-
Notifications
You must be signed in to change notification settings - Fork 542
/
siteacl.go
480 lines (418 loc) · 15.5 KB
/
siteacl.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
// File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details.
package magic_transit
import (
"context"
"fmt"
"net/http"
"reflect"
"github.com/cloudflare/cloudflare-go/v2/internal/apijson"
"github.com/cloudflare/cloudflare-go/v2/internal/pagination"
"github.com/cloudflare/cloudflare-go/v2/internal/param"
"github.com/cloudflare/cloudflare-go/v2/internal/requestconfig"
"github.com/cloudflare/cloudflare-go/v2/option"
"github.com/cloudflare/cloudflare-go/v2/shared"
"github.com/tidwall/gjson"
)
// SiteACLService contains methods and other services that help with interacting
// with the cloudflare API. Note, unlike clients, this service does not read
// variables from the environment automatically. You should not instantiate this
// service directly, and instead use the [NewSiteACLService] method instead.
type SiteACLService struct {
Options []option.RequestOption
}
// NewSiteACLService generates a new service that applies the given options to each
// request. These options are applied after the parent client's options (if there
// is one), and before any request-specific options.
func NewSiteACLService(opts ...option.RequestOption) (r *SiteACLService) {
r = &SiteACLService{}
r.Options = opts
return
}
// Creates a new Site ACL.
func (r *SiteACLService) New(ctx context.Context, siteID string, params SiteACLNewParams, opts ...option.RequestOption) (res *ACL, err error) {
opts = append(r.Options[:], opts...)
var env SiteACLNewResponseEnvelope
path := fmt.Sprintf("accounts/%s/magic/sites/%s/acls", params.AccountID, siteID)
err = requestconfig.ExecuteNewRequest(ctx, http.MethodPost, path, params, &env, opts...)
if err != nil {
return
}
res = &env.Result
return
}
// Update a specific Site ACL.
func (r *SiteACLService) Update(ctx context.Context, siteID string, aclIdentifier string, params SiteACLUpdateParams, opts ...option.RequestOption) (res *ACL, err error) {
opts = append(r.Options[:], opts...)
var env SiteACLUpdateResponseEnvelope
path := fmt.Sprintf("accounts/%s/magic/sites/%s/acls/%s", params.AccountID, siteID, aclIdentifier)
err = requestconfig.ExecuteNewRequest(ctx, http.MethodPut, path, params, &env, opts...)
if err != nil {
return
}
res = &env.Result
return
}
// Lists Site ACLs associated with an account.
func (r *SiteACLService) List(ctx context.Context, siteID string, query SiteACLListParams, opts ...option.RequestOption) (res *pagination.SinglePage[ACL], err error) {
var raw *http.Response
opts = append(r.Options, opts...)
opts = append([]option.RequestOption{option.WithResponseInto(&raw)}, opts...)
path := fmt.Sprintf("accounts/%s/magic/sites/%s/acls", query.AccountID, siteID)
cfg, err := requestconfig.NewRequestConfig(ctx, http.MethodGet, path, nil, &res, opts...)
if err != nil {
return nil, err
}
err = cfg.Execute()
if err != nil {
return nil, err
}
res.SetPageConfig(cfg, raw)
return res, nil
}
// Lists Site ACLs associated with an account.
func (r *SiteACLService) ListAutoPaging(ctx context.Context, siteID string, query SiteACLListParams, opts ...option.RequestOption) *pagination.SinglePageAutoPager[ACL] {
return pagination.NewSinglePageAutoPager(r.List(ctx, siteID, query, opts...))
}
// Remove a specific Site ACL.
func (r *SiteACLService) Delete(ctx context.Context, siteID string, aclIdentifier string, body SiteACLDeleteParams, opts ...option.RequestOption) (res *ACL, err error) {
opts = append(r.Options[:], opts...)
var env SiteACLDeleteResponseEnvelope
path := fmt.Sprintf("accounts/%s/magic/sites/%s/acls/%s", body.AccountID, siteID, aclIdentifier)
err = requestconfig.ExecuteNewRequest(ctx, http.MethodDelete, path, nil, &env, opts...)
if err != nil {
return
}
res = &env.Result
return
}
// Get a specific Site ACL.
func (r *SiteACLService) Get(ctx context.Context, siteID string, aclIdentifier string, query SiteACLGetParams, opts ...option.RequestOption) (res *ACL, err error) {
opts = append(r.Options[:], opts...)
var env SiteACLGetResponseEnvelope
path := fmt.Sprintf("accounts/%s/magic/sites/%s/acls/%s", query.AccountID, siteID, aclIdentifier)
err = requestconfig.ExecuteNewRequest(ctx, http.MethodGet, path, nil, &env, opts...)
if err != nil {
return
}
res = &env.Result
return
}
// Bidirectional ACL policy for network traffic within a site.
type ACL struct {
// Identifier
ID string `json:"id"`
// Description for the ACL.
