From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by lists.proxmox.com (Postfix) with ESMTPS id EF659916EF for ; Wed, 21 Dec 2022 14:07:18 +0100 (CET) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id AC0437DA5 for ; Wed, 21 Dec 2022 14:06:48 +0100 (CET) Received: from proxmox-new.maurer-it.com (proxmox-new.maurer-it.com [94.136.29.106]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by firstgate.proxmox.com (Proxmox) with ESMTPS for ; Wed, 21 Dec 2022 14:06:48 +0100 (CET) Received: from proxmox-new.maurer-it.com (localhost.localdomain [127.0.0.1]) by proxmox-new.maurer-it.com (Proxmox) with ESMTP id D800244E96 for ; Wed, 21 Dec 2022 14:06:47 +0100 (CET) Message-ID: <2f8aa6d0-76ef-8a70-9f39-4d5ce0e7cfb1@proxmox.com> Date: Wed, 21 Dec 2022 14:06:46 +0100 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Thunderbird/109.0 Content-Language: en-GB To: Proxmox Backup Server development discussion , =?UTF-8?Q?Fabian_Gr=C3=BCnbichler?= , Hannes Laimer References: <20221220145714.63985-1-h.laimer@proxmox.com> <20221220145714.63985-5-h.laimer@proxmox.com> <085a267f-64e3-7e94-3781-9400589c870a@proxmox.com> <1671619620.8tmlx3xl5k.astroid@yuna.none> From: Thomas Lamprecht In-Reply-To: <1671619620.8tmlx3xl5k.astroid@yuna.none> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-SPAM-LEVEL: Spam detection results: 0 AWL 0.551 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment NICE_REPLY_A -1.161 Looks like a legit reply (A) SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record Subject: Re: [pbs-devel] [PATCH proxmox-backup 4/5] fix #3887: api2: add regenerate token endpoint X-BeenThere: pbs-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox Backup Server development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 21 Dec 2022 13:07:19 -0000 On 21/12/2022 11:53, Fabian Grünbichler wrote: >>> +const TOKEN_SUBDIRS: SubdirMap = &[( >>> + "regenerate", >>> + &Router::new().post(&API_METHOD_REGENERATE_TOKEN), >>> +)]; >>> + >>> const TOKEN_ITEM_ROUTER: Router = Router::new() >>> .get(&API_METHOD_READ_TOKEN) >>> .put(&API_METHOD_UPDATE_TOKEN) >>> .post(&API_METHOD_GENERATE_TOKEN) >>> - .delete(&API_METHOD_DELETE_TOKEN); >>> + .delete(&API_METHOD_DELETE_TOKEN) >>> + .subdirs(TOKEN_SUBDIRS); >> hmm, but now I cannot get the available subdir's via GET due to that being >> already used for reading the token info. Besides the added imperfection, I'm >> actually not sure from top of my head about the implications in PBS, but in >> PVE this would cause some technical issues in pvesh/api-viewer - did you >> check how those (debug api and api-viewer) handle to a shared subdir + "normal" >> get on the same API endpoint? > yeah, this would break editing tokens (and external calls to that GET API endpoint). > >>> >>> const TOKEN_ROUTER: Router = Router::new() >>> .get(&API_METHOD_LIST_TOKENS) > it could be folded either into the update_token call (currently no return type, > could return an optional new secret) or the generate_token call, guarded by a > new "regenerate" boolean parameter. for updating it could even be combined with > an actual metadata update, for generate it would probably make more sense to > enforce that any optional parameters match the current one to avoid accidents.. I'd favor the PUT update one from a REST design POV, as an existing resource is changed, not a new resource allocated.