use PVE::SafeSyslog;
use PVE::RPCEnvironment;
use PVE::Cluster qw(cfs_read_file);
+use PVE::Corosync;
use PVE::RESTHandler;
use PVE::AccessControl;
use PVE::JSONSchema qw(get_standard_option);
additionalProperties => 0,
properties => {
username => {
- description => "User name",
- type => 'string',
- maxLength => 64,
- completion => \&PVE::AccessControl::complete_username,
+ description => "User name",
+ type => 'string',
+ maxLength => 64,
+ completion => \&PVE::AccessControl::complete_username,
},
realm => get_standard_option('realm', {
description => "You can optionally pass the realm using this parameter. Normally the realm is simply added to the username <username>\@<relam>.",
username => { type => 'string' },
ticket => { type => 'string', optional => 1},
CSRFPreventionToken => { type => 'string', optional => 1 },
+ clustername => { type => 'string', optional => 1 },
}
},
code => sub {
$res->{cap} = &$compute_api_permission($rpcenv, $username);
+ if (PVE::Corosync::check_conf_exists(1)) {
+ if ($rpcenv->check($username, '/', ['Sys.Audit'], 1)) {
+ eval {
+ my $conf = cfs_read_file('corosync.conf');
+ my $totem = PVE::Corosync::totem_config($conf);
+ if ($totem->{cluster_name}) {
+ $res->{clustername} = $totem->{cluster_name};
+ }
+ };
+ warn "$@\n" if $@;
+ }
+ }
+
PVE::Cluster::log_msg('info', 'root@pam', "successful auth for user '$username'");
return $res;
}});
__PACKAGE__->register_method ({
- name => 'change_passsword',
+ name => 'change_password',
path => 'password',
method => 'PUT',
permissions => {
parameters => {
additionalProperties => 0,
properties => {
- userid => get_standard_option('userid', {
- completion => \&PVE::AccessControl::complete_username,
- }),
+ userid => get_standard_option('userid-completed'),
password => {
description => "The new password.",
type => 'string',
projects / pve-access-control.git / blobdiff