@xen-orchestra/rest-api 0.29.0 → 0.30.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +108 -1
- package/dist/abstract-classes/base-controller.mjs +18 -3
- package/dist/abstract-classes/listener.mjs +116 -12
- package/dist/acl-privileges/acl-privilege.controller.mjs +172 -0
- package/dist/acl-roles/acl-role.controller.mjs +384 -0
- package/dist/alarms/alarm.controller.mjs +22 -9
- package/dist/alarms/alarm.service.mjs +8 -0
- package/dist/backup-archives/backup-archive.controller.mjs +30 -21
- package/dist/backup-archives/backup-archive.service.mjs +21 -0
- package/dist/backup-jobs/backup-job.controller.mjs +59 -15
- package/dist/backup-jobs/backup-job.service.mjs +7 -0
- package/dist/backup-logs/backup-log.controller.mjs +25 -11
- package/dist/backup-logs/backup-log.service.mjs +19 -0
- package/dist/backup-repositories/backup-repositories.controller.mjs +21 -3
- package/dist/events/event.class.mjs +24 -9
- package/dist/events/event.controller.mjs +3 -0
- package/dist/events/event.service.mjs +2 -1
- package/dist/groups/group.controller.mjs +90 -6
- package/dist/hosts/host.controller.mjs +78 -7
- package/dist/ioc/ioc.mjs +13 -4
- package/dist/messages/message.controller.mjs +29 -8
- package/dist/middlewares/acl.middleware.mjs +202 -0
- package/dist/middlewares/authentication.middleware.mjs +15 -6
- package/dist/middlewares/tsoa-to-xo-error.middleware.mjs +19 -1
- package/dist/networks/network.controller.mjs +60 -9
- package/dist/open-api/oa-examples/acl-privilege.oa-example.mjs +25 -0
- package/dist/open-api/oa-examples/acl-role.oa-example.mjs +22 -0
- package/dist/open-api/oa-examples/backup-archive.oa-example.mjs +6 -6
- package/dist/open-api/oa-examples/common.oa-example.mjs +3 -0
- package/dist/open-api/routes/routes.js +676 -132
- package/dist/pbds/pbd.controller.mjs +17 -3
- package/dist/pcis/pci.controller.mjs +16 -3
- package/dist/pgpus/pgpu.controller.mjs +16 -3
- package/dist/pifs/pif.controller.mjs +44 -8
- package/dist/pools/pool.controller.mjs +154 -9
- package/dist/proxies/proxy.controller.mjs +22 -4
- package/dist/restore-logs/restore-log.controller.mjs +36 -19
- package/dist/schedules/schedule.controller.mjs +33 -3
- package/dist/servers/server.controller.mjs +65 -5
- package/dist/sms/sm.controller.mjs +14 -2
- package/dist/srs/sr.controller.mjs +62 -10
- package/dist/tasks/task.controller.mjs +71 -11
- package/dist/users/user.controller.mjs +115 -16
- package/dist/vbds/vbd.controller.mjs +65 -31
- package/dist/vdi-snapshots/vdi-snapshot.controller.mjs +36 -6
- package/dist/vdis/vdi.controller.mjs +69 -8
- package/dist/vifs/vif.controller.mjs +43 -7
- package/dist/vm-controller/vm-controller.controller.mjs +62 -9
- package/dist/vm-snapshots/vm-snapshot.controller.mjs +70 -8
- package/dist/vm-templates/vm-template.controller.mjs +71 -8
- package/dist/vms/vm.controller.mjs +164 -12
- package/open-api/spec/swagger.json +10907 -3265
- package/package.json +4 -3
|
@@ -9,8 +9,9 @@ var __param = (this && this.__param) || function (paramIndex, decorator) {
|
|
|
9
9
|
};
|
|
10
10
|
import { inject } from 'inversify';
|
|
11
11
|
import { provide } from 'inversify-binding-decorators';
|
|
12
|
-
import { Route, Security, Request, Response, Get, Query, Path, Tags, Example, Post, SuccessResponse } from 'tsoa';
|
|
13
|
-
import {
|
|
12
|
+
import { Middlewares, Route, Security, Request, Response, Get, Query, Path, Tags, Example, Post, SuccessResponse } from 'tsoa';
|
|
13
|
+
import { acl } from '../middlewares/acl.middleware.mjs';
|
|
14
|
+
import { asynchronousActionResp, badRequestResp, internalServerErrorResp, invalidParameters as invalidParametersResp, noContentResp, forbiddenOperationResp, notFoundResp, unauthorizedResp, } from '../open-api/common/response.common.mjs';
|
|
14
15
|
import { RestApi } from '../rest-api/rest-api.mjs';
|
|
15
16
|
import { XapiXoController } from '../abstract-classes/xapi-xo-controller.mjs';
|
|
16
17
|
import { partialPbds, pbd, pbdIds } from '../open-api/oa-examples/pbd.oa-example.mjs';
|
|
@@ -20,14 +21,23 @@ let PbdController = class PbdController extends XapiXoController {
|
|
|
20
21
|
super('PBD', restApi);
|
|
21
22
|
}
|
|
22
23
|
/**
|
|
24
|
+
* Returns all PBDs that match the following privilege:
|
|
25
|
+
* - resource: pbd, action: read
|
|
26
|
+
*
|
|
23
27
|
* @example fields "attached,id,device_config"
|
|
24
28
|
* @example filter "attached?"
|
|
25
29
|
* @example limit 42
|
|
26
30
|
*/
|
|
27
31
|
getPbds(req, fields, ndjson, markdown, filter, limit) {
|
|
28
|
-
return this.sendObjects(Object.values(this.getObjects({ filter
|
|
32
|
+
return this.sendObjects(Object.values(this.getObjects({ filter })), req, {
|
|
33
|
+
limit,
|
|
34
|
+
privilege: { action: 'read', resource: 'pbd' },
|
|
35
|
+
});
|
|
29
36
|
}
|
|
30
37
|
/**
|
|
38
|
+
* Required privilege:
|
|
39
|
+
* - resource: pbd, action: read
|
|
40
|
+
*
|
|
31
41
|
* @example id "16b2a60f-7c4d-f45f-7c7a-963b06fc587d"
|
|
32
42
|
*/
|
|
33
43
|
getPbd(id) {
|
|
@@ -74,6 +84,7 @@ __decorate([
|
|
|
74
84
|
Example(pbdIds),
|
|
75
85
|
Example(partialPbds),
|
|
76
86
|
Get(''),
|
|
87
|
+
Security('*', ['acl']),
|
|
77
88
|
__param(0, Request()),
|
|
78
89
|
__param(1, Query()),
|
|
79
90
|
__param(2, Query()),
|
|
@@ -84,6 +95,9 @@ __decorate([
|
|
|
84
95
|
__decorate([
|
|
85
96
|
Example(pbd),
|
|
86
97
|
Get('{id}'),
|
|
98
|
+
Middlewares(acl({ resource: 'pbd', action: 'read', objectId: 'params.id' })),
|
|
99
|
+
Response(forbiddenOperationResp.status, forbiddenOperationResp.description),
|
|
100
|
+
Response(notFoundResp.status, notFoundResp.description),
|
|
87
101
|
__param(0, Path())
|
|
88
102
|
], PbdController.prototype, "getPbd", null);
|
|
89
103
|
__decorate([
|
|
@@ -7,10 +7,11 @@ var __decorate = (this && this.__decorate) || function (decorators, target, key,
|
|
|
7
7
|
var __param = (this && this.__param) || function (paramIndex, decorator) {
|
|
8
8
|
return function (target, key) { decorator(target, key, paramIndex); }
|
|
9
9
|
};
|
|
10
|
-
import { Example, Get, Path, Query, Request, Response, Route, Security, Tags } from 'tsoa';
|
|
10
|
+
import { Example, Get, Middlewares, Path, Query, Request, Response, Route, Security, Tags } from 'tsoa';
|
|
11
11
|
import { inject } from 'inversify';
|
|
12
12
|
import { provide } from 'inversify-binding-decorators';
|
|
13
|
-
import {
|
|
13
|
+
import { acl } from '../middlewares/acl.middleware.mjs';
|
|
14
|
+
import { badRequestResp, forbiddenOperationResp, notFoundResp, unauthorizedResp, } from '../open-api/common/response.common.mjs';
|
|
14
15
|
import { partialPcis, pci, pciIds } from '../open-api/oa-examples/pci.oa-example.mjs';
|
|
15
16
|
import { RestApi } from '../rest-api/rest-api.mjs';
|
|
16
17
|
import { XapiXoController } from '../abstract-classes/xapi-xo-controller.mjs';
|
|
@@ -19,14 +20,23 @@ let PciController = class PciController extends XapiXoController {
|
|
|
19
20
|
super('PCI', restApi);
|
|
20
21
|
}
|
|
21
22
|
/**
|
|
23
|
+
* Returns all PCIs that match the following privilege:
|
|
24
|
+
* - resource: pci, action: read
|
|
25
|
+
*
|
|
22
26
|
* @example fields "class_name,device_name,id"
|
|
23
27
|
* @example filter "class_name:Non-Volatile memory controller"
|
|
24
28
|
* @example limit 42
|
|
25
29
|
*/
|
|
26
30
|
getPcis(req, fields, ndjson, markdown, filter, limit) {
|
|
27
|
-
return this.sendObjects(Object.values(this.getObjects({ filter
|
|
31
|
+
return this.sendObjects(Object.values(this.getObjects({ filter })), req, {
|
|
32
|
+
limit,
|
|
33
|
+
privilege: { action: 'read', resource: 'pci' },
|
|
34
|
+
});
|
|
28
35
|
}
|
|
29
36
|
/**
|
|
37
|
+
* Required privilege:
|
|
38
|
+
* - resource: pci, action: read
|
|
39
|
+
*
|
|
30
40
|
* @example id "9377b642-cc71-8749-1e71-308898b652da"
|
|
31
41
|
*/
|
|
32
42
|
getPci(id) {
|
|
@@ -37,6 +47,7 @@ __decorate([
|
|
|
37
47
|
Example(pciIds),
|
|
38
48
|
Example(partialPcis),
|
|
39
49
|
Get(''),
|
|
50
|
+
Security('*', ['acl']),
|
|
40
51
|
__param(0, Request()),
|
|
41
52
|
__param(1, Query()),
|
|
42
53
|
__param(2, Query()),
|
|
@@ -47,6 +58,8 @@ __decorate([
|
|
|
47
58
|
__decorate([
|
|
48
59
|
Example(pci),
|
|
49
60
|
Get('{id}'),
|
|
61
|
+
Middlewares(acl({ resource: 'pci', action: 'read', objectId: 'params.id' })),
|
|
62
|
+
Response(forbiddenOperationResp.status, forbiddenOperationResp.description),
|
|
50
63
|
Response(notFoundResp.status, notFoundResp.description),
|
|
51
64
|
__param(0, Path())
|
|
52
65
|
], PciController.prototype, "getPci", null);
|
|
@@ -10,8 +10,9 @@ var __param = (this && this.__param) || function (paramIndex, decorator) {
|
|
|
10
10
|
import { inject } from 'inversify';
|
|
11
11
|
import { RestApi } from '../rest-api/rest-api.mjs';
|
|
12
12
|
import { XapiXoController } from '../abstract-classes/xapi-xo-controller.mjs';
|
|
13
|
-
import { Example, Get, Path, Query, Request, Response, Route, Security, Tags } from 'tsoa';
|
|
14
|
-
import {
|
|
13
|
+
import { Example, Get, Middlewares, Path, Query, Request, Response, Route, Security, Tags } from 'tsoa';
|
|
14
|
+
import { acl } from '../middlewares/acl.middleware.mjs';
|
|
15
|
+
import { badRequestResp, forbiddenOperationResp, notFoundResp, unauthorizedResp, } from '../open-api/common/response.common.mjs';
|
|
15
16
|
import { provide } from 'inversify-binding-decorators';
|
|
16
17
|
import { partialPgpus, pgpu, pgpuIds } from '../open-api/oa-examples/pgpu.oa-example.mjs';
|
|
17
18
|
let PgpuController = class PgpuController extends XapiXoController {
|
|
@@ -19,14 +20,23 @@ let PgpuController = class PgpuController extends XapiXoController {
|
|
|
19
20
|
super('PGPU', restApi);
|
|
20
21
|
}
|
|
21
22
|
/**
|
|
23
|
+
* Returns all PGPUs that match the following privilege:
|
|
24
|
+
* - resource: pgpu, action: read
|
|
25
|
+
*
|
|
22
26
|
* @example fields "id,dom0Access,gpuGroup"
|
|
23
27
|
* @example filter "dom0Access:enabled"
|
|
24
28
|
* @example limit 42
|
|
25
29
|
*/
|
|
26
30
|
getPgpus(req, fields, ndjson, markdown, filter, limit) {
|
|
27
|
-
return this.sendObjects(Object.values(this.getObjects({ filter
|
|
31
|
+
return this.sendObjects(Object.values(this.getObjects({ filter })), req, {
|
|
32
|
+
limit,
|
|
33
|
+
privilege: { action: 'read', resource: 'pgpu' },
|
|
34
|
+
});
|
|
28
35
|
}
|
|
29
36
|
/**
|
|
37
|
+
* Required privilege:
|
|
38
|
+
* - resource: pgpu, action: read
|
|
39
|
+
*
|
|
30
40
|
* @example id "838335fa-ee21-15e1-760a-a37a3a4ef1db"
|
|
31
41
|
*/
|
|
32
42
|
getPgpu(id) {
|
|
@@ -37,6 +47,7 @@ __decorate([
|
|
|
37
47
|
Example(pgpuIds),
|
|
38
48
|
Example(partialPgpus),
|
|
39
49
|
Get(''),
|
|
50
|
+
Security('*', ['acl']),
|
|
40
51
|
__param(0, Request()),
|
|
41
52
|
__param(1, Query()),
|
|
42
53
|
__param(2, Query()),
|
|
@@ -47,6 +58,8 @@ __decorate([
|
|
|
47
58
|
__decorate([
|
|
48
59
|
Example(pgpu),
|
|
49
60
|
Get('{id}'),
|
|
61
|
+
Middlewares(acl({ resource: 'pgpu', action: 'read', objectId: 'params.id' })),
|
|
62
|
+
Response(forbiddenOperationResp.status, forbiddenOperationResp.description),
|
|
50
63
|
Response(notFoundResp.status, notFoundResp.description),
|
|
51
64
|
__param(0, Path())
|
|
52
65
|
], PgpuController.prototype, "getPgpu", null);
|
|
@@ -7,13 +7,14 @@ var __decorate = (this && this.__decorate) || function (decorators, target, key,
|
|
|
7
7
|
var __param = (this && this.__param) || function (paramIndex, decorator) {
|
|
8
8
|
return function (target, key) { decorator(target, key, paramIndex); }
|
|
9
9
|
};
|
|
10
|
-
import { Example, Get, Path, Query, Request, Response, Route, Security, Tags } from 'tsoa';
|
|
10
|
+
import { Example, Get, Middlewares, Path, Query, Request, Response, Route, Security, Tags } from 'tsoa';
|
|
11
11
|
import { inject } from 'inversify';
|
|
12
12
|
import { provide } from 'inversify-binding-decorators';
|
|
13
13
|
import { AlarmService } from '../alarms/alarm.service.mjs';
|
|
14
14
|
import { escapeUnsafeComplexMatcher } from '../helpers/utils.helper.mjs';
|
|
15
|
+
import { acl } from '../middlewares/acl.middleware.mjs';
|
|
15
16
|
import { genericAlarmsExample } from '../open-api/oa-examples/alarm.oa-example.mjs';
|
|
16
|
-
import { badRequestResp, notFoundResp, unauthorizedResp } from '../open-api/common/response.common.mjs';
|
|
17
|
+
import { badRequestResp, forbiddenOperationResp, notFoundResp, unauthorizedResp, } from '../open-api/common/response.common.mjs';
|
|
17
18
|
import { partialPifs, pif, pifIds } from '../open-api/oa-examples/pif.oa-example.mjs';
|
|
18
19
|
import { RestApi } from '../rest-api/rest-api.mjs';
|
|
19
20
|
import { XapiXoController } from '../abstract-classes/xapi-xo-controller.mjs';
|
|
@@ -26,20 +27,32 @@ let PifController = class PifController extends XapiXoController {
|
|
|
26
27
|
this.#alarmService = alarmService;
|
|
27
28
|
}
|
|
28
29
|
/**
|
|
30
|
+
* Returns all PIFs that match the following privilege:
|
|
31
|
+
* - resource: pif, action: read
|
|
32
|
+
*
|
|
29
33
|
* @example fields "attached,device,deviceName,id"
|
|
30
34
|
* @example filter "attached?"
|
|
31
35
|
* @example limit 42
|
|
32
36
|
*/
|
|
33
37
|
getPifs(req, fields, ndjson, markdown, filter, limit) {
|
|
34
|
-
return this.sendObjects(Object.values(this.getObjects({ filter
|
|
38
|
+
return this.sendObjects(Object.values(this.getObjects({ filter })), req, {
|
|
39
|
+
limit,
|
|
40
|
+
privilege: { action: 'read', resource: 'pif' },
|
|
41
|
+
});
|
|
35
42
|
}
|
|
36
43
|
/**
|
|
44
|
+
* Required privilege:
|
|
45
|
+
* - resource: pif, action: read
|
|
46
|
+
*
|
|
37
47
|
* @example id "d9e42451-3794-089f-de81-4ee0e6137bee"
|
|
38
48
|
*/
|
|
39
49
|
getPif(id) {
|
|
40
50
|
return this.getObject(id);
|
|
41
51
|
}
|
|
42
52
|
/**
|
|
53
|
+
* Returns all alarms that match the following privilege:
|
|
54
|
+
* - resource: alarm, action: read
|
|
55
|
+
*
|
|
43
56
|
* @example id "d9e42451-3794-089f-de81-4ee0e6137bee"
|
|
44
57
|
* @example fields "id,time"
|
|
45
58
|
* @example filter "time:>1747053793"
|
|
@@ -49,35 +62,53 @@ let PifController = class PifController extends XapiXoController {
|
|
|
49
62
|
const pif = this.getObject(id);
|
|
50
63
|
const alarms = this.#alarmService.getAlarms({
|
|
51
64
|
filter: `${escapeUnsafeComplexMatcher(filter) ?? ''} object:uuid:${pif.uuid}`,
|
|
65
|
+
});
|
|
66
|
+
return this.sendObjects(Object.values(alarms), req, {
|
|
67
|
+
path: 'alarms',
|
|
52
68
|
limit,
|
|
69
|
+
privilege: { action: 'read', resource: 'alarm' },
|
|
53
70
|
});
|
|
54
|
-
return this.sendObjects(Object.values(alarms), req, 'alarms');
|
|
55
71
|
}
|
|
56
72
|
/**
|
|
73
|
+
* Returns all messages that match the following privilege:
|
|
74
|
+
* - resource: message, action: read
|
|
75
|
+
*
|
|
57
76
|
* @example id "d9e42451-3794-089f-de81-4ee0e6137bee"
|
|
58
77
|
* @example fields "name,id,$object"
|
|
59
78
|
* @example filter "name:VM_STARTED"
|
|
60
79
|
* @example limit 42
|
|
61
80
|
*/
|
|
62
81
|
getPifMessages(req, id, fields, ndjson, markdown, filter, limit) {
|
|
63
|
-
const messages = this.getMessagesForObject(id, { filter
|
|
64
|
-
return this.sendObjects(Object.values(messages), req,
|
|
82
|
+
const messages = this.getMessagesForObject(id, { filter });
|
|
83
|
+
return this.sendObjects(Object.values(messages), req, {
|
|
84
|
+
path: 'messages',
|
|
85
|
+
limit,
|
|
86
|
+
privilege: { action: 'read', resource: 'message' },
|
|
87
|
+
});
|
|
65
88
|
}
|
|
66
89
|
/**
|
|
90
|
+
* Returns all tasks that match the following privilege:
|
|
91
|
+
* - resource: task, action: read
|
|
92
|
+
*
|
|
67
93
|
* @example id "d9e42451-3794-089f-de81-4ee0e6137bee"
|
|
68
94
|
* @example fields "id,status,properties"
|
|
69
95
|
* @example filter "status:failure"
|
|
70
96
|
* @example limit 42
|
|
71
97
|
*/
|
|
72
98
|
async getPifTasks(req, id, fields, ndjson, markdown, filter, limit) {
|
|
73
|
-
const tasks = await this.getTasksForObject(id, { filter
|
|
74
|
-
return this.sendObjects(Object.values(tasks), req,
|
|
99
|
+
const tasks = await this.getTasksForObject(id, { filter });
|
|
100
|
+
return this.sendObjects(Object.values(tasks), req, {
|
|
101
|
+
path: 'tasks',
|
|
102
|
+
limit,
|
|
103
|
+
privilege: { action: 'read', resource: 'task' },
|
|
104
|
+
});
|
|
75
105
|
}
|
|
76
106
|
};
|
|
77
107
|
__decorate([
|
|
78
108
|
Example(pifIds),
|
|
79
109
|
Example(partialPifs),
|
|
80
110
|
Get(''),
|
|
111
|
+
Security('*', ['acl']),
|
|
81
112
|
__param(0, Request()),
|
|
82
113
|
__param(1, Query()),
|
|
83
114
|
__param(2, Query()),
|
|
@@ -88,12 +119,15 @@ __decorate([
|
|
|
88
119
|
__decorate([
|
|
89
120
|
Example(pif),
|
|
90
121
|
Get('{id}'),
|
|
122
|
+
Middlewares(acl({ resource: 'pif', action: 'read', objectId: 'params.id' })),
|
|
123
|
+
Response(forbiddenOperationResp.status, forbiddenOperationResp.description),
|
|
91
124
|
Response(notFoundResp.status, notFoundResp.description),
|
|
92
125
|
__param(0, Path())
|
|
93
126
|
], PifController.prototype, "getPif", null);
|
|
94
127
|
__decorate([
|
|
95
128
|
Example(genericAlarmsExample),
|
|
96
129
|
Get('{id}/alarms'),
|
|
130
|
+
Security('*', ['acl']),
|
|
97
131
|
Tags('alarms'),
|
|
98
132
|
Response(notFoundResp.status, notFoundResp.description),
|
|
99
133
|
__param(0, Request()),
|
|
@@ -108,6 +142,7 @@ __decorate([
|
|
|
108
142
|
Example(messageIds),
|
|
109
143
|
Example(partialMessages),
|
|
110
144
|
Get('{id}/messages'),
|
|
145
|
+
Security('*', ['acl']),
|
|
111
146
|
Tags('messages'),
|
|
112
147
|
Response(notFoundResp.status, notFoundResp.description),
|
|
113
148
|
__param(0, Request()),
|
|
@@ -122,6 +157,7 @@ __decorate([
|
|
|
122
157
|
Example(taskIds),
|
|
123
158
|
Example(partialTasks),
|
|
124
159
|
Get('{id}/tasks'),
|
|
160
|
+
Security('*', ['acl']),
|
|
125
161
|
Tags('tasks'),
|
|
126
162
|
Response(notFoundResp.status, notFoundResp.description),
|
|
127
163
|
__param(0, Request()),
|