tyler/proxmox-backup
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
4,197 Commits 2 Branches 54 Tags 14 MiB
bad6e32075
Commit Graph

24 Commits

Author SHA1 Message Date
Oguz Bektas
5aa1019010 access: limit editing pam credentials to superuser 
modifying @pam users credentials should be only possible for root@pam,
otherwise it can have unintended consequences.

also enforce the same limit on user creation (except self_service check,
since it makes no sense during user creation)

Signed-off-by: Oguz Bektas <o.bektas@proxmox.com>
 2021-01-15 08:49:22 +01:00
Wolfgang Bumiller
f22dfb5ece tfa: remove tfa user when a user is deleted 
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
 2021-01-11 10:23:10 +01:00
Fabian Grünbichler
08ac90f920 api: allow tokens to list users 
their owner, or all if they have the appropriate privileges.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
 2020-12-31 08:29:49 +01:00
Wolfgang Bumiller
9b93c62044 remove unused descriptions from api macros 
these are now a hard error in the api macro

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
 2020-12-09 10:55:18 +01:00
Dominik Csapak
c0026563b0 make user properties deletable 
by using our usual pattern for the update call

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
 2020-11-11 14:09:40 +01:00
Wolfgang Bumiller
b59c308219 Vec::new is Vec's default default 
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
 2020-11-06 14:55:34 +01:00
Fabian Grünbichler
0224c3c273 client: properly complete new-owner 
with remote Authids, not local Userids.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
 2020-11-06 14:54:08 +01:00
Wolfgang Bumiller
906ef6c5bd api2/access/user: fix return type schema 
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
 2020-10-29 15:20:10 +01:00
Wolfgang Bumiller
ea1853a17b api2/access/user: drop Option, treat empty Vec as None 
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
 2020-10-29 15:17:54 +01:00
Fabian Grünbichler
6746bbb1a2 api: allow listing users + tokens 
since it's not possible to extend existing structs, UserWithTokens
duplicates most of user::User.. to avoid duplicating user::ApiToken as
well, this returns full API token IDs, not just the token name part.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
 2020-10-29 15:14:27 +01:00
Fabian Grünbichler
942078c40b api: add API token endpoints 
beneath the user endpoint.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
 2020-10-29 15:14:27 +01:00
Fabian Grünbichler
e6dc35acb8 replace Userid with Authid 
in most generic places. this is accompanied by a change in
RpcEnvironment to purposefully break existing call sites.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
 2020-10-29 15:11:39 +01:00
Dietmar Maurer
b56c111e93 depend on proxmox 0.4.2 2020-09-28 10:50:44 +02:00
Fabian Grünbichler
be3bd0f90b fix #3015: allow user self-service 
listing, updating or deleting a user is now possible for the user
itself, in addition to higher-privileged users that have appropriate
privileges on '/access/users'.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
 2020-09-18 15:45:11 +02:00
Wolfgang Bumiller
e7cb4dc50d introduce Username, Realm and Userid api types 
and begin splitting up types.rs as it has grown quite large
already

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
 2020-08-10 12:05:01 +02:00
Wolfgang Bumiller
98c259b4c1 remove timer and lock functions, fix building with proxmox 0.3.2 
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
 2020-08-04 11:33:02 +02:00
Dietmar Maurer
0fafac2492 src/api2/access/user.rs: remove useless description 
The description is not used at all if we refer to a type.
 2020-05-20 11:27:58 +02:00
Dietmar Maurer
7d4e362993 depend on proxmox 0.1.32, src/api2/access/user.rs: simplify code 2020-05-19 12:58:46 +02:00
Dominik Csapak
522c0da0a0 use new 'id_property' for user::User and use it in api calls 
this allows us to return a user::User (or Vec<> of it)
instead of a generic serde value

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
 2020-05-19 09:33:56 +02:00
Dietmar Maurer
74c08a5782 use reasonable acl paths 2020-04-30 09:30:00 +02:00
Wolfgang Bumiller
f7d4e4b506 switch from failure to anyhow 
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
 2020-04-17 18:43:30 +02:00
Dietmar Maurer
4f66423fcc src/api2/access/user.rs: add access permissions 2020-04-17 11:04:36 +02:00
Dietmar Maurer
d4f020f4c5 src/api2/access/user.rs: add access permissions 2020-04-17 10:08:45 +02:00
Dietmar Maurer
685e13347e api: move config/user to access/users, implement change_password 
To make it similar to the pve api
 2020-04-09 10:21:24 +02:00