public inbox for pmg-devel@lists.proxmox.com
 help / color / mirror / Atom feed
From: Stoiko Ivanov <s.ivanov@proxmox.com>
To: Dominik Csapak <d.csapak@proxmox.com>
Cc: pmg-devel@lists.proxmox.com
Subject: Re: [pmg-devel] [PATCH pmg-api 05/12] add objectgroup attributes and/invert
Date: Tue, 20 Feb 2024 13:35:56 +0100	[thread overview]
Message-ID: <20240220133556.76ef39fa@rosa.proxmox.com> (raw)
In-Reply-To: <20240209125440.2572239-6-d.csapak@proxmox.com>

afaict deletion of objectgroup attributes when deleting the object group is
missing

On Fri,  9 Feb 2024 13:54:29 +0100
Dominik Csapak <d.csapak@proxmox.com> wrote:

> add a new table Objectgroup_Attributes where we can save additional
> attributes for objectgroups (like the Attribut tables for objects).
> 
> Adds two new attributes for the groups:
> * and
> * invert
> 
> These will modify the match behaviour for object groups
> 
> Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
> ---
>  src/PMG/API2/ObjectGroupHelpers.pm |  43 ++++++++-
>  src/PMG/DBTools.pm                 |  15 +++
>  src/PMG/RuleDB.pm                  | 145 ++++++++++++++++++++++-------
>  3 files changed, 162 insertions(+), 41 deletions(-)
> 
> diff --git a/src/PMG/API2/ObjectGroupHelpers.pm b/src/PMG/API2/ObjectGroupHelpers.pm
> index 48078fb..a08a6a3 100644
> --- a/src/PMG/API2/ObjectGroupHelpers.pm
> +++ b/src/PMG/API2/ObjectGroupHelpers.pm
> @@ -46,13 +46,29 @@ sub format_object_group {
>  
>      my $res = [];
>      foreach my $og (@$ogroups) {
> -	push @$res, {
> -	    id => $og->{id}, name => $og->{name}, info => $og->{info}
> -	};
> +	my $group = { id => $og->{id}, name => $og->{name}, info => $og->{info} };
> +	$group->{and} = $og->{and} if defined($og->{and});
> +	$group->{invert} = $og->{invert} if defined($og->{invert});
> +	push @$res, $group;
>      }
>      return $res;
>  }
>  
> +my $group_attributes = {
> +    and => {
> +	description => "If set to 1, objects in this group are 'and' combined.",
> +	type => 'boolean',
> +	default => 0,
> +	optional => 1,
> +    },
> +    invert => {
> +	description => "If set to 1, the resulting match is inverted.",
> +	type => 'boolean',
> +	default => 0,
> +	optional => 1,
> +    },
> +};
> +
>  sub register_group_list_api {
>      my ($apiclass, $oclass) = @_;
>  
> @@ -86,6 +102,11 @@ sub register_group_list_api {
>  	    return format_object_group($ogroups);
>  	}});
>  
> +    my $additional_parameters = {};
> +    if ($oclass =~ /^(?:what|when|who)$/i) {
> +	$additional_parameters = { $group_attributes->%* };
> +    }
> +
>      $apiclass->register_method({
>  	name => "create_${oclass}_group",
>  	path => $oclass,
> @@ -108,6 +129,7 @@ sub register_group_list_api {
>  		    maxLength => 255,
>  		    optional => 1,
>  		},
> +		$additional_parameters->%*,
>  	    },
>  	},
>  	returns => { type => 'integer' },
> @@ -119,6 +141,10 @@ sub register_group_list_api {
>  	    my $og = PMG::RuleDB::Group->new(
>  		$param->{name}, $param->{info} // '', $oclass);
>  
> +	    for my $prop (qw(and invert)) {
> +		$og->{$prop} = $param->{$prop} if defined($param->{$prop});
> +	    }
> +
>  	    return $rdb->save_group($og);
>  	}});
>  }
> @@ -199,6 +225,11 @@ sub register_object_group_config_api {
>  
>  	}});
>  
> +    my $additional_parameters = {};
> +    if ($oclass =~ /^(?:what|when|who)$/i) {
> +	$additional_parameters = { $group_attributes->%* };
> +    }
> +
>      $apiclass->register_method({
>  	name => 'set_config',
>  	path => $path,
> @@ -226,6 +257,7 @@ sub register_object_group_config_api {
>  		    maxLength => 255,
>  		    optional => 1,
>  		},
> +		$additional_parameters->%*,
>  	    },
>  	},
>  	returns => { type => "null" },
> @@ -243,8 +275,9 @@ sub register_object_group_config_api {
>  	    my $og = shift @$list ||
>  		die "$oclass group '$ogroup' not found\n";
>  
> -	    $og->{name} = $param->{name} if defined($param->{name});
> -	    $og->{info} = $param->{info} if defined($param->{info});
> +	    for my $prop (qw(name info and invert)) {
> +		$og->{$prop} = $param->{$prop} if defined($param->{$prop});
> +	    }
>  
>  	    $rdb->save_group($og);
>  
> diff --git a/src/PMG/DBTools.pm b/src/PMG/DBTools.pm
> index 9e133bc..0d3d9c3 100644
> --- a/src/PMG/DBTools.pm
> +++ b/src/PMG/DBTools.pm
> @@ -295,6 +295,18 @@ my $userprefs_ctablecmd =  <<__EOD;
>  
>  __EOD
>  
> +my $object_group_attributes_cmd = <<__EOD;
> +    CREATE TABLE Objectgroup_Attributes (
> +      Objectgroup_ID INTEGER NOT NULL,
we could create a foreign key constraint on objectgroup.id here
> +      Name VARCHAR(20) NOT NULL,
> +      Value BYTEA NULL,
I know with the current db-schema we use bytea quite extensively - but for
now all the values are actually boolean (and even more so only the true
values are stored) - why not create the column accordingly?

> +      PRIMARY KEY (Objectgroup_ID, Name)
> +    );
> +
> +    CREATE INDEX Objectgroup_Attributes_Objectgroup_ID_Index ON Objectgroup_Attributes(Objectgroup_ID);
> +
> +__EOD
> +
>  sub cond_create_dbtable {
>      my ($dbh, $name, $ctablecmd) = @_;
>  
> @@ -439,6 +451,8 @@ sub create_ruledb {
>          $userprefs_ctablecmd;
>  
>          $virusinfo_stat_ctablecmd;
> +
> +        $object_group_attributes_cmd;
>  EOD
>      );
>  
> @@ -494,6 +508,7 @@ sub upgradedb {
>  	'CStatistic', $cstatistic_ctablecmd,
>  	'ClusterInfo', $clusterinfo_ctablecmd,
>  	'VirusInfo', $virusinfo_stat_ctablecmd,
> +	'Objectgroup_Attributes', $object_group_attributes_cmd,
>      };
>  
>      foreach my $table (keys %$tables) {
> diff --git a/src/PMG/RuleDB.pm b/src/PMG/RuleDB.pm
> index a6b0b79..df9e526 100644
> --- a/src/PMG/RuleDB.pm
> +++ b/src/PMG/RuleDB.pm
> @@ -160,6 +160,30 @@ sub load_groups_by_name {
>      };
>  }
>  
> +sub update_group_attributes {
> +    my ($self, $og) = @_;
> +
> +    my $attributes = [qw(and invert)];
> +
> +    for my $attribute ($attributes->@*) {
> +	# only save the values if they're set to 1
> +	if ($og->{$attribute}) {
> +	    $self->{dbh}->do(
> +		"INSERT INTO Objectgroup_Attributes (Objectgroup_ID, Name, Value) " .
> +		"VALUES (?, ?, ?) ".
> +		"ON CONFLICT (Objectgroup_ID, Name) DO UPDATE SET Value = ?", undef,
> +		$og->{id}, $attribute, $og->{$attribute}, $og->{$attribute},
> +	    );
> +	} else {
> +	    $self->{dbh}->do(
> +		"DELETE FROM Objectgroup_Attributes " .
> +		"WHERE Objectgroup_ID = ? AND Name = ?", undef,
> +		$og->{id}, $attribute,
> +	    );
> +	}
> +    }
> +}
> +
>  sub save_group {
>      my ($self, $og) = @_;
>  
> @@ -171,27 +195,51 @@ sub save_group {
>  	die "undefined group attribute - class: ERROR";
>  
>      if (defined($og->{id})) {
> +	$self->{dbh}->begin_work;
> +
> +	eval {
> +	    $self->{dbh}->do("UPDATE Objectgroup " .
> +			     "SET Name = ?, Info = ? " .
> +			     "WHERE ID = ?", undef,
> +			     encode('UTF-8', $og->{name}),
> +			     encode('UTF-8', $og->{info}),
> +			     $og->{id});
>  
> -	$self->{dbh}->do("UPDATE Objectgroup " .
> -			 "SET Name = ?, Info = ? " .
> -			 "WHERE ID = ?", undef,
> -			 encode('UTF-8', $og->{name}),
> -			 encode('UTF-8', $og->{info}),
> -			 $og->{id});
> +	    $self->update_group_attributes($og);
>  
> -	return $og->{id};
> +	    $self->{dbh}->commit;
> +	};
>  
> +	if (my $err = $@) {
> +	    $self->{dbh}->rollback;
> +	    syslog('err', $err);
> +	    return undef;
> +	}
>      } else {
> -	my $sth = $self->{dbh}->prepare(
> -	    "INSERT INTO Objectgroup (Name, Info, Class) " .
> -	    "VALUES (?, ?, ?);");
> +	$self->{dbh}->begin_work;
>  
> -	$sth->execute(encode('UTF-8', $og->name), encode('UTF-8', $og->info), $og->class);
> +	eval {
> +	    my $sth = $self->{dbh}->prepare(
> +		"INSERT INTO Objectgroup (Name, Info, Class) " .
> +		"VALUES (?, ?, ?);");
>  
> -	return $og->{id} = PMG::Utils::lastid($self->{dbh}, 'objectgroup_id_seq');
> +	    $sth->execute(encode('UTF-8', $og->name), encode('UTF-8', $og->info), $og->class);
> +
> +	    $og->{id} = PMG::Utils::lastid($self->{dbh}, 'objectgroup_id_seq');
> +
> +	    $self->update_group_attributes($og);
> +
> +	    $self->{dbh}->commit;
> +	};
> +
> +	if (my $err = $@) {
> +	    $self->{dbh}->rollback;
> +	    syslog('err', $err);
> +	    return undef;
> +	}
>      }
>  
> -    return undef;
> +    return $og->{id};
>  }
>  
>  sub delete_group {
> @@ -252,6 +300,18 @@ sub delete_group {
>      return undef;
>  }
>  
> +sub load_group_attributes {
> +    my ($self, $og) = @_;
> +
> +    my $attribute_sth = $self->{dbh}->prepare("SELECT * FROM Objectgroup_Attributes WHERE Objectgroup_ID = ?");
> +    $attribute_sth->execute($og->{id});
> +
> +    while (my $ref = $attribut<e_sth->fetchrow_hashref()) {
> +	$og->{and} = $ref->{value} if $ref->{name} eq 'and';
> +	$og->{invert} = $ref->{value} if $ref->{name} eq 'invert';
> +    }
> +}
> +
>  sub load_objectgroups {
>      my ($self, $class, $id) = @_;
>  
> @@ -259,34 +319,47 @@ sub load_objectgroups {
>  
>      defined($class) || die "undefined object class";
>  
> -    if (!(defined($id))) {
> -        $sth = $self->{dbh}->prepare(
> -	    "SELECT * FROM Objectgroup where Class = ? ORDER BY name");
> -        $sth->execute($class);
> -
> -    } else {
> -        $sth = $self->{dbh}->prepare(
> -	    "SELECT * FROM Objectgroup where Class like ? and id = ? " .
> -	    "order by name");
> -        $sth->execute($class,$id);
> -    }
> +    $self->{dbh}->begin_work;
why running the following SELECTS in a explicit transaction?

>  
>      my $arr_og = ();
> -    while (my $ref = $sth->fetchrow_hashref()) {
> -    	my $og = PMG::RuleDB::Group->new($ref->{name}, $ref->{info},
> -					 $ref->{class});
> -    	$og->{id} = $ref->{id};
>  
> -	if ($class eq 'action') {
> -	    my $objects = $self->load_group_objects($og->{id});
> -	    my $obj = @$objects[0];
> -	    defined($obj) || die "undefined action object: ERROR";
> -	    $og->{action} = $obj;
> +    eval {
> +	if (!(defined($id))) {
> +	    $sth = $self->{dbh}->prepare(
> +		"SELECT * FROM Objectgroup where Class = ? ORDER BY name");
> +	    $sth->execute($class);
> +
> +	} else {
> +	    $sth = $self->{dbh}->prepare(
> +		"SELECT * FROM Objectgroup where Class like ? and id = ? " .
not introduced by you - but why do we use 'like' here and '=' above?


> +		"order by name");
> +	    $sth->execute($class,$id);
>  	}
> -    	push @$arr_og, $og;
> -    }
>  
> -    $sth->finish();
> +	while (my $ref = $sth->fetchrow_hashref()) {
> +	    my $og = PMG::RuleDB::Group->new($ref->{name}, $ref->{info},
> +					     $ref->{class});
> +	    $og->{id} = $ref->{id};
> +
> +	    if ($class eq 'action') {
> +		my $objects = $self->load_group_objects($og->{id});
> +		my $obj = @$objects[0];
> +		defined($obj) || die "undefined action object: ERROR";
> +		$og->{action} = $obj;
> +	    } else {
> +		$self->load_group_attributes($og);
> +	    }
> +	    push @$arr_og, $og;
> +	}
> +
> +	$sth->finish();
> +    };
> +
> +    my $err = $@;
> +
> +    $self->{dbh}->rollback;
> +
> +    die $err if $err;
>  
>      return $arr_og;
>  }





  reply	other threads:[~2024-02-20 12:36 UTC|newest]

Thread overview: 29+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-02-09 12:54 [pmg-devel] [PATCH pmg-api/docs/gui] implement and combination and inversion of groups and objects Dominik Csapak
2024-02-09 12:54 ` [pmg-devel] [PATCH pmg-api 01/12] RuleCache: remove unnecessary copying of marks Dominik Csapak
2024-02-20 14:42   ` [pmg-devel] applied: " Stoiko Ivanov
2024-02-09 12:54 ` [pmg-devel] [PATCH pmg-api 02/12] RuleCache: reorganize to keep group structure Dominik Csapak
2024-02-20 14:45   ` [pmg-devel] applied: " Stoiko Ivanov
2024-02-09 12:54 ` [pmg-devel] [PATCH pmg-api 03/12] RuleCache: reorganize how we gather marks and spaminfo Dominik Csapak
2024-02-20 11:10   ` Stoiko Ivanov
2024-02-09 12:54 ` [pmg-devel] [PATCH pmg-api 04/12] api: refactor rule parameters Dominik Csapak
2024-02-20 11:49   ` Stoiko Ivanov
2024-02-09 12:54 ` [pmg-devel] [PATCH pmg-api 05/12] add objectgroup attributes and/invert Dominik Csapak
2024-02-20 12:35   ` Stoiko Ivanov [this message]
2024-02-20 12:47   ` Stoiko Ivanov
2024-02-09 12:54 ` [pmg-devel] [PATCH pmg-api 06/12] add rule attributes and/invert (for each relevant type) Dominik Csapak
2024-02-20 13:03   ` Stoiko Ivanov
2024-02-09 12:54 ` [pmg-devel] [PATCH pmg-api 07/12] RuleCache: load rule/objectgroup attributes from database Dominik Csapak
2024-02-20 13:18   ` Stoiko Ivanov
2024-02-09 12:54 ` [pmg-devel] [PATCH pmg-api 08/12] RuleCache: implement and/invert for when/from/to Dominik Csapak
2024-02-20 13:09   ` Stoiko Ivanov
2024-02-09 12:54 ` [pmg-devel] [PATCH pmg-api 09/12] MailQueue: return maximum AID Dominik Csapak
2024-02-20 13:20   ` Stoiko Ivanov
2024-02-09 12:54 ` [pmg-devel] [PATCH pmg-api 10/12] WIP: ModGroup: add possibility to explode to all targets Dominik Csapak
2024-02-09 12:54 ` [pmg-devel] [PATCH pmg-api 11/12] RuleCache: implement and/invert for what matches Dominik Csapak
2024-02-09 12:54 ` [pmg-devel] [PATCH pmg-api 12/12] pmgdb: extend dump output to include add/invert Dominik Csapak
2024-02-09 12:54 ` [pmg-devel] [PATCH pmg-docs 1/2] rule system: add a small section about matching rules Dominik Csapak
2024-02-20 14:47   ` [pmg-devel] applied: " Stoiko Ivanov
2024-02-09 12:54 ` [pmg-devel] [PATCH pmg-docs 2/2] rule system: explain new and mode and invert flag Dominik Csapak
2024-02-20 14:40   ` Stoiko Ivanov
2024-02-09 12:54 ` [pmg-devel] [PATCH pmg-gui 1/2] rules: use tree panel instead of grouping feature of the grid Dominik Csapak
2024-02-09 12:54 ` [pmg-devel] [PATCH pmg-gui 2/2] rules/objects: add mode selector dropdown Dominik Csapak

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20240220133556.76ef39fa@rosa.proxmox.com \
    --to=s.ivanov@proxmox.com \
    --cc=d.csapak@proxmox.com \
    --cc=pmg-devel@lists.proxmox.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox
Service provided by Proxmox Server Solutions GmbH | Privacy | Legal