Object

Disable checks by category for this template.

Parameters:

• category (String) —

  Category to disable. @see #list_vuln_categories

# File 'lib/nexpose/scan_template.rb', line 206

def disable_checks_by_category(category)
  _disable_check(category, 'VulnCategory')
end

#disable_checks_by_type(type) ⇒ Object

Disable checks by type for this template.

Parameters:

• type (String) —

  Type to disable. @see #list_vuln_types

# File 'lib/nexpose/scan_template.rb', line 240

def disable_checks_by_type(type)
  _disable_check(type, 'CheckType')
end

#disable_vuln_check(check_id) ⇒ Object

Disable individual check for this template.

Parameters:

• check_id (String) —

  Unique identifier of vuln check.

# File 'lib/nexpose/scan_template.rb', line 294

def disable_vuln_check(check_id)
  checks = REXML::XPath.first(@xml, '//VulnerabilityChecks')
  checks.elements.delete("Enabled/Check[@id='#{check_id}']")
  checks.elements['Disabled'].add_element('Check', { 'id' => check_id })
end

#enable_checks_by_category(category) ⇒ Object

Enable checks by category for this template.

Parameters:

• category (String) —

  Category to enable. @see #list_vuln_categories

# File 'lib/nexpose/scan_template.rb', line 198

def enable_checks_by_category(category)
  _enable_check(category, 'VulnCategory')
end

#enable_checks_by_type(type) ⇒ Object

Enable checks by type for this template.

Parameters:

• type (String) —

  Type to enable. @see #list_vuln_types

# File 'lib/nexpose/scan_template.rb', line 232

def enable_checks_by_type(type)
  _enable_check(type, 'CheckType')
end

#enable_vuln_check(check_id) ⇒ Object

Enable individual check for this template.

Parameters:

• check_id (String) —

  Unique identifier of vuln check.

# File 'lib/nexpose/scan_template.rb', line 284

def enable_vuln_check(check_id)
  checks = REXML::XPath.first(@xml, '//VulnerabilityChecks')
  checks.elements.delete("Disabled/Check[@id='#{check_id}']")
  checks.elements['Enabled'].add_element('Check', { 'id' => check_id })
end

#id ⇒ String

Returns Unique identifier of the scan template.

Returns:

• (String) —

  Unique identifier of the scan template.

# File 'lib/nexpose/scan_template.rb', line 60

def id
  root = REXML::XPath.first(xml, 'ScanTemplate')
  root.attributes['id']
end

#name ⇒ String

Returns Name or title of this scan template.

Returns:

• (String) —

  Name or title of this scan template.

# File 'lib/nexpose/scan_template.rb', line 66

def name
  desc = REXML::XPath.first(@xml, 'ScanTemplate/templateDescription')
  desc.nil? ? nil : desc.attributes['title']
end

#name=(name) ⇒ Object

Assign name to this scan template. Required attribute.

Parameters:

• name (String) —

  Title to assign.

# File 'lib/nexpose/scan_template.rb', line 73

def name=(name)
  desc = REXML::XPath.first(@xml, 'ScanTemplate/templateDescription')
  if desc
    desc.attributes['title'] = replace_entities(name)
  else
    root = REXML::XPath.first(xml, 'ScanTemplate')
    desc = REXML::Element.new('templateDescription')
    desc.add_attribute('title', name)
    root.add_element(desc)
  end
end

#policy_scanning=(enable) ⇒ Object

Adjust whether to perform policy scanning with this template.

Parameters:

• enable (Boolean) —

  Whether to turn on policy scanning.

# File 'lib/nexpose/scan_template.rb', line 126

def policy_scanning=(enable)
  gen = REXML::XPath.first(@xml, 'ScanTemplate/General')
  gen.attributes['disablePolicyScan'] = enable ? '0' : '1'
end

#policy_scanning? ⇒ Boolean

Returns Whether policy scanning in enabled.

Returns:

• (Boolean) —

  Whether policy scanning in enabled.

# File 'lib/nexpose/scan_template.rb', line 119

def policy_scanning?
  gen = REXML::XPath.first(@xml, 'ScanTemplate/General')
  gen.attributes['disablePolicyScan'] == '0'
end

#potential_checks=(enable) ⇒ Object

Adjust whether to perform potential vulnerability checks with this template.

Parameters:

• enable (Boolean) —

  Whether to turn on potential checks.

# File 'lib/nexpose/scan_template.rb', line 180

def potential_checks=(enable)
  checks = REXML::XPath.first(@xml, 'ScanTemplate/VulnerabilityChecks')
  checks.attributes['potential'] = enable ? '1' : '0'
end

#potential_checks? ⇒ Boolean

Returns Whether potential vulnerability checks are performed with this template.

Returns:

• (Boolean) —

  Whether potential vulnerability checks are performed with this template.

# File 'lib/nexpose/scan_template.rb', line 173

def potential_checks?
  checks = REXML::XPath.first(@xml, 'ScanTemplate/VulnerabilityChecks')
  checks.attributes['potential'] == '1'
end

#remove_checks_by_category(category) ⇒ Object

Remove checks by category for this template. Removes both enabled and disabled checks.

Parameters:

• category (String) —

  Category to remove. @see #list_vuln_categories

# File 'lib/nexpose/scan_template.rb', line 215

def remove_checks_by_category(category)
  _remove_check(category, 'VulnCategory')
end

#remove_checks_by_type(type) ⇒ Object

Remove checks by type for this template. Removes both enabled and disabled checks.

Parameters:

• type (String) —

  Type to remove. @see #list_vuln_types

# File 'lib/nexpose/scan_template.rb', line 249

def remove_checks_by_type(type)
  _remove_check(type, 'CheckType')
end

#remove_vuln_check(check_id) ⇒ Object

Remove individual check for this template. Removes both enabled and disabled checks.

Parameters:

• check_id (String) —

  Unique identifier of vuln check.

# File 'lib/nexpose/scan_template.rb', line 305

def remove_vuln_check(check_id)
  checks = REXML::XPath.first(@xml, '//VulnerabilityChecks')
  checks.elements.delete("Disabled/Check[@id='#{check_id}']")
  checks.elements.delete("Enabled/Check[@id='#{check_id}']")
end

#save(nsc) ⇒ Object

Save this scan template configuration to a Nexpose console.

Parameters:

• nsc (Connection) —

  API connection to a Nexpose console.

# File 'lib/nexpose/scan_template.rb', line 315

def save(nsc)
  root = REXML::XPath.first(@xml, 'ScanTemplate')
  if root.attributes['id'] == '#NewScanTemplate#'
    response = JSON.parse(AJAX.post(nsc, '/data/scan/templates', xml))
    root.attributes['id'] = response['value']
  else
    response = JSON.parse(AJAX.put(nsc, "/data/scan/templates/#{URI.encode(id)}", xml))
  end
  response['value']
end

#unsafe_checks=(enable) ⇒ Object

Adjust whether to perform unsafe vulnerability checks with this template.

Parameters:

• enable (Boolean) —

  Whether to turn on unsafe checks.

# File 'lib/nexpose/scan_template.rb', line 166

def unsafe_checks=(enable)
  checks = REXML::XPath.first(@xml, 'ScanTemplate/VulnerabilityChecks')
  checks.attributes['unsafe'] = enable ? '1' : '0'
end

#unsafe_checks? ⇒ Boolean

Returns Whether unsafe vulnerability checks are performed by this template.

Returns:

• (Boolean) —

  Whether unsafe vulnerability checks are performed by this template.

# File 'lib/nexpose/scan_template.rb', line 159

def unsafe_checks?
  checks = REXML::XPath.first(@xml, 'ScanTemplate/VulnerabilityChecks')
  checks.attributes['unsafe'] == '1'
end

#vuln_checks ⇒ Array[String]

Get a list of the individual vuln checks enabled for this scan template.

Returns:

• (Array[String]) —

  List of enabled vulnerability checks.

# File 'lib/nexpose/scan_template.rb', line 275

def vuln_checks
  checks = REXML::XPath.first(@xml, '//VulnerabilityChecks/Enabled')
  checks.elements.to_a('Check').map { |c| c.attributes['id'] }
end

#vuln_scanning=(enable) ⇒ Object

Adjust whether to perform vuln scanning with this template.

Parameters:

• enable (Boolean) —

  Whether to turn on vuln scanning.

# File 'lib/nexpose/scan_template.rb', line 113

def vuln_scanning=(enable)
  gen = REXML::XPath.first(@xml, 'ScanTemplate/General')
  gen.attributes['disableVulnScan'] = enable ? '0' : '1'
end

#vuln_scanning? ⇒ Boolean

Returns Whether vuln scanning in enabled.

Returns:

• (Boolean) —

  Whether vuln scanning in enabled.

# File 'lib/nexpose/scan_template.rb', line 106

def vuln_scanning?
  gen = REXML::XPath.first(@xml, 'ScanTemplate/General')
  gen.attributes['disableVulnScan'] == '0'
end

#web_spidering=(enable) ⇒ Object

Adjust whether to perform web spidering with this template.

Parameters:

• enable (Boolean) —

  Whether to turn on web spider scanning.

# File 'lib/nexpose/scan_template.rb', line 139

def web_spidering=(enable)
  gen = REXML::XPath.first(@xml, 'ScanTemplate/General')
  gen.attributes['disableWebSpider'] = enable ? '0' : '1'
end

#web_spidering? ⇒ Boolean

Returns Whether web spidering in enabled.

Returns:

• (Boolean) —

  Whether web spidering in enabled.

# File 'lib/nexpose/scan_template.rb', line 132

def web_spidering?
  gen = REXML::XPath.first(@xml, 'ScanTemplate/General')
  gen.attributes['disableWebSpider'] == '0'
end