diff --git a/.generator/schemas/v2/openapi.yaml b/.generator/schemas/v2/openapi.yaml index e83df8269e..dd709e2ef0 100644 --- a/.generator/schemas/v2/openapi.yaml +++ b/.generator/schemas/v2/openapi.yaml @@ -4338,6 +4338,10 @@ components: - ip_match - "!ip_match" - capture_data + - exists + - "!exists" + - equals + - "!equals" example: "match_regex" type: string x-enum-varnames: @@ -4352,6 +4356,10 @@ components: - IP_MATCH - NOT_IP_MATCH - CAPTURE_DATA + - EXISTS + - NOT_EXISTS + - EQUALS + - NOT_EQUALS ApplicationSecurityWafCustomRuleConditionOptions: description: Options for the operator of this condition. properties: @@ -4392,6 +4400,8 @@ components: description: "Regex to use with the condition. Only used with match_regex and !match_regex operator." example: "path.*" type: string + type: + $ref: "#/components/schemas/ApplicationSecurityWafCustomRuleConditionParametersType" value: description: |- Store the captured value in the specified tag name. Only used with the capture_data operator. @@ -4400,6 +4410,22 @@ components: required: - inputs type: object + ApplicationSecurityWafCustomRuleConditionParametersType: + description: The type of the value to compare against. Only used with the equals and !equals operator. + enum: + - boolean + - signed + - unsigned + - float + - string + example: "string" + type: string + x-enum-varnames: + - BOOLEAN + - SIGNED + - UNSIGNED + - FLOAT + - STRING ApplicationSecurityWafCustomRuleCreateAttributes: description: "Create a new WAF custom rule." properties: diff --git a/docs/datadog_api_client.v2.model.rst b/docs/datadog_api_client.v2.model.rst index d1dc990342..e4e805e14c 100644 --- a/docs/datadog_api_client.v2.model.rst +++ b/docs/datadog_api_client.v2.model.rst @@ -844,6 +844,13 @@ datadog\_api\_client.v2.model.application\_security\_waf\_custom\_rule\_conditio :members: :show-inheritance: +datadog\_api\_client.v2.model.application\_security\_waf\_custom\_rule\_condition\_parameters\_type module +---------------------------------------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.application_security_waf_custom_rule_condition_parameters_type + :members: + :show-inheritance: + datadog\_api\_client.v2.model.application\_security\_waf\_custom\_rule\_create\_attributes module ------------------------------------------------------------------------------------------------- diff --git a/examples/v2/application-security/CreateApplicationSecurityWafCustomRule.py b/examples/v2/application-security/CreateApplicationSecurityWafCustomRule.py index 8efa43ccf2..a5e3db407d 100644 --- a/examples/v2/application-security/CreateApplicationSecurityWafCustomRule.py +++ b/examples/v2/application-security/CreateApplicationSecurityWafCustomRule.py @@ -31,6 +31,9 @@ from datadog_api_client.v2.model.application_security_waf_custom_rule_condition_parameters import ( ApplicationSecurityWafCustomRuleConditionParameters, ) +from datadog_api_client.v2.model.application_security_waf_custom_rule_condition_parameters_type import ( + ApplicationSecurityWafCustomRuleConditionParametersType, +) from datadog_api_client.v2.model.application_security_waf_custom_rule_create_attributes import ( ApplicationSecurityWafCustomRuleCreateAttributes, ) @@ -75,6 +78,7 @@ min_length=0, ), regex="path.*", + type=ApplicationSecurityWafCustomRuleConditionParametersType.STRING, value="custom_tag", ), ), diff --git a/src/datadog_api_client/v2/model/application_security_waf_custom_rule_condition_operator.py b/src/datadog_api_client/v2/model/application_security_waf_custom_rule_condition_operator.py index 1375c693cf..586e1e0fad 100644 --- a/src/datadog_api_client/v2/model/application_security_waf_custom_rule_condition_operator.py +++ b/src/datadog_api_client/v2/model/application_security_waf_custom_rule_condition_operator.py @@ -16,7 +16,7 @@ class ApplicationSecurityWafCustomRuleConditionOperator(ModelSimple): """ Operator to use for the WAF Condition. - :param value: Must be one of ["match_regex", "!match_regex", "phrase_match", "!phrase_match", "is_xss", "is_sqli", "exact_match", "!exact_match", "ip_match", "!ip_match", "capture_data"]. + :param