Class: ServiceDeskHelper

Inherits:

Object

• Object
• ServiceDeskHelper

Defined in:

lib/nexpose_ticketing/helpers/servicedesk_helper.rb

Instance Attribute Summary

• #log ⇒ Object

  Returns the value of attribute log.

• #options ⇒ Object

  Returns the value of attribute options.

• #servicedesk_data ⇒ Object

  Returns the value of attribute servicedesk_data.

Instance Method Summary

• #add_ticket_to_database(workorderid, nxid) ⇒ Object
• #close_ticket(ticket) ⇒ Object
• #close_tickets(tickets) ⇒ Object
• #create_ticket_request(subject, description) ⇒ Object

  Uses the configured or default options to set up a ticket creation request.

• #create_tickets(tickets) ⇒ Object
• #find_ticket_in_database(nxid) ⇒ Object
• #initialize(servicedesk_data, options) ⇒ ServiceDeskHelper constructor

  A new instance of ServiceDeskHelper.

• #modify_ticket(ticket) ⇒ Object
• #modify_ticket_request(description) ⇒ Object
• #open_database ⇒ Object
• #prepare_close_tickets(vulnerability_list, nexpose_identifier_id) ⇒ Object

  Prepare ticket closures from the CSV of vulnerabilities exported from Nexpose.

• #prepare_create_tickets(vulnerability_list, nexpose_identifier_id) ⇒ Object
• #prepare_tickets(vulnerability_list, nexpose_identifier_id, matching_fields) ⇒ Object
• #prepare_update_tickets(vulnerability_list, nexpose_identifier_id) ⇒ Object
• #remove_tickets_from_database(tickets) ⇒ Object
• #submit_ticket(ticket) ⇒ Object
• #update_tickets(tickets) ⇒ Object

Constructor Details

#initialize(servicedesk_data, options) ⇒ ServiceDeskHelper

Returns a new instance of ServiceDeskHelper.

# File 'lib/nexpose_ticketing/helpers/servicedesk_helper.rb', line 11

def initialize(servicedesk_data, options)
  @servicedesk_data = servicedesk_data
  @options = options
  @log = NexposeTicketing::NxLogger.instance

  @rest_uri = servicedesk_data[:rest_uri]
  @api_key = servicedesk_data[:api_key]
  @ticket_db_path = servicedesk_data[:ticket_db_path]
  @common_helper = NexposeTicketing::CommonHelper.new(@options)
end

Instance Attribute Details

#log ⇒ Object

Returns the value of attribute log.

# File 'lib/nexpose_ticketing/helpers/servicedesk_helper.rb', line 9

def log
  @log
end

#options ⇒ Object

Returns the value of attribute options.

# File 'lib/nexpose_ticketing/helpers/servicedesk_helper.rb', line 9

def options
  @options
end

#servicedesk_data ⇒ Object

Returns the value of attribute servicedesk_data.

# File 'lib/nexpose_ticketing/helpers/servicedesk_helper.rb', line 9

def servicedesk_data
  @servicedesk_data
end

Instance Method Details

#add_ticket_to_database(workorderid, nxid) ⇒ Object

# File 'lib/nexpose_ticketing/helpers/servicedesk_helper.rb', line 28

def add_ticket_to_database(workorderid, nxid)
  @log.log_message("Adding ticket <#{workorderid}> for NXID <#{nxid}> to local db.")
  db = open_database()
  db[nxid] = workorderid
  db.close()
end

#close_ticket(ticket) ⇒ Object

# File 'lib/nexpose_ticketing/helpers/servicedesk_helper.rb', line 268

def close_ticket(ticket)
  @log.log_message("Connecting to #{@rest_uri}/#{ticket[:workorderid]}")
  uri = URI( "#{@rest_uri}/#{ticket[:workorderid]}" )
  res = Net::HTTP::post_form(uri,
                             'OPERATION_NAME' => 'CLOSE_REQUEST',
                             'TECHNICIAN_KEY' => @api_key)

  response = Nokogiri::XML.parse(res.read_body)
  begin
    status = Integer(response.xpath('//statuscode').text)
  rescue Exception => e
    @log.log_message("XML request was #{ticket[:description]} response is #{response.to_xml}")
    raise e
  end

  unless status == 200
    @log.log_message("Unable to close ticket #{ticket}, got response #{response.to_xml}")
  end
end

#close_tickets(tickets) ⇒ Object

# File 'lib/nexpose_ticketing/helpers/servicedesk_helper.rb', line 355

def close_tickets( tickets )
  tickets.each { |ticket| close_ticket(ticket) if ticket[:action] == :close && !ticket[:workorderid].nil?}
  remove_tickets_from_database(tickets)
end

#create_ticket_request(subject, description) ⇒ Object

Uses the configured or default options to set up a ticket creation request

# File 'lib/nexpose_ticketing/helpers/servicedesk_helper.rb', line 139

def create_ticket_request(subject, description)
  request = Nokogiri::XML::Builder.new do |xml|
    xml.Operation {
      xml.Details {
        xml.parameter {
          xml.name {
              xml.text 'requester'
          }
          xml.value {
            xml.text @servicedesk_data[:requester]
          }
        }
        xml.parameter {
          xml.name {
            xml.text 'Group'
          }
          xml.value {
            xml.text @servicedesk_data[:group]
          }
        }
        xml.parameter {
          xml.name {
            xml.text 'subject'
          }
          xml.value {
            xml.text subject
          }
        }
        xml.parameter {
          xml.name {
            xml.text 'description'
          }
          xml.value {
            xml.cdata description
          }
        }
      }
    }
  end
  request.to_xml
end

#create_tickets(tickets) ⇒ Object

# File 'lib/nexpose_ticketing/helpers/servicedesk_helper.rb', line 289

def create_tickets(tickets)
  @log.log_message("Creating tickets on server at #{@rest_uri}")

  tickets.each { |ticket| submit_ticket(ticket) }
end

#find_ticket_in_database(nxid) ⇒ Object

# File 'lib/nexpose_ticketing/helpers/servicedesk_helper.rb', line 36

def find_ticket_in_database(nxid) 
  @log.log_message("Finding workorder id for NXID <#{nxid}> from local db.")
  db = open_database()
  begin
    workorderid = db[nxid]
    @log.log_message("Lookup found incident <#{workorderid}> in the db.")
  rescue Exception => e
    @log.log_message("Threw an exception accessing the dbm <#{e.class} #{e} #{e.message}>.")
    raise e
  end
  db.close()

  workorderid
end

#modify_ticket(ticket) ⇒ Object

# File 'lib/nexpose_ticketing/helpers/servicedesk_helper.rb', line 246

def modify_ticket(ticket)
  @log.log_message("Connecting to #{@rest_uri}/#{ticket[:workorderid]}")
  uri = URI( "#{@rest_uri}/#{ticket[:workorderid]}")
  res = Net::HTTP::post_form(uri,
                             'OPERATION_NAME' => 'EDIT_REQUEST',
                             'TECHNICIAN_KEY' => @api_key,
                             'INPUT_DATA' => ticket[:description])

  response = Nokogiri::XML.parse(res.read_body)
  begin
    status = Integer(response.xpath('//statuscode').text)
  rescue Exception => e
    @log.log_message("XML request was #{ticket[:description]} response is #{response.to_xml}")
    raise e
  end
  
  unless status == 200
    @log.log_message("Unable to modify ticket #{ticket}, got response #{response.to_xml}")
  end
end

#modify_ticket_request(description) ⇒ Object

# File 'lib/nexpose_ticketing/helpers/servicedesk_helper.rb', line 181

def modify_ticket_request(description)
#         modifyRequest = """
# <Operation>
#     <Details>
#         <parameter>
#             <name>description</name>
#             <value>#{description}</value>
#         </parameter>
#     </Details>
# </Operation>
# """
  doc = Nokogiri::XML::Builder.new() do |xml|
    xml.Operation {
      xml.Details {
        xml.parameter {
          xml.name {
              xml.text 'requester'
          }
          xml.value {
            xml.text @servicedesk_data[:requester]
          }
        }
        xml.parameter {
          xml.name {
            xml.text 'description'
          }
          xml.value {
            xml.cdata description
          }
        }
      }
    }
  end
  doc.to_xml
end

#open_database ⇒ Object

# File 'lib/nexpose_ticketing/helpers/servicedesk_helper.rb', line 23

def open_database()
  DBM.open(@ticket_db_path, 0600, DBM::WRCREAT)
end

#prepare_close_tickets(vulnerability_list, nexpose_identifier_id) ⇒ Object

Prepare ticket closures from the CSV of vulnerabilities exported from Nexpose.

• Args :

  • vulnerability_list - CSV of vulnerabilities within Nexpose.

• Returns :

  • List of savon-formated (hash) tickets for closing within ServiceDesk.

# File 'lib/nexpose_ticketing/helpers/servicedesk_helper.rb', line 334

def prepare_close_tickets(vulnerability_list, nexpose_identifier_id)
  @log.log_message("Preparing ticket closures for mode #{@options[:ticket_mode]}.")
  @nxid = nil
  tickets = []
  CSV.parse(vulnerability_list.chomp, headers: :first_row)  do |row|
    @nxid = @common_helper.generate_nxid(nexpose_identifier_id, row)

    workorderid = find_ticket_in_database(@nxid)
    # Query ServiceDesk for the incident by unique id (generated NXID)
    if workorderid.nil? || workorderid.empty?
      @log.log_message("No workorderid found for NXID #{@nxid}")
    else
      tickets << { :action => :close, :nxid => @nxid, 
                   :workorderid => workorderid,
                   :description => 'Automatically closing ticket.' }
    end
  end
  tickets
end

#prepare_create_tickets(vulnerability_list, nexpose_identifier_id) ⇒ Object

# File 'lib/nexpose_ticketing/helpers/servicedesk_helper.rb', line 63

def prepare_create_tickets(vulnerability_list, nexpose_identifier_id)
  @log.log_message('Preparing ticket creation...')
  case @options[:ticket_mode]
  # 'D' Default IP *-* Vulnerability
  when 'D' then matching_fields = ['ip_address', 'vulnerability_id']
  # 'I' IP address -* Vulnerability
  when 'I' then matching_fields = ['ip_address']
  # 'V' Vulnerability -* Assets
  when 'V' then matching_fields = ['vulnerability_id']
  else
    fail 'Unsupported ticketing mode selected.'
  end

  tickets = prepare_tickets(vulnerability_list, nexpose_identifier_id, matching_fields)

  tickets.each { |ticket| @log.log_message("Prepared ticket: #{ticket}")}
  tickets
end

#prepare_tickets(vulnerability_list, nexpose_identifier_id, matching_fields) ⇒ Object

# File 'lib/nexpose_ticketing/helpers/servicedesk_helper.rb', line 83

def prepare_tickets(vulnerability_list, nexpose_identifier_id, matching_fields)
  @log.log_message("Preparing ticket for #{@options[:ticket_mode]} mode.")
  tickets = []
  host_vulns={}
  previous_row = nil
  description = nil
  nxid = nil

  initial_scan = false

  CSV.parse( vulnerability_list.chomp, headers: :first_row )  do |row|
    initial_scan = initial_scan || row['comparison'].nil?
      
    if previous_row.nil?
      nxid = @common_helper.generate_nxid(nexpose_identifier_id, row)
      previous_row = row.dup
      description = @common_helper.get_description(nexpose_identifier_id, row)  

      host_vulns[nxid] = { :ip => row['ip_address'], 
                           :description => "",
                           :title => @common_helper.get_title(row) } 
    elsif matching_fields.any? {  |x| previous_row[x].nil? || previous_row[x] != row[x] }
      nxid = @common_helper.generate_nxid(nexpose_identifier_id, previous_row)
      info = @common_helper.get_field_info(matching_fields, previous_row)
      @log.log_message("Generated ticket with #{info}")

      host_vulns[nxid][:description] = @common_helper.print_description(description)
      previous_row = nil
      description = nil
      redo
    else
      description = @common_helper.update_description(description, row)
    end
  end

  unless host_vulns[nxid].nil? || host_vulns[nxid].empty?
    host_vulns[nxid][:description] = @common_helper.print_description(description)
  end

  host_vulns.each do |nxid, vuln_info|
    workorderid = initial_scan ? nil : find_ticket_in_database(nxid)
    if workorderid.nil? || workorderid.empty?
      @log.log_message("Creating new incident for assetid #{nxid}")
      tickets << { :action => :create, :nxid => nxid,
                   :description => create_ticket_request(vuln_info[:title], vuln_info[:description]) }
    else
      @log.log_message("Updating incident for assetid #{nxid}")
      tickets << { :action => :modify, :nxid => nxid, 
                   :workorderid => workorderid,
                   :description => modify_ticket_request(vuln_info[:description]) }
    end
  end
  tickets
end

#prepare_update_tickets(vulnerability_list, nexpose_identifier_id) ⇒ Object

# File 'lib/nexpose_ticketing/helpers/servicedesk_helper.rb', line 296

def prepare_update_tickets(vulnerability_list, nexpose_identifier_id)
  @log.log_message('Preparing ticket updates...')
  case @options[:ticket_mode]
  # 'D' Default IP *-* Vulnerability
  when 'D' then fail 'Ticket updates are not supported in Default mode.'
  # 'I' IP address -* Vulnerability
  when 'I' then matching_fields = ['ip_address']
  # 'V' Vulnerability -* Assets
  when 'V' then matching_fields = ['vulnerability_id']
  else
      fail 'Unsupported ticketing mode selected.'
  end

  prepare_tickets(vulnerability_list, nexpose_identifier_id, matching_fields)
end

#remove_tickets_from_database(tickets) ⇒ Object

# File 'lib/nexpose_ticketing/helpers/servicedesk_helper.rb', line 52

def remove_tickets_from_database(tickets)
  db = open_database()
  tickets.each do |t|
    nxid = t[:nxid]
    @log.log_message("Removing workorder id from database for NXID <#{nxid}>")
    db.delete(nxid) unless db[nxid].nil?
  end
  db.close()
end

#submit_ticket(ticket) ⇒ Object

# File 'lib/nexpose_ticketing/helpers/servicedesk_helper.rb', line 217

def submit_ticket(ticket)
  @log.log_message("Connecting to #{@rest_uri}.")
  uri = URI( @rest_uri )
  res = Net::HTTP::post_form(uri,
                             'OPERATION_NAME' => 'ADD_REQUEST',
                             'TECHNICIAN_KEY' => @api_key,
                             'INPUT_DATA' => ticket[:description])

  response = Nokogiri::XML.parse(res.read_body)
  begin
    status = response.xpath('//statuscode').text
    status_code = status.empty? ? -1 : Integer(status)
  
    if status_code != 200
      @log.log_message("Unable to create ticket #{ticket}, got response #{response.to_xml}")
      return
    end

    workorderid = Integer(response.xpath('//workorderid').text)
  rescue ArgumentError => ae
    @log.log_message("Failed to parse response from servicedesk #{response}")
    raise ae
  end

  @log.log_message( "created ticket #{workorderid}")
  add_ticket_to_database( workorderid, ticket[:nxid] )
end

#update_tickets(tickets) ⇒ Object

# File 'lib/nexpose_ticketing/helpers/servicedesk_helper.rb', line 313

def update_tickets(tickets)
  @log.log_message('Updating tickets')
  tickets.each do |ticket|
    if ticket[:action] == :create
      @log.log_message('Creating ticket')
      submit_ticket(ticket)
    else
      @log.log_message("Updating ticket #{ticket[:workorderid]}")
      modify_ticket(ticket)
    end
  end
end