cloudflare_client_rb 4.0.0

data/lib/cloudflare_client/zone/firewall/waf_package/base.rb

@@ -0,0 +1,9 @@
+class CloudflareClient::Zone::Firewall::WAFPackage::Base < CloudflareClient::Zone::Firewall::WAFPackage
+  attr_reader :package_id
+
+  def initialize(args)
+    @package_id = args.delete(:package_id)
+    id_check('package_id', package_id)
+    super
+  end
+end

data/lib/cloudflare_client/zone/firewall/waf_package/rule.rb

@@ -0,0 +1,46 @@
+class CloudflareClient::Zone::Firewall::WAFPackage::Rule < CloudflareClient::Zone::Firewall::WAFPackage::Base
+  VALID_ORDERS = %w[priority group_id description].freeze
+  VALID_MODES  = %w[default disable simulate block challenge on off].freeze
+
+  ##
+  # waf_rules
+
+  ##
+  # list waf rules
+  def list(mode: {}, priority: nil, match: 'all', order: 'priority', page: 1, per_page: 50, group_id: nil, description: nil, direction: 'desc')
+    #FIXME: mode isn't documented in api, ask CF
+    #FIXME: priority is read only?, ask CF
+    params = {page: page, per_page: per_page}
+
+    valid_value_check(:match, match, VALID_MATCHES)
+    params[:match] = match
+
+    valid_value_check(:order, order, VALID_ORDERS)
+    params[:order] = order
+
+    valid_value_check(:direction, direction, VALID_DIRECTIONS)
+    params[:direction] = direction
+
+    params[:group_id] unless group_id.nil?
+    params[:description] unless description.nil?
+
+    cf_get(path: "/zones/#{zone_id}/waf/packages/#{package_id}/rules", params: params)
+  end
+
+  ##
+  # get a single waf rule
+  def show(id:)
+    id_check('id', id)
+
+    cf_get(path: "/zones/#{zone_id}/firewall/waf/packages/#{package_id}/rules/#{id}")
+  end
+
+  ##
+  # update a waf rule
+  def update(id:, mode: 'on')
+    id_check('id', id)
+    valid_value_check(:mode, mode, VALID_MODES)
+
+    cf_patch(path: "/zones/#{zone_id}/firewall/waf/packages/#{package_id}/rules/#{id}", data: {mode: mode})
+  end
+end

data/lib/cloudflare_client/zone/firewall/waf_package/rule_group.rb

@@ -0,0 +1,42 @@
+class CloudflareClient::Zone::Firewall::WAFPackage::RuleGroup < CloudflareClient::Zone::Firewall::WAFPackage::Base
+  VALID_MODES = %w[on off]
+  VALID_ORDERS = %w[mode rules_count]
+
+  ##
+  # waf_rule_groups
+  def list(name: nil, mode: 'on', rules_count: 0, page: 1, per_page: 50, order: 'mode', direction: 'desc', match: 'all')
+    params = {page: page, per_page: per_page}
+
+    valid_value_check(:mode, mode, VALID_MODES)
+    params[:mode] = mode
+
+    #FIXME: rules_count doesn't make any sense, ask CF
+    valid_value_check(:order, order, VALID_ORDERS)
+    params[:order] = order
+
+    valid_value_check(:direction, direction, VALID_DIRECTIONS)
+    params[:direction] = direction
+
+    valid_value_check(:match, match, VALID_MATCHES)
+    params[:match] = match
+
+    cf_get(path: "/zones/#{zone_id}/firewall/waf/packages/#{package_id}/groups", params: params)
+  end
+
+  ##
+  # details of a waf rule group
+  def show(id:)
+    id_check('id', id)
+
+    cf_get(path: "/zones/#{zone_id}/firewall/waf/packages/#{package_id}/groups/#{id}")
+  end
+
+  ##
+  # updates a waf rule group
+  def update(id:, mode: 'on')
+    id_check('id', id)
+    valid_value_check(:mode, mode, VALID_MODES)
+
+    cf_patch(path: "/zones/#{zone_id}/firewall/waf/packages/#{package_id}/groups/#{id}", data: {mode: mode})
+  end
+end

data/lib/cloudflare_client/zone/keyless_ssl.rb

@@ -0,0 +1,56 @@
+class CloudflareClient::Zone::KeylessSSL < CloudflareClient::Zone::Base
+  ##
+  # keyless_ssl
+
+  ##
+  # create a keyless ssl config
+  def create(host:, port:, certificate:, name: nil, bundle_method: 'ubiquitous')
+    raise 'host required' if host.nil?
+    raise 'certificate required' if certificate.nil?
+    bundle_method_check(bundle_method)
+
+    data        = {host: host, port: port, certificate: certificate, bundle_method: bundle_method}
+    data[:name] = name ? name : "#{host} Keyless SSL"
+
+    cf_post(path: "/zones/#{zone_id}/keyless_certificates", data: data)
+  end
+
+  ##
+  # list all the keyless ssl configs
+  def list
+    cf_get(path: "/zones/#{zone_id}/keyless_certificates")
+  end
+
+  ##
+  # details of a keyless_ssl_config
+  def show(id:)
+    id_check('id', id)
+
+    cf_get(path: "/zones/#{zone_id}/keyless_certificates/#{id}")
+  end
+
+  ##
+  # updates a keyless ssl config
+  def update(id:, host: nil, name: nil, port: nil, enabled: nil)
+    id_check('id', id)
+    unless enabled.nil?
+      raise 'enabled must be true||false' unless enabled == true || enabled == false
+    end
+
+    data           = {}
+    data[:host]    = host unless host.nil?
+    data[:name]    = name ? name : "#{host} Keyless SSL"
+    data[:port]    = port unless port.nil?
+    data[:enabled] = enabled unless enabled.nil?
+
+    cf_patch(path: "/zones/#{zone_id}/keyless_certificates/#{id}", data: data)
+  end
+
+  ##
+  # delete a custom_ssl_config
+  def delete(id:)
+    id_check('id', id)
+
+    cf_delete(path: "/zones/#{zone_id}/keyless_certificates/#{id}")
+  end
+end

data/lib/cloudflare_client/zone/log.rb

@@ -0,0 +1,51 @@
+class CloudflareClient::Zone::Log < CloudflareClient::Zone::Base
+  ##
+  # Logs. This isn't part of the documented api, but is needed functionality
+
+  #FIXME: make sure this covers all the logging cases
+
+  ##
+  # get logs using only timestamps
+  def list_by_time(start_time:, end_time: nil, count: nil)
+    id_check(:start_time, start_time)
+    timestamp_check(:start_time, start_time)
+
+    params = {start: start_time}
+
+    unless end_time.nil?
+      timestamp_check(:end_time, end_time)
+      params[:end] = end_time
+    end
+
+    params[:count] = count unless count.nil?
+
+    cf_get(path: "/zones/#{zone_id}/logs/requests", params: params, extra_headers: {'Accept-encoding': 'gzip'})
+  end
+
+  ##
+  # get a single log entry by it's ray_id
+  def show(ray_id:)
+    id_check(:ray_id, ray_id)
+
+    cf_get(path: "/zones/#{zone_id}/logs/requests/#{ray_id}")
+  end
+
+  ##
+  # get all logs after a given ray_id.  end_time must be a valid unix timestamp
+  def list_since(ray_id:, end_time: nil, count: nil)
+    params = {start_id: ray_id}
+
+    unless end_time.nil?
+      timestamp_check(:end_time, end_time)
+      params[:end] = end_time
+    end
+
+    params[:count] = count unless count.nil?
+
+    cf_get(
+      path: "/zones/#{zone_id}/logs/requests/#{ray_id}",
+      params: params,
+      extra_headers: {'Accept-encoding': 'gzip'}
+    )
+  end
+end

