Thomas Lamprecht
41c1a17999
router change made one level of rpcenv mut superfluous
...
Created via `cargo fix`. see commit
47acc8dc8f68ed2c5db69b1678b479e05b0a3194 from proxmox-rs
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2022-05-05 10:00:29 +02:00
Thomas Lamprecht
dc7a5b3491
api: rustfmt
...
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2022-04-14 13:33:01 +02:00
Dietmar Maurer
1c8efc0062
cleanup: move BasicRealmInfo to pbs-api-types
...
Signed-off-by: Dietmar Maurer <dietmar@proxmox.com>
2022-03-07 08:06:55 +01:00
Fabian Grünbichler
3afecb8409
tree-wide: use is_empty() and similar
...
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2021-12-30 15:02:07 +01:00
Fabian Grünbichler
aa174e8e8a
tree-wide: drop redundant clones
...
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2021-12-30 15:02:07 +01:00
Fabian Grünbichler
9a37bd6c84
tree-wide: fix needless borrows
...
found and fixed via clippy
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2021-12-30 13:55:33 +01:00
Wolfgang Bumiller
9fa3026a08
cleanup schema function calls
...
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2021-12-16 11:25:02 +01:00
Wolfgang Bumiller
e25982f24e
remove unused identity macro
...
this is not required anymore by the sortable macro
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2021-11-29 11:24:02 +01:00
Wolfgang Bumiller
e6e2927e72
update proxmox-tfa to 2.0
...
and fix still-very-bad updater usage in config api call...
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2021-11-29 11:19:50 +01:00
Dietmar Maurer
689ed51397
openid_login: improve error message for disabled users.
2021-11-25 07:29:33 +01:00
Dietmar Maurer
25877d05ac
update to proxmox-sys 0.2 crate
...
- imported pbs-api-types/src/common_regex.rs from old proxmox crate
- use hex crate to generate/parse hex digest
- remove all reference to proxmox crate (use proxmox-sys and
proxmox-serde instead)
Signed-off-by: Dietmar Maurer <dietmar@proxmox.com>
2021-11-24 10:32:27 +01:00
Dietmar Maurer
10beed1199
openid: allow to configure scopes, prompt, ACRs and arbitrary username-claim values
...
- no longer set prompt to 'login' (makes auto-login possible)
- new prompt configuration
- allow arbitrary username-claim values
Depend on proxmox-openid 0.9.0.
Signed-off-by: Dietmar Maurer <dietmar@proxmox.com>
2021-11-18 11:20:55 +01:00
Wolfgang Bumiller
9407810fe1
switch tfa api to use proxmox-tfa::api
...
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2021-11-17 09:33:04 +01:00
Dietmar Maurer
68fd9ca6d6
openid_login: vertify that firstname, lastname and email fits our schema definitions
...
If not, we do not copy the values to our user.cfg.
2021-11-10 06:48:40 +01:00
Wolfgang Bumiller
6ef1b649d9
update to first proxmox crate split
...
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2021-10-11 11:58:49 +02:00
Wolfgang Bumiller
01a080215d
drop pbs_tools::auth
...
`pbs_client::connect_to_localhost` now requires the key as
optional parameter
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2021-09-29 11:08:52 +02:00
Dominik Csapak
f54634a890
api: add missing token list match_all property
...
to have the proper link between the token list and the sub routes
in the api, include the 'tokenname' property in the token listing
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2021-09-21 15:10:30 +02:00
Dietmar Maurer
e678a50ea1
buildsys: drop double-build hack to avoid linkage issues
...
basically a (semantic) revert of commit
991be99c37
2021-09-21 08:46:41 +02:00
Dietmar Maurer
36b7085ec2
rest server: cleanup auth-log handling
...
Handle auth logs the same way as access log.
- Configure with ApiConfig
- CommandoSocket command to reload auth-logs "api-auth-log-reopen"
Inside API calls, we now access the ApiConfig using the RestEnvironment.
The openid_login api now also logs failed logins and return http_err!(UNAUTHORIZED, ..)
on failed logins.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2021-09-21 08:46:41 +02:00
Dietmar Maurer
ba3d7e19fb
move user configuration to pbs_config workspace
...
Also moved memcom.rs and cached_user_info.rs
2021-09-10 07:09:04 +02:00
Dietmar Maurer
b65dfff574
cleanup User configuration: use Updater
2021-09-09 13:14:28 +02:00
Dietmar Maurer
8cc3760e74
move acl to pbs_config workspaces, pbs_api_types cleanups
2021-09-09 10:50:08 +02:00
Dietmar Maurer
1cb08a0a05
move token_shadow to pbs_config workspace
...
Also moved out crypt.rs (libcrypt bindings) to pbs_tools workspace.
2021-09-08 14:00:14 +02:00
Dietmar Maurer
2121174827
start new pbs-config workspace
...
moved src/config/domains.rs
2021-09-02 12:58:20 +02:00
Dietmar Maurer
7526d86419
use new atomic_open_or_create_file
...
Factor out open_backup_lockfile() method to acquire locks owned by
user backup with permission 0660.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2021-07-20 18:54:23 +02:00
Wolfgang Bumiller
2b7f8dd5ea
move client to pbs-client subcrate
...
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2021-07-19 12:58:43 +02:00
Wolfgang Bumiller
4805edc4ec
move more tools for the client into subcrates
...
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2021-07-19 10:07:12 +02:00
Wolfgang Bumiller
9eb784076c
move more helpers to pbs-tools
...
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2021-07-19 10:07:12 +02:00
Dominik Csapak
2c0abe9234
Revert "api: access: domains: add ExtraRealmInfo and RealmInfo structs"
...
This reverts commit da7ec1d2af
2021-07-12 09:53:07 +02:00
Dominik Csapak
2649c89358
Revert "api: access: domains: add get/create/update/delete domain call"
...
This reverts commit 5117cf4f17
2021-07-12 09:53:07 +02:00
Dominik Csapak
5117cf4f17
api: access: domains: add get/create/update/delete domain call
...
modeled like our other section config api calls
two drawbacks of doing it this way:
* we have to copy some api properties again for the update call,
since not all of them are updateable (username-claim)
* we only handle openid for now, which we would have to change
when we add ldap/ad
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
2021-07-09 15:36:54 +02:00
Dominik Csapak
da7ec1d2af
api: access: domains: add ExtraRealmInfo and RealmInfo structs
...
these will be used as parameters/return types for the read/create/etc.
calls for realms
for now we copy the necessary attributes (only from openid) since
our api macros/tools are not good enought to generate the necessary
api definitions for section configs
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
2021-07-09 15:36:54 +02:00
Dominik Csapak
0c27d880b0
api: access: domains: add BasicRealmInfo struct and use it
...
to have better type safety and as preparation for adding more types
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
2021-07-09 15:36:54 +02:00
Dominik Csapak
923f94a4d7
api: access: openid: add PROXMOX_BACKUP_RUN_DIR_M
...
otherwise it does not compile with 'RUSTFLAGS="--cfg openid"'
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
2021-07-09 13:03:32 +02:00
Wolfgang Bumiller
85beb7d875
tree-wide: switch to using mod.rs
...
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2021-07-06 12:04:52 +02:00
Fabian Grünbichler
26a3450f19
openid: move helper from config to api2
...
it's not really needed in the config module, and this makes it easier to
disable the proxmox-openid dependency linkage as a stop-gap measure.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2021-07-03 01:52:01 +02:00
Dietmar Maurer
fda19dcc6f
fix CachedUserInfo by using a shared memory version counter
2021-06-30 08:54:30 +02:00
Dietmar Maurer
3b7b1dfb8e
api: add openid redirect/login API
2021-06-30 08:54:30 +02:00
Dietmar Maurer
bbff6c4968
config: new domains.cfg to configure openid realm
...
Or other realmy types...
2021-06-30 08:54:30 +02:00
Dietmar Maurer
2165f0d450
api: define and use REALM_ID_SCHEMA
2021-06-10 11:10:00 +02:00
Dominik Csapak
a4e871f52c
api2/access/user: remove password for @pbs users on removal
...
so that their password entry is not left in the shadow.json
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
2021-04-15 08:33:20 +02:00
Thomas Lamprecht
d1d74c4367
typo fixes all over the place
...
found and semi-manually replaced by using:
codespell -L mut -L crate -i 3 -w
Mostly in comments, but also email notification and two occurrences
of misspelled 'reserved' struct member, which where not used and
cargo build did not complain about the change, soo ...
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2021-03-10 16:39:57 +01:00
Dietmar Maurer
cf90a369e2
cleanup: rename token_user into auth_id_filter
2021-03-05 08:36:18 +01:00
Dietmar Maurer
043018cfbe
doc: fix wrong api method description
2021-02-22 12:10:34 +01:00
Fabian Grünbichler
367c0ff7c6
clippy: allow api functions with many arguments
...
some of those can be reduced/cleaned up when we have updater support in
the api macro.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2021-01-26 09:54:52 +01:00
Dietmar Maurer
bf78f70885
improve code docs in api2
...
Note: API methos should be declared pub, so that they show up in the generated docu.
2021-01-22 15:57:42 +01:00
Fabian Grünbichler
3984a5fd77
clippy: is_some/none/ok/err/empty
...
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2021-01-20 16:23:54 +01:00
Fabian Grünbichler
22a9189ee0
clippy: remove unnecessary closures
...
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2021-01-20 16:22:59 +01:00
Fabian Grünbichler
4428818412
clippy: remove unnecessary clones
...
and from::<T>(T)
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2021-01-20 16:22:59 +01:00
Fabian Grünbichler
47ea98e0e3
clippy: collapse/rework nested ifs
...
no semantic changes (intended).
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2021-01-20 16:22:59 +01:00
