proxmox-mirrors/pve-access-control
1
0
Fork 0
mirror of https://git.proxmox.com/git/pve-access-control synced 2025-10-04 22:29:06 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

domain sync: add 'dry-run' parameter

Browse Source 
this can be used to test the resulting config before actually changing
anything

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
This commit is contained in:
Dominik Csapak 2020-04-23 08:47:19 +02:00 committed by Thomas Lamprecht
parent 72a9742b94
commit 38691d98c8
1 changed files with 19 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
PVE/API2/Domains.pm
View File

@ -408,7 +408,13 @@ __PACKAGE__->register_method ({
additionalProperties => 0, additionalProperties => 0,
properties => get_standard_option('realm-sync-options', { properties => get_standard_option('realm-sync-options', {
realm => get_standard_option('realm'), realm => get_standard_option('realm'),
}) 'dry-run' => {
description => "If set, does not write anything.",
type => 'boolean',
optional => 1,
default => 0,
},
}),
}, },
returns => { returns => {
description => 'Worker Task-UPID', description => 'Worker Task-UPID',
@ -420,6 +426,9 @@ __PACKAGE__->register_method ({
my $rpcenv = PVE::RPCEnvironment::get(); my $rpcenv = PVE::RPCEnvironment::get();
my $authuser = $rpcenv->get_user(); my $authuser = $rpcenv->get_user();
my $write = !(extract_param($param, 'dry-run'));
my $dryrunstring = $write ? '' : ' (dry run)';
my $realm = $param->{realm}; my $realm = $param->{realm};
my $cfg = cfs_read_file($domainconfigfile); my $cfg = cfs_read_file($domainconfigfile);
my $realmconfig = $cfg->{ids}->{$realm}; my $realmconfig = $cfg->{ids}->{$realm};
@ -439,7 +448,7 @@ __PACKAGE__->register_method ({
my $plugin = PVE::Auth::Plugin->lookup($type); my $plugin = PVE::Auth::Plugin->lookup($type);
my $worker = sub { my $worker = sub {
print "starting sync for realm $realm\n"; print "starting sync$dryrunstring for realm $realm\n";
my ($synced_users, $dnmap) = $plugin->get_users($realmconfig, $realm); my ($synced_users, $dnmap) = $plugin->get_users($realmconfig, $realm);
my $synced_groups = {}; my $synced_groups = {};
@ -459,12 +468,17 @@ __PACKAGE__->register_method ({
$update_groups->($usercfg, $realm, $synced_groups, $opts); $update_groups->($usercfg, $realm, $synced_groups, $opts);
} }
cfs_write_file("user.cfg", $usercfg); if ($write) {
print "successfully updated $whatstring configuration\n"; cfs_write_file("user.cfg", $usercfg) if $write;
print "successfully updated $whatstring configuration\n" if $write;
} else {
print "NOTE: This is just a dry run. No actual data was written.\n";
}
}, "syncing $whatstring failed"); }, "syncing $whatstring failed");
}; };
return $rpcenv->fork_worker('auth-realm-sync', $realm, $authuser, $worker); my $workerid = $write ? 'auth-realm-sync' : 'auth-realm-sync-test';
return $rpcenv->fork_worker($workerid, $realm, $authuser, $worker);
}}); }});
1; 1;