Add exists, !exists, equals, and !equals operators to WAF custom rules (#3197)

Co-authored-by: ci.datadog-api-spec <packages@datadoghq.com>

Author: api-clients-generation-pipeline[bot]

.generator/schemas/v2/openapi.yaml

@@ -4527,6 +4527,10 @@ components:
         - ip_match
         - "!ip_match"
         - capture_data
+        - exists
+        - "!exists"
+        - equals
+        - "!equals"
       example: "match_regex"
       type: string
       x-enum-varnames:
@@ -4541,6 +4545,10 @@ components:
         - IP_MATCH
         - NOT_IP_MATCH
         - CAPTURE_DATA
+        - EXISTS
+        - NOT_EXISTS
+        - EQUALS
+        - NOT_EQUALS
     ApplicationSecurityWafCustomRuleConditionOptions:
       description: Options for the operator of this condition.
       properties:
@@ -4581,6 +4589,8 @@ components:
           description: "Regex to use with the condition. Only used with match_regex and !match_regex operator."
           example: "path.*"
           type: string
+        type:
+          $ref: "#/components/schemas/ApplicationSecurityWafCustomRuleConditionParametersType"
         value:
           description: |-
             Store the captured value in the specified tag name. Only used with the capture_data operator.
@@ -4589,6 +4599,22 @@ components:
       required:
         - inputs
       type: object
+    ApplicationSecurityWafCustomRuleConditionParametersType:
+      description: The type of the value to compare against. Only used with the equals and !equals operator.
+      enum:
+        - boolean
+        - signed
+        - unsigned
+        - float
+        - string
+      example: "string"
+      type: string
+      x-enum-varnames:
+        - BOOLEAN
+        - SIGNED
+        - UNSIGNED
+        - FLOAT
+        - STRING
     ApplicationSecurityWafCustomRuleCreateAttributes:
       description: "Create a new WAF custom rule."
       properties:

examples/v2/application-security/CreateApplicationSecurityWafCustomRule.rb

@@ -31,6 +31,7 @@
               min_length: 0,
             }),
             regex: "path.*",
+            type: DatadogAPIClient::V2::ApplicationSecurityWafCustomRuleConditionParametersType::STRING,
             value: "custom_tag",
           }),
         }),

features/v2/application_security.feature

@@ -16,21 +16,21 @@ Feature: Application Security
   @generated @skip @team:DataDog/asm-backend
   Scenario: Create a WAF custom rule returns "Bad Request" response
     Given new "CreateApplicationSecurityWafCustomRule" request
-    And body with value {"data": {"attributes": {"action": {"action": "block_request", "parameters": {"location": "/blocking", "status_code": 403}}, "blocking": false, "conditions": [{"operator": "match_regex", "parameters": {"data": "blocked_users", "inputs": [{"address": "server.db.statement", "key_path": []}], "list": [], "options": {"case_sensitive": false, "min_length": 0}, "regex": "path.*", "value": "custom_tag"}}], "enabled": false, "name": "Block request from a bad useragent", "path_glob": "/api/search/*", "scope": [{"env": "prod", "service": "billing-service"}], "tags": {"category": "business_logic", "type": "users.login.success"}}, "type": "custom_rule"}}
+    And body with value {"data": {"attributes": {"action": {"action": "block_request", "parameters": {"location": "/blocking", "status_code": 403}}, "blocking": false, "conditions": [{"operator": "match_regex", "parameters": {"data": "blocked_users", "inputs": [{"address": "server.db.statement", "key_path": []}], "list": [], "options": {"case_sensitive": false, "min_length": 0}, "regex": "path.*", "type": "string", "value": "custom_tag"}}], "enabled": false, "name": "Block request from a bad useragent", "path_glob": "/api/search/*", "scope": [{"env": "prod", "service": "billing-service"}], "tags": {"category": "business_logic", "type": "users.login.success"}}, "type": "custom_rule"}}
     When the request is sent
     Then the response status is 400 Bad Request
 
   @generated @skip @team:DataDog/asm-backend
   Scenario: Create a WAF custom rule returns "Concurrent Modification" response
     Given new "CreateApplicationSecurityWafCustomRule" request
-    And body with value {"data": {"attributes": {"action": {"action": "block_request", "parameters": {"location": "/blocking", "status_code": 403}}, "blocking": false, "conditions": [{"operator": "match_regex", "parameters": {"data": "blocked_users", "inputs": [{"address": "server.db.statement", "key_path": []}], "list": [], "options": {"case_sensitive": false, "min_length": 0}, "regex": "path.*", "value": "custom_tag"}}], "enabled": false, "name": "Block request from a bad useragent", "path_glob": "/api/search/*", "scope": [{"env": "prod", "service": "billing-service"}], "tags": {"category": "business_logic", "type": "users.login.success"}}, "type": "custom_rule"}}
+    And body with value {"data": {"attributes": {"action": {"action": "block_request", "parameters": {"location": "/blocking", "status_code": 403}}, "blocking": false, "conditions": [{"operator": "match_regex", "parameters": {"data": "blocked_users", "inputs": [{"address": "server.db.statement", "key_path": []}], "list": [], "options": {"case_sensitive": false, "min_length": 0}, "regex": "path.*", "type": "string", "value": "custom_tag"}}], "enabled": false, "name": "Block request from a bad useragent", "path_glob": "/api/search/*", "scope": [{"env": "prod", "service": "billing-service"}], "tags": {"category": "business_logic", "type": "users.login.success"}}, "type": "custom_rule"}}
     When the request is sent
     Then the response status is 409 Concurrent Modification
 
   @generated @skip @team:DataDog/asm-backend
   Scenario: Create a WAF custom rule returns "Created" response
     Given new "CreateApplicationSecurityWafCustomRule" request
-    And body with value {"data": {"attributes": {"action": {"action": "block_request", "parameters": {"location": "/blocking", "status_code": 403}}, "blocking": false, "conditions": [{"operator": "match_regex", "parameters": {"data": "blocked_users", "inputs": [{"address": "server.db.statement", "key_path": []}], "list": [], "options": {"case_sensitive": false, "min_length": 0}, "regex": "path.*", "value": "custom_tag"}}], "enabled": false, "name": "Block request from a bad useragent", "path_glob": "/api/search/*", "scope": [{"env": "prod", "service": "billing-service"}], "tags": {"category": "business_logic", "type": "users.login.success"}}, "type": "custom_rule"}}
+    And body with value {"data": {"attributes": {"action": {"action": "block_request", "parameters": {"location": "/blocking", "status_code": 403}}, "blocking": false, "conditions": [{"operator": "match_regex", "parameters": {"data": "blocked_users", "inputs": [{"address": "server.db.statement", "key_path": []}], "list": [], "options": {"case_sensitive": false, "min_length": 0}, "regex": "path.*", "type": "string", "value": "custom_tag"}}], "enabled": false, "name": "Block request from a bad useragent", "path_glob": "/api/search/*", "scope": [{"env": "prod", "service": "billing-service"}], "tags": {"category": "business_logic", "type": "users.login.success"}}, "type": "custom_rule"}}
     When the request is sent
     Then the response status is 201 Created
 
@@ -153,15 +153,15 @@ Feature: Application Security
   Scenario: Update a WAF Custom Rule returns "Concurrent Modification" response
     Given new "UpdateApplicationSecurityWafCustomRule" request
     And request contains "custom_rule_id" parameter from "REPLACE.ME"
-    And body with value {"data": {"attributes": {"action": {"action": "block_request", "parameters": {"location": "/blocking", "status_code": 403}}, "blocking": false, "conditions": [{"operator": "match_regex", "parameters": {"data": "blocked_users", "inputs": [{"address": "server.db.statement", "key_path": []}], "list": [], "options": {"case_sensitive": false, "min_length": 0}, "regex": "path.*", "value": "custom_tag"}}], "enabled": false, "name": "Block request from bad useragent", "path_glob": "/api/search/*", "scope": [{"env": "prod", "service": "billing-service"}], "tags": {"category": "business_logic", "type": "users.login.success"}}, "type": "custom_rule"}}
+    And body with value {"data": {"attributes": {"action": {"action": "block_request", "parameters": {"location": "/blocking", "status_code": 403}}, "blocking": false, "conditions": [{"operator": "match_regex", "parameters": {"data": "blocked_users", "inputs": [{"address": "server.db.statement", "key_path": []}], "list": [], "options": {"case_sensitive": false, "min_length": 0}, "regex": "path.*", "type": "string", "value": "custom_tag"}}], "enabled": false, "name": "Block request from bad useragent", "path_glob": "/api/search/*", "scope": [{"env": "prod", "service": "billing-service"}], "tags": {"category": "business_logic", "type": "users.login.success"}}, "type": "custom_rule"}}
     When the request is sent
     Then the response status is 409 Concurrent Modification
 
   @generated @skip @team:DataDog/asm-backend
   Scenario: Update a WAF Custom Rule returns "Not Found" response
     Given new "UpdateApplicationSecurityWafCustomRule" request
     And request contains "custom_rule_id" parameter from "REPLACE.ME"
-    And body with value {"data": {"attributes": {"action": {"action": "block_request", "parameters": {"location": "/blocking", "status_code": 403}}, "blocking": false, "conditions": [{"operator": "match_regex", "parameters": {"data": "blocked_users", "inputs": [{"address": "server.db.statement", "key_path": []}], "list": [], "options": {"case_sensitive": false, "min_length": 0}, "regex": "path.*", "value": "custom_tag"}}], "enabled": false, "name": "Block request from bad useragent", "path_glob": "/api/search/*", "scope": [{"env": "prod", "service": "billing-service"}], "tags": {"category": "business_logic", "type": "users.login.success"}}, "type": "custom_rule"}}
+    And body with value {"data": {"attributes": {"action": {"action": "block_request", "parameters": {"location": "/blocking", "status_code": 403}}, "blocking": false, "conditions": [{"operator": "match_regex", "parameters": {"data": "blocked_users", "inputs": [{"address": "server.db.statement", "key_path": []}], "list": [], "options": {"case_sensitive": false, "min_length": 0}, "regex": "path.*", "type": "string", "value": "custom_tag"}}], "enabled": false, "name": "Block request from bad useragent", "path_glob": "/api/search/*", "scope": [{"env": "prod", "service": "billing-service"}], "tags": {"category": "business_logic", "type": "users.login.success"}}, "type": "custom_rule"}}
     When the request is sent
     Then the response status is 404 Not Found
 

