@xen-orchestra/rest-api 0.28.2 → 0.30.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (55) hide show
  1. package/README.md +108 -1
  2. package/dist/abstract-classes/base-controller.mjs +28 -3
  3. package/dist/abstract-classes/listener.mjs +124 -15
  4. package/dist/acl-privileges/acl-privilege.controller.mjs +172 -0
  5. package/dist/acl-roles/acl-role.controller.mjs +384 -0
  6. package/dist/alarms/alarm.controller.mjs +25 -11
  7. package/dist/alarms/alarm.service.mjs +8 -0
  8. package/dist/backup-archives/backup-archive.controller.mjs +33 -23
  9. package/dist/backup-archives/backup-archive.service.mjs +21 -0
  10. package/dist/backup-jobs/backup-job.controller.mjs +74 -25
  11. package/dist/backup-jobs/backup-job.service.mjs +7 -0
  12. package/dist/backup-logs/backup-log.controller.mjs +28 -13
  13. package/dist/backup-logs/backup-log.service.mjs +19 -0
  14. package/dist/backup-repositories/backup-repositories.controller.mjs +24 -5
  15. package/dist/events/event.class.mjs +36 -18
  16. package/dist/events/event.controller.mjs +3 -0
  17. package/dist/events/event.service.mjs +4 -4
  18. package/dist/groups/group.controller.mjs +99 -12
  19. package/dist/helpers/markdown.helper.mjs +20 -0
  20. package/dist/helpers/object-wrapper.helper.mjs +3 -3
  21. package/dist/hosts/host.controller.mjs +90 -15
  22. package/dist/ioc/ioc.mjs +13 -4
  23. package/dist/messages/message.controller.mjs +32 -10
  24. package/dist/middlewares/acl.middleware.mjs +202 -0
  25. package/dist/middlewares/authentication.middleware.mjs +15 -6
  26. package/dist/middlewares/tsoa-to-xo-error.middleware.mjs +19 -1
  27. package/dist/networks/network.controller.mjs +72 -17
  28. package/dist/open-api/oa-examples/acl-privilege.oa-example.mjs +25 -0
  29. package/dist/open-api/oa-examples/acl-role.oa-example.mjs +22 -0
  30. package/dist/open-api/oa-examples/backup-archive.oa-example.mjs +6 -6
  31. package/dist/open-api/oa-examples/common.oa-example.mjs +3 -0
  32. package/dist/open-api/routes/routes.js +856 -172
  33. package/dist/pbds/pbd.controller.mjs +20 -5
  34. package/dist/pcis/pci.controller.mjs +19 -5
  35. package/dist/pgpus/pgpu.controller.mjs +19 -5
  36. package/dist/pifs/pif.controller.mjs +56 -16
  37. package/dist/pools/pool.controller.mjs +166 -17
  38. package/dist/proxies/proxy.controller.mjs +25 -6
  39. package/dist/restore-logs/restore-log.controller.mjs +42 -23
  40. package/dist/schedules/schedule.controller.mjs +36 -5
  41. package/dist/servers/server.controller.mjs +71 -9
  42. package/dist/sms/sm.controller.mjs +17 -4
  43. package/dist/srs/sr.controller.mjs +74 -18
  44. package/dist/tasks/task.controller.mjs +74 -13
  45. package/dist/users/user.controller.mjs +124 -22
  46. package/dist/vbds/vbd.controller.mjs +76 -38
  47. package/dist/vdi-snapshots/vdi-snapshot.controller.mjs +48 -14
  48. package/dist/vdis/vdi.controller.mjs +81 -16
  49. package/dist/vifs/vif.controller.mjs +118 -16
  50. package/dist/vm-controller/vm-controller.controller.mjs +77 -19
  51. package/dist/vm-snapshots/vm-snapshot.controller.mjs +85 -18
  52. package/dist/vm-templates/vm-template.controller.mjs +86 -18
  53. package/dist/vms/vm.controller.mjs +182 -24
  54. package/open-api/spec/swagger.json +12112 -3537
  55. package/package.json +12 -11
@@ -9,8 +9,9 @@ var __param = (this && this.__param) || function (paramIndex, decorator) {
9
9
  };
10
10
  import { inject } from 'inversify';
11
11
  import { provide } from 'inversify-binding-decorators';
12
- import { Route, Security, Request, Response, Get, Query, Path, Tags, Example, Post, SuccessResponse } from 'tsoa';
13
- import { asynchronousActionResp, badRequestResp, internalServerErrorResp, invalidParameters as invalidParametersResp, noContentResp, notFoundResp, unauthorizedResp, } from '../open-api/common/response.common.mjs';
12
+ import { Middlewares, Route, Security, Request, Response, Get, Query, Path, Tags, Example, Post, SuccessResponse } from 'tsoa';
13
+ import { acl } from '../middlewares/acl.middleware.mjs';
14
+ import { asynchronousActionResp, badRequestResp, internalServerErrorResp, invalidParameters as invalidParametersResp, noContentResp, forbiddenOperationResp, notFoundResp, unauthorizedResp, } from '../open-api/common/response.common.mjs';
14
15
  import { RestApi } from '../rest-api/rest-api.mjs';
15
16
  import { XapiXoController } from '../abstract-classes/xapi-xo-controller.mjs';
16
17
  import { partialPbds, pbd, pbdIds } from '../open-api/oa-examples/pbd.oa-example.mjs';
@@ -20,14 +21,23 @@ let PbdController = class PbdController extends XapiXoController {
20
21
  super('PBD', restApi);
21
22
  }
22
23
  /**
24
+ * Returns all PBDs that match the following privilege:
25
+ * - resource: pbd, action: read
26
+ *
23
27
  * @example fields "attached,id,device_config"
24
28
  * @example filter "attached?"
