src/bin/proxmox_backup_manager/user.rs

   1 use anyhow::Error;
   2 use serde_json::Value;
   3
   4 use std::collections::HashMap;
   5
   6 use proxmox::api::{api, cli::*, RpcEnvironment, ApiHandler};
   7
   8 use proxmox_backup::config;
   9 use proxmox_backup::tools;
  10 use proxmox_backup::api2;
  11 use proxmox_backup::api2::types::{ACL_PATH_SCHEMA, Authid, Userid};
  12
  13 #[api(
  14     input: {
  15         properties: {
  16             "output-format": {
  17                 schema: OUTPUT_FORMAT,
  18                 optional: true,
  19             },
  20         }
  21     }
  22 )]
  23 /// List configured users.
  24 fn list_users(param: Value, rpcenv: &mut dyn RpcEnvironment) -> Result<Value, Error> {
  25
  26     let output_format = get_output_format(&param);
  27
  28     let info = &api2::access::user::API_METHOD_LIST_USERS;
  29     let mut data = match info.handler {
  30         ApiHandler::Sync(handler) => (handler)(param, info, rpcenv)?,
  31         _ => unreachable!(),
  32     };
  33
  34     let options = default_table_format_options()
  35         .column(ColumnConfig::new("userid"))
  36         .column(
  37             ColumnConfig::new("enable")
  38                 .renderer(tools::format::render_bool_with_default_true)
  39         )
  40         .column(
  41             ColumnConfig::new("expire")
  42                 .renderer(tools::format::render_epoch)
  43         )
  44         .column(ColumnConfig::new("firstname"))
  45         .column(ColumnConfig::new("lastname"))
  46         .column(ColumnConfig::new("email"))
  47         .column(ColumnConfig::new("comment"));
  48
  49     format_and_print_result_full(&mut data, &info.returns, &output_format, &options);
  50
  51     Ok(Value::Null)
  52 }
  53
  54 #[api(
  55     input: {
  56         properties: {
  57             "output-format": {
  58                 schema: OUTPUT_FORMAT,
  59                 optional: true,
  60             },
  61             userid: {
  62                 type: Userid,
  63             }
  64         }
  65     }
  66 )]
  67 /// List tokens associated with user.
  68 fn list_tokens(param: Value, rpcenv: &mut dyn RpcEnvironment) -> Result<Value, Error> {
  69
  70     let output_format = get_output_format(&param);
  71
  72     let info = &api2::access::user::API_METHOD_LIST_TOKENS;
  73     let mut data = match info.handler {
  74         ApiHandler::Sync(handler) => (handler)(param, info, rpcenv)?,
  75         _ => unreachable!(),
  76     };
  77
  78     let options = default_table_format_options()
  79         .column(ColumnConfig::new("tokenid"))
  80         .column(
  81             ColumnConfig::new("enable")
  82                 .renderer(tools::format::render_bool_with_default_true)
  83         )
  84         .column(
  85             ColumnConfig::new("expire")
  86                 .renderer(tools::format::render_epoch)
  87         )
  88         .column(ColumnConfig::new("comment"));
  89
  90     format_and_print_result_full(&mut data, &info.returns, &output_format, &options);
  91
  92     Ok(Value::Null)
  93 }
  94
  95
  96 #[api(
  97     input: {
  98         properties: {
  99             "output-format": {
 100                 schema: OUTPUT_FORMAT,
 101                 optional: true,
 102             },
 103             "auth-id": {
 104                 type: Authid,
 105             },
 106             path: {
 107                 schema: ACL_PATH_SCHEMA,
 108                 optional: true,
 109             },
 110         }
 111     }
 112 )]
 113 /// List permissions of user/token.
 114 fn list_permissions(param: Value, rpcenv: &mut dyn RpcEnvironment) -> Result<Value, Error> {
 115
 116     let output_format = get_output_format(&param);
 117
 118     let info = &api2::access::API_METHOD_LIST_PERMISSIONS;
 119     let mut data = match info.handler {
 120         ApiHandler::Sync(handler) => (handler)(param, info, rpcenv)?,
 121         _ => unreachable!(),
 122     };
 123
 124     if output_format == "text" {
 125         println!("Privileges with (*) have the propagate flag set\n");
 126         let data:HashMap<String, HashMap<String, bool>> = serde_json::from_value(data)?;
 127         let mut paths:Vec<String> = data.keys().cloned().collect();
 128         paths.sort_unstable();
 129         for path in paths {
 130             println!("Path: {}", path);
 131             let priv_map = data.get(&path).unwrap();
 132             let mut privs:Vec<String> = priv_map.keys().cloned().collect();
 133             if privs.is_empty() {
 134                 println!("- NoAccess");
 135             } else {
 136                 privs.sort_unstable();
 137                 for privilege in privs {
 138                     if *priv_map.get(&privilege).unwrap() {
 139                         println!("- {} (*)", privilege);
 140                     } else {
 141                         println!("- {}", privilege);
 142                     }
 143                 }
 144             }
 145         }
 146     } else {
 147         format_and_print_result(&mut data, &output_format);
 148     }
 149
 150     Ok(Value::Null)
 151 }
 152
 153
 154 pub fn user_commands() -> CommandLineInterface {
 155
 156     let cmd_def = CliCommandMap::new()
 157         .insert("list", CliCommand::new(&&API_METHOD_LIST_USERS))
 158         .insert(
 159             "create",
 160             // fixme: howto handle password parameter?
 161             CliCommand::new(&api2::access::user::API_METHOD_CREATE_USER)
 162                 .arg_param(&["userid"])
 163         )
 164         .insert(
 165             "update",
 166             CliCommand::new(&api2::access::user::API_METHOD_UPDATE_USER)
 167                 .arg_param(&["userid"])
 168                 .completion_cb("userid", config::user::complete_userid)
 169         )
 170         .insert(
 171             "remove",
 172             CliCommand::new(&api2::access::user::API_METHOD_DELETE_USER)
 173                 .arg_param(&["userid"])
 174                 .completion_cb("userid", config::user::complete_userid)
 175         )
 176         .insert(
 177             "list-tokens",
 178             CliCommand::new(&&API_METHOD_LIST_TOKENS)
 179                 .arg_param(&["userid"])
 180                 .completion_cb("userid", config::user::complete_userid)
 181         )
 182         .insert(
 183             "generate-token",
 184             CliCommand::new(&api2::access::user::API_METHOD_GENERATE_TOKEN)
 185                 .arg_param(&["userid", "tokenname"])
 186                 .completion_cb("userid", config::user::complete_userid)
 187         )
 188         .insert(
 189             "delete-token",
 190             CliCommand::new(&api2::access::user::API_METHOD_DELETE_TOKEN)
 191                 .arg_param(&["userid", "tokenname"])
 192                 .completion_cb("userid", config::user::complete_userid)
 193                 .completion_cb("tokenname", config::user::complete_token_name)
 194         )
 195         .insert(
 196             "permissions",
 197             CliCommand::new(&&API_METHOD_LIST_PERMISSIONS)
 198                 .arg_param(&["auth-id"])
 199                 .completion_cb("auth-id", config::user::complete_authid)
 200                 .completion_cb("path", config::datastore::complete_acl_path)
 201         );
 202
 203     cmd_def.into()
 204 }