api2/acl: add privs array to roles
so that an admin can see which roles have which privileges Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
This commit is contained in:
parent
1ad9dd08f4
commit
5160c0e986
@ -6,7 +6,7 @@ use proxmox::api::{api, Permission};
|
|||||||
use proxmox::api::router::Router;
|
use proxmox::api::router::Router;
|
||||||
|
|
||||||
use crate::api2::types::*;
|
use crate::api2::types::*;
|
||||||
use crate::config::acl::{Role, ROLE_NAMES};
|
use crate::config::acl::{Role, ROLE_NAMES, PRIVILEGES};
|
||||||
|
|
||||||
#[api(
|
#[api(
|
||||||
returns: {
|
returns: {
|
||||||
@ -19,6 +19,14 @@ use crate::config::acl::{Role, ROLE_NAMES};
|
|||||||
role: {
|
role: {
|
||||||
type: Role,
|
type: Role,
|
||||||
},
|
},
|
||||||
|
privs: {
|
||||||
|
type: Array,
|
||||||
|
description: "List of Privileges",
|
||||||
|
items: {
|
||||||
|
type: String,
|
||||||
|
description: "A Privilege",
|
||||||
|
},
|
||||||
|
},
|
||||||
comment: {
|
comment: {
|
||||||
schema: SINGLE_LINE_COMMENT_SCHEMA,
|
schema: SINGLE_LINE_COMMENT_SCHEMA,
|
||||||
optional: true,
|
optional: true,
|
||||||
@ -34,8 +42,14 @@ use crate::config::acl::{Role, ROLE_NAMES};
|
|||||||
fn list_roles() -> Result<Value, Error> {
|
fn list_roles() -> Result<Value, Error> {
|
||||||
let mut list = Vec::new();
|
let mut list = Vec::new();
|
||||||
|
|
||||||
for (role, comment) in ROLE_NAMES.iter() {
|
for (role, (privs, comment)) in ROLE_NAMES.iter() {
|
||||||
list.push(json!({ "role": role, "comment": comment }));
|
let mut priv_list = Vec::new();
|
||||||
|
for (name, privilege) in PRIVILEGES.iter() {
|
||||||
|
if privs & privilege > 0 {
|
||||||
|
priv_list.push(name.clone());
|
||||||
|
}
|
||||||
|
}
|
||||||
|
list.push(json!({ "role": role, "privs": priv_list, "comment": comment }));
|
||||||
}
|
}
|
||||||
Ok(list.into())
|
Ok(list.into())
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user