[pve-devel] [PATCH] access permissions cleanup fix

Alen Grizonic a.grizonic at proxmox.com
Thu Aug 13 12:14:38 CEST 2015


for removed vms and pools

Signed-off-by: Alen Grizonic <a.grizonic at proxmox.com>
---
 PVE/AccessControl.pm | 23 ++++++++++++++++++++++-
 1 file changed, 22 insertions(+), 1 deletion(-)

diff --git a/PVE/AccessControl.pm b/PVE/AccessControl.pm
index bfee816..77e5534 100644
--- a/PVE/AccessControl.pm
+++ b/PVE/AccessControl.pm
@@ -480,7 +480,7 @@ sub delete_pool_acl {
 
     foreach my $aclpath (keys %{$usercfg->{acl}}) {
 	delete ($usercfg->{acl}->{$aclpath})
-	    if $usercfg->{acl}->{$aclpath} eq 'path';
+	    if $aclpath eq $path;
     }
 }
 
@@ -1096,6 +1096,27 @@ sub check_permissions {
     return 1;
 }
 
+sub remove_vm_access {
+    my ($vmid) = @_;
+    my $delVMaccessFn = sub {
+        my $usercfg = cfs_read_file("user.cfg");
+
+        if (my $acl = $usercfg->{acl}->{'/vms/'.$vmid}) {
+            delete $usercfg->{acl}->{'/vms/'.$vmid};
+            cfs_write_file("user.cfg", $usercfg);
+        }
+        if (my $pool = $usercfg->{vms}->{$vmid}) {
+            if (my $data = $usercfg->{pools}->{$pool}) {
+                delete $data->{vms}->{$vmid};
+                delete $usercfg->{vms}->{$vmid};
+                cfs_write_file("user.cfg", $usercfg);
+            }
+        }
+    };
+
+    lock_user_config($delVMaccessFn, "access permissions cleanup for VM $vmid failed");
+}
+
 sub add_vm_to_pool {
     my ($vmid, $pool) = @_;
 
-- 
2.1.4





More information about the pve-devel mailing list