diff --git a/internal/models/web-api-practice/schema.go b/internal/models/web-api-practice/schema.go index 0cdf1d7..c2ef726 100644 --- a/internal/models/web-api-practice/schema.go +++ b/internal/models/web-api-practice/schema.go @@ -48,16 +48,16 @@ type FileSchema struct { Data string `json:"data"` } -type OASSchema struct { - Data string `json:"data"` - Name string `json:"name"` - Size uint64 `json:"size"` -} - -type SchemaValidationSchema struct { - ID string `json:"id"` - OASSchema OASSchema `json:"OasSchema"` -} +//type OASSchema struct { +// Data string `json:"data"` +// Name string `json:"name"` +// Size uint64 `json:"size"` +//} +// +//type SchemaValidationSchema struct { +// ID string `json:"id"` +// OASSchema OASSchema `json:"OasSchema"` +//} func NewFileSchemaEncode(filename, fileData string) FileSchema { b64Data := base64.StdEncoding.EncodeToString([]byte(fileData)) diff --git a/internal/resources/tests/web-api-asset_test.go b/internal/resources/tests/web-api-asset_test.go index f853d8c..80c111a 100644 --- a/internal/resources/tests/web-api-asset_test.go +++ b/internal/resources/tests/web-api-asset_test.go @@ -369,13 +369,6 @@ resource "inext_web_api_practice" %[4]q { illegal_http_methods = true } } - schema_validation { - oas_schema { - data = "data" - name = "name" - size = 100 - } - } } resource "inext_log_trigger" %[5]q { @@ -510,13 +503,6 @@ resource "inext_web_api_practice" %[4]q { illegal_http_methods = true } } - schema_validation { - oas_schema { - data = "data" - name = "name" - size = 100 - } - } } resource "inext_log_trigger" %[5]q { @@ -711,13 +697,6 @@ resource "inext_web_api_practice" %[4]q { illegal_http_methods = true } } - schema_validation { - oas_schema { - data = "data" - name = "name" - size = 100 - } - } } resource "inext_log_trigger" %[5]q { diff --git a/internal/resources/tests/web-api-practice_test.go b/internal/resources/tests/web-api-practice_test.go index eafc510..633db7a 100644 --- a/internal/resources/tests/web-api-practice_test.go +++ b/internal/resources/tests/web-api-practice_test.go @@ -41,27 +41,27 @@ func TestAccWebAPIPracticeBasic(t *testing.T) { "ips.0.low_confidence": "Detect", "ips.0.performance_impact": "MediumOrLower", "ips.0.%": "7", - //"schema_validation.0.filename": "", + "schema_validation.0.filename": "", //"schema_validation.0.oas_schema.name": "", //"schema_validation.0.oas_schema.size": "", //"schema_validation.0.oas_schema.data": "", //"schema_validation.0.oas_schema.%": "", - "api_attacks.#": "1", - "ips.0.severity_level": "MediumOrAbove", - //"schema_validation.0.data": "", - "practice_type": "WebAPI", - "default": "false", - "ips.0.medium_confidence": "Prevent", - "schema_validation.0.%": "2", - "category": "ThreatPrevention", - "api_attacks.0.%": "3", - "ips.0.high_confidence": "Prevent", - //"api_attacks.0.advanced_setting.0.body_size": "1000000", - //"api_attacks.0.advanced_setting.0.url_size": "32768", - //"api_attacks.0.advanced_setting.0.header_size": "102400", - //"api_attacks.0.advanced_setting.0.%": "6", - //"api_attacks.0.advanced_setting.0.max_object_depth": "40", - //"api_attacks.0.advanced_setting.0.illegal_http_methods": "false", + "api_attacks.#": "1", + "ips.0.severity_level": "MediumOrAbove", + "schema_validation.0.data": "", + "practice_type": "WebAPI", + "default": "false", + "ips.0.medium_confidence": "Prevent", + "schema_validation.0.%": "3", + "category": "ThreatPrevention", + "api_attacks.0.%": "3", + "ips.0.high_confidence": "Prevent", + "api_attacks.0.advanced_setting.0.body_size": "1000000", + "api_attacks.0.advanced_setting.0.url_size": "32768", + "api_attacks.0.advanced_setting.0.header_size": "102400", + "api_attacks.0.advanced_setting.0.%": "6", + "api_attacks.0.advanced_setting.0.max_object_depth": "40", + "api_attacks.0.advanced_setting.0.illegal_http_methods": "false", }), resource.TestCheckResourceAttrSet(resourceName, "id"), resource.TestCheckResourceAttrSet(resourceName, "schema_validation.0.id"), @@ -131,21 +131,21 @@ func TestAccWebAPIPracticeFull(t *testing.T) { Config: webAPIPracticeFullConfig(nameAttribute, schemaValidationFilename, schemaValidationData), Check: resource.ComposeTestCheckFunc( append(acctest.ComposeTestCheckResourceAttrsFromMap(resourceName, map[string]string{ - "name": nameAttribute, - //"schema_validation.0.filename": schemaValidationFilename, - "schema_validation.0.data": schemaValidationData, - "api_attacks.0.minimum_severity": "Critical", - "ips.0.high_confidence": "Detect", - "practice_type": "WebAPI", - //"api_attacks.0.advanced_setting.0.url_size": "1000", - //"api_attacks.0.advanced_setting.0.%": "6", - "ips.0.medium_confidence": "Detect", - "ips.0.performance_impact": "LowOrLower", - //"api_attacks.0.advanced_setting.0.header_size": "1000", - //"api_attacks.0.advanced_setting.0.illegal_http_methods": "true", - //"api_attacks.0.advanced_setting.0.body_size": "1000", - "schema_validation.#": "1", - //"api_attacks.0.advanced_setting.0.max_object_depth": "1000", + "name": nameAttribute, + "schema_validation.0.filename": schemaValidationFilename, + "schema_validation.0.data": schemaValidationData, + "api_attacks.0.minimum_severity": "Critical", + "ips.0.high_confidence": "Detect", + "practice_type": "WebAPI", + "api_attacks.0.advanced_setting.0.url_size": "1000", + "api_attacks.0.advanced_setting.0.%": "6", + "ips.0.medium_confidence": "Detect", + "ips.0.performance_impact": "LowOrLower", + "api_attacks.0.advanced_setting.0.header_size": "1000", + "api_attacks.0.advanced_setting.0.illegal_http_methods": "true", + "api_attacks.0.advanced_setting.0.body_size": "1000", + "schema_validation.#": "1", + "api_attacks.0.advanced_setting.0.max_object_depth": "1000", "default": "false", "api_attacks.0.advanced_setting.#": "1", "category": "ThreatPrevention", @@ -263,10 +263,8 @@ resource "inext_web_api_practice" %[1]q { } } schema_validation { - oas_schema { - name = %[2]q - data = %[3]q - } + filename = %[2]q + data = %[3]q } } `, name, filename, data) @@ -295,10 +293,8 @@ resource "inext_web_api_practice" %[1]q { } } schema_validation { - oas_schema { - name = %[2]q - data = %[3]q - } + filename = %[2]q + data = %[3]q } } `, name, filename, data) @@ -327,10 +323,8 @@ resource "inext_web_api_practice" %[1]q { } } schema_validation { - oas_schema { - name = %[2]q - data = %[3]q - } + filename = %[2]q + data = %[3]q } } `, name, filename, data) diff --git a/internal/resources/web-api-practice.go b/internal/resources/web-api-practice.go index 0abd95c..b994921 100644 --- a/internal/resources/web-api-practice.go +++ b/internal/resources/web-api-practice.go @@ -172,37 +172,37 @@ func ResourceWebAPIPractice() *schema.Resource { Type: schema.TypeString, Computed: true, }, - //"filename": { - // Type: schema.TypeString, - // Required: true, - //}, - //"data": { - // Type: schema.TypeString, - // Sensitive: true, - // Required: true, - //}, - "oas_schema": { - Type: schema.TypeSet, - Computed: true, - Optional: true, - Elem: &schema.Resource{ - Schema: map[string]*schema.Schema{ - "data": { - Type: schema.TypeString, - Sensitive: true, - Required: true, - }, - "name": { - Type: schema.TypeString, - Required: true, - }, - "size": { - Type: schema.TypeInt, - Required: true, - }, - }, - }, + "filename": { + Type: schema.TypeString, + Required: true, }, + "data": { + Type: schema.TypeString, + Sensitive: true, + Required: true, + }, + //"oas_schema": { + // Type: schema.TypeSet, + // Computed: true, + // Optional: true, + // Elem: &schema.Resource{ + // Schema: map[string]*schema.Schema{ + // "data": { + // Type: schema.TypeString, + // Sensitive: true, + // Required: true, + // }, + // "name": { + // Type: schema.TypeString, + // Required: true, + // }, + // "size": { + // Type: schema.TypeInt, + // Required: true, + // }, + // }, + // }, + //}, }, }, }, diff --git a/internal/resources/web-api-practice/create.go b/internal/resources/web-api-practice/create.go index f62992b..8879f43 100644 --- a/internal/resources/web-api-practice/create.go +++ b/internal/resources/web-api-practice/create.go @@ -25,7 +25,7 @@ func CreateWebAPIPracticeInputFromResourceData(d *schema.ResourceData) (models.C res.APIAttacks = apiAttacksSlice[0] } - schemaValidationSlice := utils.Map(utils.MustResourceDataCollectionToSlice[map[string]any](d, "schema_validation"), mapToSchemaValidationInput) + schemaValidationSlice := utils.Map(utils.MustResourceDataCollectionToSlice[any](d, "schema_validation"), createSchemaValidationInput) if len(schemaValidationSlice) > 0 { res.SchemaValidation = schemaValidationSlice[0] } @@ -70,7 +70,6 @@ func NewWebAPIPractice(ctx context.Context, c *api.Client, input models.CreateWe OasSchema { data name - size } } } @@ -90,54 +89,54 @@ func NewWebAPIPractice(ctx context.Context, c *api.Client, input models.CreateWe } func mapToIPSInput(ipsMap map[string]any) models.IPSInput { - var ret models.IPSInput - ret.PerformanceImpact = ipsMap["performance_impact"].