Pull request: 3419 client allowlist collision

Updates #3419. Squashed commit of the following: commit 370094c00d9c15b1336fbedb1e233bd4436c9898 Author: Dmitriy Seregin <d.seregin@adguard.com> Date: Fri Sep 10 17:31:16 2021 +0300 added link to github issue commit 407ba9b2db46b887a30ddb081bd37c56e56b0496 Merge: 426c8146 80548233 Author: Dmitriy Seregin <d.seregin@adguard.com> Date: Fri Sep 10 17:29:52 2021 +0300 Merge branch 'master' into 3419-client-allowlist-collision commit 426c8146cff5c112ebb25192af276c6601200528 Author: Dmitriy Seregin <d.seregin@adguard.com> Date: Fri Sep 10 16:28:11 2021 +0300 fix en commit d28c6022321828c6bdc55c3f9a4f655b26d146d2 Author: Dmitriy Seregin <d.seregin@adguard.com> Date: Fri Sep 10 15:49:12 2021 +0300 added missing space commit b374a09327968ca5343c1595d1ab8cf317c15ffe Author: Dmitriy Seregin <d.seregin@adguard.com> Date: Fri Sep 10 15:43:55 2021 +0300 fixes after review commit 2be629d66e4703e2f5a85615bf1eaaa92e03c6fd Author: Dmitriy Seregin <d.seregin@adguard.com> Date: Thu Sep 9 14:17:19 2021 +0300 fixes commit 5c2aa6201cc0ecf404d4057e354fbb0bdadcdd6d Author: Dmitriy Seregin <d.seregin@adguard.com> Date: Wed Sep 8 15:04:30 2021 +0300 return empty line to locale file commit 3631c3772babbd595b1c3de4a7e91be6bac3e80f Author: Dmitriy Seregin <d.seregin@adguard.com> Date: Wed Sep 8 13:57:51 2021 +0300 all: fix collisions in access lists && expand block/unblock client
2021-09-10 17:57:09 +03:00
parent 80548233ba
commit 8fdd789474
13 changed files with 238 additions and 65 deletions
--- a/openapi/CHANGELOG.md
+++ b/openapi/CHANGELOG.md
@@ -4,12 +4,25 @@

 ## v0.107: API changes

+### New possible value of `"name"` field in `QueryLogItemClient`
+
+* The value of `"name"` field in `GET /control/querylog` method is never empty:
+  either persistent client's name or runtime client's hostname.
+
+### Lists in `AccessList`
+
+* Fields `"allowed_clients"`, `"disallowed_clients"` and `"blocked_hosts"` in
+  `POST /access/set` now should contain only unique elements.
+
+* Fields `"allowed_clients"` and `"disallowed_clients"` cannot contain the same
+  elements.
+
 ### The new field `"private_key_saved"` in `TlsConfig`

 * The new field `"private_key_saved"` in `POST /control/tls/configure`,
-`POST /control/tls/validate` and `GET /control/tls/status` is true if the
-private key was previously saved as a string and now the private key omitted
-from communication between server and client due to security issues.
+  `POST /control/tls/validate` and `GET /control/tls/status` is true if the
+  private key was previously saved as a string and now the private key omitted
+  from communication between server and client due to security issues.

 ### The new field `"cache_optimistic"` in DNS configuration

--- a/openapi/openapi.yaml
+++ b/openapi/openapi.yaml
@@ -1962,8 +1962,7 @@
            The rule due to which the client is allowed or blocked.
        'name':
          'description': >
-            Persistent client's name or an empty string if this is a runtime
-            client.
+            Persistent client's name or runtime client's hostname.
          'type': 'string'
        'whois':
          '$ref': '#/components/schemas/QueryLogItemClientWhois'
@@ -2363,7 +2362,10 @@
    'AccessSetRequest':
      '$ref': '#/components/schemas/AccessList'
    'AccessList':
-      'description': 'Client and host access list'
+      'description': >
+        Client and host access list.  Each of the lists should contain only
+        unique elements.  In addition, allowed and disallowed lists cannot
+        contain the same elements.
      'properties':
        'allowed_clients':
          'description': >