[pbs-devel] [PATCH proxmox v3 1/3] pbs-api-types: allow traffic-control rules to match users
Christian Ebner
c.ebner at proxmox.com
Wed Nov 12 10:46:11 CET 2025
one nit inline I missed last time, otherwise LGTM!
On 11/10/25 2:43 PM, Hannes Laimer wrote:
> Extend traffic-control rules with an optional list of user IDs so
> API traffic can be limited per user in addition to IP-based rules.
>
> Reviewed-by: Christian Ebner <c.ebner at proxmox.com>
> Signed-off-by: Hannes Laimer <h.laimer at proxmox.com>
> ---
> pbs-api-types/src/traffic_control.rs | 9 +++++++++
> 1 file changed, 9 insertions(+)
>
> diff --git a/pbs-api-types/src/traffic_control.rs b/pbs-api-types/src/traffic_control.rs
> index 2a359eda..12fc8c93 100644
> --- a/pbs-api-types/src/traffic_control.rs
> +++ b/pbs-api-types/src/traffic_control.rs
> @@ -6,6 +6,7 @@ use proxmox_schema::{api, ApiType, Schema, StringSchema, Updater};
> use proxmox_schema::api_types::CIDR_SCHEMA;
>
> use crate::{DAILY_DURATION_FORMAT, PROXMOX_SAFE_ID_FORMAT, SINGLE_LINE_COMMENT_SCHEMA};
> +use crate::Userid;
nit: cargo fmt would place this above the schema and format imports.
>
> pub const TRAFFIC_CONTROL_TIMEFRAME_SCHEMA: Schema =
> StringSchema::new("Timeframe to specify when the rule is active.")
> @@ -125,6 +126,11 @@ pub struct ClientRateLimitConfig {
> },
> optional: true,
> },
> + users: {
> + type: Array,
> + items: { type: Userid },
> + optional: true,
> + },
> },
> )]
> #[derive(Clone, Serialize, Deserialize, PartialEq, Updater)]
> @@ -146,6 +152,9 @@ pub struct TrafficControlRule {
> /// Enable the rule at specific times
> #[serde(skip_serializing_if = "Option::is_none")]
> pub timeframe: Option<Vec<String>>,
> + /// Rule applies to authenticated API requests of any of these users (overrides IP-only rules)
> + #[serde(skip_serializing_if = "Option::is_none")]
> + pub users: Option<Vec<Userid>>,
> }
>
> #[api(
More information about the pbs-devel
mailing list