-
Notifications
You must be signed in to change notification settings - Fork 107
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[ BUG ] FirewallPolicy.performFirewallPoliciesAction returns 500 error with 'add-rule-group'. #1059
Comments
Hi @api-clobberer - Fix for this will be included in the This is a good catch, thank you for reporting this issue! 🙇 |
Sheesh! Thank you more for getting on this so quick! |
FYI: While this PR did fix the 500 error, it now returns a 200, with an empty resources field in the body. When I check if the rule groups were added to the policy as I'd expect, they are indeed not added. Difference is now I don't get an error to tell me it's broken. |
I have recreated this issue using both the latest version of the SDK and the public swagger interface. I've also confirmed the SDK is crafting the payloads as per the swagger specification. Thank you for letting us know about this issue. I'm reaching out to the internal team for this API operation to investigate. Stay tuned. |
Reopening to track operation behavior issue. |
Hi @api-clobberer - Did some digging, and the Thank you for identifying this issue! 🙇 Note I found a related bug while researching this issue. Upgrade to |
Describe the bug
DocString shows 'add-rule-group' and 'remove-rule-group' as available options. However, in '_allowed_actions' var within the relevant function, these actions are absent. So the function returns a 500 error instead. If I manually add in the actions, it instead returns a 400 error.
To Reproduce
from falconpy import FirewallPolicies
client = FirewallPolicies()
rg = "target FW rule group"
pol = "target FW policy"
response = client.perform_policies_action(action_name = 'add-rule-group', ids = pol, group_id = rg)
response output:
{'status_code': 500, 'headers': {}, 'body': {'errors': [{'message': 'Invalid value specified for action_name parameter.'}], 'resources': []}}
Again, above error is result of action not being in '_allowed_actions' var. Manually adding these actions does not fix the issue, just instead returns 400 error from server.
Expected behavior
See below output for what happens when following the same steps, but instead trying to use the 'add-host-group' action. This is about what I'd expect to see from the 'add-rule-group' action:
from falconpy import FirewallPolicies
client = FirewallPolicies()
hg = "target host group"
pol = "target FW policy"
response = client.perform_policies_action(action_name = 'add-host-group', ids = pol, group_id = hg)
Reponse output:
'{'status_code': 200, 'headers': {'Server': 'nginx', 'Date': 'Fri, 27 Oct 2023 15:24:17 GMT', 'Content-Type': 'application/json', 'Content-Length': '915', 'Connection': 'keep-alive', 'Content-Encoding': 'gzip', 'Strict-Transport-Security': 'max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains', 'X-Cs-Region': 'us-2', 'X-Cs-Traceid': '...', 'X-Ratelimit-Limit': '6000', 'X-Ratelimit-Remaining': '5999'}, 'body': {'meta': {'query_time': 0.087387752, 'trace_id': '...'}, 'resources': [{...}]'
Environment (please complete the following information):
The text was updated successfully, but these errors were encountered: