diff --git a/laceworksdk/api/__init__.py b/laceworksdk/api/__init__.py index 2593369..7d5eb4b 100644 --- a/laceworksdk/api/__init__.py +++ b/laceworksdk/api/__init__.py @@ -24,6 +24,7 @@ from .v2.container_registries import ContainerRegistriesAPI from .v2.contract_info import ContractInfoAPI from .v2.datasources import DatasourcesAPI +from .v2.data_export_rules import DataExportRulesAPI from .v2.entities import EntitiesAPI from .v2.events import EventsAPI from .v2.inventory import InventoryAPI @@ -149,6 +150,7 @@ def __init__(self, self.container_registries = ContainerRegistriesAPI(self._session) self.contract_info = ContractInfoAPI(self._session) self.datasources = DatasourcesAPI(self._session) + self.data_export_rules = DataExportRulesAPI(self._session) self.entities = EntitiesAPI(self._session) self.events = EventsAPI(self._session) self.inventory = InventoryAPI(self._session) diff --git a/laceworksdk/api/v2/agent_access_tokens.py b/laceworksdk/api/v2/agent_access_tokens.py index 1b06a9c..638d11d 100644 --- a/laceworksdk/api/v2/agent_access_tokens.py +++ b/laceworksdk/api/v2/agent_access_tokens.py @@ -16,9 +16,10 @@ def __init__(self, session): :return AgentAccessTokensAPI object. """ - + super().__init__(session, "AgentAccessTokens") + def create(self, alias=None, enabled=True, diff --git a/laceworksdk/api/v2/data_export_rules.py b/laceworksdk/api/v2/data_export_rules.py new file mode 100644 index 0000000..0d0e0f0 --- /dev/null +++ b/laceworksdk/api/v2/data_export_rules.py @@ -0,0 +1,123 @@ +# -*- coding: utf-8 -*- +""" +Lacework DataExportRules API wrapper. +""" + +from laceworksdk.api.crud_endpoint import CrudEndpoint + + +class DataExportRulesAPI(CrudEndpoint): + + def __init__(self, session): + """ + Initializes the DataExportRulesAPI object. + + :param session: An instance of the HttpSession class + + :return DataExportRulesAPI object. + """ + + super().__init__(session, "DataExportRules") + + def create(self, + type, + filters, + intg_guid_list, + **request_params): + """ + A method to create a new DataExportRules object. + + Args: + type(str): A string representing the type of rule to be added. + filters(dict): A dictionary containing the name(string), description(string), enabled(bool), and + profile_version(list[string]) fields. + intg_guid_list(str): A list of strings representing the guids of the alert channels to use (s3 only). + request_params(any): Additional request parameters. + (provides support for parameters that may be added in the future) + + Return: + response(json) + """ + + return super().create( + filters=self._format_filters(filters), + type=type, + intg_guid_list=intg_guid_list, + **request_params + ) + + def get(self, + guid=None): + """ + A method to get DataExportRules objects. + + Args: + + guid(str): A string representing the object GUID. + + + Return: + response(json) + """ + + return super().get(id=guid) + + def get_by_guid(self, + guid): + """ + A method to get an DataExportRules object by GUID. + + Args: + + guid(str): A string representing the object GUID. + + + Return: + response(json) + """ + + return self.get(guid=guid) + + def update(self, + guid, + filters=None, + intg_guid_list=None, + type=None, + **request_params): + """ + A method to update an existing DataExportRules object. + + Args: + guid(str): A string representing the object GUID. + type(str): A string representing the type of rule. + filters(dict): A dictionary containing the name(string), description(string), enabled(bool), and + profile_version(list[string]) fields. + intg_guid_list(str): A list of strings representing the guids of the alert channels to use (s3 only). + request_params(any): Additional request parameters. + (provides support for parameters that may be added in the future) + + Return: + response(json) + """ + + return super().update( + id=guid, + filters=self._format_filters(filters), + type=type, + intg_guid_list=intg_guid_list, + **request_params + ) + + def delete(self, + guid): + """ + A method to delete a DataExportRules object. + + Args: + guid(str): A string representing the object GUID. + + Return: + response(json) + """ + + return super().delete(id=guid) diff --git a/laceworksdk/api/v2/user_groups.py b/laceworksdk/api/v2/user_groups.py index 9676dc7..33771ac 100644 --- a/laceworksdk/api/v2/user_groups.py +++ b/laceworksdk/api/v2/user_groups.py @@ -5,6 +5,7 @@ from laceworksdk.api.base_endpoint import BaseEndpoint + class UserGroupsAPI(BaseEndpoint): def __init__(self, session): super().__init__(session, "UserGroups") diff --git a/laceworksdk/api/v2/vulnerability_exceptions.py b/laceworksdk/api/v2/vulnerability_exceptions.py index 5f4c3a4..fb8426b 100644 --- a/laceworksdk/api/v2/vulnerability_exceptions.py +++ b/laceworksdk/api/v2/vulnerability_exceptions.py @@ -76,8 +76,7 @@ def create(self, **request_params ) - def get(self, - guid=None): + def get(self, guid=None): """ A method to get VulnerabilityExceptions objects. diff --git a/tests/api/__init__.py b/tests/api/__init__.py index bde82a3..7d1f3e4 100644 --- a/tests/api/__init__.py +++ b/tests/api/__init__.py @@ -85,6 +85,25 @@ def email_alert_channel_guid(api): alert_channel_guid = response["data"][0]["intgGuid"] return alert_channel_guid +@pytest.fixture(scope="session") +def s3_alert_channel_guid(api): + response = api.alert_channels.search( + json={ + "filters": [ + { + "expression": "eq", + "field": "type", + "value": "AwsS3" + } + ], + "returns": [ + "intgGuid" + ] + } + ) + alert_channel_guid = response["data"][0]["intgGuid"] + return alert_channel_guid + @pytest.fixture(scope="session") def aws_resource_group_guid(api): diff --git a/tests/api/v2/test_data_export_rules.py b/tests/api/v2/test_data_export_rules.py new file mode 100644 index 0000000..e9c5615 --- /dev/null +++ b/tests/api/v2/test_data_export_rules.py @@ -0,0 +1,48 @@ +# -*- coding: utf-8 -*- +""" +Test suite for the community-developed Python SDK for interacting with Lacework APIs. +""" + +import pytest + +from laceworksdk.api.v2.data_export_rules import DataExportRulesAPI +from tests.api.test_crud_endpoint import CrudEndpoint + + +# Tests + +@pytest.fixture(scope="module") +def api_object(api): + return api.data_export_rules + + +@pytest.fixture(scope="module") +def api_object_create_body(random_text, s3_alert_channel_guid): + return { + "type": "Dataexport", + "filters": { + "name": f"Test Data Export Rule {random_text}", + "description": f"Test Data Export Rule Description {random_text}", + "enabled": 1 + }, + "intg_guid_list": [s3_alert_channel_guid] + } + + +@pytest.fixture(scope="module") +def api_object_update_body(random_text): + return { + "filters": { + "name": f"Test Data Export Rule {random_text} (Updated)", + "enabled": False + } + } + + +class TestDataExportRules(CrudEndpoint): + + OBJECT_ID_NAME = "mcGuid" + OBJECT_TYPE = DataExportRulesAPI + + def test_api_get_by_guid(self, api_object): + self._get_object_classifier_test(api_object, "guid", self.OBJECT_ID_NAME) \ No newline at end of file