def api_call(module, api_call_object): payload = get_payload_from_parameters(module.params) connection = Connection(module._socket_path) version = get_version(module) result = {'changed': False} if module.check_mode: return result payload_for_equals = {'type': api_call_object, 'params': payload} equals_code, equals_response = send_request(connection, version, 'equals', payload_for_equals) result['checkpoint_session_uid'] = connection.get_session_uid() handle_equals_failure(module, equals_code, equals_response) if module.params['state'] == 'present': if equals_code == 200: # else objects are equals and there is no need for set request if not equals_response['equals']: handle_call_and_set_result(connection, version, 'set-' + api_call_object, payload, module, result) elif equals_code == 404: handle_call_and_set_result(connection, version, 'add-' + api_call_object, payload, module, result) elif module.params['state'] == 'absent': handle_delete(equals_code, payload, delete_params, connection, version, api_call_object, module, result) return result
def api_call(module, api_call_object): payload = get_payload_from_parameters(module.params) connection = Connection(module._socket_path) result = {'changed': False} if module.check_mode: return result # if user insert a specific version, we add it to the url version = ('v' + module.params['version'] + '/') if module.params.get('version') else '' payload_for_equals = {'type': api_call_object, 'params': payload} equals_code, equals_response = send_request(connection, version, 'equals', payload_for_equals) result['checkpoint_session_uid'] = connection.get_session_uid() # if code is 400 (bad request) or 500 (internal error) - fail if equals_code == 400 or equals_code == 500: module.fail_json(msg=equals_response) if equals_code == 404 and equals_response['code'] == 'generic_err_command_not_found': module.fail_json(msg='Relevant hotfix is not installed on Check Point server. See sk114661 on Check Point Support Center.') if module.params['state'] == 'present': if equals_code == 200: if not equals_response['equals']: code, response = send_request(connection, version, 'set-' + api_call_object, payload) if code != 200: module.fail_json(msg=response) handle_publish(module, connection, version) result['changed'] = True result[api_call_object] = response else: # objects are equals and there is no need for set request pass elif equals_code == 404: code, response = send_request(connection, version, 'add-' + api_call_object, payload) if code != 200: module.fail_json(msg=response) handle_publish(module, connection, version) result['changed'] = True result[api_call_object] = response elif module.params['state'] == 'absent': if equals_code == 200: payload_for_delete = get_copy_payload_with_some_params(payload, delete_params) code, response = send_request(connection, version, 'delete-' + api_call_object, payload_for_delete) if code != 200: module.fail_json(msg=response) handle_publish(module, connection, version) result['changed'] = True elif equals_code == 404: # no need to delete because object dose not exist pass return result
def main(): argument_spec = dict( name=dict(type='str', required=True), layer=dict(type='str'), position=dict(type='str'), source=dict(type='str'), destination=dict(type='str'), action=dict(type='str', default='drop'), enabled=dict(type='bool', default=True), state=dict(type='str', default='present') ) argument_spec.update(checkpoint_argument_spec) required_if = [('state', 'present', ('layer', 'position'))] module = AnsibleModule(argument_spec=argument_spec, required_if=required_if) connection = Connection(module._socket_path) code, response = get_access_rule(module, connection) result = {'changed': False} if module.params['state'] == 'present': if code == 200: if needs_update(module, response): code, response = update_access_rule(module, connection) if module.params['auto_publish_session']: publish(connection) if module.params['auto_install_policy']: install_policy(connection, module.params['policy_package'], module.params['targets']) result['changed'] = True result['checkpoint_access_rules'] = response else: pass elif code == 404: code, response = create_access_rule(module, connection) if module.params['auto_publish_session']: publish(connection) if module.params['auto_install_policy']: install_policy(connection, module.params['policy_package'], module.params['targets']) result['changed'] = True result['checkpoint_access_rules'] = response else: if code == 200: code, response = delete_access_rule(module, connection) if module.params['auto_publish_session']: publish(connection) if module.params['auto_install_policy']: install_policy(connection, module.params['policy_package'], module.params['targets']) result['changed'] = True elif code == 404: pass result['checkpoint_session_uid'] = connection.get_session_uid() module.exit_json(**result)
