use PVE::Ticket;
use PVE::Tools qw(run_command lock_file file_get_contents split_list safe_print);
use PVE::Cluster qw(cfs_register_file cfs_read_file cfs_write_file cfs_lock_file);
-use PVE::JSONSchema;
+use PVE::JSONSchema qw(register_standard_option get_standard_option);
use PVE::Auth::Plugin;
use PVE::Auth::AD;
use PVE::Auth::PVE;
use PVE::Auth::PAM;
-use Data::Dumper; # fixme: remove
-
# load and initialize all plugins
PVE::Auth::AD->register();
\&parse_user_config,
\&write_user_config);
-
sub verify_username {
PVE::Auth::Plugin::verify_username(@_);
}
$secret, $username, $vmid, $node);
}
-
sub verify_spice_connect_url {
my ($connect_str) = @_;
'VM.Migrate',
'VM.Monitor',
'VM.Snapshot',
+ 'VM.Snapshot.Rollback',
],
user => [
'VM.Config.CDROM', # change CDROM media
create_roles();
+sub create_priv_properties {
+ my $properties = {};
+ foreach my $priv (keys %$valid_privs) {
+ $properties->{$priv} = {
+ type => 'boolean',
+ optional => 1,
+ };
+ }
+ return $properties;
+}
+
sub role_is_special {
my ($role) = @_;
- return exists $special_roles->{$role};
+ return (exists $special_roles->{$role}) ? 1 : 0;
}
sub add_role_privs {
return $path;
}
-
PVE::JSONSchema::register_format('pve-groupid', \&verify_groupname);
sub verify_groupname {
my ($groupname, $noerr) = @_;
return $rolename;
}
-PVE::JSONSchema::register_format('pve-poolid', \&verify_groupname);
+PVE::JSONSchema::register_format('pve-poolid', \&verify_poolname);
sub verify_poolname {
my ($poolname, $noerr) = @_;
# bash completion helpers
+register_standard_option('userid-completed',
+ get_standard_option('userid', { completion => \&complete_username}),
+);
+
sub complete_username {
my $user_cfg = cfs_read_file('user.cfg');
projects / pve-access-control.git / blobdiff