Documentation
¶
Index ¶
- Constants
- Variables
- func ContextWithUser(ctx context.Context, u User) context.Context
- func ValidAssetType(assetTypeName string) bool
- type Asset
- type AssetAnnotation
- type AssetAnnotations
- type AssetAnnotationsMap
- type AssetAnnotationsResponse
- type AssetCreationResponse
- type AssetGroup
- type AssetGroupResponse
- type AssetMergeOperations
- type AssetResponse
- type AssetType
- type AssetTypeResponse
- type AssetsGroupResponse
- type AuthService
- type ChecktypeSetting
- type ChecktypeSettingResponse
- type CreateTarget
- type Finding
- type FindingExpanded
- type FindingOverwrite
- type FindingOverwriteResponse
- type FindingTicketCreate
- type FindingTicketCreateResponse
- type FindingsIssuesList
- type FindingsLabels
- type FindingsList
- type FindingsParams
- type FindingsTargetsList
- type GlobalProgramsMetadata
- type GlobalStatsParams
- type Group
- type GroupResponse
- type Healthcheck
- type HealthcheckResponse
- type Job
- type JobResponse
- type JobResult
- type JobResultResponse
- type JobStatus
- type JobsClient
- type JobsRunner
- type MemberResponse
- type Pagination
- type PaginationInfo
- type Policy
- type PolicyGroup
- type PolicyResponse
- type Program
- type ProgramResponse
- type ProgramsGroupsPolicies
- type ROLFP
- func (r ROLFP) Level() byte
- func (r ROLFP) MarshalJSON() ([]byte, error)
- func (r *ROLFP) MarshalText() (text []byte, err error)
- func (r *ROLFP) Scan(value interface{}) error
- func (r ROLFP) String() string
- func (r *ROLFP) UnmarshalJSON(b []byte) error
- func (r *ROLFP) UnmarshalText(txt []byte) error
- func (r *ROLFP) Validate() error
- func (r *ROLFP) Value() (driver.Value, error)
- type Recipient
- type RecipientResponse
- type Report
- type ReportEmailResponse
- type ReportResponse
- type Role
- type Scan
- type ScanResponse
- type ScheduleResponse
- type StatsAssets
- type StatsCoverage
- type StatsCurrentExposure
- type StatsExposure
- type StatsFixed
- type StatsMTTR
- type StatsOpen
- type StatsParams
- type Status
- type Target
- type TargetsList
- type TargetsParams
- type Team
- type TeamMembersReponse
- type TeamResponse
- type Ticket
- type Token
- type UpdateFinding
- type User
- type UserResponse
- type UserStore
- type UserTeam
- type VulcanitoService
- type VulcanitoStore
Constants ¶
View Source
const ( // Assets discovered by Redcon. DiscoveredAssetsGroupName = "security-team-discovered-assets" // Assets discovered by the Common Platform. CPDiscoveredAssetsGroupName = "cp-discovered-assets" WebScanningAssetsGroupName = "web-scanning" )
View Source
const DiscoveredAssetsGroupSuffix = "-discovered-assets"
DiscoveredAssetsGroupSuffix is used by the Merge Discovered Assets feature to restrict the discovery onboarding to Groups with a name containing that suffix.
Variables ¶
View Source
var ( // ErrInvalidProgramGroupPolicy is returned when any of the groups of // policies in a program does not have ErrInvalidProgramGroupPolicy = errors.New("the program must have, at least, one asset and one checktype") // ErrNoProgramsGroupsPolicies is returned when there are any policy group // with, at least, one asset and checktype. ErrNoProgramsGroupsPolicies = errors.New("no PoliciesGroups defined in the current program") )
View Source
var DefaultROLFP = &ROLFP{ Reputation: 1, Operation: 1, Legal: 1, Financial: 1, Personal: 1, Scope: 2, IsEmpty: false, }
View Source
var ErrROLFPInvalidText = "invalid ROLFP representation"
Functions ¶
func ValidAssetType ¶
ValidAssetType indicates if the asset type name exists in Vulcan.
Types ¶
type Asset ¶
type Asset struct {
ID string `gorm:"primary_key;AUTO_INCREMENT" json:"id" sql:"DEFAULT:gen_random_uuid()"`
TeamID string `json:"team_id" validate:"required"`
Team *Team `json:"team,omitempty"` // This line is infered from column name "team_id".
AssetTypeID string `json:"asset_type_id" validate:"required"`
AssetType *AssetType `json:"asset_type"` // This line is infered from column name "asset_type_id".
Identifier string `json:"identifier" validate:"required"`
Alias string `json:"alias"`
Options *string `json:"options"`
EnvironmentalCVSS *string `json:"environmental_cvss"`
ROLFP *ROLFP `json:"rolfp" sql:"DEFAULT:'R:1/O:1/L:1/F:1/P:1+S:2'"`
Scannable *bool `json:"scannable" gorm:"default:true"`
AssetGroups []*AssetGroup `json:"groups"` // This line is infered from other tables.
AssetAnnotations []*AssetAnnotation `json:"annotations"` // This line is infered from other tables.
CreatedAt time.Time `json:"-"`
UpdatedAt time.Time `json:"-"`
ClassifiedAt *time.Time `json:"classified_at"`
}
func (Asset) ToResponse ¶
func (a Asset) ToResponse() AssetResponse
type AssetAnnotation ¶
type AssetAnnotation struct {
AssetID string `gorm:"primary_key" json:"asset_id" validate:"required"`
Asset *Asset `json:"asset"` // This line is infered from column name "asset_id".
Key string `gorm:"primary_key" json:"key" validate:"required"`
Value string `json:"value"`
CreatedAt time.Time `json:"-"`
UpdatedAt time.Time `json:"-"`
}
func (AssetAnnotation) Validate ¶
func (an AssetAnnotation) Validate() error
type AssetAnnotations ¶
type AssetAnnotations []*AssetAnnotation
func (AssetAnnotations) ToMap ¶
func (ans AssetAnnotations) ToMap() AssetAnnotationsMap
func (AssetAnnotations) ToResponse ¶
func (ans AssetAnnotations) ToResponse() AssetAnnotationsResponse
type AssetAnnotationsMap ¶
func (AssetAnnotationsMap) Matches ¶
func (ans AssetAnnotationsMap) Matches(annotations AssetAnnotationsMap, prefix string) bool
Matches returns true if the current object exactly matches (both key and value) the asset annotation map passed as parameter. If a prefix is specified, only the keys matching the prefix are evaluated
func (AssetAnnotationsMap) Merge ¶
func (ans AssetAnnotationsMap) Merge(annotations AssetAnnotationsMap, prefix string) AssetAnnotationsMap
Merge takes an annotation map as input and merges it into the "base" annotation map, giving priority to the values of the former. If a prefix is specified, elements from the "base" map whose keys match the prefix are discarded
func (AssetAnnotationsMap) ToModel ¶
func (anm AssetAnnotationsMap) ToModel() AssetAnnotations
type AssetAnnotationsResponse ¶
type AssetAnnotationsResponse struct {
Annotations AssetAnnotationsMap `json:"annotations"`
}
type AssetCreationResponse ¶
type AssetCreationResponse struct {
ID string `json:"id,omitempty"`
Identifier string `json:"identifier"`
AssetType AssetTypeResponse `json:"type"` // This line is infered from column name "asset_type_id".
Alias string `json:"alias"`
Options *string `json:"options"`
EnvironmentalCVSS *string `json:"environmental_cvss"`
ROLFP *ROLFP `json:"rolfp"`
Scannable *bool `json:"scannable"`
ClassifiedAt *time.Time `json:"classified_at"`
Status interface{} `json:"status,omitempty"`
}
type AssetGroup ¶
type AssetGroup struct {
AssetID string `gorm:"primary_key;AUTO_INCREMENT" json:"asset_id" validate:"required"`
Asset *Asset `json:"asset"` // This line is infered from column name "asset_id".
GroupID string `gorm:"primary_key;AUTO_INCREMENT" json:"group_id" validate:"required"`
Group *Group `json:"group"` // This line is infered from column name "group_id".
CreatedAt time.Time `json:"-"`
UpdatedAt time.Time `json:"-"`
}
func (AssetGroup) TableName ¶
func (AssetGroup) TableName() string
Overwrite gorm default pluralized table name convention
func (AssetGroup) ToResponse ¶
func (ag AssetGroup) ToResponse() AssetGroupResponse
func (AssetGroup) Validate ¶
func (ag AssetGroup) Validate() error
type AssetGroupResponse ¶
type AssetGroupResponse struct {
Asset AssetResponse `json:"asset"`
Group GroupResponse `json:"group"`
}
type AssetMergeOperations ¶
type AssetMergeOperations struct {
// Create assets that didn't exist yet in the team.
Create []Asset
// Associate already existing asset to the discovery group.
Assoc []Asset
// Update assets that were already existing (e.g. the scannable field or
// the annotations)
Update []Asset
// Deassociate assets that haven't been discovered in the current discovery
// operation, but that belong to other groups.
Deassoc []Asset
// Delete assets that haven't been discovered in the current discovery
// operation and do not belong to other groups.
Del []Asset
// The team where the operations will be performed.
TeamID string
// The discovery group.
Group Group
}
AssetMergeOperations defines a set of operations to perform when merging a list of assets requested by a discovery service.
type AssetResponse ¶
type AssetResponse struct {
ID string `json:"id"`
AssetType AssetTypeResponse `json:"type"` // This line is infered from column name "asset_type_id".
Identifier string `json:"identifier"`
Alias string `json:"alias"`
Options *string `json:"options"`
EnvironmentalCVSS *string `json:"environmental_cvss"`
ROLFP *ROLFP `json:"rolfp"`
Scannable *bool `json:"scannable"`
ClassifiedAt *time.Time `json:"classified_at"`
Groups []*GroupResponse `json:"groups"`
Annotations AssetAnnotationsMap `json:"annotations"`
}
type AssetType ¶
type AssetType struct {
ID string `gorm:"primary_key;AUTO_INCREMENT" json:"id" sql:"DEFAULT:gen_random_uuid()"`
Name string `json:"name"`
Assets []*Asset `json:"assets"` // This line is infered from other tables.
}
func (AssetType) ToResponse ¶
func (at AssetType) ToResponse() AssetTypeResponse
type AssetTypeResponse ¶
type AssetsGroupResponse ¶
type AssetsGroupResponse struct {
Assets []AssetResponse `json:"assets"`
Group GroupResponse `json:"group"`
}
type AuthService ¶
type AuthService interface {
AuthTenant(ctx context.Context, request interface{}) (tenant interface{}, passThrough bool, err error)
AuthRol(ctx context.Context, tenant interface{}) (bool, error)
}
AuthService defines the exposed functions of an authorization service.
type ChecktypeSetting ¶
type ChecktypeSetting struct {
ID string `gorm:"primary_key;AUTO_INCREMENT" json:"id" sql:"DEFAULT:gen_random_uuid()"`
PolicyID string `json:"policy_id"`
Policy *Policy `json:"policy"` // This line is infered from column name "policy_id".
CheckTypeName string `json:"checktype_name"`
Options *string `json:"options"`
CreatedAt *time.Time `json:"-"`
UpdatedAt *time.Time `json:"-"`
}
func (ChecktypeSetting) ToResponse ¶
func (c ChecktypeSetting) ToResponse() *ChecktypeSettingResponse
func (ChecktypeSetting) Validate ¶
func (c ChecktypeSetting) Validate() error
type CreateTarget ¶
CreateTarget specifies the payload for the vulnerability DB create target endpoint.
type Finding ¶
type Finding struct {
Finding FindingExpanded `json:"finding"`
}
Finding represents the response data returned from the vulnerability DB for the get finding request.
type FindingExpanded ¶ added in v1.2.9
type FindingExpanded struct {
vulndb.FindingExpanded
TicketURL string `json:"url_tracker"`
}
type FindingOverwrite ¶
type FindingOverwrite struct {
ID string `gorm:"primary_key;AUTO_INCREMENT" json:"id" sql:"DEFAULT:gen_random_uuid()"`
UserID string `json:"user_id" validate:"required"`
User *User `json:"user,omitempty"` // This line is infered from column name "user_id".
FindingID string `json:"finding_id" validate:"required"`
StatusPrevious string `json:"status_previous" validate:"required"`
Status string `json:"status" validate:"required"`
Notes string `json:"notes" validate:"required"`
TeamID string `json:"team_id" validate:"required"`
CreatedAt time.Time `json:"-"`
}
func (FindingOverwrite) ToResponse ¶
func (fr FindingOverwrite) ToResponse() FindingOverwriteResponse
type FindingOverwriteResponse ¶
type FindingOverwriteResponse struct {
ID string `json:"id"`
User string `json:"user"`
FindingID string `json:"finding_id"`
StatusPrevious string `json:"status_previous"`
Status string `json:"status"`
Notes string `json:"notes"`
TeamID string `json:"team_id"`
CreatedAt time.Time `json:"created_at"`
}
type FindingTicketCreate ¶ added in v1.2.9
type FindingTicketCreate struct {
FindingID string `json:"finding_id" validate:"required"`
TeamID string `json:"team_id" validate:"required"`
Summary string `json:"summary" validate:"required"`
Description string `json:"description"`
URLTracker string `json:"url_tracker"`
Labels []string `json:"labels"`
}
FindingTicketCreate represents the data needed to create a ticket.
type FindingTicketCreateResponse ¶ added in v1.2.9
type FindingTicketCreateResponse struct {
URLTracker string `json:"url_tracker"`
}
FindingTicketCreateResponse represents a response when request a ticket creation.
type FindingsIssuesList ¶
type FindingsIssuesList struct {
Issues []vulndb.IssueSummary `json:"issues"`
Pagination PaginationInfo `json:"pagination"`
}
FindingsIssuesList represents the response data returned from the vulnerability DB for the issues summary request.
type FindingsLabels ¶
type FindingsLabels struct {
Labels []string `json:"labels"`
}
FindingsLabels represents the response data returned from the vulnerability DB for the list labels request.
type FindingsList ¶
type FindingsList struct {
Findings []vulndb.FindingExpanded `json:"findings"`
Pagination PaginationInfo `json:"pagination"`
}
FindingsList represents the response data returned from the vulnerability DB for a findings requests.
type FindingsParams ¶
type FindingsParams struct {
Team string
Status string
MinScore float64
MaxScore float64
AtDate string
MinDate string
MaxDate string
SortBy string
IssueID string
TargetID string
Identifier string
IdentifierMatch bool
Identifiers string
Labels string
}
FindingsParams represents the group of parameters that can be used to customize the call to retrieve the list of findings.
type FindingsTargetsList ¶
type FindingsTargetsList struct {
Targets []vulndb.TargetSummary `json:"targets"`
Pagination PaginationInfo `json:"pagination"`
}
FindingsTargetsList represents the response data returned from the vulnerability DB for the targets summary request.
type GlobalProgramsMetadata ¶
type GlobalProgramsMetadata struct {
TeamID string `gorm:"primary_key"`
Program string `gorm:"primary_key"`
Autosend *bool
Disabled *bool
Cron string `gorm:"-" json:"cron"` // A program can have empty cron expression, e.g: a program to be run on demand.
CreatedAt *time.Time
UpdatedAt *time.Time
}
GlobalProgramsMetadata defines the shape of the metadata stored per team for a given global program.
type GlobalStatsParams ¶ added in v1.1.0
type GlobalStatsParams struct {
Team string
Teams string
MinDate string
MaxDate string
AtDate string
MinScore float64
MaxScore float64
Identifiers string
Labels string
}
GlobalStatsParams represents the group of parameters that can be used to customize the call to retrieve the global statistics.
type Group ¶
type Group struct {
ID string `gorm:"primary_key;AUTO_INCREMENT" json:"id" sql:"DEFAULT:gen_random_uuid()"`
TeamID string `json:"team_id"`
Team *Team `json:"team"` // This line is infered from column name "team_id".
Name string `json:"name" validate:"required"`
Options string `json:"options"`
AssetGroup []*AssetGroup `json:"asset_group"` // This line is infered from other tables.
Description *string `json:"description,omitempty"`
CreatedAt time.Time `json:"-"`
UpdatedAt time.Time `json:"-"`
}
func (Group) ToResponse ¶
func (g Group) ToResponse() *GroupResponse
type GroupResponse ¶
type Healthcheck ¶
type Healthcheck struct {
Status string `json:"status" validate:"required"`
}
Healthcheck ....
func (Healthcheck) ToResponse ¶
func (h Healthcheck) ToResponse() HealthcheckResponse
ToResponse ...
type HealthcheckResponse ¶
type HealthcheckResponse struct {
Status string `json:"status"`
}
HealthcheckResponse ...
type Job ¶
type Job struct {
ID string `gorm:"primary_key:true"`
TeamID string `gorm:"Column:team_id"`
Operation string `validate:"required"`
// Status possible values are:
// - PENDING
// - RUNNING
// - DONE
Status JobStatus `validate:"required"`
Result *JobResult `gorm:"Column:result"`
CreatedAt time.Time
UpdatedAt time.Time
}
Job contains the status information of an asynchronous operation.
In case of non-global operations it also contains the team ID associated to the operation.
func (Job) ToResponse ¶
func (j Job) ToResponse() *JobResponse
type JobResponse ¶
type JobResponse struct {
ID string `json:"id"`
TeamID string `json:"team_id,omitempty"`
Operation string `json:"operation"`
Status JobStatus `json:"status"`
Result JobResultResponse `json:"result"`
}
JobResponse represents the data for a Job that is returned as a response to Job queries through the API.
type JobResult ¶
type JobResult struct {
Data json.RawMessage `json:"data"`
Error string `json:"error"`
}
JobResult represents the result of a job. Data and Error fields are unstructured JSON fields which content may vary per each operation.
func (*JobResult) Scan ¶
Scan scans value into Jsonb, implements sql.Scanner interface. This method is necessary for GORM to known how to receive/save it into the database. Reference: https://gorm.io/docs/data_types.html
type JobResultResponse ¶
type JobsClient ¶
type JobsClient interface {
MergeDiscoveredAssets(ctx context.Context, teamID string, assets []Asset, groupName string) error
FindJob(ctx context.Context, jobID string) (*Job, error)
UpdateJob(ctx context.Context, job Job) (*Job, error)
}
JobsClient defines the API service layer methods exposd by the JobsRunner.
type JobsRunner ¶
type JobsRunner struct {
Client JobsClient
}
JobsRunner is a dependency used by the CDC parser to execute async API jobs, providing a limited access to the API service layer.
type MemberResponse ¶
type MemberResponse struct {
User UserResponse `json:"user"`
Role Role `json:"role"`
}
type Pagination ¶
Pagination represents the pagination data requested.
type PaginationInfo ¶
type PaginationInfo struct {
Limit int `json:"limit"`
Offset int `json:"offset"`
Total int `json:"total"`
More bool `json:"more"`
}
PaginationInfo represents the pagination data provided for each vulnerability DB response.
type Policy ¶
type Policy struct {
ID string `gorm:"primary_key;AUTO_INCREMENT" json:"id" sql:"DEFAULT:gen_random_uuid()"`
TeamID string `json:"team_id"`
Team *Team `json:"team"` // This line is infered from other tables.
Name string `json:"name" validate:"required"`
ChecktypeSettings []*ChecktypeSetting `json:"checktype_settings"` // This line is infered from other tables.
ProgramsGroupsPolicies []*ProgramsGroupsPolicies `json:"program_policies"` // This line is infered from other tables.
Description *string `json:"description,omitempty"`
CreatedAt *time.Time `json:"-"`
UpdatedAt *time.Time `json:"-"`
}
func (Policy) ToResponse ¶
func (p Policy) ToResponse() *PolicyResponse
type PolicyGroup ¶
type PolicyGroup struct {
Group *GroupResponse `json:"group"`
Policy *PolicyResponse `json:"policy"`
}
type PolicyResponse ¶
type Program ¶
type Program struct {
ID string `gorm:"primary_key;AUTO_INCREMENT" json:"id" sql:"DEFAULT:gen_random_uuid()"`
TeamID string
Team *Team
ProgramsGroupsPolicies []*ProgramsGroupsPolicies `json:"program_policies" validate:"required"`
Name string `json:"name" validate:"required"`
Cron string `gorm:"-" json:"cron"` // A program can have empty cron expression, e.g: a program to be run on demand.
Autosend *bool `json:"autosend"`
Disabled *bool `json:"disabled"`
Global *bool `gorm:"-" json:"global"`
CreatedAt *time.Time `json:"-"`
UpdatedAt *time.Time `json:"-"`
}
func (Program) ToResponse ¶
func (p Program) ToResponse() *ProgramResponse
func (Program) ValidateGroupsPolicies ¶
ValidateGroupsPolicies validates that at least one of the groups policies in a program have, at least, one asset and one checktype.
type ProgramResponse ¶
type ProgramResponse struct {
ID string `json:"id"`
Name string `json:"name"`
Global bool `json:"global"`
Schedule ScheduleResponse `json:"schedule"`
Autosend bool `json:"autosend"`
Disabled bool `json:"disabled"`
PolicyGroups []PolicyGroup `json:"policy_groups"`
}
type ProgramsGroupsPolicies ¶
type ProgramsGroupsPolicies struct {
ProgramID string `gorm:"primary_key" json:"program_id" validate:"required"`
Program *Program
PolicyID string `gorm:"primary_key" json:"policy_id" validate:"required"`
Policy *Policy
GroupID string `gorm:"primary_key" json:"group_id" validate:"required"`
Group *Group
}
ProgramsGroupsPolicies defines the association between a group and a policy in a program.
func (ProgramsGroupsPolicies) Validate ¶
func (p ProgramsGroupsPolicies) Validate() error
Validate that the ProgramsGroupsPolicies have, at least, one asset and one checktype in the groups policies list.
type ROLFP ¶
type ROLFP struct {
Reputation byte
Operation byte
Legal byte
Financial byte
Personal byte
Scope byte
IsEmpty bool
}
ROLFP stores the vector containing the dimensions we use to classify the impact of an asset.
func (ROLFP) Level ¶
Level return the corresponding level of the ROLFP according to the following rules: Level 0: Accounts meeting none of the ROLFP criteria. Level 1: Accounts meeting 1 or 2 of the ROLFP criteria. Level 2: Accounts either:
Meeting 3 or more of the ROLFP criteria. With unknown scope, that is scope 2
If the rolfp is empty the level will be 2.
func (ROLFP) MarshalJSON ¶
MarshalJSON marshals a ROLFP to JSON.
func (*ROLFP) MarshalText ¶
MarshalText marshals the receiver into its text representation.
func (ROLFP) String ¶
String returns the representation of the ROLFP in the form: R:0/O:0/L:0/F:0/P:0+S:0
func (*ROLFP) UnmarshalJSON ¶
UnmarshalJSON unmarshals a ROLFP encoded in the form: R:0/O:0/L:0/F:0/P:0+S:0.
func (*ROLFP) UnmarshalText ¶
UnmarshalText unmarsharls the text representation of a ROLFP into the receiver. The function will override any value stored in the fields of the receiver with the values in the txt param.
type Recipient ¶
type Recipient struct {
TeamID string `json:"team_id" gorm:"primary_key"`
Email string `json:"email" gorm:"primary_key"`
CreatedAt time.Time `json:"-"`
UpdatedAt time.Time `json:"-"`
}
func (Recipient) ToResponse ¶
func (r Recipient) ToResponse() *RecipientResponse
type RecipientResponse ¶
type RecipientResponse struct {
Email string `json:"email"`
}
type Report ¶
type Report struct {
ID string `json:"id"`
ScanID string `json:"scan_id"`
ProgramName string `json:"program_name"`
Report string `json:"report"`
ReportJson string `json:"report_json"`
EmailBody string `json:"email_body"`
DeliveredTo string `json:"delivered_to"`
UpdateStatusAt *time.Time `json:"update_status_at"`
Status string `json:"status"`
Risk *int `json:"risk"`
CreatedAt *time.Time `json:"-"`
UpdatedAt *time.Time `json:"-"`
}
func (Report) ToEmailResponse ¶
func (r Report) ToEmailResponse() *ReportEmailResponse
func (Report) ToResponse ¶
func (r Report) ToResponse() *ReportResponse
type ReportEmailResponse ¶
type ReportEmailResponse struct {
EmailBody string `json:"email_body"`
}
type ReportResponse ¶
type ReportResponse struct {
ReportID string `json:"report_id"`
ScanID string `json:"scan_id"`
ProgramName string `json:"program_name"`
Report string `json:"report"`
ReportJson string `json:"report_json"`
Status string `json:"status"`
DeliveredTo string `json:"delivered_to"`
Risk *int `json:"risk"`
}
type Scan ¶
type Scan struct {
ID string `gorm:"primary_key;AUTO_INCREMENT" json:"id" sql:"DEFAULT:gen_random_uuid()"`
ProgramID string `json:"program_id" validate:"required"`
Program *Program `json:"program"`
ScheduledTime *time.Time `json:"scheduled_time"`
StartTime *time.Time `json:"start_time"`
EndTime *time.Time `json:"end_time"`
Progress *float32 `json:"progress"`
Status string `json:"status"`
CheckCount *int `json:"check_count,omitempty"`
RequestedBy string `json:"requested_by"`
ReportLink string `json:"report_link"`
}
func (Scan) ToResponse ¶
func (s Scan) ToResponse() *ScanResponse
type ScanResponse ¶
type ScanResponse struct {
ID string `json:"id"`
StartTime *time.Time `json:"start_time"`
Endtime *time.Time `json:"end_time"`
ScheduledTime *time.Time `json:"scheduled_time"`
Progress *float32 `json:"progress"`
CheckCount *int `json:"check_count,omitempty"`
Status string `json:"status"`
RequestedBy string `json:"requested_by"`
ReportLink string `json:"report_link,omitempty"`
Program *ProgramResponse `json:"program"`
}
type ScheduleResponse ¶
type ScheduleResponse struct {
Cron string `json:"cron"`
}
type StatsAssets ¶
type StatsAssets struct {
Assets vulndb.StatsAssetsSeverity `json:"assets"`
}
StatsAssets represents the stats for assets grouped by severity.
type StatsCoverage ¶
type StatsCoverage struct {
Coverage float64 `json:"coverage"`
}
type StatsCurrentExposure ¶
type StatsCurrentExposure struct {
Exposure vulndb.StatsExposure `json:"current_exposure"`
}
StatsCurrentExposure represents the current exposure time stats by different averages.
type StatsExposure ¶
type StatsExposure struct {
Exposure vulndb.StatsExposure `json:"exposure"`
}
StatsExposure represents the exposure time stats by different averages.
type StatsFixed ¶
type StatsFixed struct {
FixedIssues vulndb.StatsIssueSeverity `json:"fixed_issues"`
}
StatsFixed represents the stats for fixed issues grouped by severity.
type StatsMTTR ¶
type StatsMTTR struct {
MTTR vulndb.StatsMTTRSeverity `json:"mttr"`
}
StatsMTTR represents the mean time to remediation stats by issue severity.
type StatsOpen ¶
type StatsOpen struct {
OpenIssues vulndb.StatsIssueSeverity `json:"open_issues"`
}
StatsOpen represents the stats for open issues grouped by severity.
type StatsParams ¶
type StatsParams struct {
Team string
Teams string
MinDate string
MaxDate string
AtDate string
MinScore float64
MaxScore float64
Identifiers string
Labels string
}
StatsParams represents the group of parameters that can be used to customize the call to retrieve the statistics.
type Target ¶
Target represents the response data returned from the vulnerability DB for the create target request.
type TargetsList ¶
type TargetsList struct {
Targets []vulndb.Target `json:"targets"`
Pagination PaginationInfo `json:"pagination"`
}
TargetsList represents the response data returned from the vulnerability DB for the targets list request.
type TargetsParams ¶
TargetsParams represents the group of parameters that can be used to customize the call to retrieve the list of targets.
type Team ¶
type Team struct {
ID string `gorm:"primary_key;AUTO_INCREMENT" json:"id" sql:"DEFAULT:gen_random_uuid()"`
Name string `json:"name" validate:"required"`
Description string `json:"description"`
Tag string `json:"tag" validate:"required"`
CreatedAt *time.Time `json:"-"`
UpdatedAt *time.Time `json:"-"`
Assets []*Asset `json:"assets"` // This line is infered from other tables.
UserTeam []*UserTeam `json:"user_team"` // This line is infered from other tables.
Groups []*Group
UsingTracker bool `json:"using_tracker" sql:"-"` // feature flag.
}
func (Team) ToResponse ¶
func (t Team) ToResponse() *TeamResponse
type TeamMembersReponse ¶
type TeamMembersReponse struct {
Team *TeamResponse `json:"team"`
Members []MemberResponse `json:"members"`
}
type TeamResponse ¶
type Ticket ¶ added in v1.2.9
type Ticket struct {
Ticket vulcantracker.Ticket `json:"ticket"`
}
Ticket represents the response data returned from the vulcan tracker service for the get ticket request.
func (Ticket) ToResponse ¶ added in v1.2.9
func (t Ticket) ToResponse() FindingTicketCreateResponse
ToResponse transforms a ticket model into a response.
type Token ¶
type Token struct {
Token string `json:"token"`
Email string `json:"email"`
Hash string `json:"hash"`
CreationTime time.Time `json:"creation_time"`
}
Token represents a personal API token
type UpdateFinding ¶
type UpdateFinding struct {
Status *string `json:"status"`
}
UpdateFinding represents the payload submitted to update a finding.
type User ¶
type User struct {
ID string `gorm:"primary_key:true"`
Firstname string
Lastname string
Email string `validate:"required"`
APIToken string `gorm:"Column:api_token"`
Active *bool `gorm:"default:true"`
Admin *bool `gorm:"default:false"`
Observer *bool `gorm:"default:false"`
LastLogin *time.Time
// A user can belong to multiple teams
UserTeams []*UserTeam
CreatedAt time.Time
UpdatedAt time.Time
}
User ...
func (User) ToResponse ¶
func (u User) ToResponse() *UserResponse
type UserResponse ¶
type UserStore ¶
type UserStore interface {
Create(User) (User, error)
Update(User) (User, error)
FindByID(string) (User, error)
FindByEmail(string) (User, error)
}
UserStore contains methods to manage teams in data store
type UserTeam ¶
type UserTeam struct {
UserID string `gorm:"primary_key;AUTO_INCREMENT" json:"user_id" validate:"required"`
User *User `json:"user" validate:"-"`
TeamID string `gorm:"primary_key;AUTO_INCREMENT" json:"team_id" validate:"required"`
Team *Team `json:"team" validate:"-"`
Role Role `json:"role"`
CreatedAt time.Time `json:"-"`
UpdatedAt time.Time `json:"-"`
}
UserTeam ...
func (UserTeam) ToResponse ¶
func (ut UserTeam) ToResponse() *MemberResponse
type VulcanitoService ¶
type VulcanitoService interface {
// Healthcheck
Healthcheck(ctx context.Context) error
// Jobs
FindJob(ctx context.Context, jobID string) (*Job, error)
UpdateJob(ctx context.Context, job Job) (*Job, error)
// Users
ListUsers(ctx context.Context) ([]*User, error)
CreateUser(ctx context.Context, user User) (*User, error)
UpdateUser(ctx context.Context, user User) (*User, error)
FindUser(ctx context.Context, userID string) (*User, error)
DeleteUser(ctx context.Context, userID string) error
GenerateAPIToken(ctx context.Context, userID string) (*Token, error)
// Teams
CreateTeam(ctx context.Context, team Team, ownerEmail string) (*Team, error)
UpdateTeam(ctx context.Context, team Team) (*Team, error)
FindTeam(ctx context.Context, teamID string) (*Team, error)
FindTeamByTag(ctx context.Context, tag string) (*Team, error)
DeleteTeam(ctx context.Context, teamID string) error
ListTeams(ctx context.Context) ([]*Team, error)
FindTeamsByUser(ctx context.Context, userID string) ([]*Team, error)
FindTeamsByTags(ctx context.Context, tags []string) ([]*Team, error)
// TeamMembers
FindTeamMember(ctx context.Context, teamID string, userID string) (*UserTeam, error)
CreateTeamMember(ctx context.Context, teamUser UserTeam) (*UserTeam, error)
UpdateTeamMember(ctx context.Context, teamUser UserTeam) (*UserTeam, error)
DeleteTeamMember(ctx context.Context, teamID string, userID string) error
// Recipients
UpdateRecipients(ctx context.Context, teamID string, emails []string) error
ListRecipients(ctx context.Context, teamID string) ([]*Recipient, error)
// Assets
ListAssets(ctx context.Context, teamID string, asset Asset) ([]*Asset, error)
CreateAssets(ctx context.Context, assets []Asset, groups []Group, annotations []*AssetAnnotation) ([]Asset, error)
CreateAssetsMultiStatus(ctx context.Context, assets []Asset, groups []Group, annotations []*AssetAnnotation) ([]AssetCreationResponse, error)
