catocli 1.0.21__py3-none-any.whl → 2.0.0__py3-none-any.whl

catocli/parsers/configure/__init__.py

@@ -0,0 +1,115 @@
+#!/usr/bin/env python3
+"""
+Configure command parser for Cato CLI
+Handles profile creation, listing, and switching
+"""
+
+import argparse
+from .configure import (
+    configure_profile, 
+    list_profiles, 
+    set_profile, 
+    delete_profile,
+    show_profile
+)
+
+
+def configure_parse(subparsers):
+    """Create configure command parsers"""
+    
+    # Create the main configure parser
+    configure_parser = subparsers.add_parser(
+        'configure', 
+        help='Configure Cato CLI credentials and profiles',
+        usage='catocli configure <subcommand> [options]'
+    )
+    configure_subparsers = configure_parser.add_subparsers(
+        description='Configure operations', 
+        help='Profile management operations'
+    )
+    
+    # Configure profile command
+    config_parser = configure_subparsers.add_parser(
+        'set',
+        help='Configure a profile with credentials',
+        usage='catocli configure set [--profile PROFILE] [options]'
+    )
+    config_parser.add_argument(
+        '--profile', 
+        default='default',
+        help='Profile name to configure (default: default)'
+    )
+    config_parser.add_argument(
+        '--endpoint',
+        help='Cato API endpoint URL (default: https://api.catonetworks.com/api/v1/graphql2)'
+    )
+    config_parser.add_argument(
+        '--cato-token',
+        help='Cato API token'
+    )
+    config_parser.add_argument(
+        '--account-id',
+        help='Cato account ID'
+    )
+    config_parser.add_argument(
+        '--interactive',
+        action='store_true',
+        help='Interactive configuration mode'
+    )
+    config_parser.add_argument(
+        '--skip-validation',
+        action='store_true',
+        help='Skip credential validation (save without testing)'
+    )
+    config_parser.set_defaults(func=configure_profile)
+    
+    # List profiles command
+    list_parser = configure_subparsers.add_parser(
+        'list',
+        help='List all configured profiles',
+        usage='catocli configure list'
+    )
+    list_parser.set_defaults(func=list_profiles)
+    
+    # Use/switch profile command
+    use_parser = configure_subparsers.add_parser(
+        'use',
+        help='Set the active profile',
+        usage='catocli configure use <profile>'
+    )
+    use_parser.add_argument(
+        'profile',
+        help='Profile name to activate'
+    )
+    use_parser.set_defaults(func=set_profile)
+    
+    # Show current profile command
+    show_parser = configure_subparsers.add_parser(
+        'show',
+        help='Show current profile configuration',
+        usage='catocli configure show [--profile PROFILE]'
+    )
+    show_parser.add_argument(
+        '--profile',
+        help='Profile name to show (default: current active profile)'
+    )
+    show_parser.set_defaults(func=show_profile)
+    
+    # Delete profile command
+    delete_parser = configure_subparsers.add_parser(
+        'delete',
+        help='Delete a profile',
+        usage='catocli configure delete <profile>'
+    )
+    delete_parser.add_argument(
+        'profile',
+        help='Profile name to delete'
+    )
+    delete_parser.add_argument(
+        '--force',
+        action='store_true',
+        help='Force deletion without confirmation'
+    )
+    delete_parser.set_defaults(func=delete_profile)
+    
+    return configure_parser

catocli/parsers/configure/configure.py

@@ -0,0 +1,307 @@
+#!/usr/bin/env python3
+"""
+Configure command implementation for Cato CLI
+Implements profile creation, listing, switching, and management
+"""
+
+import getpass
+import sys
+import json
+from graphql_client import Configuration
+from graphql_client.api_client import ApiException
+from graphql_client.api.call_api import ApiClient, CallApi
+from ...Utils.profile_manager import get_profile_manager
+
+
+def test_credentials(endpoint, cato_token, account_id):
+    """Test credentials by making an entityLookup API call"""
+    try:
+        print("Testing credentials...")
+        
+        # Create a temporary configuration
+        test_config = Configuration()
+        test_config.verify_ssl = False
+        test_config.debug = False
+        test_config.version = "1.0.0"  # Required for API client
+        test_config.api_key["x-api-key"] = cato_token
+        test_config.host = endpoint
+        test_config.accountID = account_id
+        
+        # Make a simple entityLookup call to test credentials
+        instance = CallApi(ApiClient(test_config))
+        response = instance.call_api({
+            "query": "query entityLookup($accountID: ID!, $type: EntityType!) { entityLookup(accountID: $accountID, type: $type) { items { entity { id name } } } }",
+            "variables": {"accountID": account_id, "type": "country"}
+        }, {})
+        result = response[0] if response else None
+        
+        # Check if the call was successful
+        if result and result.get('data') is not None:
+            print("✓ Credentials validated successfully")
+            return True, "Credentials are valid"
+        elif result and result.get('errors'):
+            error_msg = result['errors'][0].get('message', 'Unknown API error')
+            return False, f"API error: {error_msg}"
+        elif result is None:
+            return False, "No response from API"
+        else:
+            return False, f"Invalid API response: {result}"
+            
+    except ApiException as e:
+        if e.status == 401:
+            return False, "Invalid API token"
+        elif e.status == 403:
+            return False, "Access denied - check account ID and permissions"
+        else:
+            return False, f"API error (status {e.status}): {str(e)}"
+    except Exception as e:
+        return False, f"Connection error: {str(e)}"
+
+
+def configure_profile(args, configuration=None):
+    """Configure a profile with credentials"""
+    pm = get_profile_manager()
+    profile_name = args.profile
+    
+    try:
+        # Interactive mode
+        if args.interactive or (not args.cato_token and not args.account_id and not args.endpoint):
+            print(f"Configuring profile '{profile_name}'")
+            print("Leave blank to keep existing values (if any)")
+            print()
+            
+            # Get current values if profile exists
+            current_config = pm.get_profile_config(profile_name) or {}
+            
+            # Get endpoint
+            current_endpoint = current_config.get('endpoint', pm.default_endpoint)
+            endpoint_input = input(f"Cato API Endpoint [{current_endpoint}]: ").strip()
+            endpoint = endpoint_input if endpoint_input else current_endpoint
+            
+            # Get token
+            current_token = current_config.get('cato_token', '')
+            if current_token:
+                token_prompt = f"Cato API Token [****{current_token[-4:]}]: "
+            else:
+                token_prompt = "Cato API Token: "
+            token_input = getpass.getpass(token_prompt).strip()
+            cato_token = token_input if token_input else current_token
+            
+            # Get account ID
+            current_account = current_config.get('account_id', '')
+            account_input = input(f"Account ID [{current_account}]: ").strip()
+            account_id = account_input if account_input else current_account
+            
+        else:
+            # Non-interactive mode
+            endpoint = args.endpoint
+            cato_token = getattr(args, 'cato_token', None)
+            account_id = getattr(args, 'account_id', None)
+        
+        # Validate required fields
+        if not cato_token or not account_id:
+            current_config = pm.get_profile_config(profile_name) or {}
+            if not cato_token:
+                cato_token = current_config.get('cato_token')
+            if not account_id:
+                account_id = current_config.get('account_id')
+        
+        if not cato_token:
+            print("ERROR: Cato API token is required")
+            return [{"success": False, "error": "Missing cato_token"}]
+            
+        if not account_id:
+            print("ERROR: Account ID is required")
+            return [{"success": False, "error": "Missing account_id"}]
+        
+        # Set default endpoint if not provided
+        if not endpoint:
+            endpoint = pm.default_endpoint
+        
+        # Test credentials before saving (unless validation is skipped)
+        if hasattr(args, 'skip_validation') and args.skip_validation:
+            print("⚠️  Skipping credential validation")
+        else:
+            is_valid, error_message = test_credentials(endpoint, cato_token, account_id)
+            if not is_valid:
+                print(f"ERROR: {error_message}")
+                print("Profile not saved. Please check your credentials and try again.")
+                print("(Use --skip-validation to save without testing)")
+                return [{"success": False, "error": f"Credential validation failed: {error_message}"}]
+        
+        # Create the profile
+        success = pm.create_profile(
+            profile_name=profile_name,
+            endpoint=endpoint,
+            cato_token=cato_token,
+            account_id=account_id
+        )
+        
+        if success:
+            print(f"Profile '{profile_name}' configured successfully!")
+            if profile_name == 'default' or len(pm.list_profiles()) == 1:
+                pm.set_current_profile(profile_name)
+                print(f"Set '{profile_name}' as the active profile")
+        else:
