]>
Commit | Line | Data |
---|---|---|
2c3a6c0a DM |
1 | package PVE::API2::Group; |
2 | ||
3 | use strict; | |
4 | use warnings; | |
5 | use PVE::Cluster qw (cfs_read_file cfs_write_file); | |
6 | use PVE::AccessControl; | |
7 | ||
8 | use PVE::SafeSyslog; | |
9 | ||
10 | use Data::Dumper; # fixme: remove | |
11 | ||
12 | use PVE::RESTHandler; | |
13 | ||
14 | use base qw(PVE::RESTHandler); | |
15 | ||
16 | my $extract_group_data = sub { | |
17 | my ($data, $full) = @_; | |
18 | ||
19 | my $res = {}; | |
20 | ||
21 | $res->{comment} = $data->{comment} if defined($data->{comment}); | |
22 | ||
23 | return $res if !$full; | |
24 | ||
25 | $res->{users} = $data->{users} ? [ keys %{$data->{users}} ] : []; | |
26 | ||
27 | return $res; | |
28 | }; | |
29 | ||
30 | # fixme: index should return more/all attributes? | |
31 | __PACKAGE__->register_method ({ | |
32 | name => 'index', | |
33 | path => '', | |
34 | method => 'GET', | |
35 | description => "Group index.", | |
36 | parameters => { | |
37 | additionalProperties => 0, | |
38 | properties => {}, | |
39 | }, | |
40 | returns => { | |
41 | type => 'array', | |
42 | items => { | |
43 | type => "object", | |
44 | properties => { | |
45 | groupid => { type => 'string' }, | |
46 | }, | |
47 | }, | |
48 | links => [ { rel => 'child', href => "{groupid}" } ], | |
49 | }, | |
50 | code => sub { | |
51 | my ($param) = @_; | |
52 | ||
53 | my $res = []; | |
54 | ||
55 | my $usercfg = cfs_read_file("user.cfg"); | |
56 | ||
57 | foreach my $group (keys %{$usercfg->{groups}}) { | |
58 | my $entry = &$extract_group_data($usercfg->{groups}->{$group}); | |
59 | $entry->{groupid} = $group; | |
60 | push @$res, $entry; | |
61 | } | |
62 | ||
63 | return $res; | |
64 | }}); | |
65 | ||
66 | __PACKAGE__->register_method ({ | |
67 | name => 'create_group', | |
68 | protected => 1, | |
69 | path => '', | |
70 | method => 'POST', | |
71 | description => "Create new group.", | |
72 | parameters => { | |
73 | additionalProperties => 0, | |
74 | properties => { | |
75 | groupid => { type => 'string', format => 'pve-groupid' }, | |
76 | comment => { type => 'string', optional => 1 }, | |
77 | }, | |
78 | }, | |
79 | returns => { type => 'null' }, | |
80 | code => sub { | |
81 | my ($param) = @_; | |
82 | ||
83 | PVE::AccessControl::lock_user_config( | |
84 | sub { | |
85 | ||
86 | my $usercfg = cfs_read_file("user.cfg"); | |
87 | ||
88 | my $group = $param->{groupid}; | |
89 | ||
90 | die "group '$group' already exists\n" | |
91 | if $usercfg->{groups}->{$group}; | |
92 | ||
93 | $usercfg->{groups}->{$group} = { users => {} }; | |
94 | ||
95 | $usercfg->{groups}->{$group}->{comment} = $param->{comment} if $param->{comment}; | |
96 | ||
97 | ||
98 | cfs_write_file("user.cfg", $usercfg); | |
99 | }, "create group failed"); | |
100 | ||
101 | return undef; | |
102 | }}); | |
103 | ||
104 | __PACKAGE__->register_method ({ | |
105 | name => 'update_group', | |
106 | protected => 1, | |
107 | path => '{groupid}', | |
108 | method => 'PUT', | |
109 | description => "Update group data.", | |
110 | parameters => { | |
111 | additionalProperties => 0, | |
112 | properties => { | |
113 | # fixme: set/delete members | |
114 | groupid => { type => 'string', format => 'pve-groupid' }, | |
115 | comment => { type => 'string', optional => 1 }, | |
116 | }, | |
117 | }, | |
118 | returns => { type => 'null' }, | |
119 | code => sub { | |
120 | my ($param) = @_; | |
121 | ||
122 | PVE::AccessControl::lock_user_config( | |
123 | sub { | |
124 | ||
125 | my $usercfg = cfs_read_file("user.cfg"); | |
126 | ||
127 | my $group = $param->{groupid}; | |
128 | ||
129 | my $data = $usercfg->{groups}->{$group}; | |
130 | ||
131 | die "group '$group' does not exist\n" | |
132 | if !$data; | |
133 | ||
134 | $data->{comment} = $param->{comment} if $param->{comment}; | |
135 | ||
136 | cfs_write_file("user.cfg", $usercfg); | |
137 | }, "create group failed"); | |
138 | ||
139 | return undef; | |
140 | }}); | |
141 | ||
142 | # fixme: return format! | |
143 | __PACKAGE__->register_method ({ | |
144 | name => 'read_group', | |
145 | path => '{groupid}', | |
146 | method => 'GET', | |
147 | description => "Get group configuration.", | |
148 | parameters => { | |
149 | additionalProperties => 0, | |
150 | properties => { | |
151 | groupid => { type => 'string', format => 'pve-groupid' }, | |
152 | }, | |
153 | }, | |
154 | returns => {}, | |
155 | code => sub { | |
156 | my ($param) = @_; | |
157 | ||
158 | my $group = $param->{groupid}; | |
159 | ||
160 | my $usercfg = cfs_read_file("user.cfg"); | |
161 | ||
162 | my $data = $usercfg->{groups}->{$group}; | |
163 | ||
164 | die "group '$group' does not exist\n" if !$data; | |
165 | ||
166 | return &$extract_group_data($data, 1); | |
167 | }}); | |
168 | ||
169 | ||
170 | __PACKAGE__->register_method ({ | |
171 | name => 'delete_group', | |
172 | protected => 1, | |
173 | path => '{groupid}', | |
174 | method => 'DELETE', | |
175 | description => "Delete group.", | |
176 | parameters => { | |
177 | additionalProperties => 0, | |
178 | properties => { | |
179 | groupid => { type => 'string' , format => 'pve-groupid' }, | |
180 | } | |
181 | }, | |
182 | returns => { type => 'null' }, | |
183 | code => sub { | |
184 | my ($param) = @_; | |
185 | ||
186 | PVE::AccessControl::lock_user_config( | |
187 | sub { | |
188 | ||
189 | my $usercfg = cfs_read_file("user.cfg"); | |
190 | ||
191 | my $group = $param->{groupid}; | |
192 | ||
193 | die "group '$group' does not exist\n" | |
194 | if !$usercfg->{groups}->{$group}; | |
195 | ||
196 | delete ($usercfg->{groups}->{$group}); | |
197 | ||
198 | PVE::AccessControl::delete_group_acl($group, $usercfg); | |
199 | ||
200 | cfs_write_file("user.cfg", $usercfg); | |
201 | }, "delete group failed"); | |
202 | ||
203 | return undef; | |
204 | }}); | |
205 | ||
206 | 1; |