MergeDiscoveredAssets(ctx context.Context, teamID string, assets []Asset, groupName string) error
MergeDiscoveredAssetsAsync(ctx context.Context, teamID string, assets []Asset, groupName string) (*Job, error)
FindAsset(ctx context.Context, asset Asset) (*Asset, error)
UpdateAsset(ctx context.Context, asset Asset) (*Asset, error)
DeleteAsset(ctx context.Context, asset Asset) error
DeleteAllAssets(ctx context.Context, teamID string) error
GetAssetType(ctx context.Context, assetTypeName string) (*AssetType, error)
// Asset Annotations
ListAssetAnnotations(ctx context.Context, teamID string, assetID string) ([]*AssetAnnotation, error)
CreateAssetAnnotations(ctx context.Context, teamID string, assetID string, annotations []*AssetAnnotation) ([]*AssetAnnotation, error)
UpdateAssetAnnotations(ctx context.Context, teamID string, assetID string, annotations []*AssetAnnotation) ([]*AssetAnnotation, error)
PutAssetAnnotations(ctx context.Context, teamID string, assetID string, annotations []*AssetAnnotation) ([]*AssetAnnotation, error)
DeleteAssetAnnotations(ctx context.Context, teamID string, assedID string, annotations []*AssetAnnotation) error
ListGroups(ctx context.Context, teamID, groupName string) ([]*Group, error)
CreateGroup(ctx context.Context, group Group) (*Group, error)
FindGroup(ctx context.Context, group Group) (*Group, error)
UpdateGroup(ctx context.Context, group Group) (*Group, error)
DeleteGroup(ctx context.Context, group Group) error
GroupAsset(ctx context.Context, assetGroup AssetGroup, teamID string) (*AssetGroup, error)
UngroupAsset(ctx context.Context, assetGroup AssetGroup, teamID string) error
ListAssetGroup(ctx context.Context, assetGroup AssetGroup, teamID string) ([]*Asset, error)
ListPrograms(ctx context.Context, teamID string) ([]*Program, error)
CreateProgram(ctx context.Context, program Program, teamID string) (*Program, error)
FindProgram(ctx context.Context, programID string, teamID string) (*Program, error)
UpdateProgram(ctx context.Context, program Program, teamID string) (*Program, error)
DeleteProgram(ctx context.Context, program Program, teamID string) error
// Schedules
CreateSchedule(ctx context.Context, programID string, cronExpr string, teamID string) (*Program, error)
DeleteSchedule(ctx context.Context, programID string, teamID string) (*Program, error)
ScheduleGlobalProgram(ctx context.Context, programID string, cronExpr string) error
ListPolicies(ctx context.Context, teamID string) ([]*Policy, error)
CreatePolicy(ctx context.Context, policy Policy) (*Policy, error)
FindPolicy(ctx context.Context, policyID string) (*Policy, error)
UpdatePolicy(ctx context.Context, policy Policy) (*Policy, error)
DeletePolicy(ctx context.Context, policy Policy) error
ListChecktypeSetting(ctx context.Context, policyID string) ([]*ChecktypeSetting, error)
CreateChecktypeSetting(ctx context.Context, setting ChecktypeSetting) (*ChecktypeSetting, error)
FindChecktypeSetting(ctx context.Context, policyID, checktypeSettingID string) (*ChecktypeSetting, error)
UpdateChecktypeSetting(ctx context.Context, checktypeSetting ChecktypeSetting) (*ChecktypeSetting, error)
DeleteChecktypeSetting(ctx context.Context, checktypeSettingID string) error
ListScans(ctx context.Context, teamID string, programID string) ([]*Scan, error)
CreateScan(ctx context.Context, scan Scan, teamID string) (*Scan, error)
FindScan(ctx context.Context, scanID, teamID string) (*Scan, error)
AbortScan(ctx context.Context, scanID string, teamID string) (*Scan, error)
UpdateScan(ctx context.Context, scan Scan) (*Scan, error)
DeleteScan(ctx context.Context, scan Scan) error
SendDigestReport(ctx context.Context, teamID string, startDate string, endDate string) error
// Stats
StatsCoverage(ctx context.Context, teamID string) (*StatsCoverage, error)
// VulnerabilityDB Stats
ListFindings(ctx context.Context, params FindingsParams, pagination Pagination) (*FindingsList, error)
ListFindingsIssues(ctx context.Context, params FindingsParams, pagination Pagination) (*FindingsIssuesList, error)
ListFindingsByIssue(ctx context.Context, params FindingsParams, pagination Pagination) (*FindingsList, error)
ListFindingsTargets(ctx context.Context, params FindingsParams, pagination Pagination) (*FindingsTargetsList, error)
ListFindingsByTarget(ctx context.Context, params FindingsParams, pagination Pagination) (*FindingsList, error)
ListFindingsLabels(ctx context.Context, params FindingsParams) (*FindingsLabels, error)
FindFinding(ctx context.Context, findingID string) (*Finding, error)
CreateFindingOverwrite(ctx context.Context, findingOverwrite FindingOverwrite) error
ListFindingOverwrites(ctx context.Context, findingID string) ([]*FindingOverwrite, error)
StatsMTTR(ctx context.Context, params StatsParams) (*StatsMTTR, error)
StatsExposure(ctx context.Context, params StatsParams) (*StatsExposure, error)
StatsCurrentExposure(ctx context.Context, params StatsParams) (*StatsCurrentExposure, error)
StatsOpen(ctx context.Context, params StatsParams) (*StatsOpen, error)
StatsFixed(ctx context.Context, params StatsParams) (*StatsFixed, error)
StatsAssets(ctx context.Context, params StatsParams) (*StatsAssets, error)
// Vulcan Tracker
CreateFindingTicket(ctx context.Context, ticket FindingTicketCreate) (*Ticket, error)
GetFindingTicket(ctx context.Context, findingID, teamID string) (*Ticket, error)
IsATeamOnboardedInVulcanTracker(ctx context.Context, teamID string, onboardedTeams []string) bool
}
VulcanitoService represents all operations provided by Vulcanito
type VulcanitoStore ¶
type VulcanitoStore interface {
Close() error
NotFoundError(err error) bool
Healthcheck() error
FindJob(jobID string) (*Job, error)
UpdateJob(job Job) (*Job, error)
CreateUserIfNotExists(userData saml.UserData) error
ListUsers() ([]*User, error)
CreateUser(user User) (*User, error)
UpdateUser(user User) (*User, error)
FindUserByID(userID string) (*User, error)
FindUserByEmail(email string) (*User, error)
DeleteUserByID(userID string) error
CreateTeam(team Team, ownerEmail string) (*Team, error)
UpdateTeam(team Team) (*Team, error)
FindTeam(teamID string) (*Team, error)
FindTeamByIDForUser(ID, userID string) (*UserTeam, error)
FindTeamsByUser(userID string) ([]*Team, error)
FindTeamByName(name string) (*Team, error)
FindTeamByTag(tag string) (*Team, error)
FindTeamsByTags(tags []string) ([]*Team, error)
FindTeamByProgram(programID string) (*Team, error)
DeleteTeam(teamID string) error
ListTeams() ([]*Team, error)
CreateTeamMember(teamMember UserTeam) (*UserTeam, error)
DeleteTeamMember(teamID string, userID string) error
FindTeamMember(teamID string, userID string) (*UserTeam, error)
UpdateTeamMember(teamMember UserTeam) (*UserTeam, error)
UpdateRecipients(teamID string, emails []string) error
ListRecipients(teamID string) ([]*Recipient, error)
ListAssets(teamID string, asset Asset) ([]*Asset, error)
FindAsset(teamID, assetID string) (*Asset, error)
CreateAsset(asset Asset, groups []Group) (*Asset, error)
CreateAssets(assets []Asset, groups []Group) ([]Asset, error)
DeleteAsset(asset Asset) error
DeleteAllAssets(teamID string) error
UpdateAsset(asset Asset) (*Asset, error)
MergeAssets(mergeOps AssetMergeOperations) error
MergeAssetsAsync(teamID string, assets []Asset, groupName string) (*Job, error)
GetAssetType(assetTypeName string) (*AssetType, error)
ListAssetAnnotations(teamID string, assetID string) ([]*AssetAnnotation, error)
CreateAssetAnnotations(teamID string, assetID string, annotations []*AssetAnnotation) ([]*AssetAnnotation, error)
UpdateAssetAnnotations(teamID string, assetID string, annotations []*AssetAnnotation) ([]*AssetAnnotation, error)
PutAssetAnnotations(teamID string, assetID string, annotations []*AssetAnnotation) ([]*AssetAnnotation, error)
DeleteAssetAnnotations(teamID string, assetID string, annotations []*AssetAnnotation) error
CreateGroup(group Group) (*Group, error)
ListGroups(teamID, groupName string) ([]*Group, error)
UpdateGroup(group Group) (*Group, error)
DeleteGroup(group Group) error
FindGroup(group Group) (*Group, error)
// FindGroupInfo returns the info of the specified group
// without loading the assets and teams associated to it.
FindGroupInfo(group Group) (*Group, error)
// DisjoinAssetsInGroups returns assets belonging to a team that are in a given
// group but not in other groups.
DisjoinAssetsInGroups(teamID, inGroupID string, notInGroupIDs []string) ([]*Asset, error)
CountAssetsInGroups(teamID string, groupIDs []string) (int, error)
GroupAsset(assetsGroup AssetGroup, teamID string) (*AssetGroup, error)
ListAssetGroup(assetGroup AssetGroup, teamID string) ([]*AssetGroup, error)
UngroupAssets(assetGroup AssetGroup, teamID string) error
ListPrograms(teamID string) ([]*Program, error)
CreateProgram(program Program, teamID string) (*Program, error)
FindProgram(programID string, teamID string) (*Program, error)
UpdateProgram(program Program, teamID string) (*Program, error)
DeleteProgram(program Program, teamID string) error
ListPolicies(teamID string) ([]*Policy, error)
CreatePolicy(policy Policy) (*Policy, error)
FindPolicy(policyID string) (*Policy, error)
UpdatePolicy(policy Policy) (*Policy, error)
DeletePolicy(policy Policy) error
ListChecktypeSetting(policyID string) ([]*ChecktypeSetting, error)
CreateChecktypeSetting(setting ChecktypeSetting) (*ChecktypeSetting, error)
FindChecktypeSetting(checktypeSettingID string) (*ChecktypeSetting, error)
UpdateChecktypeSetting(checktypeSetting ChecktypeSetting) (*ChecktypeSetting, error)
DeleteChecktypeSetting(checktypeSettingID string) error
FindGlobalProgramMetadata(programID string, teamID string) (*GlobalProgramsMetadata, error)
UpsertGlobalProgramMetadata(teamID, program string, defaultAutosend bool, defaultDisabled bool, defaultCron string, autosend *bool, disabled *bool, cron *string) error
DeleteProgramMetadata(program string) error
CreateFindingOverwrite(findingOverwrite FindingOverwrite) error
ListFindingOverwrites(findingID string) ([]*FindingOverwrite, error)
}
Source Files
¶
Directories
Click to show internal directories.
Click to hide internal directories.