Description string `json:"description"`
// The desired forwarding action for this ACL policy. If set to "false", the policy
// will forward traffic to Cloudflare. If set to "true", the policy will forward
// traffic locally on the Magic WAN Connector. If not included in request, will
// default to false.
ForwardLocally bool `json:"forward_locally"`
LAN1 ACLConfiguration `json:"lan_1"`
LAN2 ACLConfiguration `json:"lan_2"`
// The name of the ACL.
Name string `json:"name"`
Protocols []AllowedProtocol `json:"protocols"`
JSON aclJSON `json:"-"`
}
// aclJSON contains the JSON metadata for the struct [ACL]
type aclJSON struct {
ID apijson.Field
Description apijson.Field
ForwardLocally apijson.Field
LAN1 apijson.Field
LAN2 apijson.Field
Name apijson.Field
Protocols apijson.Field
raw string
ExtraFields map[string]apijson.Field
}
func (r *ACL) UnmarshalJSON(data []byte) (err error) {
return apijson.UnmarshalRoot(data, r)
}
func (r aclJSON) RawJSON() string {
return r.raw
}
type ACLConfiguration struct {
// The identifier for the LAN you want to create an ACL policy with.
LANID string `json:"lan_id,required"`
// The name of the LAN based on the provided lan_id.
LANName string `json:"lan_name"`
// Array of ports on the provided LAN that will be included in the ACL. If no ports
// are provided, communication on any port on this LAN is allowed.
Ports []int64 `json:"ports"`
// Array of subnet IPs within the LAN that will be included in the ACL. If no
// subnets are provided, communication on any subnets on this LAN are allowed.
Subnets []SubnetUnion `json:"subnets"`
JSON aclConfigurationJSON `json:"-"`
}
// aclConfigurationJSON contains the JSON metadata for the struct
// [ACLConfiguration]
type aclConfigurationJSON struct {
LANID apijson.Field
LANName apijson.Field
Ports apijson.Field
Subnets apijson.Field
raw string
ExtraFields map[string]apijson.Field
}
func (r *ACLConfiguration) UnmarshalJSON(data []byte) (err error) {
return apijson.UnmarshalRoot(data, r)
}
func (r aclConfigurationJSON) RawJSON() string {
return r.raw
}
type ACLConfigurationParam struct {
// The identifier for the LAN you want to create an ACL policy with.
LANID param.Field[string] `json:"lan_id,required"`
// The name of the LAN based on the provided lan_id.
LANName param.Field[string] `json:"lan_name"`
// Array of ports on the provided LAN that will be included in the ACL. If no ports
// are provided, communication on any port on this LAN is allowed.
Ports param.Field[[]int64] `json:"ports"`
// Array of subnet IPs within the LAN that will be included in the ACL. If no
// subnets are provided, communication on any subnets on this LAN are allowed.
Subnets param.Field[[]SubnetUnionParam] `json:"subnets"`
}
func (r ACLConfigurationParam) MarshalJSON() (data []byte, err error) {
return apijson.MarshalRoot(r)
}
// Array of allowed communication protocols between configured LANs. If no
// protocols are provided, all protocols are allowed.
type AllowedProtocol string
const (
AllowedProtocolTCP AllowedProtocol = "tcp"
AllowedProtocolUdp AllowedProtocol = "udp"
AllowedProtocolIcmp AllowedProtocol = "icmp"
)
func (r AllowedProtocol) IsKnown() bool {
switch r {
case AllowedProtocolTCP, AllowedProtocolUdp, AllowedProtocolIcmp:
return true
}
return false
}
// A valid IPv4 address.
