1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2024-09-14 20:13:21 +02:00
community.general/plugins/modules/web_infrastructure/sophos_utm/utm_proxy_exception.py

242 lines
7.5 KiB
Python
Raw Normal View History

2020-03-09 10:11:07 +01:00
#!/usr/bin/python
# Copyright: (c) 2018, Sebastian Schenzel <sebastian.schenzel@mailbox.org>
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import absolute_import, division, print_function
__metaclass__ = type
DOCUMENTATION = '''
---
module: utm_proxy_exception
author:
- Sebastian Schenzel (@RickS-C137)
short_description: Create, update or destroy reverse_proxy exception entry in Sophos UTM
description:
- Create, update or destroy a reverse_proxy exception entry in SOPHOS UTM.
- This module needs to have the REST Ability of the UTM to be activated.
options:
name:
description:
- The name of the object. Will be used to identify the entry
required: True
type: str
op:
description:
- The operand to be used with the entries of the path parameter
default: 'AND'
choices:
- 'AND'
- 'OR'
required: False
type: str
path:
description:
- The paths the exception in the reverse proxy is defined for
type: list
Tidy up validate-modules ignores for modules: web_infrastructure/sophos_utm (#1351) (#1352) * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_aaa_group_info.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_aaa_group.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_ca_host_key_cert_info.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_ca_host_key_cert.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_dns_host.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_network_interface_address_info.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_network_interface_address.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_proxy_auth_profile.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_proxy_exception.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_proxy_frontend_info.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_proxy_frontend.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_proxy_location_info.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_proxy_location.py * Enabling validation-modules for web_infrastructure/sophos_utm modules * Rolled back utm_network_interface_address.py for 2.9 sake (cherry picked from commit 4c88a8edc0a0d09ede9f1bd5b8602bfea1075bce) Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
2020-11-22 12:34:29 +01:00
elements: str
2020-03-09 10:11:07 +01:00
default: []
required: False
skip_custom_threats_filters:
description:
- A list of threats to be skipped
type: list
Tidy up validate-modules ignores for modules: web_infrastructure/sophos_utm (#1351) (#1352) * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_aaa_group_info.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_aaa_group.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_ca_host_key_cert_info.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_ca_host_key_cert.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_dns_host.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_network_interface_address_info.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_network_interface_address.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_proxy_auth_profile.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_proxy_exception.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_proxy_frontend_info.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_proxy_frontend.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_proxy_location_info.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_proxy_location.py * Enabling validation-modules for web_infrastructure/sophos_utm modules * Rolled back utm_network_interface_address.py for 2.9 sake (cherry picked from commit 4c88a8edc0a0d09ede9f1bd5b8602bfea1075bce) Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
2020-11-22 12:34:29 +01:00
elements: str
2020-03-09 10:11:07 +01:00
default: []
required: False
skip_threats_filter_categories:
description:
- Define which categories of threats are skipped
type: list
Tidy up validate-modules ignores for modules: web_infrastructure/sophos_utm (#1351) (#1352) * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_aaa_group_info.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_aaa_group.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_ca_host_key_cert_info.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_ca_host_key_cert.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_dns_host.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_network_interface_address_info.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_network_interface_address.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_proxy_auth_profile.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_proxy_exception.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_proxy_frontend_info.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_proxy_frontend.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_proxy_location_info.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_proxy_location.py * Enabling validation-modules for web_infrastructure/sophos_utm modules * Rolled back utm_network_interface_address.py for 2.9 sake (cherry picked from commit 4c88a8edc0a0d09ede9f1bd5b8602bfea1075bce) Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
2020-11-22 12:34:29 +01:00
elements: str
2020-03-09 10:11:07 +01:00
default: []
required: False
skipav:
description:
- Skip the Antivirus Scanning
default: False
type: bool
required: False
skipbadclients:
description:
- Block clients with bad reputation
default: False
type: bool
required: False
skipcookie:
description:
- Skip the Cookie Signing check
default: False
type: bool
required: False
skipform:
description:
- Enable form hardening
default: False
type: bool
required: False
skipform_missingtoken:
description:
- Enable form hardening with missing tokens
default: False
type: bool
required: False
skiphtmlrewrite:
description:
- Protection against SQL
default: False
type: bool
required: False
skiptft:
description:
- Enable true file type control
default: False
type: bool
required: False
skipurl:
description:
- Enable static URL hardening
default: False
type: bool
required: False
source:
description:
- Define which categories of threats are skipped
type: list
Tidy up validate-modules ignores for modules: web_infrastructure/sophos_utm (#1351) (#1352) * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_aaa_group_info.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_aaa_group.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_ca_host_key_cert_info.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_ca_host_key_cert.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_dns_host.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_network_interface_address_info.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_network_interface_address.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_proxy_auth_profile.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_proxy_exception.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_proxy_frontend_info.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_proxy_frontend.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_proxy_location_info.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_proxy_location.py * Enabling validation-modules for web_infrastructure/sophos_utm modules * Rolled back utm_network_interface_address.py for 2.9 sake (cherry picked from commit 4c88a8edc0a0d09ede9f1bd5b8602bfea1075bce) Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
2020-11-22 12:34:29 +01:00
elements: str
2020-03-09 10:11:07 +01:00
default: []
required: False
status:
description:
