[pve-devel] [PATCH v2 storage 3/6] check volume access: allow for images/rootdir if user has VM.Config.Disk
Fabian Ebner
f.ebner at proxmox.com
Wed Mar 30 12:24:30 CEST 2022
Listing guest images should not require Datastore.Allocate in this
case. In preparation for adding disk import to the GUI.
Signed-off-by: Fabian Ebner <f.ebner at proxmox.com>
---
Changes from v1:
* Also check for Datastore.Audit privilege.
PVE/Storage.pm | 3 +++
1 file changed, 3 insertions(+)
diff --git a/PVE/Storage.pm b/PVE/Storage.pm
index 0349564..a864c33 100755
--- a/PVE/Storage.pm
+++ b/PVE/Storage.pm
@@ -488,6 +488,9 @@ sub check_volume_access {
} elsif ($vtype eq 'backup' && $ownervm) {
$rpcenv->check($user, "/storage/$sid", ['Datastore.AllocateSpace']);
$rpcenv->check($user, "/vms/$ownervm", ['VM.Backup']);
+ } elsif (($vtype eq 'images' || $vtype eq 'rootdir') && $ownervm) {
+ $rpcenv->check($user, "/storage/$sid", ['Datastore.Audit']);
+ $rpcenv->check($user, "/vms/$ownervm", ['VM.Config.Disk']);
} else {
die "missing privileges to access $volid\n";
}
--
2.30.2
More information about the pve-devel
mailing list