From b428fb63fa4a17b536d21bc522596aa23279533b Mon Sep 17 00:00:00 2001
From: Dominik Csapak <d.csapak@proxmox.com>
Date: Tue, 26 Jun 2018 14:15:44 +0200
Subject: [PATCH] implement set-user-password guest agent api call

this executes the guest agent command 'set-user-password'
with which one can change the password of an existing user in the vm

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
---
 PVE/API2/Qemu/Agent.pm | 62 +++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 61 insertions(+), 1 deletion(-)

diff --git a/PVE/API2/Qemu/Agent.pm b/PVE/API2/Qemu/Agent.pm
index f50fde5..499a591 100644
--- a/PVE/API2/Qemu/Agent.pm
+++ b/PVE/API2/Qemu/Agent.pm
@@ -7,6 +7,8 @@ use PVE::RESTHandler;
 use PVE::JSONSchema qw(get_standard_option);
 use PVE::QemuServer;
 use PVE::QemuServer::Agent qw(agent_available);
+use MIME::Base64 qw(encode_base64 decode_base64);
+use JSON;
 
 use base qw(PVE::RESTHandler);
 
@@ -108,7 +110,12 @@ __PACKAGE__->register_method({
 
 	my $result = [];
 
-	for my $cmd (sort keys %$guest_agent_commands) {
+	my $cmds = [keys %$guest_agent_commands];
+	push @$cmds, qw(
+	    set-user-password
+	);
+
+	for my $cmd ( sort @$cmds) {
 	    push @$result, { name => $cmd };
 	}
 
@@ -190,4 +197,57 @@ for my $cmd (sort keys %$guest_agent_commands) {
     __PACKAGE__->register_command($cmd, $props->{method}, $props->{perms});
 }
 
+# commands with parameters are complicated and we want to register them manually
+__PACKAGE__->register_method({
+    name => 'set-user-password',
+    path => 'set-user-password',
+    method => 'POST',
+    protected => 1,
+    proxyto => 'node',
+    description => "Sets the password for the given user to the given password",
+    permissions => { check => [ 'perm', '/vms/{vmid}', [ 'VM.Monitor' ]]},
+    parameters => {
+	additionalProperties => 0,
+	properties => {
+	    node => get_standard_option('pve-node'),
+	    vmid => get_standard_option('pve-vmid', {
+		    completion => \&PVE::QemuServer::complete_vmid_running }),
+	    username => {
+		type => 'string',
+		description => 'The user to set the password for.'
+	    },
+	    password => {
+		type => 'string',
+		description => 'The new password.',
+		minLength => 5,
+		maxLength => 64,
+	    },
+	    crypted => {
+		type => 'boolean',
+		description => 'set to 1 if the password has already been passed through crypt()',
+		optional => 1,
+		default => 0,
+	    },
+	},
+    },
+    returns => {
+	type => 'object',
+	description => "Returns an object with a single `result` property.",
+    },
+    code => sub {
+	my ($param) = @_;
+
+	my $vmid = $param->{vmid};
+
+	my $crypted = $param->{crypted} // 0;
+	my $args = {
+	    username => $param->{username},
+	    password => encode_base64($param->{password}),
+	    crypted => $crypted ? JSON::true : JSON::false,
+	};
+	my $res = agent_cmd($vmid, "set-user-password", %$args, 'cannot set user password');
+
+	return { result => $res };
+    }});
+
 1;
-- 
2.39.2