From 4e8e7933b20c668556b8ecc452bdedfc18ba0e47 Mon Sep 17 00:00:00 2001 From: ArnoStiefvater Date: Wed, 25 Nov 2020 14:22:23 +0100 Subject: [PATCH 01/13] Change modify_user Modify user now only takes an ID for identifying the user which is to be modified. The name parameter is now the new name and not an identifier anymore. The comment, auth_source and group_ids parameters got added. Now its possible to change those fields too. auth_source has to be used explicitly if not the default Source allowed for authentication for the user is to be used. --- gvm/protocols/gmpv214/gmpv214.py | 85 +++++++++++++++++++++++++++++++- gvm/protocols/gmpv214/types.py | 9 ++++ 2 files changed, 93 insertions(+), 1 deletion(-) diff --git a/gvm/protocols/gmpv214/gmpv214.py b/gvm/protocols/gmpv214/gmpv214.py index 1d6990b8c..c7d688c22 100644 --- a/gvm/protocols/gmpv214/gmpv214.py +++ b/gvm/protocols/gmpv214/gmpv214.py @@ -31,7 +31,7 @@ from gvm.utils import deprecation from gvm.xml import XmlCommand -from gvm.protocols.gmpv7.gmpv7 import _to_comma_list +from gvm.protocols.gmpv7.gmpv7 import _to_comma_list, _to_bool from gvm.connections import GvmConnection from gvm.errors import RequiredArgument @@ -388,3 +388,86 @@ def modify_override( ) return self._send_xml_command(cmd) + + def modify_user( + self, + user_id: str = None, + *, + name: Optional[str] = None, + comment: Optional[str] = None, + password: Optional[str] = None, + auth_source: Optional[UserAuthType] = None, + role_ids: Optional[List[str]] = None, + hosts: Optional[List[str]] = None, + hosts_allow: Optional[bool] = False, + ifaces: Optional[List[str]] = None, + ifaces_allow: Optional[bool] = False, + group_ids: Optional[List[str]] = None + ) -> Any: + + """Modifies an existing user. Most of the fields need to be supplied + for changing a single field even if no change is wanted. + Else empty values are places instead. + + Arguments: + user_id: UUID of the user to be modified. + name: The new name for the user. + password: The password for the user. + auth_source: Source allowed for authentication for this user. + roles_id: List of roles UUIDs for the user. + hosts: User access rules: List of hosts. + hosts_allow: If True, allow only listed, otherwise forbid listed. + ifaces: User access rules: List of ifaces. + ifaces_allow: If True, allow only listed, otherwise forbid listed. + group_ids: List of group UUIDs for the user. + + Returns: + The response. See :py:meth:`send_command` for details. + """ + if not user_id: + raise RequiredArgument( + function=self.modify_user.__name__, argument='user_id' + ) + + cmd = XmlCommand("modify_user") + + if user_id: + cmd.set_attribute("user_id", user_id) + + if name: + cmd.add_element("new_name", name) + + if role_ids: + for role in role_ids: + cmd.add_element("role", attrs={"id": role}) + + if hosts: + cmd.add_element( + "hosts", + _to_comma_list(hosts), + attrs={"allow": _to_bool(hosts_allow)}, + ) + + if ifaces: + cmd.add_element( + "ifaces", + _to_comma_list(ifaces), + attrs={"allow": _to_bool(ifaces_allow)}, + ) + + if comment: + cmd.add_element("comment", comment) + + if password: + cmd.add_element("password", password) + + if auth_source: + _xmlauthsrc = cmd.add_element("sources") + _xmlauthsrc.add_element("source", auth_source.value) + + if group_ids: + _xmlgroups = cmd.add_element("groups") + for group_id in group_ids: + _xmlgroups.add_element("group", attrs={"id": group_id}) + + return self._send_xml_command(cmd) diff --git a/gvm/protocols/gmpv214/types.py b/gvm/protocols/gmpv214/types.py index 29101c0ec..31f29bb36 100644 --- a/gvm/protocols/gmpv214/types.py +++ b/gvm/protocols/gmpv214/types.py @@ -85,6 +85,7 @@ "SnmpPrivacyAlgorithm", "TicketStatus", "TimeUnit", + "UserAuthType", "get_alert_condition_from_string", "get_alert_event_from_string", "get_alert_method_from_string", @@ -132,3 +133,11 @@ def get_severity_level_from_string( argument='severity_level', function=get_severity_level_from_string.__name__, ) from None + + +class UserAuthType(Enum): + """Enum for Sources allowed for authentication for this use""" + + FILE = 'file' + LDAP_CONNECT = 'ldap_connect' + RADIUS_CONNECT = 'radius_connect' From 358b7a983a4b30efef804e551b8815332b67854a Mon Sep 17 00:00:00 2001 From: ArnoStiefvater Date: Wed, 25 Nov 2020 14:50:04 +0100 Subject: [PATCH 02/13] Add changelog entry --- CHANGELOG.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 334e97414..da50459d2 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,6 +8,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ## [Unreleased] ### Added * get_nvt command requests all details [#348](https://github.com/greenbone/python-gvm/pull/348) +* Improved the `modify_user` function for gmpv7 and gmpv214. Added ability to change comment, groups and authentication method of user. Meaning of name parameter got changed for gmpv214 only. It is not intended for identifying a user anymore but for specifying the new name of the user [#347](https://github.com/greenbone/python-gvm/pull/347) + ### Changed * added the `audits` parameter to `get_policy` [#345](https://github.com/greenbone/python-gvm/pull/345) ### Deprecated From 2cffab14cefc958eada64b4d74258069016fe1fd Mon Sep 17 00:00:00 2001 From: ArnoStiefvater Date: Thu, 26 Nov 2020 09:54:52 +0100 Subject: [PATCH 03/13] Move UserAuthType to gmpv7 --- gvm/protocols/gmpv208/types.py | 2 ++ gvm/protocols/gmpv214/types.py | 9 +-------- gvm/protocols/gmpv7/types.py | 9 +++++++++ gvm/protocols/gmpv8/types.py | 2 ++ gvm/protocols/gmpv9/types.py | 2 ++ 5 files changed, 16 insertions(+), 8 deletions(-) diff --git a/gvm/protocols/gmpv208/types.py b/gvm/protocols/gmpv208/types.py index 42386da16..30bb69d60 100644 --- a/gvm/protocols/gmpv208/types.py +++ b/gvm/protocols/gmpv208/types.py @@ -41,6 +41,7 @@ SnmpPrivacyAlgorithm, TicketStatus, TimeUnit, + UserAuthType, get_alert_condition_from_string, get_alert_event_from_string, get_alert_method_from_string, @@ -84,6 +85,7 @@ "SnmpPrivacyAlgorithm", "TicketStatus", "TimeUnit", + "UserAuthType", "get_alert_condition_from_string", "get_alert_event_from_string", "get_alert_method_from_string", diff --git a/gvm/protocols/gmpv214/types.py b/gvm/protocols/gmpv214/types.py index 31f29bb36..cc27094d3 100644 --- a/gvm/protocols/gmpv214/types.py +++ b/gvm/protocols/gmpv214/types.py @@ -42,6 +42,7 @@ SnmpPrivacyAlgorithm, TicketStatus, TimeUnit, + UserAuthType, get_alert_condition_from_string, get_alert_event_from_string, get_alert_method_from_string, @@ -133,11 +134,3 @@ def get_severity_level_from_string( argument='severity_level', function=get_severity_level_from_string.__name__, ) from None - - -class UserAuthType(Enum): - """Enum for Sources allowed for authentication for this use""" - - FILE = 'file' - LDAP_CONNECT = 'ldap_connect' - RADIUS_CONNECT = 'radius_connect' diff --git a/gvm/protocols/gmpv7/types.py b/gvm/protocols/gmpv7/types.py index 673fc1337..d0deead35 100644 --- a/gvm/protocols/gmpv7/types.py +++ b/gvm/protocols/gmpv7/types.py @@ -43,6 +43,7 @@ "SnmpAuthAlgorithm", "SnmpPrivacyAlgorithm", "TimeUnit", + "UserAuthType", "get_alive_test_from_string", "get_alert_condition_from_string", "get_alert_event_from_string", @@ -811,3 +812,11 @@ def get_time_unit_from_string(time_unit: Optional[str]) -> Optional[TimeUnit]: argument='severity_level', function=get_severity_level_from_string.__name__, ) from None + + +class UserAuthType(Enum): + """Enum for Sources allowed for authentication for the user""" + + FILE = 'file' + LDAP_CONNECT = 'ldap_connect' + RADIUS_CONNECT = 'radius_connect' diff --git a/gvm/protocols/gmpv8/types.py b/gvm/protocols/gmpv8/types.py index a803c29f7..698863a1c 100644 --- a/gvm/protocols/gmpv8/types.py +++ b/gvm/protocols/gmpv8/types.py @@ -39,6 +39,7 @@ SnmpAuthAlgorithm, SnmpPrivacyAlgorithm, TimeUnit, + UserAuthType, get_alert_condition_from_string, get_alert_event_from_string, get_alert_method_from_string, @@ -81,6 +82,7 @@ "SnmpPrivacyAlgorithm", "TicketStatus", "TimeUnit", + "UserAuthType", "get_alert_condition_from_string", "get_alert_event_from_string", "get_alert_method_from_string", diff --git a/gvm/protocols/gmpv9/types.py b/gvm/protocols/gmpv9/types.py index 79016b0e4..b9ff9d679 100644 --- a/gvm/protocols/gmpv9/types.py +++ b/gvm/protocols/gmpv9/types.py @@ -37,6 +37,7 @@ SnmpPrivacyAlgorithm, TicketStatus, TimeUnit, + UserAuthType, get_alive_test_from_string, get_asset_type_from_string, get_credential_format_from_string, @@ -77,6 +78,7 @@ "SnmpPrivacyAlgorithm", "TicketStatus", "TimeUnit", + "UserAuthType", "get_alert_condition_from_string", "get_alert_event_from_string", "get_alert_method_from_string", From 3cdb08dee083727aa472637bf926e14d9c4a4c97 Mon Sep 17 00:00:00 2001 From: ArnoStiefvater Date: Thu, 26 Nov 2020 10:05:58 +0100 Subject: [PATCH 04/13] Improve documentation for modify_user function. --- gvm/protocols/gmpv214/gmpv214.py | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/gvm/protocols/gmpv214/gmpv214.py b/gvm/protocols/gmpv214/gmpv214.py index c7d688c22..6cbe80fea 100644 --- a/gvm/protocols/gmpv214/gmpv214.py +++ b/gvm/protocols/gmpv214/gmpv214.py @@ -412,13 +412,24 @@ def modify_user( Arguments: user_id: UUID of the user to be modified. name: The new name for the user. + comment: Comment on the user. password: The password for the user. auth_source: Source allowed for authentication for this user. roles_id: List of roles UUIDs for the user. hosts: User access rules: List of hosts. - hosts_allow: If True, allow only listed, otherwise forbid listed. + hosts_allow: Defines how the hosts list is to be interpreted. + If False (default) the list is treated as a deny list. + All hosts are allowed by default except those provided by + the hosts parameter. If True the list is treated as a + allow list. All hosts are denied by default except those + provided by the hosts parameter. ifaces: User access rules: List of ifaces. - ifaces_allow: If True, allow only listed, otherwise forbid listed. + ifaces_allow: Defines how the ifaces list is to be interpreted. + If False (default) the list is treated as a deny list. + All ifaces are allowed by default except those provided by + the ifaces parameter. If True the list is treated as a + allow list. All ifaces are denied by default except those + provided by the ifaces parameter. group_ids: List of group UUIDs for the user. Returns: From 8d5bb1d9919cc10ae2f4af1f24bd49787f5cd86c Mon Sep 17 00:00:00 2001 From: ArnoStiefvater Date: Thu, 26 Nov 2020 10:24:11 +0100 Subject: [PATCH 05/13] Improve modify_user function for gmpv7 Add parameters comment, auth_source and group_ids. Make documentation about hosts_allow and ifaces_allow clearer. --- gvm/protocols/gmpv7/gmpv7.py | 40 ++++++++++++++++++++++++++++++------ 1 file changed, 34 insertions(+), 6 deletions(-) diff --git a/gvm/protocols/gmpv7/gmpv7.py b/gvm/protocols/gmpv7/gmpv7.py index 24eb37b10..2862c45e5 100644 --- a/gvm/protocols/gmpv7/gmpv7.py +++ b/gvm/protocols/gmpv7/gmpv7.py @@ -6070,12 +6070,15 @@ def modify_user( name: str = None, *, new_name: Optional[str] = None, + comment: Optional[str] = None, password: Optional[str] = None, + auth_source: Optional[UserAuthType] = None, role_ids: Optional[List[str]] = None, hosts: Optional[List[str]] = None, hosts_allow: Optional[bool] = False, ifaces: Optional[List[str]] = None, - ifaces_allow: Optional[bool] = False + ifaces_allow: Optional[bool] = False, + group_ids: Optional[List[str]] = None, ) -> Any: """Modifies an existing user. @@ -6085,12 +6088,25 @@ def modify_user( name: The name of the user to be modified. Either user_id or name must be passed. new_name: The new name for the user. + comment: Comment on the user. password: The password for the user. + auth_source: Source allowed for authentication for this user. roles_id: List of roles UUIDs for the user. hosts: User access rules: List of hosts. - hosts_allow: If True, allow only listed, otherwise forbid listed. + hosts_allow: Defines how the hosts list is to be interpreted. + If False (default) the list is treated as a deny list. + All hosts are allowed by default except those provided by + the hosts parameter. If True the list is treated as a + allow list. All hosts are denied by default except those + provided by the hosts parameter. ifaces: User access rules: List of ifaces. - ifaces_allow: If True, allow only listed, otherwise forbid listed. + ifaces_allow: Defines how the ifaces list is to be interpreted. + If False (default) the list is treated as a deny list. + All ifaces are allowed by default except those provided by + the ifaces parameter. If True the list is treated as a + allow list. All ifaces are denied by default except those + provided by the ifaces parameter. + group_ids: List of group UUIDs for the user. Returns: The response. See :py:meth:`send_command` for details. @@ -6110,9 +6126,6 @@ def modify_user( if new_name: cmd.add_element("new_name", new_name) - if password: - cmd.add_element("password", password) - if role_ids: for role in role_ids: cmd.add_element("role", attrs={"id": role}) @@ -6131,6 +6144,21 @@ def modify_user( attrs={"allow": _to_bool(ifaces_allow)}, ) + if comment: + cmd.add_element("comment", comment) + + if password: + cmd.add_element("password", password) + + if auth_source: + _xmlauthsrc = cmd.add_element("sources") + _xmlauthsrc.add_element("source", auth_source.value) + + if group_ids: + _xmlgroups = cmd.add_element("groups") + for group_id in group_ids: + _xmlgroups.add_element("group", attrs={"id": group_id}) + return self._send_xml_command(cmd) def move_task(self, task_id: str, *, slave_id: Optional[str] = None) -> Any: From 2789ed94999c7d3a80d3cc554794915bc4fb96a4 Mon Sep 17 00:00:00 2001 From: ArnoStiefvater Date: Thu, 26 Nov 2020 10:39:27 +0100 Subject: [PATCH 06/13] Add tests for modify_user gmpv7 --- .../gmpv7/testcmds/test_modify_user.py | 45 +++++++++++++++++++ 1 file changed, 45 insertions(+) diff --git a/tests/protocols/gmpv7/testcmds/test_modify_user.py b/tests/protocols/gmpv7/testcmds/test_modify_user.py index 8b03a573d..a16be25f8 100644 --- a/tests/protocols/gmpv7/testcmds/test_modify_user.py +++ b/tests/protocols/gmpv7/testcmds/test_modify_user.py @@ -19,6 +19,7 @@ import unittest from gvm.errors import RequiredArgument +from gvm.protocols.gmpv7 import UserAuthType class GmpModifyUserTestCase: @@ -56,6 +57,15 @@ def test_modify_user_with_new_name(self): '' ) + def test_modify_user_with_new_comment(self): + self.gmp.modify_user(user_id='u1', comment='foo') + + self.connection.send.has_been_called_with( + '' + 'foo' + '' + ) + def test_modify_user_with_user_id_and_name(self): self.gmp.modify_user(user_id='u1', name='foo') @@ -81,6 +91,30 @@ def test_modify_user_with_role_ids(self): '' ) + def test_modify_user_with_group_ids(self): + self.gmp.modify_user(user_id='u1', role_ids=[]) + + self.connection.send.has_been_called_with('') + + self.gmp.modify_user(user_id='u1', group_ids=['r1']) + + self.connection.send.has_been_called_with( + '' + '' + '' + ) + + self.gmp.modify_user(user_id='u1', group_ids=['r1', 'r2']) + + self.connection.send.has_been_called_with( + '' + '' + '' + '' + '' + '' + ) + def test_modify_user_with_password(self): self.gmp.modify_user(user_id='u1', password='foo') @@ -90,6 +124,17 @@ def test_modify_user_with_password(self): '' ) + def test_modify_user_with_auth_source(self): + self.gmp.modify_user( + user_id='u1', auth_source=UserAuthType.LDAP_CONNECT + ) + + self.connection.send.has_been_called_with( + '' + 'ldap_connect' + '' + ) + def test_modify_user_with_hosts(self): self.gmp.modify_user(user_id='u1', hosts=[]) From 5b1dad28293d20cbd9ce944c8829343c7baa6a35 Mon Sep 17 00:00:00 2001 From: ArnoStiefvater Date: Thu, 26 Nov 2020 10:55:26 +0100 Subject: [PATCH 07/13] Add tests for modify_user gmpv214 --- tests/protocols/gmpv214/test_new_gmpv214.py | 4 + tests/protocols/gmpv214/testcmds/__init__.py | 1 + .../gmpv214/testcmds/test_modify_user.py | 204 ++++++++++++++++++ 3 files changed, 209 insertions(+) create mode 100644 tests/protocols/gmpv214/testcmds/test_modify_user.py diff --git a/tests/protocols/gmpv214/test_new_gmpv214.py b/tests/protocols/gmpv214/test_new_gmpv214.py index 77c11175e..b964539b7 100644 --- a/tests/protocols/gmpv214/test_new_gmpv214.py +++ b/tests/protocols/gmpv214/test_new_gmpv214.py @@ -34,3 +34,7 @@ class Gmpv214ModifyNoteTestCase(GmpModifyNoteTestCase, Gmpv214TestCase): class Gmpv214ModifyOverrideTestCase(GmpModifyOverrideTestCase, Gmpv214TestCase): pass + + +class Gmpv214ModifyUserTestCase(GmpModifyUserTestCase, Gmpv214TestCase): + pass diff --git a/tests/protocols/gmpv214/testcmds/__init__.py b/tests/protocols/gmpv214/testcmds/__init__.py index 29be0c987..2e4b133b0 100644 --- a/tests/protocols/gmpv214/testcmds/__init__.py +++ b/tests/protocols/gmpv214/testcmds/__init__.py @@ -22,3 +22,4 @@ from .test_create_override import GmpCreateOverrideTestCase from .test_modify_note import GmpModifyNoteTestCase from .test_modify_override import GmpModifyOverrideTestCase +from .test_modify_user import GmpModifyUserTestCase diff --git a/tests/protocols/gmpv214/testcmds/test_modify_user.py b/tests/protocols/gmpv214/testcmds/test_modify_user.py new file mode 100644 index 000000000..e84e9dbb2 --- /dev/null +++ b/tests/protocols/gmpv214/testcmds/test_modify_user.py @@ -0,0 +1,204 @@ +# -*- coding: utf-8 -*- +# Copyright (C) 2018 - 2020 Greenbone Networks GmbH +# +# SPDX-License-Identifier: GPL-3.0-or-later +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . + +import unittest + +from gvm.errors import RequiredArgument +from gvm.protocols.gmpv7 import UserAuthType + + +class GmpModifyUserTestCase: + def test_modify_user(self): + self.gmp.modify_user(user_id='u1') + + self.connection.send.has_been_called_with('') + + def test_modify_user_missing_user_id(self): + with self.assertRaises(RequiredArgument): + self.gmp.modify_user(user_id=None) + + with self.assertRaises(RequiredArgument): + self.gmp.modify_user(user_id='') + + def test_modify_user_with_new_name(self): + self.gmp.modify_user(user_id='u1', name='foo') + + self.connection.send.has_been_called_with( + '' + 'foo' + '' + ) + + def test_modify_user_with_new_comment(self): + self.gmp.modify_user(user_id='u1', comment='foo') + + self.connection.send.has_been_called_with( + '' + 'foo' + '' + ) + + def test_modify_user_with_role_ids(self): + self.gmp.modify_user(user_id='u1', role_ids=[]) + + self.connection.send.has_been_called_with('') + + self.gmp.modify_user(user_id='u1', role_ids=['r1']) + + self.connection.send.has_been_called_with( + '' '' '' + ) + + self.gmp.modify_user(user_id='u1', role_ids=['r1', 'r2']) + + self.connection.send.has_been_called_with( + '' + '' + '' + '' + ) + + def test_modify_user_with_group_ids(self): + self.gmp.modify_user(user_id='u1', role_ids=[]) + + self.connection.send.has_been_called_with('') + + self.gmp.modify_user(user_id='u1', group_ids=['r1']) + + self.connection.send.has_been_called_with( + '' + '' + '' + ) + + self.gmp.modify_user(user_id='u1', group_ids=['r1', 'r2']) + + self.connection.send.has_been_called_with( + '' + '' + '' + '' + '' + '' + ) + + def test_modify_user_with_password(self): + self.gmp.modify_user(user_id='u1', password='foo') + + self.connection.send.has_been_called_with( + '' + 'foo' + '' + ) + + def test_modify_user_with_auth_source(self): + self.gmp.modify_user( + user_id='u1', auth_source=UserAuthType.LDAP_CONNECT + ) + + self.connection.send.has_been_called_with( + '' + 'ldap_connect' + '' + ) + + def test_modify_user_with_hosts(self): + self.gmp.modify_user(user_id='u1', hosts=[]) + + self.connection.send.has_been_called_with('') + + self.gmp.modify_user(user_id='u1', hosts=['foo']) + + self.connection.send.has_been_called_with( + '' + 'foo' + '' + ) + + self.gmp.modify_user(user_id='u1', hosts=['foo', 'bar']) + + self.connection.send.has_been_called_with( + '' + 'foo,bar' + '' + ) + + self.gmp.modify_user( + user_id='u1', hosts=['foo', 'bar'], hosts_allow=False + ) + + self.connection.send.has_been_called_with( + '' + 'foo,bar' + '' + ) + + self.gmp.modify_user( + user_id='u1', hosts=['foo', 'bar'], hosts_allow=True + ) + + self.connection.send.has_been_called_with( + '' + 'foo,bar' + '' + ) + + def test_modify_user_with_ifaces(self): + self.gmp.modify_user(user_id='u1', ifaces=[]) + + self.connection.send.has_been_called_with('') + + self.gmp.modify_user(user_id='u1', ifaces=['foo']) + + self.connection.send.has_been_called_with( + '' + 'foo' + '' + ) + + self.gmp.modify_user(user_id='u1', ifaces=['foo', 'bar']) + + self.connection.send.has_been_called_with( + '' + 'foo,bar' + '' + ) + + self.gmp.modify_user( + user_id='u1', ifaces=['foo', 'bar'], ifaces_allow=False + ) + + self.connection.send.has_been_called_with( + '' + 'foo,bar' + '' + ) + + self.gmp.modify_user( + user_id='u1', ifaces=['foo', 'bar'], ifaces_allow=True + ) + + self.connection.send.has_been_called_with( + '' + 'foo,bar' + '' + ) + + +if __name__ == '__main__': + unittest.main() From 7ff21769178515d7f6ac7ae49464cd79c260f547 Mon Sep 17 00:00:00 2001 From: ArnoStiefvater Date: Thu, 26 Nov 2020 11:16:13 +0100 Subject: [PATCH 08/13] Improve documentation --- gvm/protocols/gmpv214/gmpv214.py | 4 ++-- gvm/protocols/gmpv7/gmpv7.py | 4 +++- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/gvm/protocols/gmpv214/gmpv214.py b/gvm/protocols/gmpv214/gmpv214.py index 6cbe80fea..8bd213a3a 100644 --- a/gvm/protocols/gmpv214/gmpv214.py +++ b/gvm/protocols/gmpv214/gmpv214.py @@ -406,8 +406,8 @@ def modify_user( ) -> Any: """Modifies an existing user. Most of the fields need to be supplied - for changing a single field even if no change is wanted. - Else empty values are places instead. + for changing a single field even if no change is wanted for those. + Else empty values are inserted for the missing fields instead. Arguments: user_id: UUID of the user to be modified. diff --git a/gvm/protocols/gmpv7/gmpv7.py b/gvm/protocols/gmpv7/gmpv7.py index 2862c45e5..e2656f62d 100644 --- a/gvm/protocols/gmpv7/gmpv7.py +++ b/gvm/protocols/gmpv7/gmpv7.py @@ -6080,7 +6080,9 @@ def modify_user( ifaces_allow: Optional[bool] = False, group_ids: Optional[List[str]] = None, ) -> Any: - """Modifies an existing user. + """Modifies an existing user. Most of the fields need to be supplied + for changing a single field even if no change is wanted for those. + Else empty values are inserted for the missing fields instead. Arguments: user_id: UUID of the user to be modified. Overrides name element From 04270c2e155e4d255d51f2d206d624610584452d Mon Sep 17 00:00:00 2001 From: Jaspar L Date: Thu, 26 Nov 2020 12:02:58 +0100 Subject: [PATCH 09/13] remove the trailing comma for 3.5 --- gvm/protocols/gmpv7/gmpv7.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gvm/protocols/gmpv7/gmpv7.py b/gvm/protocols/gmpv7/gmpv7.py index e2656f62d..e010472fe 100644 --- a/gvm/protocols/gmpv7/gmpv7.py +++ b/gvm/protocols/gmpv7/gmpv7.py @@ -6078,7 +6078,7 @@ def modify_user( hosts_allow: Optional[bool] = False, ifaces: Optional[List[str]] = None, ifaces_allow: Optional[bool] = False, - group_ids: Optional[List[str]] = None, + group_ids: Optional[List[str]] = None ) -> Any: """Modifies an existing user. Most of the fields need to be supplied for changing a single field even if no change is wanted for those. From 8d271bb6726dc1d0a3810ec2c20de934b9054702 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaspar=20L=C3=B6chte?= Date: Thu, 26 Nov 2020 16:47:26 +0100 Subject: [PATCH 10/13] Adding the from string function for auth type --- gvm/protocols/gmpv7/types.py | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/gvm/protocols/gmpv7/types.py b/gvm/protocols/gmpv7/types.py index d0deead35..52e4ae94c 100644 --- a/gvm/protocols/gmpv7/types.py +++ b/gvm/protocols/gmpv7/types.py @@ -820,3 +820,19 @@ class UserAuthType(Enum): FILE = 'file' LDAP_CONNECT = 'ldap_connect' RADIUS_CONNECT = 'radius_connect' + + +def get_user_auth_type_from_string( + user_auth_type: Optional[str], +) -> Optional[SeverityLevel]: + """ Convert a user auth type string into a UserAuthType instance """ + if not user_auth_type: + return None + + try: + return SeverityLevel[user_auth_type.upper()] + except KeyError: + raise InvalidArgument( + argument='user_auth_type', + function=get_user_auth_type_from_string.__name__, + ) from None From 036ac39ecf3a151dd671386f22b224601663121c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaspar=20L=C3=B6chte?= Date: Thu, 26 Nov 2020 16:50:01 +0100 Subject: [PATCH 11/13] Adding UserAuthType to all versions --- gvm/protocols/gmpv208/types.py | 2 ++ gvm/protocols/gmpv214/types.py | 2 ++ gvm/protocols/gmpv7/types.py | 1 + gvm/protocols/gmpv8/types.py | 2 ++ gvm/protocols/gmpv9/types.py | 2 ++ gvm/protocols/latest.py | 4 ++++ 6 files changed, 13 insertions(+) diff --git a/gvm/protocols/gmpv208/types.py b/gvm/protocols/gmpv208/types.py index 30bb69d60..8c5cbaddd 100644 --- a/gvm/protocols/gmpv208/types.py +++ b/gvm/protocols/gmpv208/types.py @@ -60,6 +60,7 @@ get_snmp_privacy_algorithm_from_string, get_ticket_status_from_string, get_time_unit_from_string, + get_user_auth_type_from_string, ) @@ -107,6 +108,7 @@ "get_snmp_privacy_algorithm_from_string", "get_ticket_status_from_string", "get_time_unit_from_string", + "get_user_auth_type_from_string", ] diff --git a/gvm/protocols/gmpv214/types.py b/gvm/protocols/gmpv214/types.py index cc27094d3..21c3f08df 100644 --- a/gvm/protocols/gmpv214/types.py +++ b/gvm/protocols/gmpv214/types.py @@ -62,6 +62,7 @@ get_snmp_privacy_algorithm_from_string, get_ticket_status_from_string, get_time_unit_from_string, + get_user_auth_type_from_string, ) @@ -107,6 +108,7 @@ "get_snmp_privacy_algorithm_from_string", "get_ticket_status_from_string", "get_time_unit_from_string", + "get_user_auth_type_from_string", ] diff --git a/gvm/protocols/gmpv7/types.py b/gvm/protocols/gmpv7/types.py index 52e4ae94c..9f33ffb14 100644 --- a/gvm/protocols/gmpv7/types.py +++ b/gvm/protocols/gmpv7/types.py @@ -64,6 +64,7 @@ "get_snmp_auth_algorithm_from_string", "get_snmp_privacy_algorithm_from_string", "get_time_unit_from_string", + "get_user_auth_type_from_string", ] diff --git a/gvm/protocols/gmpv8/types.py b/gvm/protocols/gmpv8/types.py index 698863a1c..d26f837de 100644 --- a/gvm/protocols/gmpv8/types.py +++ b/gvm/protocols/gmpv8/types.py @@ -57,6 +57,7 @@ get_snmp_auth_algorithm_from_string, get_snmp_privacy_algorithm_from_string, get_time_unit_from_string, + get_user_auth_type_from_string, ) @@ -104,6 +105,7 @@ "get_snmp_privacy_algorithm_from_string", "get_ticket_status_from_string", "get_time_unit_from_string", + "get_user_auth_type_from_string", ] diff --git a/gvm/protocols/gmpv9/types.py b/gvm/protocols/gmpv9/types.py index b9ff9d679..35f980d9d 100644 --- a/gvm/protocols/gmpv9/types.py +++ b/gvm/protocols/gmpv9/types.py @@ -53,6 +53,7 @@ get_snmp_privacy_algorithm_from_string, get_ticket_status_from_string, get_time_unit_from_string, + get_user_auth_type_from_string, ) @@ -100,6 +101,7 @@ "get_snmp_privacy_algorithm_from_string", "get_ticket_status_from_string", "get_time_unit_from_string", + "get_user_auth_type_from_string", ] diff --git a/gvm/protocols/latest.py b/gvm/protocols/latest.py index 56ae00e78..ef0987075 100644 --- a/gvm/protocols/latest.py +++ b/gvm/protocols/latest.py @@ -56,6 +56,7 @@ SnmpPrivacyAlgorithm, TicketStatus, TimeUnit, + UserAuthType, get_alert_condition_from_string, get_alert_event_from_string, get_alert_method_from_string, @@ -76,6 +77,7 @@ get_snmp_privacy_algorithm_from_string, get_ticket_status_from_string, get_time_unit_from_string, + get_user_auth_type_from_string, ) from .ospv1 import Osp @@ -102,6 +104,7 @@ "SnmpPrivacyAlgorithm", "TicketStatus", "TimeUnit", + "UserAuthType", "get_alert_condition_from_string", "get_alert_event_from_string", "get_alert_method_from_string", @@ -122,4 +125,5 @@ "get_snmp_privacy_algorithm_from_string", "get_ticket_status_from_string", "get_time_unit_from_string", + "get_user_auth_type_from_string", ] From 5b1f8c6b356366a0d88d91e751c0355676785cdf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaspar=20L=C3=B6chte?= Date: Thu, 26 Nov 2020 17:01:40 +0100 Subject: [PATCH 12/13] Test for Type --- gvm/protocols/gmpv7/types.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gvm/protocols/gmpv7/types.py b/gvm/protocols/gmpv7/types.py index 9f33ffb14..7111723a7 100644 --- a/gvm/protocols/gmpv7/types.py +++ b/gvm/protocols/gmpv7/types.py @@ -825,13 +825,13 @@ class UserAuthType(Enum): def get_user_auth_type_from_string( user_auth_type: Optional[str], -) -> Optional[SeverityLevel]: +) -> Optional[UserAuthType]: """ Convert a user auth type string into a UserAuthType instance """ if not user_auth_type: return None try: - return SeverityLevel[user_auth_type.upper()] + return UserAuthType[user_auth_type.upper()] except KeyError: raise InvalidArgument( argument='user_auth_type', From 7407d814b5630190cd1a39120f3fd4b838007303 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaspar=20L=C3=B6chte?= Date: Thu, 26 Nov 2020 17:02:07 +0100 Subject: [PATCH 13/13] Test for Type --- .../gmpv7/testtypes/test_user_auth_type.py | 50 +++++++++++++++++++ 1 file changed, 50 insertions(+) create mode 100644 tests/protocols/gmpv7/testtypes/test_user_auth_type.py diff --git a/tests/protocols/gmpv7/testtypes/test_user_auth_type.py b/tests/protocols/gmpv7/testtypes/test_user_auth_type.py new file mode 100644 index 000000000..a5f05f90f --- /dev/null +++ b/tests/protocols/gmpv7/testtypes/test_user_auth_type.py @@ -0,0 +1,50 @@ +# -*- coding: utf-8 -*- +# Copyright (C) 2019 Greenbone Networks GmbH +# +# SPDX-License-Identifier: GPL-3.0-or-later +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . + +import unittest + +from gvm.errors import InvalidArgument +from gvm.protocols.gmpv7 import UserAuthType, get_user_auth_type_from_string + + +class GetUserAuthTypeFromStringTestCase(unittest.TestCase): + def test_invalid(self): + with self.assertRaises(InvalidArgument): + get_user_auth_type_from_string('foo') + + def test_none_or_empty(self): + ct = get_user_auth_type_from_string(None) + self.assertIsNone(ct) + ct = get_user_auth_type_from_string('') + self.assertIsNone(ct) + + def test_file(self): + ct = get_user_auth_type_from_string('file') + self.assertEqual(ct, UserAuthType.FILE) + + def test_radius_connect(self): + ct = get_user_auth_type_from_string('radius_connect') + self.assertEqual(ct, UserAuthType.RADIUS_CONNECT) + + def test_ldap_connect(self): + ct = get_user_auth_type_from_string('ldap_connect') + self.assertEqual(ct, UserAuthType.LDAP_CONNECT) + + +if __name__ == '__main__': + unittest.main()