From: Christian Ebner <c.ebner@proxmox.com>
To: Proxmox VE development discussion <pve-devel@lists.proxmox.com>,
Philipp Hufnagl <p.hufnagl@proxmox.com>
Subject: Re: [pve-devel] [PATCH storage v2 4/4] pbs: fix #5008: Check if datastore and namespace is valid on add- and update hooks
Date: Thu, 16 Nov 2023 10:45:58 +0100 (CET) [thread overview]
Message-ID: <362595018.3899.1700127958077@webmail.proxmox.com> (raw)
In-Reply-To: <20231115160042.177037-5-p.hufnagl@proxmox.com>
> On 15.11.2023 17:00 CET Philipp Hufnagl <p.hufnagl@proxmox.com> wrote:
>
>
> This adds a check if the datastore and the namespace is valid when a
> user attempts to add a new PBS datastore.
>
> Since the namespace only can be checked after the datastore is
> validated, the datastore will be checked as well, regardless that it
> will be done later in the superclass anyway.
>
> The functionallity to check namespaces is added with this commit. For
> checking the datastore, existing code that has previously been
> refactored will be reused
>
> Signed-off-by: Philipp Hufnagl <p.hufnagl@proxmox.com>
> ---
> src/PVE/Storage/PBSPlugin.pm | 43 +++++++++++++++++++++++++++++++++++-
> 1 file changed, 42 insertions(+), 1 deletion(-)
>
> diff --git a/src/PVE/Storage/PBSPlugin.pm b/src/PVE/Storage/PBSPlugin.pm
> index 104fe15..fff8bb2 100644
> --- a/src/PVE/Storage/PBSPlugin.pm
> +++ b/src/PVE/Storage/PBSPlugin.pm
> @@ -566,6 +566,11 @@ sub on_add_hook {
> pbs_delete_master_pubkey($scfg, $storeid);
> }
>
> + my $password = pbs_get_password($scfg, $storeid);
> + my $conn = pbs_api_connect($scfg, $password);
> + check_datastore_exists($class, $storeid, $scfg, $password, $conn);
> + check_namespace_exists($class, $storeid, $scfg, $password, $conn);
> +
> return $res;
> }
>
> @@ -614,6 +619,11 @@ sub on_update_hook {
> }
> }
>
> + my $password = pbs_get_password($scfg, $storeid);
> + my $conn = pbs_api_connect($scfg, $password);
> + check_datastore_exists($class, $storeid, $scfg, $password, $conn);
> + check_namespace_exists($class, $storeid, $scfg, $password, $conn);
> +
> return $res;
> }
>
> @@ -819,6 +829,20 @@ sub scan_datastores {
>
> return $response;
> }
> +
> +sub scan_namespaces {
> + my ($scfg, $datastore, $password, $conn) = @_;
> +
> + if (!defined($conn)){
> + $conn = pbs_api_connect($scfg, $password);
> + }
This can be written more compactly as:
$conn = pbs_api_connect($scfg, $password) if !defined($conn);
> +
> + my $namespaces = eval { $conn->get("/api2/json/admin/datastore/$datastore/namespace", {}); };
> + die "error fetching namespaces - $@" if $@;
> +
> + return $namespaces;
> +}
> +
> sub check_datastore_exists {
> my ($class, $storeid, $scfg, $password, $conn) = @_;
>
> @@ -831,10 +855,27 @@ sub check_datastore_exists {
> return 1;
> }
> }
> -
> die "$storeid: Cannot find datastore '$datastore', check permissions and existence!\n";
> }
>
> +sub check_namespace_exists {
> + my ($class, $storeid, $scfg, $password, $conn) = @_;
> +
> + my $datastore = $scfg->{datastore};
> + my $namespace = $scfg->{namespace};
> +
> + my $namespaces = eval { scan_namespaces($scfg, $datastore, $password) };
> + die "$storeid: $@" if $@;
> + return 1 if !defined($namespace);
You can move this before the call to scan_namespaces, no need to fetch them if there is nothing to compare to to begin with.
> +
> + for my $ns (@$namespaces) {
> + if ($ns->{ns} eq $namespace) {
> + return 1;
> + }
> + }
> + die "$storeid: Cannot find namespace '$namespace', check permissions and existence!\n";
> +}
> +
> sub activate_storage {
> my ($class, $storeid, $scfg, $cache) = @_;
>
> --
> 2.39.2
>
>
>
> _______________________________________________
> pve-devel mailing list
> pve-devel@lists.proxmox.com
> https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
next prev parent reply other threads:[~2023-11-16 9:46 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-11-15 16:00 [pve-devel] [PATCH storage v2 0/4] pbs: fix #5008: Prevent adding pbs storage with invalid namespace Philipp Hufnagl
2023-11-15 16:00 ` [pve-devel] [PATCH storage v2 1/4] pbs: Move pbs_api_connect earlyer in the code Philipp Hufnagl
2023-11-15 16:00 ` [pve-devel] [PATCH storage v2 2/4] pbs: Make it possible to reuse PBS connection for datastore API call Philipp Hufnagl
2023-11-16 9:40 ` Christian Ebner
2023-11-15 16:00 ` [pve-devel] [PATCH storage v2 3/4] pbs: Extraxt check_datastore_exists from activate_storage Philipp Hufnagl
2023-11-16 9:43 ` Christian Ebner
2023-11-15 16:00 ` [pve-devel] [PATCH storage v2 4/4] pbs: fix #5008: Check if datastore and namespace is valid on add- and update hooks Philipp Hufnagl
2023-11-16 9:45 ` Christian Ebner [this message]
2023-11-16 9:57 ` Fiona Ebner
2023-11-16 10:45 ` Philipp Hufnagl
2023-11-16 11:04 ` Fiona Ebner
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=362595018.3899.1700127958077@webmail.proxmox.com \
--to=c.ebner@proxmox.com \
--cc=p.hufnagl@proxmox.com \
--cc=pve-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.