- Status of the exception rule set
default: True
type: bool
required: False
extends_documentation_fragment:
- community.general.utm
'''
EXAMPLES = """
- name: Create UTM proxy_exception
community.general.utm_proxy_exception:
2020-03-09 10:11:07 +01:00
utm_host: sophos.host.name
utm_token: abcdefghijklmno1234
name: TestExceptionEntry
backend: REF_OBJECT_STRING
state: present
- name: Remove UTM proxy_exception
community.general.utm_proxy_exception:
2020-03-09 10:11:07 +01:00
utm_host: sophos.host.name
utm_token: abcdefghijklmno1234
name: TestExceptionEntry
state: absent
"""
RETURN = """
result:
description: The utm object that was created
returned: success
type: complex
contains:
_ref:
description: The reference name of the object
type: str
_locked:
description: Whether or not the object is currently locked
type: bool
_type:
description: The type of the object
type: str
name:
description: The name of the object
type: str
comment:
description: The optional comment string
Tidy up validate-modules ignores for modules: web_infrastructure/sophos_utm (#1351) (#1352) * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_aaa_group_info.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_aaa_group.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_ca_host_key_cert_info.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_ca_host_key_cert.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_dns_host.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_network_interface_address_info.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_network_interface_address.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_proxy_auth_profile.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_proxy_exception.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_proxy_frontend_info.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_proxy_frontend.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_proxy_location_info.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_proxy_location.py * Enabling validation-modules for web_infrastructure/sophos_utm modules * Rolled back utm_network_interface_address.py for 2.9 sake (cherry picked from commit 4c88a8edc0a0d09ede9f1bd5b8602bfea1075bce) Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
2020-11-22 12:34:29 +01:00
type: str
2020-03-09 10:11:07 +01:00
op:
description: The operand to be used with the entries of the path parameter
type: str
path:
description: The paths the exception in the reverse proxy is defined for
type: list
skip_custom_threats_filters:
description: A list of threats to be skipped
type: list
skip_threats_filter_categories:
description: Define which categories of threats are skipped
type: list
skipav:
description: Skip the Antivirus Scanning
type: bool
skipbadclients:
description: Block clients with bad reputation
type: bool
skipcookie:
description: Skip the Cookie Signing check
type: bool
skipform:
description: Enable form hardening
type: bool
skipform_missingtoken:
description: Enable form hardening with missing tokens
type: bool
skiphtmlrewrite:
description: Protection against SQL
type: bool
skiptft:
description: Enable true file type control
type: bool
skipurl:
description: Enable static URL hardening
type: bool
source:
description: Define which categories of threats are skipped
type: list
"""
from ansible_collections.community.general.plugins.module_utils.utm_utils import UTM, UTMModule
from ansible.module_utils._text import to_native
def main():
endpoint = "reverse_proxy/exception"
key_to_check_for_changes = ["op", "path", "skip_custom_threats_filters", "skip_threats_filter_categories", "skipav",
"comment", "skipbadclients", "skipcookie", "skipform", "status", "skipform_missingtoken",
"skiphtmlrewrite", "skiptft", "skipurl", "source"]
module = UTMModule(
argument_spec=dict(
name=dict(type='str', required=True),
op=dict(type='str', required=False, default='AND', choices=['AND', 'OR']),
Tidy up validate-modules ignores for modules: web_infrastructure/sophos_utm (#1351) (#1352) * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_aaa_group_info.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_aaa_group.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_ca_host_key_cert_info.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_ca_host_key_cert.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_dns_host.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_network_interface_address_info.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_network_interface_address.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_proxy_auth_profile.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_proxy_exception.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_proxy_frontend_info.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_proxy_frontend.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_proxy_location_info.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_proxy_location.py * Enabling validation-modules for web_infrastructure/sophos_utm modules * Rolled back utm_network_interface_address.py for 2.9 sake (cherry picked from commit 4c88a8edc0a0d09ede9f1bd5b8602bfea1075bce) Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
2020-11-22 12:34:29 +01:00
path=dict(type='list', elements='string', required=False, default=[]), # @FIXME: str instead of string
skip_custom_threats_filters=dict(type='list', elements='string', required=False, default=[]), # @FIXME: str instead of string
skip_threats_filter_categories=dict(type='list', elements='string', required=False, default=[]), # @FIXME: str instead of string
2020-03-09 10:11:07 +01:00
skipav=dict(type='bool', required=False, default=False),
skipbadclients=dict(type='bool', required=False, default=False),
skipcookie=dict(type='bool', required=False, default=False),
skipform=dict(type='bool', required=False, default=False),
skipform_missingtoken=dict(type='bool', required=False, default=False),
skiphtmlrewrite=dict(type='bool', required=False, default=False),
skiptft=dict(type='bool', required=False, default=False),
skipurl=dict(type='bool', required=False, default=False),
Tidy up validate-modules ignores for modules: web_infrastructure/sophos_utm (#1351) (#1352) * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_aaa_group_info.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_aaa_group.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_ca_host_key_cert_info.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_ca_host_key_cert.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_dns_host.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_network_interface_address_info.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_network_interface_address.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_proxy_auth_profile.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_proxy_exception.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_proxy_frontend_info.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_proxy_frontend.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_proxy_location_info.py * fixed validation-modules for plugins/modules/web_infrastructure/sophos_utm/utm_proxy_location.py * Enabling validation-modules for web_infrastructure/sophos_utm modules * Rolled back utm_network_interface_address.py for 2.9 sake (cherry picked from commit 4c88a8edc0a0d09ede9f1bd5b8602bfea1075bce) Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
2020-11-22 12:34:29 +01:00
source=dict(type='list', elements='string', required=False, default=[]), # @FIXME: str instead of string
2020-03-09 10:11:07 +01:00
status=dict(type='bool', required=False, default=True),
)
)
try:
UTM(module, endpoint, key_to_check_for_changes).execute()
except Exception as e:
module.fail_json(msg=to_native(e))
if __name__ == '__main__':
main()