illumio-pylo 0.2.5__py3-none-any.whl

illumio_pylo/IPList.py

@@ -0,0 +1,135 @@
+from typing import Dict, Optional
+
+import illumio_pylo as pylo
+from .API.JsonPayloadTypes import IPListObjectJsonStructure
+from illumio_pylo import log
+from .Helpers import *
+
+
+class IPList(pylo.ReferenceTracker):
+
+    """
+    :type owner: IPListStore
+    :type description: str|None
+    :type raw_entries: dict[str,str]
+    """
+    name: str
+    href: str
+
+    def __init__(self, name: str, href: str, owner: 'pylo.IPListStore', description=None):
+        """
+        :type name: str
+        :type href: str
+        :type owner: IPListStore
+        """
+        pylo.ReferenceTracker.__init__(self)
+        self.owner = owner
+        self.name = name
+        self.href = href
+        self.description = description
+        self.raw_json = None
+        self.raw_entries = {}
+
+    def count_entries(self) -> int:
+        return len(self.raw_entries)
+
+    def load_from_json(self, json_input: IPListObjectJsonStructure):
+        self.raw_json = json_input
+
+        ip_ranges_array = json_input.get("ip_ranges")
+        if ip_ranges_array is None:
+            raise pylo.PyloEx("cannot find 'ip_ranges' in IPList JSON:\n" + nice_json(json_input))
+
+        for ip_range in ip_ranges_array:
+            from_ip = ip_range.get("from_ip")
+            if from_ip is None:
+                raise pylo.PyloEx("cannot find 'from_ip' in IPList JSON:\n" + nice_json(ip_range))
+
+            slash_pos = from_ip.find('/')
+            if slash_pos < 0:
+                to_ip = ip_range.get("to_ip")
+                if to_ip is None:
+                    entry = from_ip
+                else:
+                    if len(to_ip) < 4:
+                        entry = from_ip + "/" + to_ip
+                    else:
+                        entry = from_ip + '-' + to_ip
+            else:
+                entry = from_ip
+
+            exclusion = ip_range.get('exclusion')
+            if exclusion is not None and exclusion:
+                entry = '!' + entry
+
+            self.raw_entries[entry] = entry
+
+    def get_ip4map(self) -> pylo.IP4Map:
+        map = pylo.IP4Map()
+
+        for entry in self.raw_entries:
+            if entry[0] == '!':
+                map.subtract_from_text(entry[1:], ignore_ipv6=True)
+            else:
+                map.add_from_text(entry, ignore_ipv6=True)
+
+        return map
+
+    def get_raw_entries_as_string_list(self, separator=',') -> str:
+        return pylo.string_list_to_text(self.raw_entries.values(), separator=separator)
+
+    def get_api_reference_json(self):
+        return {'ip_list': {'href': self.href}}
+
+
+class IPListStore:
+    items_by_href: Dict[str, 'pylo.IPList']
+
+    def __init__(self, owner: 'pylo.Organization'):
+        self.owner = owner
+        self.items_by_href = {}
+
+    def count(self) -> int:
+        return len(self.items_by_href)
+    
+    @property
+    def iplists(self) -> list['pylo.IPList']:
+        return list(self.items_by_href.values())
+    
+    @property
+    def iplists_by_href(self) -> Dict[str, 'pylo.IPList']:
+        return self.items_by_href.copy()
+
+    def load_iplists_from_json(self, json_list: list[IPListObjectJsonStructure]):
+        for json_item in json_list:
+            if 'name' not in json_item or 'href' not in json_item:
+                raise Exception("Cannot find 'value'/name or href for iplist in JSON:\n" + nice_json(json_item))
+            new_iplist_name = json_item['name']
+            new_iplist_href = json_item['href']
+            new_iplist_desc = json_item.get('description')
+
+            new_iplist = pylo.IPList(new_iplist_name, new_iplist_href, self, new_iplist_desc)
+            new_iplist.load_from_json(json_item)
+
+            if new_iplist_href in self.items_by_href:
+                raise Exception("A iplist with href '%s' already exists in the table", new_iplist_href)
+
+            self.items_by_href[new_iplist_href] = new_iplist
+
+            log.debug("Found iplist '%s' with href '%s'", new_iplist_name, new_iplist_href)
+
+    def find_by_href(self, href: str) -> Optional['pylo.IPList']:
+        return self.items_by_href.get(href)
+
+    def find_by_name(self, name: str, case_sensitive: bool = True ) -> Optional['pylo.IPList']:
+        if case_sensitive:
+            for iplist in self.items_by_href.values():
+                if iplist.name == name:
+                    return iplist
+        else:
+            lower_name = name.lower()
+            for iplist in self.items_by_href.values():
+                if iplist.name.lower() == lower_name:
+                    return iplist
+        return None
+

illumio_pylo/IPMap.py

@@ -0,0 +1,285 @@
+from .Exception import PyloEx
+from .Helpers.functions import is_valid_ipv6, string_list_to_text
+import ipaddress
+import copy
+from typing import Optional, List, Dict
+
+
+def sort_first(val):
+    return val[0]
+
+
+start = 0
+end = 1
+
+masks = []
+mask = 0
+for i in range(32):
+    mask |= 1 << i
+    masks.append(mask)
+
+
+class IP4Map:
+    def __init__(self):
+        self._entries = []
+
+    @staticmethod
+    def ip_entry_from_text(entry: str, ignore_ipv6=True) -> Optional[List[int]]:
+        new_entry = None
+
+        dash_find = entry.find('-')
+
+        if dash_find > 0:
+            # this is a range entry
+            start_txt = entry[0:dash_find]
+            if ignore_ipv6 and is_valid_ipv6(start_txt):
+                return None
+            end_txt = entry[dash_find+1:]
+            if ignore_ipv6 and is_valid_ipv6(end_txt):
+                return None
+            start_ip_object = ipaddress.IPv4Address(start_txt)
+            end_ip_object = ipaddress.IPv4Address(end_txt)
+            new_entry = [int(start_ip_object), int(end_ip_object)]
+            if new_entry[start] > new_entry[end]:
+                raise PyloEx("Invalid IP Ranged entered with start address > end address: {}".format(entry))
+
+        elif entry.find('/') > 0:
+            # This is a network entry
+            network_str = entry[0:(entry.find('/'))]
+            if ignore_ipv6 and (is_valid_ipv6(network_str) or network_str == '::'):
+                return None
+            ip_object = ipaddress.IPv4Network(entry)
+            new_entry = [int(ip_object.network_address), int(ip_object.broadcast_address)]
+            if ignore_ipv6 and is_valid_ipv6(ip_object.network_address.__str__()):
+                return None
+        else:
+            if ignore_ipv6 and is_valid_ipv6(entry):
+                return None
+            ip_object = ipaddress.IPv4Address(entry)
+            new_entry = [int(ip_object), int(ip_object)]
+
+        return new_entry
+
+    def add_from_text(self, entry: str, skip_recalculation=False, ignore_ipv6=True):
+
+        new_entry = self.ip_entry_from_text(entry, ignore_ipv6=ignore_ipv6)
+
+        if ignore_ipv6 and new_entry is None:
+            return
+
+        if not skip_recalculation:
+            self._entries.append(new_entry)
+            self.sort_and_recalculate()
+
+    def intersection(self, another_map: 'IP4Map'):
+
+        inverted_map = IP4Map()
+        inverted_map.add_from_text('0.0.0.0-255.255.255.255')
+
+        inverted_map.substract(another_map)
+
+        result = copy.deepcopy(self)
+        result.substract(inverted_map)
+
+        return result
+
+    def contains(self, another_map: 'IP4Map') -> bool:
+
+        if len(self._entries) < 1:
+            return False
+
+        copy_of_map = copy.deepcopy(another_map)
+        copy_of_map.substract(self)
+
+        if len(copy_of_map._entries) < 1:
+            return True
+        return False
+
+    def substract(self, another_map: 'IP4Map'):
+        affected_rows = 0
+        for entry in another_map._entries:
+            affected_rows += self.substract_single_entry(entry)
+        return affected_rows
+
+    def substract_single_entry(self, sub_entry: []) -> int:
+        affected_rows = 0
+        updated_entries = []
+
+        for entry in self._entries:
+            if sub_entry[end] < entry[start] or sub_entry[start] > entry[end]:
