From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by lists.proxmox.com (Postfix) with ESMTPS id 39FC974492 for ; Thu, 8 Jul 2021 16:15:07 +0200 (CEST) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 2AD491954E for ; Thu, 8 Jul 2021 16:14:37 +0200 (CEST) Received: from proxmox-new.maurer-it.com (proxmox-new.maurer-it.com [94.136.29.106]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by firstgate.proxmox.com (Proxmox) with ESMTPS id 6140A19534 for ; Thu, 8 Jul 2021 16:14:35 +0200 (CEST) Received: from proxmox-new.maurer-it.com (localhost.localdomain [127.0.0.1]) by proxmox-new.maurer-it.com (Proxmox) with ESMTP id 38C0640F03 for ; Thu, 8 Jul 2021 16:14:35 +0200 (CEST) From: Fabian Ebner To: pbs-devel@lists.proxmox.com Date: Thu, 8 Jul 2021 16:14:28 +0200 Message-Id: <20210708141429.190218-4-f.ebner@proxmox.com> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20210708141429.190218-1-f.ebner@proxmox.com> References: <20210708141429.190218-1-f.ebner@proxmox.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-SPAM-LEVEL: Spam detection results: 0 AWL 0.542 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record URIBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [apt.rs] Subject: [pbs-devel] [PATCH proxmox-backup 3/4] api: apt: add endpoints for adding/changing repositories X-BeenThere: pbs-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox Backup Server development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 08 Jul 2021 14:15:07 -0000 Signed-off-by: Fabian Ebner --- Could also be squashed with the previous one. Used SYS_MODIFY as a privilege. Should this rather be superuser only? src/api2/node/apt.rs | 152 ++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 150 insertions(+), 2 deletions(-) diff --git a/src/api2/node/apt.rs b/src/api2/node/apt.rs index 4551b151..271277d1 100644 --- a/src/api2/node/apt.rs +++ b/src/api2/node/apt.rs @@ -8,7 +8,8 @@ use proxmox::api::router::{Router, SubdirMap}; use proxmox::tools::fs::{replace_file, CreateOptions}; use proxmox_apt::repositories::{ - APTRepositoryFile, APTRepositoryFileError, APTRepositoryInfo, APTStandardRepository, + APTRepositoryFile, APTRepositoryFileError, APTRepositoryHandle, APTRepositoryInfo, + APTStandardRepository, }; use proxmox_http::ProxyConfig; @@ -456,9 +457,156 @@ pub fn get_repositories() -> Result { })) } +#[api( + input: { + properties: { + node: { + schema: NODE_SCHEMA, + }, + handle: { + type: APTRepositoryHandle, + }, + digest: { + schema: PROXMOX_CONFIG_DIGEST_SCHEMA, + optional: true, + }, + }, + }, + protected: true, + access: { + permission: &Permission::Privilege(&[], PRIV_SYS_MODIFY, false), + }, +)] +/// Add the repository identified by the `handle`. +/// If the repository is already configured, it will be set to enabled. +/// +/// The `digest` parameter asserts that the configuration has not been modified. +pub fn add_repository(handle: APTRepositoryHandle, digest: Option) -> Result<(), Error> { + let (mut files, errors, current_digest) = proxmox_apt::repositories::repositories()?; + + if let Some(expected_digest) = digest { + let current_digest = proxmox::tools::digest_to_hex(¤t_digest); + crate::tools::assert_if_modified(&expected_digest, ¤t_digest)?; + } + + // check if it's already configured first + for file in files.iter_mut() { + for repo in file.repositories.iter_mut() { + if repo.is_referenced_repository(handle, "pbs") { + if repo.enabled { + return Ok(()); + } + + repo.set_enabled(true); + file.write()?; + + return Ok(()); + } + } + } + + let (repo, path) = proxmox_apt::repositories::get_standard_repository(handle, "pbs")?; + + if let Some(error) = errors.iter().find(|error| error.path == path) { + bail!( + "unable to parse existing file {} - {}", + error.path, + error.error, + ); + } + + if let Some(file) = files.iter_mut().find(|file| file.path == path) { + file.repositories.push(repo); + + file.write()?; + } else { + let mut file = match APTRepositoryFile::new(&path)? { + Some(file) => file, + None => bail!("invalid path - {}", path), + }; + + file.repositories.push(repo); + + file.write()?; + } + + Ok(()) +} + +#[api( + input: { + properties: { + node: { + schema: NODE_SCHEMA, + }, + path: { + description: "Path to the containing file.", + type: String, + }, + index: { + description: "Index within the file (starting from 0).", + type: usize, + }, + enabled: { + description: "Whether the repository should be enabled or not.", + type: bool, + optional: true, + }, + digest: { + schema: PROXMOX_CONFIG_DIGEST_SCHEMA, + optional: true, + }, + }, + }, + protected: true, + access: { + permission: &Permission::Privilege(&[], PRIV_SYS_MODIFY, false), + }, +)] +/// Change the properties of the specified repository. +/// +/// The `digest` parameter asserts that the configuration has not been modified. +pub fn change_repository( + path: String, + index: usize, + enabled: Option, + digest: Option, +) -> Result<(), Error> { + let (mut files, errors, current_digest) = proxmox_apt::repositories::repositories()?; + + if let Some(expected_digest) = digest { + let current_digest = proxmox::tools::digest_to_hex(¤t_digest); + crate::tools::assert_if_modified(&expected_digest, ¤t_digest)?; + } + + if let Some(error) = errors.iter().find(|error| error.path == path) { + bail!("unable to parse file {} - {}", error.path, error.error); + } + + if let Some(file) = files.iter_mut().find(|file| file.path == path) { + if let Some(repo) = file.repositories.get_mut(index) { + if let Some(enabled) = enabled { + repo.set_enabled(enabled); + } + + file.write()?; + } else { + bail!("invalid index - {}", index); + } + } else { + bail!("invalid path - {}", path); + } + + Ok(()) +} + const SUBDIRS: SubdirMap = &[ ("changelog", &Router::new().get(&API_METHOD_APT_GET_CHANGELOG)), - ("repositories", &Router::new().get(&API_METHOD_GET_REPOSITORIES)), + ("repositories", &Router::new() + .get(&API_METHOD_GET_REPOSITORIES) + .post(&API_METHOD_CHANGE_REPOSITORY) + .put(&API_METHOD_ADD_REPOSITORY) + ), ("update", &Router::new() .get(&API_METHOD_APT_UPDATE_AVAILABLE) .post(&API_METHOD_APT_UPDATE_DATABASE) -- 2.30.2