[pve-devel] [PATCH pve-network 2/5] get_local_vnets: add permissions on /sdn/vnets/*

Alexandre Derumier aderumier at odiso.com
Fri Nov 5 09:06:42 CET 2021


---
 PVE/Network/SDN.pm | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/PVE/Network/SDN.pm b/PVE/Network/SDN.pm
index d3399ce..b95dd5b 100644
--- a/PVE/Network/SDN.pm
+++ b/PVE/Network/SDN.pm
@@ -193,7 +193,7 @@ sub get_local_vnets {
 	my $privs = [ 'SDN.Audit', 'SDN.Allocate' ];
 
 	next if !$zoneid;
-	next if !$rpcenv->check_any($authuser, "/sdn/zones/$zoneid", $privs, 1);
+	next if !$rpcenv->check_any($authuser, "/sdn/zones/$zoneid", $privs, 1) && !$rpcenv->check_any($authuser, "/sdn/vnets/$vnetid", $privs, 1);
 
 	my $zone_config = PVE::Network::SDN::Zones::sdn_zones_config($zones_cfg, $zoneid);
 
-- 
2.30.2




More information about the pve-devel mailing list