From: Dominik Csapak <d.csapak@proxmox.com>
To: pmg-devel@lists.proxmox.com
Subject: [pmg-devel] [RFC PATCH pmg-api 06/11] add rule attributes and/invert (for each relevant type)
Date: Thu, 1 Feb 2024 16:36:52 +0100 [thread overview]
Message-ID: <20240201153657.1067215-7-d.csapak@proxmox.com> (raw)
In-Reply-To: <20240201153657.1067215-1-d.csapak@proxmox.com>
like with the objectgroups, add an attributes table for groups, and an
'and'/'invert' attribute for each relevant object type
(what/when/from/to).
This is intended to modify the behaviour for the matching regarding
object groups, so that one has more choice in the logical matching.
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
---
src/PMG/API2/RuleDB.pm | 4 +++
src/PMG/API2/Rules.pm | 53 ++++++++++++++++++++++++++-
src/PMG/DBTools.pm | 15 ++++++++
src/PMG/RuleDB.pm | 82 ++++++++++++++++++++++++++++++++++--------
4 files changed, 139 insertions(+), 15 deletions(-)
diff --git a/src/PMG/API2/RuleDB.pm b/src/PMG/API2/RuleDB.pm
index 928b690..b1a7890 100644
--- a/src/PMG/API2/RuleDB.pm
+++ b/src/PMG/API2/RuleDB.pm
@@ -178,6 +178,10 @@ __PACKAGE__->register_method({
my $rule = PMG::RuleDB::Rule->new (
$param->{name}, $param->{priority}, $param->{active}, $param->{direction});
+ for my $key (keys get_rule_params()->%*) {
+ $rule->{$key} = $param->{$key} if defined($param->{$key});
+ }
+
return $rdb->save_rule($rule);
}});
diff --git a/src/PMG/API2/Rules.pm b/src/PMG/API2/Rules.pm
index f9e69e2..dba2cd9 100644
--- a/src/PMG/API2/Rules.pm
+++ b/src/PMG/API2/Rules.pm
@@ -155,6 +155,54 @@ my $rule_params = {
type => 'boolean',
optional => 1,
},
+ 'what-and' => {
+ description => "Flag to 'and' combine WHAT group matches.",
+ type => 'boolean',
+ default => 0,
+ optional => 1,
+ },
+ 'what-invert' => {
+ description => "Flag to invert WHAT group matches.",
+ type => 'boolean',
+ default => 0,
+ optional => 1,
+ },
+ 'when-and' => {
+ description => "Flag to 'and' combine WHEN group matches.",
+ type => 'boolean',
+ default => 0,
+ optional => 1,
+ },
+ 'when-invert' => {
+ description => "Flag to invert WHEN group matches.",
+ type => 'boolean',
+ default => 0,
+ optional => 1,
+ },
+ 'from-and' => {
+ description => "Flag to 'and' combine FROM group matches.",
+ type => 'boolean',
+ default => 0,
+ optional => 1,
+ },
+ 'from-invert' => {
+ description => "Flag to invert FROM group matches.",
+ type => 'boolean',
+ default => 0,
+ optional => 1,
+ },
+ 'to-and' => {
+ description => "Flag to 'and' combine TO group matches.",
+ type => 'boolean',
+ default => 0,
+ optional => 1,
+ },
+ 'to-invert' => {
+ description => "Flag to invert TO group matches.",
+ type => 'boolean',
+ default => 0,
+ optional => 1,
+ },
};
sub get_rule_params {
@@ -202,7 +250,10 @@ __PACKAGE__->register_method ({
my $rule = $rdb->load_rule($id);
- for my $key (qw(name active direction priority)) {
+ my $keys = ["name"];
+ push $keys->@*, keys get_rule_params()->%*;
+
+ for my $key ($keys->@*) {
$rule->{$key} = $param->{$key} if defined($param->{$key});
}
diff --git a/src/PMG/DBTools.pm b/src/PMG/DBTools.pm
index 0d3d9c3..605eb71 100644
--- a/src/PMG/DBTools.pm
+++ b/src/PMG/DBTools.pm
@@ -295,6 +295,18 @@ my $userprefs_ctablecmd = <<__EOD;
__EOD
+my $rule_attributes_cmd = <<__EOD;
+ CREATE TABLE Rule_Attributes (
+ Rule_ID INTEGER NOT NULL,
+ Name VARCHAR(20) NOT NULL,
+ Value BYTEA NULL,
+ PRIMARY KEY (Rule_ID, Name)
+ );
+
+ CREATE INDEX Rule_Attributes_Rule_ID_Index ON Rule_Attributes(Rule_ID);
+
+__EOD
+
my $object_group_attributes_cmd = <<__EOD;
CREATE TABLE Objectgroup_Attributes (
Objectgroup_ID INTEGER NOT NULL,
@@ -452,6 +464,8 @@ sub create_ruledb {
$virusinfo_stat_ctablecmd;
+ $rule_attributes_cmd;
+
$object_group_attributes_cmd;
EOD
);
@@ -508,6 +522,7 @@ sub upgradedb {
'CStatistic', $cstatistic_ctablecmd,
'ClusterInfo', $clusterinfo_ctablecmd,
'VirusInfo', $virusinfo_stat_ctablecmd,
+ 'Rule_Attributes', $rule_attributes_cmd,
'Objectgroup_Attributes', $object_group_attributes_cmd,
};
diff --git a/src/PMG/RuleDB.pm b/src/PMG/RuleDB.pm
index cc69915..e26e7c0 100644
--- a/src/PMG/RuleDB.pm
+++ b/src/PMG/RuleDB.pm
@@ -640,6 +640,35 @@ sub delete_object {
return 1;
}
+sub update_rule_attributes {
+ my ($self, $rule) = @_;
+
+ my $types = [qw(what when from to)];
+ my $attributes = [qw(and invert)];
+
+ for my $type ($types->@*) {
+ for my $attribute ($attributes->@*) {
+ my $prop = "$type-$attribute";
+
+ # only save the values if they're set to 1
+ if ($rule->{$prop}) {
+ $self->{dbh}->do(
+ "INSERT INTO Rule_Attributes (Rule_ID, Name, Value) " .
+ "VALUES (?, ?, ?) ".
+ "ON CONFLICT (Rule_ID, Name) DO UPDATE SET Value = ?", undef,
+ $rule->{id}, $prop, $rule->{$prop}, $rule->{$prop},
+ );
+ } else {
+ $self->{dbh}->do(
+ "DELETE FROM Rule_Attributes " .
+ "WHERE Rule_ID = ? AND Name = ?", undef,
+ $rule->{id}, $prop,
+ );
+ }
+ }
+ }
+}
+
sub save_rule {
my ($self, $rule) = @_;
@@ -654,28 +683,53 @@ sub save_rule {
my $rulename = encode('UTF-8', $rule->{name});
if (defined($rule->{id})) {
+ $self->{dbh}->begin_work;
- $self->{dbh}->do(
- "UPDATE Rule " .
- "SET Name = ?, Priority = ?, Active = ?, Direction = ? " .
- "WHERE ID = ?", undef,
- $rulename, $rule->{priority}, $rule->{active},
- $rule->{direction}, $rule->{id});
+ eval {
+ $self->{dbh}->do(
+ "UPDATE Rule " .
+ "SET Name = ?, Priority = ?, Active = ?, Direction = ? " .
+ "WHERE ID = ?", undef,
+ $rulename, $rule->{priority}, $rule->{active},
+ $rule->{direction}, $rule->{id});
+
+ $self->update_rule_attributes($rule);
- return $rule->{id};
+ $self->{dbh}->commit;
+ };
+ if (my $err = $@) {
+ $self->{dbh}->rollback;
+ syslog('err', $err);
+ return undef;
+ }
} else {
- my $sth = $self->{dbh}->prepare(
- "INSERT INTO Rule (Name, Priority, Active, Direction) " .
- "VALUES (?, ?, ?, ?);");
+ $self->{dbh}->begin_work;
+
+ eval {
+ my $sth = $self->{dbh}->prepare(
+ "INSERT INTO Rule (Name, Priority, Active, Direction) " .
+ "VALUES (?, ?, ?, ?);");
+
+ $sth->execute($rulename, $rule->priority, $rule->active,
+ $rule->direction);
+
+
+ $rule->{id} = PMG::Utils::lastid($self->{dbh}, 'rule_id_seq');
- $sth->execute($rulename, $rule->priority, $rule->active,
- $rule->direction);
+ $self->update_rule_attributes($rule);
- return $rule->{id} = PMG::Utils::lastid($self->{dbh}, 'rule_id_seq');
+ $self->{dbh}->commit;
+ };
+
+ if (my $err = $@) {
+ $self->{dbh}->rollback;
+ syslog('err', $err);
+ return undef;
+ }
}
- return undef;
+ return $rule->{id};
}
sub delete_rule {
--
2.30.2
next prev parent reply other threads:[~2024-02-01 15:37 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-02-01 15:36 [pmg-devel] [RFC PATCH pmg-api 00/12] implement and combination and inversion of groups and objects Dominik Csapak
2024-02-01 15:36 ` [pmg-devel] [RFC PATCH pmg-api 01/11] RuleCache: remove unnecessary copying of marks Dominik Csapak
2024-02-01 15:36 ` [pmg-devel] [RFC PATCH pmg-api 02/11] RuleCache: reorganize to keep group structure Dominik Csapak
2024-02-01 15:36 ` [pmg-devel] [RFC PATCH pmg-api 03/11] RuleCache: reorganize how we gather marks and spaminfo Dominik Csapak
2024-02-01 15:36 ` [pmg-devel] [RFC PATCH pmg-api 04/11] api: refactor rule parameters Dominik Csapak
2024-02-01 15:36 ` [pmg-devel] [RFC PATCH pmg-api 05/11] add objectgroup attributes and/invert Dominik Csapak
2024-02-01 15:36 ` Dominik Csapak [this message]
2024-02-01 15:36 ` [pmg-devel] [RFC PATCH pmg-api 07/11] RuleCache: load rule/objectgroup attributes from database Dominik Csapak
2024-02-01 15:36 ` [pmg-devel] [RFC PATCH pmg-api 08/11] RuleCache: implement and/invert for when/from/to Dominik Csapak
2024-02-01 15:36 ` [pmg-devel] [RFC PATCH pmg-api 09/11] MailQueue: return maximum AID Dominik Csapak
2024-02-01 15:36 ` [pmg-devel] [RFC PATCH pmg-api 10/11] WIP: ModGroup: add possibility to explode to all targets Dominik Csapak
2024-02-01 15:36 ` [pmg-devel] [RFC PATCH pmg-api 11/11] RuleCache: implement and/invert for what matches Dominik Csapak
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240201153657.1067215-7-d.csapak@proxmox.com \
--to=d.csapak@proxmox.com \
--cc=pmg-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox