[pve-devel] [PATCH pve-network 2/5] get_local_vnets: add permissions on /sdn/vnets/*
Alexandre Derumier
aderumier at odiso.com
Fri Nov 5 09:06:42 CET 2021
---
PVE/Network/SDN.pm | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/PVE/Network/SDN.pm b/PVE/Network/SDN.pm
index d3399ce..b95dd5b 100644
--- a/PVE/Network/SDN.pm
+++ b/PVE/Network/SDN.pm
@@ -193,7 +193,7 @@ sub get_local_vnets {
my $privs = [ 'SDN.Audit', 'SDN.Allocate' ];
next if !$zoneid;
- next if !$rpcenv->check_any($authuser, "/sdn/zones/$zoneid", $privs, 1);
+ next if !$rpcenv->check_any($authuser, "/sdn/zones/$zoneid", $privs, 1) && !$rpcenv->check_any($authuser, "/sdn/vnets/$vnetid", $privs, 1);
my $zone_config = PVE::Network::SDN::Zones::sdn_zones_config($zones_cfg, $zoneid);
--
2.30.2
More information about the pve-devel
mailing list