From 97bd5825057a1f408a1ddcd718fa5ae6eae721aa Mon Sep 17 00:00:00 2001 From: Arthur Lu Date: Sun, 29 Mar 2026 17:51:59 +0000 Subject: [PATCH] fix issue with pve group creation appending unused realm string --- app/common/types.go | 5 ++++- app/common/utils.go | 2 ++ app/ldap/ldap.go | 1 + app/operations.go | 1 - app/pve/pve.go | 5 +++-- 5 files changed, 10 insertions(+), 4 deletions(-) diff --git a/app/common/types.go b/app/common/types.go index 0e66048..00bc59e 100644 --- a/app/common/types.go +++ b/app/common/types.go @@ -9,7 +9,10 @@ type Pool struct { Templates Templates `json:"templates"` } -type Groupname struct { // proxmox typically formats as gid-realm for non pve realms +// proxmox typically formats as gid-realm for non pve realms +// proxmox realms are formatted without realm values +// I assume that backends store groups by ID only and only proxmox will append the realm string +type Groupname struct { GroupID string `json:"gid"` Realm string `json:"realm"` } diff --git a/app/common/utils.go b/app/common/utils.go index b8f65a1..999f357 100644 --- a/app/common/utils.go +++ b/app/common/utils.go @@ -6,6 +6,8 @@ import ( ) // returns an error if the groupname format was not correct +// TODO: handle group names with x-y format where y is not a registered realm +// TODO: handle group names with x-y-z-... format func ParseGroupname(groupname string) (Groupname, error) { g := Groupname{} x := strings.Split(groupname, "-") diff --git a/app/ldap/ldap.go b/app/ldap/ldap.go index d10ce10..345ba4f 100644 --- a/app/ldap/ldap.go +++ b/app/ldap/ldap.go @@ -169,6 +169,7 @@ func (l LDAPClient) GetGroup(groupname common.Groupname) (common.Group, int, err } func (l LDAPClient) NewGroup(groupname common.Groupname) (int, error) { + // add new group by ID only addRequest := ldap.NewAddRequest( fmt.Sprintf("cn=%s,ou=groups,%s", groupname.GroupID, l.config.BaseDN), // DN nil, // controls diff --git a/app/operations.go b/app/operations.go index 2d0973e..3baa5c0 100644 --- a/app/operations.go +++ b/app/operations.go @@ -19,7 +19,6 @@ func NewGroup(backends *Backends, groupname common.Groupname) (int, error) { case "pve": return backends.pve.NewGroup(groupname) case "ldap": - code, err := backends.ldap.NewGroup(groupname) if err != nil { return code, err diff --git a/app/pve/pve.go b/app/pve/pve.go index e94f461..bd043c6 100644 --- a/app/pve/pve.go +++ b/app/pve/pve.go @@ -98,7 +98,8 @@ func (pve ProxmoxClient) DelPool(poolname string) (int, error) { } func (pve ProxmoxClient) NewGroup(groupname common.Groupname) (int, error) { - err := pve.client.NewGroup(context.Background(), groupname.ToString(), "") + // add new group ny ID only + err := pve.client.NewGroup(context.Background(), groupname.GroupID, "") if proxmox.IsNotAuthorized(err) { return 401, err } else if err != nil { @@ -109,7 +110,7 @@ func (pve ProxmoxClient) NewGroup(groupname common.Groupname) (int, error) { } func (pve ProxmoxClient) DelGroup(groupname common.Groupname) (int, error) { - pvegroup, err := pve.client.Group(context.Background(), groupname.ToString()) + pvegroup, err := pve.client.Group(context.Background(), groupname.GroupID) if proxmox.IsNotFound(err) { // errors if group does not exist return 404, err } else if err != nil {