yesBad/pve-storage
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix permission check for backup file removal

Browse Source
This commit is contained in:
Dietmar Maurer
2013-03-01 06:04:03 +01:00
parent b8744249a2
commit df6b79c892
3 changed files with 20 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
Makefile
View File

@ -2,7 +2,7 @@ RELEASE=2.3
VERSION=2.3 VERSION=2.3
PACKAGE=libpve-storage-perl PACKAGE=libpve-storage-perl
PKGREL=4 PKGREL=5
DESTDIR= DESTDIR=
PREFIX=/usr PREFIX=/usr

14
PVE/API2/Storage/Content.pm
View File

@ -249,7 +249,7 @@ __PACKAGE__->register_method ({
method => 'DELETE', method => 'DELETE',
description => "Delete volume", description => "Delete volume",
permissions => { permissions => {
description => "You need 'Datastore.Allocate' privilege on the storage ('Datastore.AllocateSpace' is not enough).", description => "You need 'Datastore.Allocate' privilege on the storage (or 'Datastore.AllocateSpace' for backup volumes if you have VM.Backup privilege on the VM).",
user => 'all', user => 'all',
}, },
protected => 1, protected => 1,
@ -272,11 +272,17 @@ __PACKAGE__->register_method ({
my $rpcenv = PVE::RPCEnvironment::get(); my $rpcenv = PVE::RPCEnvironment::get();
my $authuser = $rpcenv->get_user(); my $authuser = $rpcenv->get_user();
my $cfg = cfs_read_file('storage.cfg');
my ($volid, $storeid) = &$real_volume_id($param->{storage}, $param->{volume}); my ($volid, $storeid) = &$real_volume_id($param->{storage}, $param->{volume});
$rpcenv->check($authuser, "/storage/$storeid", ['Datastore.Allocate']); my ($path, $ownervm, $vtype) = PVE::Storage::path($cfg, $volid);
if ($vtype eq 'backup' && $ownervm) {
my $cfg = cfs_read_file('storage.cfg'); $rpcenv->check($authuser, "/storage/$storeid", ['Datastore.AllocateSpace']);
$rpcenv->check($authuser, "/vms/$ownervm", ['VM.Backup']);
} else {
$rpcenv->check($authuser, "/storage/$storeid", ['Datastore.Allocate']);
}
PVE::Storage::vdisk_free ($cfg, $volid); PVE::Storage::vdisk_free ($cfg, $volid);

8
changelog.Debian
View File

@ -1,3 +1,11 @@
libpve-storage-perl (2.3-5) unstable; urgency=low
* Allow removal of backup volumes if the user has
Datastore.AllocateSpace privilege on the storage and VM.Backup
privilege on the VM
-- Proxmox Support Team <support@proxmox.com> Fri, 01 Mar 2013 06:03:24 +0100
libpve-storage-perl (2.3-4) unstable; urgency=low libpve-storage-perl (2.3-4) unstable; urgency=low
* rbd: rework pool - username - auth_supported options * rbd: rework pool - username - auth_supported options