github.com/akamai/AkamaiOPEN-edgegrid-golang/v8@v8.1.0/pkg/appsec/eval_rule.go (about) 1 package appsec 2 3 import ( 4 "context" 5 "encoding/json" 6 "fmt" 7 "net/http" 8 9 validation "github.com/go-ozzo/ozzo-validation/v4" 10 ) 11 12 type ( 13 // The EvalRule interface supports retrieving and modifying the rules available for 14 // evaluation and their actions, or the action of a specific rule. 15 EvalRule interface { 16 // GetEvalRules returns the rules available for evaluation and their actions. 17 // 18 // See: https://techdocs.akamai.com/application-security/reference/get-policy-eval-rules 19 GetEvalRules(ctx context.Context, params GetEvalRulesRequest) (*GetEvalRulesResponse, error) 20 21 // GetEvalRule returns the action for a specific rule you want to evaluate. 22 // 23 // See: https://techdocs.akamai.com/application-security/reference/get-policy-eval-rule 24 GetEvalRule(ctx context.Context, params GetEvalRuleRequest) (*GetEvalRuleResponse, error) 25 26 // UpdateEvalRule updates the action for a specific rule you want to evaluate. 27 // 28 // See: https://techdocs.akamai.com/application-security/reference/put-policy-eval-rule 29 UpdateEvalRule(ctx context.Context, params UpdateEvalRuleRequest) (*UpdateEvalRuleResponse, error) 30 } 31 32 // GetEvalRulesRequest is used to retrieve the rules available for evaluation and their actions. 33 GetEvalRulesRequest struct { 34 ConfigID int `json:"-"` 35 Version int `json:"-"` 36 PolicyID string `json:"-"` 37 RuleID int `json:"-"` 38 } 39 40 // GetEvalRulesResponse is returned from a call to GetEvalRules. 41 GetEvalRulesResponse struct { 42 Rules []struct { 43 ID int `json:"id,omitempty"` 44 Action string `json:"action,omitempty"` 45 ConditionException *RuleConditionException `json:"conditionException,omitempty"` 46 } `json:"evalRuleActions,omitempty"` 47 } 48 49 // GetEvalRuleRequest is used to retrieve a rule available for evaluation and its action. 50 GetEvalRuleRequest struct { 51 ConfigID int `json:"-"` 52 Version int `json:"-"` 53 PolicyID string `json:"-"` 54 RuleID int `json:"ruleId"` 55 } 56 57 // GetEvalRuleResponse is returned from a call to GetEvalRule. 58 GetEvalRuleResponse struct { 59 Action string `json:"action,omitempty"` 60 ConditionException *RuleConditionException `json:"conditionException,omitempty"` 61 } 62 63 // UpdateEvalRuleRequest is used to modify a rule available for evaluation and its action. 64 UpdateEvalRuleRequest struct { 65 ConfigID int `json:"-"` 66 Version int `json:"-"` 67 PolicyID string `json:"-"` 68 RuleID int `json:"-"` 69 Action string `json:"action"` 70 JsonPayloadRaw json.RawMessage `json:"conditionException,omitempty"` 71 } 72 73 // UpdateEvalRuleResponse is returned from a call to UpdateEvalRule. 74 UpdateEvalRuleResponse struct { 75 Action string `json:"action,omitempty"` 76 ConditionException *RuleConditionException `json:"conditionException,omitempty"` 77 } 78 ) 79 80 // IsEmptyConditionException checks whether the ConditionException field is empty. 81 func (r *GetEvalRuleResponse) IsEmptyConditionException() bool { 82 return r.ConditionException == nil 83 } 84 85 // Validate validates a GetEvalRuleRequest. 86 func (v GetEvalRuleRequest) Validate() error { 87 return validation.Errors{ 88 "ConfigID": validation.Validate(v.ConfigID, validation.Required), 89 "Version": validation.Validate(v.Version, validation.Required), 90 "PolicyID": validation.Validate(v.PolicyID, validation.Required), 91 "RuleID": validation.Validate(v.RuleID, validation.Required), 92 }.Filter() 93 } 94 95 // Validate validates a GetEvalRulesRequest. 96 func (v GetEvalRulesRequest) Validate() error { 97 return validation.Errors{ 98 "ConfigID": validation.Validate(v.ConfigID, validation.Required), 99 "Version": validation.Validate(v.Version, validation.Required), 100 "PolicyID": validation.Validate(v.PolicyID, validation.Required), 101 }.Filter() 102 } 103 104 // Validate validates an UpdateEvalRuleRequest. 105 func (v UpdateEvalRuleRequest) Validate() error { 106 return validation.Errors{ 107 "ConfigID": validation.Validate(v.ConfigID, validation.Required), 108 "Version": validation.Validate(v.Version, validation.Required), 109 "PolicyID": validation.Validate(v.PolicyID, validation.Required), 110 "RuleID": validation.Validate(v.RuleID, validation.Required), 111 }.Filter() 112 } 113 114 func (p *appsec) GetEvalRule(ctx context.Context, params GetEvalRuleRequest) (*GetEvalRuleResponse, error) { 115 logger := p.Log(ctx) 116 logger.Debug("GetEvalRule") 117 118 if err := params.Validate(); err != nil { 119 return nil, fmt.Errorf("%w: %s", ErrStructValidation, err.Error()) 120 } 121 122 uri := fmt.Sprintf( 123 "/appsec/v1/configs/%d/versions/%d/security-policies/%s/eval-rules/%d?includeConditionException=true", 124 params.ConfigID, 125 params.Version, 126 params.PolicyID, 127 params.RuleID) 128 129 req, err := http.NewRequestWithContext(ctx, http.MethodGet, uri, nil) 130 if err != nil { 131 return nil, fmt.Errorf("failed to create GetEvalRule request: %w", err) 132 } 133 134 var result GetEvalRuleResponse 135 resp, err := p.Exec(req, &result) 136 if err != nil { 137 return nil, fmt.Errorf("get eval rule request failed: %w", err) 138 } 139 if resp.StatusCode != http.StatusOK { 140 return nil, p.Error(resp) 141 } 142 143 return &result, nil 144 } 145 146 func (p *appsec) GetEvalRules(ctx context.Context, params GetEvalRulesRequest) (*GetEvalRulesResponse, error) { 147 logger := p.Log(ctx) 148 logger.Debug("GetEvalRules") 149 150 if err := params.Validate(); err != nil { 151 return nil, fmt.Errorf("%w: %s", ErrStructValidation, err.Error()) 152 } 153 154 uri := fmt.Sprintf( 155 "/appsec/v1/configs/%d/versions/%d/security-policies/%s/eval-rules?includeConditionException=true", 156 params.ConfigID, 157 params.Version, 158 params.PolicyID) 159 160 req, err := http.NewRequestWithContext(ctx, http.MethodGet, uri, nil) 161 if err != nil { 162 return nil, fmt.Errorf("failed to create GetEvalRules request: %w", err) 163 } 164 165 var result GetEvalRulesResponse 166 resp, err := p.Exec(req, &result) 167 if err != nil { 168 return nil, fmt.Errorf("get eval rules request failed: %w", err) 169 } 170 if resp.StatusCode != http.StatusOK { 171 return nil, p.Error(resp) 172 } 173 174 if params.RuleID != 0 { 175 var filteredResult GetEvalRulesResponse 176 for _, val := range result.Rules { 177 if val.ID == params.RuleID { 178 filteredResult.Rules = append(filteredResult.Rules, val) 179 } 180 } 181 return &filteredResult, nil 182 } 183 184 return &result, nil 185 } 186 187 func (p *appsec) UpdateEvalRule(ctx context.Context, params UpdateEvalRuleRequest) (*UpdateEvalRuleResponse, error) { 188 logger := p.Log(ctx) 189 logger.Debug("UpdateEvalRule") 190 191 if err := params.Validate(); err != nil { 192 return nil, fmt.Errorf("%w: %s", ErrStructValidation, err.Error()) 193 } 194 195 uri := fmt.Sprintf( 196 "/appsec/v1/configs/%d/versions/%d/security-policies/%s/eval-rules/%d/action-condition-exception", 197 params.ConfigID, 198 params.Version, 199 params.PolicyID, 200 params.RuleID, 201 ) 202 203 req, err := http.NewRequestWithContext(ctx, http.MethodPut, uri, nil) 204 if err != nil { 205 return nil, fmt.Errorf("failed to create UpdateEvalRule request: %w", err) 206 } 207 208 var result UpdateEvalRuleResponse 209 req.Header.Set("Content-Type", "application/json") 210 resp, err := p.Exec(req, &result, params) 211 if err != nil { 212 return nil, fmt.Errorf("update eval rule request failed: %w", err) 213 } 214 if resp.StatusCode != http.StatusOK && resp.StatusCode != http.StatusCreated { 215 return nil, p.Error(resp) 216 } 217 218 return &result, nil 219 }