Merge 27b5767 into f910b88

.editorconfig

@@ -0,0 +1,9 @@
+# EditorConfig is awesome: https://EditorConfig.org
+
+# top-most EditorConfig file
+root = true
+
+# 2 space indentation
+[*.rb]
+indent_style = space
+indent_size = 2

.travis.yml

@@ -9,3 +9,4 @@ script:
   # the "yast-travis-ruby" script is included in the base yastdevel/ruby image
   # see https://github.com/yast/docker-yast-ruby/blob/master/yast-travis-ruby
   - docker run -it -e TRAVIS=1 -e TRAVIS_JOB_ID="$TRAVIS_JOB_ID" yast-firewall-image yast-travis-ruby
+  - docker run -it -e TRAVIS=1 -e TRAVIS_JOB_ID="$TRAVIS_JOB_ID" yast-firewall-image rake check:doc

.yardopts

@@ -0,0 +1,7 @@
+--no-private
+--protected
+--markup markdown
+--readme README.md
+--output-dir ./doc/autodocs
+--files **/*.md
+src/**/*.rb

Dockerfile

@@ -1,3 +1,3 @@
-FROM yastdevel/ruby
+FROM yastdevel/ruby:sle15
 COPY . /usr/src/app
 

Rakefile

@@ -1,5 +1,7 @@
 require "yast/rake"
 
+Yast::Tasks.submit_to :sle15
+
 Yast::Tasks.configuration do |conf|
   # lets ignore license check for now
   conf.skip_license_check << /.*/

package/yast2-firewall.changes

@@ -1,3 +1,24 @@
+-------------------------------------------------------------------
+Tue Oct  2 11:52:27 UTC 2018 - knut.anderssen@suse.com
+
+- AutoYast schema:
+  - Allowed the new 'description', 'short' and 'target' elements in
+    zone entries (bsc#1108199)
+- 4.0.28
+
+-------------------------------------------------------------------
+Fri Sep 21 13:26:02 UTC 2018 - igonzalezsosa@suse.com
+
+- Add a new user interface to manage firewalld configuration
+  (fate#324662).
+- Supported featues:
+  - Manage the firewalld service.
+  - Browse interfaces and assign them to firewall zones.
+  - List zones and design one of them as the default.
+  - Assign services to zones.
+  - Open ports.
+- 4.0.27
+
 -------------------------------------------------------------------
 Mon Aug 20 16:21:38 CEST 2018 - schubi@suse.de
 

package/yast2-firewall.spec

@@ -17,7 +17,7 @@
 
 
 Name:           yast2-firewall
-Version:        4.0.26
+Version:        4.0.28
 Release:        0
 
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
@@ -28,13 +28,13 @@ License:        GPL-2.0-only
 BuildRequires:  perl-XML-Writer update-desktop-files yast2-testsuite
 BuildRequires:  yast2-devtools >= 3.1.10
 
-# Firewalld read?
-BuildRequires:  yast2 >= 4.0.45
+# Y2Firewall::Firewalld::Interface
+BuildRequires:  yast2 >= 4.1.17
 BuildRequires:  rubygem(%rb_default_ruby_abi:yast-rake)
 BuildRequires:  rubygem(%rb_default_ruby_abi:rspec)
 
-# Firewalld - extended API
-Requires:       yast2 >= 4.0.49
+# Y2Firewall::Firewalld::Interface
+Requires:       yast2 >= 4.1.17
 
 # ButtonBox widget
 Conflicts:	yast2-ycp-ui-bindings < 2.17.3

src/autoyast-rnc/firewall.rnc

@@ -126,6 +126,9 @@ zones =
     LIST,
     element (zone | listentry) {
       zone_name &
+      zone_short? &
+      zone_description? &
+      zone_target? &
       fwd_interfaces? &
       fwd_services? &
       fwd_ports? &
@@ -166,6 +169,9 @@ fwd_sources =
   }
 
 zone_name = element name { text }
+zone_short = element short { text }
+zone_description = element description { text }
+zone_target = element target { text }
 default_zone = element default_zone { text }
 masquerade = element masquerade { BOOLEAN }
 log_denied_packets = element log_denied_packets { text }

src/include/firewall/uifunctions.rb

@@ -496,10 +496,10 @@ def HandleFirewallInterfaces(key, event)
     # @return [Boolean] whether user accepts the port definition despite the warning.
     #
     # @example
-    #	// maximum port number is 65535, port range
-    #	boolean accepted = ReportWrongPortDefinition(99999, "5:99999");
-    #	// dtto., single port
-    #	boolean whattodo = ReportWrongPortDefinition(78910, "78910");
+    #	  // maximum port number is 65535, port range
+    #   boolean accepted = ReportWrongPortDefinition(99999, "5:99999");
+    #   // dtto., single port
+    #   boolean whattodo = ReportWrongPortDefinition(78910, "78910");
     def ReportWrongPortDefinition(port_nr, port_definition)
       port_err = ""
 
@@ -554,7 +554,7 @@ def CheckPortNameDefinition(port_name)
     # Function checks list of ports if they exist (are known).
     #
     # @param [Object] ui_id for the setfocus
-    # @param list <string> of ports to be checked
+    # @param ports [Array<String>] of ports to be checked
     def CheckIfTheyAreAllKnownPorts(ui_id, ports)
       ui_id = deep_copy(ui_id)
       ports = deep_copy(ports)
@@ -978,7 +978,7 @@ def HandleAllowedServices(key, event)
 
     # Function sets UI for Masquerade Table (and buttons) enabled or disabled
     #
-    # @param	boolean enable
+    # @param usable [Boolean] enable
     def SetMasqueradeTableUsable(usable)
       UI.ChangeWidget(Id("table_redirect_masq"), :Enabled, usable)
       UI.ChangeWidget(Id("add_redirect_to_masquerade"), :Enabled, usable)
@@ -1069,8 +1069,8 @@ def InitMasquerading(key)
     # Validates existency of a value in a referenced UI entry
     # and reports error otherwise
     #
-    # @param any UI id
-    # @report boolean if value exists
+    # @param ui_id [String] any UI id
+    # @return [Boolean] true if value exists
     def ValidateExistency(ui_id)
       ui_id = deep_copy(ui_id)
       if UI.QueryWidget(Id(ui_id), :Value) == ""
@@ -1085,7 +1085,7 @@ def ValidateExistency(ui_id)
     # Checks whether the referenced UI entry contains a valid
     # port definition and reports an error otherwise
     #
-    # @param any UI id
+    # @param ui_id [String] any UI id
     # @return [Boolean] if entry is valid
     def ValidatePortEntry(ui_id)
       ui_id = deep_copy(ui_id)
@@ -1116,7 +1116,7 @@ def ValidatePortEntry(ui_id)
     # Function checks port number got as parameter.
     # If check fails SetFocus is called and an empty string is returned.
     #
-    # @param any UI id
+    # @param ui_id [String] any UI id
     # @return [Fixnum] port number (or nil)
     def GetPortNumber(ui_id)
       ui_id = deep_copy(ui_id)
@@ -1144,7 +1144,7 @@ def GetPortNumber(ui_id)
     # Checks whether the referenced UI entry contains a valid IPv4 or v6
     # and reports error otherwise.
     #
-    # @param any UI id
+    # @param ui_id [String] any UI id
     # @return [Boolean] whether it's valid IP
     def ValidateIPEntry(ui_id)
       ui_id = deep_copy(ui_id)

src/lib/y2firewall/clients/auto.rb

@@ -136,8 +136,7 @@ def read
       # A map with the packages that needs to be installed or removed for
       # configuring firewalld properly
       #
-      # @return packages [Hash{String => Array<String>} ] of packages to be
-      # installed or removed
+      # @return [Hash{String => Array<String>} ] of packages to be installed or removed
       def packages
         { "install" => ["firewalld"], "remove" => [] }
       end

