diff --git a/management/server/http/api/openapi.yml b/management/server/http/api/openapi.yml index 351976baf..6c1d6b424 100644 --- a/management/server/http/api/openapi.yml +++ b/management/server/http/api/openapi.yml @@ -725,10 +725,6 @@ components: PolicyRuleMinimum: type: object properties: - id: - description: Policy rule ID - type: string - example: ch8i4ug6lnn4g9hqv7mg name: description: Policy rule name identifier type: string @@ -790,6 +786,31 @@ components: - end PolicyRuleUpdate: + allOf: + - $ref: '#/components/schemas/PolicyRuleMinimum' + - type: object + properties: + id: + description: Policy rule ID + type: string + example: ch8i4ug6lnn4g9hqv7mg + sources: + description: Policy rule source group IDs + type: array + items: + type: string + example: "ch8i4ug6lnn4g9hqv797" + destinations: + description: Policy rule destination group IDs + type: array + items: + type: string + example: "ch8i4ug6lnn4g9h7v7m0" + required: + - sources + - destinations + + PolicyRuleCreate: allOf: - $ref: '#/components/schemas/PolicyRuleMinimum' - type: object @@ -817,6 +838,10 @@ components: - $ref: '#/components/schemas/PolicyRuleMinimum' - type: object properties: + id: + description: Policy rule ID + type: string + example: ch8i4ug6lnn4g9hqv7mg sources: description: Policy rule source group IDs type: array @@ -836,10 +861,6 @@ components: PolicyMinimum: type: object properties: - id: - description: Policy ID - type: string - example: ch8i4ug6lnn4g9hqv7mg name: description: Policy name identifier type: string @@ -854,7 +875,6 @@ components: example: true required: - name - - description - enabled PolicyUpdate: allOf: @@ -874,11 +894,33 @@ components: $ref: '#/components/schemas/PolicyRuleUpdate' required: - rules + PolicyCreate: + allOf: + - $ref: '#/components/schemas/PolicyMinimum' + - type: object + properties: + source_posture_checks: + description: Posture checks ID's applied to policy source groups + type: array + items: + type: string + example: "chacdk86lnnboviihd70" + rules: + description: Policy rule object for policy UI editor + type: array + items: + $ref: '#/components/schemas/PolicyRuleUpdate' + required: + - rules Policy: allOf: - $ref: '#/components/schemas/PolicyMinimum' - type: object properties: + id: + description: Policy ID + type: string + example: ch8i4ug6lnn4g9hqv7mg source_posture_checks: description: Posture checks ID's applied to policy source groups type: array @@ -2463,7 +2505,7 @@ paths: content: 'application/json': schema: - $ref: '#/components/schemas/PolicyUpdate' + $ref: '#/components/schemas/PolicyCreate' responses: '200': description: A Policy object diff --git a/management/server/http/api/types.gen.go b/management/server/http/api/types.gen.go index 40574d6f1..83226587f 100644 --- a/management/server/http/api/types.gen.go +++ b/management/server/http/api/types.gen.go @@ -879,7 +879,7 @@ type PersonalAccessTokenRequest struct { // Policy defines model for Policy. type Policy struct { // Description Policy friendly description - Description string `json:"description"` + Description *string `json:"description,omitempty"` // Enabled Policy status Enabled bool `json:"enabled"` @@ -897,16 +897,31 @@ type Policy struct { SourcePostureChecks []string `json:"source_posture_checks"` } -// PolicyMinimum defines model for PolicyMinimum. -type PolicyMinimum struct { +// PolicyCreate defines model for PolicyCreate. +type PolicyCreate struct { // Description Policy friendly description - Description string `json:"description"` + Description *string `json:"description,omitempty"` // Enabled Policy status Enabled bool `json:"enabled"` - // Id Policy ID - Id *string `json:"id,omitempty"` + // Name Policy name identifier + Name string `json:"name"` + + // Rules Policy rule object for policy UI editor + Rules []PolicyRuleUpdate `json:"rules"` + + // SourcePostureChecks Posture checks ID's applied to policy source groups + SourcePostureChecks *[]string `json:"source_posture_checks,omitempty"` +} + +// PolicyMinimum defines model for PolicyMinimum. +type PolicyMinimum struct { + // Description Policy friendly description + Description *string `json:"description,omitempty"` + + // Enabled Policy status + Enabled bool `json:"enabled"` // Name Policy name identifier Name string `json:"name"` @@ -970,9 +985,6 @@ type PolicyRuleMinimum struct { // Enabled Policy rule status Enabled bool `json:"enabled"` - // Id Policy rule ID - Id *string `json:"id,omitempty"` - // Name Policy rule name identifier Name string `json:"name"` @@ -1039,14 +1051,11 @@ type PolicyRuleUpdateProtocol string // PolicyUpdate defines model for PolicyUpdate. type PolicyUpdate struct { // Description Policy friendly description - Description string `json:"description"` + Description *string `json:"description,omitempty"` // Enabled Policy status Enabled bool `json:"enabled"` - // Id Policy ID - Id *string `json:"id,omitempty"` - // Name Policy name identifier Name string `json:"name"` @@ -1473,7 +1482,7 @@ type PutApiPeersPeerIdJSONRequestBody = PeerRequest type PostApiPoliciesJSONRequestBody = PolicyUpdate // PutApiPoliciesPolicyIdJSONRequestBody defines body for PutApiPoliciesPolicyId for application/json ContentType. -type PutApiPoliciesPolicyIdJSONRequestBody = PolicyUpdate +type PutApiPoliciesPolicyIdJSONRequestBody = PolicyCreate // PostApiPostureChecksJSONRequestBody defines body for PostApiPostureChecks for application/json ContentType. type PostApiPostureChecksJSONRequestBody = PostureCheckUpdate diff --git a/management/server/http/handlers/policies/policies_handler.go b/management/server/http/handlers/policies/policies_handler.go index d538d07db..b1035c570 100644 --- a/management/server/http/handlers/policies/policies_handler.go +++ b/management/server/http/handlers/policies/policies_handler.go @@ -133,16 +133,21 @@ func (h *handler) savePolicy(w http.ResponseWriter, r *http.Request, accountID s return } + description := "" + if req.Description != nil { + description = *req.Description + } + policy := &types.Policy{ ID: policyID, AccountID: accountID, Name: req.Name, Enabled: req.Enabled, - Description: req.Description, + Description: description, } for _, rule := range req.Rules { var ruleID string - if rule.Id != nil { + if rule.Id != nil && policyID != "" { ruleID = *rule.Id } @@ -370,7 +375,7 @@ func toPolicyResponse(groups []*types.Group, policy *types.Policy) *api.Policy { ap := &api.Policy{ Id: &policy.ID, Name: policy.Name, - Description: policy.Description, + Description: &policy.Description, Enabled: policy.Enabled, SourcePostureChecks: policy.SourcePostureChecks, } diff --git a/management/server/http/handlers/policies/policies_handler_test.go b/management/server/http/handlers/policies/policies_handler_test.go index 956d0b7cd..3e1be187c 100644 --- a/management/server/http/handlers/policies/policies_handler_test.go +++ b/management/server/http/handlers/policies/policies_handler_test.go @@ -154,6 +154,7 @@ func TestPoliciesGetPolicy(t *testing.T) { func TestPoliciesWritePolicy(t *testing.T) { str := func(s string) *string { return &s } + emptyString := "" tt := []struct { name string expectedStatus int @@ -184,8 +185,9 @@ func TestPoliciesWritePolicy(t *testing.T) { expectedStatus: http.StatusOK, expectedBody: true, expectedPolicy: &api.Policy{ - Id: str("id-was-set"), - Name: "Default POSTed Policy", + Id: str("id-was-set"), + Name: "Default POSTed Policy", + Description: &emptyString, Rules: []api.PolicyRule{ { Id: str("id-was-set"), @@ -232,8 +234,9 @@ func TestPoliciesWritePolicy(t *testing.T) { expectedStatus: http.StatusOK, expectedBody: true, expectedPolicy: &api.Policy{ - Id: str("id-existed"), - Name: "Default POSTed Policy", + Id: str("id-existed"), + Name: "Default POSTed Policy", + Description: &emptyString, Rules: []api.PolicyRule{ { Id: str("id-existed"),