def delete_module_api_config(self, conn_request, module_config_params):
config = {}
before = []
after = []
changed = False
for each in module_config_params:
search_by_name = self.search_for_resource_name(
conn_request, each["name"])
if search_by_name.get(self.api_return):
every = map_obj_to_params(
search_by_name[self.api_return][0],
self.key_transform,
self.api_return,
)
before.append(every)
response_code, api_response = conn_request.delete(
"{0}/{1}".format(self.api_object, every["id"]), data=each)
self._check_for_response_code(response_code, api_response)
changed = True
if api_response:
after.append(
map_obj_to_params(api_response, self.key_transform,
self.api_return))
if changed:
config.update({"before": before, "after": after})
else:
config.update({"before": before})
return config, changed
def reset_module_api_config(module, deepsec_request):
if module.params.get("config"):
config = {}
before = []
after = []
changed = False
for each in module.params["config"]:
search_by_name = search_for_imr_by_name(deepsec_request,
each["name"])
if search_by_name.get(api_return):
every = map_obj_to_params(search_by_name[api_return][0],
key_transform, api_return)
before.append(every)
api_request = deepsec_request.delete("{0}/{1}".format(
api_object, every["id"]),
data=each)
if api_request.get("errors"):
module.fail_json(msg=api_request["errors"])
elif api_request.get("message"):
module.fail_json(msg=api_request["message"])
changed = True
if api_request:
after.append(
map_obj_to_params(api_request, key_transform,
api_return))
if changed:
config.update({"before": before, "after": after})
module.exit_json(integrity_monitoringrules=config, changed=changed)
else:
config.update({"before": before})
module.exit_json(integrity_monitoringrules=config, changed=changed)
def display_gathered_result(module, deepsec_request):
return_config = {}
if module.params.get("config"):
return_config["config"] = []
for each in module.params.get("config"):
search_result = search_for_imr_by_name(deepsec_request,
each["name"])
return_config["config"].extend(
map_obj_to_params(search_result, key_transform,
api_return)[api_return])
else:
search_result = search_for_integrity_monitoring_rules(deepsec_request)
return_config["config"] = map_obj_to_params(search_result,
key_transform,
api_return)[api_return]
module.exit_json(gathered=return_config["config"], changed=False)
def search_for_pre_existing_key(want, deepsec_api_request):
search_existing_apikey = check_if_config_exists(
deepsec_api_request,
want["keyName"],
api_object.split("/")[2],
api_return,
"keyName",
)
return map_obj_to_params(search_existing_apikey, key_transform, api_return)
def configure_module_api(argspec, module, deepsec_request):
if module.params and module.params.get("api_keys"):
return_val = {}
return_val["api_keys"] = []
changed = False
for each in module.params["api_keys"]:
want = map_params_to_obj(each, key_transform)
if not each.get("current"):
search_existing_apikey = search_for_pre_existing_key(
want, deepsec_request)
if each.get("current") or each.get("secret_key"):
if each.get("current"):
api_key = deepsec_request.post(
"{0}".format(api_secretkey_current_object), data=want)
elif "id" in search_existing_apikey:
id = search_existing_apikey["id"]
request_api = "/api/apikeys/{0}/secretkey".format(id)
api_key = deepsec_request.post("{0}".format(request_api),
data=want)
if api_key.get("message"):
module.fail_json(msg=api_key["message"])
else:
changed = True
api_key = map_obj_to_params(api_key, key_transform,
api_return)
return_val["api_keys"].append(api_key)
else:
if "id" in search_existing_apikey:
return_val["api_keys"].append(search_existing_apikey)
continue
apikey = deepsec_request.post("{0}".format(api_object),
data=want)
if apikey.get("message"):
module.fail_json(msg=apikey["message"])
else:
changed = True
apikey = map_obj_to_params(apikey, key_transform,
api_return)
return_val["api_keys"].append(apikey)
utils.validate_config(argspec, return_val)
module.exit_json(config=return_val, changed=changed)
def display_gathered_result(argspec, module, deepsec_request):
return_val = {}
if module.params and module.params.get("api_keys"):
return_val["api_keys"] = []
for each in module.params["api_keys"]:
want = map_params_to_obj(each, key_transform)
search_by_id = search_for_pre_existing_key(want, deepsec_request)
if search_by_id.get("id"):
request_api = "{0}/{1}".format(api_object, search_by_id["id"])
get_key_by_id = deepsec_request.get("{0}".format(request_api))
get_key_by_id = map_obj_to_params(get_key_by_id, key_transform,
api_return)
return_val["api_keys"].append(get_key_by_id)
if get_key_by_id.get("message"):
module.fail_json(msg=get_key_by_id["message"])
else:
return_get = deepsec_request.post(api_get_object)
if return_get:
return_val["api_keys"] = map_obj_to_params(return_get,
key_transform,
api_return)[api_return]
utils.validate_config(argspec, return_val)
module.exit_json(gathered=return_val, changed=False)
def search_for_resource_name(self, conn_request, search_resource_by_names):
search_result = []
if isinstance(search_resource_by_names, list):
