mirror of
https://github.com/ansible-collections/community.general.git
synced 2024-09-14 20:13:21 +02:00
FortiManager Web Application Firewall Security Profile (#46967)
* Initial Commit * Initial Commit * Initial Commit * Fixing syntax errors * After running sanity tests, fixed pylint and pep8 errors * After running sanity tests, fixed pylint and pep8 errors * Fixing more syntax issues * Fixing more syntax issues * Adding username to doc block * PR candidate * PR candidate * fixed pep8 and docs issues * fixed 2.6 function issues * fixed 2.6 function issues part duex * Initial commit for security profile group module * Adding better playbook example to module * Adding another commit to test shippable tests * Fixing shippable errors, pep8 in unit test file and doc block problem in main module * Fixing documentation module error * Fixing pep8 line too long in unit test * Fixing utility function with nested dictionaries * Fixing utility function with pep8 issue * Adding change to allow for multiple list of dictionaries to be submitted via a single playbook * Initial commit for FMG Security Profile Web Application Firewall * adding extra line at bottom for pep8 conditions * Adding descriptions to documentation * Fixing more pep8 issues * New commit for new PR * Removing todo in documentation * Changing module name in documentation to match actual module name * Fixing yaml syntax for long choices list * Fixing yaml syntax for long choices list * Fixing review changes * Adding @ in author names per @Gundalow's request per Ansible's guidelines
This commit is contained in:
parent
a171b80a0c
commit
d7e1e6429c
3 changed files with 2121 additions and 0 deletions
1630
lib/ansible/modules/network/fortimanager/fmgr_secprof_waf.py
Normal file
1630
lib/ansible/modules/network/fortimanager/fmgr_secprof_waf.py
Normal file
File diff suppressed because it is too large
Load diff
|
@ -0,0 +1,360 @@
|
|||
{
|
||||
"fmgr_waf_profile_addsetdelete": [
|
||||
{
|
||||
"paramgram_used": {
|
||||
"comment": "Created by Ansible Module TEST",
|
||||
"name": "Ansible_WAF_Profile",
|
||||
"adom": "root",
|
||||
"address-list": {
|
||||
"blocked-address": null,
|
||||
"status": null,
|
||||
"severity": null,
|
||||
"blocked-log": null,
|
||||
"trusted-address": null
|
||||
},
|
||||
"constraint": {
|
||||
"header-length": {
|
||||
"action": null,
|
||||
"status": null,
|
||||
"length": null,
|
||||
"log": null,
|
||||
"severity": null
|
||||
},
|
||||
"content-length": {
|
||||
"action": null,
|
||||
"status": null,
|
||||
"length": null,
|
||||
"log": null,
|
||||
"severity": null
|
||||
},
|
||||
"max-cookie": {
|
||||
"action": null,
|
||||
"status": null,
|
||||
"max-cookie": null,
|
||||
"log": null,
|
||||
"severity": null
|
||||
},
|
||||
"url-param-length": {
|
||||
"action": null,
|
||||
"status": null,
|
||||
"length": null,
|
||||
"log": null,
|
||||
"severity": null
|
||||
},
|
||||
"hostname": {
|
||||
"action": null,
|
||||
"status": null,
|
||||
"log": null,
|
||||
"severity": null
|
||||
},
|
||||
"line-length": {
|
||||
"action": null,
|
||||
"status": null,
|
||||
"length": null,
|
||||
"log": null,
|
||||
"severity": null
|
||||
},
|
||||
"exception": {
|
||||
"regex": null,
|
||||
"header-length": null,
|
||||
"content-length": null,
|
||||
"max-cookie": null,
|
||||
"pattern": null,
|
||||
"hostname": null,
|
||||
"line-length": null,
|
||||
"max-range-segment": null,
|
||||
"url-param-length": null,
|
||||
"version": null,
|
||||
"param-length": null,
|
||||
"malformed": null,
|
||||
"address": null,
|
||||
"max-url-param": null,
|
||||
"max-header-line": null,
|
||||
"method": null
|
||||
},
|
||||
"max-range-segment": {
|
||||
"action": null,
|
||||
"status": null,
|
||||
"max-range-segment": null,
|
||||
"severity": null,
|
||||
"log": null
|
||||
},
|
||||
"version": {
|
||||
"action": null,
|
||||
"status": null,
|
||||
"log": null,
|
||||
"severity": null
|
||||
},
|
||||
"param-length": {
|
||||
"action": null,
|
||||
"status": null,
|
||||
"length": null,
|
||||
"log": null,
|
||||
"severity": null
|
||||
},
|
||||
"malformed": {
|
||||
"action": null,
|
||||
"status": null,
|
||||
"log": null,
|
||||
"severity": null
|
||||
},
|
||||
"max-url-param": {
|
||||
"action": null,
|
||||
"status": null,
|
||||
"max-url-param": null,
|
||||
"log": null,
|
||||
"severity": null
|
||||
},
|
||||
"max-header-line": {
|
||||
"action": null,
|
||||
"status": null,
|
||||
"max-header-line": null,
|
||||
"log": null,
|
||||
"severity": null
|
||||
},
|
||||
"method": {
|
||||
"action": null,
|
||||
"status": null,
|
||||
"log": null,
|
||||
"severity": null
|
||||
}
|
||||
},
|
||||
"extended-log": null,
|
||||
"url-access": {
|
||||
"action": null,
|
||||
"address": null,
|
||||
"severity": null,
|
||||
"access-pattern": {
|
||||
"negate": null,
|
||||
"pattern": null,
|
||||
"srcaddr": null,
|
||||
"regex": null
|
||||
},
|
||||
"log": null
|
||||
},
|
||||
"external": null,
|
||||
"signature": {
|
||||
"custom-signature": {
|
||||
"status": null,
|
||||
"direction": null,
|
||||
"target": null,
|
||||
"severity": null,
|
||||
"case-sensitivity": null,
|
||||
"name": null,
|
||||
"pattern": null,
|
||||
"action": null,
|
||||
"log": null
|
||||
},
|
||||
"credit-card-detection-threshold": null,
|
||||
"main-class": {
|
||||
"action": null,
|
||||
"status": null,
|
||||
"log": null,
|
||||
"severity": null
|
||||
},
|
||||
"disabled-signature": null,
|
||||
"disabled-sub-class": null
|
||||
},
|
||||
"method": {
|
||||
"status": null,
|
||||
"severity": null,
|
||||
"default-allowed-methods": null,
|
||||
"log": null,
|
||||
"method-policy": {
|
||||
"regex": null,
|
||||
"pattern": null,
|
||||
"allowed-methods": null,
|
||||
"address": null
|
||||
}
|
||||
},
|
||||
"mode": "delete"
|
||||
},
|
||||
"raw_response": {
|
||||
"status": {
|
||||
"message": "OK",
|
||||
"code": 0
|
||||
},
|
||||
"url": "/pm/config/adom/root/obj/waf/profile/Ansible_WAF_Profile"
|
||||
},
|
||||
"post_method": "delete"
|
||||
},
|
||||
{
|
||||
"raw_response": {
|
||||
"status": {
|
||||
"message": "OK",
|
||||
"code": 0
|
||||
},
|
||||
"url": "/pm/config/adom/root/obj/waf/profile"
|
||||
},
|
||||
"paramgram_used": {
|
||||
"comment": "Created by Ansible Module TEST",
|
||||
"adom": "root",
|
||||
"address-list": {
|
||||
"blocked-address": null,
|
||||
"status": null,
|
||||
"severity": null,
|
||||
"blocked-log": null,
|
||||
"trusted-address": null
|
||||
},
|
||||
"extended-log": null,
|
||||
"url-access": {
|
||||
"action": null,
|
||||
"severity": null,
|
||||
"log": null,
|
||||
"access-pattern": {
|
||||
"negate": null,
|
||||
"pattern": null,
|
||||
"srcaddr": null,
|
||||
"regex": null
|
||||
},
|
||||
"address": null
|
||||
},
|
||||
"external": null,
|
||||
"name": "Ansible_WAF_Profile",
|
||||
"constraint": {
|
||||
"content-length": {
|
||||
"action": null,
|
||||
"status": null,
|
||||
"length": null,
|
||||
"log": null,
|
||||
"severity": null
|
||||
},
|
||||
"max-cookie": {
|
||||
"action": null,
|
||||
"status": null,
|
||||
"max-cookie": null,
|
||||
"log": null,
|
||||
"severity": null
|
||||
},
|
||||
"line-length": {
|
||||
"action": null,
|
||||
"status": null,
|
||||
"length": null,
|
||||
"log": null,
|
||||
"severity": null
|
||||
},
|
||||
"max-range-segment": {
|
||||
"action": null,
|
||||
"severity": null,
|
||||
"status": null,
|
||||
"log": null,
|
||||
"max-range-segment": null
|
||||
},
|
||||
"param-length": {
|
||||
"action": null,
|
||||
"status": null,
|
||||
"length": null,
|
||||
"log": null,
|
||||
"severity": null
|
||||
},
|
||||
"malformed": {
|
||||
"action": null,
|
||||
"status": null,
|
||||
"log": null,
|
||||
"severity": null
|
||||
},
|
||||
"max-url-param": {
|
||||
"action": null,
|
||||
"status": null,
|
||||
"max-url-param": null,
|
||||
"log": null,
|
||||
"severity": null
|
||||
},
|
||||
"header-length": {
|
||||
"action": null,
|
||||
"status": null,
|
||||
"length": null,
|
||||
"log": null,
|
||||
"severity": null
|
||||
},
|
||||
"exception": {
|
||||
"regex": null,
|
||||
"header-length": null,
|
||||
"content-length": null,
|
||||
"max-cookie": null,
|
||||
"pattern": null,
|
||||
"hostname": null,
|
||||
"line-length": null,
|
||||
"max-range-segment": null,
|
||||
"url-param-length": null,
|
||||
"version": null,
|
||||
"param-length": null,
|
||||
"malformed": null,
|
||||
"address": null,
|
||||
"max-url-param": null,
|
||||
"max-header-line": null,
|
||||
"method": null
|
||||
},
|
||||
"hostname": {
|
||||
"action": null,
|
||||
"status": null,
|
||||
"log": null,
|
||||
"severity": null
|
||||
},
|
||||
"url-param-length": {
|
||||
"action": null,
|
||||
"status": null,
|
||||
"length": null,
|
||||
"log": null,
|
||||
"severity": null
|
||||
},
|
||||
"version": {
|
||||
"action": null,
|
||||
"status": null,
|
||||
"log": null,
|
||||
"severity": null
|
||||
},
|
||||
"max-header-line": {
|
||||
"action": null,
|
||||
"status": null,
|
||||
"max-header-line": null,
|
||||
"log": null,
|
||||
"severity": null
|
||||
},
|
||||
"method": {
|
||||
"action": null,
|
||||
"status": null,
|
||||
"log": null,
|
||||
"severity": null
|
||||
}
|
||||
},
|
||||
"mode": "set",
|
||||
"signature": {
|
||||
"custom-signature": {
|
||||
"status": null,
|
||||
"direction": null,
|
||||
"log": null,
|
||||
"severity": null,
|
||||
"target": null,
|
||||
"action": null,
|
||||
"pattern": null,
|
||||
"case-sensitivity": null,
|
||||
"name": null
|
||||
},
|
||||
"credit-card-detection-threshold": null,
|
||||
"main-class": {
|
||||
"action": null,
|
||||
"status": null,
|
||||
"log": null,
|
||||
"severity": null
|
||||
},
|
||||
"disabled-signature": null,
|
||||
"disabled-sub-class": null
|
||||
},
|
||||
"method": {
|
||||
"status": null,
|
||||
"default-allowed-methods": null,
|
||||
"method-policy": {
|
||||
"regex": null,
|
||||
"pattern": null,
|
||||
"allowed-methods": null,
|
||||
"address": null
|
||||
},
|
||||
"log": null,
|
||||
"severity": null
|
||||
}
|
||||
},
|
||||
"post_method": "set"
|
||||
}
|
||||
]
|
||||
}
|
131
test/units/modules/network/fortimanager/test_fmgr_secprof_waf.py
Normal file
131
test/units/modules/network/fortimanager/test_fmgr_secprof_waf.py
Normal file
|
@ -0,0 +1,131 @@
|
|||
# Copyright 2018 Fortinet, Inc.
|
||||
#
|
||||
# This program is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# This program is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with Ansible. If not, see <https://www.gnu.org/licenses/>.
|
||||
|
||||
# Make coding more python3-ish
|
||||
from __future__ import (absolute_import, division, print_function)
|
||||
__metaclass__ = type
|
||||
|
||||
import os
|
||||
import json
|
||||
from pyFMG.fortimgr import FortiManager
|
||||
import pytest
|
||||
|
||||
try:
|
||||
from ansible.modules.network.fortimanager import fmgr_secprof_waf
|
||||
except ImportError:
|
||||
pytest.skip("Could not load required modules for testing", allow_module_level=True)
|
||||
|
||||
fmg_instance = FortiManager("1.1.1.1", "admin", "")
|
||||
|
||||
|
||||
def load_fixtures():
|
||||
fixture_path = os.path.join(
|
||||
os.path.dirname(__file__),
|
||||
'fixtures') + "/{filename}.json".format(
|
||||
filename=os.path.splitext(
|
||||
os.path.basename(__file__))[0])
|
||||
try:
|
||||
with open(fixture_path, "r") as fixture_file:
|
||||
fixture_data = json.load(fixture_file)
|
||||
except IOError:
|
||||
return []
|
||||
return [fixture_data]
|
||||
|
||||
|
||||
@pytest.fixture(scope="function", params=load_fixtures())
|
||||
def fixture_data(request):
|
||||
func_name = request.function.__name__.replace("test_", "")
|
||||
return request.param.get(func_name, None)
|
||||
|
||||
|
||||
def test_fmgr_waf_profile_addsetdelete(fixture_data, mocker):
|
||||
mocker.patch("pyFMG.fortimgr.FortiManager._post_request", side_effect=fixture_data)
|
||||
# Fixture sets used:###########################
|
||||
|
||||
##################################################
|
||||
# comment: Created by Ansible Module TEST
|
||||
# name: Ansible_WAF_Profile
|
||||
# adom: root
|
||||
# address-list: {'blocked-address': None, 'status': None, 'severity': None, 'blocked-log': None,
|
||||
# 'trusted-address': None}
|
||||
# constraint: {'header-length': {'action': None, 'status': None, 'length': None, 'log': None, 'severity': None},
|
||||
# 'content-length': {'action': None, 'status': None, 'length': None, 'log': None, 'severity': None},
|
||||
# 'max-cookie': {'action': None, 'status': None, 'max-cookie': None, 'log': None, 'severity': None},
|
||||
# 'url-param-length': {'action': None, 'status': None, 'length': None, 'log': None, 'severity': None},
|
||||
# 'hostname': {'action': None, 'status': None, 'log': None, 'severity': None},
|
||||
# 'line-length': {'action': None, 'status': None, 'length': None, 'log': None, 'severity': None},
|
||||
# 'exception': {'regex': None, 'header-length': None, 'content-length': None, 'max-cookie': None, 'pattern': None,
|
||||
# 'hostname': None, 'line-length': None, 'max-range-segment': None, 'url-param-length': None, 'version': None,
|
||||
# 'param-length': None, 'malformed': None, 'address': None, 'max-url-param': None, 'max-header-line': None,
|
||||
# 'method': None}, 'max-range-segment': {'action': None, 'status': None, 'max-range-segment': None,
|
||||
# 'severity': None, 'log': None}, 'version': {'action': None, 'status': None, 'log': None, 'severity': None},
|
||||
# 'param-length': {'action': None, 'status': None, 'length': None, 'log': None, 'severity': None},
|
||||
# 'malformed': {'action': None, 'status': None, 'log': None, 'severity': None}, 'max-url-param': {'action': None,
|
||||
# 'status': None, 'max-url-param': None, 'log': None, 'severity': None}, 'max-header-line': {'action': None,
|
||||
# 'status': None, 'max-header-line': None, 'log': None, 'severity': None}, 'method': {'action': None,
|
||||
# 'status': None, 'log': None, 'severity': None}}
|
||||
# extended-log: None
|
||||
# url-access: {'action': None, 'address': None, 'severity': None, 'access-pattern': {'negate': None,
|
||||
# 'pattern': None, 'srcaddr': None, 'regex': None}, 'log': None}
|
||||
# external: None
|
||||
# signature: {'custom-signature': {'status': None, 'direction': None, 'target': None, 'severity': None,
|
||||
# 'case-sensitivity': None, 'name': None, 'pattern': None, 'action': None, 'log': None},
|
||||
# 'credit-card-detection-threshold': None, 'main-class': {'action': None, 'status': None, 'log': None,
|
||||
# 'severity': None}, 'disabled-signature': None, 'disabled-sub-class': None}
|
||||
# method: {'status': None, 'severity': None, 'default-allowed-methods': None, 'log': None,
|
||||
# 'method-policy': {'regex': None, 'pattern': None, 'allowed-methods': None, 'address': None}}
|
||||
# mode: delete
|
||||
##################################################
|
||||
##################################################
|
||||
# comment: Created by Ansible Module TEST
|
||||
# adom: root
|
||||
# address-list: {'blocked-address': None, 'status': None, 'severity': None, 'blocked-log': None,
|
||||
# 'trusted-address': None}
|
||||
# extended-log: None
|
||||
# url-access: {'action': None, 'severity': None, 'log': None, 'access-pattern': {'negate': None, 'pattern': None,
|
||||
# 'srcaddr': None, 'regex': None}, 'address': None}
|
||||
# external: None
|
||||
# name: Ansible_WAF_Profile
|
||||
# constraint: {'content-length': {'action': None, 'status': None, 'length': None, 'log': None, 'severity': None},
|
||||
# 'max-cookie': {'action': None, 'status': None, 'max-cookie': None, 'log': None, 'severity': None},
|
||||
# 'line-length': {'action': None, 'status': None, 'length': None, 'log': None, 'severity': None},
|
||||
# 'max-range-segment': {'action': None, 'severity': None, 'status': None, 'log': None, 'max-range-segment': None},
|
||||
# 'param-length': {'action': None, 'status': None, 'length': None, 'log': None, 'severity': None},
|
||||
# 'malformed': {'action': None, 'status': None, 'log': None, 'severity': None}, 'max-url-param': {'action': None,
|
||||
# 'status': None, 'max-url-param': None, 'log': None, 'severity': None}, 'header-length': {'action': None,
|
||||
# 'status': None, 'length': None, 'log': None, 'severity': None}, 'exception': {'regex': None,
|
||||
# 'header-length': None, 'content-length': None, 'max-cookie': None, 'pattern': None, 'hostname': None,
|
||||
# 'line-length': None, 'max-range-segment': None, 'url-param-length': None, 'version': None, 'param-length': None,
|
||||
# 'malformed': None, 'address': None, 'max-url-param': None, 'max-header-line': None, 'method': None},
|
||||
# 'hostname': {'action': None, 'status': None, 'log': None, 'severity': None},
|
||||
# 'url-param-length': {'action': None, 'status': None, 'length': None, 'log': None, 'severity': None},
|
||||
# 'version': {'action': None, 'status': None, 'log': None, 'severity': None}, 'max-header-line': {'action': None,
|
||||
# 'status': None, 'max-header-line': None, 'log': None, 'severity': None}, 'method': {'action': None,
|
||||
# 'status': None, 'log': None, 'severity': None}}
|
||||
# mode: set
|
||||
# signature: {'custom-signature': {'status': None, 'direction': None, 'log': None, 'severity': None, 'target': None,
|
||||
# 'action': None, 'pattern': None, 'case-sensitivity': None, 'name': None},
|
||||
# 'credit-card-detection-threshold': None, 'main-class': {'action': None, 'status': None, 'log': None,
|
||||
# 'severity': None}, 'disabled-signature': None, 'disabled-sub-class': None}
|
||||
# method: {'status': None, 'default-allowed-methods': None, 'method-policy': {'regex': None, 'pattern': None,
|
||||
# 'allowed-methods': None, 'address': None}, 'log': None, 'severity': None}
|
||||
##################################################
|
||||
|
||||
# Test using fixture 1 #
|
||||
output = fmgr_secprof_waf.fmgr_waf_profile_addsetdelete(fmg_instance, fixture_data[0]['paramgram_used'])
|
||||
assert output['raw_response']['status']['code'] == 0
|
||||
# Test using fixture 2 #
|
||||
output = fmgr_secprof_waf.fmgr_waf_profile_addsetdelete(fmg_instance, fixture_data[1]['paramgram_used'])
|
||||
assert output['raw_response']['status']['code'] == 0
|
Loading…
Reference in a new issue