[proxmox-backup.git] / src / api2 / access / role.rs

//! Manage Roles with privileges

use anyhow::Error;

use serde_json::{json, Value};

use proxmox::api::{api, Permission};
use proxmox::api::router::Router;

use pbs_api_types::{Role, SINGLE_LINE_COMMENT_SCHEMA, PRIVILEGES};
use pbs_config::acl::ROLE_NAMES;

#[api(
    returns: {
        description: "List of roles.",
        type: Array,
        items: {
            type: Object,
            description: "Role with description and privileges.",
            properties: {
                roleid: {
                    type: Role,
                },
                privs: {
                    type: Array,
                    description: "List of Privileges",
                    items: {
                        type: String,
                        description: "A Privilege",
                    },
                },
                comment: {
                    schema: SINGLE_LINE_COMMENT_SCHEMA,
                    optional: true,
                },
            },
        }
    },
    access: {
        permission: &Permission::Anybody,
    }
)]
/// Role list
fn list_roles() -> Result<Value, Error> {
    let mut list = Vec::new();

    for (role, (privs, comment)) in ROLE_NAMES.iter() {
        let mut priv_list = Vec::new();
        for (name, privilege) in PRIVILEGES.iter() {
            if privs & privilege > 0 {
                priv_list.push(name);
            }
        }
        list.push(json!({ "roleid": role, "privs": priv_list, "comment": comment }));
    }
    Ok(list.into())
}

pub const ROUTER: Router = Router::new()
    .get(&API_METHOD_LIST_ROLES);
Commit	Line	Data
bf78f708 DM	1	//! Manage Roles with privileges
bf78f708 DM	2
f7d4e4b5	3	use anyhow::Error;
3fff55b2 DM	4
	5	use serde_json::{json, Value};
	6
	7	use proxmox::api::{api, Permission};
	8	use proxmox::api::router::Router;
	9
8cc3760e DM	10	use pbs_api_types::{Role, SINGLE_LINE_COMMENT_SCHEMA, PRIVILEGES};
8cc3760e DM	11	use pbs_config::acl::ROLE_NAMES;
3fff55b2 DM	12
	13	#[api(
	14	returns: {
	15	description: "List of roles.",
	16	type: Array,
	17	items: {
	18	type: Object,
3c053adb	19	description: "Role with description and privileges.",
3fff55b2	20	properties: {
b0567257	21	roleid: {
bc0d0388	22	type: Role,
3fff55b2	23	},
5160c0e9 DC	24	privs: {
	25	type: Array,
	26	description: "List of Privileges",
	27	items: {
	28	type: String,
	29	description: "A Privilege",
	30	},
	31	},
3fff55b2 DM	32	comment: {
	33	schema: SINGLE_LINE_COMMENT_SCHEMA,
	34	optional: true,
	35	},
	36	},
	37	}
	38	},
	39	access: {
	40	permission: &Permission::Anybody,
	41	}
	42	)]
	43	/// Role list
	44	fn list_roles() -> Result<Value, Error> {
	45	let mut list = Vec::new();
	46
5160c0e9 DC	47	for (role, (privs, comment)) in ROLE_NAMES.iter() {
	48	let mut priv_list = Vec::new();
	49	for (name, privilege) in PRIVILEGES.iter() {
	50	if privs & privilege > 0 {
44288184	51	priv_list.push(name);
5160c0e9 DC	52	}
5160c0e9 DC	53	}
b0567257	54	list.push(json!({ "roleid": role, "privs": priv_list, "comment": comment }));
3fff55b2 DM	55	}
	56	Ok(list.into())
	57	}
	58
	59	pub const ROUTER: Router = Router::new()
	60	.get(&API_METHOD_LIST_ROLES);