Added tenant acl ea support (#1166)

* Add Network ACL commands

* Update network ACL command --no-input

* Enhance network ACL update command to support match and not match criteria with user prompts

* Enhance interactive update flow for network ACL to allow selective field updates

* Fix default scope assignment in network ACL update to allow empty scope

* Add network ACL resource fetcher to support fetching network ACL data

* Add mock implementation for NetworkACLAPI and corresponding tests

* mockgen file created

* Add match/not match rule selection to network ACL command

* Add integration tests for network ACL commands and a script to fetch ACL IDs

* Make docs

* lint fix

* Enhance help messages for network ACL flags with usage examples

* Enhance doc

* integartion tes:  network ACLs

* update to go-auth0 v1.18.1-0.20250326075009-e865086539dc

* fix: go.sum

* Update go-auth0 v1.19.0

* fix: update go-auth0 to v1.19.0

* fix: update JSON key for IPv4 CIDR in network ACL examples

* fix: comment out network ACL test cases in YAML file

* fix: update IPv4 CIDR key in network ACL commands and modify test cases

* fix: update network ACL test cases for improved clarity and modify priority settings

* fix: update test case numbers in network ACL YAML file for consistency

* fix: remove anonymous proxy handling from network ACL commands and display

* fix: remove anonymous proxy handling from network ACL create and update documentation

* fix: update network ACL test cases for consistency and clarity

* fix: update event stream test cases to reflect enabled status

* fix: update network ACL test cases for geo_country_codes and improve output consistency

* fix: update network ACL commands to use geo_country_codes instead of country_codes

* fix: update description in network ACL creation test case for consistency

* fix: comment out the create network ACL test case for clarity

* fix: update network ACL test cases for consistency and correct ipv4_cidrs usage

* fix: restore and update create network ACL test case for clarity and output validation

* fix: update network ACL test cases and documentation to use consistent ipv4_cidrs notation

* fix: refactor network ACL view to improve data handling and display consistency

* fix: update examples in network ACL create and update documentation for accuracy

* fix: update network ACL test cases for priority adjustments and output validation

* fix: improve comments for clarity in network ACL management code

* fix: enhance comments for consistency in network ACL management code

* fix: standardize description in network ACL test case for consistency

* fix: update network ACL test cases to include ID and improve output consistency

* fix: remove ID check from network ACL test case output validation

* fix: update network ACL test case to include active status in output validation

* fix remove DESCRIPTION

* fix: add interval configuration and update output validation to include DESCRIPTION in network ACL test case

* fix: remove unused AskIntSliceU and RegisterIntSliceU functions from flags.go

* fix: update help messages to indicate required fields and default values in network ACL configuration

* fix: implement parameter selection for network ACL configuration

* fix: enhance parameter selection for network ACL configuration with formatted values

* fix: clean up comments and formatting in network ACL configuration

* lint fix

* Update network ACL help text and improve priority validation error message

* test: add unit tests for network ACL resource fetcher

* refactor: simplify parameter selection for network ACL configuration

* refactor: improve prompt messages for match criteria updates in network ACL

Author: kushalshit27

docs/auth0_network-acl.md

@@ -0,0 +1,19 @@
+---
+layout: default
+has_toc: false
+has_children: true
+---
+# auth0 network-acl
+
+Manage network access control list (ACL) settings for your tenant.
+Network ACLs allow you to control access to your applications based on IP addresses,
+country codes, anonymous proxies, and other criteria.
+
+## Commands
+
+- [auth0 network-acl create](auth0_network-acl_create.md) - Create a new network ACL
+- [auth0 network-acl delete](auth0_network-acl_delete.md) - Delete a network ACL
+- [auth0 network-acl list](auth0_network-acl_list.md) - List network ACLs
+- [auth0 network-acl show](auth0_network-acl_show.md) - Show a network ACL
+- [auth0 network-acl update](auth0_network-acl_update.md) - Update a network ACL
+

docs/auth0_network-acl_create.md

@@ -0,0 +1,70 @@
+---
+layout: default
+parent: auth0 network-acl
+has_toc: false
+---
+# auth0 network-acl create
+
+Create a new network ACL.
+To create interactively, use "auth0 network-acl create" with no arguments.
+To create non-interactively, supply the required parameters (description, active, priority, and rule) through flags.
+The --rule parameter is required and must contain a valid JSON object with action, scope, and match properties.
+
+## Usage
+```
+auth0 network-acl create [flags]
+```
+
+## Examples
+
+```
+  auth0 network-acl create
+  auth0 network-acl create --description "Block IPs" --priority 1 --active true --rule '{"action":{"block":true},"scope":"tenant","match":{"ipv4_cidrs":["192.168.1.0/24","10.0.0.0/8"]}}'
+  auth0 network-acl create --description "Geo Block" --priority 2 --active true --rule '{"action":{"block":true},"scope":"authentication","match":{"geo_country_codes":["US","CA"]}}'
+  auth0 network-acl create --description "Redirect Traffic" --priority 3 --active true --rule '{"action":{"redirect":true,"redirect_uri":"https://example.com"},"scope":"management","match":{"ipv4_cidrs":["192.168.1.0/24"]}}'
+  auth0 network-acl create -d "Block Bots" -p 4 --active true --rule '{"action":{"block":true},"scope":"tenant","match":{"user_agents":["badbot/*","malicious/*"],"ja3_fingerprints":["deadbeef","cafebabe"]}}'
+  auth0 network-acl create --description "Complex Rule" --priority 5 --active true --rule '{"action":{"block":true},"scope":"tenant","match":{"ipv4_cidrs":["192.168.1.0/24"],"geo_country_codes":["US"]}}'
+```
+
+
+## Flags
+
+```
+      --action string               Action for the rule (block, allow, log, redirect)
+      --active string               Whether the network ACL is active (required, 'true' or 'false')
+      --asns ints                   Comma-separated list of ASNs to match (Eg. 64496,64497,64498)
+      --country-codes strings       Comma-separated list of country codes to match (Eg. US,CA,MX)
+  -d, --description string          Description of the network ACL (required)
+      --ipv4-cidrs strings          Comma-separated list of IPv4 CIDR ranges (Eg. 192.168.1.0/24,10.0.0.0/8)
+      --ipv6-cidrs strings          Comma-separated list of IPv6 CIDR ranges (Eg. 2001:db8::/32,2001:db8:1234::/48)
+      --ja3-fingerprints strings    Comma-separated list of JA3 fingerprints to match (Eg. deadbeef,cafebabe)
+      --ja4-fingerprints strings    Comma-separated list of JA4 fingerprints to match (Eg. t13d1516h2_8daaf6152771)
+      --json                        Output in json format.
+  -p, --priority int                Priority of the network ACL (required, 1-10)
+      --redirect-uri string         URI to redirect to when action is redirect
+      --rule string                 Network ACL rule configuration in JSON format (required for non-interactive mode)
+      --scope string                Scope of the rule (management, authentication, tenant)
+      --subdivision-codes strings   Comma-separated list of subdivision codes to match (Eg. US-NY,US-CA)
+      --user-agents strings         Comma-separated list of user agents to match (Eg. badbot/*,malicious/*)
+```
+
+
+## Inherited Flags
+
+```
+      --debug           Enable debug mode.
+      --no-color        Disable colors.
+      --no-input        Disable interactivity.
+      --tenant string   Specific tenant to use.
+```
+
+
+## Related Commands
+
+- [auth0 network-acl create](auth0_network-acl_create.md) - Create a new network ACL
+- [auth0 network-acl delete](auth0_network-acl_delete.md) - Delete a network ACL
+- [auth0 network-acl list](auth0_network-acl_list.md) - List network ACLs
+- [auth0 network-acl show](auth0_network-acl_show.md) - Show a network ACL
+- [auth0 network-acl update](auth0_network-acl_update.md) - Update a network ACL
+
+

