firewall group API: change 'name' to 'group'

[pve-firewall.git] / src / PVE / API2 / Firewall / Rules.pm

diff --git a/src/PVE/API2/Firewall/Rules.pm b/src/PVE/API2/Firewall/Rules.pm
index d9ba2f4d6acbd0fb366bf0d3a870eb30b5830cd9..65fe8a65e2be48d56beaaa379d09409951553f7b 100644 (file)
--- a/src/PVE/API2/Firewall/Rules.pm
+++ b/src/PVE/API2/Firewall/Rules.pm
@@ -3,6 +3,7 @@ package PVE::API2::Firewall::RulesBase;
 use strict;
 use warnings;
 use PVE::JSONSchema qw(get_standard_option);
+use PVE::Exception qw(raise raise_param_exc);
 
 use PVE::Firewall;
 
@@ -81,16 +82,14 @@ sub register_get_rules {
 
            my ($fw_conf, $rules) = $class->load_config($param);
 
-           my $digest = $fw_conf->{digest};
-
-           my $res = [];
+           my ($list, $digest) = PVE::Firewall::copy_list_with_digest($rules);
 
            my $ind = 0;
-           foreach my $rule (@$rules) {
-               push @$res, PVE::Firewall::cleanup_fw_rule($rule, $digest, $ind++);
+           foreach my $rule (@$list) {
+               $rule->{pos} = $ind++;
            }
 
-           return $res;
+           return $list;
        }});
 }
 
@@ -123,14 +122,14 @@ sub register_get_rule {
 
            my ($fw_conf, $rules) = $class->load_config($param);
 
-           my $digest = $fw_conf->{digest};
-           # fixme: check digest
+           my ($list, $digest) = PVE::Firewall::copy_list_with_digest($rules);
        
-           die "no rule at position $param->{pos}\n" if $param->{pos} >= scalar(@$rules);
+           die "no rule at position $param->{pos}\n" if $param->{pos} >= scalar(@$list);
        
-           my $rule = $rules->[$param->{pos}];
-           
-           return PVE::Firewall::cleanup_fw_rule($rule, $digest, $param->{pos});
+           my $rule = $list->[$param->{pos}];
+           $rule->{pos} = $param->{pos};
+
+           return $rule;
        }});
 }
 
@@ -159,8 +158,6 @@ sub register_create_rule {
 
            my ($fw_conf, $rules) = $class->load_config($param);
 
-           my $digest = $fw_conf->{digest};
-
            my $rule = {};
 
            PVE::Firewall::copy_rule_data($rule, $param);
@@ -214,9 +211,9 @@ sub register_update_rule {
 
            my ($fw_conf, $rules) = $class->load_config($param);
 
-           my $digest = $fw_conf->{digest};
-           # fixme: check digest
-       
+           my (undef, $digest) = PVE::Firewall::copy_list_with_digest($rules);
+           PVE::Tools::assert_if_modified($digest, $param->{digest});
+
            die "no rule at position $param->{pos}\n" if $param->{pos} >= scalar(@$rules);
        
            my $rule = $rules->[$param->{pos}];
@@ -258,6 +255,8 @@ sub register_delete_rule {
     my $properties = $class->additional_parameters();
 
     $properties->{pos} = $api_properties->{pos};
+
+    $properties->{digest} = get_standard_option('pve-config-digest');
     
     $class->register_method({
        name => 'delete_rule',
@@ -275,8 +274,8 @@ sub register_delete_rule {
 
            my ($fw_conf, $rules) = $class->load_config($param);
 
-           my $digest = $fw_conf->{digest};
-           # fixme: check digest
+           my (undef, $digest) = PVE::Firewall::copy_list_with_digest($rules);
+           PVE::Tools::assert_if_modified($digest, $param->{digest});
        
            die "no rule at position $param->{pos}\n" if $param->{pos} >= scalar(@$rules);
        
@@ -302,14 +301,11 @@ package PVE::API2::Firewall::GroupRules;
 
 use strict;
 use warnings;
+use PVE::JSONSchema qw(get_standard_option);
 
 use base qw(PVE::API2::Firewall::RulesBase);
 
-__PACKAGE__->additional_parameters({ group => {
-    description => "Security group name.",
-    type => 'string',
-    maxLength => 20, # fixme: what length?
-}});
+__PACKAGE__->additional_parameters({ group => get_standard_option('pve-security-group-name') });
 
 sub allow_groups {
     return 0;