[pve-devel] [PATCH pve-access-control v2 1/1] permissions: add ACL paths for SDN fabrics
Thomas Lamprecht
t.lamprecht at proxmox.com
Fri Apr 4 19:20:05 CEST 2025
Am 04.04.25 um 18:28 schrieb Gabriel Goller:
> From: Stefan Hanreich <s.hanreich at proxmox.com>
Missing a commit message, ACL is something that might profit from
providing the thoughts behind this, even if it's probably quite
clear for you.
>
> Signed-off-by: Stefan Hanreich <s.hanreich at proxmox.com>
> Signed-off-by: Gabriel Goller <g.goller at proxmox.com>
> ---
> src/PVE/AccessControl.pm | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/src/PVE/AccessControl.pm b/src/PVE/AccessControl.pm
> index 47f2d38b09c7..7b2dae35448d 100644
> --- a/src/PVE/AccessControl.pm
> +++ b/src/PVE/AccessControl.pm
> @@ -1273,6 +1273,8 @@ sub check_path {
> |/sdn/controllers/[[:alnum:]\_\-]+
> |/sdn/dns
> |/sdn/dns/[[:alnum:]]+
> + |/sdn/fabrics
> + |/sdn/fabrics/(openfabric|ospf)/[[:alnum:]]+
So, without looking at the implementation, fabrics have the IDs unique
per sub-type? Could maybe also share an ID space, less confusion
potential, but naturally also less flexibility – what do you think?
More information about the pve-devel
mailing list