[pve-devel] [PATCH v2 manager] ui: lxc options: disable features edit as non-root when container is privileged
Fabian Ebner
f.ebner at proxmox.com
Fri Aug 13 11:10:12 CEST 2021
The backend won't allow any edits in this case, so better just disable
the edit button altogether.
Co-developed-by: Fabian Grünbichler <f.gruenbichler at proxmox.com>
Signed-off-by: Fabian Ebner <f.ebner at proxmox.com>
---
Changes from v1:
* split cases based on 'key'
* keep logic for {dis,en}abling edit button for features in one
place
www/manager6/lxc/Options.js | 13 ++++++++++---
1 file changed, 10 insertions(+), 3 deletions(-)
diff --git a/www/manager6/lxc/Options.js b/www/manager6/lxc/Options.js
index f2661dfc..d0a53fc7 100644
--- a/www/manager6/lxc/Options.js
+++ b/www/manager6/lxc/Options.js
@@ -136,8 +136,7 @@ Ext.define('PVE.lxc.Options', {
features: {
header: gettext('Features'),
defaultValue: Proxmox.Utils.noneText,
- editor: Proxmox.UserName === 'root at pam' || caps.vms['VM.Allocate']
- ? 'PVE.lxc.FeaturesEdit' : undefined,
+ editor: 'PVE.lxc.FeaturesEdit',
},
hookscript: {
header: gettext('Hookscript'),
@@ -174,7 +173,15 @@ Ext.define('PVE.lxc.Options', {
var pending = rec.data.delete || me.hasPendingChanges(key);
var rowdef = rows[key];
- edit_btn.setDisabled(!rowdef.editor);
+ if (key === 'features') {
+ let unprivileged = me.getStore().getById('unprivileged').data.value;
+ let root = Proxmox.UserName === 'root at pam';
+ let vmalloc = caps.vms['VM.Allocate'];
+ edit_btn.setDisabled(!(root || (vmalloc && unprivileged)));
+ } else {
+ edit_btn.setDisabled(!rowdef.editor);
+ }
+
revert_btn.setDisabled(!pending);
};
--
2.30.2
More information about the pve-devel
mailing list