[pve-devel] applied: [PATCH manager] fix Subscription api check
Thomas Lamprecht
t.lamprecht at proxmox.com
Thu Jan 31 11:16:03 CET 2019
On 1/31/19 10:14 AM, Dominik Csapak wrote:
> when using 'check_permissions' directly, we have to actually
> give the nodename in the path, else we check the wrong permission
>
> Signed-off-by: Dominik Csapak <d.csapak at proxmox.com>
> ---
> PVE/API2/Subscription.pm | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/PVE/API2/Subscription.pm b/PVE/API2/Subscription.pm
> index 896bea7c..ef9499ab 100644
> --- a/PVE/API2/Subscription.pm
> +++ b/PVE/API2/Subscription.pm
> @@ -106,10 +106,11 @@ __PACKAGE__->register_method ({
>
> my $server_id = PVE::API2Tools::get_hwaddress();
> my $url = "http://www.proxmox.com/products/proxmox-ve/subscription-service-plans";
> + my $node = $param->{node};
>
> my $rpcenv = PVE::RPCEnvironment::get();
> my $authuser = $rpcenv->get_user();
> - my $has_permission = PVE::AccessControl::check_permissions($authuser, '/nodes/{node}', 'Sys.Audit');
> + my $has_permission = PVE::AccessControl::check_permissions($authuser, "/nodes/$node", 'Sys.Audit');
>
> my $info = PVE::INotify::read_file('subscription');
> if (!$info) {
>
applied, thanks!
More information about the pve-devel
mailing list