e4e280183e
privs: add some more comments explaining privileges
...
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com >
2020-10-30 16:42:30 +01:00
2fc45a97a9
privs: remove PRIV_REMOVE_PRUNE
...
it's not used anywhere, and not needed either until the day we might
implement push syncs.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com >
2020-10-30 16:42:26 +01:00
b7ce2e575f
verify jobs: add permissions
...
equivalent to verifying a whole datastore, except for reading job
(entries), which is accessible to regular Datastore.Audit/Backup users
as well.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com >
2020-10-30 16:36:52 +01:00
09f6a24078
verify: introduce & use new Datastore.Verify privilege
...
for verifying a whole datastore. Datastore.Backup now allows verifying
only backups owned by the triggering user.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com >
2020-10-30 16:36:52 +01:00
b728a69e7d
privs: use Datastore.Modify|Backup to set backup notes
...
Datastore.Backup is limited to owned groups, as usual.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com >
2020-10-30 16:36:52 +01:00
1401f4be5f
privs: allow reading notes with Datastore.Audit
...
they are returned when reading the manifest, which just requires
Datastore.Audit as well. Datastore.Read is for reading backup contents,
not metadata.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com >
2020-10-30 16:36:52 +01:00
fdb4416bae
ui: permission path selector: cbind typeAhead to editable
...
ExtJS throws an exception if 'typeAhead' is true but 'editable' is
false.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com >
2020-10-30 16:31:53 +01:00
abe1edfc95
update d/control
...
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com >
2020-10-30 16:11:50 +01:00
e4a864bd21
impl From<Authid> for Userid
...
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com >
2020-10-30 15:19:07 +01:00
7a7368ee08
bump proxmox dependency to 0.7.0 for totp udpates
...
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com >
2020-10-30 15:19:07 +01:00
e707fd2b3b
ui: Utils: add product specific task descriptions
...
and sort them alphabetically
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com >
2020-10-30 14:05:17 +01:00
625a56b75e
server/rest: accept also = as token separator
...
Like we do in Proxmox VE
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com >
2020-10-30 13:34:26 +01:00
6d8a1ac9e4
server/rest: user constants for HTTP headers
...
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com >
2020-10-30 13:33:36 +01:00
362739054e
api tokens: add authorization method
...
and properly decode secret (which is a no-op with the current scheme).
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com >
2020-10-30 13:15:14 +01:00
2762481cc8
proxmox-backup-manager: add subscription commands
...
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com >
2020-10-30 13:03:58 +01:00
652506e6b8
api: define subscription module and methods as public
...
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com >
2020-10-30 13:03:58 +01:00
926d253126
api: define subscription key schema and use it
...
nicer to have the correct regex checked in parameter verification
already
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com >
2020-10-30 12:57:14 +01:00
1cd951c93e
proxy: fix warnings
...
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com >
2020-10-30 12:49:43 +01:00
3b707fbb8f
proxy: split out code to run garbage collection job
2020-10-30 11:01:45 +01:00
b15751bf55
check_schedule cleanup: use &str instead of String
...
This way we can avoid many clone() calls.
2020-10-30 09:49:50 +01:00
82c05b41fa
proxy: extract commonly used logic for scheduling into new function
...
Signed-off-by: Hannes Laimer <h.laimer@proxmox.com >
2020-10-30 09:49:50 +01:00
b8d9079835
proxy: move prune logic into new file
...
Signed-off-by: Hannes Laimer <h.laimer@proxmox.com >
2020-10-30 09:49:50 +01:00
f8a682a873
ui: user menu: allow changing language while logged in
...
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com >
2020-10-30 09:46:04 +01:00
b03a19b6e8
bump version to 0.9.4-2
...
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com >
2020-10-29 20:25:37 +01:00
603a6bd183
d/postinst: followup: grep and sed use different regex escaping ..
...
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com >
2020-10-29 20:25:37 +01:00
83b039af35
d/postinst: make more resilient
...
