]>
git.proxmox.com Git - pve-firewall.git/blob - src/PVE/API2/Firewall/Aliases.pm
1 package PVE
::API2
::Firewall
::AliasesBase
;
5 use PVE
::Exception
qw(raise raise_param_exc);
6 use PVE
::JSONSchema
qw(get_standard_option);
10 use base
qw(PVE::RESTHandler);
12 my $api_properties = {
14 description
=> "Network/IP specification in CIDR format.",
15 type
=> 'string', format
=> 'IPv4orCIDR',
17 name
=> get_standard_option
('pve-fw-alias'),
18 rename => get_standard_option
('pve-fw-alias', {
19 description
=> "Rename an existing alias.",
29 my ($class, $param) = @_;
31 die "implement this in subclass";
33 #return ($fw_conf, $rules);
37 my ($class, $param, $fw_conf, $aliases) = @_;
39 die "implement this in subclass";
42 my $additional_param_hash = {};
44 sub additional_parameters
{
45 my ($class, $new_value) = @_;
47 if (defined($new_value)) {
48 $additional_param_hash->{$class} = $new_value;
53 my $org = $additional_param_hash->{$class} || {};
54 foreach my $p (keys %$org) { $copy->{$p} = $org->{$p}; }
58 my $aliases_to_list = sub {
62 foreach my $k (sort keys %$aliases) {
63 push @$list, $aliases->{$k};
68 sub register_get_aliases
{
71 my $properties = $class->additional_parameters();
73 $class->register_method({
74 name
=> 'get_aliases',
77 description
=> "List aliases",
79 additionalProperties
=> 0,
80 properties
=> $properties,
87 name
=> { type
=> 'string' },
88 cidr
=> { type
=> 'string' },
93 digest
=> get_standard_option
('pve-config-digest', { optional
=> 0} ),
96 links
=> [ { rel
=> 'child', href
=> "{name}" } ],
101 my ($fw_conf, $aliases) = $class->load_config($param);
103 my $list = &$aliases_to_list($aliases);
105 return PVE
::Firewall
::copy_list_with_digest
($list);
109 sub register_create_alias
{
112 my $properties = $class->additional_parameters();
114 $properties->{name
} = $api_properties->{name
};
115 $properties->{cidr
} = $api_properties->{cidr
};
116 $properties->{comment
} = $api_properties->{comment
};
118 $class->register_method({
119 name
=> 'create_alias',
122 description
=> "Create IP or Network Alias.",
125 additionalProperties
=> 0,
126 properties
=> $properties,
128 returns
=> { type
=> "null" },
132 my ($fw_conf, $aliases) = $class->load_config($param);
134 my $name = lc($param->{name
});
136 raise_param_exc
({ name
=> "alias '$param->{name}' already exists" })
137 if defined($aliases->{$name});
139 my $data = { name
=> $param->{name
}, cidr
=> $param->{cidr
} };
140 $data->{comment
} = $param->{comment
} if $param->{comment
};
142 $aliases->{$name} = $data;
144 $class->save_aliases($param, $fw_conf, $aliases);
150 sub register_read_alias
{
153 my $properties = $class->additional_parameters();
155 $properties->{name
} = $api_properties->{name
};
157 $class->register_method({
158 name
=> 'read_alias',
161 description
=> "Read alias.",
163 additionalProperties
=> 0,
164 properties
=> $properties,
166 returns
=> { type
=> "object" },
170 my ($fw_conf, $aliases) = $class->load_config($param);
172 my $name = lc($param->{name
});
174 raise_param_exc
({ name
=> "no such alias" })
175 if !defined($aliases->{$name});
177 return $aliases->{$name};
181 sub register_update_alias
{
184 my $properties = $class->additional_parameters();
186 $properties->{name
} = $api_properties->{name
};
187 $properties->{rename} = $api_properties->{rename};
188 $properties->{cidr
} = $api_properties->{cidr
};
189 $properties->{comment
} = $api_properties->{comment
};
190 $properties->{digest
} = get_standard_option
('pve-config-digest');
192 $class->register_method({
193 name
=> 'update_alias',
196 description
=> "Update IP or Network alias.",
199 additionalProperties
=> 0,
200 properties
=> $properties,
202 returns
=> { type
=> "null" },
206 my ($fw_conf, $aliases) = $class->load_config($param);