//
// Union satisfied by [shared.UnionString] or [shared.UnionString].
type SubnetUnion interface {
ImplementsMagicTransitSubnetUnion()
}
func init() {
apijson.RegisterUnion(
reflect.TypeOf((*SubnetUnion)(nil)).Elem(),
"",
apijson.UnionVariant{
TypeFilter: gjson.String,
Type: reflect.TypeOf(shared.UnionString("")),
},
apijson.UnionVariant{
TypeFilter: gjson.String,
Type: reflect.TypeOf(shared.UnionString("")),
},
)
}
// A valid IPv4 address.
//
// Satisfied by [shared.UnionString], [shared.UnionString].
type SubnetUnionParam interface {
ImplementsMagicTransitSubnetUnionParam()
}
type SiteACLNewParams struct {
// Identifier
AccountID param.Field[string] `path:"account_id,required"`
LAN1 param.Field[ACLConfigurationParam] `json:"lan_1,required"`
LAN2 param.Field[ACLConfigurationParam] `json:"lan_2,required"`
// The name of the ACL.
Name param.Field[string] `json:"name,required"`
// Description for the ACL.
Description param.Field[string] `json:"description"`
// The desired forwarding action for this ACL policy. If set to "false", the policy
// will forward traffic to Cloudflare. If set to "true", the policy will forward
// traffic locally on the Magic WAN Connector. If not included in request, will
// default to false.
ForwardLocally param.Field[bool] `json:"forward_locally"`
Protocols param.Field[[]AllowedProtocol] `json:"protocols"`
}
func (r SiteACLNewParams) MarshalJSON() (data []byte, err error) {
return apijson.MarshalRoot(r)
}
type SiteACLNewResponseEnvelope struct {
Errors []shared.ResponseInfo `json:"errors,required"`
Messages []shared.ResponseInfo `json:"messages,required"`
// Bidirectional ACL policy for network traffic within a site.
Result ACL `json:"result,required"`
// Whether the API call was successful
Success SiteACLNewResponseEnvelopeSuccess `json:"success,required"`
JSON siteACLNewResponseEnvelopeJSON `json:"-"`
}
// siteACLNewResponseEnvelopeJSON contains the JSON metadata for the struct
// [SiteACLNewResponseEnvelope]
type siteACLNewResponseEnvelopeJSON struct {
Errors apijson.Field
Messages apijson.Field
Result apijson.Field
Success apijson.Field
raw string
ExtraFields map[string]apijson.Field
}
func (r *SiteACLNewResponseEnvelope) UnmarshalJSON(data []byte) (err error) {
return apijson.UnmarshalRoot(data, r)
}
func (r siteACLNewResponseEnvelopeJSON) RawJSON() string {
return r.raw
}
// Whether the API call was successful
type SiteACLNewResponseEnvelopeSuccess bool
const (
SiteACLNewResponseEnvelopeSuccessTrue SiteACLNewResponseEnvelopeSuccess = true
)
func (r SiteACLNewResponseEnvelopeSuccess) IsKnown() bool {
switch r {
case SiteACLNewResponseEnvelopeSuccessTrue:
return true
}
return false
}
type SiteACLUpdateParams struct {
// Identifier
AccountID param.Field[string] `path:"account_id,required"`
// Description for the ACL.
Description param.Field[string] `json:"description"`
// The desired forwarding action for this ACL policy. If set to "false", the policy
// will forward traffic to Cloudflare. If set to "true", the policy will forward
// traffic locally on the Magic WAN Connector. If not included in request, will
// default to false.
ForwardLocally param.Field[bool] `json:"forward_locally"`
LAN1 param.Field[ACLConfigurationParam] `json:"lan_1"`
LAN2 param.Field[ACLConfigurationParam] `json:"lan_2"`
// The name of the ACL.
Name param.Field[string] `json:"name"`
Protocols param.Field[[]AllowedProtocol] `json:"protocols"`
}
func (r SiteACLUpdateParams) MarshalJSON() (data []byte, err error) {
return apijson.MarshalRoot(r)
}
type SiteACLUpdateResponseEnvelope struct {
Errors []shared.ResponseInfo `json:"errors,required"`
Messages []shared.ResponseInfo `json:"messages,required"`
// Bidirectional ACL policy for network traffic within a site.
