3 use serde
::{Deserialize, Serialize}
;
4 use serde
::de
::{value, IntoDeserializer}
;
7 use proxmox
::api
::schema
::{
8 ApiStringFormat
, BooleanSchema
, EnumEntry
, Schema
, StringSchema
,
10 use proxmox
::{constnamedbitmap, const_regex}
;
13 pub ACL_PATH_REGEX
= concat
!(r
"^(?:/|", r
"(?:/", PROXMOX_SAFE_ID_REGEX_STR
!(), ")+", r
")$");
16 // define Privilege bitfield
19 /// Contains a list of privilege name to privilege value mappings.
21 /// The names are used when displaying/persisting privileges anywhere, the values are used to
22 /// allow easy matching of privileges as bitflags.
24 /// Sys.Audit allows knowing about the system and its status
25 PRIV_SYS_AUDIT("Sys.Audit");
26 /// Sys.Modify allows modifying system-level configuration
27 PRIV_SYS_MODIFY("Sys.Modify");
28 /// Sys.Modify allows to poweroff/reboot/.. the system
29 PRIV_SYS_POWER_MANAGEMENT("Sys.PowerManagement");
31 /// Datastore.Audit allows knowing about a datastore,
32 /// including reading the configuration entry and listing its contents
33 PRIV_DATASTORE_AUDIT("Datastore.Audit");
34 /// Datastore.Allocate allows creating or deleting datastores
35 PRIV_DATASTORE_ALLOCATE("Datastore.Allocate");
36 /// Datastore.Modify allows modifying a datastore and its contents
37 PRIV_DATASTORE_MODIFY("Datastore.Modify");
38 /// Datastore.Read allows reading arbitrary backup contents
39 PRIV_DATASTORE_READ("Datastore.Read");
40 /// Allows verifying a datastore
41 PRIV_DATASTORE_VERIFY("Datastore.Verify");
43 /// Datastore.Backup allows Datastore.Read|Verify and creating new snapshots,
44 /// but also requires backup ownership
45 PRIV_DATASTORE_BACKUP("Datastore.Backup");
46 /// Datastore.Prune allows deleting snapshots,
47 /// but also requires backup ownership
48 PRIV_DATASTORE_PRUNE("Datastore.Prune");
50 /// Permissions.Modify allows modifying ACLs
51 PRIV_PERMISSIONS_MODIFY("Permissions.Modify");
53 /// Remote.Audit allows reading remote.cfg and sync.cfg entries
54 PRIV_REMOTE_AUDIT("Remote.Audit");
55 /// Remote.Modify allows modifying remote.cfg
56 PRIV_REMOTE_MODIFY("Remote.Modify");
57 /// Remote.Read allows reading data from a configured `Remote`
58 PRIV_REMOTE_READ("Remote.Read");
60 /// Sys.Console allows access to the system's console
61 PRIV_SYS_CONSOLE("Sys.Console");
63 /// Tape.Audit allows reading tape backup configuration and status
64 PRIV_TAPE_AUDIT("Tape.Audit");
65 /// Tape.Modify allows modifying tape backup configuration
66 PRIV_TAPE_MODIFY("Tape.Modify");
67 /// Tape.Write allows writing tape media
68 PRIV_TAPE_WRITE("Tape.Write");
69 /// Tape.Read allows reading tape backup configuration and media contents
70 PRIV_TAPE_READ("Tape.Read");
72 /// Realm.Allocate allows viewing, creating, modifying and deleting realms
73 PRIV_REALM_ALLOCATE("Realm.Allocate");
77 /// Admin always has all privileges. It can do everything except a few actions
78 /// which are limited to the 'root@pam` superuser
79 pub const ROLE_ADMIN
: u64 = std
::u64::MAX
;
81 /// NoAccess can be used to remove privileges from specific (sub-)paths
82 pub const ROLE_NO_ACCESS
: u64 = 0;
85 #[allow(clippy::identity_op)]
86 /// Audit can view configuration and status information, but not modify it.
87 pub const ROLE_AUDIT
: u64 = 0
89 | PRIV_DATASTORE_AUDIT
;
92 #[allow(clippy::identity_op)]
93 /// Datastore.Admin can do anything on the datastore.
94 pub const ROLE_DATASTORE_ADMIN
: u64 = 0
95 | PRIV_DATASTORE_AUDIT
96 | PRIV_DATASTORE_MODIFY
98 | PRIV_DATASTORE_VERIFY
99 | PRIV_DATASTORE_BACKUP
100 | PRIV_DATASTORE_PRUNE
;
103 #[allow(clippy::identity_op)]
104 /// Datastore.Reader can read/verify datastore content and do restore
105 pub const ROLE_DATASTORE_READER
: u64 = 0
106 | PRIV_DATASTORE_AUDIT
107 | PRIV_DATASTORE_VERIFY
108 | PRIV_DATASTORE_READ
;
111 #[allow(clippy::identity_op)]
112 /// Datastore.Backup can do backup and restore, but no prune.
113 pub const ROLE_DATASTORE_BACKUP
: u64 = 0
114 | PRIV_DATASTORE_BACKUP
;
117 #[allow(clippy::identity_op)]
118 /// Datastore.PowerUser can do backup, restore, and prune.
119 pub const ROLE_DATASTORE_POWERUSER
: u64 = 0
120 | PRIV_DATASTORE_PRUNE
121 | PRIV_DATASTORE_BACKUP
;
124 #[allow(clippy::identity_op)]
125 /// Datastore.Audit can audit the datastore.
126 pub const ROLE_DATASTORE_AUDIT
: u64 = 0
127 | PRIV_DATASTORE_AUDIT
;
130 #[allow(clippy::identity_op)]
131 /// Remote.Audit can audit the remote
132 pub const ROLE_REMOTE_AUDIT
: u64 = 0
136 #[allow(clippy::identity_op)]
137 /// Remote.Admin can do anything on the remote.
138 pub const ROLE_REMOTE_ADMIN
: u64 = 0
144 #[allow(clippy::identity_op)]
145 /// Remote.SyncOperator can do read and prune on the remote.
146 pub const ROLE_REMOTE_SYNC_OPERATOR
: u64 = 0
151 #[allow(clippy::identity_op)]
152 /// Tape.Audit can audit the tape backup configuration and media content
153 pub const ROLE_TAPE_AUDIT
: u64 = 0
157 #[allow(clippy::identity_op)]
158 /// Tape.Admin can do anything on the tape backup
159 pub const ROLE_TAPE_ADMIN
: u64 = 0
166 #[allow(clippy::identity_op)]
167 /// Tape.Operator can do tape backup and restore (but no configuration changes)
168 pub const ROLE_TAPE_OPERATOR
: u64 = 0
174 #[allow(clippy::identity_op)]
175 /// Tape.Reader can do read and inspect tape content
176 pub const ROLE_TAPE_READER
: u64 = 0
180 /// NoAccess can be used to remove privileges from specific (sub-)paths
181 pub const ROLE_NAME_NO_ACCESS
: &str = "NoAccess";
187 #[derive(Serialize, Deserialize)]
188 /// Enum representing roles via their [PRIVILEGES] combination.
190 /// Since privileges are implemented as bitflags, each unique combination of privileges maps to a
191 /// single, unique `u64` value that is used in this enum definition.
198 NoAccess
= ROLE_NO_ACCESS
,
199 /// Datastore Administrator
200 DatastoreAdmin
= ROLE_DATASTORE_ADMIN
,
201 /// Datastore Reader (inspect datastore content and do restores)
202 DatastoreReader
= ROLE_DATASTORE_READER
,
203 /// Datastore Backup (backup and restore owned backups)
204 DatastoreBackup
= ROLE_DATASTORE_BACKUP
,
205 /// Datastore PowerUser (backup, restore and prune owned backup)
206 DatastorePowerUser
= ROLE_DATASTORE_POWERUSER
,
207 /// Datastore Auditor
208 DatastoreAudit
= ROLE_DATASTORE_AUDIT
,
210 RemoteAudit
= ROLE_REMOTE_AUDIT
,
211 /// Remote Administrator
212 RemoteAdmin
= ROLE_REMOTE_ADMIN
,
213 /// Syncronisation Opertator
214 RemoteSyncOperator
= ROLE_REMOTE_SYNC_OPERATOR
,
216 TapeAudit
= ROLE_TAPE_AUDIT
,
217 /// Tape Administrator
218 TapeAdmin
= ROLE_TAPE_ADMIN
,
220 TapeOperator
= ROLE_TAPE_OPERATOR
,
222 TapeReader
= ROLE_TAPE_READER
,
226 impl FromStr
for Role
{
227 type Err
= value
::Error
;
229 fn from_str(s
: &str) -> Result
<Self, Self::Err
> {
230 Self::deserialize(s
.into_deserializer())
234 pub const ACL_PATH_FORMAT
: ApiStringFormat
=
235 ApiStringFormat
::Pattern(&ACL_PATH_REGEX
);
237 pub const ACL_PATH_SCHEMA
: Schema
= StringSchema
::new(
238 "Access control path.")
239 .format(&ACL_PATH_FORMAT
)
244 pub const ACL_PROPAGATE_SCHEMA
: Schema
= BooleanSchema
::new(
245 "Allow to propagate (inherit) permissions.")
249 pub const ACL_UGID_TYPE_SCHEMA
: Schema
= StringSchema
::new(
250 "Type of 'ugid' property.")
251 .format(&ApiStringFormat
::Enum(&[
252 EnumEntry
::new("user", "User"),
253 EnumEntry
::new("group", "Group")]))
259 schema
: ACL_PROPAGATE_SCHEMA
,
262 schema
: ACL_PATH_SCHEMA
,
265 schema
: ACL_UGID_TYPE_SCHEMA
,
269 description
: "User or Group ID.",
276 #[derive(Serialize, Deserialize)]
278 pub struct AclListItem
{
281 pub ugid_type
: String
,