[pve-devel] r5577 - in pve-access-control/trunk: . PVE PVE/API2
svn-commits at proxmox.com
svn-commits at proxmox.com
Tue Feb 22 06:36:13 CET 2011
Author: dietmar
Date: 2011-02-22 06:36:13 +0100 (Tue, 22 Feb 2011)
New Revision: 5577
Modified:
pve-access-control/trunk/ChangeLog
pve-access-control/trunk/PVE/API2/User.pm
pve-access-control/trunk/PVE/AccessControl.pm
pve-access-control/trunk/README
Log:
add firstname/lastname and email fields.
Modified: pve-access-control/trunk/ChangeLog
===================================================================
--- pve-access-control/trunk/ChangeLog 2011-02-22 05:20:38 UTC (rev 5576)
+++ pve-access-control/trunk/ChangeLog 2011-02-22 05:36:13 UTC (rev 5577)
@@ -1,3 +1,8 @@
+2011-02-22 Proxmox Support Team <support at proxmox.com>
+
+ * PVE/AccessControl.pm (parse_user_config): add firstname/lastname
+ and email fields.
+
2011-02-21 Proxmox Support Team <support at proxmox.com>
* PVE/API2/Group.pm (update_group): implement modgroup (set
Modified: pve-access-control/trunk/PVE/API2/User.pm
===================================================================
--- pve-access-control/trunk/PVE/API2/User.pm 2011-02-22 05:20:38 UTC (rev 5576)
+++ pve-access-control/trunk/PVE/API2/User.pm 2011-02-22 05:36:13 UTC (rev 5577)
@@ -20,7 +20,7 @@
my $res = {};
- foreach my $prop (qw(domid enabled expire name comment)) {
+ foreach my $prop (qw(domid enabled expire firstname lastname email comment)) {
$res->{$prop} = $data->{$prop} if defined($data->{$prop});
}
@@ -104,7 +104,9 @@
domid => get_standard_option('domid', { optional => 1 }),
password => { type => 'string', optional => 1 },
groups => { type => 'string', optional => 1, format => 'pve-groupid-list'},
- name => { type => 'string', optional => 1 },
+ firstname => { type => 'string', optional => 1 },
+ lastname => { type => 'string', optional => 1 },
+ email => { type => 'string', optional => 1, format => 'email' },
comment => { type => 'string', optional => 1 },
expire => {
description => "Account expiration date (seconds since epoch). '0' means no expiration date.",
@@ -147,7 +149,9 @@
}
}
- $usercfg->{users}->{$username}->{name} = $param->{name} if $param->{name};
+ $usercfg->{users}->{$username}->{firstname} = $param->{firstname} if $param->{firstname};
+ $usercfg->{users}->{$username}->{lastname} = $param->{lastname} if $param->{lastname};
+ $usercfg->{users}->{$username}->{email} = $param->{email} if $param->{email};
$usercfg->{users}->{$username}->{comment} = $param->{comment} if $param->{comment};
cfs_write_file("user.cfg", $usercfg);
@@ -173,7 +177,9 @@
domid => get_standard_option('domid'),
enabled => { type => 'boolean' },
expire => { type => 'integer' },
- name => { type => 'string', optional => 1 },
+ firstname => { type => 'string', optional => 1 },
+ lastname => { type => 'string', optional => 1 },
+ email => { type => 'string', optional => 1 },
comment => { type => 'string', optional => 1 },
groups => { type => 'array' },
}
@@ -213,7 +219,9 @@
},
lock => { type => 'boolean', optional => 1 },
unlock => { type => 'boolean', optional => 1 },
- name => { type => 'string', optional => 1 },
+ firstname => { type => 'string', optional => 1 },
+ lastname => { type => 'string', optional => 1 },
+ email => { type => 'string', optional => 1, format => 'email' },
comment => { type => 'string', optional => 1 },
expire => {
description => "Account expiration date (seconds since epoch). '0' means no expiration date.",
@@ -267,7 +275,9 @@
}
}
