Skip to content

Commit

Permalink
Add support for client_certificate and sentinelone_s2s posture rules
Browse files Browse the repository at this point in the history
  • Loading branch information
jlu-cloudflare committed Jul 18, 2023
1 parent a6d449b commit 1b543e5
Show file tree
Hide file tree
Showing 3 changed files with 68 additions and 0 deletions.
7 changes: 7 additions & 0 deletions .changelog/1339.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
```release-note:enhancement
device_posture_rule: support certificate_id and cn for client_certificate posture rule
```

```release-note:enhancement
device_posture_rule: support active_threats, network_status, infected, and is_active for sentinelone_s2s posture rule
```
6 changes: 6 additions & 0 deletions device_posture_rule.go
Original file line number Diff line number Diff line change
Expand Up @@ -187,6 +187,12 @@ type DevicePostureRuleInput struct {
CountOperator string `json:"countOperator,omitempty"`
TotalScore string `json:"total_score,omitempty"`
ScoreOperator string `json:"scoreOperator,omitempty"`
CertificateID string `json:"certificate_id,omitempty"`
CommonName string `json:"cn,omitempty"`
ActiveThreats int `json:"active_threats,omitempty"`
NetworkStatus string `json:"network_status,omitempty"`
Infected bool `json:"infected,omitempty"`
IsActive bool `json:"is_active,omitempty"`
}

// DevicePostureRuleListResponse represents the response from the list
Expand Down
55 changes: 55 additions & 0 deletions device_posture_rule_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -541,6 +541,61 @@ func TestDevicePostureDomainJoinedRule(t *testing.T) {
}
}

func TestDevicePostureClientCertificateRule(t *testing.T) {
setup()
defer teardown()

handler := func(w http.ResponseWriter, r *http.Request) {
assert.Equal(t, http.MethodGet, r.Method, "Expected method 'GET', got %s", r.Method)
w.Header().Set("content-type", "application/json")
fmt.Fprintf(w, `{
"success": true,
"errors": [],
"messages": [],
"result": {
"id": "480f4f69-1a28-4fdd-9240-1ed29f0ac1db",
"schedule": "1h",
"expiration": "1h",
"type": "client_certificate",
"name": "My rule name",
"description": "My description",
"match": [
{
"platform": "windows"
}
],
"input": {
"certificate_id": "d2c04b78-3ba2-4294-8efa-4e85aef0777f",
"cn": "example.com"
}
}
}
`)
}

want := DevicePostureRule{
ID: "480f4f69-1a28-4fdd-9240-1ed29f0ac1db",
Name: "My rule name",
Description: "My description",
Type: "client_certificate",
Schedule: "1h",
Expiration: "1h",
Match: []DevicePostureRuleMatch{{Platform: "windows"}},
Input: DevicePostureRuleInput{
CertificateID: "d2c04b78-3ba2-4294-8efa-4e85aef0777f",
CommonName: "example.com",
},
}

mux.HandleFunc("/accounts/"+testAccountID+"/devices/posture/480f4f69-1a28-4fdd-9240-1ed29f0ac1db", handler)

actual, err := client.DevicePostureRule(context.Background(), testAccountID, "480f4f69-1a28-4fdd-9240-1ed29f0ac1db")

if assert.NoError(t, err) {
assert.Equal(t, want, actual)
}
}

func TestCreateDevicePostureRule(t *testing.T) {
setup()
defer teardown()
Expand Down

0 comments on commit 1b543e5

Please sign in to comment.