[PATCH pve-network 03/13] api2: add prefix list module

[Stefan Hanreich <s.hanreich@proxmox.com>]

Contains the CRUD functionality for prefix lists:

GET /prefix-lists - lists all prefix lists
GET /prefix-lists/<id> - get prefix list <id>
POST /prefix-lists - create a new prefix list
PUT /prefix-lists/<id> - update prefix list <id>
DELETE /prefix-lists/<id> - delete prefix list <id>

Signed-off-by: Stefan Hanreich <s.hanreich@proxmox.com>
---
 src/PVE/API2/Network/SDN.pm             |   7 +
 src/PVE/API2/Network/SDN/Makefile       |  11 +-
 src/PVE/API2/Network/SDN/PrefixLists.pm | 247 ++++++++++++++++++++++++
 3 files changed, 263 insertions(+), 2 deletions(-)
 create mode 100644 src/PVE/API2/Network/SDN/PrefixLists.pm

diff --git a/src/PVE/API2/Network/SDN.pm b/src/PVE/API2/Network/SDN.pm
index 34652a5..d999ad0 100644
--- a/src/PVE/API2/Network/SDN.pm
+++ b/src/PVE/API2/Network/SDN.pm
@@ -22,6 +22,7 @@ use PVE::API2::Network::SDN::Zones;
 use PVE::API2::Network::SDN::Ipams;
 use PVE::API2::Network::SDN::Dns;
 use PVE::API2::Network::SDN::Fabrics;
+use PVE::API2::Network::SDN::PrefixLists;
 
 use base qw(PVE::RESTHandler);
 
@@ -55,6 +56,11 @@ __PACKAGE__->register_method({
     path => 'fabrics',
 });
 
+__PACKAGE__->register_method({
+    subclass => "PVE::API2::Network::SDN::PrefixLists",
+    path => 'prefix-lists',
+});
+
 __PACKAGE__->register_method({
     name => 'index',
     path => '',
@@ -87,6 +93,7 @@ __PACKAGE__->register_method({
             { id => 'ipams' },
             { id => 'dns' },
             { id => 'fabrics' },
+            { id => 'prefix-lists' },
         ];
 
         return $res;
diff --git a/src/PVE/API2/Network/SDN/Makefile b/src/PVE/API2/Network/SDN/Makefile
index 2624d9a..4349c17 100644
--- a/src/PVE/API2/Network/SDN/Makefile
+++ b/src/PVE/API2/Network/SDN/Makefile
@@ -1,5 +1,12 @@
-SOURCES=Vnets.pm Zones.pm Controllers.pm Subnets.pm Ipams.pm Dns.pm Ips.pm Fabrics.pm
-
+SOURCES=Vnets.pm\
+		Zones.pm\
+		Controllers.pm\
+		Subnets.pm\
+		Ipams.pm\
+		Dns.pm\
+		Ips.pm\
+		Fabrics.pm\
+		PrefixLists.pm
 
