Merge branch 'release/1.0'

.gitignore

@@ -0,0 +1,5 @@
+dist/
+vendor/
+.gh_token
+*.min.*
+

.travis.yml

@@ -0,0 +1,66 @@
+language: php
+
+env:
+  - DB=mysql
+
+before_script:
+  - composer self-update
+  - if [[ ${TRAVIS_PHP_VERSION:0:3} == "5.4" ]]; then sed -e "s|.*"consolidation/robo".*$||" -i composer.json && composer update; fi
+  - composer install -o
+#  - mysql -u root -e 'create database glpitest;'
+#  - php tools/cliinstall.php --lang=en_US --db=glpitest --user=root --tests
+  - pear install pear/PHP_CodeSniffer
+  - phpenv rehash
+
+script:
+#  - mysql -u root -e 'select version();'
+#  - phpunit --verbose
+  - phpcs -p --ignore=vendor --ignore=js --standard=tools/phpcs-rules.xml  .
+
+matrix:
+  include:
+    - php: 5.4
+      addons:
+        mariadb: 5.5
+    - php: 5.5
+      addons:
+        mariadb: 5.5
+#    - php: 5.6
+#      addons:
+#        mariadb: 5.5
+#    - php: 5.6
+#      addons:
+#        mariadb: 10.0
+    - php: 5.6
+      addons:
+        mariadb: 10.1
+#    - php: 7.0
+#      addons:
+#        mariadb: 10.0
+    - php: 7.0
+      addons:
+        mariadb: 10.1
+#    - php: 7.1
+#      addons:
+#        mariadb: 10.0
+    - php: 7.1
+      addons:
+        mariadb: 10.1
+    - php: nightly
+      addons:
+        mariadb: 10.1
+  allow_failures:
+    - php: nightly
+
+cache:
+  directories:
+    - $HOME/.composer/cache
+
+#notifications:
+#  irc:
+#    channels:
+#      - "irc.freenode.org#channel"
+#    on_success: change
+#    on_failure: always
+#    use_notice: true
+#    skip_join: true

.tx/config

@@ -0,0 +1,8 @@
+[main]
+host = https://www.transifex.com
+
+[glpi-plugins-openvas.openvas-10pot]
+file_filter = locales/<lang>.po
+source_file = locales/openvas.pot
+source_lang = en
+minimum_perc: 100

README.md

@@ -1,2 +1,116 @@
-# openvas
-OpenVAS plugin for GLPi
+# OpenVAS GLPi plugin for GLPi
+
+This plugin integrates [OpenVAS](https://www.openvas.org/) with GLPI.
+
+## Features
+
+* Retrieve OpenVAS informations for GLPi assets
+* Get severity & threat for assets
+* Import vulnerabities (results)
+* Create tickets based on vulnerabities data
+* Create tasks, request start and stop
+
+## Installation
+
+### Prerequisites
+
+The plugin has only been tested on Linux.
+
+You need the followings components:
+- GLPI (at least 9.1.1 version)
+- OpenVAS manager 8 up and running
+- PHP >= 5.5
+- openvas-cli package installed to provide omp executable
+
+### OpenVAS configuration
+
+You need to create a user able to connect and administrate OpenVAS.
+The use should be able to see all data, and create tasks/request task start & stop  
+
+### Glpi Configuration
+
+Copy the plugin folder into your glpi/plugins directory.
+The folder must be named 'prelude' otherwise GLPI framework will fail to initialize the plugin.
+
+Next, go to glpi interface, navigate to the _Administatrion > Plugins_ page.
+Find the prelude line, click on _Install_ button, and after refresh, click on _Enable_ button.
+
+Once the plugin enabled, you may click on this name or go into _Setup > General_ menu to display the plugin configuration.
+
+You will see this page:
+
+![Prelude plugin empty configuration](https://raw.githubusercontent.com/pluginsGLPI/openvas/develop/screenshots/config.png)
+
+Fill the configuration fields in order to perform the OpenVAS connection :
+
+* Host: IP or hostname of OpenVAS manager
+* Manager port: OpenVAS management port (by default 9390)
+* Console port: OpenVAS management console port (by default 9392)
+* User: user to connect to OpenVAS
+* Password: user's password
+* Target retention delay: number of days after which target & vulnerabities infos are deleted
+* Number of days for searches: value to use for time restriction during OpenVAS queries
+* Request source: the request source to use when creating tickets from vulnerabities
+* Color palette: colors to represent OpenVAS threat levels
+
+The test button is used to test the connection to OpenVAS manager.
+
+## Usage
+
+### Automatic actions
+
+3 automatic actions are added by the plugin:
+
+* openvasSynchronize: used to perform hosts to asset matching and informations retrieval
+* openvasSynchronizeVulnerabilities: import vulnerabities (results) from OpenVAS in GLPi. Can also create tickets
+* openvasClean : clean not accurate data, based on the creation date
+
+You must start by launching openvasSynchronize, then openvasSynchronizeVulnerabilities.
+
+### OpenVAS vulnerabities menu
+
+Vulnerabities can be found at  _Tools > OpenVAS_ menu.
+A small green icon allows user to switch from vulnerabities view to tasks view.
+
+![vulnerabity display](https://raw.githubusercontent.com/pluginsGLPI/openvas/develop/screenshots/vulnerability.png)
+
+A vulnerabity can be linked to several hosts.
+If a host is linked to an asset in GLPi, you can access the host directly from the vulnerabity.
+
+### OpenVAS asset tab
+
+If a GLPi asset is linked to an OpenVAS host, a new _OpenVAS_ tab is diplayed.
+The tab lists:
+
+* general informations (name, comment, severity & threat)
+* the list of tasks for this host
+* vulnerabities linked to the host
+
+### OpenVAS vulnerabities rules
+
+A rules engine is available at _Administration > Rules_.
+It has 2 actions :
+
+* ignore vulnerabity import
+* create a ticket based on a template
+
+![vulnerabity display](https://raw.githubusercontent.com/pluginsGLPI/openvas/develop/screenshots/rule.png)
+
+To use threat as a criteria, here are the possible values:
+
+* Error
+* Log
+* Low
+* Medium
+* High
+
+To match vulnerabilities having a threat at least equals to Low, you must use a regex:
+_Threat regex checks /Low|Medium|High/_
+
+## Contributing
+
+* Open a ticket for each bug/feature so it can be discussed
+* Follow [development guidelines](http://glpi-developer-documentation.readthedocs.io/en/latest/plugins.html)
+* Refer to [GitFlow](http://git-flow.readthedocs.io/) process for branching
+* Work on a new branch on your own fork
+* Open a PR that will be reviewed by a developer

RoboFile.php

@@ -0,0 +1,13 @@
+<?php
+/**
+ * This is project's console commands configuration for Robo task runner.
+ *
+ * @see http://robo.li/
+ */
+
+require_once 'RoboFilePlugin.php';
+
+class RoboFile extends RoboFilePlugin
+{
+    //Own plugin's robo stuff
+}

RoboFilePlugin.php

@@ -0,0 +1,146 @@
+<?php
+/**
+ * This is project's console commands configuration for Robo task runner.
+ *
+ * @see http://robo.li/
+ */
+class RoboFilePlugin extends \Robo\Tasks
+{
+   /**
+    * Minify all
+    *
+    * @return void
+    */
+   public function minify()
+   {
+      $this->minifyCSS()
+         ->minifyJS();
+   }
+
+   /**
+    * Minify CSS stylesheets
+    *
+    * @return void
+    */
+   public function minifyCSS()
+   {
+      $css_dir = __DIR__ . '/css';
+      if (is_dir($css_dir)) {
+         foreach(glob("$css_dir/*.css") as $css_file) {
+            if (!$this->endsWith($css_file, 'min.css')) {
+               $this->taskMinify($css_file)
+                  ->to(str_replace('.css', '.min.css', $css_file))
+                  ->type('css')
+                  ->run();
+            }
+         }
+      }
+      return $this;
+   }
+
+   /**
+    * Minify JavaScript files stylesheets
+    *
+    * @return void
+    */
+   public function minifyJS()
+   {
+      $js_dir = __DIR__ . '/js';
+      if (is_dir($js_dir)) {
+         foreach(glob("$js_dir/*.js") as $js_file) {
+            if (!$this->endsWith($js_file, 'min.js')) {
+               $this->taskMinify($js_file)
+                  ->to(str_replace('.js', '.min.js', $js_file))
+                  ->type('js')
+                  ->run();
+            }
+         }
+      }
+      return $this;
+   }
+
+   /**
+    * Extract translatable strings
+    *
+    * @return void
+    */
+   public function localesExtract()
+   {
+      $this->_exec('tools/extract_template.sh');
+      return $this;
+   }
+
+   /**
+    * Push locales to transifex
+    *
+    * @return void
+    */
+   public function localesPush()
+   {
+      $this->_exec('tx push -s');
+      return $this;
+   }
+
+   /**
+    * Pull locales from transifex.
+    *
+    * @return void
+    */
+   public function localesPull($percent = 70)
+   {
+      $this->_exec('tx pull -a --minimum-perc=' .$percent);
+      return $this;
+   }
+
+   /**
+    * Build MO files
+    *
+    * @return void
+    */
+   public function localesMo()
+   {
+      $this->_exec('./tools/release --compile-mo');
+      return $this;
+   }
+
+   /**
+    * Extract and send locales
+    *
+    * @return void
+    */
+   public function localesSend()
+   {
+      $this->localesExtract()
+           ->localesPush();
+      return $this;
+   }
+
+   /**
+    * Retrieve locales and generate mo files
+    *
+    * @return void
+    */
+   public function localesGenerate($percent = 70) {
+      $this->localesPull($percent)
+           ->localesMo();
+      return $this;
+   }
+
+   /**
+    * Checks if a string ends with another string
+    *
+    * @param string $haystack Full string
+    * @param string $needle   Ends string
+    *
+    * @return boolean
+    * @see http://stackoverflow.com/a/834355
+    */
+   private function endsWith($haystack, $needle) {
+      $length = strlen($needle);
+      if ($length == 0) {
+         return true;
+      }
+
+      return (substr($haystack, -$length) === $needle);
+   }
+}

composer.json

@@ -0,0 +1,7 @@
+{
+    "require-dev": {
+        "consolidation/robo": "dev-master@dev",
+        "patchwork/jsqueeze": "~1.0",
+        "natxet/CssMin": "~3.0"
+    }
+}