[pve-devel] [PATCH-SERIE pve-access-control/pve-manager/qemu-server] check permissions on local bridge

DERUMIER, Alexandre alexandre.derumier at groupe-cyllene.com
Tue Jun 6 08:54:31 CEST 2023

Le mardi 06 juin 2023 à 05:32 +0000, DERUMIER, Alexandre a écrit :
> > to have at least the local bridge ACL path (for the zone, or for
> > the
> > zone and the bridges?) in the regular ACL selectors in 7.x as well,
> > if
> > we pull in something in pve-manager, than IMHO it should be that,
> > not
> > the full-flegded new panels.
> I'll look to rewrok the selector, vnets are not yet displayed. (only
> sdn zones, and localnetwork zone is also not displayed )

Looking at that,
currently the pathselector is filled from cluster ressources.

I really don't known if we want to add all vnets to the cluster
ressources api. (as we don't really want to expose them in the tree
anyway,  like a disk from a datastore is not exposed. User could have a
lot bridges, and the ressource json can be already big)

User could still add manually the bridge in the path if needed.

User could still use the new panel for easy add more granular
permissions on bridge/vlan.


More information about the pve-devel mailing list