[pve-devel] r4851 - pve-access-control/trunk

svn-commits at proxmox.com svn-commits at proxmox.com
Tue Jun 29 08:14:26 CEST 2010


Author: dietmar
Date: 2010-06-29 06:14:25 +0000 (Tue, 29 Jun 2010)
New Revision: 4851

Modified:
   pve-access-control/trunk/AccessControl.pm
   pve-access-control/trunk/ChangeLog
   pve-access-control/trunk/pveum
Log:
	* AccessControl.pm (add_user): moved functionality to modify_user and
	removed subroutine (Seth)

	* pveum: useradd command no longer requires a password and now uses
	modify_user (Seth)



Modified: pve-access-control/trunk/AccessControl.pm
===================================================================
--- pve-access-control/trunk/AccessControl.pm	2010-06-28 09:21:00 UTC (rev 4850)
+++ pve-access-control/trunk/AccessControl.pm	2010-06-29 06:14:25 UTC (rev 4851)
@@ -432,77 +432,66 @@
     return secure_exec($ticket, 'create_ticket', [ @param ]);
 }
 
-sub add_user {
-    my ($newusername, $passwd, $opts) = @_;
+sub modify_user {
 
+    my ($username, $opts) = @_;
+    
     my $domain;
 
-    ($newusername, undef, $domain) = verify_username ($newusername);
+    ($username, undef, $domain) = verify_username ($username);
 
+    die "modify failed: username '$username' contains invalid characters\n" if !$username;
+    
     my $usercfg = load_user_config();
 
-    die "user '$newusername' already exists\n" 
-	if $usercfg->{users}->{$newusername};
+    if ($opts->{create}) {
 
-    if (!$domain) {
-	die "missing password\n" if !$passwd;
+	die "user '$username' already exists\n" 
+	    if $usercfg->{users}->{$username};
+    
+	warn "ignore password - can't set password on auth domain '$domain'\n" if $domain && $opts->{passwd};
 
-	# fixme: store password somewhere into a protected file
-    } else {
-	die "can't set password on auth domain '$domain'\n" if $passwd;
-    }
+	store_shadow_passwd() if !$domain && $opts->{passwd};
 
-    warn "add user $newusername, $passwd not implemented\n";
+	enable_user ($username, $usercfg);
 
-    $usercfg->{users}->{$newusername} = { enabled => 1 };
-    if ($opts->{groups}) {
-	foreach my $group (split_list ($opts->{groups})) {
-	    if ($usercfg->{groups}->{$group}) {
-                add_user_group ($newusername,$usercfg,$group);
-	    } else {
-		warn "ignore group '$group' - no such group\n";
-		next;
+	if ($opts->{groups}) {
+	    foreach my $group (split_list ($opts->{groups})) {
+		if ($usercfg->{groups}->{$group}) {
+		    add_user_group ($username,$usercfg,$group);
+		} else {
+		    warn "ignore group '$group' - no such group\n";
+		    next;
+		}
 	    }
 	}
-    }
 
-    save_user_config ($usercfg);
-}
+    } else {
 
-sub modify_user {
+	die "user '$username' does not exist\n" if !$usercfg->{users}->{$username};
 
-    my ($username, $opts) = @_;
-    
-    ($username, undef, undef) = verify_username ($username);
-    
-    die "modify failed: username '$username' contains invalid characters\n" if !$username;
-    
-    my $usercfg = load_user_config();
-
-    die "user '$username' does not exist\n" if !$usercfg->{users}->{$username};
-
-    enable_user ($username,$usercfg) if $opts->{unlock} &&
-	!$usercfg->{users}->{$username}->{enabled};
-    disable_user ($username,$usercfg) if $opts->{lock} &&
-	$usercfg->{users}->{$username}->{enabled};
-    delete_user_group ($username,$usercfg) if (!$opts->{append} && $opts->{groups});
-    if ($opts->{groups}) {
-	foreach my $group (split_list ($opts->{groups})) {
-	    if ($usercfg->{groups}->{$group}) {
-                add_user_group ($username,$usercfg,$group);
-	    } else {
-		warn "ignore group '$group' - no such group\n";
-		next;
+	enable_user ($username,$usercfg) if $opts->{unlock} &&
+	    !$usercfg->{users}->{$username}->{enabled};
+	disable_user ($username,$usercfg) if $opts->{lock} &&
+	    $usercfg->{users}->{$username}->{enabled};
+	delete_user_group ($username,$usercfg) if (!$opts->{append} && $opts->{groups});
+	if ($opts->{groups}) {
+	    foreach my $group (split_list ($opts->{groups})) {
+		if ($usercfg->{groups}->{$group}) {
+		    add_user_group ($username,$usercfg,$group);
+		} else {
+		    warn "ignore group '$group' - no such group\n";
+		    next;
+		}
 	    }
 	}
+
+	change_password ($username,$usercfg) if $opts->{password};
+	name_user ($username,$usercfg) if $opts->{name};
+	comment_user ($username,$usercfg) if $opts->{comment};
     }
 
-    change_password ($username,$usercfg) if $opts->{password};
-    name_user ($username,$usercfg) if $opts->{name};
-    comment_user ($username,$usercfg) if $opts->{comment};
-
     save_user_config ($usercfg);
-
 }
 
 sub delete_user {
@@ -523,6 +512,13 @@
 
 }   
 
+sub store_shadow_passwd {
+
+   warn "store shadow password not implemented yet\n"; 
+   # fixme: store password somewhere into a protected file
+
+}
+
 sub add_user_group {
 
     my ($username,$usercfg,$group) = @_;

Modified: pve-access-control/trunk/ChangeLog
===================================================================
--- pve-access-control/trunk/ChangeLog	2010-06-28 09:21:00 UTC (rev 4850)
+++ pve-access-control/trunk/ChangeLog	2010-06-29 06:14:25 UTC (rev 4851)
@@ -2,6 +2,12 @@
 
 	* pveum: new groupadd/groupdel (patch from Seth)
 
+	* AccessControl.pm (add_user): moved functionality to modify_user and
+	removed subroutine (Seth)
+
+	* pveum: useradd command no longer requires a password and now uses
+	modify_user (Seth)
+
 2010-06-25  Proxmox Support Team  <support at proxmox.com>
 
 	* AccessControl.pm (modify_user): include patch from Seth

Modified: pve-access-control/trunk/pveum
===================================================================
--- pve-access-control/trunk/pveum	2010-06-28 09:21:00 UTC (rev 4850)
+++ pve-access-control/trunk/pveum	2010-06-29 06:14:25 UTC (rev 4851)
@@ -69,7 +69,7 @@
 
     my $opts = {};
 
-    if (!GetOptions ($opts,'groups=s')) {
+    if (!GetOptions ($opts, 'groups=s', 'password')) {
         exit (-1);
     }
 
@@ -77,9 +77,9 @@
 
     die "no username specified\n" if !$username;
 
-    my $passwd = read_password();
-	
-    PVE::AccessControl::add_user($username, $passwd, $opts);
+    $opts->{password} = read_password() if $opts->{password};
+    $opts->{create} = 1;
+    PVE::AccessControl::modify_user($username, $opts);
 
     exit(0);
 



More information about the pve-devel mailing list