yesBad/pve-storage
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

delete volume requires Datastore.Allocate

Browse Source
This commit is contained in:
Dietmar Maurer
2012-02-22 12:08:54 +01:00
parent 0c1473f928
commit b755bdb0f9
3 changed files with 25 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
Makefile
View File

@ -2,7 +2,7 @@ RELEASE=2.0
VERSION=2.0 VERSION=2.0
PACKAGE=libpve-storage-perl PACKAGE=libpve-storage-perl
PKGREL=11 PKGREL=12
DESTDIR= DESTDIR=
PREFIX=/usr PREFIX=/usr

23
PVE/API2/Storage/Content.pm
View File

@ -177,6 +177,7 @@ my $real_volume_id = sub {
raise_param_exc({ storage => "storage ID missmatch" }) raise_param_exc({ storage => "storage ID missmatch" })
if $storeid && $sid ne $storeid; if $storeid && $sid ne $storeid;
$volid = $volume; $volid = $volume;
$storeid = $sid;
}; };
raise_param_exc({ volume => $@}) if $@; raise_param_exc({ volume => $@}) if $@;
@ -187,7 +188,7 @@ my $real_volume_id = sub {
$volid = "$storeid:$volume"; $volid = "$storeid:$volume";
} }
return $volid; return wantarray ? ($volid, $storeid) : $volid;
}; };
__PACKAGE__->register_method ({ __PACKAGE__->register_method ({
@ -196,7 +197,8 @@ __PACKAGE__->register_method ({
method => 'GET', method => 'GET',
description => "Get volume attributes", description => "Get volume attributes",
permissions => { permissions => {
check => ['perm', '/storage/{storage}', ['Datastore.Audit', 'Datastore.AllocateSpace'], any => 1], description => "You need 'Datastore.Audit' or 'Datastore.AllocateSpace' privilege on the storage.",
user => 'all',
}, },
protected => 1, protected => 1,
proxyto => 'node', proxyto => 'node',
@ -215,7 +217,12 @@ __PACKAGE__->register_method ({
code => sub { code => sub {
my ($param) = @_; my ($param) = @_;
my $volid = &$real_volume_id($param->{storage}, $param->{volume}); my $rpcenv = PVE::RPCEnvironment::get();
my $authuser = $rpcenv->get_user();
my ($volid, $storeid) = &$real_volume_id($param->{storage}, $param->{volume});
$rpcenv->check_any($authuser, "/storage/$storeid", ['Datastore.Audit', 'Datastore.AllocateSpace']);
my $cfg = cfs_read_file('storage.cfg'); my $cfg = cfs_read_file('storage.cfg');
@ -236,7 +243,8 @@ __PACKAGE__->register_method ({
method => 'DELETE', method => 'DELETE',
description => "Delete volume", description => "Delete volume",
permissions => { permissions => {
check => ['perm', '/storage/{storage}', ['Datastore.AllocateSpace']], description => "You need 'Datastore.Allocate' privilege on the storage ('Datastore.AllocateSpace' is not enough).",
user => 'all',
}, },
protected => 1, protected => 1,
proxyto => 'node', proxyto => 'node',
@ -255,7 +263,12 @@ __PACKAGE__->register_method ({
code => sub { code => sub {
my ($param) = @_; my ($param) = @_;
my $volid = &$real_volume_id($param->{storage}, $param->{volume}); my $rpcenv = PVE::RPCEnvironment::get();
my $authuser = $rpcenv->get_user();
my ($volid, $storeid) = &$real_volume_id($param->{storage}, $param->{volume});
$rpcenv->check($authuser, "/storage/$storeid", ['Datastore.Allocate']);
my $cfg = cfs_read_file('storage.cfg'); my $cfg = cfs_read_file('storage.cfg');

6
changelog.Debian
View File

@ -1,3 +1,9 @@
libpve-storage-perl (2.0-12) unstable; urgency=low
* fix permission checks (delete volume requires Datastore.Allocate)
-- Proxmox Support Team <support@proxmox.com> Wed, 22 Feb 2012 12:08:16 +0100
libpve-storage-perl (2.0-11) unstable; urgency=low libpve-storage-perl (2.0-11) unstable; urgency=low
* only list iscsi when enabled (content == images) * only list iscsi when enabled (content == images)