added children condition support in authz and auth rules #5
Conversation
| - model_name: accessType | ||
| data_path: [AuthorizationProfile] | ||
| type: String | ||
| enum_values: [ACCESS_ACCEPT, ACCESS_REJECT] | ||
| description: Access type | ||
| description: "Allowed Values: `ACCESS_ACCEPT`, `ACCESS_REJECT`" |
There was a problem hiding this comment.
We don't need to document allowed values in the description. If "enum_values" is included, this will be documented accordingly.
There was a problem hiding this comment.
ok got you. I fix that and also i changed description in new trust_sec definitions i added.
gen/definitions/internal_user.yaml
Outdated
| @@ -45,6 +45,7 @@ attributes: | |||
| type: Bool | |||
| description: Whether the user is enabled/disabled | |||
| example: true | |||
| mandatory: true | |||
There was a problem hiding this comment.
Is there a reason you set this to "true". Based on my testing this is not required and would be set to true by default.
There was a problem hiding this comment.
I had this field in my data model, but yes you are right, its true by default. I changed it back.
gen/definitions/internal_user.yaml
Outdated
| - model_name: identityGroups | ||
| data_path: [InternalUser] | ||
| type: String | ||
| description: CSV of identity group IDs. |
There was a problem hiding this comment.
What is "CSV"? If it means "comma separated" then maybe change this to:
description: Comma separated list of identity group IDs.
There was a problem hiding this comment.
This is how it was documented in ERS SDK documentation, yes it means comma separated values. I changed it as per your proposal
| # description: Password expiry date | ||
| # example: "2024-12-11" | ||
| # exclude_test: true | ||
| - model_name: expiryDateEnabled |
There was a problem hiding this comment.
I did not get this to work. Have you tested the use of these attributes?
There was a problem hiding this comment.
yes i tested those attributes and they work
| enum_values: [ConditionAndBlock, ConditionAttributes, ConditionOrBlock, ConditionReference] | ||
| description: Indicates whether the record is the condition itself or a logical aggregation. Logical aggreation indicates that additional conditions are present under the children attribute. | ||
| example: ConditionAttributes | ||
| minimum_test_value: '"ConditionReference"' |
There was a problem hiding this comment.
if we have excluded the parent element ("children") from testing, we can remove this line
| rest_endpoint: /ers/config/egressmatrixcell | ||
| doc_category: TrustSec | ||
| id_path: response.id | ||
| skip_minimum_test: true |
There was a problem hiding this comment.
Why does a minimum test not work?
There was a problem hiding this comment.
due to issue with PUT method: Failed to configure object (PUT), got error: HTTP Request failed: StatusCode
400, Message: Validation Error - Mandatory fields missing: [Id,], {
"ERSResponse" : {
"operation" : "PUT-update-egressmatrixcell",
"messages" : [ {
"title" : "Validation Error - Mandatory fields missing: [Id,]",
"type" : "ERROR",
"code" : "Application resource validation exception"
} ],
| name: TrustSec Security Group ACL | ||
| rest_endpoint: /ers/config/sgacl | ||
| doc_category: TrustSec | ||
| skip_minimum_test: true |
There was a problem hiding this comment.
Why does a minimum test not work?
There was a problem hiding this comment.
fix that
No description provided.