[pve-firewall.git] / src / PVE / API2 / Firewall / VM.pm

package PVE::API2::Firewall::VM;

use strict;
use warnings;
use PVE::JSONSchema qw(get_standard_option);
use PVE::Cluster;
use PVE::Firewall;

use Data::Dumper; # fixme: remove

use base qw(PVE::RESTHandler);

__PACKAGE__->register_method({
    name => 'index',
    path => '',
    method => 'GET',
    permissions => { user => 'all' },
    description => "Directory index.",
    parameters => {
    	additionalProperties => 0,
	properties => {
	    node => get_standard_option('pve-node'),
	    vmid => get_standard_option('pve-vmid'),
	},
    },
    returns => {
	type => 'array',
	items => {
	    type => "object",
	    properties => {},
	},
	links => [ { rel => 'child', href => "{name}" } ],
    },
    code => sub {
	my ($param) = @_;

	my $result = [
	    { name => 'rules' },
	    { name => 'options' },
	    ];

	return $result;
    }});

__PACKAGE__->register_method({
    name => 'get_rules',
    path => 'rules',
    method => 'GET',
    description => "List VM firewall rules.",
    proxyto => 'node',
    parameters => {
    	additionalProperties => 0,
	properties => {
	    node => get_standard_option('pve-node'),
	    vmid => get_standard_option('pve-vmid'),
	},
    },
    returns => {
	type => 'array',
	items => {
	    type => "object",
	    properties => {},
	},
    },
    code => sub {
	my ($param) = @_;

	my $vmid = $param->{vmid};

	my $vmlist = PVE::Cluster::get_vmlist();

	die "no such VM ('$vmid')\n" 
	    if !($vmlist && $vmlist->{ids} && defined($vmlist->{ids}->{$vmid}));

	my $vmfw_conf = PVE::Firewall::load_vmfw_conf($vmid);

	my $rules = $vmfw_conf->{rules} || [];

	my $digest = $vmfw_conf->{digest};

	my $res = [];
	
	my $ind = 0;
	foreach my $rule (@$rules) {
	    push @$res, PVE::Firewall::cleanup_fw_rule($rule, $digest, $ind++);
	}

	return $res;
    }});

__PACKAGE__->register_method({
    name => 'get_options',
    path => 'options',
    method => 'GET',
    description => "Get host firewall options.",
    proxyto => 'node',
    parameters => {
    	additionalProperties => 0,
	properties => {
	    node => get_standard_option('pve-node'),
	    vmid => get_standard_option('pve-vmid'),
	},
    },
    returns => {
	type => "object",
	properties => {},
    },
    code => sub {
	my ($param) = @_;

	my $vmid = $param->{vmid};

	my $vmlist = PVE::Cluster::get_vmlist();

	die "no such VM ('$vmid')\n" 
	    if !($vmlist && $vmlist->{ids} && defined($vmlist->{ids}->{$vmid}));

	my $vmfw_conf = PVE::Firewall::load_vmfw_conf($vmid);

	my $options = $vmfw_conf->{options} || {};

	my $digest = $vmfw_conf->{digest};

	$options->{digest} = $digest;

	return $options;
    }});

1;
Commit	Line	Data
e7b35711 DM	1	package PVE::API2::Firewall::VM;
	2
	3	use strict;
	4	use warnings;
	5	use PVE::JSONSchema qw(get_standard_option);
	6	use PVE::Cluster;
	7	use PVE::Firewall;
	8
	9	use Data::Dumper; # fixme: remove
	10
	11	use base qw(PVE::RESTHandler);
	12
	13	__PACKAGE__->register_method({
	14	name => 'index',
	15	path => '',
	16	method => 'GET',
	17	permissions => { user => 'all' },
	18	description => "Directory index.",
	19	parameters => {
	20	additionalProperties => 0,
	21	properties => {
	22	node => get_standard_option('pve-node'),
	23	vmid => get_standard_option('pve-vmid'),
	24	},
	25	},
	26	returns => {
	27	type => 'array',
	28	items => {
	29	type => "object",
	30	properties => {},
	31	},
	32	links => [ { rel => 'child', href => "{name}" } ],
	33	},
	34	code => sub {
	35	my ($param) = @_;
	36
	37	my $result = [
	38	{ name => 'rules' },
	39	{ name => 'options' },
	40	];
	41
	42	return $result;
	43	}});
	44
	45	__PACKAGE__->register_method({
	46	name => 'get_rules',
	47	path => 'rules',
	48	method => 'GET',
	49	description => "List VM firewall rules.",
	50	proxyto => 'node',
	51	parameters => {
	52	additionalProperties => 0,
	53	properties => {
	54	node => get_standard_option('pve-node'),
	55	vmid => get_standard_option('pve-vmid'),
	56	},
	57	},
	58	returns => {
	59	type => 'array',
	60	items => {
	61	type => "object",
	62	properties => {},
	63	},
	64	},
65	code => sub {
66	my ($param) = @_;
67
68	my $vmid = $param->{vmid};
69
70	my $vmlist = PVE::Cluster::get_vmlist();
71
72	die "no such VM ('$vmid')\n"
73	if !($vmlist && $vmlist->{ids} && defined($vmlist->{ids}->{$vmid}));
74
75	my $vmfw_conf = PVE::Firewall::load_vmfw_conf($vmid);
76
77	my $rules = $vmfw_conf->{rules} \|\| [];
78
79	my $digest = $vmfw_conf->{digest};
80
81	my $res = [];
82
83	my $ind = 0;
84	foreach my $rule (@$rules) {
85	push @$res, PVE::Firewall::cleanup_fw_rule($rule, $digest, $ind++);
86	}
87
88	return $res;
89	}});
90
91	__PACKAGE__->register_method({
92	name => 'get_options',
93	path => 'options',
94	method => 'GET',
95	description => "Get host firewall options.",
96	proxyto => 'node',
97	parameters => {
98	additionalProperties => 0,
99	properties => {
100	node => get_standard_option('pve-node'),
101	vmid => get_standard_option('pve-vmid'),
102	},
103	},
104	returns => {
105	type => "object",
106	properties => {},
107	},
108	code => sub {
109	my ($param) = @_;
110
111	my $vmid = $param->{vmid};
112
113	my $vmlist = PVE::Cluster::get_vmlist();
114
115	die "no such VM ('$vmid')\n"
116	if !($vmlist && $vmlist->{ids} && defined($vmlist->{ids}->{$vmid}));
117
118	my $vmfw_conf = PVE::Firewall::load_vmfw_conf($vmid);
119
120	my $options = $vmfw_conf->{options} \|\| {};
121
122	my $digest = $vmfw_conf->{digest};
123
124	$options->{digest} = $digest;
125
126	return $options;
127	}});
128
129	1;