we have each privilege as property of the return object,
so we generate it from $valid_privs
this has the advantage that all privileges are well documented
with that api call
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
returns => {
type => "object",
additionalProperties => 0,
returns => {
type => "object",
additionalProperties => 0,
- properties => {
- privs => get_standard_option('role-privs'),
- },
+ properties => PVE::AccessControl::create_priv_properties(),
},
code => sub {
my ($param) = @_;
},
code => sub {
my ($param) = @_;
+sub create_priv_properties {
+ my $properties = {};
+ foreach my $priv (keys %$valid_privs) {
+ $properties->{$priv} = {
+ type => 'boolean',
+ optional => 1,
+ };
+ }
+ return $properties;
+}
+
sub role_is_special {
my ($role) = @_;
return (exists $special_roles->{$role}) ? 1 : 0;
sub role_is_special {
my ($role) = @_;
return (exists $special_roles->{$role}) ? 1 : 0;