Class: Nexpose::User

Inherits:
Object
  • Object
show all
Includes:
Sanitize
Defined in:
lib/nexpose/user.rb

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Methods included from Sanitize

#replace_entities

Constructor Details

#initialize(name, full_name, password, role_name = 'user', id = -1,, enabled = 1, email = nil, all_sites = false, all_groups = false, token = nil) ⇒ User

Returns a new instance of User.



99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
 
# File 'lib/nexpose/user.rb', line 99

def initialize(name, full_name, password, role_name = 'user', id = -1, enabled = 1, email = nil, all_sites = false, all_groups = false, token = nil)
  @name       = name
  @password   = password
  @token      = token
  @role_name  = role_name
  @authsrcid  = 'global-admin'.eql?(@role_name) ? '1' : '2'
  @id         = id
  @enabled    = enabled
  @full_name  = full_name
  @email      = email
  @all_sites  = all_sites || role_name == 'global-admin'
  @all_groups = all_groups || role_name == 'global-admin'
  @sites      = []
  @groups     = []
end

Instance Attribute Details

#all_groupsObject

Boolean values



97
98
99
 
# File 'lib/nexpose/user.rb', line 97

def all_groups
  @all_groups
end

#all_sitesObject

Boolean values



97
98
99
 
# File 'lib/nexpose/user.rb', line 97

def all_sites
  @all_sites
end

#authsrcidObject

Will default to XML (1) for global-admin, Data Source (2) otherwise, but caller can override (e.g., using LDAP authenticator).



91
92
93
 
# File 'lib/nexpose/user.rb', line 91

def authsrcid
  @authsrcid
end

#emailObject

Optional fields



93
94
95
 
# File 'lib/nexpose/user.rb', line 93

def email
  @email
end

#enabledObject

1 to enable this user, 0 to disable



95
96
97
 
# File 'lib/nexpose/user.rb', line 95

def enabled
  @enabled
end

#full_nameObject

Returns the value of attribute full_name.



88
89
90
 
# File 'lib/nexpose/user.rb', line 88

def full_name
  @full_name
end

#groupsObject

Optional fields



93
94
95
 
# File 'lib/nexpose/user.rb', line 93

def groups
  @groups
end

#idObject (readonly)

user id, set to -1 to create a new user



83
84
85
 
# File 'lib/nexpose/user.rb', line 83

def id
  @id
end

#nameObject (readonly)

Required fields



87
88
89
 
# File 'lib/nexpose/user.rb', line 87

def name
  @name
end

#passwordObject

Optional fields



93
94
95
 
# File 'lib/nexpose/user.rb', line 93

def password
  @password
end

#role_nameObject

valid roles: global-admin|security-manager|site-admin|system-admin|user|custom|controls-insight-only



85
86
87
 
# File 'lib/nexpose/user.rb', line 85

def role_name
  @role_name
end

#sitesObject

Optional fields



93
94
95
 
# File 'lib/nexpose/user.rb', line 93

def sites
  @sites
end

#tokenObject

Optional fields



93
94
95
 
# File 'lib/nexpose/user.rb', line 93

def token
  @token
end

Class Method Details

.load(connection, user_id) ⇒ Object

Issue a UserConfigRequest to load an existing UserConfig from Nexpose.



156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
 
# File 'lib/nexpose/user.rb', line 156

def self.load(connection, user_id)
  xml = '<UserConfigRequest session-id="' + connection.session_id + '"'
  xml << %( id="#{user_id}" )
  xml << ' />'
  r = connection.execute(xml, '1.1')
  if r.success
    r.res.elements.each('UserConfigResponse/UserConfig') do |config|
      id         = config.attributes['id']
      role_name  = config.attributes['role-name']
      # authsrcid  = config.attributes['authsrcid']
      name       = config.attributes['name']
      fullname   = config.attributes['fullname']

      email      = config.attributes['email']
      password   = config.attributes['password']
      token      = config.attributes['token']
      enabled    = config.attributes['enabled'].to_i
      all_sites  = config.attributes['allSites'] == 'true' ? true : false
      all_groups = config.attributes['allGroups'] == 'true' ? true : false
      # Not trying to load sites and groups.
      # Looks like API currently doesn't return that info to load.
      return User.new(name, fullname, password, role_name, id, enabled, email, all_sites, all_groups, token)
    end
  end
end

Instance Method Details

#delete(connection) ⇒ Object

Delete the user account associated with this object.



183
184
185
 
# File 'lib/nexpose/user.rb', line 183

def delete(connection)
  connection.delete_user(@id)
end

#save(connection) ⇒ Object

Save a user configuration. Returns the (new) user ID if successful.



140
141
142
143
144
145
146
147
148
149
150
151
152
153
 
# File 'lib/nexpose/user.rb', line 140

def save(connection)
  xml = '<UserSaveRequest session-id="' + connection.session_id + '">'
  xml << to_xml
  xml << '</UserSaveRequest>'
  r = connection.execute(xml, '1.1')
  if r.success
    r.res.elements.each('UserSaveResponse') do |attr|
      @id = attr.attributes['id'].to_i
    end
    @id
  else
    -1
  end
end

#to_xmlObject 



115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
 
# File 'lib/nexpose/user.rb', line 115

def to_xml
  xml = '<UserConfig'
  xml << %( id="#{@id}" )
  xml << %( authsrcid="#{@authsrcid}" )
  xml << %( name="#{replace_entities(@name)}" )
  xml << %( fullname="#{replace_entities(@full_name)}" )
  xml << %( role-name="#{replace_entities(@role_name)}" )
  xml << %( password="#{replace_entities(@password)}" ) if @password
  xml << %( token="#{replace_entities(@token)}" ) if @token
  xml << %( email="#{replace_entities(@email)}" ) if @email
  xml << %( enabled="#{@enabled}" )
  # These two fields are keying off role_name to work around a defect.
  xml << %( allGroups="#{@all_groups || @role_name == 'global-admin'}" )
  xml << %( allSites="#{@all_sites || @role_name == 'global-admin'}" )
  xml << '>'
  @sites.each do |site|
    xml << %( <site id="#{site}" /> )
  end
  @groups.each do |group|
    xml << %( <group id="#{group}" /> )
  end
  xml << '</UserConfig>'
end