Beispiel #1
0
class ReportSeverity(graphene.ObjectType):
    class Meta:
        default_resolver = text_resolver

    total = SeverityType()
    filtered = SeverityType()

    def resolve_total(root, _info):
        return get_text_from_element(root, 'full')
Beispiel #2
0
class Override(EntityObjectType):
    class Meta:
        default_resolver = find_resolver

    end_time = graphene.DateTime()

    active = graphene.Boolean()
    in_use = graphene.Boolean()
    orphan = graphene.Boolean()
    writable = graphene.Boolean()

    hosts = graphene.List(graphene.String)
    port = graphene.String()
    name = graphene.String()
    owner = graphene.String()
    text = graphene.String()

    severity = SeverityType()
    new_severity = SeverityType()

    nvt = graphene.Field(NVT)
    task = graphene.Field(Task)
    result = graphene.Field(Result)

    def resolve_name(root, _info):
        raise GraphQLError(f'Cannot query field "{_info.field_name}"'
                           f' on type "{_info.parent_type}".')

    def resolve_end_time(root, _info):
        return get_datetime_from_element(root, 'end_time')

    def resolve_active(root, _info):
        return get_boolean_from_element(root, 'active')

    def resolve_orphan(root, _info):
        return get_boolean_from_element(root, 'orphan')

    def resolve_text(root, _info):
        return get_text_from_element(root, 'text')

    def resolve_hosts(root, _info):
        hosts = get_text_from_element(root, 'hosts')
        if hosts is None:
            return []
        return [host.strip() for host in hosts.split(',')]

    def resolve_port(root, _info):
        return get_text_from_element(root, 'port')

    def resolve_severity(root, _info):
        return get_text_from_element(root, 'severity')

    def resolve_new_severity(root, _info):
        return get_text_from_element(root, 'new_severity')
Beispiel #3
0
class ConditionData(graphene.InputObjectType):
    at_least_count = graphene.Int(name='at_least_count')
    at_least_filter_id = graphene.UUID(name='at_least_filter_id')
    count = graphene.Int()
    direction = SeverityDirection()
    severity = SeverityType()
    filter_id = graphene.UUID(name="filter_id")
Beispiel #4
0
class Error(graphene.ObjectType):
    """Error object type. Is part of the Report object."""

    host = graphene.Field(ErrorHost)
    port = graphene.String()
    description = graphene.String()
    nvt = graphene.Field(ScanConfigNVT)
    scan_nvt_version = graphene.DateTime(
        description='Used Version of the NVT for this scan (modification date)'
    )
    severity = SeverityType()

    @staticmethod
    def resolve_host(root, _info):
        return root.find('host')

    @staticmethod
    def resolve_port(root, _info):
        return get_text_from_element(root, 'port')

    @staticmethod
    def resolve_description(root, _info):
        return get_text_from_element(root, 'description')

    @staticmethod
    def resolve_nvt(root, _info):
        return root.find('nvt')

    @staticmethod
    def resolve_scan_nvt_version(root, _info):
        return get_datetime_from_element(root, 'scan_nvt_version')

    @staticmethod
    def resolve_severity(root, _info):
        return get_text_from_element(root, 'severity')
Beispiel #5
0
class LastReport(graphene.ObjectType):
    """ The last report of a task for a finished scan """

    uuid = graphene.String(name='id')
    severity = SeverityType()
    scan_start = graphene.DateTime()
    scan_end = graphene.DateTime()
    timestamp = graphene.DateTime()

    def resolve_uuid(parent, _info):
        report = parent.find('report')
        uuid = report.get('id')
        return uuid

    def resolve_severity(parent, _info):
        report = parent.find('report')
        severity = report.find('severity')
        return get_text(severity)

    def resolve_timestamp(parent, _info):
        report = parent.find('report')
        return get_datetime_from_element(report, 'timestamp')

    def resolve_scan_start(parent, _info):
        report = parent.find('report')
        return get_datetime_from_element(report, 'scan_start')

