Skip to content

Commit 4ff18e0

Browse files
faldridgefaldridge
committed
Add script and put-file management to high-level RTR client.
1 parent 14f247d commit 4ff18e0

File tree

3 files changed

+198
-16
lines changed

3 files changed

+198
-16
lines changed

falcon/rtr.go

Lines changed: 175 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -10,6 +10,7 @@ import (
1010
"github.com/crowdstrike/gofalcon/falcon/client/real_time_response_admin"
1111
"github.com/crowdstrike/gofalcon/falcon/models"
1212
"github.com/crowdstrike/gofalcon/pkg/falcon_util"
13+
"github.com/go-openapi/runtime"
1314
)
1415

1516
type RTR struct {
@@ -83,6 +84,174 @@ func (r *RTR) getActiveSessionIds(ctx context.Context) ([]string, error) {
8384
return response.GetPayload().Resources, nil
8485
}
8586

87+
func (r *RTR) CreateScript(ctx context.Context, name *string, description, permissionType string, platform []string, auditLogComment, content *string, file runtime.NamedReadCloser, opts ...real_time_response_admin.ClientOption) error {
88+
response, err := r.adminClient.RTRCreateScripts(&real_time_response_admin.RTRCreateScriptsParams{
89+
CommentsForAuditLog: auditLogComment,
90+
Content: content,
91+
Description: description,
92+
File: file,
93+
Name: name,
94+
PermissionType: permissionType,
95+
Platform: platform,
96+
Context: ctx,
97+
}, opts...)
98+
if err != nil {
99+
return err
100+
}
101+
if err = AssertNoError(response.Payload.Errors); err != nil {
102+
return err
103+
}
104+
count := falcon_util.DerefInt32(response.Payload.Meta.Writes.ResourcesAffected)
105+
if count != 1 {
106+
return fmt.Errorf("expected 1 resource affected, got %d", count)
107+
}
108+
return nil
109+
}
110+
111+
func (r *RTR) UpdateScript(ctx context.Context, id string, name, description, permissionType *string, platform []string, auditLogComment, content *string, file runtime.NamedReadCloser, opts ...real_time_response_admin.ClientOption) error {
112+
response, err := r.adminClient.RTRUpdateScripts(&real_time_response_admin.RTRUpdateScriptsParams{
113+
CommentsForAuditLog: auditLogComment,
114+
Content: content,
115+
Description: description,
116+
File: file,
117+
ID: id,
118+
Name: name,
119+
PermissionType: permissionType,
120+
Platform: platform,
121+
Context: ctx,
122+
}, opts...)
123+
if err != nil {
124+
return err
125+
}
126+
if err = AssertNoError(response.Payload.Errors); err != nil {
127+
return err
128+
}
129+
count := falcon_util.DerefInt32(response.Payload.Meta.Writes.ResourcesAffected)
130+
if count != 1 {
131+
return fmt.Errorf("expected 1 resource affected, got %d", count)
132+
}
133+
return nil
134+
}
135+
136+
func (r *RTR) DeleteScript(ctx context.Context, id string, opts ...real_time_response_admin.ClientOption) error {
137+
response, err := r.adminClient.RTRDeleteScripts(&real_time_response_admin.RTRDeleteScriptsParams{
138+
Ids: id,
139+
Context: ctx,
140+
}, opts...)
141+
if err != nil {
142+
return err
143+
}
144+
if err = AssertNoError(response.Payload.Errors); err != nil {
145+
return err
146+
}
147+
count := falcon_util.DerefInt32(response.Payload.Meta.Writes.ResourcesAffected)
148+
if count != 1 {
149+
return fmt.Errorf("expected 1 resource affected, got %d", count)
150+
}
151+
return nil
152+
}
153+
154+
func (r *RTR) GetScripts(ctx context.Context, ids []string, opts ...real_time_response_admin.ClientOption) ([]*models.DomainRemoteCommandPutFileV2, error) {
155+
response, err := r.adminClient.RTRGetScriptsV2(&real_time_response_admin.RTRGetScriptsV2Params{
156+
Ids: ids,
157+
Context: ctx,
158+
}, opts...)
159+
if err != nil {
160+
return nil, err
161+
}
162+
if err = AssertNoError(response.Payload.Errors); err != nil {
163+
return nil, err
164+
}
165+
return response.Payload.Resources, nil
166+
}
167+
168+
func (r *RTR) ListScripts(ctx context.Context, filter *string, limit *int64, offset, sort *string, opts ...real_time_response_admin.ClientOption) (*models.BinservclientMsaPutFileResponse, error) {
