Documentation ¶
Index ¶
- Constants
- Variables
- func ContextWithUser(ctx context.Context, u User) context.Context
- func ValidAssetType(assetTypeName string) bool
- type Asset
- type AssetAnnotation
- type AssetAnnotations
- type AssetAnnotationsMap
- type AssetAnnotationsResponse
- type AssetCreationResponse
- type AssetGroup
- type AssetGroupResponse
- type AssetMergeOperations
- type AssetResponse
- type AssetType
- type AssetTypeResponse
- type AssetsGroupResponse
- type AuthService
- type ChecktypeSetting
- type ChecktypeSettingResponse
- type CreateTarget
- type Finding
- type FindingOverwrite
- type FindingOverwriteResponse
- type FindingsIssuesList
- type FindingsLabels
- type FindingsList
- type FindingsParams
- type FindingsTargetsList
- type GlobalProgramsMetadata
- type Group
- type GroupResponse
- type Healthcheck
- type HealthcheckResponse
- type Job
- type JobResponse
- type JobResult
- type JobResultResponse
- type JobStatus
- type JobsClient
- type JobsRunner
- type MemberResponse
- type Pagination
- type PaginationInfo
- type Policy
- type PolicyGroup
- type PolicyResponse
- type Program
- type ProgramResponse
- type ProgramsGroupsPolicies
- type ROLFP
- func (r ROLFP) Level() byte
- func (r ROLFP) MarshalJSON() ([]byte, error)
- func (r *ROLFP) MarshalText() (text []byte, err error)
- func (r *ROLFP) Scan(value interface{}) error
- func (r ROLFP) String() string
- func (r *ROLFP) UnmarshalJSON(b []byte) error
- func (r *ROLFP) UnmarshalText(txt []byte) error
- func (r *ROLFP) Validate() error
- func (r *ROLFP) Value() (driver.Value, error)
- type Recipient
- type RecipientResponse
- type Report
- type ReportEmailResponse
- type ReportResponse
- type Role
- type Scan
- type ScanResponse
- type ScheduleResponse
- type StatsAssets
- type StatsCoverage
- type StatsCurrentExposure
- type StatsExposure
- type StatsFixed
- type StatsMTTR
- type StatsOpen
- type StatsParams
- type Status
- type Target
- type TargetsList
- type TargetsParams
- type Team
- type TeamMembersReponse
- type TeamResponse
- type Token
- type UpdateFinding
- type User
- type UserResponse
- type UserStore
- type UserTeam
- type VulcanitoService
- type VulcanitoStore
Constants ¶
const ( // Assets discovered by Redcon. DiscoveredAssetsGroupName = "security-team-discovered-assets" // Assets discovered by the Common Platform. CPDiscoveredAssetsGroupName = "cp-discovered-assets" WebScanningAssetsGroupName = "web-scanning" )
const DiscoveredAssetsGroupSuffix = "-discovered-assets"
DiscoveredAssetsGroupSuffix is used by the Merge Discovered Assets feature to restrict the discovery onboarding to Groups with a name containing that suffix.
Variables ¶
var ( // ErrInvalidProgramGroupPolicy is returned when any of the groups of // policies in a program does not have ErrInvalidProgramGroupPolicy = errors.New("the program must have, at least, one asset and one checktype") // ErrNoProgramsGroupsPolicies is returned when there are any policy group // with, at least, one asset and checktype. ErrNoProgramsGroupsPolicies = errors.New("no PoliciesGroups defined in the current program") )
var DefaultROLFP = &ROLFP{ Reputation: 1, Operation: 1, Legal: 1, Financial: 1, Personal: 1, Scope: 2, IsEmpty: false, }
var ErrROLFPInvalidText = "invalid ROLFP representation"
Functions ¶
func ValidAssetType ¶
ValidAssetType indicates if the asset type name exists in Vulcan.
Types ¶
type Asset ¶
type Asset struct { ID string `gorm:"primary_key;AUTO_INCREMENT" json:"id" sql:"DEFAULT:gen_random_uuid()"` TeamID string `json:"team_id" validate:"required"` Team *Team `json:"team,omitempty"` // This line is infered from column name "team_id". AssetTypeID string `json:"asset_type_id" validate:"required"` AssetType *AssetType `json:"asset_type"` // This line is infered from column name "asset_type_id". Identifier string `json:"identifier" validate:"required"` Alias string `json:"alias"` Options *string `json:"options"` EnvironmentalCVSS *string `json:"environmental_cvss"` ROLFP *ROLFP `json:"rolfp" sql:"DEFAULT:'R:1/O:1/L:1/F:1/P:1+S:2'"` Scannable *bool `json:"scannable" gorm:"default:true"` AssetGroups []*AssetGroup `json:"groups"` // This line is infered from other tables. AssetAnnotations []*AssetAnnotation `json:"annotations"` // This line is infered from other tables. CreatedAt time.Time `json:"-"` UpdatedAt time.Time `json:"-"` ClassifiedAt *time.Time `json:"classified_at"` }
func (Asset) ToResponse ¶
func (a Asset) ToResponse() AssetResponse
type AssetAnnotation ¶
type AssetAnnotation struct { AssetID string `gorm:"primary_key" json:"asset_id" validate:"required"` Asset *Asset `json:"asset"` // This line is infered from column name "asset_id". Key string `gorm:"primary_key" json:"key" validate:"required"` Value string `json:"value"` CreatedAt time.Time `json:"-"` UpdatedAt time.Time `json:"-"` }
func (AssetAnnotation) Validate ¶
func (an AssetAnnotation) Validate() error
type AssetAnnotations ¶
type AssetAnnotations []*AssetAnnotation
func (AssetAnnotations) ToMap ¶
func (ans AssetAnnotations) ToMap() AssetAnnotationsMap
func (AssetAnnotations) ToResponse ¶
func (ans AssetAnnotations) ToResponse() AssetAnnotationsResponse
type AssetAnnotationsMap ¶
func (AssetAnnotationsMap) Matches ¶
func (ans AssetAnnotationsMap) Matches(annotations AssetAnnotationsMap, prefix string) bool
Matches returns true if the current object exactly matches (both key and value) the asset annotation map passed as parameter. If a prefix is specified, only the keys matching the prefix are evaluated
func (AssetAnnotationsMap) Merge ¶
func (ans AssetAnnotationsMap) Merge(annotations AssetAnnotationsMap, prefix string) AssetAnnotationsMap
Merge takes an annotation map as input and merges it into the "base" annotation map, giving priority to the values of the former. If a prefix is specified, elements from the "base" map whose keys match the prefix are discarded
func (AssetAnnotationsMap) ToModel ¶
func (anm AssetAnnotationsMap) ToModel() AssetAnnotations
type AssetAnnotationsResponse ¶
type AssetAnnotationsResponse struct {
Annotations AssetAnnotationsMap `json:"annotations"`
}
type AssetCreationResponse ¶
type AssetCreationResponse struct { ID string `json:"id,omitempty"` Identifier string `json:"identifier"` AssetType AssetTypeResponse `json:"type"` // This line is infered from column name "asset_type_id". Alias string `json:"alias"` Options *string `json:"options"` EnvironmentalCVSS *string `json:"environmental_cvss"` ROLFP *ROLFP `json:"rolfp"` Scannable *bool `json:"scannable"` ClassifiedAt *time.Time `json:"classified_at"` Status interface{} `json:"status,omitempty"` }
type AssetGroup ¶
type AssetGroup struct { AssetID string `gorm:"primary_key;AUTO_INCREMENT" json:"asset_id" validate:"required"` Asset *Asset `json:"asset"` // This line is infered from column name "asset_id". GroupID string `gorm:"primary_key;AUTO_INCREMENT" json:"group_id" validate:"required"` Group *Group `json:"group"` // This line is infered from column name "group_id". CreatedAt time.Time `json:"-"` UpdatedAt time.Time `json:"-"` }
func (AssetGroup) TableName ¶
func (AssetGroup) TableName() string
Overwrite gorm default pluralized table name convention
func (AssetGroup) ToResponse ¶
func (ag AssetGroup) ToResponse() AssetGroupResponse
func (AssetGroup) Validate ¶
func (ag AssetGroup) Validate() error
type AssetGroupResponse ¶
type AssetGroupResponse struct { Asset AssetResponse `json:"asset"` Group GroupResponse `json:"group"` }
type AssetMergeOperations ¶
type AssetMergeOperations struct { // Create assets that didn't exist yet in the team. Create []Asset // Associate already existing asset to the discovery group. Assoc []Asset // Update assets that were already existing (e.g. the scannable field or // the annotations) Update []Asset // Deassociate assets that haven't been discovered in the current discovery // operation, but that belong to other groups. Deassoc []Asset // Delete assets that haven't been discovered in the current discovery // operation and do not belong to other groups. Del []Asset // The team where the operations will be performed. TeamID string // The discovery group. Group Group }
AssetMergeOperations defines a set of operations to perform when merging a list of assets requested by a discovery service.
type AssetResponse ¶
type AssetResponse struct { ID string `json:"id"` AssetType AssetTypeResponse `json:"type"` // This line is infered from column name "asset_type_id". Identifier string `json:"identifier"` Alias string `json:"alias"` Options *string `json:"options"` EnvironmentalCVSS *string `json:"environmental_cvss"` ROLFP *ROLFP `json:"rolfp"` Scannable *bool `json:"scannable"` ClassifiedAt *time.Time `json:"classified_at"` Groups []*GroupResponse `json:"groups"` Annotations AssetAnnotationsMap `json:"annotations"` }
type AssetType ¶
type AssetType struct { ID string `gorm:"primary_key;AUTO_INCREMENT" json:"id" sql:"DEFAULT:gen_random_uuid()"` Name string `json:"name"` Assets []*Asset `json:"assets"` // This line is infered from other tables. }
func (AssetType) ToResponse ¶
func (at AssetType) ToResponse() AssetTypeResponse
type AssetTypeResponse ¶
type AssetsGroupResponse ¶
type AssetsGroupResponse struct { Assets []AssetResponse `json:"assets"` Group GroupResponse `json:"group"` }
type AuthService ¶
type AuthService interface { AuthTenant(ctx context.Context, request interface{}) (tenant interface{}, passThrough bool, err error) AuthRol(ctx context.Context, tenant interface{}) (bool, error) }
AuthService defines the exposed functions of an authorization service.
type ChecktypeSetting ¶
type ChecktypeSetting struct { ID string `gorm:"primary_key;AUTO_INCREMENT" json:"id" sql:"DEFAULT:gen_random_uuid()"` PolicyID string `json:"policy_id"` Policy *Policy `json:"policy"` // This line is infered from column name "policy_id". CheckTypeName string `json:"checktype_name"` Options *string `json:"options"` CreatedAt *time.Time `json:"-"` UpdatedAt *time.Time `json:"-"` }
func (ChecktypeSetting) ToResponse ¶
func (c ChecktypeSetting) ToResponse() *ChecktypeSettingResponse
func (ChecktypeSetting) Validate ¶
func (c ChecktypeSetting) Validate() error
type CreateTarget ¶
CreateTarget specifies the payload for the vulnerability DB create target endpoint.
type Finding ¶
type Finding struct {
Finding vulndb.FindingExpanded `json:"finding"`
}
Finding represents the response data returned from the vulnerability DB for the get finding request.
type FindingOverwrite ¶
type FindingOverwrite struct { ID string `gorm:"primary_key;AUTO_INCREMENT" json:"id" sql:"DEFAULT:gen_random_uuid()"` UserID string `json:"user_id" validate:"required"` User *User `json:"user,omitempty"` // This line is infered from column name "user_id". FindingID string `json:"finding_id" validate:"required"` StatusPrevious string `json:"status_previous" validate:"required"` Status string `json:"status" validate:"required"` Notes string `json:"notes" validate:"required"` Tag string `json:"tag" validate:"required"` CreatedAt time.Time `json:"-"` }
func (FindingOverwrite) ToResponse ¶
func (fr FindingOverwrite) ToResponse() FindingOverwriteResponse
type FindingsIssuesList ¶
type FindingsIssuesList struct { Issues []vulndb.IssueSummary `json:"issues"` Pagination PaginationInfo `json:"pagination"` }
FindingsIssuesList represents the response data returned from the vulnerability DB for the issues summary request.
type FindingsLabels ¶
type FindingsLabels struct {
Labels []string `json:"labels"`
}
FindingsLabels represents the response data returned from the vulnerability DB for the list labels request.
type FindingsList ¶
type FindingsList struct { Findings []vulndb.FindingExpanded `json:"findings"` Pagination PaginationInfo `json:"pagination"` }
FindingsList represents the response data returned from the vulnerability DB for a findings requests.
type FindingsParams ¶
type FindingsParams struct { Tag string Status string MinScore float64 MaxScore float64 AtDate string MinDate string MaxDate string SortBy string IssueID string TargetID string Identifier string IdentifierMatch bool Identifiers string Labels string }
FindingsParams represents the group of parameters that can be used to customize the call to retrieve the list of findings.
type FindingsTargetsList ¶
type FindingsTargetsList struct { Targets []vulndb.TargetSummary `json:"targets"` Pagination PaginationInfo `json:"pagination"` }
FindingsTargetsList represents the response data returned from the vulnerability DB for the targets summary request.
type GlobalProgramsMetadata ¶
type GlobalProgramsMetadata struct { TeamID string `gorm:"primary_key"` Program string `gorm:"primary_key"` Autosend *bool Disabled *bool Cron string `gorm:"-" json:"cron"` // A program can have empty cron expression, e.g: a program to be run on demand. CreatedAt *time.Time UpdatedAt *time.Time }
GlobalProgramsMetadata defines the shape of the metadata stored per team for a given global program.
type Group ¶
type Group struct { ID string `gorm:"primary_key;AUTO_INCREMENT" json:"id" sql:"DEFAULT:gen_random_uuid()"` TeamID string `json:"team_id"` Team *Team `json:"team"` // This line is infered from column name "team_id". Name string `json:"name" validate:"required"` Options string `json:"options"` AssetGroup []*AssetGroup `json:"asset_group"` // This line is infered from other tables. Description *string `json:"description,omitempty"` CreatedAt time.Time `json:"-"` UpdatedAt time.Time `json:"-"` }
func (Group) ToResponse ¶
func (g Group) ToResponse() *GroupResponse
type GroupResponse ¶
type Healthcheck ¶
type Healthcheck struct {
Status string `json:"status" validate:"required"`
}
Healthcheck ....
func (Healthcheck) ToResponse ¶
func (h Healthcheck) ToResponse() HealthcheckResponse
ToResponse ...
type HealthcheckResponse ¶
type HealthcheckResponse struct {
Status string `json:"status"`
}
HealthcheckResponse ...
type Job ¶
type Job struct { ID string `gorm:"primary_key:true"` TeamID string `gorm:"Column:team_id"` Operation string `validate:"required"` // Status possible values are: // - PENDING // - RUNNING // - DONE Status JobStatus `validate:"required"` Result *JobResult `gorm:"Column:result"` CreatedAt time.Time UpdatedAt time.Time }
Job contains the status information of an asynchronous operation.
In case of non-global operations it also contains the team ID associated to the operation.
func (Job) ToResponse ¶
func (j Job) ToResponse() *JobResponse
type JobResponse ¶
type JobResponse struct { ID string `json:"id"` TeamID string `json:"team_id,omitempty"` Operation string `json:"operation"` Status JobStatus `json:"status"` Result JobResultResponse `json:"result"` }
JobResponse represents the data for a Job that is returned as a response to Job queries through the API.
type JobResult ¶
type JobResult struct { Data json.RawMessage `json:"data"` Error string `json:"error"` }
JobResult represents the result of a job. Data and Error fields are unstructured JSON fields which content may vary per each operation.
func (*JobResult) Scan ¶
Scan scans value into Jsonb, implements sql.Scanner interface. This method is necessary for GORM to known how to receive/save it into the database. Reference: https://gorm.io/docs/data_types.html
type JobResultResponse ¶
type JobsClient ¶
type JobsClient interface { MergeDiscoveredAssets(ctx context.Context, teamID string, assets []Asset, groupName string) error FindJob(ctx context.Context, jobID string) (*Job, error) UpdateJob(ctx context.Context, job Job) (*Job, error) }
JobsClient defines the API service layer methods exposd by the JobsRunner.
type JobsRunner ¶
type JobsRunner struct {
Client JobsClient
}
JobsRunner is a dependency used by the CDC parser to execute async API jobs, providing a limited access to the API service layer.
type MemberResponse ¶
type MemberResponse struct { User UserResponse `json:"user"` Role Role `json:"role"` }
type Pagination ¶
Pagination represents the pagination data requested.
type PaginationInfo ¶
type PaginationInfo struct { Limit int `json:"limit"` Offset int `json:"offset"` Total int `json:"total"` More bool `json:"more"` }
PaginationInfo represents the pagination data provided for each vulnerability DB response.
type Policy ¶
type Policy struct { ID string `gorm:"primary_key;AUTO_INCREMENT" json:"id" sql:"DEFAULT:gen_random_uuid()"` TeamID string `json:"team_id"` Team *Team `json:"team"` // This line is infered from other tables. Name string `json:"name" validate:"required"` ChecktypeSettings []*ChecktypeSetting `json:"checktype_settings"` // This line is infered from other tables. ProgramsGroupsPolicies []*ProgramsGroupsPolicies `json:"program_policies"` // This line is infered from other tables. Description *string `json:"description,omitempty"` CreatedAt *time.Time `json:"-"` UpdatedAt *time.Time `json:"-"` }
func (Policy) ToResponse ¶
func (p Policy) ToResponse() *PolicyResponse
type PolicyGroup ¶
type PolicyGroup struct { Group *GroupResponse `json:"group"` Policy *PolicyResponse `json:"policy"` }
type PolicyResponse ¶
type Program ¶
type Program struct { ID string `gorm:"primary_key;AUTO_INCREMENT" json:"id" sql:"DEFAULT:gen_random_uuid()"` TeamID string Team *Team ProgramsGroupsPolicies []*ProgramsGroupsPolicies `json:"program_policies" validate:"required"` Name string `json:"name" validate:"required"` Cron string `gorm:"-" json:"cron"` // A program can have empty cron expression, e.g: a program to be run on demand. Autosend *bool `json:"autosend"` Disabled *bool `json:"disabled"` Global *bool `gorm:"-" json:"global"` CreatedAt *time.Time `json:"-"` UpdatedAt *time.Time `json:"-"` }
func (Program) ToResponse ¶
func (p Program) ToResponse() *ProgramResponse
func (Program) ValidateGroupsPolicies ¶
ValidateGroupsPolicies validates that at least one of the groups policies in a program have, at least, one asset and one checktype.
type ProgramResponse ¶
type ProgramResponse struct { ID string `json:"id"` Name string `json:"name"` Global bool `json:"global"` Schedule ScheduleResponse `json:"schedule"` Autosend bool `json:"autosend"` Disabled bool `json:"disabled"` PolicyGroups []PolicyGroup `json:"policy_groups"` }
type ProgramsGroupsPolicies ¶
type ProgramsGroupsPolicies struct { ProgramID string `gorm:"primary_key" json:"program_id" validate:"required"` Program *Program PolicyID string `gorm:"primary_key" json:"policy_id" validate:"required"` Policy *Policy GroupID string `gorm:"primary_key" json:"group_id" validate:"required"` Group *Group }
ProgramsGroupsPolicies defines the association between a group and a policy in a program.
func (ProgramsGroupsPolicies) Validate ¶
func (p ProgramsGroupsPolicies) Validate() error
Validate that the ProgramsGroupsPolicies have, at least, one asset and one checktype in the groups policies list.
type ROLFP ¶
type ROLFP struct { Reputation byte Operation byte Legal byte Financial byte Personal byte Scope byte IsEmpty bool }
ROLFP stores the vector containing the dimensions we use to classify the impact of an asset.
func (ROLFP) Level ¶
Level return the corresponding level of the ROLFP according to the following rules: Level 0: Accounts meeting none of the ROLFP criteria. Level 1: Accounts meeting 1 or 2 of the ROLFP criteria. Level 2: Accounts either:
Meeting 3 or more of the ROLFP criteria. With unknown scope, that is scope 2
If the rolfp is empty the level will be 2.
func (ROLFP) MarshalJSON ¶
MarshalJSON marshals a ROLFP to JSON.
