Class: VulnType

Inherits:
Object
  • Object
show all
Includes:
DataMapper::Resource
Defined in:
models/vulntype.rb

Overview

Vulnerability types (e.g. Stored XSS). Essentially a specialized RecordType for Vulnerability

Class Method Summary (collapse)

Instance Method Summary (collapse)

Methods included from DataMapper::Resource

#make_dirty

Class Method Details

+ (Integer) cwe_mapping(repository = nil)

Returns The ID of the CWE this VulnType maps to (optional)

Returns:

  • (Integer)

    The ID of the CWE this VulnType maps to (optional)



19
# File 'models/vulntype.rb', line 19

property :cwe_mapping,		Integer

+ (Boolean) enabled(repository = nil)

Returns True if this VulnType is enabled for use in new Vulnerability objects

Returns:

  • (Boolean)

    True if this VulnType is enabled for use in new Vulnerability objects



17
# File 'models/vulntype.rb', line 17

property :enabled,			Boolean, :default => true

+ (Text) enabledRTs(repository = nil)

Returns Comma-separated list of IDs of RecordTypes that use this VulnType

Returns:

  • (Text)

    Comma-separated list of IDs of RecordTypes that use this VulnType



21
# File 'models/vulntype.rb', line 21

property :enabledRTs,		CommaSeparatedList

+ (Integer) enabledSections(repository = nil)

Returns IDs of Sections enabled on this VulnType. From SECT_TYPE enum.

Returns:

  • (Integer)

    IDs of Sections enabled on this VulnType. From SECT_TYPE enum.



22
# File 'models/vulntype.rb', line 22

property :enabledSections,	CommaSeparatedList

+ (Array<VulnType>) getByRecordType(rtid)

Get all VulnTypes enabled for a specific RecordType

Parameters:

  • rtid (Integer)

    ID of RecordType to get VulnTypes for

Returns:

  • (Array<VulnType>)

    VulnTypes enabled and enabled for given RecordType



47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
# File 'models/vulntype.rb', line 47

def self.getByRecordType(rtid)
	ret = Array.new

	all(:enabled => true).each do |vt|
		types = vt.enabledRTs
		if(!types.nil?)
			types.each do |t|
				if(t.to_i == rtid.to_i)
					ret << vt
					break
				end
			end
		end
	end

	return ret
end

+ (VulnType) getTypeByName(name)

Get VulnType object based on name

Parameters:

  • name (String)

    Name of VulnType to get

Returns:

  • (VulnType)

    first matching VulnType



39
40
41
# File 'models/vulntype.rb', line 39

def self.getTypeByName(name)
	first(:conditions => ["lower(name) = ?", name.downcase])
end

+ (String) html(repository = nil)

Returns HTML describing the Vulnerability to be used in exported reports

Returns:

  • (String)

    HTML describing the Vulnerability to be used in exported reports



16
# File 'models/vulntype.rb', line 16

property :html,				Text

+ (Integer) id(repository = nil)

Returns Primary Key

Returns:

  • (Integer)

    Primary Key



13
# File 'models/vulntype.rb', line 13

property :id,				Serial

+ (String) label(repository = nil)

Returns VulnType label (for export/public reports)

Returns:

  • (String)

    VulnType label (for export/public reports)



15
# File 'models/vulntype.rb', line 15

property :label,			String, :length => 100

+ (String) name(repository = nil)

Returns VulnType Name (for internal use)

Returns:

  • (String)

    VulnType Name (for internal use)



14
# File 'models/vulntype.rb', line 14

property :name,				String, :length => 100

+ (Integer) priority(repository = nil)

Returns Default priority level for this VulnType. Can be overridden by Vulnerability. 0 => Critical, 1 => High, 2 => Medium, 3 => Low, 4 => Informational

Returns:

  • (Integer)

    Default priority level for this VulnType. Can be overridden by Vulnerability. 0 => Critical, 1 => High, 2 => Medium, 3 => Low, 4 => Informational



18
# File 'models/vulntype.rb', line 18

property :priority,			Integer

Instance Method Details

Returns Link to CWE definition on Mitre's website if CWE-mapping exists

Returns:

  • (String)

    Link to CWE definition on Mitre's website if CWE-mapping exists



67
68
69
70
71
72
73
# File 'models/vulntype.rb', line 67

def cwe_link
	if(self.cwe_mapping.nil? || self.cwe_mapping <= 0)
		return nil
	else
		return "https://cwe.mitre.org/data/definitions/#{self.cwe_mapping}.html"
	end
end

- (Integer) cwe_mapping

Returns The ID of the CWE this VulnType maps to (optional)

Returns:

  • (Integer)

    The ID of the CWE this VulnType maps to (optional)



19
# File 'models/vulntype.rb', line 19

property :cwe_mapping,		Integer

- (Integer) cwe_mapping=(value)

Returns The ID of the CWE this VulnType maps to (optional)

Returns:

  • (Integer)

    The ID of the CWE this VulnType maps to (optional)



19
# File 'models/vulntype.rb', line 19

property :cwe_mapping,		Integer

- (Boolean) enabled

Returns True if this VulnType is enabled for use in new Vulnerability objects

Returns:

  • (Boolean)

    True if this VulnType is enabled for use in new Vulnerability objects



17
# File 'models/vulntype.rb', line 17

property :enabled,			Boolean, :default => true

- (Boolean) enabled=(value)

Returns True if this VulnType is enabled for use in new Vulnerability objects

Returns:

  • (Boolean)

    True if this VulnType is enabled for use in new Vulnerability objects



17
# File 'models/vulntype.rb', line 17

property :enabled,			Boolean, :default => true

- (Text) enabledRTs

Returns Comma-separated list of IDs of RecordTypes that use this VulnType

Returns:

  • (Text)

    Comma-separated list of IDs of RecordTypes that use this VulnType



21
# File 'models/vulntype.rb', line 21

property :enabledRTs,		CommaSeparatedList

- (Text) enabledRTs=(value)

Returns Comma-separated list of IDs of RecordTypes that use this VulnType

Returns:

  • (Text)

    Comma-separated list of IDs of RecordTypes that use this VulnType



21
# File 'models/vulntype.rb', line 21

property :enabledRTs,		CommaSeparatedList

- (Integer) enabledSections

Returns IDs of Sections enabled on this VulnType. From SECT_TYPE enum.

Returns:

  • (Integer)

    IDs of Sections enabled on this VulnType. From SECT_TYPE enum.



22
# File 'models/vulntype.rb', line 22

property :enabledSections,	CommaSeparatedList

- (Integer) enabledSections=(value)

Returns IDs of Sections enabled on this VulnType. From SECT_TYPE enum.

Returns:

  • (Integer)

    IDs of Sections enabled on this VulnType. From SECT_TYPE enum.



22
# File 'models/vulntype.rb', line 22

property :enabledSections,	CommaSeparatedList

- (String) getLabel

Get functional VulnType label. Returns label if one exists, otherwise name.

Returns:

  • (String)

    Label of VulnType to use in reporting



27
28
29
30
31
32
33
# File 'models/vulntype.rb', line 27

def getLabel
	if(self.label.nil? || self.label.strip.empty?)
		return self.name
	else
		return self.label
	end
end

- (String) html

Returns HTML describing the Vulnerability to be used in exported reports

Returns:

  • (String)

    HTML describing the Vulnerability to be used in exported reports



16
# File 'models/vulntype.rb', line 16

property :html,				Text

- (String) html=(value)

Returns HTML describing the Vulnerability to be used in exported reports

Returns:

  • (String)

    HTML describing the Vulnerability to be used in exported reports



16
# File 'models/vulntype.rb', line 16

property :html,				Text

- (Integer) id

Returns Primary Key

Returns:

  • (Integer)

    Primary Key



13
# File 'models/vulntype.rb', line 13

property :id,				Serial

- (Integer) id=(value)

Returns Primary Key

Returns:

  • (Integer)

    Primary Key



13
# File 'models/vulntype.rb', line 13

property :id,				Serial

- (String) label

Returns VulnType label (for export/public reports)

Returns:

  • (String)

    VulnType label (for export/public reports)



15
# File 'models/vulntype.rb', line 15

property :label,			String, :length => 100

- (String) label=(value)

Returns VulnType label (for export/public reports)

Returns:

  • (String)

    VulnType label (for export/public reports)



15
# File 'models/vulntype.rb', line 15

property :label,			String, :length => 100

- (String) name

Returns VulnType Name (for internal use)

Returns:

  • (String)

    VulnType Name (for internal use)



14
# File 'models/vulntype.rb', line 14

property :name,				String, :length => 100

- (String) name=(value)

Returns VulnType Name (for internal use)

Returns:

  • (String)

    VulnType Name (for internal use)



14
# File 'models/vulntype.rb', line 14

property :name,				String, :length => 100

- (Integer) priority

Returns Default priority level for this VulnType. Can be overridden by Vulnerability. 0 => Critical, 1 => High, 2 => Medium, 3 => Low, 4 => Informational

Returns:

  • (Integer)

    Default priority level for this VulnType. Can be overridden by Vulnerability. 0 => Critical, 1 => High, 2 => Medium, 3 => Low, 4 => Informational



18
# File 'models/vulntype.rb', line 18

property :priority,			Integer

- (Integer) priority=(value)

Returns Default priority level for this VulnType. Can be overridden by Vulnerability. 0 => Critical, 1 => High, 2 => Medium, 3 => Low, 4 => Informational

Returns:

  • (Integer)

    Default priority level for this VulnType. Can be overridden by Vulnerability. 0 => Critical, 1 => High, 2 => Medium, 3 => Low, 4 => Informational



18
# File 'models/vulntype.rb', line 18

property :priority,			Integer