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com >
2020-10-29 19:58:41 +01:00
c9299e76fc
bump version to 0.9.3-2
...
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com >
2020-10-29 17:20:04 +01:00
2f1a46f748
ui: move user, token and permissions into an access control tab panel
...
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com >
2020-10-29 16:47:18 +01:00
2b38dfb456
d/control: update
...
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com >
2020-10-29 16:18:40 +01:00
f487a622ce
ui: datastore summary: handle missing snapshot of a types
...
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com >
2020-10-29 15:52:53 +01:00
906ef6c5bd
api2/access/user: fix return type schema
...
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com >
2020-10-29 15:20:10 +01:00
ea1853a17b
api2/access/user: drop Option, treat empty Vec as None
...
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com >
2020-10-29 15:17:54 +01:00
221177ba41
fixup hardcoded paths
...
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com >
2020-10-29 15:15:17 +01:00
184a37635b
gui: add API token ACLs
...
and the needed API token selector.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com >
2020-10-29 15:14:27 +01:00
b2da7fbd1c
acls: allow viewing/editing user's token ACLs
...
even for otherwise unprivileged users.
since effective privileges of an API token are always intersected with
those of their owning user, this does not allow an unprivileged user to
elevate their privileges in practice, but avoids the need to involve a
privileged user to deploy API tokens.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com >
2020-10-29 15:14:27 +01:00
7fe76d3491
gui: add API token UI
...
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com >
2020-10-29 15:14:27 +01:00
e6b5bf69a3
gui: add permissions button to user view
...
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com >
2020-10-29 15:14:27 +01:00
4615325f9e
manager: add user permissions command
...
useful for debugging complex ACL setups.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com >
2020-10-29 15:14:27 +01:00
2156dec5a9
manager: add token commands
...
to generate, list and delete tokens. adding them to ACLs already works
out of the box.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com >
2020-10-29 15:14:27 +01:00
16245d540c
tasks: allow unpriv users to read their tokens' tasks
...
and tighten down the return schema while we're at it.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com >
2020-10-29 15:14:27 +01:00
bff8557298
owner checks: handle backups owned by API tokens
...
a user should be allowed to read/list/overwrite backups owned by their
own tokens, but a token should not be able to read/list/overwrite
backups owned by their owning user.
when changing ownership of a backup group, a user should be able to
transfer ownership to/from their own tokens if the backup is owned by
them (or one of their tokens).
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com >
2020-10-29 15:14:27 +01:00
34aa8e13b6
client/remote: allow using ApiToken + secret
...
in place of user + password.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com >
2020-10-29 15:14:27 +01:00
babab85b56
api: add permissions endpoint
...
and adapt privilege calculation to return propagate flag
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com >
2020-10-29 15:14:27 +01:00
6746bbb1a2
api: allow listing users + tokens
...
since it's not possible to extend existing structs, UserWithTokens
duplicates most of user::User.. to avoid duplicating user::ApiToken as
well, this returns full API token IDs, not just the token name part.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com >
2020-10-29 15:14:27 +01:00
942078c40b
api: add API token endpoints
...
beneath the user endpoint.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com >
2020-10-29 15:14:27 +01:00
c30816c1f8
REST: extract and handle API tokens
...
and refactor handling of headers in the REST server while we're at it.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com >
2020-10-29 15:14:27 +01:00
e6dc35acb8
replace Userid with Authid
...
in most generic places. this is accompanied by a change in
RpcEnvironment to purposefully break existing call sites.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com >
2020-10-29 15:11:39 +01:00
e10c5c74f6
bump proxmox dependency to 0.6.0 for api tokens and tfa
...
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com >
2020-10-29 15:11:39 +01:00
f8adf8f83f
config: add token.shadow file
...
containing pairs of token ids and hashed secret values.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com >
2020-10-29 15:11:39 +01:00
e0538349e2
api: add Authid as wrapper around Userid
...
with an optional Tokenname, appended with '!' as delimiter in the string
representation like for PVE.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com >
2020-10-29 15:11:39 +01:00