    def resolve_scan_end(parent, _info):
        report = parent.find('report')
        return get_datetime_from_element(report, 'scan_end')
Beispiel #6
0
class Vulnerability(graphene.ObjectType):
    class Meta:
        default_resolver = text_resolver

    vuln_id = graphene.String(name="id")
    name = graphene.String()
    vuln_type = graphene.String(name="type")
    creation_time = graphene.DateTime()
    modification_time = graphene.DateTime()
    severity = SeverityType()  # change this to score if implememnted in GVMD
    qod = graphene.Int()
    results = graphene.Field(VulnerabilityResults)
    host_count = graphene.Int()

    def resolve_vuln_id(root, _info):
        return root.get('id')

    def resolve_vuln_type(root, _info):
        return get_text_from_element(root, 'type')

    def resolve_creation_time(root, _info):
        return get_datetime_from_element(root, 'creation_time')

    def resolve_modification_time(root, _info):
        return get_datetime_from_element(root, 'modification_time')

    def resolve_host_count(root, _info):
        hosts = root.find('hosts')
        return get_int_from_element(hosts, 'count')

    def resolve_results(root, _info):
        return root.find('results')

    def resolve_qod(root, _info):
        return get_int_from_element(root, 'qod')
Beispiel #7
0
class Note(EntityObjectType):
    class Meta:
        default_resolver = find_resolver

    end_time = graphene.DateTime()
    active = graphene.Boolean()
    orphan = graphene.Boolean()

    text = graphene.String()
    hosts = graphene.List(graphene.String)
    port = graphene.String()
    severity = SeverityType()
    threat = graphene.String()

    nvt = graphene.Field(NVT)
    task = graphene.Field(Task)
    result = graphene.Field(NoteResult)

    @staticmethod
    def resolve_name(root, _info):
        raise GraphQLError(f'Cannot query field "{_info.field_name}"'
                           f' on type "{_info.parent_type}".')

    @staticmethod
    def resolve_end_time(root, _info):
        return get_datetime_from_element(root, 'end_time')

    @staticmethod
    def resolve_active(root, _info):
        return get_boolean_from_element(root, 'active')

    @staticmethod
    def resolve_orphan(root, _info):
        return get_boolean_from_element(root, 'orphan')

    @staticmethod
    def resolve_text(root, _info):
        return get_text_from_element(root, 'text')

    @staticmethod
    def resolve_hosts(root, _info):
        hosts = get_text_from_element(root, 'hosts')
        return csv_to_list(hosts)

    @staticmethod
    def resolve_port(root, _info):
        return get_text_from_element(root, 'port')

    @staticmethod
    def resolve_severity(root, _info):
        return get_text_from_element(root, 'severity')

    @staticmethod
    def resolve_threat(root, _info):
        return get_text_from_element(root, 'threat')
Beispiel #8
0
class ReportPort(graphene.ObjectType):
    """Port object type. Is part of the Result object."""
    class Meta:
        default_resolver = text_resolver

    port = graphene.String()
    host = graphene.String()
    severity = SeverityType()
    threat = graphene.String()

    def resolve_port(root, _info):
        return get_text(root)
Beispiel #9
0
class AuditLastReport(graphene.ObjectType):
    """ The last report of an audit for a finished scan """

    uuid = graphene.String(name='id')
    severity = SeverityType()
    scan_start = graphene.DateTime()
    scan_end = graphene.DateTime()
    timestamp = graphene.DateTime()
    compliance_count = graphene.Field(
        AuditComplianceCount,
        description='Compliance status for this audit',
    )

    def resolve_compliance_count(root, _info):
        report = get_subelement(root, 'report')
        return get_subelement(report, 'compliance_count')

    def resolve_uuid(parent, _info):
        report = parent.find('report')
        uuid = report.get('id')
        return uuid

    def resolve_severity(parent, _info):
        report = parent.find('report')
        severity = report.find('severity')
        return get_text(severity)

    def resolve_timestamp(parent, _info):
        report = parent.find('report')
        return get_datetime_from_element(report, 'timestamp')

    def resolve_scan_start(parent, _info):
        report = parent.find('report')
        return get_datetime_from_element(report, 'scan_start')

    def resolve_scan_end(parent, _info):
        report = parent.find('report')
        return get_datetime_from_element(report, 'scan_end')
Beispiel #10
0
class Result(UserTagsObjectTypeMixin, SimpleEntityObjectType):
    """An object type representing a Result entity"""
    class Meta:
        default_resolver = find_resolver

    description = graphene.String(description='Description of the result')

    detection_result = graphene.Field(DetectionResult,
                                      description='Detection result')

    report_id = graphene.UUID(description="ID of the corresponding report")
    task = graphene.Field(ResultTask, description='Task the result belongs to')
    host = graphene.Field(ResultHost, description='Host the result belongs to')
    port = graphene.String(description='The port on the host')

    nvt = graphene.Field(ScanConfigNVT,
                         description='NVT the result belongs to')

    scan_nvt_version = graphene.String(
        description='Version of the NVT used in scan')
    threat = graphene.String()
    severity = SeverityType()

    qod = graphene.Field(
        QoD, description='The quality of detection (QoD) of the result')

    original_threat = graphene.String(
        description='Original threat when overridden')
    original_severity = SeverityType(
        description='Original severity when overridden')

    notes = graphene.List(Note, description='List of notes on the result')
    tickets = graphene.List(RemediationTicket,
                            description='List of tickets on the result')

    def resolve_description(root, _info):
        return get_text_from_element(root, 'description')

    def resolve_detection_result(root, _info):
        detection = root.find('detection')
        if detection is None or len(detection) == 0:
            return None
        return detection.find('result')

    def resolve_report_id(root, _info):
        report = root.find('report')
        if report is not None:
            return parse_uuid(root.find('report').get('id'))

    def resolve_task(root, _info):
        return root.find('task')

    def resolve_port(root, _info):
        return get_text_from_element(root, 'port')

    def resolve_scan_nvt_version(root, _info):
        return get_text_from_element(root, 'scan_nvt_version')

    def resolve_threat(root, _info):
        return get_text_from_element(root, 'threat')

    def resolve_severity(root, _info):
        return get_text_from_element(root, 'severity')

    def resolve_original_threat(root, _info):
        return get_text_from_element(root, 'original_threat')

    def resolve_original_severity(root, _info):
        return get_text_from_element(root, 'original_severity')

    def resolve_notes(root, _info):
        notes = root.find('notes')
        if notes is None or len(notes) == 0:
            return None
        return notes.findall('note')

    def resolve_tickets(root, _info):
        tickets = root.find('tickets')
        if tickets is None or len(tickets) == 0:
            return None
        return tickets.findall('ticket')
Beispiel #11
0
class Override(graphene.ObjectType):
    class Meta:
        default_resolver = find_resolver

    uuid = graphene.UUID(name='id')

    creation_time = graphene.DateTime()
    modification_time = graphene.DateTime()

    active = graphene.Boolean()
    in_use = graphene.Boolean()
    orphan = graphene.Boolean()
    writable = graphene.Boolean()

    hosts = graphene.List(graphene.String)
    name = graphene.String()
    owner = graphene.String()
    text = graphene.String()

    severity = SeverityType()
    new_severity = SeverityType()

    nvt = graphene.Field(NVT)

    def resolve_uuid(root, _info):
        return parse_uuid(root.get('id'))

    def resolve_owner(root, _info):
        return get_owner(root)

    def resolve_creation_time(root, _info):
        return get_datetime_from_element(root, 'creation_time')

    def resolve_modification_time(root, _info):
        return get_datetime_from_element(root, 'modification_time')

    def resolve_writable(root, _info):
        return get_boolean_from_element(root, 'writable')

    def resolve_in_use(root, _info):
        return get_boolean_from_element(root, 'in_use')

    def resolve_active(root, _info):
        return get_boolean_from_element(root, 'active')

    def resolve_orphan(root, _info):
        return get_boolean_from_element(root, 'orphan')

    def resolve_name(root, _info):
        nvt = get_subelement(root, 'nvt')
        return get_text_from_element(nvt, 'name')

    def resolve_text(root, _info):
        return get_text_from_element(root, 'text')

    def resolve_hosts(root, _info):
        hosts = get_text_from_element(root, 'hosts')
        if hosts is None:
            return []
        return hosts.split(',')

    def resolve_severity(root, _info):
        return get_text_from_element(root, 'severity')

    def resolve_new_severity(root, _info):
        return get_text_from_element(root, 'new_severity')
Beispiel #12
0
class Result(  # changed mixin to remove comment mixin
    UserTagsObjectTypeMixin,
    OwnerObjectTypeMixin,
    CreationModifactionObjectTypeMixin,
    BaseObjectType,
):
    """An object type representing a Result entity"""

    class Meta:
        default_resolver = find_resolver

    description = graphene.String(description='Description of the result')

    origin_result = graphene.Field(
        OriginResult,
        description='Referenced result that provided information for creating '
        'this result',
    )

    result_type = graphene.Field(
        ResultType,
        name='type',
        description='Type of result. Currently it can be a NVT or CVE based '
        'result',
    )

    report = graphene.Field(
        ResultReport, description='Report the result belongs to'
    )
    task = graphene.Field(ResultTask, description='Task the result belongs to')
    host = graphene.Field(ResultHost, description='Host the result belongs to')
    location = graphene.String(
        description='The location on the host where the result is detected'
    )

    information = graphene.Field(
        ResultInformation,
        description='Detailed information about the detected result. Currently '
        'it can be a NVT or CVE',
    )

    severity = SeverityType()

    qod = graphene.Field(
        QoD, description='The quality of detection (QoD) of the result'
    )

    original_severity = SeverityType(
        description='Original severity when overridden'
    )

    notes = graphene.List(Note, description='List of notes on the result')
    overrides = graphene.List(
        ResultOverride, description='List of overrides on the result'
    )
    tickets = graphene.List(
        RemediationTicket, description='List of tickets on the result'
    )

    @staticmethod
    def resolve_description(root, _info):
        return get_text_from_element(root, 'description')

    @staticmethod
    def resolve_origin_result(root, _info):
        detection = root.find('detection')
        if detection is None or len(detection) == 0:
            return None
        return detection.find('result')

    @staticmethod
    def resolve_report_id(root, _info):
        report = root.find('report')
        if report is not None:
            return parse_uuid(root.find('report').get('id'))

    @staticmethod
    def resolve_task(root, _info):
        return root.find('task')

    @staticmethod
    def resolve_location(root, _info):
        return get_text_from_element(root, 'port')

    @staticmethod
    def resolve_severity(root, _info):
        return get_text_from_element(root, 'severity')

    @staticmethod
    def resolve_original_severity(root, _info):
        return get_text_from_element(root, 'original_severity')

    @staticmethod
    def resolve_notes(root, _info):
        notes = root.find('notes')
        if notes is None or len(notes) == 0:
            return None
        return notes.findall('note')

    @staticmethod
    def resolve_overrides(root, _info):
        overrides = root.find('overrides')
        if overrides is None or len(overrides) == 0:
            return None
        return overrides.findall('override')

    @staticmethod
    def resolve_tickets(root, _info):
        tickets = root.find('tickets')
        if tickets is None or len(tickets) == 0:
            return None
        return tickets.findall('ticket')

    @staticmethod
    def resolve_information(root, _info):
        result_info = root.find('nvt')
        info_type = get_text_from_element(result_info, 'type')

        scan_nvt_version = get_text_from_element(root, 'scan_nvt_version')

        if info_type == 'nvt':
            # append scan_nvt_version as version element
            # to nvt result type for parsing
            version_element = etree.Element('version')
            version_element.text = scan_nvt_version
            result_info.append(version_element)

        return result_info

    @staticmethod
    def resolve_result_type(root, _info):
        nvt = root.find('nvt')

        if nvt is not None:
            return get_text_from_element(nvt, 'type').upper()
        return None
Beispiel #13
0
class Result(BaseObjectType):
    """Result object type. Is part of the Result object.

