BASIS/decort-golang-sdk
8
1
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

v1.12.9

Browse Source
This commit is contained in:
asteam
2025-11-14 17:38:59 +03:00
parent 562b6019d0
commit 0bf073da93
149 changed files with 11080 additions and 38 deletions
Download Patch File Download Diff File Expand all files Collapse all files

77
pkg/sdn/secpolicies/create.go Normal file
View File

@@ -0,0 +1,77 @@
package secpolicies
import (
"context"
"encoding/json"
"net/http"
"repository.basistech.ru/BASIS/decort-golang-sdk/internal/constants"
"repository.basistech.ru/BASIS/decort-golang-sdk/internal/validators"
)
// CreateRequest struct to create security policy
type CreateRequest struct {
// Access group ID
// Required: true
AccessGroupID string `url:"access_group_id" json:"access_group_id" validate:"required"`
// Applied to net object group ID
// Required: true
AppliedToNetObjectGroupID string `url:"applied_to_net_object_group_id" json:"applied_to_net_object_group_id" validate:"required"`
// Description of the schedule rule
// Required: true
Description string `url:"description" json:"description"`
// Display name of the schedule rule
// Required: true
DisplayName string `url:"display_name" json:"display_name"`
// Enabled status of the schedule rule
// Required: true
Enabled bool `url:"enabled" json:"enabled"`
// End date and time for the schedule rule
// Required: false
EndDateTime string `url:"end_date_time,omitempty" json:"end_date_time,omitempty"`
// Insert up reference
// Required: false
InsertUp string `url:"insert_up,omitempty" json:"insert_up,omitempty"`
// Locked at timestamp
// Required: false
LockedAt string `url:"locked_at,omitempty" json:"locked_at,omitempty"`
// Schedule cron expression
// Required: false
ScheduleCron string `url:"schedule_cron,omitempty" json:"schedule_cron,omitempty"`
// Start date and time for the schedule rule
// Required: false
StartDateTime string `url:"start_date_time,omitempty" json:"start_date_time,omitempty"`
}
// Create creates a security policy
func (i SecurityPolicies) Create(ctx context.Context, req CreateRequest) (*SecurityPolicySummary, error) {
err := validators.ValidateRequest(req)
if err != nil {
return nil, validators.ValidationErrors(validators.GetErrors(err))
}
url := "/sdn/security_policy/create"
res, err := i.client.DecortApiCallCtype(ctx, http.MethodPost, url, constants.MIMEJSON, req)
if err != nil {
return nil, err
}
info := SecurityPolicySummary{}
err = json.Unmarshal(res, &info)
if err != nil {
return nil, err
}
return &info, nil
}

41
pkg/sdn/secpolicies/delete.go Normal file
View File

@@ -0,0 +1,41 @@
package secpolicies
import (
"context"
"net/http"
"repository.basistech.ru/BASIS/decort-golang-sdk/internal/constants"
"repository.basistech.ru/BASIS/decort-golang-sdk/internal/validators"
)
// DeleteRequest struct to delete security policy
type DeleteRequest struct {
// Security policy ID
// Required: true
SecurityPolicyID string `url:"security_policy_id" json:"security_policy_id" validate:"required"`
// Version ID
// Required: true
VersionID uint64 `url:"version_id" json:"version_id" validate:"required"`
// Force delete
// Required: false
Force interface{} `url:"force,omitempty" json:"force,omitempty" validate:"omitempty,isBool"`
}
// Delete a security policy
func (i SecurityPolicies) Delete(ctx context.Context, req DeleteRequest) (bool, error) {
err := validators.ValidateRequest(req)
if err != nil {
return false, validators.ValidationErrors(validators.GetErrors(err))
}
url := "/sdn/security_policy/delete"
_, err = i.client.DecortApiCallCtype(ctx, http.MethodDelete, url, constants.MIMEJSON, req)
if err != nil {
return false, err
}
return true, nil
}

42
pkg/sdn/secpolicies/filter.go Normal file
View File

@@ -0,0 +1,42 @@
package secpolicies
// FilterByID returns SecurityPolicyList with specified ID.
func (agl SecurityPolicyList) FilterByID(id string) SecurityPolicyList {
predicate := func(ia SecurityPolicySummary) bool {
return ia.ID == id
}
return agl.FilterFunc(predicate)
}
// FilterByName returns SecurityPolicyList with specified Name.
func (agl SecurityPolicyList) FilterByName(name string) SecurityPolicyList {
predicate := func(ia SecurityPolicySummary) bool {
return ia.DisplayName == name
}
return agl.FilterFunc(predicate)
}
// FilterFunc allows filtering SecurityPolicyList based on a user-specified predicate.
func (agl SecurityPolicyList) FilterFunc(predicate func(SecurityPolicySummary) bool) SecurityPolicyList {
var result SecurityPolicyList
for _, acc := range agl {
if predicate(acc) {
result = append(result, acc)
}
}
return result
}
// FindOne returns first element.
// If none was found, returns an empty struct.
func (agl SecurityPolicyList) FindOne() SecurityPolicySummary {
if len(agl) == 0 {
return SecurityPolicySummary{}
}
return agl[0]
}

295
pkg/sdn/secpolicies/filter_test.go Normal file
View File

@@ -0,0 +1,295 @@
package secpolicies
import (
"testing"
)
var testSecurityPolicies = SecurityPolicyList{
{
ID: "policy1",
DisplayName: "DevelopersPolicy",
Description: "First policy",
CreatedAt: "2023-01-01",
UpdatedAt: "2023-01-10",
AccessGroupID: "group1",
AccessGroupName: "Developers",
AppliedToNetObjectGroupID: "netgroup1",
Enabled: true,
StartPriority: 1,
EndPriority: 100,
VersionID: 1,
Status: Status{
Common: "active",
Hypervisors: []HypervisorStatus{
{
Name: "hyp1",
DisplayName: "Hypervisor1",
Status: "synced",
HypervisorStatus: "healthy",
SyncedAt: "2023-01-10T10:00:00Z",
},
},
},
SecurityRules: []SecurityRule{
{
ID: "rule1",
DisplayName: "AllowHTTP",
Description: "Allow HTTP traffic",
Action: "Allow",
Direction: "Ingress",
Enabled: true,
Priority: 10,
SecurityPolicyID: "policy1",
LogEnabled: true,
LogSeverity: "medium",
StatisticsEnabled: true,
VersionID: 1,
Filter: Filter{
Filters: map[string]interface{}{
"protocol": "tcp",
"port": float64(80),
},
},
},
},
},
{
ID: "policy2",
DisplayName: "AdminsPolicy",
Description: "Second policy",
CreatedAt: "2023-01-02",
UpdatedAt: "2023-01-11",
AccessGroupID: "group2",
AccessGroupName: "Admins",
AppliedToNetObjectGroupID: "netgroup2",
Enabled: false,
StartPriority: 101,
EndPriority: 200,
VersionID: 2,
Status: Status{
Common: "inactive",
Hypervisors: []HypervisorStatus{
{
Name: "hyp2",
DisplayName: "Hypervisor2",
Status: "pending",
HypervisorStatus: "syncing",
SyncedAt: "2023-01-11T10:00:00Z",
},
},
},
SecurityRules: []SecurityRule{
{
ID: "rule2",
DisplayName: "DenySSH",
Description: "Deny SSH traffic",
Action: "Deny",
Direction: "Ingress",
Enabled: true,
Priority: 20,
SecurityPolicyID: "policy2",
LogEnabled: false,
LogSeverity: "high",
StatisticsEnabled: false,
VersionID: 1,
Filter: Filter{
Filters: map[string]interface{}{
"protocol": "tcp",
"port": float64(22),
},
},
},
},
},
{
ID: "policy3",
DisplayName: "UsersPolicy",
Description: "Third policy",
CreatedAt: "2023-01-03",
UpdatedAt: "2023-01-12",
AccessGroupID: "group3",
AccessGroupName: "Users",
AppliedToNetObjectGroupID: "netgroup3",
Enabled: true,
StartPriority: 201,
EndPriority: 300,
VersionID: 3,
Status: Status{
Common: "active",
Hypervisors: []HypervisorStatus{
{
Name: "hyp3",
DisplayName: "Hypervisor3",
Status: "synced",
HypervisorStatus: "healthy",
SyncedAt: "2023-01-12T10:00:00Z",
},
},
},
SecurityRules: []SecurityRule{
{
ID: "rule3",
DisplayName: "AllowHTTPS",
Description: "Allow HTTPS traffic",
Action: "Allow",
Direction: "Egress",
Enabled: true,
Priority: 30,
SecurityPolicyID: "policy3",
LogEnabled: true,
LogSeverity: "low",
StatisticsEnabled: true,
VersionID: 1,
Filter: Filter{
Filters: map[string]interface{}{
"protocol": "tcp",
"port": float64(443),
},
},
},
},
},
}
func TestFilterByID(t *testing.T) {
actual := testSecurityPolicies.FilterByID("policy2").FindOne()
if actual.ID != "policy2" {
t.Fatal("actual:", actual.ID, "> expected: policy2")
}
}
func TestFilterByDisplayName(t *testing.T) {
actual := testSecurityPolicies.FilterByName("UsersPolicy").FindOne()
if actual.DisplayName != "UsersPolicy" {
t.Fatal("actual:", actual.DisplayName, ">> expected: UsersPolicy")
}
}
func TestFilterFunc(t *testing.T) {
actual := testSecurityPolicies.FilterFunc(func(sp SecurityPolicySummary) bool {
return sp.Description == "Second policy"
})
if len(actual) != 1 || actual[0].ID != "policy2" {
t.Fatal("Expected 1 policy with description 'Second policy', found:", len(actual))
}
}
func TestFindOneWithResults(t *testing.T) {
result := testSecurityPolicies.FilterByID("policy1").FindOne()
if result.ID != "policy1" {
t.Fatal("Expected policy1, got:", result.ID)
}
}
func TestFindOneEmpty(t *testing.T) {
emptyList := SecurityPolicyList{}
result := emptyList.FindOne()
if result.ID != "" || result.DisplayName != "" {
t.Fatal("Expected empty SecurityPolicySummary, got:", result)
}
}
func TestFilterByIDNotFound(t *testing.T) {
actual := testSecurityPolicies.FilterByID("nonexistent")
if len(actual) != 0 {
t.Fatal("Expected 0 policies, found:", len(actual))
}
}
func TestFilterByDisplayNameNotFound(t *testing.T) {
actual := testSecurityPolicies.FilterByName("Nonexistent Policy")
if len(actual) != 0 {
t.Fatal("Expected 0 policies, found:", len(actual))
}
}
func TestFilterByEnabled(t *testing.T) {
actual := testSecurityPolicies.FilterFunc(func(sp SecurityPolicySummary) bool {
return sp.Enabled
})
if len(actual) != 2 {
t.Fatal("Expected 2 enabled policies, found:", len(actual))
}
}
func TestFilterByAccessGroup(t *testing.T) {
actual := testSecurityPolicies.FilterFunc(func(sp SecurityPolicySummary) bool {
return sp.AccessGroupName == "Developers"
})
if len(actual) != 1 || actual[0].ID != "policy1" {
t.Fatal("Expected 1 policy for Developers group, found:", len(actual))
}
}
func TestFilterByStatus(t *testing.T) {
actual := testSecurityPolicies.FilterFunc(func(sp SecurityPolicySummary) bool {
return sp.Status.Common == "active"
})
if len(actual) != 2 {
t.Fatal("Expected 2 active policies, found:", len(actual))
}
}
func TestFilterByPriorityRange(t *testing.T) {
actual := testSecurityPolicies.FilterFunc(func(sp SecurityPolicySummary) bool {
return sp.StartPriority >= 100 && sp.EndPriority <= 200
})
if len(actual) != 1 || actual[0].ID != "policy2" {
t.Fatal("Expected 1 policy in priority range 100-200, found:", len(actual))
}
}
func TestFilterByRuleAction(t *testing.T) {
actual := testSecurityPolicies.FilterFunc(func(sp SecurityPolicySummary) bool {
for _, rule := range sp.SecurityRules {
if rule.Action == "Deny" {
return true
}
}
return false
})
if len(actual) != 1 || actual[0].ID != "policy2" {
t.Fatal("Expected 1 policy with Deny rule, found:", len(actual))
}
}
func TestFilterByRuleDirection(t *testing.T) {
actual := testSecurityPolicies.FilterFunc(func(sp SecurityPolicySummary) bool {
for _, rule := range sp.SecurityRules {
if rule.Direction == "Egress" {
return true
}
}
return false
})
if len(actual) != 1 || actual[0].ID != "policy3" {
t.Fatal("Expected 1 policy with Egress rule, found:", len(actual))
}
}
func TestFilterByLogEnabled(t *testing.T) {
actual := testSecurityPolicies.FilterFunc(func(sp SecurityPolicySummary) bool {
for _, rule := range sp.SecurityRules {
if rule.LogEnabled {
return true
}
}
return false
})
if len(actual) != 2 {
t.Fatal("Expected 2 policies with log enabled rules, found:", len(actual))
}
}

47
pkg/sdn/secpolicies/get.go Normal file
View File

@@ -0,0 +1,47 @@
package secpolicies
import (
"context"
"encoding/json"
"net/http"
"repository.basistech.ru/BASIS/decort-golang-sdk/internal/validators"
)
// GetRequest struct to get information about security policy
type GetRequest struct {
// ID a security policy
// Required: true
ID string `url:"security_policy_id" json:"security_policy_id" validate:"required"`
}
// Get gets security policy
func (a SecurityPolicies) Get(ctx context.Context, req GetRequest) (*SecurityPolicySummary, error) {
res, err := a.GetRaw(ctx, req)
if err != nil {
return nil, err
}
info := SecurityPolicySummary{}
err = json.Unmarshal(res, &info)
if err != nil {
return nil, err
}
return &info, nil
}
// GetRaw gets address pool details as an array of bytes
func (a SecurityPolicies) GetRaw(ctx context.Context, req GetRequest) ([]byte, error) {
err := validators.ValidateRequest(req)
if err != nil {
return nil, validators.ValidationErrors(validators.GetErrors(err))
}
url := "/sdn/security_policies/get"
res, err := a.client.DecortApiCall(ctx, http.MethodGet, url, req)
return res, err
}

10
pkg/sdn/secpolicies/ids.go Normal file
View File

@@ -0,0 +1,10 @@
package secpolicies
// IDs gets array of IDs from SecurityPolicyList struct
func (spl SecurityPolicyList) IDs() []string {
res := make([]string, 0, len(spl))
for _, c := range spl {
res = append(res, c.ID)
}
return res
}

74
pkg/sdn/secpolicies/list.go Normal file
View File

@@ -0,0 +1,74 @@
package secpolicies
import (
"context"
"encoding/json"
"net/http"
"repository.basistech.ru/BASIS/decort-golang-sdk/internal/validators"
)
// ListRequest struct to get a list of security group
type ListRequest struct {
// Display name
// Required: false
DisplayName string `url:"display_name,omitempty" json:"display_name,omitempty"`
// Enabled status
// Required: false
Enabled interface{} `url:"enabled,omitempty" json:"enabled,omitempty" validate:"omitempty,isBool"`
// Filter by access group ID
// Required: false
AccessGroupID string `url:"access_group_id,omitempty" json:"access_group_id,omitempty"`
// Filter by applied to net object group ID
// Required: false
AppliedToNetObjectGroupID string `url:"applied_to_net_object_group_id,omitempty" json:"applied_to_net_object_group_id,omitempty"`
// Page number for pagination
// Required: false
Page uint64 `url:"page,omitempty" json:"page,omitempty"`
// Number of results per page
// Required: false
PerPage uint64 `url:"per_page,omitempty" json:"per_page,omitempty"`
// Field to sort by (display_name, enabled, created_at, updated_at, deleted_at, start_priority)
// Required: false
SortBy string `url:"sort_by,omitempty" json:"sort_by,omitempty"`
// Sort order (asc/desc)
// Required: false
SortOrder string `url:"sort_order,omitempty" json:"sort_order,omitempty"`
}
// List of security policies
func (i SecurityPolicies) List(ctx context.Context, req ListRequest) (SecurityPolicyList, error) {
res, err := i.ListRaw(ctx, req)
if err != nil {
return nil, err
}
result := []SecurityPolicySummary{}
err = json.Unmarshal(res, &result)
if err != nil {
return nil, err
}
return result, nil
}
// ListRaw gets a list of all security policies as an array of bytes
func (a SecurityPolicies) ListRaw(ctx context.Context, req ListRequest) ([]byte, error) {
if err := validators.ValidateRequest(req); err != nil {
return nil, validators.ValidationErrors(validators.GetErrors(err))
}
url := "/sdn/security_policy/list"
res, err := a.client.DecortApiCall(ctx, http.MethodGet, url, req)
return res, err
}

126
pkg/sdn/secpolicies/models.go Normal file
View File

@@ -0,0 +1,126 @@
package secpolicies
type SecurityPolicyList []SecurityPolicySummary
// SecurityPolicySummary provides brief information about the security policy
type SecurityPolicySummary struct {
// Access group ID
AccessGroupID string `json:"access_group_id"`
// Access group name
AccessGroupName string `json:"access_group_name"`
// Applied to network object group ID
AppliedToNetObjectGroupID string `json:"applied_to_net_object_group_id"`
// Created time
CreatedAt string `json:"created_at"`
// Description
Description string `json:"description"`
// Display name
DisplayName string `json:"display_name"`
// Enabled flag
Enabled bool `json:"enabled"`
// End priority
EndPriority int `json:"end_priority"`
// ID
ID string `json:"id"`
// Security rules
SecurityRules []SecurityRule `json:"security_rules"`
// Start priority
StartPriority int `json:"start_priority"`
// Status information
Status Status `json:"status"`
// Version ID
VersionID uint64 `json:"version_id"`
// Updated time
UpdatedAt string `json:"updated_at"`
}
// Status information
type Status struct {
// Common status
Common string `json:"common"`
// Hypervisor statuses
Hypervisors []HypervisorStatus `json:"hypervisors"`
}
// HypervisorStatus information
type HypervisorStatus struct {
// Status
Status string `json:"status"`
// Name
Name string `json:"name"`
// Display name
DisplayName string `json:"display_name"`
// Hypervisor status
HypervisorStatus string `json:"hypervisor_status"`
// Last sync time
SyncedAt string `json:"synced_at"`
}
// Security rules
type SecurityRule struct {
// Access group ID
AccessGroupID string `json:"access_group_id"`
// Action to take (Allow, Deny, etc.)
Action string `json:"action"`
// Description
Description string `json:"description"`
// Traffic direction (Ingress, Egress)
Direction string `json:"direction"`
// Display name
DisplayName string `json:"display_name"`
// Enabled flag
Enabled bool `json:"enabled"`
// Filter criteria
Filter Filter `json:"filter"`
// ID
ID string `json:"id"`
// Log enabled flag
LogEnabled bool `json:"log_enabled"`
// Log severity level
LogSeverity string `json:"log_severity"`
// Priority
Priority int `json:"priority"`
// Security policy ID
SecurityPolicyID string `json:"security_policy_id"`
// Statistics enabled flag
StatisticsEnabled bool `json:"statistics_enabled"`
// Version ID
VersionID uint64 `json:"version_id"`
}
// Filter represents the filter criteria for the security rule
type Filter struct {
// Filters map
Filters map[string]interface{} `json:"filters"`
}

49
pkg/sdn/secpolicies/move.go Normal file
View File

@@ -0,0 +1,49 @@
package secpolicies
import (
"context"
"encoding/json"
"net/http"
"repository.basistech.ru/BASIS/decort-golang-sdk/internal/constants"
"repository.basistech.ru/BASIS/decort-golang-sdk/internal/validators"
)
// DeleteRequest struct to move security policy
type MoveRequest struct {
// Security policy ID
// Required: true
SecurityPolicyID string `url:"security_policy_id" json:"security_policy_id" validate:"required"`
// Version ID
// Required: true
VersionID uint64 `url:"version_id" json:"version_id" validate:"required"`
// Security policy ID
// Required: true
InsertUp string `url:"insert_up" json:"insert_up" validate:"required"`
}
// Move a security policy
func (i SecurityPolicies) Move(ctx context.Context, req MoveRequest) (*SecurityPolicySummary, error) {
err := validators.ValidateRequest(req)
if err != nil {
return nil, validators.ValidationErrors(validators.GetErrors(err))
}
url := "/sdn/security_policy/move"
res, err := i.client.DecortApiCallCtype(ctx, http.MethodPatch, url, constants.MIMEJSON, req)
if err != nil {
return nil, err
}
info := SecurityPolicySummary{}
err = json.Unmarshal(res, &info)
if err != nil {
return nil, err
}
return &info, nil
}

10
pkg/sdn/secpolicies/rule.go Normal file
View File

@@ -0,0 +1,10 @@
package secpolicies
import (
"repository.basistech.ru/BASIS/decort-golang-sdk/pkg/sdn/secpolicies/rule"
)
// Accessing the security policies rule method group
func (r *SecurityPolicies) Rule() *rule.Rule {
return rule.New(r.client)
}

50
pkg/sdn/secpolicies/rule/get.go Normal file
View File

@@ -0,0 +1,50 @@
package rule
import (
"context"
"encoding/json"
"net/http"
"repository.basistech.ru/BASIS/decort-golang-sdk/internal/validators"
)
// GetRequest struct to get a security rules
type GetRequest struct {
// Security policy ID
// Required: true
SecurityPolicyID string `url:"security_policy_id" json:"security_policy_id" validate:"required"`
// Security rule ID
// Required: true
SecurityRuleID string `url:"security_rule_id" json:"security_rule_id" validate:"required"`
}
// Get a security policies
func (i Rule) Get(ctx context.Context, req GetRequest) (*SecurityRule, error) {
res, err := i.GetRaw(ctx, req)
if err != nil {
return nil, err
}
result := SecurityRule{}
err = json.Unmarshal(res, &result)
if err != nil {
return nil, err
}
return &result, nil
}
// GetRaw gets a security rule as an array of bytes
func (a Rule) GetRaw(ctx context.Context, req GetRequest) ([]byte, error) {
if err := validators.ValidateRequest(req); err != nil {
return nil, validators.ValidationErrors(validators.GetErrors(err))
}
url := "/sdn/security_policy/rule/get"
res, err := a.client.DecortApiCall(ctx, http.MethodGet, url, req)
return res, err
}

10
pkg/sdn/secpolicies/rule/ids.go Normal file
View File

@@ -0,0 +1,10 @@
package rule
// IDs gets array of IDs from SecurityRulesList struct
func (srl SecurityRulesList) IDs() []string {
res := make([]string, 0, len(srl))
for _, c := range srl {
res = append(res, c.ID)
}
return res
}

70
pkg/sdn/secpolicies/rule/list.go Normal file
View File

@@ -0,0 +1,70 @@
package rule
import (
"context"
"encoding/json"
"net/http"
"repository.basistech.ru/BASIS/decort-golang-sdk/internal/validators"
)
// ListRequest struct to get a list of security rules
type ListRequest struct {
// Security policy ID
// Required: true
SecurityPolicyID string `url:"security_policy_id" json:"security_policy_id" validate:"required"`
// Display name
// Required: false
DisplayName string `url:"display_name,omitempty" json:"display_name,omitempty"`
// Enabled status
// Required: false
Enabled interface{} `url:"enabled,omitempty" json:"enabled,omitempty" validate:"omitempty,isBool"`
// Page number for pagination
// Required: false
Page uint64 `url:"page,omitempty" json:"page,omitempty"`
// Number of results per page
// Required: false
PerPage uint64 `url:"per_page,omitempty" json:"per_page,omitempty"`
// Field to sort by (display_name, enabled, created_at, updated_at, deleted_at, start_priority)
// Required: false
SortBy string `url:"sort_by,omitempty" json:"sort_by,omitempty"`
// Sort order (asc/desc)
// Required: false
SortOrder string `url:"sort_order,omitempty" json:"sort_order,omitempty"`
}
// List of security policies
func (i Rule) List(ctx context.Context, req ListRequest) (SecurityRulesList, error) {
res, err := i.ListRaw(ctx, req)
if err != nil {
return nil, err
}
result := []SecurityRule{}
err = json.Unmarshal(res, &result)
if err != nil {
return nil, err
}
return result, nil
}
// ListRaw gets a list of all security rules as an array of bytes
func (a Rule) ListRaw(ctx context.Context, req ListRequest) ([]byte, error) {
if err := validators.ValidateRequest(req); err != nil {
return nil, validators.ValidationErrors(validators.GetErrors(err))
}
url := "/sdn/security_policy/rule/list"
res, err := a.client.DecortApiCall(ctx, http.MethodGet, url, req)
return res, err
}

54
pkg/sdn/secpolicies/rule/models.go Normal file
View File

@@ -0,0 +1,54 @@
package rule
type SecurityRulesList []SecurityRule
// SecurityRule
type SecurityRule struct {
// Access group ID
AccessGroupID string `json:"access_group_id"`
// Action to take (Allow, Deny, etc.)
Action string `json:"action"`
// Description
Description string `json:"description"`
// Traffic direction (Ingress, Egress)
Direction string `json:"direction"`
// Display name
DisplayName string `json:"display_name"`
// Enabled flag
Enabled bool `json:"enabled"`
// Filter criteria
Filter Filter `json:"filter"`
// ID
ID string `json:"id"`
// Log enabled flag
LogEnabled bool `json:"log_enabled"`
// Log severity level
LogSeverity string `json:"log_severity"`
// Priority
Priority int `json:"priority"`
// Security policy ID
SecurityPolicyID string `json:"security_policy_id"`
// Statistics enabled flag
StatisticsEnabled bool `json:"statistics_enabled"`
// Version ID
VersionID uint64 `json:"version_id"`
}
// Filter represents the filter criteria for the security rule
type Filter struct {
// Filters map
Filters map[string]interface{} `json:"filters"`
}

18
pkg/sdn/secpolicies/rule/rule.go Normal file
View File

@@ -0,0 +1,18 @@
// API Actor API for managing SDN security policies rule
package rule
import (
"repository.basistech.ru/BASIS/decort-golang-sdk/interfaces"
)
// Structure for creating request to security policies rule
type Rule struct {
client interfaces.Caller
}
// Builder for security policies rule endpoints
func New(client interfaces.Caller) *Rule {
return &Rule{
client,
}
}

27
pkg/sdn/secpolicies/rule/serialize.go Normal file
View File

@@ -0,0 +1,27 @@
package rule
import (
"encoding/json"
"repository.basistech.ru/BASIS/decort-golang-sdk/internal/serialization"
)
// Serialize returns JSON-serialized []byte. Used as a wrapper over json.Marshal and json.MarshalIndent functions.
//
// In order to serialize with indent make sure to follow these guidelines:
// - First argument -> prefix
// - Second argument -> indent
func (la SecurityRulesList) Serialize(params ...string) (serialization.Serialized, error) {
if len(la) == 0 {
return []byte{}, nil
}
if len(params) > 1 {
prefix := params[0]
indent := params[1]
return json.MarshalIndent(la, prefix, indent)
}
return json.Marshal(la)
}

18
pkg/sdn/secpolicies/security_policies.go Normal file
View File

@@ -0,0 +1,18 @@
// API Actor API for managing SDN secirity policies
package secpolicies
import (
"repository.basistech.ru/BASIS/decort-golang-sdk/interfaces"
)
// Structure for creating request to security policies
type SecurityPolicies struct {
client interfaces.Caller
}
// Builder for adress pools endpoints
func New(client interfaces.Caller) *SecurityPolicies {
return &SecurityPolicies{
client,
}
}

27
pkg/sdn/secpolicies/serialize.go Normal file
View File

@@ -0,0 +1,27 @@
package secpolicies
import (
"encoding/json"
"repository.basistech.ru/BASIS/decort-golang-sdk/internal/serialization"
)
// Serialize returns JSON-serialized []byte. Used as a wrapper over json.Marshal and json.MarshalIndent functions.
//
// In order to serialize with indent make sure to follow these guidelines:
// - First argument -> prefix
// - Second argument -> indent
func (la SecurityPolicyList) Serialize(params ...string) (serialization.Serialized, error) {
if len(la) == 0 {
return []byte{}, nil
}
if len(params) > 1 {
prefix := params[0]
indent := params[1]
return json.MarshalIndent(la, prefix, indent)
}
return json.Marshal(la)
}

80
pkg/sdn/secpolicies/update.go Normal file
View File

@@ -0,0 +1,80 @@
package secpolicies
import (
"context"
"encoding/json"
"net/http"
"repository.basistech.ru/BASIS/decort-golang-sdk/internal/constants"
"repository.basistech.ru/BASIS/decort-golang-sdk/internal/validators"
)
// UpdateRequest struct to update security policy
type UpdateRequest struct {
// ID a security policy
// Required: true
SecurityPolicyID string `url:"security_policy_id" json:"security_policy_id" validate:"required"`
// Required: true
VersionID uint64 `url:"version_id" json:"version_id" validate:"required"`
// Applied to net object group ID
// Required: true
AppliedToNetObjectGroupID string `url:"applied_to_net_object_group_id" json:"applied_to_net_object_group_id" validate:"required"`
// Description of the schedule rule
// Required: true
Description string `url:"description" json:"description"`
// Display name of the schedule rule
// Required: true
DisplayName string `url:"display_name" json:"display_name"`
// Enabled status of the schedule rule
// Required: true
Enabled bool `url:"enabled" json:"enabled"`
// End date and time for the schedule rule
// Required: false
EndDateTime string `url:"end_date_time,omitempty" json:"end_date_time,omitempty"`
// Insert up reference
// Required: false
InsertUp string `url:"insert_up,omitempty" json:"insert_up,omitempty"`
// Locked at timestamp
// Required: false
LockedAt string `url:"locked_at,omitempty" json:"locked_at,omitempty"`
// Schedule cron expression
// Required: false
ScheduleCron string `url:"schedule_cron,omitempty" json:"schedule_cron,omitempty"`
// Start date and time for the schedule rule
// Required: false
StartDateTime string `url:"start_date_time,omitempty" json:"start_date_time,omitempty"`
}
// Update updates a security policy
func (i SecurityPolicies) Update(ctx context.Context, req UpdateRequest) (*SecurityPolicySummary, error) {
err := validators.ValidateRequest(req)
if err != nil {
return nil, validators.ValidationErrors(validators.GetErrors(err))
}
url := "/sdn/security_policy/update"
res, err := i.client.DecortApiCallCtype(ctx, http.MethodPut, url, constants.MIMEJSON, req)
if err != nil {
return nil, err
}
info := SecurityPolicySummary{}
err = json.Unmarshal(res, &info)
if err != nil {
return nil, err
}
return &info, nil
}