Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

providing and registering IPs through API even with 'IP requests' disabled #3633

Open
k4lli opened this issue Jul 28, 2022 · 2 comments
Open

providing and registering IPs through API even with 'IP requests' disabled #3633

k4lli opened this issue Jul 28, 2022 · 2 comments
Labels
bug report

Comments

@k4lli
Copy link

k4lli commented Jul 28, 2022

Describe the bug
IP requests is disabled, but I can request IP addresses per API.
we use foreman for IPAM integration, but can reproduce with API calls.
I create a subnet and leave 'IP requests' disabled.
Then I do
GET /api/my_app/addresses/first_free/{subnetId}/
and phpIPAM provides me with the first IP of the subnet
and
POST /api/my_app/addresses/first_free/{subnetId}/
it will assign this IP address

How can we stop this from happening? there are subnets we dont scan but are full. And IPAM is happily providing IPs out of those nets even if disabled.
The expected result is that both the GET and POST request fail if the subnet is not marked for IP Requests

phpIPAM version
can reproduce with 1.4.2 and 1.5.0

Your Environment (please supply the following information):

  • phpIPAM version: 1.4.2
  • OS CentOS Linux release 7.9.2009 (Core)
  • PHP version PHP 5.4.16
  • Webserver
    Server version: Apache/2.4.6 (CentOS)
    Server built: Nov 16 2020 16:18:20
  • Database mysql Ver 15.1 Distrib 5.5.68-MariaDB, for Linux (x86_64) using readline 5.1

Steps To Reproduce
please see description, contains reproduce steps

Screenshots and error logs
will attach screenshots below

image

post reuqest:
https://10.17.52.52/api/RestRW/addresses/first_free/10
{
"code": 201,
"success": true,
"message": "Address created",
"id": "330",
"data": "10.17.52.3",
"time": 0.018
}
image
@k4lli
Copy link
Author

k4lli commented Jul 28, 2022
edited

i've fixed the issue by adding the following line in 3 places

if ($subnet->allowRequests==0) { $this->Response->throw_exception(404, 'Subnet not enabled for IP Requests'); }

referencing your current master

2x in the Address.php controller

for the GET request after this line:

phpipam/api/controllers/Addresses.php

Line 124 in c345ffc

if($subnet->isFull==1) { $this->Response->throw_exception(404, 'No free addresses found'); }

for the POST request after this

phpipam/api/controllers/Addresses.php

Line 306 in c345ffc

if($subnet->isFull==1) { $this->Response->throw_exception(404, "No free addresses found (subnet is full)"); }

and also after this line (Foreman is using Subnets controller to check for tirst free address. I think thats wrong on their behalf also)

phpipam/api/controllers/Subnets.php

Line 672 in 60d3c8c

if($subnet->isFull==1) { $this->Response->throw_exception(200, "No free addresses found"); }

didnt want to fork and merge request as I'm not sure on exactly how to do this

Kalli

@k4lli k4lli mentioned this issue Jul 28, 2022
Open
@k4lli
Copy link
Author

k4lli commented Jul 28, 2022

added pull-request #3635

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug report
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@k4lli