SonicWall - 378 - Add Address Object to Group: Fixed issue where prev…

…ious address objects were removed from the group in newer versions of SonicWall (#2554)
rapid7 · May 28, 2024 · ed4d731 · ed4d731
1 parent 25f630b
commit ed4d731
Show file tree

Hide file tree

Showing 6 changed files with 20 additions and 11 deletions.
diff --git a/plugins/sonicwall/.CHECKSUM b/plugins/sonicwall/.CHECKSUM
@@ -1,7 +1,7 @@
 {
-	"spec": "192e25122eb60fd9689ca28e528bb2a3",
-	"manifest": "0af1ef51f118462992dfd98233820f43",
-	"setup": "b29d001158ad1ec7eca67b20c5623839",
+	"spec": "23bd1bbd0ba0edd6f50a24dfc1570442",
+	"manifest": "45e07e9cf760271492b89118c0efee77",
+	"setup": "e45c752edc41c01e228f5aa6058b0fc4",
 	"schemas": [
 		{
 			"identifier": "add_address_object_to_group/schema.py",

diff --git a/plugins/sonicwall/bin/icon_sonicwall b/plugins/sonicwall/bin/icon_sonicwall
@@ -6,7 +6,7 @@ from sys import argv
 
 Name = "SonicWall Firewall"
 Vendor = "rapid7"
-Version = "1.3.5"
+Version = "1.3.6"
 Description = "Manage firewalls and block hosts with SonicWall firewalls"
 
 

diff --git a/plugins/sonicwall/help.md b/plugins/sonicwall/help.md
@@ -351,10 +351,11 @@ Example output:
 
 ## Troubleshooting
 
-*There is no troubleshooting for this plugin.*
+*This plugin does not contain a troubleshooting.*
 
 # Version History
 
+* 1.3.6 - `Add Address Object to Group`: Fixed issue where previous address objects were removed from the group in newer versions of SonicWall
 * 1.3.5 - `Add Address Object to Group`: Fixed issue with payload syntax
 * 1.3.4 - Updated SDK to the latest version | Updated objects checking
 * 1.3.3 - Updated SDK to the latest version | Extended actions logging

diff --git a/plugins/sonicwall/icon_sonicwall/util/api.py b/plugins/sonicwall/icon_sonicwall/util/api.py
@@ -66,6 +66,7 @@ def get_object_type(self, name: str) -> str:
     def add_address_object_to_group(
         self, group_type: str, group_name: str, object_type: str, object_name: str
     ) -> Dict[str, Any]:
+        # General payload data structure for SonicWall API less than 7.x.x
         data = {
             "address_group": {
                 group_type: {
@@ -74,10 +75,15 @@ def add_address_object_to_group(
                 }
             }
         }
-        for payload in [data, {"address_groups": [data.get("address_group", {})]}]:
+
+        # PUT method in SonicWall API version 7.x.x it behaves as PATCH method, while PATCH behaves as PUT
+        # To handle SonicWall API version 6.x.x and 7.x.x I need to handle those two methods as the previous version API
+        # Worked fine with PUT method. Also, SonicWall API version 7.x.x has different payload structure
+        payload_map = {"PUT": data, "PATCH": {"address_groups": [data.get("address_group", {})]}}
+        for method, payload in payload_map.items():
             try:
                 return self._make_request(
-                    "PUT",
+                    method,
                     f"address-groups/{group_type}/name/{group_name}",
                     json_data=payload,
                     commit_pending_changes=True,
@@ -121,11 +127,12 @@ def _make_request(
     ) -> Dict[str, Any]:
         try:
             self.login()
-            return self._call_api(method, path, *args, **kwargs)
-        finally:
+            response = self._call_api(method, path, *args, **kwargs)
             if commit_pending_changes:
                 self._call_api("POST", "config/pending")
                 self.logger.info("Pending configuration committed.")
+            return response
+        finally:
             self.logout()
 
     def _call_api(

diff --git a/plugins/sonicwall/plugin.spec.yaml b/plugins/sonicwall/plugin.spec.yaml
@@ -4,7 +4,7 @@ products: [insightconnect]
 name: sonicwall
 title: SonicWall Firewall
 description: Manage firewalls and block hosts with SonicWall firewalls
-version: 1.3.5
+version: 1.3.6
 connection_version: 1
 supported_versions: ["SonicWall 04-03-2024"]
 vendor: rapid7
@@ -20,6 +20,7 @@ requirements:
   - Username and password
   - Base URL of firewall
 version_history:
+  - "1.3.6 - `Add Address Object to Group`: Fixed issue where previous address objects were removed from the group in newer versions of SonicWall"
   - "1.3.5 - `Add Address Object to Group`: Fixed issue with payload syntax"
   - "1.3.4 - Updated SDK to the latest version | Updated objects checking"
   - "1.3.3 - Updated SDK to the latest version | Extended actions logging"

diff --git a/plugins/sonicwall/setup.py b/plugins/sonicwall/setup.py
@@ -3,7 +3,7 @@
 
 
 setup(name="sonicwall-rapid7-plugin",
-      version="1.3.5",
+      version="1.3.6",
       description="Manage firewalls and block hosts with SonicWall firewalls",
       author="rapid7",
       author_email="",