[pbs-devel] [PATCH proxmox-backup 0/8] permission improvements
Fabian Grünbichler
f.gruenbichler at proxmox.com
Fri Oct 30 12:36:36 CET 2020
this series cleans up
- get/set_notes permissions
- unused PRIV_REMOTE_PRUNE
reworks verification permissions:
- add a new PRIV_DATASTORE_VERIFY that allows verifying whole datastores
- allows unprivileged users to verify their part of a datastore in bulk
- allows non-superusers to setup and view verification jobs (if they are
privileged enough)
reworks pulls/syncs:
- allow setting an owner
- allow non-superusers to setup and view sync jobs (if they are
privileged enough)
Fabian Grünbichler (8):
privs: allow reading notes with Datastore.Audit
privs: use Datastore.Modify|Backup to set backup notes
verify: introduce & use new Datastore.Verify privilege
verify jobs: add permissions
sync: add owner
sync: allow sync for non-superusers
privs: remove PRIV_REMOVE_PRUNE
privs: add some more comments explaining privileges
src/api2/admin/datastore.rs | 34 ++++++--
src/api2/admin/sync.rs | 30 ++++++-
src/api2/config/remote.rs | 15 +++-
src/api2/config/sync.rs | 152 +++++++++++++++++++++++++++++++++---
src/api2/config/verify.rs | 41 +++++++++-
src/api2/pull.rs | 5 +-
src/backup/verify.rs | 29 ++++++-
src/config/acl.rs | 24 ++++--
src/config/sync.rs | 28 ++++++-
src/server/verify_job.rs | 2 +-
www/config/SyncView.js | 14 +++-
www/window/SyncJobEdit.js | 20 +++++
12 files changed, 352 insertions(+), 42 deletions(-)
--
2.20.1
More information about the pbs-devel
mailing list