use PVE::Exception qw(raise raise_perm_exc);
use PVE::SafeSyslog;
-use PVE::RESTEnvironment;
+use PMG::RESTEnvironment;
use PVE::RESTHandler;
use PVE::JSONSchema qw(get_standard_option);
username => { type => 'string' },
ticket => { type => 'string', optional => 1},
CSRFPreventionToken => { type => 'string', optional => 1 },
+ role => { type => 'string', optional => 1},
}
},
code => sub {
my $username = $param->{username};
$username .= "\@$param->{realm}" if $param->{realm};
- my $rpcenv = PVE::RESTEnvironment::get();
+ my $rpcenv = PMG::RESTEnvironment->get();
my $res;
eval {
- PMG::AccessControl::check_user_enabled($username);
+ my $role = PMG::AccessControl::check_user_enabled($username);
$res = &$create_ticket($rpcenv, $username, $param->{password}, $param->{otp});
+ $res->{role} = $role;
};
if (my $err = $@) {
my $clientip = $rpcenv->get_client_ip() || '';
path => 'password',
method => 'PUT',
protected => 1, # else we can't access shadow files
+ permissions => {
+ description => "Each user is allowed to change his own password. Only root can change the password of another user.",
+ user => 'all',
+ },
description => "Change user password.",
parameters => {
additionalProperties => 0,
code => sub {
my ($param) = @_;
- my $rpcenv = PVE::RESTEnvironment::get();
+ my $rpcenv = PMG::RESTEnvironment->get();
my $authuser = $rpcenv->get_user();
my ($userid, $ruid, $realm) = PMG::Utils::verify_username($param->{userid});