for each in search_resource_by_names:
search_payload = {
"maxItems": 1,
"searchCriteria": [
{
"fieldName": "name",
"stringTest": "equal",
"stringValue": each["name"],
}
],
}
temp_search_response = self.search_for_existing_rules(
conn_request, search_payload
)
if (
temp_search_response.get("integrityMonitoringRules")
and temp_search_response["integrityMonitoringRules"]
):
search_result.append(
map_obj_to_params(
temp_search_response["integrityMonitoringRules"][
0
],
self.key_transform,
self.api_return,
)
)
else:
search_payload = {
"maxItems": 1,
"searchCriteria": [
{
"fieldName": "name",
"stringTest": "equal",
"stringValue": search_resource_by_names,
}
],
}
search_result = self.search_for_existing_rules(
conn_request, search_payload
)
return search_result
def search_for_resource_name(self, conn_request, search_resource_by_names):
search_result = []
if isinstance(search_resource_by_names, list):
for each in search_resource_by_names:
search_payload = {
"maxItems":
1,
"searchCriteria": [{
"fieldName": "name",
"stringTest": "equal",
"stringValue": each["name"],
}],
}
temp_search_response = self.search_for_existing_rules(
conn_request, search_payload)
if (temp_search_response.get(self.api_return)
and temp_search_response[self.api_return]):
api_response = map_obj_to_params(
temp_search_response[self.api_return][0],
self.key_transform,
self.api_return,
)
if api_response.get("logFiles"):
api_response["log_files"] = self.log_files_fn(
api_response)
api_response.pop("logFiles")
search_result.append(api_response)
else:
search_payload = {
"maxItems":
1,
"searchCriteria": [{
"fieldName": "name",
"stringTest": "equal",
"stringValue": search_resource_by_names,
}],
}
search_result = self.search_for_existing_rules(
conn_request, search_payload)
return search_result
def search_for_ipr_name(self, deepsec_conn_request, search_ipr_by_names):
search_result = []
if isinstance(search_ipr_by_names, list):
for each in search_ipr_by_names:
search_payload = {
"maxItems":
1,
"searchCriteria": [{
"fieldName": "name",
"stringTest": "equal",
"stringValue": each["name"],
}],
}
temp_search_response = self.search_for_intrusion_prevention_rules(
deepsec_conn_request, search_payload)
if (temp_search_response.get("intrusionPreventionRules")
and temp_search_response["intrusionPreventionRules"]):
search_result.append(
map_obj_to_params(
temp_search_response["intrusionPreventionRules"]
[0],
self.key_transform,
self.api_return,
))
else:
search_payload = {
"maxItems":
1,
"searchCriteria": [{
"fieldName": "name",
"stringTest": "equal",
"stringValue": search_ipr_by_names,
}],
}
search_result = self.search_for_intrusion_prevention_rules(
deepsec_conn_request, search_payload)
return search_result
def configure_module_api(argspec, module, deepsec_request):
if module.params.get("config"):
config = {}
before = []
after = []
changed = False
temp_name = []
for each in module.params["config"]:
search_by_name = search_for_imr_by_name(deepsec_request,
each["name"])
if search_by_name.get(api_return):
each_result = search_by_name[api_return]
temp = copy.deepcopy(each_result)
for every in temp:
every = map_obj_to_params(every, key_transform, api_return)
if every["name"] == each["name"]:
diff = utils.dict_diff(every, each)
if diff:
diff = remove_get_keys_from_payload_dict(
diff, get_supported_keys)
if diff:
if each["name"] not in temp_name:
after.extend(before)
before.append(every)
# Check for actual modification and if present fire
# the request over that IPR ID
each = utils.remove_empties(
utils.dict_merge(every, each))
each = remove_get_keys_from_payload_dict(
each, get_supported_keys)
changed = True
utils.validate_config(argspec, {"config": [each]})
payload = map_params_to_obj(each, key_transform)
api_request = deepsec_request.post(
"{0}/{1}".format(api_object, every["id"]),
data=payload,
)
if api_request.get("errors"):
module.fail_json(msg=api_request["errors"])
elif api_request.get("message"):
module.fail_json(msg=api_request["message"])
after.append(
map_obj_to_params(api_request, key_transform,
api_return))
else:
before.append(every)
temp_name.append(every["name"])
else:
before.append(every)
else:
changed = True
each = remove_get_keys_from_payload_dict(
each, get_supported_keys)
utils.validate_config(argspec, {"config": [each]})
payload = map_params_to_obj(each, key_transform)
api_request = deepsec_request.post("{0}".format(api_object),
data=payload)
if api_request.get("errors"):
module.fail_json(msg=api_request["errors"])
elif api_request.get("message"):
module.fail_json(msg=api_request["message"])
after.append(
map_obj_to_params(api_request, key_transform, api_return))
config.update({"before": before, "after": after})
module.exit_json(integrity_monitoringrules=config, changed=changed)
def configure_module_api(self, conn_request, module_config_params):
get_supported_keys = ["id", "identifier", "can_be_assigned_alone"]
config = {}
before = []
after = []
changed = False
# Add to the THIS list for the value which needs to be excluded
# from HAVE params when compared to WANT param like 'ID' can be
# part of HAVE param but may not be part of your WANT param
remove_from_diff_compare = [
"id",
"real_time_scan",
"scan_action_for_virus",
"cpu_usage",
]
temp_name = []
for each in module_config_params:
search_by_name = self.search_for_resource_name(
conn_request, each["name"])
if search_by_name and search_by_name.get(self.api_return):
each_result = search_by_name[self.api_return]
for every in each_result:
every = map_obj_to_params(every, self.key_transform,
self.api_return)
if every["name"] == each["name"]:
each = utils.remove_empties(each)
diff = utils.dict_diff(every, each)
if diff:
diff = remove_get_keys_from_payload_dict(
diff, remove_from_diff_compare)
if diff:
before.append(every)
if self._task.args["state"] == "merged":
# Check for actual modification and if present fire
# the request over that integrity_monitoring_rules ID
each = utils.remove_empties(
utils.dict_merge(every, each))
each = remove_get_keys_from_payload_dict(
each, remove_from_diff_compare)
changed = True
payload = map_params_to_obj(
each, self.key_transform)
response_code, api_response = conn_request.post(
"{0}/{1}".format(self.api_object, every["id"]),
data=payload,
)
self._check_for_response_code(
response_code, api_response)
after.append(
map_obj_to_params(
api_response,
self.key_transform,
self.api_return,
))
elif self._task.args["state"] == "replaced":
response_code, api_response = conn_request.delete(
"{0}/{1}".format(self.api_object, every["id"]),
data=each,
)
self._check_for_response_code(
response_code, api_response)
changed = True
payload = map_params_to_obj(
each, self.key_transform)
response_code, api_response = conn_request.post(
"{0}".format(self.api_object), data=payload)
self._check_for_response_code(
response_code, api_response)
after.append(
map_obj_to_params(
api_response,
self.key_transform,
self.api_return,
))
else:
before.append(every)
after.append(every)
temp_name.append(every["name"])
else:
before.append(every)
after.append(every)
else:
changed = True
each = utils.remove_empties(each)
each = remove_get_keys_from_payload_dict(
each, get_supported_keys)
payload = map_params_to_obj(each, self.key_transform)
code, api_response = conn_request.post("{0}".format(
self.api_object),
data=payload)
self._check_for_response_code(code, api_response)
after.extend(before)
after.append(
map_obj_to_params(api_response, self.key_transform,
self.api_return))
if not changed:
after = []
config.update({"before": before, "after": after})
return config, changed
def configure_module_api(self, deepsec_conn_request, module_config_params):
get_supported_keys = ["id", "identifier", "can_be_assigned_alone"]
config = {}
before = []
after = []
changed = False
remove_from_diff_compare = [
"id",
"cvss_score",
"cve",
"can_be_assigned_alone",
"type",
]
temp_name = []
for each in module_config_params:
search_by_name = self.search_for_ipr_name(deepsec_conn_request,
each["name"])
if search_by_name and search_by_name.get(self.api_return):
each_result = search_by_name[self.api_return]
for every in each_result:
every = map_obj_to_params(every, self.key_transform,
self.api_return)
if every["name"] == each["name"]:
each = utils.remove_empties(each)
diff = utils.dict_diff(every, each)
if diff:
diff = remove_get_keys_from_payload_dict(
diff, remove_from_diff_compare)
if diff:
before.append(every)
if self._task.args["state"] == "merged":
# Check for actual modification and if present fire
# the request over that IPR ID
each = utils.remove_empties(
utils.dict_merge(every, each))
each = remove_get_keys_from_payload_dict(
each, remove_from_diff_compare)
changed = True
payload = map_params_to_obj(
each, self.key_transform)
response_code, api_response = deepsec_conn_request.post(
"{0}/{1}".format(self.api_object, every["id"]),
data=payload,
)
self._check_for_response_code(
response_code, api_response)
after.append(
map_obj_to_params(
api_response,
self.key_transform,
self.api_return,
))
elif self._task.args["state"] == "replaced":
response_code, api_response = deepsec_conn_request.delete(
"{0}/{1}".format(self.api_object, every["id"]),
data=each,
)
self._check_for_response_code(
response_code, api_response)
changed = True
payload = map_params_to_obj(
each, self.key_transform)
response_code, api_response = deepsec_conn_request.post(
"{0}".format(self.api_object), data=payload)
self._check_for_response_code(
response_code, api_response)
after.append(
map_obj_to_params(
api_response,
self.key_transform,
self.api_return,
))
else:
before.append(every)
after.append(every)
temp_name.append(every["name"])
else:
before.append(every)
after.append(every)
else:
changed = True
each = utils.remove_empties(each)
each = remove_get_keys_from_payload_dict(
each, get_supported_keys)
payload = map_params_to_obj(each, self.key_transform)
code, api_response = deepsec_conn_request.post("{0}".format(
self.api_object),
data=payload)
self._check_for_response_code(code, api_response)
after.extend(before)
after.append(
map_obj_to_params(api_response, self.key_transform,
self.api_return))
if not changed:
after = []
config.update({"before": before, "after": after})
return config, changed
