From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <d.csapak@proxmox.com>
Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (2048 bits))
 (No client certificate requested)
 by lists.proxmox.com (Postfix) with ESMTPS id 6859793F4E
 for <pmg-devel@lists.proxmox.com>; Wed, 21 Feb 2024 13:24:42 +0100 (CET)
Received: from firstgate.proxmox.com (localhost [127.0.0.1])
 by firstgate.proxmox.com (Proxmox) with ESMTP id 4ADAD16BAE
 for <pmg-devel@lists.proxmox.com>; Wed, 21 Feb 2024 13:24:42 +0100 (CET)
Received: from proxmox-new.maurer-it.com (proxmox-new.maurer-it.com
 [94.136.29.106])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (2048 bits))
 (No client certificate requested)
 by firstgate.proxmox.com (Proxmox) with ESMTPS
 for <pmg-devel@lists.proxmox.com>; Wed, 21 Feb 2024 13:24:41 +0100 (CET)
Received: from proxmox-new.maurer-it.com (localhost.localdomain [127.0.0.1])
 by proxmox-new.maurer-it.com (Proxmox) with ESMTP id E3BB944480
 for <pmg-devel@lists.proxmox.com>; Wed, 21 Feb 2024 13:24:40 +0100 (CET)
From: Dominik Csapak <d.csapak@proxmox.com>
To: pmg-devel@lists.proxmox.com
Date: Wed, 21 Feb 2024 13:24:31 +0100
Message-Id: <20240221122439.1281024-6-d.csapak@proxmox.com>
X-Mailer: git-send-email 2.30.2
In-Reply-To: <20240221122439.1281024-1-d.csapak@proxmox.com>
References: <20240221122439.1281024-1-d.csapak@proxmox.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-SPAM-LEVEL: Spam detection results:  0
 AWL 0.020 Adjusted score from AWL reputation of From: address
 BAYES_00                 -1.9 Bayes spam probability is 0 to 1%
 DMARC_MISSING             0.1 Missing DMARC policy
 KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment
 SPF_HELO_NONE           0.001 SPF: HELO does not publish an SPF Record
 SPF_PASS               -0.001 SPF: sender matches SPF record
 T_SCC_BODY_TEXT_LINE    -0.01 -
Subject: [pmg-devel] [PATCH pmg-api v2 05/10] RuleCache: load
 rule/objectgroup attributes from database
X-BeenThere: pmg-devel@lists.proxmox.com
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Proxmox Mail Gateway development discussion
 <pmg-devel.lists.proxmox.com>
List-Unsubscribe: <https://lists.proxmox.com/cgi-bin/mailman/options/pmg-devel>, 
 <mailto:pmg-devel-request@lists.proxmox.com?subject=unsubscribe>
List-Archive: <http://lists.proxmox.com/pipermail/pmg-devel/>
List-Post: <mailto:pmg-devel@lists.proxmox.com>
List-Help: <mailto:pmg-devel-request@lists.proxmox.com?subject=help>
List-Subscribe: <https://lists.proxmox.com/cgi-bin/mailman/listinfo/pmg-devel>, 
 <mailto:pmg-devel-request@lists.proxmox.com?subject=subscribe>
X-List-Received-Date: Wed, 21 Feb 2024 12:24:42 -0000

so that we can use the 'and' and 'invert' flags set.

This also adds the attributes to the digest of the rule cache so the
cluster sync is triggered when the attributes change.

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
---
changes from v1:
* use regex to get the attributes instead of hardcoding each one (for the rules)
* add them to the digest so rule changes get synced

 src/PMG/RuleCache.pm | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)

diff --git a/src/PMG/RuleCache.pm b/src/PMG/RuleCache.pm
index cd56342..4bde2e7 100644
--- a/src/PMG/RuleCache.pm
+++ b/src/PMG/RuleCache.pm
@@ -67,6 +67,21 @@ sub new {
 	    $self->{"$ruleid:what"} = { groups => [] };
 	    $self->{"$ruleid:action"} = { groups => [] };
 
+	    my $attribute_sth = $dbh->prepare("SELECT * FROM Rule_Attributes WHERE Rule_ID = ? ORDER BY Name");
+	    $attribute_sth->execute($ruleid);
+
+	    my $rule_attributes = [];
+	    while (my $ref = $attribute_sth->fetchrow_hashref()) {
+		if ($ref->{name} =~ m/^(from|to|when|what)-(and|invert)$/) {
+		    my $type = $1;
+		    my $prop = $2;
+		    my $value = $ref->{value};
+		    $self->{"${ruleid}:${type}"}->{$prop} = $value;
+
+		    $sha1->add("${ruleid}:${type}-${prop}=${value}|");
+		}
+	    }
+
 	    my $sth1 = $dbh->prepare(
 		"SELECT Objectgroup_ID, Grouptype FROM RuleGroup " .
 		"where RuleGroup.Rule_ID = '$ruleid' " .
@@ -114,6 +129,15 @@ sub new {
 		    objects => $objects,
 		};
 
+		my $objectgroup_sth = $dbh->prepare("SELECT * FROM Objectgroup_Attributes WHERE Objectgroup_ID = ?");
+		$objectgroup_sth->execute($groupid);
+
+		while (my $ref = $objectgroup_sth->fetchrow_hashref()) {
+		    $group->{and} = $ref->{value} if $ref->{name} eq 'and';
+		    $group->{invert} = $ref->{value} if $ref->{name} eq 'invert';
+		}
+		$sha1->add (join(',', $groupid, $group->{and} // 0, $group->{invert} // 0), "|");
+
 		my $type = $type_map->{$gtype};
 		push $self->{"$ruleid:$type"}->{groups}->@*, $group;
 	    }
-- 
2.30.2