]>
Commit | Line | Data |
---|---|---|
bf78f708 DM |
1 | //! Manage Roles with privileges |
2 | ||
f7d4e4b5 | 3 | use anyhow::Error; |
3fff55b2 DM |
4 | |
5 | use serde_json::{json, Value}; | |
6 | ||
7 | use proxmox::api::{api, Permission}; | |
8 | use proxmox::api::router::Router; | |
9 | ||
8cc3760e DM |
10 | use pbs_api_types::{Role, SINGLE_LINE_COMMENT_SCHEMA, PRIVILEGES}; |
11 | use pbs_config::acl::ROLE_NAMES; | |
3fff55b2 DM |
12 | |
13 | #[api( | |
14 | returns: { | |
15 | description: "List of roles.", | |
16 | type: Array, | |
17 | items: { | |
18 | type: Object, | |
3c053adb | 19 | description: "Role with description and privileges.", |
3fff55b2 | 20 | properties: { |
b0567257 | 21 | roleid: { |
bc0d0388 | 22 | type: Role, |
3fff55b2 | 23 | }, |
5160c0e9 DC |
24 | privs: { |
25 | type: Array, | |
26 | description: "List of Privileges", | |
27 | items: { | |
28 | type: String, | |
29 | description: "A Privilege", | |
30 | }, | |
31 | }, | |
3fff55b2 DM |
32 | comment: { |
33 | schema: SINGLE_LINE_COMMENT_SCHEMA, | |
34 | optional: true, | |
35 | }, | |
36 | }, | |
37 | } | |
38 | }, | |
39 | access: { | |
40 | permission: &Permission::Anybody, | |
41 | } | |
42 | )] | |
43 | /// Role list | |
44 | fn list_roles() -> Result<Value, Error> { | |
45 | let mut list = Vec::new(); | |
46 | ||
5160c0e9 DC |
47 | for (role, (privs, comment)) in ROLE_NAMES.iter() { |
48 | let mut priv_list = Vec::new(); | |
49 | for (name, privilege) in PRIVILEGES.iter() { | |
50 | if privs & privilege > 0 { | |
44288184 | 51 | priv_list.push(name); |
5160c0e9 DC |
52 | } |
53 | } | |
b0567257 | 54 | list.push(json!({ "roleid": role, "privs": priv_list, "comment": comment })); |
3fff55b2 DM |
55 | } |
56 | Ok(list.into()) | |
57 | } | |
58 | ||
59 | pub const ROUTER: Router = Router::new() | |
60 | .get(&API_METHOD_LIST_ROLES); |