Module: Nexpose::AJAX

Defined in:
lib/nexpose/ajax.rb

Overview

Accessor to the Nexpose AJAX API. These core methods should allow direct access to underlying controllers in order to test functionality that is not currently exposed through the XML API.

Defined Under Namespace

Modules: CONTENT_TYPE

Class Method Summary collapse

Class Method Details

.delete(nsc, uri, content_type = CONTENT_TYPE::XML) ⇒ Object

DELETE call to a Nexpose controller.

Parameters:

  • nsc (Connection)

    API connection to a Nexpose console.

  • uri (String)

    Controller address relative to host:port

  • content_type (String) (defaults to: CONTENT_TYPE::XML)

    Content type to use when issuing the DELETE.



102
103
104
105
106
 
# File 'lib/nexpose/ajax.rb', line 102

def delete(nsc, uri, content_type = CONTENT_TYPE::XML)
  delete = Net::HTTP::Delete.new(uri)
  delete.set_content_type(content_type)
  request(nsc, delete)
end

.form_post(nsc, uri, parameters, content_type = CONTENT_TYPE::FORM) ⇒ Hash

POST call to a Nexpose controller that uses a form-post model. This is here to support legacy use of POST in old controllers.

Parameters:

  • nsc (Connection)

    API connection to a Nexpose console.

  • uri (String)

    Controller address relative to host:port

  • parameters (Hash)

    Hash of attributes that need to be sent to the controller.

  • content_type (String) (defaults to: CONTENT_TYPE::FORM)

    Content type to use when issuing the POST.

Returns:

  • (Hash)

    The parsed JSON response from the call.



90
91
92
93
94
95
 
# File 'lib/nexpose/ajax.rb', line 90

def form_post(nsc, uri, parameters, content_type = CONTENT_TYPE::FORM)
  post = Net::HTTP::Post.new(uri)
  post.set_content_type(content_type)
  post.set_form_data(parameters)
  request(nsc, post)
end

.get(nsc, uri, content_type = CONTENT_TYPE::XML, options = {}) ⇒ String|REXML::Document|Hash

GET call to a Nexpose controller.

Parameters:

  • nsc (Connection)

    API connection to a Nexpose console.

  • uri (String)

    Controller address relative to host:port

  • content_type (String) (defaults to: CONTENT_TYPE::XML)

    Content type to use when issuing the GET.

  • options (Hash) (defaults to: {})

    Parameter options to the call.

Returns:

  • (String|REXML::Document|Hash)

    The response from the call.



27
28
29
30
31
32
 
# File 'lib/nexpose/ajax.rb', line 27

def get(nsc, uri, content_type = CONTENT_TYPE::XML, options = {})
  parameterize_uri(uri, options)
  get = Net::HTTP::Get.new(uri)
  get.set_content_type(content_type)
  request(nsc, get)
end

.get_rows(nsc, pref) ⇒ Object 



211
212
213
214
215
216
217
218
219
220
221
 
# File 'lib/nexpose/ajax.rb', line 211

def get_rows(nsc, pref)
  uri = '/ajax/user_pref_get.txml'
  resp = get(nsc, uri, CONTENT_TYPE::XML, 'name' => "#{pref}.rows")
  xml = REXML::Document.new(resp)
  if val = REXML::XPath.first(xml, 'GetUserPref/userPref')
    rows = val.text.to_i
    rows > 0 ? rows : 10
  else
    10
  end
end

.headers(nsc, request) ⇒ Object

Attach necessary header fields.



140
141
142
143
 
# File 'lib/nexpose/ajax.rb', line 140

def headers(nsc, request)
  request.add_field('nexposeCCSessionID', nsc.session_id)
  request.add_field('Cookie', "nexposeCCSessionID=#{nsc.session_id}")
end

.https(nsc, timeout = nil) ⇒ Object

Use the Nexpose::Connection to establish a correct HTTPS object.



131
132
133
134
135
136
137
 
# File 'lib/nexpose/ajax.rb', line 131

def https(nsc, timeout = nil)
  http = Net::HTTP.new(nsc.host, nsc.port)
  http.read_timeout = timeout if timeout
  http.use_ssl = true
  http.verify_mode = OpenSSL::SSL::VERIFY_NONE
  http
end

.parameterize_uri(uri, parameters) ⇒ Hash

Append the query parameters to given URI.

Parameters:

  • uri (String)

    Controller address relative to host:port

  • parameters (Hash)

    Hash of attributes that need to be sent to the controller.

Returns:

  • (Hash)

    The parameterized URI.



122
123
124
125
126
127
128
 
# File 'lib/nexpose/ajax.rb', line 122

def parameterize_uri(uri, parameters)
  params = Hash.try_convert(parameters)
  unless params.nil? || params.empty?
    uri = uri.concat(('?').concat(parameters.map { |k, v| "#{k}=#{CGI.escape(v.to_s)}" }.join('&')))
  end
  uri
end

.patch(nsc, uri, payload = nil, content_type = CONTENT_TYPE::XML) ⇒ String

PATCH call to a Nexpose controller.

Parameters:

  • nsc (Connection)

    API connection to a Nexpose console.

  • uri (String)

    Controller address relative to host:port

  • payload (String|REXML::Document) (defaults to: nil)

    XML document required by the call.

