def login(self, username, password): url = '%s/session/login_password' % self.get_base_url() data = 'user=%s&password=%s' % (quote( username, safe=''), quote(password, safe='')) headers = { 'referer': self.get_base_url(), 'Content-Type': 'application/x-www-form-urlencoded', 'Accept': 'text/plain' } try: resp, info = fetch_url(module=self.module, url=url, data=to_bytes(data), headers=headers) status_code = info['status'] if status_code not in [200, 201, 204]: self._fail('login', info['msg']) self.headers = { 'referer': self.get_base_url(), 'Content-Type': 'application/json', 'Accept': 'application/json', 'Cookie': resp.info().get('Set-Cookie') } except Exception as e: self._fail('login', to_native(e))
def login(self, username, password): if 'KRB5CCNAME' in os.environ and HAS_GSSAPI: self.use_gssapi = True elif 'KRB5_CLIENT_KTNAME' in os.environ and HAS_GSSAPI: ccache = "MEMORY:" + str(uuid.uuid4()) os.environ['KRB5CCNAME'] = ccache self.use_gssapi = True else: if not password: if 'KRB5CCNAME' in os.environ or 'KRB5_CLIENT_KTNAME' in os.environ: self.module.warn("In order to use GSSAPI, you need to install 'urllib_gssapi'") self._fail('login', 'Password is required if not using ' 'GSSAPI. To use GSSAPI, please set the ' 'KRB5_CLIENT_KTNAME or KRB5CCNAME (or both) ' ' environment variables.') url = '%s/session/login_password' % self.get_base_url() data = 'user=%s&password=%s' % (quote(username, safe=''), quote(password, safe='')) headers = {'referer': self.get_base_url(), 'Content-Type': 'application/x-www-form-urlencoded', 'Accept': 'text/plain'} try: resp, info = fetch_url(module=self.module, url=url, data=to_bytes(data), headers=headers, timeout=self.timeout) status_code = info['status'] if status_code not in [200, 201, 204]: self._fail('login', info['msg']) self.headers = {'Cookie': info.get('set-cookie')} except Exception as e: self._fail('login', to_native(e)) if not self.headers: self.headers = dict() self.headers.update({ 'referer': self.get_base_url(), 'Content-Type': 'application/json', 'Accept': 'application/json'})
def main(): module = AnsibleModule(argument_spec=dict( token=dict(type='str', required=True, no_log=True), chat_id=dict(type='str', required=True, no_log=True), msg_format=dict(type='str', required=False, default='plain', choices=['plain', 'markdown', 'html']), msg=dict(type='str', required=True)), supports_check_mode=True) token = quote(module.params.get('token')) chat_id = quote(module.params.get('chat_id')) msg_format = quote(module.params.get('msg_format')) msg = quote(module.params.get('msg')) url = 'https://api.telegram.org/bot' + token + \ '/sendMessage?text=' + msg + '&chat_id=' + chat_id if msg_format in ('markdown', 'html'): url += '&parse_mode=' + msg_format if module.check_mode: module.exit_json(changed=False) response, info = fetch_url(module, url) if info['status'] == 200: module.exit_json(changed=True) else: body = json.loads(info['body']) module.fail_json(msg="failed to send message, return status=%s" % str(info['status']), telegram_error=body['description'])
def main(): argspec = dict( id=dict(required=False, type="int"), name=dict(required=False, type="str"), owner=dict(required=False, type="str"), type=dict(required=False, choices=["EVENT", "FLOW", "COMMON", "USER"], type="str"), origin=dict(required=False, choices=["SYSTEM", "OVERRIDE", "USER"], type="str"), ) module = AnsibleModule(argument_spec=argspec, supports_check_mode=True) qradar_request = QRadarRequest(module, headers={ "Content-Type": "application/json", "Version": "9.1" }) # if module.params['name']: # # FIXME - QUERY HERE BY NAME NATIVELY VIA REST API (DOESN'T EXIST YET) # found_offense = qradar_request.get_by_path('api/analytics/rules?filter={0}'.format(module.params['name'])) if module.params["id"]: rules = qradar_request.get_by_path("api/analytics/rules/{0}".format( module.params["id"])) else: query_strs = [] if module.params["name"]: query_strs.append( quote('name="{0}"'.format(to_text(module.params["name"])))) if module.params["owner"]: query_strs.append(quote("owner={0}".format( module.params["owner"]))) if module.params["type"]: query_strs.append(quote("type={0}".format(module.params["type"]))) if module.params["origin"]: query_strs.append( quote("origin={0}".format(module.params["origin"]))) if query_strs: rules = qradar_request.get_by_path( "api/analytics/rules?filter={0}".format("&".join(query_strs))) else: rules = qradar_request.get_by_path("api/analytics/rules") module.exit_json(rules=rules, changed=False)
def get_devices(self, name=None, osversion=None, devicefamily=None, serialnumber=None, platform=None, managedstatus=None, connectionstatus=None, attribute_column_0=None, ip_address=None): ''' Querries Space API and returns list of any devices matching filter(s) or None ''' query_strs = [] self.space_request.headers = { "Accept": "application/vnd.net.juniper.space.device-management.devices+json;version=2" } if name: query_strs.append(quote("name eq '{0}'".format(to_text(name)))) if osversion: query_strs.append(quote("OSversion eq '{0}'".format(osversion))) if devicefamily: query_strs.append( quote("deviceFamily eq '{0}'".format(devicefamily))) if serialnumber: query_strs.append( quote("SerialNumber eq '{0}'".format(serialnumber))) if platform: query_strs.append(quote("platform eq '{0}'".format(platform))) if managedstatus: query_strs.append( quote("managedStatus eq '{0}'".format(managedstatus))) if connectionstatus: query_strs.append( quote("connectionStatus eq '{0}'".format(connectionstatus))) if attribute_column_0: query_strs.append( quote( "attribute-column-0 eq '{0}'".format(attribute_column_0))) if ip_address: query_strs.append(quote("ipAddr eq '{0}'".format(ip_address))) if query_strs: code, response = self.space_request.get_by_path( "/api/space/device-management/devices?filter=({0})".format( "%20and%20".join(query_strs))) return self._return_list(response['devices']) else: code, response = self.space_request.get_by_path( "/api/space/device-management/devices") return self._return_list(response['devices'])
def request(self, method, path, query=None, data=None, headers=None, bytes=None): # Make sure we only have one kind of payload if data is not None and bytes is not None: raise AssertionError( "Cannot have JSON and binary payload in a single request.") escaped_path = quote(path.strip("/")) if escaped_path: escaped_path = "/" + escaped_path url = "{0}{1}".format(self.host, escaped_path) if query: url = "{0}?{1}".format(url, urlencode(query)) headers = dict(headers or DEFAULT_HEADERS, **self.auth_header) if data is not None: data = json.dumps(data, separators=(",", ":")) headers["Content-type"] = "application/json" elif bytes is not None: data = bytes return self._request(method, url, data=data, headers=headers)
def get_folder(self, title): url = "/api/search?type=dash-folder&query={title}".format(title=quote(title)) response = self._send_request(url, headers=self.headers, method="GET") for item in response: if item.get("title") == to_text(title): return item return None
def create(self): """ :return: """ self.url = '{0}/{1}/e/{2}/{3}/{4}'.format(self.base_url, urllib_parse.quote(self.vhost), urllib_parse.quote(self.name), self.destination_type, urllib_parse.quote(self.destination)) self.api_result = self.request.post(self.url, auth=self.authentication, headers={"content-type": "application/json"}, data=json.dumps({ 'routing_key': self.routing_key, 'arguments': self.arguments }))
def create(self): """ :return: """ self.url = '{0}/{1}/e/{2}/{3}/{4}'.format( self.base_url, urllib_parse.quote(self.vhost, safe=''), urllib_parse.quote(self.name, safe=''), self.destination_type, urllib_parse.quote(self.destination, safe='')) self.api_result = self.request.post( self.url, auth=self.authentication, headers={"content-type": "application/json"}, data=json.dumps({ 'routing_key': self.routing_key, 'arguments': self.arguments }))
def get_executions_representation(self, config, realm='master'): """ Get a representation of the executions for an authentication flow. :param config: Representation of the authentication flow :param realm: Realm :return: Representation of the executions """ try: # Get executions created executions = json.load( open_url(URL_AUTHENTICATION_FLOW_EXECUTIONS.format( url=self.baseurl, realm=realm, flowalias=quote(config["alias"])), method='GET', headers=self.restheaders)) for execution in executions: if "authenticationConfig" in execution: execConfigId = execution["authenticationConfig"] execConfig = json.load( open_url(URL_AUTHENTICATION_CONFIG.format( url=self.baseurl, realm=realm, id=execConfigId), method='GET', headers=self.restheaders)) execution["authenticationConfig"] = execConfig return executions except Exception as e: self.module.fail_json( msg= 'Could not get executions for authentication flow %s in realm %s: %s' % (config["alias"], realm, str(e)))
def copy_auth_flow(self, config, realm='master'): """ Create a new authentication flow from a copy of another. :param config: Representation of the authentication flow to create. :param realm: Realm. :return: Representation of the new authentication flow. """ try: new_name = dict(newName=config["alias"]) open_url(URL_AUTHENTICATION_FLOW_COPY.format( url=self.baseurl, realm=realm, copyfrom=quote(config["copyFrom"])), method='POST', headers=self.restheaders, data=json.dumps(new_name)) flow_list = json.load( open_url(URL_AUTHENTICATION_FLOWS.format(url=self.baseurl, realm=realm), method='GET', headers=self.restheaders)) for flow in flow_list: if flow["alias"] == config["alias"]: return flow return None except Exception as e: self.module.fail_json( msg='Could not copy authentication flow %s in realm %s: %s' % (config["alias"], realm, str(e)))
def job_run(self): response, info = api_request(module=self.module, endpoint="job/%s/run" % quote(self.job_id), method="POST", data={ "loglevel": self.loglevel, "options": self.job_options, "runAtTime": self.run_at_time, "filter": self.filter_nodes }) if info["status"] != 200: self.module.fail_json(msg=info["msg"]) if not self.wait_execution: self.module.exit_json(msg="Job run send successfully!", execution_info=response) job_status = self.job_status_check(response["id"]) if job_status["timed_out"]: if self.abort_on_timeout: api_request(module=self.module, endpoint="execution/%s/abort" % response['id'], method="GET") abort_status = self.job_status_check(response["id"]) self.module.fail_json( msg="Job execution aborted due the timeout specified", execution_info=abort_status) self.module.fail_json(msg="Job execution timed out", execution_info=job_status)
def __init__(self, module): """ :param module: """ self.module = module self.name = self.module.params['name'] self.login_user = self.module.params['login_user'] self.login_password = self.module.params['login_password'] self.login_host = self.module.params['login_host'] self.login_port = self.module.params['login_port'] self.login_protocol = self.module.params['login_protocol'] self.vhost = self.module.params['vhost'] self.destination = self.module.params['destination'] self.destination_type = 'q' if self.module.params['destination_type'] == 'queue' else 'e' self.routing_key = self.module.params['routing_key'] self.arguments = self.module.params['arguments'] self.verify = self.module.params['ca_cert'] self.cert = self.module.params['client_cert'] self.key = self.module.params['client_key'] self.props = urllib_parse.quote(self.routing_key) if self.routing_key != '' else '~' self.base_url = '{0}://{1}:{2}/api/bindings'.format(self.login_protocol, self.login_host, self.login_port) self.url = '{0}/{1}/e/{2}/{3}/{4}/{5}'.format(self.base_url, urllib_parse.quote(self.vhost, safe=''), urllib_parse.quote(self.name, safe=''), self.destination_type, urllib_parse.quote(self.destination, safe=''), self.props) self.result = { 'changed': False, 'name': self.module.params['name'], } self.authentication = ( self.login_user, self.login_password ) self.request = requests self.http_check_states = { 200: True, 404: False, } self.http_actionable_states = { 201: True, 204: True, } self.api_result = self.request.get(self.url, auth=self.authentication)
def login(self, username, password): url = '%s/session/login_password' % self.get_base_url() data = 'user=%s&password=%s' % (quote(username, safe=''), quote(password, safe='')) headers = {'referer': self.get_base_url(), 'Content-Type': 'application/x-www-form-urlencoded', 'Accept': 'text/plain'} try: resp, info = fetch_url(module=self.module, url=url, data=to_bytes(data), headers=headers) status_code = info['status'] if status_code not in [200, 201, 204]: self._fail('login', info['msg']) self.headers = {'referer': self.get_base_url(), 'Content-Type': 'application/json', 'Accept': 'application/json', 'Cookie': resp.info().get('Set-Cookie')} except Exception as e: self._fail('login', to_native(e))
def encode_url(value): parts = split_url(value) username = quote(parts['username'] or '') password = quote(parts['password'] or '') if username and password: username = '******'.format(username, password) hostname = parts['hostname'] port = parts['port'] if hostname and port: hostname = '{}:{}'.format(hostname, port) if username and hostname: hostname = '{}@{}'.format(username, hostname) url = (parts['scheme'], hostname, parts['path'], parts['query'], parts['fragment']) return urlunsplit(url)
def resolve_group_name_to_id(module): group_name = module.params["group_name"] cyberark_session = module.params["cyberark_session"] api_base_url = cyberark_session["api_base_url"] validate_certs = cyberark_session["validate_certs"] headers = { "Content-Type": "application/json", "Authorization": cyberark_session["token"] } url = construct_url( api_base_url, "/PasswordVault/api/UserGroups?search={pgroupname}".format( pgroupname=quote(group_name))) try: response = open_url( url, method="GET", headers=headers, validate_certs=validate_certs, timeout=module.params['timeout'], ) groups = json.loads(response.read()) # Return None if the user does not exist group_id = None # Say we have two groups: 'groupone' and 'grouptwo', a search on group will return both # So we will lopp over and see if the groupname returned matches the groupsname we searched for # If so, and we somehow found more than one raise an error for group in groups['value']: if group['groupName'] == group_name: if group_id is None: group_id = group['id'] else: module.fail_json(msg=( "Found more than one group matching %s. Use vault_id instead" % (group_name))) # If we made it here we had 1 or 0 users, return them logging.debug("Resolved group_name %s to ID %s", group_name, group_id) return group_id except (HTTPError, httplib.HTTPException) as http_exception: module.fail_json( msg=( "Error while looking up group %s.\n*** end_point=%s\n ==> %s" % (group_name, url, to_text(http_exception))), payload={}, headers=headers, status_code=http_exception.code, ) except Exception as unknown_exception: module.fail_json( msg=( "Unknown error while looking up group %s.\n*** end_point=%s\n%s" % (group_name, url, to_text(unknown_exception))), payload={}, headers=headers, status_code=-1, )
