backup/datastore: refactor check_backup_owner there

and add a 'owns_backup' convenience function

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
This commit is contained in:
Dominik Csapak 2021-07-16 10:53:22 +02:00 committed by Dietmar Maurer
parent 0a240aaa9a
commit 9751ef4b36
2 changed files with 20 additions and 12 deletions

View File

@ -74,18 +74,6 @@ fn check_priv_or_backup_owner(
Ok(()) Ok(())
} }
fn check_backup_owner(
owner: &Authid,
auth_id: &Authid,
) -> Result<(), Error> {
let correct_owner = owner == auth_id
|| (owner.is_token() && &Authid::from(owner.user().clone()) == auth_id);
if !correct_owner {
bail!("backup owner check failed ({} != {})", auth_id, owner);
}
Ok(())
}
fn read_backup_index( fn read_backup_index(
store: &DataStore, store: &DataStore,
backup_dir: &BackupDir, backup_dir: &BackupDir,

View File

@ -37,6 +37,20 @@ lazy_static! {
static ref DATASTORE_MAP: Mutex<HashMap<String, Arc<DataStore>>> = Mutex::new(HashMap::new()); static ref DATASTORE_MAP: Mutex<HashMap<String, Arc<DataStore>>> = Mutex::new(HashMap::new());
} }
/// checks if auth_id is owner, or, if owner is a token, if
/// auth_id is the user of the token
pub fn check_backup_owner(
owner: &Authid,
auth_id: &Authid,
) -> Result<(), Error> {
let correct_owner = owner == auth_id
|| (owner.is_token() && &Authid::from(owner.user().clone()) == auth_id);
if !correct_owner {
bail!("backup owner check failed ({} != {})", auth_id, owner);
}
Ok(())
}
/// Datastore Management /// Datastore Management
/// ///
/// A Datastore can store severals backups, and provides the /// A Datastore can store severals backups, and provides the
@ -338,6 +352,12 @@ impl DataStore {
Ok(owner.trim_end().parse()?) // remove trailing newline Ok(owner.trim_end().parse()?) // remove trailing newline
} }
pub fn owns_backup(&self, backup_group: &BackupGroup, auth_id: &Authid) -> Result<bool, Error> {
let owner = self.get_owner(backup_group)?;
Ok(check_backup_owner(owner, auth_id).is_ok())
}
/// Set the backup owner. /// Set the backup owner.
pub fn set_owner( pub fn set_owner(
&self, &self,