From mboxrd@z Thu Jan 1 00:00:00 1970
Return-Path: <s.ivanov@proxmox.com>
Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (2048 bits))
(No client certificate requested)
by lists.proxmox.com (Postfix) with ESMTPS id 8302794978
for <pmg-devel@lists.proxmox.com>; Thu, 22 Feb 2024 15:53:47 +0100 (CET)
Received: from firstgate.proxmox.com (localhost [127.0.0.1])
by firstgate.proxmox.com (Proxmox) with ESMTP id 5D388AF40
for <pmg-devel@lists.proxmox.com>; Thu, 22 Feb 2024 15:53:17 +0100 (CET)
Received: from proxmox-new.maurer-it.com (proxmox-new.maurer-it.com
[94.136.29.106])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (2048 bits))
(No client certificate requested)
by firstgate.proxmox.com (Proxmox) with ESMTPS
for <pmg-devel@lists.proxmox.com>; Thu, 22 Feb 2024 15:53:16 +0100 (CET)
Received: from proxmox-new.maurer-it.com (localhost.localdomain [127.0.0.1])
by proxmox-new.maurer-it.com (Proxmox) with ESMTP id 23F5A44B2A
for <pmg-devel@lists.proxmox.com>; Thu, 22 Feb 2024 15:53:16 +0100 (CET)
Date: Thu, 22 Feb 2024 15:53:15 +0100
From: Stoiko Ivanov <s.ivanov@proxmox.com>
To: Dominik Csapak <d.csapak@proxmox.com>
Cc: pmg-devel@lists.proxmox.com
Message-ID: <20240222155315.4b588a0d@rosa.proxmox.com>
In-Reply-To: <20240215115859.1878868-2-d.csapak@proxmox.com>
References: <20240215115859.1878868-1-d.csapak@proxmox.com>
<20240215115859.1878868-2-d.csapak@proxmox.com>
X-Mailer: Claws Mail 4.1.1 (GTK 3.24.38; x86_64-pc-linux-gnu)
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
X-SPAM-LEVEL: Spam detection results: 0
AWL 0.083 Adjusted score from AWL reputation of From: address
BAYES_00 -1.9 Bayes spam probability is 0 to 1%
DMARC_MISSING 0.1 Missing DMARC policy
KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment
SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record
SPF_PASS -0.001 SPF: sender matches SPF record
T_SCC_BODY_TEXT_LINE -0.01 -
Subject: Re: [pmg-devel] [RFC PATCH pmg-api 2/2] api: proxy user bl/wl calls
to master
X-BeenThere: pmg-devel@lists.proxmox.com
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Proxmox Mail Gateway development discussion
<pmg-devel.lists.proxmox.com>
List-Unsubscribe: <https://lists.proxmox.com/cgi-bin/mailman/options/pmg-devel>,
<mailto:pmg-devel-request@lists.proxmox.com?subject=unsubscribe>
List-Archive: <http://lists.proxmox.com/pipermail/pmg-devel/>
List-Post: <mailto:pmg-devel@lists.proxmox.com>
List-Help: <mailto:pmg-devel-request@lists.proxmox.com?subject=help>
List-Subscribe: <https://lists.proxmox.com/cgi-bin/mailman/listinfo/pmg-devel>,
<mailto:pmg-devel-request@lists.proxmox.com?subject=subscribe>
X-List-Received-Date: Thu, 22 Feb 2024 14:53:47 -0000
Thanks for the patch!
did not apply it for now, as the previous patch in this series fixes the
introduction of new inconsistencies to the userpref-table (where the user
wl/bl are stored) - so I'd like to keep the option for users who run into
this to fix it manually on the node for a while)
Recorded the patch on our internal docs for breaking changes to not forget
it!
On Thu, 15 Feb 2024 12:58:59 +0100
Dominik Csapak <d.csapak@proxmox.com> wrote:
> if we don't do that, the non-master nodes would get updated (when logged
> in there), but that change would never be synced back to the master.
>
> So to prevent diverging configs, proxy them all to master.
>
> The GET calls are also proxied, because if we don't do that, the user
> might wonder why his change is not visible on the GUI right away.
>
> Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
> ---
> Sending only as RFC, because we now loose the ability to see what the
> non-master nodes actually have in their db...
>
> src/PMG/API2/Quarantine.pm | 6 ++++++
> 1 file changed, 6 insertions(+)
>
> diff --git a/src/PMG/API2/Quarantine.pm b/src/PMG/API2/Quarantine.pm
> index a100e11..4eec64e 100644
> --- a/src/PMG/API2/Quarantine.pm
> +++ b/src/PMG/API2/Quarantine.pm
> @@ -229,6 +229,7 @@ __PACKAGE__->register_method ({
> name => 'whitelist',
> path => 'whitelist',
> method => 'GET',
> + proxyto => 'master',
> permissions => { check => [ 'admin', 'qmanager', 'audit', 'quser'] },
> description => "Show user whitelist.",
> parameters => {
> @@ -258,6 +259,7 @@ __PACKAGE__->register_method ({
> name => 'whitelist_add',
> path => 'whitelist',
> method => 'POST',
> + proxyto => 'master',
> description => "Add user whitelist entries.",
> permissions => { check => [ 'admin', 'qmanager', 'audit', 'quser'] },
> protected => 1,
> @@ -284,6 +286,7 @@ __PACKAGE__->register_method ({
> name => 'whitelist_delete_base',
> path => 'whitelist',
> method => 'DELETE',
> + proxyto => 'master',
> description => "Delete user whitelist entries.",
> permissions => { check => [ 'admin', 'qmanager', 'audit', 'quser'] },
> protected => 1,
> @@ -311,6 +314,7 @@ __PACKAGE__->register_method ({
> name => 'blacklist',
> path => 'blacklist',
> method => 'GET',
> + proxyto => 'master',
> permissions => { check => [ 'admin', 'qmanager', 'audit', 'quser'] },
> description => "Show user blacklist.",
> parameters => {
> @@ -340,6 +344,7 @@ __PACKAGE__->register_method ({
> name => 'blacklist_add',
> path => 'blacklist',
> method => 'POST',
> + proxyto => 'master',
> description => "Add user blacklist entries.",
> permissions => { check => [ 'admin', 'qmanager', 'audit', 'quser'] },
> protected => 1,
> @@ -366,6 +371,7 @@ __PACKAGE__->register_method ({
> name => 'blacklist_delete_base',
> path => 'blacklist',
> method => 'DELETE',
> + proxyto => 'master',
> description => "Delete user blacklist entries.",
> permissions => { check => [ 'admin', 'qmanager', 'audit', 'quser'] },
> protected => 1,