From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by lists.proxmox.com (Postfix) with ESMTPS id F3DA763A5A for ; Mon, 5 Oct 2020 17:09:04 +0200 (CEST) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 95A5B1C259 for ; Mon, 5 Oct 2020 17:08:48 +0200 (CEST) Received: from kvmformation1.odiso.net (globalOdiso.M6Lille.odiso.net [89.248.211.242]) by firstgate.proxmox.com (Proxmox) with ESMTP id A4FDF1C124 for ; Mon, 5 Oct 2020 17:08:31 +0200 (CEST) Received: by kvmformation1.odiso.net (Postfix, from userid 0) id DA10BE89B2; Mon, 5 Oct 2020 17:08:24 +0200 (CEST) From: Alexandre Derumier To: pve-devel@lists.proxmox.com Date: Mon, 5 Oct 2020 17:08:19 +0200 Message-Id: <20201005150823.462387-23-aderumier@odiso.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20201005150823.462387-1-aderumier@odiso.com> References: <20201005150823.462387-1-aderumier@odiso.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-SPAM-LEVEL: Spam detection results: 1 AWL -0.466 Adjusted score from AWL reputation of From: address HEADER_FROM_DIFFERENT_DOMAINS 0.248 From and EnvelopeFrom 2nd level mail domains are different KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment KAM_LAZY_DOMAIN_SECURITY 1 Sending domain does not have any anti-forgery methods KHOP_HELO_FCRDNS 0.398 Relay HELO differs from its IP's reverse DNS NO_DNS_FOR_FROM 0.379 Envelope sender has no MX or A DNS records SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_NONE 0.001 SPF: sender does not publish an SPF Record Subject: [pve-devel] [PATCH v9 pve-network 22/26] subnets: move api to /sdn/vnet//subnets && make vnet option not optionnal X-BeenThere: pve-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox VE development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 05 Oct 2020 15:09:05 -0000 Signed-off-by: Alexandre Derumier --- PVE/API2/Network/SDN.pm | 7 ------- PVE/API2/Network/SDN/Subnets.pm | 23 +++++++++++++++++------ PVE/API2/Network/SDN/Vnets.pm | 6 ++++++ PVE/Network/SDN/SubnetPlugin.pm | 2 +- 4 files changed, 24 insertions(+), 14 deletions(-) diff --git a/PVE/API2/Network/SDN.pm b/PVE/API2/Network/SDN.pm index 0a5fa33..fcda11f 100644 --- a/PVE/API2/Network/SDN.pm +++ b/PVE/API2/Network/SDN.pm @@ -15,7 +15,6 @@ use PVE::Network::SDN; use PVE::API2::Network::SDN::Controllers; use PVE::API2::Network::SDN::Vnets; use PVE::API2::Network::SDN::Zones; -use PVE::API2::Network::SDN::Subnets; use PVE::API2::Network::SDN::Ipams; use PVE::API2::Network::SDN::Dns; @@ -36,11 +35,6 @@ __PACKAGE__->register_method ({ path => 'controllers', }); -__PACKAGE__->register_method ({ - subclass => "PVE::API2::Network::SDN::Subnets", - path => 'subnets', -}); - __PACKAGE__->register_method ({ subclass => "PVE::API2::Network::SDN::Ipams", path => 'ipams', @@ -80,7 +74,6 @@ __PACKAGE__->register_method({ { id => 'vnets' }, { id => 'zones' }, { id => 'controllers' }, - { id => 'subnets' }, { id => 'ipams' }, { id => 'dns' }, ]; diff --git a/PVE/API2/Network/SDN/Subnets.pm b/PVE/API2/Network/SDN/Subnets.pm index 728b939..ab4117c 100644 --- a/PVE/API2/Network/SDN/Subnets.pm +++ b/PVE/API2/Network/SDN/Subnets.pm @@ -44,6 +44,10 @@ __PACKAGE__->register_method ({ }, parameters => { additionalProperties => 0, + properties => { + vnet => get_standard_option('pve-sdn-vnet-id'), + }, + }, returns => { type => 'array', @@ -59,6 +63,7 @@ __PACKAGE__->register_method ({ my $rpcenv = PVE::RPCEnvironment::get(); my $authuser = $rpcenv->get_user(); + my $vnetid = $param->{vnet}; my $cfg = PVE::Network::SDN::Subnets::config(); @@ -66,9 +71,10 @@ __PACKAGE__->register_method ({ my $res = []; foreach my $id (@sids) { my $privs = [ 'SDN.Audit', 'SDN.Allocate' ]; - next if !$rpcenv->check_any($authuser, "/sdn/subnets/$id", $privs, 1); + next if !$rpcenv->check_any($authuser, "/sdn/vnets/$vnetid/subnets/$id", $privs, 1); my $scfg = &$api_sdn_subnets_config($cfg, $id); + next if !$scfg->{vnet} || $scfg->{vnet} ne $vnetid; push @$res, $scfg; } @@ -81,12 +87,13 @@ __PACKAGE__->register_method ({ method => 'GET', description => "Read sdn subnet configuration.", permissions => { - check => ['perm', '/sdn/subnets/{subnet}', ['SDN.Allocate']], + check => ['perm', '/sdn/vnets/{vnet}/subnets/{subnet}', ['SDN.Allocate']], }, parameters => { additionalProperties => 0, properties => { + vnet => get_standard_option('pve-sdn-vnet-id'), subnet => get_standard_option('pve-sdn-subnet-id', { completion => \&PVE::Network::SDN::Subnets::complete_sdn_subnets, }), @@ -97,8 +104,11 @@ __PACKAGE__->register_method ({ my ($param) = @_; my $cfg = PVE::Network::SDN::Subnets::config(); + my $scfg = &$api_sdn_subnets_config($cfg, $param->{subnet}); + + raise_param_exc({ vnet => "wrong vnet"}) if $param->{vnet} ne $scfg->{vnet}; - return &$api_sdn_subnets_config($cfg, $param->{subnet}); + return $scfg; }}); __PACKAGE__->register_method ({ @@ -108,7 +118,7 @@ __PACKAGE__->register_method ({ method => 'POST', description => "Create a new sdn subnet object.", permissions => { - check => ['perm', '/sdn/subnets', ['SDN.Allocate']], + check => ['perm', '/sdn/vnets/{vnet}/subnets', ['SDN.Allocate']], }, parameters => PVE::Network::SDN::SubnetPlugin->createSchema(), returns => { type => 'null' }, @@ -151,7 +161,7 @@ __PACKAGE__->register_method ({ method => 'PUT', description => "Update sdn subnet object configuration.", permissions => { - check => ['perm', '/sdn/subnets', ['SDN.Allocate']], + check => ['perm', '/sdn/vnets/{vnet}/subnets', ['SDN.Allocate']], }, parameters => PVE::Network::SDN::SubnetPlugin->updateSchema(), returns => { type => 'null' }, @@ -188,11 +198,12 @@ __PACKAGE__->register_method ({ method => 'DELETE', description => "Delete sdn subnet object configuration.", permissions => { - check => ['perm', '/sdn/subnets', ['SDN.Allocate']], + check => ['perm', '/sdn/vnets/{vnet}/subnets', ['SDN.Allocate']], }, parameters => { additionalProperties => 0, properties => { + vnet => get_standard_option('pve-sdn-vnet-id'), subnet => get_standard_option('pve-sdn-subnet-id', { completion => \&PVE::Network::SDN::Subnets::complete_sdn_subnets, }), diff --git a/PVE/API2/Network/SDN/Vnets.pm b/PVE/API2/Network/SDN/Vnets.pm index b585c9c..0fbb747 100644 --- a/PVE/API2/Network/SDN/Vnets.pm +++ b/PVE/API2/Network/SDN/Vnets.pm @@ -12,6 +12,7 @@ use PVE::Network::SDN::Zones::Plugin; use PVE::Network::SDN::Vnets; use PVE::Network::SDN::VnetPlugin; use PVE::Network::SDN::Subnets; +use PVE::API2::Network::SDN::Subnets; use Storable qw(dclone); use PVE::JSONSchema qw(get_standard_option); @@ -21,6 +22,11 @@ use PVE::RESTHandler; use base qw(PVE::RESTHandler); +__PACKAGE__->register_method ({ + subclass => "PVE::API2::Network::SDN::Subnets", + path => '{vnet}/subnets', +}); + my $api_sdn_vnets_config = sub { my ($cfg, $id) = @_; diff --git a/PVE/Network/SDN/SubnetPlugin.pm b/PVE/Network/SDN/SubnetPlugin.pm index b236c3f..97d8cb8 100644 --- a/PVE/Network/SDN/SubnetPlugin.pm +++ b/PVE/Network/SDN/SubnetPlugin.pm @@ -100,7 +100,7 @@ sub properties { sub options { return { - vnet => { optional => 1 }, + vnet => { optional => 0 }, gateway => { optional => 1 }, # routes => { optional => 1 }, snat => { optional => 1 }, -- 2.20.1