[pve-devel] [PATCH storage] close #5492: api: content: allow listing volumes with Datastore.Audit privilege

Fiona Ebner f.ebner at proxmox.com
Fri Jul 18 17:03:51 CEST 2025


The check_volume_access() method is for checking read access to a
volume. Users should be able to list the images, e.g. to check backup
health via monitoring like reported in #5492 comment 3, with just an
audit privilege.

Signed-off-by: Fiona Ebner <f.ebner at proxmox.com>
---
 src/PVE/API2/Storage/Content.pm | 6 ------
 1 file changed, 6 deletions(-)

diff --git a/src/PVE/API2/Storage/Content.pm b/src/PVE/API2/Storage/Content.pm
index 1fe7303..c1f9a1f 100644
--- a/src/PVE/API2/Storage/Content.pm
+++ b/src/PVE/API2/Storage/Content.pm
@@ -154,12 +154,6 @@ __PACKAGE__->register_method({
 
         my $res = [];
         foreach my $item (@$vollist) {
-            eval {
-                PVE::Storage::check_volume_access(
-                    $rpcenv, $authuser, $cfg, undef, $item->{volid},
-                );
-            };
-            next if $@;
             $item->{vmid} = int($item->{vmid}) if defined($item->{vmid});
             $item->{size} = int($item->{size}) if defined($item->{size});
             $item->{used} = int($item->{used}) if defined($item->{used});
-- 
2.47.2





More information about the pve-devel mailing list