[pve-network.git] / PVE / API2 / Network / SDN / Vnets.pm

package PVE::API2::Network::SDN::Vnets;

use strict;
use warnings;

use PVE::SafeSyslog;
use PVE::Tools qw(extract_param);
use PVE::Cluster qw(cfs_read_file cfs_write_file);
use PVE::Network::SDN;
use PVE::Network::SDN::Zones;
use PVE::Network::SDN::Zones::Plugin;
use PVE::Network::SDN::Vnets;
use PVE::Network::SDN::VnetPlugin;

use Storable qw(dclone);
use PVE::JSONSchema qw(get_standard_option);
use PVE::RPCEnvironment;

use PVE::RESTHandler;

use base qw(PVE::RESTHandler);

my $api_sdn_vnets_config = sub {
    my ($cfg, $id) = @_;

    my $scfg = dclone(PVE::Network::SDN::Vnets::sdn_vnets_config($cfg, $id));
    $scfg->{vnet} = $id;
    $scfg->{digest} = $cfg->{digest};

    return $scfg;
};

__PACKAGE__->register_method ({
    name => 'index',
    path => '',
    method => 'GET',
    description => "SDN vnets index.",
    permissions => {
	description => "Only list entries where you have 'SDN.Audit' or 'SDN.Allocate' permissions on '/sdn/vnets/<vnet>'",
	user => 'all',
    },
    parameters => {
    	additionalProperties => 0,
    },
    returns => {
	type => 'array',
	items => {
	    type => "object",
	    properties => {},
	},
	links => [ { rel => 'child', href => "{vnet}" } ],
    },
    code => sub {
	my ($param) = @_;

	my $rpcenv = PVE::RPCEnvironment::get();
	my $authuser = $rpcenv->get_user();


	my $cfg = PVE::Network::SDN::Vnets::config();

	my @sids = PVE::Network::SDN::Vnets::sdn_vnets_ids($cfg);
	my $res = [];
	foreach my $id (@sids) {
	    my $privs = [ 'SDN.Audit', 'SDN.Allocate' ];
	    next if !$rpcenv->check_any($authuser, "/sdn/vnets/$id", $privs, 1);

	    my $scfg = &$api_sdn_vnets_config($cfg, $id);
	    push @$res, $scfg;
	}

	return $res;
    }});

__PACKAGE__->register_method ({
    name => 'read',
    path => '{vnet}',
    method => 'GET',
    description => "Read sdn vnet configuration.",
    permissions => {
	check => ['perm', '/sdn/vnets/{vnet}', ['SDN.Allocate']],
   },

    parameters => {
        additionalProperties => 0,
        properties => {
            vnet => get_standard_option('pve-sdn-vnet-id', {
                completion => \&PVE::Network::SDN::Vnets::complete_sdn_vnets,
            }),
        },
    },
    returns => { type => 'object' },
    code => sub {
	my ($param) = @_;

	my $cfg = PVE::Network::SDN::Vnets::config();

	return &$api_sdn_vnets_config($cfg, $param->{vnet});
    }});

__PACKAGE__->register_method ({
    name => 'create',
    protected => 1,
    path => '',
    method => 'POST',
    description => "Create a new sdn vnet object.",
    permissions => {
	check => ['perm', '/sdn/vnets', ['SDN.Allocate']],
    },
    parameters => PVE::Network::SDN::VnetPlugin->createSchema(),
    returns => { type => 'null' },
    code => sub {
	my ($param) = @_;

	my $type = extract_param($param, 'type');
	my $id = extract_param($param, 'vnet');

        # create /etc/pve/sdn directory
        PVE::Cluster::check_cfs_quorum();
        mkdir("/etc/pve/sdn");

        PVE::Network::SDN::lock_sdn_config(
	    sub {

		my $cfg = PVE::Network::SDN::Vnets::config();
		my $opts = PVE::Network::SDN::VnetPlugin->check_config($id, $param, 1, 1);

		my $scfg = undef;
		if ($scfg = PVE::Network::SDN::Vnets::sdn_vnets_config($cfg, $id, 1)) {
		    die "sdn vnet object ID '$id' already defined\n";
		}

		$cfg->{ids}->{$id} = $opts;

		my $zone_cfg = PVE::Network::SDN::Zones::config();
		my $zoneid = $cfg->{ids}->{$id}->{zone};
		my $plugin_config = $zone_cfg->{ids}->{$zoneid};
		my $plugin = PVE::Network::SDN::Zones::Plugin->lookup($plugin_config->{type});
		$plugin->verify_tag($opts->{tag});

		PVE::Network::SDN::VnetPlugin->on_update_hook($id, $cfg);

		PVE::Network::SDN::Vnets::write_config($cfg);

		PVE::Network::SDN::increase_version();


	    }, "create sdn vnet object failed");

	return undef;
    }});

__PACKAGE__->register_method ({
    name => 'update',
    protected => 1,
    path => '{vnet}',
    method => 'PUT',
    description => "Update sdn vnet object configuration.",
    permissions => {
	check => ['perm', '/sdn/vnets', ['SDN.Allocate']],
    },
    parameters => PVE::Network::SDN::VnetPlugin->updateSchema(),
    returns => { type => 'null' },
    code => sub {
	my ($param) = @_;

	my $id = extract_param($param, 'vnet');
	my $digest = extract_param($param, 'digest');

        PVE::Network::SDN::lock_sdn_config(
	 sub {

	    my $cfg = PVE::Network::SDN::Vnets::config();

	    PVE::SectionConfig::assert_if_modified($cfg, $digest);

	    my $opts = PVE::Network::SDN::VnetPlugin->check_config($id, $param, 0, 1);
	    $cfg->{ids}->{$id} = $opts;

	    my $zone_cfg = PVE::Network::SDN::Zones::config();
	    my $zoneid = $cfg->{ids}->{$id}->{zone};
            my $plugin_config = $zone_cfg->{ids}->{$zoneid};
            my $plugin = PVE::Network::SDN::Zones::Plugin->lookup($plugin_config->{type});
	    $plugin->verify_tag($opts->{tag});
 
	    PVE::Network::SDN::VnetPlugin->on_update_hook($id, $cfg);

	    PVE::Network::SDN::Vnets::write_config($cfg);

	    PVE::Network::SDN::increase_version();

	    }, "update sdn vnet object failed");

	return undef;
    }});

__PACKAGE__->register_method ({
    name => 'delete',
    protected => 1,
    path => '{vnet}',
    method => 'DELETE',
    description => "Delete sdn vnet object configuration.",
    permissions => {
	check => ['perm', '/sdn/vnets', ['SDN.Allocate']],
    },
    parameters => {
    	additionalProperties => 0,
	properties => {
	    vnet => get_standard_option('pve-sdn-vnet-id', {
                completion => \&PVE::Network::SDN::Vnets::complete_sdn_vnets,
            }),
	},
    },
    returns => { type => 'null' },
    code => sub {
	my ($param) = @_;

	my $id = extract_param($param, 'vnet');

        PVE::Network::SDN::lock_sdn_config(
	    sub {

		my $cfg = PVE::Network::SDN::Vnets::config();

		my $scfg = PVE::Network::SDN::Vnets::sdn_vnets_config($cfg, $id);

		my $vnet_cfg = PVE::Network::SDN::Vnets::config();

		PVE::Network::SDN::VnetPlugin->on_delete_hook($id, $vnet_cfg);

		delete $cfg->{ids}->{$id};
		PVE::Network::SDN::Vnets::write_config($cfg);

		PVE::Network::SDN::increase_version();

	    }, "delete sdn vnet object failed");


	return undef;
    }});

1;
Commit	Line	Data
4140be9e AD	1	package PVE::API2::Network::SDN::Vnets;
	2
	3	use strict;
	4	use warnings;
	5
	6	use PVE::SafeSyslog;
	7	use PVE::Tools qw(extract_param);
	8	use PVE::Cluster qw(cfs_read_file cfs_write_file);
f9bc9640	9	use PVE::Network::SDN;
1d44ce70 AD	10	use PVE::Network::SDN::Zones;
1d44ce70 AD	11	use PVE::Network::SDN::Zones::Plugin;
4140be9e AD	12	use PVE::Network::SDN::Vnets;
	13	use PVE::Network::SDN::VnetPlugin;
	14
	15	use Storable qw(dclone);
	16	use PVE::JSONSchema qw(get_standard_option);
	17	use PVE::RPCEnvironment;
	18
	19	use PVE::RESTHandler;
	20
	21	use base qw(PVE::RESTHandler);
	22
	23	my $api_sdn_vnets_config = sub {
	24	my ($cfg, $id) = @_;
	25
	26	my $scfg = dclone(PVE::Network::SDN::Vnets::sdn_vnets_config($cfg, $id));
	27	$scfg->{vnet} = $id;
	28	$scfg->{digest} = $cfg->{digest};
	29
	30	return $scfg;
	31	};
	32
	33	__PACKAGE__->register_method ({
	34	name => 'index',
	35	path => '',
	36	method => 'GET',
	37	description => "SDN vnets index.",
	38	permissions => {
3551b612	39	description => "Only list entries where you have 'SDN.Audit' or 'SDN.Allocate' permissions on '/sdn/vnets/<vnet>'",
4140be9e AD	40	user => 'all',
	41	},
	42	parameters => {
	43	additionalProperties => 0,
	44	},
	45	returns => {
	46	type => 'array',
	47	items => {
	48	type => "object",
	49	properties => {},
	50	},
	51	links => [ { rel => 'child', href => "{vnet}" } ],
	52	},
	53	code => sub {
	54	my ($param) = @_;
	55
	56	my $rpcenv = PVE::RPCEnvironment::get();
	57	my $authuser = $rpcenv->get_user();
	58
	59
	60	my $cfg = PVE::Network::SDN::Vnets::config();
	61
	62	my @sids = PVE::Network::SDN::Vnets::sdn_vnets_ids($cfg);
	63	my $res = [];
	64	foreach my $id (@sids) {
3551b612 AD	65	my $privs = [ 'SDN.Audit', 'SDN.Allocate' ];
3551b612 AD	66	next if !$rpcenv->check_any($authuser, "/sdn/vnets/$id", $privs, 1);
4140be9e AD	67
	68	my $scfg = &$api_sdn_vnets_config($cfg, $id);
	69	push @$res, $scfg;
	70	}
	71
	72	return $res;
	73	}});
	74
	75	__PACKAGE__->register_method ({
	76	name => 'read',
	77	path => '{vnet}',
	78	method => 'GET',
	79	description => "Read sdn vnet configuration.",
3551b612 AD	80	permissions => {
	81	check => ['perm', '/sdn/vnets/{vnet}', ['SDN.Allocate']],
	82	},
4140be9e AD	83
	84	parameters => {
	85	additionalProperties => 0,
	86	properties => {
	87	vnet => get_standard_option('pve-sdn-vnet-id', {
	88	completion => \&PVE::Network::SDN::Vnets::complete_sdn_vnets,
	89	}),
	90	},
	91	},
	92	returns => { type => 'object' },
	93	code => sub {
	94	my ($param) = @_;
	95
	96	my $cfg = PVE::Network::SDN::Vnets::config();
	97
	98	return &$api_sdn_vnets_config($cfg, $param->{vnet});
	99	}});
	100
	101	__PACKAGE__->register_method ({
	102	name => 'create',
	103	protected => 1,
	104	path => '',
	105	method => 'POST',
	106	description => "Create a new sdn vnet object.",
3551b612 AD	107	permissions => {
	108	check => ['perm', '/sdn/vnets', ['SDN.Allocate']],
	109	},
4140be9e AD	110	parameters => PVE::Network::SDN::VnetPlugin->createSchema(),
	111	returns => { type => 'null' },
	112	code => sub {
	113	my ($param) = @_;
	114
	115	my $type = extract_param($param, 'type');
	116	my $id = extract_param($param, 'vnet');
	117
45c3f15c AD	118	# create /etc/pve/sdn directory
	119	PVE::Cluster::check_cfs_quorum();
	120	mkdir("/etc/pve/sdn");
	121
f9bc9640	122	PVE::Network::SDN::lock_sdn_config(
4140be9e AD	123	sub {
	124
	125	my $cfg = PVE::Network::SDN::Vnets::config();
	126	my $opts = PVE::Network::SDN::VnetPlugin->check_config($id, $param, 1, 1);
	127
	128	my $scfg = undef;
	129	if ($scfg = PVE::Network::SDN::Vnets::sdn_vnets_config($cfg, $id, 1)) {
	130	die "sdn vnet object ID '$id' already defined\n";
	131	}
	132
	133	$cfg->{ids}->{$id} = $opts;
1d44ce70 AD	134
	135	my $zone_cfg = PVE::Network::SDN::Zones::config();
	136	my $zoneid = $cfg->{ids}->{$id}->{zone};
	137	my $plugin_config = $zone_cfg->{ids}->{$zoneid};
	138	my $plugin = PVE::Network::SDN::Zones::Plugin->lookup($plugin_config->{type});
	139	$plugin->verify_tag($opts->{tag});
	140
4140be9e AD	141	PVE::Network::SDN::VnetPlugin->on_update_hook($id, $cfg);
	142
	143	PVE::Network::SDN::Vnets::write_config($cfg);
	144
f9bc9640 AD	145	PVE::Network::SDN::increase_version();
	146
	147
4140be9e	148	}, "create sdn vnet object failed");
4140be9e AD	149
	150	return undef;
	151	}});
	152
	153	__PACKAGE__->register_method ({
	154	name => 'update',
	155	protected => 1,
	156	path => '{vnet}',
	157	method => 'PUT',
	158	description => "Update sdn vnet object configuration.",
3551b612 AD	159	permissions => {
	160	check => ['perm', '/sdn/vnets', ['SDN.Allocate']],
	161	},
4140be9e AD	162	parameters => PVE::Network::SDN::VnetPlugin->updateSchema(),
	163	returns => { type => 'null' },
	164	code => sub {
	165	my ($param) = @_;
	166
	167	my $id = extract_param($param, 'vnet');
	168	my $digest = extract_param($param, 'digest');
	169
f9bc9640	170	PVE::Network::SDN::lock_sdn_config(
4140be9e AD	171	sub {
	172
	173	my $cfg = PVE::Network::SDN::Vnets::config();
	174
	175	PVE::SectionConfig::assert_if_modified($cfg, $digest);
	176
4140be9e	177	my $opts = PVE::Network::SDN::VnetPlugin->check_config($id, $param, 0, 1);
3834801f	178	$cfg->{ids}->{$id} = $opts;
4140be9e	179
1d44ce70 AD	180	my $zone_cfg = PVE::Network::SDN::Zones::config();
	181	my $zoneid = $cfg->{ids}->{$id}->{zone};
	182	my $plugin_config = $zone_cfg->{ids}->{$zoneid};
	183	my $plugin = PVE::Network::SDN::Zones::Plugin->lookup($plugin_config->{type});
	184	$plugin->verify_tag($opts->{tag});
	185
4140be9e AD	186	PVE::Network::SDN::VnetPlugin->on_update_hook($id, $cfg);
	187
	188	PVE::Network::SDN::Vnets::write_config($cfg);
	189
f9bc9640 AD	190	PVE::Network::SDN::increase_version();
f9bc9640 AD	191
4140be9e AD	192	}, "update sdn vnet object failed");
	193
	194	return undef;
	195	}});
	196
	197	__PACKAGE__->register_method ({
	198	name => 'delete',
	199	protected => 1,
	200	path => '{vnet}',
	201	method => 'DELETE',
	202	description => "Delete sdn vnet object configuration.",
3551b612 AD	203	permissions => {
	204	check => ['perm', '/sdn/vnets', ['SDN.Allocate']],
	205	},
4140be9e AD	206	parameters => {
	207	additionalProperties => 0,
	208	properties => {
	209	vnet => get_standard_option('pve-sdn-vnet-id', {
	210	completion => \&PVE::Network::SDN::Vnets::complete_sdn_vnets,
	211	}),
	212	},
	213	},
	214	returns => { type => 'null' },
	215	code => sub {
	216	my ($param) = @_;
	217
	218	my $id = extract_param($param, 'vnet');
	219
f9bc9640	220	PVE::Network::SDN::lock_sdn_config(
4140be9e AD	221	sub {
	222
	223	my $cfg = PVE::Network::SDN::Vnets::config();
	224
	225	my $scfg = PVE::Network::SDN::Vnets::sdn_vnets_config($cfg, $id);
	226
	227	my $vnet_cfg = PVE::Network::SDN::Vnets::config();
	228
	229	PVE::Network::SDN::VnetPlugin->on_delete_hook($id, $vnet_cfg);
	230
	231	delete $cfg->{ids}->{$id};
	232	PVE::Network::SDN::Vnets::write_config($cfg);
	233
f9bc9640 AD	234	PVE::Network::SDN::increase_version();
f9bc9640 AD	235
4140be9e AD	236	}, "delete sdn vnet object failed");
	237
	238
	239	return undef;
	240	}});
	241
	242	1;