ryan/sagacity
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Misc updates

Browse Source
This commit is contained in:
Ryan Prather 2018-11-16 21:42:57 -05:00
parent 699604534c
commit f022791e44
No known key found for this signature in database
GPG Key ID: 66FDE2B4E8AB87A7
4 changed files with 648 additions and 536 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

178
classes/finding.inc
View File

@ -31,7 +31,8 @@
* @author Ryan Prather * @author Ryan Prather
* *
*/ */
class finding { class finding
{
/** /**
* Target ID * Target ID
@ -82,6 +83,20 @@ class finding {
*/ */
protected $notes = null; protected $notes = null;
/**
* Analyst Notes
*
* @var string
*/
protected $analyst_notes = null;
/**
* Scanner Notes
*
* @var string
*/
protected $scanner_notes = null;
/** /**
* Change ID * Change ID
* *
@ -158,14 +173,14 @@ class finding {
* @param string $str_Orig_Src * @param string $str_Orig_Src
* @param integer $int_Finding_Itr * @param integer $int_Finding_Itr
*/ */
public function __construct($int_Tgt_ID, $int_PDI_ID, $int_Scan_ID, $Finding_Status, $str_Notes, $int_Change_ID, $str_Orig_Src, $int_Finding_Itr) { public function __construct($int_Tgt_ID, $int_PDI_ID, $int_Scan_ID, $Finding_Status, $str_Notes, $int_Change_ID, $str_Orig_Src, $int_Finding_Itr)
{
$this->tgt_id = $int_Tgt_ID; $this->tgt_id = $int_Tgt_ID;
$this->pdi_id = $int_PDI_ID; $this->pdi_id = $int_PDI_ID;
$this->scan_id = $int_Scan_ID; $this->scan_id = $int_Scan_ID;
if (is_numeric($Finding_Status)) { if (is_numeric($Finding_Status)) {
$this->finding_status_id = $Finding_Status; $this->finding_status_id = $Finding_Status;
} } else {
else {
$this->finding_status_id = $this->get_Finding_Status_ID($Finding_Status); $this->finding_status_id = $this->get_Finding_Status_ID($Finding_Status);
} }
$this->notes = $str_Notes; $this->notes = $str_Notes;
@ -179,7 +194,8 @@ class finding {
* *
* @return integer * @return integer
*/ */
public function get_Tgt_ID() { public function get_Tgt_ID()
{
return $this->tgt_id; return $this->tgt_id;
} }
@ -188,7 +204,8 @@ class finding {
* *
* @param integer $int_Tgt_ID * @param integer $int_Tgt_ID
*/ */
public function set_Tgt_ID($int_Tgt_ID) { public function set_Tgt_ID($int_Tgt_ID)
{
$this->tgt_id = $int_Tgt_ID; $this->tgt_id = $int_Tgt_ID;
} }
@ -197,7 +214,8 @@ class finding {
* *
* @return integer * @return integer
*/ */
public function get_PDI_ID() { public function get_PDI_ID()
{
return $this->pdi_id; return $this->pdi_id;
} }
@ -206,7 +224,8 @@ class finding {
* *
* @param integer $int_PDI_ID * @param integer $int_PDI_ID
*/ */
public function set_PDI_ID($int_PDI_ID) { public function set_PDI_ID($int_PDI_ID)
{
$this->pdi_id = $int_PDI_ID; $this->pdi_id = $int_PDI_ID;
} }
@ -215,7 +234,8 @@ class finding {
* *
* @return integer * @return integer
*/ */
public function get_Scan_ID() { public function get_Scan_ID()
{
return $this->scan_id; return $this->scan_id;
} }
@ -224,7 +244,8 @@ class finding {
* *
* @param integer $int_Scan_ID * @param integer $int_Scan_ID
*/ */
public function set_Scan_ID($int_Scan_ID) { public function set_Scan_ID($int_Scan_ID)
{
$this->scan_id = $int_Scan_ID; $this->scan_id = $int_Scan_ID;
} }
@ -233,7 +254,8 @@ class finding {
* *
* @return integer * @return integer
*/ */
public function get_Finding_Status() { public function get_Finding_Status()
{
return $this->finding_status_id; return $this->finding_status_id;
} }
@ -243,12 +265,12 @@ class finding {
* @param string $status * @param string $status
* @return integer * @return integer
*/ */
public function get_Finding_Status_ID($status) { public function get_Finding_Status_ID($status)
{
$arr_flip = array_flip($this->STATUS); $arr_flip = array_flip($this->STATUS);
if (isset($arr_flip[$status])) { if (isset($arr_flip[$status])) {
return $arr_flip[$status]; return $arr_flip[$status];
} } else {
else {
return $arr_flip['Not Reviewed']; return $arr_flip['Not Reviewed'];
} }
} }
@ -259,11 +281,11 @@ class finding {
* @param integer $int_Status_ID * @param integer $int_Status_ID
* @return string * @return string
*/ */
public function get_Finding_Status_String($int_Status_ID = null) { public function get_Finding_Status_String($int_Status_ID = null)
{
if ($int_Status_ID) { if ($int_Status_ID) {
return $this->STATUS[$int_Status_ID]; return $this->STATUS[$int_Status_ID];
} } else {
else {
return $this->STATUS[$this->finding_status_id]; return $this->STATUS[$this->finding_status_id];
} }
} }
@ -273,7 +295,8 @@ class finding {
* *
* @param integer $int_Finding_Status_ID * @param integer $int_Finding_Status_ID
*/ */
public function set_Finding_Status($int_Finding_Status_ID) { public function set_Finding_Status($int_Finding_Status_ID)
{
$this->finding_status_id = $int_Finding_Status_ID; $this->finding_status_id = $int_Finding_Status_ID;
} }
@ -282,7 +305,8 @@ class finding {
* *
* @param string $str_New_Status * @param string $str_New_Status
*/ */
public function set_Finding_Status_By_String($str_New_Status) { public function set_Finding_Status_By_String($str_New_Status)
{
$this->finding_status_id = $this->get_Finding_Status_ID($str_New_Status); $this->finding_status_id = $this->get_Finding_Status_ID($str_New_Status);
} }
@ -291,7 +315,8 @@ class finding {
* *
* @return string * @return string
*/ */
public function get_Notes() { public function get_Notes()
{
return $this->notes; return $this->notes;
} }
@ -300,7 +325,8 @@ class finding {
* *
* @param string $str_Notes * @param string $str_Notes
*/ */
public function set_Notes($str_Notes) { public function set_Notes($str_Notes)
{
$this->notes = $str_Notes; $this->notes = $str_Notes;
} }
@ -309,7 +335,8 @@ class finding {
* *
* @param string $str_Notes * @param string $str_Notes
*/ */
public function prepend_Notes($str_Notes) { public function prepend_Notes($str_Notes)
{
$this->notes = $str_Notes . PHP_EOL . $this->notes; $this->notes = $str_Notes . PHP_EOL . $this->notes;
} }
@ -319,20 +346,61 @@ class finding {
* @param string $str_Notes * @param string $str_Notes
* @param boolean $merge * @param boolean $merge
*/ */
public function append_Notes($str_Notes, $merge = false) { public function append_Notes($str_Notes, $merge = false)
{
$this->notes .= PHP_EOL . ($merge ? "(Merged Target)" . PHP_EOL : "") . $str_Notes; $this->notes .= PHP_EOL . ($merge ? "(Merged Target)" . PHP_EOL : "") . $str_Notes;
} }
/**
* Getter function for the analyst notes
*
* @return string
*/
public function get_Analyst_Notes()
{
return $this->analyst_notes;
}
/**
* Setter function for the analyst notes
*
* @param string $str_Notes
*/
public function set_Analyst_Notes($str_Notes)
{
$this->analyst_notes = $str_Notes;
}
/**
* Getter function for the scanner notes
*
* @return string
*/
public function get_Scanner_Notes()
{
return $this->scanner_notes;
}
/**
* Setter function for the scanner notes
*
* @param string $str_Notes
*/
public function set_Scanner_Notes($str_Notes)
{
$this->scanner_notes = $str_Notes;
}
/** /**
* Getter function for change ID * Getter function for change ID
* *
* @return integer * @return integer
*/ */
public function get_Change_ID() { public function get_Change_ID()
{
if ($this->change_id) { if ($this->change_id) {
return $this->change_id; return $this->change_id;
} } else {
else {
return $this::NC; return $this::NC;
} }
} }
@ -342,7 +410,8 @@ class finding {
* *
* @param integer $int_Change_ID * @param integer $int_Change_ID
*/ */
public function set_Change_ID($int_Change_ID) { public function set_Change_ID($int_Change_ID)
{
$this->change_id = $int_Change_ID; $this->change_id = $int_Change_ID;
} }
@ -351,7 +420,8 @@ class finding {
* *
* @return string * @return string
*/ */
public function get_Original_Source() { public function get_Original_Source()
{
return $this->orig_src; return $this->orig_src;
} }
@ -360,7 +430,8 @@ class finding {
* *
* @param string $str_Original_Source * @param string $str_Original_Source
*/ */
public function set_Original_Source($str_Original_Source) { public function set_Original_Source($str_Original_Source)
{
$this->orig_src = $str_Original_Source; $this->orig_src = $str_Original_Source;
} }
@ -369,7 +440,8 @@ class finding {
* *
* @return integer * @return integer
*/ */
public function get_Finding_Iteration() { public function get_Finding_Iteration()
{
return $this->finding_itr; return $this->finding_itr;
} }
@ -378,14 +450,16 @@ class finding {
* *
* @param integer $int_Finding_Iteration * @param integer $int_Finding_Iteration
*/ */
public function set_Finding_Iteration($int_Finding_Iteration) { public function set_Finding_Iteration($int_Finding_Iteration)
{
