From: Dominik Csapak <d.csapak@proxmox.com>
To: pmg-devel@lists.proxmox.com
Subject: [pmg-devel] [PATCH pmg-api v2 03/10] add objectgroup attributes and/invert
Date: Wed, 21 Feb 2024 13:24:29 +0100 [thread overview]
Message-ID: <20240221122439.1281024-4-d.csapak@proxmox.com> (raw)
In-Reply-To: <20240221122439.1281024-1-d.csapak@proxmox.com>
add a new table Objectgroup_Attributes where we can save additional
attributes for objectgroups (like the Attribut tables for objects).
Adds two new attributes for the groups:
* and
* invert
These will modify the match behaviour for object groups
Add the table to cluster sync, backup and factory reset.
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
---
changes from v1:
* delete attributes on group delete
* add handling to cluster sync, backup and factory reset too
src/PMG/API2/ObjectGroupHelpers.pm | 43 ++++++++-
src/PMG/Backup.pm | 1 +
src/PMG/Cluster.pm | 2 +
src/PMG/DBTools.pm | 16 ++++
src/PMG/RuleDB.pm | 148 ++++++++++++++++++++++-------
5 files changed, 169 insertions(+), 41 deletions(-)
diff --git a/src/PMG/API2/ObjectGroupHelpers.pm b/src/PMG/API2/ObjectGroupHelpers.pm
index 48078fb..a08a6a3 100644
--- a/src/PMG/API2/ObjectGroupHelpers.pm
+++ b/src/PMG/API2/ObjectGroupHelpers.pm
@@ -46,13 +46,29 @@ sub format_object_group {
my $res = [];
foreach my $og (@$ogroups) {
- push @$res, {
- id => $og->{id}, name => $og->{name}, info => $og->{info}
- };
+ my $group = { id => $og->{id}, name => $og->{name}, info => $og->{info} };
+ $group->{and} = $og->{and} if defined($og->{and});
+ $group->{invert} = $og->{invert} if defined($og->{invert});
+ push @$res, $group;
}
return $res;
}
+my $group_attributes = {
+ and => {
+ description => "If set to 1, objects in this group are 'and' combined.",
+ type => 'boolean',
+ default => 0,
+ optional => 1,
+ },
+ invert => {
+ description => "If set to 1, the resulting match is inverted.",
+ type => 'boolean',
+ default => 0,
+ optional => 1,
+ },
+};
+
sub register_group_list_api {
my ($apiclass, $oclass) = @_;
@@ -86,6 +102,11 @@ sub register_group_list_api {
return format_object_group($ogroups);
}});
+ my $additional_parameters = {};
+ if ($oclass =~ /^(?:what|when|who)$/i) {
+ $additional_parameters = { $group_attributes->%* };
+ }
+
$apiclass->register_method({
name => "create_${oclass}_group",
path => $oclass,
@@ -108,6 +129,7 @@ sub register_group_list_api {
maxLength => 255,
optional => 1,
},
+ $additional_parameters->%*,
},
},
returns => { type => 'integer' },
@@ -119,6 +141,10 @@ sub register_group_list_api {
my $og = PMG::RuleDB::Group->new(
$param->{name}, $param->{info} // '', $oclass);
+ for my $prop (qw(and invert)) {
+ $og->{$prop} = $param->{$prop} if defined($param->{$prop});
+ }
+
return $rdb->save_group($og);
}});
}
@@ -199,6 +225,11 @@ sub register_object_group_config_api {
}});
+ my $additional_parameters = {};
+ if ($oclass =~ /^(?:what|when|who)$/i) {
+ $additional_parameters = { $group_attributes->%* };
+ }
+
$apiclass->register_method({
name => 'set_config',
path => $path,
@@ -226,6 +257,7 @@ sub register_object_group_config_api {
maxLength => 255,
optional => 1,
},
+ $additional_parameters->%*,
},
},
returns => { type => "null" },
@@ -243,8 +275,9 @@ sub register_object_group_config_api {
my $og = shift @$list ||
die "$oclass group '$ogroup' not found\n";
- $og->{name} = $param->{name} if defined($param->{name});
- $og->{info} = $param->{info} if defined($param->{info});
+ for my $prop (qw(name info and invert)) {
+ $og->{$prop} = $param->{$prop} if defined($param->{$prop});
+ }
$rdb->save_group($og);
diff --git a/src/PMG/Backup.pm b/src/PMG/Backup.pm
index e41832e..9fc91f8 100644
--- a/src/PMG/Backup.pm
+++ b/src/PMG/Backup.pm
@@ -94,6 +94,7 @@ sub dumpdb {
$dbh->do("SET TRANSACTION ISOLATION LEVEL SERIALIZABLE");
dump_table($dbh, 'attribut', $ofh);
+ dump_table($dbh, 'objectgroup_attributes', $ofh);
dump_table($dbh, 'object', $ofh, 'object_id_seq', 'id');
dump_table($dbh, 'objectgroup', $ofh, 'objectgroup_id_seq', 'id');
dump_table($dbh, 'rule', $ofh, 'rule_id_seq', 'id');
diff --git a/src/PMG/Cluster.pm b/src/PMG/Cluster.pm
index 015e66a..ac50cff 100644
--- a/src/PMG/Cluster.pm
+++ b/src/PMG/Cluster.pm
@@ -532,6 +532,7 @@ sub sync_ruledb_from_master {
$ldb->do("DELETE FROM ObjectGroup");
$ldb->do("DELETE FROM Object");
$ldb->do("DELETE FROM Attribut");
+ $ldb->do("DELETE FROM Objectgroup_Attributes");
eval {
$rdb->begin_work;
@@ -544,6 +545,7 @@ sub sync_ruledb_from_master {
PMG::DBTools::copy_table($ldb, $rdb, "ObjectGroup");
PMG::DBTools::copy_table($ldb, $rdb, "Object", 'value');
PMG::DBTools::copy_table($ldb, $rdb, "Attribut", 'value');
+ PMG::DBTools::copy_table($ldb, $rdb, "Objectgroup_Attributes");
};
$rdb->rollback; # end transaction
diff --git a/src/PMG/DBTools.pm b/src/PMG/DBTools.pm
index 9e133bc..3c8d181 100644
--- a/src/PMG/DBTools.pm
+++ b/src/PMG/DBTools.pm
@@ -295,6 +295,18 @@ my $userprefs_ctablecmd = <<__EOD;
__EOD
+my $object_group_attributes_cmd = <<__EOD;
+ CREATE TABLE Objectgroup_Attributes (
+ Objectgroup_ID INTEGER NOT NULL,
+ Name VARCHAR(20) NOT NULL,
+ Value BYTEA NULL,
+ PRIMARY KEY (Objectgroup_ID, Name)
+ );
+
+ CREATE INDEX Objectgroup_Attributes_Objectgroup_ID_Index ON Objectgroup_Attributes(Objectgroup_ID);
+
+__EOD
+
sub cond_create_dbtable {
my ($dbh, $name, $ctablecmd) = @_;
@@ -439,6 +451,8 @@ sub create_ruledb {
$userprefs_ctablecmd;
$virusinfo_stat_ctablecmd;
+
+ $object_group_attributes_cmd;
EOD
);
@@ -494,6 +508,7 @@ sub upgradedb {
'CStatistic', $cstatistic_ctablecmd,
'ClusterInfo', $clusterinfo_ctablecmd,
'VirusInfo', $virusinfo_stat_ctablecmd,
+ 'Objectgroup_Attributes', $object_group_attributes_cmd,
};
foreach my $table (keys %$tables) {
@@ -605,6 +620,7 @@ sub init_ruledb {
$dbh->do(
"DELETE FROM Rule;"
." DELETE FROM RuleGroup;"
+ ." DELETE FROM Objectgroup_Attributes;"
." DELETE FROM Attribut WHERE Object_ID NOT IN ($glids);"
." DELETE FROM Object WHERE ID NOT IN ($glids);"
." DELETE FROM Objectgroup WHERE class != 'greylist';"
diff --git a/src/PMG/RuleDB.pm b/src/PMG/RuleDB.pm
index a6b0b79..0b112b4 100644
--- a/src/PMG/RuleDB.pm
+++ b/src/PMG/RuleDB.pm
@@ -160,6 +160,30 @@ sub load_groups_by_name {
};
}
+sub update_group_attributes {
+ my ($self, $og) = @_;
+
+ my $attributes = [qw(and invert)];
+
+ for my $attribute ($attributes->@*) {
+ # only save the values if they're set to 1
+ if ($og->{$attribute}) {
+ $self->{dbh}->do(
+ "INSERT INTO Objectgroup_Attributes (Objectgroup_ID, Name, Value) " .
+ "VALUES (?, ?, ?) ".
+ "ON CONFLICT (Objectgroup_ID, Name) DO UPDATE SET Value = ?", undef,
+ $og->{id}, $attribute, $og->{$attribute}, $og->{$attribute},
+ );
+ } else {
+ $self->{dbh}->do(
+ "DELETE FROM Objectgroup_Attributes " .
+ "WHERE Objectgroup_ID = ? AND Name = ?", undef,
+ $og->{id}, $attribute,
+ );
+ }
+ }
+}
+
sub save_group {
my ($self, $og) = @_;
@@ -171,27 +195,51 @@ sub save_group {
die "undefined group attribute - class: ERROR";
if (defined($og->{id})) {
+ $self->{dbh}->begin_work;
+
+ eval {
+ $self->{dbh}->do("UPDATE Objectgroup " .
+ "SET Name = ?, Info = ? " .
+ "WHERE ID = ?", undef,
+ encode('UTF-8', $og->{name}),
+ encode('UTF-8', $og->{info}),
+ $og->{id});
- $self->{dbh}->do("UPDATE Objectgroup " .
- "SET Name = ?, Info = ? " .
- "WHERE ID = ?", undef,
- encode('UTF-8', $og->{name}),
- encode('UTF-8', $og->{info}),
- $og->{id});
+ $self->update_group_attributes($og);
- return $og->{id};
+ $self->{dbh}->commit;
+ };
+ if (my $err = $@) {
+ $self->{dbh}->rollback;
+ syslog('err', $err);
+ return undef;
+ }
} else {
- my $sth = $self->{dbh}->prepare(
- "INSERT INTO Objectgroup (Name, Info, Class) " .
- "VALUES (?, ?, ?);");
+ $self->{dbh}->begin_work;
+
+ eval {
+ my $sth = $self->{dbh}->prepare(
+ "INSERT INTO Objectgroup (Name, Info, Class) " .
+ "VALUES (?, ?, ?);");
- $sth->execute(encode('UTF-8', $og->name), encode('UTF-8', $og->info), $og->class);
+ $sth->execute(encode('UTF-8', $og->name), encode('UTF-8', $og->info), $og->class);
- return $og->{id} = PMG::Utils::lastid($self->{dbh}, 'objectgroup_id_seq');
+ $og->{id} = PMG::Utils::lastid($self->{dbh}, 'objectgroup_id_seq');
+
+ $self->update_group_attributes($og);
+
+ $self->{dbh}->commit;
+ };
+
+ if (my $err = $@) {
+ $self->{dbh}->rollback;
+ syslog('err', $err);
+ return undef;
+ }
}
- return undef;
+ return $og->{id};
}
sub delete_group {
@@ -228,6 +276,9 @@ sub delete_group {
$self->{dbh}->do("DELETE FROM RuleGroup " .
"WHERE Objectgroup_ID = ?", undef, $groupid);
+ $self->{dbh}->do("DELETE FROM Objectgroup_Attributes " .
+ "WHERE Objectgroup_ID = ?", undef, $groupid);
+
$sth = $self->{dbh}->prepare("SELECT * FROM Object " .
"where Objectgroup_ID = ?");
$sth->execute($groupid);
@@ -252,6 +303,18 @@ sub delete_group {
return undef;
}
+sub load_group_attributes {
+ my ($self, $og) = @_;
+
+ my $attribute_sth = $self->{dbh}->prepare("SELECT * FROM Objectgroup_Attributes WHERE Objectgroup_ID = ?");
+ $attribute_sth->execute($og->{id});
+
+ while (my $ref = $attribute_sth->fetchrow_hashref()) {
+ $og->{and} = $ref->{value} if $ref->{name} eq 'and';
+ $og->{invert} = $ref->{value} if $ref->{name} eq 'invert';
+ }
+}
+
sub load_objectgroups {
my ($self, $class, $id) = @_;
@@ -259,34 +322,47 @@ sub load_objectgroups {
defined($class) || die "undefined object class";
- if (!(defined($id))) {
- $sth = $self->{dbh}->prepare(
- "SELECT * FROM Objectgroup where Class = ? ORDER BY name");
- $sth->execute($class);
-
- } else {
- $sth = $self->{dbh}->prepare(
- "SELECT * FROM Objectgroup where Class like ? and id = ? " .
