Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
} else {
// Check if we can connect to a different API
if (
error &&
error.body &&
typeof error.body.found !== 'undefined' &&
!error.body.found
) {
try {
const apis = await this.manageHosts.getHosts();
for (const api of apis) {
try {
const id = Object.keys(api)[0];
const host = api[id];
const options = ApiHelper.buildOptionsObject(host);
const response = await needle(
'get',
`${host.url}:${host.port}/version`,
{},
options
);
if (this.checkResponseIsDown(response)) {
return ErrorResponse('ERROR3099', 3099, 500, reply);
}
if (
((response || {}).body || {}).error === 0 &&
((response || {}).body || {}).data
) {
req.payload = id;
req.idChanged = id;
if (!Object.keys(api).length) {
log(
'wazuh-api:getNistRequirement',
'Unexpected error getting host credentials'
);
// Can not get credentials from wazuh-hosts
return ErrorResponse(
'Unexpected error getting host credentials',
3007,
400,
reply
);
}
const response = await needle(
'get',
`${api.url}:${api.port}/rules/nist-800-53`,
{},
ApiHelper.buildOptionsObject(api)
);
if ((((response || {}).body || {}).data || {}).items) {
let NISTobject = {};
for (const item of response.body.data.items) {
if (typeof nistRequirementsFile[item] !== 'undefined')
NISTobject[item] = nistRequirementsFile[item];
}
return NISTobject;
} else {
log(
'wazuh-api:getNistRequirement',
if (!Object.keys(api).length) {
log(
'wazuh-api:getPciRequirement',
`Cannot get the credentials for the host ${apiId}`
);
// Can not get credentials from wazuh-hosts
return ErrorResponse(
'Unexpected error getting host credentials',
3007,
400,
reply
);
}
const response = await needle(
'get',
`${api.url}:${api.port}/rules/pci`,
{},
ApiHelper.buildOptionsObject(api)
);
if ((((response || {}).body || {}).data || {}).items) {
let PCIobject = {};
for (const item of response.body.data.items) {
if (typeof pciRequirementsFile[item] !== 'undefined')
PCIobject[item] = pciRequirementsFile[item];
}
return PCIobject;
} else {
log(
'wazuh-api:getPciRequirement',
if (!Object.keys(api).length) {
log(
'wazuh-api:getHipaaRequirement',
'Unexpected error getting host credentials'
);
// Can not get credentials from wazuh-hosts
return ErrorResponse(
'Unexpected error getting host credentials',
3007,
400,
reply
);
}
const response = await needle(
'get',
`${api.url}:${api.port}/rules/hipaa`,
{},
ApiHelper.buildOptionsObject(api)
);
if ((((response || {}).body || {}).data || {}).items) {
let HIPAAobject = {};
for (const item of response.body.data.items) {
if (typeof hipaaRequirementsFile[item] !== 'undefined')
HIPAAobject[item] = hipaaRequirementsFile[item];
}
return HIPAAobject;
} else {
log(
'wazuh-api:getPciRequirement',
async fetch() {
this.isFetching = true
try {
const url = `${this.botUrl}/getUpdates?offset=-1`
const {statusCode, body} = await needle('get',url)
if (statusCode !== 200)
throw 'Unable to download page'
if (!body.ok)
throw 'Data was not ok.'
if (!(body.result instanceof Array))
throw 'Data should be an array.'
if (body.result.length === 0)
throw 'Data array is empty.'
const msg = body.result[0].message
// return if already got this message?
async getProfileUrl(user_id) {
if (!!this.profileUrlCache[user_id]) {
this.emit('avatar', user_id, this.profileUrlCache[user_id])
return
}
const {statusCode, body} = await needle('post',`${this.botUrl}/getUserProfilePhotos`, {'user_id': user_id})
if (statusCode !== 200)
throw 'Unable to download photo page'
if (!body.ok)
throw 'Photo data was not ok.'
if (body.result.total_count===0)
throw 'No Photo found.'
const file_id = body.result.photos[0][0].file_id;
const url = await this.getFileUrl(file_id)
this.profileUrlCache[user_id] = url
this.emit('avatar', user_id, url)
}
async checkAndSaveStatus(api) {
try {
const payload = {
offset: 0,
limit: 1,
q: 'id!=000'
};
log(
'monitoring:checkAndSaveStatus',
`Prepare OptionsObject for API: ${api.url}:${api.port}`,
'debug'
);
const options = ApiHelper.buildOptionsObject(api);
const response = await needle(
'get',
`${getPath(api)}/agents`,
payload,
options
);
const isCluster = await needle(
'get',
`${getPath(api)}/cluster/status`,
{},
options
);
const clusterName =
(((isCluster || {}).body || {}).data || {}).enabled === 'yes'
? await needle('get', `${getPath(api)}/cluster/node`, {}, options)
let itemsArray = [];
const output = await needle(
'get',
`${config.url}:${config.port}/${tmpPath}`,
params,
cred
);
const totalItems = (((output || {}).body || {}).data || {}).totalItems;
if (totalItems) {
params.offset = 0;
itemsArray.push(...output.body.data.items);
while (itemsArray.length < totalItems && params.offset < totalItems) {
params.offset += params.limit;
const tmpData = await needle(
'get',
`${config.url}:${config.port}/${tmpPath}`,
params,
cred
);
itemsArray.push(...tmpData.body.data.items);
}
}
if (totalItems) {
const { path, filters } = req.payload;
const isList = path.includes('/lists') && filters && filters.length;
const isArrayOfLists =
path.includes('/lists') && (!filters || !filters.length);
const isAgents = path.includes('/agents') && !path.includes('groups');
const isAgentsOfGroup = path.startsWith('/agents/groups/');
async getFileUrl(file_id) {
const {statusCode, body} = await needle('post',`${this.botUrl}/getFile`, {'file_id': file_id})
const file_path = body.result.file_path;
const url = `${this.fileBotUrl}/${file_path}`
return url
}