tyler/proxmox-backup
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

api2/acl: add privs array to roles

Browse Source 
so that an admin can see which roles have which privileges

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
This commit is contained in:
Dominik Csapak
2020-05-20 12:15:31 +02:00
committed by Dietmar Maurer
parent 1ad9dd08f4
commit 5160c0e986
1 changed files with 17 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
src/api2/access/role.rs
View File

@ -6,7 +6,7 @@ use proxmox::api::{api, Permission};
use proxmox::api::router::Router;
use crate::api2::types::*;
use crate::config::acl::{Role, ROLE_NAMES};
use crate::config::acl::{Role, ROLE_NAMES, PRIVILEGES};
#[api(
returns: {
@ -19,6 +19,14 @@ use crate::config::acl::{Role, ROLE_NAMES};
role: {
type: Role,
},
privs: {
type: Array,
description: "List of Privileges",
items: {
type: String,
description: "A Privilege",
},
},
comment: {
schema: SINGLE_LINE_COMMENT_SCHEMA,
optional: true,
@ -34,8 +42,14 @@ use crate::config::acl::{Role, ROLE_NAMES};
fn list_roles() -> Result<Value, Error> {
let mut list = Vec::new();
for (role, comment) in ROLE_NAMES.iter() {
list.push(json!({ "role": role, "comment": comment }));
for (role, (privs, comment)) in ROLE_NAMES.iter() {
let mut priv_list = Vec::new();
for (name, privilege) in PRIVILEGES.iter() {
if privs & privilege > 0 {
priv_list.push(name.clone());
}
}
list.push(json!({ "role": role, "privs": priv_list, "comment": comment }));
}
Ok(list.into())
}