feat: Add client.Network.GlobalProtectIpsecCryptoProfile namespace

netw/profile/gp/const.go

@@ -0,0 +1,17 @@
+package gp
+
+// Valid values for Entry.Encryption.
+const (
+	EncryptionAes128Cbc = "aes-128-cbc"
+	EncryptionAes128Gcm = "aes-128-gcm"
+	EncryptionAes256Gcm = "aes-256-gcm"
+)
+
+const (
+	AuthenticationSha1 = "sha1"
+)
+
+const (
+	singular = "globalprotect ipsec crypto profile"
+	plural   = "globalprotect ipsec crypto profiles"
+)

netw/profile/gp/doc.go

@@ -0,0 +1,4 @@
+// Package gp is the client.Network.GlobalProtectIpsecCryptoProfile namespace.
+//
+// Normalized object:  Entry
+package gp

netw/profile/gp/entry.go

@@ -0,0 +1,84 @@
+package gp
+
+import (
+	"encoding/xml"
+
+	"github.com/PaloAltoNetworks/pango/util"
+	"github.com/PaloAltoNetworks/pango/version"
+)
+
+// Entry is a normalized, version independent representation of a GlobalProtect
+// IPSec crypto profile.
+type Entry struct {
+	Name            string
+	Encryptions     []string
+	Authentications []string
+}
+
+// Copy copies the information from source Entry `s` to this object.  As the
+// Name field relates to the XPATH of this object, this field is not copied.
+func (o *Entry) Copy(s Entry) {
+	o.Encryptions = util.CopyStringSlice(s.Encryptions)
+	o.Authentications = util.CopyStringSlice(s.Authentications)
+}
+
+/** Structs / functions for this namespace. **/
+
+func (o Entry) Specify(v version.Number) (string, interface{}) {
+	_, fn := versioning(v)
+	return o.Name, fn(o)
+}
+
+type normalizer interface {
+	Normalize() []Entry
+	Names() []string
+}
+
+type container_v1 struct {
+	Answer []entry_v1 `xml:"entry"`
+}
+
+func (o *container_v1) Normalize() []Entry {
+	ans := make([]Entry, 0, len(o.Answer))
+	for i := range o.Answer {
+		ans = append(ans, o.Answer[i].normalize())
+	}
+
+	return ans
+}
+
+func (o *container_v1) Names() []string {
+	ans := make([]string, 0, len(o.Answer))
+	for i := range o.Answer {
+		ans = append(ans, o.Answer[i].Name)
+	}
+
+	return ans
+}
+
+func (o *entry_v1) normalize() Entry {
+	ans := Entry{
+		Name:            o.Name,
+		Encryptions:     util.MemToStr(o.Encryptions),
+		Authentications: util.MemToStr(o.Authentications),
+	}
+
+	return ans
+}
+
+type entry_v1 struct {
+	XMLName         xml.Name         `xml:"entry"`
+	Name            string           `xml:"name,attr"`
+	Encryptions     *util.MemberType `xml:"encryption"`
+	Authentications *util.MemberType `xml:"authentication"`
+}
+
+func specify_v1(e Entry) interface{} {
+	ans := entry_v1{
+		Name:            e.Name,
+		Encryptions:     util.StrToMem(e.Encryptions),
+		Authentications: util.StrToMem(e.Authentications),
+	}
+
+	return ans
+}

netw/profile/gp/funcs.go

@@ -0,0 +1,88 @@
+package gp
+
+import (
+	"fmt"
+
+	"github.com/PaloAltoNetworks/pango/namespace"
+	"github.com/PaloAltoNetworks/pango/util"
+	"github.com/PaloAltoNetworks/pango/version"
+)
+
+func versioning(v version.Number) (normalizer, func(Entry) interface{}) {
+	return &container_v1{}, specify_v1
+}
+
+func specifier(e ...Entry) []namespace.Specifier {
+	ans := make([]namespace.Specifier, 0, len(e))
+
+	var val namespace.Specifier
+	for _, x := range e {
+		val = x
+		ans = append(ans, val)
+	}
+
+	return ans
+}
+
+func container(v version.Number) normalizer {
+	r, _ := versioning(v)
+	return r
+}
+
+func first(ans normalizer, err error) (Entry, error) {
+	if err != nil {
+		return Entry{}, err
+	}
+
+	return ans.Normalize()[0], nil
+}
+
+func all(ans normalizer, err error) ([]Entry, error) {
+	if err != nil {
+		return nil, err
+	}
+
+	return ans.Normalize(), nil
+}
+
+func toNames(e []interface{}) ([]string, error) {
+	ans := make([]string, len(e))
+	for i := range e {
+		switch v := e[i].(type) {
+		case string:
+			ans[i] = v
+		case Entry:
+			ans[i] = v.Name
+		default:
+			return nil, fmt.Errorf("invalid type: %s", v)
+		}
+	}
+
+	return ans, nil
+}
+
+// FirewallNamespace returns an initialized namespace.
+func FirewallNamespace(client util.XapiClient) *Firewall {
+	return &Firewall{
+		ns: &namespace.Standard{
+			Common: namespace.Common{
+				Singular: singular,
+				Plural:   plural,
+				Client:   client,
+			},
+		},
+	}
+}
+
+// PanoramaNamespace returns an initialized namespace.
+func PanoramaNamespace(client util.XapiClient) *Panorama {
+	return &Panorama{
+		ns: &namespace.Standard{
+			Common: namespace.Common{
+				Singular: singular,
+				Plural:   plural,
+				Client:   client,
+			},
+		},
+	}
+}

