use PVE::Tools;
use PVE::APIServer::AnyEvent;
use PVE::Exception qw(raise_param_exc);
-use PVE::RESTEnvironment;
+use PMG::RESTEnvironment;
use PMG::Ticket;
use PMG::Cluster;
my $class = ref($this) || $this;
my $self = $class->SUPER::new(%args);
-
- $self->{rpcenv} = PVE::RESTEnvironment->init(
+
+ $self->{rpcenv} = PMG::RESTEnvironment->init(
$self->{trusted_env} ? 'priv' : 'pub', atfork => sub { $self->atfork_handler() });
return $self;
# set environment variables
$rpcenv->set_user(undef);
+ $rpcenv->set_role(undef);
$rpcenv->set_language('C');
$rpcenv->set_client_ip($peer_host);
die "No ticket\n" if !$ticket;
- ($username, $age) = PMG::Ticket::verify_ticket($ticket);
+ if ($ticket =~ m/^PMGQUAR:/) {
+ ($username, $age) = PMG::Ticket::verify_quarantine_ticket($ticket);
+ $rpcenv->set_user($username);
+ $rpcenv->set_role('quser');
+ } else {
+ ($username, $age) = PMG::Ticket::verify_ticket($ticket);
+ my $role = PMG::AccessControl::check_user_enabled($self->{usercfg}, $username);
+ $rpcenv->set_user($username);
+ $rpcenv->set_role($role);
+ }
- $rpcenv->set_user($username);
+ $rpcenv->set_ticket($ticket);
my $euid = $>;
PMG::Ticket::verify_csrf_prevention_token($username, $token)
}
sub rest_handler {
- my ($self, $clientip, $method, $rel_uri, $auth, $params) = @_;
+ my ($self, $clientip, $method, $rel_uri, $auth, $params, $format) = @_;
my $rpcenv = $self->{rpcenv};
+ $rpcenv->set_format($format);
my $resp = {
status => HTTP_NOT_IMPLEMENTED,
}
# check access permissions
- $rpcenv->check_api2_permissions($info->{permissions}, $auth->{userid}, $uri_param);
+ $rpcenv->check_api2_permissions($info->{permissions}, $uri_param);
- if ($info->{proxyto}) {
- my $pn = $info->{proxyto};
+ if (my $pn = $info->{proxyto}) {
my $node;
if ($pn eq 'master') {
return;
}
+ if (my $pn = $info->{proxyto}) {
+ if ($pn eq 'master') {
+ $rpcenv->check_node_is_master();
+ }
+ }
+
+
+ my $result = $handler->handle($info, $uri_param);
+
$resp = {
- data => $handler->handle($info, $uri_param),
info => $info, # useful to format output
status => HTTP_OK,
};
+ if ($info->{download}) {
+ die "download methods should have return type 'string' - internal error"
+ if ($info->{returns}->{type} ne 'string');
+ $resp->{download} = $result;
+ } else {
+ $resp->{data} = $result;
+ }
+
if (my $count = $rpcenv->get_result_attrib('total')) {
$resp->{total} = $count;
}
my $err = $@;
$rpcenv->set_user(undef); # clear after request
+ $rpcenv->set_role(undef); # clear after request
+ $rpcenv->set_format(undef); # clear after request
if ($err) {
$resp = { info => $info };