def get_build_plan(self, bp_name): search_uri = '/rest/index/resources?filter="name=\'' + quote( bp_name) + '\'"&category=osdbuildplan' search_result = self.connection.get(search_uri) if search_result['count'] > 0 and search_result['members'][0][ 'name'] == bp_name: return search_result['members'][0] return None
def set_log_source_values(module, qradar_request): if module.params["type_name"]: log_source_type_found = qradar_request.get_by_path( "api/config/event_sources/log_source_management/log_source_types?filter={0}".format( quote('name="{0}"'.format(module.params["type_name"])) ) )[0] if module.params["type_id"]: log_source_type_found = qradar_request.get_by_path( "api/config/event_sources/log_source_management/log_source_types?filter={0}".format( quote('id="{0}"'.format(module.params["type_id"])) ) )[0] if log_source_type_found: if not module.params["type_id"]: module.params["type_id"] = log_source_type_found["id"] else: module.fail_json( msg="Incompatible type provided, please consult QRadar Documentation for Log Source Types" ) if module.params["protocol_type_id"]: found_dict_in_list, _fdil_index = find_dict_in_list( log_source_type_found["protocol_types"], "protocol_id", module.params["protocol_type_id"], ) if not found_dict_in_list: module.fail_json( msg="Incompatible protocol_type_id provided, please consult QRadar Documentation for Log Source Types" ) else: # Set it to the default as provided by the QRadar Instance module.params["protocol_type_id"] = log_source_type_found["protocol_types"][0][ "protocol_id" ] module.params["protocol_parameters"] = [ { "id": module.params["protocol_type_id"], "name": "identifier", "value": module.params["identifier"], } ]
def _svc_rest(self, method, headers, cmd, cmdopts, cmdargs): """ Run SVC command with token info added into header :param method: http method, POST or GET :type method: string :param headers: http headers :type headers: dict :param cmd: svc command to run :type cmd: string :param cmdopts: svc command options, name paramter and value :type cmdopts: dict :param cmdargs: svc command arguments, non-named paramaters :return: dict of command results :rtype: dict """ # Catch any output or errors and pass back to the caller to deal with. r = {'url': None, 'code': None, 'err': None, 'out': None, 'data': None} postfix = cmd if cmdargs: postfix = '/'.join([postfix] + [quote(str(a)) for a in cmdargs]) url = '/'.join([self.resturl] + [postfix]) r['url'] = url # Pass back in result for error handling self.log("_svc_rest: url=%s", url) payload = cmdopts if cmdopts else None data = self.module.jsonify(payload).encode('utf8') r['data'] = cmdopts # Original payload data has nicer formatting self.log("_svc_rest: payload=%s", payload) try: o = open_url(url, method=method, headers=headers, validate_certs=self.validate_certs, data=bytes(data)) except HTTPError as e: self.log('_svc_rest: httperror %s', str(e)) r['code'] = e.getcode() r['out'] = e.read() r['err'] = "HTTPError %s", str(e) return r except Exception as e: self.log('_svc_rest: exception : %s', str(e)) r['err'] = "Exception %s", str(e) return r try: j = json.load(o) except ValueError as e: self.log("_svc_rest: value error pass: %s", str(e)) # pass, will mean both data and error are None. return r r['out'] = j return r
def _construct_query_string(self, args=None, attrs=None, filter=None, action=None, count=False): query_dict = {} if args is None: args = {} if attrs is None: attrs = [] if filter is None: filter = {} # Construct args args_val = ','.join([ '%s:%s' % (k, quote(codecs.encode(str(args[k])), safe='')) for k in args ]) if args_val != '': args_val = 'args=%s' % args_val # Construct attrs attrs_val = ','.join(attrs) if attrs_val != '': attrs_val = 'attrs=%s' % attrs_val # Construct filters filter_val = ','.join(['%s:%s' % (k, filter[k]) for k in filter]) if filter_val != '': filter_val = 'filter=%s' % filter_val # Construct action action_val = '' if action is not None: action_val = 'action=%s' % action # Construct count count_val = '' if count: count_val = 'count=yes' # Construct the query string # Filter out empty string parameters val_list = [args_val, attrs_val, filter_val, action_val, count_val] query_params = '&'.join([v for v in val_list if v != '']) if query_params != '': query_params = '?%s' % query_params return query_params
def request(self, method, path, query=None, data=None): escaped_path = quote(path.rstrip("/")) url = "{0}/api/now/{1}".format(self.host, escaped_path) if query: url = "{0}?{1}".format(url, urlencode(query)) headers = dict(Accept="application/json", **self.auth_header) if data is not None: data = json.dumps(data, separators=(",", ":")) headers["Content-type"] = "application/json" return self._request(method, url, data=data, headers=headers)
def get_team(self, name): url = "/api/teams/search?name={team}".format(team=quote(name)) response = self._send_request(url, headers=self.headers, method="GET") if not response.get("totalCount") <= 1: raise AssertionError("Expected 1 team, got %d" % response["totalCount"]) if len(response.get("teams")) == 0: return None return response.get("teams")[0]
def urlencode(self, string): """ URL Encode a string :param: string: The string to URL encode :type string: str :returns: URL encode version of supplied string :rtype: str """ return quote(string, "<>%-_.!*'():?#/@&+,;=")
def append_ssl_certs(self): ssl_options = {} if self.cafile: ssl_options['cafile'] = self.cafile if self.certfile: ssl_options['certfile'] = self.certfile if self.keyfile: ssl_options['keyfile'] = self.keyfile self.url = self.url + '?ssl_options=' + urllib_parse.quote( json.dumps(ssl_options))
def get_addresses(self, name=None, ip_address=None): ''' Querries Space API and returns list of any addresses matching filter(s) or None ''' query_strs = [] self.space_request.headers = {"Accept": "application/json"} if name: query_strs.append(quote("name contains '{0}'".format(to_text(name)))) if ip_address: query_strs.append(quote("ip_address contains '{0}'".format(ip_address))) if query_strs: code, response = self.space_request.get_by_path( "/api/juniper/sd/address-management/v5/address?filter=({0})".format("%20and%20".join(query_strs)) ) return self._return_list(response['addresses']) else: code, response = self.space_request.get_by_path("/api/juniper/sd/address-management/v5/address") return self._return_list(response['addresses'])
def __init__(self, module): """ :param module: """ self.module = module self.name = self.module.params['name'] self.login_user = self.module.params['login_user'] self.login_password = self.module.params['login_password'] self.login_host = self.module.params['login_host'] self.login_port = self.module.params['login_port'] self.vhost = self.module.params['vhost'] self.destination = self.module.params['destination'] self.destination_type = 'q' if self.module.params['destination_type'] == 'queue' else 'e' self.routing_key = self.module.params['routing_key'] self.arguments = self.module.params['arguments'] self.base_url = 'http://{0}:{1}/api/bindings'.format(self.login_host, self.login_port) self.url = '{0}/{1}/e/{2}/{3}/{4}/{5}'.format(self.base_url, urllib_parse.quote(self.vhost), urllib_parse.quote(self.name), self.destination_type, self.destination, self.routing_key) self.result = { 'changed': False, 'name': self.module.params['name'], } self.authentication = ( self.login_user, self.login_password ) self.request = requests self.http_check_states = { 200: True, 404: False, } self.http_actionable_states = { 201: True, 204: True, } self.api_result = self.request.get(self.url, auth=self.authentication)
def vmware_path(datastore, datacenter, path): ''' Constructs a URL path that VSphere accepts reliably ''' path = '/folder/{path}'.format(path=quote(path.strip('/'))) # Due to a software bug in vSphere, it fails to handle ampersand in datacenter names # The solution is to do what vSphere does (when browsing) and double-encode ampersands, maybe others ? datacenter = datacenter.replace('&', '%26') if not path.startswith('/'): path = '/' + path params = dict(dsName=datastore) if datacenter: params['dcPath'] = datacenter return '{0}?{1}'.format(path, urlencode(params))
def vmware_path(datastore, datacenter, path): """ Constructs a URL path that VSphere accepts reliably """ path = "/folder/{path}".format(path=quote(path.strip("/"))) # Due to a software bug in vSphere, it fails to handle ampersand in datacenter names # The solution is to do what vSphere does (when browsing) and double-encode ampersands, maybe others ? datacenter = datacenter.replace("&", "%26") if not path.startswith("/"): path = "/" + path params = dict(dsName=datastore) if datacenter: params["dcPath"] = datacenter return "{0}?{1}".format(path, urlencode(params))
def set_log_source_values(module, qradar_request): if module.params['type_name']: log_source_type_found = qradar_request.get_by_path( 'api/config/event_sources/log_source_management/log_source_types?filter={0}'.format( quote('name="{0}"'.format(module.params['type_name'])) ) )[0] if module.params['type_id']: log_source_type_found = qradar_request.get_by_path( 'api/config/event_sources/log_source_management/log_source_types?filter={0}'.format( quote('id="{0}"'.format(module.params['type_id'])) ) )[0] if log_source_type_found: if not module.params['type_id']: module.params['type_id'] = log_source_type_found['id'] else: module.fail_json(msg="Incompatible type provided, please consult QRadar Documentation for Log Source Types") if module.params['protocol_type_id']: found_dict_in_list, _fdil_index = find_dict_in_list( log_source_type_found['protocol_types'], 'protocol_id', module.params['protocol_type_id'] ) if not found_dict_in_list: module.fail_json( msg="Incompatible protocol_type_id provided, please consult QRadar Documentation for Log Source Types" ) else: # Set it to the default as provided by the QRadar Instance module.params['protocol_type_id'] = log_source_type_found['protocol_types'][0]['protocol_id'] module.params['protocol_parameters'] = [ { 'id': module.params['protocol_type_id'], 'name': 'identifier', 'value': module.params['identifier'], }, ]
def vmware_path(datastore, datacenter, path): ''' Constructs a URL path that VSphere accepts reliably ''' path = "/folder/%s" % quote(path.lstrip("/")) # Due to a software bug in vSphere, it fails to handle ampersand in datacenter names # The solution is to do what vSphere does (when browsing) and double-encode ampersands, maybe others ? if not path.startswith("/"): path = "/" + path params = dict(dsName=datastore) if datacenter: datacenter = datacenter.replace('&', '%26') params["dcPath"] = datacenter params = urlencode(params) return "%s?%s" % (path, params)
def set_offense_values(module, qradar_request): if module.params['closing_reason']: found_closing_reason = qradar_request.get_by_path( 'api/siem/offense_closing_reasons?filter={0}'.format( quote('text="{0}"'.format(module.params['closing_reason'])))) if found_closing_reason: module.params['closing_reason_id'] = found_closing_reason[0]['id'] else: module.fail_json('Unable to find closing_reason text: {0}'.format( module.params['closing_reason'])) if module.params['status']: module.params['status'] = module.params['status'].upper()
def grafana_datasource_exists(module, grafana_url, name, headers): datasource_exists = False ds = {} r, info = fetch_url(module, '%s/api/datasources/name/%s' % (grafana_url, quote(name)), headers=headers, method='GET') if info['status'] == 200: datasource_exists = True ds = json.loads(to_text(r.read(), errors='surrogate_or_strict')) elif info['status'] == 404: datasource_exists = False else: raise GrafanaAPIException('Unable to get datasource %s : %s' % (name, info)) return datasource_exists, ds
def set_offense_values(module, qradar_request): if module.params["closing_reason"]: found_closing_reason = qradar_request.get_by_path( "api/siem/offense_closing_reasons?filter={0}".format( quote('text="{0}"'.format(module.params["closing_reason"])))) if found_closing_reason: module.params["closing_reason_id"] = found_closing_reason[0]["id"] else: module.fail_json("Unable to find closing_reason text: {0}".format( module.params["closing_reason"])) if module.params["status"]: module.params["status"] = module.params["status"].upper()
def main(): module = AnsibleModule( argument_spec=dict( state=dict(default='present', choices=['present', 'absent'], type='str'), name=dict(required=True, aliases=["src", "source"], type='str'), login_user=dict(default='guest', type='str'), login_password=dict(default='guest', type='str', no_log=True), login_host=dict(default='localhost', type='str'), login_port=dict(default='15672', type='str'), vhost=dict(default='/', type='str'), destination=dict(required=True, aliases=["dst", "dest"], type='str'), destination_type=dict(required=True, aliases=["type", "dest_type"], choices=["queue", "exchange"], type='str'), routing_key=dict(default='#', type='str'), arguments=dict(default=dict(), type='dict') ), supports_check_mode=True ) if not HAS_REQUESTS: module.fail_json(msg="requests library is required for this module. To install, use `pip install requests`") result = dict(changed=False, name=module.params['name']) if module.params['destination_type'] == "queue": dest_type = "q" else: dest_type = "e" if module.params['routing_key'] == "": props = "~" else: props = urllib_parse.quote(module.params['routing_key'], '') base_url = "http://%s:%s/api/bindings" % (module.params['login_host'], module.params['login_port']) url = "%s/%s/e/%s/%s/%s/%s" % (base_url, urllib_parse.quote(module.params['vhost'], ''), urllib_parse.quote(module.params['name'], ''), dest_type, urllib_parse.quote(module.params['destination'], ''), props ) # Check if exchange already exists r = requests.get(url, auth=(module.params['login_user'], module.params['login_password'])) if r.status_code == 200: binding_exists = True response = r.json() elif r.status_code == 404: binding_exists = False response = r.text else: module.fail_json( msg="Invalid response from RESTAPI when trying to check if exchange exists", details=r.text ) if module.params['state'] == 'present': change_required = not binding_exists else: change_required = binding_exists # Exit if check_mode if module.check_mode: result['changed'] = change_required result['details'] = response result['arguments'] = module.params['arguments'] module.exit_json(**result) # Do changes if change_required: if module.params['state'] == 'present': url = "%s/%s/e/%s/%s/%s" % ( base_url, urllib_parse.quote(module.params['vhost'], ''), urllib_parse.quote(module.params['name'], ''), dest_type, urllib_parse.quote(module.params['destination'], '') ) r = requests.post( url, auth=(module.params['login_user'], module.params['login_password']), headers={"content-type": "application/json"}, data=json.dumps({ "routing_key": module.params['routing_key'], "arguments": module.params['arguments'] }) ) elif module.params['state'] == 'absent': r = requests.delete(url, auth=(module.params['login_user'], module.params['login_password'])) if r.status_code == 204 or r.status_code == 201: result['changed'] = True result['destination'] = module.params['destination'] module.exit_json(**result) else: module.fail_json( msg="Error creating exchange", status=r.status_code, details=r.text ) else: result['changed'] = False module.exit_json(**result)
def main(): module = AnsibleModule( argument_spec=dict( state=dict(default='present', choices=['present', 'absent'], type='str'), name=dict(required=True, type='str'), login_user=dict(default='guest', type='str'), login_password=dict(default='guest', type='str', no_log=True), login_host=dict(default='localhost', type='str'), login_port=dict(default='15672', type='str'), vhost=dict(default='/', type='str'), durable=dict(default=True, type='bool'), auto_delete=dict(default=False, type='bool'), internal=dict(default=False, type='bool'), exchange_type=dict(default='direct', aliases=['type'], type='str'), arguments=dict(default=dict(), type='dict') ), supports_check_mode=True ) result = dict(changed=False, name=module.params['name']) url = "http://%s:%s/api/exchanges/%s/%s" % ( module.params['login_host'], module.params['login_port'], urllib_parse.quote(module.params['vhost'], ''), urllib_parse.quote(module.params['name'], '') ) if not HAS_REQUESTS: module.fail_json(msg="requests library is required for this module. To install, use `pip install requests`") # Check if exchange already exists r = requests.get(url, auth=(module.params['login_user'], module.params['login_password'])) if r.status_code == 200: exchange_exists = True response = r.json() elif r.status_code == 404: exchange_exists = False response = r.text else: module.fail_json( msg="Invalid response from RESTAPI when trying to check if exchange exists", details=r.text ) if module.params['state'] == 'present': change_required = not exchange_exists else: change_required = exchange_exists # Check if attributes change on existing exchange if not change_required and r.status_code == 200 and module.params['state'] == 'present': if not ( response['durable'] == module.params['durable'] and response['auto_delete'] == module.params['auto_delete'] and response['internal'] == module.params['internal'] and response['type'] == module.params['exchange_type'] ): module.fail_json( msg="RabbitMQ RESTAPI doesn't support attribute changes for existing exchanges" ) # Exit if check_mode if module.check_mode: result['changed'] = change_required result['details'] = response result['arguments'] = module.params['arguments'] module.exit_json(**result) # Do changes if change_required: if module.params['state'] == 'present': r = requests.put( url, auth=(module.params['login_user'], module.params['login_password']), headers={"content-type": "application/json"}, data=json.dumps({ "durable": module.params['durable'], "auto_delete": module.params['auto_delete'], "internal": module.params['internal'], "type": module.params['exchange_type'], "arguments": module.params['arguments'] }) ) elif module.params['state'] == 'absent': r = requests.delete(url, auth=(module.params['login_user'], module.params['login_password'])) # RabbitMQ 3.6.7 changed this response code from 204 to 201 if r.status_code == 204 or r.status_code == 201: result['changed'] = True module.exit_json(**result) else: module.fail_json( msg="Error creating exchange", status=r.status_code, details=r.text ) else: result['changed'] = False module.exit_json(**result)
def main(): module = AnsibleModule( argument_spec=dict( state=dict(default='present', choices=['present', 'absent'], type='str'), name=dict(required=True, type='str'), login_user=dict(default='guest', type='str'), login_password=dict(default='guest', type='str', no_log=True), login_host=dict(default='localhost', type='str'), login_port=dict(default='15672', type='str'), vhost=dict(default='/', type='str'), durable=dict(default=True, type='bool'), auto_delete=dict(default=False, type='bool'), message_ttl=dict(default=None, type='int'), auto_expires=dict(default=None, type='int'), max_length=dict(default=None, type='int'), dead_letter_exchange=dict(default=None, type='str'), dead_letter_routing_key=dict(default=None, type='str'), arguments=dict(default=dict(), type='dict'), max_priority=dict(default=None, type='int') ), supports_check_mode=True ) url = "http://%s:%s/api/queues/%s/%s" % ( module.params['login_host'], module.params['login_port'], urllib_parse.quote(module.params['vhost'], ''), module.params['name'] ) if not HAS_REQUESTS: module.fail_json(msg="requests library is required for this module. To install, use `pip install requests`") result = dict(changed=False, name=module.params['name']) # Check if queue already exists r = requests.get(url, auth=(module.params['login_user'], module.params['login_password'])) if r.status_code == 200: queue_exists = True response = r.json() elif r.status_code == 404: queue_exists = False response = r.text else: module.fail_json( msg="Invalid response from RESTAPI when trying to check if queue exists", details=r.text ) if module.params['state'] == 'present': change_required = not queue_exists else: change_required = queue_exists # Check if attributes change on existing queue if not change_required and r.status_code == 200 and module.params['state'] == 'present': if not ( response['durable'] == module.params['durable'] and response['auto_delete'] == module.params['auto_delete'] and ( ('x-message-ttl' in response['arguments'] and response['arguments']['x-message-ttl'] == module.params['message_ttl']) or ('x-message-ttl' not in response['arguments'] and module.params['message_ttl'] is None) ) and ( ('x-expires' in response['arguments'] and response['arguments']['x-expires'] == module.params['auto_expires']) or ('x-expires' not in response['arguments'] and module.params['auto_expires'] is None) ) and ( ('x-max-length' in response['arguments'] and response['arguments']['x-max-length'] == module.params['max_length']) or ('x-max-length' not in response['arguments'] and module.params['max_length'] is None) ) and ( ('x-dead-letter-exchange' in response['arguments'] and response['arguments']['x-dead-letter-exchange'] == module.params['dead_letter_exchange']) or ('x-dead-letter-exchange' not in response['arguments'] and module.params['dead_letter_exchange'] is None) ) and ( ('x-dead-letter-routing-key' in response['arguments'] and response['arguments']['x-dead-letter-routing-key'] == module.params['dead_letter_routing_key']) or ('x-dead-letter-routing-key' not in response['arguments'] and module.params['dead_letter_routing_key'] is None) ) and ( ('x-max-priority' in response['arguments'] and response['arguments']['x-max-priority'] == module.params['max_priority']) or ('x-max-priority' not in response['arguments'] and module.params['max_priority'] is None) ) ): module.fail_json( msg="RabbitMQ RESTAPI doesn't support attribute changes for existing queues", ) # Copy parameters to arguments as used by RabbitMQ for k, v in { 'message_ttl': 'x-message-ttl', 'auto_expires': 'x-expires', 'max_length': 'x-max-length', 'dead_letter_exchange': 'x-dead-letter-exchange', 'dead_letter_routing_key': 'x-dead-letter-routing-key', 'max_priority': 'x-max-priority' }.items(): if module.params[k] is not None: module.params['arguments'][v] = module.params[k] # Exit if check_mode if module.check_mode: result['changed'] = change_required result['details'] = response result['arguments'] = module.params['arguments'] module.exit_json(**result) # Do changes if change_required: if module.params['state'] == 'present': r = requests.put( url, auth=(module.params['login_user'], module.params['login_password']), headers={"content-type": "application/json"}, data=json.dumps({ "durable": module.params['durable'], "auto_delete": module.params['auto_delete'], "arguments": module.params['arguments'] }) ) elif module.params['state'] == 'absent': r = requests.delete(url, auth=(module.params['login_user'], module.params['login_password'])) # RabbitMQ 3.6.7 changed this response code from 204 to 201 if r.status_code == 204 or r.status_code == 201: result['changed'] = True module.exit_json(**result) else: module.fail_json( msg="Error creating queue", status=r.status_code, details=r.text ) else: result['changed'] = False module.exit_json(**result)