tyler/proxmox-backup
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

src/config/acl.rs: introduce more/better datastore privileges

Browse Source
This commit is contained in:
Dietmar Maurer
2020-04-27 07:13:06 +02:00
parent 9c7fe29dfc
commit d00e1a216f
5 changed files with 33 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/api2/reader.rs
View File

@ -15,7 +15,7 @@ use crate::api2::types::*;
use crate::backup::*;
use crate::server::{WorkerTask, H2Service};
use crate::tools;
use crate::config::acl::PRIV_DATASTORE_ALLOCATE_SPACE;
use crate::config::acl::PRIV_DATASTORE_READ;
use crate::config::cached_user_info::CachedUserInfo;
mod environment;
@ -45,7 +45,7 @@ pub const API_METHOD_UPGRADE_BACKUP: ApiMethod = ApiMethod::new(
)
).access(
// Note: parameter 'store' is no uri parameter, so we need to test inside function body
Some("The user needs Datastore.AllocateSpace privilege on /datastore/{store}."),
Some("The user needs Datastore.Read privilege on /datastore/{store}."),
&Permission::Anybody
);
@ -64,7 +64,7 @@ fn upgrade_to_backup_reader_protocol(
let store = tools::required_string_param(&param, "store")?.to_owned();
let user_info = CachedUserInfo::new()?;
user_info.check_privs(&username, &["datastore", &store], PRIV_DATASTORE_ALLOCATE_SPACE, false)?;
user_info.check_privs(&username, &["datastore", &store], PRIV_DATASTORE_READ, false)?;
let datastore = DataStore::lookup_datastore(&store)?;