func (*ROLFP) MarshalText ¶
MarshalText marshals the receiver into its text representation.
func (ROLFP) String ¶
String returns the representation of the ROLFP in the form: R:0/O:0/L:0/F:0/P:0+S:0
func (*ROLFP) UnmarshalJSON ¶
UnmarshalJSON unmarshals a ROLFP encoded in the form: R:0/O:0/L:0/F:0/P:0+S:0.
func (*ROLFP) UnmarshalText ¶
UnmarshalText unmarsharls the text representation of a ROLFP into the receiver. The function will override any value stored in the fields of the receiver with the values in the txt param.
type Recipient ¶
type Recipient struct { TeamID string `json:"team_id" gorm:"primary_key"` Email string `json:"email" gorm:"primary_key"` CreatedAt time.Time `json:"-"` UpdatedAt time.Time `json:"-"` }
func (Recipient) ToResponse ¶
func (r Recipient) ToResponse() *RecipientResponse
type RecipientResponse ¶
type RecipientResponse struct {
Email string `json:"email"`
}
type Report ¶
type Report struct { ID string `json:"id"` ScanID string `json:"scan_id"` ProgramName string `json:"program_name"` Report string `json:"report"` ReportJson string `json:"report_json"` EmailBody string `json:"email_body"` DeliveredTo string `json:"delivered_to"` UpdateStatusAt *time.Time `json:"update_status_at"` Status string `json:"status"` Risk *int `json:"risk"` CreatedAt *time.Time `json:"-"` UpdatedAt *time.Time `json:"-"` }
func (Report) ToEmailResponse ¶
func (r Report) ToEmailResponse() *ReportEmailResponse
func (Report) ToResponse ¶
func (r Report) ToResponse() *ReportResponse
type ReportEmailResponse ¶
type ReportEmailResponse struct {
EmailBody string `json:"email_body"`
}
type ReportResponse ¶
type ReportResponse struct { ReportID string `json:"report_id"` ScanID string `json:"scan_id"` ProgramName string `json:"program_name"` Report string `json:"report"` ReportJson string `json:"report_json"` Status string `json:"status"` DeliveredTo string `json:"delivered_to"` Risk *int `json:"risk"` }
type Scan ¶
type Scan struct { ID string `gorm:"primary_key;AUTO_INCREMENT" json:"id" sql:"DEFAULT:gen_random_uuid()"` ProgramID string `json:"program_id" validate:"required"` Program *Program `json:"program"` ScheduledTime *time.Time `json:"scheduled_time"` StartTime *time.Time `json:"start_time"` EndTime *time.Time `json:"end_time"` Progress *float32 `json:"progress"` Status string `json:"status"` CheckCount *int `json:"check_count,omitempty"` RequestedBy string `json:"requested_by"` ReportLink string `json:"report_link"` }
func (Scan) ToResponse ¶
func (s Scan) ToResponse() *ScanResponse
type ScanResponse ¶
type ScanResponse struct { ID string `json:"id"` StartTime *time.Time `json:"start_time"` Endtime *time.Time `json:"end_time"` ScheduledTime *time.Time `json:"scheduled_time"` Progress *float32 `json:"progress"` CheckCount *int `json:"check_count,omitempty"` Status string `json:"status"` RequestedBy string `json:"requested_by"` ReportLink string `json:"report_link,omitempty"` Program *ProgramResponse `json:"program"` }
type ScheduleResponse ¶
type ScheduleResponse struct {
Cron string `json:"cron"`
}
type StatsAssets ¶
type StatsAssets struct {
Assets vulndb.StatsAssetsSeverity `json:"assets"`
}
StatsAssets represents the stats for assets grouped by severity.
type StatsCoverage ¶
type StatsCoverage struct {
Coverage float64 `json:"coverage"`
}
type StatsCurrentExposure ¶
type StatsCurrentExposure struct {
Exposure vulndb.StatsExposure `json:"current_exposure"`
}
StatsCurrentExposure represents the current exposure time stats by different averages.
type StatsExposure ¶
type StatsExposure struct {
Exposure vulndb.StatsExposure `json:"exposure"`
}
StatsExposure represents the exposure time stats by different averages.
type StatsFixed ¶
type StatsFixed struct {
FixedIssues vulndb.StatsIssueSeverity `json:"fixed_issues"`
}
StatsFixed represents the stats for fixed issues grouped by severity.
type StatsMTTR ¶
type StatsMTTR struct {
MTTR vulndb.StatsMTTRSeverity `json:"mttr"`
}
StatsMTTR represents the mean time to remediation stats by issue severity.
type StatsOpen ¶
type StatsOpen struct {
OpenIssues vulndb.StatsIssueSeverity `json:"open_issues"`
}
StatsOpen represents the stats for open issues grouped by severity.
type StatsParams ¶
type StatsParams struct { Tag string Tags string MinDate string MaxDate string AtDate string MinScore float64 MaxScore float64 Identifiers string Labels string }
StatsParams represents the group of parameters that can be used to customize the call to retrieve the statistics.
type Target ¶
Target represents the response data returned from the vulnerability DB for the create target request.
