]>
Commit | Line | Data |
---|---|---|
8f119284 DM |
1 | package PVE::API2::Firewall::Groups; |
2 | ||
3 | use strict; | |
4 | use warnings; | |
5 | use PVE::JSONSchema qw(get_standard_option); | |
6 | ||
7 | use PVE::Firewall; | |
86791289 | 8 | use PVE::API2::Firewall::Rules; |
8f119284 DM |
9 | |
10 | use Data::Dumper; # fixme: remove | |
11 | ||
12 | use base qw(PVE::RESTHandler); | |
13 | ||
14 | __PACKAGE__->register_method({ | |
9567aa91 | 15 | name => 'list_security_groups', |
8f119284 DM |
16 | path => '', |
17 | method => 'GET', | |
18 | description => "List security groups.", | |
8f119284 DM |
19 | parameters => { |
20 | additionalProperties => 0, | |
8f119284 DM |
21 | }, |
22 | returns => { | |
23 | type => 'array', | |
24 | items => { | |
25 | type => "object", | |
d1c53b3e | 26 | properties => { |
387d0ffc | 27 | name => get_standard_option('pve-security-group-name'), |
d1c53b3e | 28 | }, |
8f119284 DM |
29 | }, |
30 | links => [ { rel => 'child', href => "{name}" } ], | |
31 | }, | |
32 | code => sub { | |
33 | my ($param) = @_; | |
34 | ||
fca39c2c | 35 | my $cluster_conf = PVE::Firewall::load_clusterfw_conf(); |
8f119284 DM |
36 | |
37 | my $res = []; | |
c6f5cc88 DM |
38 | foreach my $group (keys %{$cluster_conf->{groups}}) { |
39 | push @$res, { name => $group, count => scalar(@{$cluster_conf->{groups}->{$group}}) }; | |
d1c53b3e DM |
40 | } |
41 | ||
42 | return $res; | |
43 | }}); | |
44 | ||
9567aa91 DM |
45 | __PACKAGE__->register_method({ |
46 | name => 'create_security_group', | |
47 | path => '', | |
48 | method => 'POST', | |
49 | description => "Create new security group.", | |
50 | protected => 1, | |
51 | parameters => { | |
52 | additionalProperties => 0, | |
53 | properties => { | |
54 | name => get_standard_option('pve-security-group-name'), | |
55 | rename => get_standard_option('pve-security-group-name', { | |
56 | description => "Rename an existing security group.", | |
57 | optional => 1, | |
58 | }), | |
59 | }, | |
60 | }, | |
61 | returns => { type => 'null' }, | |
62 | code => sub { | |
63 | my ($param) = @_; | |
64 | ||
65 | my $cluster_conf = PVE::Firewall::load_clusterfw_conf(); | |
66 | ||
67 | foreach my $name (keys %{$cluster_conf->{groups}}) { | |
68 | raise_param_exc({ name => "Security group '$name' already exists" }) | |
69 | if $name eq $param->{name}; | |
70 | } | |
71 | ||
72 | if ($param->{rename}) { | |
73 | raise_param_exc({ name => "Security group '$param->{rename}' does not exists" }) | |
74 | if !$cluster_conf->{groups}->{$param->{rename}}; | |
75 | my $data = delete $cluster_conf->{groups}->{$param->{rename}}; | |
76 | $cluster_conf->{groups}->{$param->{name}} = $data; | |
77 | } else { | |
78 | $cluster_conf->{groups}->{$param->{name}} = []; | |
79 | } | |
80 | ||
81 | PVE::Firewall::save_clusterfw_conf($cluster_conf); | |
82 | ||
83 | return undef; | |
84 | }}); | |
85 | ||
86 | ||
87 | __PACKAGE__->register_method({ | |
88 | name => 'delete_security_group', | |
89 | path => '{name}', | |
90 | method => 'DELETE', | |
91 | description => "Delete security group.", | |
92 | protected => 1, | |
93 | parameters => { | |
94 | additionalProperties => 0, | |
95 | properties => { | |
96 | name => get_standard_option('pve-security-group-name'), | |
97 | } | |
98 | }, | |
99 | returns => { type => 'null' }, | |
100 | code => sub { | |
101 | my ($param) = @_; | |
102 | ||
103 | my $cluster_conf = PVE::Firewall::load_clusterfw_conf(); | |
104 | ||
105 | return undef if !$cluster_conf->{groups}->{$param->{name}}; | |
106 | ||
107 | die "Security group '$param->{name}' is not empty\n" | |
108 | if scalar(@{$cluster_conf->{groups}->{$param->{name}}}); | |
109 | ||
110 | delete $cluster_conf->{groups}->{$param->{name}}; | |
111 | ||
112 | PVE::Firewall::save_clusterfw_conf($cluster_conf); | |
113 | ||
114 | return undef; | |
115 | }}); | |
387d0ffc | 116 | |
86791289 DM |
117 | __PACKAGE__->register_method ({ |
118 | subclass => "PVE::API2::Firewall::GroupRules", | |
d1c53b3e | 119 | path => '{group}', |
86791289 | 120 | }); |
9c7e0858 | 121 | |
8f119284 | 122 | 1; |