]>
git.proxmox.com Git - pmg-api.git/blob - PMG/RESTEnvironment.pm
1 package PMG
::RESTEnvironment
;
7 use PVE
::RESTEnvironment
;
10 use PMG
::ClusterConfig
;
11 use PMG
::AccessControl
;
13 use base
qw(PVE::RESTEnvironment);
15 my $nodename = PVE
::INotify
::nodename
();
17 # initialize environment - must be called once at program startup
19 my ($class, $type, %params) = @_;
21 $class = ref($class) || $class;
23 my $self = $class->SUPER::init
($type, %params);
26 $self->{usercfg
} = {};
27 $self->{ticket
} = undef;
32 # init_request - must be called before each RPC request
34 my ($self, %params) = @_;
36 $self->SUPER::init_request
(%params);
38 $self->{ticket
} = undef;
39 $self->{role} = undef;
40 $self->{cinfo
} = PVE
::INotify
::read_file
("cluster.conf");
41 $self->{usercfg
} = PVE
::INotify
::read_file
("pmg-user.conf");
44 sub setup_default_cli_env
{
45 my ($class, $username) = @_;
47 $class->SUPER::setup_default_cli_env
($username);
49 my $rest_env = $class->get();
50 $rest_env->set_role('root');
54 my ($self, $ticket) = @_;
56 $self->{ticket
} = $ticket;
62 return $self->{ticket
};
66 my ($self, $user) = @_;
68 $self->{role} = $user;
77 sub check_node_is_master
{
80 my $master = PMG
::Cluster
::get_master_node
($self->{cinfo
});
82 return 1 if $master eq 'localhost' || $master eq $nodename;
84 return undef if $noerr;
86 die "this node ('$nodename') is not the master node\n";
89 sub check_api2_permissions
{
90 my ($self, $perm, $uri_param) = @_;
92 my $username = $self->get_user(1);
94 return 1 if !$username && $perm->{user
} && $perm->{user
} eq 'world';
96 raise_perm_exc
("user == null") if !$username;
98 return 1 if $username eq 'root@pam';
100 raise_perm_exc
('user != root@pam') if !$perm;
102 return 1 if $perm->{user
} && $perm->{user
} eq 'all';
104 my $role = $self->{role};
106 if (my $allowed_roles = $perm->{check
}) {
107 return 1 if grep { $_ eq $role } @$allowed_roles;