16 create firewall policy api (#17)

* Create firewall policy

go.mod

@@ -1,4 +1,4 @@
-module github.com/ubiquiti-community/go-unifi
+module github.com/vegardengen/go-unifi
 
 go 1.21
 

unifi/account_test.go

@@ -5,7 +5,7 @@ import (
 	"testing"
 
 	"github.com/tj/assert"
-	"github.com/ubiquiti-community/go-unifi/unifi"
+	"github.com/vegardengen/go-unifi/unifi"
 )
 
 func TestAccountMarshalJSON(t *testing.T) {

unifi/firewall_policy.go

@@ -0,0 +1,141 @@
+package unifi
+
+import (
+	"context"
+	"fmt"
+)
+
+type FirewallDestination         struct {
+		IPGroupID          string   `json:"ip_group_id"`
+		IPs                []string `json:"ips,omitempty"`
+		MatchOppositeIPs   bool     `json:"match_opposite_ips"`
+		MatchOppositePorts bool     `json:"match_opposite_ports"`
+		MatchingTarget     string   `json:"matching_target"`
+		MatchingTargetType    string   `json:"matching_target_type"`
+		NetworkIDs         [] string   `json:"network_ids,omitempty"`
+		Port               string   `json:"port,omitempty"`
+		PortGroupID        string   `json:"port_group_id"`
+		PortMatchingType   string   `json:"port_matching_type"`
+		Regions            []string `json:"regions,omitempty"`
+		ZoneID             string   `json:"zone_id"`
+	} 
+
+type FirewallSource struct {
+		ClientMacs            []string `json:"client_macs,omitempty"`
+		IPs                   []string `json:"ips,omitempty"`
+		MatchMac              bool     `json:"match_mac"`
+		MatchOppositeIPs      bool     `json:"match_opposite_ips"`
+		MatchOppositeNetworks bool     `json:"match_opposite_networks"`
+		MatchOppositePorts    bool     `json:"match_opposite_ports"`
+		MatchingTarget        string   `json:"matching_target,omitempty"`
+		MatchingTargetType    string   `json:"matching_target_type,omitempty"`
+		NetworkIDs            []string `json:"network_ids,omitempty"`
+		Port                  string   `json:"port,omitempty"`
+		PortMatchingType      string   `json:"port_matching_type,omitempty"`
+		ZoneID                string   `json:"zone_id,omitempty"`
+	}
+
+type FirewallSchedule              struct {
+		Mode         string        `json:"mode"`
+		DateStart     string  `json:"date_start,omitempty"`
+		DateEnd     string  `json:"date_end,omitempty"`
+		RepeatOnDays []string `json:"repeat_on_days"`
+		TimeAllDay   bool          `json:"time_all_day"`
+		TimeRangeStart string      `json:"time_range_start,omitempty"`
+		TimeRangeEnd string      `json:"time_range_end,omitempty"`
+	}
+
+type FirewallPolicy struct {
+	ID string `json:"_id,omitempty"`
+
+	// Hidden   bool   `json:"attr_hidden,omitempty"`
+	// HiddenID string `json:"attr_hidden_id,omitempty"`
+	// NoDelete bool   `json:"attr_no_delete,omitempty"`
+	// NoEdit   bool   `json:"attr_no_edit,omitempty"`
+
+	Action              string   `json:"action"`
+	ConnectionStateType string   `json:"connection_state_type"`
+	ConnectionStates    []string `json:"connection_states"`
+	CreateAllowRespond  bool     `json:"create_allow_respond"`
+	Description         string   `json:"description"`
+	Destination FirewallDestination `json:"destination"`
+	Enabled               bool   `json:"enabled"`
+	ICMPTypename          string `json:"icmp_typename"`
+	ICMPV6Typename        string `json:"icmp_v6_typename"`
+	Index                 int64  `json:"index"`
+	IPVersion             string `json:"ip_version"`
+	Logging               bool   `json:"logging"`
+	MatchIPSec            bool   `json:"match_ip_sec"`
+	MatchIPSecType        string `json:"match_ip_sec_type,omitempty"`
+	MatchOppositeProtocol bool   `json:"match_opposite_protocol"`
+	Name                  string `json:"name"`
+	OriginID              string `json:"origin_id,omitempty"`
+	OriginType            string `json:"origin_type,omitempty"`
+	Predefined            bool   `json:"predefined"`
+	Protocol              string `json:"protocol"`
+	Schedule              FirewallSchedule `json:"schedule"`
+	Source FirewallSource `json:"source"`
+
+	// Role string `json:"role"`
+}
+
+func (c *Client) ListFirewallPolicy(ctx context.Context, site string) ([]FirewallPolicy, error) {
+	var respBody []FirewallPolicy
+
+	err := c.do_versioned(ctx, "V2", "GET", fmt.Sprintf("site/%s/firewall-policies", site), nil, &respBody)
+	if err != nil {
+		return nil, err
+	}
+
+	return respBody, nil
+}
+
+func (c *Client) GetFirewallPolicy(ctx context.Context, site, id string) (*FirewallPolicy, error) {
+
+	var respBody FirewallPolicy
+	err := c.do_versioned(ctx, "V2", "GET", fmt.Sprintf("site/%s/firewall-policies/%s", site,id), nil, &respBody)
+        if err != nil {
+	   return nil, &NotFoundError{}
+        }
+
+	new := respBody
+        return &new, nil
+}
+
+func (c *Client) DeleteFirewallPolicy(ctx context.Context, site, id string) error {
+	var respBody FirewallPolicy
+        err := c.do_versioned(ctx, "V2", "DELETE", fmt.Sprintf("site/%s/firewall-policies/%s", site, id), nil, &respBody)
+
+        if err != nil {
+                return err
+        }
+        return nil
+}
+
+func (c *Client) CreateFirewallPolicy(ctx context.Context, site string, d *FirewallPolicy) (*FirewallPolicy, error) {
+        var respBody FirewallPolicy
+
+        err := c.do_versioned(ctx, "V2", "POST", fmt.Sprintf("site/%s/firewall-policies", site), d, &respBody)
+        if err != nil {
+                return nil, err
+        }
+
+
+        new := respBody
+
+        return &new, nil
+}
+
+func (c *Client) UpdateFirewallPolicy(ctx context.Context, site string, d *FirewallPolicy) (*FirewallPolicy, error) {
+        var respBody FirewallPolicy
+
+	err := c.do_versioned(ctx, "V2", "PUT", fmt.Sprintf("site/%s/firewall-policies/%s", site, d.ID), d, &respBody)
+        if err != nil {
+                return nil, err
+        }
+
+        new := respBody
+
+        return &new, nil
+}
+

unifi/firewall_zone.go

@@ -0,0 +1,48 @@
+package unifi
+
+import (
+	"context"
+	"fmt"
+)
+
+type FirewallZone struct {
+	ID string `json:"_id,omitempty"`
+
+	// Hidden   bool   `json:"attr_hidden,omitempty"`
+	// HiddenID string `json:"attr_hidden_id,omitempty"`
+	// NoDelete bool   `json:"attr_no_delete,omitempty"`
+	// NoEdit   bool   `json:"attr_no_edit,omitempty"`
+
+	Name        string   `json:"name"`
+	DefaultZone bool     `json:"default_zone,omitempty"`
+	NetworkIDs  []string `json:"network_ids,omitempty"`
+	ZoneKey     string   `json:"zone_key,omitempty"`
+
+	// Role string `json:"role"`
+}
+
+func (c *Client) ListFirewallZones(ctx context.Context, site string) ([]FirewallZone, error) {
+	var respBody []FirewallZone
+
+	err := c.do_versioned(ctx, "V2", "GET", fmt.Sprintf("site/%s/firewall/zone", site), nil, &respBody)
+	if err != nil {
+		return nil, err
+	}
+
+	return respBody, nil
+}
+
+func (c *Client) GetFirewallZone(ctx context.Context, site, id string) (*FirewallZone, error) {
+	firewallzones, err := c.ListFirewallZones(ctx, site)
+	if err != nil {
+		return nil, err
+	}
+
+	for _, z := range firewallzones {
+		if z.ID == id {
+			return &z, nil
+		}
+	}
+
+	return nil, &NotFoundError{}
+}

unifi/network.generated.go

@@ -95,12 +95,12 @@ type Network struct {
 	IPSecEspDhGroup                               int                             `json:"ipsec_esp_dh_group,omitempty"`   // 1|2|5|14|15|16|17|18|19|20|21|22|23|24|25|26|27|28|29|30|31|32
 	IPSecEspEncryption                            string                          `json:"ipsec_esp_encryption,omitempty"` // aes128|aes192|aes256|3des
 	IPSecEspHash                                  string                          `json:"ipsec_esp_hash,omitempty"`       // sha1|md5|sha256|sha384|sha512
-	IPSecEspLifetime                              string                          `json:"ipsec_esp_lifetime,omitempty"`   // ^(?:3[0-9]|[4-9][0-9]|[1-9][0-9]{2,3}|[1-7][0-9]{4}|8[0-5][0-9]{3}|86[0-3][0-9]{2}|86400)$
+	IPSecEspLifetime                              int                             `json:"ipsec_esp_lifetime,omitempty"`   // ^(?:3[0-9]|[4-9][0-9]|[1-9][0-9]{2,3}|[1-7][0-9]{4}|8[0-5][0-9]{3}|86[0-3][0-9]{2}|86400)$
 	IPSecHash                                     string                          `json:"ipsec_hash,omitempty"`           // sha1|md5|sha256|sha384|sha512
 	IPSecIkeDhGroup                               int                             `json:"ipsec_ike_dh_group,omitempty"`   // 1|2|5|14|15|16|17|18|19|20|21|22|23|24|25|26|27|28|29|30|31|32
 	IPSecIkeEncryption                            string                          `json:"ipsec_ike_encryption,omitempty"` // aes128|aes192|aes256|3des
 	IPSecIkeHash                                  string                          `json:"ipsec_ike_hash,omitempty"`       // sha1|md5|sha256|sha384|sha512
-	IPSecIkeLifetime                              string                          `json:"ipsec_ike_lifetime,omitempty"`   // ^(?:3[0-9]|[4-9][0-9]|[1-9][0-9]{2,3}|[1-7][0-9]{4}|8[0-5][0-9]{3}|86[0-3][0-9]{2}|86400)$
+	IPSecIkeLifetime                              int                             `json:"ipsec_ike_lifetime,omitempty"`   // ^(?:3[0-9]|[4-9][0-9]|[1-9][0-9]{2,3}|[1-7][0-9]{4}|8[0-5][0-9]{3}|86[0-3][0-9]{2}|86400)$
 	IPSecInterface                                string                          `json:"ipsec_interface,omitempty"`      // wan|wan2
 	IPSecKeyExchange                              string                          `json:"ipsec_key_exchange,omitempty"`   // ikev1|ikev2
 	IPSecLocalIDentifier                          string                          `json:"ipsec_local_identifier,omitempty"`

unifi/network_test.go

@@ -5,7 +5,7 @@ import (
 	"reflect"
 	"testing"
 
-	"github.com/ubiquiti-community/go-unifi/unifi"
+	"github.com/vegardengen/go-unifi/unifi"
 )
 
 func TestNetworkUnmarshalJSON(t *testing.T) {

unifi/unifi.go

@@ -191,10 +191,22 @@ func (c *Client) Login(ctx context.Context, user, pass string) error {
 }
 
 func (c *Client) do(ctx context.Context, method, relativeURL string, reqBody any, respBody any) error {
+	return c.do_versioned(ctx, "V1", method, relativeURL, reqBody, respBody)
+}
+
+func (c *Client) do_versioned(ctx context.Context, version, method, relativeURL string, reqBody any, respBody any) error {
 	// single threading requests, this is mostly to assist in CSRF token propagation
 	c.Lock()
 	defer c.Unlock()
 
+	var apiPath string
+
+	if version == "V2" {
+		apiPath = c.apiV2Path
+	} else {
+		apiPath = c.apiPath
+	}
+
 	var (
 		reqReader io.Reader
 		err       error
@@ -213,7 +225,7 @@ func (c *Client) do(ctx context.Context, method, relativeURL string, reqBody any
 		return fmt.Errorf("unable to parse URL: %s %s %w", method, relativeURL, err)
 	}
 	if !strings.HasPrefix(relativeURL, "/") && !reqURL.IsAbs() {
-		reqURL.Path = path.Join(c.apiPath, reqURL.Path)
+		reqURL.Path = path.Join(apiPath, reqURL.Path)
 	}
 
 	url := c.baseURL.ResolveReference(reqURL)
@@ -243,7 +255,7 @@ func (c *Client) do(ctx context.Context, method, relativeURL string, reqBody any
 		c.csrf = resp.Header.Get("X-Csrf-Token")
 	}
 
-	if resp.StatusCode != http.StatusOK {
+	if resp.StatusCode != http.StatusOK && resp.StatusCode != http.StatusCreated {
 		errBody := struct {
 			Meta meta `json:"meta"`
 			Data []struct {