Reorganized DNS server endpoints, pfSense 2.5 compatibility updates, fixed PHP warning in manage.php restore() function

Author: jaredhendrickson13

pfSense-pkg-API/files/etc/inc/api/models/APISystemDNSRead.inc

@@ -39,8 +39,21 @@ class APISystemDNSRead extends APIModel {
         if (array_key_exists("dnsallowoverride", $this->config["system"])) {
             $this->validated_data["dnsallowoverride"] = true;
         }
-        if (array_key_exists("dnslocalhost", $this->config["system"])) {
-            $this->validated_data["dnslocalhost"] = true;
+
+        # Validate this field as needed for pfSense 2.4.x
+        # TODO: remove this conditional once pfSense 2.4 nears EOL
+        if (APITools\get_pfsense_version()["program"] < 250) {
+            if (array_key_exists("dnslocalhost", $this->config["system"])) {
+                $this->validated_data["dnslocalhost"] = true;
+            }
+        }
+        else {
+            if ($this->config["system"]["dnslocalhost"] === "remote") {
+                $this->validated_data["dnslocalhost"] = false;
+            } else {
+                $this->validated_data["dnslocalhost"] = true;
+            }
         }
+
     }
 }

pfSense-pkg-API/files/etc/inc/api/models/APISystemDNSServerCreate.inc

@@ -40,7 +40,8 @@ class APISystemDNSServerCreate extends APIModel {
         $this->__validate_dnsserver();
     }
 
-    private function __validate_dnsserver() {
+    public function __validate_dnsserver() {
+        # Validate the optional `dnsserver` payload value
         if (isset($this->initial_data['dnsserver'])) {
             # If values are not an array, convert it
             if (!is_array($this->initial_data["dnsserver"])) {

pfSense-pkg-API/files/etc/inc/api/models/APISystemDNSServerDelete.inc

@@ -27,37 +27,56 @@ class APISystemDNSServerDelete extends APIModel {
     }
 
     public function action() {
-        $this->write_config();    // Apply our configuration change
-        // Update a slew of backend services
-        system_resolvconf_generate();
-        if (isset($this->config['dnsmasq']['enable'])) {
-            services_dnsmasq_configure();
-        } elseif (isset($this->config['unbound']['enable'])) {
-            services_unbound_configure();
-        }
-        send_event("service reload dns");
-        filter_configure();
+        $this->config["system"]["dnsserver"] = $this->validated_data["dnsserver"];
+        $this->write_config();
+        $this->apply_backend_changes();
         return APIResponse\get(0, $this->validated_data);
     }
 
     public function validate_payload() {
+        $this->validated_data["dnsserver"] = $this->config["system"]["dnsserver"];
+        $this->__validate_dnsserver();
+    }
+
+    private function __validate_dnsserver() {
+        # Validate the optional `dnsserver` payload value
         if (isset($this->initial_data['dnsserver'])) {
             $del_server = $this->initial_data['dnsserver'];
-            $curr_servers = $this->config["system"]["dnsserver"];
             $del_server = (!is_array($del_server)) ? array($del_server) : $del_server;
+
+            # Ensure our config is array
+            if (!is_array($this->validated_data["dnsserver"])) {
+                $this->validated_data["dnsserver"] = array($this->validated_data["dnsserver"]);
+            }
+
+            # Loop through each requested DNS server to delete
             foreach ($del_server as $ds) {
-                // Ensure our config is array
-                if (!is_array($curr_servers)) {
-                    $curr_servers = array($this->config["system"]["dnsserver"]);
-                }
-                // Loop through each server and check for matches, delete on match
-                foreach ($curr_servers as $id => $cs) {
+                # Loop through each server and check for matches, delete on match
+                foreach ($this->validated_data["dnsserver"] as $id => $cs) {
                     if ($ds === $cs) {
-                        $this->validated_data["dnsserver"][] = $ds;
-                        unset($this->config["system"]["dnsserver"][$id]);
+                        unset($this->validated_data["dnsserver"][$id]);
                     }
                 }
             }
+
+            # Ensure array values are unique, reindexed and purge duplicate items
+            $this->validated_data["dnsserver"] = array_filter($this->validated_data["dnsserver"]);
+            $this->validated_data["dnsserver"] = array_unique($this->validated_data["dnsserver"]);
+            $this->validated_data["dnsserver"] = array_values($this->validated_data["dnsserver"]);
         }
     }
+
+    public function apply_backend_changes() {
+        # Update a slew of backend services
+        system_resolvconf_generate();
+        if (isset($this->config['dnsmasq']['enable'])) {
+            services_dnsmasq_configure();
+        } elseif (isset($this->config['unbound']['enable'])) {
+            services_unbound_configure();
+        }
+
+        # Reload DNS services and firewall filter
+        send_event("service reload dns");
+        filter_configure();
+    }
 }

pfSense-pkg-API/files/etc/inc/api/models/APISystemDNSUpdate.inc

@@ -27,47 +27,67 @@ class APISystemDNSUpdate extends APIModel {
     }
 
     public function action() {
-        $this->write_config();    // Apply our configuration change
-        // Update a slew of backend services
-        system_resolvconf_generate();
-        if (isset($this->config['dnsmasq']['enable'])) {
-            services_dnsmasq_configure();
-        } elseif (isset($this->config['unbound']['enable'])) {
-            services_unbound_configure();
-        }
-
-        // Reload DNS services and firewall filter
-        send_event("service reload dns");
-        filter_configure();
+        $this->write_config();
+        $this->apply_backend_changes();
         return APIResponse\get(0, (new APISystemDNSRead())->action()["data"]);
     }
 
     public function validate_payload() {
-        if (isset($this->initial_data['dnsserver'])) {
-            $this->initial_data["dnsserver"] = $this->initial_data['dnsserver'];
-            // If value is not an array, convert it
-            if (!is_array($this->initial_data["dnsserver"])) {
-                $this->initial_data["dnsserver"] = array($this->initial_data["dnsserver"]);
-            }
-            // Loop through our DNS servers and check that entry is valid
-            foreach ($this->initial_data["dnsserver"] as $ds) {
-                // Check if our DNS server is valid
-                if (!is_ipaddrv4($ds) and !is_ipaddrv6($ds)) {
-                    $this->errors[] = APIResponse\get(1007);
-                }
-            }
-            // Add our system DNS values to validated data
-            $this->config["system"]["dnsserver"] = $this->initial_data["dnsserver"];
-        }
+        $this->__validate_dnsserver();
+        $this->__validate_dnsallowoverride();
+        $this->__validate_dnslocalhost();
+    }
+
+    private function __validate_dnsallowoverride() {
         if ($this->initial_data['dnsallowoverride'] === true) {
             $this->config["system"]["dnsallowoverride"] = "";
         } elseif ($this->initial_data['dnsallowoverride'] === false) {
             unset($this->config["system"]["dnsallowoverride"]);
         }
-        if ($this->initial_data['dnslocalhost'] === true) {
-            $this->config["system"]["dnslocalhost"] = "";
-        } elseif ($this->initial_data['dnslocalhost'] === false) {
-            unset($this->config["system"]["dnslocalhost"]);
+    }
+
+    private function __validate_dnslocalhost() {
+        # Validate this field as needed for pfSense 2.4.x
+        # TODO: remove this conditional once pfSense 2.4 nears EOL
+        if (APITools\get_pfsense_version()["program"] < 250) {
+            if ($this->initial_data['dnslocalhost'] === true) {
+                $this->config["system"]["dnslocalhost"] = "";
+            } elseif ($this->initial_data['dnslocalhost'] === false) {
+                unset($this->config["system"]["dnslocalhost"]);
+            }
         }
+        # Validate this field as needed for pfSense 2.5+
+        else {
+            if ($this->initial_data['dnslocalhost'] === true) {
+                unset($this->config["system"]["dnslocalhost"]);
+            } elseif ($this->initial_data['dnslocalhost'] === false) {
+                $this->config["system"]["dnslocalhost"] = "remote";
+            }
+        }
+    }
+
+    private function __validate_dnsserver() {
+        if (isset($this->initial_data['dnsserver'])) {
+            # Use an internal API call to the APISystemDNSServerCreate model
+            $dns_server_c = new APISystemDNSServerCreate();
+            $dns_server_c->initial_data["dnsserver"] = $this->initial_data["dnsserver"];
+            $dns_server_c->__validate_dnsserver();
+            $this->errors = $this->errors + $dns_server_c->errors;
+            $this->config["system"]["dnsserver"] = $dns_server_c->validated_data["dnsserver"];
+        }
+    }
+
+    public function apply_backend_changes() {
+        # Update a slew of backend services
+        system_resolvconf_generate();
+        if (isset($this->config['dnsmasq']['enable'])) {
+            services_dnsmasq_configure();
+        } elseif (isset($this->config['unbound']['enable'])) {
+            services_unbound_configure();
+        }
+
+        # Reload DNS services and firewall filter
+        send_event("service reload dns");
+        filter_configure();
     }
 }

pfSense-pkg-API/files/usr/local/share/pfSense-pkg-API/manage.php

@@ -58,8 +58,12 @@ function restore() {
 
     # Local Variables
     $api_conf = APITools\get_api_config();
-    $backup_api_conf_json = file_get_contents("/usr/local/share/pfSense-pkg-API/backup.json");
-    $backup_api_conf = json_decode($backup_api_conf_json, true);;
+
+    # Only retrieve file contents if it exists
+    if (is_file("/usr/local/share/pfSense-pkg-API/backup.json")) {
+        $backup_api_conf_json = file_get_contents("/usr/local/share/pfSense-pkg-API/backup.json");
+        $backup_api_conf = json_decode($backup_api_conf_json, true);;
+    }
 
     # Restore our API configuration if the backup exists
     if (!empty($backup_api_conf_json)) {