[pve-devel] applied-series: [PATCH access-control 0/2] improve permission self-service
Thomas Lamprecht
t.lamprecht at proxmox.com
Sun Nov 10 20:08:09 CET 2024
Am 05.11.24 um 09:30 schrieb Fabian Grünbichler:
> noticed this while testing https://lore.proxmox.com/pve-devel/20241031134629.144893-1-d.kral@proxmox.com
>
> the first patch fixes the already allowed "permission self-service" for
> users as the web UI implements it (it always passes the $userid
> parameter).
>
> the second patch extends that self-service to allow users without
> Sys.Audit on /access to evaluate their own tokens' ACLs/permissions,
> which seems sensible to me ;)
>
> Fabian Grünbichler (2):
> api: permissions: allow users to view their own permissions
> api: permissions: allow users to check their own tokens
>
> src/PVE/API2/AccessControl.pm | 18 +++++++++++++-----
> 1 file changed, 13 insertions(+), 5 deletions(-)
>
applied with Daniel's T-b, thanks!
ps. I made a small code-style follow-up for breaking up the schema description
over multiple lines so that it follows our style guide [0], there were some other
bad instances in that file anyway, so I did it as separate patch.
[0]: https://pve.proxmox.com/wiki/Perl_Style_Guide#Wrapping_Strings
More information about the pve-devel
mailing list