[pve-devel] applied: [PATCH access-control] comput coarse UI permissions: also check SDN ones
Thomas Lamprecht
t.lamprecht at proxmox.com
Tue Jun 9 11:47:48 CEST 2020
Signed-off-by: Thomas Lamprecht <t.lamprecht at proxmox.com>
---
fixes: https://forum.proxmox.com/threads/proxmox-6-2-sdn-beta-test.69655/page-8#post-318789
PVE/API2/AccessControl.pm | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/PVE/API2/AccessControl.pm b/PVE/API2/AccessControl.pm
index 25230ac..8b053dc 100644
--- a/PVE/API2/AccessControl.pm
+++ b/PVE/API2/AccessControl.pm
@@ -176,11 +176,12 @@ my $compute_api_permission = sub {
access => qr/(User|Group)\.|Permissions\.Modify/,
storage => qr/Datastore\.|Permissions\.Modify/,
nodes => qr/Sys\.|Permissions\.Modify/,
- dc => qr/Sys\.Audit/,
+ sdn => qr/SDN\./,
+ dc => qr/Sys\.Audit|SDN\./,
};
map { $res->{$_} = {} } keys %$priv_re_map;
- my $required_paths = ['/', '/nodes', '/access/groups', '/vms', '/storage'];
+ my $required_paths = ['/', '/nodes', '/access/groups', '/vms', '/storage', '/sdn'];
my $checked_paths = {};
foreach my $path (@$required_paths, keys %{$usercfg->{acl}}) {
--
2.20.1
More information about the pve-devel
mailing list