+                # no overlap at all, entry is left untouched
+                updated_entries.append(entry)
+                continue
+
+            affected_rows += 1
+            if sub_entry[start] <= entry[start]:
+                if sub_entry[end] >= entry[end]:
+                    # complete overlap, remove entry
+                    continue
+                else:
+                    entry[start] = sub_entry[end] + 1
+                    updated_entries.append(entry)
+            else:
+                updated_entries.append([entry[start], sub_entry[start] - 1])
+                if sub_entry[end] < entry[end]:
+                    updated_entries.append([sub_entry[end] + 1, entry[end]])
+
+        self._entries = updated_entries
+
+        return affected_rows
+
+    def subtract_from_text(self, entry: str, ignore_ipv6=False):
+
+        new_entry = self.ip_entry_from_text(entry, ignore_ipv6=ignore_ipv6)
+
+        if new_entry is None:
+            return 0
+
+        return self.substract_single_entry(new_entry)
+
+    def sort_and_recalculate(self):
+        new_entries = []
+
+        self._entries.sort(key=sort_first)
+
+        cursor = None  # current entry being processed
+        for entry in self._entries:
+            if cursor is None:  # usually the first entry
+                cursor = entry
+                continue
+
+            # if current entry has no overlap with cursor entry then cursor entry is added to result array and cursor
+            # is set to current entry and loop starts again
+            if entry[start] > cursor[end]:
+                new_entries.append(cursor)
+                cursor = entry
+                continue
+
+            # if current entry's end is greater than cursor entry's end then cursor entry's end is set to current
+            # entry's end and loop starts again
+            if entry[end] > cursor[end]:
+                cursor[end] = entry[end]
+                continue
+
+            # if current entry's end is less or equal to cursor entry's end then there is nothing to do and loop
+            # starts again
+            if entry[end] <= cursor[end]:
+                continue
+
+            raise PyloEx("Error while sorting IP4Map, unexpected value found: entry({}-{}) cursor({}-{})".format(
+                ipaddress.IPv4Address(entry[start]),
+                ipaddress.IPv4Address(entry[end]),
+                ipaddress.IPv4Address(cursor[start]),
+                ipaddress.IPv4Address(cursor[end])
+            ))
+
+        # in case there is still a cursor entry left, add it to result array
+        if cursor is not None:
+            new_entries.append(cursor)
+
+        self._entries = new_entries
+
+    def to_string_list(self, separator=','):
+        ranges = []
+
+        for entry in self._entries:
+            ranges.append('{}-{}'.format(ipaddress.IPv4Address(entry[start]), ipaddress.IPv4Address(entry[end])))
+
+        return string_list_to_text(ranges, separator=separator)
+
+    def to_list_of_string(self):
+        ranges = []
+
+        for entry in self._entries:
+            if entry[start] == entry[end]:
+                ranges.append('{}'.format(ipaddress.IPv4Address(entry[start])))
+            else:
+                ranges.append('{}-{}'.format(ipaddress.IPv4Address(entry[start]), ipaddress.IPv4Address(entry[end])))
+
+        return ranges
+
+    def to_list_of_cidr_string(self, skip_netmask_for_32=False):
+
+        result = []
+
+        for entry in self._entries:
+
+            net_start = entry[start]
+            net_end = entry[end]
+
+            previous_loop_end = net_start
+
+            while net_start <= net_end:
+
+                if net_start == net_end:
+                    if skip_netmask_for_32:
+                        result.append('{}'.format(ipaddress.IPv4Address(net_start)))
+                    else:
+                        result.append('{}'.format(ipaddress.IPv4Address(net_start), 32))
+                    break
+
+                for netmask in range(1, 32, 1):
+                    new_end = net_start | masks[netmask]
+                    #print("{}/{}/{}/{}".format(ipaddress.IPv4Address(net_start), ipaddress.IPv4Address(net_end), ipaddress.IPv4Address(new_end), 32 - netmask))
+
+                    if new_end > net_end:
+                        result.append('{}/{}'.format(ipaddress.IPv4Address(net_start), 33 - netmask))
+                        net_start = previous_loop_end + 1
+                        previous_loop_end = net_start
+                        #print("breaking loop with {}/{}".format(ipaddress.IPv4Address(net_start), ipaddress.IPv4Address(previous_loop_end)))
+                        break
+
+                    if new_end == net_end:
+                        if skip_netmask_for_32 and netmask == 0:
+                            result.append('{}'.format(ipaddress.IPv4Address(net_start)))
+                        else:
+                            result.append('{}/{}'.format(ipaddress.IPv4Address(net_start), 32 - netmask))
+                        net_start = net_end+1
+                        break
+                    else:
+                        previous_loop_end = new_end
+
+        return result
+
+    def count_ips(self) -> int:
+        count = 0
+        for entry in self._entries:
+            count += entry[1] - entry[0] + 1
+
+        return count
+
+    def count_entries(self) -> int:
+        return len(self._entries)
+
+    def print_to_std(self, header=None, padding='', list_marker=' - '):
+        if header is not None:
+            print('{}{}({} entries)'.format(
+                padding,
+                header,
+                len(self._entries)))
+
+        for entry in self._entries:
+            if entry[0] == entry[1]:
+                print('{}{}{}'.format(padding, list_marker, ipaddress.IPv4Address(entry[0])))
+            else:
+                print('{}{}{}-{}'.format(padding, list_marker, ipaddress.IPv4Address(entry[0]), ipaddress.IPv4Address(entry[1])))
+
+
+# test = IP4Map()
+# test.add_from_text('10.0.0.0/16')
+# test.add_from_text('10.0.0.0-10.2.50.50')
+# test.add_from_text('192.168.1.2')
+# test.add_from_text('1.0.0.0/8')
+# test.add_from_text('192.168.1.0-192.168.2.0')
+# test.subtract_from_text('192.168.0.0-192.168.1.255')
+#
+# test.add_from_text('200.0.0.0-200.1.255.255')
+# test.subtract_from_text('199.255.255.255-200.1.0.0')  # should produce 200.1.0.1-200.1.255.255
+#
+# test.add_from_text('200.10.0.0-200.11.255.255')
+# test.subtract_from_text('200.10.10.10-200.11.0.0')  # should produce 200.10.0.0-200.10.10.9 and 200.11.0.1-200.11.255.255
+#
+# test.add_from_text('200.20.0.0-200.21.255.255')
+# test.subtract_from_text('200.20.10.10-200.22.0.0')  # should produce 200.20.0.0-200.20.10.9
+#
+# test.print_to_std(header="Show IP4Map test:", padding='')

illumio_pylo/Label.py

@@ -0,0 +1,25 @@
+from .API.JsonPayloadTypes import LabelHrefRef
+from .ReferenceTracker import ReferenceTracker
+from .LabelCommon import LabelCommon
+from .LabelStore import LabelStore
+
+
+class Label(ReferenceTracker, LabelCommon):
+    def __init__(self, name, href, label_type: str, owner: 'LabelStore'):
+        ReferenceTracker.__init__(self)
+        LabelCommon.__init__(self, name, href, label_type, owner)
+
+    def is_group(self) -> bool:
+        return False
+
+    def is_label(self) -> bool:
+        return True
+
+    def reference_obj(self):
+        return {"href": self.href,
+                "value": self.name,
+                "key": self.type}
+
+    def get_api_reference_json(self) -> LabelHrefRef:
+        return {'label': {'href': self.href}}
+

illumio_pylo/LabelCommon.py

@@ -0,0 +1,48 @@
+from typing import Union
+from .Exception import PyloEx
+from .LabelStore import label_type_role, label_type_env, label_type_loc, label_type_app, LabelStore
+
+
+class LabelCommon:
+
+    def __init__(self, name: str, href: str, label_type: str, owner: LabelStore):
+        self.owner: LabelStore = owner
+        self.name: str = name
+        self.href: str = href
+        self.type = label_type
+
+    def is_label(self) -> bool:
+        raise PyloEx("not implemented")
+
+    def is_group(self) -> bool:
+        raise PyloEx("not implemented")
+
+    def type_to_short_string(self) -> str:
+        return self.type
+
+    def type_is_location(self) -> bool:
+        return self.type == 'loc'
+
+    def type_is_environment(self) -> bool:
+        return self.type == 'env'
+
+    def type_is_application(self) -> bool:
+        return self.type == 'app'
+
+    def type_is_role(self) -> bool:
+        return self.type == 'role'
+
+    def type_string(self) -> str:
+        return self.type
+
+    def api_set_name(self, new_name: str):
+        find_collision = self.owner.find_label_by_name_and_type(new_name, self.type)
+        if find_collision is not self:
+            raise PyloEx("A Label/LabelGroup with name '{}' already exists".format(new_name))
+
+        if self.is_group():
+            self.owner.owner.connector.objects_labelgroup_update(self.href, data={'name': new_name})
+        else:
+            self.owner.owner.connector.objects_label_update(self.href, data={'value': new_name})
+
+        self.name = new_name

illumio_pylo/LabelGroup.py

@@ -0,0 +1,68 @@
+from typing import Dict, Union
+import illumio_pylo as pylo
+from typing import *
+
+from illumio_pylo import Label
+from .API.JsonPayloadTypes import LabelGroupObjectJsonStructure
+
+
+class LabelGroup(pylo.ReferenceTracker, pylo.LabelCommon):
+
+    def __init__(self, name: str, href: str, label_type: str, owner):
+        pylo.ReferenceTracker.__init__(self)
+        pylo.LabelCommon.__init__(self, name, href, label_type, owner)
+        self._members_by_href: Dict[str, Union['pylo.Label', 'pylo.LabelGroup']] = {}
+        self.raw_json: Optional[LabelGroupObjectJsonStructure] = None
+
+    def load_from_json(self):
+        # print(self.raw_json)
+        if 'labels' in self.raw_json:
+            for href_record in self.raw_json['labels']:
+                if 'href' in href_record:
+                    find_label = self.owner.find_by_href(href_record['href'])
+                    if find_label is None:
+                        raise pylo.PyloEx(f"LabelGroup named '{self.name}' has member with href '{href_record['href']}' not found")
+                    find_label.add_reference(self)
+                    self._members_by_href[find_label.href] = find_label
+                else:
+                    raise pylo.PyloEx('LabelGroup member has no HREF')
+
+    def expand_nested_to_dict_by_href(self) -> Dict[str, 'pylo.Label']:
+        results = {}
+        for label in self._members_by_href.values():
+            if isinstance(label, pylo.Label):
+                results[label.href] = label
+            elif isinstance(label, pylo.LabelGroup):
+                for nested_label in label.expand_nested_to_dict_by_href().values():
+                    results[nested_label.href] = nested_label
+            else:
+                raise pylo.PyloEx("Unsupported object type {}".format(type(label)))
+        return results
+
+    def expand_nested_to_array(self) -> List['pylo.Label']:
+        return list(self.expand_nested_to_dict_by_href().values())
+
+    def get_api_reference_json(self) -> Dict:
+        return {'label_group': {'href': self.href}}
+
+    def get_members(self) -> Dict[str, 'pylo.Label']:
+        data = {}
+        for label in self._members_by_href.values():
+            data[label.href] = label
+        return data
+
+    def get_members_count(self) -> int:
+        return len(self._members_by_href)
+
+    def has_member_with_href(self, href: str) -> bool:
+        return href in self._members_by_href
+
+    def has_member_object(self, label: 'pylo.Label') -> bool:
+        return label.href in self._members_by_href
+
+    def is_group(self) -> bool:
+        return True
+
+    def is_label(self) -> bool:
+        return False
+