palo_alto 0.1.6 → 0.1.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/palo_alto/config.rb +5 -1
- data/lib/palo_alto/version.rb +1 -1
- data/lib/palo_alto.rb +80 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: f3f5565d4ace0fcd1e96290bcd2b5e2d1ffa726b53fd7fe691497f7a2c137d42
|
|
4
|
+
data.tar.gz: 9e8e63ab0508abf76cc5fdf13e6827067aa42100f6beb996ef16b1256dd96f5b
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 59e3ee0f6f425554cf6dd10ac49310cdc4ebba3ec24ad9cf3914f7e5a6c465a386ccfe8cae77041691ddbc157c281c66aaee84b49f617057bcd750cd81e7c0e3
|
|
7
|
+
data.tar.gz: ad822a803c73d950cfdf0e428c41ee47b7fc3c3dd8b3fb631cecf2cf19c4b07e31d120fe0468cf25bed0ad250b859e7ee3d6ce7467a7c9adf7254a9697d7e1fa
|
data/lib/palo_alto/config.rb
CHANGED
|
@@ -268,7 +268,11 @@ module PaloAlto
|
|
|
268
268
|
end
|
|
269
269
|
|
|
270
270
|
def binary_operator(name, left, right)
|
|
271
|
-
|
|
271
|
+
if %w(and or).include?(name)
|
|
272
|
+
"(#{left} #{name} #{right})".gsub('./@', '@')
|
|
273
|
+
else
|
|
274
|
+
"#{left}#{name}#{right}".gsub('./@', '@')
|
|
275
|
+
end
|
|
272
276
|
end
|
|
273
277
|
|
|
274
278
|
def root(current, element_names)
|
data/lib/palo_alto/version.rb
CHANGED
data/lib/palo_alto.rb
CHANGED
|
@@ -197,7 +197,11 @@ module PaloAlto
|
|
|
197
197
|
begin
|
|
198
198
|
Helpers::Rest.execute(payload, headers: {'X-PAN-KEY': self.auth_key})
|
|
199
199
|
rescue TemporaryException => e
|
|
200
|
-
|
|
200
|
+
dont_continue_at = [
|
|
201
|
+
'Partial revert is not allowed. Full system commit must be completed.',
|
|
202
|
+
'Config for scope '
|
|
203
|
+
]
|
|
204
|
+
unless retried || dont_continue_at.any? { |x| e.message.start_with?(x) }
|
|
201
205
|
if XML.debug.include?(:warnings)
|
|
202
206
|
warn "Got error #{e.inspect}; retrying"
|
|
203
207
|
end
|
|
@@ -247,6 +251,69 @@ module PaloAlto
|
|
|
247
251
|
false
|
|
248
252
|
end
|
|
249
253
|
|
|
254
|
+
def primary_active?
|
|
255
|
+
cmd = {show: {'high-availability': 'state'}}
|
|
256
|
+
state = Op.new.execute(cmd)
|
|
257
|
+
state.at_xpath("response/result/local-info/state").text == "primary-active"
|
|
258
|
+
end
|
|
259
|
+
|
|
260
|
+
# area: config, commit
|
|
261
|
+
def show_locks(area:)
|
|
262
|
+
cmd = {show: "#{area}-locks"}
|
|
263
|
+
ret = Op.new.execute(cmd)
|
|
264
|
+
ret.xpath("response/result/#{area}-locks/entry").map do |lock|
|
|
265
|
+
comment = lock.at_xpath('comment').inner_text
|
|
266
|
+
location = lock.at_xpath('name').inner_text
|
|
267
|
+
{
|
|
268
|
+
name: lock.attribute('name').value,
|
|
269
|
+
location: location == 'shared' ? nil : location,
|
|
270
|
+
type: lock.at_xpath('type').inner_text,
|
|
271
|
+
comment: comment == '(null)' ? nil : comment
|
|
272
|
+
}
|
|
273
|
+
end
|
|
274
|
+
end
|
|
275
|
+
|
|
276
|
+
# will execute block if given and unlock afterwards. returns false if lock could not be aquired
|
|
277
|
+
def lock(area:, comment: nil, type: nil, location: nil)
|
|
278
|
+
if block_given?
|
|
279
|
+
if lock(area: area, comment: comment, type: type, location: location)
|
|
280
|
+
begin
|
|
281
|
+
return yield
|
|
282
|
+
ensure
|
|
283
|
+
unlock(area: area, type: type, location: location)
|
|
284
|
+
end
|
|
285
|
+
else
|
|
286
|
+
return false
|
|
287
|
+
end
|
|
288
|
+
end
|
|
289
|
+
|
|
290
|
+
begin
|
|
291
|
+
cmd = {request: {"#{area}-lock": {add: {comment: comment || '(null)' }}}}
|
|
292
|
+
Op.new.execute(cmd, get_extra_argument(type: type, location: location))
|
|
293
|
+
true
|
|
294
|
+
rescue PaloAlto::InternalErrorException
|
|
295
|
+
false
|
|
296
|
+
end
|
|
297
|
+
end
|
|
298
|
+
|
|
299
|
+
def unlock(area:, type: nil, location: nil)
|
|
300
|
+
begin
|
|
301
|
+
cmd = {request: {"#{area}-lock": 'remove'}}
|
|
302
|
+
Op.new.execute(cmd, get_extra_argument(type: type, location: location))
|
|
303
|
+
rescue PaloAlto::InternalErrorException
|
|
304
|
+
return false
|
|
305
|
+
end
|
|
306
|
+
true
|
|
307
|
+
end
|
|
308
|
+
|
|
309
|
+
def remove_all_locks
|
|
310
|
+
%w(config commit).each do |area|
|
|
311
|
+
show_locks(area: area).each {|lock|
|
|
312
|
+
unlock(area: area, type: lock[:type], location: lock[:location])
|
|
313
|
+
}
|
|
314
|
+
end
|
|
315
|
+
end
|
|
316
|
+
|
|
250
317
|
def check_for_changes(usernames: [XML.username])
|
|
251
318
|
result = Op.new.execute({show: {config: {list: {'change-summary': {partial: {admin: usernames}}}}}})
|
|
252
319
|
result.xpath('response/result/summary/device-group/member').map(&:inner_text)
|
|
@@ -317,5 +384,17 @@ module PaloAlto
|
|
|
317
384
|
xml_data = Helpers::Rest.execute(payload)
|
|
318
385
|
self.auth_key = xml_data.xpath('//response/result/key')[0].content
|
|
319
386
|
end
|
|
387
|
+
|
|
388
|
+
private
|
|
389
|
+
|
|
390
|
+
# used to limit an op command to a specifc dg/template
|
|
391
|
+
def get_extra_argument(type:, location:)
|
|
392
|
+
case type
|
|
393
|
+
when 'dg' then {vsys: location}
|
|
394
|
+
when 'tpl' then raise
|
|
395
|
+
else {}
|
|
396
|
+
end
|
|
397
|
+
end
|
|
398
|
+
|
|
320
399
|
end
|
|
321
400
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: palo_alto
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.1.
|
|
4
|
+
version: 0.1.7
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Sebastian Roesner
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2021-10-
|
|
11
|
+
date: 2021-10-22 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: nokogiri
|