tyler
/
proxmox-backup
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

api: datastore: lookup after checking privs 

else this could leak existence of datastore.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
This commit is contained in:
Fabian Grünbichler 2022-05-09 18:03:32 +02:00 committed by Thomas Lamprecht
parent 2bc2435a96
commit 1909ece229
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
src/api2/admin/datastore.rs
View File

@ -2152,8 +2152,6 @@ pub fn set_backup_owner(
new_owner: Authid, new_owner: Authid,
rpcenv: &mut dyn RpcEnvironment, rpcenv: &mut dyn RpcEnvironment,
) -> Result<(), Error> { ) -> Result<(), Error> {
let datastore = DataStore::lookup_datastore(&store, Some(Operation::Write))?;
let auth_id: Authid = rpcenv.get_auth_id().unwrap().parse()?; let auth_id: Authid = rpcenv.get_auth_id().unwrap().parse()?;
let backup_ns = backup_ns.unwrap_or_default(); let backup_ns = backup_ns.unwrap_or_default();
let owner_check_required = check_ns_privs( let owner_check_required = check_ns_privs(
@ -2163,6 +2161,9 @@ pub fn set_backup_owner(
PRIV_DATASTORE_MODIFY, PRIV_DATASTORE_MODIFY,
PRIV_DATASTORE_BACKUP, PRIV_DATASTORE_BACKUP,
)?; )?;
let datastore = DataStore::lookup_datastore(&store, Some(Operation::Write))?;
let backup_group = datastore.backup_group(backup_ns, backup_group); let backup_group = datastore.backup_group(backup_ns, backup_group);
if owner_check_required { if owner_check_required {