Add guard rails against manipulating mirrors

Snapshot mirrors should normally be promoted using "mirror promote", and not started manually. This adds guard rails against that to the "start", "stop", and "disable" state commands to prevent changing mirror states without an explicit "--force" option.
2024-10-08 23:51:48 -04:00
parent 3ea7421f09
commit 1d90b066bc
5 changed files with 59 additions and 21 deletions
--- a/api-daemon/pvcapid/flaskapi.py
+++ b/api-daemon/pvcapid/flaskapi.py
@ -2645,7 +2645,7 @@ class API_VM_State(Resource):
          - in: query
            name: force
            type: boolean
-            description: Whether to force stop instead of shutdown VM during disable
+            description: For "disable", force stop instead of shutdown and/or force mirror state; for "start" or "stop", force mirror state.
          - in: query
            name: wait
            type: boolean
@ -2667,15 +2667,15 @@ class API_VM_State(Resource):
        wait = bool(strtobool(reqargs.get("wait", "false")))

        if state == "start":
-            return api_helper.vm_start(vm)
+            return api_helper.vm_start(vm, force=force)
        if state == "shutdown":
            return api_helper.vm_shutdown(vm, wait)
        if state == "stop":
-            return api_helper.vm_stop(vm)
+            return api_helper.vm_stop(vm, force=force)
        if state == "restart":
            return api_helper.vm_restart(vm, wait)
        if state == "disable":
-            return api_helper.vm_disable(vm, force)
+            return api_helper.vm_disable(vm, force=force)
        abort(400)