def _reload_config(self):
if self._included_config is None:
config = self._original_config
else:
config = merge_dicts(self._original_config,
self._included_config,
ignored_keys=['parameters'])
self.script_command = config.get('script_path')
self.description = replace_auth_vars(config.get('description'),
self._username, self._audit_name)
self.working_directory = config.get('working_directory')
required_terminal = read_bool_from_config(
'requires_terminal', config, default=self._pty_enabled_default)
self.requires_terminal = required_terminal
ansi_enabled = read_bool_from_config(
'bash_formatting', config, default=self._ansi_enabled_default)
self.ansi_enabled = ansi_enabled
self.output_files = config.get('output_files', [])
if config.get('scheduling'):
self.schedulable = read_bool_from_config('enabled',
config.get('scheduling'),
default=False)
if not self.script_command:
raise Exception('No script_path is specified for ' + self.name)
def _create_values_provider(self, values_config, type, constant):
if constant:
return NoneValuesProvider()
if self._is_plain_server_file():
return FilesProvider(self._list_files_dir, self.file_type,
self.file_extensions,
self.excluded_files_matcher)
if (type != 'list') and (type != PARAM_TYPE_MULTISELECT) and (
type != PARAM_TYPE_EDITABLE_LIST):
return NoneValuesProvider()
if is_empty(values_config):
return EmptyValuesProvider()
if isinstance(values_config, list):
return ConstValuesProvider(values_config)
elif 'script' in values_config:
script = replace_auth_vars(values_config['script'], self._username,
self._audit_name)
if '${' not in script:
return ScriptValuesProvider(script)
return DependantScriptValuesProvider(script,
self._parameters_supplier)
else:
message = 'Unsupported "values" format for ' + self.name
raise Exception(message)
def _resolve_default(default, username, audit_name, working_dir):
if not default:
return default
script = False
if isinstance(default, dict) and 'script' in default:
string_value = default['script']
script = True
elif isinstance(default, str):
string_value = default
else:
return default
resolved_string_value = resolve_env_vars(string_value, full_match=True)
if resolved_string_value == string_value:
resolved_string_value = replace_auth_vars(string_value, username,
audit_name)
if script:
has_variables = string_value != resolved_string_value
shell = read_bool_from_config('shell',
default,
default=not has_variables)
output = process_utils.invoke(resolved_string_value,
working_dir,
shell=shell)
return output.strip()
return resolved_string_value
def substitute_variable_values(parameter_configs, output_files, values, audit_name, username):
output_file_parsed = []
for _, output_file in enumerate(output_files):
substituted_file = fill_parameter_values(parameter_configs, output_file, values)
substituted_file = replace_auth_vars(substituted_file, username, audit_name)
output_file_parsed.append(substituted_file)
return output_file_parsed
def _reload(self):
config = self._original_config
self.param = config.get('param')
self.same_arg_param = read_bool_from_config('same_arg_param',
config,
default=False)
self.env_var = config.get('env_var')
self.no_value = read_bool_from_config('no_value',
config,
default=False)
self.description = replace_auth_vars(config.get('description'),
self._username, self._audit_name)
self.required = read_bool_from_config('required',
config,
default=False)
self.min = config.get('min')
self.max = config.get('max')
self.max_length = config.get('max_length')
self.secure = read_bool_from_config('secure', config, default=False)
self.separator = config.get('separator', ',')
self.multiselect_argument_type = read_str_from_config(
config,
'multiselect_argument_type',
default='single_argument',
allowed_values=[
'single_argument', 'argument_per_value', 'repeat_param_value'
])
self.default = _resolve_default(config.get('default'), self._username,
self._audit_name, self._working_dir)
self.file_dir = _resolve_file_dir(config, 'file_dir')
self._list_files_dir = _resolve_list_files_dir(self.file_dir,
self._working_dir)
self.file_extensions = _resolve_file_extensions(
config, 'file_extensions')
self.file_type = _resolve_parameter_file_type(config, 'file_type',
self.file_extensions)
self.file_recursive = read_bool_from_config('file_recursive',
config,
default=False)
self.excluded_files_matcher = _resolve_excluded_files(
config, 'excluded_files', self._list_files_dir)
self.type = self._read_type(config)
self.constant = read_bool_from_config('constant',
config,
default=False)
self._validate_config()
values_provider = self._create_values_provider(config.get('values'),
self.type,
self.constant)
self._values_provider = values_provider
self._reload_values()
def _resolve_default(default, username, audit_name):
if not default:
return default
if not isinstance(default, str):
return default
resolved_env_default = resolve_env_var(default)
if resolved_env_default != default:
return resolved_env_default
return replace_auth_vars(default, username, audit_name)
def _create_values_provider(self, values_config, type, constant):
if constant:
return NoneValuesProvider()
if self._is_plain_server_file():
return FilesProvider(self._list_files_dir, self.file_type,
self.file_extensions)
if (type in [PARAM_TYPE_MULTISELECT, PARAM_TYPE_LIST]):
if is_empty(values_config):
return EmptyValuesProvider()
if isinstance(values_config, list):
return ConstValuesProvider(values_config)
if PARAM_TYPE_DEPENDANT_LIST in values_config:
return DependantValuesProvider(
self.name, values_config[PARAM_TYPE_DEPENDANT_LIST],
self._parameters_supplier)
if 'script' in values_config:
script = replace_auth_vars(values_config['script'],
self._username, self._audit_name)
if '${' not in script:
return ScriptValuesProvider(script)
return DependantScriptValuesProvider(script,
self._parameters_supplier)
elif (type in ["text"]):
if is_empty(values_config):
return NoneValuesProvider()
if 'script' in values_config:
script = values_config['script']
if '${' not in script:
return ScriptValuesProvider(script)
return DependantScriptValuesProvider(script,
self._parameters_supplier)
else:
return NoneValuesProvider()
message = 'Unsupported "values" format for ' + self.name
raise Exception(message)
def _resolve_default(default, username, audit_name, working_dir):
if not default:
return default
script = False
if isinstance(default, dict) and 'script' in default:
string_value = default['script']
script = True
elif isinstance(default, str):
string_value = default
else:
return default
resolved_string_value = resolve_env_vars(string_value, full_match=True)
if resolved_string_value == string_value:
resolved_string_value = replace_auth_vars(string_value, username, audit_name)
if not script:
return resolved_string_value
output = process_utils.invoke(resolved_string_value, working_dir)
return output.strip()
def _resolve_default(default, username, audit_name, working_dir):
if not default:
return default
script = False
if isinstance(default, dict) and 'script' in default:
string_value = default['script']
script = True
elif isinstance(default, str):
string_value = default
else:
return default
resolved_string_value = resolve_env_vars(string_value, full_match=True)
if resolved_string_value == string_value:
resolved_string_value = replace_auth_vars(string_value, username, audit_name)
if not script:
return resolved_string_value
output = process_utils.invoke(resolved_string_value, working_dir)
return output.strip()
