authorize('viewAny', [FirewallRule::class, $server]); $this->validateRoute($project, $server); return FirewallRuleResource::collection($server->firewallRules()->simplePaginate(25)); } #[Post('/', name: 'api.projects.servers.firewall-rules.create', middleware: 'ability:write')] #[Endpoint(title: 'create', description: 'Create a new firewall rule.')] #[BodyParam(name: 'name', required: true)] #[BodyParam(name: 'type', required: true, enum: ['allow', 'deny'])] #[BodyParam(name: 'protocol', required: true, enum: ['tcp', 'udp'])] #[BodyParam(name: 'port', required: true)] #[BodyParam(name: 'source', required: false)] #[BodyParam(name: 'mask', description: 'Mask for source IP.', example: '0')] #[ResponseFromApiResource(FirewallRuleResource::class, FirewallRule::class)] public function create(Request $request, Project $project, Server $server): FirewallRuleResource { $this->authorize('create', [FirewallRule::class, $server]); $this->validateRoute($project, $server); $this->validate($request, ManageRule::rules()); $firewallRule = app(ManageRule::class)->create($server, $request->all()); return new FirewallRuleResource($firewallRule); } #[Put('{firewallRule}', name: 'api.projects.servers.firewall-rules.edit', middleware: 'ability:write')] #[Endpoint(title: 'edit', description: 'Update an existing firewall rule.')] #[BodyParam(name: 'name', required: true)] #[BodyParam(name: 'type', required: true, enum: ['allow', 'deny'])] #[BodyParam(name: 'protocol', required: true, enum: ['tcp', 'udp'])] #[BodyParam(name: 'port', required: true)] #[BodyParam(name: 'source', required: false)] #[BodyParam(name: 'mask', description: 'Mask for source IP.', example: '0')] #[ResponseFromApiResource(FirewallRuleResource::class, FirewallRule::class)] public function edit(Request $request, Project $project, Server $server, FirewallRule $firewallRule): FirewallRuleResource { $this->authorize('update', [FirewallRule::class, $firewallRule]); $this->validateRoute($project, $server); $this->validate($request, ManageRule::rules()); $firewallRule = app(ManageRule::class)->update($firewallRule, $request->all()); return new FirewallRuleResource($firewallRule); } #[Get('{firewallRule}', name: 'api.projects.servers.firewall-rules.show', middleware: 'ability:read')] #[Endpoint(title: 'show', description: 'Get a firewall rule by ID.')] #[ResponseFromApiResource(FirewallRuleResource::class, FirewallRule::class)] public function show(Project $project, Server $server, FirewallRule $firewallRule): FirewallRuleResource { $this->authorize('view', [$firewallRule, $server]); $this->validateRoute($project, $server, $firewallRule); return new FirewallRuleResource($firewallRule); } #[Delete('{firewallRule}', name: 'api.projects.servers.firewall-rules.delete', middleware: 'ability:write')] #[Endpoint(title: 'delete', description: 'Delete firewall rule.')] #[Response(status: 204)] public function delete(Project $project, Server $server, FirewallRule $firewallRule): \Illuminate\Http\Response { $this->authorize('delete', [$firewallRule, $server]); $this->validateRoute($project, $server, $firewallRule); app(ManageRule::class)->delete($firewallRule); return response()->noContent(); } private function validateRoute(Project $project, Server $server, ?FirewallRule $firewallRule = null): void { if ($project->id !== $server->project_id) { abort(404, 'Server not found in project'); } if ($firewallRule && $firewallRule->server_id !== $server->id) { abort(404, 'Firewall rule not found in server'); } } }