[pve-devel] [PATCH v2 access-control 1/1] replace read_password with param_mapping

[Dominik Csapak]

use the get_standar_mapping 'pve-password'
then we can get rid of the Term::ReadLine dependency

we use this change to only ask for the password once on
'pveum ticket'

Signed-off-by: Dominik Csapak <d.csapak at proxmox.com>
---
 PVE/CLI/pveum.pm  | 28 ++++++++++++++++++----------
 debian/control    |  1 -
 test/auth-test.pl | 12 ++----------
 3 files changed, 20 insertions(+), 21 deletions(-)

diff --git a/PVE/CLI/pveum.pm b/PVE/CLI/pveum.pm
index b8412eb..5fd15fe 100755
--- a/PVE/CLI/pveum.pm
+++ b/PVE/CLI/pveum.pm
@@ -8,7 +8,6 @@ use PVE::Cluster;
 use PVE::SafeSyslog;
 use PVE::AccessControl;
 use File::Path qw(make_path remove_tree);
-use Term::ReadLine;
 use PVE::INotify;
 use PVE::RPCEnvironment;
 use PVE::API2::User;
@@ -18,6 +17,7 @@ use PVE::API2::ACL;
 use PVE::API2::AccessControl;
 use PVE::JSONSchema qw(get_standard_option);
 use PVE::CLIHandler;
+use PVE::PTY;
 
 use base qw(PVE::CLIHandler);
 
@@ -25,16 +25,24 @@ sub setup_environment {
     PVE::RPCEnvironment->setup_default_cli_env();
 }
 
-sub read_password {
-    # return $ENV{PVE_PW_TICKET} if defined($ENV{PVE_PW_TICKET});
+sub param_mapping {
+    my ($name) = @_;
 
-    my $term = new Term::ReadLine ('pveum');
-    my $attribs = $term->Attribs;
-    $attribs->{redisplay_function} = $attribs->{shadow_redisplay};
-    my $input = $term->readline('Enter new password: ');
-    my $conf = $term->readline('Retype new password: ');
-    die "Passwords do not match.\n" if ($input ne $conf);
-    return $input;
+    my $mapping = {
+	'change_password' => [
+	    PVE::CLIHandler::get_standard_mapping('pve-password'),
+	],
+	'create_ticket' => [
+	    PVE::CLIHandler::get_standard_mapping('pve-password', {
+		func => sub {
+		    # do not accept values given on cmdline
+		    return PVE::PTY::read_password('Enter password: ');
+		},
+	    }),
+	]
+    };
+
+    return $mapping->{$name};
 }
 
 our $cmddef = {
diff --git a/debian/control b/debian/control
index 511cfb4..fdb8a5a 100644
--- a/debian/control
+++ b/debian/control
@@ -22,7 +22,6 @@ Depends: libauthen-pam-perl,
          libnet-ldap-perl,
          libnet-ssleay-perl,
          libpve-common-perl (>= 5.0-27),
-         libterm-readline-gnu-perl,
          liburi-perl,
          libwww-perl,
          perl (>= 5.6.0-16),
diff --git a/test/auth-test.pl b/test/auth-test.pl
index 50a7f89..60429a9 100644
--- a/test/auth-test.pl
+++ b/test/auth-test.pl
@@ -1,21 +1,13 @@
 #!/usr/bin/perl -w
 
 use strict;
-use Term::ReadLine;
+use PVE::PTY;
 use PVE::AccessControl;
 
 my $username = shift;
 die "Username missing" if !$username;
-sub read_password {
 
-    my $term = new Term::ReadLine ('pveum');
-    my $attribs = $term->Attribs;
-    $attribs->{redisplay_function} = $attribs->{shadow_redisplay};
-    my $input = $term->readline('password: ');
-    return $input;
-}
-
-my $password = read_password();
+my $password = PVE::PTY::read_password('password: ');
 PVE::AccessControl::authenticate_user($username,$password);
 
 print "Authentication Successful!!\n";
-- 
2.11.0