Commit 86f4c1a5 authored by Francesc Guasch's avatar Francesc Guasch
Browse files

[#51] fixed resume domain opens iptables

parent 801022b5
...@@ -828,7 +828,10 @@ sub _cmd_resume { ...@@ -828,7 +828,10 @@ sub _cmd_resume {
my $uid = $request->args('uid'); my $uid = $request->args('uid');
my $user = Ravada::Auth::SQL->search_by_id($uid); my $user = Ravada::Auth::SQL->search_by_id($uid);
$domain->resume($user); $domain->resume(
remote_ip => $request->args('remote_ip')
,uid => $user
);
$request->status('done'); $request->status('done');
......
...@@ -100,7 +100,7 @@ before 'start' => \&_start_preconditions; ...@@ -100,7 +100,7 @@ before 'start' => \&_start_preconditions;
before 'pause' => \&_allow_manage; before 'pause' => \&_allow_manage;
after 'pause' => \&_post_pause; after 'pause' => \&_post_pause;
before 'resume' => \&_allow_manage; before 'resume' => \&_allow_manage_any;
after 'resume' => \&_post_resume; after 'resume' => \&_post_resume;
before 'shutdown' => \&_allow_manage_args; before 'shutdown' => \&_allow_manage_args;
...@@ -150,12 +150,11 @@ sub _allow_manage_args { ...@@ -150,12 +150,11 @@ sub _allow_manage_args {
sub _allow_manage { sub _allow_manage {
my $self = shift; my $self = shift;
confess "Disabled from read only connection" return $self->_allow_manage_args(@_)
if $self->readonly; if scalar(@_) % 2 == 0;
my ($user) = @_; my ($user) = @_;
return $self->allow_manage_args( user => $user);
$self->_allowed($user);
} }
......
...@@ -221,7 +221,7 @@ sub resume_domain { ...@@ -221,7 +221,7 @@ sub resume_domain {
my $proto = shift; my $proto = shift;
my $class=ref($proto) || $proto; my $class=ref($proto) || $proto;
my $args = _check_args('pause_domain', @_); my $args = _check_args('resume_domain', @_);
my $self = {}; my $self = {};
bless($self,$class); bless($self,$class);
......
...@@ -111,6 +111,49 @@ sub test_fw_domain{ ...@@ -111,6 +111,49 @@ sub test_fw_domain{
} }
sub test_fw_domain_pause {
my ($vm_name, $domain_name) = @_;
my $remote_ip = '99.88.77.66';
my $local_ip;
my $local_port;
{
my $vm = rvd_back->search_vm($vm_name);
my $domain = $vm->search_domain($domain_name);
ok($domain,"Searching for domain $domain_name") or return;
$domain->start( user => $USER, remote_ip => $remote_ip);
my $display = $domain->display($USER);
($local_port) = $display =~ m{\d+\.\d+\.\d+\.\d+\:(\d+)};
$local_ip = $vm->ip;
ok(defined $local_port, "Expecting a port in display '$display'") or return;
$domain->pause($USER);
ok($domain->is_paused);
test_chain($vm_name, $local_ip,$local_port, $remote_ip, 0);
}
{
my $req = Ravada::Request->resume_domain(
uid => $USER->id
,name => $domain_name
,remote_ip => $remote_ip
);
ok($req);
ok($req->status);
rvd_back->process_requests();
wait_request($req);
is($req->status,'done');
is($req->error,'');
ok(search_rule($local_ip,$local_port, $remote_ip )) or exit;
}
}
sub open_ipt { sub open_ipt {
my %opts = ( my %opts = (
...@@ -135,8 +178,7 @@ sub open_ipt { ...@@ -135,8 +178,7 @@ sub open_ipt {
} }
sub test_chain { sub search_rule {
my $vm_name = shift;
my ($local_ip, $local_port, $remote_ip, $enabled) = @_; my ($local_ip, $local_port, $remote_ip, $enabled) = @_;
my $ipt = open_ipt(); my $ipt = open_ipt();
...@@ -144,11 +186,21 @@ sub test_chain { ...@@ -144,11 +186,21 @@ sub test_chain {
my ($rule_num , $chain_rules) my ($rule_num , $chain_rules)
= $ipt->find_ip_rule($remote_ip, $local_ip,'filter', $CHAIN, 'ACCEPT' = $ipt->find_ip_rule($remote_ip, $local_ip,'filter', $CHAIN, 'ACCEPT'
, {normalize => 1 , d_port => $local_port }); , {normalize => 1 , d_port => $local_port });
return if ! $rule_num;
return $rule_num;
}
sub test_chain {
my $vm_name = shift;
my ($local_ip, $local_port, $remote_ip, $enabled) = @_;
my $rule_num = search_rule(@_);
ok($rule_num,"[$vm_name] Expecting rule for $remote_ip -> $local_ip: $local_port") ok($rule_num,"[$vm_name] Expecting rule for $remote_ip -> $local_ip: $local_port")
if $enabled; if $enabled;
ok(!$rule_num,"[$vm_name] Expecting no rule for $remote_ip -> $local_ip: $local_port" ok(!$rule_num,"[$vm_name] Expecting no rule for $remote_ip "
.", got $rule_num ") ."-> $local_ip: $local_port"
.", got ".($rule_num or "<UNDEF>"))
if !$enabled; if !$enabled;
} }
...@@ -189,6 +241,7 @@ for my $vm_name (qw( Void KVM )) { ...@@ -189,6 +241,7 @@ for my $vm_name (qw( Void KVM )) {
flush_rules(); flush_rules();
my $domain_name = test_create_domain($vm_name); my $domain_name = test_create_domain($vm_name);
test_fw_domain_pause($vm_name, $domain_name);
test_fw_domain($vm_name, $domain_name); test_fw_domain($vm_name, $domain_name);
}; };
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment