From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by lists.proxmox.com (Postfix) with ESMTPS id EF5EABFDA for ; Thu, 14 Sep 2023 11:52:51 +0200 (CEST) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id D7B7536B3B for ; Thu, 14 Sep 2023 11:52:51 +0200 (CEST) Received: from proxmox-new.maurer-it.com (proxmox-new.maurer-it.com [94.136.29.106]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by firstgate.proxmox.com (Proxmox) with ESMTPS for ; Thu, 14 Sep 2023 11:52:50 +0200 (CEST) Received: from proxmox-new.maurer-it.com (localhost.localdomain [127.0.0.1]) by proxmox-new.maurer-it.com (Proxmox) with ESMTP id 55A424729B for ; Thu, 14 Sep 2023 11:52:50 +0200 (CEST) From: Leo Nunner To: pmg-devel@lists.proxmox.com Date: Thu, 14 Sep 2023 11:52:23 +0200 Message-Id: <20230914095234.115469-3-l.nunner@proxmox.com> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20230914095234.115469-1-l.nunner@proxmox.com> References: <20230914095234.115469-1-l.nunner@proxmox.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-SPAM-LEVEL: Spam detection results: 0 AWL -0.098 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DMARC_MISSING 0.1 Missing DMARC policy KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record Subject: [pmg-devel] [PATCH WIP api 02/11] negation: parse negation value into objects X-BeenThere: pmg-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox Mail Gateway development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 14 Sep 2023 09:52:52 -0000 Expand the parsing code so that the 'negate' field is written into objects for further handling. Two new functions are introduced: one for reading a specific object-rule mapping (and its values), the other to set the 'negate' value for such an object. Signed-off-by: Leo Nunner --- src/PMG/API2/ObjectGroupHelpers.pm | 5 +++- src/PMG/RuleCache.pm | 7 ++++- src/PMG/RuleDB.pm | 46 +++++++++++++++++++++++++++++- 3 files changed, 55 insertions(+), 3 deletions(-) diff --git a/src/PMG/API2/ObjectGroupHelpers.pm b/src/PMG/API2/ObjectGroupHelpers.pm index 48078fb..c3e6448 100644 --- a/src/PMG/API2/ObjectGroupHelpers.pm +++ b/src/PMG/API2/ObjectGroupHelpers.pm @@ -47,7 +47,10 @@ sub format_object_group { my $res = []; foreach my $og (@$ogroups) { push @$res, { - id => $og->{id}, name => $og->{name}, info => $og->{info} + id => $og->{id}, + name => $og->{name}, + info => $og->{info}, + negate => $og->{negate}, }; } return $res; diff --git a/src/PMG/RuleCache.pm b/src/PMG/RuleCache.pm index b8690ea..c5a57f6 100644 --- a/src/PMG/RuleCache.pm +++ b/src/PMG/RuleCache.pm @@ -56,7 +56,7 @@ sub new { my ($from, $to, $when, $what, $action); my $sth1 = $dbh->prepare( - "SELECT Objectgroup_ID, Grouptype FROM RuleGroup " . + "SELECT Objectgroup_ID, Grouptype, Negate FROM RuleGroup " . "where RuleGroup.Rule_ID = '$ruleid' " . "ORDER BY Grouptype, Objectgroup_ID"); @@ -64,6 +64,7 @@ sub new { while (my $ref1 = $sth1->fetchrow_hashref()) { my $gtype = $ref1->{grouptype}; my $groupid = $ref1->{objectgroup_id}; + my $negate = $ref1->{negate}; # emtyp groups differ from non-existent groups! @@ -90,6 +91,10 @@ sub new { $sha1->add (join (',', $objid, $gtype, $groupid) . "|"); $sha1->add ($obj->{digest}, "|"); + if ($gtype != 4) { # it doesn't make any sense to negate actions + $obj->{negate} = $negate; + } + if ($gtype == 0) { #from push @$from, $obj; } elsif ($gtype == 1) { # to diff --git a/src/PMG/RuleDB.pm b/src/PMG/RuleDB.pm index a6b0b79..98beda3 100644 --- a/src/PMG/RuleDB.pm +++ b/src/PMG/RuleDB.pm @@ -107,7 +107,7 @@ sub load_groups { my $sth = $self->{dbh}->prepare( "SELECT RuleGroup.Grouptype, Objectgroup.ID, " . - "Objectgroup.Name, Objectgroup.Info " . + "Objectgroup.Name, Objectgroup.Info, Negate " . "FROM Rulegroup, Objectgroup " . "WHERE Rulegroup.Rule_ID = ? and " . "Rulegroup.Objectgroup_ID = Objectgroup.ID " . @@ -123,6 +123,10 @@ sub load_groups { my $og = PMG::RuleDB::Group->new($ref->{name}, $ref->{info}); $og->{id} = $ref->{id}; + if ($ref->{'grouptype'} != 4) { # this doesn't make any sense for actions + $og->{negate} = $ref->{negate}; + } + if ($ref->{'grouptype'} == 0) { #from push @$from, $og; } elsif ($ref->{'grouptype'} == 1) { # to @@ -753,6 +757,46 @@ sub rule_remove_group { return 1; } + +sub rule_get_group_settings { + my ($self, $ruleid, $groupid, $gtype_str) = @_; + + my $gtype = $grouptype_hash->{$gtype_str} // + die "unknown group type '$gtype_str'\n"; + + defined($ruleid) || die "undefined rule id: ERROR"; + defined($groupid) || die "undefined group id: ERROR"; + defined($gtype) || die "undefined group type: ERROR"; + + my $sth = $self->{dbh}->prepare("SELECT * FROM RuleGroup WHERE " . + "Objectgroup_ID = ? and Rule_ID = ? and Grouptype = ?"); + + $sth->execute($groupid, $ruleid, $gtype); + + my $ref = $sth->fetchrow_hashref(); + die "rule does not exist\n" if !defined($ref); + + return $ref; +} + +sub rule_set_group_setting_negate { + my ($self, $value, $ruleid, $groupid, $gtype_str) = @_; + + my $gtype = $grouptype_hash->{$gtype_str} // + die "unknown group type '$gtype_str'\n"; + + defined($ruleid) || die "undefined rule id: ERROR"; + defined($groupid) || die "undefined group id: ERROR"; + defined($gtype) || die "undefined group type: ERROR"; + + my $sth = $self->{dbh}->prepare("UPDATE RuleGroup SET Negate = ? " . + "WHERE Objectgroup_ID = ? and Rule_ID = ? and Grouptype = ?"); + + $sth->execute($value, $groupid, $ruleid, $gtype); + + return 1; +} + sub load_rule { my ($self, $id) = @_; -- 2.39.2