 PERL5DIR=${DESTDIR}/usr/share/perl5
 
diff --git a/src/PVE/API2/Network/SDN/PrefixLists.pm b/src/PVE/API2/Network/SDN/PrefixLists.pm
new file mode 100644
index 0000000..2ac6481
--- /dev/null
+++ b/src/PVE/API2/Network/SDN/PrefixLists.pm
@@ -0,0 +1,247 @@
+package PVE::API2::Network::SDN::PrefixLists;
+
+use strict;
+use warnings;
+
+use PVE::Exception qw(raise_param_exc);
+use PVE::JSONSchema qw(get_standard_option);
+use PVE::Tools qw(extract_param);
+
+use PVE::RESTHandler;
+use base qw(PVE::RESTHandler);
+
+__PACKAGE__->register_method({
+    name => 'list_prefix_lists',
+    path => '',
+    method => 'GET',
+    permissions => {
+        description =>
+            "Only returns prefix list entries where you have 'Sys.Audit' or 'Sys.Modify' permissions.",
+    },
+    description => "List Prefix Lists",
+    parameters => {
+        properties => {
+            running => {
+                type => 'boolean',
+                optional => 1,
+                description => "Display running config.",
+            },
+            pending => {
+                type => 'boolean',
+                optional => 1,
+                description => "Display pending config.",
+            },
+        },
+    },
+    returns => {
+        type => 'array',
+        items => {
+            type => "object",
+            properties => {},
+        },
+        links => [{ rel => 'child', href => "{id}" }],
+    },
+    code => sub {
+        my ($param) = @_;
+
+        my $pending = extract_param($param, 'pending');
+        my $running = extract_param($param, 'running');
+
+        my $digest;
+        my $prefix_lists;
+
+        if ($pending) {
+            my $current_config = PVE::Network::SDN::PrefixLists::config()->list();
+            my $running_config = PVE::Network::SDN::PrefixLists::config(1)->list();
+
+            my $pending_prefix_lists = PVE::Network::SDN::pending_config(
+                $running_config,
+                $current_config,
+                'prefix-lists',
+            );
+
+            $digest = $current_config->digest();
+            $prefix_lists = $pending_prefix_lists->{ids}
+        } elsif ($running) {
+            $prefix_lists = PVE::Network::SDN::PrefixLists::config(1)->list();
+        } else {
+            my $current_config = PVE::Network::SDN::PrefixLists::config();
+
+            $digest = $current_config->digest();
+            $prefix_lists = $current_config->list();
+        }
+
+        my $rpcenv = PVE::RPCEnvironment::get();
+        my $authuser = $rpcenv->get_user();
+        my $prefix_list_privs = ['SDN.Audit'];
+
+        my @res;
+        for my $prefix_list_id (sort keys $prefix_lists->%*) {
+            next if !$rpcenv->check_any($authuser, "/prefix-lists/$prefix_list_id", $prefix_list_privs, 1);
+            $prefix_lists->{$prefix_list_id}->{digest} = $digest if $digest;
+            push @res, $prefix_lists->{$prefix_list_id};
+        }
+
+        return \@res;
+    },
+});
+
+__PACKAGE__->register_method({
+    name => 'get_prefix_list_entry',
+    path => '{id}',
+    method => 'GET',
+    permissions => {
+        check => ['perm', '/sdn/prefix-lists/{id}', ['SDN.Audit']],
+    },
+    description => "Get Prefix List",
+    parameters => {
+        properties => {
+            id => get_standard_option('pve-sdn-prefix-list-id'),
+        },
+    },
+    returns => {
+        type => "object",
+        properties => {}
+    },
+    code => sub {
+        my ($param) = @_;
+
+        my $prefix_list_id = extract_param($param, 'id');
+        my $prefix_list_entry = PVE::Network::SDN::PrefixLists::config()->get($prefix_list_id);
+
+        raise_param_exc({ 'id' => "$prefix_list_id doesn't exist" })
+            if !$prefix_list_entry;
+
+        return $prefix_list_entry;
+    },
+});
+
+__PACKAGE__->register_method({
+    name => 'create_prefix_list_entry',
+    path => '',
+    method => 'POST',
+    permissions => {
+        check => ['perm', '/sdn/prefix-lists', ['SDN.Allocate']],
+    },
+    description => "Create Prefix List",
+    parameters => {
+        properties => {
+            digest => get_standard_option('pve-config-digest'),
+            'lock-token' => get_standard_option('pve-sdn-lock-token'),
+            PVE::Network::SDN::PrefixLists::prefix_list_properties(0)->%*,
+        },
+    },
+    returns => {
+        type => "null",
+    },
+    code => sub {
+        my ($param) = @_;
+
+        my $lock_token = extract_param($param, 'lock-token');
+
+        PVE::Network::SDN::lock_sdn_config(
+            sub {
+                my $config = PVE::Network::SDN::PrefixLists::config();
+
+                my $digest = extract_param($param, 'digest');
+                PVE::Tools::assert_if_modified($config->digest(), $digest) if $digest;
+
+                $config->create($param);
+                PVE::Network::SDN::PrefixLists::write_config($config);
+            },
+            "creating prefix list failed",
+            $lock_token,
+        );
+
+        return;
+    },
+});
+
+__PACKAGE__->register_method({
+    name => 'update_prefix_list_entry',
+    path => '{id}',
+    method => 'PUT',
+    permissions => {
+        check => ['perm', '/sdn/prefix-lists/{id}', ['SDN.Allocate']],
+    },
+    description => "Update Prefix List",
+    parameters => {
+        properties => {
+            digest => get_standard_option('pve-config-digest'),
+            'lock-token' => get_standard_option('pve-sdn-lock-token'),
+            PVE::Network::SDN::PrefixLists::prefix_list_properties(1)->%*,
+        },
+    },
+    returns => {
+        type => "null",
+    },
+    code => sub {
+        my ($param) = @_;
+
+        my $lock_token = extract_param($param, 'lock-token');
+
+        PVE::Network::SDN::lock_sdn_config(
+            sub {
+                my $config = PVE::Network::SDN::PrefixLists::config();
+
+                my $digest = extract_param($param, 'digest');
+                PVE::Tools::assert_if_modified($config->digest(), $digest) if $digest;
+
+                my $prefix_list_id = extract_param($param, 'id');
+                my $delete = extract_param($param, 'delete');
+
+                $config->update($prefix_list_id, $param, $delete);
+                PVE::Network::SDN::PrefixLists::write_config($config);
+            },
+            "updating prefix list failed",
+            $lock_token,
+        );
+
+        return;
+    },
+});
+
+__PACKAGE__->register_method({
+    name => 'delete_prefix_list_entry',
+    path => '{id}',
+    method => 'DELETE',
+    permissions => {
+        check => ['perm', '/sdn/prefix-lists/{id}', ['SDN.Allocate']],
+    },
+    description => "Delete Prefix List",
+    parameters => {
+        properties => {
+            digest => get_standard_option('pve-config-digest'),
+            'lock-token' => get_standard_option('pve-sdn-lock-token'),
+            id => get_standard_option('pve-sdn-prefix-list-id'),
+        },
+    },
+    returns => {
+        type => "null",
+    },
+    code => sub {
+        my ($param) = @_;
+
+        my $lock_token = extract_param($param, 'lock-token');
+
+        PVE::Network::SDN::lock_sdn_config(
+            sub {
+                my $config = PVE::Network::SDN::PrefixLists::config();
+
+                my $digest = extract_param($param, 'digest');
+                PVE::Tools::assert_if_modified($config->digest(), $digest) if $digest;
+
+                my $prefix_list_id = extract_param($param, 'id');
+
+                $config->delete($prefix_list_id);
+                PVE::Network::SDN::PrefixLists::write_config($config);
+            },
+            "deleting prefix list failed",
+            $lock_token,
+        );
+
+        return;
+    },
+});
+
+1;
-- 
2.47.3