]>
Commit | Line | Data |
---|---|---|
29fa7feb SI |
1 | package PMG::API2::DestinationTLSPolicy; |
2 | ||
3 | use strict; | |
4 | use warnings; | |
5 | ||
6 | use PVE::RESTHandler; | |
7 | use PVE::INotify; | |
8 | use PVE::Exception qw(raise_param_exc); | |
9 | ||
10 | use PMG::Config; | |
11 | ||
12 | use base qw(PVE::RESTHandler); | |
13 | ||
14 | __PACKAGE__->register_method ({ | |
15 | name => 'index', | |
16 | path => '', | |
17 | method => 'GET', | |
18 | description => "List tls_policy entries.", | |
19 | proxyto => 'master', | |
20 | permissions => { check => [ 'admin', 'audit' ] }, | |
21 | parameters => { | |
22 | additionalProperties => 0, | |
23 | properties => {}, | |
24 | }, | |
25 | returns => { | |
26 | type => 'array', | |
27 | items => { | |
28 | type => 'object', | |
29 | properties => { | |
30 | domain => { type => 'string', format => 'transport-domain'}, | |
31 | policy => { type => 'string', format => 'tls-policy'}, | |
32 | }, | |
33 | }, | |
34 | links => [ { rel => 'child', href => "{domain}" } ], | |
35 | }, | |
36 | code => sub { | |
37 | my ($param) = @_; | |
38 | ||
39 | my $res = []; | |
40 | ||
41 | my $policies = PVE::INotify::read_file('tls_policy'); | |
42 | foreach my $policy (sort keys %$policies) { | |
43 | push @$res, $policies->{$policy}; | |
44 | } | |
45 | ||
46 | return $res; | |
47 | }}); | |
48 | ||
49 | __PACKAGE__->register_method ({ | |
50 | name => 'create', | |
51 | path => '', | |
52 | method => 'POST', | |
53 | proxyto => 'master', | |
54 | protected => 1, | |
55 | permissions => { check => [ 'admin' ] }, | |
56 | description => "Add tls_policy entry.", | |
57 | parameters => { | |
58 | additionalProperties => 0, | |
59 | properties => { | |
60 | domain => { | |
61 | description => "Domain name.", | |
62 | type => 'string', format => 'transport-domain', | |
63 | }, | |
64 | policy => { | |
65 | description => "TLS policy", | |
f1a44c5c | 66 | type => 'string', format => 'tls-policy-strict', |
29fa7feb SI |
67 | }, |
68 | }, | |
69 | }, | |
70 | returns => { type => 'null' }, | |
71 | code => sub { | |
72 | my ($param) = @_; | |
73 | my $domain = $param->{domain}; | |
f1a44c5c | 74 | my $policy = $param->{policy}; |
29fa7feb SI |
75 | |
76 | my $code = sub { | |
77 | my $tls_policy = PVE::INotify::read_file('tls_policy'); | |
78 | raise_param_exc({ domain => "DestinationTLSPolicy entry for '$domain' already exists" }) | |
79 | if $tls_policy->{$domain}; | |
80 | ||
81 | $tls_policy->{$domain} = { | |
82 | domain => $domain, | |
83 | policy => $param->{policy}, | |
84 | }; | |
85 | ||
86 | PVE::INotify::write_file('tls_policy', $tls_policy); | |
87 | PMG::Config::postmap_tls_policy(); | |
88 | }; | |
89 | ||
90 | PMG::Config::lock_config($code, "add tls_policy entry failed"); | |
91 | ||
92 | return undef; | |
93 | }}); | |
94 | ||
95 | __PACKAGE__->register_method ({ | |
96 | name => 'read', | |
97 | path => '{domain}', | |
98 | method => 'GET', | |
99 | description => "Read tls_policy entry.", | |
100 | proxyto => 'master', | |
101 | permissions => { check => [ 'admin', 'audit' ] }, | |
102 | parameters => { | |
103 | additionalProperties => 0, | |
104 | properties => { | |
105 | domain => { | |
106 | description => "Domain name.", | |
107 | type => 'string', format => 'transport-domain', | |
108 | }, | |
109 | }, | |
110 | }, | |
111 | returns => { | |