Result ACL `json:"result,required"`
// Whether the API call was successful
Success SiteACLUpdateResponseEnvelopeSuccess `json:"success,required"`
JSON siteACLUpdateResponseEnvelopeJSON `json:"-"`
}
// siteACLUpdateResponseEnvelopeJSON contains the JSON metadata for the struct
// [SiteACLUpdateResponseEnvelope]
type siteACLUpdateResponseEnvelopeJSON struct {
Errors apijson.Field
Messages apijson.Field
Result apijson.Field
Success apijson.Field
raw string
ExtraFields map[string]apijson.Field
}
func (r *SiteACLUpdateResponseEnvelope) UnmarshalJSON(data []byte) (err error) {
return apijson.UnmarshalRoot(data, r)
}
func (r siteACLUpdateResponseEnvelopeJSON) RawJSON() string {
return r.raw
}
// Whether the API call was successful
type SiteACLUpdateResponseEnvelopeSuccess bool
const (
SiteACLUpdateResponseEnvelopeSuccessTrue SiteACLUpdateResponseEnvelopeSuccess = true
)
func (r SiteACLUpdateResponseEnvelopeSuccess) IsKnown() bool {
switch r {
case SiteACLUpdateResponseEnvelopeSuccessTrue:
return true
}
return false
}
type SiteACLListParams struct {
// Identifier
AccountID param.Field[string] `path:"account_id,required"`
}
type SiteACLDeleteParams struct {
// Identifier
AccountID param.Field[string] `path:"account_id,required"`
}
type SiteACLDeleteResponseEnvelope struct {
Errors []shared.ResponseInfo `json:"errors,required"`
Messages []shared.ResponseInfo `json:"messages,required"`
// Bidirectional ACL policy for network traffic within a site.
Result ACL `json:"result,required"`
// Whether the API call was successful
Success SiteACLDeleteResponseEnvelopeSuccess `json:"success,required"`
JSON siteACLDeleteResponseEnvelopeJSON `json:"-"`
}
// siteACLDeleteResponseEnvelopeJSON contains the JSON metadata for the struct
// [SiteACLDeleteResponseEnvelope]
type siteACLDeleteResponseEnvelopeJSON struct {
Errors apijson.Field
Messages apijson.Field
Result apijson.Field
Success apijson.Field
raw string
ExtraFields map[string]apijson.Field
}
func (r *SiteACLDeleteResponseEnvelope) UnmarshalJSON(data []byte) (err error) {
return apijson.UnmarshalRoot(data, r)
}
func (r siteACLDeleteResponseEnvelopeJSON) RawJSON() string {
return r.raw
}
// Whether the API call was successful
type SiteACLDeleteResponseEnvelopeSuccess bool
const (
SiteACLDeleteResponseEnvelopeSuccessTrue SiteACLDeleteResponseEnvelopeSuccess = true
)
func (r SiteACLDeleteResponseEnvelopeSuccess) IsKnown() bool {
switch r {
case SiteACLDeleteResponseEnvelopeSuccessTrue:
return true
}
return false
}
type SiteACLGetParams struct {
// Identifier
AccountID param.Field[string] `path:"account_id,required"`
}
type SiteACLGetResponseEnvelope struct {
Errors []shared.ResponseInfo `json:"errors,required"`
Messages []shared.ResponseInfo `json:"messages,required"`
// Bidirectional ACL policy for network traffic within a site.
Result ACL `json:"result,required"`
// Whether the API call was successful
Success SiteACLGetResponseEnvelopeSuccess `json:"success,required"`
JSON siteACLGetResponseEnvelopeJSON `json:"-"`
}
// siteACLGetResponseEnvelopeJSON contains the JSON metadata for the struct
// [SiteACLGetResponseEnvelope]
type siteACLGetResponseEnvelopeJSON struct {
Errors apijson.Field
Messages apijson.Field
Result apijson.Field
Success apijson.Field
raw string
ExtraFields map[string]apijson.Field
}
func (r *SiteACLGetResponseEnvelope) UnmarshalJSON(data []byte) (err error) {
return apijson.UnmarshalRoot(data, r)
}
func (r siteACLGetResponseEnvelopeJSON) RawJSON() string {
return r.raw
}
// Whether the API call was successful
type SiteACLGetResponseEnvelopeSuccess bool
const (
SiteACLGetResponseEnvelopeSuccessTrue SiteACLGetResponseEnvelopeSuccess = true
)
func (r SiteACLGetResponseEnvelopeSuccess) IsKnown() bool {
switch r {
case SiteACLGetResponseEnvelopeSuccessTrue:
return true
}
return false
}