From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by lists.proxmox.com (Postfix) with ESMTPS id EA099DBF3 for ; Mon, 17 Jul 2023 17:01:27 +0200 (CEST) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 0C4ABF8E6 for ; Mon, 17 Jul 2023 17:01:25 +0200 (CEST) Received: from proxmox-new.maurer-it.com (proxmox-new.maurer-it.com [94.136.29.106]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by firstgate.proxmox.com (Proxmox) with ESMTPS for ; Mon, 17 Jul 2023 17:01:18 +0200 (CEST) Received: from proxmox-new.maurer-it.com (localhost.localdomain [127.0.0.1]) by proxmox-new.maurer-it.com (Proxmox) with ESMTP id E3FB442BAA for ; Mon, 17 Jul 2023 17:01:17 +0200 (CEST) From: Lukas Wagner To: pve-devel@lists.proxmox.com Date: Mon, 17 Jul 2023 16:59:57 +0200 Message-Id: <20230717150051.710464-13-l.wagner@proxmox.com> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20230717150051.710464-1-l.wagner@proxmox.com> References: <20230717150051.710464-1-l.wagner@proxmox.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-SPAM-LEVEL: Spam detection results: 0 AWL -0.125 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DMARC_MISSING 0.1 Missing DMARC policy KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record T_SCC_BODY_TEXT_LINE -0.01 - Subject: [pve-devel] [PATCH v3 proxmox 12/66] notify: api: add API for filters X-BeenThere: pve-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox VE development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 17 Jul 2023 15:01:28 -0000 Signed-off-by: Lukas Wagner --- proxmox-notify/src/api/filter.rs | 231 +++++++++++++++++++++++++++++ proxmox-notify/src/api/gotify.rs | 12 ++ proxmox-notify/src/api/group.rs | 7 + proxmox-notify/src/api/mod.rs | 1 + proxmox-notify/src/api/sendmail.rs | 10 ++ 5 files changed, 261 insertions(+) create mode 100644 proxmox-notify/src/api/filter.rs diff --git a/proxmox-notify/src/api/filter.rs b/proxmox-notify/src/api/filter.rs new file mode 100644 index 00000000..3fcff6b9 --- /dev/null +++ b/proxmox-notify/src/api/filter.rs @@ -0,0 +1,231 @@ +use crate::api::ApiError; +use crate::filter::{DeleteableFilterProperty, FilterConfig, FilterConfigUpdater, FILTER_TYPENAME}; +use crate::Config; + +/// Get a list of all filters +/// +/// The caller is responsible for any needed permission checks. +/// Returns a list of all filters or an `ApiError` if the config is erroneous. +pub fn get_filters(config: &Config) -> Result, ApiError> { + config + .config + .convert_to_typed_array(FILTER_TYPENAME) + .map_err(|e| ApiError::internal_server_error("Could not fetch filters", Some(e.into()))) +} + +/// Get filter with given `name` +/// +/// The caller is responsible for any needed permission checks. +/// Returns the endpoint or an `ApiError` if the filter was not found. +pub fn get_filter(config: &Config, name: &str) -> Result { + config + .config + .lookup(FILTER_TYPENAME, name) + .map_err(|_| ApiError::not_found(format!("filter '{name}' not found"), None)) +} + +/// Add new notification filter. +/// +/// The caller is responsible for any needed permission checks. +/// The caller also responsible for locking the configuration files. +/// Returns an `ApiError` if a filter with the same name already exists or +/// if the filter could not be saved. +pub fn add_filter(config: &mut Config, filter_config: &FilterConfig) -> Result<(), ApiError> { + if get_filter(config, &filter_config.name).is_ok() { + return Err(ApiError::bad_request( + format!("filter '{}' already exists", filter_config.name), + None, + )); + } + + config + .config + .set_data(&filter_config.name, FILTER_TYPENAME, filter_config) + .map_err(|e| { + ApiError::internal_server_error( + format!("could not save filter '{}'", filter_config.name), + Some(e.into()), + ) + })?; + + Ok(()) +} + +/// Update existing filter +/// +/// The caller is responsible for any needed permission checks. +/// The caller also responsible for locking the configuration files. +/// Returns an `ApiError` if the config could not be saved. +pub fn update_filter( + config: &mut Config, + name: &str, + filter_updater: &FilterConfigUpdater, + delete: Option<&[DeleteableFilterProperty]>, + digest: Option<&[u8]>, +) -> Result<(), ApiError> { + super::verify_digest(config, digest)?; + + let mut filter = get_filter(config, name)?; + + if let Some(delete) = delete { + for deleteable_property in delete { + match deleteable_property { + DeleteableFilterProperty::MinSeverity => filter.min_severity = None, + DeleteableFilterProperty::Mode => filter.mode = None, + DeleteableFilterProperty::InvertMatch => filter.invert_match = None, + DeleteableFilterProperty::Comment => filter.comment = None, + } + } + } + + if let Some(min_severity) = filter_updater.min_severity { + filter.min_severity = Some(min_severity); + } + + if let Some(mode) = filter_updater.mode { + filter.mode = Some(mode); + } + + if let Some(invert_match) = filter_updater.invert_match { + filter.invert_match = Some(invert_match); + } + + if let Some(comment) = &filter_updater.comment { + filter.comment = Some(comment.into()); + } + + config + .config + .set_data(name, FILTER_TYPENAME, &filter) + .map_err(|e| { + ApiError::internal_server_error( + format!("could not save filter '{name}'"), + Some(e.into()), + ) + })?; + + Ok(()) +} + +/// Delete existing filter +/// +/// The caller is responsible for any needed permission checks. +/// The caller also responsible for locking the configuration files. +/// Returns an `ApiError` if the filter does not exist. +pub fn delete_filter(config: &mut Config, name: &str) -> Result<(), ApiError> { + // Check if the filter exists + let _ = get_filter(config, name)?; + + config.config.sections.remove(name); + + Ok(()) +} + +#[cfg(test)] +mod tests { + use super::*; + use crate::filter::FilterModeOperator; + use crate::Severity; + + fn empty_config() -> Config { + Config::new("", "").unwrap() + } + + fn config_with_two_filters() -> Config { + Config::new( + " +filter: filter1 + min-severity info + +filter: filter2 + min-severity warning +", + "", + ) + .unwrap() + } + + #[test] + fn test_update_not_existing_returns_error() -> Result<(), ApiError> { + let mut config = empty_config(); + assert!(update_filter(&mut config, "test", &Default::default(), None, None).is_err()); + Ok(()) + } + + #[test] + fn test_update_invalid_digest_returns_error() -> Result<(), ApiError> { + let mut config = config_with_two_filters(); + assert!(update_filter( + &mut config, + "filter1", + &Default::default(), + None, + Some(&[0u8; 32]) + ) + .is_err()); + + Ok(()) + } + + #[test] + fn test_filter_update() -> Result<(), ApiError> { + let mut config = config_with_two_filters(); + + let digest = config.digest; + + update_filter( + &mut config, + "filter1", + &FilterConfigUpdater { + min_severity: Some(Severity::Error), + mode: Some(FilterModeOperator::Or), + invert_match: Some(true), + comment: Some("new comment".into()), + }, + None, + Some(&digest), + )?; + + let filter = get_filter(&config, "filter1")?; + + assert!(matches!(filter.mode, Some(FilterModeOperator::Or))); + assert!(matches!(filter.min_severity, Some(Severity::Error))); + assert_eq!(filter.invert_match, Some(true)); + assert_eq!(filter.comment, Some("new comment".into())); + + // Test property deletion + update_filter( + &mut config, + "filter1", + &Default::default(), + Some(&[ + DeleteableFilterProperty::InvertMatch, + DeleteableFilterProperty::Mode, + DeleteableFilterProperty::InvertMatch, + DeleteableFilterProperty::MinSeverity, + DeleteableFilterProperty::Comment, + ]), + Some(&digest), + )?; + + let filter = get_filter(&config, "filter1")?; + + assert_eq!(filter.invert_match, None); + assert_eq!(filter.min_severity, None); + assert!(matches!(filter.mode, None)); + assert_eq!(filter.comment, None); + + Ok(()) + } + + #[test] + fn test_filter_delete() -> Result<(), ApiError> { + let mut config = config_with_two_filters(); + + delete_filter(&mut config, "filter1")?; + assert!(delete_filter(&mut config, "filter1").is_err()); + assert_eq!(get_filters(&config)?.len(), 1); + + Ok(()) + } +} diff --git a/proxmox-notify/src/api/gotify.rs b/proxmox-notify/src/api/gotify.rs index fdb9cf53..d6f33064 100644 --- a/proxmox-notify/src/api/gotify.rs +++ b/proxmox-notify/src/api/gotify.rs @@ -53,6 +53,11 @@ pub fn add_endpoint( )); } + if let Some(filter) = &endpoint_config.filter { + // Check if filter exists + super::filter::get_filter(config, filter)?; + } + set_private_config_entry(config, private_endpoint_config)?; config @@ -112,6 +117,13 @@ pub fn update_endpoint( endpoint.comment = Some(comment.into()); } + if let Some(filter) = &endpoint_config_updater.filter { + // Check if filter exists + let _ = super::filter::get_filter(config, filter)?; + + endpoint.filter = Some(filter.into()); + } + config .config .set_data(name, GOTIFY_TYPENAME, &endpoint) diff --git a/proxmox-notify/src/api/group.rs b/proxmox-notify/src/api/group.rs index d62167ab..fe3de12f 100644 --- a/proxmox-notify/src/api/group.rs +++ b/proxmox-notify/src/api/group.rs @@ -45,6 +45,11 @@ pub fn add_group(config: &mut Config, group_config: &GroupConfig) -> Result<(), )); } + if let Some(filter) = &group_config.filter { + // Check if filter exists + super::filter::get_filter(config, filter)?; + } + check_if_endpoints_exist(config, &group_config.endpoint)?; config @@ -101,6 +106,8 @@ pub fn update_group( } if let Some(filter) = &updater.filter { + // Check if filter exists + let _ = super::filter::get_filter(config, filter)?; group.filter = Some(filter.into()); } diff --git a/proxmox-notify/src/api/mod.rs b/proxmox-notify/src/api/mod.rs index ac917910..12811baf 100644 --- a/proxmox-notify/src/api/mod.rs +++ b/proxmox-notify/src/api/mod.rs @@ -5,6 +5,7 @@ use crate::Config; use serde::Serialize; pub mod common; +pub mod filter; #[cfg(feature = "gotify")] pub mod gotify; pub mod group; diff --git a/proxmox-notify/src/api/sendmail.rs b/proxmox-notify/src/api/sendmail.rs index 3917a2e3..6b0323e3 100644 --- a/proxmox-notify/src/api/sendmail.rs +++ b/proxmox-notify/src/api/sendmail.rs @@ -40,6 +40,11 @@ pub fn add_endpoint(config: &mut Config, endpoint: &SendmailConfig) -> Result<() )); } + if let Some(filter) = &endpoint.filter { + // Check if filter exists + super::filter::get_filter(config, filter)?; + } + config .config .set_data(&endpoint.name, SENDMAIL_TYPENAME, endpoint) @@ -96,6 +101,11 @@ pub fn update_endpoint( endpoint.comment = Some(comment.into()); } + if let Some(filter) = &updater.filter { + let _ = super::filter::get_filter(config, filter)?; + endpoint.filter = Some(filter.into()); + } + config .config .set_data(name, SENDMAIL_TYPENAME, &endpoint) -- 2.39.2