Improvements for AssetDetails, Tags & Unique Identifiers + Adhoc Reports#43
Conversation
GetAssetDetails can sometimes throw a 500 on one of the details URLs (e.g. assessment). This change allows those errors to be skipped. In addition, if the field `assessment` isn't present when creating the asset object, this is now handled properly. Future changes might want to expand this out to other fields as well.
Ensure tags are fetched for AssetDetails as well & ensure both Tag & UniqueIdentifier objects are created on the AssetDetails object.
Adhoc reports can now be generated in different formats using different templates. Support for CSV is included as well, other formats can be requested but need to be parsed manually. The change retains backwards compatibility.
| body = ''.join(data[4:-1]) | ||
| boundary_bottom = data[-1] | ||
| if boundary_top != boundary_bottom[:-2]: | ||
| raise ValueError("Invalid boundary") |
There was a problem hiding this comment.
I replaced the assertions as per Python recommendation: asserts could be compiled out so throwing exceptions is the preferred method here.
|
I fixed (well, more like bandaid) the flake8 issues on master so if you rebase travis-ci should pass on this PR. |
|
Also as far as reporting goes, let me know if you have any feedback on #37 |
|
Does this mean we can merge these changes into master or do you need anything from me before making that merge? |
| <AdhocReportConfig format="{format}" template-id="{template_id}"> | ||
| <Filters> | ||
| <filter type="scan" id="{0}" /> | ||
| <filter type="scan" id="{scan_id}" /> |
There was a problem hiding this comment.
where does scan_id come from?
There was a problem hiding this comment.
It comes from id as part of the method signature. It's always been there, I just renamed it for clarity.
|
These changes are published in v0.1.7, available on pypi now. |
|
That was really fast, thank you! |
Tags & Unique Identifiers are now supported similar to the Ruby client. Adhoc reports can be generated in more than XML.
Description
See commit messages for more details. They outline each change.
Motivation and Context
These changes are needed for our use case of Nexpose. All changes are backwards-compatible improvements which is why they are in a PR.
How Has This Been Tested?
No additional tests have been added but all changes have been verified and are being used by our code. All old tests still work (which is expected given that all changes are backwards-compatible). Changes have only been tested in Python 3. The only potential problem is the new CSV parsing function which has been explicitly tested & verified for Python 2 as well.
Types of changes
Checklist:
There's no docs for any of the areas I touched so I didn't add any either. Same goes for tests.