dev: policy model fixes (#18)

* include preferredRemoteColor in sla action set

* include icmpMessage in acl match

* include vpn match entry in device access control list match

catalystwan/models/configuration/feature_profile/sdwan/acl/ipv4acl.py

@@ -6,55 +6,9 @@
 from pydantic import AliasPath, BaseModel, ConfigDict, Field, model_validator
 
 from catalystwan.api.configuration_groups.parcel import Default, Global, Variable, _ParcelBase, as_global, as_variable
-from catalystwan.models.common import AcceptDropActionType, check_fields_exclusive
+from catalystwan.models.common import AcceptDropActionType, IcmpMsgType, check_fields_exclusive
 from catalystwan.models.configuration.feature_profile.common import RefIdItem
 
-IcmpIPv4Messages = Literal[
-    "administratively-prohibited",
-    "dod-host-prohibited",
-    "dod-net-prohibited",
-    "echo",
-    "echo-reply",
-    "echo-reply-no-error",
-    "extended-echo",
-    "extended-echo-reply",
-    "general-parameter-problem",
-    "host-isolated",
-    "host-precedence-unreachable",
-    "host-redirect",
-    "host-tos-redirect",
-    "host-tos-unreachable",
-    "host-unknown",
-    "host-unreachable",
-    "interface-error",
-    "malformed-query",
-    "multiple-interface-match",
-    "net-redirect",
-    "net-tos-redirect",
-    "net-tos-unreachable",
-    "net-unreachable",
-    "network-unknown",
-    "no-room-for-option",
-    "option-missing",
-    "packet-too-big",
-    "parameter-problem",
-    "photuris",
-    "port-unreachable",
-    "precedence-unreachable",
-    "protocol-unreachable",
-    "reassembly-timeout",
-    "redirect",
-    "router-advertisement",
-    "router-solicitation",
-    "source-route-failed",
-    "table-entry-error",
-    "time-exceeded",
-    "timestamp-reply",
-    "timestamp-request",
-    "ttl-exceeded",
-    "unreachable",
-]
-
 
 class SourceDataPrefixList(BaseModel):
     model_config = ConfigDict(populate_by_name=True)
@@ -110,7 +64,7 @@ class MatchEntry(BaseModel):
         description="Destination Port List",
     )
     dscp: Optional[Global[List[int]]] = Field(default=None)
-    icmp_msg: Optional[Global[List[IcmpIPv4Messages]]] = Field(
+    icmp_msg: Optional[Global[List[IcmpMsgType]]] = Field(
         default=None, validation_alias="icmpMsg", serialization_alias="icmpMsg"
     )
     packet_length: Union[Global[str], Global[int], None] = Field(
@@ -249,8 +203,8 @@ def match_destination_ports(self, ports: List[Union[int, Tuple[int, int]]]):
     def match_dscp(self, dscp: List[int]):
         self._entry.dscp = as_global(dscp)
 
-    def match_icmp_msg(self, icmp: List[IcmpIPv4Messages]):
-        self._entry.icmp_msg = Global[List[IcmpIPv4Messages]](value=icmp)
+    def match_icmp_msg(self, icmp: List[IcmpMsgType]):
+        self._entry.icmp_msg = Global[List[IcmpMsgType]](value=icmp)
 
     def match_packet_length(self, len: Union[int, Tuple[int, int]]):
         if isinstance(len, int):

catalystwan/models/policy/definition/access_control_list.py

@@ -7,6 +7,7 @@
 from pydantic import ConfigDict, Field
 from typing_extensions import Annotated
 
+from catalystwan.models.common import IcmpMsgType
 from catalystwan.models.policy.policy_definition import (
     AcceptDropActionType,
     ActionSet,
@@ -18,6 +19,7 @@
     DestinationIPEntry,
     DestinationPortEntry,
     DSCPEntry,
+    ICMPMessageEntry,
     LogAction,
     Match,
     MirrorAction,
@@ -46,6 +48,7 @@
         DestinationIPEntry,
         DestinationPortEntry,
         DSCPEntry,
+        ICMPMessageEntry,
         PacketLengthEntry,
         PLPEntry,
         ProtocolEntry,
@@ -91,6 +94,9 @@ class AclPolicySequence(PolicyDefinitionSequenceBase):
     def match_dscp(self, dscp: List[int]) -> None:
         self._insert_match(DSCPEntry(value=dscp))
 
+    def match_icmp(self, icmp_message_types: List[IcmpMsgType]) -> None:
+        self._insert_match(ICMPMessageEntry(value=icmp_message_types))
+
     def match_packet_length(self, packet_lengths: Tuple[int, int]) -> None:
         self._insert_match(PacketLengthEntry.from_range(packet_lengths))
 

catalystwan/models/policy/definition/device_access.py

@@ -23,6 +23,7 @@
     SourceDataPrefixListEntry,
     SourceIPEntry,
     SourcePortEntry,
+    VPNEntry,
 )
 
 DeviceAccessPolicySequenceMatchEntry = Annotated[
@@ -33,6 +34,7 @@
         SourceDataPrefixListEntry,
         SourceIPEntry,
         SourcePortEntry,
+        VPNEntry,
     ],
     Field(discriminator="field"),
 ]

catalystwan/models/policy/policy_definition.py

@@ -1133,6 +1133,14 @@ class SlaPreferredColor(BaseModel):
     value: SpaceSeparatedTLOCColorStr
 
 
+class SlaPreferredRemoteColor(BaseModel):
+    field: Literal["preferredRemoteColor"] = "preferredRemoteColor"
+    value: TLOCColor
+    remote_color_restrict: Optional[bool] = Field(
+        default=None, serialization_alias="remoteColorRestrict", validation_alias="remoteColorRestrict"
+    )
+
+
 class SlaPreferredColorGroup(BaseModel):
     field: Literal["preferredColorGroup"] = "preferredColorGroup"
     ref: UUID
@@ -1147,6 +1155,7 @@ class SlaNotMet(BaseModel):
         SlaName,
         SlaPreferredColor,
         SlaPreferredColorGroup,
+        SlaPreferredRemoteColor,
         SlaNotMet,
     ],
     Field(discriminator="field"),
@@ -1234,7 +1243,7 @@ class CloudSaaSAction(BaseModel):
 
 class ActionSet(BaseModel):
     type: Literal["set"] = "set"
-    parameter: List[ActionSetEntry] = []
+    parameter: List[ActionSetEntry] = Field(default_factory=list)
 
 
 ActionEntry = Annotated[

pyproject.toml

@@ -1,6 +1,6 @@
 [tool.poetry]
 name = "catalystwan"
-version = "0.40.0dev6"
+version = "0.40.0dev7"
 description = "Cisco Catalyst WAN SDK for Python"
 authors = ["kagorski <[email protected]>"]
 readme = "README.md"