From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from ronja.mits.lan by ronja.mits.lan with LMTP id eHXHHdyqcmbWLwAAxxbTJA (envelope-from ); Wed, 19 Jun 2024 11:54:36 +0200 Received: from proxmox-new.maurer-it.com (unknown [192.168.2.33]) by ronja.mits.lan (Postfix) with ESMTPS id 5CCFAF63D90; Wed, 19 Jun 2024 11:54:36 +0200 (CEST) Received: from proxmox-new.maurer-it.com (localhost.localdomain [127.0.0.1]) by proxmox-new.maurer-it.com (Proxmox) with ESMTP id 4054A47C8B; Wed, 19 Jun 2024 11:54:36 +0200 (CEST) Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by proxmox-new.maurer-it.com (Proxmox) with ESMTPS; Wed, 19 Jun 2024 11:54:35 +0200 (CEST) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 6F51BFFB; Wed, 19 Jun 2024 11:54:33 +0200 (CEST) Mime-Version: 1.0 Date: Wed, 19 Jun 2024 11:54:29 +0200 Message-Id: From: "Shannon Sterz" To: "Shannon Sterz" , X-Mailer: aerc 0.17.0-69-g65571b67d7d3-dirty References: <20240613125236.236802-1-s.sterz@proxmox.com> In-Reply-To: <20240613125236.236802-1-s.sterz@proxmox.com> Subject: Re: [pbs-devel] [PATCH proxmox v2 0/7] add proxmox-access-control crate X-BeenThere: pbs-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox Backup Server development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: Proxmox Backup Server development discussion Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: pbs-devel-bounces@lists.proxmox.com Sender: "pbs-devel" X-SPAM-LEVEL: Spam detection results: 0 DMARC_MISSING 0.1 Missing DMARC policy KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment KAM_LAZY_DOMAIN_SECURITY 1 Sending domain does not have any anti-forgery methods MAILING_LIST_MULTI -2 Multiple indicators imply a widely-seen list manager RCVD_IN_DNSWL_MED -2.3 Sender listed at https://www.dnswl.org/, medium trust SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_NONE 0.001 SPF: sender does not publish an SPF Record T_SCC_BODY_TEXT_LINE -0.01 - On Thu Jun 13, 2024 at 2:52 PM CEST, Shannon Sterz wrote: > this series intends to add a crate that factors out most parts of > proxmox backup server's access control handling. it does so by > introducing a trait called `AccessControlConfig` that defines the > privileges, roles, superuser, groups, caching method, admin- and > no-access-roles for a product. > > this trait is to be implemented by the users of this crate and passed to > an `init` function alongside the path to a directory that will contain > all relevant config files. > > changes since v1: > > - rename from `proxmox-access` to `proxmox-access-control` thanks @ > Thomas > - rename `AcmConfig` to `AccessControlConfig` > - flatten `User` into `UserWithToken` thanks @ Wolfgang > - adjust some visibility modifiers thanks @ Wolfgang > - removed shared memory caching and added functions so that users of > this crate can implement a preferred caching method thanks @ Wolfgang > - split the crate into a `impl` and `default` feature so the `default` > feature only includes the types and not the whole implementation > > proxmox: > > Shannon Sterz (7): > access-control: add the proxmox-access crate to reuse acl trees > access-control: define `User`, `UserWithTokens` and `ApiTokens` types > access-control: make token shadow implementation re-usable > access-control: factor out user config handling > access: increment user cache generation when saving acl config > access: move to flatten `User` into `UserWithToken` > access-control: split crate in `default` and `impl` features > > Cargo.toml | 3 + > proxmox-access-control/Cargo.toml | 42 + > proxmox-access-control/src/acl.rs | 1006 +++++++++++++++++ > .../src/cached_user_info.rs | 246 ++++ > proxmox-access-control/src/init.rs | 123 ++ > proxmox-access-control/src/lib.rs | 18 + > proxmox-access-control/src/token_shadow.rs | 84 ++ > proxmox-access-control/src/types.rs | 194 ++++ > proxmox-access-control/src/user.rs | 180 +++ > 9 files changed, 1896 insertions(+) > create mode 100644 proxmox-access-control/Cargo.toml > create mode 100644 proxmox-access-control/src/acl.rs > create mode 100644 proxmox-access-control/src/cached_user_info.rs > create mode 100644 proxmox-access-control/src/init.rs > create mode 100644 proxmox-access-control/src/lib.rs > create mode 100644 proxmox-access-control/src/token_shadow.rs > create mode 100644 proxmox-access-control/src/types.rs > create mode 100644 proxmox-access-control/src/user.rs > > > Summary over all repositories: > 9 files changed, 1896 insertions(+), 0 deletions(-) > > -- > Generated by git-murpp 0.5.0 i'll send a v3 as i had to adapt it a little to make it work as intended. discard this. _______________________________________________ pbs-devel mailing list pbs-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel