mirror of
https://git.proxmox.com/git/pve-access-control
synced 2025-08-03 01:39:06 +00:00
moved Pool.pm to pve-manager package
This commit is contained in:
parent
82b63965eb
commit
f3957883eb
@ -15,7 +15,6 @@ use PVE::API2::User;
|
||||
use PVE::API2::Group;
|
||||
use PVE::API2::Role;
|
||||
use PVE::API2::ACL;
|
||||
use PVE::API2::Pool;
|
||||
|
||||
use base qw(PVE::RESTHandler);
|
||||
|
||||
@ -44,11 +43,6 @@ __PACKAGE__->register_method ({
|
||||
path => 'domains',
|
||||
});
|
||||
|
||||
__PACKAGE__->register_method ({
|
||||
subclass => "PVE::API2::Pool",
|
||||
path => 'pools',
|
||||
});
|
||||
|
||||
__PACKAGE__->register_method ({
|
||||
name => 'index',
|
||||
path => '',
|
||||
|
@ -1,7 +1,6 @@
|
||||
|
||||
API2_SOURCES= \
|
||||
AccessControl.pm \
|
||||
Pool.pm \
|
||||
Domains.pm \
|
||||
ACL.pm \
|
||||
Role.pm \
|
||||
|
299
PVE/API2/Pool.pm
299
PVE/API2/Pool.pm
@ -1,299 +0,0 @@
|
||||
package PVE::API2::Pool;
|
||||
|
||||
use strict;
|
||||
use warnings;
|
||||
use PVE::Exception qw(raise_param_exc);
|
||||
use PVE::Cluster qw (cfs_read_file cfs_write_file);
|
||||
use PVE::AccessControl;
|
||||
|
||||
use PVE::SafeSyslog;
|
||||
|
||||
use Data::Dumper; # fixme: remove
|
||||
|
||||
use PVE::RESTHandler;
|
||||
|
||||
use base qw(PVE::RESTHandler);
|
||||
|
||||
__PACKAGE__->register_method ({
|
||||
name => 'index',
|
||||
path => '',
|
||||
method => 'GET',
|
||||
description => "Pool index.",
|
||||
permissions => {
|
||||
user => 'all',
|
||||
},
|
||||
parameters => {
|
||||
additionalProperties => 0,
|
||||
properties => {},
|
||||
},
|
||||
returns => {
|
||||
type => 'array',
|
||||
items => {
|
||||
type => "object",
|
||||
properties => {
|
||||
poolid => { type => 'string' },
|
||||
},
|
||||
},
|
||||
links => [ { rel => 'child', href => "{poolid}" } ],
|
||||
},
|
||||
code => sub {
|
||||
my ($param) = @_;
|
||||
|
||||
my $rpcenv = PVE::RPCEnvironment::get();
|
||||
|
||||
my $res = [];
|
||||
|
||||
my $usercfg = $rpcenv->{user_cfg};
|
||||
|
||||
foreach my $pool (keys %{$usercfg->{pools}}) {
|
||||
my $entry = { poolid => $pool };
|
||||
my $data = $usercfg->{pools}->{$pool};
|
||||
$entry->{comment} = $data->{comment} if defined($data->{comment});
|
||||
push @$res, $entry;
|
||||
}
|
||||
|
||||
return $res;
|
||||
}});
|
||||
|
||||
__PACKAGE__->register_method ({
|
||||
name => 'create_pool',
|
||||
protected => 1,
|
||||
path => '',
|
||||
method => 'POST',
|
||||
permissions => {
|
||||
check => ['perm', '/access', ['Sys.Modify']],
|
||||
},
|
||||
description => "Create new pool.",
|
||||
parameters => {
|
||||
additionalProperties => 0,
|
||||
properties => {
|
||||
poolid => { type => 'string', format => 'pve-poolid' },
|
||||
comment => { type => 'string', optional => 1 },
|
||||
},
|
||||
},
|
||||
returns => { type => 'null' },
|
||||
code => sub {
|
||||
my ($param) = @_;
|
||||
|
||||
PVE::AccessControl::lock_user_config(
|
||||
sub {
|
||||
|
||||
my $usercfg = cfs_read_file("user.cfg");
|
||||
|
||||
my $pool = $param->{poolid};
|
||||
|
||||
die "pool '$pool' already exists\n"
|
||||
if $usercfg->{pools}->{$pool};
|
||||
|
||||
$usercfg->{pools}->{$pool} = { vms => {}, storage => {} };
|
||||
|
||||
$usercfg->{pools}->{$pool}->{comment} = $param->{comment} if $param->{comment};
