/
eval_group.go
133 lines (110 loc) · 4.02 KB
/
eval_group.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
package appsec
import (
"context"
"fmt"
"net/http"
)
type (
// The EvalGroup interface supports creating, modifying and retrieving attack groups for evaluation.
EvalGroup interface {
// GetEvalGroups retrieves all attack groups currently under evaluation.
//
// See: https://techdocs.akamai.com/application-security/reference/get-policy-eval-groups
GetEvalGroups(ctx context.Context, params GetAttackGroupsRequest) (*GetAttackGroupsResponse, error)
// GetEvalGroup retrieves a specific attack group currently under evaluation.
//
// See: https://techdocs.akamai.com/application-security/reference/get-policy-eval-group
GetEvalGroup(ctx context.Context, params GetAttackGroupRequest) (*GetAttackGroupResponse, error)
// UpdateEvalGroup supports updating the condition and exception information for an attack group under evaluation.
//
// See: https://techdocs.akamai.com/application-security/reference/put-eval-group
UpdateEvalGroup(ctx context.Context, params UpdateAttackGroupRequest) (*UpdateAttackGroupResponse, error)
}
)
func (p *appsec) GetEvalGroup(ctx context.Context, params GetAttackGroupRequest) (*GetAttackGroupResponse, error) {
logger := p.Log(ctx)
logger.Debug("GetEvalGroup")
if err := params.Validate(); err != nil {
return nil, fmt.Errorf("%w: %s", ErrStructValidation, err.Error())
}
uri := fmt.Sprintf(
"/appsec/v1/configs/%d/versions/%d/security-policies/%s/eval-groups/%s?includeConditionException=true",
params.ConfigID,
params.Version,
params.PolicyID,
params.Group)
req, err := http.NewRequestWithContext(ctx, http.MethodGet, uri, nil)
if err != nil {
return nil, fmt.Errorf("failed to create GetEvalGroup request: %w", err)
}
var result GetAttackGroupResponse
resp, err := p.Exec(req, &result)
if err != nil {
return nil, fmt.Errorf("get eval group request failed: %w", err)
}
if resp.StatusCode != http.StatusOK {
return nil, p.Error(resp)
}
return &result, nil
}
func (p *appsec) GetEvalGroups(ctx context.Context, params GetAttackGroupsRequest) (*GetAttackGroupsResponse, error) {
logger := p.Log(ctx)
logger.Debug("GetEvalGroups")
if err := params.Validate(); err != nil {
return nil, fmt.Errorf("%w: %s", ErrStructValidation, err.Error())
}
uri := fmt.Sprintf(
"/appsec/v1/configs/%d/versions/%d/security-policies/%s/eval-groups?includeConditionException=true",
params.ConfigID,
params.Version,
params.PolicyID)
req, err := http.NewRequestWithContext(ctx, http.MethodGet, uri, nil)
if err != nil {
return nil, fmt.Errorf("failed to create GetEvalGroups request: %w", err)
}
var result GetAttackGroupsResponse
resp, err := p.Exec(req, &result)
if err != nil {
return nil, fmt.Errorf("get eval groups request failed: %w", err)
}
if resp.StatusCode != http.StatusOK {
return nil, p.Error(resp)
}
if params.Group != "" {
var filteredResult GetAttackGroupsResponse
for k, val := range result.AttackGroups {
if val.Group == params.Group {
filteredResult.AttackGroups = append(filteredResult.AttackGroups, result.AttackGroups[k])
}
}
return &filteredResult, nil
}
return &result, nil
}
func (p *appsec) UpdateEvalGroup(ctx context.Context, params UpdateAttackGroupRequest) (*UpdateAttackGroupResponse, error) {
logger := p.Log(ctx)
logger.Debug("UpdateEvalGroup")
if err := params.Validate(); err != nil {
return nil, fmt.Errorf("%w: %s", ErrStructValidation, err.Error())
}
uri := fmt.Sprintf(
"/appsec/v1/configs/%d/versions/%d/security-policies/%s/eval-groups/%s/action-condition-exception",
params.ConfigID,
params.Version,
params.PolicyID,
params.Group,
)
req, err := http.NewRequestWithContext(ctx, http.MethodPut, uri, nil)
if err != nil {
return nil, fmt.Errorf("failed to create UpdateEvalGroup request: %w", err)
}
var result UpdateAttackGroupResponse
resp, err := p.Exec(req, &result, params)
if err != nil {
return nil, fmt.Errorf("update eval group request failed: %w", err)
}
if resp.StatusCode != http.StatusOK && resp.StatusCode != http.StatusCreated {
return nil, p.Error(resp)
}
return &result, nil
}