[pve-manager.git] / www / manager6 / grid / FirewallRules.js

Ext.define('PVE.form.FWMacroSelector', {
    extend: 'PVE.form.ComboGrid',
    alias: 'widget.pveFWMacroSelector',
    allowBlank: true,
    autoSelect: false,
    valueField: 'macro',
    displayField: 'macro',
    listConfig: {
	columns: [
	    {
		header: gettext('Macro'),
		dataIndex: 'macro',
		hideable: false,
		width: 100
	    },
	    {
		header: gettext('Description'),
		renderer: Ext.String.htmlEncode,
		flex: 1,
		dataIndex: 'descr'
	    }
	]
    },
    initComponent: function() {
	var me = this;

	var store = Ext.create('Ext.data.Store', {
	    autoLoad: true,
	    fields: [ 'macro', 'descr' ],
	    idProperty: 'macro',
	    proxy: {
		type: 'pve',
		url: "/api2/json/cluster/firewall/macros"
	    },
	    sorters: {
		property: 'macro',
		order: 'DESC'
	    }
	});

	Ext.apply(me, {
	    store: store
	});

	me.callParent();
    }
});

Ext.define('PVE.FirewallRulePanel', {
    extend: 'PVE.panel.InputPanel',

    allow_iface: false,

    list_refs_url: undefined,

    onGetValues: function(values) {
	var me = this;

	// hack: editable ComboGrid returns nothing when empty, so we need to set ''
	// Also, disabled text fields return nothing, so we need to set ''

	Ext.Array.each(['source', 'dest', 'macro', 'proto', 'sport', 'dport'], function(key) {
	    if (values[key] === undefined) {
		values[key] = '';
	    }
	});

	delete values.modified_marker;
 
	return values;
    },

    initComponent : function() {
	var me = this;

	if (!me.list_refs_url) {
	    throw "no list_refs_url specified";
	}

	me.column1 = [
	    {
		// hack: we use this field to mark the form 'dirty' when the
		// record has errors- so that the user can safe the unmodified 
		// form again.
		xtype: 'hiddenfield',
		name: 'modified_marker',
		value: ''
	    },
	    {
		xtype: 'pveKVComboBox',
		name: 'type',
		value: 'in',
		comboItems: [['in', 'in'], ['out', 'out']],
		fieldLabel: gettext('Direction'),
		allowBlank: false
	    },
	    {
		xtype: 'pveKVComboBox',
		name: 'action',
		value: 'ACCEPT',
		comboItems: [['ACCEPT', 'ACCEPT'], ['DROP', 'DROP'], ['REJECT', 'REJECT']],
		fieldLabel: gettext('Action'),
		allowBlank: false
	    }
        ];

	if (me.allow_iface) {
	    me.column1.push({
		xtype: 'pvetextfield',
		name: 'iface',
		deleteEmpty: !me.isCreate,
		value: '',
		fieldLabel: gettext('Interface')
	    });
	} else {
	    me.column1.push({
		xtype: 'displayfield',
		fieldLabel: '',
		value: ''
	    });
	}

	me.column1.push(
	    {
		xtype: 'displayfield',
		fieldLabel: '',
		height: 7,
		value: ''
	    },
	    {
		xtype: 'pveIPRefSelector',
		name: 'source',
		autoSelect: false,
		editable: true,
		base_url: me.list_refs_url,
		value: '',
		fieldLabel: gettext('Source')

	    },
	    {
		xtype: 'pveIPRefSelector',
		name: 'dest',
		autoSelect: false,
		editable: true,
		base_url: me.list_refs_url,
		value: '',
		fieldLabel: gettext('Destination')
	    }
	);

	
	me.column2 = [
	    {
		xtype: 'pvecheckbox',
		name: 'enable',
		checked: false,
		uncheckedValue: 0,
		fieldLabel: gettext('Enable')
	    },
	    {
		xtype: 'pveFWMacroSelector',
		name: 'macro',
		fieldLabel: gettext('Macro'),
		editable: true,
		allowBlank: true,
		listeners: {
		    change: function(f, value) {
                        if (value === null) {
			    me.down('field[name=proto]').setDisabled(false);
			    me.down('field[name=sport]').setDisabled(false);
			    me.down('field[name=dport]').setDisabled(false);
                        } else {
			    me.down('field[name=proto]').setDisabled(true);
			    me.down('field[name=proto]').setValue('');
			    me.down('field[name=sport]').setDisabled(true);
			    me.down('field[name=sport]').setValue('');
			    me.down('field[name=dport]').setDisabled(true);
			    me.down('field[name=dport]').setValue('');
                       }
                    }
                }
	    },
	    {
		xtype: 'pveIPProtocolSelector',
		name: 'proto',
		autoSelect: false,
		editable: true,
		value: '',
		fieldLabel: gettext('Protocol')
	    },
	    {
		xtype: 'displayfield',
		fieldLabel: '',
		height: 7,
		value: ''
	    },
	    {
		xtype: 'textfield',
		name: 'sport',
		value: '',
		fieldLabel: gettext('Source port')
	    },
	    {
		xtype: 'textfield',
		name: 'dport',
		value: '',
		fieldLabel: gettext('Dest. port')
	    }
	];
	
	me.columnB = [
	    {
		xtype: 'textfield',
		name: 'comment',
		value: '',
		fieldLabel: gettext('Comment')
	    }
	];

	me.callParent();
    }
});

Ext.define('PVE.FirewallRuleEdit', {
    extend: 'PVE.window.Edit',

    base_url: undefined,
    list_refs_url: undefined,

    allow_iface: false,

    initComponent : function() {

	var me = this;

	if (!me.base_url) {
	    throw "no base_url specified";
	}
	if (!me.list_refs_url) {
	    throw "no list_refs_url specified";
	}

	me.isCreate = (me.rule_pos === undefined);

	if (me.isCreate) {
            me.url = '/api2/extjs' + me.base_url;
            me.method = 'POST';
        } else {
            me.url = '/api2/extjs' + me.base_url + '/' + me.rule_pos.toString();
            me.method = 'PUT';
        }

	var ipanel = Ext.create('PVE.FirewallRulePanel', {
	    isCreate: me.isCreate,
	    list_refs_url: me.list_refs_url,
	    allow_iface: me.allow_iface,
	    rule_pos: me.rule_pos
	});

	Ext.apply(me, {
            subject: gettext('Rule'),
	    isAdd: true,
	    items: [ ipanel ]
	});

	me.callParent();

	if (!me.isCreate) {
	    me.load({
		success: function(response, options) {
		    var values = response.result.data;
		    ipanel.setValues(values);
		    if (values.errors) {
			var field = me.query('[isFormField][name=modified_marker]')[0];
			field.setValue(1);
			Ext.Function.defer(function() {
			    var form = ipanel.up('form').getForm();
			    form.markInvalid(values.errors);
			}, 100);
		    }
		}
	    });
	} else if (me.rec) {
	    ipanel.setValues(me.rec.data);
	}
    }
});

Ext.define('PVE.FirewallGroupRuleEdit', {
    extend: 'PVE.window.Edit',

    base_url: undefined,

    allow_iface: false,

    initComponent : function() {

	var me = this;

	me.isCreate = (me.rule_pos === undefined);

	if (me.isCreate) {
            me.url = '/api2/extjs' + me.base_url;
            me.method = 'POST';
        } else {
            me.url = '/api2/extjs' + me.base_url + '/' + me.rule_pos.toString();
            me.method = 'PUT';
        }

	var column1 = [
	    {
		xtype: 'hiddenfield',
		name: 'type',
		value: 'group'
	    },
	    {
		xtype: 'pveSecurityGroupsSelector',
		name: 'action',
		value: '',
		fieldLabel: gettext('Security Group'),
		allowBlank: false
	    }
	];

	if (me.allow_iface) {
	    column1.push({
		xtype: 'pvetextfield',
		name: 'iface',
		deleteEmpty: !me.isCreate,
		value: '',
		fieldLabel: gettext('Interface')
	    });
	}

	var ipanel = Ext.create('PVE.panel.InputPanel', {
	    isCreate: me.isCreate,
	    column1: column1,
	    column2: [
		{
		    xtype: 'pvecheckbox',
		    name: 'enable',
		    checked: false,
		    uncheckedValue: 0,
		    fieldLabel: gettext('Enable')
		}
	    ],
	    columnB: [
		{
		    xtype: 'textfield',
		    name: 'comment',
		    value: '',
		    fieldLabel: gettext('Comment')
		}
	    ]
	});

	Ext.apply(me, {
            subject: gettext('Rule'),
	    isAdd: true,
	    items: [ ipanel ]
	});

	me.callParent();

	if (!me.isCreate) {
	    me.load({
		success:  function(response, options) {
		    var values = response.result.data;
		    ipanel.setValues(values);
		}
	    });
	}
    }
});

Ext.define('PVE.FirewallRules', {
    extend: 'Ext.grid.Panel',
    alias: 'widget.pveFirewallRules',

    onlineHelp: 'chapter_pve_firewall',

    stateful: true,
    stateId: 'grid-firewall-rules',

    base_url: undefined,
    list_refs_url: undefined,

    addBtn: undefined,
    removeBtn: undefined,
    editBtn: undefined,
    groupBtn: undefined,

    tbar_prefix: undefined,

    allow_groups: true,
    allow_iface: false,

    setBaseUrl: function(url) {
        var me = this;

	me.base_url = url;

	if (url === undefined) {
	    me.addBtn.setDisabled(true);
	    if (me.groupBtn) {
		me.groupBtn.setDisabled(true);
	    }
	    me.store.removeAll();
	} else {
	    me.addBtn.setDisabled(false);
	    if (me.groupBtn) {
		me.groupBtn.setDisabled(false);
	    }
	    me.store.setProxy({
		type: 'pve',
		url: '/api2/json' + url
	    });

	    me.store.load();
	}
    },

    moveRule: function(from, to) {
        var me = this;

	if (!me.base_url) { 
	    return;
	}

	PVE.Utils.API2Request({
	    url: me.base_url + "/" + from,
	    method: 'PUT',
	    params: { moveto: to },
	    waitMsgTarget: me,
	    failure: function(response, options) {
		Ext.Msg.alert(gettext('Error'), response.htmlStatus);
	    },
	    callback: function() {
		me.store.load();
	    }
	});
    },

    updateRule: function(rule) {
        var me = this;

	if (!me.base_url) { 
	    return;
	}

	rule.enable = rule.enable ? 1 : 0;

	var pos = rule.pos;
	delete rule.pos;
	delete rule.errors;

