enfcli 4.0.0 → 5.0.0.pre.alpha

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -1,5 +1,5 @@
1
1
  #
2
- # Copyright 2019 Xaptum,Inc
2
+ # Copyright 2019-2020 Xaptum,Inc
3
3
  #
4
4
  # Licensed under the Apache License, Version 2.0 (the "License");
5
5
  # you may not use this file except in compliance with the License.
@@ -13,17 +13,16 @@
13
13
  # See the License for the specific language governing permissions and
14
14
  # limitations under the License.
15
15
  #
16
- require 'enfthor'
17
- require 'enfapi'
16
+ require "enfthor"
17
+ require "enfapi/dns"
18
18
 
19
19
  module EnfCli
20
20
  module Cmd
21
-
22
21
  class Xdns < EnfThor
23
- DnsRecordType_AAAA = 'AAAA'
24
- DnsRecordType_TXT = 'TXT'
25
- DnsRecordType_SRV = 'SRV'
26
- DnsRecordType_CNAME = 'CNAME'
22
+ DnsRecordType_AAAA = "AAAA"
23
+ DnsRecordType_TXT = "TXT"
24
+ DnsRecordType_SRV = "SRV"
25
+ DnsRecordType_CNAME = "CNAME"
27
26
  DnsRecordTypes = [DnsRecordType_AAAA, DnsRecordType_CNAME, DnsRecordType_SRV, DnsRecordType_TXT]
28
27
 
29
28
  no_commands {
@@ -35,13 +34,10 @@ module EnfCli
35
34
  case type
36
35
  when DnsRecordType_AAAA
37
36
  value = value[:ipv6]
38
-
39
37
  when DnsRecordType_CNAME
40
38
  value = value[:dname]
41
-
42
39
  when DnsRecordType_SRV
43
40
  value = "#{value[:priority]} #{value[:weight]} #{value[:port]} #{value[:target]}"
44
-
45
41
  when DnsRecordType_TXT
46
42
  value = value[:txt]
47
43
  end
@@ -50,33 +46,33 @@ module EnfCli
50
46
  end
51
47
 
52
48
  def display_zones_table(zones)
53
- headings = ['Id', 'Zone', 'Description', 'Enf Domain']
54
- rows = zones.map{ |hash|
55
- [ hash[:id], hash[:zone_domain_name], hash[:description], hash[:enf_domain] ]
49
+ headings = ["Id", "Zone", "Description", "Privileged", "Enf Domain"]
50
+ rows = zones.map { |hash|
51
+ [hash[:id], hash[:zone_domain_name], hash[:description], hash[:privileged], hash[:enf_domain]]
56
52
  }
57
53
  render_table(headings, rows)
58
54
  end
59
55
 
60
56
  def display_networks_table(networks)
61
- headings = ['Id', 'Network' ]
62
- rows = networks.map{ |hash|
63
- [ hash[:rowid], hash[:enf_network] ]
57
+ headings = ["Id", "Network"]
58
+ rows = networks.map { |hash|
59
+ [hash[:rowid], hash[:enf_network]]
64
60
  }
65
61
  render_table(headings, rows)
66
62
  end
67
63
 
68
64
  def display_records_table(records)
69
- headings = ['Id', 'Name', 'Type', 'Value', 'TTL']
70
- rows = records.map{ |hash|
71
- [ hash[:id], hash[:name], hash[:type], get_record_value(hash[:type], hash[:value]), hash[:ttl] ]
65
+ headings = ["Id", "Name", "Type", "Value", "TTL"]
66
+ rows = records.map { |hash|
67
+ [hash[:id], hash[:name], hash[:type], get_record_value(hash[:type], hash[:value]), hash[:ttl]]
72
68
  }
73
69
  render_table(headings, rows)
74
70
  end
75
71
 
76
72
  def display_servers_table(servers)
77
- headings = ['Id', 'IPv6', 'Network', 'Description' ]
78
- rows = servers.map{ |hash|
79
- [ hash[:id], hash[:ipv6], hash[:enf_network], hash[:description] ]
73
+ headings = ["Id", "IPv6", "Network", "Description"]
74
+ rows = servers.map { |hash|
75
+ [hash[:id], hash[:ipv6], hash[:enf_network], hash[:description]]
80
76
  }
81
77
  render_table(headings, rows)
82
78
  end
@@ -86,30 +82,38 @@ module EnfCli
86
82
  method_option :'zone-domain-name', :type => :string, :required => true
87
83
  method_option :description, :type => :array, :banner => "DESCRIPTION"
88
84
  method_option :'enf-domain', :type => :string, :banner => "/48 Enf Domain"
85
+ method_option :'enf-network', :type => :string, :banner => "/64 Enf Network"
86
+
89
87
  def create_zone
90
88
  try_with_rescue_in_session do
91
89
  ## session
92
90
  session = EnfCli::CTX.instance.session
93
91
 
94
92
  ## Gather parameters
95
- zone_domain_name = options['zone-domain-name']
93
+ zone_domain_name = options["zone-domain-name"]
96
94
  description = array_option_to_string(options.description) if options.description
97
- case session[:type]
98
- when 'XAPTUM_ADMIN'
99
- enf_domain = options['enf-domain']
95
+ if EnfCli::CTX.instance.xaptum_admin?
96
+ enf_domain = options["enf-domain"]
100
97
  raise "No value provided for required options '--enf-domain'" unless enf_domain
101
-
102
98
  else
103
- enf_domain = session[:domain_network]
99
+ enf_domain = session[:domain]
100
+ end
101
+
102
+ enf_network = options["enf-network"]
103
+ unless EnfCli::CTX.instance.edit_domain_role?
104
+ raise "No value provided for required option '--enf-network'" unless enf_network
104
105
  end
105
106
 
106
107
  ## create request hash
107
108
  new_zone = {
108
109
  :zone_domain_name => zone_domain_name,
109
110
  :description => description,
110
- :enf_domain => enf_domain
111
+ :enf_domain => enf_domain,
111
112
  }
112
113
 
114
+ ## add enf_network to request if present
115
+ new_zone[:enf_network] = enf_network if enf_network
116
+
113
117
  ## call api
114
118
  data = EnfApi::Dns.instance.create_dns_zone new_zone
115
119
  zones = data[:data]
@@ -123,18 +127,17 @@ module EnfCli
123
127
 
124
128
  desc "list-zones", "List DNS Zones"
125
129
  method_option :'enf-domain', :type => :string, :banner => "/48 Enf Domain"
130
+
126
131
  def list_zones
127
132
  try_with_rescue_in_session do
128
133
  ## session
129
134
  session = EnfCli::CTX.instance.session
130
135
 
131
- case session[:type]
132
- when 'XAPTUM_ADMIN'
133
- enf_domain = options['enf-domain']
136
+ if EnfCli::CTX.instance.xaptum_admin?
137
+ enf_domain = options["enf-domain"]
134
138
  raise "No value provided for required options '--enf-domain'" unless enf_domain
135
-
136
139
  else
137
- enf_domain = session[:domain_network]
140
+ enf_domain = session[:domain]
138
141
  end
139
142
 
140
143
  ## call api
@@ -148,6 +151,7 @@ module EnfCli
148
151
 
149
152
  desc "delete-zone", "Delete a DNS zone"
150
153
  method_option :'zone-id', :type => :string, :required => true
154
+
151
155
  def delete_zone
152
156
  try_with_rescue_in_session do
153
157
  zone_id = options[:'zone-id']
@@ -162,6 +166,7 @@ module EnfCli
162
166
  desc "update-zone", "Update a DNS zone description"
163
167
  method_option :'zone-id', :type => :string, :required => true
164
168
  method_option :description, :type => :array, :banner => "DESCRIPTION", :required => true
169
+
165
170
  def update_zone
166
171
  try_with_rescue_in_session do
167
172
  ## get parameters
@@ -169,7 +174,7 @@ module EnfCli
169
174
 
170
175
  ## update request
171
176
  update_zone_req = {
172
- :description => description
177
+ :description => description,
173
178
  }
174
179
 
175
180
  ## call api
@@ -184,15 +189,16 @@ module EnfCli
184
189
  desc "add-networks-to-zone", "Add /64 networks to DNS zone"
185
190
  method_option :'zone-id', :type => :string, :required => true
186
191
  method_option :networks, :type => :array, :banner => "NETWORKS", :required => true
192
+
187
193
  def add_networks_to_zone
188
194
  try_with_rescue_in_session do
189
195
  ## gather parameters
190
196
  zone_id = options[:'zone-id']
191
- networks = array_option_to_string(options[:networks]).split(",").map{ |x| x.strip }
197
+ networks = array_option_to_string(options[:networks]).split(",").map { |x| x.strip }
192
198
 
193
199
  ## add networks request
194
200
  add_networks_req = {
195
- :networks => networks
201
+ :networks => networks,
196
202
  }
197
203
 
198
204
  ## call api
@@ -207,6 +213,7 @@ module EnfCli
207
213
 
208
214
  desc "list-networks-in-zone", "List /64 networks in DNS zone"
209
215
  method_option :'zone-id', :type => :string, :required => true
216
+
210
217
  def list_networks_in_zone
211
218
  try_with_rescue_in_session do
212
219
  ## gather parameters
@@ -224,6 +231,7 @@ module EnfCli
224
231
  desc "delete-networks-from-zone", "Delete /64 networks from DNS zone"
225
232
  method_option :'zone-id', :type => :string, :required => true
226
233
  method_option :networks, :type => :array, :banner => "NETWORKS", :required => true
234
+
227
235
  def delete_networks_from_zone
228
236
  try_with_rescue_in_session do
229
237
  ## gather parameters
@@ -241,15 +249,16 @@ module EnfCli
241
249
  desc "replace-networks-in-zone", "Replace /64 networks in DNS zone"
242
250
  method_option :'zone-id', :type => :string, :required => true
243
251
  method_option :networks, :type => :array, :banner => "NETWORKS", :required => true
252
+
244
253
  def replace_networks_in_zone
245
254
  try_with_rescue_in_session do
246
255
  ## gather parameters
247
256
  zone_id = options[:'zone-id']
248
- networks = array_option_to_string(options[:networks]).split(",").map{ |x| x.strip }
257
+ networks = array_option_to_string(options[:networks]).split(",").map { |x| x.strip }
249
258
 
250
259
  ## replace networks request
251
260
  replace_networks_req = {
252
- :networks => networks
261
+ :networks => networks,
253
262
  }
254
263
 
255
264
  ## call api
@@ -262,6 +271,7 @@ module EnfCli
262
271
 
263
272
  desc "list-zones-in-network", "List DNS Zones in /64 Network"
264
273
  method_option :'network', :type => :string, :banner => "/64 Enf Network", :required => true
274
+
265
275
  def list_zones_in_network
266
276
  try_with_rescue_in_session do
267
277
  ## gather parameters
@@ -278,11 +288,12 @@ module EnfCli
278
288
 
279
289
  desc "create-record", "Create a DNS record"
280
290
  method_option :'zone-id', :type => :string, :required => true
281
- method_option :name, :type => :string, :banner => '<name>',
282
- :desc => '<name> is DNS record name. Enter . to create a record with the zone domain name'
283
- method_option :'type', :type => :string, :required => true, :enum => DnsRecordTypes
291
+ method_option :name, :type => :string, :banner => "<name>",
292
+ :desc => "<name> is DNS record name. Enter . to create a record with the zone domain name"
293
+ method_option :'type', :type => :string, :required => true, :enum => DnsRecordTypes
284
294
  method_option :ttl, :type => :numeric, :required => true
285
- method_option :value, :type => :array, :required => true, :banner => 'VALUE'
295
+ method_option :value, :type => :array, :required => true, :banner => "VALUE"
296
+
286
297
  def create_record
287
298
  try_with_rescue_in_session do
288
299
  ## gather parameters
@@ -297,28 +308,23 @@ module EnfCli
297
308
  when DnsRecordType_AAAA
298
309
  ipv6 = EnfCli::IPV6.new(value).to_s
299
310
  value = { :ipv6 => ipv6 }
300
-
301
311
  when DnsRecordType_CNAME
302
312
  value = { :dname => value }
303
-
304
313
  when DnsRecordType_SRV
305
314
  raise "Invalid value for #{DnsRecordType_SRV} record" unless options.value.length == 4
306
315
  value = { :priority => Integer(options.value[0]),
307
316
  :weight => Integer(options.value[1]),
308
317
  :port => Integer(options.value[2]),
309
- :target => options.value[3],
310
- }
311
-
318
+ :target => options.value[3] }
312
319
  when DnsRecordType_TXT
313
320
  value = { :txt => value }
314
321
  end
315
322
 
316
-
317
323
  ## create request hash
318
324
  new_record = {
319
325
  :type => type,
320
326
  :ttl => ttl,
321
- :value => value
327
+ :value => value,
322
328
  }
323
329
 
324
330
  ## optionally add name to request hash
@@ -336,6 +342,7 @@ module EnfCli
336
342
 
337
343
  desc "list-records", "List DNS records in a DNS zone"
338
344
  method_option :'zone-id', :type => :string, :required => true
345
+
339
346
  def list_records
340
347
  try_with_rescue_in_session do
341
348
  ## gather parameters
@@ -353,7 +360,8 @@ module EnfCli
353
360
  desc "query", "Query DNS for a record"
354
361
  method_option :'network', :type => :string, :required => true, :banner => "/64 Enf Network"
355
362
  method_option :name, :type => :string, :required => true
356
- method_option :'type', :type => :string, :required => true, :enum => DnsRecordTypes
363
+ method_option :'type', :type => :string, :required => true, :enum => DnsRecordTypes
364
+
357
365
  def query
358
366
  try_with_rescue_in_session do
359
367
  ## gather parameters
@@ -372,6 +380,7 @@ module EnfCli
372
380
 
373
381
  desc "delete-record", "Delete a DNS record"
374
382
  method_option :'id', :type => :string, :required => true
383
+
375
384
  def delete_record
376
385
  try_with_rescue_in_session do
377
386
  ## gather parameters
@@ -389,6 +398,7 @@ module EnfCli
389
398
  method_option :'network', :type => :string, :banner => "/64 Enf Network", :required => true
390
399
  method_option :'ipv6', :type => :string
391
400
  method_option :description, :type => :array, :banner => "DESCRIPTION"
401
+
392
402
  def provision_server
393
403
  try_with_rescue_in_session do
394
404
  ## gather parameters
@@ -398,7 +408,7 @@ module EnfCli
398
408
 
399
409
  new_server = {
400
410
  :ipv6 => ipv6,
401
- :description => description
411
+ :description => description,
402
412
  }
403
413
 
404
414
  ## call API
@@ -412,6 +422,7 @@ module EnfCli
412
422
 
413
423
  desc "list-servers", "List DNS server in /64 network"
414
424
  method_option :'network', :type => :string, :banner => "/64 Enf Network", :required => true
425
+
415
426
  def list_servers
416
427
  try_with_rescue_in_session do
417
428
  ## gather parameters
@@ -429,6 +440,7 @@ module EnfCli
429
440
  desc "delete-server", "Delete DNS server in /64 network"
430
441
  method_option :'network', :type => :string, :banner => "/64 Enf Network", :required => true
431
442
  method_option :'ipv6', :type => :string, :banner => "Server Ipv6", :required => true
443
+
432
444
  def delete_server
433
445
  try_with_rescue_in_session do
434
446
  ## gather parameters
@@ -442,8 +454,6 @@ module EnfCli
442
454
  say "Delete DNS server with ipv6 #{ipv6} in #{network}!", :green
443
455
  end
444
456
  end
445
-
446
457
  end # Xdns
447
-
448
458
  end # Cmd module
449
459
  end # EnfCli module
@@ -13,27 +13,26 @@
13
13
  # See the License for the specific language governing permissions and
14
14
  # limitations under the License.
15
15
  #
16
- require 'enfthor'
17
- require 'enfapi'
18
- require 'base64'
19
- require 'digest'
20
- require 'openssl'
21
- require 'ipaddr'
16
+ require "enfthor"
17
+ require "enfapi/firewall"
18
+ require "base64"
19
+ require "digest"
20
+ require "openssl"
21
+ require "ipaddr"
22
22
 
23
23
  module EnfCli
24
24
  module Cmd
25
-
26
25
  class Xfw < EnfThor
27
26
  no_commands {
28
- def display_firewall_rules rules
29
- headings = ['Id', 'Priority', 'Protocol', 'Direction', 'Source', 'Source Port', 'Destination', 'Destination Port', 'Action']
30
- rows = rules.map{ |hash|
31
- [ hash[:id], hash[:priority], hash[:protocol], hash[:direction],
32
- hash[:source_ip] == '' ? '*' : hash[:source_ip],
33
- hash[:source_port] == 0 ? '*' : hash[:source_port],
34
- hash[:dest_ip] == '' ? '*' : hash[:dest_ip],
35
- hash[:dest_port] == 0 ? '*' : hash[:dest_port],
36
- hash[:action] ]
27
+ def display_firewall_rules(rules)
28
+ headings = ["Id", "Priority", "Protocol", "Direction", "Source", "Source Port", "Destination", "Destination Port", "Action"]
29
+ rows = rules.map { |hash|
30
+ [hash[:id], hash[:priority], hash[:protocol], hash[:direction],
31
+ hash[:source_ip] == "" ? "*" : hash[:source_ip],
32
+ hash[:source_port] == 0 ? "*" : hash[:source_port],
33
+ hash[:dest_ip] == "" ? "*" : hash[:dest_ip],
34
+ hash[:dest_port] == 0 ? "*" : hash[:dest_port],
35
+ hash[:action]]
37
36
  }
38
37
  render_table(headings, rows)
39
38
  end
@@ -41,40 +40,41 @@ module EnfCli
41
40
 
42
41
  desc "list-firewall-rules", "List all firewall rules in a /64 network"
43
42
  method_option :network, :type => :string, :required => true
43
+
44
44
  def list_firewall_rules
45
45
  try_with_rescue_in_session do
46
46
  # call the api
47
47
  rules = EnfApi::Firewall.instance.list_firewall_rules options[:network]
48
48
 
49
49
  # display empty table and return
50
- if rules.length == 0 then
50
+ if rules.length == 0
51
51
  display_firewall_rules rules
52
52
  return
53
53
  end
54
54
 
55
55
  # sort the rules by direction, priority
56
- sorted_rules = rules.sort{ |x,y|
56
+ sorted_rules = rules.sort { |x, y|
57
57
  r = x[:direction] <=> y[:direction]
58
- if r == 0 then
58
+ if r == 0
59
59
  x[:priority] <=> y[:priority]
60
60
  else
61
61
  r
62
62
  end
63
63
  }
64
-
64
+
65
65
  # chunk them into egress/ingress arrays
66
66
  egress_rules = Array.new
67
67
  ingress_rules = Array.new
68
- sorted_rules.each{ |rule|
69
- if rule[:direction] == 'INGRESS' then
68
+ sorted_rules.each { |rule|
69
+ if rule[:direction] == "INGRESS"
70
70
  ingress_rules << rule
71
71
  else
72
72
  egress_rules << rule
73
73
  end
74
74
  }
75
-
75
+
76
76
  # display data
77
- if egress_rules.length > 0 then
77
+ if egress_rules.length > 0
78
78
  say "Egress firewall rules(Endpoint -> ENF)", :yellow
79
79
  display_firewall_rules egress_rules
80
80
 
