Scripting Example: Custom role and bulk report access

Document created by S Tempest Employee on Apr 4, 2014Last modified by S Tempest Employee on Apr 4, 2014
Version 2Show Document
  • View in full screen mode

BY SUSIE

This is a sample script that:

 

  1. Logs in to Nexpose.
  2. Creates a user.
  3. Creates a custom role.
  4. Assigns the custom role to the user.
  5. Adds the user to the report access list for all reports for a given site.
  6. Logs out of Nexpose.

 

For an example scenario, check out:  Scripting Scenario: Custom role and bulk report access


#!/usr/bin/env ruby

require 'nexpose'

@host = 'localhost'
@userid = 'bob'
@password = 'IamSuperCool'

@new_user_name = 'steve'
@new_user_fullname = 'Steve'
@new_user_password = 'BobsBro'
@site_id_access = nil
@site_name = 'Honolulu Headquarters'

@role_name = 'report-viewer'
@role_full_name = 'Report Viewer'

nsc = Nexpose::Connection.new(@host, @userid, @password)
puts 'Logging into Nexpose'
nsc.login
puts 'Logged into Nexpose'

puts "Creating a new Nexpose user for #{@new_user_fullname}"
user = Nexpose::User.new(@new_user_name, @new_user_fullname, @new_user_password)
user.save(nsc)
puts 'Successfully created new user'

puts "Creating a new custom role: #{@role_full_name}"
role = Nexpose::Role.new(@role_name, @role_full_name, -1)
role.privileges << Nexpose::Privilege::Global::TICKET_ASSIGNEE
role.privileges << Nexpose::Privilege::Site::VIEW_ASSET_DATA
role.save(nsc)
puts 'Successfully created new custom role'

puts "Changing role for #{@new_user_fullname} to #{@role_full_name}"
user.role_name = @role_name
user.save(nsc)
puts 'Successfully changed role'

puts "Searching for #{@site_name}'s id"
site_listing = nsc.list_sites
site_listing.each do |site|
  if site.name == @site_name
    puts "Found #{@site_name}'s id: #{site.id}"
    @site_id_access = site.id
  end
end

puts 'Retrieving listing of reports'
report_listing = nsc.list_reports

report_listing.each do |report_summary|
  report_config = Nexpose::ReportConfig.load(nsc, report_summary.config_id)
  report_config.filters.each do |p|
    if p.type == 'site'
      if p.id == @site_id_access
        puts "Adding #{@new_user_fullname} to the access list for #{report_config.name}"
        report_config.users << user.id
        report_config.save(nsc)
        puts 'Successfully updated report user access list'
      end
    end
  end
end

puts 'Logging out'
nsc.logout
exit


 

 

Thanks to Gavin Schneider and ospannero

Attachments

    Outcomes