[pve-devel] [RFC common 2/4] tools: add 'check_for_root' helper
Oguz Bektas
o.bektas at proxmox.com
Wed Jan 5 16:22:13 CET 2022
checks if the rpcenv user is 'root at pam' or has the 'Sys.Root' privilege
on a given API path
Signed-off-by: Oguz Bektas <o.bektas at proxmox.com>
---
src/PVE/Tools.pm | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/src/PVE/Tools.pm b/src/PVE/Tools.pm
index 787942a..3e2e7f9 100644
--- a/src/PVE/Tools.pm
+++ b/src/PVE/Tools.pm
@@ -2017,4 +2017,13 @@ sub get_file_hash {
return lc($digest);
}
+sub check_for_root {
+ my ($path_to_check) = @_;
+
+ my $rpcenv = PVE::RPCEnvironment::get();
+ my $authuser = $rpcenv->get_user();
+ my $is_root = $authuser eq 'root at pam' || $rpcenv->check($authuser, $path_to_check, ['Sys.Root'], 1);
+ return $is_root;
+}
+
1;
--
2.30.2
More information about the pve-devel
mailing list