Firewall/Rules - extend legacy configuration with uuid's to align with mvc code.

Since filter_rules_sort() is only called via front end pages, it should be safe to check if rules already have a uuid assigned and assign them if they don't. This prevents a migration and increases the change of fast adoption of the rule uuid's. This commit adds generate_uuid() to config.inc and mimics the same behaviour as mvc models will do, if at a later point in time we would like to hook uuid's to xml attributes in other areas as well, we can simply reuse this. It is likely a good idea to start using the uuid's in filter_core_rules_user() as labels too as this would prevent the use of the rule hash calculation (saves time and is a more stable id in most cases). Impact of this change should be rather low as nothing depends on the uuids yet.
2026-03-13 16:14:40 +00:00 · 2022-09-20 11:17:29 +02:00 · 2022-09-20 11:17:29 +02:00 · cebea865c9
commit cebea865c9
parent d20a9c8236
3 changed files with 30 additions and 1 deletions
--- a/src/etc/inc/config.inc
+++ b/src/etc/inc/config.inc
@ -272,6 +272,24 @@ function legacy_config_get_interfaces($filters = array())
    return $interfaces;
 }

+/**
+ * legacy helper to generate a uuid in a similar fashion as the model code would.
+ */
+function generate_uuid()
+{
+    return sprintf(
+        '%04x%04x-%04x-%04x-%04x-%04x%04x%04x',
+        mt_rand(0, 0xffff),
+        mt_rand(0, 0xffff),
+        mt_rand(0, 0xffff),
+        mt_rand(0, 0x0fff) | 0x4000,
+        mt_rand(0, 0x3fff) | 0x8000,
+        mt_rand(0, 0xffff),
+        mt_rand(0, 0xffff),
+        mt_rand(0, 0xffff)
+    );
+}
+
 /**
 * parse stored json content, return empty when not found or expired
 */
--- a/src/etc/inc/filter.inc
+++ b/src/etc/inc/filter.inc
@ -86,9 +86,14 @@ function filter_rules_sort()
            return strnatcmp($a['interface'], $b['interface']);
        }
    });
-    /* strip the sequence numbers again */
+    /* strip the sequence numbers again, add uuid's where not available */
    for ($i = 0; isset($config['filter']['rule'][$i]); $i++) {
        unset($config['filter']['rule'][$i]['seq']);
+        if (empty($config['filter']['rule'][$i]['@attributes'])
+            && empty($config['filter']['rule'][$i]['@attributes']['uuid'])
+        ) {
+            $config['filter']['rule'][$i]['@attributes'] = ['uuid' => generate_uuid()];
+        }
    }
 }

--- a/src/www/firewall_rules_edit.php
+++ b/src/www/firewall_rules_edit.php
@ -582,9 +582,15 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
            if ( isset($a_filter[$id]['created']) && is_array($a_filter[$id]['created']) ) {
                $filterent['created'] = $a_filter[$id]['created'];
            }
+            if (!empty($a_filter[$id]['@attributes']) && !empty($a_filter[$id]['@attributes']['uuid'])) {
+                $filterent['@attributes'] = $a_filter[$id]['@attributes'];
+            } else {
+                $filterent['@attributes'] = ['uuid' => generate_uuid()];
+            }
            $a_filter[$id] = $filterent;
        } else {
            $filterent['created'] = make_config_revision_entry();
+            $filterent['@attributes'] = ['uuid' => generate_uuid()];
            if (isset($after)) {
                array_splice($a_filter, $after+1, 0, array($filterent));
            } else {