//Parse single NetworkRule IpRule in SDK to wrapped property PSIpRule public static PSIpRule ParsePSNetworkRuleIPRule(IPRule ipRule) { PSIpRule returnRule = new PSIpRule(); returnRule.Action = ParsePSNetworkRuleAction(ipRule.Action); returnRule.IPAddressOrRange = ipRule.IPAddressOrRange; return(returnRule); }
//Parse wrapped property PSIpRule to single NetworkRule IpRule in SDK public static IPRule ParseStorageNetworkRuleIPRule(PSIpRule ipRule) { IPRule returnRule = new IPRule(); returnRule.Action = ParseStorageNetworkRuleAction(ipRule.Action); returnRule.IPAddressOrRange = ipRule.IPAddressOrRange; return(returnRule); }
/// <summary> /// Remove one IpRule from IpRule List /// </summary> /// <param name="ruleList">The IpRule List</param> /// <param name="ruleToRemove">The IP Rule to remove</param> /// <returns>true if reove success</returns> public bool RemoveIpRule(IList <IPRule> ruleList, IPRule ruleToRemove) { foreach (IPRule rule in ruleList) { if (rule.IPAddressOrRange == ruleToRemove.IPAddressOrRange) { ruleList.Remove(rule); return(true); } } return(false); }
public override void ExecuteCmdlet() { // Update the NetworlruleSet if (ShouldProcess(target: Name, action: string.Format("Update NetworkruleSet for {0} Namespace in {1} ResourceGroup", Name, ResourceGroupName))) { try { if (ParameterSetName.Equals(NetwrokruleSetPropertiesParameterSet)) { PSNetworkRuleSetAttributes networkRuleSetAttributes = new PSNetworkRuleSetAttributes() { DefaultAction = DefaultAction, TrustedServiceAccessEnabled = TrustedServiceAccessEnabled.IsPresent, IpRules = IPRule.OfType <PSNWRuleSetIpRulesAttributes>().ToList(), VirtualNetworkRules = VirtualNetworkRule.OfType <PSNWRuleSetVirtualNetworkRulesAttributes>().ToList(), PublicNetworkAccess = PublicNetworkAccess }; WriteObject(Client.CreateOrUpdateNetworkRuleSet(ResourceGroupName, Name, networkRuleSetAttributes)); } if (ParameterSetName.Equals(NetwrokruleSetInputObjectParameterSet)) { WriteObject(Client.CreateOrUpdateNetworkRuleSet(ResourceGroupName, Name, InputObject)); } if (ParameterSetName.Equals("NetworkRuleSetResourceIdParameterSet")) { ResourceIdentifier getParamGeoDR = GetResourceDetailsFromId(ResourceId); PSNetworkRuleSetAttributes getNWRuleSet = Client.GetNetworkRuleSet(getParamGeoDR.ResourceGroupName, getParamGeoDR.ParentResource); if (ResourceGroupName != null && getParamGeoDR.ResourceName != null) { if (ShouldProcess(target: Name, action: string.Format("updating NetwrokruleSet", Name, ResourceGroupName))) { WriteObject(Client.CreateOrUpdateNetworkRuleSet(ResourceGroupName, Name, getNWRuleSet)); } } } } catch (Management.EventHub.Models.ErrorResponseException ex) { WriteError(Eventhub.EventHubsClient.WriteErrorforBadrequest(ex)); } } }
public bool PostNewIPRule(IPRule rule) { userContext.VerifyPermission(PermissionToken.ManageIPRules); if (string.IsNullOrEmpty(rule?.Address)) { throw new HttpResponseException(System.Net.HttpStatusCode.BadRequest); } bool result = false; repo.HandleTransaction(ctx => { result = ipRuleManager.AddPermBannedIP(ctx, rule); ctx.AuditLogger.SysLog($"added {rule.Address} to banned IPs"); }); return(result); }
public static IRule CreateRule(string line) { IPRule ipRule = null; if (IPRule.CreateIPRule(line, out ipRule)) { return(ipRule); } HostRule hostRule = null; if (HostRule.CreateHostnameRule(line, out hostRule)) { return(hostRule); } return(null); }
public ActionResult <bool> PostNewIPRule(IPRule rule) { _userContext.VerifyPermission(PermissionToken.ManageIPRules); if (string.IsNullOrEmpty(rule?.Address)) { return(BadRequest()); } bool result = false; _repo.HandleTransaction(ctx => { result = _ipRuleManager.AddPermBannedIP(ctx, rule); ctx.AuditLogger.SysLog($"added {rule.Address} to banned IPs"); }); return(result); }
public bool AddPermBannedIP(IDatabaseContext db, IPRule ipRule) { if (ipRule == null) { throw new ArgumentNullException(nameof(ipRule)); } lock (lockStr) { if (permBannedIPs.Contains(ipRule.Address)) { return(false); } db.Save(ipRule); permBannedIPs.Add(ipRule.Address); return(true); } }
public bool PostNewPermBannedIp(IPRule rule) { userContext.VerifyPermission(PermissionToken.ManageIPRules); if (string.IsNullOrEmpty(rule?.Address)) { throw new HttpResponseException(System.Net.HttpStatusCode.BadRequest); } if (ipRuleManager.PermBannedIPs.Contains(rule.Address)) { return(false); } ipRuleManager.PermBannedIPs.Add(rule.Address); repo.HandleTransaction(ctx => { ctx.Save(rule); ctx.AuditLogger.SysLog("added " + rule.Address + " to banned IPs"); }); return(true); }
public override void ExecuteCmdlet() { base.ExecuteCmdlet(); if (ShouldProcess(this.Name, "Add Storage Account NetworkRules")) { var storageAccount = this.StorageClient.StorageAccounts.GetProperties( this.ResourceGroupName, this.Name); NetworkRuleSet storageACL = storageAccount.NetworkRuleSet; if (storageACL == null) { storageACL = new NetworkRuleSet(); } bool ruleChanged = false; switch (ParameterSetName) { case NetWorkRuleStringParameterSet: if (storageACL.VirtualNetworkRules == null) { storageACL.VirtualNetworkRules = new List <VirtualNetworkRule>(); } foreach (string s in VirtualNetworkResourceId) { bool ruleExist = false; foreach (VirtualNetworkRule originRule in storageACL.VirtualNetworkRules) { if (originRule.VirtualNetworkResourceId.Equals(s, System.StringComparison.InvariantCultureIgnoreCase)) { ruleExist = true; WriteDebug(string.Format("Skip add VirtualNetworkRule as it already exist: {0}", s)); break; } } if (!ruleExist) { VirtualNetworkRule rule = new VirtualNetworkRule(s); storageACL.VirtualNetworkRules.Add(rule); ruleChanged = true; } } break; case IpRuleStringParameterSet: if (storageACL.IpRules == null) { storageACL.IpRules = new List <IPRule>(); } foreach (string s in IPAddressOrRange) { bool ruleExist = false; foreach (IPRule originRule in storageACL.IpRules) { if (originRule.IPAddressOrRange.Equals(s, System.StringComparison.InvariantCultureIgnoreCase)) { ruleExist = true; WriteDebug(string.Format("Skip add IPAddressOrRange as it already exist: {0}", s)); break; } } if (!ruleExist) { IPRule rule = new IPRule(s); storageACL.IpRules.Add(rule); ruleChanged = true; } } break; case ResourceAccessRuleStringParameterSet: if (storageACL.ResourceAccessRules == null) { storageACL.ResourceAccessRules = new List <ResourceAccessRule>(); } bool ResourceAccessruleExist = false; foreach (ResourceAccessRule originRule in storageACL.ResourceAccessRules) { if (originRule.TenantId.Equals(this.TenantId, System.StringComparison.InvariantCultureIgnoreCase) && originRule.ResourceId.Equals(this.ResourceId, System.StringComparison.InvariantCultureIgnoreCase)) { ResourceAccessruleExist = true; WriteDebug(string.Format("Skip add ResourceAccessRule as it already exist, TenantId: {0}, ResourceId: {1}", this.TenantId, this.ResourceId)); break; } } if (!ResourceAccessruleExist) { ResourceAccessRule rule = new ResourceAccessRule(this.TenantId, this.ResourceId); storageACL.ResourceAccessRules.Add(rule); ruleChanged = true; } break; case NetworkRuleObjectParameterSet: if (storageACL.VirtualNetworkRules == null) { storageACL.VirtualNetworkRules = new List <VirtualNetworkRule>(); } foreach (PSVirtualNetworkRule rule in VirtualNetworkRule) { bool ruleExist = false; foreach (VirtualNetworkRule originRule in storageACL.VirtualNetworkRules) { if (originRule.VirtualNetworkResourceId.Equals(rule.VirtualNetworkResourceId, System.StringComparison.InvariantCultureIgnoreCase)) { ruleExist = true; WriteDebug(string.Format("Skip add IPAddressOrRange as it already exist: {0}", rule.VirtualNetworkResourceId)); break; } } if (!ruleExist) { storageACL.VirtualNetworkRules.Add(PSNetworkRuleSet.ParseStorageNetworkRuleVirtualNetworkRule(rule)); ruleChanged = true; } } break; case ResourceAccessRuleObjectParameterSet: if (storageACL.ResourceAccessRules == null) { storageACL.ResourceAccessRules = new List <ResourceAccessRule>(); } foreach (PSResourceAccessRule rule in ResourceAccessRule) { bool ruleExist = false; foreach (ResourceAccessRule originRule in storageACL.ResourceAccessRules) { if (originRule.TenantId.Equals(rule.TenantId, System.StringComparison.InvariantCultureIgnoreCase) && originRule.ResourceId.Equals(rule.ResourceId, System.StringComparison.InvariantCultureIgnoreCase)) { ruleExist = true; WriteDebug(string.Format("Skip add ResourceAccessRule as it already exist, TenantId: {0}, ResourceId: {1}", rule.TenantId, rule.ResourceId)); break; } } if (!ruleExist) { storageACL.ResourceAccessRules.Add(PSNetworkRuleSet.ParseStorageResourceAccessRule(rule)); ruleChanged = true; } } break; case IpRuleObjectParameterSet: if (storageACL.IpRules == null) { storageACL.IpRules = new List <IPRule>(); } foreach (PSIpRule rule in IPRule) { bool ruleExist = false; foreach (IPRule originRule in storageACL.IpRules) { if (originRule.IPAddressOrRange.Equals(rule.IPAddressOrRange, System.StringComparison.InvariantCultureIgnoreCase)) { ruleExist = true; WriteDebug(string.Format("Skip add IPAddressOrRange as it already exist: {0}", rule.IPAddressOrRange)); break; } } if (!ruleExist) { storageACL.IpRules.Add(PSNetworkRuleSet.ParseStorageNetworkRuleIPRule(rule)); ruleChanged = true; } } break; } if (ruleChanged) { StorageAccountUpdateParameters updateParameters = new StorageAccountUpdateParameters(); updateParameters.NetworkRuleSet = storageACL; var updatedAccountResponse = this.StorageClient.StorageAccounts.Update( this.ResourceGroupName, this.Name, updateParameters); storageAccount = this.StorageClient.StorageAccounts.GetProperties(this.ResourceGroupName, this.Name); } switch (ParameterSetName) { case NetWorkRuleStringParameterSet: case NetworkRuleObjectParameterSet: WriteObject(PSNetworkRuleSet.ParsePSNetworkRule(storageAccount.NetworkRuleSet).VirtualNetworkRules); break; case IpRuleStringParameterSet: case IpRuleObjectParameterSet: WriteObject(PSNetworkRuleSet.ParsePSNetworkRule(storageAccount.NetworkRuleSet).IpRules); break; case ResourceAccessRuleStringParameterSet: case ResourceAccessRuleObjectParameterSet: WriteObject(PSNetworkRuleSet.ParsePSNetworkRule(storageAccount.NetworkRuleSet).ResourceAccessRules); break; } } }
public override void ExecuteCmdlet() { base.ExecuteCmdlet(); if (ShouldProcess(this.Name, "Add Storage Account NetworkRules")) { var storageAccount = this.StorageClient.StorageAccounts.GetProperties( this.ResourceGroupName, this.Name); NetworkRuleSet storageACL = storageAccount.NetworkRuleSet; if (storageACL == null) { storageACL = new NetworkRuleSet(); } switch (ParameterSetName) { case NetWorkRuleStringParameterSet: if (storageACL.VirtualNetworkRules == null) { storageACL.VirtualNetworkRules = new List <VirtualNetworkRule>(); } foreach (string s in VirtualNetworkResourceId) { VirtualNetworkRule rule = new VirtualNetworkRule(s); storageACL.VirtualNetworkRules.Add(rule); } break; case IpRuleStringParameterSet: if (storageACL.IpRules == null) { storageACL.IpRules = new List <IPRule>(); } foreach (string s in IPAddressOrRange) { IPRule rule = new IPRule(s); storageACL.IpRules.Add(rule); } break; case NetworkRuleObjectParameterSet: if (storageACL.VirtualNetworkRules == null) { storageACL.VirtualNetworkRules = new List <VirtualNetworkRule>(); } foreach (PSVirtualNetworkRule rule in VirtualNetworkRule) { storageACL.VirtualNetworkRules.Add(PSNetworkRuleSet.ParseStorageNetworkRuleVirtualNetworkRule(rule)); } break; case IpRuleObjectParameterSet: if (storageACL.IpRules == null) { storageACL.IpRules = new List <IPRule>(); } foreach (PSIpRule rule in IPRule) { storageACL.IpRules.Add(PSNetworkRuleSet.ParseStorageNetworkRuleIPRule(rule)); } break; } StorageAccountUpdateParameters updateParameters = new StorageAccountUpdateParameters(); updateParameters.NetworkRuleSet = storageACL; var updatedAccountResponse = this.StorageClient.StorageAccounts.Update( this.ResourceGroupName, this.Name, updateParameters); storageAccount = this.StorageClient.StorageAccounts.GetProperties(this.ResourceGroupName, this.Name); switch (ParameterSetName) { case NetWorkRuleStringParameterSet: case NetworkRuleObjectParameterSet: WriteObject(PSNetworkRuleSet.ParsePSNetworkRule(storageAccount.NetworkRuleSet).VirtualNetworkRules); break; case IpRuleStringParameterSet: case IpRuleObjectParameterSet: WriteObject(PSNetworkRuleSet.ParsePSNetworkRule(storageAccount.NetworkRuleSet).IpRules); break; } } }
public override void ExecuteCmdlet() { base.ExecuteCmdlet(); if (ShouldProcess(this.Name, "Remove Storage Account Networkrules")) { var storageAccount = this.StorageClient.StorageAccounts.GetProperties( this.ResourceGroupName, this.Name); NetworkRuleSet storageACL = storageAccount.NetworkRuleSet; if (storageACL == null) { storageACL = new NetworkRuleSet(); } switch (ParameterSetName) { case NetWorkRuleStringParameterSet: if (storageACL.VirtualNetworkRules == null) { storageACL.VirtualNetworkRules = new List <VirtualNetworkRule>(); } foreach (string s in VirtualNetworkResourceId) { VirtualNetworkRule rule = new VirtualNetworkRule(s); if (!RemoveNetworkRule(storageACL.VirtualNetworkRules, rule)) { throw new ArgumentOutOfRangeException("VirtualNetworkResourceId", String.Format("Can't remove VirtualNetworkRule with specific ResourceId since not exist: {0}", rule.VirtualNetworkResourceId)); } } break; case IpRuleStringParameterSet: if (storageACL.IpRules == null) { storageACL.IpRules = new List <IPRule>(); } foreach (string s in IPAddressOrRange) { IPRule rule = new IPRule(s); if (!RemoveIpRule(storageACL.IpRules, rule)) { throw new ArgumentOutOfRangeException("IPAddressOrRange", String.Format("Can't remove IpRule with specific IPAddressOrRange since not exist: {0}", rule.IPAddressOrRange)); } } break; case NetworkRuleObjectParameterSet: if (storageACL.VirtualNetworkRules == null) { storageACL.VirtualNetworkRules = new List <VirtualNetworkRule>(); } foreach (PSVirtualNetworkRule rule in VirtualNetworkRule) { if (!RemoveNetworkRule(storageACL.VirtualNetworkRules, PSNetworkRuleSet.ParseStorageNetworkRuleVirtualNetworkRule(rule))) { throw new ArgumentOutOfRangeException("VirtualNetworkRule", String.Format("Can't remove VirtualNetworkRule with specific ResourceId since not exist: {0}", rule.VirtualNetworkResourceId)); } } break; case IpRuleObjectParameterSet: if (storageACL.IpRules == null) { storageACL.IpRules = new List <IPRule>(); } foreach (PSIpRule rule in IPRule) { if (!RemoveIpRule(storageACL.IpRules, PSNetworkRuleSet.ParseStorageNetworkRuleIPRule(rule))) { throw new ArgumentOutOfRangeException("IPRule", String.Format("Can't remove IpRule with specific IPAddressOrRange since not exist: {0}", rule.IPAddressOrRange)); } } break; } StorageAccountUpdateParameters updateParameters = new StorageAccountUpdateParameters(); updateParameters.NetworkRuleSet = storageACL; var updatedAccountResponse = this.StorageClient.StorageAccounts.Update( this.ResourceGroupName, this.Name, updateParameters); storageAccount = this.StorageClient.StorageAccounts.GetProperties(this.ResourceGroupName, this.Name); switch (ParameterSetName) { case NetWorkRuleStringParameterSet: case NetworkRuleObjectParameterSet: WriteObject(PSNetworkRuleSet.ParsePSNetworkRule(storageAccount.NetworkRuleSet).VirtualNetworkRules); break; case IpRuleStringParameterSet: case IpRuleObjectParameterSet: WriteObject(PSNetworkRuleSet.ParsePSNetworkRule(storageAccount.NetworkRuleSet).IpRules); break; } } }
public PSIPRule(IPRule rule) { Action = rule.Action; IPAddressOrRange = rule.IPAddressOrRange; Validate(); }