Fixes PaloAltoNetworks/pango#1 - Finishes adding device group support…

… for panorama; adds support for "shared" policies

fw.go

@@ -30,7 +30,7 @@ type Firewall struct {
     // Namespaces
     Network *netw.Netw
     Device *dev.Dev
-    Policies *poli.Poli
+    Policies *poli.FwPoli
     Objects *objs.FwObjs
     Licensing *licen.Licen
     UserId *userid.UserId
@@ -117,7 +117,7 @@ func (c *Firewall) initNamespaces() {
     c.Device = &dev.Dev{}
     c.Device.Initialize(c)
 
-    c.Policies = &poli.Poli{}
+    c.Policies = &poli.FwPoli{}
     c.Policies.Initialize(c)
 
     c.Objects = &objs.FwObjs{}

objs/addr/fw.go

@@ -142,7 +142,6 @@ func (c *FwAddr) xpath(vsys string, vals []string) []string {
         vsys = "vsys1"
     }
 
-    // Shared xpath.
     if vsys == "shared" {
         return []string {
             "config",
@@ -152,7 +151,6 @@ func (c *FwAddr) xpath(vsys string, vals []string) []string {
         }
     }
 
-    // Vsys xpath.
     return []string {
         "config",
         "devices",

objs/addr/pano.go

@@ -142,7 +142,6 @@ func (c *PanoAddr) xpath(dg string, vals []string) []string {
         dg = "shared"
     }
 
-    // Shared xpath.
     if dg == "shared" {
         return []string {
             "config",
@@ -152,7 +151,6 @@ func (c *PanoAddr) xpath(dg string, vals []string) []string {
         }
     }
 
-    // Vsys xpath.
     return []string {
         "config",
         "devices",

pano.go

@@ -7,6 +7,7 @@ import (
 
     // Various namespace imports.
     "github.com/PaloAltoNetworks/pango/objs"
+    "github.com/PaloAltoNetworks/pango/poli"
     "github.com/PaloAltoNetworks/pango/pnrm"
     "github.com/PaloAltoNetworks/pango/licen"
     "github.com/PaloAltoNetworks/pango/userid"
@@ -28,6 +29,7 @@ type Panorama struct {
     UserId *userid.UserId
     Panorama *pnrm.Pnrm
     Objects *objs.PanoObjs
+    Policies *poli.PanoPoli
 }
 
 // Initialize does some initial setup of the Panorama connection, retrieves
@@ -118,6 +120,9 @@ func (c *Panorama) initNamespaces() {
 
     c.Objects = &objs.PanoObjs{}
     c.Objects.Initialize(c)
+
+    c.Policies = &poli.PanoPoli{}
+    c.Policies.Initialize(c)
 }
 
 /** Internal structs / functions **/

poli/doc.go

@@ -0,0 +1,2 @@
+// Package poli is the client.Policies namespace.
+package poli

poli/poli.go → poli/fw.go

@@ -1,4 +1,3 @@
-// Package poli is the client.Policies namespace.
 package poli
 
 import (
@@ -10,16 +9,16 @@ import (
 
 
 // Poli is the client.Policies namespace.
-type Poli struct {
-    Security *security.Security
-    Nat *nat.Nat
+type FwPoli struct {
+    Security *security.FwSecurity
+    Nat *nat.FwNat
 }
 
 // Initialize is invoked on client.Initialize().
-func (c *Poli) Initialize(i util.XapiClient) {
-    c.Security = &security.Security{}
+func (c *FwPoli) Initialize(i util.XapiClient) {
+    c.Security = &security.FwSecurity{}
     c.Security.Initialize(i)
 
-    c.Nat = &nat.Nat{}
+    c.Nat = &nat.FwNat{}
     c.Nat.Initialize(i)
 }

poli/poli_test.go → poli/fw_test.go

@@ -7,9 +7,9 @@ import (
 )
 
 
-func TestInitialize(t *testing.T) {
+func TestFwInitialize(t *testing.T) {
     mc := &testdata.MockClient{}
-    p := &Poli{}
+    p := &FwPoli{}
     p.Initialize(mc)
 
     if p.Nat == nil || p.Security == nil {

poli/nat/doc.go

@@ -0,0 +1,6 @@
+/*
+Package nat is the client.Policies.Nat namespace.
+
+Normalized object:  Entry
+*/
+package nat

poli/nat/nat.go → poli/nat/entry.go

@@ -1,10 +1,6 @@
-// Package nat is the client.Policies.Nat namespace.
-//
-// Normalized object:  Entry
 package nat
 
 import (
-    "fmt"
     "encoding/xml"
 
     "github.com/PaloAltoNetworks/pango/util"
@@ -171,157 +167,7 @@ func (o *Entry) Copy(s Entry) {
     o.Tags = s.Tags
 }
 
-// Nat is the client.Policies.Nat namespace.
-type Nat struct {
-    con util.XapiClient
-}
-
-// Initialize is invoed by client.Initialize().
-func (c *Nat) Initialize(con util.XapiClient) {
-    c.con = con
-}
-
-// GetList performs GET to retrieve a list of NAT policies.
-func (c *Nat) GetList(vsys, base string) ([]string, error) {
-    c.con.LogQuery("(get) list of NAT policies")
-    path := c.xpath(vsys, base, nil)
-    return c.con.EntryListUsing(c.con.Get, path[:len(path) - 1])
-}
-
-// ShowList performs SHOW to retrieve a list of NAT policies.
-func (c *Nat) ShowList(vsys, base string) ([]string, error) {
-    c.con.LogQuery("(show) list of NAT policies")
-    path := c.xpath(vsys, base, nil)
-    return c.con.EntryListUsing(c.con.Show, path[:len(path) - 1])
-}
-
-// Get performs GET to retrieve information for the given NAT policy.
-func (c *Nat) Get(vsys, base, name string) (Entry, error) {
-    c.con.LogQuery("(get) NAT policy %q", name)
-    return c.details(c.con.Get, vsys, base, name)
-}
-
-// Get performs SHOW to retrieve information for the given NAT policy.
-func (c *Nat) Show(vsys, base, name string) (Entry, error) {
-    c.con.LogQuery("(show) NAT policy %q", name)
-    return c.details(c.con.Show, vsys, base, name)
-}
-
-// Set performs SET to create / update one or more NAT policies.
-func (c *Nat) Set(vsys, base string, e ...Entry) error {
-    var err error
-
-    if len(e) == 0 {
-        return nil
-    }
-
-    _, fn := c.versioning()
-    names := make([]string, len(e))
-
-    // Build up the struct with the given configs.
-    d := util.BulkElement{XMLName: xml.Name{Local: "rules"}}
-    for i := range e {
-        d.Data = append(d.Data, fn(e[i]))
-        names[i] = e[i].Name
-    }
-    c.con.LogAction("(set) NAT policies: %v", names)
-
-    // Set xpath.
-    path := c.xpath(vsys, base, names)
-    if len(e) == 1 {
-        path = path[:len(path) - 1]
-    } else {
-        path = path[:len(path) - 2]
-    }
-
-    // Create the NAT policies.
-    _, err = c.con.Set(path, d.Config(), nil, nil)
-    return err
-}
-
-// Edit performs EDIT to create / update a NAT policy.
-func (c *Nat) Edit(vsys, base string, e Entry) error {
-    var err error
-
-    _, fn := c.versioning()
-
-    c.con.LogAction("(edit) NAT policy %q", e.Name)
-
-    // Set xpath.
-    path := c.xpath(vsys, base, []string{e.Name})
-
-    // Edit the NAT policy.
-    _, err = c.con.Edit(path, fn(e), nil, nil)
-    return err
-}
-
-// Delete removes the given NAT policies.
-//
-// NAT policies can be either a string or an Entry object.
-func (c *Nat) Delete(vsys, base string, e ...interface{}) error {
-    var err error
-
-    if len(e) == 0 {
-        return nil
-    }
-
-    names := make([]string, len(e))
-    for i := range e {
-        switch v := e[i].(type) {
-        case string:
-            names[i] = v
-        case Entry:
-            names[i] = v.Name
-        default:
-            return fmt.Errorf("Unsupported type to delete: %s", v)
-        }
-    }
-    c.con.LogAction("(delete) NAT policies: %v", names)
-
-    path := c.xpath(vsys, base, names)
-    _, err = c.con.Delete(path, nil, nil)
-    return err
-}
-
-/** Internal functions for the Zone struct **/
-
-func (c *Nat) versioning() (normalizer, func(Entry) (interface{})) {
-    return &container_v1{}, specify_v1
-}
-
-func (c *Nat) details(fn util.Retriever, vsys, base, name string) (Entry, error) {
-    path := c.xpath(vsys, base, []string{name})
-    obj, _ := c.versioning()
-    if _, err := fn(path, nil, obj); err != nil {
-        return Entry{}, err
-    }
-    ans := obj.Normalize()
-
-    return ans, nil
-}
-
-func (c *Nat) xpath(vsys, base string, vals []string) []string {
-    if vsys == "" {
-        vsys = "vsys1"
-    }
-    if base == "" {
-        base = util.Rulebase
-    }
-
-    return []string{
-        "config",
-        "devices",
-        util.AsEntryXpath([]string{"localhost.localdomain"}),
-        "vsys",
-        util.AsEntryXpath([]string{vsys}),
-        base,
-        "nat",
-        "rules",
-        util.AsEntryXpath(vals),
-    }
-}
-
-/** Structs / functions for this namespace. **/
+/** Structs / functions for normalization. **/
 
 type normalizer interface {
     Normalize() Entry