1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2024-09-14 20:13:21 +02:00

FortiManager Web Application Firewall Security Profile (#46967)

* Initial Commit

* Initial Commit

* Initial Commit

* Fixing syntax errors

* After running sanity tests, fixed pylint and pep8 errors

* After running sanity tests, fixed pylint and pep8 errors

* Fixing more syntax issues

* Fixing more syntax issues

* Adding username to doc block

* PR candidate

* PR candidate

* fixed pep8 and docs issues

* fixed 2.6 function issues

* fixed 2.6 function issues part duex

* Initial commit for security profile group module

* Adding better playbook example to module

* Adding another commit to test shippable tests

* Fixing shippable errors, pep8 in unit test file and doc block problem in main module

* Fixing documentation module error

* Fixing pep8 line too long in unit test

* Fixing utility function with nested dictionaries

* Fixing utility function with pep8 issue

* Adding change to allow for multiple list of dictionaries to be submitted via a single playbook

* Initial commit for FMG Security Profile Web Application Firewall

* adding extra line at bottom for pep8 conditions

* Adding descriptions to documentation

* Fixing more pep8 issues

* New commit for new PR

* Removing todo in documentation

* Changing module name in documentation to match actual module name

* Fixing yaml syntax for long choices list

* Fixing yaml syntax for long choices list

* Fixing review changes

* Adding @ in author names per @Gundalow's request per Ansible's guidelines
This commit is contained in:
ftntcorecse 2018-11-20 22:16:13 -07:00 committed by Sumit Jaiswal
parent a171b80a0c
commit d7e1e6429c
3 changed files with 2121 additions and 0 deletions

File diff suppressed because it is too large Load diff

View file

@ -0,0 +1,360 @@
{
"fmgr_waf_profile_addsetdelete": [
{
"paramgram_used": {
"comment": "Created by Ansible Module TEST",
"name": "Ansible_WAF_Profile",
"adom": "root",
"address-list": {
"blocked-address": null,
"status": null,
"severity": null,
"blocked-log": null,
"trusted-address": null
},
"constraint": {
"header-length": {
"action": null,
"status": null,
"length": null,
"log": null,
"severity": null
},
"content-length": {
"action": null,
"status": null,
"length": null,
"log": null,
"severity": null
},
"max-cookie": {
"action": null,
"status": null,
"max-cookie": null,
"log": null,
"severity": null
},
"url-param-length": {
"action": null,
"status": null,
"length": null,
"log": null,
"severity": null
},
"hostname": {
"action": null,
"status": null,
"log": null,
"severity": null
},
"line-length": {
"action": null,
"status": null,
"length": null,
"log": null,
"severity": null
},
"exception": {
"regex": null,
"header-length": null,
"content-length": null,
"max-cookie": null,
"pattern": null,
"hostname": null,
"line-length": null,
"max-range-segment": null,
"url-param-length": null,
"version": null,
"param-length": null,
"malformed": null,
"address": null,
"max-url-param": null,
"max-header-line": null,
"method": null
},
"max-range-segment": {
"action": null,
"status": null,
"max-range-segment": null,
"severity": null,
"log": null
},
"version": {
"action": null,
"status": null,
"log": null,
"severity": null
},
"param-length": {
"action": null,
"status": null,
"length": null,
"log": null,
"severity": null
},
"malformed": {
"action": null,
"status": null,
"log": null,
"severity": null
},
"max-url-param": {
"action": null,
"status": null,
"max-url-param": null,
"log": null,
"severity": null
},
"max-header-line": {
"action": null,
"status": null,
"max-header-line": null,
"log": null,
"severity": null
},
"method": {
"action": null,
"status": null,
"log": null,
"severity": null
}
