@xen-orchestra/acl 1.3.0 → 1.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -1,4 +1,5 @@
1
1
  declare const _default: {
2
+ benchmark: boolean;
2
3
  create: boolean;
3
4
  read: boolean;
4
5
  forget: boolean;
@@ -1,4 +1,5 @@
1
1
  export default {
2
+ benchmark: true,
2
3
  create: true,
3
4
  read: true,
4
5
  forget: true,
@@ -1,14 +1,26 @@
1
1
  declare const _default: {
2
2
  'allow-vm': boolean;
3
+ detach: boolean;
3
4
  disable: boolean;
4
- 'migrate-receive': boolean;
5
5
  enable: boolean;
6
6
  evacuate: boolean;
7
7
  export: {
8
8
  logs: boolean;
9
9
  };
10
+ forget: boolean;
10
11
  'join-pool': boolean;
12
+ 'migrate-receive': boolean;
11
13
  read: boolean;
14
+ reboot: {
15
+ clean: boolean;
16
+ smart: boolean;
17
+ };
18
+ 'restart-toolstack': boolean;
19
+ shutdown: {
20
+ clean: boolean;
21
+ emergency: boolean;
22
+ };
23
+ start: boolean;
12
24
  update: {
13
25
  tags: boolean;
14
26
  };
@@ -1,14 +1,26 @@
1
1
  export default {
2
2
  'allow-vm': true,
3
+ detach: true,
3
4
  disable: true,
4
- 'migrate-receive': true,
5
5
  enable: true,
6
6
  evacuate: true,
7
7
  export: {
8
8
  logs: true,
9
9
  },
10
+ forget: true,
10
11
  'join-pool': true,
12
+ 'migrate-receive': true,
11
13
  read: true,
14
+ reboot: {
15
+ clean: true,
16
+ smart: true,
17
+ },
18
+ 'restart-toolstack': true,
19
+ shutdown: {
20
+ clean: true,
21
+ emergency: true,
22
+ },
23
+ start: true,
12
24
  update: {
13
25
  tags: true,
14
26
  },
@@ -37,6 +37,7 @@ export declare const SUPPORTED_ACTIONS_BY_RESOURCE: {
37
37
  read: boolean;
38
38
  };
39
39
  readonly 'backup-repository': {
40
+ benchmark: boolean;
40
41
  create: boolean;
41
42
  read: boolean;
42
43
  forget: boolean;
@@ -62,15 +63,27 @@ export declare const SUPPORTED_ACTIONS_BY_RESOURCE: {
62
63
  };
63
64
  readonly host: {
64
65
  'allow-vm': boolean;
66
+ detach: boolean;
65
67
  disable: boolean;
66
- 'migrate-receive': boolean;
67
68
  enable: boolean;
68
69
  evacuate: boolean;
69
70
  export: {
70
71
  logs: boolean;
71
72
  };
73
+ forget: boolean;
72
74
  'join-pool': boolean;
75
+ 'migrate-receive': boolean;
73
76
  read: boolean;
77
+ reboot: {
78
+ clean: boolean;
79
+ smart: boolean;
80
+ };
81
+ 'restart-toolstack': boolean;
82
+ shutdown: {
83
+ clean: boolean;
84
+ emergency: boolean;
85
+ };
86
+ start: boolean;
74
87
  update: {
75
88
  tags: boolean;
76
89
  };
@@ -84,6 +97,7 @@ export declare const SUPPORTED_ACTIONS_BY_RESOURCE: {
84
97
  read: boolean;
85
98
  update: {
86
99
  tags: boolean;
100
+ other_config: boolean;
87
101
  };
88
102
  };
89
103
  readonly pbd: {
@@ -216,6 +230,7 @@ export declare const SUPPORTED_ACTIONS_BY_RESOURCE: {
216
230
  lockingMode: boolean;
217
231
  rateLimit: boolean;
218
232
  txChecksumming: boolean;
233
+ other_config: boolean;
219
234
  };
220
235
  };
221
236
  readonly 'vm-controller': {
@@ -4,6 +4,7 @@ declare const _default: {
4
4
  read: boolean;
5
5
  update: {
6
6
  tags: boolean;
7
+ other_config: boolean;
7
8
  };
8
9
  };
9
10
  export default _default;
@@ -4,5 +4,6 @@ export default {
4
4
  read: true,
5
5
  update: {
6
6
  tags: true,
7
+ other_config: true,
7
8
  },
8
9
  };
@@ -10,6 +10,7 @@ declare const _default: {
10
10
  lockingMode: boolean;
11
11
  rateLimit: boolean;
12
12
  txChecksumming: boolean;
13
+ other_config: boolean;
13
14
  };
14
15
  };
15
16
  export default _default;
@@ -10,5 +10,6 @@ export default {
10
10
  lockingMode: true,
11
11
  rateLimit: true,
12
12
  txChecksumming: true,
13
+ other_config: true,
13
14
  },
14
15
  };
@@ -62,7 +62,7 @@ export type BackupLogPrivilege = {
62
62
  export type BackupRepositoryPrivilege = {
63
63
  id: XoAclBasePrivilege['id']
64
64
  resource: 'backup-repository'
65
- action: '*' | 'create' | 'read' | 'forget' | 'update' | '*' | 'update:enabled' | 'update:name' | 'update:options' | 'update:proxy' | 'update:url'
65
+ action: '*' | 'benchmark' | 'create' | 'read' | 'forget' | 'update' | '*' | 'update:enabled' | 'update:name' | 'update:options' | 'update:proxy' | 'update:url'
66
66
  selector?: XoAclBasePrivilege['selector']
67
67
  effect: XoAclBasePrivilege['effect']
68
68
  roleId: XoAclBasePrivilege['roleId']
@@ -89,7 +89,7 @@ export type GpuGroupPrivilege = {
89
89
  export type HostPrivilege = {
90
90
  id: XoAclBasePrivilege['id']
91
91
  resource: 'host'
92
- action: '*' | 'allow-vm' | 'disable' | 'migrate-receive' | 'enable' | 'evacuate' | 'export' | '*' | 'export:logs' | 'join-pool' | 'read' | 'update' | '*' | 'update:tags'
92
+ action: '*' | 'allow-vm' | 'detach' | 'disable' | 'enable' | 'evacuate' | 'export' | '*' | 'export:logs' | 'forget' | 'join-pool' | 'migrate-receive' | 'read' | 'reboot' | '*' | 'reboot:clean' | 'reboot:smart' | 'restart-toolstack' | 'shutdown' | '*' | 'shutdown:clean' | 'shutdown:emergency' | 'start' | 'update' | '*' | 'update:tags'
93
93
  selector?: XoAclBasePrivilege['selector']
94
94
  effect: XoAclBasePrivilege['effect']
95
95
  roleId: XoAclBasePrivilege['roleId']
@@ -107,7 +107,7 @@ export type MessagePrivilege = {
107
107
  export type NetworkPrivilege = {
108
108
  id: XoAclBasePrivilege['id']
109
109
  resource: 'network'
110
- action: '*' | 'create' | 'delete' | 'read' | 'update' | '*' | 'update:tags'
110
+ action: '*' | 'create' | 'delete' | 'read' | 'update' | '*' | 'update:tags' | 'update:other_config'
111
111
  selector?: XoAclBasePrivilege['selector']
112
112
  effect: XoAclBasePrivilege['effect']
113
113
  roleId: XoAclBasePrivilege['roleId']
@@ -287,7 +287,7 @@ export type VgpuTypePrivilege = {
287
287
  export type VifPrivilege = {
288
288
  id: XoAclBasePrivilege['id']
289
289
  resource: 'vif'
290
- action: '*' | 'connect' | 'create' | 'delete' | 'disconnect' | 'read' | 'update' | '*' | 'update:allowedIpv4Addresses' | 'update:allowedIpv6Addresses' | 'update:lockingMode' | 'update:rateLimit' | 'update:txChecksumming'
290
+ action: '*' | 'connect' | 'create' | 'delete' | 'disconnect' | 'read' | 'update' | '*' | 'update:allowedIpv4Addresses' | 'update:allowedIpv6Addresses' | 'update:lockingMode' | 'update:rateLimit' | 'update:txChecksumming' | 'update:other_config'
291
291
  selector?: XoAclBasePrivilege['selector']
292
292
  effect: XoAclBasePrivilege['effect']
293
293
  roleId: XoAclBasePrivilege['roleId']
package/dist/index.d.mts CHANGED
@@ -23,7 +23,7 @@ export declare function hasPrivilegeOn<T extends SupportedResource>({ user, acti
23
23
  export declare function getMissingPrivileges(params: AnyPrivilegeOnParam[], userPrivileges: AnyPrivilege[]): {
24
24
  objectId: unknown;
25
25
  objectIds: unknown[] | undefined;
26
- action: "create" | "delete" | "read" | "update" | "forget" | "allow-vm" | "disable" | "migrate-receive" | "enable" | "evacuate" | "export" | "join-pool" | "plug" | "unplug" | "add-host" | "emergency-shutdown" | "rolling-reboot" | "rolling-update" | "run" | "connect" | "disconnect" | "import" | "reclaim-space" | "scan" | "abort" | "boot" | "export-content" | "import-content" | "migrate-send" | "instantiate" | "clone" | "pause" | "reboot" | "resume" | "revert-snapshot" | "shutdown" | "snapshot" | "start" | "suspend" | "unpause" | "*" | "update:action" | "update:resource" | "update:effect" | "update:selector" | "update:description" | "update:groups" | "update:name" | "update:users" | "update:proxy" | "update:enabled" | "update:options" | "update:url" | "update:tags" | "export:logs" | "update:management" | "create:network" | "create:vm" | "import:vdi" | "import:vm" | "update:password" | "update:permission" | "update:preferences" | "update:allowedIpv4Addresses" | "update:allowedIpv6Addresses" | "update:lockingMode" | "update:rateLimit" | "update:txChecksumming" | "update:affinityHost" | "update:autoPoweron" | "update:blockedOperations" | "update:coresPerSocket" | "update:cpuCap" | "update:cpuMask" | "update:cpuWeight" | "update:cpus" | "update:cpusStaticMax" | "update:creation" | "update:datasources" | "update:expNestedHvm" | "update:hasVendorDevice" | "update:highAvailability" | "update:hvmBootFirmware" | "update:memory" | "update:memoryMax" | "update:memoryMin" | "update:memoryStaticMax" | "update:nameDescription" | "update:nameLabel" | "update:nestedVirt" | "update:nicType" | "update:notes" | "update:PV_args" | "update:resourceSet" | "update:secureBoot" | "update:share" | "update:startDelay" | "update:suspendSr" | "update:uefiMode" | "update:vga" | "update:videoram" | "update:viridian" | "update:virtualizationMode" | "update:xenStoreData" | "reboot:clean" | "reboot:hard" | "shutdown:clean" | "shutdown:hard";
26
+ action: "create" | "delete" | "read" | "update" | "benchmark" | "forget" | "allow-vm" | "detach" | "disable" | "enable" | "evacuate" | "export" | "join-pool" | "migrate-receive" | "reboot" | "restart-toolstack" | "shutdown" | "start" | "plug" | "unplug" | "add-host" | "emergency-shutdown" | "rolling-reboot" | "rolling-update" | "run" | "connect" | "disconnect" | "import" | "reclaim-space" | "scan" | "abort" | "boot" | "export-content" | "import-content" | "migrate-send" | "instantiate" | "clone" | "pause" | "resume" | "revert-snapshot" | "snapshot" | "suspend" | "unpause" | "*" | "update:action" | "update:resource" | "update:effect" | "update:selector" | "update:description" | "update:groups" | "update:name" | "update:users" | "update:proxy" | "update:enabled" | "update:options" | "update:url" | "update:tags" | "export:logs" | "reboot:clean" | "reboot:smart" | "shutdown:clean" | "shutdown:emergency" | "update:other_config" | "update:management" | "create:network" | "create:vm" | "import:vdi" | "import:vm" | "update:password" | "update:permission" | "update:preferences" | "update:allowedIpv4Addresses" | "update:allowedIpv6Addresses" | "update:lockingMode" | "update:rateLimit" | "update:txChecksumming" | "update:affinityHost" | "update:autoPoweron" | "update:blockedOperations" | "update:coresPerSocket" | "update:cpuCap" | "update:cpuMask" | "update:cpuWeight" | "update:cpus" | "update:cpusStaticMax" | "update:creation" | "update:datasources" | "update:expNestedHvm" | "update:hasVendorDevice" | "update:highAvailability" | "update:hvmBootFirmware" | "update:memory" | "update:memoryMax" | "update:memoryMin" | "update:memoryStaticMax" | "update:nameDescription" | "update:nameLabel" | "update:nestedVirt" | "update:nicType" | "update:notes" | "update:PV_args" | "update:resourceSet" | "update:secureBoot" | "update:share" | "update:startDelay" | "update:suspendSr" | "update:uefiMode" | "update:vga" | "update:videoram" | "update:viridian" | "update:virtualizationMode" | "update:xenStoreData" | "reboot:hard" | "shutdown:hard";
27
27
  resource: "acl-privilege" | "acl-role" | "alarm" | "backup-archive" | "backup-job" | "backup-log" | "backup-repository" | "group" | "gpuGroup" | "host" | "message" | "network" | "pbd" | "pci" | "pgpu" | "pif" | "pool" | "proxy" | "restore-log" | "schedule" | "server" | "sm" | "sr" | "task" | "user" | "vbd" | "vdi-snapshot" | "vdi-unmanaged" | "vdi" | "vgpu" | "vgpuType" | "vif" | "vm-controller" | "vm-snapshot" | "vm-template" | "vm" | "vtpm";
28
28
  }[];
29
29
  export declare function hasPrivileges(params: AnyPrivilegeOnParam[], userPrivileges: AnyPrivilege[]): boolean;
package/package.json CHANGED
@@ -6,7 +6,7 @@
6
6
  "main": "dist/index.mjs",
7
7
  "name": "@xen-orchestra/acl",
8
8
  "homepage": "https://github.com/vatesfr/xen-orchestra/tree/master/@xen-orchestra/acl",
9
- "version": "1.3.0",
9
+ "version": "1.4.0",
10
10
  "license": "AGPL-3.0-or-later",
11
11
  "private": false,
12
12
  "type": "module",
@@ -30,7 +30,7 @@
30
30
  },
31
31
  "devDependencies": {
32
32
  "@eslint/js": "^9.19.0",
33
- "@vates/types": "^1.27.0",
33
+ "@vates/types": "^1.28.0",
34
34
  "rimraf": "^6.0.1",
35
35
  "typescript": "~5.6",
36
36
  "typescript-eslint": "^8.61.0"