#129 add community requested source and destination objects

netbox_acls/api/serializers.py

@@ -5,7 +5,7 @@
 
 from django.contrib.contenttypes.models import ContentType
 from drf_spectacular.utils import extend_schema_field
-from ipam.api.serializers import PrefixSerializer
+from ipam.api.serializers import PrefixSerializer, IPRangeSerializer, IPAddressSerializer, AggregateSerializer, ServiceSerializer
 from netbox.api.fields import ContentTypeField
 from netbox.api.serializers import NetBoxModelSerializer
 from rest_framework import serializers
@@ -27,14 +27,20 @@
     "ACLExtendedRuleSerializer",
 ]
 
+
 # Sets a standard error message for ACL rules with an action of remark, but no remark set.
 error_message_no_remark = "Action is set to remark, you MUST add a remark."
-# Sets a standard error message for ACL rules with an action of remark, but no source_prefix is set.
-error_message_action_remark_source_prefix_set = "Action is set to remark, Source Prefix CANNOT be set."
+# Sets a standard error message for ACL rules with an action of remark, but no source/destination is set.
+error_message_action_remark_source_set = "Action is set to remark, Source CANNOT be set."
+error_message_action_remark_destination_set = "Action is set to remark, Destination CANNOT be set."
 # Sets a standard error message for ACL rules with an action not set to remark, but no remark is set.
 error_message_remark_without_action_remark = "CANNOT set remark unless action is set to remark."
 # Sets a standard error message for ACL rules no associated to an ACL of the same type.
 error_message_acl_type = "Provided parent Access List is not of right type."
+# Sets a standard error message for ACL rules when more than one IP/Host sources are set.
+error_message_sources_more_than_one = "Only one IP/Host related Source can be specified."
+# Sets a standard error message for ACL rules when more than one IP/Host destinations are set.
+error_message_destinations_more_than_one = "Only one IP/Host related Destination can be specified."
 
 
 class AccessListSerializer(NetBoxModelSerializer):
@@ -190,6 +196,30 @@ class ACLStandardRuleSerializer(NetBoxModelSerializer):
         default=None,
         nested=True
     )
+    source_iprange = IPRangeSerializer(
+        required=False,
+        allow_null=True,
+        default=None,
+        nested=True
+    )
+    source_ipaddress = IPAddressSerializer(
+        required=False,
+        allow_null=True,
+        default=None,
+        nested=True
+    )
+    source_aggregate = AggregateSerializer(
+        required=False,
+        allow_null=True,
+        default=None,
+        nested=True
+    )
+    source_service = ServiceSerializer(
+        required=False,
+        allow_null=True,
+        default=None,
+        nested=True
+    )
 
     class Meta:
         """
@@ -211,28 +241,39 @@ class Meta:
             "custom_fields",
             "last_updated",
             "source_prefix",
+            "source_iprange",
+            "source_ipaddress",
+            "source_aggregate",
+            "source_service",
         )
         brief_fields = ("id", "url", "display")
 
     def validate(self, data):
         """
         Validate the ACLStandardRule django model's inputs before allowing it to update the instance:
           - Check if action set to remark, but no remark set.
-          - Check if action set to remark, but source_prefix set.
+          - Check if action set to remark, but source set.
+          - Check not more than one source is set.
         """
         error_message = {}
 
+        sources = ["source_prefix", "source_iprange", "source_ipaddress", "source_aggregate", "source_service"]
+
         if data.get("action") == "remark":
             # Check if action set to remark, but no remark set.
             if data.get("remark") is None:
                 error_message["remark"] = [
                     error_message_no_remark,
                 ]
-            # Check if action set to remark, but source_prefix set.
-            if data.get("source_prefix"):
-                error_message["source_prefix"] = [
-                    error_message_action_remark_source_prefix_set,
-                ]
+            # Check if action set to remark, but source set.
+            if any(data.get(source) for source in sources):
+                for source in sources:
+                    error_message[source] = [error_message_action_remark_source_set]
+
+        # Check not more than one source is set.
+        if sum(bool(data.get(source)) for source in sources) > 1:
+            for source in sources:
+                error_message[source] = [error_message_sources_more_than_one]
 
