[pve-devel] [PATCH access-control 0/2] improve permission self-service
Fabian Grünbichler
f.gruenbichler at proxmox.com
Tue Nov 5 09:30:37 CET 2024
noticed this while testing https://lore.proxmox.com/pve-devel/20241031134629.144893-1-d.kral@proxmox.com
the first patch fixes the already allowed "permission self-service" for
users as the web UI implements it (it always passes the $userid
parameter).
the second patch extends that self-service to allow users without
Sys.Audit on /access to evaluate their own tokens' ACLs/permissions,
which seems sensible to me ;)
Fabian Grünbichler (2):
api: permissions: allow users to view their own permissions
api: permissions: allow users to check their own tokens
src/PVE/API2/AccessControl.pm | 18 +++++++++++++-----
1 file changed, 13 insertions(+), 5 deletions(-)
--
2.39.5
More information about the pve-devel
mailing list