From: "Fabian Grünbichler" <f.gruenbichler@proxmox.com>
To: Proxmox Datacenter Manager development discussion
<pdm-devel@lists.proxmox.com>
Subject: Re: [pdm-devel] [PATCH datacenter-manager 3/3] server: clean up acl tree entries and api tokens when deleting users
Date: Fri, 26 Sep 2025 11:18:37 +0200 [thread overview]
Message-ID: <1758878085.9rkx5o98e5.astroid@yuna.none> (raw)
In-Reply-To: <20250924145137.407070-9-s.sterz@proxmox.com>
On September 24, 2025 4:51 pm, Shannon Sterz wrote:
> Signed-off-by: Shannon Sterz <s.sterz@proxmox.com>
> ---
> server/src/api/access/users.rs | 39 +++++++++++++++++++++++++++++-----
> 1 file changed, 34 insertions(+), 5 deletions(-)
>
> diff --git a/server/src/api/access/users.rs b/server/src/api/access/users.rs
> index da598d8..1d1accb 100644
> --- a/server/src/api/access/users.rs
> +++ b/server/src/api/access/users.rs
> @@ -334,20 +334,19 @@ pub fn update_user(
> /// Remove a user from the configuration file.
> pub fn delete_user(userid: Userid, digest: Option<ConfigDigest>) -> Result<(), Error> {
> let _lock = proxmox_access_control::user::lock_config()?;
> + let _acl_lock = proxmox_access_control::acl::lock_config()?;
> let _tfa_lock = crate::auth::tfa::write_lock()?;
>
> - let (mut config, config_digest) = proxmox_access_control::user::config()?;
> + let (mut user_config, config_digest) = proxmox_access_control::user::config()?;
> config_digest.detect_modification(digest.as_ref())?;
>
> - match config.sections.get(userid.as_str()) {
> + match user_config.sections.get(userid.as_str()) {
> Some(_) => {
> - config.sections.remove(userid.as_str());
> + user_config.sections.remove(userid.as_str());
> }
> None => bail!("user '{}' does not exist.", userid),
> }
>
> - proxmox_access_control::user::save_config(&config)?;
> -
> let authenticator = crate::auth::lookup_authenticator(userid.realm())?;
> match authenticator.remove_password(userid.name()) {
> Ok(()) => {}
> @@ -375,6 +374,36 @@ pub fn delete_user(userid: Userid, digest: Option<ConfigDigest>) -> Result<(), E
> }
> }
>
> + let user_tokens: Vec<ApiToken> = user_config
> + .convert_to_typed_array::<ApiToken>("token")?
> + .into_iter()
> + .filter(|token| token.tokenid.user().eq(&userid))
> + .collect();
do we have any consistency checks between ACLs and users/tokens? if not,
then..
> +
> + let (mut acl_config, _digest) = proxmox_access_control::acl::config()?;
> +
> + let auth_id = userid.clone().into();
> + acl_config.delete_authid(&auth_id);
> +
> + for token in user_tokens {
> + if let Some(token_name) = token.tokenid.tokenname() {
> + let tokenid = Authid::from((userid.clone(), Some(token_name.to_owned())));
> + let tokenid_string = tokenid.to_string();
> + if user_config.sections.remove(&tokenid_string).is_none() {
> + bail!(
> + "token '{}' of user '{userid}' does not exist.",
> + token_name.as_str()
> + );
> + }
> +
> + proxmox_access_control::token_shadow::delete_secret(&tokenid)?;
> + acl_config.delete_authid(&tokenid);
this is not enough to remove all ACLs, since removing a token via the
token API currently does not clean up its ACL entries..
> + }
> + }
> +
> + proxmox_access_control::user::save_config(&user_config)?;
> + proxmox_access_control::acl::save_config(&acl_config)?;
> +
> Ok(())
> }
>
> --
> 2.47.3
>
>
>
> _______________________________________________
> pdm-devel mailing list
> pdm-devel@lists.proxmox.com
> https://lists.proxmox.com/cgi-bin/mailman/listinfo/pdm-devel
>
>
>
_______________________________________________
pdm-devel mailing list
pdm-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pdm-devel
prev parent reply other threads:[~2025-09-26 9:18 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-09-24 14:51 [pdm-devel] [RFC datacenter-manager/proxmox/yew-comp 0/8] token support for pdm Shannon Sterz
2025-09-24 14:51 ` [pdm-devel] [PATCH proxmox 1/3] access-control: refactor api module to be more hirachical Shannon Sterz
2025-09-26 8:26 ` Dominik Csapak
2025-09-24 14:51 ` [pdm-devel] [PATCH proxmox 2/3] access-control: move `ApiTokenSecret` to types module Shannon Sterz
2025-09-26 9:14 ` Fabian Grünbichler
2025-09-24 14:51 ` [pdm-devel] [PATCH proxmox 3/3] access-control: add api endpoints for handling tokens Shannon Sterz
2025-09-26 9:14 ` Fabian Grünbichler
2025-09-24 14:51 ` [pdm-devel] [PATCH yew-comp 1/2] utils/user_panel: factor out epoch_to_input_value helper Shannon Sterz
2025-09-27 16:57 ` [pdm-devel] applied: " Thomas Lamprecht
2025-09-24 14:51 ` [pdm-devel] [PATCH yew-comp 2/2] token_panel: implement a token panel Shannon Sterz
2025-09-26 8:50 ` Dominik Csapak
2025-09-27 17:07 ` Thomas Lamprecht
2025-09-27 16:57 ` [pdm-devel] applied: " Thomas Lamprecht
2025-09-24 14:51 ` [pdm-devel] [PATCH datacenter-manager 1/3] ui: add a token panel and a token acl edit menu in the permissions panel Shannon Sterz
2025-09-24 14:51 ` [pdm-devel] [PATCH datacenter-manager 2/3] server: access: use token endpoints from proxmox-access-control Shannon Sterz
2025-09-24 14:51 ` [pdm-devel] [PATCH datacenter-manager 3/3] server: clean up acl tree entries and api tokens when deleting users Shannon Sterz
2025-09-26 9:18 ` Fabian Grünbichler [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1758878085.9rkx5o98e5.astroid@yuna.none \
--to=f.gruenbichler@proxmox.com \
--cc=pdm-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox