Class: Nexpose::SharedCredential
- Inherits:
-
SharedCredentialSummary
- Object
- APIObject
- Credential
- SharedCredentialSummary
- Nexpose::SharedCredential
- Defined in:
- lib/nexpose/shared_credential.rb
Constant Summary
Constants inherited from Credential
Instance Attribute Summary collapse
-
#auth_type ⇒ Object
Authentication type of SNMP v3 credential.
-
#database ⇒ Object
Database or SID.
-
#description ⇒ Object
Optional description of this credential.
-
#disabled ⇒ Object
Array of sites where this credential has been temporarily disabled.
-
#host ⇒ Object
IP address or host name to restrict this credential to.
-
#ntlm_hash ⇒ Object
Windows/Samba LM/NTLM Hash.
-
#password ⇒ Object
Password or SNMP community name.
-
#pem_key ⇒ Object
PEM-format private key.
-
#port ⇒ Object
Single port to restrict this credential to.
-
#privacy_password ⇒ Object
Privacty password of SNMP v3 credential.
-
#privacy_type ⇒ Object
Privacy type of SNMP v3 credential.
-
#privilege_password ⇒ Object
Password to use when elevating permissions (e.g., sudo).
-
#privilege_type ⇒ Object
Permission elevation type.
-
#sites ⇒ Object
Array of site IDs that this credential is restricted to.
Attributes inherited from SharedCredentialSummary
#all_sites, #domain, #id, #last_modified, #name, #privilege_username, #service, #username
Class Method Summary collapse
Instance Method Summary collapse
- #as_xml ⇒ Object
-
#initialize(name, id = -1)) ⇒ SharedCredential
constructor
A new instance of SharedCredential.
-
#save(nsc) ⇒ Boolean
Save this credential to the security console.
- #to_xml ⇒ Object
Methods inherited from SharedCredentialSummary
Methods inherited from Credential
#_to_param, #set_as400_service, #set_cifs_service, #set_cifshash_service, #set_cvs_service, #set_db2_service, #set_ftp_service, #set_http_service, #set_mysql_service, #set_notes_service, #set_oracle_service, #set_pop_service, #set_postgresql_service, #set_remote_execution_service, #set_snmp_service, #set_snmpv3_service, #set_ssh_key_service, #set_ssh_service, #set_sybase_service, #set_tds_service, #set_telnet_service, #test
Methods inherited from APIObject
Constructor Details
#initialize(name, id = -1)) ⇒ SharedCredential
Returns a new instance of SharedCredential.
100 101 102 103 104 |
# File 'lib/nexpose/shared_credential.rb', line 100 def initialize(name, id = -1) @name, @id = name, id.to_i @sites = [] @disabled = [] end |
Instance Attribute Details
#auth_type ⇒ Object
Authentication type of SNMP v3 credential
87 88 89 |
# File 'lib/nexpose/shared_credential.rb', line 87 def auth_type @auth_type end |
#database ⇒ Object
Database or SID.
73 74 75 |
# File 'lib/nexpose/shared_credential.rb', line 73 def database @database end |
#description ⇒ Object
Optional description of this credential.
70 71 72 |
# File 'lib/nexpose/shared_credential.rb', line 70 def description @description end |
#disabled ⇒ Object
Array of sites where this credential has been temporarily disabled.
98 99 100 |
# File 'lib/nexpose/shared_credential.rb', line 98 def disabled @disabled end |
#host ⇒ Object
IP address or host name to restrict this credential to.
91 92 93 |
# File 'lib/nexpose/shared_credential.rb', line 91 def host @host end |
#ntlm_hash ⇒ Object
Windows/Samba LM/NTLM Hash.
75 76 77 |
# File 'lib/nexpose/shared_credential.rb', line 75 def ntlm_hash @ntlm_hash end |
#password ⇒ Object
Password or SNMP community name.
77 78 79 |
# File 'lib/nexpose/shared_credential.rb', line 77 def password @password end |
#pem_key ⇒ Object
PEM-format private key.
79 80 81 |
# File 'lib/nexpose/shared_credential.rb', line 79 def pem_key @pem_key end |
#port ⇒ Object
Single port to restrict this credential to.
93 94 95 |
# File 'lib/nexpose/shared_credential.rb', line 93 def port @port end |
#privacy_password ⇒ Object
Privacty password of SNMP v3 credential
85 86 87 |
# File 'lib/nexpose/shared_credential.rb', line 85 def privacy_password @privacy_password end |
#privacy_type ⇒ Object
Privacy type of SNMP v3 credential
89 90 91 |
# File 'lib/nexpose/shared_credential.rb', line 89 def privacy_type @privacy_type end |
#privilege_password ⇒ Object
Password to use when elevating permissions (e.g., sudo).
81 82 83 |
# File 'lib/nexpose/shared_credential.rb', line 81 def privilege_password @privilege_password end |
#privilege_type ⇒ Object
Permission elevation type. See Nexpose::Credential::ElevationType.
83 84 85 |
# File 'lib/nexpose/shared_credential.rb', line 83 def privilege_type @privilege_type end |
#sites ⇒ Object
Array of site IDs that this credential is restricted to.
96 97 98 |
# File 'lib/nexpose/shared_credential.rb', line 96 def sites @sites end |
Class Method Details
.load(nsc, id) ⇒ Object
106 107 108 109 |
# File 'lib/nexpose/shared_credential.rb', line 106 def self.load(nsc, id) response = AJAX.get(nsc, "/data/credential/shared/get?credid=#{id}") parse(response) end |
.parse(xml) ⇒ Object
173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 |
# File 'lib/nexpose/shared_credential.rb', line 173 def self.parse(xml) rexml = REXML::Document.new(xml) rexml.elements.each('Credential') do |c| cred = new(c.elements['Name'].text, c.attributes['id'].to_i) desc = c.elements['Description'] cred.description = desc.text if desc c.elements.each('Account/Field') do |field| case field.attributes['name'] when 'database' cred.database = field.text when 'domain' cred.domain = field.text when 'username' cred.username = field.text when 'password' cred.password = field.text when 'ntlmhash' cred.ntlm_hash = field.text when 'pemkey' cred.pem_key = field.text when 'privilegeelevationusername' cred.privilege_username = field.text when 'privilegeelevationpassword' cred.privilege_password = field.text when 'privilegeelevationtype' cred.privilege_type = field.text when 'snmpv3authtype' cred.auth_type = field.text when 'snmpv3privtype' cred.privacy_type = field.text when 'snmpv3privpassword' cred.privacy_password = field.text end end service = REXML::XPath.first(c, 'Services/Service') cred.type = service.attributes['type'] c.elements.each('Restrictions/Restriction') do |r| cred.host = r.text if r.attributes['type'] == 'host' cred.port = r.text.to_i if r.attributes['type'] == 'port' end sites = REXML::XPath.first(c, 'Sites') cred.all_sites = sites.attributes['all'] == '1' sites.elements.each('Site') do |site| site_id = site.attributes['id'].to_i cred.sites << site_id unless cred.all_sites cred.disabled << site_id if site.attributes['enabled'] == '0' end return cred end nil end |
Instance Method Details
#as_xml ⇒ Object
121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 |
# File 'lib/nexpose/shared_credential.rb', line 121 def as_xml xml = REXML::Element.new('Credential') xml.add_attribute('id', @id) name = xml.add_element('Name').add_text(@name) desc = xml.add_element('Description').add_text(@description) services = xml.add_element('Services') service = services.add_element('Service').add_attribute('type', @service) (account = xml.add_element('Account')).add_attribute('type', 'nexpose') account.add_element('Field', { 'name' => 'database' }).add_text(@database) account.add_element('Field', { 'name' => 'domain' }).add_text(@domain) account.add_element('Field', { 'name' => 'username' }).add_text(@username) account.add_element('Field', { 'name' => 'ntlmhash' }).add_text(@ntlm_hash) if @ntlm_hash account.add_element('Field', { 'name' => 'password' }).add_text(@password) if @password account.add_element('Field', { 'name' => 'pemkey' }).add_text(@pem_key) if @pem_key account.add_element('Field', { 'name' => 'privilegeelevationusername' }).add_text(@privilege_username) account.add_element('Field', { 'name' => 'privilegeelevationpassword' }).add_text(@privilege_password) if @privilege_password account.add_element('Field', { 'name' => 'privilegeelevationtype' }).add_text(@privilege_type) if @privilege_type account.add_element('Field', { 'name' => 'snmpv3authtype' }).add_text(@auth_type) if @auth_type account.add_element('Field', { 'name' => 'snmpv3privtype' }).add_text(@privacy_type) if @privacy_type account.add_element('Field', { 'name' => 'snmpv3privpassword' }).add_text(@privacy_password) if @privacy_password restrictions = xml.add_element('Restrictions') restrictions.add_element('Restriction', { 'type' => 'host' }).add_text(@host) if @host restrictions.add_element('Restriction', { 'type' => 'port' }).add_text(@port) if @port sites = xml.add_element('Sites') sites.add_attribute('all', @all_sites ? 1 : 0) @sites.each do |s| site = sites.add_element('Site') site.add_attribute('id', s) site.add_attribute('enabled', 0) if @disabled.member? s end if @sites.empty? @disabled.each do |s| site = sites.add_element('Site') site.add_attribute('id', s) site.add_attribute('enabled', 0) end end xml end |
#save(nsc) ⇒ Boolean
Save this credential to the security console.
116 117 118 119 |
# File 'lib/nexpose/shared_credential.rb', line 116 def save(nsc) response = AJAX.post(nsc, '/data/credential/shared/save', to_xml) !!(response =~ /success="1"/) end |
#to_xml ⇒ Object
169 170 171 |
# File 'lib/nexpose/shared_credential.rb', line 169 def to_xml as_xml.to_s end |