Fixed minor bugs in routing endpoints, created firewall and routing apply endpoints to apply pending changes, updated documentation

Author: Jared Hendrickson

README.md

@@ -0,0 +1,26 @@
+<?php
+//   Copyright 2020 Jared Hendrickson
+//
+//   Licensed under the Apache License, Version 2.0 (the "License");
+//   you may not use this file except in compliance with the License.
+//   You may obtain a copy of the License at
+//
+//       http://www.apache.org/licenses/LICENSE-2.0
+//
+//   Unless required by applicable law or agreed to in writing, software
+//   distributed under the License is distributed on an "AS IS" BASIS,
+//   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//   See the License for the specific language governing permissions and
+//   limitations under the License.
+
+require_once("api/framework/APIEndpoint.inc");
+
+class APIFirewallApply extends APIEndpoint {
+    public function __construct() {
+        $this->url = "/api/v1/firewall/apply";
+    }
+
+    protected function post() {
+        return (new APIFirewallApplyCreate())->call();
+    }
+}

docs/documentation.json

@@ -15,12 +15,12 @@
 
 require_once("api/framework/APIEndpoint.inc");
 
-class APIFirewallNAT extends APIEndpoint {
+class APIRoutingApply extends APIEndpoint {
     public function __construct() {
-        $this->url = "/api/v1/firewall/nat";
+        $this->url = "/api/v1/routing/apply";
     }
 
-    protected function get() {
-        return (new APIFirewallNATRead())->call();
+    protected function post() {
+        return (new APIRoutingApplyCreate())->call();
     }
 }

pfSense-pkg-API/files/etc/inc/api/endpoints/APIFirewallApply.inc

@@ -0,0 +1,45 @@
+<?php
+//   Copyright 2020 Jared Hendrickson
+//
+//   Licensed under the Apache License, Version 2.0 (the "License");
+//   you may not use this file except in compliance with the License.
+//   You may obtain a copy of the License at
+//
+//       http://www.apache.org/licenses/LICENSE-2.0
+//
+//   Unless required by applicable law or agreed to in writing, software
+//   distributed under the License is distributed on an "AS IS" BASIS,
+//   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//   See the License for the specific language governing permissions and
+//   limitations under the License.
+
+require_once("api/framework/APIModel.inc");
+require_once("api/framework/APIResponse.inc");
+
+
+class APIFirewallApplyCreate extends APIModel {
+    # Create our method constructor
+    public function __construct() {
+        parent::__construct();
+        $this->privileges = [
+            "page-all",
+            "page-firewall-rules",
+            "page-firewall-rules-edit",
+            "page-firewall-aliases",
+            "page-firewall-aliases-edit",
+            "page-firewall-nat-1-1",
+            "page-firewall-nat-1-1-edit",
+            "page-firewall-nat-outbound",
+            "page-firewall-nat-outbound-edit",
+            "page-firewall-nat-portforward",
+            "page-firewall-nat-portforward-edit"
+        ];
+    }
+
+    public function action() {
+        filter_configure();
+        clear_subsystem_dirty('natconf');
+        clear_subsystem_dirty('filter');
+        return APIResponse\get(0);
+    }
+}

…etc/inc/api/endpoints/APIFirewallNAT.inc …tc/inc/api/endpoints/APIRoutingApply.incpfSense-pkg-API/files/etc/inc/api/endpoints/APIFirewallNAT.inc renamed to pfSense-pkg-API/files/etc/inc/api/endpoints/APIRoutingApply.inc pfSense-pkg-API/files/etc/inc/api/endpoints/APIFirewallNAT.inc renamed to pfSense-pkg-API/files/etc/inc/api/endpoints/APIRoutingApply.inc

@@ -39,14 +39,7 @@ class APIFirewallNATOneToOneCreate extends APIModel {
         $this->config["nat"]["onetoone"][$this->id] = $this->validated_data;
         APITools\sort_nat_rules($this->initial_data["top"], $this->id, "onetoone");
         $this->write_config();
-        mark_subsystem_dirty('natconf');
-
-        # Allow clients to apply this rule immediately if they passed in an apply value
-        if ($this->initial_data["apply"] === true) {
-            filter_configure();
-            clear_subsystem_dirty('natconf');
-            clear_subsystem_dirty('filter');
-        }
+        $this->apply();
         return APIResponse\get(0, $this->validated_data);
     }
 
@@ -151,4 +144,16 @@ class APIFirewallNATOneToOneCreate extends APIModel {
         $this->__validate_descr();
         $this->__validate_natreflection();
     }
+
+    public function apply() {
+        # Mark the NAT subsystem as changed, clear if applied
+        mark_subsystem_dirty('natconf');
+
+        # Allow clients to apply this rule immediately if they passed in an apply value
+        if ($this->initial_data["apply"] === true) {
+            filter_configure();
+            clear_subsystem_dirty('natconf');
+            clear_subsystem_dirty('filter');
+        }
+    }
 }

pfSense-pkg-API/files/etc/inc/api/models/APIFirewallApplyCreate.inc

@@ -30,19 +30,12 @@ class APIFirewallNATOneToOneDelete extends APIModel {
         unset($this->config["nat"]["onetoone"][$this->id]);
         APITools\sort_nat_rules(null, null, "onetoone");
         $this->write_config();
-        mark_subsystem_dirty('natconf');
-
-        # Allow clients to delete this rule immediately if they passed in an apply value
-        if ($this->initial_data["apply"] === true) {
-            filter_configure();
-            clear_subsystem_dirty('natconf');
-            clear_subsystem_dirty('filter');
-        }
+        $this->apply();
         return APIResponse\get(0, $del_rule);
     }
 
     public function validate_payload() {
-
+        # Require clients to pass in 1:1 rule ID to locate the rule to delete
         if (isset($this->initial_data['id'])) {
             // Check that our rule ID exists
             if (array_key_exists($this->initial_data['id'], $this->config["nat"]["onetoone"])) {
@@ -54,4 +47,17 @@ class APIFirewallNATOneToOneDelete extends APIModel {
             $this->errors[] = APIResponse\get(4083);
         }
     }
+
+    public function apply() {
+        # Mark the NAT subsystem as changed, clear if applied
+        mark_subsystem_dirty('natconf');
+
+        # Allow clients to apply this rule immediately if they passed in an apply value
+        if ($this->initial_data["apply"] === true) {
+            filter_configure();
+            clear_subsystem_dirty('natconf');
+            clear_subsystem_dirty('filter');
+        }
+    }
+
 }

pfSense-pkg-API/files/etc/inc/api/models/APIFirewallNATOneToOneCreate.inc

@@ -32,14 +32,7 @@ class APIFirewallNATOneToOneUpdate extends APIModel {
         $this->config["nat"]["onetoone"][$this->id] = $this->validated_data;
         APITools\sort_nat_rules($this->initial_data["top"], $this->id, "onetoone");
         $this->write_config();
-        mark_subsystem_dirty('natconf');
-
-        # Allow clients to apply this rule immediately if they passed in an apply value
-        if ($this->initial_data["apply"] === true) {
-            filter_configure();
-            clear_subsystem_dirty('natconf');
-            clear_subsystem_dirty('filter');
-        }
+        $this->apply();
         return APIResponse\get(0, $this->validated_data);
     }
 
@@ -160,4 +153,17 @@ class APIFirewallNATOneToOneUpdate extends APIModel {
         $this->__validate_descr();
         $this->__validate_natreflection();
     }
+
+    public function apply() {
+        # Mark the NAT subsystem as changed, clear if applied
+        mark_subsystem_dirty('natconf');
+
+        # Allow clients to apply this rule immediately if they passed in an apply value
+        if ($this->initial_data["apply"] === true) {
+            filter_configure();
+            clear_subsystem_dirty('natconf');
+            clear_subsystem_dirty('filter');
+        }
+    }
+
 }

pfSense-pkg-API/files/etc/inc/api/models/APIFirewallNATOneToOneDelete.inc

@@ -40,14 +40,7 @@ class APIFirewallNATOutboundMappingCreate extends APIModel {
         $this->config["nat"]["outbound"]["rule"][$this->id] = $this->validated_data;
         APITools\sort_nat_rules($this->initial_data["top"], $this->id, "outbound");
         $this->write_config();
-        mark_subsystem_dirty('natconf');
-
-        # Allow clients to apply this rule immediately if they passed in an apply value
-        if ($this->initial_data["apply"] === true) {
-            filter_configure();
-            clear_subsystem_dirty('natconf');
-            clear_subsystem_dirty('filter');
-        }
+        $this->apply();
         return APIResponse\get(0, $this->validated_data);
     }
 
@@ -292,5 +285,16 @@ class APIFirewallNATOutboundMappingCreate extends APIModel {
         $this->validated_data["updated"] = $this->validated_data["created"];
     }
 
+    public function apply() {
+        # Mark the NAT subsystem as changed, clear if applied
+        mark_subsystem_dirty('natconf');
+
+        # Allow clients to apply this rule immediately if they passed in an apply value
+        if ($this->initial_data["apply"] === true) {
+            filter_configure();
+            clear_subsystem_dirty('natconf');
+            clear_subsystem_dirty('filter');
+        }
+    }
 
 }

pfSense-pkg-API/files/etc/inc/api/models/APIFirewallNATOneToOneUpdate.inc

@@ -30,19 +30,12 @@ class APIFirewallNATOutboundMappingDelete extends APIModel {
         unset($this->config["nat"]["outbound"]["rule"][$this->id]);
         APITools\sort_nat_rules(null, null, "outbound");
         $this->write_config();
-        mark_subsystem_dirty('natconf');
-
-        # Allow clients to delete this rule immediately if they passed in an apply value
-        if ($this->initial_data["apply"] === true) {
-            filter_configure();
-            clear_subsystem_dirty('natconf');
-            clear_subsystem_dirty('filter');
-        }
+        $this->apply();
         return APIResponse\get(0, $del_rule);
     }
 
     public function validate_payload() {
-
+        # Require clients to pass in a outbound rule ID to locate the rule to delete
         if (isset($this->initial_data['id'])) {
             // Check that our rule ID exists
             if (array_key_exists($this->initial_data['id'], $this->config["nat"]["outbound"]["rule"])) {
@@ -54,4 +47,16 @@ class APIFirewallNATOutboundMappingDelete extends APIModel {
             $this->errors[] = APIResponse\get(4104);
         }
     }
+
+    public function apply() {
+        # Mark the NAT subsystem as changed, clear if applied
+        mark_subsystem_dirty('natconf');
+
+        # Allow clients to apply this rule immediately if they passed in an apply value
+        if ($this->initial_data["apply"] === true) {
+            filter_configure();
+            clear_subsystem_dirty('natconf');
+            clear_subsystem_dirty('filter');
+        }
+    }
 }