X-Git-Url: https://git.proxmox.com/?p=pve-common.git;a=blobdiff_plain;f=data%2FPVE%2FJSONSchema.pm;h=45f02c537f360ccdef79e749a5653bed1af1e83d;hp=3d51b4e9475e7c185fecce1b0dda4446727be6f5;hb=3250f5c79906762177bc45dd9f9400fb910bbc6b;hpb=e143e9d86b489c57166b5c192bf41dcc3452471e

diff --git a/data/PVE/JSONSchema.pm b/data/PVE/JSONSchema.pm
index 3d51b4e..45f02c5 100644
--- a/data/PVE/JSONSchema.pm
+++ b/data/PVE/JSONSchema.pm
@@ -82,6 +82,9 @@ sub register_format {
 }
 
 # register some common type for pve
+
+register_format('string', sub {}); # allow format => 'string-list'
+
 register_format('pve-configid', \&pve_verify_configid);
 sub pve_verify_configid {
     my ($id, $noerr) = @_;
@@ -170,7 +173,7 @@ sub check_format {
 
     return if $format eq 'regex';
 
-    if ($format =~ m/^(.*)-list$/) {
+    if ($format =~ m/^(.*)-a?list$/) {
 	
 	my $code = $format_list->{$1};
 
@@ -737,14 +740,21 @@ my $method_schema = {
 	    optional => 1,
 	    additionalProperties => 0,
 	    properties => {
+	        description => {
+	             description => "Describe access permissions.",
+	             optional => 1,
+	        },
                 user => {
-                    description => "A simply way to allow access for 'all' users. The special value 'arg' allows access for the user specified in the 'username' parameter. This is useful to allow access to things owned by a user, like changing the user password. Value 'world' is used to allow access without credentials.", 
+                    description => "A simply way to allow access for 'all' authenticated users. Value 'world' is used to allow access without credentials.", 
                     type => 'string', 
-                    enum => ['all', 'arg', 'world'],
+                    enum => ['all', 'world'],
                     optional => 1,
                 },
-                path => { type => 'string', optional => 1, requires => 'privs' },
-                privs => { type => 'array', optional => 1, requires => 'path' },
+                check => {
+                    description => "Array of permission checks (prefix notation).",
+                    type => 'array', 
+                    optional => 1 
+                },
             },
         },
         match_name => {
@@ -846,7 +856,7 @@ sub method_get_child_link {
 # a way to parse command line parameters, using a 
 # schema to configure Getopt::Long
 sub get_options {
-    my ($schema, $args, $uri_param, $pwcallback) = @_;
+    my ($schema, $args, $arg_param, $fixed_param, $pwcallback) = @_;
 
     if (!$schema || !$schema->{properties}) {
 	raise("too many arguments\n", code => HTTP_BAD_REQUEST)
@@ -854,10 +864,19 @@ sub get_options {
 	return {};
     }
 
+    my $list_param;
+    if ($arg_param && !ref($arg_param)) {
+	my $pd = $schema->{properties}->{$arg_param};
+	die "expected list format $pd->{format}"
+	    if !($pd && $pd->{format} && $pd->{format} =~ m/-list/);
+	$list_param = $arg_param;
+    }
+
     my @getopt = ();
     foreach my $prop (keys %{$schema->{properties}}) {
 	my $pd = $schema->{properties}->{$prop};
-	next if defined($uri_param->{$prop});
+	next if $list_param && $prop eq $list_param;
+	next if defined($fixed_param->{$prop});
 
 	if ($prop eq 'password' && $pwcallback) {
 	    # we do not accept plain password on input line, instead
@@ -867,16 +886,33 @@ sub get_options {
 	} elsif ($pd->{type} eq 'boolean') {
 	    push @getopt, "$prop:s";
 	} else {
-	    push @getopt, "$prop=s";
+	    if ($pd->{format} && $pd->{format} =~ m/-a?list/) {
+		push @getopt, "$prop=s@";
+	    } else {
+		push @getopt, "$prop=s";
+	    }
 	}
     }
 
     my $opts = {};
     raise("unable to parse option\n", code => HTTP_BAD_REQUEST)
 	if !Getopt::Long::GetOptionsFromArray($args, $opts, @getopt);
-    
-    raise("too many arguments\n", code => HTTP_BAD_REQUEST)
-	if scalar(@$args) != 0;
+
+    if (my $acount = scalar(@$args)) {
+	if ($list_param) {
+	    $opts->{$list_param} = $args;
+	    $args = [];
+	} elsif (ref($arg_param)) {
+	    raise("wrong number of arguments\n", code => HTTP_BAD_REQUEST)
+		if scalar(@$arg_param) != $acount; 
+	    foreach my $p (@$arg_param) {
+		$opts->{$p} = shift @$args;
+	    }
+	} else {
+	    raise("too many arguments\n", code => HTTP_BAD_REQUEST)
+		if scalar(@$args) != 0;
+	}
+    }
 
     if (my $pd = $schema->{properties}->{password}) {
 	if ($pd->{type} ne 'boolean' && $pwcallback) {
@@ -885,7 +921,12 @@ sub get_options {
 	    }
 	}
     }
-    
+
+    $opts = PVE::Tools::decode_utf8_parameters($opts);
+    if ($opts->{description}) {
+	print "TEST: " . PVE::Tools::encode_text($opts->{description}) . "\n";
+    }
+
     foreach my $p (keys %$opts) {
 	if (my $pd = $schema->{properties}->{$p}) {
 	    if ($pd->{type} eq 'boolean') {
@@ -898,12 +939,29 @@ sub get_options {
 		} else {
 		    raise("unable to parse boolean option\n", code => HTTP_BAD_REQUEST);
 		}
+	    } elsif ($pd->{format}) {
+
+		if ($pd->{format} =~ m/-list/) {
+		    # allow --vmid 100 --vmid 101 and --vmid 100,101
+		    # allow --dow mon --dow fri and --dow mon,fri
+		    $opts->{$p} = join(",", @{$opts->{$p}});
+		} elsif ($pd->{format} =~ m/-alist/) {
+		    # we encode array as \0 separated strings
+		    # Note: CGI.pm also use this encoding
+		    if (scalar(@{$opts->{$p}}) != 1) {
+			$opts->{$p} = join("\0", @{$opts->{$p}});
+		    } else {
+			# st that split_list knows it is \0 terminated
+			my $v = $opts->{$p}->[0];
+			$opts->{$p} = "$v\0";
+		    }
+		}
 	    }
 	}	
     }
 
-    foreach my $p (keys %$uri_param) {
-	$opts->{$p} = $uri_param->{$p};
+    foreach my $p (keys %$fixed_param) {
+	$opts->{$p} = $fixed_param->{$p};
     }
 
     return $opts;