Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Allow to add ssh elevate credential to target dialog and display elevate credential in details #2954

Merged
merged 11 commits into from
Jun 4, 2021
Merged

Allow to add ssh elevate credential to target dialog and display elevate credential in details #2954

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
11 commits
Select commit Hold shift + click to select a range
56a6071
Aesthetic changes to target dialog for new elevate credential
saberlynx Jun 1, 2021
e4016bc
Update create and save target commands
saberlynx Jun 2, 2021
e4d49bd
Add validator for ssh_elevate_credential_id
saberlynx Jun 3, 2021
39af884
gsad changes for create_target_gmp
saberlynx Jun 3, 2021
c10a507
gsad changes for save_target_gmp
saberlynx Jun 3, 2021
2b413b4
Enable parsing ssh_elevate_credential_id and nullify ssh_elevate_cred…
saberlynx Jun 4, 2021
7e09a4d
Show elevate credential in details
saberlynx Jun 4, 2021
a2553f7
Small fixes
saberlynx Jun 4, 2021
aee9400
Update CHANGELOG.md
saberlynx Jun 4, 2021
adaafe2
Get rid of red theme
saberlynx Jun 4, 2021
be2f581
Add German translations and change detailspage header for SSH elevate…
saberlynx Jun 4, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
## [21.04] - 2021-04-16

### Added
- Allow to add ssh elevate credential to target dialog and display elevate credential in details [#2954](https://github.com/greenbone/gsa/pull/2954)
- Allow to set unix socket permissions for gsad [#2816](https://github.com/greenbone/gsa/pull/2816)
- Added CVSS date to NVT details [#2802](https://github.com/greenbone/gsa/pull/2802)
- Added option to allow to scan simultaneous IPs to targets
Expand Down
3 changes: 3 additions & 0 deletions gsa/public/locales/gsa-de.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -385,6 +385,7 @@
"Create new SMB credential": "Neue SMB-Anmeldedaten erstellen",
"Create new SNMP credential": "Neue SNMP-Anmeldedaten erstellen",
"Create new SSH credential": "Neue SSH-Anmeldedaten erstellen",
"Create new SSH elevate credential": "Neue SSH-Anmeldedaten für zusätzliche Berechtigungen erstellen",
"Create new Ticket": "Neues Ticket erstellen",
"Create new Ticket for Result": "Neues Ticket für Ergebnis erstellen",
"Create new Ticket for Result {{- name}}": "Neues Ticket für Ergebnis ({{- name}}) erstellen",
Expand Down Expand Up @@ -561,6 +562,7 @@
"Edit process": "Prozess bearbeiten",
"Edit {{entity}}": "{{entity}} bearbeiten",
"Effect": "Auswirkung",
"Elevate privileges": "Berechtigungen erweitern",
"Email": "E-Mail",
"Email Encryption": "E-Mail-Verschlüsselung",
"Email report to": "E-Mail-Bericht an",
Expand Down Expand Up @@ -1390,6 +1392,7 @@
"SSH Credential": "SSH-Anmeldedaten",
"SSH authentication was successful": "SSH-Authentifizierung war erfolgreich",
"SSH authentication was unsuccessful": "SSH-Authentifizierung ist fehlgeschlagen",
"SSH elevate credential ": "SSH-Anmeldedaten für zusätzliche Berechtigungen ",
"SSL / TLS Certificate": "SSL-/TLS-Zertifikat",
"Sa.": "Sa.",
"Same": "Gleich",
Expand Down
12 changes: 12 additions & 0 deletions gsa/src/gmp/commands/targets.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,8 @@ import registerCommand from 'gmp/command';

import Target from 'gmp/models/target';

import {UNSET_VALUE} from 'web/utils/render';

import EntitiesCommand from './entities';
import EntityCommand from './entity';

Expand All @@ -47,6 +49,7 @@ class TargetCommand extends EntityCommand {
alive_tests,
allowSimultaneousIPs,
ssh_credential_id = 0,
ssh_elevate_credential_id = 0,
port,
smb_credential_id = 0,
esxi_credential_id = 0,
Expand All @@ -71,6 +74,10 @@ class TargetCommand extends EntityCommand {
alive_tests,
port,
ssh_credential_id,
ssh_elevate_credential_id:
ssh_credential_id === UNSET_VALUE
? UNSET_VALUE
: ssh_elevate_credential_id,
smb_credential_id,
esxi_credential_id,
snmp_credential_id,
Expand All @@ -95,6 +102,7 @@ class TargetCommand extends EntityCommand {
alive_tests,
allowSimultaneousIPs,
ssh_credential_id = 0,
ssh_elevate_credential_id = 0,
port,
smb_credential_id = 0,
esxi_credential_id = 0,
Expand Down Expand Up @@ -124,6 +132,10 @@ class TargetCommand extends EntityCommand {
smb_credential_id,
snmp_credential_id,
ssh_credential_id,
ssh_elevate_credential_id:
ssh_credential_id === UNSET_VALUE
? UNSET_VALUE
: ssh_elevate_credential_id,
target_source,
target_exclude_source,
});
Expand Down
2 changes: 2 additions & 0 deletions gsa/src/gmp/models/credential.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,8 @@ export const SSH_CREDENTIAL_TYPES = [
USERNAME_SSH_KEY_CREDENTIAL_TYPE,
];

export const SSH_ELEVATE_CREDENTIAL_TYPES = [USERNAME_PASSWORD_CREDENTIAL_TYPE];

export const SMB_CREDENTIAL_TYPES = [USERNAME_PASSWORD_CREDENTIAL_TYPE];

export const ESXI_CREDENTIAL_TYPES = [USERNAME_PASSWORD_CREDENTIAL_TYPE];
Expand Down
1 change: 1 addition & 0 deletions gsa/src/gmp/models/target.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,7 @@ export const TARGET_CREDENTIAL_NAMES = [
'snmp_credential',
'ssh_credential',
'esxi_credential',
'ssh_elevate_credential',
];

class Target extends Model {
Expand Down
14 changes: 14 additions & 0 deletions gsa/src/web/pages/targets/component.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -69,6 +69,9 @@ class TargetComponent extends React.Component {
this,
);
this.handleSshCredentialChange = this.handleSshCredentialChange.bind(this);
this.handleSshElevateCredentialChange = this.handleSshElevateCredentialChange.bind(
this,
);
this.handleSmbCredentialChange = this.handleSmbCredentialChange.bind(this);
this.handleSnmpCredentialChange = this.handleSnmpCredentialChange.bind(
this,
Expand Down Expand Up @@ -128,6 +131,7 @@ class TargetComponent extends React.Component {
smb_credential_id: id_or__(entity.smb_credential),
snmp_credential_id: id_or__(entity.snmp_credential),
ssh_credential_id: id_or__(entity.ssh_credential),
ssh_elevate_credential_id: id_or__(entity.ssh_elevate_credential),
});
});
} else {
Expand All @@ -154,6 +158,7 @@ class TargetComponent extends React.Component {
smb_credential_id: undefined,
snmp_credential_id: undefined,
ssh_credential_id: undefined,
ssh_elevate_credential_id: undefined,
target_source: undefined,
target_exclude_source: undefined,
target_title: _('New Target'),
Expand Down Expand Up @@ -269,6 +274,10 @@ class TargetComponent extends React.Component {
this.setState({ssh_credential_id});
}

handleSshElevateCredentialChange(ssh_elevate_credential_id) {
this.setState({ssh_elevate_credential_id});
}

handleSnmpCredentialChange(snmp_credential_id) {
this.setState({snmp_credential_id});
}
Expand Down Expand Up @@ -327,6 +336,7 @@ class TargetComponent extends React.Component {
smb_credential_id,
snmp_credential_id,
ssh_credential_id,
ssh_elevate_credential_id,
target_source,
target_exclude_source,
target_title,
Expand Down Expand Up @@ -377,6 +387,7 @@ class TargetComponent extends React.Component {
smb_credential_id={smb_credential_id}
snmp_credential_id={snmp_credential_id}
ssh_credential_id={ssh_credential_id}
ssh_elevate_credential_id={ssh_elevate_credential_id}
target_source={target_source}
target_exclude_source={target_exclude_source}
title={target_title}
Expand All @@ -388,6 +399,9 @@ class TargetComponent extends React.Component {
onSshCredentialChange={this.handleSshCredentialChange}
onEsxiCredentialChange={this.handleEsxiCredentialChange}
onSmbCredentialChange={this.handleSmbCredentialChange}
onSshElevateCredentialChange={
this.handleSshElevateCredentialChange
}
onSave={d => {
this.handleInteraction();
return save(d).then(() => this.closeTargetDialog());
Expand Down
19 changes: 19 additions & 0 deletions gsa/src/web/pages/targets/details.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -54,6 +54,7 @@ const TargetDetails = ({capabilities, entity, links = true}) => {
smb_credential,
snmp_credential,
ssh_credential,
ssh_elevate_credential,
tasks,
allowSimultaneousIPs,
} = entity;
Expand Down Expand Up @@ -160,6 +161,24 @@ const TargetDetails = ({capabilities, entity, links = true}) => {
</TableRow>
)}

{isDefined(ssh_credential) &&
isDefined(ssh_elevate_credential) && ( // Skip one column, because there is no way to fit a variation of the word "elevate" without leaving lots of white space on other rows
<TableRow>
<TableData>{''}</TableData>
<TableData>
<span>
{_('SSH elevate credential ')}
<DetailsLink
id={ssh_elevate_credential.id}
type="credential"
>
{ssh_elevate_credential.name}
</DetailsLink>
</span>
</TableData>
</TableRow>
)}

{isDefined(smb_credential) && (
<TableRow>
<TableData>{_('SMB')}</TableData>
Expand Down
91 changes: 64 additions & 27 deletions gsa/src/web/pages/targets/dialog.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -47,6 +47,7 @@ import {
SNMP_CREDENTIAL_TYPES,
SSH_CREDENTIAL_TYPES,
USERNAME_PASSWORD_CREDENTIAL_TYPE,
SSH_ELEVATE_CREDENTIAL_TYPES,
} from 'gmp/models/credential';

const DEFAULT_PORT = 22;
Expand Down Expand Up @@ -89,6 +90,12 @@ const NEW_SSH = {
title: _l('Create new SSH credential'),
};

const NEW_SSH_ELEVATE = {
id_field: 'ssh_elevate_credential_id',
types: SSH_ELEVATE_CREDENTIAL_TYPES,
title: _l('Create new SSH elevate credential'),
};

const NEW_SMB = {
id_field: 'smb_credential_id',
title: _l('Create new SMB credential'),
Expand Down Expand Up @@ -127,6 +134,7 @@ const TargetDialog = ({
smb_credential_id = UNSET_VALUE,
snmp_credential_id = UNSET_VALUE,
ssh_credential_id = UNSET_VALUE,
ssh_elevate_credential_id = UNSET_VALUE,
target_source = 'manual',
target_exclude_source = 'manual',
title = _('New Target'),
Expand All @@ -139,6 +147,7 @@ const TargetDialog = ({
onSmbCredentialChange,
onEsxiCredentialChange,
onSnmpCredentialChange,
onSshElevateCredentialChange,
...initial
}) => {
const ssh_credentials = credentials.filter(ssh_credential_filter);
Expand Down Expand Up @@ -170,6 +179,7 @@ const TargetDialog = ({
smb_credential_id,
snmp_credential_id,
ssh_credential_id,
ssh_elevate_credential_id,
};

