Class: VrtCli::App

Inherits:
Object
  • Object
show all
Defined in:
lib/vrt_cli.rb,
lib/vrt_cli/parse.rb,
lib/vrt_cli/output.rb

Overview

The application

Constant Summary collapse

SEVERITY =
{
  1 => :red,
  2 => 'orange',
  3 => :yellow,
  4 => :green,
  5 => :blue,
  '?' => 'grey'
}.freeze

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initializeApp

Returns a new instance of App.



26
27
28
29
# File 'lib/vrt_cli.rb', line 26

def initialize
  @vulnerabilities = parse
  @categories = VRT.current_categories.map { |x| x[:label] }
end

Instance Attribute Details

#categoriesObject (readonly)

Returns the value of attribute categories.



24
25
26
# File 'lib/vrt_cli.rb', line 24

def categories
  @categories
end

#vulnerabilitiesObject (readonly)

Returns the value of attribute vulnerabilities.



24
25
26
# File 'lib/vrt_cli.rb', line 24

def vulnerabilities
  @vulnerabilities
end

Instance Method Details

#display_tableObject

Display vulnerabilities in a simple justified table First column: Technical severity / Priority (:priority) Second column: Category (:category) Third column: Sub-category / Specific vulnerability (:subcategory) Fourth column: Vulnerability / Variant / Affected function (:variant)



52
53
54
55
56
57
58
59
# File 'lib/vrt_cli/output.rb', line 52

def display_table
  @vulnerabilities.each do |v|
    output = "#{Paint[v[:priority].to_s, SEVERITY[v[:priority]]]} #{Paint[v[:category].ljust(44), :bold]} "
    output += "#{v[:subcategory].ljust(55)} #{v[:variant]}"
    puts output
  end
  true
end

#display_treeObject

Display vulnerabilities in a tree



10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
# File 'lib/vrt_cli/output.rb', line 10

def display_tree
  VRT.get_map.structure.each do |_cat_id, category|
    puts Paint[category.name, :bold]
    category.children.each do |_subcat_id, subcategory|
      if subcategory.priority
        print ''.ljust(4) + Paint[subcategory.priority, SEVERITY[subcategory.priority]]
        puts " #{subcategory.name}"
      else
        puts ''.ljust(4) + subcategory.name
      end

      next unless subcategory.children?

      subcategory.children.each do |_variant_id, variant|
        if variant.priority
          print ''.ljust(8) + Paint[variant.priority, SEVERITY[variant.priority]]
          puts " #{variant.name}"
        else
          puts ''.ljust(4) + variant.name
        end
      end
    end
  end
  true
end

#parseArray<Hash>

Returns An array of vulnerabilities (:priority, :category, :subcategory, :variant).

Returns:

  • (Array<Hash>)

    An array of vulnerabilities (:priority, :category, :subcategory, :variant)



9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
# File 'lib/vrt_cli/parse.rb', line 9

def parse
  vulns = []
  VRT.get_map.structure.each do |_cat_id, category|
    category.children.each do |_subcat_id, subcategory|
      if subcategory.children?
        subcategory.children.each do |_variant_id, variant|
          priority = variant.priority || '?'
          vuln = {
            priority: priority,
            category: category.name,
            subcategory: subcategory.name,
            variant: variant.name
          }
          vulns.push(vuln)
        end
      else
        priority = subcategory.priority || '?'
        vuln = {
          priority: priority,
          category: category.name,
          subcategory: subcategory.name,
          variant: '-'
        }
        vulns.push(vuln)
      end
    end
  end
  vulns
end

#sort(sortby = :priority, order = :asc) ⇒ Object

Sort vulnerabilities

Parameters:

  • sortby (Symbol) (defaults to: :priority)

    Column to sort by (:priority, :category, :subcategory, :variant)

  • order (Symbol) (defaults to: :asc)

    Displayed in ascendant (:asc) order or descendant order (:dsc). Works with sortby.



39
40
41
42
43
44
45
# File 'lib/vrt_cli/output.rb', line 39

def sort(sortby = :priority, order = :asc)
  unless sortby.nil? || sortby == :nil
    @vulnerabilities.sort! { |a, b| a[sortby].to_s <=> b[sortby].to_s }
    @vulnerabilities.reverse! if order == :dsc
  end
  true
end