[pbs-devel] partially-applied: [PATCH proxmox-backup 0/8] permission improvements
Thomas Lamprecht
t.lamprecht at proxmox.com
Fri Oct 30 16:44:51 CET 2020
On 30.10.20 12:36, Fabian Grünbichler wrote:
> this series cleans up
> - get/set_notes permissions
> - unused PRIV_REMOTE_PRUNE
>
> reworks verification permissions:
> - add a new PRIV_DATASTORE_VERIFY that allows verifying whole datastores
> - allows unprivileged users to verify their part of a datastore in bulk
> - allows non-superusers to setup and view verification jobs (if they are
> privileged enough)
>
> reworks pulls/syncs:
> - allow setting an owner
> - allow non-superusers to setup and view sync jobs (if they are
> privileged enough)
>
> Fabian Grünbichler (8):
> privs: allow reading notes with Datastore.Audit
> privs: use Datastore.Modify|Backup to set backup notes
> verify: introduce & use new Datastore.Verify privilege
> verify jobs: add permissions
> sync: add owner
> sync: allow sync for non-superusers
> privs: remove PRIV_REMOVE_PRUNE
> privs: add some more comments explaining privileges
>
> src/api2/admin/datastore.rs | 34 ++++++--
> src/api2/admin/sync.rs | 30 ++++++-
> src/api2/config/remote.rs | 15 +++-
> src/api2/config/sync.rs | 152 +++++++++++++++++++++++++++++++++---
> src/api2/config/verify.rs | 41 +++++++++-
> src/api2/pull.rs | 5 +-
> src/backup/verify.rs | 29 ++++++-
> src/config/acl.rs | 24 ++++--
> src/config/sync.rs | 28 ++++++-
> src/server/verify_job.rs | 2 +-
> www/config/SyncView.js | 14 +++-
> www/window/SyncJobEdit.js | 20 +++++
> 12 files changed, 352 insertions(+), 42 deletions(-)
>
applied all but the sync related ones (patch 5/8 and 6/8), need some more thoughts
and another opinion would not hurt there - thanks!
More information about the pbs-devel
mailing list