docs/auth0_network-acl_delete.md

@@ -0,0 +1,55 @@
+---
+layout: default
+parent: auth0 network-acl
+has_toc: false
+---
+# auth0 network-acl delete
+
+Delete a network ACL.
+To delete interactively, use "auth0 network-acl delete" with no arguments.
+To delete non-interactively, supply the network ACL ID and --force flag to skip confirmation.
+Use --all flag to delete all network ACLs at once.
+
+## Usage
+```
+auth0 network-acl delete [flags]
+```
+
+## Examples
+
+```
+  auth0 network-acl delete
+  auth0 network-acl delete <id>
+  auth0 network-acl delete <id> --force
+  auth0 network-acl delete --all
+  auth0 network-acl delete --all --force
+```
+
+
+## Flags
+
+```
+      --all     Delete all network ACLs
+      --force   Skip confirmation
+```
+
+
+## Inherited Flags
+
+```
+      --debug           Enable debug mode.
+      --no-color        Disable colors.
+      --no-input        Disable interactivity.
+      --tenant string   Specific tenant to use.
+```
+
+
+## Related Commands
+
+- [auth0 network-acl create](auth0_network-acl_create.md) - Create a new network ACL
+- [auth0 network-acl delete](auth0_network-acl_delete.md) - Delete a network ACL
+- [auth0 network-acl list](auth0_network-acl_list.md) - List network ACLs
+- [auth0 network-acl show](auth0_network-acl_show.md) - Show a network ACL
+- [auth0 network-acl update](auth0_network-acl_update.md) - Update a network ACL
+
+

docs/auth0_network-acl_list.md

@@ -0,0 +1,49 @@
+---
+layout: default
+parent: auth0 network-acl
+has_toc: false
+---
+# auth0 network-acl list
+
+List your network ACLs. To create one, run: auth0 network-acl create
+
+## Usage
+```
+auth0 network-acl list [flags]
+```
+
+## Examples
+
+```
+  auth0 network-acl list
+  auth0 network-acl ls
+  auth0 network-acl ls --json
+```
+
+
+## Flags
+
+```
+      --json   Output in JSON format
+```
+
+
+## Inherited Flags
+
+```
+      --debug           Enable debug mode.
+      --no-color        Disable colors.
+      --no-input        Disable interactivity.
+      --tenant string   Specific tenant to use.
+```
+
+
+## Related Commands
+
+- [auth0 network-acl create](auth0_network-acl_create.md) - Create a new network ACL
+- [auth0 network-acl delete](auth0_network-acl_delete.md) - Delete a network ACL
+- [auth0 network-acl list](auth0_network-acl_list.md) - List network ACLs
+- [auth0 network-acl show](auth0_network-acl_show.md) - Show a network ACL
+- [auth0 network-acl update](auth0_network-acl_update.md) - Update a network ACL
+
+

docs/auth0_network-acl_show.md

@@ -0,0 +1,48 @@
+---
+layout: default
+parent: auth0 network-acl
+has_toc: false
+---
+# auth0 network-acl show
+
+Show the details of a network ACL.
+
+## Usage
+```
+auth0 network-acl show [flags]
+```
+
+## Examples
+
+```
+  auth0 network-acl show <id>
+  auth0 network-acl show <id> --json
+```
+
+
+## Flags
+
+```
+      --json   Output in JSON format
+```
+
+
+## Inherited Flags
+
+```
+      --debug           Enable debug mode.
+      --no-color        Disable colors.
+      --no-input        Disable interactivity.
+      --tenant string   Specific tenant to use.
+```
+
+
+## Related Commands
+
+- [auth0 network-acl create](auth0_network-acl_create.md) - Create a new network ACL
+- [auth0 network-acl delete](auth0_network-acl_delete.md) - Delete a network ACL
+- [auth0 network-acl list](auth0_network-acl_list.md) - List network ACLs
+- [auth0 network-acl show](auth0_network-acl_show.md) - Show a network ACL
+- [auth0 network-acl update](auth0_network-acl_update.md) - Update a network ACL
+
+

docs/auth0_network-acl_update.md

@@ -0,0 +1,68 @@
+---
+layout: default
+parent: auth0 network-acl
+has_toc: false
+---
+# auth0 network-acl update
+
+Update a network ACL.
+To update interactively, use "auth0 network-acl update" with no arguments.
+To update non-interactively, supply the required parameters (description, active, priority, and rule) through flags.
+When updating the rule, provide a complete JSON object with action, scope, and match/not_match properties.
+
+## Usage
+```
+auth0 network-acl update [flags]
+```
+
+## Examples
+
+```
+  auth0 network-acl update <id>
+  auth0 network-acl update <id> --priority 5 
+  auth0 network-acl update <id> --active true
+  auth0 network-acl update <id> --description "Complex Rule updated" --priority 1 --active true --rule '{"action":{"block":true},"scope":"tenant","match":{"ipv4_cidrs":["192.168.1.0/24"],"geo_country_codes":["US"]}}'
+```
+
+
+## Flags
+
+```
+      --action string               Action for the rule (block, allow, log, redirect)
+      --active string               Whether the network ACL is active ('true' or 'false')
+      --asns ints                   Comma-separated list of ASNs to match (Eg. 64496,64497,64498)
+      --country-codes strings       Comma-separated list of country codes to match (Eg. US,CA,MX)
+  -d, --description string          Description of the network ACL
+      --ipv4-cidrs strings          Comma-separated list of IPv4 CIDR ranges (Eg. 192.168.1.0/24,10.0.0.0/8)
+      --ipv6-cidrs strings          Comma-separated list of IPv6 CIDR ranges (Eg. 2001:db8::/32,2001:db8:1234::/48)
+      --ja3-fingerprints strings    Comma-separated list of JA3 fingerprints to match (Eg. deadbeef,cafebabe)
+      --ja4-fingerprints strings    Comma-separated list of JA4 fingerprints to match (Eg. t13d1516h2_8daaf6152771)
+      --json                        Output in JSON format
+  -p, --priority int                Priority of the network ACL (1-10) (default 1)
+      --redirect-uri string         URI to redirect to when action is redirect
+      --rule string                 Network ACL rule configuration in JSON format
+      --scope string                Scope of the rule (management, authentication, tenant)
+      --subdivision-codes strings   Comma-separated list of subdivision codes to match (Eg. US-NY,US-CA)
+      --user-agents strings         Comma-separated list of user agents to match (Eg. badbot/*,malicious/*)
+```
+
+
+## Inherited Flags
+
+```
+      --debug           Enable debug mode.
+      --no-color        Disable colors.
+      --no-input        Disable interactivity.
+      --tenant string   Specific tenant to use.
+```
+
+
+## Related Commands
+
+- [auth0 network-acl create](auth0_network-acl_create.md) - Create a new network ACL
+- [auth0 network-acl delete](auth0_network-acl_delete.md) - Delete a network ACL
+- [auth0 network-acl list](auth0_network-acl_list.md) - List network ACLs
+- [auth0 network-acl show](auth0_network-acl_show.md) - Show a network ACL
+- [auth0 network-acl update](auth0_network-acl_update.md) - Update a network ACL
+
+

docs/auth0_terraform_generate.md

@@ -33,7 +33,7 @@ auth0 terraform generate [flags]
 ```
       --force               Skip confirmation.
   -o, --output-dir string   Output directory for the generated Terraform config files. If not provided, the files will be saved in the current working directory. (default "./")
-  -r, --resources strings   Resource types to generate Terraform config for. If not provided, config files for all available resources will be generated. (default [auth0_action,auth0_attack_protection,auth0_branding,auth0_phone_provider,auth0_client,auth0_client_grant,auth0_connection,auth0_custom_domain,auth0_flow,auth0_flow_vault_connection,auth0_form,auth0_email_provider,auth0_email_template,auth0_guardian,auth0_organization,auth0_pages,auth0_prompt,auth0_prompt_custom_text,auth0_prompt_screen_renderer,auth0_resource_server,auth0_role,auth0_tenant,auth0_trigger_actions])
+  -r, --resources strings   Resource types to generate Terraform config for. If not provided, config files for all available resources will be generated. (default [auth0_action,auth0_attack_protection,auth0_branding,auth0_phone_provider,auth0_client,auth0_client_grant,auth0_connection,auth0_custom_domain,auth0_flow,auth0_flow_vault_connection,auth0_form,auth0_email_provider,auth0_email_template,auth0_guardian,auth0_organization,auth0_network_acl,auth0_pages,auth0_prompt,auth0_prompt_custom_text,auth0_prompt_screen_renderer,auth0_resource_server,auth0_role,auth0_tenant,auth0_trigger_actions])
   -v, --tf-version string   Terraform version that ought to be used while generating the terraform files for resources. If not provided, 1.5.0 is used by default (default "1.5.0")
 ```
 

docs/index.md

@@ -90,6 +90,7 @@ Authenticating as a user is not supported for **private cloud** tenants. Instead
 - [auth0 login](auth0_login.md) - Authenticate the Auth0 CLI
 - [auth0 logout](auth0_logout.md) - Log out of a tenant's session
 - [auth0 logs](auth0_logs.md) - View tenant logs
+- [auth0 network-acl](auth0_network-acl.md) - Manage network ACL settings
 - [auth0 orgs](auth0_orgs.md) - Manage resources for organizations
 - [auth0 phone](auth0_phone.md) - Manage phone providers
 - [auth0 protection](auth0_protection.md) - Manage resources for attack protection

go.mod

@@ -9,7 +9,7 @@ require (
 	github.com/AlecAivazis/survey/v2 v2.3.7
 	github.com/PuerkitoBio/rehttp v1.4.0
 	github.com/atotto/clipboard v0.1.4
-	github.com/auth0/go-auth0 v1.18.0
+	github.com/auth0/go-auth0 v1.19.0
 	github.com/briandowns/spinner v1.23.2
 	github.com/charmbracelet/glamour v0.8.0
 	github.com/fsnotify/fsnotify v1.9.0
@@ -30,8 +30,8 @@ require (
 	github.com/pkg/browser v0.0.0-20210706143420-7d21f8c997e2
 	github.com/pkg/errors v0.9.1
 	github.com/schollz/progressbar/v3 v3.17.1
-	github.com/spf13/cobra v1.9.1
-	github.com/spf13/pflag v1.0.6
+	github.com/spf13/cobra v1.8.1
+	github.com/spf13/pflag v1.0.5
 	github.com/stretchr/testify v1.10.0
 	github.com/tidwall/pretty v1.2.1
 	github.com/zalando/go-keyring v0.2.6

go.sum

@@ -27,8 +27,8 @@ github.com/apparentlymart/go-textseg/v15 v15.0.0 h1:uYvfpb3DyLSCGWnctWKGj857c6ew
 github.com/apparentlymart/go-textseg/v15 v15.0.0/go.mod h1:K8XmNZdhEBkdlyDdvbmmsvpAG721bKi0joRfFdHIWJ4=
 github.com/atotto/clipboard v0.1.4 h1:EH0zSVneZPSuFR11BlR9YppQTVDbh5+16AmcJi4g1z4=
 github.com/atotto/clipboard v0.1.4/go.mod h1:ZY9tmq7sm5xIbd9bOK4onWV4S6X0u6GY7Vn0Yu86PYI=
-github.com/auth0/go-auth0 v1.18.0 h1:GOuqS8N8oN3QElljGQv+r1AN0EFPQbnyCSsfGsPreLM=
-github.com/auth0/go-auth0 v1.18.0/go.mod h1:6g0NRYWA+rzTLG5AohwCJ0YCEqbzphKcdjt+PWrgcPk=
+github.com/auth0/go-auth0 v1.19.0 h1:LZAVZCiZsENm0wX/PvRwN+mLbyCb4PPCfyKww8b7KR4=
+github.com/auth0/go-auth0 v1.19.0/go.mod h1:6g0NRYWA+rzTLG5AohwCJ0YCEqbzphKcdjt+PWrgcPk=
 github.com/aybabtme/iocontrol v0.0.0-20150809002002-ad15bcfc95a0 h1:0NmehRCgyk5rljDQLKUO+cRJCnduDyn11+zGZIc9Z48=
 github.com/aybabtme/iocontrol v0.0.0-20150809002002-ad15bcfc95a0/go.mod h1:6L7zgvqo0idzI7IO8de6ZC051AfXb5ipkIJ7bIA2tGA=
 github.com/aymanbagabas/go-osc52/v2 v2.0.1 h1:HwpRHbFMcZLEVr42D4p7XBqjyuxQH5SMiErDT4WkJ2k=
@@ -53,7 +53,7 @@ github.com/chengxilo/virtualterm v1.0.4 h1:Z6IpERbRVlfB8WkOmtbHiDbBANU7cimRIof7m
 github.com/chengxilo/virtualterm v1.0.4/go.mod h1:DyxxBZz/x1iqJjFxTFcr6/x+jSpqN0iwWCOK1q10rlY=
 github.com/cloudflare/circl v1.3.7 h1:qlCDlTPz2n9fu58M0Nh1J/JzcFpfgkFHHX3O35r5vcU=
 github.com/cloudflare/circl v1.3.7/go.mod h1:sRTcRWXGLrKw6yIGJ+l7amYJFfAXbZG0kBSc8r4zxgA=
-github.com/cpuguy83/go-md2man/v2 v2.0.6/go.mod h1:oOW0eioCTA6cOiMLiUPZOpcVxMig6NIQQ7OS05n1F4g=
+github.com/cpuguy83/go-md2man/v2 v2.0.4/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
 github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
 github.com/creack/pty v1.1.17 h1:QeVUsEDNrLBW4tMgZHvxy18sKtr6VI492kBhUfhDJNI=
 github.com/creack/pty v1.1.17/go.mod h1:MOBLtS5ELjhRRrroQr9kyvTxUAFNvYEK993ew/Vr4O4=
@@ -218,10 +218,10 @@ github.com/sergi/go-diff v1.3.2-0.20230802210424-5b0b94c5c0d3 h1:n661drycOFuPLCN
 github.com/sergi/go-diff v1.3.2-0.20230802210424-5b0b94c5c0d3/go.mod h1:A0bzQcvG0E7Rwjx0REVgAGH58e96+X0MeOfepqsbeW4=
 github.com/skeema/knownhosts v1.3.0 h1:AM+y0rI04VksttfwjkSTNQorvGqmwATnvnAHpSgc0LY=
 github.com/skeema/knownhosts v1.3.0/go.mod h1:sPINvnADmT/qYH1kfv+ePMmOBTH6Tbl7b5LvTDjFK7M=
-github.com/spf13/cobra v1.9.1 h1:CXSaggrXdbHK9CF+8ywj8Amf7PBRmPCOJugH954Nnlo=
-github.com/spf13/cobra v1.9.1/go.mod h1:nDyEzZ8ogv936Cinf6g1RU9MRY64Ir93oCnqb9wxYW0=
-github.com/spf13/pflag v1.0.6 h1:jFzHGLGAlb3ruxLB8MhbI6A8+AQX/2eW4qeyNZXNp2o=
-github.com/spf13/pflag v1.0.6/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg=
+github.com/spf13/cobra v1.8.1 h1:e5/vxKd/rZsfSJMUX1agtjeTDf+qv1/JdBF8gg5k9ZM=
+github.com/spf13/cobra v1.8.1/go.mod h1:wHxEcudfqmLYa8iTfL+OuZPbBZkmvliBWKIezN3kD9Y=
+github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA=
+github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/objx v0.5.2 h1:xuMeJ0Sdp5ZMRXx/aWO6RZxdr3beISkG5/G/aIRr3pY=
 github.com/stretchr/objx v0.5.2/go.mod h1:FRsXN1f5AsAjCGJKqEizvkpNtU+EGNCLh3NxZ/8L+MA=