opentelekomcloud · otc-zuul · Aug 22, 2023 · Aug 18, 2023 · Aug 21, 2023 · Aug 21, 2023
@@ -0,0 +1,48 @@
+package rules
+
+import (
+	"github.com/opentelekomcloud/gophertelekomcloud"
+	"github.com/opentelekomcloud/gophertelekomcloud/internal/build"
+	"github.com/opentelekomcloud/gophertelekomcloud/internal/extract"
+)
+
+type ChangeStatusOpts struct {
+	// Rule status. The value can be:
+	// 0: The rule is disabled.
+	// 1: The rule is enabled.
+	Status int `json:"status" required:"true"`
+}
+
+// ChangeRuleStatus is used to change the status of a policy rule.
+func ChangeRuleStatus(client *golangsdk.ServiceClient, PolicyId, Ruletype, RuleId string, opts ChangeStatusOpts) (*RuleStatus, error) {
+	b, err := build.RequestBody(opts, "")
+	if err != nil {
+		return nil, err
+	}
+
+	// PUT /v1/{project_id}/waf/policy/{policy_id}/{ruletype}/{rule_id}/status}
+	url := client.ServiceURL("waf", "policy", PolicyId, Ruletype, RuleId, "status")
+	raw, err := client.Put(url, b, nil, &golangsdk.RequestOpts{
+		OkCodes:     []int{200},
+		MoreHeaders: map[string]string{"Content-Type": "application/json;charset=utf8"},
+	})
+	if err != nil {
+		return nil, err
+	}
+
+	var res RuleStatus
+	return &res, extract.Into(raw.Body, &res)
+}
+
+type RuleStatus struct {
+	// Rule ID.
+	Id string `json:"id"`
+	// Policy ID.
+	PolicyId string `json:"policyid"`
+	// Time when the rule was created.
+	CreatedAt int64 `json:"timestamp"`
+	// Rule Description.
+	Description string `json:"description"`
+	// Status. The options are 0 and 1. 0: Disabled. 1: Enabled.
+	Status int `json:"status"`
+}
@@ -0,0 +1,79 @@
+package rules
+
+import (
+	"github.com/opentelekomcloud/gophertelekomcloud"
+	"github.com/opentelekomcloud/gophertelekomcloud/internal/build"
+	"github.com/opentelekomcloud/gophertelekomcloud/internal/extract"
+)
+
+type CreateAntiCrawlerOpts struct {
+	// URL to which the rule applies.
+	Url string `json:"url" required:"true"`
+	// Rule matching logic
+	// 1: Include
+	// 2: Not include
+	// 3: Equal
+	// 4: Not equal
+	// 5: Prefix is
+	// 6: Prefix is not
+	// 7: Suffix is
+	// 8: Suffix is not
+	Logic int `json:"logic" required:"true"`
+	// Rule name.
+	Name string `json:"name" required:"true"`
+	// JavaScript anti-crawler rule type.
+	// anticrawler_specific_url: used to protect a specific path specified by the rule.
+	// anticrawler_except_url: used to protect all paths except the one specified by the rule.
+	Type string `json:"type" required:"true"`
+}
+
+// CreateAntiCrawler will create a JavaScript anti-crawler rule  on the values in CreateOpts.
+func CreateAntiCrawler(client *golangsdk.ServiceClient, policyId string, opts CreateAntiCrawlerOpts) (*AntiCrawlerRule, error) {
+	b, err := build.RequestBody(opts, "")
+	if err != nil {
+		return nil, err
+	}
+
+	// POST /v1/{project_id}/waf/policy/{policy_id}/anticrawler
+	raw, err := client.Post(client.ServiceURL("waf", "policy", policyId, "anticrawler"), b,
+		nil, &golangsdk.RequestOpts{
+			OkCodes:     []int{200},
+			MoreHeaders: map[string]string{"Content-Type": "application/json;charset=utf8"},
+		})
+	if err != nil {
+		return nil, err
+	}
+
+	var res AntiCrawlerRule
+	err = extract.Into(raw.Body, &res)
+	return &res, err
+}
+
+type AntiCrawlerRule struct {
+	// Rule ID.
+	ID string `json:"id"`
+	// Policy ID.
+	PolicyId string `json:"policyid"`
+	// Timestamp the rule is created.
+	CreatedAt int64 `json:"timestamp"`
+	// URL to which the rule applies.
+	Url string `json:"url"`
+	// Rule matching logic
+	// 1: Include
+	// 2: Not include
+	// 3: Equal
+	// 4: Not equal
+	// 5: Prefix is
+	// 6: Prefix is not
+	// 7: Suffix is
+	// 8: Suffix is not
+	Logic int `json:"logic"`
+	// Rule name.
+	Name string `json:"name"`
+	// JavaScript anti-crawler rule type.
+	// anticrawler_specific_url: used to protect a specific path specified by the rule.
+	// anticrawler_except_url: used to protect all paths except the one specified by the rule.
+	Type string `json:"type"`
+	// Rule status. The value can be 0 or 1.
+	Status int `json:"status"`
+}
@@ -0,0 +1,70 @@
+package rules
+
+import (
+	"github.com/opentelekomcloud/gophertelekomcloud"
+	"github.com/opentelekomcloud/gophertelekomcloud/internal/build"
+	"github.com/opentelekomcloud/gophertelekomcloud/internal/extract"
+)
+
+type CreateAntiLeakageOpts struct {
+	// URL to which the rule applies.
+	Url string `json:"url" required:"true"`
+	// Sensitive information type in the information leakage prevention rule.
+	// sensitive: The rule masks sensitive user information, such as ID code, phone numbers,
+	// and email addresses.
+	// code: The rule blocks response pages of specified HTTP response code.
+	Category string `json:"category" required:"true"`
+	// Content corresponding to the sensitive information type. Multiple options can be set.
+	// When category is set to code, the pages that contain the following HTTP response codes
+	// will be blocked: 400, 401, 402, 403, 404, 405, 500, 501, 502, 503, 504 and 507.
+	// When category is set to sensitive, parameters phone, id_card, and email can be set.
+	Contents []string `json:"contents" required:"true"`
+	// Rule description.
+	Description string `json:"description"`
+}
+
+// CreateAntiLeakage will create an information leakage protection rule on the values in CreateOpts.
+func CreateAntiLeakage(client *golangsdk.ServiceClient, policyId string, opts CreateAntiLeakageOpts) (*AntiLeakageRule, error) {
+	b, err := build.RequestBody(opts, "")
+	if err != nil {
+		return nil, err
+	}
+
+	// POST /v1/{project_id}/waf/policy/{policy_id}/antileakage
+	raw, err := client.Post(client.ServiceURL("waf", "policy", policyId, "antileakage"), b,
+		nil, &golangsdk.RequestOpts{
+			OkCodes:     []int{200},
+			MoreHeaders: map[string]string{"Content-Type": "application/json;charset=utf8"},
+		})
+	if err != nil {
+		return nil, err
+	}
+
+	var res AntiLeakageRule
+	err = extract.Into(raw.Body, &res)
+	return &res, err
+}
+
+type AntiLeakageRule struct {
+	// Rule ID.
+	ID string `json:"id"`
+	// Policy ID.
+	PolicyId string `json:"policyid"`
+	// URL to which the rule applies.
+	Url string `json:"url"`
+	// Sensitive information type in the information leakage prevention rule.
+	// sensitive: The rule masks sensitive user information, such as ID code,
+	// phone numbers, and email addresses.
+	// code: The rule blocks response pages of specified HTTP response code.
+	Category string `json:"category"`
+	// Content corresponding to the sensitive information type.
+	Contents []string `json:"contents"`
+	// Time the rule is created. The value is a 13-digit timestamp in ms.
+	CreatedAt int64 `json:"timestamp"`
+	// Rule status. The value can be:
+	// 0: The rule is disabled.
+	// 1: The rule is enabled.
+	Status int `json:"status"`
+	// Rule description.
+	Description string `json:"description"`
+}
@@ -0,0 +1,61 @@
+package rules
+
+import (
+	"github.com/opentelekomcloud/gophertelekomcloud"
+	"github.com/opentelekomcloud/gophertelekomcloud/internal/build"
+	"github.com/opentelekomcloud/gophertelekomcloud/internal/extract"
+)
+
+type CreateAntiTamperOpts struct {
+	// Protected website. It can be obtained by calling the ListHost API
+	// in cloud mode (the value of the hostname field in the response body).
+	Hostname string `json:"hostname" required:"true"`
+	// URL protected by the web tamper protection rule.
+	// The value must be in the standard URL format, for example, /admin
+	Url string `json:"url" required:"true"`
+	// Rule description.
+	Description string `json:"description"`
+}
+
+// CreateAntiTamper will create a web tamper protection rule on the values in CreateAntiTamperOpts.
+func CreateAntiTamper(client *golangsdk.ServiceClient, policyId string, opts CreateAntiTamperOpts) (*AntiTamperRule, error) {
+	b, err := build.RequestBody(opts, "")
+	if err != nil {
+		return nil, err
+	}
+
+	// POST /v1/{project_id}/waf/policy/{policy_id}/antitamper
+	raw, err := client.Post(client.ServiceURL("waf", "policy", policyId, "antitamper"), b,
+		nil, &golangsdk.RequestOpts{
+			OkCodes:     []int{200},
+			MoreHeaders: map[string]string{"Content-Type": "application/json;charset=utf8"},
+		})
+	if err != nil {
+		return nil, err
+	}
+
+	var res AntiTamperRule
+	err = extract.Into(raw.Body, &res)
+	return &res, err
+}
+
+type AntiTamperRule struct {
+	// Rule ID.
+	ID string `json:"id"`
+	// Policy ID.
+	PolicyId string `json:"policyid"`
+	// Time the rule is created. The value is a 13-digit timestamp in ms.
+	CreatedAt int64 `json:"timestamp"`
+	// Rule description.
+	Description string `json:"description"`
+	// Rule status. The value can be:
+	// 0: The rule is disabled.
+	// 1: The rule is enabled.
+	// Rule description.
+	Status int `json:"status"`
+	// The domain name of the website protected with the web tamper protection rule.
+	// The domain name is in the format of xxx.xxx.com, such as www.example.com.
+	Hostname string `json:"hostname"`
+	// URL for the web tamper protection rule.
+	Url string `json:"url"`
+}
@@ -0,0 +1,73 @@
+package rules
+
+import (
+	"github.com/opentelekomcloud/gophertelekomcloud"
+	"github.com/opentelekomcloud/gophertelekomcloud/internal/build"
+	"github.com/opentelekomcloud/gophertelekomcloud/internal/extract"
+)
+
+type BlacklistCreateOpts struct {
+	// Rule name.
+	Name string `json:"name"`
+	// Rule description.
+	Description string `json:"description"`
+	// IP addresses or an IP address range.
+	// IP addresses: IP addresses to be added to the blacklist or whitelist,
+	// for example, 192.x.x.3 -IP address range: IP address and subnet mask, for example, 10.x.x.0/24
+	Addresses string `json:"addr" required:"true"`
+	// Protective action. The value can be:
+	// 0: WAF blocks the requests that hit the rule.
+	// 1: WAF allows the requests that hit the rule.
+	// 2: WAF only logs the requests that hit the rule.
+	Action *int `json:"white" required:"true"`
+	// ID of a known attack source rule. This parameter can be configured only when white is set to 0.
+	FollowedActionId string `json:"followed_action_id"`
+}
+
+// CreateBlacklist will create a blacklist or whitelist rule on the values in WhitelistCreateOpts.
+func CreateBlacklist(client *golangsdk.ServiceClient, policyId string, opts BlacklistCreateOpts) (*BlacklistRule, error) {
+	b, err := build.RequestBody(opts, "")
+	if err != nil {
+		return nil, err
+	}
+
+	// POST /v1/{project_id}/waf/policy/{policy_id}/whiteblackip
+	raw, err := client.Post(client.ServiceURL("waf", "policy", policyId, "whiteblackip"), b,
+		nil, &golangsdk.RequestOpts{
+			OkCodes:     []int{200},
+			MoreHeaders: map[string]string{"Content-Type": "application/json;charset=utf8"},
+		})
+	if err != nil {
+		return nil, err
+	}
+
+	var res BlacklistRule
+	err = extract.Into(raw.Body, &res)
+	return &res, err
+}
+
+type BlacklistRule struct {
+	// Rule ID.
+	ID string `json:"id"`
+	// Rule name.
+	Name string `json:"name"`
+	// Policy ID.
+	PolicyId string `json:"policyid"`
+	// Rule creation time.
+	CreatedAt int64 `json:"timestamp"`
+	// Rule description.
+	Description string `json:"description"`
+	// Rule status. The value can be:
+	// 0: The rule is disabled.
+	// 1: The rule is enabled.
+	Status string `json:"status"`
+	// Blacklisted or whitelisted IP addresses
+	Addresses string `json:"addr"`
+	// Protective action. The value can be:
+	// 0: WAF blocks the requests that hit the rule.
+	// 1: WAF allows the requests that hit the rule.
+	// 2: WAF only logs the requests that hit the rule.
+	Action int `json:"white"`
+	// ID of the known attack source rule.
+	FollowedActionId string `json:"followed_action_id"`
+}