112 | type => "object", | |
113 | properties => { | |
114 | domain => { type => 'string', format => 'transport-domain'}, | |
115 | policy => { type => 'string', format => 'tls-policy'}, | |
116 | }, | |
117 | }, | |
118 | code => sub { | |
119 | my ($param) = @_; | |
120 | my $domain = $param->{domain}; | |
121 | ||
122 | my $tls_policy = PVE::INotify::read_file('tls_policy'); | |
123 | ||
124 | if (my $entry = $tls_policy->{$domain}) { | |
125 | return $entry; | |
126 | } | |
127 | ||
128 | raise_param_exc({ domain => "DestinationTLSPolicy entry for '$domain' does not exist" }); | |
129 | }}); | |
130 | ||
131 | __PACKAGE__->register_method ({ | |
132 | name => 'write', | |
133 | path => '{domain}', | |
134 | method => 'PUT', | |
135 | description => "Update tls_policy entry.", | |
136 | protected => 1, | |
137 | permissions => { check => [ 'admin' ] }, | |
138 | proxyto => 'master', | |
139 | parameters => { | |
140 | additionalProperties => 0, | |
141 | properties => { | |
142 | domain => { | |
143 | description => "Domain name.", | |
144 | type => 'string', format => 'transport-domain', | |
145 | }, | |
146 | policy => { | |
147 | description => "TLS policy", | |
f1a44c5c | 148 | type => 'string', format => 'tls-policy-strict', |
29fa7feb SI |
149 | }, |
150 | }, | |
151 | }, | |
152 | returns => { type => 'null' }, | |
153 | code => sub { | |
154 | my ($param) = @_; | |
155 | my $domain = $param->{domain}; | |
f1a44c5c | 156 | my $policy = $param->{policy}; |
29fa7feb SI |
157 | |
158 | my $code = sub { | |
159 | ||
160 | my $tls_policy = PVE::INotify::read_file('tls_policy'); | |
161 | ||
162 | raise_param_exc({ domain => "DestinationTLSPolicy entry for '$domain' does not exist" }) | |
163 | if !$tls_policy->{$domain}; | |
164 | ||
165 | $tls_policy->{$domain}->{policy} = $policy; | |
166 | ||
167 | PVE::INotify::write_file('tls_policy', $tls_policy); | |
168 | PMG::Config::postmap_tls_policy(); | |
169 | }; | |
170 | ||
171 | PMG::Config::lock_config($code, "update tls_policy entry failed"); | |
172 | ||
173 | return undef; | |
174 | }}); | |
175 | ||
176 | __PACKAGE__->register_method ({ | |
177 | name => 'delete', | |
178 | path => '{domain}', | |
179 | method => 'DELETE', | |
180 | description => "Delete a tls_policy entry", | |
181 | protected => 1, | |
182 | permissions => { check => [ 'admin' ] }, | |
183 | proxyto => 'master', | |
184 | parameters => { | |
185 | additionalProperties => 0, | |
186 | properties => { | |
187 | domain => { | |
188 | description => "Domain name.", | |
189 | type => 'string', format => 'transport-domain', | |
190 | }, | |
191 | } | |
192 | }, | |
193 | returns => { type => 'null' }, | |
194 | code => sub { | |
195 | my ($param) = @_; | |
196 | my $domain = $param->{domain}; | |
197 | ||
198 | my $code = sub { | |
199 | my $tls_policy = PVE::INotify::read_file('tls_policy'); | |
200 | ||
201 | raise_param_exc({ domain => "DestinationTLSPolicy entry for '$domain' does not exist" }) | |
202 | if !$tls_policy->{$domain}; | |
203 | ||
204 | delete $tls_policy->{$domain}; | |
205 | ||
206 | PVE::INotify::write_file('tls_policy', $tls_policy); | |
207 | PMG::Config::postmap_tls_policy(); | |
208 | }; | |
209 | ||
210 | PMG::Config::lock_config($code, "delete tls_policy entry failed"); | |
211 | ||
212 | return undef; | |
213 | }}); | |
214 | ||
215 | 1; |