File: networks_acls.go

package info (click to toggle)
incus 6.0.5-1
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid
  • size: 24,392 kB
  • sloc: sh: 16,313; ansic: 3,121; python: 457; makefile: 337; ruby: 51; sql: 50; lisp: 6
file content (132 lines) | stat: -rw-r--r-- 4,311 bytes parent folder | download | duplicates (3) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
 
//go:build linux && cgo && !agent

package cluster

import (
	"context"
	"fmt"
	"net/http"

	"github.com/lxc/incus/v6/shared/api"
)

// Code generation directives.
//generate-database:mapper target networks_acls.mapper.go
//generate-database:mapper reset -i -b "//go:build linux && cgo && !agent"
//
// Statements:
//generate-database:mapper stmt -e NetworkACL objects table=networks_acls
//generate-database:mapper stmt -e NetworkACL objects-by-ID table=networks_acls
//generate-database:mapper stmt -e NetworkACL objects-by-Name table=networks_acls
//generate-database:mapper stmt -e NetworkACL objects-by-Project table=networks_acls
//generate-database:mapper stmt -e NetworkACL objects-by-Project-and-Name table=networks_acls
//generate-database:mapper stmt -e NetworkACL id table=networks_acls
//generate-database:mapper stmt -e NetworkACL create table=networks_acls
//generate-database:mapper stmt -e NetworkACL rename table=networks_acls
//generate-database:mapper stmt -e NetworkACL update table=networks_acls
//generate-database:mapper stmt -e NetworkACL delete-by-ID table=networks_acls
//
// Methods:
//generate-database:mapper method -i -e NetworkACL GetMany references=Config table=networks_acls
//generate-database:mapper method -i -e NetworkACL GetOne table=networks_acls
//generate-database:mapper method -i -e NetworkACL Exists table=networks_acls
//generate-database:mapper method -i -e NetworkACL Create references=Config table=networks_acls
//generate-database:mapper method -i -e NetworkACL ID table=networks_acls
//generate-database:mapper method -i -e NetworkACL Rename table=networks_acls
//generate-database:mapper method -i -e NetworkACL Update references=Config table=networks_acls
//generate-database:mapper method -i -e NetworkACL DeleteOne-by-ID table=networks_acls

// NetworkACL is a value object holding db-related details about a network ACL.
type NetworkACL struct {
	ID          int    `db:"order=yes"`
	ProjectID   int    `db:"omit=create,update"`
	Project     string `db:"primary=yes&join=projects.name"`
	Name        string `db:"primary=yes"`
	Description string
	Ingress     []api.NetworkACLRule `db:"marshal=json"`
	Egress      []api.NetworkACLRule `db:"marshal=json"`
}

// NetworkACLFilter specifies potential query parameter fields.
type NetworkACLFilter struct {
	ID      *int
	Name    *string
	Project *string
}

// ToAPI converts the DB record into the shared/api form.
func (n *NetworkACL) ToAPI(ctx context.Context, db tx) (*api.NetworkACL, error) {
	cfg, err := GetNetworkACLConfig(ctx, db, n.ID)
	if err != nil {
		return nil, err
	}

	out := api.NetworkACL{
		NetworkACLPost: api.NetworkACLPost{
			Name: n.Name,
		},
		NetworkACLPut: api.NetworkACLPut{
			Description: n.Description,
			Config:      cfg,
			Ingress:     n.Ingress,
			Egress:      n.Egress,
		},
	}

	return &out, nil
}

// GetNetworkACLAPI returns the Network ACL API struct for the ACL with the given name in the given project.
func GetNetworkACLAPI(ctx context.Context, db tx, projectName string, name string) (int, *api.NetworkACL, error) {
	acls, err := GetNetworkACLs(ctx, db, NetworkACLFilter{Project: &projectName, Name: &name})
	if err != nil {
		return -1, nil, err
	}

	if len(acls) == 0 {
		return -1, nil, api.StatusErrorf(http.StatusNotFound, "Network ACL not found")
	}

	acl := acls[0]
	apiACL, err := acl.ToAPI(ctx, db)
	if err != nil {
		return -1, nil, fmt.Errorf("Failed loading config: %w", err)
	}

	return acl.ID, apiACL, nil
}

// UpdateNetworkACLAPI updates the Network ACL with the given ID using the provided API struct.
func UpdateNetworkACLAPI(ctx context.Context, db tx, id int64, put *api.NetworkACLPut) error {
	// Fetch existing to recover project and name.
	idInt := int(id)
	acls, err := GetNetworkACLs(ctx, db, NetworkACLFilter{ID: &idInt})
	if err != nil {
		return err
	}

	if len(acls) == 0 {
		return api.StatusErrorf(http.StatusNotFound, "Network ACL not found")
	}

	curr := acls[0]
	upd := NetworkACL{
		Project:     curr.Project,
		Name:        curr.Name,
		Description: put.Description,
		Ingress:     put.Ingress,
		Egress:      put.Egress,
	}

	err = UpdateNetworkACL(ctx, db, curr.Project, curr.Name, upd)
	if err != nil {
		return err
	}

	err = UpdateNetworkACLConfig(ctx, db, id, put.Config)
	if err != nil {
		return err
	}

	return nil
}