use PVE::SafeSyslog;
use PVE::AccessControl;
use File::Path qw(make_path remove_tree);
-use Term::ReadLine;
use PVE::INotify;
use PVE::RPCEnvironment;
use PVE::API2::User;
use PVE::API2::AccessControl;
use PVE::JSONSchema qw(get_standard_option);
use PVE::CLIHandler;
+use PVE::PTY;
use base qw(PVE::CLIHandler);
-sub read_password {
- # return $ENV{PVE_PW_TICKET} if defined($ENV{PVE_PW_TICKET});
+sub setup_environment {
+ PVE::RPCEnvironment->setup_default_cli_env();
+}
+
+sub param_mapping {
+ my ($name) = @_;
+
+ my $mapping = {
+ 'change_password' => [
+ PVE::CLIHandler::get_standard_mapping('pve-password'),
+ ],
+ 'create_ticket' => [
+ PVE::CLIHandler::get_standard_mapping('pve-password', {
+ func => sub {
+ # do not accept values given on cmdline
+ return PVE::PTY::read_password('Enter password: ');
+ },
+ }),
+ ]
+ };
- my $term = new Term::ReadLine ('pveum');
- my $attribs = $term->Attribs;
- $attribs->{redisplay_function} = $attribs->{shadow_redisplay};
- my $input = $term->readline('Enter new password: ');
- my $conf = $term->readline('Retype new password: ');
- die "Passwords do not match.\n" if ($input ne $conf);
- return $input;
+ return $mapping->{$name};
}
our $cmddef = {
+ user => {
+ add => [ 'PVE::API2::User', 'create_user', ['userid'] ],
+ modify => [ 'PVE::API2::User', 'update_user', ['userid'] ],
+ delete => [ 'PVE::API2::User', 'delete_user', ['userid'] ],
+ },
+ group => {
+ add => [ 'PVE::API2::Group', 'create_group', ['groupid'] ],
+ modify => [ 'PVE::API2::Group', 'update_group', ['groupid'] ],
+ delete => [ 'PVE::API2::Group', 'delete_group', ['groupid'] ],
+ },
+ role => {
+ add => [ 'PVE::API2::Role', 'create_role', ['roleid'] ],
+ modify => [ 'PVE::API2::Role', 'update_role', ['roleid'] ],
+ delete => [ 'PVE::API2::Role', 'delete_role', ['roleid'] ],
+ },
+ acl => {
+ modify => [ 'PVE::API2::ACL', 'update_acl', ['path'], { delete => 0 }],
+ delete => [ 'PVE::API2::ACL', 'update_acl', ['path'], { delete => 1 }],
+ },
ticket => [ 'PVE::API2::AccessControl', 'create_ticket', ['username'], undef,
sub {
my ($res) = @_;
print "$res->{ticket}\n";
}],
- passwd => [ 'PVE::API2::AccessControl', 'change_passsword', ['userid'] ],
+ passwd => [ 'PVE::API2::AccessControl', 'change_password', ['userid'] ],
- useradd => [ 'PVE::API2::User', 'create_user', ['userid'] ],
- usermod => [ 'PVE::API2::User', 'update_user', ['userid'] ],
- userdel => [ 'PVE::API2::User', 'delete_user', ['userid'] ],
+ useradd => { alias => 'user add' },
+ usermod => { alias => 'user modify' },
+ userdel => { alias => 'user delete' },
- groupadd => [ 'PVE::API2::Group', 'create_group', ['groupid'] ],
- groupmod => [ 'PVE::API2::Group', 'update_group', ['groupid'] ],
- groupdel => [ 'PVE::API2::Group', 'delete_group', ['groupid'] ],
+ groupadd => { alias => 'group add' },
+ groupmod => { alias => 'group modify' },
+ groupdel => { alias => 'group delete' },
- roleadd => [ 'PVE::API2::Role', 'create_role', ['roleid'] ],
- rolemod => [ 'PVE::API2::Role', 'update_role', ['roleid'] ],
- roledel => [ 'PVE::API2::Role', 'delete_role', ['roleid'] ],
+ roleadd => { alias => 'role add' },
+ rolemod => { alias => 'role modify' },
+ roledel => { alias => 'role delete' },
- aclmod => [ 'PVE::API2::ACL', 'update_acl', ['path'], { delete => 0 }],
- acldel => [ 'PVE::API2::ACL', 'update_acl', ['path'], { delete => 1 }],
+ aclmod => { alias => 'acl modify' },
+ acldel => { alias => 'acl delete' },
};
1;
projects / pve-access-control.git / blobdiff