def delete_waf_custom_rule(client,
resource_group_name,
policy_name,
name,
no_wait=None):
policy = client.get(resource_group_name, policy_name)
rule = find_child_item(policy.custom_rules, name, path='rules', key_path='name')
policy.custom_rules.rules.remove(rule)
return sdk_no_wait(no_wait, client.create_or_update, resource_group_name, policy_name, policy)
def show_waf_managed_rule_group_override(client, resource_group_name,
policy_name, rule_set_type,
rule_set_version, name):
ruleset = show_waf_policy_managed_rule_set(client, resource_group_name,
policy_name, rule_set_type,
rule_set_version)
return find_child_item(ruleset,
name,
path='rule_group_overrides',
key_path='rule_group_name')
def remove_or_rule(client, resource_group_name, account_name, policy_id, rule_id):
or_policy = client.get(resource_group_name=resource_group_name,
account_name=account_name,
object_replication_policy_id=policy_id)
rule = find_child_item(or_policy, rule_id, path='rules', key_path='rule_id')
or_policy.rules.remove(rule)
return client.create_or_update(resource_group_name, account_name, policy_id, or_policy)
def delete_waf_managed_rule_group_override(client,
resource_group_name,
policy_name,
rule_set_type,
rule_set_version,
name):
policy = client.get(resource_group_name, policy_name)
ruleset = _find_policy_managed_rule_set(policy, rule_set_type, rule_set_version)
if ruleset is None:
raise CLIError("managed rule set type '{}' version '{}' is not added to WAF policy '{}'"
.format(rule_set_type, rule_set_version, policy_name))
override = find_child_item(ruleset, name, path='rule_group_overrides', key_path='rule_group_name')
ruleset.rule_group_overrides.remove(override)
client.create_or_update(resource_group_name, policy_name, policy).wait()
def set_waf_managed_rule_group_override(client,
resource_group_name,
policy_name,
rule_set_type,
rule_set_version,
name,
rule_overrides):
policy = client.get(resource_group_name, policy_name)
ruleset = _find_policy_managed_rule_set(policy, rule_set_type, rule_set_version)
if ruleset is None:
raise CLIError("managed rule set type '{}' version '{}' is not added to WAF policy '{}'"
.format(rule_set_type, rule_set_version, policy_name))
rulegroup = ManagedRuleGroupOverride(rule_group_name=name, rules=rule_overrides)
upsert_to_collection(ruleset, 'rule_group_overrides', rulegroup, 'rule_group_name')
policy = client.create_or_update(resource_group_name, policy_name, policy).result()
ruleset = _find_policy_managed_rule_set(policy, rule_set_type, rule_set_version)
return find_child_item(ruleset, name, path='rule_group_overrides', key_path='rule_group_name')
def set_waf_custom_rule(client,
resource_group_name,
policy_name,
name,
priority,
action,
match_conditions,
disabled=None):
from azure.mgmt.cdn.models import (CustomRuleEnabledState)
rule = CustomRule(name=name,
enabled_state=CustomRuleEnabledState.disabled if disabled else CustomRuleEnabledState.enabled,
action=action,
match_conditions=match_conditions,
priority=priority)
policy = client.get(resource_group_name, policy_name)
upsert_to_collection(policy.custom_rules, 'rules', rule, 'name')
policy = client.create_or_update(resource_group_name, policy_name, policy).result()
return find_child_item(policy.custom_rules, name, path='rules', key_path='name')
def set_waf_rate_limit_rule(client,
resource_group_name,
policy_name,
name,
priority,
action,
request_threshold,
duration,
match_conditions,
disabled=None):
from azure.mgmt.cdn.models import (CustomRuleEnabledState)
rule = RateLimitRule(name=name,
enabled_state=CustomRuleEnabledState.disabled if disabled else CustomRuleEnabledState.enabled,
rate_limit_threshold=request_threshold,
rate_limit_duration_in_minutes=duration,
action=action,
match_conditions=match_conditions,
priority=priority)
policy = client.get(resource_group_name, policy_name)
upsert_to_collection(policy.rate_limit_rules, 'rules', rule, 'name')
updated = client.create_or_update(resource_group_name, policy_name, policy).result()
return find_child_item(updated.rate_limit_rules, name, path='rules', key_path='name')
def show_waf_rate_limit_rule(client, resource_group_name, policy_name, name):
policy = client.get(resource_group_name, policy_name)
return find_child_item(policy.rate_limit_rules,
name,
path='rules',
key_path='name')
def handler(args): # pylint: disable=too-many-branches,too-many-statements
cmd = args.get('cmd')
context_copy = copy.copy(context)
context_copy.cli_ctx = cmd.cli_ctx
force_string = args.get('force_string', False)
ordered_arguments = args.pop('ordered_arguments', [])
dest_names = child_arg_name.split('.')
