@xen-orchestra/acl 1.3.0 → 1.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/actions/backup-repository.d.mts +1 -0
- package/dist/actions/backup-repository.mjs +1 -0
- package/dist/actions/host.d.mts +13 -1
- package/dist/actions/host.mjs +13 -1
- package/dist/actions/index.d.mts +16 -1
- package/dist/actions/network.d.mts +1 -0
- package/dist/actions/network.mjs +1 -0
- package/dist/actions/vif.d.mts +1 -0
- package/dist/actions/vif.mjs +1 -0
- package/dist/generated/privilege-types.d.mts +4 -4
- package/dist/index.d.mts +1 -1
- package/package.json +2 -2
package/dist/actions/host.d.mts
CHANGED
|
@@ -1,14 +1,26 @@
|
|
|
1
1
|
declare const _default: {
|
|
2
2
|
'allow-vm': boolean;
|
|
3
|
+
detach: boolean;
|
|
3
4
|
disable: boolean;
|
|
4
|
-
'migrate-receive': boolean;
|
|
5
5
|
enable: boolean;
|
|
6
6
|
evacuate: boolean;
|
|
7
7
|
export: {
|
|
8
8
|
logs: boolean;
|
|
9
9
|
};
|
|
10
|
+
forget: boolean;
|
|
10
11
|
'join-pool': boolean;
|
|
12
|
+
'migrate-receive': boolean;
|
|
11
13
|
read: boolean;
|
|
14
|
+
reboot: {
|
|
15
|
+
clean: boolean;
|
|
16
|
+
smart: boolean;
|
|
17
|
+
};
|
|
18
|
+
'restart-toolstack': boolean;
|
|
19
|
+
shutdown: {
|
|
20
|
+
clean: boolean;
|
|
21
|
+
emergency: boolean;
|
|
22
|
+
};
|
|
23
|
+
start: boolean;
|
|
12
24
|
update: {
|
|
13
25
|
tags: boolean;
|
|
14
26
|
};
|
package/dist/actions/host.mjs
CHANGED
|
@@ -1,14 +1,26 @@
|
|
|
1
1
|
export default {
|
|
2
2
|
'allow-vm': true,
|
|
3
|
+
detach: true,
|
|
3
4
|
disable: true,
|
|
4
|
-
'migrate-receive': true,
|
|
5
5
|
enable: true,
|
|
6
6
|
evacuate: true,
|
|
7
7
|
export: {
|
|
8
8
|
logs: true,
|
|
9
9
|
},
|
|
10
|
+
forget: true,
|
|
10
11
|
'join-pool': true,
|
|
12
|
+
'migrate-receive': true,
|
|
11
13
|
read: true,
|
|
14
|
+
reboot: {
|
|
15
|
+
clean: true,
|
|
16
|
+
smart: true,
|
|
17
|
+
},
|
|
18
|
+
'restart-toolstack': true,
|
|
19
|
+
shutdown: {
|
|
20
|
+
clean: true,
|
|
21
|
+
emergency: true,
|
|
22
|
+
},
|
|
23
|
+
start: true,
|
|
12
24
|
update: {
|
|
13
25
|
tags: true,
|
|
14
26
|
},
|
package/dist/actions/index.d.mts
CHANGED
|
@@ -37,6 +37,7 @@ export declare const SUPPORTED_ACTIONS_BY_RESOURCE: {
|
|
|
37
37
|
read: boolean;
|
|
38
38
|
};
|
|
39
39
|
readonly 'backup-repository': {
|
|
40
|
+
benchmark: boolean;
|
|
40
41
|
create: boolean;
|
|
41
42
|
read: boolean;
|
|
42
43
|
forget: boolean;
|
|
@@ -62,15 +63,27 @@ export declare const SUPPORTED_ACTIONS_BY_RESOURCE: {
|
|
|
62
63
|
};
|
|
63
64
|
readonly host: {
|
|
64
65
|
'allow-vm': boolean;
|
|
66
|
+
detach: boolean;
|
|
65
67
|
disable: boolean;
|
|
66
|
-
'migrate-receive': boolean;
|
|
67
68
|
enable: boolean;
|
|
68
69
|
evacuate: boolean;
|
|
69
70
|
export: {
|
|
70
71
|
logs: boolean;
|
|
71
72
|
};
|
|
73
|
+
forget: boolean;
|
|
72
74
|
'join-pool': boolean;
|
|
75
|
+
'migrate-receive': boolean;
|
|
73
76
|
read: boolean;
|
|
77
|
+
reboot: {
|
|
78
|
+
clean: boolean;
|
|
79
|
+
smart: boolean;
|
|
80
|
+
};
|
|
81
|
+
'restart-toolstack': boolean;
|
|
82
|
+
shutdown: {
|
|
83
|
+
clean: boolean;
|
|
84
|
+
emergency: boolean;
|
|
85
|
+
};
|
|
86
|
+
start: boolean;
|
|
74
87
|
update: {
|
|
75
88
|
tags: boolean;
|
|
76
89
|
};
|
|
@@ -84,6 +97,7 @@ export declare const SUPPORTED_ACTIONS_BY_RESOURCE: {
|
|
|
84
97
|
read: boolean;
|
|
85
98
|
update: {
|
|
86
99
|
tags: boolean;
|
|
100
|
+
other_config: boolean;
|
|
87
101
|
};
|
|
88
102
|
};
|
|
89
103
|
readonly pbd: {
|
|
@@ -216,6 +230,7 @@ export declare const SUPPORTED_ACTIONS_BY_RESOURCE: {
|
|
|
216
230
|
lockingMode: boolean;
|
|
217
231
|
rateLimit: boolean;
|
|
218
232
|
txChecksumming: boolean;
|
|
233
|
+
other_config: boolean;
|
|
219
234
|
};
|
|
220
235
|
};
|
|
221
236
|
readonly 'vm-controller': {
|
package/dist/actions/network.mjs
CHANGED
package/dist/actions/vif.d.mts
CHANGED
package/dist/actions/vif.mjs
CHANGED
|
@@ -62,7 +62,7 @@ export type BackupLogPrivilege = {
|
|
|
62
62
|
export type BackupRepositoryPrivilege = {
|
|
63
63
|
id: XoAclBasePrivilege['id']
|
|
64
64
|
resource: 'backup-repository'
|
|
65
|
-
action: '*' | 'create' | 'read' | 'forget' | 'update' | '*' | 'update:enabled' | 'update:name' | 'update:options' | 'update:proxy' | 'update:url'
|
|
65
|
+
action: '*' | 'benchmark' | 'create' | 'read' | 'forget' | 'update' | '*' | 'update:enabled' | 'update:name' | 'update:options' | 'update:proxy' | 'update:url'
|
|
66
66
|
selector?: XoAclBasePrivilege['selector']
|
|
67
67
|
effect: XoAclBasePrivilege['effect']
|
|
68
68
|
roleId: XoAclBasePrivilege['roleId']
|
|
@@ -89,7 +89,7 @@ export type GpuGroupPrivilege = {
|
|
|
89
89
|
export type HostPrivilege = {
|
|
90
90
|
id: XoAclBasePrivilege['id']
|
|
91
91
|
resource: 'host'
|
|
92
|
-
action: '*' | 'allow-vm' | '
|
|
92
|
+
action: '*' | 'allow-vm' | 'detach' | 'disable' | 'enable' | 'evacuate' | 'export' | '*' | 'export:logs' | 'forget' | 'join-pool' | 'migrate-receive' | 'read' | 'reboot' | '*' | 'reboot:clean' | 'reboot:smart' | 'restart-toolstack' | 'shutdown' | '*' | 'shutdown:clean' | 'shutdown:emergency' | 'start' | 'update' | '*' | 'update:tags'
|
|
93
93
|
selector?: XoAclBasePrivilege['selector']
|
|
94
94
|
effect: XoAclBasePrivilege['effect']
|
|
95
95
|
roleId: XoAclBasePrivilege['roleId']
|
|
@@ -107,7 +107,7 @@ export type MessagePrivilege = {
|
|
|
107
107
|
export type NetworkPrivilege = {
|
|
108
108
|
id: XoAclBasePrivilege['id']
|
|
109
109
|
resource: 'network'
|
|
110
|
-
action: '*' | 'create' | 'delete' | 'read' | 'update' | '*' | 'update:tags'
|
|
110
|
+
action: '*' | 'create' | 'delete' | 'read' | 'update' | '*' | 'update:tags' | 'update:other_config'
|
|
111
111
|
selector?: XoAclBasePrivilege['selector']
|
|
112
112
|
effect: XoAclBasePrivilege['effect']
|
|
113
113
|
roleId: XoAclBasePrivilege['roleId']
|
|
@@ -287,7 +287,7 @@ export type VgpuTypePrivilege = {
|
|
|
287
287
|
export type VifPrivilege = {
|
|
288
288
|
id: XoAclBasePrivilege['id']
|
|
289
289
|
resource: 'vif'
|
|
290
|
-
action: '*' | 'connect' | 'create' | 'delete' | 'disconnect' | 'read' | 'update' | '*' | 'update:allowedIpv4Addresses' | 'update:allowedIpv6Addresses' | 'update:lockingMode' | 'update:rateLimit' | 'update:txChecksumming'
|
|
290
|
+
action: '*' | 'connect' | 'create' | 'delete' | 'disconnect' | 'read' | 'update' | '*' | 'update:allowedIpv4Addresses' | 'update:allowedIpv6Addresses' | 'update:lockingMode' | 'update:rateLimit' | 'update:txChecksumming' | 'update:other_config'
|
|
291
291
|
selector?: XoAclBasePrivilege['selector']
|
|
292
292
|
effect: XoAclBasePrivilege['effect']
|
|
293
293
|
roleId: XoAclBasePrivilege['roleId']
|
package/dist/index.d.mts
CHANGED
|
@@ -23,7 +23,7 @@ export declare function hasPrivilegeOn<T extends SupportedResource>({ user, acti
|
|
|
23
23
|
export declare function getMissingPrivileges(params: AnyPrivilegeOnParam[], userPrivileges: AnyPrivilege[]): {
|
|
24
24
|
objectId: unknown;
|
|
25
25
|
objectIds: unknown[] | undefined;
|
|
26
|
-
action: "create" | "delete" | "read" | "update" | "forget" | "allow-vm" | "
|
|
26
|
+
action: "create" | "delete" | "read" | "update" | "benchmark" | "forget" | "allow-vm" | "detach" | "disable" | "enable" | "evacuate" | "export" | "join-pool" | "migrate-receive" | "reboot" | "restart-toolstack" | "shutdown" | "start" | "plug" | "unplug" | "add-host" | "emergency-shutdown" | "rolling-reboot" | "rolling-update" | "run" | "connect" | "disconnect" | "import" | "reclaim-space" | "scan" | "abort" | "boot" | "export-content" | "import-content" | "migrate-send" | "instantiate" | "clone" | "pause" | "resume" | "revert-snapshot" | "snapshot" | "suspend" | "unpause" | "*" | "update:action" | "update:resource" | "update:effect" | "update:selector" | "update:description" | "update:groups" | "update:name" | "update:users" | "update:proxy" | "update:enabled" | "update:options" | "update:url" | "update:tags" | "export:logs" | "reboot:clean" | "reboot:smart" | "shutdown:clean" | "shutdown:emergency" | "update:other_config" | "update:management" | "create:network" | "create:vm" | "import:vdi" | "import:vm" | "update:password" | "update:permission" | "update:preferences" | "update:allowedIpv4Addresses" | "update:allowedIpv6Addresses" | "update:lockingMode" | "update:rateLimit" | "update:txChecksumming" | "update:affinityHost" | "update:autoPoweron" | "update:blockedOperations" | "update:coresPerSocket" | "update:cpuCap" | "update:cpuMask" | "update:cpuWeight" | "update:cpus" | "update:cpusStaticMax" | "update:creation" | "update:datasources" | "update:expNestedHvm" | "update:hasVendorDevice" | "update:highAvailability" | "update:hvmBootFirmware" | "update:memory" | "update:memoryMax" | "update:memoryMin" | "update:memoryStaticMax" | "update:nameDescription" | "update:nameLabel" | "update:nestedVirt" | "update:nicType" | "update:notes" | "update:PV_args" | "update:resourceSet" | "update:secureBoot" | "update:share" | "update:startDelay" | "update:suspendSr" | "update:uefiMode" | "update:vga" | "update:videoram" | "update:viridian" | "update:virtualizationMode" | "update:xenStoreData" | "reboot:hard" | "shutdown:hard";
|
|
27
27
|
resource: "acl-privilege" | "acl-role" | "alarm" | "backup-archive" | "backup-job" | "backup-log" | "backup-repository" | "group" | "gpuGroup" | "host" | "message" | "network" | "pbd" | "pci" | "pgpu" | "pif" | "pool" | "proxy" | "restore-log" | "schedule" | "server" | "sm" | "sr" | "task" | "user" | "vbd" | "vdi-snapshot" | "vdi-unmanaged" | "vdi" | "vgpu" | "vgpuType" | "vif" | "vm-controller" | "vm-snapshot" | "vm-template" | "vm" | "vtpm";
|
|
28
28
|
}[];
|
|
29
29
|
export declare function hasPrivileges(params: AnyPrivilegeOnParam[], userPrivileges: AnyPrivilege[]): boolean;
|
package/package.json
CHANGED
|
@@ -6,7 +6,7 @@
|
|
|
6
6
|
"main": "dist/index.mjs",
|
|
7
7
|
"name": "@xen-orchestra/acl",
|
|
8
8
|
"homepage": "https://github.com/vatesfr/xen-orchestra/tree/master/@xen-orchestra/acl",
|
|
9
|
-
"version": "1.
|
|
9
|
+
"version": "1.4.0",
|
|
10
10
|
"license": "AGPL-3.0-or-later",
|
|
11
11
|
"private": false,
|
|
12
12
|
"type": "module",
|
|
@@ -30,7 +30,7 @@
|
|
|
30
30
|
},
|
|
31
31
|
"devDependencies": {
|
|
32
32
|
"@eslint/js": "^9.19.0",
|
|
33
|
-
"@vates/types": "^1.
|
|
33
|
+
"@vates/types": "^1.28.0",
|
|
34
34
|
"rimraf": "^6.0.1",
|
|
35
35
|
"typescript": "~5.6",
|
|
36
36
|
"typescript-eslint": "^8.61.0"
|