@@ -82,7 +82,7 @@ module EnfCli
82
82
  say ""
83
83
  end
84
84
 
85
- if ingress_rules.length > 0 then
85
+ if ingress_rules.length > 0
86
86
  say "Ingress firewall rules(ENF -> Endpoint)", :yellow
87
87
  display_firewall_rules ingress_rules
88
88
  end
@@ -92,28 +92,28 @@ module EnfCli
92
92
  desc "add-firewall-rule", "Add a firewall rule to a /64 network"
93
93
  method_option :network, :type => :string, :required => true
94
94
  method_option :priority, :type => :numeric, :required => true
95
- method_option :protocol, :type => :string, :required => true, :enum => ['TCP', 'UDP', 'ICMP6', '6', '17', '58']
95
+ method_option :protocol, :type => :string, :required => true, :enum => ["TCP", "UDP", "ICMP6", "6", "17", "58"]
96
96
  method_option :source_ip, :type => :string
97
97
  method_option :source_port, :type => :numeric
98
98
  method_option :dest_ip, :type => :string
99
99
  method_option :dest_port, :type => :numeric
100
- method_option :direction, :type => :string, :required => true, :enum => ['EGRESS', 'INGRESS']
101
- method_option :action, :type => :string, :required => true, :enum => ['ACCEPT', 'DROP']
102
-
100
+ method_option :direction, :type => :string, :required => true, :enum => ["EGRESS", "INGRESS"]
101
+ method_option :action, :type => :string, :required => true, :enum => ["ACCEPT", "DROP"]
102
+
103
103
  def add_firewall_rule
104
- protocol_map = { 'TCP' => 'TCP', 'UDP' => 'UDP', 'ICMP6' => 'ICMP6', '6' => 'TCP', '17' => 'UDP', '58' => 'ICMP6' }
104
+ protocol_map = { "TCP" => "TCP", "UDP" => "UDP", "ICMP6" => "ICMP6", "6" => "TCP", "17" => "UDP", "58" => "ICMP6" }
105
105
  try_with_rescue_in_session do
106
106
  # get options
107
107
  rule = {
108
- :ip_family => 'IP6',
108
+ :ip_family => "IP6",
109
109
  :priority => options[:priority],
110
- :protocol => protocol_map[ options[:protocol] ],
111
- :source_ip => options[:source_ip] ? options[:source_ip] : '*',
110
+ :protocol => protocol_map[options[:protocol]],
111
+ :source_ip => options[:source_ip] ? options[:source_ip] : "*",
112
112
  :source_port => options[:source_port] ? options[:source_port] : 0,
113
- :dest_ip => options[:dest_ip] ? options[:dest_ip] : '*',
113
+ :dest_ip => options[:dest_ip] ? options[:dest_ip] : "*",
114
114
  :dest_port => options[:dest_port] ? options[:dest_port] : 0,
115
115
  :direction => options[:direction],
116
- :action => options[:action]
116
+ :action => options[:action],
117
117
  }
118
118
 
119
119
  # call the api
@@ -127,6 +127,7 @@ module EnfCli
127
127
  desc "delete-firewall-rule", "Delete a firewall rule"
128
128
  method_option :network, :type => :string, :required => true
129
129
  method_option :id, :type => :string, :required => true
130
+
130
131
  def delete_firewall_rule
131
132
  try_with_rescue_in_session do
132
133
  # call the api
@@ -144,8 +145,7 @@ module EnfCli
144
145
  # raise EnfCli::ERROR, "User Session not establised!" if !session
145
146
  # EnfApi::Firewall.instance.delete_firewall_rules options[:network]
146
147
  # end
147
-
148
- end
149
148
 
149
+ end
150
150
  end
151
151
  end