$this->finding_itr = $int_Finding_Iteration; $this->finding_itr = $int_Finding_Iteration;
} }
/** /**
* Increment the finding count by 1 * Increment the finding count by 1
*/ */
public function inc_Finding_Count() { public function inc_Finding_Count()
{
$this->finding_itr ++; $this->finding_itr ++;
} }
@ -395,7 +469,8 @@ class finding {
* @param string $str_New_Status * @param string $str_New_Status
* @return string * @return string
*/ */
public function get_Deconflicted_Status($str_New_Status) { public function get_Deconflicted_Status($str_New_Status)
{
// must get original status first! // must get original status first!
return deconflict_status::$DECONFLICTED_STATUS[$this->get_Finding_Status_String()][$str_New_Status]; return deconflict_status::$DECONFLICTED_STATUS[$this->get_Finding_Status_String()][$str_New_Status];
} }
@ -405,7 +480,8 @@ class finding {
* *
* @return int * @return int
*/ */
public function get_Category() { public function get_Category()
{
if (empty($this->cat)) { if (empty($this->cat)) {
return 2; return 2;
} }
@ -417,11 +493,11 @@ class finding {
* *
* @param mixed $cat_in * @param mixed $cat_in
*/ */
public function set_Category($cat_in) { public function set_Category($cat_in)
{
if (is_numeric($cat_in)) { if (is_numeric($cat_in)) {
$this->cat = $cat_in; $this->cat = $cat_in;
} } elseif (is_string($cat_in)) {
elseif (is_string($cat_in)) {
$this->cat = substr_count($cat_in, "I"); $this->cat = substr_count($cat_in, "I");
} }
} }
@ -431,7 +507,8 @@ class finding {
* *
* @return array:string * @return array:string
*/ */
public function get_IA_Controls() { public function get_IA_Controls()
{
return $this->ia_controls; return $this->ia_controls;
} }
@ -440,7 +517,8 @@ class finding {
* *
* @return string * @return string
*/ */
public function get_IA_Controls_String() { public function get_IA_Controls_String()
{
return implode(" ", $this->ia_controls); return implode(" ", $this->ia_controls);
} }
@ -449,11 +527,11 @@ class finding {
* *
* @param mixed $ia_controls_in * @param mixed $ia_controls_in
*/ */
public function set_IA_Controls($ia_controls_in) { public function set_IA_Controls($ia_controls_in)
{
if (is_array($ia_controls_in)) { if (is_array($ia_controls_in)) {
$this->ia_controls = $ia_controls_in; $this->ia_controls = $ia_controls_in;
} } elseif (is_string($ia_controls_in)) {
elseif (is_string($ia_controls_in)) {
$this->ia_controls = explode(" ", $ia_controls_in); $this->ia_controls = explode(" ", $ia_controls_in);
} }
} }
@ -463,7 +541,8 @@ class finding {
* *
* @param string $ia_control_in * @param string $ia_control_in
*/ */
public function add_IA_Control($ia_control_in) { public function add_IA_Control($ia_control_in)
{
$add = true; $add = true;
foreach ($this->ia_controls as $ia) { foreach ($this->ia_controls as $ia) {
if ($ia == $ia_control_in) { if ($ia == $ia_control_in) {
@ -476,7 +555,6 @@ class finding {
$this->ia_controls[] = $ia_control_in; $this->ia_controls[] = $ia_control_in;
} }
} }
} }
/** /**
@ -484,7 +562,8 @@ class finding {
* *
* @author Ryan Prather * @author Ryan Prather
*/ */
class finding_status { class finding_status
{
/** /**
* The database ID of the finding status * The database ID of the finding status
@ -499,7 +578,6 @@ class finding_status {
* @var string * @var string
*/ */
public $status = ''; public $status = '';
} }
/** /**
@ -507,14 +585,13 @@ class finding_status {
* *
* @author Ryan Prather * @author Ryan Prather
*/ */
class deconflict_status { class deconflict_status
{
/** /**
* Stores the matrix of current -> new statuses * Stores the matrix of current -> new statuses
* *
* @var array:string * @var array:string / Finding Definitions
*
* / Finding Definitions
* Open: The finding is valid for this host - the host does not meet the requirements * Open: The finding is valid for this host - the host does not meet the requirements
* Not a Finding: The finding is not valid for this host - the host meets the requirements * Not a Finding: The finding is not valid for this host - the host meets the requirements
* Not Applicable: The requirement does not apply to this host - prerequisites do not exist. * Not Applicable: The requirement does not apply to this host - prerequisites do not exist.
@ -601,5 +678,4 @@ class deconflict_status {
'No Data' => 'No Data' 'No Data' => 'No Data'
] ]
]; ];
} }

19
db_schema.json
View File

@ -6035,6 +6035,16 @@
"nn": true, "nn": true,
"default": "" "default": ""
}, },
{
"name": "scan_id",
"dataType": "int(11)",
"type": 3,
"length": 11,
"values": [],
"ai": false,
"nn": true,
"default": ""
},
{ {
"name": "note", "name": "note",
"dataType": "mediumtext", "dataType": "mediumtext",
@ -6064,6 +6074,15 @@
"field": "pdi_id", "field": "pdi_id",
"update": null, "update": null,
"delete": null "delete": null
},
{
"id": "scan_find_scan_notes_id",
"local": "scan_id",
"schema": "sagacity",
"table": "scans",
"field": "id",
"update": null,
"delete": null
} }
] ]
}, },

5
ste/bulk_edit.php
View File

@ -422,8 +422,9 @@ include_once 'header.inc';
<select name='checklists[]' class='checklists' id="checklists" multiple='multiple'> <select name='checklists[]' class='checklists' id="checklists" multiple='multiple'>
<?php <?php
$all_chks = $db->get_Checklist(); $all_chks = $db->get_Checklist();
foreach ($all_chks as $key => $chk):print $chk->print_Option(); /** @var checklist $chk */
endforeach; foreach ($all_chks as $chk)
print $chk->print_Option();
?> ?>
</select> </select>
</td> </td>

18
ste/ste_script.min.js vendored
View File

File diff suppressed because one or more lines are too long