DXE-4081 Merge pull request #209 from akamai/release/v8.4.0

Author: dawiddzhafarov

CHANGELOG.md

@@ -1,5 +1,28 @@
 # EDGEGRID GOLANG RELEASE NOTES
 
+## 8.4.0 (Aug 22, 2024)
+
+#### FEATURES/ENHANCEMENTS:
+
+* APPSEC
+  * Added field `ClientLists` to `RuleConditions` and `AttackGroupConditions`
+  * The `RequestBodyInspectionLimitOverride` field has been added in the following structures:
+    * `GetAdvancedSettingsRequestBodyResponse`,
+    * `UpdateAdvancedSettingsRequestBodyRequest`,
+    * `UpdateAdvancedSettingsRequestBodyResponse`,
+    * `RemoveAdvancedSettingsRequestBodyRequest`,
+    * `RemoveAdvancedSettingsRequestBodyResponse`
+
+* IAM
+  * Added new methods:
+    * [GetProperty](https://techdocs.akamai.com/iam-api/reference/get-property)
+    * [ListProperties](https://techdocs.akamai.com/iam-api/reference/get-properties)
+    * [MoveProperty](https://techdocs.akamai.com/iam-api/reference/put-property)
+    * `MapPropertyIDToName` - to provide property name for given IAM property ID
+    
+* PAPI
+  * Added new method `MapPropertyNameToID` to provide PAPI property ID for given property name
+
 ## 8.3.0 (July 09, 2024)
 
 #### FEATURES/ENHANCEMENTS:

go.mod

@@ -3,7 +3,6 @@ module github.com/akamai/AkamaiOPEN-edgegrid-golang/v8
 go 1.21
 
 require (
-	github.com/akamai/AkamaiOPEN-edgegrid-golang/v7 v7.6.1
 	github.com/apex/log v1.9.0
 	github.com/go-ozzo/ozzo-validation/v4 v4.3.0
 	github.com/google/uuid v1.1.1
@@ -20,10 +19,12 @@ require (
 	github.com/andres-erbsen/clock v0.0.0-20160526145045-9e14626cd129 // indirect
 	github.com/asaskevich/govalidator v0.0.0-20200108200545-475eaeb16496 // indirect
 	github.com/davecgh/go-spew v1.1.1 // indirect
-	github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1 // indirect
-	github.com/jtolds/gls v4.20.0+incompatible // indirect
+	github.com/kr/text v0.2.0 // indirect
+	github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e // indirect
 	github.com/pkg/errors v0.9.1 // indirect
 	github.com/pmezard/go-difflib v1.0.0 // indirect
+	github.com/smartystreets/goconvey v1.6.4 // indirect
 	github.com/stretchr/objx v0.5.0 // indirect
+	gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 )

