start API for aliases
[pve-firewall.git] / src / PVE / API2 / Firewall / Aliases.pm
CommitLineData
81d574a7
DM
1package PVE::API2::Firewall::AliasesBase;
2
3use strict;
4use warnings;
5use PVE::Exception qw(raise raise_param_exc);
6use PVE::JSONSchema qw(get_standard_option);
7
8use PVE::Firewall;
9
10use base qw(PVE::RESTHandler);
11
12my $api_properties = {
13 cidr => {
14 description => "Network/IP specification in CIDR format.",
15 type => 'string', format => 'IPv4orCIDR',
16 },
17 name => get_standard_option('pve-fw-alias'),
18 comment => {
19 type => 'string',
20 optional => 1,
21 }
22};
23
24sub load_config {
25 my ($class, $param) = @_;
26
27 die "implement this in subclass";
28
29 #return ($fw_conf, $rules);
30}
31
32sub save_aliases {
33 my ($class, $param, $fw_conf, $aliases) = @_;
34
35 die "implement this in subclass";
36}
37
38my $additional_param_hash = {};
39
40sub additional_parameters {
41 my ($class, $new_value) = @_;
42
43 if (defined($new_value)) {
44 $additional_param_hash->{$class} = $new_value;
45 }
46
47 # return a copy
48 my $copy = {};
49 my $org = $additional_param_hash->{$class} || {};
50 foreach my $p (keys %$org) { $copy->{$p} = $org->{$p}; }
51 return $copy;
52}
53
54my $aliases_to_list = sub {
55 my ($aliases) = @_;
56
57 my $list = [];
58 foreach my $k (sort keys %$aliases) {
59 push @$list, $aliases->{$k};
60 }
61 return $list;
62};
63
64sub register_get_aliases {
65 my ($class) = @_;
66
67 my $properties = $class->additional_parameters();
68
69 $class->register_method({
70 name => 'get_aliases',
71 path => '',
72 method => 'GET',
73 description => "List aliases",
74 parameters => {
75 additionalProperties => 0,
76 properties => $properties,
77 },
78 returns => {
79 type => 'array',
80 items => {
81 type => "object",
82 properties => {
83 name => { type => 'string' },
84 cidr => { type => 'string' },
85 comment => {
86 type => 'string',
87 optional => 1,
88 },
89 digest => get_standard_option('pve-config-digest', { optional => 0} ),
90 },
91 },
92 links => [ { rel => 'child', href => "{name}" } ],
93 },
94 code => sub {
95 my ($param) = @_;
96
97 my ($fw_conf, $aliases) = $class->load_config($param);
98
99 my $list = &$aliases_to_list($aliases);
100
101 return PVE::Firewall::copy_list_with_digest($list);
102 }});
103}
104
105sub register_create_alias {
106 my ($class) = @_;
107
108 my $properties = $class->additional_parameters();
109
110 $properties->{name} = $api_properties->{name};
111 $properties->{cidr} = $api_properties->{cidr};
112 $properties->{comment} = $api_properties->{comment};
113
114 $class->register_method({
115 name => 'create_alias',
116 path => '',
117 method => 'POST',
118 description => "Create IP or Network Alias.",
119 protected => 1,
120 parameters => {
121 additionalProperties => 0,
122 properties => $properties,
123 },
124 returns => { type => "null" },
125 code => sub {
126 my ($param) = @_;
127
128 my ($fw_conf, $aliases) = $class->load_config($param);
129
130 my $name = lc($param->{name});
131
132 raise_param_exc({ name => "alias '$param->{name}' already exists" })
133 if defined($aliases->{$name});
134
135 my $data = { name => $param->{name}, cidr => $param->{cidr} };
136 $data->{comment} = $param->{comment} if $param->{comment};
137
138 $aliases->{$name} = $data;
139
140 $class->save_aliases($param, $fw_conf, $aliases);
141
142 return undef;
143 }});
144}
145
146sub register_read_alias {
147 my ($class) = @_;
148
149 my $properties = $class->additional_parameters();
150
151 $properties->{name} = $api_properties->{name};
152 $properties->{cidr} = $api_properties->{cidr};
153
154 $class->register_method({
155 name => 'read_alias',
156 path => '{name}',
157 method => 'GET',
158 description => "Read alias.",
159 parameters => {
160 additionalProperties => 0,
161 properties => $properties,
162 },
163 returns => { type => "object" },
164 code => sub {
165 my ($param) = @_;
166
167 my ($fw_conf, $aliases) = $class->load_config($param);
168
169 my $name = lc($param->{name});
170
171 raise_param_exc({ name => "no such alias" })
172 if !defined($aliases->{$name});
173
174 return $aliases->{$name};
175 }});
176}
177
178sub register_update_alias {
179 my ($class) = @_;
180
181 my $properties = $class->additional_parameters();
182
183 $properties->{name} = $api_properties->{name};
184 $properties->{cidr} = $api_properties->{cidr};
185 $properties->{comment} = $api_properties->{comment};
186 $properties->{digest} = get_standard_option('pve-config-digest');
187
188 $class->register_method({
189 name => 'update_alias',
190 path => '{name}',
191 method => 'PUT',
192 description => "Update IP or Network alias.",
193 protected => 1,
194 parameters => {
195 additionalProperties => 0,
196 properties => $properties,
197 },
198 returns => { type => "null" },
199 code => sub {
200 my ($param) = @_;
201
202 my ($fw_conf, $aliases) = $class->load_config($param);
203
204 my $list = &$aliases_to_list($aliases);
205
206 my (undef, $digest) = PVE::Firewall::copy_list_with_digest($list);
207
208 PVE::Tools::assert_if_modified($digest, $param->{digest});
209
210 my $name = lc($param->{name});
211
212 raise_param_exc({ name => "no such alias" }) if !$aliases->{$name};
213
214 my $data = { name => $param->{name}, cidr => $param->{cidr} };
215 $data->{comment} = $param->{comment} if $param->{comment};
216
217 $aliases->{$name} = $data;
218
219 $class->save_aliases($param, $fw_conf, $aliases);
220 }});
221}
222
223sub register_delete_alias {
224 my ($class) = @_;
225
226 my $properties = $class->additional_parameters();
227
228 $properties->{name} = $api_properties->{name};
229 $properties->{cidr} = $api_properties->{cidr};
230 $properties->{digest} = get_standard_option('pve-config-digest');
231
232 $class->register_method({
233 name => 'remove_alias',
234 path => '{name}',
235 method => 'DELETE',
236 description => "Remove IP or Network alias.",
237 protected => 1,
238 parameters => {
239 additionalProperties => 0,
240 properties => $properties,
241 },
242 returns => { type => "null" },
243 code => sub {
244 my ($param) = @_;
245
246 my ($fw_conf, $aliases) = $class->load_config($param);
247
248 my $list = &$aliases_to_list($aliases);
249 my (undef, $digest) = PVE::Firewall::copy_list_with_digest($list);
250 PVE::Tools::assert_if_modified($digest, $param->{digest});
251
252 my $name = lc($param->{name});
253 delete $aliases->{$name};
254
255 $class->save_aliases($param, $fw_conf, $aliases);
256
257 return undef;
258 }});
259}
260
261sub register_handlers {
262 my ($class) = @_;
263
264 $class->register_get_aliases();
265 $class->register_create_alias();
266 $class->register_read_alias();
267 $class->register_update_alias();
268 $class->register_delete_alias();
269}
270
271package PVE::API2::Firewall::ClusterAliases;
272
273use strict;
274use warnings;
275
276use base qw(PVE::API2::Firewall::AliasesBase);
277
278sub load_config {
279 my ($class, $param) = @_;
280
281 my $fw_conf = PVE::Firewall::load_clusterfw_conf();
282 my $aliases = $fw_conf->{aliases};
283
284 return ($fw_conf, $aliases);
285}
286
287sub save_aliases {
288 my ($class, $param, $fw_conf, $aliases) = @_;
289
290 $fw_conf->{aliases} = $aliases;
291 PVE::Firewall::save_clusterfw_conf($fw_conf);
292}
293
294__PACKAGE__->register_handlers();
295
2961;