- "order by name");
- $sth->execute($class,$id);
- }
+ $self->{dbh}->begin_work;
my $arr_og = ();
- while (my $ref = $sth->fetchrow_hashref()) {
- my $og = PMG::RuleDB::Group->new($ref->{name}, $ref->{info},
- $ref->{class});
- $og->{id} = $ref->{id};
- if ($class eq 'action') {
- my $objects = $self->load_group_objects($og->{id});
- my $obj = @$objects[0];
- defined($obj) || die "undefined action object: ERROR";
- $og->{action} = $obj;
+ eval {
+ if (!(defined($id))) {
+ $sth = $self->{dbh}->prepare(
+ "SELECT * FROM Objectgroup where Class = ? ORDER BY name");
+ $sth->execute($class);
+
+ } else {
+ $sth = $self->{dbh}->prepare(
+ "SELECT * FROM Objectgroup where Class like ? and id = ? " .
+ "order by name");
+ $sth->execute($class,$id);
}
- push @$arr_og, $og;
- }
- $sth->finish();
+ while (my $ref = $sth->fetchrow_hashref()) {
+ my $og = PMG::RuleDB::Group->new($ref->{name}, $ref->{info},
+ $ref->{class});
+ $og->{id} = $ref->{id};
+
+ if ($class eq 'action') {
+ my $objects = $self->load_group_objects($og->{id});
+ my $obj = @$objects[0];
+ defined($obj) || die "undefined action object: ERROR";
+ $og->{action} = $obj;
+ } else {
+ $self->load_group_attributes($og);
+ }
+ push @$arr_og, $og;
+ }
+
+ $sth->finish();
+ };
+
+ my $err = $@;
+
+ $self->{dbh}->rollback; # finish transaction
+
+ die $err if $err;
return $arr_og;
}
--
2.30.2
next prev parent reply other threads:[~2024-02-21 12:24 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-02-21 12:24 [pmg-devel] [PATCH pmg-api/docs/gui v2] implement and combination and inversion of groups and objects Dominik Csapak
2024-02-21 12:24 ` [pmg-devel] [PATCH pmg-api v2 01/10] RuleCache: reorganize how we gather marks and spaminfo Dominik Csapak
2024-02-21 12:24 ` [pmg-devel] [PATCH pmg-api v2 02/10] api: refactor rule parameters Dominik Csapak
2024-02-21 12:24 ` Dominik Csapak [this message]
2024-02-21 12:24 ` [pmg-devel] [PATCH pmg-api v2 04/10] add rule attributes and/invert (for each relevant type) Dominik Csapak
2024-02-22 6:46 ` Thomas Lamprecht
2024-02-22 7:34 ` Dominik Csapak
2024-02-22 7:38 ` Thomas Lamprecht
2024-02-21 12:24 ` [pmg-devel] [PATCH pmg-api v2 05/10] RuleCache: load rule/objectgroup attributes from database Dominik Csapak
2024-02-21 12:24 ` [pmg-devel] [PATCH pmg-api v2 06/10] RuleCache: implement and/invert for when/from/to Dominik Csapak
2024-02-21 12:24 ` [pmg-devel] [PATCH pmg-api v2 07/10] MailQueue: return maximum AID Dominik Csapak
2024-02-21 12:24 ` [pmg-devel] [PATCH pmg-api v2 08/10] ModGroup: add possibility to explode to all targets Dominik Csapak
2024-02-21 12:24 ` [pmg-devel] [PATCH pmg-api v2 09/10] RuleCache: implement and/invert for what matches Dominik Csapak
2024-02-21 12:24 ` [pmg-devel] [PATCH pmg-api v2 10/10] pmgdb: extend dump output to include add/invert Dominik Csapak
2024-02-21 12:24 ` [pmg-devel] [PATCH pmg-docs v2 1/1] rule system: explain new and mode and invert flag Dominik Csapak
2024-02-21 12:24 ` [pmg-devel] [PATCH pmg-gui v2 1/2] rules: use tree panel instead of grouping feature of the grid Dominik Csapak
2024-02-21 17:42 ` Thomas Lamprecht
2024-02-21 12:24 ` [pmg-devel] [PATCH pmg-gui v2 2/2] rules/objects: add mode selector dropdown Dominik Csapak
2024-02-21 18:31 ` Thomas Lamprecht
2024-02-21 18:36 ` [pmg-devel] applied-partially: [PATCH pmg-api/docs/gui v2] implement and combination and inversion of groups and objects Stoiko Ivanov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240221122439.1281024-4-d.csapak@proxmox.com \
--to=d.csapak@proxmox.com \
--cc=pmg-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.
Service provided by Proxmox Server Solutions GmbH | Privacy | Legal