def main():
headers = authenticate('*****@*****.**', 'adminpassword')
api_token = authenticate(
"*****@*****.**",
"user_with_exercisepassword",
)
print(api_token)
# headers = authenticate('*****@*****.**', '1234')
endpoint = "/api/v1/whoami"
get(endpoint, headers)
def main():
cred = authenticate()
print("authentication successful")
#import objects and policies from json
objects_file = open("objects.json").read()
objects = json.loads(objects_file)
policy_file = open("policy.json").read()
policies = json.loads(policy_file)
pkeys = policies.keys()
okeys = objects.keys()
#each object is a list the first position is the type of object
#the second position is the data
print("Objects")
for key in okeys:
r, c = api_post(cred, "add-" + objects[key][0], objects[key][1])
print(c)
print("Policies")
for key in pkeys:
if policies[key][0] in ["access-layer"]:
r, c = api_post(cred, "set-access-layer", policies[key][1])
else:
r, c = api_post(cred, "add-" + policies[key][0], policies[key][1])
print(c)
api_post(cred, "publish", {})
api_post(cred, "logout", {})
return
def main():
cred = authenticate()
print("Authentication Successful")
#change policy query if you are adapting this to your rulebase
policy_query = {
"offset": 0,
"limit": 20,
"name": "API_Policy Network",
"details-level": "full",
"use-object-dictionary": "true"
}
r, c = api_post(cred, "show-access-rulebase", policy_query)
layer = "API_Policy Network"
#for each rule
for rule in r["rulebase"]:
rule_uid = rule["uid"]
#for each source item in that rule
for item in rule["source"]:
r, c = api_post(cred, "show-object", {"uid": item})
object_type = r["object"]["type"]
if object_type in ["host", "network"]:
cleanup(cred, object_type, item, layer, rule_uid, "source")
#for each destination item in that rule
for item in rule["destination"]:
r, c = api_post(cred, "show-object", {"uid": item})
object_type = r["object"]["type"]
if object_type in ["host", "network"]:
cleanup(cred, object_type, item, layer, rule_uid,
"destination")
api_post(cred, "publish", {})
api_post(cred, "logout", {})
return
def get_lectures():
headers = authenticate(username=USERNAME, save=True)
endpoint = "/api/v1/lectures"
return get(endpoint, headers)
def main():
rule_set = read_rules()
cred = authenticate()
print("Authentication Successful")
#change policy query if you are adapting this to your rulebase
policy_query = {
"offset": 0,
"limit": 20,
"name": "API_Policy Network",
"details-level": "full",
"use-object-dictionary": "true"
}
r, c = api_post(cred, "show-access-rulebase", policy_query)
layer = "API_Policy Network"
#for each rule
for rule in r["rulebase"]:
print(" --- " + rule["name"] + " --- ")
rule_uid = rule["uid"]
#for each source item in that rule
for item in rule["source"]:
r, c = api_post(cred, "show-object", {"uid": item})
object_type = r["object"]["type"]
if object_type == "host":
new_host_uid = host_duplicate(cred, item, rule_set)
#if object did not match regex rules no modification of rule needed
if new_host_uid == None:
continue
#else take new uid and add to rulebase
else:
r, c = api_post(
cred, "set-access-rule", {
"uid": rule_uid,
"layer": layer,
"source": {
"add": new_host_uid
}
})
if object_type == "network":
new_network_uid = network_duplicate(cred, item, rule_set)
#if object did not match regex rules no modification of rule needed
if new_network_uid == None:
continue
#else take new uid and add to rulebase
else:
r, c = api_post(
cred, "set-access-rule", {
"uid": rule_uid,
"layer": layer,
"source": {
"add": new_network_uid
}
})
#TODO: add handling for group object
elif object_type == "group":
continue
else:
continue
#for each destination item in that rule
for item in rule["destination"]:
r, c = api_post(cred, "show-object", {"uid": item})
object_type = r["object"]["type"]
if object_type == "host":
new_host_uid = host_duplicate(cred, item, rule_set)
#if object did not match regex rules no modification of rule needed
if new_host_uid == None:
continue
#else take new uid and add to rulebase
else:
r, c = api_post(
cred, "set-access-rule", {
"uid": rule_uid,
"layer": layer,
"destination": {
"add": new_host_uid
}
})
if object_type == "network":
new_network_uid = network_duplicate(cred, item, rule_set)
#if object did not match regex rules no modification of rule needed
if new_network_uid == None:
continue
#else take new uid and add to rulebase
else:
r, c = api_post(
cred, "set-access-rule", {
"uid": rule_uid,
"layer": layer,
"destination": {
"add": new_network_uid
}
})
#TODO: add handling for group object
elif object_type == "group":
continue
else:
continue
api_post(cred, "publish", {})
api_post(cred, "logout", {})
return
def main():
headers = authenticate('*****@*****.**', '1234')
endpoint = "/api/v1/tutorials"
post(endpoint, headers)
def main():
headers = authenticate('*****@*****.**', '1234')
endpoint = "/api/v1/lectures"
post(endpoint, headers)
put(endpoint + "/20109", headers)