use PVE::SafeSyslog;
use PVE::AccessControl;
use File::Path qw(make_path remove_tree);
-use Term::ReadLine;
use PVE::INotify;
use PVE::RPCEnvironment;
use PVE::API2::User;
use PVE::API2::AccessControl;
use PVE::JSONSchema qw(get_standard_option);
use PVE::CLIHandler;
+use PVE::PTY;
use base qw(PVE::CLIHandler);
-sub read_password {
- # return $ENV{PVE_PW_TICKET} if defined($ENV{PVE_PW_TICKET});
+sub setup_environment {
+ PVE::RPCEnvironment->setup_default_cli_env();
+}
- my $term = new Term::ReadLine ('pveum');
- my $attribs = $term->Attribs;
- $attribs->{redisplay_function} = $attribs->{shadow_redisplay};
- my $input = $term->readline('Enter new password: ');
- my $conf = $term->readline('Retype new password: ');
- die "Passwords do not match.\n" if ($input ne $conf);
- return $input;
+sub param_mapping {
+ my ($name) = @_;
+
+ my $mapping = {
+ 'change_password' => [
+ PVE::CLIHandler::get_standard_mapping('pve-password'),
+ ],
+ 'create_ticket' => [
+ PVE::CLIHandler::get_standard_mapping('pve-password', {
+ func => sub {
+ # do not accept values given on cmdline
+ return PVE::PTY::read_password('Enter password: ');
+ },
+ }),
+ ]
+ };
+
+ return $mapping->{$name};
}
our $cmddef = {
+ user => {
+ add => [ 'PVE::API2::User', 'create_user', ['userid'] ],
+ modify => [ 'PVE::API2::User', 'update_user', ['userid'] ],
+ delete => [ 'PVE::API2::User', 'delete_user', ['userid'] ],
+ },
+ group => {
+ add => [ 'PVE::API2::Group', 'create_group', ['groupid'] ],
+ modify => [ 'PVE::API2::Group', 'update_group', ['groupid'] ],
+ delete => [ 'PVE::API2::Group', 'delete_group', ['groupid'] ],
+ },
+ role => {
+ add => [ 'PVE::API2::Role', 'create_role', ['roleid'] ],
+ modify => [ 'PVE::API2::Role', 'update_role', ['roleid'] ],
+ delete => [ 'PVE::API2::Role', 'delete_role', ['roleid'] ],
+ },
+ acl => {
+ modify => [ 'PVE::API2::ACL', 'update_acl', ['path'], { delete => 0 }],
+ delete => [ 'PVE::API2::ACL', 'update_acl', ['path'], { delete => 1 }],
+ },
ticket => [ 'PVE::API2::AccessControl', 'create_ticket', ['username'], undef,
sub {
my ($res) = @_;
print "$res->{ticket}\n";
}],
- passwd => [ 'PVE::API2::AccessControl', 'change_passsword', ['userid'] ],
+ passwd => [ 'PVE::API2::AccessControl', 'change_password', ['userid'] ],
- useradd => [ 'PVE::API2::User', 'create_user', ['userid'] ],
- usermod => [ 'PVE::API2::User', 'update_user', ['userid'] ],
- userdel => [ 'PVE::API2::User', 'delete_user', ['userid'] ],
+ useradd => { alias => 'user add' },
+ usermod => { alias => 'user modify' },
+ userdel => { alias => 'user delete' },
- groupadd => [ 'PVE::API2::Group', 'create_group', ['groupid'] ],
- groupmod => [ 'PVE::API2::Group', 'update_group', ['groupid'] ],
- groupdel => [ 'PVE::API2::Group', 'delete_group', ['groupid'] ],
+ groupadd => { alias => 'group add' },
+ groupmod => { alias => 'group modify' },
+ groupdel => { alias => 'group delete' },
- roleadd => [ 'PVE::API2::Role', 'create_role', ['roleid'] ],
- rolemod => [ 'PVE::API2::Role', 'update_role', ['roleid'] ],
- roledel => [ 'PVE::API2::Role', 'delete_role', ['roleid'] ],
+ roleadd => { alias => 'role add' },
+ rolemod => { alias => 'role modify' },
+ roledel => { alias => 'role delete' },
- aclmod => [ 'PVE::API2::ACL', 'update_acl', ['path'], { delete => 0 }],
- acldel => [ 'PVE::API2::ACL', 'update_acl', ['path'], { delete => 1 }],
+ aclmod => { alias => 'acl modify' },
+ acldel => { alias => 'acl delete' },
};
1;
-
-__END__
-
-=head1 NAME
-
-pveum - PVE User Manager
-
-=head1 DESCRIPTION
-
-Tools to manage PVE users, groups, roles and permissions. Modifying roles and permissions is complex and usually easier to handle using the GUI. So the command line interface is mainly provided for scripting purposes.
-
-=head1 SYNOPSIS
-
-=include synopsis
-
-=include pve_copyright
projects / pve-access-control.git / blobdiff