},
"extended-log": null,
"url-access": {
"action": null,
"address": null,
"severity": null,
"access-pattern": {
"negate": null,
"pattern": null,
"srcaddr": null,
"regex": null
},
"log": null
},
"external": null,
"signature": {
"custom-signature": {
"status": null,
"direction": null,
"target": null,
"severity": null,
"case-sensitivity": null,
"name": null,
"pattern": null,
"action": null,
"log": null
},
"credit-card-detection-threshold": null,
"main-class": {
"action": null,
"status": null,
"log": null,
"severity": null
},
"disabled-signature": null,
"disabled-sub-class": null
},
"method": {
"status": null,
"severity": null,
"default-allowed-methods": null,
"log": null,
"method-policy": {
"regex": null,
"pattern": null,
"allowed-methods": null,
"address": null
}
},
"mode": "delete"
},
"raw_response": {
"status": {
"message": "OK",
"code": 0
},
"url": "/pm/config/adom/root/obj/waf/profile/Ansible_WAF_Profile"
},
"post_method": "delete"
},
{
"raw_response": {
"status": {
"message": "OK",
"code": 0
},
"url": "/pm/config/adom/root/obj/waf/profile"
},
"paramgram_used": {
"comment": "Created by Ansible Module TEST",
"adom": "root",
"address-list": {
"blocked-address": null,
"status": null,
"severity": null,
"blocked-log": null,
"trusted-address": null
},
"extended-log": null,
"url-access": {
"action": null,
"severity": null,
"log": null,
"access-pattern": {
"negate": null,
"pattern": null,
"srcaddr": null,
"regex": null
},
"address": null
},
"external": null,
"name": "Ansible_WAF_Profile",
"constraint": {
"content-length": {
"action": null,
"status": null,
"length": null,
"log": null,
"severity": null
},
"max-cookie": {
"action": null,
"status": null,
"max-cookie": null,
"log": null,
"severity": null
},
"line-length": {
"action": null,
"status": null,
"length": null,
"log": null,
"severity": null
},
"max-range-segment": {
"action": null,
"severity": null,
"status": null,
"log": null,
"max-range-segment": null
},
"param-length": {
"action": null,
"status": null,
"length": null,
"log": null,
"severity": null
},
"malformed": {
"action": null,
"status": null,
"log": null,
"severity": null
},
"max-url-param": {
"action": null,
"status": null,
"max-url-param": null,
"log": null,
"severity": null
},
"header-length": {
"action": null,
"status": null,
"length": null,
"log": null,
"severity": null
},
"exception": {
"regex": null,
"header-length": null,
"content-length": null,
"max-cookie": null,
"pattern": null,
"hostname": null,
"line-length": null,
"max-range-segment": null,
"url-param-length": null,
"version": null,
"param-length": null,
"malformed": null,
"address": null,
"max-url-param": null,
"max-header-line": null,
"method": null
},
"hostname": {
"action": null,
"status": null,
"log": null,
"severity": null
},
"url-param-length": {
"action": null,
"status": null,
"length": null,
"log": null,
"severity": null
},
"version": {
"action": null,
"status": null,
"log": null,
"severity": null
},
"max-header-line": {
"action": null,
"status": null,
"max-header-line": null,
"log": null,
"severity": null
},
"method": {
"action": null,
"status": null,
"log": null,
"severity": null
}
},
"mode": "set",
"signature": {
"custom-signature": {
"status": null,
"direction": null,
"log": null,
"severity": null,
"target": null,
"action": null,
"pattern": null,
"case-sensitivity": null,
"name": null
},
"credit-card-detection-threshold": null,
"main-class": {
"action": null,
"status": null,
"log": null,
"severity": null
},
"disabled-signature": null,
"disabled-sub-class": null
},
"method": {
"status": null,
"default-allowed-methods": null,
"method-policy": {
"regex": null,
"pattern": null,
"allowed-methods": null,
"address": null
},
"log": null,
"severity": null
}
},
"post_method": "set"
}
]
}

