Add region-based resource rule

2026-03-31 15:06:42 +00:00 · 2025-12-22 17:44:56 +01:00
parent 9d9401d2ee
commit e051142334
9 changed files with 678 additions and 12 deletions
--- a/server/routers/resource/createResourceRule.ts
+++ b/server/routers/resource/createResourceRule.ts
@@ -14,10 +14,11 @@ import {
    isValidUrlGlobPattern
 } from "@server/lib/validators";
 import { OpenAPITags, registry } from "@server/openApi";
+import { isValidRegionId } from "@server/db/regions";

 const createResourceRuleSchema = z.strictObject({
    action: z.enum(["ACCEPT", "DROP", "PASS"]),
-    match: z.enum(["CIDR", "IP", "PATH", "COUNTRY", "ASN"]),
+    match: z.enum(["CIDR", "IP", "PATH", "COUNTRY", "ASN", "REGION"]),
    value: z.string().min(1),
    priority: z.int(),
    enabled: z.boolean().optional()
@@ -126,6 +127,15 @@ export async function createResourceRule(
                    )
                );
            }
+        } else if (match === "REGION") {
+            if (!isValidRegionId(value)) {
+                return next(
+                    createHttpError(
+                        HttpCode.BAD_REQUEST,
+                        "Invalid region ID provided"
+                    )
+                );
+            }
        }

        // Create the new resource rule
--- a/server/routers/resource/updateResourceRule.ts
+++ b/server/routers/resource/updateResourceRule.ts
@@ -14,6 +14,7 @@ import {
    isValidUrlGlobPattern
 } from "@server/lib/validators";
 import { OpenAPITags, registry } from "@server/openApi";
+import { isValidRegionId } from "@server/db/regions";

 // Define Zod schema for request parameters validation
 const updateResourceRuleParamsSchema = z.strictObject({
@@ -25,7 +26,7 @@ const updateResourceRuleParamsSchema = z.strictObject({
 const updateResourceRuleSchema = z
    .strictObject({
        action: z.enum(["ACCEPT", "DROP", "PASS"]).optional(),
-        match: z.enum(["CIDR", "IP", "PATH", "COUNTRY", "ASN"]).optional(),
+        match: z.enum(["CIDR", "IP", "PATH", "COUNTRY", "ASN", "REGION"]).optional(),
        value: z.string().min(1).optional(),
        priority: z.int(),
        enabled: z.boolean().optional()
@@ -166,6 +167,15 @@ export async function updateResourceRule(
                        )
                    );
                }
+            } else if (match === "REGION") {
+                if (!isValidRegionId(value)) {
+                    return next(
+                        createHttpError(
+                            HttpCode.BAD_REQUEST,
+                            "Invalid region ID provided"
+                        )
+                    );
+                }
            }
        }