yesBad/pve-storage
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

import: allow upload of guest images files into import storage

Browse Source 
so users can upload qcow2/raw/vmdk files directly in the UI
Check the uploaded file with 'file_size_info' and the untrusted flag.
This checks the file format, existence of backing files, etc.

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
Link: https://lore.proxmox.com/20250407101310.3196974-3-d.csapak@proxmox.com
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
This commit is contained in:
Dominik Csapak
2025-04-07 12:13:06 +02:00
committed by Thomas Lamprecht
parent 551bad9d47
commit 76f695f2e6
2 changed files with 22 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
src/PVE/API2/Storage/Status.pm
View File

@ -387,7 +387,7 @@ __PACKAGE__->register_method ({
name => 'upload',
path => '{storage}/upload',
method => 'POST',
description => "Upload templates, ISO images and OVAs.",
description => "Upload templates, ISO images, OVAs and VM images.",
permissions => {
check => ['perm', '/storage/{storage}', ['Datastore.AllocateTemplate']],
},
@ -456,6 +456,7 @@ __PACKAGE__->register_method ({
my $path;
my $is_ova = 0;
my $image_format;
if ($content eq 'iso') {
if ($filename !~ m![^/]+$PVE::Storage::ISO_EXT_RE_0$!) {
@ -471,8 +472,14 @@ __PACKAGE__->register_method ({
if ($filename !~ m!${PVE::Storage::SAFE_CHAR_CLASS_RE}+$PVE::Storage::UPLOAD_IMPORT_EXT_RE_1$!) {
raise_param_exc({ filename => "invalid filename or wrong extension" });
}
my $format = $1;
if ($format eq 'ova') {
$is_ova = 1;
} else {
$image_format = $format;
}
$is_ova = 1;
$path = PVE::Storage::get_import_dir($cfg, $storage);
} else {
raise_param_exc({ content => "upload content type '$content' not allowed" });
@ -543,6 +550,9 @@ __PACKAGE__->register_method ({
if ($is_ova) {
assert_ova_contents($tmpfilename);
} elsif (defined($image_format)) {
# checks untrusted image
PVE::Storage::file_size_info($tmpfilename, 10, $image_format, 1);
}
};
if (my $err = $@) {
@ -578,7 +588,7 @@ __PACKAGE__->register_method({
name => 'download_url',
path => '{storage}/download-url',
method => 'POST',
description => "Download templates, ISO images and OVAs by using an URL.",
description => "Download templates, ISO images, OVAs and VM images by using an URL.",
proxyto => 'node',
permissions => {
description => 'Requires allocation access on the storage and as this allows one to probe'
@ -667,6 +677,7 @@ __PACKAGE__->register_method({
my $path;
my $is_ova = 0;
my $image_format;
if ($content eq 'iso') {
if ($filename !~ m![^/]+$PVE::Storage::ISO_EXT_RE_0$!) {
@ -682,9 +693,12 @@ __PACKAGE__->register_method({
if ($filename !~ m!${PVE::Storage::SAFE_CHAR_CLASS_RE}+$PVE::Storage::UPLOAD_IMPORT_EXT_RE_1$!) {
raise_param_exc({ filename => "invalid filename or wrong extension" });
}
my $format = $1;
if ($filename =~ m/\.ova$/) {
if ($format eq 'ova') {
$is_ova = 1;
} else {
$image_format = $format;
}
$path = PVE::Storage::get_import_dir($cfg, $storage);
@ -718,6 +732,9 @@ __PACKAGE__->register_method({
if ($is_ova) {
assert_ova_contents($tmp_path);
} elsif (defined($image_format)) {
# checks untrusted image
PVE::Storage::file_size_info($tmp_path, 10, $image_format, 1);
}
};