lib/datadog_api_client/inflector.rb

@@ -1149,6 +1149,7 @@ def overrides
           "v2.application_security_waf_custom_rule_condition_operator" => "ApplicationSecurityWafCustomRuleConditionOperator",
           "v2.application_security_waf_custom_rule_condition_options" => "ApplicationSecurityWafCustomRuleConditionOptions",
           "v2.application_security_waf_custom_rule_condition_parameters" => "ApplicationSecurityWafCustomRuleConditionParameters",
+          "v2.application_security_waf_custom_rule_condition_parameters_type" => "ApplicationSecurityWafCustomRuleConditionParametersType",
           "v2.application_security_waf_custom_rule_create_attributes" => "ApplicationSecurityWafCustomRuleCreateAttributes",
           "v2.application_security_waf_custom_rule_create_data" => "ApplicationSecurityWafCustomRuleCreateData",
           "v2.application_security_waf_custom_rule_create_request" => "ApplicationSecurityWafCustomRuleCreateRequest",

lib/datadog_api_client/v2/models/application_security_waf_custom_rule_condition_operator.rb

@@ -32,5 +32,9 @@ class ApplicationSecurityWafCustomRuleConditionOperator
     IP_MATCH = "ip_match".freeze
     NOT_IP_MATCH = "!ip_match".freeze
     CAPTURE_DATA = "capture_data".freeze
+    EXISTS = "exists".freeze
+    NOT_EXISTS = "!exists".freeze
+    EQUALS = "equals".freeze
+    NOT_EQUALS = "!equals".freeze
   end
 end

lib/datadog_api_client/v2/models/application_security_waf_custom_rule_condition_parameters.rb

@@ -37,6 +37,9 @@ class ApplicationSecurityWafCustomRuleConditionParameters
     # Regex to use with the condition. Only used with match_regex and !match_regex operator.
     attr_accessor :regex
 
+    # The type of the value to compare against. Only used with the equals and !equals operator.
+    attr_accessor :type
+
     # Store the captured value in the specified tag name. Only used with the capture_data operator.
     attr_accessor :value
 
@@ -51,6 +54,7 @@ def self.attribute_map
         :'list' => :'list',
         :'options' => :'options',
         :'regex' => :'regex',
+        :'type' => :'type',
         :'value' => :'value'
       }
     end
@@ -64,6 +68,7 @@ def self.openapi_types
         :'list' => :'Array<String>',
         :'options' => :'ApplicationSecurityWafCustomRuleConditionOptions',
         :'regex' => :'String',
+        :'type' => :'ApplicationSecurityWafCustomRuleConditionParametersType',
         :'value' => :'String'
       }
     end
@@ -110,6 +115,10 @@ def initialize(attributes = {})
         self.regex = attributes[:'regex']
       end
 
+      if attributes.key?(:'type')
+        self.type = attributes[:'type']
+      end
+
       if attributes.key?(:'value')
         self.value = attributes[:'value']
       end
@@ -164,6 +173,7 @@ def ==(o)
           list == o.list &&
           options == o.options &&
           regex == o.regex &&
+          type == o.type &&
           value == o.value &&
           additional_properties == o.additional_properties
     end
@@ -172,7 +182,7 @@ def ==(o)
     # @return [Integer] Hash code
     # @!visibility private
     def hash
-      [data, inputs, list, options, regex, value, additional_properties].hash
+      [data, inputs, list, options, regex, type, value, additional_properties].hash
     end
   end
 end

lib/datadog_api_client/v2/models/application_security_waf_custom_rule_condition_parameters_type.rb

@@ -0,0 +1,30 @@
+=begin
+#Datadog API V2 Collection
+
+#Collection of all Datadog Public endpoints.
+
+The version of the OpenAPI document: 1.0
+Contact: support@datadoghq.com
+Generated by: https://github.com/DataDog/datadog-api-client-ruby/tree/master/.generator
+
+ Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License.
+ This product includes software developed at Datadog (https://www.datadoghq.com/).
+ Copyright 2020-Present Datadog, Inc.
+
+=end
+
+require 'date'
+require 'time'
+
+module DatadogAPIClient::V2
+  # The type of the value to compare against. Only used with the equals and !equals operator.
+  class ApplicationSecurityWafCustomRuleConditionParametersType
+    include BaseEnumModel
+
+    BOOLEAN = "boolean".freeze
+    SIGNED = "signed".freeze
+    UNSIGNED = "unsigned".freeze
+    FLOAT = "float".freeze
+    STRING = "string".freeze
+  end
+end