|
||||
|
||||
cfs_write_file("user.cfg", $usercfg);
|
||||
}, "create pool failed");
|
||||
|
||||
return undef;
|
||||
}});
|
||||
|
||||
__PACKAGE__->register_method ({
|
||||
name => 'update_pool',
|
||||
protected => 1,
|
||||
path => '{poolid}',
|
||||
method => 'PUT',
|
||||
permissions => {
|
||||
check => ['perm', '/access', ['Sys.Modify']],
|
||||
},
|
||||
description => "Update pool data.",
|
||||
parameters => {
|
||||
additionalProperties => 0,
|
||||
properties => {
|
||||
poolid => { type => 'string', format => 'pve-poolid' },
|
||||
comment => { type => 'string', optional => 1 },
|
||||
vms => {
|
||||
description => "List of virtual machines.",
|
||||
type => 'string', format => 'pve-vmid-list',
|
||||
optional => 1,
|
||||
},
|
||||
storage => {
|
||||
description => "List of storage IDs.",
|
||||
type => 'string', format => 'pve-storage-id-list',
|
||||
optional => 1,
|
||||
},
|
||||
delete => {
|
||||
description => "Remove vms/storage (instead of adding it).",
|
||||
type => 'boolean',
|
||||
optional => 1,
|
||||
},
|
||||
},
|
||||
},
|
||||
returns => { type => 'null' },
|
||||
code => sub {
|
||||
my ($param) = @_;
|
||||
|
||||
PVE::AccessControl::lock_user_config(
|
||||
sub {
|
||||
|
||||
my $usercfg = cfs_read_file("user.cfg");
|
||||
|
||||
my $pool = $param->{poolid};
|
||||
|
||||
my $data = $usercfg->{pools}->{$pool};
|
||||
|
||||
die "pool '$pool' does not exist\n"
|
||||
if !$data;
|
||||
|
||||
$data->{comment} = $param->{comment} if defined($param->{comment});
|
||||
|
||||
if (defined($param->{vms})) {
|
||||
foreach my $vmid (PVE::Tools::split_list($param->{vms})) {
|
||||
if ($param->{delete}) {
|
||||
die "VM $vmid is not a pool member\n"
|
||||
if !$data->{vms}->{$vmid};
|
||||
delete $data->{vms}->{$vmid};
|
||||
delete $usercfg->{vms}->{$vmid};
|
||||
} else {
|
||||
die "VM $vmid is already a pool member\n"
|
||||
if $data->{vms}->{$vmid};
|
||||
die "VM $vmid belongs to pool '$usercfg->{vms}->{$vmid}'\n"
|
||||
if $usercfg->{vms}->{$vmid};
|
||||
|
||||
$data->{vms}->{$vmid} = 1;
|
||||
$usercfg->{vms}->{$vmid} = 1;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if (defined($param->{storage})) {
|
||||
foreach my $storeid (PVE::Tools::split_list($param->{storage})) {
|
||||
if ($param->{delete}) {
|
||||
die "Storage '$storeid' is not a pool member\n"
|
||||
if !$data->{storage}->{$storeid};
|
||||
delete $data->{storage}->{$storeid};
|
||||
} else {
|
||||
die "Storage '$storeid' is already a pool member\n"
|
||||
if $data->{storage}->{$storeid};
|
||||
|
||||
$data->{storage}->{$storeid} = 1;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
cfs_write_file("user.cfg", $usercfg);
|
||||
}, "update pools failed");
|
||||
|
||||
return undef;
|
||||
}});
|
||||
|
||||
__PACKAGE__->register_method ({
|
||||
name => 'read_pool',
|
||||
path => '{poolid}',
|
||||
method => 'GET',
|
||||
permissions => {
|
||||
check => ['perm', '/access', ['Sys.Audit']],
|
||||
},
|
||||
description => "Get group configuration.",
|
||||
parameters => {
|
||||
additionalProperties => 0,
|
||||
properties => {
|
||||
poolid => {type => 'string', format => 'pve-poolid' },
|
||||
},
|
||||
},
|
||||
returns => {
|
||||
type => "object",
|
||||
additionalProperties => 0,
|
||||
