api: add missing token list match_all property
to have the proper link between the token list and the sub routes in the api, include the 'tokenname' property in the token listing Signed-off-by: Dominik Csapak <d.csapak@proxmox.com> Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
This commit is contained in:
parent
efb7c5348c
commit
f54634a890
@ -395,7 +395,7 @@ pub fn delete_user(userid: Userid, digest: Option<String>) -> Result<(), Error>
|
|||||||
userid: {
|
userid: {
|
||||||
type: Userid,
|
type: Userid,
|
||||||
},
|
},
|
||||||
tokenname: {
|
"token-name": {
|
||||||
type: Tokenname,
|
type: Tokenname,
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
@ -411,14 +411,14 @@ pub fn delete_user(userid: Userid, digest: Option<String>) -> Result<(), Error>
|
|||||||
/// Read user's API token metadata
|
/// Read user's API token metadata
|
||||||
pub fn read_token(
|
pub fn read_token(
|
||||||
userid: Userid,
|
userid: Userid,
|
||||||
tokenname: Tokenname,
|
token_name: Tokenname,
|
||||||
_info: &ApiMethod,
|
_info: &ApiMethod,
|
||||||
mut rpcenv: &mut dyn RpcEnvironment,
|
mut rpcenv: &mut dyn RpcEnvironment,
|
||||||
) -> Result<ApiToken, Error> {
|
) -> Result<ApiToken, Error> {
|
||||||
|
|
||||||
let (config, digest) = pbs_config::user::config()?;
|
let (config, digest) = pbs_config::user::config()?;
|
||||||
|
|
||||||
let tokenid = Authid::from((userid, Some(tokenname)));
|
let tokenid = Authid::from((userid, Some(token_name)));
|
||||||
|
|
||||||
rpcenv["digest"] = proxmox::tools::digest_to_hex(&digest).into();
|
rpcenv["digest"] = proxmox::tools::digest_to_hex(&digest).into();
|
||||||
config.lookup("token", &tokenid.to_string())
|
config.lookup("token", &tokenid.to_string())
|
||||||
@ -431,7 +431,7 @@ pub fn read_token(
|
|||||||
userid: {
|
userid: {
|
||||||
type: Userid,
|
type: Userid,
|
||||||
},
|
},
|
||||||
tokenname: {
|
"token-name": {
|
||||||
type: Tokenname,
|
type: Tokenname,
|
||||||
},
|
},
|
||||||
comment: {
|
comment: {
|
||||||
@ -475,7 +475,7 @@ pub fn read_token(
|
|||||||
/// Generate a new API token with given metadata
|
/// Generate a new API token with given metadata
|
||||||
pub fn generate_token(
|
pub fn generate_token(
|
||||||
userid: Userid,
|
userid: Userid,
|
||||||
tokenname: Tokenname,
|
token_name: Tokenname,
|
||||||
comment: Option<String>,
|
comment: Option<String>,
|
||||||
enable: Option<bool>,
|
enable: Option<bool>,
|
||||||
expire: Option<i64>,
|
expire: Option<i64>,
|
||||||
@ -491,11 +491,11 @@ pub fn generate_token(
|
|||||||
crate::tools::detect_modified_configuration_file(&digest, &expected_digest)?;
|
crate::tools::detect_modified_configuration_file(&digest, &expected_digest)?;
|
||||||
}
|
}
|
||||||
|
|
||||||
let tokenid = Authid::from((userid.clone(), Some(tokenname.clone())));
|
let tokenid = Authid::from((userid.clone(), Some(token_name.clone())));
|
||||||
let tokenid_string = tokenid.to_string();
|
let tokenid_string = tokenid.to_string();
|
||||||
|
|
||||||
if config.sections.get(&tokenid_string).is_some() {
|
if config.sections.get(&tokenid_string).is_some() {
|
||||||
bail!("token '{}' for user '{}' already exists.", tokenname.as_str(), userid);
|
bail!("token '{}' for user '{}' already exists.", token_name.as_str(), userid);
|
||||||
}
|
}
|
||||||
|
|
||||||
let secret = format!("{:x}", proxmox::tools::uuid::Uuid::generate());
|
let secret = format!("{:x}", proxmox::tools::uuid::Uuid::generate());
|
||||||
@ -525,7 +525,7 @@ pub fn generate_token(
|
|||||||
userid: {
|
userid: {
|
||||||
type: Userid,
|
type: Userid,
|
||||||
},
|
},
|
||||||
tokenname: {
|
