DecryptionRule object is using xpath for PolicyBasedForwarding object resulting in an error

[johnjtorres]

Describe the bug

When attempting to create a DecryptionRule, pan-os-python is using the xpath for a PolicyBasedForwarding object instead of a DecryptionRule object which results in an error.

Expected behavior

Xpath for DecryptionRule should be used:
/config/devices/entry[@name='localhost.localdomain']/vsys/entry[@name='vsys1']/rulebase/decryption/rules/entry[@name='<REDACTED>']

Current behavior

Xpath for a PolicyBasedForwarding object is being used:
/config/devices/entry[@name='localhost.localdomain']/vsys/entry[@name='vsys1']/rulebase/pbf/rules/entry[@name='<REDACTED>']

Steps to reproduce

import logging
from panos.firewall import Firewall
from panos.policies import DecryptionRule, Rulebase

fw = Firewall(...)
rulebase = Rulebase()

decrypt_rule = DecryptionRule(...)

fw.add(rulebase)
rulebase.add(decrypt_rule)

logging.info(decrypt_rule.xpath())
decrypt_rule.create()

Context

Here is the traceback. The parameters are different between pbf and decrypt rules which is what I think this error is saying.

Traceback (most recent call last):
  File "C:\python38\lib\site-packages\panos\base.py", line 3661, in method
    super_method(self, *args, **kwargs)
  File "C:\python38\lib\site-packages\pan\xapi.py", line 741, in set
    self.__type_config('set', query, extra_qs)
  File "C:\python38\lib\site-packages\pan\xapi.py", line 805, in __type_config
    raise PanXapiError(self.status_detail)
pan.xapi.PanXapiError:  pbf -> rules -> <REDACTED> -> from unexpected here
 pbf -> rules -> <REDACTED> -> from is invalid

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "<REDACTED>", line 69, in <module>
    main()
  File "<REDACTED>", line 47, in main
    create_decrypt_rule(fw, **decrypt_rule)
  File "<REDACTED>", line 65, in create_decrypt_rule
    decrypt_rule.create()
  File "<REDACTED>", line 641, in create
    device.active().xapi.set(
  File "<REDACTED>", line 3682, in method
    raise the_exception
panos.errors.PanDeviceXapiError:  pbf -> rules -> <REDACTED> -> from unexpected here
 pbf -> rules -> <REDACTED> -> from is invalid

Here is the log showing the xpath of the decrypt_rule object and the api query that is made. You can see it has "pbf" in it. This is what I am trying to figure out.

INFO:root:/config/devices/entry[@name='localhost.localdomain']/vsys/entry[@name='vsys1']/rulebase/pbf/rules/entry[@name='<REDACTED>']
DEBUG:panos.base:<REDACTED>: create called on <class 'panos.policies.DecryptionRule'> object "<REDACTED>"
DEBUG2:pan.xapi:query: {'xpath': "/config/devices/entry[@name='localhost.localdomain']/vsys/entry[@name='<REDACTED>']/rulebase/pbf/rules", 'element': b'<entry name="<REDACTED>"><from><member><REDACTED></member></from><to><member><REDACTED></member></to><service><member><REDACTED></member></service><action>decrypt</action><type><ssl-inbound-inspection /></type><profile><REDACTED></profile></entry>', 'type': 'config', 'action': 'set', 'key': '******'}
DEBUG2:pan.xapi:URI: https://<REDACTED>:443/api/?xpath=/config/devices/entry[@name='localhost.localdomain']/vsys/entry[@name='<REDACTED>']/rulebase/pbf/rules&element=b'<entry name="<REDACTED>"><from><member><REDACTED></member></from><to><member><REDACTED></member></to><service><member><REDACTED></member></service><action>decrypt</action><type><ssl-inbound-inspection /></type><profile><REDACTED></profile></entry>'&type=config&action=set&key=******

Your Environment

Python 3.8.1
pan-os-python 1.6.0

[johnjtorres]

An even easier way to reproduce the issue:

from panos.policies import DecryptionRule

dr = DecryptionRule()
print(dr.xpath())

/pbf/rules/entry[@name='None']

[johnjtorres]

I see this issue was already addressed.

bug: DecryptionRule wrong xpath. #404