[pve-devel] [PATCH pve-access-control 1/2] api: token: fix #6890: add ability to remove comment with empty string
Nicolas Frey
n.frey at proxmox.com
Wed Oct 8 13:19:19 CEST 2025
Beforehand, if the comment was an empty string, it would not update
the token to have it's comment deleted. Adds missing defined check
instead of checking truthy value (i.e. an empty string being falsy).
The comment is also explicitly deleted, because the response would
otherwise return the comment as empty, not deleted:
┌─────────┬───────┐
│ key │ value │
╞═════════╪═══════╡
│ comment │ │
├─────────┼───────┤
│ expire │ 0 │
├─────────┼───────┤
│ privsep │ 1 │
└─────────┴───────┘
instead of:
┌─────────┬───────┐
│ key │ value │
╞═════════╪═══════╡
│ expire │ 0 │
├─────────┼───────┤
│ privsep │ 1 │
└─────────┴───────┘
Fixes: https://bugzilla.proxmox.com/show_bug.cgi?id=6890
Signed-off-by: Nicolas Frey <n.frey at proxmox.com>
---
src/PVE/API2/User.pm | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/src/PVE/API2/User.pm b/src/PVE/API2/User.pm
index 5041fbe..e7c895e 100644
--- a/src/PVE/API2/User.pm
+++ b/src/PVE/API2/User.pm
@@ -870,7 +870,8 @@ __PACKAGE__->register_method({
$token->{privsep} = $param->{privsep} if defined($param->{privsep});
$token->{expire} = $param->{expire} if defined($param->{expire});
- $token->{comment} = $param->{comment} if $param->{comment};
+ $token->{comment} = $param->{comment} if defined($param->{comment});
+ delete $token->{comment} if (!length $token->{comment});
$usercfg->{users}->{$userid}->{tokens}->{$tokenid} = $token;
cfs_write_file("user.cfg", $usercfg);
--
2.47.3
More information about the pve-devel
mailing list