class Nexpose::Role
Constants
- ASSET_OWNER
- CONTROLS_INSIGHT_ONLY
- GLOBAL_ADMINISTRATOR
Constants, mapping UI terms to role names expected by API.
- SECURITY_MANAGER
- SITE_OWNER
- USER
Attributes
Array of all privileges which are enabled for this role. Note: Although the underlying XML
has different requirements, this only checks for presence. @see Nexpose::Privilege
Public Class Methods
Copy an existing Role
to build a new role off of it. Role
will not have a valid name or full_name, so they will need to be provided before saving.
@param [Connection] nsc Nexpose
connection. @param [String] name The short name of the role which you wish to copy. @param [String] scope Whether the role has global or silo scope. @see Nexpose::Scope
@return [Role] requested role.
# File lib/nexpose/role.rb, line 198 def self.copy(nsc, name, scope = Scope::SILO) role = load(nsc, name, scope) role.name = role.full_name = nil role.id = -1 role.existing = false role end
Retrieve a detailed description of a single role.
@param [Connection] nsc Nexpose
connection. @param [String] name The short name of the role. @param [String] scope Whether the role has global or silo scope. @see Nexpose::Scope
Scope doesn't appear to be required when requesting installed roles.
@return [Role] requested role.
# File lib/nexpose/role.rb, line 158 def self.load(nsc, name, scope = Scope::SILO) xml = nsc.make_xml('RoleDetailsRequest') xml.add_element('Role', { 'name' => name, 'scope' => scope }) response = APIRequest.execute(nsc.url, xml, '1.2', { timeout: nsc.timeout, open_timeout: nsc.open_timeout }) if response.success elem = REXML::XPath.first(response.res, 'RoleDetailsResponse/Role/') parse(elem) end end
# File lib/nexpose/role.rb, line 141 def initialize(name, full_name, id = -1, enabled = true, scope = Scope::SILO) @name = name @full_name = full_name @id = id.to_i @enabled = enabled @scope = scope @privileges = [] end
# File lib/nexpose/role.rb, line 214 def self.parse(xml) role = new(xml.attributes['name'], xml.attributes['full-name'], xml.attributes['id'].to_i, xml.attributes['enabled'] == 'true', xml.attributes['scope']) role.description = REXML::XPath.first(xml, 'Description').text role.existing = true # Only grab enabled privileges. xml.elements.each("GlobalPrivileges/child::*[@enabled='true']") do |privilege| role.privileges << privilege.name end xml.elements.each("SitePrivileges/child::*[@enabled='true']") do |privilege| role.privileges << privilege.name end xml.elements.each("AssetGroupPrivileges/child::*[@enabled='true']") do |privilege| role.privileges << privilege.name end role end
Public Instance Methods
# File lib/nexpose/role.rb, line 241 def as_xml xml = REXML::Element.new('Role') xml.add_attributes({ 'name' => @name, 'full-name' => @full_name, 'enabled' => enabled, 'scope' => @scope }) xml.add_attribute('id', @id) if @id > 0 xml.add_element('Description').text = @description site_privileges = xml.add_element('SitePrivileges') Privilege::Site.constants.each do |field| as_s = Privilege::Site.const_get(field) enabled = privileges.member? as_s site_privileges.add_element(as_s, { 'enabled' => enabled }) end asset_group_privileges = xml.add_element('AssetGroupPrivileges') Privilege::AssetGroup.constants.each do |field| as_s = Privilege::AssetGroup.const_get(field) enabled = privileges.member? as_s asset_group_privileges.add_element(as_s, { 'enabled' => enabled }) end global_privileges = xml.add_element('GlobalPrivileges') Privilege::Global.constants.each do |field| as_s = Privilege::Global.const_get(field) enabled = privileges.member? as_s global_privileges.add_element(as_s, { 'enabled' => enabled }) end xml end
Create or save a Role
to the Nexpose
console.
@param [Connection] nsc Nexpose
connection.
# File lib/nexpose/role.rb, line 175 def save(nsc) if @existing xml = nsc.make_xml('RoleUpdateRequest') else xml = nsc.make_xml('RoleCreateRequest') end xml.add_element(as_xml) response = APIRequest.execute(nsc.url, xml, '1.2', { timeout: nsc.timeout, open_timeout: nsc.open_timeout }) xml = REXML::XPath.first(response.res, 'RoleCreateResponse') @id = xml.attributes['id'].to_i unless @existing @existing = true response.success end
# File lib/nexpose/role.rb, line 237 def to_xml as_xml.to_s end