def api_call(module, api_call_object): payload = get_payload_from_parameters(module) connection = Connection(module._socket_path) # if user insert a specific version, we add it to the url version = ('v' + module.params['version'] + '/') if module.params.get('version') else '' payload_for_equals = {'type': api_call_object, 'params': payload} equals_code, equals_response = send_request(connection, version, 'equals', payload_for_equals) # if code is 400 (bad request) or 500 (internal error) - fail if equals_code == 400 or equals_code == 500: module.fail_json(msg=equals_response) result = {'changed': False} if module.params['state'] == 'present': if equals_code == 200: if not equals_response['equals']: code, response = send_request(connection, version, 'set-' + api_call_object, payload) if code != 200: module.fail_json(msg=response) handle_publish(module, connection, version) result['changed'] = True result[api_call_object] = response else: # objects are equals and there is no need for set request pass elif equals_code == 404: code, response = send_request(connection, version, 'add-' + api_call_object, payload) if code != 200: module.fail_json(msg=response) handle_publish(module, connection, version) result['changed'] = True result[api_call_object] = response else: # state == absent if equals_code == 200: code, response = send_request(connection, version, 'delete-' + api_call_object, payload) if code != 200: module.fail_json(msg=response) handle_publish(module, connection, version) result['changed'] = True elif equals_code == 404: # no need to delete because object dose not exist pass result['checkpoint_session_uid'] = connection.get_session_uid() return result
def main(): argument_spec = dict( name=dict(type='str', required=True), ip_address=dict(type='str'), state=dict(type='str', default='present') ) argument_spec.update(checkpoint_argument_spec) required_if = [('state', 'present', 'ip_address')] module = AnsibleModule(argument_spec=argument_spec) connection = Connection(module._socket_path) code, response = get_host(module, connection) result = {'changed': False} if module.params['state'] == 'present': if code == 200: if needs_update(module, response): code, response = update_host(module, connection) if module.params['auto_publish_session']: publish(connection) if module.params['auto_install_policy']: install_policy(connection, module.params['policy_package'], module.params['targets']) result['changed'] = True result['checkpoint_hosts'] = response else: pass elif code == 404: code, response = create_host(module, connection) if module.params['auto_publish_session']: publish(connection) if module.params['auto_install_policy']: install_policy(connection, module.params['policy_package'], module.params['targets']) result['changed'] = True result['checkpoint_hosts'] = response else: if code == 200: # Handle deletion code, response = delete_host(module, connection) if module.params['auto_publish_session']: publish(connection) if module.params['auto_install_policy']: install_policy(connection, module.params['policy_package'], module.params['targets']) result['changed'] = True elif code == 404: pass result['checkpoint_session_uid'] = connection.get_session_uid() module.exit_json(**result)
def api_call_for_rule(module, api_call_object): is_access_rule = True if 'access' in api_call_object else False payload = get_payload_from_parameters(module.params) connection = Connection(module._socket_path) version = get_version(module) result = {'changed': False} if module.check_mode: return result if is_access_rule: copy_payload_without_some_params = extract_payload_without_some_params( payload, ['action', 'position']) else: copy_payload_without_some_params = extract_payload_without_some_params( payload, ['position']) payload_for_equals = { 'type': api_call_object, 'params': copy_payload_without_some_params } equals_code, equals_response = send_request(connection, version, 'equals', payload_for_equals) result['checkpoint_session_uid'] = connection.get_session_uid() handle_equals_failure(module, equals_code, equals_response) if module.params['state'] == 'present': if equals_code == 200: if equals_response['equals']: if not is_equals_with_all_params(payload, connection, version, api_call_object, is_access_rule): equals_response['equals'] = False # else objects are equals and there is no need for set request if not equals_response['equals']: # if user insert param 'position' and needed to use the 'set' command, change the param name to 'new-position' if 'position' in payload: payload['new-position'] = payload['position'] del payload['position'] handle_call_and_set_result(connection, version, 'set-' + api_call_object, payload, module, result) elif equals_code == 404: handle_call_and_set_result(connection, version, 'add-' + api_call_object, payload, module, result) elif module.params['state'] == 'absent': handle_delete(equals_code, payload, delete_params, connection, version, api_call_object, module, result) return result
