dumplingmiku/ubicloud
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
cache-temp-keys
ubicloud/helpers/firewall.rb
Jeremy Evans 307a0f6d2f Add Clover#authorized_firewall helper method 
Similer to #authorized_private_subnet, this checks the firewall
is related to the project, is in the given location, and is
authorized for the user.
2025-05-14 07:04:53 +09:00

73 lines
2.1 KiB
Ruby
Raw Permalink Blame History

# frozen_string_literal: true
class Clover
def authorized_firewall(perm: "Firewall:view", location_id: nil)
authorized_object(association: :firewalls, key: "firewall_id", perm:, location_id:)
end
def firewall_list_dataset
dataset_authorize(@project.firewalls_dataset, "Firewall:view")
end
def firewall_list_api_response(dataset)
dataset = dataset.where(location_id: @location.id) if @location
result = dataset.eager(:firewall_rules).paginated_result(
start_after: request.params["start_after"],
page_size: request.params["page_size"],
order_column: request.params["order_column"]
)
{
items: Serializers::Firewall.serialize(result[:records]),
count: result[:count]
}
end
def firewall_post(firewall_name)
authorize("Firewall:create", @project.id)
Validation.validate_name(firewall_name)
description = request.params["description"] || ""
firewall = nil
DB.transaction do
firewall = Firewall.create_with_id(
name: firewall_name,
description:,
location_id: @location.id,
project_id: @project.id
)
audit_log(firewall, "create")
end
if api?
Serializers::Firewall.serialize(firewall)
else
if (private_subnet = authorized_private_subnet(perm: "PrivateSubnet:edit", location_id: @location.id))
firewall.associate_with_private_subnet(private_subnet)
end
flash["notice"] = "'#{firewall_name}' is created"
request.redirect "#{@project.path}#{firewall.path}"
end
end
def generate_firewall_options
options = OptionTreeGenerator.new
options.add_option(name: "name")
options.add_option(name: "description")
options.add_option(name: "location", values: Option.locations)
subnets = dataset_authorize(@project.private_subnets_dataset, "PrivateSubnet:view").map {
{
location_id: it.location_id,
value: it.ubid,
display_name: it.name
}
}
options.add_option(name: "private_subnet_id", values: subnets, parent: "location") do |location, private_subnet|
private_subnet[:location_id] == location.id
end
options.serialize
end
end
Reference in New Issue View Git Blame Copy Permalink