	PVE.Utils.API2Request({
	    url: me.base_url + '/' + pos.toString(),
	    method: 'PUT',
	    params: rule,
	    waitMsgTarget: me,
	    failure: function(response, options) {
		Ext.Msg.alert(gettext('Error'), response.htmlStatus);
	    },
	    callback: function() {
		me.store.load();
	    }
	});
    },

    deleteRule: function(rule) {
        var me = this;

	if (!me.base_url) {
	    return;
	}

	PVE.Utils.API2Request({
	    url: me.base_url + '/' + rule.pos.toString() +
		'?digest=' + encodeURIComponent(rule.digest),
	    method: 'DELETE',
	    waitMsgTarget: me,
	    failure: function(response, options) {
		Ext.Msg.alert(gettext('Error'), response.htmlStatus);
	    },
	    callback: function() {
		me.store.load();
	    }
	});
    },

    initComponent: function() {
	/*jslint confusion: true */
        var me = this;

	if (!me.list_refs_url) {
	    throw "no list_refs_url specified";
	}

	var store = Ext.create('Ext.data.Store',{
	    model: 'pve-fw-rule'
	});

	var reload = function() {
	    store.load();
	};

	var sm = Ext.create('Ext.selection.RowModel', {});

	var run_editor = function() {
	    var rec = sm.getSelection()[0];
	    if (!rec) {
		return;
	    }
	    var type = rec.data.type;

	    var editor;
	    if (type === 'in' || type === 'out') {
		editor = 'PVE.FirewallRuleEdit';
	    } else if (type === 'group') {
		editor = 'PVE.FirewallGroupRuleEdit';
	    } else {
		return;
	    }

	    var win = Ext.create(editor, {
		digest: rec.data.digest,
		allow_iface: me.allow_iface,
		base_url: me.base_url,
		list_refs_url: me.list_refs_url,
		rule_pos: rec.data.pos
	    });

	    win.show();
	    win.on('destroy', reload);
	};

	me.editBtn = Ext.create('PVE.button.Button',{
	    text: gettext('Edit'),
	    disabled: true,
	    selModel: sm,
	    handler: run_editor
	});

	me.addBtn =  Ext.create('Ext.Button', {
	    text: gettext('Add'),
	    disabled: true,
	    handler: function() {
		var win = Ext.create('PVE.FirewallRuleEdit', {
		    allow_iface: me.allow_iface,
		    base_url: me.base_url,
		    list_refs_url: me.list_refs_url
		});
		win.on('destroy', reload);
		win.show();
	    }
	});

	var run_copy_editor = function() {
	    var rec = sm.getSelection()[0];

	    if (!rec) {
		return;
	    }
	    var type = rec.data.type;


	    if (!(type === 'in' || type === 'out')) {
		return;
	    }

	    var win = Ext.create('PVE.FirewallRuleEdit', {
		allow_iface: me.allow_iface,
		base_url: me.base_url,
		list_refs_url: me.list_refs_url,
		rec: rec
	    });

	    win.show();
	    win.on('destroy', reload);
	};

	me.copyBtn = Ext.create('PVE.button.Button',{
	    text: gettext('Copy'),
	    selModel: sm,
	    enableFn: function(rec) {
		return (rec.data.type === 'in' || rec.data.type === 'out');
	    },
	    disabled: true,
	    handler: run_copy_editor
	});

	if (me.allow_groups) {
	    me.groupBtn =  Ext.create('Ext.Button', {
		text: gettext('Insert') + ': ' + 
		    gettext('Security Group'),
		disabled: true,
		handler: function() {
		    var win = Ext.create('PVE.FirewallGroupRuleEdit', {
			allow_iface: me.allow_iface,
			base_url: me.base_url
		    });
		    win.on('destroy', reload);
		    win.show();
		}
	    });
	}

	me.removeBtn = Ext.create('PVE.button.Button',{
	    text: gettext('Remove'),
	    selModel: sm,
	    disabled: true,
	    handler: function() {
		var rec = sm.getSelection()[0];
		if (!rec) {
		    return;
		}
		me.deleteRule(rec.data);
	    }
	});

	var tbar = me.tbar_prefix ? [ me.tbar_prefix ] : [];
	tbar.push(me.addBtn, me.copyBtn);
	if (me.groupBtn) {
	    tbar.push(me.groupBtn);
	}
	tbar.push(me.removeBtn, me.editBtn);

	var render_errors = function(name, value, metaData, record) {
	    var errors = record.data.errors;
	    if (errors && errors[name]) {
		metaData.tdCls = 'pve-invalid-row';
		var html = '<p>' +  Ext.htmlEncode(errors[name]) + '</p>';
		metaData.tdAttr = 'data-qwidth=600 data-qtitle="ERROR" data-qtip="' + 
		    html.replace(/\"/g,'&quot;') + '"';
	    }
	    return value;
	};

	var columns = [
	    {
		// similar to xtype: 'rownumberer',
		dataIndex: 'pos',
		resizable: false,
		width: 23,
		sortable: false,
		align: 'right',
		hideable: false,
		menuDisabled: true,
		renderer: function(value, metaData, record, rowIdx, colIdx, store) {
		    metaData.tdCls = Ext.baseCSSPrefix + 'grid-cell-special';
		    if (value >= 0) {
			return value;
		    }
		    return '';
		}
	    },
	    {
		xtype: 'checkcolumn',
		header: gettext('Enable'),
		dataIndex: 'enable',
		listeners: {
		    checkchange: function(column, recordIndex, checked) {
			var record = me.getStore().getData().items[recordIndex];
			record.commit();
			var data = {};
			Ext.Array.forEach(record.getFields(), function(field) {
			    data[field.name] = record.get(field.name);
			});
			if (!me.allow_iface || !data.iface) {
			    delete data.iface;
			}
			me.updateRule(data);
		    }
		},
		width: 50
	    },
	    {
		header: gettext('Type'),
		dataIndex: 'type',
		renderer: function(value, metaData, record) {
		    return render_errors('type', value, metaData, record);
		},
		width: 50
	    },
	    {
		header: gettext('Action'),
		dataIndex: 'action',
		renderer: function(value, metaData, record) {
		    return render_errors('action', value, metaData, record);
		},
		width: 80
	    },
	    {
		header: gettext('Macro'),
		dataIndex: 'macro',
		renderer: function(value, metaData, record) {
		    return render_errors('macro', value, metaData, record);
		},
		width: 80
	    }
	];

