cf90a369e2
cleanup: rename token_user into auth_id_filter
2021-03-05 08:36:18 +01:00
367c0ff7c6
clippy: allow api functions with many arguments
...
some of those can be reduced/cleaned up when we have updater support in
the api macro.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com >
2021-01-26 09:54:52 +01:00
bf78f70885
improve code docs in api2
...
Note: API methos should be declared pub, so that they show up in the generated docu.
2021-01-22 15:57:42 +01:00
3984a5fd77
clippy: is_some/none/ok/err/empty
...
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com >
2021-01-20 16:23:54 +01:00
8b600f9965
api: replace auth_id with auth-id
...
in parameters, and fix up the completion for the ACL update parameter.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com >
2020-10-30 16:46:19 +01:00
b2da7fbd1c
acls: allow viewing/editing user's token ACLs
...
even for otherwise unprivileged users.
since effective privileges of an API token are always intersected with
those of their owning user, this does not allow an unprivileged user to
elevate their privileges in practice, but avoids the need to involve a
privileged user to deploy API tokens.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com >
2020-10-29 15:14:27 +01:00
e6dc35acb8
replace Userid with Authid
...
in most generic places. this is accompanied by a change in
RpcEnvironment to purposefully break existing call sites.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com >
2020-10-29 15:11:39 +01:00
b56c111e93
depend on proxmox 0.4.2
2020-09-28 10:50:44 +02:00
e7cb4dc50d
introduce Username, Realm and Userid api types
...
and begin splitting up types.rs as it has grown quite large
already
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com >
2020-08-10 12:05:01 +02:00
98c259b4c1
remove timer and lock functions, fix building with proxmox 0.3.2
...
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com >
2020-08-04 11:33:02 +02:00
2882c881e9
api2/access/acl: add path and exact parameter to list_acl
...
so that we can get only a subset of the acls, filtered by the backed
also return the digest here
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com >
2020-05-20 13:44:36 +02:00
12e3895399
api2/access/acl: make update_acl a protected api call
...
since we want to set the owner of the acl config to 'root'
which is only possible when using a protected api call
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com >
2020-05-20 13:22:41 +02:00
11b6391c83
add 'exact' parameter to extract_acl_node_data
...
so that we can return acls for a single path
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com >
2020-05-20 13:22:10 +02:00
74c08a5782
use reasonable acl paths
2020-04-30 09:30:00 +02:00
bc0d03885c
use proxmox 0.1.25, use new EnumEntry feature
2020-04-29 13:01:24 +02:00
f7d4e4b506
switch from failure to anyhow
...
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com >
2020-04-17 18:43:30 +02:00
5972def5ec
acl: change path "storage" to "datastore"
2020-04-17 14:15:44 +02:00
ca257c8097
move type defs from src/api2/access/acl.rs to src/api2/types.rs
2020-04-17 14:13:15 +02:00
d28ddb8e04
src/api2/access/acl.rs: add access permissions
2020-04-17 10:03:09 +02:00
109d7817cd
src/config/user.rs - cached_config: do not store/return digest
2020-04-15 11:35:57 +02:00
9c06f6c292
fix previous commit - use result.
2020-04-14 17:48:10 +02:00
9f4e47dd93
acl update: check path
2020-04-14 17:23:48 +02:00
d83175dd69
acl update: check if user exist.
2020-04-14 13:46:27 +02:00
9765092ede
acl api: implement update
2020-04-14 10:16:49 +02:00
ed3e60ae69
start ACL api
2020-04-13 11:09:44 +02:00
