[pve-devel] [RFC 1/23] API schema: add 'notoken' property

Thomas Lamprecht t.lamprecht at proxmox.com
Thu Oct 17 17:21:47 CEST 2019


On 10/17/19 4:59 PM, Fabian Grünbichler wrote:
> sure - I don't care about the name at all, and a positively-named option 
> with a default of 1 is also okay :)
> 
> I am not sure whether we even really need such a schema option - we 
> could also just have a helper in PVE::RPCEnvironment or 
> PVE::AccessControl and call that directly at the start of the API 
> methods. in the end, it probably comes down to how many such API methods 
> there are.

I'd rather have it encoded in the schema, so API docs are annotated,
also the schematic way to define such things is nicer, if possible.

Only issue would be if we have to guard API endpoints depending on
the parameters or their value, but we could naturally still have both
like now with the permission checks.





More information about the pve-devel mailing list