169+
response, err := r.adminClient.RTRListScripts(&real_time_response_admin.RTRListScriptsParams{
170+
Filter: filter,
171+
Limit: limit,
172+
Offset: offset,
173+
Sort: sort,
174+
Context: ctx,
175+
}, opts...)
176+
if err != nil {
177+
return nil, err
178+
}
179+
if err = AssertNoError(response.Payload.Errors); err != nil {
180+
return nil, err
181+
}
182+
return response.Payload, nil
183+
}
184+
185+
func (r *RTR) CreatePutFile(ctx context.Context, name *string, description string, auditLogComment *string, file runtime.NamedReadCloser, opts ...real_time_response_admin.ClientOption) error {
186+
response, err := r.adminClient.RTRCreatePutFiles(&real_time_response_admin.RTRCreatePutFilesParams{
187+
CommentsForAuditLog: auditLogComment,
188+
Description: description,
189+
File: file,
190+
Name: name,
191+
Context: ctx,
192+
}, opts...)
193+
if err != nil {
194+
return err
195+
}
196+
if err = AssertNoError(response.Payload.Errors); err != nil {
197+
return err
198+
}
199+
count := falcon_util.DerefInt32(response.Payload.Meta.Writes.ResourcesAffected)
200+
if count != 1 {
201+
return fmt.Errorf("expected 1 resource affected, got %d", count)
202+
}
203+
return nil
204+
}
205+
206+
func (r *RTR) DeletePutFile(ctx context.Context, id string, opts ...real_time_response_admin.ClientOption) error {
207+
response, err := r.adminClient.RTRDeletePutFiles(&real_time_response_admin.RTRDeletePutFilesParams{
208+
Ids: id,
209+
Context: ctx,
210+
}, opts...)
211+
if err != nil {
212+
return err
213+
}
214+
if err = AssertNoError(response.Payload.Errors); err != nil {
215+
return err
216+
}
217+
count := falcon_util.DerefInt32(response.Payload.Meta.Writes.ResourcesAffected)
218+
if count != 1 {
219+
return fmt.Errorf("expected 1 resource affected, got %d", count)
220+
}
221+
return nil
222+
}
223+
224+
func (r *RTR) GetPutFiles(ctx context.Context, ids []string, opts ...real_time_response_admin.ClientOption) ([]*models.DomainRemoteCommandPutFileV2, error) {
225+
response, err := r.adminClient.RTRGetPutFilesV2(&real_time_response_admin.RTRGetPutFilesV2Params{
226+
Ids: ids,
227+
Context: ctx,
228+
}, opts...)
229+
if err != nil {
230+
return nil, err
231+
}
232+
if err = AssertNoError(response.Payload.Errors); err != nil {
233+
return nil, err
234+
}
235+
return response.Payload.Resources, nil
236+
}
237+
238+
func (r *RTR) ListPutFiles(ctx context.Context, filter *string, limit *int64, offset, sort *string, opts ...real_time_response_admin.ClientOption) (*models.BinservclientMsaPutFileResponse, error) {
239+
response, err := r.adminClient.RTRListPutFiles(&real_time_response_admin.RTRListPutFilesParams{
240+
Filter: filter,
241+
Limit: limit,
242+
Offset: offset,
243+
Sort: sort,
244+
Context: ctx,
245+
}, opts...)
246+
if err != nil {
247+
return nil, err
248+
}
249+
if err = AssertNoError(response.Payload.Errors); err != nil {
250+
return nil, err
251+
}
252+
return response.Payload, nil
253+
}
254+
86255
func (r *RTR) NewSession(ctx context.Context, deviceID string) (*RTRSession, error) {
87256
response, err := r.client.RTRInitSession(&real_time_response.RTRInitSessionParams{
88257
Body: &models.DomainInitRequest{
@@ -106,31 +275,31 @@ func (r *RTR) NewSession(ctx context.Context, deviceID string) (*RTRSession, err
106275
}, nil
107276
}
108277

109-
func (s RTRSession) ExecuteAndWait(ctx context.Context, baseCommand, commandString string, opts ...real_time_response.ClientOption) (*models.DomainStatusResponse, error) {
278+
func (s *RTRSession) ExecuteAndWait(ctx context.Context, baseCommand, commandString string, opts ...real_time_response.ClientOption) (*models.DomainStatusResponse, error) {
110279
execution, err := s.Execute(ctx, baseCommand, commandString, opts...)
111280
if err != nil {
112281
return nil, err
113282
}
114283
return s.WaitForExecution(ctx, *execution.CloudRequestID, opts...)
115284
}
116285

117-
func (s RTRSession) ActiveResponderExecuteAndWait(ctx context.Context, baseCommand, commandString string, opts ...real_time_response.ClientOption) (*models.DomainStatusResponse, error) {
286+
func (s *RTRSession) ActiveResponderExecuteAndWait(ctx context.Context, baseCommand, commandString string, opts ...real_time_response.ClientOption) (*models.DomainStatusResponse, error) {
118287
execution, err := s.ActiveResponderExecute(ctx, baseCommand, commandString, opts...)
119288
if err != nil {
120289
return nil, err
121290
}
122291
return s.ActiveResponderWaitForExecution(ctx, *execution.CloudRequestID, opts...)
123292
}
124293

125-
func (s RTRSession) AdminExecuteAndWait(ctx context.Context, baseCommand, commandString string, opts ...real_time_response_admin.ClientOption) (*models.DomainStatusResponse, error) {
294+
func (s *RTRSession) AdminExecuteAndWait(ctx context.Context, baseCommand, commandString string, opts ...real_time_response_admin.ClientOption) (*models.DomainStatusResponse, error) {
126295
execution, err := s.AdminExecute(ctx, baseCommand, commandString, opts...)
127296
if err != nil {
128297
return nil, err
129298
}
130299
return s.AdminWaitForExecution(ctx, *execution.CloudRequestID, opts...)
131300
}
132301

133-
func (s RTRSession) Execute(ctx context.Context, baseCommand, commandString string, opts ...real_time_response.ClientOption) (*models.DomainCommandExecuteResponse, error) {
302+
func (s *RTRSession) Execute(ctx context.Context, baseCommand, commandString string, opts ...real_time_response.ClientOption) (*models.DomainCommandExecuteResponse, error) {
134303
response, err := s.client.RTRExecuteCommand(&real_time_response.RTRExecuteCommandParams{
135304
Context: ctx,
136305
Body: &models.DomainCommandExecuteRequest{
@@ -151,7 +320,7 @@ func (s RTRSession) Execute(ctx context.Context, baseCommand, commandString stri
151320
return response.Payload.Resources[0], nil
152321
}
153322

154-
func (s RTRSession) ActiveResponderExecute(ctx context.Context, baseCommand, commandString string, opts ...real_time_response.ClientOption) (*models.DomainCommandExecuteResponse, error) {
323+
func (s *RTRSession) ActiveResponderExecute(ctx context.Context, baseCommand, commandString string, opts ...real_time_response.ClientOption) (*models.DomainCommandExecuteResponse, error) {
155324
response, err := s.client.RTRExecuteActiveResponderCommand(&real_time_response.RTRExecuteActiveResponderCommandParams{
156325
Context: ctx,
157326
Body: &models.DomainCommandExecuteRequest{
@@ -172,7 +341,7 @@ func (s RTRSession) ActiveResponderExecute(ctx context.Context, baseCommand, com
172341
return response.Payload.Resources[0], nil
173342
}
174343

175-
func (s RTRSession) AdminExecute(ctx context.Context, baseCommand, commandString string, opts ...real_time_response_admin.ClientOption) (*models.DomainCommandExecuteResponse, error) {
344+
func (s *RTRSession) AdminExecute(ctx context.Context, baseCommand, commandString string, opts ...real_time_response_admin.ClientOption) (*models.DomainCommandExecuteResponse, error) {
176345
response, err := s.adminClient.RTRExecuteAdminCommand(&real_time_response_admin.RTRExecuteAdminCommandParams{
177346
Context: ctx,
178347
Body: &models.DomainCommandExecuteRequest{

pkg/falcon_util/pointers.go

Lines changed: 23 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,23 @@
1+
package falcon_util
2+
3+
// DerefInt returns the deferenced int32 value or 0 if nil.
4+
func DerefInt32(i *int32) int32 {
5+
if i != nil {
6+
return *i
7+
}
8+
return int32(0)
9+
}
10+
11+
// DerefString returns the deferenced string value or empty string if nil.
12+
func DerefString(s *string) string {
13+
if s != nil {
14+
return *s
15+
}
16+
17+
return ""
18+
}
19+
20+
// StrPtr creates a string pointer from a string literal, for APIs that require pointers rather than values.
21+
func StrPtr(s string) *string {
22+
return &s
23+
}

pkg/falcon_util/string.go

Lines changed: 0 additions & 10 deletions
This file was deleted.

0 commit comments

Comments
 (0)