def delete_waf_custom_rule(client, resource_group_name, policy_name, name, no_wait=None): policy = client.get(resource_group_name, policy_name) rule = find_child_item(policy.custom_rules, name, path='rules', key_path='name') policy.custom_rules.rules.remove(rule) return sdk_no_wait(no_wait, client.create_or_update, resource_group_name, policy_name, policy)
def show_waf_managed_rule_group_override(client, resource_group_name, policy_name, rule_set_type, rule_set_version, name): ruleset = show_waf_policy_managed_rule_set(client, resource_group_name, policy_name, rule_set_type, rule_set_version) return find_child_item(ruleset, name, path='rule_group_overrides', key_path='rule_group_name')
def remove_or_rule(client, resource_group_name, account_name, policy_id, rule_id): or_policy = client.get(resource_group_name=resource_group_name, account_name=account_name, object_replication_policy_id=policy_id) rule = find_child_item(or_policy, rule_id, path='rules', key_path='rule_id') or_policy.rules.remove(rule) return client.create_or_update(resource_group_name, account_name, policy_id, or_policy)
def delete_waf_managed_rule_group_override(client, resource_group_name, policy_name, rule_set_type, rule_set_version, name): policy = client.get(resource_group_name, policy_name) ruleset = _find_policy_managed_rule_set(policy, rule_set_type, rule_set_version) if ruleset is None: raise CLIError("managed rule set type '{}' version '{}' is not added to WAF policy '{}'" .format(rule_set_type, rule_set_version, policy_name)) override = find_child_item(ruleset, name, path='rule_group_overrides', key_path='rule_group_name') ruleset.rule_group_overrides.remove(override) client.create_or_update(resource_group_name, policy_name, policy).wait()
def set_waf_managed_rule_group_override(client, resource_group_name, policy_name, rule_set_type, rule_set_version, name, rule_overrides): policy = client.get(resource_group_name, policy_name) ruleset = _find_policy_managed_rule_set(policy, rule_set_type, rule_set_version) if ruleset is None: raise CLIError("managed rule set type '{}' version '{}' is not added to WAF policy '{}'" .format(rule_set_type, rule_set_version, policy_name)) rulegroup = ManagedRuleGroupOverride(rule_group_name=name, rules=rule_overrides) upsert_to_collection(ruleset, 'rule_group_overrides', rulegroup, 'rule_group_name') policy = client.create_or_update(resource_group_name, policy_name, policy).result() ruleset = _find_policy_managed_rule_set(policy, rule_set_type, rule_set_version) return find_child_item(ruleset, name, path='rule_group_overrides', key_path='rule_group_name')
def set_waf_custom_rule(client, resource_group_name, policy_name, name, priority, action, match_conditions, disabled=None): from azure.mgmt.cdn.models import (CustomRuleEnabledState) rule = CustomRule(name=name, enabled_state=CustomRuleEnabledState.disabled if disabled else CustomRuleEnabledState.enabled, action=action, match_conditions=match_conditions, priority=priority) policy = client.get(resource_group_name, policy_name) upsert_to_collection(policy.custom_rules, 'rules', rule, 'name') policy = client.create_or_update(resource_group_name, policy_name, policy).result() return find_child_item(policy.custom_rules, name, path='rules', key_path='name')
def set_waf_rate_limit_rule(client, resource_group_name, policy_name, name, priority, action, request_threshold, duration, match_conditions, disabled=None): from azure.mgmt.cdn.models import (CustomRuleEnabledState) rule = RateLimitRule(name=name, enabled_state=CustomRuleEnabledState.disabled if disabled else CustomRuleEnabledState.enabled, rate_limit_threshold=request_threshold, rate_limit_duration_in_minutes=duration, action=action, match_conditions=match_conditions, priority=priority) policy = client.get(resource_group_name, policy_name) upsert_to_collection(policy.rate_limit_rules, 'rules', rule, 'name') updated = client.create_or_update(resource_group_name, policy_name, policy).result() return find_child_item(updated.rate_limit_rules, name, path='rules', key_path='name')
def show_waf_rate_limit_rule(client, resource_group_name, policy_name, name): policy = client.get(resource_group_name, policy_name) return find_child_item(policy.rate_limit_rules, name, path='rules', key_path='name')
def handler(args): # pylint: disable=too-many-branches,too-many-statements cmd = args.get('cmd') context_copy = copy.copy(context) context_copy.cli_ctx = cmd.cli_ctx force_string = args.get('force_string', False) ordered_arguments = args.pop('ordered_arguments', []) dest_names = child_arg_name.split('.') child_names = [args.get(key, None) for key in dest_names] for item in ['properties_to_add', 'properties_to_set', 'properties_to_remove']: if args[item]: raise CLIError("Unexpected '{}' was not empty.".format(item)) del args[item] getter, getterargs = _extract_handler_and_args(args, cmd.command_kwargs, getter_op, context_copy) if child_collection_prop_name: parent = cached_get(cmd, getter, **getterargs) instance = find_child_item( parent, *child_names, path=child_collection_prop_name, key_path=child_collection_key) else: parent = None instance = cached_get(cmd, getter, **getterargs) # pass instance to the custom_function, if provided if custom_function_op: custom_function, custom_func_args = _extract_handler_and_args( args, cmd.command_kwargs, custom_function_op, context_copy) if child_collection_prop_name: parent = custom_function(instance=instance, parent=parent, **custom_func_args) else: instance = custom_function(instance=instance, **custom_func_args) # apply generic updates after custom updates setter, setterargs = _extract_handler_and_args(args, cmd.command_kwargs, setter_op, context_copy) for arg in ordered_arguments: arg_type, arg_values = arg if arg_type == '--set': try: for expression in arg_values: set_properties(instance, expression, force_string) except ValueError: raise CLIError('invalid syntax: {}'.format(set_usage)) elif arg_type == '--add': try: add_properties(instance, arg_values, force_string) except ValueError: raise CLIError('invalid syntax: {}'.format(add_usage)) elif arg_type == '--remove': try: remove_properties(instance, arg_values) except ValueError: raise CLIError('invalid syntax: {}'.format(remove_usage)) # Done... update the instance! setterargs[setter_arg_name] = parent if child_collection_prop_name else instance # Handle no-wait supports_no_wait = cmd.command_kwargs.get('supports_no_wait', None) if supports_no_wait: no_wait_enabled = args.get('no_wait', False) augment_no_wait_handler_args(no_wait_enabled, setter, setterargs) else: no_wait_param = cmd.command_kwargs.get('no_wait_param', None) if no_wait_param: setterargs[no_wait_param] = args[no_wait_param] if setter_arg_name == 'parameters': result = cached_put(cmd, setter, **setterargs) else: result = cached_put(cmd, setter, setterargs[setter_arg_name], **setterargs) if supports_no_wait and no_wait_enabled: return None no_wait_param = cmd.command_kwargs.get('no_wait_param', None) if no_wait_param and setterargs.get(no_wait_param, None): return None if _is_poller(result): result = result.result() if child_collection_prop_name: result = find_child_item( result, *child_names, path=child_collection_prop_name, key_path=child_collection_key) return result
def handler(self, command_args): # pylint: disable=too-many-locals, too-many-statements, too-many-branches """ Callback function of CLICommand handler """ from knack.util import CLIError from azure.cli.core.commands import cached_get, cached_put, _is_poller from azure.cli.core.util import find_child_item, augment_no_wait_handler_args from azure.cli.core.commands.arm import add_usage, remove_usage, set_usage,\ add_properties, remove_properties, set_properties self.cmd = command_args.get('cmd') force_string = command_args.get('force_string', False) ordered_arguments = command_args.pop('ordered_arguments', []) dest_names = self.child_arg_name.split('.') child_names = [command_args.get(key, None) for key in dest_names] for item in [ 'properties_to_add', 'properties_to_set', 'properties_to_remove' ]: if command_args[item]: raise CLIError("Unexpected '{}' was not empty.".format(item)) del command_args[item] getter, getterargs = self._extract_op_handler_and_args( command_args, self.getter_op_path) if self.child_collection_prop_name: parent = cached_get(self.cmd, getter, **getterargs) instance = find_child_item(parent, *child_names, path=self.child_collection_prop_name, key_path=self.child_collection_key) else: parent = None instance = cached_get(self.cmd, getter, **getterargs) # pass instance to the custom_function, if provided if self.custom_function_op_path: custom_function, custom_func_args = self._extract_op_handler_and_args( command_args, self.custom_function_op_path) if self.child_collection_prop_name: parent = custom_function(instance=instance, parent=parent, **custom_func_args) else: instance = custom_function(instance=instance, **custom_func_args) # apply generic updates after custom updates setter, setterargs = self._extract_op_handler_and_args( command_args, self.setter_op_path) for arg in ordered_arguments: arg_type, arg_values = arg if arg_type == '--set': try: for expression in arg_values: set_properties(instance, expression, force_string) except ValueError: raise CLIError('invalid syntax: {}'.format(set_usage)) elif arg_type == '--add': try: add_properties(instance, arg_values, force_string) except ValueError: raise CLIError('invalid syntax: {}'.format(add_usage)) elif arg_type == '--remove': try: remove_properties(instance, arg_values) except ValueError: raise CLIError('invalid syntax: {}'.format(remove_usage)) # Done... update the instance! setterargs[ self. setter_arg_name] = parent if self.child_collection_prop_name else instance # Handle no-wait supports_no_wait = self.cmd.command_kwargs.get('supports_no_wait', None) if supports_no_wait: no_wait_enabled = command_args.get('no_wait', False) augment_no_wait_handler_args(no_wait_enabled, setter, setterargs) else: no_wait_param = self.cmd.command_kwargs.get('no_wait_param', None) if no_wait_param: setterargs[no_wait_param] = command_args[no_wait_param] if self.setter_arg_name == 'parameters': result = cached_put(self.cmd, setter, **setterargs) else: result = cached_put(self.cmd, setter, setterargs[self.setter_arg_name], setter_arg_name=self.setter_arg_name, **setterargs) if supports_no_wait and no_wait_enabled: return None no_wait_param = self.cmd.command_kwargs.get('no_wait_param', None) if no_wait_param and setterargs.get(no_wait_param, None): return None if _is_poller(result): result = result.result() if self.child_collection_prop_name: result = find_child_item(result, *child_names, path=self.child_collection_prop_name, key_path=self.child_collection_key) return result