Class: VrtCli::App

Inherits:

Object

• Object
• VrtCli::App

Defined in:

lib/vrt_cli.rb,
lib/vrt_cli/parse.rb,
lib/vrt_cli/output.rb

Overview

The application

Constant Summary

SEVERITY =

{
  1 => :red,
  2 => 'orange',
  3 => :yellow,
  4 => :green,
  5 => :blue,
  '?' => 'grey'
}.freeze

Instance Attribute Summary

• #categories ⇒ Object readonly

  Returns the value of attribute categories.

• #vulnerabilities ⇒ Object readonly

  Returns the value of attribute vulnerabilities.

Instance Method Summary

• #display_table ⇒ Object

  Display vulnerabilities in a simple justified table.

• #display_tree ⇒ Object

  Display vulnerabilities in a tree.

• #initialize ⇒ App constructor

  A new instance of App.

• #parse ⇒ Array<Hash>

  An array of vulnerabilities (:priority, :category, :subcategory, :variant).

• #sort(sortby = :priority, order = :asc) ⇒ Object

  Sort vulnerabilities.

Constructor Details

#initialize ⇒ App

Returns a new instance of App.

# File 'lib/vrt_cli.rb', line 26

def initialize
  @vulnerabilities = parse
  @categories = VRT.current_categories.map { |x| x[:label] }
end

Instance Attribute Details

#categories ⇒ Object (readonly)

Returns the value of attribute categories.

# File 'lib/vrt_cli.rb', line 24

def categories
  @categories
end

#vulnerabilities ⇒ Object (readonly)

Returns the value of attribute vulnerabilities.

# File 'lib/vrt_cli.rb', line 24

def vulnerabilities
  @vulnerabilities
end

Instance Method Details

#display_table ⇒ Object

Display vulnerabilities in a simple justified table

• First column: Technical severity / Priority (:priority)
• Second column: Category (:category)
• Third column: Sub-category / Specific vulnerability (:subcategory)
• Fourth column: Vulnerability / Variant / Affected function (:variant)

# File 'lib/vrt_cli/output.rb', line 53

def display_table
  @vulnerabilities.each do |v|
    output = "#{Paint[v[:priority].to_s, SEVERITY[v[:priority]]]} #{Paint[v[:category].ljust(44), :bold]} "
    output += "#{v[:subcategory].ljust(55)} #{v[:variant]}"
    puts output
  end
  true
end

#display_tree ⇒ Object

Display vulnerabilities in a tree

# File 'lib/vrt_cli/output.rb', line 10

def display_tree
  VRT.get_map.structure.each do |_cat_id, category|
    puts Paint[category.name, :bold]
    category.children.each do |_subcat_id, subcategory|
      if subcategory.priority
        print ''.ljust(4) + Paint[subcategory.priority, SEVERITY[subcategory.priority]]
        puts " #{subcategory.name}"
      else
        puts ''.ljust(4) + subcategory.name
      end

      next unless subcategory.children?

      subcategory.children.each do |_variant_id, variant|
        if variant.priority
          print ''.ljust(8) + Paint[variant.priority, SEVERITY[variant.priority]]
          puts " #{variant.name}"
        else
          puts ''.ljust(4) + variant.name
        end
      end
    end
  end
  true
end

#parse ⇒ Array<Hash>

Returns An array of vulnerabilities (:priority, :category, :subcategory, :variant).

Returns:

• (Array<Hash>) —

  An array of vulnerabilities (:priority, :category, :subcategory, :variant)

# File 'lib/vrt_cli/parse.rb', line 9

def parse
  vulns = []
  VRT.get_map.structure.each do |_cat_id, category|
    category.children.each do |_subcat_id, subcategory|
      if subcategory.children?
        subcategory.children.each do |_variant_id, variant|
          priority = variant.priority || '?'
          vuln = {
            priority: priority,
            category: category.name,
            subcategory: subcategory.name,
            variant: variant.name
          }
          vulns.push(vuln)
        end
      else
        priority = subcategory.priority || '?'
        vuln = {
          priority: priority,
          category: category.name,
          subcategory: subcategory.name,
          variant: '-'
        }
        vulns.push(vuln)
      end
    end
  end
  vulns
end

#sort(sortby = :priority, order = :asc) ⇒ Object

Sort vulnerabilities

Parameters:

• sortby (Symbol) (defaults to: :priority) —

  Column to sort by (:priority, :category, :subcategory, :variant)

• order (Symbol) (defaults to: :asc) —

  Displayed in ascendant (:asc) order or descendant order (:dsc). Works with sortby.

# File 'lib/vrt_cli/output.rb', line 39

def sort(sortby = :priority, order = :asc)
  unless sortby.nil? || sortby == :nil
    @vulnerabilities.sort! { |a, b| a[sortby].to_s <=> b[sortby].to_s }
    @vulnerabilities.reverse! if order == :dsc
  end
  true
end