src/api2/types.rs: define PROXMOX_AUTH_REALM_SCHEMA and PROXMOX_USER_ID_SCHEMA

And try to use nbew schemas with config api...
This commit is contained in:
Dietmar Maurer 2020-01-13 14:17:22 +01:00
parent b25f313d66
commit 163dc16c0b
3 changed files with 34 additions and 8 deletions

View File

@ -42,10 +42,10 @@ pub fn list_remotes(
schema: SINGLE_LINE_COMMENT_SCHEMA, schema: SINGLE_LINE_COMMENT_SCHEMA,
}, },
host: { host: {
schema: remotes::REMOTE_HOST_SCHEMA, schema: DNS_NAME_OR_IP_SCHEMA,
}, },
userid: { userid: {
schema: remotes::REMOTE_USERID_SCHEMA, schema: PROXMOX_USER_ID_SCHEMA,
}, },
password: { password: {
schema: remotes::REMOTE_PASSWORD_SCHEMA, schema: remotes::REMOTE_PASSWORD_SCHEMA,

View File

@ -18,6 +18,15 @@ pub const FILENAME_FORMAT: ApiStringFormat = ApiStringFormat::VerifyFn(|name| {
macro_rules! DNS_LABEL { () => (r"(?:[a-zA-Z0-9](?:[a-zA-Z0-9\-]*[a-zA-Z0-9])?)") } macro_rules! DNS_LABEL { () => (r"(?:[a-zA-Z0-9](?:[a-zA-Z0-9\-]*[a-zA-Z0-9])?)") }
macro_rules! DNS_NAME { () => (concat!(r"(?:", DNS_LABEL!() , r"\.)*", DNS_LABEL!())) } macro_rules! DNS_NAME { () => (concat!(r"(?:", DNS_LABEL!() , r"\.)*", DNS_LABEL!())) }
// we only allow a limited set of characters
// colon is not allowed, because we store usernames in
// colon separated lists)!
// slash is not allowed because it is used as pve API delimiter
// also see "man useradd"
macro_rules! USER_NAME_REGEX_STR { () => (r"(?:[^\s:/[[:cntrl:]]]+)") }
macro_rules! PROXMOX_SAFE_ID_REGEX_STR { () => (r"(?:[A-Za-z0-9_][A-Za-z0-9._\-]*)") }
const_regex!{ const_regex!{
pub IP_FORMAT_REGEX = IPRE!(); pub IP_FORMAT_REGEX = IPRE!();
pub SHA256_HEX_REGEX = r"^[a-f0-9]{64}$"; // fixme: define in common_regex ? pub SHA256_HEX_REGEX = r"^[a-f0-9]{64}$"; // fixme: define in common_regex ?
@ -30,7 +39,7 @@ const_regex!{
/// contains further information why it is reasonable to restict /// contains further information why it is reasonable to restict
/// names this way. This is not only useful for filenames, but for /// names this way. This is not only useful for filenames, but for
/// any identifier command line tools work with. /// any identifier command line tools work with.
pub PROXMOX_SAFE_ID_REGEX = r"^[A-Za-z0-9_][A-Za-z0-9._\-]*"; pub PROXMOX_SAFE_ID_REGEX = concat!(r"^", PROXMOX_SAFE_ID_REGEX_STR!(), r"$");
pub SINGLE_LINE_COMMENT_REGEX = r"^[[:^cntrl:]]*$"; pub SINGLE_LINE_COMMENT_REGEX = r"^[[:^cntrl:]]*$";
@ -39,6 +48,8 @@ const_regex!{
pub DNS_NAME_REGEX = concat!(r"^", DNS_NAME!(), r")$"); pub DNS_NAME_REGEX = concat!(r"^", DNS_NAME!(), r")$");
pub DNS_NAME_OR_IP_REGEX = concat!(r"^", DNS_NAME!(), "|", IPRE!(), r")$"); pub DNS_NAME_OR_IP_REGEX = concat!(r"^", DNS_NAME!(), "|", IPRE!(), r")$");
pub PROXMOX_USER_ID_REGEX = concat!(r"^", USER_NAME_REGEX_STR!(), r"@", PROXMOX_SAFE_ID_REGEX_STR!(), r"$");
} }
pub const SYSTEMD_DATETIME_FORMAT: ApiStringFormat = pub const SYSTEMD_DATETIME_FORMAT: ApiStringFormat =
@ -65,6 +76,9 @@ pub const DNS_NAME_FORMAT: ApiStringFormat =
pub const DNS_NAME_OR_IP_FORMAT: ApiStringFormat = pub const DNS_NAME_OR_IP_FORMAT: ApiStringFormat =
ApiStringFormat::Pattern(&DNS_NAME_OR_IP_REGEX); ApiStringFormat::Pattern(&DNS_NAME_OR_IP_REGEX);
pub const PROXMOX_USER_ID_FORMAT: ApiStringFormat =
ApiStringFormat::Pattern(&PROXMOX_USER_ID_REGEX);
pub const PVE_CONFIG_DIGEST_SCHEMA: Schema = StringSchema::new(r#"\ pub const PVE_CONFIG_DIGEST_SCHEMA: Schema = StringSchema::new(r#"\
Prevent changes if current configuration file has different SHA256 digest. Prevent changes if current configuration file has different SHA256 digest.
@ -158,6 +172,18 @@ pub const DNS_NAME_OR_IP_SCHEMA: Schema = StringSchema::new("DNS name or IP addr
.format(&DNS_NAME_OR_IP_FORMAT) .format(&DNS_NAME_OR_IP_FORMAT)
.schema(); .schema();
pub const PROXMOX_AUTH_REALM_SCHEMA: Schema = StringSchema::new("Authentication domain ID")
.format(&PROXMOX_SAFE_ID_FORMAT)
.min_length(3)
.max_length(32)
.schema();
pub const PROXMOX_USER_ID_SCHEMA: Schema = StringSchema::new("User ID")
.format(&PROXMOX_USER_ID_FORMAT)
.min_length(3)
.max_length(64)
.schema();
// Complex type definitions // Complex type definitions

View File

@ -16,9 +16,9 @@ lazy_static! {
// fixme: define better schemas // fixme: define better schemas
pub const REMOTE_HOST_SCHEMA: Schema = StringSchema::new("Host IP address or DNS name.").schema(); pub const REMOTE_PASSWORD_SCHEMA: Schema = StringSchema::new("Password or auth token for remote host.")
pub const REMOTE_USERID_SCHEMA: Schema = StringSchema::new("User ID").schema(); .max_length(1024)
pub const REMOTE_PASSWORD_SCHEMA: Schema = StringSchema::new("Password or auth token.").schema(); .schema();
#[api( #[api(
properties: { properties: {
@ -27,10 +27,10 @@ pub const REMOTE_PASSWORD_SCHEMA: Schema = StringSchema::new("Password or auth t
schema: SINGLE_LINE_COMMENT_SCHEMA, schema: SINGLE_LINE_COMMENT_SCHEMA,
}, },
host: { host: {
schema: REMOTE_HOST_SCHEMA, schema: DNS_NAME_OR_IP_SCHEMA,
}, },
userid: { userid: {
schema: REMOTE_USERID_SCHEMA, schema: PROXMOX_USER_ID_SCHEMA,
}, },
password: { password: {
schema: REMOTE_PASSWORD_SCHEMA, schema: REMOTE_PASSWORD_SCHEMA,