208 my $list = &$aliases_to_list($aliases);
210 my (undef, $digest) = PVE
::Firewall
::copy_list_with_digest
($list);
212 PVE
::Tools
::assert_if_modified
($digest, $param->{digest
});
214 my $name = lc($param->{name
});
216 raise_param_exc
({ name
=> "no such alias" }) if !$aliases->{$name};
218 my $data = { name
=> $param->{name
}, cidr
=> $param->{cidr
} };
219 $data->{comment
} = $param->{comment
} if $param->{comment
};
221 $aliases->{$name} = $data;
223 my $rename = lc($param->{rename});
225 if ($rename && ($name ne $rename)) {
226 raise_param_exc
({ name
=> "alias '$param->{rename}' already exists" })
227 if defined($aliases->{$rename});
228 $aliases->{$name}->{name
} = $param->{rename};
229 $aliases->{$rename} = $aliases->{$name};
230 delete $aliases->{$name};
233 $class->save_aliases($param, $fw_conf, $aliases);
239 sub register_delete_alias
{
242 my $properties = $class->additional_parameters();
244 $properties->{name
} = $api_properties->{name
};
245 $properties->{digest
} = get_standard_option
('pve-config-digest');
247 $class->register_method({
248 name
=> 'remove_alias',
251 description
=> "Remove IP or Network alias.",
254 additionalProperties
=> 0,
255 properties
=> $properties,
257 returns
=> { type
=> "null" },
261 my ($fw_conf, $aliases) = $class->load_config($param);
263 my $list = &$aliases_to_list($aliases);
264 my (undef, $digest) = PVE
::Firewall
::copy_list_with_digest
($list);
265 PVE
::Tools
::assert_if_modified
($digest, $param->{digest
});
267 my $name = lc($param->{name
});
268 delete $aliases->{$name};
270 $class->save_aliases($param, $fw_conf, $aliases);
276 sub register_handlers
{
279 $class->register_get_aliases();
280 $class->register_create_alias();
281 $class->register_read_alias();
282 $class->register_update_alias();
283 $class->register_delete_alias();
286 package PVE
::API2
::Firewall
::ClusterAliases
;
291 use base
qw(PVE::API2::Firewall::AliasesBase);
294 my ($class, $param) = @_;
296 my $fw_conf = PVE
::Firewall
::load_clusterfw_conf
();
297 my $aliases = $fw_conf->{aliases
};
299 return ($fw_conf, $aliases);
303 my ($class, $param, $fw_conf, $aliases) = @_;
305 $fw_conf->{aliases
} = $aliases;
306 PVE
::Firewall
::save_clusterfw_conf
($fw_conf);
309 __PACKAGE__-
>register_handlers();
311 package PVE
::API2
::Firewall
::VMAliases
;
315 use PVE
::JSONSchema
qw(get_standard_option);
317 use base
qw(PVE::API2::Firewall::AliasesBase);
319 __PACKAGE__-
>additional_parameters({
320 node
=> get_standard_option
('pve-node'),
321 vmid
=> get_standard_option
('pve-vmid'),
325 my ($class, $param) = @_;
327 my $cluster_conf = PVE
::Firewall
::load_clusterfw_conf
();
328 my $fw_conf = PVE
::Firewall
::load_vmfw_conf
($cluster_conf, 'vm', $param->{vmid
});
329 my $aliases = $fw_conf->{aliases
};
331 return ($fw_conf, $aliases);
335 my ($class, $param, $fw_conf, $aliases) = @_;
337 $fw_conf->{aliases
} = $aliases;
338 PVE
::Firewall
::save_vmfw_conf
($param->{vmid
}, $fw_conf);
341 __PACKAGE__-
>register_handlers();
343 package PVE
::API2
::Firewall
::CTAliases
;
347 use PVE
::JSONSchema
qw(get_standard_option);
349 use base
qw(PVE::API2::Firewall::AliasesBase);
351 __PACKAGE__-
>additional_parameters({
352 node
=> get_standard_option
('pve-node'),
353 vmid
=> get_standard_option
('pve-vmid'),
357 my ($class, $param) = @_;
359 my $cluster_conf = PVE
::Firewall
::load_clusterfw_conf
();
360 my $fw_conf = PVE
::Firewall
::load_vmfw_conf
($cluster_conf, 'ct', $param->{vmid
});
361 my $aliases = $fw_conf->{aliases
};
363 return ($fw_conf, $aliases);
367 my ($class, $param, $fw_conf, $aliases) = @_;
369 $fw_conf->{aliases
} = $aliases;
370 PVE
::Firewall
::save_vmfw_conf
($param->{vmid
}, $fw_conf);
373 __PACKAGE__-
>register_handlers();