diff --git a/CHANGELOG.rst b/CHANGELOG.rst index bb9960dc..b7211f7a 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -12,6 +12,7 @@ Current - Add: new ``bui-monitor`` processes pool + ``async`` backend to parallelize some requests `#278 `_ - Add: new `listen` and `listen_status` options in burp-2.2.10 `#279 `_ - Add: allow to hide selected clients/servers `#282 `_ +- Add: allow to delete clients data upon removal `#232 <`_ - Fix: sync pkgs requirements with burp-ui's `#300 `__ - Fix: wrong command suggestion `#296 `__ - Fix: allow templates removal `#290 `__ diff --git a/burpui/api/settings.py b/burpui/api/settings.py index ae3636da..6806ed50 100644 --- a/burpui/api/settings.py +++ b/burpui/api/settings.py @@ -488,6 +488,7 @@ class ClientSettings(Resource): parser_delete.add_argument('delcert', type=inputs.boolean, help='Whether to delete the certificate or not', default=False, nullable=True) parser_delete.add_argument('keepconf', type=inputs.boolean, help='Whether to keep the conf or not', default=False, nullable=True) parser_delete.add_argument('template', type=inputs.boolean, help='Whether we work on a template or not', default=False, nullable=True) + parser_delete.add_argument('delete', type=inputs.boolean, help='Whether we should remove the data as well or not', default=False, nullable=True) parser_post = ns.parser() parser_post.add_argument('template', type=inputs.boolean, help='Whether we work on a template or not', default=False, nullable=True) parser_get = ns.parser() @@ -606,6 +607,7 @@ class ClientSettings(Resource): revoke = args.get('revoke', False) keepconf = args.get('keepconf', False) template = args.get('template', False) + delete = args.get('delete', False) if not keepconf: # clear the cache when we remove a client @@ -622,8 +624,8 @@ class ClientSettings(Resource): force_scheduling_now() parser = bui.client.get_parser(agent=server) - bui.audit.logger.info(f'deleted client configuration {client} ({conf}), delete certificate: {delcert}, revoke certificate: {revoke}, keep a backup of the configuration: {keepconf}', server=server) - return parser.remove_client(client, keepconf, delcert, revoke, template), 200 + bui.audit.logger.info(f'deleted client configuration {client} ({conf}), delete certificate: {delcert}, revoke certificate: {revoke}, keep a backup of the configuration: {keepconf}, delete data: {delete}', server=server) + return parser.remove_client(client, keepconf, delcert, revoke, template, delete), 200 @ns.route('/path-expander', diff --git a/burpui/misc/parser/burp1.py b/burpui/misc/parser/burp1.py index 18b198fe..43f58d59 100644 --- a/burpui/misc/parser/burp1.py +++ b/burpui/misc/parser/burp1.py @@ -9,6 +9,7 @@ import re import os import json import codecs +import shutil from glob import glob @@ -288,7 +289,7 @@ class Parser(Doc): self.templates_mtime = os.path.getmtime(self.templates_path) return res - def _get_server_path(self, name=None, fil=None): + def _get_server_path(self, name=None, fil=''): """Returns the path of the 'server *fil*' file""" if not name: raise BUIserverException('Missing name') @@ -344,7 +345,8 @@ class Parser(Doc): return False return self.openssl_auth.check_client_revoked(client) - def remove_client(self, client=None, keepconf=False, delcert=False, revoke=False, template=False): + def remove_client(self, client=None, keepconf=False, delcert=False, revoke=False, + template=False, delete=False): """See :func:`burpui.misc.parser.interface.BUIparser.remove_client`""" res = [] revoked = False @@ -352,6 +354,7 @@ class Parser(Doc): if not client: return [[NOTIF_ERROR, "No client provided"]] try: + data = self._get_server_path(client) if not keepconf: if template: path = os.path.join(self.templates_path, client) @@ -370,6 +373,8 @@ class Parser(Doc): self._refresh_cache() + shutil.rmtree(data) + except OSError as exp: res.append([NOTIF_ERROR, str(exp)]) diff --git a/burpui/misc/parser/interface.py b/burpui/misc/parser/interface.py index e9d2be91..3c4e6942 100644 --- a/burpui/misc/parser/interface.py +++ b/burpui/misc/parser/interface.py @@ -263,7 +263,8 @@ class BUIparser(object, metaclass=ABCMeta): ) # pragma: no cover @abstractmethod - def remove_client(self, client=None, keepconf=False, delcert=False, revoke=False, template=False): + def remove_client(self, client=None, keepconf=False, delcert=False, revoke=False, + template=False, delete=False): """:func:`burpui.misc.parser.interface.BUIparser.remove_client` is used to delete a client from burp's configuration. @@ -282,8 +283,12 @@ class BUIparser(object, metaclass=ABCMeta): :param template: Whether we remove a template :type template: bool + :param delete: Whether to remove data as well + :type delete: bool + :returns: A list of notifications to return to the UI (success or failure) + :rtype: list """ raise NotImplementedError( "Sorry, the current Parser does not implement this method!" diff --git a/burpui/templates/js/settings.js b/burpui/templates/js/settings.js index 01a2a1b3..40599948 100644 --- a/burpui/templates/js/settings.js +++ b/burpui/templates/js/settings.js @@ -638,7 +638,7 @@ app.controller('ConfigCtrl', ['$scope', '$http', '$timeout', '$scrollspy', 'DTOp {% if template -%} data: { template: true } {% else -%} - data: { delcert: $('#delcert').is(':checked'), revoke: $('#revoke').is(':checked'), keepconf: $('#keepconf').is(':checked') } + data: { delcert: $('#delcert').is(':checked'), revoke: $('#revoke').is(':checked'), keepconf: $('#keepconf').is(':checked'), delete: $('#deldata').is(':checked') } {% endif -%} }) .fail(buiFail) diff --git a/burpui/templates/settings.html b/burpui/templates/settings.html index 02da9ae9..2f279968 100644 --- a/burpui/templates/settings.html +++ b/burpui/templates/settings.html @@ -403,6 +403,7 @@
    • +
    • {% endif -%}