package handlers import ( "errors" "strconv" "github.com/gin-gonic/gin" "git.netcell-it.de/projekte/edgeguard-native/internal/handlers/response" "git.netcell-it.de/projekte/edgeguard-native/internal/models" "git.netcell-it.de/projekte/edgeguard-native/internal/services/audit" "git.netcell-it.de/projekte/edgeguard-native/internal/services/ipaddresses" "git.netcell-it.de/projekte/edgeguard-native/internal/services/networkifs" ) type NetworksHandler struct { Repo *networkifs.Repo IPs *ipaddresses.Repo Audit *audit.Repo NodeID string } func NewNetworksHandler(repo *networkifs.Repo, ips *ipaddresses.Repo, a *audit.Repo, nodeID string) *NetworksHandler { return &NetworksHandler{Repo: repo, IPs: ips, Audit: a, NodeID: nodeID} } func (h *NetworksHandler) Register(rg *gin.RouterGroup) { g := rg.Group("/network-interfaces") g.GET("", h.List) g.POST("", h.Create) g.GET("/:id", h.Get) g.PUT("/:id", h.Update) g.DELETE("/:id", h.Delete) g.GET("/:id/ip-addresses", h.ListIPs) } func (h *NetworksHandler) List(c *gin.Context) { out, err := h.Repo.List(c.Request.Context()) if err != nil { response.Internal(c, err) return } response.OK(c, gin.H{"interfaces": out}) } func (h *NetworksHandler) Get(c *gin.Context) { id, ok := parseID(c) if !ok { return } x, err := h.Repo.Get(c.Request.Context(), id) if err != nil { if errors.Is(err, networkifs.ErrNotFound) { response.NotFound(c, err) return } response.Internal(c, err) return } response.OK(c, x) } func (h *NetworksHandler) Create(c *gin.Context) { var req models.NetworkInterface if err := c.ShouldBindJSON(&req); err != nil { response.BadRequest(c, err) return } if err := validateInterface(&req); err != nil { response.BadRequest(c, err) return } out, err := h.Repo.Create(c.Request.Context(), req) if err != nil { response.Internal(c, err) return } _ = h.Audit.Log(c.Request.Context(), actorOf(c), "network_interface.create", req.Name, out, h.NodeID) response.Created(c, out) } func (h *NetworksHandler) Update(c *gin.Context) { id, ok := parseID(c) if !ok { return } var req models.NetworkInterface if err := c.ShouldBindJSON(&req); err != nil { response.BadRequest(c, err) return } if err := validateInterface(&req); err != nil { response.BadRequest(c, err) return } out, err := h.Repo.Update(c.Request.Context(), id, req) if err != nil { if errors.Is(err, networkifs.ErrNotFound) { response.NotFound(c, err) return } response.Internal(c, err) return } _ = h.Audit.Log(c.Request.Context(), actorOf(c), "network_interface.update", out.Name, out, h.NodeID) response.OK(c, out) } func (h *NetworksHandler) Delete(c *gin.Context) { id, ok := parseID(c) if !ok { return } if err := h.Repo.Delete(c.Request.Context(), id); err != nil { if errors.Is(err, networkifs.ErrNotFound) { response.NotFound(c, err) return } response.Internal(c, err) return } _ = h.Audit.Log(c.Request.Context(), actorOf(c), "network_interface.delete", strconv.FormatInt(id, 10), gin.H{"id": id}, h.NodeID) response.NoContent(c) } // validateInterface enforces the per-type rules that the SQL CHECK // constraints alone can't express in a friendly way: // - vlan: parent + vlan_id required // - bridge / bond: ≥ 1 member required, vlan_id forbidden // - ethernet / wireguard: parent + members + vlan_id ignored // // The caller normalises empty members to nil before calling so the // repo always receives [] (NOT NULL). func validateInterface(i *models.NetworkInterface) error { switch i.Type { case "vlan": if i.Parent == nil || *i.Parent == "" { return errors.New("vlan requires parent") } if i.VLANID == nil { return errors.New("vlan requires vlan_id") } i.Members = nil case "bridge", "bond": if len(i.Members) == 0 { return errors.New(i.Type + " requires at least one member interface") } i.Parent = nil i.VLANID = nil case "ethernet", "wireguard": i.Parent = nil i.VLANID = nil i.Members = nil default: return errors.New("unknown interface type") } return nil } // ListIPs surfaces the addresses bound to a single interface — UI // uses this for the per-interface IP-list tab. func (h *NetworksHandler) ListIPs(c *gin.Context) { id, ok := parseID(c) if !ok { return } out, err := h.IPs.ListForInterface(c.Request.Context(), id) if err != nil { response.Internal(c, err) return } response.OK(c, gin.H{"ip_addresses": out}) }