go.sum

@@ -1,5 +1,3 @@
-github.com/akamai/AkamaiOPEN-edgegrid-golang/v7 v7.6.1 h1:KrYkNvCKBGPs/upjgJCojZnnmt5XdEPWS4L2zRQm7+o=
-github.com/akamai/AkamaiOPEN-edgegrid-golang/v7 v7.6.1/go.mod h1:gajRk0oNRQj4bHUc2SGAvAp/gPestSpuvK4QXU1QtPA=
 github.com/andres-erbsen/clock v0.0.0-20160526145045-9e14626cd129 h1:MzBOUgng9orim59UnfUTLRjMpd09C5uEVQ6RPGeCaVI=
 github.com/andres-erbsen/clock v0.0.0-20160526145045-9e14626cd129/go.mod h1:rFgpPQZYZ8vdbc+48xibu8ALc3yeyd64IhHS+PU6Yyg=
 github.com/apex/log v1.9.0 h1:FHtw/xuaM8AgmvDDTI9fiwoAL25Sq2cxojnZICUU8l0=
@@ -11,6 +9,7 @@ github.com/asaskevich/govalidator v0.0.0-20200108200545-475eaeb16496 h1:zV3ejI06
 github.com/asaskevich/govalidator v0.0.0-20200108200545-475eaeb16496/go.mod h1:oGkLhpf+kjZl6xBf758TQhh5XrAeiJv/7FRz/2spLIg=
 github.com/aws/aws-sdk-go v1.20.6/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo=
 github.com/aybabtme/rgbterm v0.0.0-20170906152045-cc83f3b3ce59/go.mod h1:q/89r3U2H7sSsE2t6Kca0lfwTK8JdoNGS/yzM/4iH5I=
+github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
@@ -54,6 +53,7 @@ github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZb
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
 github.com/rogpeppe/fastuuid v1.1.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ=
 github.com/sergi/go-diff v1.0.0/go.mod h1:0CfEIISq7TuYL3j771MWULgwwjU+GofnZX9QAmXWZgo=
+github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d/go.mod h1:OnSkiWE9lh6wB0YB77sQom3nweQdgAjqCqsofrRNTgc=
 github.com/smartystreets/assertions v1.0.0 h1:UVQPSSmc3qtTi+zPPkCXvZX9VvW/xT/NsRvKfwY81a8=
 github.com/smartystreets/assertions v1.0.0/go.mod h1:kHHU4qYBaI3q23Pp3VPrmWhuIUrLW/7eUrw0BU5VaoM=
 github.com/smartystreets/go-aws-auth v0.0.0-20180515143844-0c1422d1fdb9/go.mod h1:SnhjPscd9TpLiy1LpzGSKh3bXCfxxXuqd9xmQJy3slM=
@@ -88,6 +88,7 @@ go.uber.org/ratelimit v0.2.0/go.mod h1:YYBV4e4naJvhpitQrWJu1vCpgB7CboMe0qhltKt6m
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
 golang.org/x/crypto v0.0.0-20190426145343-a29dc8fdc734/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
 golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
+golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
 golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
 golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.23.0 h1:7EYJ93RZ9vYSZAIb2x3lnuvqO5zneoD6IvWjuhfxjTs=
@@ -100,6 +101,7 @@ golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7w
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
 golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
+golang.org/x/tools v0.0.0-20190328211700-ab21143f2384/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f h1:BLraFXnmrev5lT+xlilqcH8XK9/i0At2xKjWk4p6zsU=

pkg/appsec/advanced_settings_request_body.go

@@ -44,33 +44,38 @@ type (
 
 	// GetAdvancedSettingsRequestBodyResponse is returned from a call to GetAdvancedSettingsRequestBody.
 	GetAdvancedSettingsRequestBodyResponse struct {
-		RequestBodyInspectionLimitInKB RequestBodySizeLimit `json:"requestBodyInspectionLimitInKB"`
+		RequestBodyInspectionLimitInKB     RequestBodySizeLimit `json:"requestBodyInspectionLimitInKB"`
+		RequestBodyInspectionLimitOverride bool                 `json:"override"`
 	}
 
 	// UpdateAdvancedSettingsRequestBodyRequest is used to update the Request body settings for a configuration or policy.
 	UpdateAdvancedSettingsRequestBodyRequest struct {
-		ConfigID                       int
-		Version                        int
-		PolicyID                       string
-		RequestBodyInspectionLimitInKB RequestBodySizeLimit `json:"requestBodyInspectionLimitInKB"`
+		ConfigID                           int
+		Version                            int
+		PolicyID                           string
+		RequestBodyInspectionLimitInKB     RequestBodySizeLimit `json:"requestBodyInspectionLimitInKB"`
+		RequestBodyInspectionLimitOverride bool                 `json:"override"`
 	}
 
 	// UpdateAdvancedSettingsRequestBodyResponse is returned from a call to UpdateAdvancedSettingsRequestBody.
 	UpdateAdvancedSettingsRequestBodyResponse struct {
-		RequestBodyInspectionLimitInKB RequestBodySizeLimit `json:"requestBodyInspectionLimitInKB"`
+		RequestBodyInspectionLimitInKB     RequestBodySizeLimit `json:"requestBodyInspectionLimitInKB"`
+		RequestBodyInspectionLimitOverride bool                 `json:"override"`
 	}
 
 	// RemoveAdvancedSettingsRequestBodyRequest is used to reset the Request body settings for a configuration or policy.
 	RemoveAdvancedSettingsRequestBodyRequest struct {
-		ConfigID                       int
-		Version                        int
-		PolicyID                       string
-		RequestBodyInspectionLimitInKB RequestBodySizeLimit `json:"requestBodyInspectionLimitInKB"`
+		ConfigID                           int
+		Version                            int
+		PolicyID                           string
+		RequestBodyInspectionLimitInKB     RequestBodySizeLimit `json:"requestBodyInspectionLimitInKB"`
+		RequestBodyInspectionLimitOverride bool                 `json:"override"`
 	}
 
 	// RemoveAdvancedSettingsRequestBodyResponse is returned from a call to RemoveAdvancedSettingsRequestBody.
 	RemoveAdvancedSettingsRequestBodyResponse struct {
-		RequestBodyInspectionLimitInKB RequestBodySizeLimit `json:"requestBodyInspectionLimitInKB"`
+		RequestBodyInspectionLimitInKB     RequestBodySizeLimit `json:"requestBodyInspectionLimitInKB"`
+		RequestBodyInspectionLimitOverride bool                 `json:"override"`
 	}
 
 	// RequestBodySizeLimit is used to create an "enum" of possible types default, 8, 16, 32

pkg/appsec/advanced_settings_request_body_test.go

@@ -164,7 +164,7 @@ func TestAppsecGetAdvancedSettingsRequestBodyPolicy(t *testing.T) {
 
 	result := GetAdvancedSettingsRequestBodyResponse{}
 
-	respData := compactJSON(loadFixtureBytes("testdata/TestAdvancedSettingsRequestBody/AdvancedSettingsRequestBody.json"))
+	respData := compactJSON(loadFixtureBytes("testdata/TestAdvancedSettingsRequestBody/AdvancedSettingsRequestBodyPolicy.json"))
 	err := json.Unmarshal([]byte(respData), &result)
 	require.NoError(t, err)
 
@@ -318,13 +318,13 @@ func TestAppsecUpdateAdvancedSettingsRequestBody(t *testing.T) {
 func TestAppsecUpdateAdvancedSettingsRequestBodyPolicy(t *testing.T) {
 	result := UpdateAdvancedSettingsRequestBodyResponse{}
 
-	respData := compactJSON(loadFixtureBytes("testdata/TestAdvancedSettingsRequestBody/AdvancedSettingsRequestBody.json"))
+	respData := compactJSON(loadFixtureBytes("testdata/TestAdvancedSettingsRequestBody/AdvancedSettingsRequestBodyPolicy.json"))
 	err := json.Unmarshal([]byte(respData), &result)
 	require.NoError(t, err)
 
 	req := UpdateAdvancedSettingsRequestBodyRequest{}
 
-	reqData := compactJSON(loadFixtureBytes("testdata/TestAdvancedSettingsRequestBody/AdvancedSettingsRequestBody.json"))
+	reqData := compactJSON(loadFixtureBytes("testdata/TestAdvancedSettingsRequestBody/AdvancedSettingsRequestBodyPolicy.json"))
 	err = json.Unmarshal([]byte(reqData), &req)
 	require.NoError(t, err)
 