def api_call_for_rule(module, api_call_object): is_access_rule = True if "access" in api_call_object else False payload = get_payload_from_parameters(module.params) connection = Connection(module._socket_path) result = {"changed": False} if module.check_mode: return result # if user insert a specific version, we add it to the url version = ( ("v" + module.params["version"] + "/") if module.params.get("version") else "" ) if is_access_rule: copy_payload_without_some_params = get_copy_payload_without_some_params( payload, ["action", "position"] ) else: copy_payload_without_some_params = get_copy_payload_without_some_params( payload, ["position"] ) payload_for_equals = { "type": api_call_object, "params": copy_payload_without_some_params, } equals_code, equals_response = send_request( connection, version, "equals", payload_for_equals ) result["checkpoint_session_uid"] = connection.get_session_uid() # if code is 400 (bad request) or 500 (internal error) - fail if equals_code == 400 or equals_code == 500: module.fail_json(msg=equals_response) if ( equals_code == 404 and equals_response["code"] == "generic_err_command_not_found" ): module.fail_json( msg="Relevant hotfix is not installed on Check Point server. See sk114661 on Check Point Support Center." ) if module.params["state"] == "present": if equals_code == 200: if equals_response["equals"]: if not is_equals_with_all_params( payload, connection, version, api_call_object, is_access_rule, ): equals_response["equals"] = False if not equals_response["equals"]: # if user insert param 'position' and needed to use the 'set' command, change the param name to 'new-position' if "position" in payload: payload["new-position"] = payload["position"] del payload["position"] code, response = send_request( connection, version, "set-" + api_call_object, payload ) if code != 200: module.fail_json(msg=response) handle_publish(module, connection, version) result["changed"] = True result[api_call_object] = response else: # objects are equals and there is no need for set request pass elif equals_code == 404: code, response = send_request( connection, version, "add-" + api_call_object, payload ) if code != 200: module.fail_json(msg=response) handle_publish(module, connection, version) result["changed"] = True result[api_call_object] = response elif module.params["state"] == "absent": if equals_code == 200: payload_for_delete = get_copy_payload_with_some_params( payload, delete_params ) code, response = send_request( connection, version, "delete-" + api_call_object, payload_for_delete, ) if code != 200: module.fail_json(msg=response) handle_publish(module, connection, version) result["changed"] = True elif equals_code == 404: # no need to delete because object dose not exist pass return result
def api_call_for_rule(module, api_call_object): is_access_rule = True if 'access' in api_call_object else False payload = get_payload_from_parameters(module.params) connection = Connection(module._socket_path) result = { 'changed': False, 'checkpoint_session_uid': connection.get_session_uid() } if module.check_mode: return result # if user insert a specific version, we add it to the url version = ('v' + module.params['version'] + '/') if module.params.get('version') else '' if is_access_rule: copy_payload_without_some_params = get_copy_payload_without_some_params( payload, ['action', 'position']) else: copy_payload_without_some_params = get_copy_payload_without_some_params( payload, ['position']) payload_for_equals = { 'type': api_call_object, 'params': copy_payload_without_some_params } equals_code, equals_response = send_request(connection, version, 'equals', payload_for_equals) # if code is 400 (bad request) or 500 (internal error) - fail if equals_code == 400 or equals_code == 500: module.fail_json(msg=equals_response) if module.params['state'] == 'present': if equals_code == 200: if equals_response['equals']: if not is_equals_with_all_params(payload, connection, version, api_call_object, is_access_rule): equals_response['equals'] = False if not equals_response['equals']: # if user insert param 'position' and needed to use the 'set' command, change the param name to 'new-position' if 'position' in payload: payload['new-position'] = payload['position'] del payload['position'] code, response = send_request(connection, version, 'set-' + api_call_object, payload) if code != 200: module.fail_json(msg=response) handle_publish(module, connection, version) result['changed'] = True result[api_call_object] = response else: # objects are equals and there is no need for set request pass elif equals_code == 404: code, response = send_request(connection, version, 'add-' + api_call_object, payload) if code != 200: module.fail_json(msg=response) handle_publish(module, connection, version) result['changed'] = True result[api_call_object] = response elif module.params['state'] == 'absent': if equals_code == 200: code, response = send_request(connection, version, 'delete-' + api_call_object, payload) if code != 200: module.fail_json(msg=response) handle_publish(module, connection, version) result['changed'] = True elif equals_code == 404: # no need to delete because object dose not exist pass return result
def main(): argument_spec = dict( name=dict(type="str", required=True), ip_address=dict(type="str"), state=dict(type="str", default="present"), ) argument_spec.update(checkpoint_argument_spec) module = AnsibleModule(argument_spec=argument_spec) connection = Connection(module._socket_path) code, response = get_host(module, connection) result = {"changed": False} if module.params["state"] == "present": if code == 200: if needs_update(module, response): code, response = update_host(module, connection) if code != 200: module.fail_json(msg=response) if module.params["auto_publish_session"]: publish(connection) if module.params["auto_install_policy"]: install_policy( connection, module.params["policy_package"], module.params["targets"], ) result["changed"] = True result["checkpoint_hosts"] = response else: pass elif code == 404: code, response = create_host(module, connection) if code != 200: module.fail_json(msg=response) if module.params["auto_publish_session"]: publish(connection) if module.params["auto_install_policy"]: install_policy( connection, module.params["policy_package"], module.params["targets"], ) result["changed"] = True result["checkpoint_hosts"] = response else: if code == 200: # Handle deletion code, response = delete_host(module, connection) if code != 200: module.fail_json(msg=response) if module.params["auto_publish_session"]: publish(connection) if module.params["auto_install_policy"]: install_policy( connection, module.params["policy_package"], module.params["targets"], ) result["changed"] = True result["checkpoint_hosts"] = response elif code == 404: pass result["checkpoint_session_uid"] = connection.get_session_uid() module.exit_json(**result)
def main(): argument_spec = dict( name=dict(type="str", required=True), layer=dict(type="str"), position=dict(type="str"), source=dict(type="str"), destination=dict(type="str"), action=dict(type="str", default="drop"), enabled=dict(type="bool", default=True), state=dict(type="str", default="present"), ) argument_spec.update(checkpoint_argument_spec) required_if = [("state", "present", ("layer", "position"))] module = AnsibleModule(argument_spec=argument_spec, required_if=required_if) connection = Connection(module._socket_path) code, response = get_access_rule(module, connection) result = {"changed": False} if module.params["state"] == "present": if code == 200: if needs_update(module, response): code, response = update_access_rule(module, connection) if code != 200: module.fail_json(msg=response) if module.params["auto_publish_session"]: publish(connection) if module.params["auto_install_policy"]: install_policy( connection, module.params["policy_package"], module.params["targets"], ) result["changed"] = True result["checkpoint_access_rules"] = response else: pass elif code == 404: code, response = create_access_rule(module, connection) if code != 200: module.fail_json(msg=response) if module.params["auto_publish_session"]: publish(connection) if module.params["auto_install_policy"]: install_policy( connection, module.params["policy_package"], module.params["targets"], ) result["changed"] = True result["checkpoint_access_rules"] = response else: if code == 200: code, response = delete_access_rule(module, connection) if code != 200: module.fail_json(msg=response) if module.params["auto_publish_session"]: publish(connection) if module.params["auto_install_policy"]: install_policy( connection, module.params["policy_package"], module.params["targets"], ) result["changed"] = True result["checkpoint_access_rules"] = response elif code == 404: pass result["checkpoint_session_uid"] = connection.get_session_uid() module.exit_json(**result)