    Args:
        name (str): Name of result
        id (UUID): UUID of result
        comment (str): Comment for this result
        creation_time (DateTime)
        modification_time (DateTime)
        report_id (UUID)
        host (ResultHost)
        port (str)
        nvt (NVT)
        scan_nvt_version (str)
        thread (str)
        severity (str)
        qod (QOD)
        original_thread (str)
        original_severity (str)

    """
    class Meta:
        default_resolver = find_resolver

    comment = graphene.String()
    description = graphene.String()

    creation_time = graphene.DateTime()
    modification_time = graphene.DateTime()

    report_id = graphene.UUID(description="ID of the corresponding report")
    task = graphene.Field(ResultTask)
    host = graphene.Field(ResultHost)
    port = graphene.String()

    nvt = graphene.Field(ScanConfigNVT)

    scan_nvt_version = graphene.String()
    threat = graphene.String()
    severity = SeverityType()

    qod = graphene.Field(QoD)

    original_threat = graphene.String()
    original_severity = SeverityType()

    def resolve_comment(root, _info):
        return get_text_from_element(root, 'comment')

    def resolve_description(root, _info):
        return get_text_from_element(root, 'description')

    def resolve_creation_time(root, _info):
        return get_datetime_from_element(root, 'creation_time')

    def resolve_modification_time(root, _info):
        return get_datetime_from_element(root, 'modification_time')

    def resolve_report_id(root, _info):
        return parse_uuid(root.find('report').get('id'))

    def resolve_task(root, _info):
        return root.find('task')

    def resolve_port(root, _info):
        return get_text_from_element(root, 'port')

    def resolve_scan_nvt_version(root, _info):
        return get_text_from_element(root, 'scan_nvt_version')

    def resolve_threat(root, _info):
        return get_text_from_element(root, 'threat')

    def resolve_severity(root, _info):
        return get_text_from_element(root, 'severity')

    def resolve_original_threat(root, _info):
        return get_text_from_element(root, 'original_threat')

    def resolve_original_severity(root, _info):
        return get_text_from_element(root, 'original_severity')
Beispiel #14
0
class Note(graphene.ObjectType):
    class Meta:
        default_resolver = find_resolver

    uuid = graphene.UUID(name='id')

    creation_time = graphene.DateTime()
    modification_time = graphene.DateTime()
    end_time = graphene.DateTime()

    writable = graphene.Boolean()
    in_use = graphene.Boolean()
    active = graphene.Boolean()
    orphan = graphene.Boolean()

    owner = graphene.String()
    text = graphene.String()
    hosts = graphene.List(graphene.String)
    port = graphene.String()
    severity = SeverityType()
    threat = graphene.String()

    permissions = graphene.List(Permission)
    nvt = graphene.Field(NVT)
    task = graphene.Field(Task)
    result = graphene.Field(Result)

    def resolve_uuid(root, _info):
        return parse_uuid(root.get('id'))

    def resolve_permissions(root, _info):
        permissions = root.find('permissions')
        if len(permissions) == 0:
            return None
        return permissions.findall('permission')

    def resolve_owner(root, _info):
        return get_owner(root)

    def resolve_creation_time(root, _info):
        return get_datetime_from_element(root, 'creation_time')

    def resolve_modification_time(root, _info):
        return get_datetime_from_element(root, 'modification_time')

    def resolve_end_time(root, _info):
        return get_datetime_from_element(root, 'end_time')

    def resolve_writable(root, _info):
        return get_boolean_from_element(root, 'writable')

    def resolve_in_use(root, _info):
        return get_boolean_from_element(root, 'in_use')

    def resolve_active(root, _info):
        return get_boolean_from_element(root, 'active')

    def resolve_orphan(root, _info):
        return get_boolean_from_element(root, 'orphan')

    def resolve_text(root, _info):
        return get_text_from_element(root, 'text')

    def resolve_hosts(root, _info):
        hosts = get_text_from_element(root, 'hosts')
        if hosts is None:
            return []
        return hosts.split(',')

    def resolve_port(root, _info):
        return get_text_from_element(root, 'port')

    def resolve_severity(root, _info):
        return get_text_from_element(root, 'severity')

    def resolve_threat(root, _info):
        return get_text_from_element(root, 'threat')