From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by lists.proxmox.com (Postfix) with ESMTPS id 01AF1DBCB for ; Mon, 17 Jul 2023 17:01:25 +0200 (CEST) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 0AC35F7EC for ; Mon, 17 Jul 2023 17:01:22 +0200 (CEST) Received: from proxmox-new.maurer-it.com (proxmox-new.maurer-it.com [94.136.29.106]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by firstgate.proxmox.com (Proxmox) with ESMTPS for ; Mon, 17 Jul 2023 17:01:17 +0200 (CEST) Received: from proxmox-new.maurer-it.com (localhost.localdomain [127.0.0.1]) by proxmox-new.maurer-it.com (Proxmox) with ESMTP id 8CEC242B8A for ; Mon, 17 Jul 2023 17:01:16 +0200 (CEST) From: Lukas Wagner To: pve-devel@lists.proxmox.com Date: Mon, 17 Jul 2023 16:59:55 +0200 Message-Id: <20230717150051.710464-11-l.wagner@proxmox.com> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20230717150051.710464-1-l.wagner@proxmox.com> References: <20230717150051.710464-1-l.wagner@proxmox.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-SPAM-LEVEL: Spam detection results: 0 AWL -0.130 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DMARC_MISSING 0.1 Missing DMARC policy KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record T_SCC_BODY_TEXT_LINE -0.01 - Subject: [pve-devel] [PATCH v3 proxmox 10/66] notify: api: add API for groups X-BeenThere: pve-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox VE development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 17 Jul 2023 15:01:25 -0000 Signed-off-by: Lukas Wagner --- proxmox-notify/src/api/group.rs | 264 ++++++++++++++++++++++++++++++++ proxmox-notify/src/api/mod.rs | 1 + 2 files changed, 265 insertions(+) create mode 100644 proxmox-notify/src/api/group.rs diff --git a/proxmox-notify/src/api/group.rs b/proxmox-notify/src/api/group.rs new file mode 100644 index 00000000..cc847364 --- /dev/null +++ b/proxmox-notify/src/api/group.rs @@ -0,0 +1,264 @@ +use crate::api::ApiError; +use crate::group::{DeleteableGroupProperty, GroupConfig, GroupConfigUpdater, GROUP_TYPENAME}; +use crate::Config; + +/// Get all notification groups +/// +/// The caller is responsible for any needed permission checks. +/// Returns a list of all groups or an `ApiError` if the config is erroneous. +pub fn get_groups(config: &Config) -> Result, ApiError> { + config + .config + .convert_to_typed_array(GROUP_TYPENAME) + .map_err(|e| ApiError::internal_server_error("Could not fetch groups", Some(e.into()))) +} + +/// Get group with given `name` +/// +/// The caller is responsible for any needed permission checks. +/// Returns the endpoint or an `ApiError` if the group was not found. +pub fn get_group(config: &Config, name: &str) -> Result { + config + .config + .lookup(GROUP_TYPENAME, name) + .map_err(|_| ApiError::not_found(format!("group '{name}' not found"), None)) +} + +/// Add a new group. +/// +/// The caller is responsible for any needed permission checks. +/// The caller also responsible for locking the configuration files. +/// Returns an `ApiError` if a group with the same name already exists, or +/// if the group could not be saved +pub fn add_group(config: &mut Config, group_config: &GroupConfig) -> Result<(), ApiError> { + if get_group(config, &group_config.name).is_ok() { + return Err(ApiError::bad_request( + format!("group '{}' already exists", group_config.name), + None, + )); + } + + if group_config.endpoint.is_empty() { + return Err(ApiError::bad_request( + "group must contain at least one endpoint", + None, + )); + } + + check_if_endpoints_exist(config, &group_config.endpoint)?; + + config + .config + .set_data(&group_config.name, GROUP_TYPENAME, group_config) + .map_err(|e| { + ApiError::internal_server_error( + format!("could not save group '{}'", group_config.name), + Some(e.into()), + ) + })?; + + Ok(()) +} + +/// Update existing group +/// +/// The caller is responsible for any needed permission checks. +/// The caller also responsible for locking the configuration files. +/// Returns an `ApiError` if the config could not be saved. +pub fn update_group( + config: &mut Config, + name: &str, + updater: &GroupConfigUpdater, + delete: Option<&[DeleteableGroupProperty]>, + digest: Option<&[u8]>, +) -> Result<(), ApiError> { + super::verify_digest(config, digest)?; + + let mut group = get_group(config, name)?; + + if let Some(delete) = delete { + for deleteable_property in delete { + match deleteable_property { + DeleteableGroupProperty::Comment => group.comment = None, + } + } + } + + if let Some(endpoints) = &updater.endpoint { + check_if_endpoints_exist(config, endpoints)?; + if endpoints.is_empty() { + return Err(ApiError::bad_request( + "group must contain at least one endpoint", + None, + )); + } + group.endpoint = endpoints.iter().map(Into::into).collect() + } + + if let Some(comment) = &updater.comment { + group.comment = Some(comment.into()); + } + + config + .config + .set_data(name, GROUP_TYPENAME, &group) + .map_err(|e| { + ApiError::internal_server_error( + format!("could not save group '{name}'"), + Some(e.into()), + ) + })?; + + Ok(()) +} + +/// Delete existing group +/// +/// The caller is responsible for any needed permission checks. +/// The caller also responsible for locking the configuration files. +/// Returns an `ApiError` if the group does not exist. +pub fn delete_group(config: &mut Config, name: &str) -> Result<(), ApiError> { + // Check if the group exists + let _ = get_group(config, name)?; + + config.config.sections.remove(name); + + Ok(()) +} + +fn check_if_endpoints_exist(config: &Config, endpoints: &[String]) -> Result<(), ApiError> { + for endpoint in endpoints { + if !super::endpoint_exists(config, endpoint) { + return Err(ApiError::not_found( + format!("endoint '{endpoint}' does not exist"), + None, + )); + } + } + + Ok(()) +} + +// groups cannot be empty, so only build the tests if we have the +// sendmail endpoint available +#[cfg(all(test, feature = "sendmail"))] +mod tests { + use super::*; + use crate::api::sendmail::tests::add_sendmail_endpoint_for_test; + use crate::api::test_helpers::*; + + fn add_default_group(config: &mut Config) -> Result<(), ApiError> { + add_sendmail_endpoint_for_test(config, "test")?; + + add_group( + config, + &GroupConfig { + name: "group1".into(), + endpoint: vec!["test".to_string()], + comment: None, + }, + )?; + + Ok(()) + } + + #[test] + fn test_add_group_fails_if_endpoint_does_not_exist() { + let mut config = empty_config(); + assert!(add_group( + &mut config, + &GroupConfig { + name: "group1".into(), + endpoint: vec!["foo".into()], + comment: None, + }, + ) + .is_err()); + } + + #[test] + fn test_add_group() -> Result<(), ApiError> { + let mut config = empty_config(); + assert!(add_default_group(&mut config).is_ok()); + Ok(()) + } + + #[test] + fn test_update_group_fails_if_endpoint_does_not_exist() -> Result<(), ApiError> { + let mut config = empty_config(); + add_default_group(&mut config)?; + + assert!(update_group( + &mut config, + "group1", + &GroupConfigUpdater { + endpoint: Some(vec!["foo".into()]), + ..Default::default() + }, + None, + None + ) + .is_err()); + Ok(()) + } + + #[test] + fn test_update_group_fails_if_digest_invalid() -> Result<(), ApiError> { + let mut config = empty_config(); + add_default_group(&mut config)?; + + assert!(update_group( + &mut config, + "group1", + &Default::default(), + None, + Some(&[0u8; 32]) + ) + .is_err()); + Ok(()) + } + + #[test] + fn test_update_group() -> Result<(), ApiError> { + let mut config = empty_config(); + add_default_group(&mut config)?; + + assert!(update_group( + &mut config, + "group1", + &GroupConfigUpdater { + endpoint: None, + comment: Some("newcomment".into()) + }, + None, + None, + ) + .is_ok()); + let group = get_group(&config, "group1")?; + assert_eq!(group.comment, Some("newcomment".into())); + + assert!(update_group( + &mut config, + "group1", + &Default::default(), + Some(&[DeleteableGroupProperty::Comment]), + None + ) + .is_ok()); + let group = get_group(&config, "group1")?; + assert_eq!(group.comment, None); + + Ok(()) + } + + #[test] + fn test_group_delete() -> Result<(), ApiError> { + let mut config = empty_config(); + add_default_group(&mut config)?; + + assert!(delete_group(&mut config, "group1").is_ok()); + assert!(delete_group(&mut config, "group1").is_err()); + + Ok(()) + } +} diff --git a/proxmox-notify/src/api/mod.rs b/proxmox-notify/src/api/mod.rs index 1a4cc873..ac917910 100644 --- a/proxmox-notify/src/api/mod.rs +++ b/proxmox-notify/src/api/mod.rs @@ -7,6 +7,7 @@ use serde::Serialize; pub mod common; #[cfg(feature = "gotify")] pub mod gotify; +pub mod group; #[cfg(feature = "sendmail")] pub mod sendmail; -- 2.39.2