[pve-devel] [PATCH access-control/manager/docs v4] fix #3668: improving realm sync

Dominik Csapak d.csapak at proxmox.com
Mon Mar 28 14:38:01 CEST 2022 

this deprecates the 'full' and 'purge' sync options and replaces them with
a 'remove-vanished' option, where we have multiple flags to determine
which things we want to remove when they are not in the sync response.

with the new regression tests, we can see that the sync result stays the
same with one exception of deleting the acls even when we did not delete
the user

changes from v3:
* added regression tests (i found some bugs with those ;) )
* fixed the mapping of parameters and not only the 'defaul-sync-options'
* fixed use of 'remove_vanished' instead of 'remove-vanished'

changes from v2:
* instead of having a mode, define what we actually do: configure what
  we remove when it (or the depending entry) vanishes
* let the user remove the ACLs only, even when not removing the users
* have less fields that the user *must* give on sync, since there are
  more defaults that are explained in the gui

changes from v1:
* replace the 'remove-vanished' by a new 'mode' selection and adding
  an appropriate mode

pve-access-control:

Dominik Csapak (4):
  add regression tests for realm-sync
  fix #3668: realm-sync: replace 'full' and 'purge' options with
    'remove-vanished'
  convert regression tests to new 'remove-vanished' parameter
  add realm-sync regression test for new 'remove-vanished'

 src/PVE/API2/Domains.pm     | 168 ++++++++++------
 src/PVE/Auth/Plugin.pm      |  27 ++-
 src/test/Makefile           |   1 +
 src/test/realm_sync_test.pl | 371 ++++++++++++++++++++++++++++++++++++
 4 files changed, 504 insertions(+), 63 deletions(-)
 create mode 100755 src/test/realm_sync_test.pl

pve-manager:

Dominik Csapak (1):
  ui: realm sync: replace 'full' and 'purge' with 'remove-vanished'

 www/manager6/dc/AuthEditLDAP.js | 63 +++++++++++++++++++------------
 www/manager6/dc/SyncWindow.js   | 66 ++++++++++++++++++++-------------
 2 files changed, 80 insertions(+), 49 deletions(-)

pve-docs:

Dominik Csapak (1):
  update documentation about sync-options

 pveum.adoc | 20 ++++++++++++++------
 1 file changed, 14 insertions(+), 6 deletions(-)

-- 
2.30.2

More information about the pve-devel mailing list