From 766cefded024d753e31624d5c49afef104c106ba Mon Sep 17 00:00:00 2001
From: RavinderReddyF5 <r.chinthalapalli@f5.com>
Date: Thu, 7 Jul 2022 10:52:10 +0530
Subject: [PATCH] adding vendor changes

---
 awaf.go      | 106 +++++++++++++++++++++++++++++++++++++--------------
 fastbigip.go |  72 ++++++++++++++++++++++++++++++++--
 2 files changed, 147 insertions(+), 31 deletions(-)

diff --git a/awaf.go b/awaf.go
index d2461ee..2d2b2b9 100644
--- a/awaf.go
+++ b/awaf.go
@@ -3,7 +3,6 @@ package bigip
 import (
 	"encoding/json"
 	"fmt"
-	"net/url"
 	"strings"
 	"time"
 )
@@ -14,6 +13,7 @@ const (
 	uriParams       = "parameters"
 	uriWafSign      = "signatures"
 	uriImportpolicy = "import-policy"
+	uriApplypolicy  = "apply-policy"
 	uriExportpolicy = "export-policy"
 	uriExpPb        = "export-suggestions"
 )
@@ -33,7 +33,7 @@ type PbExport struct {
 
 type ExportPayload struct {
 	Filename        string `json:"filename,omitempty"`
-	Format          string `json:"format"`
+	Format          string `json:"format,omitempty"`
 	Inline          bool   `json:"inline,omitempty"`
 	PolicyReference struct {
 		Link string `json:"link"`
@@ -54,16 +54,15 @@ type Signatures struct {
 	Signatures []Signature `json:"items"`
 }
 
-type AutoGenerated struct {
-	Name                string `json:"name"`
-	SignatureID         int    `json:"signatureId"`
-	IsPriorRuleEnforced bool   `json:"isPriorRuleEnforced"`
-	Alarm               bool   `json:"alarm"`
-	ID                  string `json:"id"`
-	Block               bool   `json:"block"`
-	PerformStaging      bool   `json:"performStaging"`
-	Learn               bool   `json:"learn"`
-	Enabled             bool   `json:"enabled"`
+type WafSignature struct {
+	Name                string      `json:"name,omitempty"`
+	SignatureID         interface{} `json:"signatureId,omitempty"`
+	IsPriorRuleEnforced bool        `json:"isPriorRuleEnforced,omitempty"`
+	Alarm               bool        `json:"alarm,omitempty"`
+	Block               bool        `json:"block,omitempty"`
+	PerformStaging      bool        `json:"performStaging"`
+	Learn               bool        `json:"learn,omitempty"`
+	Enabled             bool        `json:"enabled,omitempty"`
 }
 
 type Signature struct {
@@ -124,6 +123,9 @@ type SignatureSet struct {
 	Signatureset SignatureType `json:"signatureSet,omitempty"`
 }
 
+type OpenApiLink struct {
+	Link string `json:"link,omitempty"`
+}
 type MethodOverrides struct {
 	Allowed bool   `json:"allowed"` // as we can supply true and false, omitempty would automatically remove allowed = false which we do not want
 	Method  string `json:"method,omitempty"`
@@ -140,7 +142,7 @@ type WafPolicies struct {
 
 type PolicyStruct struct {
 	Policy        WafPolicy     `json:"policy,omitempty"`
-	Modifications []interface{} `json:"modifications,string,omitempty"`
+	Modifications []interface{} `json:"modifications,omitempty"`
 }
 
 type WafPolicy struct {
@@ -153,7 +155,7 @@ type WafPolicy struct {
 		Name string `json:"name,omitempty"`
 	} `json:"template,omitempty"`
 	HasParent           bool        `json:"hasParent,omitempty"`
-	ApplicationLanguage string      `json,"applicationLanguage,omitempty"`
+	ApplicationLanguage string      `json:"applicationLanguage,omitempty"`
 	EnablePassiveMode   bool        `json:"enablePassiveMode,omitempty"`
 	ProtocolIndependent bool        `json:"protocolIndependent,omitempty"`
 	CaseInsensitive     bool        `json:"caseInsensitive,omitempty"`
@@ -167,11 +169,7 @@ type WafPolicy struct {
 	SignatureSettings struct {
 		SignatureStaging bool `json:"signatureStaging,omitempty"`
 	} `json:"signature-settings,omitempty"`
-	Signatures []struct {
-		SignatureID    int  `json:"signatureId,omitempty"`
-		Enabled        bool `json:"enabled,omitempty"`
-		PerformStaging bool `json:"performStaging,omitempty"`
-	} `json:"signatures,omitempty"`
+	Signatures   []WafSignature `json:"signatures,omitempty"`
 	WhitelistIps []struct {
 		IPAddress     string `json:"ipAddress,omitempty"`
 		IPMask        string `json:"ipMask,omitempty"`
@@ -181,6 +179,7 @@ type WafPolicy struct {
 	DisallowedGeolocations []struct {
 		CountryName string `json:"countryName,omitempty"`
 	} `json:"disallowed-geolocations,omitempty"`
+	OpenAPIFiles   []OpenApiLink  `json:"open-api-files,omitempty"`
 	SignatureSets  []SignatureSet `json:"signature-sets,omitempty"`
 	VirtualServers []interface{}  `json:"virtualServers,omitempty"`
 }
@@ -198,6 +197,15 @@ type ImportStatus struct {
 	} `json:"result,omitempty"`
 }
 
+type ApplyStatus struct {
+	PolicyReference struct {
+		Link     string `json:"link"`
+		FullPath string `json:"fullPath"`
+	} `json:"policyReference"`
+	Status string `json:"status"`
+	ID     string `json:"id"`
+}
+
 type Parameters struct {
 	Parameters []Parameter `json:"items"`
 }
@@ -265,29 +273,30 @@ func (b *BigIP) PostPbExport(payload interface{}) (*PbExport, error) {
 }
 func (b *BigIP) GetWafPbExportResult(id string) (*PbExport, error) {
 	var pbexport PbExport
-	err, _ := b.getForEntity(&pbexport, uriMgmt, uriShared, uriFast, uriFasttask, id)
+	err, _ := b.getForEntity(&pbexport, uriMgmt, uriTm, uriAsm, uriTasks, uriExpPb, id)
 	if err != nil {
 		return nil, err
 	}
 	return &pbexport, nil
 }
 
-func (b *BigIP) GetWafPolicyQuery(wafPolicyName string) (*WafPolicy, error) {
+func (b *BigIP) GetWafPolicyQuery(wafPolicyName string, partition string) (*WafPolicy, error) {
 	var wafPolicies WafPolicies
-	params := url.Values{}
-	params.Add("filter", fmt.Sprintf("fullPath eq '%s'", wafPolicyName))
-	var query = fmt.Sprintf("?$%v", params.Encode())
+	query := fmt.Sprintf("?$filter=contains(name,'%s')+and+contains(partition,'%s')", wafPolicyName, partition)
 	err, _ := b.getForEntity(&wafPolicies, uriMgmt, uriTm, uriAsm, uriWafPol, query)
 	if err != nil {
 		return nil, err
 	}
 	if len(wafPolicies.WafPolicies) == 0 {
-		return nil, fmt.Errorf("[ERROR] WafPolicy: %+v not found", wafPolicyName)
+		return nil, fmt.Errorf("[ERROR] WafPolicy: %s on partition %s not found", wafPolicyName, partition)
 	}
-	// if successful filter query will return a list with a single item
-	wafPolicy := wafPolicies.WafPolicies[0]
 
-	return &wafPolicy, nil
+	for _, policy := range wafPolicies.WafPolicies {
+		if policy.Name == wafPolicyName && policy.Partition == partition {
+			return &policy, nil
+		}
+	}
+	return nil, fmt.Errorf("[ERROR] WafPolicy: %s on partition %s not found", wafPolicyName, partition)
 }
 
 func (b *BigIP) GetWafPolicy(policyID string) (*WafPolicy, error) {
@@ -386,6 +395,25 @@ func (b *BigIP) GetImportStatus(taskId string) error {
 	return nil
 }
 
