my $rpcenv = PVE::RPCEnvironment->init('cli');
-my $cfgfn = "user.cfg.ex1";
+my $cfgfn = "test1.cfg";
$rpcenv->init_request(userconfig => $cfgfn);
sub check_roles {
my ($user, $path, $expected_result) = @_;
- my @ra = PVE::AccessControl::roles($rpcenv->{user_cfg}, $user, $path);
- my $res = join(',', sort @ra);
+ my $roles = PVE::AccessControl::roles($rpcenv->{user_cfg}, $user, $path);
+ my $res = join(',', sort keys %$roles);
die "unexpected result\nneed '${expected_result}'\ngot '$res'\n"
if $res ne $expected_result;
sub check_permission {
my ($user, $path, $expected_result) = @_;
- my $perm = PVE::AccessControl::permission($rpcenv->{user_cfg}, $user, $path);
+ my $perm = $rpcenv->permissions($user, $path);
my $res = join(',', sort keys %$perm);
die "unexpected result\nneed '${expected_result}'\ngot '$res'\n"
if $res ne $expected_result;
print "PERM:$path:$user:$res\n";
-
}
check_roles('max@pve', '/', '');
check_roles('max@pve', '/vms/200', 'storage_manager');
check_roles('joe@pve', '/vms/200', 'vm_admin');
-check_roles('sue@pve', '/vms/200', '');
+check_roles('sue@pve', '/vms/200', 'NoAccess');
print "all tests passed\n";