github.com/akamai/AkamaiOPEN-edgegrid-golang/v8@v8.1.0/pkg/appsec/security_policy_clone.go (about)

     1  package appsec
     2  
     3  import (
     4  	"context"
     5  	"fmt"
     6  	"net/http"
     7  
     8  	validation "github.com/go-ozzo/ozzo-validation/v4"
     9  )
    10  
    11  type (
    12  	// The SecurityPolicyClone interface supports cloning an existing security policy and retrieving
    13  	// existing security policies.
    14  	SecurityPolicyClone interface {
    15  		// GetSecurityPolicyClones returns a list of security policies available for the specified security configuration.
    16  		//
    17  		// See: https://techdocs.akamai.com/application-security/reference/get-policies
    18  		GetSecurityPolicyClones(ctx context.Context, params GetSecurityPolicyClonesRequest) (*GetSecurityPolicyClonesResponse, error)
    19  
    20  		// GetSecurityPolicyClone returns the specified security policy.
    21  		//
    22  		// See: https://techdocs.akamai.com/application-security/reference/get-policy
    23  		GetSecurityPolicyClone(ctx context.Context, params GetSecurityPolicyCloneRequest) (*GetSecurityPolicyCloneResponse, error)
    24  
    25  		// CreateSecurityPolicyClone Creates a new copy of an existing security policy or creates a new security policy from scratch
    26  		// when you don't specify a policy to clone in the request.
    27  		//
    28  		// See: https://techdocs.akamai.com/application-security/reference/post-policy
    29  		CreateSecurityPolicyClone(ctx context.Context, params CreateSecurityPolicyCloneRequest) (*CreateSecurityPolicyCloneResponse, error)
    30  	}
    31  
    32  	// GetSecurityPolicyClonesRequest is used to retrieve the available security policies.
    33  	GetSecurityPolicyClonesRequest struct {
    34  		ConfigID int `json:"configId"`
    35  		Version  int `json:"version"`
    36  	}
    37  
    38  	// GetSecurityPolicyClonesResponse is returned from a call to GetSecurityPolicyClones.
    39  	GetSecurityPolicyClonesResponse struct {
    40  		ConfigID int `json:"configId"`
    41  		Version  int `json:"version"`
    42  		Policies []struct {
    43  			PolicyID                string `json:"policyId"`
    44  			PolicyName              string `json:"policyName"`
    45  			HasRatePolicyWithAPIKey bool   `json:"hasRatePolicyWithApiKey"`
    46  			PolicySecurityControls  struct {
    47  				ApplyApplicationLayerControls bool `json:"applyApplicationLayerControls"`
    48  				ApplyNetworkLayerControls     bool `json:"applyNetworkLayerControls"`
    49  				ApplyRateControls             bool `json:"applyRateControls"`
    50  				ApplyReputationControls       bool `json:"applyReputationControls"`
    51  				ApplyBotmanControls           bool `json:"applyBotmanControls"`
    52  				ApplyAPIConstraints           bool `json:"applyApiConstraints"`
    53  				ApplySlowPostControls         bool `json:"applySlowPostControls"`
    54  			} `json:"policySecurityControls"`
    55  		} `json:"policies"`
    56  	}
    57  
    58  	// GetSecurityPolicyCloneRequest is used to retrieve a security policy.
    59  	GetSecurityPolicyCloneRequest struct {
    60  		ConfigID int    `json:"configId"`
    61  		Version  int    `json:"version"`
    62  		PolicyID string `json:"policyId"`
    63  	}
    64  
    65  	// GetSecurityPolicyCloneResponse is returned from a call to GetSecurityPolicyClone.
    66  	GetSecurityPolicyCloneResponse struct {
    67  		ConfigID               int    `json:"configId,omitempty"`
    68  		PolicyID               string `json:"policyId,omitempty"`
    69  		PolicyName             string `json:"policyName,omitempty"`
    70  		PolicySecurityControls struct {
    71  			ApplyAPIConstraints           bool `json:"applyApiConstraints,omitempty"`
    72  			ApplyApplicationLayerControls bool `json:"applyApplicationLayerControls,omitempty"`
    73  			ApplyBotmanControls           bool `json:"applyBotmanControls,omitempty"`
    74  			ApplyNetworkLayerControls     bool `json:"applyNetworkLayerControls,omitempty"`
    75  			ApplyRateControls             bool `json:"applyRateControls,omitempty"`
    76  			ApplyReputationControls       bool `json:"applyReputationControls,omitempty"`
    77  			ApplySlowPostControls         bool `json:"applySlowPostControls,omitempty"`
    78  		} `json:"policySecurityControls,omitempty"`
    79  		Version int `json:"version,omitempty"`
    80  	}
    81  
    82  	// CreateSecurityPolicyCloneRequest is used to clone a security policy.
    83  	CreateSecurityPolicyCloneRequest struct {
    84  		ConfigID                 int    `json:"configId"`
    85  		Version                  int    `json:"version"`
    86  		CreateFromSecurityPolicy string `json:"createFromSecurityPolicy"`
    87  		PolicyName               string `json:"policyName"`
    88  		PolicyPrefix             string `json:"policyPrefix"`
    89  	}
    90  
    91  	// CreateSecurityPolicyCloneResponse is returned from a call to CreateSecurityPolicyClone.
    92  	CreateSecurityPolicyCloneResponse struct {
    93  		HasRatePolicyWithAPIKey bool   `json:"hasRatePolicyWithApiKey"`
    94  		PolicyID                string `json:"policyId"`
    95  		PolicyName              string `json:"policyName"`
    96  		PolicySecurityControls  struct {
    97  			ApplyAPIConstraints           bool `json:"applyApiConstraints"`
    98  			ApplyApplicationLayerControls bool `json:"applyApplicationLayerControls"`
    99  			ApplyBotmanControls           bool `json:"applyBotmanControls"`
   100  			ApplyNetworkLayerControls     bool `json:"applyNetworkLayerControls"`
   101  			ApplyRateControls             bool `json:"applyRateControls"`
   102  			ApplyReputationControls       bool `json:"applyReputationControls"`
   103  			ApplySlowPostControls         bool `json:"applySlowPostControls"`
   104  		}
   105  	}
   106  
   107  	// SecurityPolicyCloneResponse is currently unused.
   108  	SecurityPolicyCloneResponse struct {
   109  		ConfigID int        `json:"configId"`
   110  		Policies []Policies `json:"policies"`
   111  		Version  int        `json:"version"`
   112  	}
   113  
   114  	// Policies is used as part of a description of available security policies.
   115  	Policies struct {
   116  		HasRatePolicyWithAPIKey bool   `json:"hasRatePolicyWithApiKey"`
   117  		PolicyID                string `json:"policyId"`
   118  		PolicyName              string `json:"policyName"`
   119  		PolicySecurityControls  struct {
   120  			ApplyAPIConstraints           bool `json:"applyApiConstraints"`
   121  			ApplyApplicationLayerControls bool `json:"applyApplicationLayerControls"`
   122  			ApplyBotmanControls           bool `json:"applyBotmanControls"`
   123  			ApplyNetworkLayerControls     bool `json:"applyNetworkLayerControls"`
   124  			ApplyRateControls             bool `json:"applyRateControls"`
   125  			ApplyReputationControls       bool `json:"applyReputationControls"`
   126  			ApplySlowPostControls         bool `json:"applySlowPostControls"`
   127  		}
   128  	}
   129  
   130  	// CreateSecurityPolicyClonePost is currently unused.
   131  	CreateSecurityPolicyClonePost struct {
   132  		CreateFromSecurityPolicy string `json:"createFromSecurityPolicy"`
   133  		PolicyName               string `json:"policyName"`
   134  		PolicyPrefix             string `json:"policyPrefix"`
   135  	}
   136  
   137  	// CreateSecurityPolicyClonePostResponse is currently unused.
   138  	CreateSecurityPolicyClonePostResponse struct {
   139  		ConfigID               int    `json:"configId"`
   140  		PolicyID               string `json:"policyId"`
   141  		PolicyName             string `json:"policyName"`
   142  		PolicySecurityControls struct {
   143  			ApplyAPIConstraints           bool `json:"applyApiConstraints"`
   144  			ApplyApplicationLayerControls bool `json:"applyApplicationLayerControls"`
   145  			ApplyBotmanControls           bool `json:"applyBotmanControls"`
   146  			ApplyNetworkLayerControls     bool `json:"applyNetworkLayerControls"`
   147  			ApplyRateControls             bool `json:"applyRateControls"`
   148  			ApplyReputationControls       bool `json:"applyReputationControls"`
   149  			ApplySlowPostControls         bool `json:"applySlowPostControls"`
   150  		} `json:"policySecurityControls"`
   151  		Version int `json:"version"`
   152  	}
   153  )
   154  
   155  // Validate validates a GetSecurityPolicyCloneRequest.
   156  func (v GetSecurityPolicyCloneRequest) Validate() error {
   157  	return validation.Errors{
   158  		"ConfigID": validation.Validate(v.ConfigID, validation.Required),
   159  		"Version":  validation.Validate(v.Version, validation.Required),
   160  	}.Filter()
   161  }
   162  
   163  // Validate validates a GetSecurityPolicyClonesRequest.
   164  func (v GetSecurityPolicyClonesRequest) Validate() error {
   165  	return validation.Errors{
   166  		"ConfigID": validation.Validate(v.ConfigID, validation.Required),
   167  		"Version":  validation.Validate(v.Version, validation.Required),
   168  	}.Filter()
   169  }
   170  
   171  // Validate validates a CreateSecurityPolicyCloneRequest.
   172  func (v CreateSecurityPolicyCloneRequest) Validate() error {
   173  	return validation.Errors{
   174  		"ConfigID": validation.Validate(v.ConfigID, validation.Required),
   175  		"Version":  validation.Validate(v.Version, validation.Required),
   176  	}.Filter()
   177  }
   178  
   179  func (p *appsec) GetSecurityPolicyClone(ctx context.Context, params GetSecurityPolicyCloneRequest) (*GetSecurityPolicyCloneResponse, error) {
   180  	logger := p.Log(ctx)
   181  	logger.Debug("GetSecurityPolicyClone")
   182  
   183  	if err := params.Validate(); err != nil {
   184  		return nil, fmt.Errorf("%w: %s", ErrStructValidation, err.Error())
   185  	}
   186  
   187  	uri := fmt.Sprintf(
   188  		"/appsec/v1/configs/%d/versions/%d/security-policies/%s",
   189  		params.ConfigID,
   190  		params.Version,
   191  		params.PolicyID)
   192  
   193  	req, err := http.NewRequestWithContext(ctx, http.MethodGet, uri, nil)
   194  	if err != nil {
   195  		return nil, fmt.Errorf("failed to create GetSecurityPolicyClone request: %w", err)
   196  	}
   197  
   198  	var results GetSecurityPolicyCloneResponse
   199  	resp, err := p.Exec(req, &results)
   200  	if err != nil {
   201  		return nil, fmt.Errorf("get security policy clone request failed: %w", err)
   202  	}
   203  	if resp.StatusCode != http.StatusOK {
   204  		return nil, p.Error(resp)
   205  	}
   206  
   207  	return &results, nil
   208  }
   209  
   210  func (p *appsec) GetSecurityPolicyClones(ctx context.Context, params GetSecurityPolicyClonesRequest) (*GetSecurityPolicyClonesResponse, error) {
   211  	logger := p.Log(ctx)
   212  	logger.Debug("GetSecurityPolicyClone")
   213  
   214  	if err := params.Validate(); err != nil {
   215  		return nil, fmt.Errorf("%w: %s", ErrStructValidation, err.Error())
   216  	}
   217  
   218  	uri := fmt.Sprintf(
   219  		"/appsec/v1/configs/%d/versions/%d/security-policies?detail=true&notMatched=false",
   220  		params.ConfigID,
   221  		params.Version)
   222  
   223  	req, err := http.NewRequestWithContext(ctx, http.MethodGet, uri, nil)
   224  	if err != nil {
   225  		return nil, fmt.Errorf("failed to create GetSecurityPolicyClones request: %w", err)
   226  	}
   227  
   228  	var result GetSecurityPolicyClonesResponse
   229  	resp, err := p.Exec(req, &result)
   230  	if err != nil {
   231  		return nil, fmt.Errorf("get security policy clones request failed: %w", err)
   232  	}
   233  	if resp.StatusCode != http.StatusOK {
   234  		return nil, p.Error(resp)
   235  	}
   236  
   237  	return &result, nil
   238  }
   239  
   240  func (p *appsec) CreateSecurityPolicyClone(ctx context.Context, params CreateSecurityPolicyCloneRequest) (*CreateSecurityPolicyCloneResponse, error) {
   241  	logger := p.Log(ctx)
   242  	logger.Debug("CreateSecurityPolicyClone")
   243  
   244  	if err := params.Validate(); err != nil {
   245  		return nil, fmt.Errorf("%w: %s", ErrStructValidation, err.Error())
   246  	}
   247  
   248  	uri := fmt.Sprintf(
   249  		"/appsec/v1/configs/%d/versions/%d/security-policies",
   250  		params.ConfigID,
   251  		params.Version)
   252  
   253  	req, err := http.NewRequestWithContext(ctx, http.MethodPost, uri, nil)
   254  	if err != nil {
   255  		return nil, fmt.Errorf("failed to create CreateSecurityPolicyClone request: %w", err)
   256  	}
   257  
   258  	var result CreateSecurityPolicyCloneResponse
   259  	resp, err := p.Exec(req, &result, params)
   260  	if err != nil {
   261  		return nil, fmt.Errorf("create security policy clone request failed: %w", err)
   262  	}
   263  	if resp.StatusCode != http.StatusOK && resp.StatusCode != http.StatusCreated {
   264  		return nil, p.Error(resp)
   265  	}
   266  
   267  	return &result, nil
   268  }