type TargetsList ¶
type TargetsList struct { Targets []vulndb.Target `json:"targets"` Pagination PaginationInfo `json:"pagination"` }
TargetsList represents the response data returned from the vulnerability DB for the targets list request.
type TargetsParams ¶
TargetsParams represents the group of parameters that can be used to customize the call to retrieve the list of targets.
type Team ¶
type Team struct { ID string `gorm:"primary_key;AUTO_INCREMENT" json:"id" sql:"DEFAULT:gen_random_uuid()"` Name string `json:"name" validate:"required"` Description string `json:"description"` Tag string `json:"tag" validate:"required"` CreatedAt *time.Time `json:"-"` UpdatedAt *time.Time `json:"-"` Assets []*Asset `json:"assets"` // This line is infered from other tables. UserTeam []*UserTeam `json:"user_team"` // This line is infered from other tables. Groups []*Group }
func (Team) ToResponse ¶
func (t Team) ToResponse() *TeamResponse
type TeamMembersReponse ¶
type TeamMembersReponse struct { Team *TeamResponse `json:"team"` Members []MemberResponse `json:"members"` }
type TeamResponse ¶
type Token ¶
type Token struct { Token string `json:"token"` Email string `json:"email"` Hash string `json:"hash"` CreationTime time.Time `json:"creation_time"` }
Token represents a personal API token
type UpdateFinding ¶
type UpdateFinding struct {
Status *string `json:"status"`
}
UpdateFinding represents the payload submitted to update a finding.
type User ¶
type User struct { ID string `gorm:"primary_key:true"` Firstname string Lastname string Email string `validate:"required"` APIToken string `gorm:"Column:api_token"` Active *bool `gorm:"default:true"` Admin *bool `gorm:"default:false"` Observer *bool `gorm:"default:false"` LastLogin *time.Time // A user can belong to multiple teams UserTeams []*UserTeam CreatedAt time.Time UpdatedAt time.Time }
User ...
func (User) ToResponse ¶
func (u User) ToResponse() *UserResponse
type UserResponse ¶
type UserStore ¶
type UserStore interface { Create(User) (User, error) Update(User) (User, error) FindByID(string) (User, error) FindByEmail(string) (User, error) }
UserStore contains methods to manage teams in data store
type UserTeam ¶
type UserTeam struct { UserID string `gorm:"primary_key;AUTO_INCREMENT" json:"user_id" validate:"required"` User *User `json:"user" validate:"-"` TeamID string `gorm:"primary_key;AUTO_INCREMENT" json:"team_id" validate:"required"` Team *Team `json:"team" validate:"-"` Role Role `json:"role"` CreatedAt time.Time `json:"-"` UpdatedAt time.Time `json:"-"` }
UserTeam ...
func (UserTeam) ToResponse ¶
func (ut UserTeam) ToResponse() *MemberResponse
type VulcanitoService ¶
type VulcanitoService interface { // Healthcheck Healthcheck(ctx context.Context) error // Jobs FindJob(ctx context.Context, jobID string) (*Job, error) UpdateJob(ctx context.Context, job Job) (*Job, error) // Users ListUsers(ctx context.Context) ([]*User, error) CreateUser(ctx context.Context, user User) (*User, error) UpdateUser(ctx context.Context, user User) (*User, error) FindUser(ctx context.Context, userID string) (*User, error) DeleteUser(ctx context.Context, userID string) error GenerateAPIToken(ctx context.Context, userID string) (*Token, error) // Teams CreateTeam(ctx context.Context, team Team, ownerEmail string) (*Team, error) UpdateTeam(ctx context.Context, team Team) (*Team, error) FindTeam(ctx context.Context, teamID string) (*Team, error) FindTeamByTag(ctx context.Context, tag string) (*Team, error) DeleteTeam(ctx context.Context, teamID string) error ListTeams(ctx context.Context) ([]*Team, error) FindTeamsByUser(ctx context.Context, userID string) ([]*Team, error) // TeamMembers FindTeamMember(ctx context.Context, teamID string, userID string) (*UserTeam, error) CreateTeamMember(ctx context.Context, teamUser UserTeam) (*UserTeam, error) UpdateTeamMember(ctx context.Context, teamUser UserTeam) (*UserTeam, error) DeleteTeamMember(ctx context.Context, teamID string, userID string) error // Recipients UpdateRecipients(ctx context.Context, teamID string, emails []string) error ListRecipients(ctx context.Context, teamID string) ([]*Recipient, error) // Assets ListAssets(ctx context.Context, teamID string, asset Asset) ([]*Asset, error) CreateAssets(ctx context.Context, assets []Asset, groups []Group, annotations []*AssetAnnotation) ([]Asset, error) CreateAssetsMultiStatus(ctx context.Context, assets []Asset, groups []Group, annotations []*AssetAnnotation) ([]AssetCreationResponse, error) MergeDiscoveredAssets(ctx context.Context, teamID string, assets []Asset, groupName string) error MergeDiscoveredAssetsAsync(ctx context.Context, teamID string, assets []Asset, groupName string) (*Job, error) FindAsset(ctx context.Context, asset Asset) (*Asset, error) UpdateAsset(ctx context.Context, asset Asset) (*Asset, error) DeleteAsset(ctx context.Context, asset Asset) error DeleteAllAssets(ctx context.Context, teamID string) error GetAssetType(ctx context.Context, assetTypeName string) (*AssetType, error) // Asset Annotations ListAssetAnnotations(ctx context.Context, teamID string, assetID string) ([]*AssetAnnotation, error) CreateAssetAnnotations(ctx context.Context, teamID string, assetID string, annotations []*AssetAnnotation) ([]*AssetAnnotation, error) UpdateAssetAnnotations(ctx context.Context, teamID string, assetID string, annotations []*AssetAnnotation) ([]*AssetAnnotation, error) PutAssetAnnotations(ctx context.Context, teamID string, assetID string, annotations []*AssetAnnotation) ([]*AssetAnnotation, error) DeleteAssetAnnotations(ctx context.Context, teamID string, assedID string, annotations []*AssetAnnotation) error ListGroups(ctx context.Context, teamID, groupName string) ([]*Group, error) CreateGroup(ctx context.Context, group Group) (*Group, error) FindGroup(ctx context.Context, group Group) (*Group, error) UpdateGroup(ctx context.Context, group Group) (*Group, error) DeleteGroup(ctx context.Context, group Group) error GroupAsset(ctx context.Context, assetGroup AssetGroup, teamID string) (*AssetGroup, error) UngroupAsset(ctx context.Context, assetGroup AssetGroup, teamID string) error ListAssetGroup(ctx context.Context, assetGroup AssetGroup, teamID string) ([]*Asset, error) ListPrograms(ctx context.Context, teamID string) ([]*Program, error) CreateProgram(ctx context.Context, program Program, teamID string) (*Program, error) FindProgram(ctx context.Context, programID string, teamID string) (*Program, error) UpdateProgram(ctx context.Context, program Program, teamID string) (*Program, error) DeleteProgram(ctx context.Context, program Program, teamID string) error // Schedules CreateSchedule(ctx context.Context, programID string, cronExpr string, teamID string) (*Program, error) DeleteSchedule(ctx context.Context, programID string, teamID string) (*Program, error) ScheduleGlobalProgram(ctx context.Context, programID string, cronExpr string) error ListPolicies(ctx context.Context, teamID string) ([]*Policy, error) CreatePolicy(ctx context.Context, policy Policy) (*Policy, error) FindPolicy(ctx context.Context, policyID string) (*Policy, error) UpdatePolicy(ctx context.Context, policy Policy) (*Policy, error) DeletePolicy(ctx context.Context, policy Policy) error ListChecktypeSetting(ctx context.Context, policyID string) ([]*ChecktypeSetting, error) CreateChecktypeSetting(ctx context.Context, setting ChecktypeSetting) (*ChecktypeSetting, error) FindChecktypeSetting(ctx context.Context, policyID, checktypeSettingID string) (*ChecktypeSetting, error) UpdateChecktypeSetting(ctx context.Context, checktypeSetting ChecktypeSetting) (*ChecktypeSetting, error) DeleteChecktypeSetting(ctx context.Context, checktypeSettingID string) error ListScans(ctx context.Context, teamID string, programID string) ([]*Scan, error) CreateScan(ctx context.Context, scan Scan, teamID string) (*Scan, error) FindScan(ctx context.Context, scanID, teamID string) (*Scan, error) AbortScan(ctx context.Context, scanID string, teamID string) (*Scan, error) UpdateScan(ctx context.Context, scan Scan) (*Scan, error) DeleteScan(ctx context.Context, scan Scan) error FindReport(ctx context.Context, scanID string) (*Report, error) SendReport(ctx context.Context, scanID, teamID string) error GenerateReport(ctx context.Context, teamID, teamName, scanID string, autosend bool) error RunGenerateReport(ctx context.Context, autosend bool, scanID, programName, teamID, teamName string) error ProcessScanCheckNotification(ctx context.Context, msg []byte) error SendDigestReport(ctx context.Context, teamID string, startDate string, endDate string) error // Stats StatsCoverage(ctx context.Context, teamID string) (*StatsCoverage, error) // VulnerabilityDB Stats ListFindings(ctx context.Context, params FindingsParams, pagination Pagination) (*FindingsList, error) ListFindingsIssues(ctx context.Context, params FindingsParams, pagination Pagination) (*FindingsIssuesList, error) ListFindingsByIssue(ctx context.Context, params FindingsParams, pagination Pagination) (*FindingsList, error) ListFindingsTargets(ctx context.Context, params FindingsParams, pagination Pagination) (*FindingsTargetsList, error) ListFindingsByTarget(ctx context.Context, params FindingsParams, pagination Pagination) (*FindingsList, error) ListFindingsLabels(ctx context.Context, params FindingsParams) (*FindingsLabels, error) FindFinding(ctx context.Context, findingID string) (*Finding, error) CreateFindingOverwrite(ctx context.Context, findingOverwrite FindingOverwrite) error ListFindingOverwrites(ctx context.Context, findingID string) ([]*FindingOverwrite, error) StatsMTTR(ctx context.Context, params StatsParams) (*StatsMTTR, error) StatsExposure(ctx context.Context, params StatsParams) (*StatsExposure, error) StatsCurrentExposure(ctx context.Context, params StatsParams) (*StatsCurrentExposure, error) StatsOpen(ctx context.Context, params StatsParams) (*StatsOpen, error) StatsFixed(ctx context.Context, params StatsParams) (*StatsFixed, error) StatsAssets(ctx context.Context, params StatsParams) (*StatsAssets, error) }
VulcanitoService represents all operations provided by Vulcanito
type VulcanitoStore ¶
type VulcanitoStore interface { Close() error NotFoundError(err error) bool Healthcheck() error FindJob(jobID string) (*Job, error) UpdateJob(job Job) (*Job, error) CreateUserIfNotExists(userData saml.UserData) error ListUsers() ([]*User, error) CreateUser(user User) (*User, error) UpdateUser(user User) (*User, error) FindUserByID(userID string) (*User, error) FindUserByEmail(email string) (*User, error) DeleteUserByID(userID string) error CreateTeam(team Team, ownerEmail string) (*Team, error) UpdateTeam(team Team) (*Team, error) FindTeam(teamID string) (*Team, error) FindTeamByIDForUser(ID, userID string) (*UserTeam, error) FindTeamsByUser(userID string) ([]*Team, error) FindTeamByName(name string) (*Team, error) FindTeamByTag(tag string) (*Team, error) FindTeamByProgram(programID string) (*Team, error) DeleteTeam(teamID string) error ListTeams() ([]*Team, error) CreateTeamMember(teamMember UserTeam) (*UserTeam, error) DeleteTeamMember(teamID string, userID string) error FindTeamMember(teamID string, userID string) (*UserTeam, error) UpdateTeamMember(teamMember UserTeam) (*UserTeam, error) UpdateRecipients(teamID string, emails []string) error ListRecipients(teamID string) ([]*Recipient, error) ListAssets(teamID string, asset Asset) ([]*Asset, error) FindAsset(teamID, assetID string) (*Asset, error) CreateAsset(asset Asset, groups []Group) (*Asset, error) CreateAssets(assets []Asset, groups []Group, annotations []*AssetAnnotation) ([]Asset, error) DeleteAsset(asset Asset) error DeleteAllAssets(teamID string) error UpdateAsset(asset Asset) (*Asset, error) MergeAssets(mergeOps AssetMergeOperations) error MergeAssetsAsync(teamID string, assets []Asset, groupName string) (*Job, error) GetAssetType(assetTypeName string) (*AssetType, error) ListAssetAnnotations(teamID string, assetID string) ([]*AssetAnnotation, error) CreateAssetAnnotations(teamID string, assetID string, annotations []*AssetAnnotation) ([]*AssetAnnotation, error) UpdateAssetAnnotations(teamID string, assetID string, annotations []*AssetAnnotation) ([]*AssetAnnotation, error) PutAssetAnnotations(teamID string, assetID string, annotations []*AssetAnnotation) ([]*AssetAnnotation, error) DeleteAssetAnnotations(teamID string, assetID string, annotations []*AssetAnnotation) error CreateGroup(group Group) (*Group, error) ListGroups(teamID, groupName string) ([]*Group, error) UpdateGroup(group Group) (*Group, error) DeleteGroup(group Group) error FindGroup(group Group) (*Group, error) // FindGroupInfo returns the info of the specified group // without loading the assets and teams associated to it. FindGroupInfo(group Group) (*Group, error) // DisjoinAssetsInGroups returns scanable assets belonging to a team that are in a given // group but not in other groups. DisjoinAssetsInGroups(teamID, inGroupID string, notInGroupIDs []string) ([]*Asset, error) CountAssetsInGroups(teamID string, groupIDs []string) (int, error) GroupAsset(assetsGroup AssetGroup, teamID string) (*AssetGroup, error) ListAssetGroup(assetGroup AssetGroup, teamID string) ([]*AssetGroup, error) UngroupAssets(assetGroup AssetGroup, teamID string) error ListPrograms(teamID string) ([]*Program, error) CreateProgram(program Program, teamID string) (*Program, error) FindProgram(programID string, teamID string) (*Program, error) UpdateProgram(program Program, teamID string) (*Program, error) DeleteProgram(program Program, teamID string) error ListPolicies(teamID string) ([]*Policy, error) CreatePolicy(policy Policy) (*Policy, error) FindPolicy(policyID string) (*Policy, error) UpdatePolicy(policy Policy) (*Policy, error) DeletePolicy(policy Policy) error ListChecktypeSetting(policyID string) ([]*ChecktypeSetting, error) CreateChecktypeSetting(setting ChecktypeSetting) (*ChecktypeSetting, error) FindChecktypeSetting(checktypeSettingID string) (*ChecktypeSetting, error) UpdateChecktypeSetting(checktypeSetting ChecktypeSetting) (*ChecktypeSetting, error) DeleteChecktypeSetting(checktypeSettingID string) error FindGlobalProgramMetadata(programID string, teamID string) (*GlobalProgramsMetadata, error) UpsertGlobalProgramMetadata(teamID, program string, defaultAutosend bool, defaultDisabled bool, defaultCron string, autosend *bool, disabled *bool, cron *string) error DeleteProgramMetadata(program string) error CreateFindingOverwrite(findingOverwrite FindingOverwrite) error ListFindingOverwrites(findingID string) ([]*FindingOverwrite, error) }