src/lib/y2firewall/clients/firewall.rb

@@ -20,6 +20,11 @@
 require "yast"
 require "yast2/execute"
 require "ui/text_helpers"
+require "y2firewall/dialogs/main"
+
+Yast.import "UI"
+Yast.import "Popup"
+Yast.import "PackageSystem"
 
 module Y2Firewall
   module Clients
@@ -34,31 +39,23 @@ class Firewall
 
       # Constructor
       def initialize
-        Yast.import "UI"
-        Yast.import "Popup"
-        Yast.import "PackageSystem"
-
         textdomain "firewall"
       end
 
       # TRANSLATORS: firewall-config and firewall-cmd are the names of software utilities,
       # so they should not be translated.
-      NOT_SUPPORTED = N_("YaST currently does not have a module for configuring" \
-        " firewall. Please, either use \"firewall-config\" to configure your firewall" \
-        " via a user interface or \"firewall-cmd\" for the command line.").freeze
+      NOT_SUPPORTED = N_("YaST does not support the command line for " \
+        "configuring the firewall.\nInstead, please use the firewalld " \
+        "command line clients \"firewalld-cmd\" or \"firewall-offline-cmd\".")
 
       def run
         log_and_return do
+          return :abort unless Yast::PackageSystem.CheckAndInstallPackages(["firewalld"])
           if !Yast::WFM.Args.empty?
-            $stderr.puts wrap_text(_(NOT_SUPPORTED))
-            false
-          elsif Yast::UI.TextMode()
-            Yast::Popup.Error(
-              wrap_text(_(NOT_SUPPORTED))
-            )
+            $stderr.puts _(NOT_SUPPORTED)
             false
-          elsif Yast::PackageSystem.CheckAndInstallPackages(["firewall-config"])
-            Yast::Execute.locally("/usr/bin/firewall-config")
+          else
+            Dialogs::Main.new.run
           end
         end
       end

src/lib/y2firewall/dialogs/change_zone.rb

@@ -0,0 +1,68 @@
+# encoding: utf-8
+
+# Copyright (c) [2018] SUSE LLC
+#
+# All Rights Reserved.
+#
+# This program is free software; you can redistribute it and/or modify it
+# under the terms of version 2 of the GNU General Public License as published
+# by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+# FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
+# more details.
+#
+# You should have received a copy of the GNU General Public License along
+# with this program; if not, contact SUSE LLC.
+#
+# To contact SUSE LLC about this file by physical or electronic mail, you may
+# find current contact information at www.suse.com.
+
+require "cwm/popup"
+require "y2firewall/widgets/zone_options"
+
+module Y2Firewall
+  module Dialogs
+    # This dialog allows the user to select which zone should be an interface assigned to.
+    class ChangeZone < ::CWM::Popup
+      # @!attribute [r] interface
+      #   @return [Y2Firewall::Firewalld::Interface] Interface to act on
+      attr_reader :interface
+
+      # Constructor
+      #
+      # @param interface [Y2Firewall::Firewalld::Interface] Interface to act on
+      def initialize(interface)
+        textdomain "firewall"
+        @interface = interface
+      end
+
+      # @macro seeAbstractWidget
+      def title
+        _("Change Zone")
+      end
+
+      # @macro seeCustomWidget
+      def contents
+        VBox(zone_options)
+      end
+
+    private
+
+      # @return [Array<Yast::Term>] List of buttons to display
+      def buttons
+        [ok_button, cancel_button]
+      end
+
+      # Returns a combobox to select the zone
+      #
+      # @note The widget is 'memoized'.
+      #
+      # @return [Y2Firewall::Widgets::ZoneOptions]
+      def zone_options
+        @zone_options ||= Y2Firewall::Widgets::ZoneOptions.new(interface)
+      end
+    end
+  end
+end