class RuleSchema(ConfigSchema):
"""
- Local data rule configuration.
+ Local data advanced rule configuration.
---
name: Hostname(s).
+ subtree: Type of subtree.
address: Address(es) to pair with hostname(s).
file: Path to file(s) with hostname and IP address(es) pairs in '/etc/hosts' like format.
- subtree: Type of subtree.
+ records: Direct addition of records in DNS zone file format.
tags: Tags to link with other policy rules.
ttl: Optional, TTL value used for these answers.
nodata: Optional, use NODATA synthesis. NODATA will be synthesised for matching name, but mismatching type(e.g. AAAA query when only A exists).
"""
name: Optional[ListOrItem[DomainName]] = None
- address: Optional[ListOrItem[IPAddress]] = None
subtree: Optional[Literal["empty", "nxdomain", "redirect"]] = None
+ address: Optional[ListOrItem[IPAddress]] = None
file: Optional[ListOrItem[File]] = None
+ records: Optional[EscapedStr] = None
tags: Optional[List[IDPattern]] = None
ttl: Optional[TimeUnit] = None
nodata: Optional[bool] = None
def _validate(self) -> None:
- options_sum = sum([bool(self.address), bool(self.subtree), bool(self.file)])
+ options_sum = sum([bool(self.address), bool(self.subtree), bool(self.file), bool(self.records)])
if options_sum == 2 and bool(self.address) and self.subtree in {"empty", "redirect"}:
- pass # these combinations still make sense
+ pass # these combinations still make sense
elif options_sum > 1:
raise ValueError("only one of 'address', 'subtree' or 'file' can be configured")
elif options_sum < 1:
- raise ValueError("one of 'address', 'subtree' or 'file' must be configured")
+ raise ValueError("one of 'address', 'subtree', 'file' or 'records' must be configured")
- if bool(self.file) == bool(self.name):
- raise ValueError("one of 'file' or 'name' must be configured")
+ options_sum2 = sum([bool(self.name), bool(self.file), bool(self.records)])
+ if options_sum2 != 1:
+ raise ValueError("one of 'name', 'file or 'records' must be configured")
if bool(self.nodata) and bool(self.subtree) and not bool(self.address):
raise ValueError("'nodata' defined but unused with 'subtree'")
@pytest.mark.parametrize(
"val",
[
- {"name": ["sub2.example.org"], "subtree": "empty"},
+ {"name": ["sub2.example.org"], "subtree": "empty", "tags": ["t01"]},
{"name": ["sub3.example.org", "sub5.example.net."], "subtree": "nxdomain", "ttl": "1h"},
{"name": ["sub4.example.org"], "subtree": "redirect"},
{"name": ["sub5.example.org"], "address": ["127.0.0.1"]},
+ {"name": ["sub6.example.org"], "subtree": "redirect", "address": ["127.0.0.1"]},
{"file": "/etc/hosts", "ttl": "20m", "nodata": True},
+ {"records": "", "ttl": "20m", "nodata": True},
],
)
def test_subtree_valid(val: Any):
[
{"subtree": "empty"},
{"name": ["sub2.example.org"], "file": "/etc/hosts"},
- {"name": ["sub4.example.org"], "address": ["127.0.0.1"], "subtree": "empty"},
+ {"name": ["sub4.example.org"], "address": ["127.0.0.1"], "subtree": "nxdomain"},
{"name": ["sub4.example.org"], "subtree": "redirect", "file": "/etc/hosts"},
],
)