# frozen_string_literal: true

# This will check microsoft security portal for the kbs assosicated with an operating system for a given CVE.
#
# usage: <script.rb> --cve CVE-2020-1234 --os "Windows Server 2012 R2"
#
require 'json'
require 'rest-client'

class MicrosoftKbChecker
  attr_accessor :cve_id, :os_name

  def initialize(cve_id, os_name)
    @cve_id = cve_id,
    @os_name = os_name
  end

  AVAILABLE_OS = [
    'Windows 10 Version 2004 for 32-bit Systems',
    'Windows 10 Version 2004 for ARM64-based Systems',
    'Windows 10 Version 2004 for x64-based Systems',
    'Windows Server, version 2004 (Server Core installation)',
    'Windows 10 Version 1803 for 32-bit Systems',
    'Windows 10 Version 1803 for x64-based Systems',
    'Windows 10 Version 1803 for ARM64-based Systems',
    'Windows 10 Version 1809 for 32-bit Systems',
    'Windows 10 Version 1809 for x64-based Systems',
    'Windows 10 Version 1809 for ARM64-based Systems',
    'Windows Server 2019',
    'Windows Server 2019  (Server Core installation)',
    'Windows 10 Version 1909 for 32-bit Systems',
    'Windows 10 Version 1909 for x64-based Systems',
    'Windows 10 Version 1909 for ARM64-based Systems',
    'Windows Server, version 1909 (Server Core installation)',
    'Windows 10 Version 1709 for 32-bit Systems',
    'Windows 10 Version 1709 for x64-based Systems',
    'Windows 10 Version 1709 for ARM64-based Systems',
    'Windows 10 Version 1903 for 32-bit Systems',
    'Windows 10 Version 1903 for x64-based Systems',
    'Windows 10 Version 1903 for ARM64-based Systems',
    'Windows Server, version 1903 (Server Core installation)',
    'Windows 10 for 32-bit Systems',
    'Windows 10 for x64-based Systems',
    'Windows 10 Version 1607 for 32-bit Systems',
    'Windows 10 Version 1607 for x64-based Systems',
    'Windows Server 2016',
    'Windows Server 2016  (Server Core installation)',
    'Windows 7 for 32-bit Systems Service Pack 1',
    'Windows 7 for x64-based Systems Service Pack 1',
    'Windows 8.1 for 32-bit systems',
    'Windows 8.1 for x64-based systems',
    'Windows RT 8.1',
    'Windows Server 2008 for 32-bit Systems Service Pack 2',
    'Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)',
    'Windows Server 2008 for x64-based Systems Service Pack 2',
    'Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)',
    'Windows Server 2008 R2 for x64-based Systems Service Pack 1',
    'Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)',
    'Windows Server 2012',
    'Windows Server 2012 (Server Core installation)',
    'Windows Server 2012 R2',
    'Windows Server 2012 R2 (Server Core installation)'
  ].freeze

  def cve_url
    "https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/#{cve}"
  end

  def make_request
    RestClient::Request.execute(
      method: :get,
      headers: { Host: 'portal.msrc.microsoft.com' },
      url: cve_url
    )
  end

  def parse_json(response)
    JSON.parse(response)
  end

  def find_os
    if AVAILABLE_OS.include?(os)
      response = make_request
      json_data = parse_json(response)
    else
      'Operating system not found.'
    end
  end
end