From: Christian Ebner <c.ebner@proxmox.com>
To: Proxmox VE development discussion <pve-devel@lists.proxmox.com>,
Philipp Hufnagl <p.hufnagl@proxmox.com>
Subject: Re: [pve-devel] [PATCH storage v2 4/4] pbs: fix #5008: Check if datastore and namespace is valid on add- and update hooks
Date: Thu, 16 Nov 2023 10:45:58 +0100 (CET) [thread overview]
Message-ID: <362595018.3899.1700127958077@webmail.proxmox.com> (raw)
In-Reply-To: <20231115160042.177037-5-p.hufnagl@proxmox.com>
> On 15.11.2023 17:00 CET Philipp Hufnagl <p.hufnagl@proxmox.com> wrote:
>
>
> This adds a check if the datastore and the namespace is valid when a
> user attempts to add a new PBS datastore.
>
> Since the namespace only can be checked after the datastore is
> validated, the datastore will be checked as well, regardless that it
> will be done later in the superclass anyway.
>
> The functionallity to check namespaces is added with this commit. For
> checking the datastore, existing code that has previously been
> refactored will be reused
>
> Signed-off-by: Philipp Hufnagl <p.hufnagl@proxmox.com>
> ---
> src/PVE/Storage/PBSPlugin.pm | 43 +++++++++++++++++++++++++++++++++++-
> 1 file changed, 42 insertions(+), 1 deletion(-)
>
> diff --git a/src/PVE/Storage/PBSPlugin.pm b/src/PVE/Storage/PBSPlugin.pm
> index 104fe15..fff8bb2 100644
> --- a/src/PVE/Storage/PBSPlugin.pm
> +++ b/src/PVE/Storage/PBSPlugin.pm
> @@ -566,6 +566,11 @@ sub on_add_hook {
> pbs_delete_master_pubkey($scfg, $storeid);
> }
>
> + my $password = pbs_get_password($scfg, $storeid);
> + my $conn = pbs_api_connect($scfg, $password);
> + check_datastore_exists($class, $storeid, $scfg, $password, $conn);
> + check_namespace_exists($class, $storeid, $scfg, $password, $conn);
> +
> return $res;
> }
>
> @@ -614,6 +619,11 @@ sub on_update_hook {
> }
> }
>
> + my $password = pbs_get_password($scfg, $storeid);
> + my $conn = pbs_api_connect($scfg, $password);
> + check_datastore_exists($class, $storeid, $scfg, $password, $conn);
> + check_namespace_exists($class, $storeid, $scfg, $password, $conn);
> +
> return $res;
> }
>
> @@ -819,6 +829,20 @@ sub scan_datastores {
>
> return $response;
> }
> +
> +sub scan_namespaces {
> + my ($scfg, $datastore, $password, $conn) = @_;
> +
> + if (!defined($conn)){
> + $conn = pbs_api_connect($scfg, $password);
> + }
This can be written more compactly as:
$conn = pbs_api_connect($scfg, $password) if !defined($conn);
> +
> + my $namespaces = eval { $conn->get("/api2/json/admin/datastore/$datastore/namespace", {}); };
> + die "error fetching namespaces - $@" if $@;
> +
> + return $namespaces;
> +}
> +
> sub check_datastore_exists {
> my ($class, $storeid, $scfg, $password, $conn) = @_;
>
> @@ -831,10 +855,27 @@ sub check_datastore_exists {
> return 1;
> }
> }
> -
> die "$storeid: Cannot find datastore '$datastore', check permissions and existence!\n";
> }
>
> +sub check_namespace_exists {
> + my ($class, $storeid, $scfg, $password, $conn) = @_;
> +
> + my $datastore = $scfg->{datastore};
> + my $namespace = $scfg->{namespace};
> +
> + my $namespaces = eval { scan_namespaces($scfg, $datastore, $password) };
> + die "$storeid: $@" if $@;
> + return 1 if !defined($namespace);
You can move this before the call to scan_namespaces, no need to fetch them if there is nothing to compare to to begin with.
> +
> + for my $ns (@$namespaces) {
> + if ($ns->{ns} eq $namespace) {
> + return 1;
> + }
> + }
> + die "$storeid: Cannot find namespace '$namespace', check permissions and existence!\n";
> +}
> +
> sub activate_storage {
> my ($class, $storeid, $scfg, $cache) = @_;
>
> --
> 2.39.2
>
>
>
> _______________________________________________
> pve-devel mailing list
> pve-devel@lists.proxmox.com
> https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
next prev parent reply other threads:[~2023-11-16 9:46 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-11-15 16:00 [pve-devel] [PATCH storage v2 0/4] pbs: fix #5008: Prevent adding pbs storage with invalid namespace Philipp Hufnagl
2023-11-15 16:00 ` [pve-devel] [PATCH storage v2 1/4] pbs: Move pbs_api_connect earlyer in the code Philipp Hufnagl
2023-11-15 16:00 ` [pve-devel] [PATCH storage v2 2/4] pbs: Make it possible to reuse PBS connection for datastore API call Philipp Hufnagl
2023-11-16 9:40 ` Christian Ebner
2023-11-15 16:00 ` [pve-devel] [PATCH storage v2 3/4] pbs: Extraxt check_datastore_exists from activate_storage Philipp Hufnagl
2023-11-16 9:43 ` Christian Ebner
2023-11-15 16:00 ` [pve-devel] [PATCH storage v2 4/4] pbs: fix #5008: Check if datastore and namespace is valid on add- and update hooks Philipp Hufnagl
2023-11-16 9:45 ` Christian Ebner [this message]
2023-11-16 9:57 ` Fiona Ebner
2023-11-16 10:45 ` Philipp Hufnagl
2023-11-16 11:04 ` Fiona Ebner
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=362595018.3899.1700127958077@webmail.proxmox.com \
--to=c.ebner@proxmox.com \
--cc=p.hufnagl@proxmox.com \
--cc=pve-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox