tyler/proxmox-backup
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

server/prune_job: add proper permission checks to 'prune_datastore'

Browse Source 
checks for PRIV_DATASTORE_MODIFY, or else if the auth_id is the backup
owner, and skips the group if not.

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
This commit is contained in:
Dominik Csapak
2021-07-16 10:53:25 +02:00
committed by Dietmar Maurer
parent 0052dc6d28
commit 8e0b852f24
2 changed files with 15 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/backup/datastore.rs
View File

@ -355,7 +355,7 @@ impl DataStore {
pub fn owns_backup(&self, backup_group: &BackupGroup, auth_id: &Authid) -> Result<bool, Error> {
let owner = self.get_owner(backup_group)?;
Ok(check_backup_owner(owner, auth_id).is_ok())
Ok(check_backup_owner(&owner, auth_id).is_ok())
}
/// Set the backup owner.