Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[ BUG ] Removing the only firewall rule left within a rule group keeps asking for rule id array #1107

Closed
GabrielNBJJ opened this issue Jan 25, 2024 · 1 comment · Fixed by #1110
Closed

[ BUG ] Removing the only firewall rule left within a rule group keeps asking for rule id array #1107

GabrielNBJJ opened this issue Jan 25, 2024 · 1 comment · Fixed by #1110
Assignees
@jshcodes
Labels
bug 🐛 Something isn't working firewall Firewall Policies and Management issues and questions

Comments

@GabrielNBJJ
Copy link

GabrielNBJJ commented Jan 25, 2024
edited by jshcodes
Loading

Describe the bug
When you have a firewall rule group with only one singular rule in it and you are trying to delete that group, the API response keeps serving back

{'code': 400, 'message': "rule group 'rule_ids' array must be provided"}

I have tried feeding it:

  • [] // Empty array
  • None
  • Delete it entirely

Example syntax
The following syntax should work but does not when there is only one rule in the rule group.

firewall.update_rule_group(rule_ids=[], tracking="TRACKING_ID_HERE", id="RULE_GROUP_ID_HERE", diff_op="remove", diff_path="/rules/0")
@GabrielNBJJ GabrielNBJJ added the bug 🐛 Something isn't working label Jan 25, 2024
@jshcodes jshcodes self-assigned this Jan 25, 2024
@jshcodes jshcodes added investigating This issue is being investigated firewall Firewall Policies and Management issues and questions and removed investigating This issue is being investigated labels Jan 26, 2024
@jshcodes
Copy link
Member

Hi @GabrielNBJJ -

This bug is confirmed! When provided the necessary payload elements for this operation when there is only one rule in the rule group, the rule_ids keyword is being discarded. This only occurs when rule_ids is an empty list.

Thank you for reporting this issue, we are working on addressing it now. In the interim you can use a raw body payload to accomplish this operation.

from falconpy import FirewallManagement

firewall = FirewallManagement()

payload = {
    "id": "RULE_GROUP_ID",
    "diff_type": "application/json-patch+json",
    "rule_ids": [],
    "rule_versions": [],
    "tracking": "TRACKING ID HERE",
    "diff_operations": [
        {
            "op": "remove",
            "path": "/rules/0"
        }
    ]
}

firewall.update_rule_group(body=payload)

jshcodes added a commit that referenced this issue Jan 27, 2024
@jshcodes
Allow empty rule_ids list. Closes #1107.
42010cf
jshcodes added a commit that referenced this issue Jan 29, 2024
@jshcodes
Allow empty rule_ids list. Closes #1107.
bd6f9f4
@jshcodes jshcodes mentioned this issue Jan 30, 2024
Merged
3 tasks
jshcodes added a commit that referenced this issue Jan 31, 2024
@jshcodes
Allow empty rule_ids list. Closes #1107.
c57bd83
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jshcodes jshcodes

Labels
bug 🐛 Something isn't working firewall Firewall Policies and Management issues and questions
Projects
None yet
Milestone
No milestone
2 participants
@GabrielNBJJ @jshcodes