we have each privilege as property of the return object, so we generate it from $valid_privs
this has the advantage that all privileges are well documented with that api call Signed-off-by: Dominik Csapak <[email protected]> --- PVE/API2/Role.pm | 4 +--- PVE/AccessControl.pm | 11 +++++++++++ 2 files changed, 12 insertions(+), 3 deletions(-) diff --git a/PVE/API2/Role.pm b/PVE/API2/Role.pm index 80959b0..83e4a9d 100644 --- a/PVE/API2/Role.pm +++ b/PVE/API2/Role.pm @@ -163,9 +163,7 @@ __PACKAGE__->register_method ({ returns => { type => "object", additionalProperties => 0, - properties => { - privs => get_standard_option('role-privs'), - }, + properties => PVE::AccessControl::create_priv_properties(), }, code => sub { my ($param) = @_; diff --git a/PVE/AccessControl.pm b/PVE/AccessControl.pm index 44fc0aa..bdadfd2 100644 --- a/PVE/AccessControl.pm +++ b/PVE/AccessControl.pm @@ -499,6 +499,17 @@ sub create_roles { create_roles(); +sub create_priv_properties { + my $properties = {}; + foreach my $priv (keys %$valid_privs) { + $properties->{$priv} = { + type => 'boolean', + optional => 1, + }; + } + return $properties; +} + sub role_is_special { my ($role) = @_; return (exists $special_roles->{$role}) ? 1 : 0; -- 2.11.0 _______________________________________________ pve-devel mailing list [email protected] https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
