]>
git.proxmox.com Git - pve-firewall.git/blob - src/PVE/API2/Firewall/Groups.pm
1 package PVE
:: API2
:: Firewall
:: Groups
;
5 use PVE
:: JSONSchema
qw(get_standard_option) ;
6 use PVE
:: Exception
qw(raise raise_param_exc) ;
9 use PVE
:: API2
:: Firewall
:: Rules
;
11 use Data
:: Dumper
; # fixme: remove
13 use base
qw(PVE::RESTHandler) ;
15 __PACKAGE__-
> register_method ({
16 name
=> 'list_security_groups' ,
19 description
=> "List security groups." ,
21 additionalProperties
=> 0 ,
28 name
=> get_standard_option
( 'pve-security-group-name' ),
29 digest
=> get_standard_option
( 'pve-config-digest' , { optional
=> 0 } ),
36 links
=> [ { rel
=> 'child' , href
=> "{name}" } ],
41 my $cluster_conf = PVE
:: Firewall
:: load_clusterfw_conf
();
43 my $digest = $cluster_conf ->{ digest
};
46 foreach my $group ( keys %{ $cluster_conf ->{ groups
}}) {
50 count
=> scalar (@{ $cluster_conf ->{ groups
}->{ $group }})
52 if ( my $comment = $cluster_conf ->{ group_comments
}->{ $group }) {
53 $data ->{ comment
} = $comment ;
61 __PACKAGE__-
> register_method ({
62 name
=> 'create_security_group' ,
65 description
=> "Create new security group." ,
68 additionalProperties
=> 0 ,
70 name
=> get_standard_option
( 'pve-security-group-name' ),
75 rename => get_standard_option
( 'pve-security-group-name' , {
76 description
=> "Rename/update an existing security group. You can set 'rename' to the same value as 'name' to update the 'comment' of an existing group." ,
79 digest
=> get_standard_option
( 'pve-config-digest' ),
82 returns
=> { type
=> 'null' },
86 my $cluster_conf = PVE
:: Firewall
:: load_clusterfw_conf
();
88 my $digest = $cluster_conf ->{ digest
};
90 PVE
:: Tools
:: assert_if_modified
( $digest, $param ->{ digest
});
92 if (! $param ->{ rename }) {
93 foreach my $name ( keys %{ $cluster_conf ->{ groups
}}) {
94 raise_param_exc
({ name
=> "Security group ' $name ' already exists" })
95 if $name eq $param ->{ name
};
99 if ( $param ->{ rename }) {
100 raise_param_exc
({ name
=> "Security group ' $param ->{rename}' does not exists" })
101 if ! $cluster_conf ->{ groups
}->{ $param ->{ rename }};
102 my $data = delete $cluster_conf ->{ groups
}->{ $param ->{ rename }};
103 $cluster_conf ->{ groups
}->{ $param ->{ name
}} = $data ;
104 if ( my $comment = delete $cluster_conf ->{ group_comments
}->{ $param ->{ rename }}) {
105 $cluster_conf ->{ group_comments
}->{ $param ->{ name
}} = $comment ;
107 $cluster_conf ->{ group_comments
}->{ $param ->{ name
}} = $param ->{ comment
} if defined ( $param ->{ comment
});
109 $cluster_conf ->{ groups
}->{ $param ->{ name
}} = [];
110 $cluster_conf ->{ group_comments
}->{ $param ->{ name
}} = $param ->{ comment
} if defined ( $param ->{ comment
});
113 PVE
:: Firewall
:: save_clusterfw_conf
( $cluster_conf );
118 __PACKAGE__-
> register_method ({
119 name
=> 'delete_security_group' ,
122 description
=> "Delete security group." ,
125 additionalProperties
=> 0 ,
127 name
=> get_standard_option
( 'pve-security-group-name' ),
128 digest
=> get_standard_option
( 'pve-config-digest' ),
131 returns
=> { type
=> 'null' },
135 my $cluster_conf = PVE
:: Firewall
:: load_clusterfw_conf
();
137 PVE
:: Tools
:: assert_if_modified
( $cluster_conf ->{ digest
}, $param ->{ digest
});
139 return undef if ! $cluster_conf ->{ groups
}->{ $param ->{ name
}};
141 die "Security group ' $param ->{name}' is not empty \n "
142 if scalar (@{ $cluster_conf ->{ groups
}->{ $param ->{ name
}}});
144 delete $cluster_conf ->{ groups
}->{ $param ->{ name
}};
146 PVE
:: Firewall
:: save_clusterfw_conf
( $cluster_conf );
151 __PACKAGE__-
> register_method ({
152 subclass
=> "PVE::API2::Firewall::GroupRules" ,