	if (me.allow_iface) {
	    columns.push({
		header: gettext('Interface'),
		dataIndex: 'iface',
		renderer: function(value, metaData, record) {
		    return render_errors('iface', value, metaData, record);
		},
		width: 80
	    });
	}

	columns.push(
	    {
		header: gettext('Source'),
		dataIndex: 'source',
		renderer: function(value, metaData, record) {
		    return render_errors('source', value, metaData, record);
		},
		width: 100
	    },
	    {
		header: gettext('Destination'),
		dataIndex: 'dest',
		renderer: function(value, metaData, record) {
		    return render_errors('dest', value, metaData, record);
		},
		width: 100
	    },
	    {
		header: gettext('Protocol'),
		dataIndex: 'proto',
		renderer: function(value, metaData, record) {
		    return render_errors('proto', value, metaData, record);
		},
		width: 100
	    },
	    {
		header: gettext('Dest. port'),
		dataIndex: 'dport',
		renderer: function(value, metaData, record) {
		    return render_errors('dport', value, metaData, record);
		},
		width: 100
	    },
	    {
		header: gettext('Source port'),
		dataIndex: 'sport',
		renderer: function(value, metaData, record) {
		    return render_errors('sport', value, metaData, record);
		},
		width: 100
	    },
	    {
		header: gettext('Comment'),
		dataIndex: 'comment',
		flex: 1,
		renderer: function(value, metaData, record) {
		    return render_errors('comment', Ext.util.Format.htmlEncode(value), metaData, record);
		}
	    }
	);

	Ext.apply(me, {
	    store: store,
	    selModel: sm,
	    tbar: tbar,
            viewConfig: {
		plugins: [
		    {
			ptype: 'gridviewdragdrop',
			dragGroup: 'FWRuleDDGroup',
			dropGroup: 'FWRuleDDGroup'
		    }
		],
		listeners: {
                    beforedrop: function(node, data, dropRec, dropPosition) {
			if (!dropRec) {
			    return false; // empty view
			}
			var moveto = dropRec.get('pos');
			if (dropPosition === 'after') {
			    moveto++;
			}
			var pos = data.records[0].get('pos');
			me.moveRule(pos, moveto);
			return 0;
                    },
		    itemdblclick: run_editor
		}
	    },
	    sortableColumns: false,
	    columns: columns
	});

	me.callParent();

	if (me.base_url) {
	    me.setBaseUrl(me.base_url); // load
	}
    }
}, function() {

    Ext.define('pve-fw-rule', {
	extend: 'Ext.data.Model',
	fields: [ { name: 'enable', type: 'boolean' },
		  'type', 'action', 'macro', 'source', 'dest', 'proto', 'iface',
		  'dport', 'sport', 'comment', 'pos', 'digest', 'errors' ],
	idProperty: 'pos'
    });

});
Commit	Line	Data
435cce27 DM	1	Ext.define('PVE.form.FWMacroSelector', {
	2	extend: 'PVE.form.ComboGrid',
	3	alias: 'widget.pveFWMacroSelector',
3d990919 EK	4	allowBlank: true,
	5	autoSelect: false,
	6	valueField: 'macro',
	7	displayField: 'macro',
	8	listConfig: {
	9	columns: [
	10	{
	11	header: gettext('Macro'),
	12	dataIndex: 'macro',
	13	hideable: false,
	14	width: 100
	15	},
	16	{
	17	header: gettext('Description'),
91535f2b	18	renderer: Ext.String.htmlEncode,
3d990919 EK	19	flex: 1,
	20	dataIndex: 'descr'
	21	}
	22	]
	23	},
435cce27 DM	24	initComponent: function() {
	25	var me = this;
	26
	27	var store = Ext.create('Ext.data.Store', {
	28	autoLoad: true,
	29	fields: [ 'macro', 'descr' ],
	30	idProperty: 'macro',
	31	proxy: {
	32	type: 'pve',
	33	url: "/api2/json/cluster/firewall/macros"
	34	},
	35	sorters: {
	36	property: 'macro',
	37	order: 'DESC'
	38	}
	39	});
	40
	41	Ext.apply(me, {
22f2f9d6	42	store: store
435cce27 DM	43	});
	44
	45	me.callParent();
	46	}
	47	});
	48
	49	Ext.define('PVE.FirewallRulePanel', {
	50	extend: 'PVE.panel.InputPanel',
	51
	52	allow_iface: false,
	53
	54	list_refs_url: undefined,
	55
	56	onGetValues: function(values) {
	57	var me = this;
	58
	59	// hack: editable ComboGrid returns nothing when empty, so we need to set ''
	60	// Also, disabled text fields return nothing, so we need to set ''
	61
1fafdce8	62	Ext.Array.each(['source', 'dest', 'macro', 'proto', 'sport', 'dport'], function(key) {
435cce27 DM	63	if (values[key] === undefined) {
	64	values[key] = '';
	65	}
	66	});
	67
	68	delete values.modified_marker;
	69
	70	return values;
	71	},
	72
	73	initComponent : function() {
	74	var me = this;
	75
	76	if (!me.list_refs_url) {
	77	throw "no list_refs_url specified";
	78	}
	79
	80	me.column1 = [
	81	{
	82	// hack: we use this field to mark the form 'dirty' when the
	83	// record has errors- so that the user can safe the unmodified
	84	// form again.
	85	xtype: 'hiddenfield',
	86	name: 'modified_marker',
22f2f9d6	87	value: ''
435cce27 DM	88	},
	89	{
	90	xtype: 'pveKVComboBox',
	91	name: 'type',
	92	value: 'in',
e7bc7f31	93	comboItems: [['in', 'in'], ['out', 'out']],
435cce27 DM	94	fieldLabel: gettext('Direction'),
	95	allowBlank: false
	96	},
	97	{
	98	xtype: 'pveKVComboBox',
	99	name: 'action',
	100	value: 'ACCEPT',
e7bc7f31	101	comboItems: [['ACCEPT', 'ACCEPT'], ['DROP', 'DROP'], ['REJECT', 'REJECT']],
435cce27 DM	102	fieldLabel: gettext('Action'),
	103	allowBlank: false
	104	}
	105	];
	106
	107	if (me.allow_iface) {
	108	me.column1.push({
	109	xtype: 'pvetextfield',
	110	name: 'iface',
d5e771ce	111	deleteEmpty: !me.isCreate,
435cce27 DM	112	value: '',
	113	fieldLabel: gettext('Interface')
	114	});
	115	} else {
	116	me.column1.push({
	117	xtype: 'displayfield',
	118	fieldLabel: '',
435cce27 DM	119	value: ''
	120	});
	121	}
	122
fa94a977	123	me.column1.push(
435cce27 DM	124	{
	125	xtype: 'displayfield',
	126	fieldLabel: '',
	127	height: 7,
	128	value: ''
	129	},
	130	{
	131	xtype: 'pveIPRefSelector',
	132	name: 'source',
	133	autoSelect: false,
	134	editable: true,
	135	base_url: me.list_refs_url,
	136	value: '',
	137	fieldLabel: gettext('Source')
	138
	139	},
	140	{
	141	xtype: 'pveIPRefSelector',
	142	name: 'dest',
	143	autoSelect: false,
	144	editable: true,
	145	base_url: me.list_refs_url,
	146	value: '',
	147	fieldLabel: gettext('Destination')
	148	}
fa94a977	149	);
435cce27 DM	150
	151
	152	me.column2 = [
	153	{
	154	xtype: 'pvecheckbox',
	155	name: 'enable',
	156	checked: false,
435cce27 DM	157	uncheckedValue: 0,
	158	fieldLabel: gettext('Enable')
	159	},
	160	{
	161	xtype: 'pveFWMacroSelector',
	162	name: 'macro',
435cce27	163	fieldLabel: gettext('Macro'),
1fafdce8	164	editable: true,
435cce27 DM	165	allowBlank: true,
	166	listeners: {
	167	change: function(f, value) {
1fafdce8	168	if (value === null) {
435cce27 DM	169	me.down('field[name=proto]').setDisabled(false);
	170	me.down('field[name=sport]').setDisabled(false);
	171	me.down('field[name=dport]').setDisabled(false);
	172	} else {
	173	me.down('field[name=proto]').setDisabled(true);
	174	me.down('field[name=proto]').setValue('');
	175	me.down('field[name=sport]').setDisabled(true);
	176	me.down('field[name=sport]').setValue('');
	177	me.down('field[name=dport]').setDisabled(true);
7c7ae44f	178	me.down('field[name=dport]').setValue('');
435cce27 DM	179	}
	180	}
	181	}
	182	},
	183	{
	184	xtype: 'pveIPProtocolSelector',
	185	name: 'proto',
	186	autoSelect: false,
	187	editable: true,
	188	value: '',
	189	fieldLabel: gettext('Protocol')
	190	},
	191	{
	192	xtype: 'displayfield',
	193	fieldLabel: '',
	194	height: 7,
	195	value: ''
	196	},
	197	{
	198	xtype: 'textfield',
	199	name: 'sport',
	200	value: '',
	201	fieldLabel: gettext('Source port')
	202	},
	203	{
	204	xtype: 'textfield',
	205	name: 'dport',
435cce27 DM	206	value: '',
	207	fieldLabel: gettext('Dest. port')
	208	}
	209	];
	210
	211	me.columnB = [
	212	{
	213	xtype: 'textfield',
	214	name: 'comment',
	215	value: '',
	216	fieldLabel: gettext('Comment')
	217	}
	218	];
	219
	220	me.callParent();
	221	}
	222	});
	223
	224	Ext.define('PVE.FirewallRuleEdit', {
	225	extend: 'PVE.window.Edit',
	226
	227	base_url: undefined,
	228	list_refs_url: undefined,
	229
	230	allow_iface: false,
	231
	232	initComponent : function() {
d5e771ce	233
435cce27 DM	234	var me = this;
	235
	236	if (!me.base_url) {
	237	throw "no base_url specified";
	238	}
	239	if (!me.list_refs_url) {
	240	throw "no list_refs_url specified";
	241	}
	242
d5e771ce	243	me.isCreate = (me.rule_pos === undefined);
435cce27	244
d5e771ce	245	if (me.isCreate) {
435cce27 DM	246	me.url = '/api2/extjs' + me.base_url;
	247	me.method = 'POST';
	248	} else {
	249	me.url = '/api2/extjs' + me.base_url + '/' + me.rule_pos.toString();
	250	me.method = 'PUT';
	251	}
	252
	253	var ipanel = Ext.create('PVE.FirewallRulePanel', {
d5e771ce	254	isCreate: me.isCreate,
435cce27 DM	255	list_refs_url: me.list_refs_url,
	256	allow_iface: me.allow_iface,
	257	rule_pos: me.rule_pos
	258	});
	259
	260	Ext.apply(me, {
	261	subject: gettext('Rule'),
	262	isAdd: true,
	263	items: [ ipanel ]
	264	});
	265
	266	me.callParent();
	267
d5e771ce	268	if (!me.isCreate) {
435cce27 DM	269	me.load({
	270	success: function(response, options) {
	271	var values = response.result.data;
	272	ipanel.setValues(values);
	273	if (values.errors) {
	274	var field = me.query('[isFormField][name=modified_marker]')[0];
	275	field.setValue(1);
	276	Ext.Function.defer(function() {
	277	var form = ipanel.up('form').getForm();
a764c5f7	278	form.markInvalid(values.errors);
435cce27 DM	279	}, 100);
	280	}
	281	}
	282	});
330020d2 WL	283	} else if (me.rec) {
330020d2 WL	284	ipanel.setValues(me.rec.data);
435cce27 DM	285	}
	286	}
	287	});
	288
	289	Ext.define('PVE.FirewallGroupRuleEdit', {
	290	extend: 'PVE.window.Edit',
	291
	292	base_url: undefined,
	293
	294	allow_iface: false,
	295
	296	initComponent : function() {
d5e771ce	297
435cce27 DM	298	var me = this;
435cce27 DM	299
d5e771ce	300	me.isCreate = (me.rule_pos === undefined);
435cce27	301
d5e771ce	302	if (me.isCreate) {
435cce27 DM	303	me.url = '/api2/extjs' + me.base_url;
	304	me.method = 'POST';
	305	} else {
	306	me.url = '/api2/extjs' + me.base_url + '/' + me.rule_pos.toString();
	307	me.method = 'PUT';
	308	}
	309
	310	var column1 = [
	311	{
	312	xtype: 'hiddenfield',
	313	name: 'type',
	314	value: 'group'
	315	},
	316	{
	317	xtype: 'pveSecurityGroupsSelector',
	318	name: 'action',
	319	value: '',
	320	fieldLabel: gettext('Security Group'),
	321	allowBlank: false
	322	}
	323	];
	324
	325	if (me.allow_iface) {
	326	column1.push({
	327	xtype: 'pvetextfield',
	328	name: 'iface',
d5e771ce	329	deleteEmpty: !me.isCreate,
435cce27 DM	330	value: '',
	331	fieldLabel: gettext('Interface')
	332	});
	333	}
	334
	335	var ipanel = Ext.create('PVE.panel.InputPanel', {
d5e771ce	336	isCreate: me.isCreate,
435cce27 DM	337	column1: column1,
	338	column2: [
	339	{
	340	xtype: 'pvecheckbox',
	341	name: 'enable',
	342	checked: false,
435cce27 DM	343	uncheckedValue: 0,
	344	fieldLabel: gettext('Enable')
	345	}
	346	],
	347	columnB: [
	348	{
	349	xtype: 'textfield',
	350	name: 'comment',
	351	value: '',
	352	fieldLabel: gettext('Comment')
	353	}
	354	]
	355	});
	356
	357	Ext.apply(me, {
	358	subject: gettext('Rule'),
	359	isAdd: true,
	360	items: [ ipanel ]
	361	});
	362
	363	me.callParent();
	364
d5e771ce	365	if (!me.isCreate) {
435cce27 DM	366	me.load({
	367	success: function(response, options) {
	368	var values = response.result.data;
	369	ipanel.setValues(values);
	370	}
	371	});
	372	}
	373	}
	374	});
	375
	376	Ext.define('PVE.FirewallRules', {
	377	extend: 'Ext.grid.Panel',
	378	alias: 'widget.pveFirewallRules',
	379
ba93a9c6 DC	380	onlineHelp: 'chapter_pve_firewall',
ba93a9c6 DC	381
123e1c80 DC	382	stateful: true,
	383	stateId: 'grid-firewall-rules',
	384
435cce27 DM	385	base_url: undefined,
	386	list_refs_url: undefined,
	387
	388	addBtn: undefined,
	389	removeBtn: undefined,
	390	editBtn: undefined,
	391	groupBtn: undefined,
	392
	393	tbar_prefix: undefined,
	394
	395	allow_groups: true,
	396	allow_iface: false,
	397
	398	setBaseUrl: function(url) {
	399	var me = this;
	400
	401	me.base_url = url;
	402
	403	if (url === undefined) {
	404	me.addBtn.setDisabled(true);
	405	if (me.groupBtn) {
	406	me.groupBtn.setDisabled(true);
	407	}
	408	me.store.removeAll();
	409	} else {
	410	me.addBtn.setDisabled(false);
	411	if (me.groupBtn) {
	412	me.groupBtn.setDisabled(false);
	413	}
	414	me.store.setProxy({
	415	type: 'pve',
	416	url: '/api2/json' + url
	417	});
	418
	419	me.store.load();
	420	}
	421	},
	422
	423	moveRule: function(from, to) {
	424	var me = this;
	425
	426	if (!me.base_url) {
	427	return;
	428	}
	429
	430	PVE.Utils.API2Request({
	431	url: me.base_url + "/" + from,
	432	method: 'PUT',
	433	params: { moveto: to },
	434	waitMsgTarget: me,
	435	failure: function(response, options) {
	436	Ext.Msg.alert(gettext('Error'), response.htmlStatus);
	437	},
	438	callback: function() {
	439	me.store.load();
	440	}
	441	});
	442	},
	443
	444	updateRule: function(rule) {
	445	var me = this;
	446
	447	if (!me.base_url) {
	448	return;
449	}
450
451	rule.enable = rule.enable ? 1 : 0;
452
453	var pos = rule.pos;
454	delete rule.pos;
455	delete rule.errors;
456
457	PVE.Utils.API2Request({
458	url: me.base_url + '/' + pos.toString(),
459	method: 'PUT',
460	params: rule,
461	waitMsgTarget: me,
462	failure: function(response, options) {
463	Ext.Msg.alert(gettext('Error'), response.htmlStatus);
464	},
465	callback: function() {
466	me.store.load();
467	}
468	});
469	},
470
471	deleteRule: function(rule) {
472	var me = this;
473
474	if (!me.base_url) {
475	return;
476	}
477
478	PVE.Utils.API2Request({
479	url: me.base_url + '/' + rule.pos.toString() +
480	'?digest=' + encodeURIComponent(rule.digest),
481	method: 'DELETE',
482	waitMsgTarget: me,
483	failure: function(response, options) {
484	Ext.Msg.alert(gettext('Error'), response.htmlStatus);
485	},
486	callback: function() {
487	me.store.load();
488	}
489	});
490	},
491
492	initComponent: function() {
493	/jslint confusion: true /
494	var me = this;
495
496	if (!me.list_refs_url) {
497	throw "no list_refs_url specified";
498	}
499
f3578e26	500	var store = Ext.create('Ext.data.Store',{
435cce27 DM	501	model: 'pve-fw-rule'
	502	});
	503
	504	var reload = function() {
	505	store.load();
	506	};
	507
	508	var sm = Ext.create('Ext.selection.RowModel', {});
	509
	510	var run_editor = function() {
	511	var rec = sm.getSelection()[0];
	512	if (!rec) {
	513	return;
	514	}
	515	var type = rec.data.type;
	516
	517	var editor;
	518	if (type === 'in' \|\| type === 'out') {
	519	editor = 'PVE.FirewallRuleEdit';
	520	} else if (type === 'group') {
	521	editor = 'PVE.FirewallGroupRuleEdit';
	522	} else {
	523	return;
	524	}
	525
	526	var win = Ext.create(editor, {
	527	digest: rec.data.digest,
	528	allow_iface: me.allow_iface,
	529	base_url: me.base_url,
	530	list_refs_url: me.list_refs_url,
	531	rule_pos: rec.data.pos
	532	});
	533
	534	win.show();
	535	win.on('destroy', reload);
	536	};
	537
f3578e26	538	me.editBtn = Ext.create('PVE.button.Button',{
435cce27 DM	539	text: gettext('Edit'),
	540	disabled: true,
	541	selModel: sm,
	542	handler: run_editor
	543	});
	544
	545	me.addBtn = Ext.create('Ext.Button', {
	546	text: gettext('Add'),
	547	disabled: true,
	548	handler: function() {
	549	var win = Ext.create('PVE.FirewallRuleEdit', {
	550	allow_iface: me.allow_iface,
	551	base_url: me.base_url,
	552	list_refs_url: me.list_refs_url
	553	});
	554	win.on('destroy', reload);
	555	win.show();
	556	}
	557	});
	558
330020d2 WL	559	var run_copy_editor = function() {
	560	var rec = sm.getSelection()[0];
	561
	562	if (!rec) {
	563	return;
	564	}
	565	var type = rec.data.type;
	566
	567
	568	if (!(type === 'in' \|\| type === 'out')) {
	569	return;
	570	}
	571
	572	var win = Ext.create('PVE.FirewallRuleEdit', {
	573	allow_iface: me.allow_iface,
	574	base_url: me.base_url,
	575	list_refs_url: me.list_refs_url,
5eff07f7	576	rec: rec
330020d2 WL	577	});
	578
	579	win.show();
	580	win.on('destroy', reload);
	581	};
	582
	583	me.copyBtn = Ext.create('PVE.button.Button',{
	584	text: gettext('Copy'),
	585	selModel: sm,
03375edf DC	586	enableFn: function(rec) {
	587	return (rec.data.type === 'in' \|\| rec.data.type === 'out');
	588	},
330020d2	589	disabled: true,
5eff07f7	590	handler: run_copy_editor
330020d2 WL	591	});
330020d2 WL	592
435cce27 DM	593	if (me.allow_groups) {
	594	me.groupBtn = Ext.create('Ext.Button', {
	595	text: gettext('Insert') + ': ' +
	596	gettext('Security Group'),
	597	disabled: true,
	598	handler: function() {
	599	var win = Ext.create('PVE.FirewallGroupRuleEdit', {
	600	allow_iface: me.allow_iface,
	601	base_url: me.base_url
	602	});
	603	win.on('destroy', reload);
	604	win.show();
	605	}
	606	});
	607	}
	608
f3578e26	609	me.removeBtn = Ext.create('PVE.button.Button',{
435cce27 DM	610	text: gettext('Remove'),
	611	selModel: sm,
	612	disabled: true,
	613	handler: function() {
	614	var rec = sm.getSelection()[0];
	615	if (!rec) {
	616	return;
	617	}
	618	me.deleteRule(rec.data);
	619	}
	620	});
	621
	622	var tbar = me.tbar_prefix ? [ me.tbar_prefix ] : [];
330020d2	623	tbar.push(me.addBtn, me.copyBtn);
435cce27 DM	624	if (me.groupBtn) {
	625	tbar.push(me.groupBtn);
	626	}
fa94a977	627	tbar.push(me.removeBtn, me.editBtn);
435cce27 DM	628
	629	var render_errors = function(name, value, metaData, record) {
	630	var errors = record.data.errors;
	631	if (errors && errors[name]) {
c0f75e23	632	metaData.tdCls = 'pve-invalid-row';
435cce27 DM	633	var html = '<p>' + Ext.htmlEncode(errors[name]) + '</p>';
	634	metaData.tdAttr = 'data-qwidth=600 data-qtitle="ERROR" data-qtip="' +
	635	html.replace(/\"/g,'"') + '"';
	636	}
	637	return value;
	638	};
	639
	640	var columns = [
	641	{
	642	// similar to xtype: 'rownumberer',
	643	dataIndex: 'pos',
	644	resizable: false,
	645	width: 23,
	646	sortable: false,
	647	align: 'right',
	648	hideable: false,
	649	menuDisabled: true,
	650	renderer: function(value, metaData, record, rowIdx, colIdx, store) {
	651	metaData.tdCls = Ext.baseCSSPrefix + 'grid-cell-special';
	652	if (value >= 0) {
	653	return value;
	654	}
	655	return '';
	656	}
	657	},
	658	{
	659	xtype: 'checkcolumn',
	660	header: gettext('Enable'),
	661	dataIndex: 'enable',
	662	listeners: {
7a4c3133 EK	663	checkchange: function(column, recordIndex, checked) {
7a4c3133 EK	664	var record = me.getStore().getData().items[recordIndex];
435cce27 DM	665	record.commit();
435cce27 DM	666	var data = {};
7a4c3133	667	Ext.Array.forEach(record.getFields(), function(field) {
435cce27 DM	668	data[field.name] = record.get(field.name);
	669	});
	670	if (!me.allow_iface \|\| !data.iface) {
	671	delete data.iface;
	672	}
	673	me.updateRule(data);
	674	}
	675	},
	676	width: 50
	677	},
	678	{
	679	header: gettext('Type'),
	680	dataIndex: 'type',
	681	renderer: function(value, metaData, record) {
	682	return render_errors('type', value, metaData, record);
	683	},
	684	width: 50
	685	},
	686	{
	687	header: gettext('Action'),
	688	dataIndex: 'action',
	689	renderer: function(value, metaData, record) {
	690	return render_errors('action', value, metaData, record);
	691	},
	692	width: 80
	693	},
	694	{
	695	header: gettext('Macro'),
	696	dataIndex: 'macro',
	697	renderer: function(value, metaData, record) {
	698	return render_errors('macro', value, metaData, record);
	699	},
	700	width: 80
	701	}
	702	];
	703
	704	if (me.allow_iface) {
	705	columns.push({
	706	header: gettext('Interface'),
	707	dataIndex: 'iface',
	708	renderer: function(value, metaData, record) {
	709	return render_errors('iface', value, metaData, record);
	710	},
	711	width: 80
	712	});
	713	}
	714
fa94a977	715	columns.push(
435cce27 DM	716	{
	717	header: gettext('Source'),
	718	dataIndex: 'source',
	719	renderer: function(value, metaData, record) {
	720	return render_errors('source', value, metaData, record);
	721	},
	722	width: 100
	723	},
	724	{
	725	header: gettext('Destination'),
	726	dataIndex: 'dest',
	727	renderer: function(value, metaData, record) {
	728	return render_errors('dest', value, metaData, record);
	729	},
	730	width: 100
	731	},
	732	{
	733	header: gettext('Protocol'),
	734	dataIndex: 'proto',
	735	renderer: function(value, metaData, record) {
	736	return render_errors('proto', value, metaData, record);
	737	},
	738	width: 100
	739	},
	740	{
	741	header: gettext('Dest. port'),
	742	dataIndex: 'dport',
	743	renderer: function(value, metaData, record) {
	744	return render_errors('dport', value, metaData, record);
	745	},
	746	width: 100
	747	},
	748	{
	749	header: gettext('Source port'),
	750	dataIndex: 'sport',
	751	renderer: function(value, metaData, record) {
	752	return render_errors('sport', value, metaData, record);
	753	},
	754	width: 100
	755	},
	756	{
	757	header: gettext('Comment'),
	758	dataIndex: 'comment',
	759	flex: 1,
	760	renderer: function(value, metaData, record) {
	761	return render_errors('comment', Ext.util.Format.htmlEncode(value), metaData, record);
	762	}
	763	}
fa94a977	764	);
435cce27 DM	765
	766	Ext.apply(me, {
	767	store: store,
	768	selModel: sm,
	769	tbar: tbar,
	770	viewConfig: {
	771	plugins: [
	772	{
	773	ptype: 'gridviewdragdrop',
	774	dragGroup: 'FWRuleDDGroup',
	775	dropGroup: 'FWRuleDDGroup'
	776	}
	777	],
	778	listeners: {
	779	beforedrop: function(node, data, dropRec, dropPosition) {
	780	if (!dropRec) {
	781	return false; // empty view
	782	}
	783	var moveto = dropRec.get('pos');
	784	if (dropPosition === 'after') {
	785	moveto++;
	786	}
	787	var pos = data.records[0].get('pos');
	788	me.moveRule(pos, moveto);
	789	return 0;
	790	},
	791	itemdblclick: run_editor
	792	}
	793	},
	794	sortableColumns: false,
	795	columns: columns
	796	});
	797
	798	me.callParent();
	799
	800	if (me.base_url) {
	801	me.setBaseUrl(me.base_url); // load
	802	}
	803	}
	804	}, function() {
	805
	806	Ext.define('pve-fw-rule', {
	807	extend: 'Ext.data.Model',
	808	fields: [ { name: 'enable', type: 'boolean' },
	809	'type', 'action', 'macro', 'source', 'dest', 'proto', 'iface',
	810	'dport', 'sport', 'comment', 'pos', 'digest', 'errors' ],
	811	idProperty: 'pos'
	812	});
	813
	814	});