yesBad/pve-storage
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix permission check for backup file removal

Browse Source
This commit is contained in:
Dietmar Maurer
2013-03-01 06:04:03 +01:00
parent b8744249a2
commit df6b79c892
3 changed files with 20 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
PVE/API2/Storage/Content.pm
View File

@ -249,7 +249,7 @@ __PACKAGE__->register_method ({
method => 'DELETE',
description => "Delete volume",
permissions => {
description => "You need 'Datastore.Allocate' privilege on the storage ('Datastore.AllocateSpace' is not enough).",
description => "You need 'Datastore.Allocate' privilege on the storage (or 'Datastore.AllocateSpace' for backup volumes if you have VM.Backup privilege on the VM).",
user => 'all',
},
protected => 1,
@ -272,12 +272,18 @@ __PACKAGE__->register_method ({
my $rpcenv = PVE::RPCEnvironment::get();
my $authuser = $rpcenv->get_user();
my ($volid, $storeid) = &$real_volume_id($param->{storage}, $param->{volume});
$rpcenv->check($authuser, "/storage/$storeid", ['Datastore.Allocate']);
my $cfg = cfs_read_file('storage.cfg');
my ($volid, $storeid) = &$real_volume_id($param->{storage}, $param->{volume});
my ($path, $ownervm, $vtype) = PVE::Storage::path($cfg, $volid);
if ($vtype eq 'backup' && $ownervm) {
$rpcenv->check($authuser, "/storage/$storeid", ['Datastore.AllocateSpace']);
$rpcenv->check($authuser, "/vms/$ownervm", ['VM.Backup']);
} else {
$rpcenv->check($authuser, "/storage/$storeid", ['Datastore.Allocate']);
}
PVE::Storage::vdisk_free ($cfg, $volid);
return undef;