]> git.proxmox.com Git - pve-storage.git/blob - PVE/API2/Storage/Config.pm
projects / pve-storage.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
api: storage create/update: return parts of the configuration
[pve-storage.git] / PVE / API2 / Storage / Config.pm
1 package PVE::API2::Storage::Config;
2
3 use strict;
4 use warnings;
5
6 use PVE::SafeSyslog;
7 use PVE::Tools qw(extract_param);
8 use PVE::Cluster qw(cfs_read_file cfs_write_file);
9 use PVE::Storage;
10 use PVE::Storage::Plugin;
11 use PVE::Storage::LVMPlugin;
12 use PVE::Storage::CIFSPlugin;
13 use HTTP::Status qw(:constants);
14 use Storable qw(dclone);
15 use PVE::JSONSchema qw(get_standard_option);
16 use PVE::RPCEnvironment;
17
18 use PVE::RESTHandler;
19
20 use base qw(PVE::RESTHandler);
21
22 my @ctypes = qw(images vztmpl iso backup);
23
24 my $storage_type_enum = PVE::Storage::Plugin->lookup_types();
25
26 my $api_storage_config = sub {
27 my ($cfg, $storeid) = @_;
28
29 my $scfg = dclone(PVE::Storage::storage_config($cfg, $storeid));
30 $scfg->{storage} = $storeid;
31 $scfg->{digest} = $cfg->{digest};
32 $scfg->{content} = PVE::Storage::Plugin->encode_value($scfg->{type}, 'content', $scfg->{content});
33
34 if ($scfg->{nodes}) {
35 $scfg->{nodes} = PVE::Storage::Plugin->encode_value($scfg->{type}, 'nodes', $scfg->{nodes});
36 }
37
38 return $scfg;
39 };
40
41 __PACKAGE__->register_method ({
42 name => 'index',
43 path => '',
44 method => 'GET',
45 description => "Storage index.",
46 permissions => {
47 description => "Only list entries where you have 'Datastore.Audit' or 'Datastore.AllocateSpace' permissions on '/storage/<storage>'",
48 user => 'all',
49 },
50 parameters => {
51 additionalProperties => 0,
52 properties => {
53 type => {
54 description => "Only list storage of specific type",
55 type => 'string',
56 enum => $storage_type_enum,
57 optional => 1,
58 },
59 },
60 },
61 returns => {
62 type => 'array',
63 items => {
64 type => "object",
65 properties => { storage => { type => 'string'} },
66 },
67 links => [ { rel => 'child', href => "{storage}" } ],
68 },
69 code => sub {
70 my ($param) = @_;
71
72 my $rpcenv = PVE::RPCEnvironment::get();
73 my $authuser = $rpcenv->get_user();
74
75 my $cfg = PVE::Storage::config();
76
77 my @sids = PVE::Storage::storage_ids($cfg);
78
79 my $res = [];
80 foreach my $storeid (@sids) {
81 my $privs = [ 'Datastore.Audit', 'Datastore.AllocateSpace' ];
82 next if !$rpcenv->check_any($authuser, "/storage/$storeid", $privs, 1);
83
84 my $scfg = &$api_storage_config($cfg, $storeid);
85 next if $param->{type} && $param->{type} ne $scfg->{type};
86 push @$res, $scfg;
87 }
88
89 return $res;
90 }});
91
92 __PACKAGE__->register_method ({
93 name => 'read',
94 path => '{storage}',
95 method => 'GET',
96 description => "Read storage configuration.",
97 permissions => {
98 check => ['perm', '/storage/{storage}', ['Datastore.Allocate']],
99 },
100 parameters => {
101 additionalProperties => 0,
102 properties => {
103 storage => get_standard_option('pve-storage-id'),
104 },
105 },
106 returns => { type => 'object' },
107 code => sub {
108 my ($param) = @_;
109
110 my $cfg = PVE::Storage::config();
111
112 return &$api_storage_config($cfg, $param->{storage});
113 }});
114
115 my sub extract_sensitive_params :prototype($$) {
116 my ($param, $delete_list) = @_;
117
118 my $sensitive;
119
120 my %delete = map { $_ => 1 } ($delete_list || [])->@*;
121
122 # always extract pw and keys, so they don't get written to the www-data readable scfg
123 for my $opt (qw(password encryption-key)) {
124 # First handle deletions as explicitly setting `undef`, afterwards new values may override
125 # it.
126 if (exists($delete{$opt})) {
127 $sensitive->{$opt} = undef;
128 }
129
130 if (defined(my $value = extract_param($param, $opt))) {
131 $sensitive->{$opt} = $value;
132 }
133 }
134
135 return $sensitive;
136 }
137
138 __PACKAGE__->register_method ({
139 name => 'create',
140 protected => 1,
141 path => '',
142 method => 'POST',
143 description => "Create a new storage.",
144 permissions => {
145 check => ['perm', '/storage', ['Datastore.Allocate']],
146 },
147 parameters => PVE::Storage::Plugin->createSchema(),
148 returns => {
149 type => 'object',
150 properties => {
151 storage => {
152 description => "The ID of the created storage.",
153 type => 'string',
154 },
155 type => {
156 description => "The type of the created storage.",
157 type => 'string',
158 enum => $storage_type_enum,
159 },
160 config => {
161 description => "Partial, possible server generated, configuration properties.",
162 type => 'object',
163 optional => 1,
164 additionalProperties => 1,
165 properties => {
166 'encryption-key' => {
167 description => "The, possible auto-generated, encryption-key.",
168 optional => 1,
169 type => 'string',
170 },
171 },
172 },
173 },
174 },
175 code => sub {
176 my ($param) = @_;
177
178 my $type = extract_param($param, 'type');
179 my $storeid = extract_param($param, 'storage');
180
181 # revent an empty nodelist.
