def setup_state_obj(self, dev, state):
state.obj = objects.Tag(
testlib.random_name(),
color='color1',
comments='My new tag',
)
dev.add(state.obj)
def _parse_tag_xml(self, xml):
"""parse the xml into actual objects and store them in the dicts"""
for elm in xml:
obj = objects.Tag()
obj.refresh(xml=elm)
self.tag_objects[obj.name] = obj
def create_object(**kwargs):
if kwargs['addressobject']:
newobject = objects.AddressObject(
name=kwargs['addressobject'],
value=kwargs['address'],
type=kwargs['address_type'],
description=kwargs['description'],
tag=kwargs['tag_name']
)
if newobject.type and newobject.value:
return newobject
else:
return False
elif kwargs['addressgroup']:
newobject = objects.AddressGroup(
name=kwargs['addressgroup'],
static_value=kwargs['static_value'],
dynamic_value=kwargs['dynamic_value'],
description=kwargs['description'],
tag=kwargs['tag_name']
)
if newobject.static_value or newobject.dynamic_value:
return newobject
else:
return False
elif kwargs['serviceobject']:
newobject = objects.ServiceObject(
name=kwargs['serviceobject'],
protocol=kwargs['protocol'],
source_port=kwargs['source_port'],
destination_port=kwargs['destination_port'],
tag=kwargs['tag_name']
)
if newobject.protocol and newobject.destination_port:
return newobject
else:
return False
elif kwargs['servicegroup']:
newobject = objects.ServiceGroup(
name=kwargs['servicegroup'],
value=kwargs['services'],
tag=kwargs['tag_name']
)
if newobject.value:
return newobject
else:
return False
elif kwargs['tag_name']:
newobject = objects.Tag(
name=kwargs['tag_name'],
color=kwargs['color'],
comments=kwargs['description']
)
if newobject.name:
return newobject
else:
return False
else:
return False
def create_dependencies(self, dev, state):
state.tags = [
objects.Tag(testlib.random_name(),
color='color{0}'.format(x),
comments=testlib.random_name())
for x in range(1, 5)
]
for x in state.tags:
dev.add(x)
x.create()
def create_dependencies(self, dev, state):
state.tag = None
state.services = [
objects.ServiceObject(
testlib.random_name(),
'tcp' if x % 2 == 0 else 'udp',
destination_port=2000 + x,
description='Service {0}'.format(x))
for x in range(4)
]
for x in state.services:
dev.add(x)
x.create()
state.tag = objects.Tag(testlib.random_name(), 'color5')
dev.add(state.tag)
state.tag.create()
def pan_tags(pan_fw, tag_names=[]):
""" Returns a list of PAN tag objects. It will take a list of tag names and add them to exising tags """
current_tags = pan_objs.Tag.refreshall(pan_fw, add=False)
current_tag_names = [t.name for t in current_tags]
new_tags = list(set(tag_names).difference(set(current_tag_names)))
logger.debug('Supplied tags:{}'.format(tag_names))
new_pan_tags = [pan_objs.Tag(name=t) for t in new_tags]
# Add current and new tag objects to pan_fw object
if new_pan_tags:
logger.debug('Found {:d}'.format(len(new_tags)))
logger.debug('Adding tags:{}'.format(new_tags))
tags_to_be_added = current_tags + new_pan_tags
for pan_tag in tags_to_be_added:
pan_fw.add(pan_tag)
#tags_to_be_added[0].create_similar()
#tags_to_be_added[0].apply_similar()
return tags_to_be_added
else:
logger.debug('All supplied tags already exist; no new tags added')
return current_tags
def getSA_JSON(url):
headers = {
'accept': "application/json",
'content-type': "application/json",
'cache-control': "no-cache"
}
return requests.request("GET", url, headers=headers, auth=(tufin_user, tufin_pass), verify=False).json()
#Main
if __name__ == '__main__':
#Grab the arguments
options = parse_args()
#Go through Pano
print "Connecting to Firewall through Panorama"
(fw, pano) = pano_connect()
# fw = fw_connect()
if options.remove:
print "Are you sure you want to remove?"
resp = raw_input("Type YES in all caps: ")
if resp == 'YES':
remove_all()
else:
print "No Go."
else:
print "Adding Tufin Tag"
fw.add(objects.Tag(tufin_tag, 'orange', 'Converted Object')).create()
print "Converting Objects"
process_objects(fetch_objects(options.device))
def main():
argument_spec = dict(ip_address=dict(required=True),
username=dict(default='admin'),
password=dict(no_log=True),
api_key=dict(no_log=True),
name=dict(type='str', required=True),
color=dict(choices=COLOR_NAMES),
comments=dict(type='str'),
device_group=dict(type='str'),
vsys=dict(type='str', default='vsys1'),
state=dict(default='present',
choices=['present', 'absent']),
commit=dict(type='bool', default=True))
module = AnsibleModule(argument_spec=argument_spec,
supports_check_mode=False)
if not HAS_LIB:
module.fail_json(
msg='pan-python and pandevice are required for this module.')
ip_address = module.params['ip_address']
username = module.params['username']
password = module.params['password']
api_key = module.params['api_key']
name = module.params['name']
color = module.params['color']
comments = module.params['comments']
device_group = module.params['device_group']
vsys = module.params['vsys']
state = module.params['state']
commit = module.params['commit']
changed = False
try:
device = base.PanDevice.create_from_device(ip_address,
username,
password,
api_key=api_key)
if isinstance(device, firewall.Firewall):
device.vsys = vsys
if device_group:
if device_group.lower() == 'shared':
device_group = None
else:
if not get_devicegroup(device, device_group):
module.fail_json(msg='Could not find {} device group.'.
format(device_group))
if state == 'present':
existing_obj = find_object(device, name, objects.Tag, device_group)
color_id = objects.Tag.color_code(color) if color else None
new_obj = objects.Tag(name=name, color=color_id, comments=comments)
if not existing_obj:
add_object(device, new_obj, device_group)
new_obj.create()
changed = True
elif not existing_obj.equal(new_obj):
existing_obj.color = objects.Tag.color_code(color)
existing_obj.comments = comments
existing_obj.apply()
changed = True
elif state == 'absent':
existing_obj = find_object(device, name, objects.Tag, device_group)
if existing_obj:
existing_obj.delete()
changed = True
if commit and changed:
perform_commit(module, device, device_group)
except PanDeviceError as e:
module.fail_json(msg=e.message)
module.exit_json(changed=changed)
