class TestDevices(unittest.TestCase):
def setUp(self):
self.helper = Secure_Track_Helper("127.0.0.1",
("username", "password"))
self.patcher = patch(
'pytos.common.rest_requests.requests.Session.send')
self.mock_get_uri = self.patcher.start()
self.mock_get_uri.return_value.status_code = 200
def tearDown(self):
self.patcher.stop()
def test_01_get_device(self):
self.mock_get_uri.return_value.content = fake_request_response(
"device_by_id")
device_by_id = self.helper.get_device_by_id(159)
self.assertIsInstance(device_by_id, Device)
def test_02_get_devices_list(self):
self.mock_get_uri.return_value.content = fake_request_response(
"device_list")
devices_list = self.helper.get_devices_list()
self.assertIsInstance(devices_list, Devices_List)
self.assertTrue(len(devices_list) == devices_list.count)
self.assertTrue(devices_list.count > 0)
def test_03_get_devices_list_with_custom_param(self):
self.mock_get_uri.return_value.content = fake_request_response(
"device_list")
devices_list = self.helper.get_devices_list(
custom_params={'vendor': 'cisco'})
self.assertIsInstance(devices_list, Devices_List)
self.assertEqual(len(devices_list), devices_list.count)
self.assertTrue(devices_list.count > 0)
def test_04_get_device_id_by_name(self):
self.mock_get_uri.return_value.content = fake_request_response(
"device_list")
device_id = self.helper.get_device_id_by_name(
device_name="Router 2801")
self.assertTrue(device_id, 155)
# assert invalid request - 2 devices with same name
with self.assertRaises(IndexError):
self.helper.get_device_id_by_name(device_name="ASA FireWall")
# assert invalid request - Non existing device
with self.assertRaises(ValueError):
self.helper.get_device_id_by_name(
device_name="NonExistingDeviceName")
def test_05_get_cleanups_for_device_by_id(self):
self.mock_get_uri.return_value.content = fake_request_response(
"cleanups_by_device_id")
cleanups = self.helper.get_cleanups_for_device_by_id(155)
self.assertIsInstance(cleanups, Generic_Cleanup_List)
self.assertTrue(len(cleanups) > 0)
def test_06_failed_to_get_cleanups_for_device_by_id(self):
self.mock_get_uri.return_value.status_code = 404
self.mock_get_uri.return_value.content = fake_request_response(
"no_found_error")
with self.assertRaises(ValueError):
self.helper.get_cleanups_for_device_by_id(5555)
def test_07_get_bindings_for_device(self):
self.mock_get_uri.return_value.content = fake_request_response(
"device_bindings")
binding = self.helper.get_bindings_for_device(155)
self.assertIsInstance(binding, Bindings_List)
self.assertTrue(len(binding) > 0)
def test_08_get_interfaces_for_device(self):
self.mock_get_uri.return_value.content = fake_request_response(
"device_interfaces")
interfaces = self.helper.get_interfaces_for_device(155)
self.assertIsInstance(interfaces, Interfaces_List)
self.assertTrue(len(interfaces) > 0)
def test_09_get_device_config(self):
self.assertEqual(self.helper.get_device_config_by_id(159), b'\x00')
def test_10_add_offline_device(self):
global added_offline_device_id
self.mock_get_uri.return_value.status_code = 201
self.mock_get_uri.return_value.headers = {'location': '1'}
added_offline_device_id = self.helper.add_offline_device(
"TEST_DEVICE_123", "Cisco", "router")
self.assertIsInstance(added_offline_device_id, int)
def main():
cli_args = get_cli_args()
device = cli_args.device or input('Enter device ID or name: ')
hostname = cli_args.hostname or input('Enter SecureTrack hostname or IP: ')
username = cli_args.username or input('Enter SecureTrack username: '******'Enter SecureTrack password: '******'.', end='')
sys.stdout.flush()
rules = {
cleanup.rule.uid: cleanup.rule.rule_text
for cleanup in st_helper.get_shadowed_rules_for_device_by_id(
device.id).shadowed_rules_cleanup.shadowed_rules
}
print('.', end='')
sys.stdout.flush()
shadowed_rules = st_helper.\
get_shadowing_rules_for_device_id_and_rule_uids(device.id,
[u for u in rules]).shadowed_rules_cleanup.shadowed_rules
print('.')
sys.stdout.flush()
print('Rules to remove for device: {}'.format(device.name))
shadowing_warning = {
cleanup.rule.uid: [
shadowing_rule.rule_text
for shadowing_rule in cleanup.shadowing_rules
]
for cleanup in shadowed_rules if any([
shadowing_rule.src_services
for shadowing_rule in cleanup.shadowing_rules
])
}
shadowed_warning = {
cleanup.rule.uid: [
shadowing_rule.rule_text
for shadowing_rule in cleanup.shadowing_rules
]
for cleanup in shadowed_rules if cleanup.rule.src_services
}
print('no {}'.format('\nno '.join([
rules[uid]
for uid in set(rules) - set(shadowed_warning) - set(shadowing_warning)
])))
print(
'***THE BELOW SHADOWING RULES CONTAIN SOURCE PORTS/SERVICES, MANUAL REVIEW IS STRONGLY RECOMMENDED***'
)
print('\n'.join([
'{}\n -> no {}'.format('\n'.join(shadowed_rules), rules[uid])
for uid, shadowed_rules in shadowing_warning.items()
]))
print(
'***THE BELOW SHADOWED RULES CONTAIN SOURCE PORTS/SERVICES, MANUAL REVIEW IS STRONGLY RECOMMENDED***'
)
print('\n'.join([
'{}\n -> no {}'.format('\n'.join(shadowed_rules), rules[uid])
for uid, shadowed_rules in shadowed_warning.items()
]))
