class NexposeThycotic::ThycoticOperations

Attributes

client[RW]

Public Class Methods

new(url = nil, comment = '', show_deleted = false, show_restricted = true) click to toggle source
# File lib/nexpose_thycotic/operations.rb, line 244
def initialize(url = nil, comment = '', show_deleted = false, show_restricted = true)
  # log: true, log_level: :info
  @client = Savon.client(wsdl: url, ssl_verify_mode: :none)

  # Comment used when retrieving passwords
  @comment = comment
  @show_deleted = show_deleted
  @show_restricted = show_restricted
end

Public Instance Methods

authenticate(username, password) click to toggle source
# File lib/nexpose_thycotic/operations.rb, line 276
def authenticate(username, password)
  operation = :authenticate
  message = { username: username, password: password }
  auth_result = get_secret_result(operation, message)
  check_for_errors(auth_result)
  @token = auth_result[:token]
end
check_for_errors(result) click to toggle source
# File lib/nexpose_thycotic/operations.rb, line 347
def check_for_errors(result)
  errors = result[:errors]
  unless errors.blank?
    puts errors
    #TODO: Logging
    raise Exception.new(errors)
  end
end
check_type(type) click to toggle source
# File lib/nexpose_thycotic/operations.rb, line 258
def check_type(type)
  case type
    when /.*unix.*/i then 'ssh'
    when /.*windows.*/i then 'cifs'
    when /.*ftp.*/i then 'ftp'
    when /.*400.*/i then 'as400'
    when /.*lotus.*/i then 'notes'
    when /.*Microsoft.*SQL.*Server.*/i then 'tds'
    when /.*Sybase.*SQL.*Server.*/i then 'sybase'
    when /.*mysql.*/i then 'mysql'
    when /.*DB2.*/i then 'db2'
    when /.*postgresql.*/i then 'postgresql'
    when /.*pop.*/i then 'pop'
    when /.*Simple.*Network.*Management.*/i then 'snmp'
    when /.*telnet.*/i then 'telnet'
  end
end
get_secret(token, secret_id) click to toggle source
# File lib/nexpose_thycotic/operations.rb, line 327
def get_secret(token, secret_id)
  operation = :get_secret
  message = { token: token,
              secretId: secret_id,
              loadSettingsAndPermissions: false,
              "codeResponses" => {"CodeResponse" =>
                                      [{
                                           "ErrorCode" => "COMMENT",
                                           "Comment" => @comment
                                       }]
              }}
  secret_result = get_secret_result(operation, message)

  check_for_errors(secret_result)
  username = parse_field(secret_result, 'Username')
  password = parse_field(secret_result, 'Password')

  { username: username, password: password }
end
get_secret_result(operation, message) click to toggle source
# File lib/nexpose_thycotic/operations.rb, line 290
def get_secret_result(operation, message)
  secret = @client.call(operation, message: message)
  resp = secret.hash[:envelope][:body]["#{operation}_response".to_sym]
  resp["#{operation}_result".to_sym]
end
get_secret_summaries(token, ip) click to toggle source
# File lib/nexpose_thycotic/operations.rb, line 296
def get_secret_summaries(token, ip)
  operation = :search_secrets_by_field_value
  message = {
    token: token,
    fieldName: 'machine',
    searchTerm: ip,
    showDeleted: @show_deleted,
    showRestricted: @show_restricted
  }
  secret_result = get_secret_result(operation, message)

  secrets = []
  unless secret_result[:secret_summaries].nil?
    summaries = secret_result[:secret_summaries][:secret_summary]

    # Ensure summaries is iterable
    summaries = [summaries] if summaries.is_a?(Hash)

    summaries.each do |secret|
      secret_info = {
        secret_id: secret[:secret_id],
        secret_type: secret[:secret_type_name],
        secret_name: secret[:secret_name]
      }
      secrets << secret_info
    end
  end

  secrets
end
operations() click to toggle source
# File lib/nexpose_thycotic/operations.rb, line 254
def operations
  puts @client.operations
end
parse_field(secret_response_result, field_name) click to toggle source
# File lib/nexpose_thycotic/operations.rb, line 284
def parse_field(secret_response_result, field_name)
  items = secret_response_result[:secret][:items][:secret_item]
  item = items.find  { |i| i[:field_display_name].casecmp(field_name) == 0 }
  item[:value]
end