tyler
/
proxmox-backup
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

include privilege names in check_privs error 

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
This commit is contained in:
Fabian Grünbichler 2022-05-24 12:13:29 +02:00 committed by Thomas Lamprecht
parent 3e4994a54f
commit d1fba4de1d
1 changed files with 11 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
pbs-config/src/cached_user_info.rs
View File

@ -9,7 +9,7 @@ use proxmox_router::UserInformation;
use proxmox_section_config::SectionConfigData; use proxmox_section_config::SectionConfigData;
use proxmox_time::epoch_i64; use proxmox_time::epoch_i64;
use pbs_api_types::{ApiToken, Authid, User, Userid, ROLE_ADMIN}; use pbs_api_types::{privs_to_priv_names, ApiToken, Authid, User, Userid, ROLE_ADMIN};
use crate::acl::{AclTree, ROLE_NAMES}; use crate::acl::{AclTree, ROLE_NAMES};
use crate::ConfigVersionCache; use crate::ConfigVersionCache;
@ -123,7 +123,16 @@ impl CachedUserInfo {
if !allowed { if !allowed {
// printing the path doesn't leaks any information as long as we // printing the path doesn't leaks any information as long as we
// always check privilege before resource existence // always check privilege before resource existence
bail!("no permissions on '/{}'", path.join("/")); let priv_names = privs_to_priv_names(required_privs);
let priv_names = if partial {
priv_names.join("|")
} else {
priv_names.join("&")
};
bail!(
"missing permissions '{priv_names}' on '/{}'",
path.join("/")
);
} }
Ok(()) Ok(())
} }