go-panos icon indicating copy to clipboard operation
go-panos copied to clipboard

Published 20 hours ago verified publisher icon scottdware

Add support for Global Protect GW User table

Open gavmckee80 opened this issue 4 years ago • 3 comments

Hi ,

I'd like to add support for pulling the Global Protect GW User logins.

He is my proposal

type GPGWUsers struct {
	XMLName xml.Name `xml:"response"`
	Status  string   `xml:"status,attr"`
	Code    string   `xml:"code,attr"`
	Users []GPUser   `xml:"result>entry"`
}

type GPUser struct {
	Domain string `xml:"domain""`
	IsLocal string `xml:"islocal""`
	Username string `xml:"username""`
	PrimaryUsername string `xml:"primary-username""`
	Computer string `xml:"computer""`
	Client string `xml:"client""`
	VPNType string `xml:"vpn-type""`
	VirtualIP string `xml:"virtual-ip""`
	VirtualIPv6 string `xml:"virtual-ipv6""`
	PublicIP string `xml:"public-ip""`
	PublicIPv6 string `xml:"public-ipv6""`
	TunnelType string `xml:"tunnel-type""`
	PublicConnectionIPv6 string `xml:"public-connection-ipv6""`
	LoginTime string `xml:"login-time""`
	LoginTimeUTC int64 `xml:"login-time-utc""`
	LifeTime int32 `xml:"lifetime""`

}

func (p *PaloAlto) GetCurrentGPGWUsers() (*GPGWUsers, error) {
	var users GPGWUsers
	resty.SetTLSClientConfig(&tls.Config{InsecureSkipVerify: true})

	query := fmt.Sprintf("%s&key=%s&type=op&cmd=<show><global-protect-gateway><current-user/></global-protect-gateway></show>", p.URI, p.Key)

	if p.DeviceType != "panos" {
		return nil, errors.New("you can only retrieve the Global Protect Gateway users on a local firewall")
	}

	resp, err := resty.R().Get(query)
	// _, resp, errs := r.Post(p.URI).Query(query).End()
	if err != nil {
		return nil, fmt.Errorf("unable to retrieve Global Protect Gateway users - %s", err)
	}

	if err := xml.Unmarshal([]byte(resp.String()), &users); err != nil {
		return nil, fmt.Errorf("cannot unmarshal XML from Global Protect User table - %s", err)
	}

	if users.Status != "success" {
		return nil, fmt.Errorf("error code %s: %s", users.Code, errorCodes[users.Code])
	}

	return &users, nil
}

Would you like me to create a PR for this ?

gavmckee80 avatar Dec 08 '20 22:12 gavmckee80

Hello @gavmckee80. Yes, if you could create a PR, I'll validate and merge it :) Good suggestion!

scottdware avatar Dec 17 '20 14:12 scottdware

@scottdware I am having issues pushing my PR - do I need permission to push back to the Repo ?

gav@gav go-panos % git push --set-upstream origin issue#17 remote: Permission to scottdware/go-panos.git denied to gavmckee80. fatal: unable to access 'https://github.com/scottdware/go-panos/': The requested URL returned error: 403

gavmckee80 avatar Dec 18 '20 14:12 gavmckee80

Yes, you do not have permissions to directly push to the repo. Can you just open up a pull request with your changes, then I can review and merge?

scottdware avatar Dec 18 '20 15:12 scottdware