[pve-devel] [PATCH firewall 2/7] api: add locking helpers
Fabian Grünbichler
f.gruenbichler at proxmox.com
Wed Apr 29 10:52:50 CEST 2020
for ipset, rules and alias API generation modules.
Signed-off-by: Fabian Grünbichler <f.gruenbichler at proxmox.com>
---
Notes:
separated from using them for easier reviewing
src/PVE/API2/Firewall/Aliases.pm | 24 ++++++++++++++++
src/PVE/API2/Firewall/IPSet.pm | 48 ++++++++++++++++++++++++++++++++
src/PVE/API2/Firewall/Rules.pm | 36 ++++++++++++++++++++++++
3 files changed, 108 insertions(+)
diff --git a/src/PVE/API2/Firewall/Aliases.pm b/src/PVE/API2/Firewall/Aliases.pm
index 2a66abd..9ea6f70 100644
--- a/src/PVE/API2/Firewall/Aliases.pm
+++ b/src/PVE/API2/Firewall/Aliases.pm
@@ -25,6 +25,12 @@ my $api_properties = {
},
};
+sub lock_config {
+ my ($class, $param, $code) = @_;
+
+ die "implement this in subclass";
+}
+
sub load_config {
my ($class, $param) = @_;
@@ -308,6 +314,12 @@ sub rule_env {
return 'cluster';
}
+sub lock_config {
+ my ($class, $param, $code) = @_;
+
+ PVE::Firewall::lock_clusterfw_conf(10, $code, $param);
+}
+
sub load_config {
my ($class, $param) = @_;
@@ -345,6 +357,12 @@ __PACKAGE__->additional_parameters({
vmid => get_standard_option('pve-vmid'),
});
+sub lock_config {
+ my ($class, $param, $code) = @_;
+
+ PVE::Firewall::lock_vmfw_conf($param->{vmid}, 10, $code, $param);
+}
+
sub load_config {
my ($class, $param) = @_;
@@ -383,6 +401,12 @@ __PACKAGE__->additional_parameters({
vmid => get_standard_option('pve-vmid'),
});
+sub lock_config {
+ my ($class, $param, $code) = @_;
+
+ PVE::Firewall::lock_vmfw_conf($param->{vmid}, 10, $code, $param);
+}
+
sub load_config {
my ($class, $param) = @_;
diff --git a/src/PVE/API2/Firewall/IPSet.pm b/src/PVE/API2/Firewall/IPSet.pm
index e59a6f2..72e7524 100644
--- a/src/PVE/API2/Firewall/IPSet.pm
+++ b/src/PVE/API2/Firewall/IPSet.pm
@@ -25,6 +25,12 @@ my $api_properties = {
},
};
+sub lock_config {
+ my ($class, $param, $code) = @_;
+
+ die "implement this in subclass";
+}
+
sub load_config {
my ($class, $param) = @_;
@@ -353,6 +359,12 @@ sub rule_env {
return 'cluster';
}
+sub lock_config {
+ my ($class, $param, $code) = @_;
+
+ PVE::Firewall::lock_clusterfw_conf(10, $code, $param);
+}
+
sub load_config {
my ($class, $param) = @_;
@@ -390,6 +402,12 @@ __PACKAGE__->additional_parameters({
vmid => get_standard_option('pve-vmid'),
});
+sub lock_config {
+ my ($class, $param, $code) = @_;
+
+ PVE::Firewall::lock_vmfw_conf($param->{vmid}, 10, $code, $param);
+}
+
sub load_config {
my ($class, $param) = @_;
@@ -428,6 +446,12 @@ __PACKAGE__->additional_parameters({
vmid => get_standard_option('pve-vmid'),
});
+sub lock_config {
+ my ($class, $param, $code) = @_;
+
+ PVE::Firewall::lock_vmfw_conf($param->{vmid}, 10, $code, $param);
+}
+
sub load_config {
my ($class, $param) = @_;
@@ -457,6 +481,12 @@ use PVE::Firewall;
use base qw(PVE::RESTHandler);
+sub lock_config {
+ my ($class, $param, $code) = @_;
+
+ die "implement this in subclass";
+}
+
sub load_config {
my ($class, $param) = @_;
@@ -638,6 +668,12 @@ sub rule_env {
return 'cluster';
}
+sub lock_config {
+ my ($class, $param, $code) = @_;
+
+ PVE::Firewall::lock_clusterfw_conf(10, $code, $param);
+}
+
sub load_config {
my ($class, $param) = @_;
@@ -680,6 +716,12 @@ sub rule_env {
return 'vm';
}
+sub lock_config {
+ my ($class, $param, $code) = @_;
+
+ PVE::Firewall::lock_vmfw_conf($param->{vmid}, 10, $code, $param);
+}
+
sub load_config {
my ($class, $param) = @_;
@@ -723,6 +765,12 @@ sub rule_env {
return 'ct';
}
+sub lock_config {
+ my ($class, $param, $code) = @_;
+
+ PVE::Firewall::lock_vmfw_conf($param->{vmid}, 10, $code, $param);
+}
+
sub load_config {
my ($class, $param) = @_;
diff --git a/src/PVE/API2/Firewall/Rules.pm b/src/PVE/API2/Firewall/Rules.pm
index 0e93a4a..1fde596 100644
--- a/src/PVE/API2/Firewall/Rules.pm
+++ b/src/PVE/API2/Firewall/Rules.pm
@@ -17,6 +17,12 @@ my $api_properties = {
},
};
+sub lock_config {
+ my ($class, $param, $code) = @_;
+
+ die "implement this in subclass";
+}
+
sub load_config {
my ($class, $param) = @_;
@@ -380,6 +386,12 @@ sub rule_env {
return 'group';
}
+sub lock_config {
+ my ($class, $param, $code) = @_;
+
+ PVE::Firewall::lock_clusterfw_conf(10, $code, $param);
+}
+
sub load_config {
my ($class, $param) = @_;
@@ -446,6 +458,12 @@ sub rule_env {
return 'cluster';
}
+sub lock_config {
+ my ($class, $param, $code) = @_;
+
+ PVE::Firewall::lock_clusterfw_conf(10, $code, $param);
+}
+
sub load_config {
my ($class, $param) = @_;
@@ -480,6 +498,12 @@ sub rule_env {
return 'host';
}
+sub lock_config {
+ my ($class, $param, $code) = @_;
+
+ PVE::Firewall::lock_hostfw_conf(10, $code, $param);
+}
+
sub load_config {
my ($class, $param) = @_;
@@ -518,6 +542,12 @@ sub rule_env {
return 'vm';
}
+sub lock_config {
+ my ($class, $param, $code) = @_;
+
+ PVE::Firewall::lock_vmfw_conf($param->{vmid}, 10, $code, $param);
+}
+
sub load_config {
my ($class, $param) = @_;
@@ -556,6 +586,12 @@ sub rule_env {
return 'ct';
}
+sub lock_config {
+ my ($class, $param, $code) = @_;
+
+ PVE::Firewall::lock_vmfw_conf($param->{vmid}, 10, $code, $param);
+}
+
sub load_config {
my ($class, $param) = @_;
--
2.20.1
More information about the pve-devel
mailing list