@ -26,9 +26,9 @@ author:
- Andrew Welsh ( @Ghilli3 )
- Andrew Welsh ( @Ghilli3 )
- Jim Huber ( @p4r4n0y1ng )
- Jim Huber ( @p4r4n0y1ng )
httpapi : fortianalyzer httpapi : fortianalyzer
short_description : HttpApi Plugin for Fortinet FortiAnalyzer Appliance or VM short_description : HttpApi Plugin for Fortinet FortiAnalyzer Appliance or VM .
description : description :
- This HttpApi plugin provides methods to connect to Fortinet FortiAnalyzer Appliance or VM via JSON RPC API
- This HttpApi plugin provides methods to connect to Fortinet FortiAnalyzer Appliance or VM via JSON RPC API .
version_added : " 2.9 " version_added : " 2.9 "
""" """
@ -87,7 +87,7 @@ class HttpApi(HttpApiBase):
: param username : Username of FortiAnalyzer Admin
: param username : Username of FortiAnalyzer Admin
: param password : Password of FortiAnalyzer Admin
: param password : Password of FortiAnalyzer Admin
: return : Dictionary of status , if it logged in or not .
: return : Dictionary of status if it logged in or not .
"""
"""
self . _logged_in_user = username
self . _logged_in_user = username
@ -95,11 +95,11 @@ class HttpApi(HttpApiBase):
passwd = password , user = username , ) )
passwd = password , user = username , ) )
if " FortiAnalyzer object connected to FortiAnalyzer " in self . __str__ ( ) :
if " FortiAnalyzer object connected to FortiAnalyzer " in self . __str__ ( ) :
# If Login worked , then inspect the FortiAnalyzer for Workspace Mode, and it's system information.
# If Login worked then inspect the FortiAnalyzer for Workspace Mode, and it's system information.
self . inspect_faz ( )
self . inspect_faz ( )
return
return
else :
else :
raise FAZBaseException ( msg = " Unknown error while logging in...connection was lost during login operation... . "
raise FAZBaseException ( msg = " Unknown error while logging in...connection was lost during login operation... "
" Exiting " )
" Exiting " )
def inspect_faz ( self ) :
def inspect_faz ( self ) :
@ -119,7 +119,7 @@ class HttpApi(HttpApiBase):
self . get_locked_adom_list ( )
self . get_locked_adom_list ( )
self . _connected_faz = status [ 1 ]
self . _connected_faz = status [ 1 ]
self . _host = self . _connected_faz [ " Hostname " ]
self . _host = self . _connected_faz [ " Hostname " ]
except Base Exception:
except :
pass
pass
return
return
@ -145,12 +145,17 @@ class HttpApi(HttpApiBase):
: param method : The preferred API Request method ( GET , ADD , POST , etc . . . . )
: param method : The preferred API Request method ( GET , ADD , POST , etc . . . . )
: type method : basestring
: type method : basestring
: return : Dictionary of status , if it logged in or not .
: return : Dictionary of status if it logged in or not .
"""
"""
try :
try :
if self . sid is None and params [ 0 ] [ " url " ] != " sys/login/user " :
if self . sid is None and params [ 0 ] [ " url " ] != " sys/login/user " :
raise FAZBaseException ( " An attempt was made to login with the SID None and URL != login url. " )
try :
self . connection . _connect ( )
except Exception as err :
raise FAZBaseException (
msg = " An problem happened with the httpapi plugin self-init connection process. "
" Error: " + to_text ( err ) )
except IndexError :
except IndexError :
raise FAZBaseException ( " An attempt was made at communicating with a FAZ with "
raise FAZBaseException ( " An attempt was made at communicating with a FAZ with "
" no valid session and an incorrectly formatted request. " )
" no valid session and an incorrectly formatted request. " )
@ -214,7 +219,7 @@ class HttpApi(HttpApiBase):
try :
try :
if self . _connected_faz :
if self . _connected_faz :
return self . _connected_faz
return self . _connected_faz
except Base Exception:
except :
raise FAZBaseException ( " Couldn ' t Retrieve Connected FAZ Stats " )
raise FAZBaseException ( " Couldn ' t Retrieve Connected FAZ Stats " )
def get_system_status ( self ) :
def get_system_status ( self ) :
@ -254,7 +259,7 @@ class HttpApi(HttpApiBase):
def __str__ ( self ) :
def __str__ ( self ) :
if self . sid is not None and self . connection . _url is not None :
if self . sid is not None and self . connection . _url is not None :
return " FortiAnalyzer object connected to FortiAnalyzer: " + str ( self . connection . _url )
return " FortiAnalyzer object connected to FortiAnalyzer: " + to_text ( self . connection . _url )
return " FortiAnalyzer object with no valid connection to a FortiAnalyzer appliance. "
return " FortiAnalyzer object with no valid connection to a FortiAnalyzer appliance. "
##################################
##################################
@ -301,7 +306,7 @@ class HttpApi(HttpApiBase):
self . uses_workspace = False
self . uses_workspace = False
except KeyError :
except KeyError :
self . uses_workspace = False
self . uses_workspace = False
except Base Exception:
except :
raise FAZBaseException ( msg = " Couldn ' t determine workspace-mode in the plugin " )
raise FAZBaseException ( msg = " Couldn ' t determine workspace-mode in the plugin " )
try :
try :
if resp_obj [ " adom-status " ] in [ 1 , " enable " ] :
if resp_obj [ " adom-status " ] in [ 1 , " enable " ] :
@ -310,7 +315,7 @@ class HttpApi(HttpApiBase):
self . uses_adoms = False
self . uses_adoms = False
except KeyError :
except KeyError :
self . uses_adoms = False
self . uses_adoms = False
except Base Exception:
except :
raise FAZBaseException ( msg = " Couldn ' t determine adom-status in the plugin " )
raise FAZBaseException ( msg = " Couldn ' t determine adom-status in the plugin " )
def run_unlock ( self ) :
def run_unlock ( self ) :
@ -386,12 +391,12 @@ class HttpApi(HttpApiBase):
resp_obj = self . send_request ( FAZMethods . GET , data )
resp_obj = self . send_request ( FAZMethods . GET , data )
code = resp_obj [ 0 ]
code = resp_obj [ 0 ]
if code != 0 :
if code != 0 :
self . _module . fail_json ( msg = ( " An error occurred trying to get the ADOM Lock Info. Error: " + str ( resp_obj ) ) )
self . _module . fail_json ( msg = ( " An error occurred trying to get the ADOM Lock Info. Error: " + to_text ( resp_obj ) ) )
elif code == 0 :
elif code == 0 :
try :
try :
if resp_obj [ 1 ] [ " status " ] [ " message " ] == " OK " :
if resp_obj [ 1 ] [ " status " ] [ " message " ] == " OK " :
self . _lock_info = None
self . _lock_info = None
except Base Exception:
except :
self . _lock_info = resp_obj [ 1 ]
self . _lock_info = resp_obj [ 1 ]
return resp_obj
return resp_obj
@ -406,13 +411,13 @@ class HttpApi(HttpApiBase):
resp_obj = self . send_request ( FAZMethods . GET , data )
resp_obj = self . send_request ( FAZMethods . GET , data )
code = resp_obj [ 0 ]
code = resp_obj [ 0 ]
if code != 0 :
if code != 0 :
self . _module . fail_json ( msg = ( " An error occurred trying to get the ADOM Info. Error: " + str ( resp_obj ) ) )
self . _module . fail_json ( msg = ( " An error occurred trying to get the ADOM Info. Error: " + to_text ( resp_obj ) ) )
elif code == 0 :
elif code == 0 :
num_of_adoms = len ( resp_obj [ 1 ] )
num_of_adoms = len ( resp_obj [ 1 ] )
append_list = [ ' root ' , ]
append_list = [ ' root ' , ]
for adom in resp_obj [ 1 ] :
for adom in resp_obj [ 1 ] :
if adom [ " tab_status " ] != " " :
if adom [ " tab_status " ] != " " :
append_list . append ( str ( adom [ " name " ] ) )
append_list . append ( to_text ( adom [ " name " ] ) )
self . _adom_list = append_list
self . _adom_list = append_list
return resp_obj
return resp_obj
@ -428,22 +433,22 @@ class HttpApi(HttpApiBase):
try :
try :
if adom_lock_info [ 1 ] [ " status " ] [ " message " ] == " OK " :
if adom_lock_info [ 1 ] [ " status " ] [ " message " ] == " OK " :
continue
continue
except Base Exception:
except :
pass
pass
try :
try :
if adom_lock_info [ 1 ] [ 0 ] [ " lock_user " ] :
if adom_lock_info [ 1 ] [ 0 ] [ " lock_user " ] :
locked_list . append ( str ( adom ) )
locked_list . append ( to_text ( adom ) )
if adom_lock_info [ 1 ] [ 0 ] [ " lock_user " ] == self . _logged_in_user :
if adom_lock_info [ 1 ] [ 0 ] [ " lock_user " ] == self . _logged_in_user :
locked_by_user_list . append ( { " adom " : str ( adom ) , " user " : str ( adom_lock_info [ 1 ] [ 0 ] [ " lock_user " ] ) } )
locked_by_user_list . append ( { " adom " : to_text ( adom ) , " user " : to_text ( adom_lock_info [ 1 ] [ 0 ] [ " lock_user " ] ) } )
except Base Exception as err :
except as err :
raise FAZBaseException ( err )
raise FAZBaseException ( err )
self . _locked_adom_list = locked_list
self . _locked_adom_list = locked_list
self . _locked_adoms_by_user = locked_by_user_list
self . _locked_adoms_by_user = locked_by_user_list
except Base Exception as err :
except as err :
raise FAZBaseException ( msg = ( " An error occurred while trying to get the locked adom list. Error: "
raise FAZBaseException ( msg = ( " An error occurred while trying to get the locked adom list. Error: "
+ str ( err ) ) )
+ to_text ( err ) ) )
################################
################################ #
# END DATABASE LOCK CONTEXT CODE
# END DATABASE LOCK CONTEXT CODE
################################
################################ #
Fortinet Core CSE NA
5 years ago
committed by