api: add missing token list match_all property

to have the proper link between the token list and the sub routes
in the api, include the 'tokenname' property in the token listing

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
This commit is contained in:
Dominik Csapak 2021-09-21 12:11:15 +02:00 committed by Thomas Lamprecht
parent efb7c5348c
commit f54634a890
2 changed files with 47 additions and 25 deletions

View File

@ -395,7 +395,7 @@ pub fn delete_user(userid: Userid, digest: Option<String>) -> Result<(), Error>
userid: { userid: {
type: Userid, type: Userid,
}, },
tokenname: { "token-name": {
type: Tokenname, type: Tokenname,
}, },
}, },
@ -411,14 +411,14 @@ pub fn delete_user(userid: Userid, digest: Option<String>) -> Result<(), Error>
/// Read user's API token metadata /// Read user's API token metadata
pub fn read_token( pub fn read_token(
userid: Userid, userid: Userid,
tokenname: Tokenname, token_name: Tokenname,
_info: &ApiMethod, _info: &ApiMethod,
mut rpcenv: &mut dyn RpcEnvironment, mut rpcenv: &mut dyn RpcEnvironment,
) -> Result<ApiToken, Error> { ) -> Result<ApiToken, Error> {
let (config, digest) = pbs_config::user::config()?; let (config, digest) = pbs_config::user::config()?;
let tokenid = Authid::from((userid, Some(tokenname))); let tokenid = Authid::from((userid, Some(token_name)));
rpcenv["digest"] = proxmox::tools::digest_to_hex(&digest).into(); rpcenv["digest"] = proxmox::tools::digest_to_hex(&digest).into();
config.lookup("token", &tokenid.to_string()) config.lookup("token", &tokenid.to_string())
@ -431,7 +431,7 @@ pub fn read_token(
userid: { userid: {
type: Userid, type: Userid,
}, },
tokenname: { "token-name": {
type: Tokenname, type: Tokenname,
}, },
comment: { comment: {
@ -475,7 +475,7 @@ pub fn read_token(
/// Generate a new API token with given metadata /// Generate a new API token with given metadata
pub fn generate_token( pub fn generate_token(
userid: Userid, userid: Userid,
tokenname: Tokenname, token_name: Tokenname,
comment: Option<String>, comment: Option<String>,
enable: Option<bool>, enable: Option<bool>,
expire: Option<i64>, expire: Option<i64>,
@ -491,11 +491,11 @@ pub fn generate_token(
crate::tools::detect_modified_configuration_file(&digest, &expected_digest)?; crate::tools::detect_modified_configuration_file(&digest, &expected_digest)?;
} }
let tokenid = Authid::from((userid.clone(), Some(tokenname.clone()))); let tokenid = Authid::from((userid.clone(), Some(token_name.clone())));
let tokenid_string = tokenid.to_string(); let tokenid_string = tokenid.to_string();
if config.sections.get(&tokenid_string).is_some() { if config.sections.get(&tokenid_string).is_some() {
bail!("token '{}' for user '{}' already exists.", tokenname.as_str(), userid); bail!("token '{}' for user '{}' already exists.", token_name.as_str(), userid);
} }
let secret = format!("{:x}", proxmox::tools::uuid::Uuid::generate()); let secret = format!("{:x}", proxmox::tools::uuid::Uuid::generate());
@ -525,7 +525,7 @@ pub fn generate_token(
userid: { userid: {
type: Userid, type: Userid,
}, },
tokenname: { "token-name": {
type: Tokenname, type: Tokenname,
}, },
comment: { comment: {
@ -556,7 +556,7 @@ pub fn generate_token(
/// Update user's API token metadata /// Update user's API token metadata
pub fn update_token( pub fn update_token(
userid: Userid, userid: Userid,
tokenname: Tokenname, token_name: Tokenname,
comment: Option<String>, comment: Option<String>,
enable: Option<bool>, enable: Option<bool>,
expire: Option<i64>, expire: Option<i64>,
@ -572,7 +572,7 @@ pub fn update_token(
crate::tools::detect_modified_configuration_file(&digest, &expected_digest)?; crate::tools::detect_modified_configuration_file(&digest, &expected_digest)?;
} }
let tokenid = Authid::from((userid, Some(tokenname))); let tokenid = Authid::from((userid, Some(token_name)));
let tokenid_string = tokenid.to_string(); let tokenid_string = tokenid.to_string();
let mut data: ApiToken = config.lookup("token", &tokenid_string)?; let mut data: ApiToken = config.lookup("token", &tokenid_string)?;
@ -608,7 +608,7 @@ pub fn update_token(
userid: { userid: {
type: Userid, type: Userid,
}, },
tokenname: { "token-name": {
type: Tokenname, type: Tokenname,
}, },
digest: { digest: {
@ -627,7 +627,7 @@ pub fn update_token(
/// Delete a user's API token /// Delete a user's API token
pub fn delete_token( pub fn delete_token(
userid: Userid, userid: Userid,
