From af5304b6f9214887deaab0c0987b5eb915dc4924 Mon Sep 17 00:00:00 2001 From: MysticRyuujin Date: Thu, 26 Mar 2020 17:02:28 -0500 Subject: [PATCH 1/3] Include addgroup function to source_port and destination_port. Make json dump a debug level log. --- fmcapi/api_objects/apiclasstemplate.py | 3 + .../policy_services/accessrules.py | 64 +++++++++++++++++++ 2 files changed, 67 insertions(+) diff --git a/fmcapi/api_objects/apiclasstemplate.py b/fmcapi/api_objects/apiclasstemplate.py index 798d42f..01a8da1 100644 --- a/fmcapi/api_objects/apiclasstemplate.py +++ b/fmcapi/api_objects/apiclasstemplate.py @@ -177,6 +177,9 @@ def get(self, **kwargs): ) if "id" not in self.__dict__: logging.warning( + f"\tGET query for {self.name} is not found." + ) + logging.debug( f"\tGET query for {self.name} is not found.\n\t\tResponse: {json.dumps(response)}" ) else: diff --git a/fmcapi/api_objects/policy_services/accessrules.py b/fmcapi/api_objects/policy_services/accessrules.py index 133ce31..04c20a2 100644 --- a/fmcapi/api_objects/policy_services/accessrules.py +++ b/fmcapi/api_objects/policy_services/accessrules.py @@ -511,6 +511,38 @@ def source_port(self, action, name=""): f'Protocol Port or Protocol Port Group: "{name}", ' f"not found. Cannot add to AccessRules." ) + elif action == "addgroup": + item = PortObjectGroups(fmc=self.fmc) + item.get(name=name) + if "id" in item.__dict__: + if "sourcePorts" in self.__dict__: + new_port = {"name": item.name, "id": item.id, "type": item.type} + duplicate = False + if "objects" not in self.sourcePorts: + self.__dict__["sourcePorts"]["objects"] = [] + for obj in self.sourcePorts["objects"]: + if obj["name"] == new_port["name"]: + duplicate = True + break + if not duplicate: + self.sourcePorts["objects"].append(new_port) + logging.info( + f'Adding "{name}" to sourcePorts for this AccessRules.' + ) + else: + self.sourcePorts = { + "objects": [ + {"name": item.name, "id": item.id, "type": item.type} + ] + } + logging.info( + f'Adding "{name}" to sourcePorts for this AccessRules.' + ) + else: + logging.warning( + f'Protocol Port Port Group: "{name}", ' + f"not found. Cannot add to AccessRules." + ) elif action == "remove": pport_json = ProtocolPortObjects(fmc=self.fmc) pport_json.get(name=name) @@ -589,6 +621,38 @@ def destination_port(self, action, name=""): f'Protocol Port or Protocol Port Group: "{name}", ' f"not found. Cannot add to AccessRules." ) + if action == "addgroup": + item = PortObjectGroups(fmc=self.fmc) + item.get(name=name) + if "id" in item.__dict__: + if "destinationPorts" in self.__dict__: + new_port = {"name": item.name, "id": item.id, "type": item.type} + duplicate = False + if "objects" not in self.destinationPorts: + self.__dict__["destinationPorts"]["objects"] = [] + for obj in self.destinationPorts["objects"]: + if obj["name"] == new_port["name"]: + duplicate = True + break + if not duplicate: + self.destinationPorts["objects"].append(new_port) + logging.info( + f'Adding "{name}" to destinationPorts for this AccessRules.' + ) + else: + self.destinationPorts = { + "objects": [ + {"name": item.name, "id": item.id, "type": item.type} + ] + } + logging.info( + f'Adding "{name}" to destinationPorts for this AccessRules.' + ) + else: + logging.warning( + f'Protocol Port or Protocol Port Group: "{name}", ' + f"not found. Cannot add to AccessRules." + ) elif action == "remove": pport_json = ProtocolPortObjects(fmc=self.fmc) pport_json.get(name=name) From dadbe1d5ddc77ea0ec2fe18782806c74931560a2 Mon Sep 17 00:00:00 2001 From: MysticRyuujin Date: Thu, 26 Mar 2020 17:03:07 -0500 Subject: [PATCH 2/3] Fix warning message. --- fmcapi/api_objects/policy_services/accessrules.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fmcapi/api_objects/policy_services/accessrules.py b/fmcapi/api_objects/policy_services/accessrules.py index 04c20a2..abaaadd 100644 --- a/fmcapi/api_objects/policy_services/accessrules.py +++ b/fmcapi/api_objects/policy_services/accessrules.py @@ -650,7 +650,7 @@ def destination_port(self, action, name=""): ) else: logging.warning( - f'Protocol Port or Protocol Port Group: "{name}", ' + f'Protocol Port Port Group: "{name}", ' f"not found. Cannot add to AccessRules." ) elif action == "remove": From 7bbb4478f38957e602698f256d5bbec466fd6137 Mon Sep 17 00:00:00 2001 From: MysticRyuujin Date: Thu, 26 Mar 2020 17:10:35 -0500 Subject: [PATCH 3/3] fix param actions --- fmcapi/api_objects/policy_services/accessrules.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/fmcapi/api_objects/policy_services/accessrules.py b/fmcapi/api_objects/policy_services/accessrules.py index abaaadd..285bd33 100644 --- a/fmcapi/api_objects/policy_services/accessrules.py +++ b/fmcapi/api_objects/policy_services/accessrules.py @@ -469,7 +469,7 @@ def source_port(self, action, name=""): """ Add/modify name to sourcePorts field of AccessRules object. - :param action: (str) 'add', 'remove', or 'clear' + :param action: (str) 'add', 'addgroup', 'remove', or 'clear' :param name: (str) Name of Port in FMC. :return: None """ @@ -579,7 +579,7 @@ def destination_port(self, action, name=""): """ Add/modify name to destinationPorts field of AccessRules object. - :param action: (str) 'add', 'remove', or 'clear' + :param action: (str) 'add', 'addgroup', 'remove', or 'clear' :param name: (str) Name of Port in FMC. :return: None """