Merge pull request #730 from ninp0/master

PWN::Plugins::JiraServer module - add #update_issue && #delete_issue …

Author: ninp0

README.md

@@ -37,7 +37,7 @@ $ cd /opt/pwn
 $ ./install.sh
 $ ./install.sh ruby-gem
 $ pwn
-pwn[v0.5.294]:001 >>> PWN.help
+pwn[v0.5.295]:001 >>> PWN.help
 ```
 
 [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.4.4@pwn
 $ gem uninstall --all --executables pwn
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.5.294]:001 >>> PWN.help
+pwn[v0.5.295]:001 >>> PWN.help
 ```
 
 If you're using a multi-user install of RVM do:
@@ -62,7 +62,7 @@ $ rvm use ruby-3.4.4@pwn
 $ rvmsudo gem uninstall --all --executables pwn
 $ rvmsudo gem install --verbose pwn
 $ pwn
-pwn[v0.5.294]:001 >>> PWN.help
+pwn[v0.5.295]:001 >>> PWN.help
 ```
 
 PWN periodically upgrades to the latest version of Ruby which is reflected in `/opt/pwn/.ruby-version`.  The easiest way to upgrade to the latest version of Ruby from a previous PWN installation is to run the following script:

lib/pwn/plugins/jira_server.rb

@@ -43,9 +43,9 @@ module JiraServer
         spinner.auto_spin
 
         case http_method
-        when :get
+        when :delete, :get
           response = rest_client.execute(
-            method: :get,
+            method: http_method,
             url: "#{base_api_uri}/#{rest_call}",
             headers: {
               content_type: 'application/json; charset=UTF-8',
@@ -55,9 +55,9 @@ module JiraServer
             verify_ssl: false
           )
 
-        when :post
+        when :post, :put
           response = rest_client.execute(
-            method: :post,
+            method: http_method,
             url: "#{base_api_uri}/#{rest_call}",
             headers: {
               content_type: 'application/json; charset=UTF-8',
@@ -171,7 +171,7 @@ module JiraServer
         description = opts[:description].to_s.scrub
 
         additional_fields = opts[:additional_fields] ||= { fields: {} }
-        raise 'ERROR: additional_fields Hash must contain a :fields key.' unless additional_fields.is_a?(Hash) && additional_fields.key?(:fields)
+        raise 'ERROR: additional_fields Hash must contain a :fields key that is also a Hash.' unless additional_fields.is_a?(Hash) && additional_fields.key?(:fields) && additional_fields[:fields].is_a?(Hash)
 
         all_fields = get_all_fields(base_api_uri: base_api_uri, token: token)
         epic_name_field_key = all_fields.find { |field| field[:name] == 'Epic Name' }[:id]
@@ -205,6 +205,68 @@ module JiraServer
         raise e
       end
 
+      # Supported Method Parameters::
+      # issue_resp = PWN::Plugins::JiraServer.update_issue(
+      #   base_api_uri: 'required - base URI for Jira (e.g. https:/jira.corp.com/rest/api/latest)',
+      #   token: 'required - bearer token',
+      #   fields: 'required - fields to update in the issue (e.g. summary, description, labels, components, custom fields, etc.)'
+      # )
+
+      public_class_method def self.update_issue(opts = {})
+        base_api_uri = opts[:base_api_uri]
+
+        token = opts[:token]
+        token ||= PWN::Plugins::AuthenticationHelper.mask_password(
+          prompt: 'Personal Access Token'
+        )
+        issue = opts[:issue]
+        raise 'ERROR: project_key cannot be nil.' if issue.nil?
+
+        fields = opts[:fields] ||= { fields: {} }
+        raise 'ERROR: fields Hash must contain a :fields key that is also a Hash.' unless fields.is_a?(Hash) && fields.key?(:fields) && fields[:fields].is_a?(Hash)
+
+        http_body = fields
+
+        rest_call(
+          http_method: :put,
+          base_api_uri: base_api_uri,
+          token: token,
+          rest_call: "issue/#{issue}",
+          http_body: http_body
+        )
+      rescue StandardError => e
+        raise e
+      end
+
+      # Supported Method Parameters::
+      # issue_resp = PWN::Plugins::JiraServer.delete_issue(
+      #   base_api_uri: 'required - base URI for Jira (e.g. https:/jira.corp.com/rest/api/latest)',
+      #   token: 'required - bearer token',
+      #   issue: 'required - issue to delete (e.g. Bug, Issue, Story, or Epic ID)'
+      # )
+
+      public_class_method def self.delete_issue(opts = {})
+        base_api_uri = opts[:base_api_uri]
+
+        token = opts[:token]
+        token ||= PWN::Plugins::AuthenticationHelper.mask_password(
+          prompt: 'Personal Access Token'
+        )
+
+        issue = opts[:issue]
+
+        raise 'ERROR: issue cannot be nil.' if issue.nil?
+
+        rest_call(
+          http_method: :delete,
+          base_api_uri: base_api_uri,
+          token: token,
+          rest_call: "issue/#{issue}"
+        )
+      rescue StandardError => e
+        raise e
+      end
+
       # Author(s):: 0day Inc. <[email protected]>
 
       public_class_method def self.authors
@@ -240,6 +302,13 @@ module JiraServer
             additional_fields: 'optional - additional fields to set in the issue (e.g. labels, components, custom fields, etc.)'
           )
 
+          issue_resp = #{self}.update_issue(
+            base_api_uri: 'required - base URI for Jira (e.g. https:/jira.corp.com/rest/api/latest)',
+            token: 'required - bearer token',
+            issue: 'required - issue to update (e.g. Bug, Issue, Story, or Epic ID)',
+            fields: 'required - fields to update in the issue (e.g. summary, description, labels, components, custom fields, etc.)'
+          )
+
           **********************************************************************
           * For more information on the Jira Server REST API, see:
           * https://developer.atlassian.com/server/jira/platform/rest-apis/

lib/pwn/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module PWN
-  VERSION = '0.5.294'
+  VERSION = '0.5.295'
 end