value: Must be one of ["match_regex", "!match_regex", "phrase_match", "!phrase_match", "is_xss", "is_sqli", "exact_match", "!exact_match", "ip_match", "!ip_match", "capture_data", "exists", "!exists", "equals", "!equals"]. :type value: str """ @@ -32,6 +32,10 @@ class ApplicationSecurityWafCustomRuleConditionOperator(ModelSimple): "ip_match", "!ip_match", "capture_data", + "exists", + "!exists", + "equals", + "!equals", } MATCH_REGEX: ClassVar["ApplicationSecurityWafCustomRuleConditionOperator"] NOT_MATCH_REGEX: ClassVar["ApplicationSecurityWafCustomRuleConditionOperator"] @@ -44,6 +48,10 @@ class ApplicationSecurityWafCustomRuleConditionOperator(ModelSimple): IP_MATCH: ClassVar["ApplicationSecurityWafCustomRuleConditionOperator"] NOT_IP_MATCH: ClassVar["ApplicationSecurityWafCustomRuleConditionOperator"] CAPTURE_DATA: ClassVar["ApplicationSecurityWafCustomRuleConditionOperator"] + EXISTS: ClassVar["ApplicationSecurityWafCustomRuleConditionOperator"] + NOT_EXISTS: ClassVar["ApplicationSecurityWafCustomRuleConditionOperator"] + EQUALS: ClassVar["ApplicationSecurityWafCustomRuleConditionOperator"] + NOT_EQUALS: ClassVar["ApplicationSecurityWafCustomRuleConditionOperator"] @cached_property def openapi_types(_): @@ -81,3 +89,11 @@ def openapi_types(_): ApplicationSecurityWafCustomRuleConditionOperator.CAPTURE_DATA = ApplicationSecurityWafCustomRuleConditionOperator( "capture_data" ) +ApplicationSecurityWafCustomRuleConditionOperator.EXISTS = ApplicationSecurityWafCustomRuleConditionOperator("exists") +ApplicationSecurityWafCustomRuleConditionOperator.NOT_EXISTS = ApplicationSecurityWafCustomRuleConditionOperator( + "!exists" +) +ApplicationSecurityWafCustomRuleConditionOperator.EQUALS = ApplicationSecurityWafCustomRuleConditionOperator("equals") +ApplicationSecurityWafCustomRuleConditionOperator.NOT_EQUALS = ApplicationSecurityWafCustomRuleConditionOperator( + "!equals" +) diff --git a/src/datadog_api_client/v2/model/application_security_waf_custom_rule_condition_parameters.py b/src/datadog_api_client/v2/model/application_security_waf_custom_rule_condition_parameters.py index d0abd9fee7..dac2b8f74d 100644 --- a/src/datadog_api_client/v2/model/application_security_waf_custom_rule_condition_parameters.py +++ b/src/datadog_api_client/v2/model/application_security_waf_custom_rule_condition_parameters.py @@ -20,6 +20,9 @@ from datadog_api_client.v2.model.application_security_waf_custom_rule_condition_options import ( ApplicationSecurityWafCustomRuleConditionOptions, ) + from datadog_api_client.v2.model.application_security_waf_custom_rule_condition_parameters_type import ( + ApplicationSecurityWafCustomRuleConditionParametersType, + ) class ApplicationSecurityWafCustomRuleConditionParameters(ModelNormal): @@ -31,6 +34,9 @@ def openapi_types(_): from datadog_api_client.v2.model.application_security_waf_custom_rule_condition_options import ( ApplicationSecurityWafCustomRuleConditionOptions, ) + from datadog_api_client.v2.model.application_security_waf_custom_rule_condition_parameters_type import ( + ApplicationSecurityWafCustomRuleConditionParametersType, + ) return { "data": (str,), @@ -38,6 +44,7 @@ def openapi_types(_): "list": ([str],), "options": (ApplicationSecurityWafCustomRuleConditionOptions,), "regex": (str,), + "type": (ApplicationSecurityWafCustomRuleConditionParametersType,), "value": (str,), } @@ -47,6 +54,7 @@ def openapi_types(_): "list": "list", "options": "options", "regex": "regex", + "type": "type", "value": "value", } @@ -57,6 +65,7 @@ def __init__( list: Union[List[str], UnsetType] = unset, options: Union[ApplicationSecurityWafCustomRuleConditionOptions, UnsetType] = unset, regex: Union[str, UnsetType] = unset, + type: Union[ApplicationSecurityWafCustomRuleConditionParametersType, UnsetType] = unset, value: Union[str, UnsetType] = unset, **kwargs, ): @@ -79,6 +88,9 @@ def __init__( :param regex: Regex to use with the condition. Only used with match_regex and !match_regex operator. :type regex: str, optional + :param type: The type of the value to compare against. Only used with the equals and !equals operator. + :type type: ApplicationSecurityWafCustomRuleConditionParametersType, optional + :param value: Store the captured value in the specified tag name. Only used with the capture_data operator. :type value: str, optional """ @@ -90,6 +102,8 @@ def __init__( kwargs["options"] = options if regex is not unset: kwargs["regex"] = regex + if type is not unset: + kwargs["type"] = type if value is not unset: kwargs["value"] = value super().