Merge pull request #120 from jaredhendrickson13/v122_fixes

v1.2.2 Fixes & Features

Author: jaredhendrickson13

docs/CONTRIBUTING.md

@@ -529,7 +529,7 @@ to `tools/README.md`
 
 ## Creating or Updating Documentation ##
 Documentation is written and maintained using Postman. The JSON export of the Postman collection can be found in 
-`docs/documentation.json`. Both the README.md and embedded documentation are generated using this JSON file. To update
+`tools/templates/documentation.json`. Both the README.md and embedded documentation are generated using this JSON file. To update
 or add documentation, you can either import this collection to Postman, make your changes in Postman and then export the
 updated collection as JSON, or you may edit the JSON file directly if you are familiar with the structure. To generate
 the README.md and embedded documentation pages, you may use the `tools/make_documentation.py` script. For more info on
@@ -538,4 +538,4 @@ running the script, refer to `tools/README.md`
 Questions
 ---------
 There are some complex components to this project. Please feel free to reach out with any questions, 
-issues, or insight you have when creating API endpoints. Time permitting I am happy to help any way I can. 
+issues, or insight you have when creating API endpoints. Time permitting I am happy to help any way I can. 

docs/documentation.json

@@ -315,7 +315,7 @@ function sort_nat_rules($top=false, $data=null, $field=null) {
 }
 
 # Input a physical interface ID, or a descriptive interface name, and return the pfSense interface ID (lan,wan,optx)
-function get_pfsense_if_id($interface) {
+function get_pfsense_if_id($interface, $include_carp=false) {
     # Variables
     global $config;
     # Loop through our config and check each interface for a physical ID match
@@ -342,18 +342,19 @@ function get_pfsense_if_id($interface) {
         if ($interface === $if_id) {
             return $if_id;
         }
-
     }
 
-    # Loop on carp _vip interfaces
-    foreach ($config['virtualip']['vip'] as $carp) {
-        if ($carp['mode'] == "carp") {
-            if ($interface === '_vip'.$carp['uniqid']) {
-                return $interface;
+    # Only include CARP interfaces if they are explicitly requested
+    if ($include_carp) {
+        # Loop on carp _vip interfaces
+        foreach ($config['virtualip']['vip'] as $carp) {
+            if ($carp['mode'] == "carp") {
+                if ($interface === '_vip'.$carp['uniqid']) {
+                    return $interface;
+                }
             }
         }
     }
-
 }
 
 # Check if input is valid for rule source and destination

pfSense-pkg-API/files/etc/inc/api/framework/APITools.inc

@@ -37,7 +37,22 @@ class APIFirewallVirtualIPCreate extends APIModel {
     }
 
     public function validate_payload() {
+        # Assign a unique ID to the virtual IP
+        $this->validated_data['uniqid'] = uniqid();
+
+        # Validate input data
+        $this->__validate_mode();
+        $this->__validate_interface();
+        $this->__validate_subnet();
+        $this->__validate_descr();
+        $this->__validate_noexpand();
+        $this->__validate_vhid();
+        $this->__validate_advbase();
+        $this->__validate_advskew();
+        $this->__validate_password();
+    }
 
+    private function __validate_mode() {
         # Validate our required 'mode' payload value
         if (isset($this->initial_data['mode'])) {
             $mode_options = array("ipalias", "carp", "proxyarp", "other");
@@ -49,11 +64,13 @@ class APIFirewallVirtualIPCreate extends APIModel {
         } else {
             $this->errors[] = APIResponse\get(4019);
         }
+    }
 
+    private function __validate_interface() {
         # Validate our required 'interface' payload value
         if (isset($this->initial_data['interface'])) {
             # Convert this interface into the pfSense interface ID or set error if not found
-            $this->initial_data["interface"] = APITools\get_pfsense_if_id($this->initial_data["interface"]);
+            $this->initial_data["interface"] = APITools\get_pfsense_if_id($this->initial_data["interface"], true);
             if (is_string($this->initial_data["interface"])) {
                 $this->validated_data["interface"] = $this->initial_data["interface"];
             } else {
@@ -62,7 +79,9 @@ class APIFirewallVirtualIPCreate extends APIModel {
         } else {
             $this->errors[] = APIResponse\get(4020);
         }
+    }
 
+    private function __validate_subnet() {
         # Validate our required 'subnet' payload value
         if (isset($this->initial_data['subnet'])) {
             // If a single IPv4 or IPv6, append the subnet mask for one address
@@ -80,31 +99,45 @@ class APIFirewallVirtualIPCreate extends APIModel {
                 } else {
                     $this->validated_data["subnet"] = $subnet_split[0];
                     $this->validated_data["subnet_bits"] = $subnet_split[1];
+
+                    # Set virtual IP type to network/single based on subnet and subnet_bits
+                    if (is_ipaddrv4($this->validated_data["subnet"]) && $this->validated_data["subnet_bits"] == 32) {
+                        $this->validated_data["type"] = "single";
+                    } elseif (is_ipaddrv6($this->validated_data["subnet"]) && $this->validated_data["subnet_bits"] == 128) {
+                        $this->validated_data["type"] = "single";
+                    } else {
+                        $this->validated_data["type"] = "network";
+                    }
                 }
             } else {
                 $this->errors[] = APIResponse\get(4025);
             }
-
         } else {
             $this->errors[] = APIResponse\get(4021);
         }
+    }
 
-        # Validate our required 'descr' payload value
+    private function __validate_descr() {
+        # Validate our optional 'descr' payload value
         if (isset($this->initial_data['descr'])) {
             $this->validated_data["descr"] = strval($this->initial_data['descr']);
         } else {
             $this->validated_data["descr"] = "";
         }
+    }
 
-        # Validate our required 'noexpand' payload value
+    private function __validate_noexpand() {
+        # Validate our optional 'noexpand' payload value
         if ($this->initial_data['noexpand'] === true and in_array($this->initial_data["mode"], ["proxyarp", "other"])) {
             $this->validated_data['noexpand'] = "";
         }
+    }
 
-        # Validate CARP conditional payload values
+    private function __validate_vhid() {
+        # Only validate this field if the mode was set to CARP
         if ($this->validated_data["mode"] === "carp") {
             # Check for our optional 'vhid' payload value. Assume default if none was specified.
-            if (isset($this->initial_data['vhid'])) {
+            if (isset($this->initial_data['vhid']) ) {
                 if ($this->__vhid_exists($this->initial_data["interface"], $this->initial_data['vhid'])) {
                     $this->errors[] = APIResponse\get(4027);
                 } elseif (1 > $this->initial_data['vhid'] or $this->initial_data['vhid'] > 255) {
@@ -116,7 +149,12 @@ class APIFirewallVirtualIPCreate extends APIModel {
                 # If a VHID was not specified, use the next available VHID
                 $this->validated_data["vhid"] = APITools\next_vhid();
             }
+        }
+    }
 
+    private function __validate_advskew() {
+        # Only validate this field if the mode was set to CARP
+        if ($this->validated_data["mode"] === "carp") {
             # Check for our optional 'advskew' payload value. Assume default if none was specified.
             if (isset($this->initial_data['advskew'])) {
                 # Ensure 'advskew' value is within range
@@ -128,7 +166,12 @@ class APIFirewallVirtualIPCreate extends APIModel {
             } else {
                 $this->validated_data["advskew"] = 0;
             }
+        }
+    }
 
+    private function __validate_advbase() {
+        # Only validate this field if the mode was set to CARP
+        if ($this->validated_data["mode"] === "carp") {
             # Check for our optional 'advbase' payload value. Assume default if none was specified.
             if (isset($this->initial_data['advbase'])) {
                 # Ensure 'advbase' value is within range
@@ -140,23 +183,19 @@ class APIFirewallVirtualIPCreate extends APIModel {
             } else {
                 $this->validated_data["advbase"] = 1;
             }
+        }
+    }
 
-            # Check for our require 'password' payload value. Set error if none was specified.
+    private function __validate_password() {
+        # Only validate this field if the mode was set to CARP
+        if ($this->validated_data["mode"] === "carp") {
+            # Check for the required 'password' payload value. Set error if none was specified.
             if (isset($this->initial_data['password'])) {
                 $this->validated_data["password"] = strval($this->initial_data['password']);
             } else {
                 $this->errors[] = APIResponse\get(4022);
             }
         }
-
-        # Set virtual IP type to network/single based on subnet and subnet_bits
-        if (is_ipaddrv4($this->validated_data["subnet"]) && $this->validated_data["subnet_bits"] == 32) {
-          $this->validated_data["type"] = "single";
-        } elseif (is_ipaddrv6($this->validated_data["subnet"]) && $this->validated_data["subnet_bits"] == 128) {
-          $this->validated_data["type"] = "single";
-        } else {
-          $this->validated_data["type"] = "network";
-        }
     }
 
     private function __vhid_exists($interface, $vhid) {
@@ -168,5 +207,4 @@ class APIFirewallVirtualIPCreate extends APIModel {
         }
         return false;
     }
-
 }

pfSense-pkg-API/files/etc/inc/api/models/APIFirewallVirtualIPCreate.inc

@@ -17,6 +17,8 @@ require_once("api/framework/APIModel.inc");
 require_once("api/framework/APIResponse.inc");
 
 class APIFirewallVirtualIPUpdate extends APIModel {
+    private $__prev_mode;
+    
     # Create our method constructor
     public function __construct() {
         parent::__construct();
@@ -33,6 +35,19 @@ class APIFirewallVirtualIPUpdate extends APIModel {
     }
 
     public function validate_payload() {
+        $this->__validate_id();
+        $this->__validate_mode();
+        $this->__validate_interface();
+        $this->__validate_subnet();
+        $this->__validate_descr();
+        $this->__validate_noexpand();
+        $this->__validate_vhid();
+        $this->__validate_advbase();
+        $this->__validate_advskew();
+        $this->__validate_password();
+    }
+
+    private function __validate_id() {
         # Validate our required 'id' payload value
         if (isset($this->initial_data['id'])) {
             # Check that our rule ID exists
@@ -45,29 +60,35 @@ class APIFirewallVirtualIPUpdate extends APIModel {
         } else {
             $this->errors[] = APIResponse\get(4017);
         }
+    }
 
+    private function __validate_mode() {
         # Validate our optional 'mode' payload value
         if (isset($this->initial_data['mode'])) {
             $mode_options = array("ipalias", "carp", "proxyarp", "other");
             if (in_array($this->initial_data['mode'], $mode_options)) {
-                $previous_mode = $this->validated_data["mode"];
+                $this->__prev_mode = $this->validated_data["mode"];
                 $this->validated_data["mode"] = $this->initial_data['mode'];
             } else {
                 $this->errors[] = APIResponse\get(4023);
             }
         }
+    }
 
+    private function __validate_interface() {
         # Validate our optional 'interface' payload value
         if (isset($this->initial_data['interface'])) {
             # Convert this interface into the pfSense interface ID or set error if not found
-            $this->initial_data["interface"] = APITools\get_pfsense_if_id($this->initial_data["interface"]);
+            $this->initial_data["interface"] = APITools\get_pfsense_if_id($this->initial_data["interface"], true);
             if (is_string($this->initial_data["interface"])) {
                 $this->validated_data["interface"] = $this->initial_data["interface"];
             } else {
                 $this->errors[] = APIResponse\get(4024);
             }
         }
+    }
 
+    private function __validate_subnet() {
         # Validate our optional 'subnet' payload value
         if (isset($this->initial_data['subnet'])) {
             // If a single IPv4 or IPv6, append the subnet mask for one address
@@ -85,23 +106,38 @@ class APIFirewallVirtualIPUpdate extends APIModel {
                 } else {
                     $this->validated_data["subnet"] = $subnet_split[0];
                     $this->validated_data["subnet_bits"] = $subnet_split[1];
+
+                    # Set virtual IP type to network/single based on subnet and subnet_bits
+                    if (is_ipaddrv4($this->validated_data["subnet"]) && $this->validated_data["subnet_bits"] == 32) {
+                        $this->validated_data["type"] = "single";
+                    } elseif (is_ipaddrv6($this->validated_data["subnet"]) && $this->validated_data["subnet_bits"] == 128) {
+                        $this->validated_data["type"] = "single";
+                    } else {
+                        $this->validated_data["type"] = "network";
+                    }
                 }
             } else {
                 $this->errors[] = APIResponse\get(4025);
             }
         }
+    }
 
+    private function __validate_descr() {
         # Validate our optional 'descr' payload value
         if (isset($this->initial_data['descr'])) {
             $this->validated_data["descr"] = strval($this->initial_data['descr']);
         }
+    }
 
+    private function __validate_noexpand() {
         # Validate our optional 'noexpand' payload value
         if ($this->initial_data['noexpand'] === true and in_array($this->initial_data["mode"], ["proxyarp", "other"])) {
             $this->validated_data['noexpand'] = "";
         }
+    }
 
-        # Validate CARP conditional payload values
+    private function __validate_vhid() {
+        # Only validate this field if the mode is set to CARP
         if ($this->validated_data["mode"] === "carp") {
             # Check for our optional 'vhid' payload value. Assume default if none was specified.
             if (isset($this->initial_data['vhid'])) {
@@ -112,11 +148,16 @@ class APIFirewallVirtualIPUpdate extends APIModel {
                 } else {
                     $this->validated_data["vhid"] = $this->initial_data["vhid"];
                 }
-            } elseif ($previous_mode !== "carp") {
+            } elseif ($this->__prev_mode !== "carp") {
                 # If a VHID was not specified, use the next available VHID
                 $this->validated_data["vhid"] = APITools\next_vhid();
             }
+        }
+    }
 
+    private function __validate_advskew() {
+        # Only validate this field if the mode is set to CARP
+        if ($this->validated_data["mode"] === "carp") {
             # Check for our optional 'advskew' payload value. Assume default if none was specified.
             if (isset($this->initial_data['advskew'])) {
                 # Ensure 'advskew' value is within range
@@ -125,10 +166,15 @@ class APIFirewallVirtualIPUpdate extends APIModel {
                 } else {
                     $this->validated_data["advskew"] = intval($this->initial_data['advskew']);
                 }
-            } elseif ($previous_mode !== "carp") {
+            } elseif ($this->__prev_mode !== "carp") {
                 $this->validated_data["advskew"] = 0;
             }
+        }
+    }
 
+    private function __validate_advbase() {
+        # Only validate this field if the mode is set to CARP
+        if ($this->validated_data["mode"] === "carp") {
             # Check for our optional 'advbase' payload value. Assume default if none was specified.
             if (isset($this->initial_data['advbase'])) {
                 # Ensure 'advbase' value is within range
@@ -137,20 +183,22 @@ class APIFirewallVirtualIPUpdate extends APIModel {
                 } else {
                     $this->validated_data["advbase"] = intval($this->initial_data['advbase']);
                 }
-            } elseif ($previous_mode !== "carp") {
+            } elseif ($this->__prev_mode !== "carp") {
                 $this->validated_data["advbase"] = 1;
             }
+        }
+    }
 
+    private function __validate_password() {
+        # Validate CARP conditional payload values
+        if ($this->validated_data["mode"] === "carp") {
             # Check for our require 'password' payload value. Set error if none was specified.
             if (isset($this->initial_data['password'])) {
                 $this->validated_data["password"] = strval($this->initial_data['password']);
-            } elseif ($previous_mode !== "carp") {
+            } elseif ($this->__prev_mode !== "carp") {
                 $this->errors[] = APIResponse\get(4022);
             }
         }
-
-        # Set virtual IP type to network. This is easier to handle than allow single IPs too.
-        $this->validated_data["type"] = "network";
     }
 
     private function __vhid_exists($vhid) {
@@ -162,4 +210,4 @@ class APIFirewallVirtualIPUpdate extends APIModel {
         }
         return false;
     }
-}
+}

pfSense-pkg-API/files/etc/inc/api/models/APIFirewallVirtualIPUpdate.inc

@@ -1983,7 +1983,7 @@
 function IsJsonString(str){try{JSON.parse(str);}catch(e){return false;}
 return true;}
 String.prototype.replaceAll=function(replaceThis,withThis){var re=new RegExp(RegExp.quote(replaceThis),"g");return this.replace(re,withThis);};RegExp.quote=function(str){return str.replace(/([.?*+^$[\]\\(){}-])/g,"\\$1");};function syntaxHighlight(json){json=json.replace(/&/g,'&amp;').replace(/</g,'&lt;').replace(/>/g,'&gt;');return json.replace(/("(\\u[a-zA-Z0-9]{4}|\\[^u]|[^\\"])*"(\s*:)?|\b(true|false|null)\b|-?\d+(?:\.\d*)?(?:[eE][+\-]?\d+)?)/g,function(match){var cls='number';if(/^"/.test(match)){if(/:$/.test(match)){cls='key';}else{cls='string';}}else if(/true|false/.test(match)){cls='boolean';}else if(/null/.test(match)){cls='null';}
-return '<span class="'+cls+'">'+match+'</span>';});}</script><br><br><footer class="navbar-default navbar-fixed-bottom"><div class=container-fluid><div class="span12 text-center"><span data-toggle=tooltip title="If the application help you, please feel free to give a star to the project in github. Your star inspire me to work more on open-source projects like this!">Made with <em class=love-color>&#9829;</em> by <a href=https://github.com/thedevsaddam target=_blank class=text-muted>thedevsaddam</a> | Generated at: 2021-03-22 21:57:19 by <a href=https://github.com/thedevsaddam/docgen target=_blank class=text-muted>docgen</a></span></div></div></footer>
+return '<span class="'+cls+'">'+match+'</span>';});}</script><br><br><footer class="navbar-default navbar-fixed-bottom"><div class=container-fluid><div class="span12 text-center"><span data-toggle=tooltip title="If the application help you, please feel free to give a star to the project in github. Your star inspire me to work more on open-source projects like this!">Made with <em class=love-color>&#9829;</em> by <a href=https://github.com/thedevsaddam target=_blank class=text-muted>thedevsaddam</a> | Generated at: 2021-04-05 09:37:25 by <a href=https://github.com/thedevsaddam/docgen target=_blank class=text-muted>docgen</a></span></div></div></footer>
 <script type="text/javascript">
     $(document).ready(function() {
         document.title = 'pfSense REST API Documentation';