netw/profile/gp/fw.go

@@ -0,0 +1,106 @@
+package gp
+
+import (
+	"github.com/PaloAltoNetworks/pango/namespace"
+	"github.com/PaloAltoNetworks/pango/util"
+)
+
+// Firewall is the client.Network.GlobalProtectIpsecCryptoProfile namespace.
+type Firewall struct {
+	ns *namespace.Standard
+}
+
+// GetList performs GET to retrieve a list of all objects.
+func (c *Firewall) GetList() ([]string, error) {
+	ans := c.container()
+	return c.ns.Listing(util.Get, c.pather(), ans)
+}
+
+// ShowList performs SHOW to retrieve a list of all objects.
+func (c *Firewall) ShowList() ([]string, error) {
+	ans := c.container()
+	return c.ns.Listing(util.Show, c.pather(), ans)
+}
+
+// Get performs GET to retrieve information for the given object.
+func (c *Firewall) Get(name string) (Entry, error) {
+	ans := c.container()
+	err := c.ns.Object(util.Get, c.pather(), name, ans)
+	return first(ans, err)
+}
+
+// Show performs SHOW to retrieve information for the given object.
+func (c *Firewall) Show(name string) (Entry, error) {
+	ans := c.container()
+	err := c.ns.Object(util.Show, c.pather(), name, ans)
+	return first(ans, err)
+}
+
+// GetAll performs GET to retrieve all objects configured.
+func (c *Firewall) GetAll() ([]Entry, error) {
+	ans := c.container()
+	err := c.ns.Objects(util.Get, c.pather(), ans)
+	return all(ans, err)
+}
+
+// ShowAll performs SHOW to retrieve information for all objects.
+func (c *Firewall) ShowAll() ([]Entry, error) {
+	ans := c.container()
+	err := c.ns.Objects(util.Show, c.pather(), ans)
+	return all(ans, err)
+}
+
+// Set performs SET to configure the specified objects.
+func (c *Firewall) Set(e ...Entry) error {
+	return c.ns.Set(c.pather(), specifier(e...))
+}
+
+// Edit performs EDIT to configure the specified object.
+func (c *Firewall) Edit(e Entry) error {
+	return c.ns.Edit(c.pather(), e)
+}
+
+// Delete performs DELETE to remove the specified objects.
+//
+// Objects can be either a string or an Entry object.
+func (c *Firewall) Delete(e ...interface{}) error {
+	names, nErr := toNames(e)
+	return c.ns.Delete(c.pather(), names, nErr)
+}
+
+// FromPanosConfig retrieves the object stored in the retrieved config.
+func (c *Firewall) FromPanosConfig(name string) (Entry, error) {
+	ans := c.container()
+	err := c.ns.FromPanosConfig(c.pather(), name, ans)
+	return first(ans, err)
+}
+
+// AllFromPanosConfig retrieves all objects stored in the retrieved config.
+func (c *Firewall) AllFromPanosConfig() ([]Entry, error) {
+	ans := c.container()
+	err := c.ns.AllFromPanosConfig(c.pather(), ans)
+	return all(ans, err)
+}
+
+func (c *Firewall) pather() namespace.Pather {
+	return func(v []string) ([]string, error) {
+		return c.xpath(v)
+	}
+}
+
+func (c *Firewall) xpath(vals []string) ([]string, error) {
+	return []string{
+		"config",
+		"devices",
+		util.AsEntryXpath([]string{"localhost.localdomain"}),
+		"network",
+		"ike",
+		"crypto-profiles",
+		"global-protect-app-crypto-profiles",
+		util.AsEntryXpath(vals),
+	}, nil
+}
+
+func (c *Firewall) container() normalizer {
+	return container(c.ns.Client.Versioning())
+}

netw/profile/gp/fw_test.go

@@ -0,0 +1,33 @@
+package gp
+
+import (
+	"reflect"
+	"testing"
+
+	"github.com/PaloAltoNetworks/pango/testdata"
+)
+
+func TestFwNormalization(t *testing.T) {
+	testCases := getTests()
+
+	mc := &testdata.MockClient{}
+	ns := FirewallNamespace(mc)
+
+	for _, tc := range testCases {
+		t.Run(tc.desc, func(t *testing.T) {
+			mc.AddResp("")
+			err := ns.Set(tc.conf)
+			if err != nil {
+				t.Errorf("Error in set: %s", err)
+			} else {
+				mc.AddResp(mc.Elm)
+				r, err := ns.Get(tc.conf.Name)
+				if err != nil {
+					t.Errorf("Error in get: %s", err)
+				} else if !reflect.DeepEqual(tc.conf, r) {
+					t.Errorf("%#v != %#v", tc.conf, r)
+				}
+			}
+		})
+	}
+}