[pve-devel] r4986 - pve-access-control/trunk

svn-commits at proxmox.com svn-commits at proxmox.com
Thu Aug 12 15:03:03 CEST 2010


Author: dietmar
Date: 2010-08-12 13:03:03 +0000 (Thu, 12 Aug 2010)
New Revision: 4986

Added:
   pve-access-control/trunk/Group.pm
Log:


Added: pve-access-control/trunk/Group.pm
===================================================================
--- pve-access-control/trunk/Group.pm	                        (rev 0)
+++ pve-access-control/trunk/Group.pm	2010-08-12 13:03:03 UTC (rev 4986)
@@ -0,0 +1,157 @@
+package PVE::API2::Group;
+
+use strict;
+use warnings;
+use PVE::INotify qw (read_file write_file);
+use PVE::AccessControl;
+
+use PVE::SafeSyslog;
+
+use Data::Dumper; # fixme: remove
+
+use PVE::RESTHandler;
+
+use base qw(PVE::RESTHandler);
+
+# fixme: index should return more/all attributes?
+__PACKAGE__->register_method ({
+    name => 'index', 
+    path => '', 
+    method => 'GET',
+    description => "Group index.",
+    parameters => {
+	additionalProperties => 0,
+	properties => {},
+    },
+    returns => {
+	type => 'array',
+	items => {
+	    type => "object",
+	    properties => {
+		id => { type => 'string' },
+	    },
+	},
+	links => [ { rel => 'child', href => "{id}" } ],
+    },
+    code => sub {
+	my ($conn, $resp, $param) = @_;
+    
+	my $res = [];
+
+	my $usercfg = read_file("usercfg");
+ 
+	foreach my $group (keys %{$usercfg->{groups}}) {
+	    push @$res, { id => $group };
+	}
+
+	return $res;
+    }});
+
+__PACKAGE__->register_method ({
+    name => 'create_group', 
+    protected => 1,
+    path => '{groupid}', 
+    method => 'POST',
+    description => "Create new group.",
+    parameters => {
+   	additionalProperties => 0,
+	properties => {
+	    groupid => { type => 'string' },
+	},
+    },
+    returns => { type => 'null' },
+    code => sub {
+	my ($conn, $resp, $param) = @_;
+
+	PVE::AccessControl::lock_user_config(
+	    sub {
+			
+		my $usercfg = read_file("usercfg");
+
+		my $group = $param->{groupid};
+
+		PVE::AccessControl::verify_groupname($group);
+	
+		die "group '$group' already exists\n" 
+		    if $usercfg->{groups}->{$group};
+
+		$usercfg->{groups}->{$group} = {};
+
+		write_file("usercfg", $usercfg);
+	    });
+
+	my $err = $@;
+
+	die "create group failed: $err" if $err;
+
+	return undef;
+    }});
+
+# fixme: return format!
+__PACKAGE__->register_method ({
+    name => 'read_group', 
+    path => '{groupid}', 
+    method => 'GET',
+    description => "Get group configuration.",
+    parameters => {
+   	additionalProperties => 0,
+	properties => {
+	    groupid => { type => 'string' },
+	},
+    },
+    returns => {},
+    code => sub {
+	my ($conn, $resp, $param) = @_;
+
+	my $usercfg = read_file("usercfg");
+ 
+	my $data = $usercfg->{groups}->{$param->{groupid}};
+	die "no such group\n" if !$data;
+
+	return $data;
+    }});
+
+
+__PACKAGE__->register_method ({
+    name => 'delete_group', 
+    protected => 1,
+    path => '{groupid}', 
+    method => 'DELETE',
+    description => "Delete group.",
+    parameters => {
+   	additionalProperties => 0,
+	properties => {
+	    groupid => { type => 'string' },
+	}
+    },
+    returns => { type => 'null' },
+    code => sub {
+	my ($conn, $resp, $param) = @_;
+
+	PVE::AccessControl::lock_user_config(
+	    sub {
+
+		my $usercfg = read_file("usercfg");
+
+		my $group = $param->{groupid};
+
+		PVE::AccessControl::verify_groupname($group);
+
+		die "group '$group' does not exist\n" 
+		    if $usercfg->{groups}->{$group};
+	
+		delete ($usercfg->{groups}->{$group});
+
+		PVE::AccessControl::delete_group_acl($group, $usercfg);
+
+		write_file("usercfg", $usercfg);
+	    });
+
+	my $err = $@;
+
+	die "delete group failed: $err" if $err;
+	
+	return undef;
+    }});
+
+1;



More information about the pve-devel mailing list