- $usercfg->{users}->{$username}->{name} = $param->{name} if $param->{name};
+ $usercfg->{users}->{$username}->{firstname} = $param->{firstname} if $param->{firstname};
+ $usercfg->{users}->{$username}->{lastname} = $param->{lastname} if $param->{lastname};
+ $usercfg->{users}->{$username}->{email} = $param->{email} if $param->{email};
$usercfg->{users}->{$username}->{comment} = $param->{comment} if $param->{comment};
cfs_write_file("user.cfg", $usercfg);
Modified: pve-access-control/trunk/PVE/AccessControl.pm
===================================================================
--- pve-access-control/trunk/PVE/AccessControl.pm 2011-02-22 05:20:38 UTC (rev 5576)
+++ pve-access-control/trunk/PVE/AccessControl.pm 2011-02-22 05:36:13 UTC (rev 5577)
@@ -691,7 +691,7 @@
my $et = shift @data;
if ($et eq 'user') {
- my ($user, $enabled, $expire, $domid, $name, $comment) = @data;
+ my ($user, $enabled, $expire, $domid, $firstname, $lastname, $email, $comment) = @data;
if (!verify_username($user, 1)) {
warn "user config - ignore user '$user' - invalid characters in user name\n";
@@ -723,7 +723,9 @@
# group => $group,
};
$cfg->{users}->{$user}->{domid} = $domid ? $domid : 'pve';
- $cfg->{users}->{$user}->{name} = decode_text($name) if $name;
+ $cfg->{users}->{$user}->{firstname} = decode_text($firstname) if $firstname;
+ $cfg->{users}->{$user}->{lastname} = decode_text($lastname) if $lastname;
+ $cfg->{users}->{$user}->{email} = $email;
$cfg->{users}->{$user}->{comment} = decode_text($comment) if $comment;
$cfg->{users}->{$user}->{expire} = $expire;
@@ -1012,11 +1014,13 @@
my $d = $cfg->{users}->{$user};
my $domid = $d->{domid} || 'pve';
- my $name = $d->{name} ? encode_text($d->{name}) : '';
+ my $firstname = $d->{firstname} ? encode_text($d->{firstname}) : '';
+ my $lastname = $d->{lastname} ? encode_text($d->{lastname}) : '';
+ my $email = $d->{email} || '';
my $comment = $d->{comment} ? encode_text($d->{comment}) : '';
my $expire = int($d->{expire}) || 0;
my $enabled = $d->{enabled} ? 1 : 0;
- $data .= "user:$user:$enabled:$expire:$domid:$name:$comment:\n";
+ $data .= "user:$user:$enabled:$expire:$domid:$firstname:$lastname:$email:$comment:\n";
}
$data .= "\n";
Modified: pve-access-control/trunk/README
===================================================================
--- pve-access-control/trunk/README 2011-02-22 05:20:38 UTC (rev 5576)
+++ pve-access-control/trunk/README 2011-02-22 05:36:13 UTC (rev 5577)
@@ -12,12 +12,14 @@
User Authentication
===================
-User names need to be unique (else logging gets complicated). So we
-suggest to use email addresses. Each user has an associated
-authentication domain, which references an entry in the file
-'/etc/pve/priv/domain.cfg'. The file associates domain IDs with
-authentication servers.
+Proxmox VE can use several different authentication servers. Those
+servers are listed in '/etc/pve/priv/domain.cfg', indexed by a unique
+ID (called authentication domain or realm).
+User names need to be unique. We create unique names by adding the
+'realm' to the user ID.
+
+File format 'domain.cfg'
----example domains.cfg ------------------
# an active directory server
@@ -49,10 +51,11 @@
enabled: 1 = TRUE, 0 = FALSE
expire: <integer> (account expiration date)
domid: reference to authentication domain
- name: full user name
+ firstname: user first name
+ lastname: user last name
+ email: user's email address
comment: arbitrary comment
-
special user root: The root user has full administrative privileges
group:
More information about the pve-devel
mailing list