  • content_type (String) (defaults to: CONTENT_TYPE::XML)

    Content type to use when issuing the PATCH.

Returns:

  • (String)

    The response from the call.



73
74
75
76
77
78
 
# File 'lib/nexpose/ajax.rb', line 73

def patch(nsc, uri, payload = nil, content_type = CONTENT_TYPE::XML)
  patch = Net::HTTP::Patch.new(uri)
  patch.set_content_type(content_type)
  patch.body = payload.to_s if payload
  request(nsc, patch)
end

.post(nsc, uri, payload = nil, content_type = CONTENT_TYPE::XML, timeout = nil) ⇒ String|REXML::Document|Hash

POST call to a Nexpose controller.

Parameters:

  • nsc (Connection)

    API connection to a Nexpose console.

  • uri (String)

    Controller address relative to host:port

  • payload (String|REXML::Document) (defaults to: nil)

    XML document required by the call.

  • content_type (String) (defaults to: CONTENT_TYPE::XML)

    Content type to use when issuing the POST.

  • timeout (Fixnum) (defaults to: nil)

    Set an explicit timeout for the HTTP request.

Returns:

  • (String|REXML::Document|Hash)

    The response from the call.



58
59
60
61
62
63
 
# File 'lib/nexpose/ajax.rb', line 58

def post(nsc, uri, payload = nil, content_type = CONTENT_TYPE::XML, timeout = nil)
  post = Net::HTTP::Post.new(uri)
  post.set_content_type(content_type)
  post.body = payload.to_s if payload
  request(nsc, post, timeout)
end

.preserving_preference(nsc, pref) ⇒ Object

Execute a block of code while presenving the preferences for any underlying table being accessed. Use this method when accessing data tables which are present in the UI to prevent existing row preferences from being set to 500.

This is an internal utility method, not subject to backward compatibility concerns.

Parameters:

  • nsc (Connection)

    Live connection to a Nepose console.

  • pref (String)

    Preference key value to preserve.



180
181
182
183
184
185
186
187
 
# File 'lib/nexpose/ajax.rb', line 180

def preserving_preference(nsc, pref)
  begin
    orig = get_rows(nsc, pref)
    yield
  ensure
    set_rows(nsc, pref, orig)
  end
end

.put(nsc, uri, payload = nil, content_type = CONTENT_TYPE::XML) ⇒ String

PUT call to a Nexpose controller.

Parameters:

  • nsc (Connection)

    API connection to a Nexpose console.

  • uri (String)

    Controller address relative to host:port

  • payload (String|REXML::Document) (defaults to: nil)

    XML document required by the call.

  • content_type (String) (defaults to: CONTENT_TYPE::XML)

    Content type to use when issuing the PUT.

Returns:

  • (String)

    The response from the call.



42
43
44
45
46
47
 
# File 'lib/nexpose/ajax.rb', line 42

def put(nsc, uri, payload = nil, content_type = CONTENT_TYPE::XML)
  put = Net::HTTP::Put.new(uri)
  put.set_content_type(content_type)
  put.body = payload.to_s if payload
  request(nsc, put)
end

.request(nsc, request, timeout = nil) ⇒ Object 



145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
 
# File 'lib/nexpose/ajax.rb', line 145

def request(nsc, request, timeout = nil)
  http = https(nsc, timeout)
  headers(nsc, request)

  # Return response body if request is successful. Brittle.
  response = http.request(request)
  case response
  when Net::HTTPOK, Net::HTTPCreated
    response.body
  when Net::HTTPForbidden
    raise Nexpose::PermissionError.new(response)
  when Net::HTTPFound
    if response.header['location'] =~ /login/
      raise Nexpose::AuthenticationFailed.new(response)
    else
      req_type = request.class.name.split('::').last.upcase
      raise Nexpose::APIError.new(response, "#{req_type} request to #{request.path} failed. #{request.body}", response.code)
    end
  else
    req_type = request.class.name.split('::').last.upcase
    raise Nexpose::APIError.new(response, "#{req_type} request to #{request.path} failed. #{request.body}", response.code)
  end
end

.row_pref_of(val) ⇒ Fixnum

Get a valid row preference value.

This is an internal utility method, not subject to backward compatibility concerns.

Parameters:

  • val (Fixnum)

    Value to get inclusive row preference for.

Returns:

  • (Fixnum)

    Valid row preference.



197
198
199
200
201
202
203
204
205
206
207
208
209
 
# File 'lib/nexpose/ajax.rb', line 197

def row_pref_of(val)
  if val.nil? || val > 100
    500
  elsif val > 50
    100
  elsif val > 25
    50
  elsif val > 10
    25
  else
    10
  end
end

.set_rows(nsc, pref, value) ⇒ Object 



223
224
225
226
227
228
229
230
231
232
 
# File 'lib/nexpose/ajax.rb', line 223

def set_rows(nsc, pref, value)
  uri = '/ajax/user_pref_set.txml'
  params = { 'name'  => "#{pref}.rows",
             'value' => value }
  resp = get(nsc, uri, CONTENT_TYPE::XML, params)
  xml = REXML::Document.new(resp)
  if attr = REXML::XPath.first(xml, 'SetUserPref/@success')
    attr.value == '1'
  end
end