30247a3800
This makes it easier for developers new to the codebase to easily get important information on the model's table in the same file as the model code. To ensure the model annotations stay accurate, run them on test_up/test_down. In CI, regenerate the annotations, and check for no changes, similar to how the linters work.
94 lines
2.7 KiB
Ruby
94 lines
2.7 KiB
Ruby
# frozen_string_literal: true
|
|
|
|
require_relative "../model"
|
|
|
|
class Firewall < Sequel::Model
|
|
one_to_many :firewall_rules, key: :firewall_id
|
|
many_to_many :private_subnets
|
|
|
|
plugin :association_dependencies, firewall_rules: :destroy
|
|
|
|
include ResourceMethods
|
|
include Authorization::TaggableMethods
|
|
include Authorization::HyperTagMethods
|
|
def hyper_tag_name(project)
|
|
"project/#{project.ubid}/location/#{display_location}/firewall/#{name}"
|
|
end
|
|
|
|
dataset_module Pagination
|
|
dataset_module Authorization::Dataset
|
|
|
|
def display_location
|
|
LocationNameConverter.to_display_name(location)
|
|
end
|
|
|
|
def path
|
|
"/location/#{display_location}/firewall/#{name}"
|
|
end
|
|
|
|
def remove_firewall_rule(firewall_rule)
|
|
firewall_rule.destroy
|
|
private_subnets.map(&:incr_update_firewall_rules)
|
|
end
|
|
|
|
def insert_firewall_rule(cidr, port_range)
|
|
fwr = FirewallRule.create_with_id(
|
|
firewall_id: id,
|
|
cidr: cidr,
|
|
port_range: port_range
|
|
)
|
|
|
|
private_subnets.each(&:incr_update_firewall_rules)
|
|
fwr
|
|
end
|
|
|
|
def replace_firewall_rules(new_firewall_rules)
|
|
firewall_rules.each(&:destroy)
|
|
new_firewall_rules.each do |fwr|
|
|
FirewallRule.create_with_id(
|
|
firewall_id: id,
|
|
cidr: fwr[:cidr],
|
|
port_range: fwr[:port_range]
|
|
)
|
|
end
|
|
|
|
private_subnets.each(&:incr_update_firewall_rules)
|
|
end
|
|
|
|
def destroy
|
|
DB.transaction do
|
|
private_subnets.each(&:incr_update_firewall_rules)
|
|
projects.each { |p| dissociate_with_project(p) }
|
|
FirewallsPrivateSubnets.where(firewall_id: id).all.each(&:destroy)
|
|
super
|
|
end
|
|
end
|
|
|
|
def associate_with_private_subnet(private_subnet, apply_firewalls: true)
|
|
add_private_subnet(private_subnet)
|
|
private_subnet.incr_update_firewall_rules if apply_firewalls
|
|
end
|
|
|
|
def disassociate_from_private_subnet(private_subnet, apply_firewalls: true)
|
|
FirewallsPrivateSubnets.where(
|
|
private_subnet_id: private_subnet.id,
|
|
firewall_id: id
|
|
).destroy
|
|
|
|
private_subnet.incr_update_firewall_rules if apply_firewalls
|
|
end
|
|
end
|
|
|
|
# Table: firewall
|
|
# Columns:
|
|
# id | uuid | PRIMARY KEY
|
|
# name | text | NOT NULL DEFAULT 'Default'::text
|
|
# description | text | NOT NULL DEFAULT 'Default firewall'::text
|
|
# created_at | timestamp without time zone | NOT NULL DEFAULT CURRENT_TIMESTAMP
|
|
# location | text | NOT NULL
|
|
# Indexes:
|
|
# firewall_pkey | PRIMARY KEY btree (id)
|
|
# Referenced By:
|
|
# firewall_rule | firewall_rule_firewall_id_fkey | (firewall_id) REFERENCES firewall(id)
|
|
# firewalls_private_subnets | firewalls_private_subnets_firewall_id_fkey | (firewall_id) REFERENCES firewall(id)
|