acl: use /tape/device instead of /tape/drive and /tape/changer
This commit is contained in:
parent
90e16be3ae
commit
ee33795b72
@ -52,7 +52,7 @@ use crate::{
|
||||
},
|
||||
},
|
||||
access: {
|
||||
permission: &Permission::Privilege(&["tape", "changer"], PRIV_TAPE_MODIFY, false),
|
||||
permission: &Permission::Privilege(&["tape", "device"], PRIV_TAPE_MODIFY, false),
|
||||
},
|
||||
)]
|
||||
/// Create a new changer device
|
||||
@ -107,7 +107,7 @@ pub fn create_changer(
|
||||
type: ScsiTapeChanger,
|
||||
},
|
||||
access: {
|
||||
permission: &Permission::Privilege(&["tape", "changer", "{name}"], PRIV_TAPE_AUDIT, false),
|
||||
permission: &Permission::Privilege(&["tape", "device", "{name}"], PRIV_TAPE_AUDIT, false),
|
||||
},
|
||||
)]
|
||||
/// Get tape changer configuration
|
||||
@ -157,7 +157,7 @@ pub fn list_changers(
|
||||
let list = list
|
||||
.into_iter()
|
||||
.filter(|changer| {
|
||||
let privs = user_info.lookup_privs(&auth_id, &["tape", "changer", &changer.name]);
|
||||
let privs = user_info.lookup_privs(&auth_id, &["tape", "device", &changer.name]);
|
||||
privs & PRIV_TAPE_AUDIT != 0
|
||||
})
|
||||
.collect();
|
||||
@ -206,7 +206,7 @@ pub enum DeletableProperty {
|
||||
},
|
||||
},
|
||||
access: {
|
||||
permission: &Permission::Privilege(&["tape", "changer", "{name}"], PRIV_TAPE_MODIFY, false),
|
||||
permission: &Permission::Privilege(&["tape", "device", "{name}"], PRIV_TAPE_MODIFY, false),
|
||||
},
|
||||
)]
|
||||
/// Update a tape changer configuration
|
||||
@ -283,7 +283,7 @@ pub fn update_changer(
|
||||
},
|
||||
},
|
||||
access: {
|
||||
permission: &Permission::Privilege(&["tape", "changer", "{name}"], PRIV_TAPE_MODIFY, false),
|
||||
permission: &Permission::Privilege(&["tape", "device", "{name}"], PRIV_TAPE_MODIFY, false),
|
||||
},
|
||||
)]
|
||||
/// Delete a tape changer configuration
|
||||
|
@ -50,7 +50,7 @@ use crate::{
|
||||
},
|
||||
},
|
||||
access: {
|
||||
permission: &Permission::Privilege(&["tape", "drive"], PRIV_TAPE_MODIFY, false),
|
||||
permission: &Permission::Privilege(&["tape", "device"], PRIV_TAPE_MODIFY, false),
|
||||
},
|
||||
)]
|
||||
/// Create a new drive
|
||||
@ -96,7 +96,7 @@ pub fn create_drive(param: Value) -> Result<(), Error> {
|
||||
type: LinuxTapeDrive,
|
||||
},
|
||||
access: {
|
||||
permission: &Permission::Privilege(&["tape", "drive", "{name}"], PRIV_TAPE_AUDIT, false),
|
||||
permission: &Permission::Privilege(&["tape", "device", "{name}"], PRIV_TAPE_AUDIT, false),
|
||||
},
|
||||
)]
|
||||
/// Get drive configuration
|
||||
@ -146,7 +146,7 @@ pub fn list_drives(
|
||||
let drive_list = drive_list
|
||||
.into_iter()
|
||||
.filter(|drive| {
|
||||
let privs = user_info.lookup_privs(&auth_id, &["tape", "drive", &drive.name]);
|
||||
let privs = user_info.lookup_privs(&auth_id, &["tape", "device", &drive.name]);
|
||||
privs & PRIV_TAPE_AUDIT != 0
|
||||
})
|
||||
.collect();
|
||||
@ -202,7 +202,7 @@ pub enum DeletableProperty {
|
||||
},
|
||||
},
|
||||
access: {
|
||||
permission: &Permission::Privilege(&["tape", "drive", "{name}"], PRIV_TAPE_MODIFY, false),
|
||||
permission: &Permission::Privilege(&["tape", "device", "{name}"], PRIV_TAPE_MODIFY, false),
|
||||
},
|
||||
)]
|
||||
/// Update a drive configuration
|
||||
@ -278,7 +278,7 @@ pub fn update_drive(
|
||||
},
|
||||
},
|
||||
access: {
|
||||
permission: &Permission::Privilege(&["tape", "drive", "{name}"], PRIV_TAPE_MODIFY, false),
|
||||
permission: &Permission::Privilege(&["tape", "device", "{name}"], PRIV_TAPE_MODIFY, false),
|
||||
},
|
||||
)]
|
||||
/// Delete a drive configuration
|
||||
|
@ -346,14 +346,8 @@ pub fn check_acl_path(path: &str) -> Result<(), Error> {
|
||||
return Ok(());
|
||||
}
|
||||
match components[1] {
|
||||
"drive" => {
|
||||
// /tape/drive/{name}
|
||||
if components_len <= 3 {
|
||||
return Ok(());
|
||||
}
|
||||
}
|
||||
"changer" => {
|
||||
// /tape/changer/{name}
|
||||
"device" => {
|
||||
// /tape/device/{name}
|
||||
if components_len <= 3 {
|
||||
return Ok(());
|
||||
}
|
||||
|
@ -21,8 +21,7 @@ Ext.define('PBS.data.PermissionPathsStore', {
|
||||
{ 'value': '/system/tasks' },
|
||||
{ 'value': '/system/time' },
|
||||
{ 'value': '/tape' },
|
||||
{ 'value': '/tape/drive' },
|
||||
{ 'value': '/tape/changer' },
|
||||
{ 'value': '/tape/device' },
|
||||
{ 'value': '/tape/pool' },
|
||||
{ 'value': '/tape/job' },
|
||||
],
|
||||
|
Loading…
Reference in New Issue
Block a user