182 # fix me in section config create never need an empty entity.
183 delete $param->{nodes} if !$param->{nodes};
184
185 my $sensitive = extract_sensitive_params($param, []);
186
187 my $plugin = PVE::Storage::Plugin->lookup($type);
188 my $opts = $plugin->check_config($storeid, $param, 1, 1);
189
190 my $returned_config;
191 PVE::Storage::lock_storage_config(sub {
192 my $cfg = PVE::Storage::config();
193
194 if (my $scfg = PVE::Storage::storage_config($cfg, $storeid, 1)) {
195 die "storage ID '$storeid' already defined\n";
196 }
197
198 $cfg->{ids}->{$storeid} = $opts;
199
200 $returned_config = $plugin->on_add_hook($storeid, $opts, %$sensitive);
201
202 eval {
203 # try to activate if enabled on local node,
204 # we only do this to detect errors/problems sooner
205 if (PVE::Storage::storage_check_enabled($cfg, $storeid, undef, 1)) {
206 PVE::Storage::activate_storage($cfg, $storeid);
207 }
208 };
209 if (my $err = $@) {
210 eval { $plugin->on_delete_hook($storeid, $opts) };
211 warn "$@\n" if $@;
212 die $err;
213 }
214
215 PVE::Storage::write_config($cfg);
216
217 }, "create storage failed");
218
219 my $res = {
220 storage => $storeid,
221 type => $type,
222 };
223 $res->{config} = $returned_config if $returned_config;
224 return $res;
225 }});
226
227 __PACKAGE__->register_method ({
228 name => 'update',
229 protected => 1,
230 path => '{storage}',
231 method => 'PUT',
232 description => "Update storage configuration.",
233 permissions => {
234 check => ['perm', '/storage', ['Datastore.Allocate']],
235 },
236 parameters => PVE::Storage::Plugin->updateSchema(),
237 returns => {
238 type => 'object',
239 properties => {
240 storage => {
241 description => "The ID of the created storage.",
242 type => 'string',
243 },
244 type => {
245 description => "The type of the created storage.",
246 type => 'string',
247 enum => $storage_type_enum,
248 },
249 config => {
250 description => "Partial, possible server generated, configuration properties.",
251 type => 'object',
252 optional => 1,
253 additionalProperties => 1,
254 properties => {
255 'encryption-key' => {
256 description => "The, possible auto-generated, encryption-key.",
257 optional => 1,
258 type => 'string',
259 },
260 },
261 },
262 },
263 },
264 code => sub {
265 my ($param) = @_;
266
267 my $storeid = extract_param($param, 'storage');
268 my $digest = extract_param($param, 'digest');
269 my $delete = extract_param($param, 'delete');
270 my $type;
271
272 if ($delete) {
273 $delete = [ PVE::Tools::split_list($delete) ];
274 }
275
276 my $returned_config;
277 PVE::Storage::lock_storage_config(sub {
278 my $cfg = PVE::Storage::config();
279
280 PVE::SectionConfig::assert_if_modified($cfg, $digest);
281
282 my $scfg = PVE::Storage::storage_config($cfg, $storeid);
283 $type = $scfg->{type};
284
285 my $sensitive = extract_sensitive_params($param, $delete);
286
287 my $plugin = PVE::Storage::Plugin->lookup($type);
288 my $opts = $plugin->check_config($storeid, $param, 0, 1);
289
290 if ($delete) {
291 my $options = $plugin->private()->{options}->{$type};
292 foreach my $k (@$delete) {
293 my $d = $options->{$k} || die "no such option '$k'\n";
294 die "unable to delete required option '$k'\n" if !$d->{optional};
295 die "unable to delete fixed option '$k'\n" if $d->{fixed};
296 die "cannot set and delete property '$k' at the same time!\n"
297 if defined($opts->{$k});
298
299 delete $scfg->{$k};
300 }
301 }
302
303 $returned_config = $plugin->on_update_hook($storeid, $opts, %$sensitive);
304
305 for my $k (keys %$opts) {
306 $scfg->{$k} = $opts->{$k};
307 }
308
309 PVE::Storage::write_config($cfg);
310
311 }, "update storage failed");
312
313 my $res = {
314 storage => $storeid,
315 type => $type,
316 };
317 $res->{config} = $returned_config if $returned_config;
318 return $res;
319 }});
320
321 __PACKAGE__->register_method ({
322 name => 'delete',
323 protected => 1,
324 path => '{storage}', # /storage/config/{storage}
325 method => 'DELETE',
326 description => "Delete storage configuration.",
327 permissions => {
328 check => ['perm', '/storage', ['Datastore.Allocate']],
329 },
330 parameters => {
331 additionalProperties => 0,
332 properties => {
333 storage => get_standard_option('pve-storage-id', {
334 completion => \&PVE::Storage::complete_storage,
335 }),
336 },
337 },
338 returns => { type => 'null' },
339 code => sub {
340 my ($param) = @_;
341
342 my $storeid = extract_param($param, 'storage');
343
344 PVE::Storage::lock_storage_config(sub {
345 my $cfg = PVE::Storage::config();
346
347 my $scfg = PVE::Storage::storage_config($cfg, $storeid);
348
349 die "can't remove storage - storage is used as base of another storage\n"
350 if PVE::Storage::storage_is_used($cfg, $storeid);
351
352 my $plugin = PVE::Storage::Plugin->lookup($scfg->{type});
353
354 $plugin->on_delete_hook($storeid, $scfg);
355
356 delete $cfg->{ids}->{$storeid};
357
358 PVE::Storage::write_config($cfg);
359
360 }, "delete storage failed");
361
362 PVE::AccessControl::remove_storage_access($storeid);
363
364 return undef;
365 }});
366
367 1;
Storage library