From: Dominik Csapak <d.csapak@proxmox.com>
To: pve-devel@lists.proxmox.com
Subject: [pve-devel] [PATCH access-control v3 1/2] realm sync: refactor scope/remove-vanished into a standard option
Date: Tue, 17 Jan 2023 12:46:53 +0100 [thread overview]
Message-ID: <20230117114659.2397499-3-d.csapak@proxmox.com> (raw)
In-Reply-To: <20230117114659.2397499-1-d.csapak@proxmox.com>
so that we can reuse it easily
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
---
src/PVE/Auth/Plugin.pm | 42 +++++++++++++++++++++++-------------------
1 file changed, 23 insertions(+), 19 deletions(-)
diff --git a/src/PVE/Auth/Plugin.pm b/src/PVE/Auth/Plugin.pm
index bae9fb9..b341046 100755
--- a/src/PVE/Auth/Plugin.pm
+++ b/src/PVE/Auth/Plugin.pm
@@ -51,26 +51,30 @@ PVE::JSONSchema::register_standard_option('realm', {
my $remove_options = "(?:acl|properties|entry)";
+PVE::JSONSchema::register_standard_option('sync-scope', {
+ description => "Select what to sync.",
+ type => 'string',
+ enum => [qw(users groups both)],
+ optional => '1',
+});
+
+PVE::JSONSchema::register_standard_option('sync-remove-vanished', {
+ description => "A semicolon-seperated list of things to remove when they or the user"
+ ." vanishes during a sync. The following values are possible: 'entry' removes the"
+ ." user/group when not returned from the sync. 'properties' removes the set"
+ ." properties on existing user/group that do not appear in the source (even custom ones)."
+ ." 'acl' removes acls when the user/group is not returned from the sync."
+ ." Instead of a list it also can be 'none' (the default).",
+ type => 'string',
+ default => 'none',
+ typetext => "([acl];[properties];[entry])|none",
+ pattern => "(?:(?:$remove_options\;)*$remove_options)|none",
+ optional => '1',
+});
+
my $realm_sync_options_desc = {
- scope => {
- description => "Select what to sync.",
- type => 'string',
- enum => [qw(users groups both)],
- optional => '1',
- },
- 'remove-vanished' => {
- description => "A semicolon-seperated list of things to remove when they or the user"
- ." vanishes during a sync. The following values are possible: 'entry' removes the"
- ." user/group when not returned from the sync. 'properties' removes the set"
- ." properties on existing user/group that do not appear in the source (even custom ones)."
- ." 'acl' removes acls when the user/group is not returned from the sync."
- ." Instead of a list it also can be 'none' (the default).",
- type => 'string',
- default => 'none',
- typetext => "([acl];[properties];[entry])|none",
- pattern => "(?:(?:$remove_options\;)*$remove_options)|none",
- optional => '1',
- },
+ scope => get_standard_option('sync-scope'),
+ 'remove-vanished' => get_standard_option('sync-remove-vanished'),
# TODO check/rewrite in pve7to8, and remove with 8.0
full => {
description => "DEPRECATED: use 'remove-vanished' instead. If set, uses the LDAP Directory as source of truth,"
--
2.30.2
next prev parent reply other threads:[~2023-01-17 11:47 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-01-17 11:46 [pve-devel] [PATCH common/access-control/wt/manager v3] add realm sync jobs Dominik Csapak
2023-01-17 11:46 ` [pve-devel] [PATCH common v3 1/1] SectionConfig: add helper to delete keys from a section config entry Dominik Csapak
2023-03-08 6:53 ` Thomas Lamprecht
2023-03-11 17:23 ` [pve-devel] applied: " Thomas Lamprecht
2023-01-17 11:46 ` Dominik Csapak [this message]
2023-03-08 11:43 ` [pve-devel] applied: [PATCH access-control v3 1/2] realm sync: refactor scope/remove-vanished into a standard option Thomas Lamprecht
2023-01-17 11:46 ` [pve-devel] [PATCH access-control v3 2/2] add realm-sync plugin for jobs and CRUD api for realm-sync-jobs Dominik Csapak
2023-06-07 8:38 ` [pve-devel] applied: " Thomas Lamprecht
2023-01-17 11:46 ` [pve-devel] [PATCH widget-toolkit v3 1/1] RealmComboBox: add custom store filters for callers Dominik Csapak
2023-03-14 14:26 ` [pve-devel] applied: " Thomas Lamprecht
2023-01-17 11:46 ` [pve-devel] [PATCH manager v3 1/4] Jobs: include existing types in state file regex for deletion Dominik Csapak
2023-01-17 11:46 ` [pve-devel] [PATCH manager v3 2/4] Jobs: add RealmSync Plugin and register it Dominik Csapak
2023-01-17 11:46 ` [pve-devel] [PATCH manager v3 3/4] api: add realm-sync crud api to /cluster/jobs Dominik Csapak
2023-01-17 11:46 ` [pve-devel] [PATCH manager v3 4/4] ui: add Realm Sync panel Dominik Csapak
2023-03-07 8:06 ` [pve-devel] [PATCH common/access-control/wt/manager v3] add realm sync jobs Dominik Csapak
2023-05-03 7:35 ` Dominik Csapak
2023-06-07 9:59 ` Thomas Lamprecht
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230117114659.2397499-3-d.csapak@proxmox.com \
--to=d.csapak@proxmox.com \
--cc=pve-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox