ipsec: Move menu and ACL entries into MVC code

This commit moves all menu and ACL entries from the legacy code of the IPsec subsystem into the new MVC codebase. Additionally, a small bug in the current master of OPNsense has been fixed, where the ACL "page-status-systemlogs-ppp" has been mistakenly labeled as "IPsec VPN" instead of "PPP". Signed-off-by: Pascal Mathis <mail@pascalmathis.com>
2026-03-13 16:14:40 +00:00 · 2019-09-01 11:47:03 +02:00 · 2019-09-01 11:47:03 +02:00 · 8227a0cbca
commit 8227a0cbca
parent 5d9183aa13
4 changed files with 90 additions and 89 deletions
--- a/src/opnsense/mvc/app/models/OPNsense/Core/ACL/ACL.xml
+++ b/src/opnsense/mvc/app/models/OPNsense/Core/ACL/ACL.xml
@ -506,30 +506,6 @@
            <pattern>status_interfaces.php*</pattern>
        </patterns>
    </page-status-interfaces>
-    <page-status-ipsec>
-        <name>Status: IPsec</name>
-        <patterns>
-            <pattern>diag_ipsec.php*</pattern>
-        </patterns>
-    </page-status-ipsec>
-    <page-status-ipsec-leases>
-        <name>Status: IPsec: Leasespage</name>
-        <patterns>
-            <pattern>diag_ipsec_leases.php*</pattern>
-        </patterns>
-    </page-status-ipsec-leases>
-    <page-status-ipsec-sad>
-        <name>Status: IPsec: SAD</name>
-        <patterns>
-            <pattern>diag_ipsec_sad.php*</pattern>
-        </patterns>
-    </page-status-ipsec-sad>
-    <page-status-ipsec-spd>
-        <name>Status: IPsec: SPD</name>
-        <patterns>
-            <pattern>diag_ipsec_spd.php*</pattern>
-        </patterns>
-    </page-status-ipsec-spd>
    <page-status-openvpn>
        <name>Status: OpenVPN</name>
        <patterns>
@ -548,14 +524,8 @@
            <pattern>diag_logs_auth.php*</pattern>
        </patterns>
    </page-status-systemlogs-portalauth>
-    <page-status-systemlogs-ipsecvpn>
-        <name>Status: System logs: IPsec VPN</name>
-        <patterns>
-            <pattern>diag_logs_ipsec.php*</pattern>
-        </patterns>
-    </page-status-systemlogs-ipsecvpn>
    <page-status-systemlogs-ppp>
-        <name>Status: System logs: IPsec VPN</name>
+        <name>Status: System logs: PPP</name>
        <patterns>
            <pattern>diag_logs_ppp.php*</pattern>
        </patterns>
@ -733,42 +703,6 @@
            <pattern>system_usermanager_passwordmg.php*</pattern>
        </patterns>
    </page-system-usermanager-passwordmg>
-    <page-vpn-ipsec>
-        <name>VPN: IPsec</name>
-        <patterns>
-            <pattern>vpn_ipsec.php*</pattern>
-        </patterns>
-    </page-vpn-ipsec>
-    <page-vpn-ipsec-editphase1>
-        <name>VPN: IPsec: Edit Phase 1</name>
-        <patterns>
-            <pattern>vpn_ipsec_phase1.php*</pattern>
-        </patterns>
-    </page-vpn-ipsec-editphase1>
-    <page-vpn-ipsec-editphase2>
-        <name>VPN: IPsec: Edit Phase 2</name>
-        <patterns>
-            <pattern>vpn_ipsec_phase2.php*</pattern>
-        </patterns>
-    </page-vpn-ipsec-editphase2>
-    <page-vpn-ipsec-editkeys>
-        <name>VPN: IPsec: Edit Pre-Shared Keys</name>
-        <patterns>
-            <pattern>vpn_ipsec_keys_edit.php*</pattern>
-        </patterns>
-    </page-vpn-ipsec-editkeys>
-    <page-vpn-ipsec-mobile>
-        <name>VPN: IPsec: Mobile</name>
-        <patterns>
-            <pattern>vpn_ipsec_mobile.php*</pattern>
-        </patterns>
-    </page-vpn-ipsec-mobile>
-    <page-vpn-ipsec-listkeys>
-        <name>VPN: IPsec: Pre-Shared Keys List</name>
-        <patterns>
-            <pattern>vpn_ipsec_keys.php*</pattern>
-        </patterns>
-    </page-vpn-ipsec-listkeys>
    <page-openvpn-client-export>
        <name>VPN: OpenVPN: Client Export Utility</name>
        <patterns>
--- a/src/opnsense/mvc/app/models/OPNsense/Core/Menu/Menu.xml
+++ b/src/opnsense/mvc/app/models/OPNsense/Core/Menu/Menu.xml
@ -217,26 +217,6 @@
        <RouterAdv VisibleName="Router Advertisements" cssClass="fa fa-bullseye fa-fw" />
    </Services>
    <VPN order="50" cssClass="fa fa-globe">
-        <IPsec cssClass="fa fa-lock fa-fw" order="10">
-            <Tunnels order="10" VisibleName="Tunnel Settings" url="/vpn_ipsec.php">
-                <Phase1 url="/vpn_ipsec_phase1.php*" visibility="hidden"/>
-                <Phase2 url="/vpn_ipsec_phase2.php*" visibility="hidden"/>
-            </Tunnels>
-            <Mobile order="20" VisibleName="Mobile Clients" url="/vpn_ipsec_mobile.php">
-                <Act url="/vpn_ipsec_mobile.php*" visibility="hidden"/>
-            </Mobile>
-            <Keys order="30" VisibleName="Pre-Shared Keys" url="/vpn_ipsec_keys.php">
-                <Edit url="/vpn_ipsec_keys_edit.php*" visibility="hidden"/>
-            </Keys>
-            <Settings order="40" VisibleName="Advanced Settings" url="/vpn_ipsec_settings.php"/>
-            <Status order="50" VisibleName="Status Overview" url="/diag_ipsec.php">
-                <Act url="/diag_ipsec.php?*" visibility="hidden"/>
-            </Status>
-            <Leases order="60" VisibleName="Lease Status" url="/diag_ipsec_leases.php"/>
-            <SAD order="70" VisibleName="Security Association Database" url="/diag_ipsec_sad.php"/>
-            <SPD order="80" VisibleName="Security Policy Database" url="/diag_ipsec_spd.php"/>
-            <LogFile order="90" VisibleName="Log File" url="/diag_logs_ipsec.php"/>
-        </IPsec>
        <OpenVPN cssClass="fa fa-lock fa-fw" order="20">
            <Servers order="10" url="/vpn_openvpn_server.php">
                <Edit url="/vpn_openvpn_server.php?*" visibility="hidden"/>
--- a/src/opnsense/mvc/app/models/OPNsense/IPsec/ACL/ACL.xml
+++ b/src/opnsense/mvc/app/models/OPNsense/IPsec/ACL/ACL.xml
@ -1,4 +1,5 @@
 <acl>
+    <!-- ACLs for MVC code -->
    <page-vpn-ipsec-keypairs>
        <name>VPN: IPsec: Key Pairs</name>
        <description>Allow access to the IPsec Key Pairs</description>
@ -8,4 +9,72 @@
            <pattern>api/ipsec/legacy-subsystem/*</pattern>
        </patterns>
    </page-vpn-ipsec-keypairs>
+
+    <!-- ACLs for legacy code -->
+    <page-vpn-ipsec>
+        <name>VPN: IPsec</name>
+        <patterns>
+            <pattern>vpn_ipsec.php*</pattern>
+        </patterns>
+    </page-vpn-ipsec>
+    <page-vpn-ipsec-editphase1>
+        <name>VPN: IPsec: Edit Phase 1</name>
+        <patterns>
+            <pattern>vpn_ipsec_phase1.php*</pattern>
+        </patterns>
+    </page-vpn-ipsec-editphase1>
+    <page-vpn-ipsec-editphase2>
+        <name>VPN: IPsec: Edit Phase 2</name>
+        <patterns>
+            <pattern>vpn_ipsec_phase2.php*</pattern>
+        </patterns>
+    </page-vpn-ipsec-editphase2>
+    <page-vpn-ipsec-editkeys>
+        <name>VPN: IPsec: Edit Pre-Shared Keys</name>
+        <patterns>
+            <pattern>vpn_ipsec_keys_edit.php*</pattern>
+        </patterns>
+    </page-vpn-ipsec-editkeys>
+    <page-vpn-ipsec-mobile>
+        <name>VPN: IPsec: Mobile</name>
+        <patterns>
+            <pattern>vpn_ipsec_mobile.php*</pattern>
+        </patterns>
+    </page-vpn-ipsec-mobile>
+    <page-vpn-ipsec-listkeys>
+        <name>VPN: IPsec: Pre-Shared Keys List</name>
+        <patterns>
+            <pattern>vpn_ipsec_keys.php*</pattern>
+        </patterns>
+    </page-vpn-ipsec-listkeys>
+    <page-status-ipsec>
+        <name>Status: IPsec</name>
+        <patterns>
+            <pattern>diag_ipsec.php*</pattern>
+        </patterns>
+    </page-status-ipsec>
+    <page-status-ipsec-leases>
+        <name>Status: IPsec: Leasespage</name>
+        <patterns>
+            <pattern>diag_ipsec_leases.php*</pattern>
+        </patterns>
+    </page-status-ipsec-leases>
+    <page-status-ipsec-sad>
+        <name>Status: IPsec: SAD</name>
+        <patterns>
+            <pattern>diag_ipsec_sad.php*</pattern>
+        </patterns>
+    </page-status-ipsec-sad>
+    <page-status-ipsec-spd>
+        <name>Status: IPsec: SPD</name>
+        <patterns>
+            <pattern>diag_ipsec_spd.php*</pattern>
+        </patterns>
+    </page-status-ipsec-spd>
+    <page-status-systemlogs-ipsecvpn>
+        <name>Status: System logs: IPsec VPN</name>
+        <patterns>
+            <pattern>diag_logs_ipsec.php*</pattern>
+        </patterns>
+    </page-status-systemlogs-ipsecvpn>
 </acl>
--- a/src/opnsense/mvc/app/models/OPNsense/IPsec/Menu/Menu.xml
+++ b/src/opnsense/mvc/app/models/OPNsense/IPsec/Menu/Menu.xml
@ -1,7 +1,25 @@
 <menu>
    <VPN>
-        <IPsec>
-            <PublicKeys order="31" VisibleName="RSA Key Pairs" url="/ui/ipsec/key-pairs" />
+        <IPsec cssClass="fa fa-lock fa-fw" order="10">
+            <Tunnels order="10" VisibleName="Tunnel Settings" url="/vpn_ipsec.php">
+                <Phase1 url="/vpn_ipsec_phase1.php*" visibility="hidden"/>
+                <Phase2 url="/vpn_ipsec_phase2.php*" visibility="hidden"/>
+            </Tunnels>
+            <Mobile order="20" VisibleName="Mobile Clients" url="/vpn_ipsec_mobile.php">
+                <Act url="/vpn_ipsec_mobile.php*" visibility="hidden"/>
+            </Mobile>
+            <Keys order="30" VisibleName="Pre-Shared Keys" url="/vpn_ipsec_keys.php">
+                <Edit url="/vpn_ipsec_keys_edit.php*" visibility="hidden"/>
+            </Keys>
+            <KeyPairs order="40" VisibleName="RSA Key Pairs" url="/ui/ipsec/key-pairs" />
+            <Settings order="50" VisibleName="Advanced Settings" url="/vpn_ipsec_settings.php"/>
+            <Status order="60" VisibleName="Status Overview" url="/diag_ipsec.php">
+                <Act url="/diag_ipsec.php?*" visibility="hidden"/>
+            </Status>
+            <Leases order="70" VisibleName="Lease Status" url="/diag_ipsec_leases.php"/>
+            <SAD order="80" VisibleName="Security Association Database" url="/diag_ipsec_sad.php"/>
+            <SPD order="90" VisibleName="Security Policy Database" url="/diag_ipsec_spd.php"/>
+            <LogFile order="100" VisibleName="Log File" url="/diag_logs_ipsec.php"/>
        </IPsec>
    </VPN>
 </menu>