25
29
  * @example limit 42
26
30
  */
27
- getPbds(req, fields, ndjson, filter, limit) {
28
- return this.sendObjects(Object.values(this.getObjects({ filter, limit })), req);
31
+ getPbds(req, fields, ndjson, markdown, filter, limit) {
32
+ return this.sendObjects(Object.values(this.getObjects({ filter })), req, {
33
+ limit,
34
+ privilege: { action: 'read', resource: 'pbd' },
35
+ });
29
36
  }
30
37
  /**
38
+ * Required privilege:
39
+ * - resource: pbd, action: read
40
+ *
31
41
  * @example id "16b2a60f-7c4d-f45f-7c7a-963b06fc587d"
32
42
  */
33
43
  getPbd(id) {
@@ -74,15 +84,20 @@ __decorate([
74
84
  Example(pbdIds),
75
85
  Example(partialPbds),
76
86
  Get(''),
87
+ Security('*', ['acl']),
77
88
  __param(0, Request()),
78
89
  __param(1, Query()),
79
90
  __param(2, Query()),
80
91
  __param(3, Query()),
81
- __param(4, Query())
92
+ __param(4, Query()),
93
+ __param(5, Query())
82
94
  ], PbdController.prototype, "getPbds", null);
83
95
  __decorate([
84
96
  Example(pbd),
85
97
  Get('{id}'),
98
+ Middlewares(acl({ resource: 'pbd', action: 'read', objectId: 'params.id' })),
99
+ Response(forbiddenOperationResp.status, forbiddenOperationResp.description),
100
+ Response(notFoundResp.status, notFoundResp.description),
86
101
  __param(0, Path())
87
102
  ], PbdController.prototype, "getPbd", null);
88
103
  __decorate([
@@ -7,10 +7,11 @@ var __decorate = (this && this.__decorate) || function (decorators, target, key,
7
7
  var __param = (this && this.__param) || function (paramIndex, decorator) {
8
8
  return function (target, key) { decorator(target, key, paramIndex); }
9
9
  };
10
- import { Example, Get, Path, Query, Request, Response, Route, Security, Tags } from 'tsoa';
10
+ import { Example, Get, Middlewares, Path, Query, Request, Response, Route, Security, Tags } from 'tsoa';
11
11
  import { inject } from 'inversify';
12
12
  import { provide } from 'inversify-binding-decorators';
13
- import { badRequestResp, notFoundResp, unauthorizedResp } from '../open-api/common/response.common.mjs';
13
+ import { acl } from '../middlewares/acl.middleware.mjs';
14
+ import { badRequestResp, forbiddenOperationResp, notFoundResp, unauthorizedResp, } from '../open-api/common/response.common.mjs';
14
15
  import { partialPcis, pci, pciIds } from '../open-api/oa-examples/pci.oa-example.mjs';
15
16
  import { RestApi } from '../rest-api/rest-api.mjs';
16
17
  import { XapiXoController } from '../abstract-classes/xapi-xo-controller.mjs';
@@ -19,14 +20,23 @@ let PciController = class PciController extends XapiXoController {
19
20
  super('PCI', restApi);
20
21
  }
21
22
  /**
23
+ * Returns all PCIs that match the following privilege:
24
+ * - resource: pci, action: read
25
+ *
22
26
  * @example fields "class_name,device_name,id"
23
27
  * @example filter "class_name:Non-Volatile memory controller"
24
28
  * @example limit 42
25
29
  */
26
- getPcis(req, fields, ndjson, filter, limit) {
27
- return this.sendObjects(Object.values(this.getObjects({ filter, limit })), req);
30
+ getPcis(req, fields, ndjson, markdown, filter, limit) {
31
+ return this.sendObjects(Object.values(this.getObjects({ filter })), req, {
32
+ limit,
33
+ privilege: { action: 'read', resource: 'pci' },
34
+ });
28
35
  }
29
36
  /**
37
+ * Required privilege:
38
+ * - resource: pci, action: read
39
+ *
30
40
  * @example id "9377b642-cc71-8749-1e71-308898b652da"
31
41
  */
32
42
  getPci(id) {
@@ -37,15 +47,19 @@ __decorate([
37
47
  Example(pciIds),
38
48
  Example(partialPcis),
39
49
  Get(''),
50
+ Security('*', ['acl']),
40
51
  __param(0, Request()),
41
52
  __param(1, Query()),
42
53
  __param(2, Query()),
43
54
  __param(3, Query()),
44
- __param(4, Query())
55
+ __param(4, Query()),
56
+ __param(5, Query())
45
57
  ], PciController.prototype, "getPcis", null);
46
58
  __decorate([
47
59
  Example(pci),
48
60
  Get('{id}'),
61
+ Middlewares(acl({ resource: 'pci', action: 'read', objectId: 'params.id' })),
62
+ Response(forbiddenOperationResp.status, forbiddenOperationResp.description),
49
63
  Response(notFoundResp.status, notFoundResp.description),
50
64
  __param(0, Path())
51
65
  ], PciController.prototype, "getPci", null);
@@ -10,8 +10,9 @@ var __param = (this && this.__param) || function (paramIndex, decorator) {
10
10
  import { inject } from 'inversify';
11
11
  import { RestApi } from '../rest-api/rest-api.mjs';
12
12
  import { XapiXoController } from '../abstract-classes/xapi-xo-controller.mjs';
13
- import { Example, Get, Path, Query, Request, Response, Route, Security, Tags } from 'tsoa';
14
- import { badRequestResp, notFoundResp, unauthorizedResp } from '../open-api/common/response.common.mjs';
13
+ import { Example, Get, Middlewares, Path, Query, Request, Response, Route, Security, Tags } from 'tsoa';
14
+ import { acl } from '../middlewares/acl.middleware.mjs';
15
+ import { badRequestResp, forbiddenOperationResp, notFoundResp, unauthorizedResp, } from '../open-api/common/response.common.mjs';
15
16
  import { provide } from 'inversify-binding-decorators';
16
17
  import { partialPgpus, pgpu, pgpuIds } from '../open-api/oa-examples/pgpu.oa-example.mjs';
17
18
  let PgpuController = class PgpuController extends XapiXoController {
@@ -19,14 +20,23 @@ let PgpuController = class PgpuController extends XapiXoController {
19
20
  super('PGPU', restApi);
20
21
  }
21
22
  /**
23
+ * Returns all PGPUs that match the following privilege:
24
+ * - resource: pgpu, action: read
25
+ *
22
26
  * @example fields "id,dom0Access,gpuGroup"
23
27
  * @example filter "dom0Access:enabled"
24
28
  * @example limit 42
25
29
  */
26
- getPgpus(req, fields, ndjson, filter, limit) {
27
- return this.sendObjects(Object.values(this.getObjects({ filter, limit })), req);
30
+ getPgpus(req, fields, ndjson, markdown, filter, limit) {
31
+ return this.sendObjects(Object.values(this.getObjects({ filter })), req, {
32
+ limit,
33
+ privilege: { action: 'read', resource: 'pgpu' },
34
+ });
28
35
  }
29
36
  /**
37
+ * Required privilege:
38
+ * - resource: pgpu, action: read
39
+ *
30
40
  * @example id "838335fa-ee21-15e1-760a-a37a3a4ef1db"
31
41
  */
32
42
  getPgpu(id) {
@@ -37,15 +47,19 @@ __decorate([
37
47
  Example(pgpuIds),
38
48
  Example(partialPgpus),
39
49
  Get(''),
50
+ Security('*', ['acl']),
40
51
  __param(0, Request()),
41
52
  __param(1, Query()),
42
53
  __param(2, Query()),
43
54
  __param(3, Query()),
44
- __param(4, Query())
55
+ __param(4, Query()),
56
+ __param(5, Query())
45
57
  ], PgpuController.prototype, "getPgpus", null);
46
58
  __decorate([
47
59
  Example(pgpu),
48
60
  Get('{id}'),
61
+ Middlewares(acl({ resource: 'pgpu', action: 'read', objectId: 'params.id' })),
62
+ Response(forbiddenOperationResp.status, forbiddenOperationResp.description),
49
63
  Response(notFoundResp.status, notFoundResp.description),
50
64
  __param(0, Path())
51
65
  ], PgpuController.prototype, "getPgpu", null);
@@ -7,13 +7,14 @@ var __decorate = (this && this.__decorate) || function (decorators, target, key,
7
7
  var __param = (this && this.__param) || function (paramIndex, decorator) {
8
8
  return function (target, key) { decorator(target, key, paramIndex); }
9
9
  };
10
- import { Example, Get, Path, Query, Request, Response, Route, Security, Tags } from 'tsoa';
10
+ import { Example, Get, Middlewares, Path, Query, Request, Response, Route, Security, Tags } from 'tsoa';
11
11
  import { inject } from 'inversify';
12
12
  import { provide } from 'inversify-binding-decorators';
13
13
  import { AlarmService } from '../alarms/alarm.service.mjs';
14
14
  import { escapeUnsafeComplexMatcher } from '../helpers/utils.helper.mjs';
15
+ import { acl } from '../middlewares/acl.middleware.mjs';
15
16
  import { genericAlarmsExample } from '../open-api/oa-examples/alarm.oa-example.mjs';
16
- import { badRequestResp, notFoundResp, unauthorizedResp } from '../open-api/common/response.common.mjs';
17
+ import { badRequestResp, forbiddenOperationResp, notFoundResp, unauthorizedResp, } from '../open-api/common/response.common.mjs';
17
18
  import { partialPifs, pif, pifIds } from '../open-api/oa-examples/pif.oa-example.mjs';
18
19
  import { RestApi } from '../rest-api/rest-api.mjs';
19
20
  import { XapiXoController } from '../abstract-classes/xapi-xo-controller.mjs';
@@ -26,73 +27,107 @@ let PifController = class PifController extends XapiXoController {
26
27
  this.#alarmService = alarmService;
27
28
  }
28
29
  /**
30
+ * Returns all PIFs that match the following privilege:
31
+ * - resource: pif, action: read
32
+ *
29
33
  * @example fields "attached,device,deviceName,id"
30
34
  * @example filter "attached?"
31
35
  * @example limit 42
32
36
  */
33
- getPifs(req, fields, ndjson, filter, limit) {
34
- return this.sendObjects(Object.values(this.getObjects({ filter, limit })), req);
37
+ getPifs(req, fields, ndjson, markdown, filter, limit) {
38
+ return this.sendObjects(Object.values(this.getObjects({ filter })), req, {
39
+ limit,
40
+ privilege: { action: 'read', resource: 'pif' },
41
+ });
35
42
  }
36
43
  /**
44
+ * Required privilege:
45
+ * - resource: pif, action: read
46
+ *
37
47
  * @example id "d9e42451-3794-089f-de81-4ee0e6137bee"
38
48
  */
39
49
  getPif(id) {
40
50
  return this.getObject(id);
41
51
  }
42
52
  /**
53
+ * Returns all alarms that match the following privilege:
54
+ * - resource: alarm, action: read
55
+ *
43
56
  * @example id "d9e42451-3794-089f-de81-4ee0e6137bee"
44
57
  * @example fields "id,time"
45
58
  * @example filter "time:>1747053793"
46
59
  * @example limit 42
47
60
  */
48
- getPifAlarms(req, id, fields, ndjson, filter, limit) {
61
+ getPifAlarms(req, id, fields, ndjson, markdown, filter, limit) {
49
62
  const pif = this.getObject(id);
50
63
  const alarms = this.#alarmService.getAlarms({
51
64
  filter: `${escapeUnsafeComplexMatcher(filter) ?? ''} object:uuid:${pif.uuid}`,
65
+ });
66
+ return this.sendObjects(Object.values(alarms), req, {
67
+ path: 'alarms',
52
68
  limit,
69
+ privilege: { action: 'read', resource: 'alarm' },
53
70
  });
54
- return this.sendObjects(Object.values(alarms), req, 'alarms');
55
71
  }
56
72
  /**
73
+ * Returns all messages that match the following privilege:
74
+ * - resource: message, action: read
75
+ *
57
76
  * @example id "d9e42451-3794-089f-de81-4ee0e6137bee"
58
77
  * @example fields "name,id,$object"
59
78
  * @example filter "name:VM_STARTED"
60
79
  * @example limit 42
61
80
  */
62
- getPifMessages(req, id, fields, ndjson, filter, limit) {
63
- const messages = this.getMessagesForObject(id, { filter, limit });
64
- return this.sendObjects(Object.values(messages), req, 'messages');
81
+ getPifMessages(req, id, fields, ndjson, markdown, filter, limit) {
82
+ const messages = this.getMessagesForObject(id, { filter });
83
+ return this.sendObjects(Object.values(messages), req, {
84
+ path: 'messages',
85
+ limit,
86
+ privilege: { action: 'read', resource: 'message' },
87
+ });
65
88
  }
66
89
  /**
90
+ * Returns all tasks that match the following privilege:
91
+ * - resource: task, action: read
92
+ *
67
93
  * @example id "d9e42451-3794-089f-de81-4ee0e6137bee"
68
94
  * @example fields "id,status,properties"
69
95
  * @example filter "status:failure"
70
96
  * @example limit 42
71
97
  */
72
- async getPifTasks(req, id, fields, ndjson, filter, limit) {
73
- const tasks = await this.getTasksForObject(id, { filter, limit });
74
- return this.sendObjects(Object.values(tasks), req, 'tasks');
98
+ async getPifTasks(req, id, fields, ndjson, markdown, filter, limit) {
99
+ const tasks = await this.getTasksForObject(id, { filter });
100
+ return this.sendObjects(Object.values(tasks), req, {
101
+ path: 'tasks',
102
+ limit,
103
+ privilege: { action: 'read', resource: 'task' },
104
+ });
75
105
  }
76
106
  };
77
107
  __decorate([
78
108
  Example(pifIds),
79
109
  Example(partialPifs),
80
110
  Get(''),
111
+ Security('*', ['acl']),
81
112
  __param(0, Request()),
82
113
  __param(1, Query()),
83
114
  __param(2, Query()),
84
115
  __param(3, Query()),
85
- __param(4, Query())
116
+ __param(4, Query()),
117
+ __param(5, Query())
86
118
  ], PifController.prototype, "getPifs", null);
87
119
  __decorate([
88
120
  Example(pif),
89
121
  Get('{id}'),
122
+ Middlewares(acl({ resource: 'pif', action: 'read', objectId: 'params.id' })),
123
+ Response(forbiddenOperationResp.status, forbiddenOperationResp.description),
90
124
  Response(notFoundResp.status, notFoundResp.description),
91
125
  __param(0, Path())
92
126
  ], PifController.prototype, "getPif", null);
93
127
  __decorate([
94
128
  Example(genericAlarmsExample),
95
129
  Get('{id}/alarms'),
130
+ Security('*', ['acl']),
96
131
  Tags('alarms'),
97
132
  Response(notFoundResp.status, notFoundResp.description),
98
133
  __param(0, Request()),
@@ -100,12 +135,14 @@ __decorate([
100
135
  __param(2, Query()),
101
136
  __param(3, Query()),
102
137
  __param(4, Query()),
103
- __param(5, Query())
138
+ __param(5, Query()),
139
+ __param(6, Query())
104
140
  ], PifController.prototype, "getPifAlarms", null);
105
141
  __decorate([
106
142
  Example(messageIds),
107
143
  Example(partialMessages),
108
144
  Get('{id}/messages'),
145
+ Security('*', ['acl']),
109
146
  Tags('messages'),
110
147
  Response(notFoundResp.status, notFoundResp.description),
111
148
  __param(0, Request()),
@@ -113,12 +150,14 @@ __decorate([
113
150
  __param(2, Query()),
114
151
  __param(3, Query()),
115
152
  __param(4, Query()),
116
- __param(5, Query())
153
+ __param(5, Query()),
154
+ __param(6, Query())
117
155
  ], PifController.prototype, "getPifMessages", null);
118
156
  __decorate([
119
157
  Example(taskIds),
120
158
  Example(partialTasks),
121
159
  Get('{id}/tasks'),
160
+ Security('*', ['acl']),
122
161
  Tags('tasks'),
123
162
  Response(notFoundResp.status, notFoundResp.description),
124
163
  __param(0, Request()),
@@ -126,7 +165,8 @@ __decorate([
126
165
  __param(2, Query()),
127
166
  __param(3, Query()),
128
167
  __param(4, Query()),
129
- __param(5, Query())
168
+ __param(5, Query()),
169
+ __param(6, Query())
130
170
  ], PifController.prototype, "getPifTasks", null);
131
171
  PifController = __decorate([
132
172
  Route('pifs'),