         if error_message:
             raise serializers.ValidationError(error_message)
@@ -249,18 +290,68 @@ class ACLExtendedRuleSerializer(NetBoxModelSerializer):
         view_name="plugins-api:netbox_acls-api:aclextendedrule-detail",
     )
     access_list = NestedAccessListSerializer()
+
     source_prefix = PrefixSerializer(
         required=False,
         allow_null=True,
         default=None,
         nested=True
     )
+    source_iprange = IPRangeSerializer(
+        required=False,
+        allow_null=True,
+        default=None,
+        nested=True
+    )
+    source_ipaddress = IPAddressSerializer(
+        required=False,
+        allow_null=True,
+        default=None,
+        nested=True
+    )
+    source_aggregate = AggregateSerializer(
+        required=False,
+        allow_null=True,
+        default=None,
+        nested=True
+    )
+    source_service = ServiceSerializer(
+        required=False,
+        allow_null=True,
+        default=None,
+        nested=True
+    )
+
     destination_prefix = PrefixSerializer(
         required=False,
         allow_null=True,
         default=None,
         nested=True
     )
+    destination_iprange = IPRangeSerializer(
+        required=False,
+        allow_null=True,
+        default=None,
+        nested=True
+    )
+    destination_ipaddress = IPAddressSerializer(
+        required=False,
+        allow_null=True,
+        default=None,
+        nested=True
+    )
+    destination_aggregate = AggregateSerializer(
+        required=False,
+        allow_null=True,
+        default=None,
+        nested=True
+    )
+    destination_service = ServiceSerializer(
+        required=False,
+        allow_null=True,
+        default=None,
+        nested=True
+    )
 
     class Meta:
         """
@@ -280,9 +371,20 @@ class Meta:
             "created",
             "custom_fields",
             "last_updated",
+
             "source_prefix",
-            "source_ports",
+            "source_iprange",
+            "source_ipaddress",
+            "source_aggregate",
+            "source_service",
+
             "destination_prefix",
+            "destination_iprange",
+            "destination_ipaddress",
+            "destination_aggregate",
+            "destination_service",
+
+            "source_ports",            
             "destination_ports",
             "protocol",
             "remark",
@@ -292,36 +394,38 @@ def validate(self, data):
         """
         Validate the ACLExtendedRule django model's inputs before allowing it to update the instance:
           - Check if action set to remark, but no remark set.
-          - Check if action set to remark, but source_prefix set.
+          - Check if action set to remark, but source set.
+          - Check if action set to remark, but destination set.
           - Check if action set to remark, but source_ports set.
-          - Check if action set to remark, but destination_prefix set.
           - Check if action set to remark, but destination_ports set.
           - Check if action set to remark, but protocol set.
-          - Check if action set to remark, but protocol set.
+          - Check not more than one source is set.
+          - Check not more than one destination is set.
         """
         error_message = {}
 
+        sources = ["source_prefix", "source_iprange", "source_ipaddress", "source_aggregate", "source_service"]
+        destinations = ["destination_prefix", "destination_iprange", "destination_ipaddress", "destination_aggregate", "destination_service"]
+
         if data.get("action") == "remark":
             # Check if action set to remark, but no remark set.
             if data.get("remark") is None:
                 error_message["remark"] = [
                     error_message_no_remark,
                 ]
-            # Check if action set to remark, but source_prefix set.
-            if data.get("source_prefix"):
-                error_message["source_prefix"] = [
-                    error_message_action_remark_source_prefix_set,
-                ]
+            # Check if action set to remark, but source set.
+            if any(data.get(source) for source in sources):
+                for source in sources:
+                    error_message[source] = [error_message_action_remark_source_set]
+            # Check if action set to remark, but destination set.
+            if any(data.get(destination) for destination in destinations):
+                for destination in destinations:
+                    error_message[destination] = [error_message_action_remark_destination_set]
             # Check if action set to remark, but source_ports set.
             if data.get("source_ports"):
                 error_message["source_ports"] = [
                     "Action is set to remark, Source Ports CANNOT be set.",
                 ]
-            # Check if action set to remark, but destination_prefix set.
-            if data.get("destination_prefix"):
-                error_message["destination_prefix"] = [
-                    "Action is set to remark, Destination Prefix CANNOT be set.",
-                ]
             # Check if action set to remark, but destination_ports set.
             if data.get("destination_ports"):
                 error_message["destination_ports"] = [
@@ -332,6 +436,16 @@ def validate(self, data):
                 error_message["protocol"] = [
                     "Action is set to remark, Protocol CANNOT be set.",
                 ]
+
+        # Check not more than one source is set.
+        if sum(bool(data.get(source)) for source in sources) > 1:
+            for source in sources:
+                error_message[source] = [error_message_sources_more_than_one]
+
+        # Check not more than one destination is set.
+        if sum(bool(data.get(destination)) for destination in destinations) > 1:
+            for destination in destinations:
+                error_message[destination] = [error_message_destinations_more_than_one]
 
         if error_message:
             raise serializers.ValidationError(error_message)

netbox_acls/api/views.py

@@ -60,7 +60,7 @@ class ACLStandardRuleViewSet(NetBoxModelViewSet):
     queryset = models.ACLStandardRule.objects.prefetch_related(
         "access_list",
         "tags",
-        "source_prefix",
+        "source_prefix", "source_iprange", "source_ipaddress", "source_aggregate", "source_service"
     )
     serializer_class = ACLStandardRuleSerializer
     filterset_class = filtersets.ACLStandardRuleFilterSet
@@ -74,8 +74,8 @@ class ACLExtendedRuleViewSet(NetBoxModelViewSet):
     queryset = models.ACLExtendedRule.objects.prefetch_related(
         "access_list",
         "tags",
-        "source_prefix",
-        "destination_prefix",
+        "source_prefix", "source_iprange", "source_ipaddress", "source_aggregate", "source_service",
+        "destination_prefix", "destination_iprange", "destination_ipaddress", "destination_aggregate", "destination_service",
     )
     serializer_class = ACLExtendedRuleSerializer
     filterset_class = filtersets.ACLExtendedRuleFilterSet

netbox_acls/filtersets.py

@@ -181,7 +181,17 @@ class Meta:
         """
 
         model = ACLStandardRule
-        fields = ("id", "access_list", "index", "action")
+        fields = (
+            "id",
+            "access_list",
+            "index",
+            "action",
+            "source_prefix",
+            "source_iprange",
+            "source_ipaddress",
+            "source_aggregate",
+            "source_service",
+        )
 
     def search(self, queryset, name, value):
         """
@@ -191,6 +201,11 @@ def search(self, queryset, name, value):
             Q(access_list__name__icontains=value)
             | Q(index__icontains=value)
             | Q(action__icontains=value)
+            | Q(source_prefix__icontains=value)
+            | Q(source_iprange__icontains=value)
+            | Q(source_ipaddress__icontains=value)
+            | Q(source_aggregate__icontains=value)
+            | Q(source_service__icontains=value)
         )
         return queryset.filter(query)
 
@@ -206,7 +221,23 @@ class Meta:
         """
 
         model = ACLExtendedRule
-        fields = ("id", "access_list", "index", "action", "protocol")
+        fields = (
+            "id", 
+            "access_list", 
+            "index", 
+            "action", 
+            "protocol", 
+            "source_prefix",
+            "source_iprange",
+            "source_ipaddress",
+            "source_aggregate",
+            "source_service",
+            "destination_prefix",
+            "destination_iprange",
+            "destination_ipaddress",
+            "destination_aggregate",
+            "destination_service"
+        )
 
     def search(self, queryset, name, value):
         """
@@ -217,5 +248,15 @@ def search(self, queryset, name, value):
                 | Q(index__icontains=value)
                 | Q(action__icontains=value)
                 | Q(protocol__icontains=value)
+                | Q(source_prefix__icontains=value)
+                | Q(source_iprange__icontains=value)
+                | Q(source_ipaddress__icontains=value)
+                | Q(source_aggregate__icontains=value)
+                | Q(source_service__icontains=value)
+                | Q(destination_prefix__icontains=value)
+                | Q(destination_iprange__icontains=value)
+                | Q(destination_ipaddress__icontains=value)
+                | Q(destination_aggregate__icontains=value)
+                | Q(destination_service__icontains=value)
         )
         return queryset.filter(query)