class Nexpose::GlobalSettings

Object used to manage the global settings of a Nexpose console.

Attributes

asset_exclusions[RW]

IP addresses and/or host names that will be excluded from scanning across all sites.

asset_linking[RW]

Whether asset linking in enabled.

control_scanning[RW]

Whether control scanning in enabled. A feature tied to ControlsInsight integration.

xml[R]

XML document representing the entire configuration.

Public Class Methods

load(nsc) click to toggle source

Load the global settings from a Nexpose console.

@param [Connection] nsc Connection to a Nexpose console. @return [GlobalSettings] Settings object for the console.

# File lib/nexpose/global_settings.rb, line 87
def self.load(nsc)
  response = AJAX.get(nsc, '/data/admin/global-settings')
  new(REXML::Document.new(response))
end
new(xml) click to toggle source

Private constructor. See load method for retrieving a settings object.

# File lib/nexpose/global_settings.rb, line 21
def initialize(xml)
  @xml              = xml
  @asset_linking    = parse_asset_linking_from_xml(xml)
  @asset_exclusions = HostOrIP.parse(xml)
  @control_scanning = parse_control_scanning_from_xml(xml)
end

Public Instance Methods

add_exclusion(host_or_ip) click to toggle source

Add an asset exclusion setting.

@param [IPRange|HostName|String] host_or_ip Host or IP (range) to exclude

from scanning by the Nexpose console.
# File lib/nexpose/global_settings.rb, line 58
def add_exclusion(host_or_ip)
  asset = host_or_ip
  unless host_or_ip.respond_to?(:host) || host_or_ip.respond_to?(:from)
    asset = HostOrIP.convert(host_or_ip)
  end
  @asset_exclusions << asset
end
control_scanning?() click to toggle source

Returns true if controls scanning is enabled.

# File lib/nexpose/global_settings.rb, line 29
def control_scanning?
  control_scanning
end
remove_exclusion(host_or_ip) click to toggle source

Remove an asset exclusion setting. If you need to remove a range of IPs, be sure to explicitly supply an IPRange object to the method.

@param [IPRange|HostName|String] host_or_ip Host or IP (range) to remove

from the exclusion list.
# File lib/nexpose/global_settings.rb, line 73
def remove_exclusion(host_or_ip)
  asset = host_or_ip
  unless host_or_ip.respond_to?(:host) || host_or_ip.respond_to?(:from)
    # Attept to convert String to appropriate object.
    asset = HostOrIP.convert(host_or_ip)
  end
  @asset_exclusions = asset_exclusions.reject { |a| a.eql? asset }
end
save(nsc) click to toggle source

Save any updates to this settings object to the Nexpose console.

@param [Connection] nsc Connection to a Nexpose console. @return [Boolean] Whether saving was successful.

# File lib/nexpose/global_settings.rb, line 38
def save(nsc)
  # load method can return XML missing this required attribute.
  unless REXML::XPath.first(xml, '//*[@recalculation_duration]')
    risk_model = REXML::XPath.first(xml, '//riskModel')
    risk_model.add_attribute('recalculation_duration', 'do_not_recalculate')
  end

  replace_exclusions(xml, asset_exclusions)
  add_control_scanning_to_xml(xml, control_scanning)
  add_asset_linking_to_xml(xml, asset_linking)

  response = AJAX.post(nsc, '/data/admin/global-settings', xml)
  XMLUtils.success? response
end

Private Instance Methods

add_asset_linking_to_xml(xml, enabled) click to toggle source

Internal method for updating asset linking before saving.

# File lib/nexpose/global_settings.rb, line 133
def add_asset_linking_to_xml(xml, enabled)
  elem = REXML::XPath.first(xml, '//AssetCorrelation')
  return nil unless elem

  elem.attributes['enabled'] = enabled ? '1' : '0'
end
add_control_scanning_to_xml(xml, enabled) click to toggle source

Internal method for updating control scanning before saving.

# File lib/nexpose/global_settings.rb, line 113
def add_control_scanning_to_xml(xml, enabled)
  if elem = REXML::XPath.first(xml, '//enableControlsScan')
    elem.attributes['enabled'] = enabled ? '1' : '0'
  else
    elem = REXML::Element.new('ControlsScan', xml.root)
    elem.add_element('enableControlsScan',
                     'enabled' => enabled ? '1' : '0')
  end
end
parse_asset_linking_from_xml(xml) click to toggle source

Internal method for parsing XML for whether asset linking in enabled.

# File lib/nexpose/global_settings.rb, line 124
def parse_asset_linking_from_xml(xml)
  enabled = true
  if elem = REXML::XPath.first(xml, '//AssetCorrelation[@enabled]')
    enabled = elem.attribute('enabled').value.to_i == 1
  end
  enabled
end
parse_control_scanning_from_xml(xml) click to toggle source

Internal method for parsing XML for whether control scanning in enabled.

# File lib/nexpose/global_settings.rb, line 104
def parse_control_scanning_from_xml(xml)
  enabled = false
  if elem = REXML::XPath.first(xml, '//enableControlsScan[@enabled]')
    enabled = elem.attribute('enabled').value.to_i == 1
  end
  enabled
end
replace_exclusions(xml, exclusions) click to toggle source

Internal method for updating exclusions before saving.

# File lib/nexpose/global_settings.rb, line 95
def replace_exclusions(xml, exclusions)
  xml.elements.delete('//ExcludedHosts')
  elem = xml.root.add_element('ExcludedHosts')
  exclusions.each do |exclusion|
    elem.add_element(exclusion.as_xml)
  end
end