Re: [pve-devel] [PATCH storage v3 08/10] api: allow ova upload/download

Wed, 22 May 2024 03:21:01 -0700 

On April 29, 2024 1:21 pm, Dominik Csapak wrote:
> introducing a separate regex that only contains ova, since
> upload/downloading ovfs does not make sense (since the disks are then
> missing).
> 
> Signed-off-by: Dominik Csapak <d.csa...@proxmox.com>
> ---
>  src/PVE/API2/Storage/Status.pm | 18 ++++++++++++++----
>  src/PVE/Storage.pm             | 11 +++++++++++
>  2 files changed, 25 insertions(+), 4 deletions(-)
> 
> diff --git a/src/PVE/API2/Storage/Status.pm b/src/PVE/API2/Storage/Status.pm
> index acde730..6c0c1e5 100644
> --- a/src/PVE/API2/Storage/Status.pm
> +++ b/src/PVE/API2/Storage/Status.pm
> @@ -369,7 +369,7 @@ __PACKAGE__->register_method ({
>      name => 'upload',
>      path => '{storage}/upload',
>      method => 'POST',
> -    description => "Upload templates and ISO images.",
> +    description => "Upload templates, ISO images and OVAs.",
>      permissions => {
>       check => ['perm', '/storage/{storage}', ['Datastore.AllocateTemplate']],
>      },
> @@ -382,7 +382,7 @@ __PACKAGE__->register_method ({
>           content => {
>               description => "Content type.",
>               type => 'string', format => 'pve-storage-content',
> -             enum => ['iso', 'vztmpl'],
> +             enum => ['iso', 'vztmpl', 'import'],
>           },
>           filename => {
>               description => "The name of the file to create. Caution: This 
> will be normalized!",
> @@ -448,6 +448,11 @@ __PACKAGE__->register_method ({
>               raise_param_exc({ filename => "wrong file extension" });
>           }
>           $path = PVE::Storage::get_vztmpl_dir($cfg, $param->{storage});
> +     } elsif ($content eq 'import') {
> +         if ($filename !~ m![^/]+$PVE::Storage::UPLOAD_IMPORT_EXT_RE_1$!) {
> +             raise_param_exc({ filename => "wrong file extension" });
> +         }
> +         $path = PVE::Storage::get_import_dir($cfg, $param->{storage});
>       } else {
>           raise_param_exc({ content => "upload content type '$content' not 
> allowed" });
>       }
> @@ -544,7 +549,7 @@ __PACKAGE__->register_method({
>      name => 'download_url',
>      path => '{storage}/download-url',
>      method => 'POST',
> -    description => "Download templates and ISO images by using an URL.",
> +    description => "Download templates, ISO images and OVAs by using an 
> URL.",
>      proxyto => 'node',
>      permissions => {
>       description => 'Requires allocation access on the storage and as this 
> allows one to probe'
> @@ -572,7 +577,7 @@ __PACKAGE__->register_method({
>           content => {
>               description => "Content type.", # TODO: could be optional & 
> detected in most cases
>               type => 'string', format => 'pve-storage-content',
> -             enum => ['iso', 'vztmpl'],
> +             enum => ['iso', 'vztmpl', 'import'],
>           },
>           filename => {
>               description => "The name of the file to create. Caution: This 
> will be normalized!",
> @@ -642,6 +647,11 @@ __PACKAGE__->register_method({
>               raise_param_exc({ filename => "wrong file extension" });
>           }
>           $path = PVE::Storage::get_vztmpl_dir($cfg, $storage);
> +     } elsif ($content eq 'import') {
> +         if ($filename !~ m![^/]+$PVE::Storage::UPLOAD_IMPORT_EXT_RE_1$!) {

was a bit stumped here, but the others have it as well - $filename is
normalized first and that removes any slashes anyway. this also means
uploaded OVAs only have a subset of characters compared to what we
accept otherwise. do we still want to be extra-cautious in case we relax
the normalization in the future, and check for the same characters we
allow otherwise? would be rather weird if users can upload files but
possible not even see them afterwards ^^

> +             raise_param_exc({ filename => "wrong file extension" });
> +         }
> +         $path = PVE::Storage::get_import_dir($cfg, $param->{storage});
>       } else {
>           raise_param_exc({ content => "upload content-type '$content' is not 
> allowed" });
>       }
> diff --git a/src/PVE/Storage.pm b/src/PVE/Storage.pm
> index adc1b45..31b2ad5 100755
> --- a/src/PVE/Storage.pm
> +++ b/src/PVE/Storage.pm
> @@ -116,6 +116,8 @@ our $BACKUP_EXT_RE_2 = 
> qr/\.(tgz|(?:tar|vma)(?:\.(${\PVE::Storage::Plugin::COMPR
>  
>  our $IMPORT_EXT_RE_1 = qr/\.(ova|ovf|qcow2|raw|vmdk)/;
>  
> +our $UPLOAD_IMPORT_EXT_RE_1 = qr/\.(ova)/;
> +
>  our $SAFE_CHAR_CLASS_RE = qr/[a-zA-Z0-9\-\.\+\=\_]/;
>  
>  # FIXME remove with PVE 8.0, add versioned breaks for pve-manager
> @@ -464,6 +466,15 @@ sub get_iso_dir {
>      return $plugin->get_subdir($scfg, 'iso');
>  }
>  
> +sub get_import_dir {
> +    my ($cfg, $storeid) = @_;
> +
> +    my $scfg = storage_config($cfg, $storeid);
> +    my $plugin = PVE::Storage::Plugin->lookup($scfg->{type});
> +
> +    return $plugin->get_subdir($scfg, 'import');
> +}
> +
>  sub get_vztmpl_dir {
>      my ($cfg, $storeid) = @_;
>  
> -- 
> 2.39.2
> 
> 
> 
> _______________________________________________
> pve-devel mailing list
> pve-devel@lists.proxmox.com
> https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
> 
> 
> 


_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel

Reply via email to