(string) - ret.SeverityLevel = ipsMap["severity_level"].(string) - ret.ProtectionsFromYear = "Y" + ipsMap["protections_from_year"].(string) - ret.HighConfidence = ipsMap["high_confidence"].(string) - ret.MediumConfidence = ipsMap["medium_confidence"].(string) - ret.LowConfidence = ipsMap["low_confidence"].(string) - if id, ok := ipsMap["id"]; ok { - ret.ID = id.(string) - } - - return ret - //return models.IPSInput{ - // PerformanceImpact: ipsMap["performance_impact"].(string), - // SeverityLevel: ipsMap["severity_level"].(string), - // ProtectionsFromYear: "Y" + ipsMap["protections_from_year"].(string), - // HighConfidence: ipsMap["high_confidence"].(string), - // MediumConfidence: ipsMap["medium_confidence"].(string), - // LowConfidence: ipsMap["low_confidence"].(string), + //var ret models.IPSInput + //ret.PerformanceImpact = ipsMap["performance_impact"].(string) + //ret.SeverityLevel = ipsMap["severity_level"].(string) + //ret.ProtectionsFromYear = "Y" + ipsMap["protections_from_year"].(string) + //ret.HighConfidence = ipsMap["high_confidence"].(string) + //ret.MediumConfidence = ipsMap["medium_confidence"].(string) + //ret.LowConfidence = ipsMap["low_confidence"].(string) + //if id, ok := ipsMap["id"]; ok { + // ret.ID = id.(string) //} + // + //return ret + return models.IPSInput{ + PerformanceImpact: ipsMap["performance_impact"].(string), + SeverityLevel: ipsMap["severity_level"].(string), + ProtectionsFromYear: "Y" + ipsMap["protections_from_year"].(string), + HighConfidence: ipsMap["high_confidence"].(string), + MediumConfidence: ipsMap["medium_confidence"].(string), + LowConfidence: ipsMap["low_confidence"].(string), + } } func mapToAdvancedSettingInput(advancedSettingMap map[string]any) models.AdvancedSettingInput { - var ret models.AdvancedSettingInput - + //var ret models.AdvancedSettingInput + // illegalHttpMethods := "No" if advancedSettingMap["illegal_http_methods"].(bool) { illegalHttpMethods = "Yes" } - - ret.BodySize = advancedSettingMap["body_size"].(int) - ret.URLSize = advancedSettingMap["url_size"].(int) - ret.HeaderSize = advancedSettingMap["header_size"].(int) - ret.MaxObjectDepth = advancedSettingMap["max_object_depth"].(int) - ret.IllegalHttpMethods = illegalHttpMethods - if id, ok := advancedSettingMap["id"]; ok { - ret.ID = id.(string) - } - - return ret - - //return models.AdvancedSettingInput{ - // BodySize: advancedSettingMap["body_size"].(int), - // URLSize: advancedSettingMap["url_size"].(int), - // HeaderSize: advancedSettingMap["header_size"].(int), - // MaxObjectDepth: advancedSettingMap["max_object_depth"].(int), - // IllegalHttpMethods: illegalHttpMethods, + // + //ret.BodySize = advancedSettingMap["body_size"].(int) + //ret.URLSize = advancedSettingMap["url_size"].(int) + //ret.HeaderSize = advancedSettingMap["header_size"].(int) + //ret.MaxObjectDepth = advancedSettingMap["max_object_depth"].(int) + //ret.IllegalHttpMethods = illegalHttpMethods + //if id, ok := advancedSettingMap["id"]; ok { + // ret.ID = id.(string) //} + // + //return ret + + return models.AdvancedSettingInput{ + BodySize: advancedSettingMap["body_size"].(int), + URLSize: advancedSettingMap["url_size"].(int), + HeaderSize: advancedSettingMap["header_size"].(int), + MaxObjectDepth: advancedSettingMap["max_object_depth"].