[pve-access-control.git] / pveum

#!/usr/bin/perl -w 

use strict;
use Getopt::Long;
use PVE::Tools qw(run_command);
use PVE::Cluster;
use PVE::SafeSyslog;
use PVE::AccessControl;
use File::Path qw(make_path remove_tree);
use Term::ReadLine;
use PVE::INotify;
use PVE::RPCEnvironment;
use PVE::API2::User;
use PVE::API2::Group;
use PVE::API2::Role;
use PVE::API2::ACL;
use PVE::API2::Pool;
use PVE::API2::AccessControl;
use PVE::JSONSchema qw(get_standard_option);
use PVE::CLIHandler;

use base qw(PVE::CLIHandler);

use Data::Dumper; # fixme: remove

$ENV{'PATH'} = '/sbin:/bin:/usr/sbin:/usr/bin';

initlog('pveum');

#fixme: logging?

die "please run as root\n" if $> != 0;

PVE::INotify::inotify_init();

my $rpcenv = PVE::RPCEnvironment->init('cli');

$rpcenv->init_request();
$rpcenv->set_language($ENV{LANG});
$rpcenv->set_user('root@pam'); 

# autmatically generate the private key if it does not already exists
PVE::Cluster::gen_auth_key();

my $read_password = sub {

    # return $ENV{PVE_PW_TICKET} if defined($ENV{PVE_PW_TICKET});

    my $term = new Term::ReadLine ('pveum');
    my $attribs = $term->Attribs;
    $attribs->{redisplay_function} = $attribs->{shadow_redisplay};
    my $input = $term->readline('Enter new password: ');
    my $conf = $term->readline('Retype new password: ');
    die "Passwords do not match.\n" if ($input ne $conf);
    return $input;
};

my $cmddef = {
    ticket => [ 'PVE::API2::AccessControl', 'create_ticket', ['username'], undef,
		sub {
		    my ($res) = @_;
		    print "$res->{ticket}\n";
		}],
    useradd => [ 'PVE::API2::User', 'create_user', ['userid'] ],
    usermod => [ 'PVE::API2::User', 'update_user', ['userid'] ],
    userdel => [ 'PVE::API2::User', 'delete_user', ['userid'] ],

    groupadd => [ 'PVE::API2::Group', 'create_group', ['groupid'] ],
    groupmod => [ 'PVE::API2::Group', 'update_group', ['groupid'] ],
    groupdel => [ 'PVE::API2::Group', 'delete_group', ['groupid'] ],

    roleadd => [ 'PVE::API2::Role', 'create_role', ['roleid'] ],
    rolemod => [ 'PVE::API2::Role', 'update_role', ['roleid'] ],
    roledel => [ 'PVE::API2::Role', 'delete_role', ['roleid'] ],

    pooladd => [ 'PVE::API2::Pool', 'create_pool', ['poolid'] ],
    poolmod => [ 'PVE::API2::Pool', 'update_pool', ['poolid'] ],
    pooldel => [ 'PVE::API2::Pool', 'delete_pool', ['poolid'] ],

    aclmod => [ 'PVE::API2::ACL', 'update_acl', ['path', 'roles'], { delete => 0 }],
    acldel => [ 'PVE::API2::ACL', 'update_acl', ['path', 'roles'], { delete => 1 }],
};

my $cmd = shift;

PVE::CLIHandler::handle_cmd($cmddef, "pveum", $cmd, \@ARGV, $read_password, $0);

exit 0;

__END__

=head1 NAME

pveum - PVE User Manager

=head1 SYNOPSIS

=include synopsis

=head1 DESCRIPTION

No description available.

=include pve_copyright
Commit	Line	Data
2c3a6c0a DM	1	#!/usr/bin/perl -w
	2
	3	use strict;
	4	use Getopt::Long;
	5	use PVE::Tools qw(run_command);
	6	use PVE::Cluster;
	7	use PVE::SafeSyslog;
	8	use PVE::AccessControl;
	9	use File::Path qw(make_path remove_tree);
	10	use Term::ReadLine;
	11	use PVE::INotify;
	12	use PVE::RPCEnvironment;
	13	use PVE::API2::User;
	14	use PVE::API2::Group;
	15	use PVE::API2::Role;
	16	use PVE::API2::ACL;
39c85db8	17	use PVE::API2::Pool;
2c3a6c0a DM	18	use PVE::API2::AccessControl;
	19	use PVE::JSONSchema qw(get_standard_option);
	20	use PVE::CLIHandler;
	21
	22	use base qw(PVE::CLIHandler);
	23
	24	use Data::Dumper; # fixme: remove
	25
	26	$ENV{'PATH'} = '/sbin:/bin:/usr/sbin:/usr/bin';
	27
	28	initlog('pveum');
	29
	30	#fixme: logging?
	31
	32	die "please run as root\n" if $> != 0;
	33
	34	PVE::INotify::inotify_init();
	35
	36	my $rpcenv = PVE::RPCEnvironment->init('cli');
	37
	38	$rpcenv->init_request();
	39	$rpcenv->set_language($ENV{LANG});
	40	$rpcenv->set_user('root@pam');
	41
	42	# autmatically generate the private key if it does not already exists
	43	PVE::Cluster::gen_auth_key();
	44
	45	my $read_password = sub {
	46
	47	# return $ENV{PVE_PW_TICKET} if defined($ENV{PVE_PW_TICKET});
	48
	49	my $term = new Term::ReadLine ('pveum');
	50	my $attribs = $term->Attribs;
	51	$attribs->{redisplay_function} = $attribs->{shadow_redisplay};
	52	my $input = $term->readline('Enter new password: ');
	53	my $conf = $term->readline('Retype new password: ');
	54	die "Passwords do not match.\n" if ($input ne $conf);
	55	return $input;
	56	};
	57
	58	my $cmddef = {
	59	ticket => [ 'PVE::API2::AccessControl', 'create_ticket', ['username'], undef,
	60	sub {
	61	my ($res) = @_;
	62	print "$res->{ticket}\n";
	63	}],
	64	useradd => [ 'PVE::API2::User', 'create_user', ['userid'] ],
	65	usermod => [ 'PVE::API2::User', 'update_user', ['userid'] ],
	66	userdel => [ 'PVE::API2::User', 'delete_user', ['userid'] ],
	67
	68	groupadd => [ 'PVE::API2::Group', 'create_group', ['groupid'] ],
	69	groupmod => [ 'PVE::API2::Group', 'update_group', ['groupid'] ],
	70	groupdel => [ 'PVE::API2::Group', 'delete_group', ['groupid'] ],
	71
	72	roleadd => [ 'PVE::API2::Role', 'create_role', ['roleid'] ],
	73	rolemod => [ 'PVE::API2::Role', 'update_role', ['roleid'] ],
	74	roledel => [ 'PVE::API2::Role', 'delete_role', ['roleid'] ],
	75
39c85db8 DM	76	pooladd => [ 'PVE::API2::Pool', 'create_pool', ['poolid'] ],
	77	poolmod => [ 'PVE::API2::Pool', 'update_pool', ['poolid'] ],
	78	pooldel => [ 'PVE::API2::Pool', 'delete_pool', ['poolid'] ],
	79
2c3a6c0a DM	80	aclmod => [ 'PVE::API2::ACL', 'update_acl', ['path', 'roles'], { delete => 0 }],
	81	acldel => [ 'PVE::API2::ACL', 'update_acl', ['path', 'roles'], { delete => 1 }],
	82	};
	83
	84	my $cmd = shift;
	85
362fe4c6	86	PVE::CLIHandler::handle_cmd($cmddef, "pveum", $cmd, \@ARGV, $read_password, $0);
2c3a6c0a DM	87
	88	exit 0;
	89
	90	__END__
	91
	92	=head1 NAME
	93
	94	pveum - PVE User Manager
	95
	96	=head1 SYNOPSIS
	97
362fe4c6	98	=include synopsis
2c3a6c0a DM	99
	100	=head1 DESCRIPTION
	101
362fe4c6 DM	102	No description available.
	103
	104	=include pve_copyright