"token-name": {
|
||||||
type: Tokenname,
|
type: Tokenname,
|
||||||
},
|
},
|
||||||
comment: {
|
comment: {
|
||||||
@ -556,7 +556,7 @@ pub fn generate_token(
|
|||||||
/// Update user's API token metadata
|
/// Update user's API token metadata
|
||||||
pub fn update_token(
|
pub fn update_token(
|
||||||
userid: Userid,
|
userid: Userid,
|
||||||
tokenname: Tokenname,
|
token_name: Tokenname,
|
||||||
comment: Option<String>,
|
comment: Option<String>,
|
||||||
enable: Option<bool>,
|
enable: Option<bool>,
|
||||||
expire: Option<i64>,
|
expire: Option<i64>,
|
||||||
@ -572,7 +572,7 @@ pub fn update_token(
|
|||||||
crate::tools::detect_modified_configuration_file(&digest, &expected_digest)?;
|
crate::tools::detect_modified_configuration_file(&digest, &expected_digest)?;
|
||||||
}
|
}
|
||||||
|
|
||||||
let tokenid = Authid::from((userid, Some(tokenname)));
|
let tokenid = Authid::from((userid, Some(token_name)));
|
||||||
let tokenid_string = tokenid.to_string();
|
let tokenid_string = tokenid.to_string();
|
||||||
|
|
||||||
let mut data: ApiToken = config.lookup("token", &tokenid_string)?;
|
let mut data: ApiToken = config.lookup("token", &tokenid_string)?;
|
||||||
@ -608,7 +608,7 @@ pub fn update_token(
|
|||||||
userid: {
|
userid: {
|
||||||
type: Userid,
|
type: Userid,
|
||||||
},
|
},
|
||||||
tokenname: {
|
"token-name": {
|
||||||
type: Tokenname,
|
type: Tokenname,
|
||||||
},
|
},
|
||||||
digest: {
|
digest: {
|
||||||
@ -627,7 +627,7 @@ pub fn update_token(
|
|||||||
/// Delete a user's API token
|
/// Delete a user's API token
|
||||||
pub fn delete_token(
|
pub fn delete_token(
|
||||||
userid: Userid,
|
userid: Userid,
|
||||||
tokenname: Tokenname,
|
token_name: Tokenname,
|
||||||
digest: Option<String>,
|
digest: Option<String>,
|
||||||
) -> Result<(), Error> {
|
) -> Result<(), Error> {
|
||||||
|
|
||||||
@ -640,12 +640,12 @@ pub fn delete_token(
|
|||||||
crate::tools::detect_modified_configuration_file(&digest, &expected_digest)?;
|
crate::tools::detect_modified_configuration_file(&digest, &expected_digest)?;
|
||||||
}
|
}
|
||||||
|
|
||||||
let tokenid = Authid::from((userid.clone(), Some(tokenname.clone())));
|
let tokenid = Authid::from((userid.clone(), Some(token_name.clone())));
|
||||||
let tokenid_string = tokenid.to_string();
|
let tokenid_string = tokenid.to_string();
|
||||||
|
|
||||||
match config.sections.get(&tokenid_string) {
|
match config.sections.get(&tokenid_string) {
|
||||||
Some(_) => { config.sections.remove(&tokenid_string); },
|
Some(_) => { config.sections.remove(&tokenid_string); },
|
||||||
None => bail!("token '{}' of user '{}' does not exist.", tokenname.as_str(), userid),
|
None => bail!("token '{}' of user '{}' does not exist.", token_name.as_str(), userid),
|
||||||
}
|
}
|
||||||
|
|
||||||
token_shadow::delete_secret(&tokenid)?;
|
token_shadow::delete_secret(&tokenid)?;
|
||||||
@ -655,6 +655,22 @@ pub fn delete_token(
|
|||||||
Ok(())
|
Ok(())
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#[api(
|
||||||
|
properties: {
|
||||||
|
"token-name": { type: Tokenname },
|
||||||
|
token: { type: ApiToken },
|
||||||
|
}
|
||||||
|
)]
|
||||||
|
#[derive(Serialize, Deserialize)]
|
||||||
|
#[serde(rename_all="kebab-case")]
|
||||||
|
/// A Token Entry that contains the token-name
|
||||||
|
pub struct TokenApiEntry {
|
||||||
|
/// The Token name
|
||||||
|
pub token_name: Tokenname,
|
||||||
|
#[serde(flatten)]
|
||||||
|
pub token: ApiToken,
|
||||||
|
}
|
||||||
|
|
||||||
#[api(
|
#[api(
|
||||||
input: {
|
input: {
|
||||||
properties: {
|
properties: {
|
||||||
@ -666,7 +682,7 @@ pub fn delete_token(
|
|||||||
returns: {
|
returns: {
|
||||||
description: "List user's API tokens (with config digest).",
|
description: "List user's API tokens (with config digest).",
|
||||||
type: Array,
|
type: Array,
|
||||||
items: { type: ApiToken },
|
items: { type: TokenApiEntry },
|
||||||
},
|
},
|
||||||
access: {
|
access: {
|
||||||
permission: &Permission::Or(&[
|
permission: &Permission::Or(&[
|
||||||
@ -680,7 +696,7 @@ pub fn list_tokens(
|
|||||||
userid: Userid,
|
userid: Userid,
|
||||||
_info: &ApiMethod,
|
_info: &ApiMethod,
|
||||||
mut rpcenv: &mut dyn RpcEnvironment,
|
mut rpcenv: &mut dyn RpcEnvironment,
|
||||||
) -> Result<Vec<ApiToken>, Error> {
|
) -> Result<Vec<TokenApiEntry>, Error> {
|
||||||
|
|
||||||
let (config, digest) = pbs_config::user::config()?;
|
let (config, digest) = pbs_config::user::config()?;
|
||||||
|
|
||||||
@ -688,15 +704,21 @@ pub fn list_tokens(
|
|||||||
|
|
||||||
rpcenv["digest"] = proxmox::tools::digest_to_hex(&digest).into();
|
rpcenv["digest"] = proxmox::tools::digest_to_hex(&digest).into();
|
||||||
|
|
||||||
let filter_by_owner = |token: &ApiToken| {
|
let filter_by_owner = |token: ApiToken| {
|
||||||
if token.tokenid.is_token() {
|
if token.tokenid.is_token() && token.tokenid.user() == &userid {
|
||||||
token.tokenid.user() == &userid
|
let token_name = token.tokenid.tokenname().unwrap().to_owned();
|
||||||
|
Some(TokenApiEntry {
|
||||||
|
token_name,
|
||||||
|
token,
|
||||||
|
})
|
||||||
} else {
|
} else {
|
||||||
false
|
None
|
||||||
}
|
}
|
||||||
};
|
};
|
||||||
|
|
||||||
Ok(list.into_iter().filter(filter_by_owner).collect())
|
let res = list.into_iter().filter_map(filter_by_owner).collect();
|
||||||
|
|
||||||
|
Ok(res)
|
||||||
}
|
}
|
||||||
|
|
||||||
const TOKEN_ITEM_ROUTER: Router = Router::new()
|
const TOKEN_ITEM_ROUTER: Router = Router::new()
|
||||||
@ -707,7 +729,7 @@ const TOKEN_ITEM_ROUTER: Router = Router::new()
|
|||||||
|
|
||||||
const TOKEN_ROUTER: Router = Router::new()
|
const TOKEN_ROUTER: Router = Router::new()
|
||||||
.get(&API_METHOD_LIST_TOKENS)
|
.get(&API_METHOD_LIST_TOKENS)
|
||||||
.match_all("tokenname", &TOKEN_ITEM_ROUTER);
|
.match_all("token-name", &TOKEN_ITEM_ROUTER);
|
||||||
|
|
||||||
const USER_SUBDIRS: SubdirMap = &[
|
const USER_SUBDIRS: SubdirMap = &[
|
||||||
("token", &TOKEN_ROUTER),
|
("token", &TOKEN_ROUTER),
|
||||||
|
@ -198,15 +198,15 @@ pub fn user_commands() -> CommandLineInterface {
|
|||||||
.insert(
|
.insert(
|
||||||
"generate-token",
|
"generate-token",
|
||||||
CliCommand::new(&api2::access::user::API_METHOD_GENERATE_TOKEN)
|
CliCommand::new(&api2::access::user::API_METHOD_GENERATE_TOKEN)
|
||||||
.arg_param(&["userid", "tokenname"])
|
.arg_param(&["userid", "token-name"])
|
||||||
.completion_cb("userid", pbs_config::user::complete_userid)
|
.completion_cb("userid", pbs_config::user::complete_userid)
|
||||||
)
|
)
|
||||||
.insert(
|
.insert(
|
||||||
"delete-token",
|
"delete-token",
|
||||||
CliCommand::new(&api2::access::user::API_METHOD_DELETE_TOKEN)
|
CliCommand::new(&api2::access::user::API_METHOD_DELETE_TOKEN)
|
||||||
.arg_param(&["userid", "tokenname"])
|
.arg_param(&["userid", "token-name"])
|
||||||
.completion_cb("userid", pbs_config::user::complete_userid)
|
.completion_cb("userid", pbs_config::user::complete_userid)
|
||||||
.completion_cb("tokenname", pbs_config::user::complete_token_name)
|
.completion_cb("token-name", pbs_config::user::complete_token_name)
|
||||||
)
|
)
|
||||||
.insert(
|
.insert(
|
||||||
"permissions",
|
"permissions",
|
||||||
|
Loading…
Reference in New Issue
Block a user