[pve-devel] [PATCH storage v3 08/10] api: allow ova upload/download

Fabian Grünbichler f.gruenbichler at proxmox.com
Wed May 22 12:20:47 CEST 2024 

On April 29, 2024 1:21 pm, Dominik Csapak wrote:
> introducing a separate regex that only contains ova, since
> upload/downloading ovfs does not make sense (since the disks are then
> missing).
> 
> Signed-off-by: Dominik Csapak <d.csapak at proxmox.com>
> ---
>  src/PVE/API2/Storage/Status.pm | 18 ++++++++++++++----
>  src/PVE/Storage.pm             | 11 +++++++++++
>  2 files changed, 25 insertions(+), 4 deletions(-)
> 
> diff --git a/src/PVE/API2/Storage/Status.pm b/src/PVE/API2/Storage/Status.pm
> index acde730..6c0c1e5 100644
> --- a/src/PVE/API2/Storage/Status.pm
> +++ b/src/PVE/API2/Storage/Status.pm
> @@ -369,7 +369,7 @@ __PACKAGE__->register_method ({
>      name => 'upload',
>      path => '{storage}/upload',
>      method => 'POST',
> -    description => "Upload templates and ISO images.",
> +    description => "Upload templates, ISO images and OVAs.",
>      permissions => {
>  	check => ['perm', '/storage/{storage}', ['Datastore.AllocateTemplate']],
>      },
> @@ -382,7 +382,7 @@ __PACKAGE__->register_method ({
>  	    content => {
>  		description => "Content type.",
>  		type => 'string', format => 'pve-storage-content',
> -		enum => ['iso', 'vztmpl'],
> +		enum => ['iso', 'vztmpl', 'import'],
>  	    },
>  	    filename => {
>  		description => "The name of the file to create. Caution: This will be normalized!",
> @@ -448,6 +448,11 @@ __PACKAGE__->register_method ({
>  		raise_param_exc({ filename => "wrong file extension" });
>  	    }
>  	    $path = PVE::Storage::get_vztmpl_dir($cfg, $param->{storage});
> +	} elsif ($content eq 'import') {
> +	    if ($filename !~ m![^/]+$PVE::Storage::UPLOAD_IMPORT_EXT_RE_1$!) {
> +		raise_param_exc({ filename => "wrong file extension" });
> +	    }
> +	    $path = PVE::Storage::get_import_dir($cfg, $param->{storage});
>  	} else {
>  	    raise_param_exc({ content => "upload content type '$content' not allowed" });
>  	}
> @@ -544,7 +549,7 @@ __PACKAGE__->register_method({
>      name => 'download_url',
>      path => '{storage}/download-url',
>      method => 'POST',
> -    description => "Download templates and ISO images by using an URL.",
> +    description => "Download templates, ISO images and OVAs by using an URL.",
>      proxyto => 'node',
>      permissions => {
>  	description => 'Requires allocation access on the storage and as this allows one to probe'
> @@ -572,7 +577,7 @@ __PACKAGE__->register_method({
>  	    content => {
>  		description => "Content type.", # TODO: could be optional & detected in most cases
>  		type => 'string', format => 'pve-storage-content',
> -		enum => ['iso', 'vztmpl'],
> +		enum => ['iso', 'vztmpl', 'import'],
>  	    },
>  	    filename => {
>  		description => "The name of the file to create. Caution: This will be normalized!",
> @@ -642,6 +647,11 @@ __PACKAGE__->register_method({
>  		raise_param_exc({ filename => "wrong file extension" });
>  	    }
>  	    $path = PVE::Storage::get_vztmpl_dir($cfg, $storage);
> +	} elsif ($content eq 'import') {
> +	    if ($filename !~ m![^/]+$PVE::Storage::UPLOAD_IMPORT_EXT_RE_1$!) {

was a bit stumped here, but the others have it as well - $filename is
normalized first and that removes any slashes anyway. this also means
uploaded OVAs only have a subset of characters compared to what we
accept otherwise. do we still want to be extra-cautious in case we relax
the normalization in the future, and check for the same characters we
allow otherwise? would be rather weird if users can upload files but
possible not even see them afterwards ^^

> +		raise_param_exc({ filename => "wrong file extension" });
> +	    }
> +	    $path = PVE::Storage::get_import_dir($cfg, $param->{storage});
>  	} else {
>  	    raise_param_exc({ content => "upload content-type '$content' is not allowed" });
>  	}
> diff --git a/src/PVE/Storage.pm b/src/PVE/Storage.pm
> index adc1b45..31b2ad5 100755
> --- a/src/PVE/Storage.pm
> +++ b/src/PVE/Storage.pm
> @@ -116,6 +116,8 @@ our $BACKUP_EXT_RE_2 = qr/\.(tgz|(?:tar|vma)(?:\.(${\PVE::Storage::Plugin::COMPR
>  
>  our $IMPORT_EXT_RE_1 = qr/\.(ova|ovf|qcow2|raw|vmdk)/;
>  
> +our $UPLOAD_IMPORT_EXT_RE_1 = qr/\.(ova)/;
> +
>  our $SAFE_CHAR_CLASS_RE = qr/[a-zA-Z0-9\-\.\+\=\_]/;
>  
>  # FIXME remove with PVE 8.0, add versioned breaks for pve-manager
> @@ -464,6 +466,15 @@ sub get_iso_dir {
>      return $plugin->get_subdir($scfg, 'iso');
>  }
>  
> +sub get_import_dir {
> +    my ($cfg, $storeid) = @_;
> +
> +    my $scfg = storage_config($cfg, $storeid);
> +    my $plugin = PVE::Storage::Plugin->lookup($scfg->{type});
> +
> +    return $plugin->get_subdir($scfg, 'import');
> +}
> +
>  sub get_vztmpl_dir {
>      my ($cfg, $storeid) = @_;
>  
> -- 
> 2.39.2
> 
> 
> 
> _______________________________________________
> pve-devel mailing list
> pve-devel at lists.proxmox.com
> https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
> 
> 
>

More information about the pve-devel mailing list