From 7da182c7ee3a42a3c7fb8cf3507203205ee3a98e Mon Sep 17 00:00:00 2001 From: Jjk422 Date: Mon, 4 Apr 2016 12:29:01 +0100 Subject: [PATCH] Added Yard doc generator, rake files to generate docs, commented most methods only managers and helpers need to be documented for ruby files --- Gemfile | 1 + Gemfile.lock | 2 + documentation/rdoc/rakefile.rb | 21 +++ .../rdoc/rdoc_generator.rb | 5 +- documentation/yard/rakefile.rb | 20 +++ lib/configuration.rb | 21 +-- lib/constants.rb | 57 +++++- lib/erb_controller.rb | 5 +- lib/filecreator.rb | 7 +- lib/helpers/bootstrap.rb | 9 +- lib/objects/base_box.rb | 16 +- lib/objects/base_module.rb | 2 +- lib/objects/network.rb | 19 +- lib/objects/service.rb | 29 ++- lib/objects/site.rb | 9 +- lib/objects/system.rb | 37 +++- lib/objects/vulnerability.rb | 170 ++++++++++++------ lib/systemreader.rb | 2 +- lib/vagrant.rb | 4 +- lib/xml_report_generator.rb | 31 ++-- secgen.rb | 6 +- 21 files changed, 355 insertions(+), 118 deletions(-) create mode 100644 documentation/rdoc/rakefile.rb rename rdoc_generator.rb => documentation/rdoc/rdoc_generator.rb (84%) create mode 100644 documentation/yard/rakefile.rb diff --git a/Gemfile b/Gemfile index 8dc1416ac..85e7c97b0 100644 --- a/Gemfile +++ b/Gemfile @@ -8,4 +8,5 @@ group :test, :development do gem 'minitest' gem 'rake' gem 'rdoc' + gem 'yard' end \ No newline at end of file diff --git a/Gemfile.lock b/Gemfile.lock index 0fc960c4f..6dff02ee3 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -10,6 +10,7 @@ GEM rdoc (4.2.2) json (~> 1.4) xml-simple (1.1.5) + yard (0.8.7.6) PLATFORMS ruby @@ -20,6 +21,7 @@ DEPENDENCIES rake rdoc xml-simple + yard BUNDLED WITH 1.11.2 diff --git a/documentation/rdoc/rakefile.rb b/documentation/rdoc/rakefile.rb new file mode 100644 index 000000000..962a24dac --- /dev/null +++ b/documentation/rdoc/rakefile.rb @@ -0,0 +1,21 @@ +task :default => ["rdoc"] + +require 'rdoc' +require_relative '../../lib/constants.rb' + +RDoc::Task.new :rdoc do |rdoc| + + rdoc.main = "README.rdoc" + # + # rdoc.rdoc_files.include("README.md", "doc/*.rdoc", "app/**/*.rb", "lib/**/*.rb", "config/**/*.rb") + # + rdoc.title = "SecGen #{VERSION_NUMBER} Documentation" + # rdoc.options << "--all" + # rdoc.options << "--line-numbers" + # rdoc.markup = "tomdoc" + rdoc.rdoc_dir = "doc" + # + # rdoc.main = "README.doc" + rdoc.rdoc_files.include("../../lib *.rb") + rdoc.options << "--all" +end \ No newline at end of file diff --git a/rdoc_generator.rb b/documentation/rdoc/rdoc_generator.rb similarity index 84% rename from rdoc_generator.rb rename to documentation/rdoc/rdoc_generator.rb index ea33247bd..9a075a0dd 100644 --- a/rdoc_generator.rb +++ b/documentation/rdoc/rdoc_generator.rb @@ -22,12 +22,13 @@ # rdoc.document %w[--include=DIRECTORIES lib/*.rb] require 'rdoc' +require_relative '../../lib/constants.rb' options = RDoc::Options.new -options.title = "SecGen" ##{SecGen::VERSION} +options.title = "SecGen #{VERSION_NUMBER} Documentation" options.op_dir = 'doc' options.main_page = 'README.rdoc' -options.files = %w[lib] +options.files = %w[../../lib] options.setup_generator 'darkfish' RDoc::RDoc.new.document options \ No newline at end of file diff --git a/documentation/yard/rakefile.rb b/documentation/yard/rakefile.rb new file mode 100644 index 000000000..5d7a6239e --- /dev/null +++ b/documentation/yard/rakefile.rb @@ -0,0 +1,20 @@ +task :default => ["yard"] + +desc "Generate_yard_documentation" +task :yard do + require 'yard' + require_relative '../../lib/constants.rb' + + YARD::Rake::YardocTask.new do |t| + t.files = ['../../README.md', '../../lib'] # optional + t.options = ["--title=SecGen #{VERSION_NUMBER} Documentation", '--extra', '--opts'] # optional + t.stats_options = ['--list-undoc'] # optional + end +end + +task :yard_clean do + # NEED TO FIND A BETTER WAY TO CLEAN FILES AS VULNERABILITIES IN 'rm_rf' + rm_rf('doc') +end + +# YARD::Templates::Engine.generate \ No newline at end of file diff --git a/lib/configuration.rb b/lib/configuration.rb index 4c391fdfc..0fbc5067f 100644 --- a/lib/configuration.rb +++ b/lib/configuration.rb @@ -2,14 +2,14 @@ require_relative 'systemreader.rb' class Configuration - # populates the system class with an array of System objects. + # Populates the system class with an array of System objects. def initialize @systemreader = SystemReader.new @systems = init_systems() end # Return all systems - # @return systems + # @return [Array] Array of systems objects def get_systems if @systems.empty? init_systems() @@ -23,7 +23,7 @@ class Configuration end # Returns the existing networks if defined, else returns network from the file networks.xml - # @return networks + # @return [Array] Array of network objects def self.networks if defined? @@networks return @@networks @@ -32,7 +32,7 @@ class Configuration end # Returns the existing bases if defined, else returns bases the from the file base.xml - # @return bases + # @return [Array] Array of base_box objects def self.bases if defined? @@bases return @@bases @@ -41,7 +41,7 @@ class Configuration end # Returns the existing vulnerabilities if defined, else returns vulnerabilities the from the file vuln.xml - # @return vulnerabilities + # @return [Array] Array of vulnerability objects def self.vulnerabilities if defined? @@vulnerabilities return @@vulnerabilities @@ -50,7 +50,7 @@ class Configuration end # Returns the existing services if defined, else returns services the from the file services.xml - # @return services + # @return [Array] Array of service objects def self.services if defined? @@services return @@services @@ -58,10 +58,11 @@ class Configuration return @@services = _get_list(SCENARIO_XML, "/systems/system/services/service", Service) end - # ??? - # @param [File] xmlfile - # @param [String] xpath - # @param [] cls + # Reads xml file and returns relevent items + # @param xmlfile [File] Name of XML file to read + # @param xpath [String] Path to puppet files + # @param class [Class] Class to be imported in + # @return [Array] List containing all item from given xml file def self._get_list(xmlfile, xpath, cls) itemlist = [] diff --git a/lib/constants.rb b/lib/constants.rb index 86ad49963..5e1efb0dc 100644 --- a/lib/constants.rb +++ b/lib/constants.rb @@ -1,28 +1,71 @@ -#FILE CONSTANTS +## FILE_CONSTANTS + +# Root directory of SecGen file structure ROOT_DIR = File.expand_path('../../../SecGen',__FILE__) + +# Path to Scenario.xml file SCENARIO_XML = "#{ROOT_DIR}/config/scenario.xml" + +# Path to Networks.xml file NETWORKS_XML = "#{ROOT_DIR}/xml/networks.xml" + +# Path to services.xml file SERVICES_XML = "#{ROOT_DIR}/xml/services.xml" + +# Path to bases.xml file BASE_XML = "#{ROOT_DIR}/xml/bases.xml" + +# Path to mount directory MOUNT_DIR = "#{ROOT_DIR}/mount/" + +# Path to build directory BUILD_DIR = "#{ROOT_DIR}/modules/build/" + +# Path to mount/puppet directory MOUNT_PUPPET_DIR = "#{ROOT_DIR}/mount/puppet" + +# Path to projects directory PROJECTS_DIR = "#{ROOT_DIR}/projects" + +# Path to environments directory ENVIRONMENTS_PATH = "#{ROOT_DIR}/modules/environments" -#PATH CONSTANTS + + +## PATH_CONSTANTS + +# Path to modules directory MODULES_PATH = "#{ROOT_DIR}/modules/" + +# Path to vulnerabilities directory VULNERABILITIES_PATH = "#{ROOT_DIR}/modules/vulnerabilities/" -#ERROR CONSTANTS + +## ERROR_CONSTANTS + +# Vulnerability not found in scenario.xml file error VULN_NOT_FOUND = "Matching vulnerability was not found please check the xml scenario.xml" -#RUNTIME_CONSTANTS + +## RUNTIME_CONSTANTS + +# CVE numbers available AVAILABLE_CVE_NUMBERS = [] -#VAGRANT_FILE_CONSTANTS + +## VAGRANT_FILE_CONSTANTS + +# Path to cleanup directory PATH_TO_CLEANUP = "#{ROOT_DIR}/modules/build/puppet/" + +# Path to vagrantbase.erb file VAGRANT_TEMPLATE_FILE = "#{ROOT_DIR}/lib/templates/vagrantbase.erb" + +# Path to report.erb file REPORT_TEMPLATE_FILE = "#{ROOT_DIR}/lib/templates/report.erb" -# #VERSION_CONSTANTS -# VERSION = \ No newline at end of file + +## VERSION_CONSTANTS + +# Version number of SecGen +# e.g. [release state (0 = alpha, 3 = final release)].[Major bug fix].[Minor bug fix].[Cosmetic or other features] +VERSION_NUMBER = '0.0.0.1' \ No newline at end of file diff --git a/lib/erb_controller.rb b/lib/erb_controller.rb index d3bdf3ec6..cc2de2eb2 100644 --- a/lib/erb_controller.rb +++ b/lib/erb_controller.rb @@ -4,14 +4,13 @@ class ERBController attr_accessor :systems # Initialise systems array - # @return [Array] empty array for systems + # @return [Array] Empty array for systems def initialize @systems = [] end # Returns binding of mapped .erb files - # @return binding - # ???????? + # @return binding ????? def get_binding return binding end diff --git a/lib/filecreator.rb b/lib/filecreator.rb index 344d3deb4..ef5dbf498 100644 --- a/lib/filecreator.rb +++ b/lib/filecreator.rb @@ -10,14 +10,13 @@ class FileCreator # to create the virtual machines # Initialises configuration variable - # @param config - # @return configuration + # @param config [Object] def initialize(config) @configuration = config end - # Generate all relevent files for the project - # @return [Int] build number of the newly generated project + # Generate all relevant files for the project + # @return [Int] Build number of the newly generated project def generate() systems = @configuration.get_systems Dir::mkdir("#{PROJECTS_DIR}") unless File.exists?("#{PROJECTS_DIR}") diff --git a/lib/helpers/bootstrap.rb b/lib/helpers/bootstrap.rb index d82a1b549..719bd859f 100644 --- a/lib/helpers/bootstrap.rb +++ b/lib/helpers/bootstrap.rb @@ -1,9 +1,10 @@ require 'fileutils' class Bootstrap + # Bootstrap the application by creating or moving all relevant puppet files def bootstrap puts 'Bootstrapping application..' - #if mount doesnt exist create the directory structure + #if mount does not exist create the directory structure if !Dir.exists?("#{ROOT_DIR}/mount") create_directory_structure move_vulnerability_puppet_files @@ -21,6 +22,8 @@ class Bootstrap private + # Create directory structure for puppet files + # Structure /mount/puppet/module and /mount/puppet/manifest def create_directory_structure print 'Mount directory not present, creating..' Dir.mkdir("#{ROOT_DIR}/mount") @@ -33,6 +36,7 @@ class Bootstrap puts ' Complete' end + # Copy all puppet files from /modules/vulnerabilities/ to /mount/puppet/module and /mount/puppet/module def move_vulnerability_puppet_files puts 'Moving vulnerability manifests' Dir.glob("#{ROOT_DIR}/modules/vulnerabilities/*/*/*/*.pp").each do |puppet_file| @@ -48,6 +52,7 @@ class Bootstrap end end + # Copy all puppet files from /modules/services to /mount/puppet/manifest and /mount/puppet/module def move_secure_service_puppet_files puts 'Moving Service manifests' Dir.glob("#{ROOT_DIR}/modules/services/*/*/*/*.pp").each do |puppet_file| @@ -67,6 +72,7 @@ class Bootstrap end end + # Move dependency modules, build manifests and build modules def move_build_puppet_files puts 'Moving Dependency modules' @@ -96,6 +102,7 @@ class Bootstrap end + # Purge all puppet files from mount directory def purge_puppet_files FileUtils.rm_rf("#{ROOT_DIR}/mount") end diff --git a/lib/objects/base_box.rb b/lib/objects/base_box.rb index da9f51d03..cdb3d00ae 100644 --- a/lib/objects/base_box.rb +++ b/lib/objects/base_box.rb @@ -1,3 +1,17 @@ class Basebox - attr_accessor :name, :os, :distro, :vagrantbase, :url + + # Name of the basebox + attr_accessor :name + + # Operating system on the basebox + attr_accessor :os + + # Distro running on the basebox + attr_accessor :distro + + # Selected vagrantbase of the system + attr_accessor :vagrantbase + + # Url link to the puppet basebox + attr_accessor :url end \ No newline at end of file diff --git a/lib/objects/base_module.rb b/lib/objects/base_module.rb index 0ec68af00..1aceb62d5 100644 --- a/lib/objects/base_module.rb +++ b/lib/objects/base_module.rb @@ -1,7 +1,7 @@ #Contains common components that modules will inherit from. class BaseModule - #Name of the module + # Name of the module attr_accessor :name #Type of the module diff --git a/lib/objects/network.rb b/lib/objects/network.rb index 4ced0d652..289d6f41d 100644 --- a/lib/objects/network.rb +++ b/lib/objects/network.rb @@ -1,16 +1,20 @@ class Network - attr_accessor :name, :range + # Network name + attr_accessor :name - # Initialise object - # @param [String] name network name - # @param [String] range network range + # Network range + attr_accessor :range + + # Initialise Network object + # @param name [String] Network name + # @param range [String] Network range def initialize(name="", range="") @name = name @range = range end # Returns a string containing all object variables concatenated together - # @return [String] hash contains all object variables + # @return [String] Hash containing @name and @range object variables as a concatenated string def id hash = @name + @range return hash @@ -18,14 +22,15 @@ class Network end # Check if name matches networks.xml from scenario.xml - # @param other ?????????? + # @param other [String] + # @return [Boolean] Returns true if @name matches networks.xml from scenario.xml def eql? other # checks if name matches networks.xml from scenario.xml other.kind_of?(self.class) && @name == other.name end # Returns a hash of the type - # @return [Hash] hash of the type ???????? + # @return [Hash] Hash of the object variable @type def hash @type.hash end diff --git a/lib/objects/service.rb b/lib/objects/service.rb index a00802433..94536d950 100644 --- a/lib/objects/service.rb +++ b/lib/objects/service.rb @@ -1,11 +1,21 @@ class Service - attr_accessor :name, :type, :details, :puppets + # Service name + attr_accessor :name - # Initialise object - # @param [String] name service name - # @param [String] type service range - # @param [String] details service details - # @param [Array] puppets ?????????????? + # Type of service + attr_accessor :type + + # Service details + attr_accessor :details + + # Puppet files used to create service + attr_accessor :puppets + + # Initialise Service object + # @param name [String] service name + # @param type [String] service range + # @param details [String] service details + # @param puppets [Array] puppet files used to create service def initialize(name="", type="", details="", puppets=[]) @name = name @type = type @@ -14,19 +24,20 @@ class Service end # Check if name matches services.xml from scenario.xml - # @param other ?????????? + # @param other [String] + # @return [Boolean] Returns true if @type matches services.xml from scenario.xml def eql? other other.kind_of?(self.class) && @type == other.type end # Returns a hash of the type - # @return [Hash] hash of the type ???????? + # @return [Hash] hash of the object variable @type def hash @type.hash end # Returns string containing the object type variable - # @return [String] type contains services id string containing type value + # @return [String] Services id string def id return @type end diff --git a/lib/objects/site.rb b/lib/objects/site.rb index 02d0b2949..949747ee9 100644 --- a/lib/objects/site.rb +++ b/lib/objects/site.rb @@ -1,6 +1,13 @@ class Site - attr_accessor :name, :type + # Site name + attr_accessor :name + # Type of site + attr_accessor :type + + # Initialize site object + # @param name [String] + # @param type [String] def initialize(name='', type='') @name = name @type = type diff --git a/lib/objects/system.rb b/lib/objects/system.rb index 26805a766..1d60bf891 100644 --- a/lib/objects/system.rb +++ b/lib/objects/system.rb @@ -1,8 +1,39 @@ class System # can access from outside of class - attr_accessor :id, :os, :url,:basebox, :networks, :vulns, :services, :sites - #initalizes system variables + # System's id number + attr_accessor :id + + # Operating system running on the system + attr_accessor :os + + # URL to the puppet basebox + attr_accessor :url + + # Puppet basebox name + attr_accessor :basebox + + # Networks used by the system + attr_accessor :networks + + # Vulnerabilite's installed on the system + attr_accessor :vulns + + # Services installed on the system + attr_accessor :services + + # Sites to be served from the system + attr_accessor :sites + + # Initalizes System object + # @param id [String] Identifier string for system object + # @param os [String] Operating system installed on the system + # @param basebox [String] Puppet basebox used to create the system + # @param url [String] url to the selected puppet basebox + # @param vulns [Array] Array containing selected vulnerability objects + # @param networks [Array] Array containing selected network objects + # @param services [Array] Array containing selected services objects + # @param sites [Array] Array containing selected sites objects def initialize(id, os, basebox, url, vulns=[], networks=[], services=[], sites=[]) @id = id @os = os @@ -14,6 +45,8 @@ class System @sites = sites end + # Checks to see if the selected base is a valid basebox and is in the vagrant file + # @return [Boolean] Is the basebox valid def is_valid_base valid_base = Configuration.bases diff --git a/lib/objects/vulnerability.rb b/lib/objects/vulnerability.rb index a17def346..8856eea59 100644 --- a/lib/objects/vulnerability.rb +++ b/lib/objects/vulnerability.rb @@ -1,65 +1,131 @@ require_relative('../constants.rb') class Vulnerability - attr_accessor :type, :privilege, :access ,:puppets, :details, :ports, :name, :cve, :files, :scripts, :platform, :difficulty, :cvss_rating, :cvss_score, :vector_string + # The type of vulnerability + attr_accessor :type - def initialize(type='', privilege='', access='', puppets=[], details='', ports=[], platform ='', name='', cve='', files=[], scripts=[], difficulty ='', cvss_rating='', cvss_score='',vector_string='') - @type = type - @privilege = privilege - @access = access - @puppets = puppets - @details = details - @ports = ports - @platform = platform - @name = name - @cve = cve - @files = files - @scripts = scripts - @difficulty = difficulty - @cvss_rating = cvss_rating - @cvss_score = cvss_score - @vector_string = vector_string + # The privilege level the vulnerability gives + attr_accessor :privilege - # Base Vector String: - # Example 1: 'AV:L/AC:H/Au:N/C:N/I:P/A:C' - # Access Vector: L = Local access, A = adjacent access, N = network access - # Access Complexity: H = High, M = Medium, L = Low - # Authentication: N = None required, S = Single instance, M = Multi instance - # Confidentiality Impact: N = None, P = Partial, C = Complete - # Integrity Impact: N = None, P = Partial, C = Complete - # Availabiliy Impact: N = None, P = Partial, C = Complete + # The access level the vulnerability gives + attr_accessor :access - end + # The puppet files used for the vulnerability + attr_accessor :puppets - def id - return @type + @privilege + @access - end + # Details describing the vulnerability + attr_accessor :details - def vulnerability_path - return "#{ROOT_DIR}/modules/vulnerabilities/#{@platform}/#{@type}/#{@name}" - end + # Ports used by the vulnerability + attr_accessor :ports - def puppet_path - return vulnerability_path + '/puppet' - end + # Name given to the vulnerability + attr_accessor :name - def is_vector_populated - return vector_string.length > 0 - end + # Vulnerability's CVE number + attr_accessor :cve - # - def get_vector_hash - base_vector_string = vector_string # for example: "AV:L/AC:H/Au:N/C:N/I:P/A:C" - base_vector_array = base_vector_string.split('/') # split to get: ['AV:L', 'AC:H', 'Au:N','C:N', 'I:P', 'A:C'] + # + attr_accessor :files + + # + attr_accessor :scripts + + # Platform the vulnerability will work on + attr_accessor :platform + + # Difficulty of the vulnerability + attr_accessor :difficulty + + # Vulnerability's cvss_rating + attr_accessor :cvss_rating + + # Vulnerability's cvss_score + attr_accessor :cvss_score + + # Vulnerability's vector_string, e.g. AV:L/AC:H/Au:N/C:N/I:P/A:C + attr_accessor :vector_string + + # Initialises Vulnerability object + # @param type [String] Type of vulnerability + # @param privilege [String] Privilege obtained after successful exploitation + # @param access [String] Access obtained after successful exploitation + # @param puppets [Array] Array of puppet files needed for the vulnerability + # @param details [String] Details of the vulnerability + # @param ports [Array] Ports used by the vulnerability + # @param platform [String] Platform the vulnerability will work on + # @param name [String] Name of the vulnerability + # @param cve [String] CVE number of the vulnerability + # @param files [Array] + # @param scripts [Array] + # @param difficulty [String] Difficulty level of exploiting the vulnerability + # @param cvss_rating [String] Vulnerability's cvss_rating + # @param cvss_score [String] Vulnerability's cvss_score + # @param vector_string [String] Vulnerability's vector_string, e.g. AV:L/AC:H/Au:N/C:N/I:P/A:C + def initialize(type='', privilege='', access='', puppets=[], details='', ports=[], platform ='', name='', cve='', files=[], scripts=[], difficulty ='', cvss_rating='', cvss_score='',vector_string='') + @type = type + @privilege = privilege + @access = access + @puppets = puppets + @details = details + @ports = ports + @platform = platform + @name = name + @cve = cve + @files = files + @scripts = scripts + @difficulty = difficulty + @cvss_rating = cvss_rating + @cvss_score = cvss_score + @vector_string = vector_string + + # Base Vector String: + # Example 1: 'AV:L/AC:H/Au:N/C:N/I:P/A:C' + # Access Vector: L = Local access, A = adjacent access, N = network access + # Access Complexity: H = High, M = Medium, L = Low + # Authentication: N = None required, S = Single instance, M = Multi instance + # Confidentiality Impact: N = None, P = Partial, C = Complete + # Integrity Impact: N = None, P = Partial, C = Complete + # Availability Impact: N = None, P = Partial, C = Complete - # convert this into a hash map - base_vector_hash = {} - for vector_element_string in base_vector_array - vector_element_array = vector_element_string.split(':') - if vector_element_array[1] != nil - base_vector_hash.store(vector_element_array[0], vector_element_array[1]) - end - end - return base_vector_hash - end end + + # Returns identifier string made of the @type, @privilege and @access object variables + # @return [String] Identifier string made of the @type, @privilege and @access object variables + def id + return @type + @privilege + @access + end + + # Returns path to the selected vulnerabilities files + # @return [String] Path to the vulnerability files + def vulnerability_path + return "#{ROOT_DIR}/modules/vulnerabilities/#{@platform}/#{@type}/#{@name}" + end + + # Returns path to the puppet files for the selected vulnerability + # @return [String] Path to the puppet files for the selected vulnerability + def puppet_path + return vulnerability_path + '/puppet' + end + + def is_vector_populated + return vector_string.length > 0 + end + + # Returns hash made of all the components in the vector string + # @return [Hash] Hash of vector string components + def get_vector_hash + base_vector_string = vector_string # for example: "AV:L/AC:H/Au:N/C:N/I:P/A:C" + base_vector_array = base_vector_string.split('/') # split to get: ['AV:L', 'AC:H', 'Au:N','C:N', 'I:P', 'A:C'] + + # convert this into a hash map + base_vector_hash = {} + for vector_element_string in base_vector_array + vector_element_array = vector_element_string.split(':') + if vector_element_array[1] != nil + base_vector_hash.store(vector_element_array[0], vector_element_array[1]) + end + end + return base_vector_hash + end +end diff --git a/lib/systemreader.rb b/lib/systemreader.rb index 023368820..ba2fb7de5 100644 --- a/lib/systemreader.rb +++ b/lib/systemreader.rb @@ -20,7 +20,7 @@ class SystemReader # uses nokogiri to extract all system information from scenario.xml will add it to the system class after # checking if the vulnerabilities / networks exist from system.rb - # @return systems + # @return [Array] Array containing Systems objects def parse_systems systems = [] doc = Nokogiri::XML(File.read(SCENARIO_XML)) diff --git a/lib/vagrant.rb b/lib/vagrant.rb index 5f84a641a..d959a6cfb 100644 --- a/lib/vagrant.rb +++ b/lib/vagrant.rb @@ -3,11 +3,11 @@ require_relative 'filecreator.rb' class VagrantController # Executes vagrant up for the specified build - # @param [Int] build_number to execute vagrant up on + # @param build_number [Int] Selected build number to execute vagrant up on def vagrant_up(build_number) #executes vagrant up from the current build. puts 'Building now.....' command = "cd #{PROJECTS_DIR}/Project#{build_number}/; vagrant up" - exec command + exec command end end diff --git a/lib/xml_report_generator.rb b/lib/xml_report_generator.rb index a6c34d465..bb7f77f7c 100644 --- a/lib/xml_report_generator.rb +++ b/lib/xml_report_generator.rb @@ -1,9 +1,11 @@ require 'xmlsimple' + +# Convert systems objects into xml class Xml_report_generator # Initialize the class with the systems array and the current build number - # @param systems [Array] - # @param build_number [Int] + # @param systems [Array] Array of all systems objects + # @param build_number [Int] Current build number of system def initialize(systems, build_number) @systems = systems @build_number = build_number @@ -14,8 +16,8 @@ class Xml_report_generator ## # Generates hashes as an array for all network interfaces showing the system's ip - # @param system [Array] current system being generated - # @return networks_array [Array] array of all network hashes + # @param system [Array] Current system being generated + # @return [Array] Array of all network hashes def get_networks_hash(s) networks_array = Array.new networks_hash = Hash.new @@ -32,8 +34,8 @@ class Xml_report_generator ## # Generates hashes as an array for all services to be installed on the specific system - # @param system [Array] current system being generated - # @return service_array [Array] array of all service hashes + # @param system [Array] Current system being generated + # @return [Array] Array of all service hashes def get_services_hash(s) service_array = Array.new service_hash = Hash.new @@ -44,6 +46,11 @@ class Xml_report_generator # 'details' => [v.details] # } + ################################### + ########## v.each do |e| ########## + ##### service_hash[e] = [v.e] ##### + ################################### + service_hash['type'] = [v.type] unless v.type.empty? service_hash['name'] = [v.name] unless v.name.empty? service_hash['details'] = [v.details] unless v.details.empty? @@ -58,8 +65,8 @@ class Xml_report_generator end # Generates hashes as an array for all vulnerabilities to be placed on the specific system - # @param system [Array] current system being generated - # @return vulns_array [Array] array of all vulnerability hashes + # @param system [Array] Current system being generated + # @return [Array] Array of all vulnerability hashes def get_vulnerabilities_hash(s) vulns_array = Array.new vulns_hash = Hash.new @@ -96,8 +103,8 @@ class Xml_report_generator end # Generates hashes as an array for all sites to be placed on the specific system - # @param system [Array] current system being generated - # @return sites_array [Array] array of all vulnerability hashes + # @param system [Array] Current system being generated + # @return [Array] Array of all vulnerability hashes def get_sites_hash(s) sites_array = Array.new sites_hash = Hash.new @@ -117,7 +124,7 @@ class Xml_report_generator end # Creates a hash in the specific format for the XmlSimple library - # @return hash [Hash] compatible with XmlSimple + # @return [Hash] Hash compatible with XmlSimple def create_xml_hash hash = Hash.new @systems.each do |system| @@ -135,7 +142,7 @@ class Xml_report_generator ### Start of public methods ### public - # Write the system information to an xml file + # Write the xml to an xml file def write_xml_report XmlSimple.xml_out(create_xml_hash,{:rootname => 'system',:OutputFile => "#{PROJECTS_DIR}/Project#{@build_number}/Report.xml"}) end diff --git a/secgen.rb b/secgen.rb index 5225dc588..fc5b11ad5 100644 --- a/secgen.rb +++ b/secgen.rb @@ -6,7 +6,7 @@ require_relative 'lib/systemreader.rb' require_relative 'lib/vagrant.rb' require_relative 'lib/helpers/bootstrap' -# Display secgen usage help +# Displays secgen usage data def usage puts 'Usage: ' + $0 + ' [options] @@ -21,7 +21,7 @@ def usage end # Builds the vagrant configuration file -# @return build_number +# @return build_number [Integer] Current system's build number def build_config puts 'Reading configuration file for virtual machines you want to create' @@ -36,7 +36,7 @@ def build_config end # Builds the vm via the vagrant file corresponding to build number -# @param build_number +# @param build_number [Integer] Desired system's build number def build_vms(build_number) vagrant = VagrantController.new vagrant.vagrant_up(build_number)