move user configuration to pbs_config workspace
Also moved memcom.rs and cached_user_info.rs
This commit is contained in:
Dietmar Maurer
@@ -12,7 +12,7 @@ use pbs_api_types::{
|
||||
|
||||
use pbs_config::acl::AclTreeNode;
|
||||
|
||||
use crate::config::cached_user_info::CachedUserInfo;
|
||||
use pbs_config::CachedUserInfo;
|
||||
|
||||
fn extract_acl_node_data(
|
||||
node: &AclTreeNode,
|
||||
@@ -221,7 +221,7 @@ pub fn update_acl(
|
||||
bail!("parameter 'group' - groups are currently not supported.");
|
||||
} else if let Some(ref auth_id) = auth_id {
|
||||
if !delete { // Note: we allow to delete non-existent users
|
||||
let user_cfg = crate::config::user::cached_config()?;
|
||||
let user_cfg = pbs_config::user::cached_config()?;
|
||||
if user_cfg.sections.get(&auth_id.to_string()).is_none() {
|
||||
bail!(format!("no such {}.",
|
||||
if auth_id.is_token() { "API token" } else { "user" }));
|
||||
|
||||
@@ -22,7 +22,7 @@ use pbs_config::acl::AclTreeNode;
|
||||
use crate::auth_helpers::*;
|
||||
use crate::server::ticket::ApiTicket;
|
||||
|
||||
use crate::config::cached_user_info::CachedUserInfo;
|
||||
use pbs_config::CachedUserInfo;
|
||||
use crate::config::tfa::TfaChallenge;
|
||||
|
||||
pub mod acl;
|
||||
|
||||
@@ -19,7 +19,7 @@ use pbs_tools::ticket::Ticket;
|
||||
use pbs_config::domains::{OpenIdUserAttribute, OpenIdRealmConfig};
|
||||
|
||||
use crate::server::ticket::ApiTicket;
|
||||
use crate::config::cached_user_info::CachedUserInfo;
|
||||
use pbs_config::CachedUserInfo;
|
||||
|
||||
use pbs_config::open_backup_lockfile;
|
||||
|
||||
@@ -116,7 +116,7 @@ pub fn openid_login(
|
||||
|
||||
if !user_info.is_active_user_id(&user_id) {
|
||||
if config.autocreate.unwrap_or(false) {
|
||||
use crate::config::user;
|
||||
use pbs_config::user;
|
||||
let _lock = open_backup_lockfile(user::USER_CFG_LOCKFILE, None, true)?;
|
||||
let user = User {
|
||||
userid: user_id.clone(),
|
||||
|
||||
@@ -9,7 +9,7 @@ use proxmox::{http_bail, http_err};
|
||||
|
||||
use pbs_api_types::{Authid, Userid, User, PASSWORD_SCHEMA, PRIV_PERMISSIONS_MODIFY, PRIV_SYS_AUDIT};
|
||||
|
||||
use crate::config::cached_user_info::CachedUserInfo;
|
||||
use pbs_config::CachedUserInfo;
|
||||
use crate::config::tfa::{TfaInfo, TfaUserData};
|
||||
|
||||
/// Perform first-factor (password) authentication only. Ignore password for the root user.
|
||||
@@ -34,7 +34,7 @@ fn tfa_update_auth(
|
||||
|
||||
// After authentication, verify that the to-be-modified user actually exists:
|
||||
if must_exist && authid.user() != userid {
|
||||
let (config, _digest) = crate::config::user::config()?;
|
||||
let (config, _digest) = pbs_config::user::config()?;
|
||||
|
||||
if config
|
||||
.lookup::<User>("user", userid.as_str())
|
||||
|
||||
@@ -16,7 +16,7 @@ use pbs_api_types::{
|
||||
};
|
||||
use pbs_config::token_shadow;
|
||||
|
||||
use crate::config::cached_user_info::CachedUserInfo;
|
||||
use pbs_config::CachedUserInfo;
|
||||
|
||||
fn new_user_with_tokens(user: User) -> UserWithTokens {
|
||||
UserWithTokens {
|
||||
@@ -59,7 +59,7 @@ pub fn list_users(
|
||||
mut rpcenv: &mut dyn RpcEnvironment,
|
||||
) -> Result<Vec<UserWithTokens>, Error> {
|
||||
|
||||
let (config, digest) = crate::config::user::config()?;
|
||||
let (config, digest) = pbs_config::user::config()?;
|
||||
|
||||
let auth_id: Authid = rpcenv
|
||||
.get_auth_id()
|
||||
@@ -138,9 +138,9 @@ pub fn create_user(
|
||||
rpcenv: &mut dyn RpcEnvironment
|
||||
) -> Result<(), Error> {
|
||||
|
||||
let _lock = crate::config::user::lock_config()?;
|
||||
let _lock = pbs_config::user::lock_config()?;
|
||||
|
||||
let (mut section_config, _digest) = crate::config::user::config()?;
|
||||
let (mut section_config, _digest) = pbs_config::user::config()?;
|
||||
|
||||
if section_config.sections.get(config.userid.as_str()).is_some() {
|
||||
bail!("user '{}' already exists.", config.userid);
|
||||
@@ -153,7 +153,7 @@ pub fn create_user(
|
||||
// Fails if realm does not exist!
|
||||
let authenticator = crate::auth::lookup_authenticator(realm)?;
|
||||
|
||||
crate::config::user::save_config(§ion_config)?;
|
||||
pbs_config::user::save_config(§ion_config)?;
|
||||
|
||||
if let Some(password) = password {
|
||||
let user_info = CachedUserInfo::new()?;
|
||||
@@ -185,7 +185,7 @@ pub fn create_user(
|
||||
)]
|
||||
/// Read user configuration data.
|
||||
pub fn read_user(userid: Userid, mut rpcenv: &mut dyn RpcEnvironment) -> Result<User, Error> {
|
||||
let (config, digest) = crate::config::user::config()?;
|
||||
let (config, digest) = pbs_config::user::config()?;
|
||||
let user = config.lookup("user", userid.as_str())?;
|
||||
rpcenv["digest"] = proxmox::tools::digest_to_hex(&digest).into();
|
||||
Ok(user)
|
||||
@@ -253,9 +253,9 @@ pub fn update_user(
|
||||
rpcenv: &mut dyn RpcEnvironment,
|
||||
) -> Result<(), Error> {
|
||||
|
||||
let _lock = crate::config::user::lock_config()?;
|
||||
let _lock = pbs_config::user::lock_config()?;
|
||||
|
||||
let (mut config, expected_digest) = crate::config::user::config()?;
|
||||
let (mut config, expected_digest) = pbs_config::user::config()?;
|
||||
|
||||
if let Some(ref digest) = digest {
|
||||
let digest = proxmox::tools::hex_to_digest(digest)?;
|
||||
@@ -317,7 +317,7 @@ pub fn update_user(
|
||||
|
||||
config.set_data(userid.as_str(), "user", &data)?;
|
||||
|
||||
crate::config::user::save_config(&config)?;
|
||||
pbs_config::user::save_config(&config)?;
|
||||
|
||||
Ok(())
|
||||
}
|
||||
@@ -345,10 +345,10 @@ pub fn update_user(
|
||||
/// Remove a user from the configuration file.
|
||||
pub fn delete_user(userid: Userid, digest: Option<String>) -> Result<(), Error> {
|
||||
|
||||
let _lock = crate::config::user::lock_config()?;
|
||||
let _lock = pbs_config::user::lock_config()?;
|
||||
let _tfa_lock = crate::config::tfa::write_lock()?;
|
||||
|
||||
let (mut config, expected_digest) = crate::config::user::config()?;
|
||||
let (mut config, expected_digest) = pbs_config::user::config()?;
|
||||
|
||||
if let Some(ref digest) = digest {
|
||||
let digest = proxmox::tools::hex_to_digest(digest)?;
|
||||
@@ -360,7 +360,7 @@ pub fn delete_user(userid: Userid, digest: Option<String>) -> Result<(), Error>
|
||||
None => bail!("user '{}' does not exist.", userid),
|
||||
}
|
||||
|
||||
crate::config::user::save_config(&config)?;
|
||||
pbs_config::user::save_config(&config)?;
|
||||
|
||||
let authenticator = crate::auth::lookup_authenticator(userid.realm())?;
|
||||
match authenticator.remove_password(userid.name()) {
|
||||
@@ -416,7 +416,7 @@ pub fn read_token(
|
||||
mut rpcenv: &mut dyn RpcEnvironment,
|
||||
) -> Result<ApiToken, Error> {
|
||||
|
||||
let (config, digest) = crate::config::user::config()?;
|
||||
let (config, digest) = pbs_config::user::config()?;
|
||||
|
||||
let tokenid = Authid::from((userid, Some(tokenname)));
|
||||
|
||||
@@ -482,9 +482,9 @@ pub fn generate_token(
|
||||
digest: Option<String>,
|
||||
) -> Result<Value, Error> {
|
||||
|
||||
let _lock = crate::config::user::lock_config()?;
|
||||
let _lock = pbs_config::user::lock_config()?;
|
||||
|
||||
let (mut config, expected_digest) = crate::config::user::config()?;
|
||||
let (mut config, expected_digest) = pbs_config::user::config()?;
|
||||
|
||||
if let Some(ref digest) = digest {
|
||||
let digest = proxmox::tools::hex_to_digest(digest)?;
|
||||
@@ -510,7 +510,7 @@ pub fn generate_token(
|
||||
|
||||
config.set_data(&tokenid_string, "token", &token)?;
|
||||
|
||||
crate::config::user::save_config(&config)?;
|
||||
pbs_config::user::save_config(&config)?;
|
||||
|
||||
Ok(json!({
|
||||
"tokenid": tokenid_string,
|
||||
@@ -563,9 +563,9 @@ pub fn update_token(
|
||||
digest: Option<String>,
|
||||
) -> Result<(), Error> {
|
||||
|
||||
let _lock = crate::config::user::lock_config()?;
|
||||
let _lock = pbs_config::user::lock_config()?;
|
||||
|
||||
let (mut config, expected_digest) = crate::config::user::config()?;
|
||||
let (mut config, expected_digest) = pbs_config::user::config()?;
|
||||
|
||||
if let Some(ref digest) = digest {
|
||||
let digest = proxmox::tools::hex_to_digest(digest)?;
|
||||
@@ -596,7 +596,7 @@ pub fn update_token(
|
||||
|
||||
config.set_data(&tokenid_string, "token", &data)?;
|
||||
|
||||
crate::config::user::save_config(&config)?;
|
||||
pbs_config::user::save_config(&config)?;
|
||||
|
||||
Ok(())
|
||||
}
|
||||
@@ -631,9 +631,9 @@ pub fn delete_token(
|
||||
digest: Option<String>,
|
||||
) -> Result<(), Error> {
|
||||
|
||||
let _lock = crate::config::user::lock_config()?;
|
||||
let _lock = pbs_config::user::lock_config()?;
|
||||
|
||||
let (mut config, expected_digest) = crate::config::user::config()?;
|
||||
let (mut config, expected_digest) = pbs_config::user::config()?;
|
||||
|
||||
if let Some(ref digest) = digest {
|
||||
let digest = proxmox::tools::hex_to_digest(digest)?;
|
||||
@@ -650,7 +650,7 @@ pub fn delete_token(
|
||||
|
||||
token_shadow::delete_secret(&tokenid)?;
|
||||
|
||||
crate::config::user::save_config(&config)?;
|
||||
pbs_config::user::save_config(&config)?;
|
||||
|
||||
Ok(())
|
||||
}
|
||||
@@ -682,7 +682,7 @@ pub fn list_tokens(
|
||||
mut rpcenv: &mut dyn RpcEnvironment,
|
||||
) -> Result<Vec<ApiToken>, Error> {
|
||||
|
||||
let (config, digest) = crate::config::user::config()?;
|
||||
let (config, digest) = pbs_config::user::config()?;
|
||||
|
||||
let list:Vec<ApiToken> = config.convert_to_typed_array("token")?;
|
||||
|
||||
|
||||
Reference in New Issue
Block a user