View file

@ -0,0 +1,131 @@
# Copyright 2018 Fortinet, Inc.
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with Ansible. If not, see <https://www.gnu.org/licenses/>.
# Make coding more python3-ish
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
import os
import json
from pyFMG.fortimgr import FortiManager
import pytest
try:
from ansible.modules.network.fortimanager import fmgr_secprof_waf
except ImportError:
pytest.skip("Could not load required modules for testing", allow_module_level=True)
fmg_instance = FortiManager("1.1.1.1", "admin", "")
def load_fixtures():
fixture_path = os.path.join(
os.path.dirname(__file__),
'fixtures') + "/{filename}.json".format(
filename=os.path.splitext(
os.path.basename(__file__))[0])
try:
with open(fixture_path, "r") as fixture_file:
fixture_data = json.load(fixture_file)
except IOError:
return []
return [fixture_data]
@pytest.fixture(scope="function", params=load_fixtures())
def fixture_data(request):
func_name = request.function.__name__.replace("test_", "")
return request.param.get(func_name, None)
def test_fmgr_waf_profile_addsetdelete(fixture_data, mocker):
mocker.patch("pyFMG.fortimgr.FortiManager._post_request", side_effect=fixture_data)
# Fixture sets used:###########################
##################################################
# comment: Created by Ansible Module TEST
# name: Ansible_WAF_Profile
# adom: root
# address-list: {'blocked-address': None, 'status': None, 'severity': None, 'blocked-log': None,
# 'trusted-address': None}
# constraint: {'header-length': {'action': None, 'status': None, 'length': None, 'log': None, 'severity': None},
# 'content-length': {'action': None, 'status': None, 'length': None, 'log': None, 'severity': None},
# 'max-cookie': {'action': None, 'status': None, 'max-cookie': None, 'log': None, 'severity': None},
# 'url-param-length': {'action': None, 'status': None, 'length': None, 'log': None, 'severity': None},
# 'hostname': {'action': None, 'status': None, 'log': None, 'severity': None},
# 'line-length': {'action': None, 'status': None, 'length': None, 'log': None, 'severity': None},
# 'exception': {'regex': None, 'header-length': None, 'content-length': None, 'max-cookie': None, 'pattern': None,
# 'hostname': None, 'line-length': None, 'max-range-segment': None, 'url-param-length': None, 'version': None,
# 'param-length': None, 'malformed': None, 'address': None, 'max-url-param': None, 'max-header-line': None,
# 'method': None}, 'max-range-segment': {'action': None, 'status': None, 'max-range-segment': None,
# 'severity': None, 'log': None}, 'version': {'action': None, 'status': None, 'log': None, 'severity': None},
# 'param-length': {'action': None, 'status': None, 'length': None, 'log': None, 'severity': None},
# 'malformed': {'action': None, 'status': None, 'log': None, 'severity': None}, 'max-url-param': {'action': None,
# 'status': None, 'max-url-param': None, 'log': None, 'severity': None}, 'max-header-line': {'action': None,
# 'status': None, 'max-header-line': None, 'log': None, 'severity': None}, 'method': {'action': None,
# 'status': None, 'log': None, 'severity': None}}
# extended-log: None
# url-access: {'action': None, 'address': None, 'severity': None, 'access-pattern': {'negate': None,
# 'pattern': None, 'srcaddr': None, 'regex': None}, 'log': None}
# external: None
# signature: {'custom-signature': {'status': None, 'direction': None, 'target': None, 'severity': None,
# 'case-sensitivity': None, 'name': None, 'pattern': None, 'action': None, 'log': None},
# 'credit-card-detection-threshold': None, 'main-class': {'action': None, 'status': None, 'log': None,
# 'severity': None}, 'disabled-signature': None, 'disabled-sub-class': None}
# method: {'status': None, 'severity': None, 'default-allowed-methods': None, 'log': None,
# 'method-policy': {'regex': None, 'pattern': None, 'allowed-methods': None, 'address': None}}
# mode: delete
##################################################
##################################################
# comment: Created by Ansible Module TEST
# adom: root
# address-list: {'blocked-address': None, 'status': None, 'severity': None, 'blocked-log': None,
# 'trusted-address': None}
# extended-log: None
# url-access: {'action': None, 'severity': None, 'log': None, 'access-pattern': {'negate': None, 'pattern': None,
# 'srcaddr': None, 'regex': None}, 'address': None}
# external: None
# name: Ansible_WAF_Profile
# constraint: {'content-length': {'action': None, 'status': None, 'length': None, 'log': None, 'severity': None},
# 'max-cookie': {'action': None, 'status': None, 'max-cookie': None, 'log': None, 'severity': None},
# 'line-length': {'action': None, 'status': None, 'length': None, 'log': None, 'severity': None},
# 'max-range-segment': {'action': None, 'severity': None, 'status': None, 'log': None, 'max-range-segment': None},
# 'param-length': {'action': None, 'status': None, 'length': None, 'log': None, 'severity': None},
# 'malformed': {'action': None, 'status': None, 'log': None, 'severity': None}, 'max-url-param': {'action': None,
# 'status': None, 'max-url-param': None, 'log': None, 'severity': None}, 'header-length': {'action': None,
# 'status': None, 'length': None, 'log': None, 'severity': None}, 'exception': {'regex': None,
# 'header-length': None, 'content-length': None, 'max-cookie': None, 'pattern': None, 'hostname': None,
# 'line-length': None, 'max-range-segment': None, 'url-param-length': None, 'version': None, 'param-length': None,
# 'malformed': None, 'address': None, 'max-url-param': None, 'max-header-line': None, 'method': None},
# 'hostname': {'action': None, 'status': None, 'log': None, 'severity': None},
# 'url-param-length': {'action': None, 'status': None, 'length': None, 'log': None, 'severity': None},
# 'version': {'action': None, 'status': None, 'log': None, 'severity': None}, 'max-header-line': {'action': None,
# 'status': None, 'max-header-line': None, 'log': None, 'severity': None}, 'method': {'action': None,
# 'status': None, 'log': None, 'severity': None}}
# mode: set
# signature: {'custom-signature': {'status': None, 'direction': None, 'log': None, 'severity': None, 'target': None,
# 'action': None, 'pattern': None, 'case-sensitivity': None, 'name': None},
# 'credit-card-detection-threshold': None, 'main-class': {'action': None, 'status': None, 'log': None,
# 'severity': None}, 'disabled-signature': None, 'disabled-sub-class': None}
# method: {'status': None, 'default-allowed-methods': None, 'method-policy': {'regex': None, 'pattern': None,
# 'allowed-methods': None, 'address': None}, 'log': None, 'severity': None}
##################################################
# Test using fixture 1 #
output = fmgr_secprof_waf.fmgr_waf_profile_addsetdelete(fmg_instance, fixture_data[0]['paramgram_used'])
assert output['raw_response']['status']['code'] == 0
# Test using fixture 2 #
output = fmgr_secprof_waf.fmgr_waf_profile_addsetdelete(fmg_instance, fixture_data[1]['paramgram_used'])
assert output['raw_response']['status']['code'] == 0