Merge branch 'master' into io-credentials-upload

tenable · Jan 12, 2024 · 65a9956 · 65a9956
2 parents d45f051 + 7a2ff8d
commit 65a9956
Show file tree

Hide file tree

Showing 6 changed files with 70 additions and 3 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -4,6 +4,16 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [1.4.17]
+
+### Fixed
+- Vulnerability `CVE-2023-38325` by upgrading the test dependency `requests-pkcs12`.
+
+### Added
+- Support for `include_open_ports` property in Vulnerability Management asset export request.
+
+[1.4.17]: https://github.com/tenable/pyTenable/compare/1.4.16...1.4.17
+
 ## [1.4.16]
 
  ### Fixed

diff --git a/tenable/io/exports/api.py b/tenable/io/exports/api.py
@@ -269,6 +269,8 @@ def assets(self, **kwargs) -> Union[ExportsIterator, UUID]:
                 Should we return assets that have a ServiceNOW sysid?
                 if ``True`` only assets with an id will be returned.
                 if ``False`` only assets without an id will be returned.
+            include_open_ports (bool, optional):
+                Should we include open ports of assets in the exported chunks?
             chunk_size (int, optional):
                 How many asset objects should be returned per chunk of data?
                 The default is ``1000``.

diff --git a/tenable/io/exports/schema.py b/tenable/io/exports/schema.py
@@ -39,6 +39,7 @@ class AssetExportSchema(Schema):
     is_licensed = fields.Bool()
     is_terminated = fields.Bool()
     servicenow_sysid = fields.Bool()
+    include_open_ports = fields.Bool()
 
     # Other params
     chunk_size = fields.Int(dump_default=1000)
@@ -49,7 +50,7 @@ class AssetExportSchema(Schema):
     @post_dump
     def post_serialization(self, data, **kwargs):  # noqa PLR0201 PLW0613
         data = serialize_tags(data)
-        data = envelope(data, 'filters', excludes=['chunk_size'])
+        data = envelope(data, 'filters', excludes=['chunk_size', 'include_open_ports'])
         return data
 
 

diff --git a/tenable/version.py b/tenable/version.py
@@ -1,2 +1,2 @@
-version = '1.4.16'
+version = '1.4.17'
 version_info = tuple(int(d) for d in version.split("-")[0].split("."))
diff --git a/test-requirements.txt b/test-requirements.txt
@@ -13,5 +13,5 @@ flake8-author>=1.2.0
 flake8-colors>=0.1.6
 
 defusedxml>=0.5.0
-requests-pkcs12>=1.3
+requests-pkcs12>=1.22
 docker>=3.7.2
diff --git a/tests/io/exports/test_schema.py b/tests/io/exports/test_schema.py
@@ -39,6 +39,35 @@ def asset_export():
         ]
     }
 
+@pytest.fixture
+def asset_export_with_open_ports_true():
+    """
+    Asset export request with open ports set as true.
+    """
+    return {
+        'chunk_size': 1000,
+        'include_open_ports': True
+    }
+
+@pytest.fixture
+def asset_export_with_open_ports_false():
+    """
+    Asset export request with open ports set as false.
+    """
+    return {
+        'chunk_size': 1000,
+        'include_open_ports': False
+    }
+
+@pytest.fixture
+def asset_export_with_out_open_ports():
+    """
+    Asset export request without open ports.
+    """
+    return {
+        'chunk_size': 1000
+    }
+
 
 @pytest.fixture
 def compliance_export():
@@ -190,3 +219,28 @@ def test_vulnerabilityschema(vuln_export):
     with pytest.raises(ValidationError):
         vuln_export['scan_uuid'] = 0
         schema.load(vuln_export)
+
+def test_asset_export_schema_for_open_ports_true(asset_export_with_open_ports_true):
+    """
+    Ensure Asset Export request is correctly formed with include_open_ports set to true.
+    """
+    schema = AssetExportSchema()
+    schema_dump = schema.dump(schema.load(asset_export_with_open_ports_true))
+    assert schema_dump["include_open_ports"] == True
+
+
+def test_asset_export_schema_for_open_ports_false(asset_export_with_open_ports_false):
+    """
+    Ensure Asset Export request is correctly formed with include_open_ports set to false.
+    """
+    schema = AssetExportSchema()
+    schema_dump = schema.dump(schema.load(asset_export_with_open_ports_false))
+    assert schema_dump["include_open_ports"] == False
+
+def test_asset_export_schema_without_open_ports(asset_export_with_out_open_ports):
+    """
+    Ensure Asset Export request is correctly formed without include_open_ports.
+    """
+    schema = AssetExportSchema()
+    schema_dump = schema.dump(schema.load(asset_export_with_out_open_ports))
+    assert "include_open_ports" not in schema_dump