[pve-devel] [PATCH storage 1/4] check volume access: allow if user has VM.Config.Disk
Fabian Ebner
f.ebner at proxmox.com
Tue Mar 22 09:31:49 CET 2022
Am 21.03.22 um 14:06 schrieb Fabian Ebner:
> Listing guest images should not require Datastore.Allocate in this
> case. In preparation for adding disk import to the GUI.
>
> Signed-off-by: Fabian Ebner <f.ebner at proxmox.com>
> ---
> PVE/Storage.pm | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/PVE/Storage.pm b/PVE/Storage.pm
> index 6112991..efa304a 100755
> --- a/PVE/Storage.pm
> +++ b/PVE/Storage.pm
> @@ -486,6 +486,8 @@ sub check_volume_access {
> } elsif ($vtype eq 'backup' && $ownervm) {
> $rpcenv->check($user, "/storage/$sid", ['Datastore.AllocateSpace']);
> $rpcenv->check($user, "/vms/$ownervm", ['VM.Backup']);
> + } elsif (($vtype eq 'images' || $vtype eq 'rootdir') && $ownervm) {
> + $rpcenv->check($user, "/vms/$ownervm", ['VM.Config.Disk']);
Of course this needs to be or-ed with the Datastore.Allocate privilege.
Will fix it in v2.
> } else {
> # allow if we are Datastore administrator
> $rpcenv->check($user, "/storage/$sid", ['Datastore.Allocate']);
More information about the pve-devel
mailing list