mirror of
https://github.com/ubicloud/ubicloud.git
synced 2025-10-05 22:31:57 +08:00
87473a168e
This cleanly separates PostgreSQL private subnets from other private subnets, by using a "PostgreSQL Database: " prefix to the name.
84 lines
2.7 KiB
Ruby
84 lines
2.7 KiB
Ruby
# frozen_string_literal: true
|
|
|
|
class Clover
|
|
def authorized_private_subnet(perm: "PrivateSubnet:view", location_id: nil, key: "private_subnet_id", id: nil)
|
|
authorized_object(association: :private_subnets, key:, perm:, location_id:, id:)
|
|
end
|
|
|
|
def private_subnet_connection_action(type, ubid)
|
|
authorize("PrivateSubnet:#{type}", @ps.id)
|
|
handle_validation_failure("networking/private_subnet/show") { @page = "networking" }
|
|
|
|
id = UBID.to_uuid(ubid)
|
|
if ubid.start_with?("pg")
|
|
unless (pg = authorized_postgres_resource(perm: "Postgres:edit", location_id: @location.id, id:))
|
|
raise CloverError.new(400, "InvalidRequest", "PostgreSQL database subnet to be #{type}ed not found")
|
|
end
|
|
subnet = pg.private_subnet
|
|
name = "PostgreSQL database #{pg.name} subnet"
|
|
elsif (subnet = authorized_private_subnet(perm: "PrivateSubnet:#{type}", id:))
|
|
name = subnet.name
|
|
else
|
|
raise CloverError.new(400, "InvalidRequest", "Subnet to be #{type}ed not found")
|
|
end
|
|
|
|
DB.transaction do
|
|
@ps.send(:"#{type}_subnet", subnet)
|
|
audit_log(@ps, type, pg || subnet)
|
|
end
|
|
|
|
if api?
|
|
Serializers::PrivateSubnet.serialize(@ps)
|
|
else
|
|
flash["notice"] = "#{name} will be #{type}ed in a few seconds"
|
|
request.redirect @ps, "/networking"
|
|
end
|
|
end
|
|
|
|
def private_subnet_list
|
|
dataset = dataset_authorize(@project.private_subnets_dataset, "PrivateSubnet:view")
|
|
|
|
if api?
|
|
dataset = dataset.where(location: @location) if @location
|
|
paginated_result(dataset.eager(nics: :private_subnet), Serializers::PrivateSubnet)
|
|
else
|
|
@pss = dataset.all
|
|
view "networking/private_subnet/index"
|
|
end
|
|
end
|
|
|
|
def private_subnet_post(name)
|
|
authorize("PrivateSubnet:create", @project.id)
|
|
|
|
if (firewall_id = typecast_params.nonempty_str("firewall_id"))
|
|
unless (firewall = authorized_firewall(location_id: @location.id))
|
|
fail Validation::ValidationFailed.new(firewall_id: "Firewall with id \"#{firewall_id}\" and location \"#{@location.display_name}\" is not found")
|
|
end
|
|
end
|
|
|
|
ps = nil
|
|
DB.transaction do
|
|
ps = Prog::Vnet::SubnetNexus.assemble(
|
|
@project.id,
|
|
name:,
|
|
location_id: @location.id,
|
|
firewall_id: firewall&.id
|
|
).subject
|
|
audit_log(ps, "create")
|
|
end
|
|
|
|
if api?
|
|
Serializers::PrivateSubnet.serialize(ps)
|
|
else
|
|
flash["notice"] = "'#{name}' will be ready in a few seconds"
|
|
request.redirect ps
|
|
end
|
|
end
|
|
|
|
def generate_private_subnet_options
|
|
options = OptionTreeGenerator.new
|
|
options.add_option(name: "name")
|
|
options.add_option(name: "location", values: Option.locations)
|
|
options.serialize
|
|
end
|
|
end
|