data/lib/cloudflare_client/zone/page_rule.rb

@@ -0,0 +1,64 @@
+class CloudflareClient::Zone::PageRule < CloudflareClient::Zone::Base
+  VALID_STATUSES = %w[active disabled].freeze
+  VALID_ORDERS   = %w[status priority].freeze
+  DOC_URL        = 'https://api.cloudflare.com/#page-rules-for-a-zone-create-a-page-rule'.freeze
+
+  ##
+  # page_rules_for_a_zone
+
+  ##
+  # create zone_page_rule
+  def create(targets:, actions:, priority: 1, status: 'disabled')
+    raise "targets must be an array of targets #{DOC_URL}" if !targets.is_a?(Array) || targets.empty?
+    raise "actions must be an array of actions #{DOC_URL}" if !actions.is_a?(Array) || actions.empty?
+    valid_value_check(:status, status, VALID_STATUSES)
+
+    data = {targets: targets, actions: actions, priority: priority, status: status}
+
+    cf_post(path: "/zones/#{zone_id}/pagerules", data: data)
+  end
+
+  ##
+  # list all the page rules for a zone
+  def list(status: 'disabled', order: 'priority', direction: 'desc', match: 'all')
+    valid_value_check(:status, status, VALID_STATUSES)
+    valid_value_check(:order, order, VALID_ORDERS)
+    valid_value_check(:direction, direction, VALID_DIRECTIONS)
+    valid_value_check(:match, match, VALID_MATCHES)
+
+    params = {status: status, order: order, direction: direction, match: match}
+
+    cf_get(path: "/zones/#{zone_id}/pagerules", params: params)
+  end
+
+  ##
+  # page rule details
+  def show(id:)
+    id_check('id', id)
+
+    cf_get(path: "/zones/#{zone_id}/pagerules/#{id}")
+  end
+
+  #TODO: do we need upate, looks the same as change
+
+  ##
+  # update a page rule
+  def update(id:, targets: [], actions: [], priority: 1, status: 'disabled')
+    id_check('id', id)
+    raise "targets must be an array of targets #{DOC_URL}" if !targets.is_a?(Array) || targets.empty?
+    raise "actions must be an array of actions #{DOC_URL}" if !actions.is_a?(Array) || actions.empty?
+    valid_value_check(:status, status, VALID_STATUSES)
+
+    data = {targets: targets, actions: actions, priority: priority, status: status}
+
+    cf_patch(path: "/zones/#{zone_id}/pagerules/#{id}", data: data)
+  end
+
+  ##
+  # delete a zone page rule
+  def delete(id:)
+    id_check('id', id)
+
+    cf_delete(path: "/zones/#{zone_id}/pagerules/#{id}")
+  end
+end

data/lib/cloudflare_client/zone/railgun_connections.rb

@@ -0,0 +1,43 @@
+class CloudflareClient::Zone::RailgunConnections < CloudflareClient::Zone::Base
+  ##
+  # Railgun connections
+
+  ##
+  # available railguns
+  def list
+    cf_get(path: "/zones/#{zone_id}/railguns")
+  end
+
+  ##
+  # details of a single railgun
+  def show(id:)
+    raise 'railgun id required' if id.nil?
+    cf_get(path: "/zones/#{zone_id}/railguns/#{id}")
+  end
+
+  ##
+  # test a railgun connection
+  def test(id:)
+    raise 'railgun id required' if id.nil?
+    cf_get(path: "/zones/#{zone_id}/railguns/#{id}/diagnose")
+  end
+
+  ##
+  # connect a railgun
+  def connect(id:)
+    update_connection(id: id, connected: true)
+  end
+
+  ##
+  # disconnect a railgun
+  def disconnect(id:)
+    update_connection(id: id, connected: false)
+  end
+
+  private
+
+  def update_connection(id:, connected:)
+    raise 'railgun id required' if id.nil?
+    cf_patch(path: "/zones/#{zone_id}/railguns/#{id}", data: {connected: connected})
+  end
+end

data/lib/cloudflare_client/zone/rate_limit.rb

@@ -0,0 +1,73 @@
+class CloudflareClient::Zone::RateLimit < CloudflareClient::Zone::Base
+  DOC_URL = 'https://api.cloudflare.com/#rate-limits-for-a-zone-create-a-ratelimit'.freeze
+
+  ##
+  # rate_limits_for_a_zone
+
+  ##
+  # list zone rate limits
+  def list(page: 1, per_page: 50)
+    params = {page: page, per_page: per_page}
+
+    cf_get(path: "/zones/#{zone_id}/rate_limits", params: params)
+  end
+
+  ##
+  # Create a zone rate limit
+  def create(match:, threshold:, period:, action:, id: nil, disabled: nil, description: nil, bypass: nil)
+    common_checks(match, action, threshold, period)
+
+    data      = {match: match, threshold: threshold, period: period, action: action}
+    data[:id] = id unless id.nil?
+
+    unless disabled.nil?
+      valid_value_check(:disabled, disabled, [true, false])
+      data[:disabled] = disabled
+    end
+
+    cf_post(path: "/zones/#{zone_id}/rate_limits", data: data)
+  end
+
+  ##
+  # get details for a zone rate limit
+  def show(id:)
+    id_check('id', id)
+
+    cf_get(path: "/zones/#{zone_id}/rate_limits/#{id}")
+  end
+
+  ##
+  # update zone rate limit
+  def update(id:, match:, action:, threshold:, period:, disabled: nil, description: nil, bypass: nil)
+    id_check('id', id)
+    common_checks(match, action, threshold, period)
+
+    data               = {match: match, threshold: threshold, period: period, action: action}
+    data[:id]          = id unless id.nil?
+    data[:description] = description unless description.nil?
+
+    unless disabled.nil?
+      valid_value_check(:disabled, disabled, [true, false])
+      data[:disabled] = disabled
+    end
+
+    cf_put(path: "/zones/#{zone_id}/rate_limits/#{id}", data: data)
+  end
+
+  ##
+  # delete zone rate limit
+  def delete(id:)
+    id_check('id', id)
+
+    cf_delete(path: "/zones/#{zone_id}/rate_limits/#{id}")
+  end
+
+  private
+
+  def common_checks(match, action, threshold, period)
+    raise "match must be a match object #{DOC_URL}" unless match.is_a?(Hash)
+    raise "action must be a action object #{DOC_URL}" unless action.is_a?(Hash)
+    raise 'threshold must be between 1 86400' if !threshold.is_a?(Integer) || !threshold.between?(1, 86400)
+    raise 'period must be between 1 86400' if !period.is_a?(Integer) || !period.between?(1, 86400)
+  end
+end

data/lib/cloudflare_client/zone/ssl.rb

@@ -0,0 +1,28 @@
+class CloudflareClient::Zone::SSL < CloudflareClient::Zone::Base
+  Dir[File.expand_path('../ssl/*.rb', __FILE__)].each {|f| require f}
+
+  VALID_RETRY_VERIFICATIONS = [true].freeze
+
+  ##
+  # analyze a certificate
+  def analyze(certificate: nil, bundle_method: 'ubiquitous')
+    data               = {}
+    data[:certificate] = certificate unless certificate.nil?
+
+    bundle_method_check(bundle_method)
+    data[:bundle_method] = bundle_method
+
+    cf_post(path: "/zones/#{zone_id}/ssl/analyze", data: data)
+  end
+
+  ##
+  # get ssl verification
+  def verification(retry_verification: nil)
+    unless retry_verification.nil?
+      valid_value_check(:retry_verification, retry_verification, VALID_RETRY_VERIFICATIONS)
+      params = {retry: true}
+    end
+
+    cf_get(path: "/zones/#{zone_id}/ssl/verification", params: params)
+  end
+end

data/lib/cloudflare_client/zone/ssl/certificate_pack.rb

@@ -0,0 +1,32 @@
+class CloudflareClient::Zone::SSL::CertificatePack < CloudflareClient::Zone::SSL
+  ##
+  # certificate_packs
+
+  ##
+  # list all certificate packs
+  def list
+    cf_get(path: "/zones/#{zone_id}/ssl/certificate_packs")
+  end
+
+  ##
+  # re-order certificate packs
+  def order(hosts: nil)
+    non_empty_array_check(:hosts, hosts) unless hosts.nil?
+
+    data = {hosts: hosts}
+
+    # TODO: test against api
+    cf_post(path: "/zones/#{zone_id}/ssl/certificate_packs", data: data)
+  end
+
+  ##
+  # edit a certificate pack
+  def update(id:, hosts:)
+    id_check(:id, id)
+    non_empty_array_check(:hosts, hosts) unless hosts.nil?
+
+    data = {hosts: hosts}
+
+    cf_patch(path: "/zones/#{zone_id}/ssl/certificate_packs/#{id}", data: data)
+  end
+end