(int), + IllegalHttpMethods: illegalHttpMethods, + } } func mapToAPIAttacksInput(apiAttacksMap map[string]any) models.APIAttacksInput { @@ -151,27 +150,27 @@ func mapToAPIAttacksInput(apiAttacksMap map[string]any) models.APIAttacksInput { return res } -func mapToSchemaValidationInput(schemaValidationMap map[string]any) models.SchemaValidationInput { - var ret models.SchemaValidationInput +//func mapToSchemaValidationInput(schemaValidationMap map[string]any) models.SchemaValidationInput { +// var ret models.SchemaValidationInput +// +// if id, ok := schemaValidationMap["id"]; ok { +// ret.ID = id.(string) +// } +// +// ret.OASSchema = schemaValidationMap["OasSchema"].(string) +// +// return ret +//} - if id, ok := schemaValidationMap["id"]; ok { - ret.ID = id.(string) +func createSchemaValidationInput(schemaValidtionFromResourceData any) models.SchemaValidationInput { + schemaValidation, err := utils.UnmarshalAs[models.FileSchema](schemaValidtionFromResourceData) + if err != nil { + fmt.Printf("Failed to convert input schema validation to FileSchema struct. Error: %+v", err) + return models.SchemaValidationInput{} } - ret.OASSchema = schemaValidationMap["OasSchema"].(string) - - return ret + schemaValidation = models.NewFileSchemaEncode(schemaValidation.Filename, schemaValidation.Data) + return models.SchemaValidationInput{ + OASSchema: schemaValidation.Data, + } } - -//func createSchemaValidationInput(schemaValidtionFromResourceData any) models.SchemaValidationInput { -// schemaValidation, err := utils.UnmarshalAs[models.FileSchema](schemaValidtionFromResourceData) -// if err != nil { -// fmt.Printf("Failed to convert input schema validation to FileSchema struct. Error: %+v", err) -// return models.SchemaValidationInput{} -// } -// -// schemaValidation = models.NewFileSchemaEncode(schemaValidation.Filename, schemaValidation.Data) -// return models.SchemaValidationInput{ -// OASSchema: schemaValidation.Data, -// } -//} diff --git a/internal/resources/web-api-practice/read.go b/internal/resources/web-api-practice/read.go index 5b76100..430cdd0 100644 --- a/internal/resources/web-api-practice/read.go +++ b/internal/resources/web-api-practice/read.go @@ -77,26 +77,26 @@ func ReadWebAPIPracticeToResourceData(practice models.WebAPIPractice, d *schema. decodedData = string(bDecodedData) } - //schemaValidation := models.FileSchema{ - // ID: practice.SchemaValidation.ID, - // Filename: practice.SchemaValidation.OASSchema.Name, - // Data: decodedData, - //} - - oasSchema := models.OASSchema{ - Data: decodedData, - Name: practice.SchemaValidation.OASSchema.Name, - Size: practice.SchemaValidation.OASSchema.Size, + schemaValidation := models.FileSchema{ + ID: practice.SchemaValidation.ID, + Filename: practice.SchemaValidation.OASSchema.Name, + Data: decodedData, } - schemaValidation := models.SchemaValidationSchema{ - ID: practice.SchemaValidation.ID, - OASSchema: oasSchema, - } + //oasSchema := models.OASSchema{ + // Data: decodedData, + // Name: practice.SchemaValidation.OASSchema.Name, + // Size: practice.SchemaValidation.OASSchema.Size, + //} + // + //schemaValidation := models.SchemaValidationSchema{ + // ID: practice.SchemaValidation.ID, + // OASSchema: oasSchema, + //} schemaValidationMap, err := utils.UnmarshalAs[map[string]any](schemaValidation) if err != nil { - return fmt.Errorf("failed to convert SchemaValidation struct to map. Error: %w", err) + return fmt.Errorf("failed to convert FileSchema struct to map. Error: %w", err) } d.Set("schema_validation", []map[string]any{schemaValidationMap}) @@ -139,7 +139,6 @@ func GetWebAPIPractice(ctx context.Context, c *api.Client, id string) (models.We OasSchema { data name - size } } } diff --git a/internal/resources/web-api-practice/update.go b/internal/resources/web-api-practice/update.go index 36b12ed..bf84b96 100644 --- a/internal/resources/web-api-practice/update.go +++ b/internal/resources/web-api-practice/update.go @@ -77,6 +77,6 @@ func parseSchemaAPIAttacks(schemaAPIAttacks any) []models.UpdateAPIAttacksInput } func parseSchemaValidation(validation any) []models.UpdateSchemaValidationInput { - input := utils.Map(utils.MustSchemaCollectionToSlice[map[string]any](validation), mapToSchemaValidationInput) + input := utils.Map(utils.MustSchemaCollectionToSlice[any](validation), createSchemaValidationInput) return utils.Map(input, utils.MustUnmarshalAs[models.UpdateSchemaValidationInput, models.SchemaValidationInput]) }