pveum: introduce sub-commands
[pve-access-control.git] / PVE / CLI / pveum.pm
1 package PVE::CLI::pveum;
2
3 use strict;
4 use warnings;
5 use Getopt::Long;
6 use PVE::Tools qw(run_command);
7 use PVE::Cluster;
8 use PVE::SafeSyslog;
9 use PVE::AccessControl;
10 use File::Path qw(make_path remove_tree);
11 use Term::ReadLine;
12 use PVE::INotify;
13 use PVE::RPCEnvironment;
14 use PVE::API2::User;
15 use PVE::API2::Group;
16 use PVE::API2::Role;
17 use PVE::API2::ACL;
18 use PVE::API2::AccessControl;
19 use PVE::JSONSchema qw(get_standard_option);
20 use PVE::CLIHandler;
21
22 use base qw(PVE::CLIHandler);
23
24 sub setup_environment {
25 PVE::RPCEnvironment->setup_default_cli_env();
26 }
27
28 sub read_password {
29 # return $ENV{PVE_PW_TICKET} if defined($ENV{PVE_PW_TICKET});
30
31 my $term = new Term::ReadLine ('pveum');
32 my $attribs = $term->Attribs;
33 $attribs->{redisplay_function} = $attribs->{shadow_redisplay};
34 my $input = $term->readline('Enter new password: ');
35 my $conf = $term->readline('Retype new password: ');
36 die "Passwords do not match.\n" if ($input ne $conf);
37 return $input;
38 }
39
40 our $cmddef = {
41 user => {
42 add => [ 'PVE::API2::User', 'create_user', ['userid'] ],
43 modify => [ 'PVE::API2::User', 'update_user', ['userid'] ],
44 delete => [ 'PVE::API2::User', 'delete_user', ['userid'] ],
45 },
46 group => {
47 add => [ 'PVE::API2::Group', 'create_group', ['groupid'] ],
48 modify => [ 'PVE::API2::Group', 'update_group', ['groupid'] ],
49 delete => [ 'PVE::API2::Group', 'delete_group', ['groupid'] ],
50 },
51 role => {
52 add => [ 'PVE::API2::Role', 'create_role', ['roleid'] ],
53 modify => [ 'PVE::API2::Role', 'update_role', ['roleid'] ],
54 delete => [ 'PVE::API2::Role', 'delete_role', ['roleid'] ],
55 },
56 acl => {
57 modify => [ 'PVE::API2::ACL', 'update_acl', ['path'], { delete => 0 }],
58 delete => [ 'PVE::API2::ACL', 'update_acl', ['path'], { delete => 1 }],
59 },
60 ticket => [ 'PVE::API2::AccessControl', 'create_ticket', ['username'], undef,
61 sub {
62 my ($res) = @_;
63 print "$res->{ticket}\n";
64 }],
65
66 passwd => [ 'PVE::API2::AccessControl', 'change_passsword', ['userid'] ],
67
68 useradd => { alias => 'user add' },
69 usermod => { alias => 'user modify' },
70 userdel => { alias => 'user delete' },
71
72 groupadd => { alias => 'group add' },
73 groupmod => { alias => 'group modify' },
74 groupdel => { alias => 'group delete' },
75
76 roleadd => { alias => 'role add' },
77 rolemod => { alias => 'role modify' },
78 roledel => { alias => 'role delete' },
79
80 aclmod => { alias => 'acl modify' },
81 acldel => { alias => 'acl delete' },
82 };
83
84 1;