@@ -351,6 +351,26 @@ func TestAppsecUpdateAdvancedSettingsRequestBodyPolicy(t *testing.T) {
 			expectedResponse: &result,
 			expectedPath:     "/appsec/v1/configs/43253/versions/15/security-policies/test_policy/advanced-settings/request-body",
 		},
+		"400 invalid input error": {
+			params: UpdateAdvancedSettingsRequestBodyRequest{
+				ConfigID: 43253,
+				Version:  15,
+			},
+			responseStatus: http.StatusBadRequest,
+			responseBody: `
+			{
+    			"detail": "The value of the request body size parameter must be one of [default, 8, 16, 32]",
+    			"title": "Invalid Input Error",
+				"type": "internal_error"
+			}`,
+			expectedPath: "/appsec/v1/configs/43253/versions/15/advanced-settings/request-body",
+			withError: &Error{
+				Type:       "internal_error",
+				Title:      "Invalid Input Error",
+				Detail:     "The value of the request body size parameter must be one of [default, 8, 16, 32]",
+				StatusCode: http.StatusBadRequest,
+			},
+		},
 		"500 internal server error": {
 			params: UpdateAdvancedSettingsRequestBodyRequest{
 				ConfigID: 43253,
@@ -398,3 +418,139 @@ func TestAppsecUpdateAdvancedSettingsRequestBodyPolicy(t *testing.T) {
 		})
 	}
 }
+
+func TestAppsecUpdateAdvancedSettingsRequestBodyPolicyWithInvalidValue(t *testing.T) {
+	result := UpdateAdvancedSettingsRequestBodyResponse{}
+
+	respData := compactJSON(loadFixtureBytes("testdata/TestAdvancedSettingsRequestBody/AdvancedSettingsRequestBodyPolicyWithInvalidValue.json"))
+	err := json.Unmarshal([]byte(respData), &result)
+	require.NoError(t, err)
+
+	req := UpdateAdvancedSettingsRequestBodyRequest{}
+
+	reqData := compactJSON(loadFixtureBytes("testdata/TestAdvancedSettingsRequestBody/AdvancedSettingsRequestBodyPolicyWithInvalidValue.json"))
+	err = json.Unmarshal([]byte(reqData), &req)
+	require.NoError(t, err)
+
+	tests := map[string]struct {
+		params           UpdateAdvancedSettingsRequestBodyRequest
+		responseStatus   int
+		responseBody     string
+		expectedPath     string
+		expectedResponse *UpdateAdvancedSettingsRequestBodyResponse
+		withError        error
+		headers          http.Header
+	}{
+		"400 invalid input error": {
+			params: UpdateAdvancedSettingsRequestBodyRequest{
+				ConfigID:                           43253,
+				Version:                            15,
+				RequestBodyInspectionLimitInKB:     req.RequestBodyInspectionLimitInKB,
+				RequestBodyInspectionLimitOverride: req.RequestBodyInspectionLimitOverride,
+			},
+			responseStatus: http.StatusBadRequest,
+			responseBody: `
+			{
+    			"detail": "The value of the request body size parameter must be one of [default, 8, 16, 32]",
+    			"title": "Invalid Input Error",
+				"type": "internal_error"
+			}`,
+			expectedPath: "/appsec/v1/configs/43253/versions/15/advanced-settings/request-body",
+			withError: &Error{
+				Type:       "internal_error",
+				Title:      "Invalid Input Error",
+				Detail:     "The value of the request body size parameter must be one of [default, 8, 16, 32]",
+				StatusCode: http.StatusBadRequest,
+			},
+		},
+	}
+
+	for name, test := range tests {
+		t.Run(name, func(t *testing.T) {
+			mockServer := httptest.NewTLSServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+				assert.Equal(t, http.MethodPut, r.Method)
+				w.WriteHeader(test.responseStatus)
+				if len(test.responseBody) > 0 {
+					_, err := w.Write([]byte(test.responseBody))
+					assert.NoError(t, err)
+				}
+			}))
+			client := mockAPIClient(t, mockServer)
+			result, err := client.UpdateAdvancedSettingsRequestBody(
+				session.ContextWithOptions(
+					context.Background(),
+					session.WithContextHeaders(test.headers)), test.params)
+			if test.withError != nil {
+				assert.True(t, errors.Is(err, test.withError), "want: %s; got: %s", test.withError, err)
+				return
+			}
+			require.NoError(t, err)
+			assert.Equal(t, test.expectedResponse, result)
+		})
+	}
+}
+
+func TestAppsecUpdateAdvancedSettingsRequestBodyPolicyWithOverrideUnset(t *testing.T) {
+	result := RemoveAdvancedSettingsRequestBodyResponse{}
+
+	respData := compactJSON(loadFixtureBytes("testdata/TestAdvancedSettingsRequestBody/AdvancedSettingsRequestBodyPolicyWithOverrideUnsetResponse.json"))
+	err := json.Unmarshal([]byte(respData), &result)
+	require.NoError(t, err)
+
+	req := RemoveAdvancedSettingsRequestBodyRequest{}
+
+	reqData := compactJSON(loadFixtureBytes("testdata/TestAdvancedSettingsRequestBody/AdvancedSettingsRequestBodyPolicyWithOverrideUnsetRequest.json"))
+	err = json.Unmarshal([]byte(reqData), &req)
+	require.NoError(t, err)
+
+	tests := map[string]struct {
+		params           RemoveAdvancedSettingsRequestBodyRequest
+		responseStatus   int
+		responseBody     string
+		expectedPath     string
+		expectedResponse *RemoveAdvancedSettingsRequestBodyResponse
+		withError        error
+		headers          http.Header
+	}{
+		"200 Success": {
+			params: RemoveAdvancedSettingsRequestBodyRequest{
+				ConfigID:                           43253,
+				Version:                            15,
+				PolicyID:                           "test_policy",
+				RequestBodyInspectionLimitInKB:     req.RequestBodyInspectionLimitInKB,
+				RequestBodyInspectionLimitOverride: req.RequestBodyInspectionLimitOverride,
+			},
+			headers: http.Header{
+				"Content-Type": []string{"application/json;charset=UTF-8"},
+			},
+			responseStatus:   http.StatusCreated,
+			responseBody:     respData,
+			expectedResponse: &result,
+			expectedPath:     "/appsec/v1/configs/43253/versions/15/security-policies/test_policy/advanced-settings/request-body",
+		},
+	}
+
+	for name, test := range tests {
+		t.Run(name, func(t *testing.T) {
+			mockServer := httptest.NewTLSServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+				assert.Equal(t, http.MethodPut, r.Method)
+				w.WriteHeader(test.responseStatus)
+				if len(test.responseBody) > 0 {
+					_, err := w.Write([]byte(test.responseBody))
+					assert.NoError(t, err)
+				}
+			}))
+			client := mockAPIClient(t, mockServer)
+			result, err := client.RemoveAdvancedSettingsRequestBody(
+				session.ContextWithOptions(
+					context.Background(),
+					session.WithContextHeaders(test.headers)), test.params)
+			if test.withError != nil {
+				assert.True(t, errors.Is(err, test.withError), "want: %s; got: %s", test.withError, err)
+				return
+			}
+			require.NoError(t, err)
+			assert.Equal(t, test.expectedResponse, result)
+		})
+	}
+}

pkg/appsec/attack_group.go

@@ -63,6 +63,7 @@ type (
 		ValueCase     bool     `json:"valueCase,omitempty"`
 		ValueWildcard bool     `json:"valueWildcard,omitempty"`
 		UseHeaders    bool     `json:"useHeaders,omitempty"`
+		ClientLists   []string `json:"clientLists,omitempty"`
 	}
 
 	// AttackGroupAdvancedCriteria describes the hostname and path criteria used to limit the scope of an exception.

pkg/appsec/export_configuration.go

@@ -694,7 +694,8 @@ type (
 
 	// RequestBody is returned as part of GetExportConfigurationResponse.
 	RequestBody struct {
-		RequestBodyInspectionLimitInKB string `json:"requestBodyInspectionLimitInKB"`
+		RequestBodyInspectionLimitInKB     string `json:"requestBodyInspectionLimitInKB"`
+		RequestBodyInspectionLimitOverride bool   `json:"override"`
 	}
 
 	// ConditionsExp is returned as part of GetExportConfigurationResponse.

pkg/appsec/rule.go

@@ -111,6 +111,7 @@ type (
 		ValueCase     bool     `json:"valueCase,omitempty"`
 		ValueWildcard bool     `json:"valueWildcard,omitempty"`
 		UseHeaders    bool     `json:"useHeaders,omitempty"`
+		ClientLists   []string `json:"clientLists,omitempty"`
 	}
 
 	// RuleException is used to describe the exceptions for a rule.

pkg/appsec/testdata/TestAdvancedSettingsRequestBody/AdvancedSettingsRequestBodyPolicy.json

@@ -0,0 +1,4 @@
+{
+  "override": true,
+  "requestBodyInspectionLimitInKB": "32"
+}

pkg/appsec/testdata/TestAdvancedSettingsRequestBody/AdvancedSettingsRequestBodyPolicyWithInvalidValue.json

@@ -0,0 +1,4 @@
+{
+  "override": true,
+  "requestBodyInspectionLimitInKB": "abcd"
+}