child_names = [args.get(key, None) for key in dest_names]
for item in ['properties_to_add', 'properties_to_set', 'properties_to_remove']:
if args[item]:
raise CLIError("Unexpected '{}' was not empty.".format(item))
del args[item]
getter, getterargs = _extract_handler_and_args(args, cmd.command_kwargs, getter_op, context_copy)
if child_collection_prop_name:
parent = cached_get(cmd, getter, **getterargs)
instance = find_child_item(
parent, *child_names, path=child_collection_prop_name, key_path=child_collection_key)
else:
parent = None
instance = cached_get(cmd, getter, **getterargs)
# pass instance to the custom_function, if provided
if custom_function_op:
custom_function, custom_func_args = _extract_handler_and_args(
args, cmd.command_kwargs, custom_function_op, context_copy)
if child_collection_prop_name:
parent = custom_function(instance=instance, parent=parent, **custom_func_args)
else:
instance = custom_function(instance=instance, **custom_func_args)
# apply generic updates after custom updates
setter, setterargs = _extract_handler_and_args(args, cmd.command_kwargs, setter_op, context_copy)
for arg in ordered_arguments:
arg_type, arg_values = arg
if arg_type == '--set':
try:
for expression in arg_values:
set_properties(instance, expression, force_string)
except ValueError:
raise CLIError('invalid syntax: {}'.format(set_usage))
elif arg_type == '--add':
try:
add_properties(instance, arg_values, force_string)
except ValueError:
raise CLIError('invalid syntax: {}'.format(add_usage))
elif arg_type == '--remove':
try:
remove_properties(instance, arg_values)
except ValueError:
raise CLIError('invalid syntax: {}'.format(remove_usage))
# Done... update the instance!
setterargs[setter_arg_name] = parent if child_collection_prop_name else instance
# Handle no-wait
supports_no_wait = cmd.command_kwargs.get('supports_no_wait', None)
if supports_no_wait:
no_wait_enabled = args.get('no_wait', False)
augment_no_wait_handler_args(no_wait_enabled,
setter,
setterargs)
else:
no_wait_param = cmd.command_kwargs.get('no_wait_param', None)
if no_wait_param:
setterargs[no_wait_param] = args[no_wait_param]
if setter_arg_name == 'parameters':
result = cached_put(cmd, setter, **setterargs)
else:
result = cached_put(cmd, setter, setterargs[setter_arg_name], **setterargs)
if supports_no_wait and no_wait_enabled:
return None
no_wait_param = cmd.command_kwargs.get('no_wait_param', None)
if no_wait_param and setterargs.get(no_wait_param, None):
return None
if _is_poller(result):
result = result.result()
if child_collection_prop_name:
result = find_child_item(
result, *child_names, path=child_collection_prop_name, key_path=child_collection_key)
return result
def handler(self, command_args): # pylint: disable=too-many-locals, too-many-statements, too-many-branches
""" Callback function of CLICommand handler """
from knack.util import CLIError
from azure.cli.core.commands import cached_get, cached_put, _is_poller
from azure.cli.core.util import find_child_item, augment_no_wait_handler_args
from azure.cli.core.commands.arm import add_usage, remove_usage, set_usage,\
add_properties, remove_properties, set_properties
self.cmd = command_args.get('cmd')
force_string = command_args.get('force_string', False)
ordered_arguments = command_args.pop('ordered_arguments', [])
dest_names = self.child_arg_name.split('.')
child_names = [command_args.get(key, None) for key in dest_names]
for item in [
'properties_to_add', 'properties_to_set',
'properties_to_remove'
]:
if command_args[item]:
raise CLIError("Unexpected '{}' was not empty.".format(item))
del command_args[item]
getter, getterargs = self._extract_op_handler_and_args(
command_args, self.getter_op_path)
if self.child_collection_prop_name:
parent = cached_get(self.cmd, getter, **getterargs)
instance = find_child_item(parent,
*child_names,
path=self.child_collection_prop_name,
key_path=self.child_collection_key)
else:
parent = None
instance = cached_get(self.cmd, getter, **getterargs)
# pass instance to the custom_function, if provided
if self.custom_function_op_path:
custom_function, custom_func_args = self._extract_op_handler_and_args(
command_args, self.custom_function_op_path)
if self.child_collection_prop_name:
parent = custom_function(instance=instance,
parent=parent,
**custom_func_args)
else:
instance = custom_function(instance=instance,
**custom_func_args)
# apply generic updates after custom updates
setter, setterargs = self._extract_op_handler_and_args(
command_args, self.setter_op_path)
for arg in ordered_arguments:
arg_type, arg_values = arg
if arg_type == '--set':
try:
for expression in arg_values:
set_properties(instance, expression, force_string)
except ValueError:
raise CLIError('invalid syntax: {}'.format(set_usage))
elif arg_type == '--add':
try:
add_properties(instance, arg_values, force_string)
except ValueError:
raise CLIError('invalid syntax: {}'.format(add_usage))
elif arg_type == '--remove':
try:
remove_properties(instance, arg_values)
except ValueError:
raise CLIError('invalid syntax: {}'.format(remove_usage))
# Done... update the instance!
setterargs[
self.
setter_arg_name] = parent if self.child_collection_prop_name else instance
# Handle no-wait
supports_no_wait = self.cmd.command_kwargs.get('supports_no_wait',
None)
if supports_no_wait:
no_wait_enabled = command_args.get('no_wait', False)
augment_no_wait_handler_args(no_wait_enabled, setter, setterargs)
else:
no_wait_param = self.cmd.command_kwargs.get('no_wait_param', None)
if no_wait_param:
setterargs[no_wait_param] = command_args[no_wait_param]
if self.setter_arg_name == 'parameters':
result = cached_put(self.cmd, setter, **setterargs)
else:
result = cached_put(self.cmd,
setter,
setterargs[self.setter_arg_name],
setter_arg_name=self.setter_arg_name,
**setterargs)
if supports_no_wait and no_wait_enabled:
return None
no_wait_param = self.cmd.command_kwargs.get('no_wait_param', None)
if no_wait_param and setterargs.get(no_wait_param, None):
return None
if _is_poller(result):
result = result.result()
if self.child_collection_prop_name:
result = find_child_item(result,
*child_names,
path=self.child_collection_prop_name,
key_path=self.child_collection_key)
return result