From mboxrd@z Thu Jan 1 00:00:00 1970
Return-Path: <pdm-devel-bounces@lists.proxmox.com>
Received: from firstgate.proxmox.com (firstgate.proxmox.com [IPv6:2a01:7e0:0:424::9])
by lore.proxmox.com (Postfix) with ESMTPS id CD3541FF16B
for <inbox@lore.proxmox.com>; Thu, 3 Apr 2025 16:18:25 +0200 (CEST)
Received: from firstgate.proxmox.com (localhost [127.0.0.1])
by firstgate.proxmox.com (Proxmox) with ESMTP id 182AA3C64;
Thu, 3 Apr 2025 16:18:14 +0200 (CEST)
From: Shannon Sterz <s.sterz@proxmox.com>
To: pdm-devel@lists.proxmox.com
Date: Thu, 3 Apr 2025 16:17:57 +0200
Message-Id: <20250403141806.402974-1-s.sterz@proxmox.com>
X-Mailer: git-send-email 2.39.5
MIME-Version: 1.0
X-SPAM-LEVEL: Spam detection results: 0
AWL 0.016 Adjusted score from AWL reputation of From: address
BAYES_00 -1.9 Bayes spam probability is 0 to 1%
DMARC_MISSING 0.1 Missing DMARC policy
KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment
RCVD_IN_VALIDITY_CERTIFIED_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to
Validity was blocked. See
https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more
information.
RCVD_IN_VALIDITY_RPBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to
Validity was blocked. See
https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more
information.
RCVD_IN_VALIDITY_SAFE_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to
Validity was blocked. See
https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more
information.
SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record
SPF_PASS -0.001 SPF: sender matches SPF record
Subject: [pdm-devel] [PATCH datacenter-manager/proxmox/yew-comp 0/9] ACL
edit api and ui components
X-BeenThere: pdm-devel@lists.proxmox.com
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Proxmox Datacenter Manager development discussion
<pdm-devel.lists.proxmox.com>
List-Unsubscribe: <https://lists.proxmox.com/cgi-bin/mailman/options/pdm-devel>,
<mailto:pdm-devel-request@lists.proxmox.com?subject=unsubscribe>
List-Archive: <http://lists.proxmox.com/pipermail/pdm-devel/>
List-Post: <mailto:pdm-devel@lists.proxmox.com>
List-Help: <mailto:pdm-devel-request@lists.proxmox.com?subject=help>
List-Subscribe: <https://lists.proxmox.com/cgi-bin/mailman/listinfo/pdm-devel>,
<mailto:pdm-devel-request@lists.proxmox.com?subject=subscribe>
Reply-To: Proxmox Datacenter Manager development discussion
<pdm-devel@lists.proxmox.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: pdm-devel-bounces@lists.proxmox.com
Sender: "pdm-devel" <pdm-devel-bounces@lists.proxmox.com>
this series aims to make more parts of our access control list
implementation re-usable between products. in a first step most of the
relevant api endpoints and api types are moved to
`proxmox-access-control`. this is done by adding a new `api` feature
that includes the necessary api endpoints. the `AccessControlConfig`
trait is also expanded to make the api endpoints more adaptable to
different products. by providing default implementations for the newly
added trait functions existing users don't need to change anything.
next the series adds components to proxmox-yew-comp to provide a panel
for inspecting the current acl and adding or removing entries. this is
done by using the existing `RoleSelector` and `AuthidSelector`
components. the later is also slightly adapted to make it possible to
change the api endpoint that roles are fetched from as well as the
default role. the `AclView` component allows users of the crate to add
more options for adding ACL entries. meaning they can configure distinct
components for adding user, token or group permissions. this is done in
a generic fashion so that extending this menu does not require changing
the component again.
finally proxmox-datacenter-manager is adapted to use the new api
endpoints in `proxmox-access-control` and a permissions panel is
implemented. note that this would benefit from some clean-up once
permission path and such are cleaned up.
proxmox:
Shannon Sterz (4):
access-control: add more types to prepare for api feature
access-control: add acl api feature
access-control: add comments to roles function of AccessControlConfig
access-control: add generic roles endpoint to `api` feature
proxmox-access-control/Cargo.toml | 8 +
proxmox-access-control/src/acl.rs | 12 +-
proxmox-access-control/src/api.rs | 321 ++++++++++++++++++
.../src/cached_user_info.rs | 4 +-
proxmox-access-control/src/init.rs | 27 +-
proxmox-access-control/src/lib.rs | 3 +
proxmox-access-control/src/types.rs | 87 ++++-
7 files changed, 450 insertions(+), 12 deletions(-)
create mode 100644 proxmox-access-control/src/api.rs
proxmox-yew-comp:
Shannon Sterz (3):
api-types/role_selector: depend on common `RoleInfo` type
acl: add a view and semi-generic `EditWindow` for acl entries
role_selector/acl_edit: make api endpoint and default role
configurable
src/acl/acl_edit.rs | 112 +++++++++++++++++
src/acl/acl_view.rs | 270 ++++++++++++++++++++++++++++++++++++++++
src/acl/mod.rs | 5 +
src/common_api_types.rs | 8 --
src/lib.rs | 3 +
src/role_selector.rs | 22 +++-
6 files changed, 407 insertions(+), 13 deletions(-)
create mode 100644 src/acl/acl_edit.rs
create mode 100644 src/acl/acl_view.rs
create mode 100644 src/acl/mod.rs
proxmox-datacenter-manager:
Shannon Sterz (2):
server: use proxmox-access-control api implementations
ui: configuration: add panel for viewing and editing acl entries
server/Cargo.toml | 2 +-
server/src/acl.rs | 102 ++++-
server/src/api/access/acl.rs | 357 ------------------
server/src/api/access/mod.rs | 4 +-
ui/src/configuration/mod.rs | 23 +-
.../configuration/permission_path_selector.rs | 88 +++++
6 files changed, 210 insertions(+), 366 deletions(-)
delete mode 100644 server/src/api/access/acl.rs
create mode 100644 ui/src/configuration/permission_path_selector.rs
Summary over all repositories:
19 files changed, 1067 insertions(+), 391 deletions(-)
--
Generated by git-murpp 0.8.0
_______________________________________________
pdm-devel mailing list
pdm-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pdm-devel