this can be used to test the resulting config before actually changing anything
Signed-off-by: Dominik Csapak <d.csa...@proxmox.com> --- PVE/API2/Domains.pm | 50 +++++++++++++++++++++++++++++++++++++++++---- 1 file changed, 46 insertions(+), 4 deletions(-) diff --git a/PVE/API2/Domains.pm b/PVE/API2/Domains.pm index b42d4f6..1a5700e 100644 --- a/PVE/API2/Domains.pm +++ b/PVE/API2/Domains.pm @@ -341,6 +341,33 @@ my $update_groups = sub { } }; +my $print_users_and_groups = sub { + my ($config, $realm, $scope) = @_; + + my $tmp_config = { + users => {}, + groups => {}, + }; + + if ($scope eq 'users' || $scope eq 'both') { + foreach my $userid (sort keys %{$config->{users}}) { + next if $userid !~ m/\@$realm$/; + $tmp_config->{users}->{$userid} = $config->{users}->{$userid}; + } + } + if ($scope eq 'groups' || $scope eq 'both') { + foreach my $groupid (sort keys %{$config->{groups}}) { + next if $groupid !~ m/-$realm$/; + $tmp_config->{groups}->{$groupid} = $config->{groups}->{$groupid}; + } + } + + my $res = PVE::AccessControl::write_user_config("", $tmp_config); + $res =~ s/\n{2,}$/\n/m; # remove trailing empty lines + $res =~ s/^\n+//m; # remove preceding empty lines + print $res; +}; + my $parse_sync_opts = sub { my ($param, $realmconfig) = @_; @@ -386,7 +413,13 @@ __PACKAGE__->register_method ({ additionalProperties => 0, properties => get_standard_option('realm-sync-options', { realm => get_standard_option('realm'), - }) + 'no-write' => { + description => "If set, does not write anything.", + type => 'boolean', + optional => 1, + default => 0, + }, + }), }, returns => { description => 'Worker Task-UPID', @@ -398,6 +431,8 @@ __PACKAGE__->register_method ({ my $rpcenv = PVE::RPCEnvironment::get(); my $authuser = $rpcenv->get_user(); + my $write = !(extract_param($param, 'no-write')); + my $realm = $param->{realm}; my $cfg = cfs_read_file($domainconfigfile); my $realmconfig = $cfg->{ids}->{$realm}; @@ -437,12 +472,19 @@ __PACKAGE__->register_method ({ $update_groups->($usercfg, $realm, $synced_groups, $opts); } - cfs_write_file("user.cfg", $usercfg); - print "successfully updated $whatstring configuration\n"; + cfs_write_file("user.cfg", $usercfg) if $write; + print "successfully updated $whatstring configuration\n" if $write; + if (!$write) { + print "\nresulting user/group config lines:\n"; + print "-----------\n"; + $print_users_and_groups->($usercfg, $realm, $scope); + print "-----------\n"; + } }, "syncing $whatstring failed"); }; - return $rpcenv->fork_worker('auth-realm-sync', $realm, $authuser, $worker); + my $workerid = $write ? 'auth-realm-sync' : 'auth-realm-sync-test'; + return $rpcenv->fork_worker($workerid, $realm, $authuser, $worker); }}); 1; -- 2.20.1 _______________________________________________ pve-devel mailing list pve-devel@pve.proxmox.com https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel