Class: Aspisec::Module

Inherits:
Object
  • Object
show all
Defined in:
lib-ruby/aspisec/module.rb

Overview

Generic module class that will be inherited in all modules instances

Defined Under Namespace

Classes: Location

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(conf, tool_name, logger: nil) ⇒ Module

Not meant to be used directly but to be inherited in modules instead

Examples:

conf = Aspisec::Config.new.conf
# you should never do that as you'll get incomplete data and features
sqlmap = Aspisec::Module.new(conf, 'sqlmap')
# rather call the sqlmap module that will inherit this class
sqlmap = Aspisec::Modules::Sqlmap.new(conf)

Parameters:

  • conf (Aspisec::Config)

    an instance of the global configuration

  • tool_name (String)

    The name of the tool. It must match the configuration key.

  • logger (TTY::Logger) (defaults to: nil)

    logger instance. See Logger.
    If none is provided, a default logger with log level 2 is created.
    See Logger::LOG_LEVEL.



43
44
45
46
47
48
49
50
51
52
# File 'lib-ruby/aspisec/module.rb', line 43

def initialize(conf, tool_name, logger: nil)
  @logger = logger || Aspisec::Logger.new.logger
  @name = tool_name
  @logger.debug("Module #{@name} was loaded", app: @name)
  @conf = conf['tools'][tool_name]
  check_config
  @base = Pathname.new(@conf.dig('location', 'base'))
  @enabled = @conf.fetch('enabled', true)
  @locations_list = []
end

Instance Attribute Details

#basePathname (readonly)

The base location (directory) where the tool data is stored.

Returns:

  • (Pathname)

    file path



29
30
31
# File 'lib-ruby/aspisec/module.rb', line 29

def base
  @base
end

#confHash (readonly)

The configuration for the tool.
Sub-tree under tools > tool_name of Config#conf.

Returns:

  • (Hash)


14
15
16
# File 'lib-ruby/aspisec/module.rb', line 14

def conf
  @conf
end

#locations_listArray<String> (readonly)

List of locations (name).
Returns something only on module instances like Aspisec::Modules::Sqlmap.
Will be empty for Aspisec::Module.
For a list of objects, rather use #locations.

Returns:

  • (Array<String>)


25
26
27
# File 'lib-ruby/aspisec/module.rb', line 25

def locations_list
  @locations_list
end

#nameString (readonly)

The name of the tool.

Returns:

  • (String)

    tool name



18
19
20
# File 'lib-ruby/aspisec/module.rb', line 18

def name
  @name
end

Instance Method Details

#check_configObject

Raise an issue if the module configuration is missing



55
56
57
58
59
60
61
62
# File 'lib-ruby/aspisec/module.rb', line 55

def check_config
  return unless @conf.nil?

  message = "Configuration for module #{@name} is missing." \
            'You may use an old version of the configuration file.'
  @logger.error(message, app: @name)
  raise 'Missing configuration for the current module.'
end

#enabled?true|false

Is this module enabled?

Returns:

  • (true|false)


66
67
68
# File 'lib-ruby/aspisec/module.rb', line 66

def enabled?
  @enabled
end

#locationsArray<Location>

Returns all locations available for the tool.
It returns a list Location objects unline #locations_list that returns
only strings (location names).

Returns:



74
75
76
77
78
79
80
# File 'lib-ruby/aspisec/module.rb', line 74

def locations
  # Re-compute what's already cumputed and stored in properties
  # @locations_list.map { |loc| Location.new(@conf, loc) }
  # Access properties rather than re-computing
  # Using send() is safe here because the input is a hadrcaoded whitelist
  @locations_list.map { |loc| send(loc) }
end