diff --git a/README.md b/README.md
index 7371715..54dabee 100644
--- a/README.md
+++ b/README.md
@@ -20,7 +20,7 @@ To use the tool you have to obtain `web_api_show_package-jar-with-dependencies.j
Then you run:
-```java -jar web_api_show_package-jar-with-dependencies.jar [-d domain-name] [-k package-name] [-v] [-c] [-n port-number] [-o path]```
+```java -jar web_api_show_package-jar-with-dependencies.jar [-d domain-name] [-k package-name] [-v] [-c] [-n port-number] [-o path] [--show-membership (true|false)] [--dereference-group-members (true|false)]```
Where:
@@ -42,6 +42,14 @@ Default value is 443.
The parameter can also be the full path (including the .tar.gz filename).
The default is the current directory.
+• [--show-membership (true|false)] (Optional): Whether to calculate groups membership for the objects ("groups" field).
+This flag is supported from R80.10 Jumbo HF take 70
+
+• [--dereference-group-members (true|false)] (Optional): Whether to dereference group members.
+This flag is supported from R80.10 Jumbo HF take 70
+
+Use "--version" option to print the version of the tool
+
Use "-h" option in order to see the full list of options to configure the tool
## Examples
diff --git a/pom.xml b/pom.xml
index bc64c87..0db041b 100644
--- a/pom.xml
+++ b/pom.xml
@@ -7,7 +7,7 @@
4.0.0
jar
web_api_show_package
- 1.2.5
+ 1.3.0
Web API Show Package
diff --git a/src/main/java/com/checkpoint/mgmt_api/examples/ShowPackageConfiguration.java b/src/main/java/com/checkpoint/mgmt_api/examples/ShowPackageConfiguration.java
index add1985..ec6db70 100644
--- a/src/main/java/com/checkpoint/mgmt_api/examples/ShowPackageConfiguration.java
+++ b/src/main/java/com/checkpoint/mgmt_api/examples/ShowPackageConfiguration.java
@@ -27,7 +27,7 @@ enum ShowPackageConfiguration {
INSTANCE;
- private static final String TOOL_VERSION = "v1.2.5";
+ private static final String TOOL_VERSION = "v1.3.0";
private static final String TAR_SUFFIX = ".tar.gz";
private static final String LOG_SUFFIX = ".elg";
private static final String PREFIX = "show_package-";
@@ -63,6 +63,8 @@ enum ShowPackageConfiguration {
private static String userRequestGateway;
private static String userRequestPackage;
private static boolean showRulesHitCounts = false;
+ private static Boolean showMembership = null;
+ private static Boolean dereferenceGroupMembers = null;
private List installedPackages = new ArrayList<>();
private static Map uidToName = new HashMap<>();
List gatewaysWithPolicy = new ArrayList<>();
@@ -232,7 +234,8 @@ private String resolveFlags(String[] args) {
if(option!= null){
if(option.equals(Options.listOfPackages) || option.equals(Options.help)
|| option.equals(Options.debugInfo) || option.equals(Options.unsafeState)
- || option.equals(Options.showHitCounts) || option.equals(Options.deleteTempFiles)){
+ || option.equals(Options.showHitCounts) || option.equals(Options.deleteTempFiles)
+ || option.equals(Options.version)){
//Options that don't require a value after the flag
option.runCommand("");
i++;
@@ -533,6 +536,16 @@ public String getResultFolderPath()
public boolean showRulesHitCounts() { return showRulesHitCounts; }
+ public Boolean getShowMembership()
+ {
+ return showMembership;
+ }
+
+ public Boolean getDereferenceGroupMembers()
+ {
+ return dereferenceGroupMembers;
+ }
+
/**
* This enum defines the known flags and the actions each of them does.
*/
@@ -777,6 +790,60 @@ String debugString()
return "showRulesHitCounts:(-c)=" + showRulesHitCounts;
}
},
+ showMembershipOption("--show-membership") {
+ void runCommand(String value)
+ {
+ if (!value.equalsIgnoreCase("true") && !value.equalsIgnoreCase("false")) {
+ final String errorMessage = "The value of --show-membership is invalid (must be true or false)";
+ System.out.println(errorMessage);
+ throw new IllegalArgumentException(errorMessage);
+ }
+
+ ShowPackageConfiguration.showMembership = Boolean.parseBoolean(value);
+ }
+
+ String value(){
+ return " (true|false)";
+ }
+
+ void flagToString()
+ {
+ System.out.println("\tWhether to calculate groups membership for the objects (\"groups\" field)" +
+ "\n\tThis flag is supported from R80.10 Jumbo HF take 70");
+ }
+
+ String debugString()
+ {
+ return "showMembership:(--show-membership)=" + ShowPackageConfiguration.showMembership;
+ }
+ },
+ dereferenceGroupMembers("--dereference-group-members") {
+ void runCommand(String value)
+ {
+ if (!value.equalsIgnoreCase("true") && !value.equalsIgnoreCase("false")) {
+ final String errorMessage = "The value of --dereference-group-members is invalid (must be true or false)";
+ System.out.println(errorMessage);
+ throw new IllegalArgumentException(errorMessage);
+ }
+
+ ShowPackageConfiguration.dereferenceGroupMembers = Boolean.parseBoolean(value);
+ }
+
+ String value(){
+ return " (true|false)";
+ }
+
+ void flagToString()
+ {
+ System.out.println("\tWhether to dereference group members." +
+ "\n\tThis flag is supported from R80.10 Jumbo HF take 70");
+ }
+
+ String debugString()
+ {
+ return "dereferenceGroupMembers:(--dereference-group-members)=" + ShowPackageConfiguration.dereferenceGroupMembers;
+ }
+ },
proxySetting("-x") {
void runCommand(String value)
{
@@ -804,7 +871,10 @@ void runCommand(String value)
void flagToString()
{
System.out.println(
- "\tCustom Template Path.\n\tPath where the custom templates are stored.\n\tThe default templates are bundled into the jar.");
+ "\t[DEPRECATED]" +
+ "\n\tCustom Template Path." +
+ "\n\tPath where the custom templates are stored." +
+ "\n\tThe default templates are bundled into the jar.");
}
String debugString()
{
@@ -833,6 +903,25 @@ String value(){
return "";
}
},
+ version("--version") {
+ void runCommand(String value)
+ {
+ System.out.println(TOOL_VERSION);
+ System.exit(0);
+ }
+
+ void flagToString()
+ {
+ System.out.println("\tPrint version and exit.");
+ }
+ String debugString()
+ {
+ return "version:(--version)=" + true;
+ }
+ String value(){
+ return "";
+ }
+ },
help("-h") {
/**
* This function prints the explanation on all the flags
diff --git a/src/main/java/com/checkpoint/mgmt_api/examples/ShowPackageTool.java b/src/main/java/com/checkpoint/mgmt_api/examples/ShowPackageTool.java
index c813f8f..19e92d7 100644
--- a/src/main/java/com/checkpoint/mgmt_api/examples/ShowPackageTool.java
+++ b/src/main/java/com/checkpoint/mgmt_api/examples/ShowPackageTool.java
@@ -585,6 +585,16 @@ private static Layer aggregatePackageLayers(String packageName, List acce
return natLayer;
}
+ private static void addNewFlagsToControlDetailsLevel(JSONObject payload) {
+ if (configuration.getShowMembership() != null) {
+ payload.put("show-membership", configuration.getShowMembership());
+ }
+
+ if (configuration.getDereferenceGroupMembers() != null) {
+ payload.put("dereference-group-members", configuration.getDereferenceGroupMembers());
+ }
+ }
+
/**
* This function creates a payload in order to create a html page of a given access layer.
*
@@ -603,6 +613,8 @@ private static boolean showAccessRulebase(Layer accessLayer, String packageName)
payload.put("details-level", "full");
payload.put("use-object-dictionary", true);
+ addNewFlagsToControlDetailsLevel(payload);
+
if (configuration.showRulesHitCounts()) {
payload.put("show-hits", true);
@@ -633,6 +645,9 @@ private static boolean showNatRulebase(Layer natLayer, String packageName) {
payload.put("package", packageName);
payload.put("details-level", "full");
payload.put("use-object-dictionary", true);
+
+ addNewFlagsToControlDetailsLevel(payload);
+
configuration.getLogger().debug("Run command: 'show-nat-rulebase' with payload: " + payload.toJSONString());
return showRulebase( natLayer, packageName, "show-nat-rulebase", RulebaseType.NAT, payload, natTypes);
@@ -813,6 +828,8 @@ private static boolean showThreatRulebase(String packageName, Layer threatLayer)
payload.put("details-level", "full");
payload.put("use-object-dictionary",true);
+ addNewFlagsToControlDetailsLevel(payload);
+
while (!finished) {
payload.put("offset", iterations * limit);
payload.put("limit", limit);
@@ -948,7 +965,10 @@ private static JSONObject showThreatExceptionRulebase(Layer threatLayer, String
payload.put("rule-uid", ruleUid);
payload.put("details-level", "full");
- payload.put("use-object-dictionary",true);
+ payload.put("use-object-dictionary", true);
+
+ addNewFlagsToControlDetailsLevel(payload);
+
payload.put("uid", threatLayer.getUid());
try {