properties => {
|
||||
comment => { type => 'string', optional => 1 },
|
||||
members => {
|
||||
type => 'array',
|
||||
items => {
|
||||
type => "object",
|
||||
additionalProperties => 0,
|
||||
properties => {
|
||||
type => { type => 'string', enum => ['vm', 'storage'] },
|
||||
id => { type => 'string' },
|
||||
vmid => { type => 'integer', optional => 1 },
|
||||
storage => { type => 'string', optional => 1 },
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
code => sub {
|
||||
my ($param) = @_;
|
||||
|
||||
my $usercfg = cfs_read_file("user.cfg");
|
||||
|
||||
my $pool = $param->{poolid};
|
||||
|
||||
my $data = $usercfg->{pools}->{$pool};
|
||||
|
||||
die "pool '$pool' does not exist\n"
|
||||
if !$data;
|
||||
|
||||
my $members = [];
|
||||
|
||||
foreach my $vmid (keys %{$data->{vms}}) {
|
||||
push @$members, {
|
||||
id => "vm/$vmid",
|
||||
vmid => $vmid + 0,
|
||||
type => 'vm',
|
||||
};
|
||||
}
|
||||
|
||||
foreach my $storage (keys %{$data->{storage}}) {
|
||||
push @$members, {
|
||||
id => "storage/$storage",
|
||||
storage => $storage,
|
||||
type => 'storage',
|
||||
};
|
||||
}
|
||||
|
||||
my $res = { members => $members };
|
||||
$res->{comment} = $data->{comment} if defined($data->{comment});
|
||||
|
||||
return $res;
|
||||
}});
|
||||
|
||||
|
||||
__PACKAGE__->register_method ({
|
||||
name => 'delete_pool',
|
||||
protected => 1,
|
||||
path => '{poolid}',
|
||||
method => 'DELETE',
|
||||
permissions => {
|
||||
check => ['perm', '/access', ['Sys.Modify']],
|
||||
},
|
||||
description => "Delete group.",
|
||||
parameters => {
|
||||
additionalProperties => 0,
|
||||
properties => {
|
||||
poolid => { type => 'string', format => 'pve-poolid' },
|
||||
}
|
||||
},
|
||||
returns => { type => 'null' },
|
||||
code => sub {
|
||||
my ($param) = @_;
|
||||
|
||||
PVE::AccessControl::lock_user_config(
|
||||
sub {
|
||||
|
||||
my $usercfg = cfs_read_file("user.cfg");
|
||||
|
||||
my $pool = $param->{poolid};
|
||||
|
||||
my $data = $usercfg->{pools}->{$pool};
|
||||
|
||||
die "pool '$pool' does not exist\n"
|
||||
if !$data;
|
||||
|
||||
delete ($usercfg->{pools}->{$pool});
|
||||
|
||||
PVE::AccessControl::delete_pool_acl($pool, $usercfg);
|
||||
|
||||
cfs_write_file("user.cfg", $usercfg);
|
||||
}, "delete pool failed");
|
||||
|
||||
return undef;
|
||||
}});
|
||||
|
||||
1;
|
5
pveum
5
pveum
@ -14,7 +14,6 @@ use PVE::API2::User;
|
||||
use PVE::API2::Group;
|
||||
use PVE::API2::Role;
|
||||
use PVE::API2::ACL;
|
||||
use PVE::API2::Pool;
|
||||
use PVE::API2::AccessControl;
|
||||
use PVE::JSONSchema qw(get_standard_option);
|
||||
use PVE::CLIHandler;
|
||||
@ -73,10 +72,6 @@ my $cmddef = {
|
||||
rolemod => [ 'PVE::API2::Role', 'update_role', ['roleid'] ],
|
||||
roledel => [ 'PVE::API2::Role', 'delete_role', ['roleid'] ],
|
||||
|
||||
pooladd => [ 'PVE::API2::Pool', 'create_pool', ['poolid'] ],
|
||||
poolmod => [ 'PVE::API2::Pool', 'update_pool', ['poolid'] ],
|
||||
pooldel => [ 'PVE::API2::Pool', 'delete_pool', ['poolid'] ],
|
||||
|
||||
aclmod => [ 'PVE::API2::ACL', 'update_acl', ['path', 'roles'], { delete => 0 }],
|
||||
acldel => [ 'PVE::API2::ACL', 'update_acl', ['path', 'roles'], { delete => 1 }],
|
||||
};
|
||||
|
Loading…
Reference in New Issue
Block a user