[pve-devel] [PATCH access-control] pveum: Allow listing of roles and their privileges
Dietmar Maurer
dietmar at proxmox.com
Mon Sep 25 07:05:03 CEST 2017
comments inline
> Use the existing 'index' API call from PVE::API2::Role to produce a
> tidy list of all available roles and their associated privileges.
> ---
> Concerns #1502 but doesn't fix it completely.
> PVE/CLI/pveum.pm | 31 +++++++++++++++++++++++++++++++
> 1 file changed, 31 insertions(+)
>
> diff --git a/PVE/CLI/pveum.pm b/PVE/CLI/pveum.pm
> index aef7089..26807a5 100755
> --- a/PVE/CLI/pveum.pm
> +++ b/PVE/CLI/pveum.pm
> @@ -54,6 +54,37 @@ our $cmddef = {
> groupmod => [ 'PVE::API2::Group', 'update_group', ['groupid'] ],
> groupdel => [ 'PVE::API2::Group', 'delete_group', ['groupid'] ],
>
> + rolelst => [ 'PVE::API2::Role', 'index', [ ], undef,
I am not a big fan of names like 'lst' - what happened to the 'i'?
Why not 'list'?
And we also want 'list' command for users, groups and acls?
I wonder if we should use the following scheme instead:
pveum role list ...
pveum role add ...
pveum role delete ...
pveum role modify ...
pveum group list
pveum group add
pveum group delete
pveum group modify
??
> + sub {
> + my ($res) = @_;
> + my $longest = 0;
> + foreach my $role(map($_->{roleid}, @$res)) {
> + my $len = length $role;
> + $longest = $len if $len > $longest;
> + }
> + $longest += 2;
> + my $width = 96;
> + my $maxlength = $width - $longest;
> + printf("%-${longest}s%s\n", "ROLE", "PRIVILEGES");
> + for my $role(sort {lc($a->{roleid}) cmp lc($b->{roleid})} @$res) {
> + my @lines_privs = ("");
> + my $cur_line = 0;
> + for my $priv(split(',', $role->{privs})) {
> + if (length($lines_privs[$cur_line]) == 0) {
> + $lines_privs[$cur_line] .= "$priv";
> + } elsif (length($lines_privs[$cur_line]) + length($priv) <= $maxlength)
> {
> + $lines_privs[$cur_line] .= ", $priv";
> + } else {
> + $lines_privs[++$cur_line] .= "$priv";
> + }
> + }
> + printf("%-${longest}s%s\n", "$role->{roleid}:", $lines_privs[0]);
> + for my $line(1..(scalar(@lines_privs) - 1)) {
> + printf("%${longest}s%s\n", "", $lines_privs[$line]);
> + }
> + }
I would like to have a generic utility function to print nicely formatted tables
instead.
More information about the pve-devel
mailing list