yesBad/pve-storage
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

api: disk list: allow if an audit permission for the node is present

Browse Source 
as that seems to be the more natural permission path for listing a nodes local
disks. For backwards compatibility, the old permission check has to be kept
(relevant with propagate=0).

This API call was originally part of the Ceph API and got copied here later,
which might explain the current permission check.

In the UI, the Disk panel is visible with a node audit permission, but the API
call itself failed without the '/' audit permission.

Signed-off-by: Fabian Ebner <f.ebner@proxmox.com>
This commit is contained in:
Fabian Ebner
2021-03-10 10:26:27 +01:00
committed by Thomas Lamprecht
parent 6c460330bb
commit 1d6c548889
1 changed files with 4 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
PVE/API2/Disks.pm
View File

@ -82,7 +82,10 @@ __PACKAGE__->register_method ({
protected => 1,
proxyto => 'node',
permissions => {
check => ['perm', '/', ['Sys.Audit', 'Datastore.Audit'], any => 1],
check => ['or',
['perm', '/', ['Sys.Audit', 'Datastore.Audit'], any => 1],
['perm', '/nodes/{node}', ['Sys.Audit', 'Datastore.Audit'], any => 1],
],
},
parameters => {
additionalProperties => 0,