acl update: check if user exist.

This commit is contained in:
Dietmar Maurer 2020-04-14 13:46:27 +02:00
parent 68ccdf09a4
commit d83175dd69
1 changed files with 14 additions and 4 deletions

View File

@ -145,7 +145,7 @@ pub fn read_acl(
optional: true, optional: true,
schema: PROXMOX_GROUP_ID_SCHEMA, schema: PROXMOX_GROUP_ID_SCHEMA,
}, },
delete: { delete: {
optional: true, optional: true,
description: "Remove permissions (instead of adding it).", description: "Remove permissions (instead of adding it).",
type: bool, type: bool,
@ -178,13 +178,23 @@ pub fn update_acl(
crate::tools::detect_modified_configuration_file(&digest, &expected_digest)?; crate::tools::detect_modified_configuration_file(&digest, &expected_digest)?;
} }
// fixme: test if user/group exists?
// fixme: let propagate = propagate.unwrap_or(api_get_default!("propagate"));
let propagate = propagate.unwrap_or(true); let propagate = propagate.unwrap_or(true);
let delete = delete.unwrap_or(false); let delete = delete.unwrap_or(false);
if let Some(ref group) = group {
bail!("parameter 'group' - groups are currently not supported.");
} else if let Some(ref userid) = userid {
if !delete { // Note: we allow to delete non-existent users
let (user_cfg, _) = crate::config::user::cached_config()?;
if user_cfg.sections.get(userid).is_none() {
bail!("no such user.");
}
}
} else {
bail!("missing 'userid' or 'group' parameter.");
}
if let Some(userid) = userid { if let Some(userid) = userid {
if delete { if delete {
tree.delete_user_role(&path, &userid, &role); tree.delete_user_role(&path, &userid, &role);