Development

docker/routlin-dash/app/action_apply_port_forwarding.py

@@ -1,207 +0,0 @@
-import copy
-
-from flask import Blueprint, request, redirect, flash
-from auth import require_level
-from config_utils import load_config, save_config_with_snapshot, verify_config_hash
-import sanitize
-import validation as validate
-
-bp = Blueprint('action_apply_port_forwarding', __name__)
-
-VIEW = '/view/view_port_forwarding'
-
-_VALID_PROTOS_STR = ', '.join(sorted(validate.VALID_PROTOCOLS))
-
-
-def _row_index():
-    try:
-        return int(request.form.get('row_index', ''))
-    except (ValueError, TypeError):
-        return None
-
-
-def _hash_ok():
-    if not verify_config_hash(request.form.get('config_hash', '')):
-        flash('Configuration was modified by another session. Please refresh and try again.', 'error')
-        return False
-    return True
-
-
-def _parse_entry():
-    description   = sanitize.text(request.form.get('description', ''))
-    protocol      = sanitize.filtervalue(request.form.get('protocol', ''), validate.VALID_PROTOCOLS)
-    dest_port_raw = request.form.get('dest_port', '').strip()
-    nat_ip_raw    = request.form.get('nat_ip',    '').strip()
-    nat_port_raw  = request.form.get('nat_port',  '').strip()
-
-    if not protocol:
-        flash(f'The configuration has not been saved because the protocol is invalid. '
-              f'Accepted values: {_VALID_PROTOS_STR}.', 'error')
-        return None, True
-
-    if not dest_port_raw:
-        flash('The configuration has not been saved because the external port is required.', 'error')
-        return None, True
-    dest_port = validate.port(dest_port_raw)
-    if not dest_port:
-        flash(f'The configuration has not been saved because "{dest_port_raw}" is not a valid port number (1-65535).', 'error')
-        return None, True
-
-    if not nat_ip_raw:
-        flash('The configuration has not been saved because the NAT IP address is required.', 'error')
-        return None, True
-    nat_ip = validate.ip(nat_ip_raw)
-    if not nat_ip:
-        flash(f'The configuration has not been saved because "{nat_ip_raw}" is not a valid IP address.', 'error')
-        return None, True
-
-    if not nat_port_raw:
-        flash('The configuration has not been saved because the NAT port is required.', 'error')
-        return None, True
-    nat_port = validate.port(nat_port_raw)
-    if not nat_port:
-        flash(f'The configuration has not been saved because "{nat_port_raw}" is not a valid port number (1-65535).', 'error')
-        return None, True
-
-    return {
-        'description': description,
-        'protocol':    protocol,
-        'dest_port':   dest_port,
-        'nat_ip':      nat_ip,
-        'nat_port':    nat_port,
-        'enabled':     True,
-    }, None
-
-
-@bp.route('/action/add_port_forward', methods=['POST'])
-@require_level('administrator')
-def add_port_forward():
-    entry, err = _parse_entry()
-    if err:
-        return redirect(VIEW)
-    if not _hash_ok():
-        return redirect(VIEW)
-
-    cfg = load_config()
-    cfg.setdefault('port_forwarding', []).append(entry)
-    errors = validate.validate_config(cfg)
-    if errors:
-        for msg in errors:
-            flash(msg, 'error')
-        return redirect(VIEW)
-
-    key = f'{entry["protocol"]}:{entry["dest_port"]}'
-    flash(save_config_with_snapshot(
-        cfg,
-        path='port_forwarding', key=key, operation='add',
-        before=None, after=entry,
-        description=f'Added port forward: {key} → {entry["nat_ip"]}:{entry["nat_port"]}',
-    ), 'success')
-    return redirect(VIEW)
-
-
-@bp.route('/action/toggle_port_forward', methods=['POST'])
-@require_level('administrator')
-def toggle_port_forward():
-    idx = _row_index()
-    if idx is None:
-        flash('Invalid request.', 'error')
-        return redirect(VIEW)
-    if not _hash_ok():
-        return redirect(VIEW)
-
-    cfg  = load_config()
-    items = cfg.get('port_forwarding', [])
-    if idx < 0 or idx >= len(items):
-        flash('Entry not found.', 'error')
-        return redirect(VIEW)
-
-    old_enabled        = items[idx].get('enabled', True)
-    items[idx]['enabled'] = not old_enabled
-    errors = validate.validate_config(cfg)
-    if errors:
-        for msg in errors:
-            flash(msg, 'error')
-        return redirect(VIEW)
-
-    key    = f'{items[idx]["protocol"]}:{items[idx]["dest_port"]}'
-    action = 'Enabled' if not old_enabled else 'Disabled'
-    flash(save_config_with_snapshot(
-        cfg,
-        path='port_forwarding', key=key, operation='toggle',
-        before={'enabled': old_enabled}, after={'enabled': not old_enabled},
-        description=f'{action} port forward: {key}',
-    ), 'success')
-    return redirect(VIEW)
-
-
-@bp.route('/action/edit_port_forward', methods=['POST'])
-@require_level('administrator')
-def edit_port_forward():
-    idx = _row_index()
-    if idx is None:
-        flash('Invalid request.', 'error')
-        return redirect(VIEW)
-
-    entry, err = _parse_entry()
-    if err:
-        return redirect(VIEW)
-    if not _hash_ok():
-        return redirect(VIEW)
-
-    cfg  = load_config()
-    items = cfg.get('port_forwarding', [])
-    if idx < 0 or idx >= len(items):
-        flash('Entry not found.', 'error')
-        return redirect(VIEW)
-
-    before        = copy.deepcopy(items[idx])
-    items[idx]    = entry
-    items[idx]['enabled'] = request.form.get('enabled') == 'on'
-    errors = validate.validate_config(cfg)
-    if errors:
-        for msg in errors:
-            flash(msg, 'error')
-        return redirect(VIEW)
-
-    key = f'{entry["protocol"]}:{entry["dest_port"]}'
-    flash(save_config_with_snapshot(
-        cfg,
-        path='port_forwarding', key=key, operation='edit',
-        before=before, after=copy.deepcopy(items[idx]),
-        description=f'Edited port forward: {key} → {entry["nat_ip"]}:{entry["nat_port"]}',
-    ), 'success')
-    return redirect(VIEW)
-
-
-@bp.route('/action/delete_port_forward', methods=['POST'])
-@require_level('administrator')
-def delete_port_forward():
-    idx = _row_index()
-    if idx is None:
-        flash('Invalid request.', 'error')
-        return redirect(VIEW)
-    if not _hash_ok():
-        return redirect(VIEW)
-
-    cfg  = load_config()
-    items = cfg.get('port_forwarding', [])
-    if idx < 0 or idx >= len(items):
-        flash('Entry not found.', 'error')
-        return redirect(VIEW)
-
-    removed = items.pop(idx)
-    errors = validate.validate_config(cfg)
-    if errors:
-        for msg in errors:
-            flash(msg, 'error')
-        return redirect(VIEW)
-
-    key = f'{removed["protocol"]}:{removed["dest_port"]}'
-    flash(save_config_with_snapshot(
-        cfg,
-        path='port_forwarding', key=key, operation='delete',
-        before=removed, after=None,
-        description=f'Deleted port forward: {key}',
-    ), 'success')
-    return redirect(VIEW)