return (
Expand Down Expand Up @@ -342,34 +352,59 @@ const TargetDialog = ({
)}

{capabilities.mayOp('get_credentials') && (
<FormGroup title={_('SSH')}>
<Divider>
<Select
name="ssh_credential_id"
disabled={in_use}
items={renderSelectItems(ssh_credentials, UNSET_VALUE)}
value={state.ssh_credential_id}
onChange={onSshCredentialChange}
/>
<Layout>{_('on port')}</Layout>
<TextField
size="6"
name="port"
disabled={in_use}
value={state.port}
onChange={onValueChange}
/>
{!in_use && (
<Layout>
<NewIcon
title={_('Create a new credential')}
value={NEW_SSH}
onClick={onNewCredentialsClick}
<React.Fragment>
<FormGroup title={_('SSH')}>
<Divider>
<Select
name="ssh_credential_id"
disabled={in_use}
items={renderSelectItems(ssh_credentials, UNSET_VALUE)}
value={state.ssh_credential_id}
onChange={onSshCredentialChange}
/>
<Layout>{_('on port')}</Layout>
<TextField
size="6"
name="port"
disabled={in_use}
value={state.port}
onChange={onValueChange}
/>
{!in_use && (
<Layout>
<NewIcon
title={_('Create a new credential')}
value={NEW_SSH}
onClick={onNewCredentialsClick}
/>
</Layout>
)}
</Divider>
</FormGroup>
{state.ssh_credential_id !== UNSET_VALUE && (
<FormGroup title={' '}>
<Divider>
<Layout>{_('Elevate privileges')}</Layout>
<Select
name="ssh_elevate_credential_id"
disabled={in_use}
items={renderSelectItems(up_credentials, UNSET_VALUE)}
value={state.ssh_elevate_credential_id}
onChange={onSshElevateCredentialChange}
/>
</Layout>
)}
</Divider>
</FormGroup>
{!in_use && (
<Layout>
<NewIcon
title={_('Create a new credential')}
value={NEW_SSH_ELEVATE}
onClick={onNewCredentialsClick}
/>
</Layout>
)}
</Divider>
</FormGroup>
)}
</React.Fragment>
)}

{capabilities.mayOp('get_credentials') && (
Expand Down Expand Up @@ -485,6 +520,7 @@ TargetDialog.propTypes = {
smb_credential_id: PropTypes.idOrZero,
snmp_credential_id: PropTypes.idOrZero,
ssh_credential_id: PropTypes.idOrZero,
ssh_elevate_credential_id: PropTypes.idOrZero,
target_exclude_source: PropTypes.oneOf(['manual', 'file']),
target_source: PropTypes.oneOf(['manual', 'file', 'asset_hosts']),
title: PropTypes.string,
Expand All @@ -497,6 +533,7 @@ TargetDialog.propTypes = {
onSmbCredentialChange: PropTypes.func.isRequired,
onSnmpCredentialChange: PropTypes.func.isRequired,
onSshCredentialChange: PropTypes.func.isRequired,
onSshElevateCredentialChange: PropTypes.func.isRequired,
};

export default withCapabilities(TargetDialog);
Expand Down
2 changes: 2 additions & 0 deletions gsad/src/gsad.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -886,6 +886,8 @@ init_validator ()
gvm_validator_alias (validator, "smb_credential_id", "credential_id");
gvm_validator_alias (validator, "snmp_credential_id", "credential_id");
gvm_validator_alias (validator, "ssh_credential_id", "credential_id");
gvm_validator_alias (validator, "ssh_elevate_credential_id",
"credential_id");
gvm_validator_alias (validator, "subgroup_column", "group_column");
gvm_validator_alias (validator, "subject_id", "id");
gvm_validator_alias (validator, "subject_id_optional", "id_optional");
Expand Down
Loading