ws-recursor.cc: Split apiServerConfigACL to GET and PUT variant

author Aki Tuomi <cmouse@cmouse.fi>

Wed, 23 Aug 2023 12:57:46 +0000 (15:57 +0300)

committer Aki Tuomi <cmouse@cmouse.fi>

Fri, 15 Dec 2023 09:45:57 +0000 (11:45 +0200)
author Aki Tuomi <cmouse@cmouse.fi>
Wed, 23 Aug 2023 12:57:46 +0000 (15:57 +0300)
committer Aki Tuomi <cmouse@cmouse.fi>
Fri, 15 Dec 2023 09:45:57 +0000 (11:45 +0200)
diff --git a/pdns/recursordist/ws-recursor.cc b/pdns/recursordist/ws-recursor.cc

index feabb16dd0822cfc2358af094bb6ff25683dee70..41bcdd770297d16aff7bb7cd97524945d587b145 100644 (file)
--- a/pdns/recursordist/ws-recursor.cc
+++ b/pdns/recursordist/ws-recursor.cc
@@ -86,91 +86,100 @@ static void apiWriteConfigFile(const string& filebasename, const string& content
    ofconf.close();
  }
  
-static void apiServerConfigACL(const std::string& aclType, HttpRequest* req, HttpResponse* resp)
+static void apiServerConfigACLGET(const std::string& aclType, HttpRequest* /* req */, HttpResponse* resp)
  {
-  if (req->method == "PUT") {
-    Json document = req->json();
+  // Return currently configured ACLs
+  vector<string> entries;
+  if (t_allowFrom && aclType == "allow-from") {
+    entries = t_allowFrom->toStringVector();
+  }
+  else if (t_allowNotifyFrom && aclType == "allow-notify-from") {
+    entries = t_allowNotifyFrom->toStringVector();
+  }
  
-    auto jlist = document["value"];
-    if (!jlist.is_array()) {
-      throw ApiException("'value' must be an array");
-    }
+  resp->setJsonBody(Json::object{
+    {"name", aclType},
+    {"value", entries},
+  });
+}
  
-    if (g_yamlSettings) {
-      ::rust::Vec<::rust::String> vec;
-      for (const auto& value : jlist.array_items()) {
-        vec.emplace_back(value.string_value());
-      }
+static void apiServerConfigACLPUT(const std::string& aclType, HttpRequest* req, HttpResponse* resp)
+{
+  const auto& document = req->json();
+
+  const auto& jlist = document["value"];
+
+  if (!jlist.is_array()) {
+    throw ApiException("'value' must be an array");
+  }
+
+  if (g_yamlSettings) {
+    ::rust::Vec<::rust::String> vec;
+    for (const auto& value : jlist.array_items()) {
+      vec.emplace_back(value.string_value());
+    }
  
+    try {
+      ::pdns::rust::settings::rec::validate_allow_from(aclType, vec);
+    }
+    catch (const ::rust::Error& e) {
+      throw ApiException(string("Unable to convert: ") + e.what());
+    }
+    ::rust::String yaml;
+    if (aclType == "allow-from") {
+      yaml = pdns::rust::settings::rec::allow_from_to_yaml_string_incoming("allow_from", "allow_from_file", vec);
+    }
+    else {
+      yaml = pdns::rust::settings::rec::allow_from_to_yaml_string_incoming("allow_notify_from", "allow_notify_from_file", vec);
+    }
+    apiWriteConfigFile(aclType, string(yaml));
+  }
+  else {
+    NetmaskGroup nmg;
+    for (const auto& value : jlist.array_items()) {
        try {
-        ::pdns::rust::settings::rec::validate_allow_from(aclType, vec);
-      }
-      catch (const ::rust::Error& e) {
-        throw ApiException(string("Unable to convert: ") + e.what());
+        nmg.addMask(value.string_value());
        }
-      ::rust::String yaml;
-      if (aclType == "allow-from") {
-        yaml = pdns::rust::settings::rec::allow_from_to_yaml_string_incoming("allow_from", "allow_from_file", vec);
-      }
-      else {
-        yaml = pdns::rust::settings::rec::allow_from_to_yaml_string_incoming("allow_notify_from", "allow_notify_from_file", vec);
+      catch (const NetmaskException& e) {
+        throw ApiException(e.reason);
        }
-      apiWriteConfigFile(aclType, string(yaml));
      }
-    else {
-      NetmaskGroup nmg;
-      for (const auto& value : jlist.array_items()) {
-        try {
-          nmg.addMask(value.string_value());
-        }
-        catch (const NetmaskException& e) {
-          throw ApiException(e.reason);
-        }
-      }
  
-      ostringstream strStream;
+    ostringstream strStream;
  
-      // Clear <foo>-from-file if set, so our changes take effect
-      strStream << aclType << "-file=" << endl;
+    // Clear <foo>-from-file if set, so our changes take effect
+    strStream << aclType << "-file=" << endl;
  
-      // Clear ACL setting, and provide a "parent" value
-      strStream << aclType << "=" << endl;
-      strStream << aclType << "+=" << nmg.toString() << endl;
+    // Clear ACL setting, and provide a "parent" value
+    strStream << aclType << "=" << endl;
+    strStream << aclType << "+=" << nmg.toString() << endl;
  
-      apiWriteConfigFile(aclType, strStream.str());
-    }
+    apiWriteConfigFile(aclType, strStream.str());
+  }
  
-    parseACLs();
+  parseACLs();
  
-    // fall through to GET
-  }
-  else if (req->method != "GET") {
-    throw HttpMethodNotAllowedException();
-  }
+  apiServerConfigACLGET(aclType, req, resp);
+}
  
-  // Return currently configured ACLs
-  vector<string> entries;
-  if (t_allowFrom && aclType == "allow-from") {
-    entries = t_allowFrom->toStringVector();
-  }
-  else if (t_allowNotifyFrom && aclType == "allow-notify-from") {
-    entries = t_allowNotifyFrom->toStringVector();
-  }
+static void apiServerConfigAllowFromGET(HttpRequest* req, HttpResponse* resp)
+{
+  apiServerConfigACLGET("allow-from", req, resp);
+}
  
-  resp->setJsonBody(Json::object{
-    {"name", aclType},
-    {"value", entries},
-  });
+static void apiServerConfigAllowNotifyFromGET(HttpRequest* req, HttpResponse* resp)
+{
+  apiServerConfigACLGET("allow-notify-from", req, resp);
  }
  
-static void apiServerConfigAllowFrom(HttpRequest* req, HttpResponse* resp)
+static void apiServerConfigAllowFromPUT(HttpRequest* req, HttpResponse* resp)
  {
-  apiServerConfigACL("allow-from", req, resp);
+  apiServerConfigACLPUT("allow-from", req, resp);
  }
  
-static void apiServerConfigAllowNotifyFrom(HttpRequest* req, HttpResponse* resp)
+static void apiServerConfigAllowNotifyFromPUT(HttpRequest* req, HttpResponse* resp)
  {
-  apiServerConfigACL("allow-notify-from", req, resp);
+  apiServerConfigACLPUT("allow-notify-from", req, resp);
  }
  
  static void fillZone(const DNSName& zonename, HttpResponse* resp)
@@ -1305,10 +1314,10 @@ RecursorWebServer::RecursorWebServer(FDMultiplexer* fdm)
    d_ws->registerApiHandler(
      "/jsonstat", [](HttpRequest* req, HttpResponse* resp) { jsonstat(req, resp); }, "GET", true);
    d_ws->registerApiHandler("/api/v1/servers/localhost/cache/flush", apiServerCacheFlush, "PUT");
-  d_ws->registerApiHandler("/api/v1/servers/localhost/config/allow-from", apiServerConfigAllowFrom, "PUT");
-  d_ws->registerApiHandler("/api/v1/servers/localhost/config/allow-from", apiServerConfigAllowFrom, "GET");
-  d_ws->registerApiHandler("/api/v1/servers/localhost/config/allow-notify-from", apiServerConfigAllowNotifyFrom, "GET");
-  d_ws->registerApiHandler("/api/v1/servers/localhost/config/allow-notify-from", apiServerConfigAllowNotifyFrom, "PUT");
+  d_ws->registerApiHandler("/api/v1/servers/localhost/config/allow-from", apiServerConfigAllowFromPUT, "PUT");
+  d_ws->registerApiHandler("/api/v1/servers/localhost/config/allow-from", apiServerConfigAllowFromGET, "GET");
+  d_ws->registerApiHandler("/api/v1/servers/localhost/config/allow-notify-from", apiServerConfigAllowNotifyFromGET, "GET");
+  d_ws->registerApiHandler("/api/v1/servers/localhost/config/allow-notify-from", apiServerConfigAllowNotifyFromPUT, "PUT");
    d_ws->registerApiHandler("/api/v1/servers/localhost/config", apiServerConfig, "GET");
    d_ws->registerApiHandler("/api/v1/servers/localhost/rpzstatistics", apiServerRPZStats, "GET");
    d_ws->registerApiHandler("/api/v1/servers/localhost/search-data", apiServerSearchData, "GET");
author	Aki Tuomi <cmouse@cmouse.fi>
	Wed, 23 Aug 2023 12:57:46 +0000 (15:57 +0300)
committer	Aki Tuomi <cmouse@cmouse.fi>
	Fri, 15 Dec 2023 09:45:57 +0000 (11:45 +0200)