+            print(f"Failed to configure profile '{profile_name}'")
+            return [{"success": False, "error": "Failed to create profile"}]
+            
+        return [{"success": True, "profile": profile_name}]
+        
+    except KeyboardInterrupt:
+        print("\nOperation cancelled")
+        return [{"success": False, "error": "Operation cancelled by user"}]
+    except Exception as e:
+        print(f"ERROR: {e}")
+        return [{"success": False, "error": str(e)}]
+
+
+def list_profiles(args, configuration=None):
+    """List all configured profiles"""
+    pm = get_profile_manager()
+    
+    try:
+        profiles = pm.list_profiles()
+        current_profile = pm.get_current_profile()
+        
+        if not profiles:
+            print("No profiles configured.")
+            print("Run 'catocli configure set' to create your first profile.")
+            return [{"success": True, "profiles": []}]
+        
+        print("Available profiles:")
+        print()
+        
+        for profile in profiles:
+            is_current = profile == current_profile
+            status = " (current)" if is_current else ""
+            
+            config = pm.get_profile_config(profile)
+            endpoint = config.get('endpoint', 'N/A')
+            account_id = config.get('account_id', 'N/A')
+            
+            print(f"  {profile}{status}")
+            print(f"    Endpoint:   {endpoint}")
+            print(f"    Account ID: {account_id}")
+            print()
+        
+        return [{"success": True, "profiles": profiles, "current": current_profile}]
+        
+    except Exception as e:
+        print(f"ERROR: {e}")
+        return [{"success": False, "error": str(e)}]
+
+
+def set_profile(args, configuration=None):
+    """Set the active profile"""
+    pm = get_profile_manager()
+    profile_name = args.profile
+    
+    try:
+        # Check if profile exists
+        if profile_name not in pm.list_profiles():
+            print(f"ERROR: Profile '{profile_name}' does not exist.")
+            print("Available profiles:")
+            for p in pm.list_profiles():
+                print(f"  {p}")
+            return [{"success": False, "error": "Profile not found"}]
+        
+        # Validate profile has required credentials
+        is_valid, message = pm.validate_profile(profile_name)
+        if not is_valid:
+            print(f"ERROR: {message}")
+            print(f"Run 'catocli configure set --profile {profile_name}' to update the profile.")
+            return [{"success": False, "error": message}]
+        
+        # Set as current profile
+        pm.set_current_profile(profile_name)
+        print(f"Switched to profile '{profile_name}'")
+        
+        return [{"success": True, "profile": profile_name}]
+        
+    except Exception as e:
+        print(f"ERROR: {e}")
+        return [{"success": False, "error": str(e)}]
+
+
+def show_profile(args, configuration=None):
+    """Show current profile configuration"""
+    pm = get_profile_manager()
+    
+    try:
+        profile_name = args.profile if hasattr(args, 'profile') and args.profile else pm.get_current_profile()
+        
+        # Check if profile exists
+        config = pm.get_profile_config(profile_name)
+        if not config:
+            print(f"Profile '{profile_name}' not found.")
+            return [{"success": False, "error": "Profile not found"}]
+        
+        print(f"Profile: {profile_name}")
+        print(f"Endpoint:   {config.get('endpoint', 'N/A')}")
+        print(f"Account ID: {config.get('account_id', 'N/A')}")
+        
+        # Show token status without revealing it
+        token = config.get('cato_token', '')
+        if token:
+            print(f"Token:      ****{token[-4:]} (configured)")
+        else:
+            print("Token:      (not configured)")
+        
+        # Show if this is the current profile
+        current_profile = pm.get_current_profile()
+        if profile_name == current_profile:
+            print("Status:     Current active profile")
+        else:
+            print(f"Status:     Available (current: {current_profile})")
+        
+        # Create masked config for JSON output
+        masked_config = config.copy()
+        if masked_config.get('cato_token'):
+            masked_config['cato_token'] = f"****{masked_config['cato_token'][-4:]}"
+        
+        return [{"success": True, "profile": profile_name, "config": masked_config}]
+        
+    except Exception as e:
+        print(f"ERROR: {e}")
+        return [{"success": False, "error": str(e)}]
+
+
+def delete_profile(args, configuration=None):
+    """Delete a profile"""
+    pm = get_profile_manager()
+    profile_name = args.profile
+    
+    try:
+        # Check if profile exists
+        if profile_name not in pm.list_profiles():
+            print(f"Profile '{profile_name}' does not exist.")
+            return [{"success": False, "error": "Profile not found"}]
+        
+        # Check if it's the current profile
+        current_profile = pm.get_current_profile()
+        if profile_name == current_profile:
+            print(f"Cannot delete the current active profile '{profile_name}'.")
+            print("Switch to another profile first using 'catocli configure use <profile>'")
+            return [{"success": False, "error": "Cannot delete active profile"}]
+        
+        # Confirm deletion unless forced
+        if not args.force:
+            response = input(f"Are you sure you want to delete profile '{profile_name}'? (y/N): ").strip().lower()
+            if response != 'y':
+                print("Deletion cancelled.")
+                return [{"success": False, "error": "Deletion cancelled by user"}]
+        
+        # Delete the profile
+        success = pm.delete_profile(profile_name)
+        if success:
+            print(f"Profile '{profile_name}' deleted successfully.")
+        else:
+            print(f"Failed to delete profile '{profile_name}'.")
+            return [{"success": False, "error": "Failed to delete profile"}]
+        
+        return [{"success": True, "deleted_profile": profile_name}]
+        
+    except Exception as e:
+        print(f"ERROR: {e}")
+        return [{"success": False, "error": str(e)}]

catocli/parsers/custom/__init__.py

@@ -1,5 +1,8 @@
 
 import catocli.parsers.custom.customLib as customLib
+from catocli.parsers.custom.export_rules import export_parse
+from catocli.parsers.custom.import_rules_to_tf import import_parse
+from catocli.parsers.configure import configure_parse
 
 def custom_parse(subparsers):
 	entityTypes = ["account","admin","allocatedIP","any","availablePooledUsage","availableSiteUsage","dhcpRelayGroup","groupSubscription","host","lanFirewall","localRouting","location","mailingListSubscription","networkInterface","portProtocol","simpleService","site","siteRange","timezone","vpnUser","webhookSubscription"]
@@ -27,6 +30,11 @@ def custom_parse(subparsers):
 		
 		item_list_parser.set_defaults(func=customLib.entityTypeList,operation_name=entity)
 
+	# Add additional custom parsers here 
+	export_parse(subparsers)
+	import_parse(subparsers)
+	configure_parse(subparsers)
+
 def get_help_custom(path):
 	matchCmd = "catocli "+path.replace("_"," ")
 	import os

catocli/parsers/custom/export_rules/__init__.py

@@ -0,0 +1,36 @@
+import catocli.parsers.custom.export_rules.export_rules as export_rules
+
+def export_parse(subparsers):
+    """Create export command parsers"""
+    
+    # Create the main export parser
+    export_parser = subparsers.add_parser('export', help='Export data to various formats', usage='catocli export <operation> [options]')
+    export_subparsers = export_parser.add_subparsers(description='valid export operations', help='additional help')
+    
+    # Add if_rules command
+    if_rules_parser = export_subparsers.add_parser(
+        'if_rules', 
+        help='Export Internet Firewall rules to JSON format',
+        usage='catocli export if_rules [-accountID <account_id>] [options]'
+    )
+    
+    if_rules_parser.add_argument('-accountID', help='Account ID to export rules from (uses CATO_ACCOUNT_ID environment variable if not specified)', required=False)
+    if_rules_parser.add_argument('--output-file-path', help='Full path including filename and extension for output file. If not specified, uses default: config_data/all_ifw_rules_and_sections_{account_id}.json')
+    if_rules_parser.add_argument('-v', '--verbose', action='store_true', help='Verbose output')
+    
+    if_rules_parser.set_defaults(func=export_rules.export_if_rules_to_json)
+    
+    # Add wf_rules command
+    wf_rules_parser = export_subparsers.add_parser(
+        'wf_rules', 
+        help='Export WAN Firewall rules to JSON format',
+        usage='catocli export wf_rules [-accountID <account_id>] [options]'
+    )
+    
+    wf_rules_parser.add_argument('-accountID', help='Account ID to export rules from (uses CATO_ACCOUNT_ID environment variable if not specified)', required=False)
+    wf_rules_parser.add_argument('--output-file-path', help='Full path including filename and extension for output file. If not specified, uses default: config_data/all_wf_rules_and_sections_{account_id}.json')
+    wf_rules_parser.add_argument('-v', '--verbose', action='store_true', help='Verbose output')
+    
+    wf_rules_parser.set_defaults(func=export_rules.export_wf_rules_to_json)
+    
+    return export_parser