[pve-devel] [RFC 1/23] API schema: add 'notoken' property

Thomas Lamprecht t.lamprecht at proxmox.com
Thu Oct 17 16:46:44 CEST 2019 

On 10/17/19 3:13 PM, Fabian Grünbichler wrote:
> to mark API methods which should not be available to clients authenticated using an API token

please wrap lines, for commit messages it's common to use << 70 as limit,
at least <= 80 would be really great.

> 
> Signed-off-by: Fabian Grünbichler <f.gruenbichler at proxmox.com>
> ---
> 
> Notes:
>     if applied, any users of this need corresponding versioned depends.
> 
>  src/PVE/JSONSchema.pm | 5 +++++
>  1 file changed, 5 insertions(+)
> 
> diff --git a/src/PVE/JSONSchema.pm b/src/PVE/JSONSchema.pm
> index db38d44..a42d814 100644
> --- a/src/PVE/JSONSchema.pm
> +++ b/src/PVE/JSONSchema.pm
> @@ -1263,6 +1263,11 @@ my $method_schema = {
>  	    description => "Method needs special privileges - only pvedaemon can execute it",
>  	    optional => 1,
>          },
> +	notoken => {

IMO slightly to general. Also, negative named properties are not ideal, even
if I sometimes use them too, Dominik always notices it in the web ui ;)

The question is, do we want to have certain API endpoints which we straight
forbid, or do we want some which can only be called by sending along the full
user credentials.

The latter would allow to only use an API token for a mobile app (for example),
but still have a password change dialog there, with allows to change the
password of the user which the token belongs, but only if the current password
is sent along and without some hacks required by the app where it temporarily
requests a "full user ticket". (how TFA would play into something like this is
another question...)

I mean, just an example, but we could then resort to name it something like
"require-fullauth"

or we reverse the default and name it:
"token-auth-sufficient"

anyway, bike-shedding details, but for an RFC OK I hope ;P

> +	    type => 'boolean',
> +	    description => "Method is not available for clients authenticated using an API token.",
> +	    optional => 1,
> +	},
>          download => {
>              type => 'boolean',
>  	    description => "Method downloads the file content (filename is the return value of the method).",
>

More information about the pve-devel mailing list