+func (b *BigIP) GetApplyStatus(taskId string) error {
+	var applyStatus ApplyStatus
+	err, _ := b.getForEntity(&applyStatus, uriMgmt, uriTm, uriAsm, uriTasks, uriApplypolicy, taskId)
+	if err != nil {
+		return err
+	}
+	if applyStatus.Status == "COMPLETED" {
+		return nil
+	}
+	if applyStatus.Status == "FAILURE" {
+		return fmt.Errorf("[ERROR] WafPolicy Apply failed with :%+v", applyStatus)
+	}
+	if applyStatus.Status == "STARTED" {
+		time.Sleep(5 * time.Second)
+		return b.GetApplyStatus(taskId)
+	}
+	return nil
+}
+
 // DeleteWafPolicy removes waf Policy
 func (b *BigIP) DeleteWafPolicy(policyId string) error {
 	return b.delete(uriMgmt, uriTm, uriAsm, uriWafPol, policyId)
@@ -419,3 +447,25 @@ func (b *BigIP) ImportAwafJson(awafPolicyName, awafJsonContent string) (string,
 	}
 	return taskStatus.ID, nil
 }
+
+// ApplyAwafJson apply Awaf Json policy
+func (b *BigIP) ApplyAwafJson(awafPolicyName string) (string, error) {
+	policyPath := struct {
+		FullPath string `json:"fullPath,omitempty"`
+	}{
+		FullPath: awafPolicyName,
+	}
+	applywaf := ApplywafPolicy{
+		Policy: policyPath,
+	}
+	resp, err := b.postReq(applywaf, uriMgmt, uriTm, uriAsm, uriTasks, uriApplypolicy)
+	if err != nil {
+		return "", err
+	}
+	var taskStatus ApplyStatus
+	err = json.Unmarshal(resp, &taskStatus)
+	if err != nil {
+		return "", err
+	}
+	return taskStatus.ID, nil
+}
diff --git a/fastbigip.go b/fastbigip.go
index d37fe32..0077f06 100644
--- a/fastbigip.go
+++ b/fastbigip.go
@@ -45,6 +45,70 @@ type TmplArrType struct {
 	Hash string `json:"hash,omitempty"`
 }
 
+type FastTCPJson struct {
+	Tenant            string         `json:"tenant_name,omitempty"`
+	Application       string         `json:"app_name,omitempty"`
+	VirtualAddress    string         `json:"virtual_address,omitempty"`
+	VirtualPort       interface{}    `json:"virtual_port,omitempty"`
+	SnatEnable        bool           `json:"enable_snat,omitempty"`
+	SnatAutomap       bool           `json:"snat_automap"`
+	MakeSnatPool      bool           `json:"make_snatpool"`
+	SnatPoolName      string         `json:"snatpool_name,omitempty"`
+	SnatAddresses     []string       `json:"snat_addresses,omitempty"`
+	PoolEnable        bool           `json:"enable_pool"`
+	MakePool          bool           `json:"make_pool"`
+	PoolName          string         `json:"pool_name,omitempty"`
+	PoolMembers       []FastHttpPool `json:"pool_members,omitempty"`
+	LoadBalancingMode string         `json:"load_balancing_mode,omitempty"`
+	SlowRampTime      int            `json:"slow_ramp_time,omitempty"`
+	MonitorEnable     bool           `json:"enable_monitor,omitempty"`
+	MakeMonitor       bool           `json:"make_monitor"`
+	TCPMonitor        string         `json:"monitor_name,omitempty"`
+	MonitorInterval   int            `json:"monitor_interval,omitempty"`
+}
+
+type FastHttpJson struct {
+	Tenant                 string         `json:"tenant_name,omitempty"`
+	Application            string         `json:"app_name,omitempty"`
+	VirtualAddress         string         `json:"virtual_address,omitempty"`
+	VirtualPort            interface{}    `json:"virtual_port,omitempty"`
+	SnatEnable             bool           `json:"enable_snat,omitempty"`
+	SnatAutomap            bool           `json:"snat_automap"`
+	MakeSnatPool           bool           `json:"make_snatpool"`
+	SnatPoolName           string         `json:"snatpool_name,omitempty"`
+	SnatAddresses          []string       `json:"snat_addresses,omitempty"`
+	PoolEnable             bool           `json:"enable_pool"`
+	MakePool               bool           `json:"make_pool"`
+	TlsServerEnable        bool           `json:"enable_tls_server"`
+	TlsClientEnable        bool           `json:"enable_tls_client"`
+	TlsServerProfileCreate bool           `json:"make_tls_server_profile"`
+	TlsServerProfileName   string         `json:"tls_server_profile_name,omitempty"`
+	TlsCertName            string         `json:"tls_cert_name,omitempty"`
+	TlsKeyName             string         `json:"tls_key_name,omitempty"`
+	PoolName               string         `json:"pool_name,omitempty"`
+	PoolMembers            []FastHttpPool `json:"pool_members,omitempty"`
+	LoadBalancingMode      string         `json:"load_balancing_mode,omitempty"`
+	SlowRampTime           int            `json:"slow_ramp_time,omitempty"`
+	MonitorEnable          bool           `json:"enable_monitor,omitempty"`
+	MakeMonitor            bool           `json:"make_monitor"`
+	HTTPMonitor            string         `json:"monitor_name_http,omitempty"`
+	HTTPSMonitor           string         `json:"monitor_name,omitempty"`
+	MonitorAuth            bool           `json:"monitor_credentials"`
+	MonitorUsername        string         `json:"monitor_username,omitempty"`
+	MonitorPassword        string         `json:"monitor_passphrase,omitempty"`
+	MonitorInterval        int            `json:"monitor_interval,omitempty"`
+	MonitorSendString      string         `json:"monitor_send_string,omitempty"`
+	MonitorResponse        string         `json:"monitor_expected_response,omitempty"`
+}
+
+type FastHttpPool struct {
+	ServerAddresses []string `json:"serverAddresses,omitempty"`
+	ServicePort     int      `json:"servicePort,omitempty"`
+	ConnectionLimit int      `json:"connectionLimit,omitempty"`
+	PriorityGroup   int      `json:"priorityGroup,omitempty"`
+	ShareNodes      bool     `json:"shareNodes,omitempty"`
+}
+
 // UploadFastTemplate copies a template set from local disk to BIGIP
 func (b *BigIP) UploadFastTemplate(tmplpath *os.File, tmplname string) error {
 	_, err := b.UploadFastTemp(tmplpath, tmplname)
@@ -127,6 +191,7 @@ func (b *BigIP) PostFastAppBigip(body, fastTemplate, userAgent string) (tenant,
 		Name:       fastTemplate,
 		Parameters: jsonRef,
 	}
+	log.Printf("[DEBUG]payload = %+v", payload)
 	resp, err := b.postReq(payload, uriMgmt, uriShared, uriFast, uriFastApp, userAgent)
 	if err != nil {
 		return "", "", err
@@ -152,7 +217,7 @@ func (b *BigIP) PostFastAppBigip(body, fastTemplate, userAgent string) (tenant,
 			break // break here
 		}
 		if respCode >= 400 {
-			return "", "", fmt.Errorf("FAST Application creation failed")
+			return "", "", fmt.Errorf("FAST Application creation failed with :%+v", fastTask.Message)
 		}
 		time.Sleep(3 * time.Second)
 	}
@@ -173,7 +238,7 @@ func (b *BigIP) ModifyFastAppBigip(body, fastTenant, fastApp string) error {
 	}
 	respRef := make(map[string]interface{})
 	json.Unmarshal(resp, &respRef)
-	respID := respRef["message"].(map[string]interface{})["message"].([]interface{})[0].(map[string]interface{})["id"].(string)
+	respID := respRef["message"].([]interface{})[0].(map[string]interface{})["id"].(string)
 	taskStatus, err := b.getFastTaskStatus(respID)
 	if err != nil {
 		return err
@@ -191,7 +256,8 @@ func (b *BigIP) ModifyFastAppBigip(body, fastTenant, fastApp string) error {
 			break // break here
 		}
 		if respCode >= 400 {
-			return fmt.Errorf("FAST Application update failed")
+			return fmt.Errorf("FAST Application update failed with :%+v", fastTask.Message)
+			//return fmt.Errorf("FAST Application update failed")
 		}
 		time.Sleep(3 * time.Second)
 	}