[pve-devel] [PATCH storage] close #5492: api: content: allow listing volumes with Datastore.Audit privilege
Fiona Ebner
f.ebner at proxmox.com
Fri Jul 18 17:03:51 CEST 2025
The check_volume_access() method is for checking read access to a
volume. Users should be able to list the images, e.g. to check backup
health via monitoring like reported in #5492 comment 3, with just an
audit privilege.
Signed-off-by: Fiona Ebner <f.ebner at proxmox.com>
---
src/PVE/API2/Storage/Content.pm | 6 ------
1 file changed, 6 deletions(-)
diff --git a/src/PVE/API2/Storage/Content.pm b/src/PVE/API2/Storage/Content.pm
index 1fe7303..c1f9a1f 100644
--- a/src/PVE/API2/Storage/Content.pm
+++ b/src/PVE/API2/Storage/Content.pm
@@ -154,12 +154,6 @@ __PACKAGE__->register_method({
my $res = [];
foreach my $item (@$vollist) {
- eval {
- PVE::Storage::check_volume_access(
- $rpcenv, $authuser, $cfg, undef, $item->{volid},
- );
- };
- next if $@;
$item->{vmid} = int($item->{vmid}) if defined($item->{vmid});
$item->{size} = int($item->{size}) if defined($item->{size});
$item->{used} = int($item->{used}) if defined($item->{used});
--
2.47.2
More information about the pve-devel
mailing list