-
-
Notifications
You must be signed in to change notification settings - Fork 110
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #230 from jaredhendrickson13/v142
v1.4.2 Fixes & Features
- Loading branch information
Showing
14 changed files
with
607 additions
and
11 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
26 changes: 26 additions & 0 deletions
26
pfSense-pkg-API/files/etc/inc/api/endpoints/APIRoutingGatewayDefault.inc
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,26 @@ | ||
| <?php | ||
| // Copyright 2022 Jared Hendrickson | ||
| // | ||
| // Licensed under the Apache License, Version 2.0 (the "License"); | ||
| // you may not use this file except in compliance with the License. | ||
| // You may obtain a copy of the License at | ||
| // | ||
| // http://www.apache.org/licenses/LICENSE-2.0 | ||
| // | ||
| // Unless required by applicable law or agreed to in writing, software | ||
| // distributed under the License is distributed on an "AS IS" BASIS, | ||
| // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
| // See the License for the specific language governing permissions and | ||
| // limitations under the License. | ||
|
|
||
| require_once("api/framework/APIEndpoint.inc"); | ||
|
|
||
| class APIRoutingGatewayDefault extends APIEndpoint { | ||
| public function __construct() { | ||
| $this->url = "/api/v1/routing/gateway/default"; | ||
| } | ||
|
|
||
| protected function put() { | ||
| return (new APIRoutingGatewayDefaultUpdate())->call(); | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
88 changes: 88 additions & 0 deletions
88
pfSense-pkg-API/files/etc/inc/api/models/APIFirewallRuleFlushUpdate.inc
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,88 @@ | ||
| <?php | ||
| // Copyright 2022 Jared Hendrickson | ||
| // | ||
| // Licensed under the Apache License, Version 2.0 (the "License"); | ||
| // you may not use this file except in compliance with the License. | ||
| // You may obtain a copy of the License at | ||
| // | ||
| // http://www.apache.org/licenses/LICENSE-2.0 | ||
| // | ||
| // Unless required by applicable law or agreed to in writing, software | ||
| // distributed under the License is distributed on an "AS IS" BASIS, | ||
| // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
| // See the License for the specific language governing permissions and | ||
| // limitations under the License. | ||
|
|
||
| require_once("api/framework/APIModel.inc"); | ||
| require_once("api/framework/APIResponse.inc"); | ||
|
|
||
| class APIFirewallRuleFlushUpdate extends APIModel { | ||
| # Create our method constructor | ||
| public function __construct() { | ||
| parent::__construct(); | ||
| $this->privileges = ["page-all", "page-firewall-rules-edit"]; | ||
| $this->change_note = "Flushed and replaced firewall rules via API"; | ||
| } | ||
|
|
||
| public function action() { | ||
| $this->__randomize_tracker(); | ||
| $this->config["filter"]["rule"] = $this->validated_data; | ||
| APITools\sort_firewall_rules(); | ||
| $this->write_config(); | ||
| mark_subsystem_dirty('filter'); | ||
|
|
||
| # Only reload the firewall filter if it was requested by the client | ||
| if ($this->initial_data["apply"] === true) { | ||
| APIFirewallApplyCreate::apply(); | ||
| } | ||
|
|
||
| return APIResponse\get(0, $this->config["filter"]["rule"]); | ||
| } | ||
|
|
||
| public function validate_payload() { | ||
| # Require data to be passed in as an array | ||
| if (is_array($this->initial_data["rules"])) { | ||
| # Require at least one rule to be present | ||
| if (count($this->initial_data["rules"]) >= 1) { | ||
| # Loop through and validate each rule entry requested | ||
| foreach ($this->initial_data["rules"] as $initial_rule) { | ||
| # Check if this entry is valid for creation using the APIFirewallRuleCreate class | ||
| $ent = new APIFirewallRuleCreate(); | ||
| $ent->client = $this->client; | ||
| $ent->initial_data = $initial_rule; | ||
| $ent->validate_payload(false); | ||
|
|
||
| # Check if an occurred while validating this entry | ||
| if ($ent->errors) { | ||
| # Grab the error's return code and raise error including the bad entry in the data field | ||
| $rc = $ent->errors[0]["return"]; | ||
| $this->errors[] = APIResponse\get($rc, $initial_rule); | ||
| break; | ||
| } # Otherwise, if the entry was valid, add it to our validated host overrides | ||
| else { | ||
| $this->validated_data[] = $ent->validated_data; | ||
| } | ||
| } | ||
| } | ||
| # Raise an error if an empty array was passed in | ||
| else { | ||
| $this->errors[] = APIResponse\get(4241); | ||
| } | ||
| } | ||
| # Raise an error if rules were not passed in as an array | ||
| else { | ||
| $this->errors[] = APIResponse\get(4240); | ||
| } | ||
| } | ||
|
|
||
| private function __randomize_tracker() { | ||
| # Capture the current microsecond value as a starting point | ||
| $tracker = (int)microtime(true); | ||
|
|
||
| # Loop through each tracker ID and assign it a unique tracker | ||
| foreach($this->validated_data as $id=>$rule) { | ||
| $this->validated_data[$id]["tracker"] = $tracker; | ||
| $tracker--; | ||
| } | ||
| } | ||
| } |
108 changes: 108 additions & 0 deletions
108
pfSense-pkg-API/files/etc/inc/api/models/APIRoutingGatewayDefaultUpdate.inc
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,108 @@ | ||
| <?php | ||
| // Copyright 2022 Jared Hendrickson | ||
| // | ||
| // Licensed under the Apache License, Version 2.0 (the "License"); | ||
| // you may not use this file except in compliance with the License. | ||
| // You may obtain a copy of the License at | ||
| // | ||
| // http://www.apache.org/licenses/LICENSE-2.0 | ||
| // | ||
| // Unless required by applicable law or agreed to in writing, software | ||
| // distributed under the License is distributed on an "AS IS" BASIS, | ||
| // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
| // See the License for the specific language governing permissions and | ||
| // limitations under the License. | ||
|
|
||
| require_once("api/framework/APIModel.inc"); | ||
| require_once("api/framework/APIResponse.inc"); | ||
|
|
||
|
|
||
| class APIRoutingGatewayDefaultUpdate extends APIModel { | ||
| # Create our method constructor | ||
| public function __construct() { | ||
| parent::__construct(); | ||
| $this->privileges = ["page-all", "page-system-gateways"]; | ||
| $this->change_note = "Set default gateway via API"; | ||
| } | ||
|
|
||
| public function action() { | ||
| # Set the default gateways based on the validated input | ||
| $this->config["gateways"]["defaultgw4"] = $this->validated_data["defaultgw4"]; | ||
| $this->config["gateways"]["defaultgw6"] = $this->validated_data["defaultgw6"]; | ||
|
|
||
| # Write these changes to config and apply if the client requested | ||
| $this->write_config(); | ||
| $this->apply(); | ||
| return APIResponse\get(0, $this->validated_data); | ||
| } | ||
|
|
||
| private function __validate_defaultgw4() { | ||
| # Optionally allow clients to update the 'defaultgw4' value | ||
| if (isset($this->initial_data["defaultgw4"])) { | ||
| # Ensure this is a valid IPv4 gateway | ||
| if (APITools\is_gateway($this->initial_data["defaultgw4"], true) === "inet") { | ||
| $this->validated_data["defaultgw4"] = $this->initial_data["defaultgw4"]; | ||
| } | ||
| # Allow client to set automatic gateway selection | ||
| elseif (in_array($this->initial_data["defaultgw4"], ["", "automatic"])) { | ||
| $this->validated_data["defaultgw4"] = ""; | ||
| } | ||
| # Allow client to set no gateway | ||
| elseif (in_array($this->initial_data["defaultgw4"], ["-", "none"])) { | ||
| $this->validated_data["defaultgw4"] = "-"; | ||
| } | ||
| else { | ||
| $this->errors[] = APIResponse\get(6028); | ||
| } | ||
| } | ||
| } | ||
|
|
||
| private function __validate_defaultgw6() { | ||
| # Optionally allow clients to update the 'defaultgw6' value | ||
| if (isset($this->initial_data["defaultgw6"])) { | ||
| # Ensure this is a valid IPv6 gateway | ||
| if (APITools\is_gateway($this->initial_data["defaultgw6"], true) === "inet6") { | ||
| $this->validated_data["defaultgw6"] = $this->initial_data["defaultgw6"]; | ||
| } | ||
| # Allow client to set automatic gateway selection | ||
| elseif (in_array($this->initial_data["defaultgw6"], ["", "automatic"])) { | ||
| $this->validated_data["defaultgw6"] = ""; | ||
| } | ||
| # Allow client to set no gateway | ||
| elseif (in_array($this->initial_data["defaultgw6"], ["-", "none"])) { | ||
| $this->validated_data["defaultgw6"] = "-"; | ||
| } | ||
| else { | ||
| $this->errors[] = APIResponse\get(6028); | ||
| } | ||
| } | ||
| } | ||
|
|
||
| public function validate_payload() { | ||
| # Fetch existing default gateway values | ||
| $this->validated_data = [ | ||
| "defaultgw4"=>$this->config["gateways"]["defaultgw4"], | ||
| "defaultgw6"=>$this->config["gateways"]["defaultgw6"], | ||
| ]; | ||
|
|
||
| # Validate client input | ||
| $this->__validate_defaultgw4(); | ||
| $this->__validate_defaultgw6(); | ||
| } | ||
|
|
||
| public function apply() { | ||
| # Mark the routing subsystem as changed, clear if applied | ||
| mark_subsystem_dirty("staticroutes"); | ||
|
|
||
| # Optionally allow clients to apply this route immediately if they passed in a true apply value | ||
| # Note: this is a one-off case where this was better to default to true instead of false. | ||
| if ($this->initial_data["apply"] !== false) { | ||
| system_routing_configure(); | ||
| system_resolvconf_generate(); | ||
| filter_configure(); | ||
| setup_gateways_monitor(); | ||
| send_event("service reload dyndnsall"); | ||
| clear_subsystem_dirty("staticroutes"); | ||
| } | ||
| } | ||
| } |
75 changes: 75 additions & 0 deletions
75
pfSense-pkg-API/files/etc/inc/api/models/APIServicesUnboundHostOverrideFlushUpdate.inc
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,75 @@ | ||
| <?php | ||
| // Copyright 2022 Jared Hendrickson | ||
| // | ||
| // Licensed under the Apache License, Version 2.0 (the "License"); | ||
| // you may not use this file except in compliance with the License. | ||
| // You may obtain a copy of the License at | ||
| // | ||
| // http://www.apache.org/licenses/LICENSE-2.0 | ||
| // | ||
| // Unless required by applicable law or agreed to in writing, software | ||
| // distributed under the License is distributed on an "AS IS" BASIS, | ||
| // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
| // See the License for the specific language governing permissions and | ||
| // limitations under the License. | ||
|
|
||
| require_once("api/framework/APIModel.inc"); | ||
| require_once("api/framework/APIResponse.inc"); | ||
|
|
||
| function unbound_override_flush_host_cmp($a, $b) { | ||
| return strcasecmp($a['host'], $b['host']); | ||
| } | ||
|
|
||
| class APIServicesUnboundHostOverrideFlushUpdate extends APIModel { | ||
| # Create our method constructor | ||
| public function __construct() { | ||
| parent::__construct(); | ||
| $this->privileges = ["page-all", "page-services-dnsresolver-edithost"]; | ||
| $this->change_note = "Flushed and replaced DNS Resolver host overrides via API"; | ||
| } | ||
|
|
||
| public function action() { | ||
| # Replace any existing host overrides with the host overrides validated in this request | ||
| $this->config["unbound"]["hosts"] = $this->validated_data; | ||
| usort($this->config["unbound"]["hosts"], "unbound_override_flush_host_cmp"); | ||
| $this->write_config(); | ||
|
|
||
| # Mark the Unbound subsystem as changed. | ||
| mark_subsystem_dirty("unbound"); | ||
|
|
||
| # Apply the changes if requested | ||
| if ($this->initial_data["apply"] === true) { | ||
| (new APIServicesUnboundApplyCreate)->action(); | ||
| } | ||
|
|
||
| return APIResponse\get(0, $this->config["unbound"]["hosts"]); | ||
| } | ||
|
|
||
| public function validate_payload() { | ||
| # Require data to be passed in as an array | ||
| if (is_array($this->initial_data["host_overrides"])) { | ||
| # Loop through each host override entry requested | ||
| foreach ($this->initial_data["host_overrides"] as $initial_host_override) { | ||
| # Check if this entry is valid for creation using the APIServicesUnboundHostOverrideCreate class | ||
| $ent = new APIServicesUnboundHostOverrideCreate(); | ||
| $ent->initial_data = $initial_host_override; | ||
| $ent->validate_payload(); | ||
|
|
||
| # Check if an occurred while validating this entry | ||
| if ($ent->errors) { | ||
| # Grab the error's return code and raise error including the bad entry in the data field | ||
| $rc = $ent->errors[0]["return"]; | ||
| $this->errors[] = APIResponse\get($rc, $initial_host_override); | ||
| break; | ||
| } # Otherwise, if the entry was valid, add it to our validated host overrides | ||
| else { | ||
| $this->validated_data[] = $ent->validated_data; | ||
| } | ||
| } | ||
| } | ||
| # Raise an error if host overrides were not passed in as an array | ||
| else { | ||
| $this->errors[] = APIResponse\get(2098); | ||
| } | ||
| } | ||
| } |
Oops, something went wrong.