Skip to content

Instantly share code, notes, and snippets.

@bunlongheng

bunlongheng/controller.fortinet.js

Last active March 1, 2019 17:17
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save bunlongheng/bd0243f3d71f002b326b7645754d9d88 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save bunlongheng/bd0243f3d71f002b326b7645754d9d88 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
controller.fortinet.js
const FortinetService = require("../services").Fortinet;
module.exports = (config, jwtDecode) => {
let fortinet = {};
/**
* Login
*
* @return {object} response
*/
fortinet.login = async (req, res, next) => {
try {
let origin = req.headers.origin;
let response = await FortinetService.login();
res.status(200).send(response);
} catch (error) {
next(error);
}
};
/**
* createVxLan
*
* @return {object} response
*/
fortinet.createVxLan = async (req, res, next) => {
try {
let $cpeMac = req.body.cpeMac;
let $accountId = req.body.accountId;
let $hnsId = req.body.hnsId;
let $session = req.body.session;
if (req.body.deviceType == "primary") {
var $device = "FGV16V0000139060";
} else {
var $device = "FGV16V0000141972";
}
if (
req.params.type == "ingress" &&
req.params.vlanId == process.env.PVT_VLAN_ID
) {
var $vxLanName = `ip-${req.body.accountId}-${$hnsId}`;
var $dstport =
process.env.VDR_FORTINET_PRIMARY_INLINE_FGW_INGRESS_PORT;
var $interface =
process.env
.VDR_FORTINET_PRIMARY_INLINE_FGW_INGRESS_INTERFACE;
var $remoteIp =
process.env
.VDR_FORTINET_PRIMARY_INLINE_FGW_INGRESS_REMOTE_IP;
} else if (
req.params.type == "egress" &&
req.params.vlanId == process.env.PVT_VLAN_ID
) {
var $vxLanName = `ep-${req.body.accountId}-${$hnsId}`;
var $dstport =
process.env.VDR_FORTINET_PRIMARY_INLINE_FGW_EGRESS_PORT;
var $interface =
process.env
.VDR_FORTINET_PRIMARY_INLINE_FGW_EGRESS_INTERFACE;
var $remoteIp =
process.env
.VDR_FORTINET_PRIMARY_INLINE_FGW_EGRESS_REMOTE_IP;
} else if (
req.params.type == "ingress" &&
req.params.vlanId == process.env.GUEST_VLAN_ID
) {
var $vxLanName = `ig-${req.body.accountId}-${$hnsId}`;
var $dstport =
process.env.VDR_FORTINET_PRIMARY_INLINE_FGW_INGRESS_PORT;
var $interface =
process.env
.VDR_FORTINET_PRIMARY_INLINE_FGW_INGRESS_INTERFACE;
var $remoteIp =
process.env
.VDR_FORTINET_PRIMARY_INLINE_FGW_INGRESS_REMOTE_IP;
} else if (
req.params.type == "egress" &&
req.params.vlanId == process.env.GUEST_VLAN_ID
) {
var $vxLanName = `eg-${req.body.accountId}-${$hnsId}`;
var $dstport =
process.env.VDR_FORTINET_PRIMARY_INLINE_FGW_EGRESS_PORT;
var $interface =
process.env
.VDR_FORTINET_PRIMARY_INLINE_FGW_EGRESS_INTERFACE;
var $remoteIp =
process.env
.VDR_FORTINET_PRIMARY_INLINE_FGW_EGRESS_REMOTE_IP;
} else {
res.send(
"Check your URL: f0ll0w this format /fortinet/createVxLan/:type/:vlanId"
);
}
let origin = req.headers.origin;
//add params
let response = await FortinetService.createVxLan(
$session,
$device,
$hnsId,
$vxLanName,
$dstport,
$interface,
$remoteIp
);
res.status(200).send(JSON.parse(response));
} catch (error) {
next(error);
}
};
/**
* createSwitch
*
* @return {object} response
*/
fortinet.createSwitch = async (req, res, next) => {
try {
let $cpeMac = req.body.cpeMac;
let $accountId = req.body.accountId;
let $hnsId = req.body.hnsId;
let $session = req.body.session;
if (req.body.deviceType == "primary") {
var $device = "FGV16V0000139060";
} else {
var $device = "FGV16V0000141972";
}
if (req.params.vlanId == process.env.PVT_VLAN_ID) {
var $inVxLanName = `ip-${req.body.accountId}-${$hnsId}`;
var $egVxLanName = `ep-${req.body.accountId}-${$hnsId}`;
var $switchName = `sp-${req.body.accountId}-${$hnsId}`;
} else {
var $inVxLanName = `ig-${req.body.accountId}-${$hnsId}`;
var $egVxLanName = `eg-${req.body.accountId}-${$hnsId}`;
var $switchName = `sg-${req.body.accountId}-${$hnsId}`;
}
let origin = req.headers.origin;
//add params
let response = await FortinetService.createSwitch(
$session,
$device,
$inVxLanName,
$egVxLanName,
$switchName
);
res.status(200).send(JSON.parse(response));
} catch (error) {
next(error);
}
};
/**
* logout
*
* @return {object} response
*/
fortinet.logout = async (req, res, next) => {
try {
let $session = req.body.session;
let response = await FortinetService.logout($session);
res.status(200).send(JSON.parse(response));
} catch (error) {
next(error);
}
};
/**
* getSessionTimeOut
*
* @return {object} response
*/
fortinet.getSessionTimeOut = async (req, res, next) => {
try {
let $session = req.body.session;
let response = await FortinetService.getSessionTimeOut($session);
res.status(200).send(JSON.parse(response));
} catch (error) {
next(error);
}
};
/**
* installDevice
*
* @return {object} response
*/
fortinet.installDevice = async (req, res, next) => {
try {
let $session = req.body.session;
let $type = req.params.type;
if ($type == "primary") {
var $device = "FGV16V0000139060";
} else {
var $device = "FGV16V0000141972";
}
let response = await FortinetService.installDevice($session,$device);
res.status(200).send(JSON.parse(response));
} catch (error) {
next(error);
}
};
/**
* createDynamicInterface
*
* @return {object} response
*/
fortinet.createDynamicInterface = async (req, res, next) => {
try {
let $cpeMac = req.body.cpeMac;
let $accountId = req.body.accountId;
let $hnsId = req.body.hnsId;
let $session = req.body.session;
let $deviceInlinePrimary = "FGV16V0000139060";
let $deviceInlineBackup = "FGV16V0000141972";
if (
req.params.type == "ingress" &&
req.params.vlanId == process.env.PVT_VLAN_ID
) {
var $vxLanName = `ip-${req.body.accountId}-${$hnsId}`;
} else if (
req.params.type == "egress" &&
req.params.vlanId == process.env.PVT_VLAN_ID
) {
var $vxLanName = `ep-${req.body.accountId}-${$hnsId}`;
} else if (
req.params.type == "ingress" &&
req.params.vlanId == process.env.GUEST_VLAN_ID
) {
var $vxLanName = `ig-${req.body.accountId}-${$hnsId}`;
} else if (
req.params.type == "egress" &&
req.params.vlanId == process.env.GUEST_VLAN_ID
) {
var $vxLanName = `eg-${req.body.accountId}-${$hnsId}`;
} else {
res.send(
"Check your URL: f0ll0w this format /fortinet/createVxLan/:type/:vlanId"
);
}
let response = await FortinetService.createDynamicInterface(
$session,
$deviceInlinePrimary,
$vxLanName,
$deviceInlineBackup
);
res.status(200).send(JSON.parse(response));
} catch (error) {
next(error);
}
};
/**
* createPolicyFirewall
*
* @return {object} response
*/
fortinet.createPolicyFirewall = async (req, res, next) => {
try {
let $session = req.body.session;
let $webFilter = req.body.webFilter;
let $cpeMac = req.body.cpeMac;
let $accountId = req.body.accountId;
let $hnsId = req.body.hnsId;
let $protocol = req.params.protocol;
let $vlanId = req.params.vlanId;
let $mode = req.params.mode;
if ($protocol == "v4" && $vlanId == process.env.GUEST_VLAN_ID) {
var $policyLastUrlSegment = "policy";
var $policyName = `fg-${$accountId}-${$hnsId}`;
} else if (
$protocol == "v4" &&
$vlanId == process.env.PVT_VLAN_ID
) {
var $policyLastUrlSegment = "policy";
if ($mode == "vpn") {
var $policyName = `fv-${$accountId}-${$hnsId}`;
} else {
var $policyName = `fp-${$accountId}-${$hnsId}`;
}
} else if (
$protocol == "v6" &&
$vlanId == process.env.GUEST_VLAN_ID
) {
var $policyLastUrlSegment = "policy6";
var $policyName = `fg6-${$accountId}-${$hnsId}`;
} else if (
$protocol == "v6" &&
$vlanId == process.env.PVT_VLAN_ID
) {
var $policyLastUrlSegment = "policy6";
if ($mode == "vpn") {
var $policyName = `fv6-${$accountId}-${$hnsId}`;
} else {
var $policyName = `fp6-${$accountId}-${$hnsId}`;
}
} else {
res.send("STOP = ", $vlanId, $mode, $protocol);
}
if ($mode == "vpn") {
var $srcintf =
process.env.VDR_FORTINET_SSL_VPN_INGRESS_INTERFACE;
var $dstintf =
process.env.VDR_FORTINET_SSL_VPN_EGRESS_INTERFACE;
var $pkgName = process.env.VDR_FORTINET_SSL_VPN_PKG_NAME;
} else if ($mode == "inline") {
if ($vlanId == process.env.PVT_VLAN_ID) {
var $srcintf = `ip-${$accountId}-${$hnsId}`;
var $dstintf = `ep-${$accountId}-${$hnsId}`;
} else {
var $srcintf = `ig-${$accountId}-${$hnsId}`;
var $dstintf = `eg-${$accountId}-${$hnsId}`;
}
var $pkgName = process.env.VDR_FORTINET_INLINE_FGW_PKG_NAME;
} else {
res.send("createPolicyFirewall = invalid mode ", $mode);
}
if ($mode == "primary") {
var $device = "FGV16V0000139060";
} else {
var $device = "FGV16V0000141972";
}
let response = await FortinetService.createPolicyFirewall(
$session,
$dstintf,
$policyName,
$srcintf,
$webFilter,
$pkgName,
$policyLastUrlSegment
);
res.status(200).send(JSON.parse(response));
} catch (error) {
next(error);
}
};
/**
* installPackage
*
* @return {object} response
*/
fortinet.installPackage = async (req, res, next) => {
try {
console.log("-----installPackage controller");
let $session = req.body.session;
let $mode = req.params.mode;
if ($mode == "inline") {
var $pDevice = "FGV16V0000139060";
var $pVdom = process.env.VDR_FORTINET_FGW_VDOM;
var $sDevice = "FGV16V0000141972";
var $sVdom = process.env.VDR_FORTINET_FGW_VDOM;
var $pkgName = process.env.VDR_FORTINET_INLINE_FGW_PKG_NAME;
} else {
var $pDevice = "FGV16V0000140899";
var $pVdom = process.env.VDR_FORTINET_FGW_VDOM;
var $sDevice = "FGV16V0000141974";
var $sVdom = process.env.VDR_FORTINET_FGW_VDOM;
var $pkgName = process.env.VDR_FORTINET_SSL_VPN_PKG_NAME;
}
console.log("$pkgName = ", $pkgName);
let response = await FortinetService.installPackage(
$session,
$pkgName,
$pDevice,
$pVdom,
$sDevice,
$sVdom
);
res.status(200).send(JSON.parse(response));
} catch (error) {
next(error);
}
};
/**
* listUsersInGroup
*
* @return {object} response
*/
fortinet.listUsersInGroup = async (req, res, next) => {
try {
let $session = req.body.session;
let $groupName = req.params.groupName;
let response = await FortinetService.listUsersInGroup($session, $groupName);
res.status(200).send(JSON.parse(response));
} catch (error) {
next(error);
}
};
/**
* createGroup
*
* @return {object} response
*/
fortinet.createGroup = async (req, res, next) => {
try {
let $session = req.body.session;
let $groupName = req.params.groupName;
let response = await FortinetService.createGroup($session, $groupName);
res.status(200).send(JSON.parse(response));
} catch (error) {
next(error);
}
};
/**
* createUser
*
* @return {object} response
*/
fortinet.createUser = async (req, res, next) => {
try {
let $session = req.body.session;
let $email = req.body.email;
let $password = req.body.password;
let $name = req.body.name;
let response = await FortinetService.createUser($session, $email, $password, $name);
res.status(200).send(JSON.parse(response));
} catch (error) {
next(error);
}
};
/**
* addUserToGroup
*
* @return {object} response
*/
fortinet.addUserToGroup = async (req, res, next) => {
try {
let $session = req.body.session;
let $email = req.body.email;
let $groupName = req.body.groupName;
let response = await FortinetService.createUser($session, $email, $groupName);
res.status(200).send(JSON.parse(response));
} catch (error) {
next(error);
}
};
/**
* removeUserFromGroup
*
* @return {object} response
*/
fortinet.removeUserFromGroup = async (req, res, next) => {
try {
let $session = req.body.session;
let $email = req.body.email;
let $groupName = req.body.groupName;
let response = await FortinetService.removeUserFromGroup($session, $email, $groupName);
res.status(200).send(JSON.parse(response));
} catch (error) {
next(error);
}
};
/**
* removeUserFromGroup
*
* @return {object} response
*/
fortinet.removeUser = async (req, res, next) => {
try {
let $session = req.body.session;
let $email = req.body.email;
let response = await FortinetService.removeUser($session, $email);
res.status(200).send(JSON.parse(response));
} catch (error) {
next(error);
}
};
/**
* monitor
*
* @return {object} response
*/
fortinet.monitor = async (req, res, next) => {
try {
let $taskId = req.params.taskId;
let $session = req.body.session;
let response = await FortinetService.monitor($session, $taskId);
res.status(200).send(JSON.parse(response));
} catch (error) {
next(error);
}
};
return fortinet;
};
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment