github.com/akamai/AkamaiOPEN-edgegrid-golang/v2@v2.17.0/pkg/appsec/rule_upgrade.go (about) 1 package appsec 2 3 import ( 4 "context" 5 "fmt" 6 "net/http" 7 8 validation "github.com/go-ozzo/ozzo-validation/v4" 9 ) 10 11 type ( 12 // The RuleUpgrade interface supports verifying changes in Kona rule sets, and upgrading to the 13 // latest rules. 14 // 15 // https://developer.akamai.com/api/cloud_security/application_security/v1.html#upgrade 16 RuleUpgrade interface { 17 // https://developer.akamai.com/api/cloud_security/application_security/v1.html#getupgradedetails 18 GetRuleUpgrade(ctx context.Context, params GetRuleUpgradeRequest) (*GetRuleUpgradeResponse, error) 19 20 // https://developer.akamai.com/api/cloud_security/application_security/v1.html#putrules 21 UpdateRuleUpgrade(ctx context.Context, params UpdateRuleUpgradeRequest) (*UpdateRuleUpgradeResponse, error) 22 } 23 24 // GetRuleUpgradeRequest is used to verify changes in the KRS rule sets. 25 GetRuleUpgradeRequest struct { 26 ConfigID int 27 Version int 28 PolicyID string 29 } 30 31 // GetRuleUpgradeResponse is returned from a call to GetRuleUpgrade. 32 GetRuleUpgradeResponse struct { 33 Current string `json:"current,omitempty"` 34 Evaluating string `json:"evaluating,omitempty"` 35 Latest string `json:"latest,omitempty"` 36 KRSToEvalUpdates *RulesetUpdateData `json:"KRSToEvalUpdates,omitempty"` 37 EvalToEvalUpdates *RulesetUpdateData `json:"EvalToEvalUpdates,omitempty"` 38 KRSToLatestUpdates *RulesetUpdateData `json:"KRSToLatestUpdates,omitempty"` 39 } 40 41 // RulesetUpdateData is used to report all updates to rules and attack groups in the ruleset. 42 RulesetUpdateData struct { 43 DeletedRules *RuleData `json:"deletedRules,omitempty"` 44 NewRules *RuleData `json:"newRules,omitempty"` 45 UpdatedRules *RuleData `json:"updatedRules,omitempty"` 46 DeletedAttackGroups *GroupData `json:"deletedAttackGroups,omitempty"` 47 UpdatedAttackGroups *GroupData `json:"updatedAttackGroups,omitempty"` 48 NewAttackGroups *GroupData `json:"newAttackGroups,omitempty"` 49 } 50 51 // RuleData contains updates to rules 52 RuleData []struct { 53 ID int `json:"id,omitempty"` 54 Title string `json:"title,omitempty"` 55 } 56 57 // GroupData contains updates to attack groups 58 GroupData []struct { 59 Group int `json:"group,omitempty"` 60 GroupName string `json:"groupName,omitempty"` 61 } 62 63 // UpdateRuleUpgradeRequest is used to upgrade to the most recent version of the KRS rule set. 64 UpdateRuleUpgradeRequest struct { 65 ConfigID int `json:"-"` 66 Version int `json:"-"` 67 PolicyID string `json:"-"` 68 Upgrade bool `json:"upgrade"` 69 Mode string `json:"mode,omitempty"` 70 } 71 72 // UpdateRuleUpgradeResponse is returned from a call to UpdateRuleUpgrade. 73 UpdateRuleUpgradeResponse struct { 74 Current string `json:"current"` 75 Mode string `json:"mode"` 76 Eval string `json:"eval"` 77 } 78 ) 79 80 // Validate validates a GetRuleUpgradeRequest. 81 func (v GetRuleUpgradeRequest) Validate() error { 82 return validation.Errors{ 83 "ConfigID": validation.Validate(v.ConfigID, validation.Required), 84 "Version": validation.Validate(v.Version, validation.Required), 85 "PolicyID": validation.Validate(v.PolicyID, validation.Required), 86 }.Filter() 87 } 88 89 // Validate validates an UpdateRuleUpgradeRequest. 90 func (v UpdateRuleUpgradeRequest) Validate() error { 91 return validation.Errors{ 92 "ConfigID": validation.Validate(v.ConfigID, validation.Required), 93 "Version": validation.Validate(v.Version, validation.Required), 94 "PolicyID": validation.Validate(v.PolicyID, validation.Required), 95 }.Filter() 96 } 97 98 func (p *appsec) GetRuleUpgrade(ctx context.Context, params GetRuleUpgradeRequest) (*GetRuleUpgradeResponse, error) { 99 logger := p.Log(ctx) 100 logger.Debug("GetRuleUpgrade") 101 102 if err := params.Validate(); err != nil { 103 return nil, fmt.Errorf("%w: %s", ErrStructValidation, err.Error()) 104 } 105 106 uri := fmt.Sprintf( 107 "/appsec/v1/configs/%d/versions/%d/security-policies/%s/rules/upgrade-details", 108 params.ConfigID, 109 params.Version, 110 params.PolicyID, 111 ) 112 113 req, err := http.NewRequestWithContext(ctx, http.MethodGet, uri, nil) 114 if err != nil { 115 return nil, fmt.Errorf("failed to create GetRuleUpgrade request: %w", err) 116 } 117 118 var result GetRuleUpgradeResponse 119 resp, err := p.Exec(req, &result) 120 if err != nil { 121 return nil, fmt.Errorf("get rule upgrade request failed: %w", err) 122 } 123 if resp.StatusCode != http.StatusOK { 124 return nil, p.Error(resp) 125 } 126 127 return &result, nil 128 } 129 130 func (p *appsec) UpdateRuleUpgrade(ctx context.Context, params UpdateRuleUpgradeRequest) (*UpdateRuleUpgradeResponse, error) { 131 logger := p.Log(ctx) 132 logger.Debug("UpdateRuleUpgrade") 133 134 if err := params.Validate(); err != nil { 135 return nil, fmt.Errorf("%w: %s", ErrStructValidation, err.Error()) 136 } 137 138 uri := fmt.Sprintf( 139 "/appsec/v1/configs/%d/versions/%d/security-policies/%s/rules", 140 params.ConfigID, 141 params.Version, 142 params.PolicyID, 143 ) 144 145 req, err := http.NewRequestWithContext(ctx, http.MethodPut, uri, nil) 146 if err != nil { 147 return nil, fmt.Errorf("failed to create UpdateRuleUpgrade request: %w", err) 148 } 149 150 var result UpdateRuleUpgradeResponse 151 resp, err := p.Exec(req, &result, params) 152 if err != nil { 153 return nil, fmt.Errorf("update rule upgrade request failed: %w", err) 154 } 155 if resp.StatusCode != http.StatusOK && resp.StatusCode != http.StatusCreated { 156 return nil, p.Error(resp) 157 } 158 159 return &result, nil 160 }