__init__(kwargs) diff --git a/src/datadog_api_client/v2/model/application_security_waf_custom_rule_condition_parameters_type.py b/src/datadog_api_client/v2/model/application_security_waf_custom_rule_condition_parameters_type.py new file mode 100644 index 0000000000..9eaad12218 --- /dev/null +++ b/src/datadog_api_client/v2/model/application_security_waf_custom_rule_condition_parameters_type.py @@ -0,0 +1,57 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + + +from datadog_api_client.model_utils import ( + ModelSimple, + cached_property, +) + +from typing import ClassVar + + +class ApplicationSecurityWafCustomRuleConditionParametersType(ModelSimple): + """ + The type of the value to compare against. Only used with the equals and !equals operator. + + :param value: Must be one of ["boolean", "signed", "unsigned", "float", "string"]. + :type value: str + """ + + allowed_values = { + "boolean", + "signed", + "unsigned", + "float", + "string", + } + BOOLEAN: ClassVar["ApplicationSecurityWafCustomRuleConditionParametersType"] + SIGNED: ClassVar["ApplicationSecurityWafCustomRuleConditionParametersType"] + UNSIGNED: ClassVar["ApplicationSecurityWafCustomRuleConditionParametersType"] + FLOAT: ClassVar["ApplicationSecurityWafCustomRuleConditionParametersType"] + STRING: ClassVar["ApplicationSecurityWafCustomRuleConditionParametersType"] + + @cached_property + def openapi_types(_): + return { + "value": (str,), + } + + +ApplicationSecurityWafCustomRuleConditionParametersType.BOOLEAN = ( + ApplicationSecurityWafCustomRuleConditionParametersType("boolean") +) +ApplicationSecurityWafCustomRuleConditionParametersType.SIGNED = ( + ApplicationSecurityWafCustomRuleConditionParametersType("signed") +) +ApplicationSecurityWafCustomRuleConditionParametersType.UNSIGNED = ( + ApplicationSecurityWafCustomRuleConditionParametersType("unsigned") +) +ApplicationSecurityWafCustomRuleConditionParametersType.FLOAT = ApplicationSecurityWafCustomRuleConditionParametersType( + "float" +) +ApplicationSecurityWafCustomRuleConditionParametersType.STRING = ( + ApplicationSecurityWafCustomRuleConditionParametersType("string") +) diff --git a/src/datadog_api_client/v2/models/__init__.py b/src/datadog_api_client/v2/models/__init__.py index 22f4a4d800..ecaf9dfd15 100644 --- a/src/datadog_api_client/v2/models/__init__.py +++ b/src/datadog_api_client/v2/models/__init__.py @@ -249,6 +249,9 @@ from datadog_api_client.v2.model.application_security_waf_custom_rule_condition_parameters import ( ApplicationSecurityWafCustomRuleConditionParameters, ) +from datadog_api_client.v2.model.application_security_waf_custom_rule_condition_parameters_type import ( + ApplicationSecurityWafCustomRuleConditionParametersType, +) from datadog_api_client.v2.model.application_security_waf_custom_rule_create_attributes import ( ApplicationSecurityWafCustomRuleCreateAttributes, ) @@ -7012,6 +7015,7 @@ "ApplicationSecurityWafCustomRuleConditionOperator", "ApplicationSecurityWafCustomRuleConditionOptions", "ApplicationSecurityWafCustomRuleConditionParameters", + "ApplicationSecurityWafCustomRuleConditionParametersType", "ApplicationSecurityWafCustomRuleCreateAttributes", "ApplicationSecurityWafCustomRuleCreateData", "ApplicationSecurityWafCustomRuleCreateRequest", diff --git a/tests/v2/features/application_security.feature b/tests/v2/features/application_security.feature index f10a470ff2..aad0642b71 100644 --- a/tests/v2/features/application_security.feature +++ b/tests/v2/features/application_security.feature @@ -16,21 +16,21 @@ Feature: Application Security @generated @skip @team:DataDog/asm-backend Scenario: Create a WAF custom rule returns "Bad Request" response Given new "CreateApplicationSecurityWafCustomRule" request - And body with value {"data": {"attributes": {"action": {"action": "block_request", "parameters": {"location": "/blocking", "status_code": 403}}, "blocking": false, "conditions": [{"operator": "match_regex", "parameters": {"data": "blocked_users", "inputs": [{"address": "server.db.statement", "key_path": []}], "list": [], "options": {"case_sensitive": false, "min_length": 0}, "regex": "path.*", "value": "custom_tag"}}], "enabled": false, "name": "Block request from a bad useragent", "path_glob": "/api/search/*", "scope": [{"env": "prod", "service": "billing-service"}], "tags": {"category": "business_logic", "type": "users.login.success"}}, "type": "custom_rule"}} + And body with value {"data": {"attributes": {"action": {"action": "block_request", "parameters": {"location": "/blocking", "status_code": 403}}, "blocking": false, "conditions": [{"operator": "match_regex", "parameters": {"data": "blocked_users", "inputs": [{"address": "server.db.statement", "key_path": []}], "list": [], "options": {"case_sensitive": false, "min_length": 0}, "regex": "path.*", "type": "string", "value": "custom_tag"}}], "enabled": false, "name": "Block request from a bad useragent", "path_glob": "/api/search/*", "scope": [{"env": "prod", "service": "billing-service"}], "tags": {"category": "business_logic", "type": "users.login.success"}}, "type": "custom_rule"}} When the request is sent Then the response status is 400 Bad Request @generated @skip @team:DataDog/asm-backend Scenario: Create a WAF custom rule returns "Concurrent Modification" response Given new "CreateApplicationSecurityWafCustomRule" request - And body with value {"data": {"attributes": {"action": {"action": "block_request", "parameters": {"location": "/blocking", "status_code": 403}}, "blocking": false, "conditions": [{"operator": "match_regex", "parameters": {"data": "blocked_users", "inputs": [{"address": "server.db.statement", "key_path": []}], "list": [], "options": {"case_sensitive": false, "min_length": 0}, "regex": "path.*", "value": "custom_tag"}}], "enabled": false, "name": "Block request from a bad useragent", "path_glob": "/api/search/*", "scope": [{"env": "prod", "service": "billing-service"}], "tags": {"category": "business_logic", "type": "users.login.success"}}, "type": "custom_rule"}} + And body with value {"data": {"attributes": {"action": {"action": "block_request", "parameters": {"location": "/blocking", "status_code": 403}}, "blocking": false, "conditions": [{"operator": "match_regex", "parameters": {"data": "blocked_users", "inputs": [{"address": "server.db.statement", "key_path": []}], "list": [], "options": {"case_sensitive": false, "min_length": 0}, "regex": "path.*", "type": "string", "value": "custom_tag"}}], "enabled": false, "name": "Block request from a bad useragent", "path_glob": "/api/search/*", "scope": [{"env": "prod", "service": "billing-service"}], "tags": {"category": "business_logic", "type": "users.login.success"}}, "type": "custom_rule"}} When the request is sent Then the response status is 409 Concurrent Modification @generated @skip @team:DataDog/asm-backend Scenario: Create a WAF custom rule returns "Created" response Given new "CreateApplicationSecurityWafCustomRule" request - And body with value {"data": {"attributes": {"action": {"action": "block_request", "parameters": {"location": "/blocking", "status_code": 403}}, "blocking": false, "conditions": [{"operator": "match_regex", "parameters": {"data": "blocked_users", "inputs": [{"address": "server.db.statement", "key_path": []}], "list": [], "options": {"case_sensitive": false, "min_length": 0}, "regex": "path.*", "value": "custom_tag"}}], "enabled": false, "name": "Block request from a bad useragent", "path_glob": "/api/search/*", "scope": [{"env": "prod", "service": "billing-service"}], "tags": {"category": "business_logic", "type": "users.login.success"}}, "type": "custom_rule"}} + And body with value {"data": {"attributes": {"action": {"action": "block_request", "parameters": {"location": "/blocking", "status_code": 403}}, "blocking": false, "conditions": [{"operator": "match_regex", "parameters": {"data": "blocked_users", "inputs": [{"address": "server.db.statement", "key_path": []}], "list": [], "options": {"case_sensitive": false, "min_length": 0}, "regex": "path.*", "type": "string", "value": "custom_tag"}}], "enabled": false, "name": "Block request from a bad useragent", "path_glob": "/api/search/*", "scope": [{"env": "prod", "service": "billing-service"}], "tags": {"category": "business_logic", "type": "users.login.success"}}, "type": "custom_rule"}} When the request is sent Then the response status is 201 Created @@ -153,7 +153,7 @@ Feature: Application Security Scenario: Update a WAF Custom Rule returns "Concurrent Modification" response Given new "UpdateApplicationSecurityWafCustomRule" request And request contains "custom_rule_id" parameter from "REPLACE.ME" - And body with value {"data": {"attributes": {"action": {"action": "block_request", "parameters": {"location": "/blocking", "status_code": 403}}, "blocking": false, "conditions": [{"operator": "match_regex", "parameters": {"data": "blocked_users", "inputs": [{"address": "server.db.statement", "key_path": []}], "list": [], "options": {"case_sensitive": false, "min_length": 0}, "regex": "path.*", "value": "custom_tag"}}], "enabled": false, "name": "Block request from bad useragent", "path_glob": "/api/search/*", "scope": [{"env": "prod", "service": "billing-service"}], "tags": {"category": "business_logic", "type": "users.login.success"}}, "type": "custom_rule"}} + And body with value {"data": {"attributes": {"action": {"action": "block_request", "parameters": {"location": "/blocking", "status_code": 403}}, "blocking": false, "conditions": [{"operator": "match_regex", "parameters": {"data": "blocked_users", "inputs": [{"address": "server.db.statement", "key_path": []}], "list": [], "options": {"case_sensitive": false, "min_length": 0}, "regex": "path.*", "type": "string", "value": "custom_tag"}}], "enabled": false, "name": "Block request from bad useragent", "path_glob": "/api/search/*", "scope": [{"env": "prod", "service": "billing-service"}], "tags": {"category": "business_logic", "type": "users.login.success"}}, "type": "custom_rule"}} When the request is sent Then the response status is 409 Concurrent Modification @@ -161,7 +161,7 @@ Feature: Application Security Scenario: Update a WAF Custom Rule returns "Not Found" response Given new "UpdateApplicationSecurityWafCustomRule" request And request contains "custom_rule_id" parameter from "REPLACE.ME" - And body with value {"data": {"attributes": {"action": {"action": "block_request", "parameters": {"location": "/blocking", "status_code": 403}}, "blocking": false, "conditions": [{"operator": "match_regex", "parameters": {"data": "blocked_users", "inputs": [{"address": "server.db.statement", "key_path": []}], "list": [], "options": {"case_sensitive": false, "min_length": 0}, "regex": "path.*", "value": "custom_tag"}}], "enabled": false, "name": "Block request from bad useragent", "path_glob": "/api/search/*", "scope": [{"env": "prod", "service": "billing-service"}], "tags": {"category": "business_logic", "type": "users.login.success"}}, "type": "custom_rule"}} + And body with value {"data": {"attributes": {"action": {"action": "block_request", "parameters": {"location": "/blocking", "status_code": 403}}, "blocking": false, "conditions": [{"operator": "match_regex", "parameters": {"data": "blocked_users", "inputs": [{"address": "server.db.statement", "key_path": []}], "list": [], "options": {"case_sensitive": false, "min_length": 0}, "regex": "path.*", "type": "string", "value": "custom_tag"}}], "enabled": false, "name": "Block request from bad useragent", "path_glob": "/api/search/*", "scope": [{"env": "prod", "service": "billing-service"}], "tags": {"category": "business_logic", "type": "users.login.success"}}, "type": "custom_rule"}} When the request is sent Then the response status is 404 Not Found