Skip to content

Commit

Permalink
Merge pull request #684 from vmware/ids-fix
Browse files Browse the repository at this point in the history 
Use schema Set for attributes in ids profiles
  • Loading branch information
@annakhm
annakhm authored Nov 3, 2021
2 parents 97a0715 + 8361efe commit af8eaaa
Show file tree
Hide file tree
Showing 2 changed files with 21 additions and 21 deletions.
20 changes: 10 additions & 10 deletions nsxt/resource_nsxt_policy_intrusion_service_profile.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -62,7 +62,7 @@ func resourceNsxtPolicyIntrusionServiceProfile() *schema.Resource {
MaxItems: 1,
},
"overridden_signature": {
Type: schema.TypeList,
Type: schema.TypeSet,
Description: "Signatures that has been overridden for this Profile",
Optional: true,
Elem: getIdsProfileSignatureSchema(),
Expand All @@ -84,23 +84,23 @@ func getIdsProfileCriteriaSchema() *schema.Resource {
return &schema.Resource{
Schema: map[string]*schema.Schema{
"attack_types": {
Type: schema.TypeList,
Type: schema.TypeSet,
Description: "List of attack type criteria",
Optional: true,
Elem: &schema.Schema{
Type: schema.TypeString,
},
},
"attack_targets": {
Type: schema.TypeList,
Type: schema.TypeSet,
Description: "List of attack target criteria",
Optional: true,
Elem: &schema.Schema{
Type: schema.TypeString,
},
},
"cvss": {
Type: schema.TypeList,
Type: schema.TypeSet,
Description: "Common Vulnerability Scoring System Ranges",
Optional: true,
Elem: &schema.Schema{
Expand All @@ -109,7 +109,7 @@ func getIdsProfileCriteriaSchema() *schema.Resource {
},
},
"products_affected": {
Type: schema.TypeList,
Type: schema.TypeSet,
Description: "List of products affected",
Optional: true,
Elem: &schema.Schema{
Expand Down Expand Up @@ -186,10 +186,10 @@ func getIdsProfileCriteriaFromSchema(d *schema.ResourceData) ([]*data.StructValu
}

data := criteria[0].(map[string]interface{})
attackTypes := interfaceListToStringList(data["attack_types"].([]interface{}))
attackTargets := interfaceListToStringList(data["attack_targets"].([]interface{}))
cvss := interfaceListToStringList(data["cvss"].([]interface{}))
productsAffected := interfaceListToStringList(data["products_affected"].([]interface{}))
attackTypes := interfaceListToStringList(data["attack_types"].(*schema.Set).List())
attackTargets := interfaceListToStringList(data["attack_targets"].(*schema.Set).List())
cvss := interfaceListToStringList(data["cvss"].(*schema.Set).List())
productsAffected := interfaceListToStringList(data["products_affected"].(*schema.Set).List())

if len(attackTypes) > 0 {
item, err := buildIdsProfileCriteriaFilter(model.IdsProfileFilterCriteria_FILTER_NAME_ATTACK_TYPE, attackTypes)
Expand Down Expand Up @@ -291,7 +291,7 @@ func setIdsProfileCriteriaInSchema(criteriaList []*data.StructValue, d *schema.R
func getIdsProfileSignaturesFromSchema(d *schema.ResourceData) []model.IdsProfileLocalSignature {
var result []model.IdsProfileLocalSignature

signatures := d.Get("overridden_signature").([]interface{})
signatures := d.Get("overridden_signature").(*schema.Set).List()
if len(signatures) == 0 {
return result
}
Expand Down
22 changes: 11 additions & 11 deletions nsxt/resource_nsxt_policy_intrusion_service_profile_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,8 +31,8 @@ func TestAccResourceNsxtPolicyIntrusionServiceProfile_basic(t *testing.T) {
resource.TestCheckResourceAttr(testResourceName, "description", "Acceptance Test"),
resource.TestCheckResourceAttr(testResourceName, "severities.#", "2"),
resource.TestCheckResourceAttr(testResourceName, "criteria.#", "1"),
resource.TestCheckResourceAttr(testResourceName, "criteria.0.attack_types.#", "2"),
resource.TestCheckResourceAttr(testResourceName, "criteria.0.attack_targets.#", "1"),
resource.TestCheckResourceAttr(testResourceName, "criteria.0.attack_types.#", "3"),
resource.TestCheckResourceAttr(testResourceName, "criteria.0.attack_targets.#", "2"),
resource.TestCheckResourceAttr(testResourceName, "criteria.0.cvss.#", "0"),
resource.TestCheckResourceAttr(testResourceName, "criteria.0.products_affected.#", "0"),
resource.TestCheckResourceAttr(testResourceName, "overridden_signature.#", "1"),
Expand All @@ -50,10 +50,10 @@ func TestAccResourceNsxtPolicyIntrusionServiceProfile_basic(t *testing.T) {
resource.TestCheckResourceAttr(testResourceName, "description", "Acceptance Test"),
resource.TestCheckResourceAttr(testResourceName, "severities.#", "3"),
resource.TestCheckResourceAttr(testResourceName, "criteria.#", "1"),
resource.TestCheckResourceAttr(testResourceName, "criteria.0.attack_types.#", "2"),
resource.TestCheckResourceAttr(testResourceName, "criteria.0.attack_types.#", "3"),
resource.TestCheckResourceAttr(testResourceName, "criteria.0.attack_targets.#", "0"),
resource.TestCheckResourceAttr(testResourceName, "criteria.0.cvss.#", "4"),
resource.TestCheckResourceAttr(testResourceName, "criteria.0.products_affected.#", "1"),
resource.TestCheckResourceAttr(testResourceName, "criteria.0.products_affected.#", "2"),
resource.TestCheckResourceAttr(testResourceName, "overridden_signature.#", "2"),
resource.TestCheckResourceAttr(testResourceName, "tag.#", "1"),
),
Expand Down Expand Up @@ -154,12 +154,12 @@ resource "nsxt_policy_intrusion_service_profile" "test" {
severities = ["HIGH", "CRITICAL"]
criteria {
attack_types = ["trojan-activity", "successful-admin"]
attack_targets = ["SERVER"]
attack_types = ["trojan-activity", "policy-violation", "attempted-admin"]
attack_targets = ["SERVER", "SMTP Server"]
}
overridden_signature {
signature_id = "2026323"
signature_id = "2030240"
action = "REJECT"
enabled = true
}
Expand All @@ -179,19 +179,19 @@ resource "nsxt_policy_intrusion_service_profile" "test" {
severities = ["HIGH", "CRITICAL", "LOW"]
criteria {
attack_types = ["trojan-activity", "successful-admin"]
attack_types = ["trojan-activity", "policy-violation", "attempted-admin"]
cvss = ["NONE", "MEDIUM", "HIGH", "CRITICAL"]
products_affected = ["Linux"]
products_affected = ["Linux", "VMware"]
}
overridden_signature {
signature_id = "2026323"
signature_id = "2030240"
action = "REJECT"
enabled = true
}
overridden_signature {
signature_id = "2026325"
signature_id = "2030241"
action = "REJECT"
enabled = true
}
Expand Down

0 comments on commit af8eaaa

Please sign in to comment.