From 2882c881e9ebeba16c12be42f13cba0c03d63030 Mon Sep 17 00:00:00 2001
From: Dominik Csapak <d.csapak@proxmox.com>
Date: Wed, 20 May 2020 12:15:35 +0200
Subject: [PATCH] api2/access/acl: add path and exact parameter to list_acl

so that we can get only a subset of the acls, filtered by the backed
also return the digest here

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
---
 src/api2/access/acl.rs | 31 +++++++++++++++++++++++++++----
 src/config/acl.rs      |  5 +++++
 2 files changed, 32 insertions(+), 4 deletions(-)

diff --git a/src/api2/access/acl.rs b/src/api2/access/acl.rs
index d436c437..4fed4652 100644
--- a/src/api2/access/acl.rs
+++ b/src/api2/access/acl.rs
@@ -75,6 +75,20 @@ fn extract_acl_node_data(
 }
 
 #[api(
+    input: {
+        properties: {
+	    path: {
+                schema: ACL_PATH_SCHEMA,
+                optional: true,
+            },
+            exact: {
+                description: "If set, returns only ACL for the exact path.",
+                type: bool,
+                optional: true,
+                default: false,
+            },
+        },
+    },
     returns: {
         description: "ACL entry list.",
         type: Array,
@@ -88,16 +102,25 @@ fn extract_acl_node_data(
 )]
 /// Read Access Control List (ACLs).
 pub fn read_acl(
-    _rpcenv: &mut dyn RpcEnvironment,
+    path: Option<String>,
+    exact: bool,
+    mut rpcenv: &mut dyn RpcEnvironment,
 ) -> Result<Vec<AclListItem>, Error> {
 
     //let auth_user = rpcenv.get_user().unwrap();
 
-    // fixme: return digest?
-    let (tree, _digest) = acl::config()?;
+    let (mut tree, digest) = acl::config()?;
 
     let mut list: Vec<AclListItem> = Vec::new();
-    extract_acl_node_data(&tree.root, "", &mut list, false);
+    if let Some(path) = &path {
+        if let Some(node) = &tree.find_node(path) {
+            extract_acl_node_data(&node, path, &mut list, exact);
+        }
+    } else {
+        extract_acl_node_data(&tree.root, "", &mut list, exact);
+    }
+
+    rpcenv["digest"] = proxmox::tools::digest_to_hex(&digest).into();
 
     Ok(list)
 }
diff --git a/src/config/acl.rs b/src/config/acl.rs
index 70bcf73a..f702ec4d 100644
--- a/src/config/acl.rs
+++ b/src/config/acl.rs
@@ -340,6 +340,11 @@ impl AclTree {
         Self { root: AclTreeNode::new() }
     }
 
+    pub fn find_node(&mut self, path: &str) -> Option<&mut AclTreeNode> {
+        let path = split_acl_path(path);
+        return self.get_node(&path);
+    }
+
     fn get_node(&mut self, path: &[&str]) -> Option<&mut AclTreeNode> {
         let mut node = &mut self.root;
         for comp in path {