[pve-devel] [RFC manager 3/3] fix #6094: api: acme: allow to get plugin info with Sys.Audit on /
Daniel Kral
d.kral at proxmox.com
Mon Feb 17 13:19:18 CET 2025
Relax the required permissions to query the list of ACME plugins and
their configurations. Both API endpoints do only read the ACME plugins
configuration file but does not modify any system state.
Keep Sys.Modify for backwards compatibility.
Signed-off-by: Daniel Kral <d.kral at proxmox.com>
---
PVE/API2/ACMEPlugin.pm | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/PVE/API2/ACMEPlugin.pm b/PVE/API2/ACMEPlugin.pm
index 30616625..ad5625fa 100644
--- a/PVE/API2/ACMEPlugin.pm
+++ b/PVE/API2/ACMEPlugin.pm
@@ -51,7 +51,7 @@ __PACKAGE__->register_method ({
path => '',
method => 'GET',
permissions => {
- check => ['perm', '/', [ 'Sys.Modify' ]],
+ check => ['perm', '/', [ 'Sys.Audit', 'Sys.Modify' ], any => 1],
},
description => "ACME plugin index.",
protected => 1,
@@ -98,7 +98,7 @@ __PACKAGE__->register_method({
method => 'GET',
description => "Get ACME plugin configuration.",
permissions => {
- check => ['perm', '/', [ 'Sys.Modify' ]],
+ check => ['perm', '/', [ 'Sys.Audit', 'Sys.Modify' ], any => 1],
},
protected => 1,
parameters => {
--
2.39.5
More information about the pve-devel
mailing list