tokenname: Tokenname, token_name: Tokenname,
digest: Option<String>, digest: Option<String>,
) -> Result<(), Error> { ) -> Result<(), Error> {
@ -640,12 +640,12 @@ pub fn delete_token(
crate::tools::detect_modified_configuration_file(&digest, &expected_digest)?; crate::tools::detect_modified_configuration_file(&digest, &expected_digest)?;
} }
let tokenid = Authid::from((userid.clone(), Some(tokenname.clone()))); let tokenid = Authid::from((userid.clone(), Some(token_name.clone())));
let tokenid_string = tokenid.to_string(); let tokenid_string = tokenid.to_string();
match config.sections.get(&tokenid_string) { match config.sections.get(&tokenid_string) {
Some(_) => { config.sections.remove(&tokenid_string); }, Some(_) => { config.sections.remove(&tokenid_string); },
None => bail!("token '{}' of user '{}' does not exist.", tokenname.as_str(), userid), None => bail!("token '{}' of user '{}' does not exist.", token_name.as_str(), userid),
} }
token_shadow::delete_secret(&tokenid)?; token_shadow::delete_secret(&tokenid)?;
@ -655,6 +655,22 @@ pub fn delete_token(
Ok(()) Ok(())
} }
#[api(
properties: {
"token-name": { type: Tokenname },
token: { type: ApiToken },
}
)]
#[derive(Serialize, Deserialize)]
#[serde(rename_all="kebab-case")]
/// A Token Entry that contains the token-name
pub struct TokenApiEntry {
/// The Token name
pub token_name: Tokenname,
#[serde(flatten)]
pub token: ApiToken,
}
#[api( #[api(
input: { input: {
properties: { properties: {
@ -666,7 +682,7 @@ pub fn delete_token(
returns: { returns: {
description: "List user's API tokens (with config digest).", description: "List user's API tokens (with config digest).",
type: Array, type: Array,
items: { type: ApiToken }, items: { type: TokenApiEntry },
}, },
access: { access: {
permission: &Permission::Or(&[ permission: &Permission::Or(&[
@ -680,7 +696,7 @@ pub fn list_tokens(
userid: Userid, userid: Userid,
_info: &ApiMethod, _info: &ApiMethod,
mut rpcenv: &mut dyn RpcEnvironment, mut rpcenv: &mut dyn RpcEnvironment,
) -> Result<Vec<ApiToken>, Error> { ) -> Result<Vec<TokenApiEntry>, Error> {
let (config, digest) = pbs_config::user::config()?; let (config, digest) = pbs_config::user::config()?;
@ -688,15 +704,21 @@ pub fn list_tokens(
rpcenv["digest"] = proxmox::tools::digest_to_hex(&digest).into(); rpcenv["digest"] = proxmox::tools::digest_to_hex(&digest).into();
let filter_by_owner = |token: &ApiToken| { let filter_by_owner = |token: ApiToken| {
if token.tokenid.is_token() { if token.tokenid.is_token() && token.tokenid.user() == &userid {
token.tokenid.user() == &userid let token_name = token.tokenid.tokenname().unwrap().to_owned();
Some(TokenApiEntry {
token_name,
token,
})
} else { } else {
false None
} }
}; };
Ok(list.into_iter().filter(filter_by_owner).collect()) let res = list.into_iter().filter_map(filter_by_owner).collect();
Ok(res)
} }
const TOKEN_ITEM_ROUTER: Router = Router::new() const TOKEN_ITEM_ROUTER: Router = Router::new()
@ -707,7 +729,7 @@ const TOKEN_ITEM_ROUTER: Router = Router::new()
const TOKEN_ROUTER: Router = Router::new() const TOKEN_ROUTER: Router = Router::new()
.get(&API_METHOD_LIST_TOKENS) .get(&API_METHOD_LIST_TOKENS)
.match_all("tokenname", &TOKEN_ITEM_ROUTER); .match_all("token-name", &TOKEN_ITEM_ROUTER);
const USER_SUBDIRS: SubdirMap = &[ const USER_SUBDIRS: SubdirMap = &[
("token", &TOKEN_ROUTER), ("token", &TOKEN_ROUTER),

View File

@ -198,15 +198,15 @@ pub fn user_commands() -> CommandLineInterface {
.insert( .insert(
"generate-token", "generate-token",
CliCommand::new(&api2::access::user::API_METHOD_GENERATE_TOKEN) CliCommand::new(&api2::access::user::API_METHOD_GENERATE_TOKEN)
.arg_param(&["userid", "tokenname"]) .arg_param(&["userid", "token-name"])
.completion_cb("userid", pbs_config::user::complete_userid) .completion_cb("userid", pbs_config::user::complete_userid)
) )
.insert( .insert(
"delete-token", "delete-token",
CliCommand::new(&api2::access::user::API_METHOD_DELETE_TOKEN) CliCommand::new(&api2::access::user::API_METHOD_DELETE_TOKEN)
.arg_param(&["userid", "tokenname"]) .arg_param(&["userid", "token-name"])
.completion_cb("userid", pbs_config::user::complete_userid) .completion_cb("userid", pbs_config::user::complete_userid)
.completion_cb("tokenname", pbs_config::user::complete_token_name) .completion_cb("token-name", pbs_config::user::complete_token_name)
) )
.insert( .insert(
"permissions", "permissions",