[pve-devel] applied: [PATCH access-control] fix realm sync permissions

Thomas Lamprecht t.lamprecht at proxmox.com
Mon Dec 20 20:44:52 CET 2021


On 20/12/2021 11:31, Wolfgang Bumiller wrote:
> The userid-* permission check variants work on
> $param->{userid} directly which does not exist for this
> call. Also, they work on the realm of the user being
> checked, rather than the realm provided as parameter.
> 
> The result was that as non-root user this always failed
> with the message "userid '' too short"
> 
> Fix this by making the check explicitly work like in the
> description.
> 
> Signed-off-by: Wolfgang Bumiller <w.bumiller at proxmox.com>
> ---
>  src/PVE/API2/Domains.pm | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
> 
>

applied, thanks!




More information about the pve-devel mailing list