use the relatively new variant of ListAccessibleBackupGroups to also
allow pruning the groups that one doesn't own but has the respective
privileges on their namespace level.
This was previously handled by the API endpoint itself, which was ok
as long as only one level was looked at.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Not only check all owned backup groups, but also all that an auth_id
has DATASTORE_AUDIT or DATASTORE_READ on the whole namespace.
best viewed with whitespace change ignore (-w)
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
The "owner override" privs will skip the owner check completely if
the authid has a permission for any of the bitwise OR'd privs
requested on the namespace level.
The "owner and privs" are for the case where being the owner is not
enough, e.g., pruning, if set they need to match all, not just any,
on the namespace, otherwise we don't even look at the groups from the
current NS level.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
with namespaces the paths can get pretty complex, so make the path
column take some flex space too, but not too much to avoid making it
look odd for the short paths we have otherwise
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Without namespaces this had not much use, but now that we can have
permissions below we should allow so.
For convenience also query the namsepaces here and add them to the
list of available ACL paths, the read-dir shouldn't be that expensive
(albeit, we could cache them in the frontend)
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
We can have those in existing verify jobs configs, and that'd break
stuff. So, even while the "bad" commit got released only recently
with `2.1.6-1` (14 April 2022), we still need to cope with those that
used it, and using some serde parser magic to transform on read only
is hard here due to section config (json-value and verify currently
happen before we can do anything about it)
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
This reverts commit 7a1a5d206d.
We could already cause the behavior by simply setting ignore-verified
to false, aas that flag is basically an on/off switch for even
considering outdated-after or not.
So avoid the extra logic and just make the gui use the previously
existing way.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
by filtering out the empty namespace from the api, and putting
manually a div with the grid-empty xclass around the gettext
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
[ T: reword commit message ]
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
'defaultStore' can be '' or null, so check for truthyness also, we
want the mapping to be a formField so that the validation triggers
and the restore button gets en/disabled accordingly. We still have to
call 'getValue' manually, because the onGetValues will get it as
string instead of an array
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
else it's a lot of wasted space for the ordinary case, that hasn't
permanent maintenance modes activated, and even if, their admins
should be used to it, so not the best space/usability ROI there
either.
Just use the icon as visual clue and add a tooltip for the
maintenance mode info.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
to not having to query the activeTasks everywhere, change the renderer
to omit the check/spinner when no activeTasks are given
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
matches what we do for (most) of such things in PVE since 7.0 there
and also what the disk management gui shows, further disks are sold
with SI units for their advertised capacity, so its more fitting
there too.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
commit bd21a63b only fixed sync, not verify, and we can do better by
using a display-edit field.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
we cannot change the id, and even if we send the same, the backend
does not allow 'duplicate' parameters (the id is in the url already)
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
by checking if *any* record has data, not only the first
this would prevent the chart from being shown for e.g. newly added
datastores, or for datastores after the server was offline for some time
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Dominik Csapak
Fabian Grünbichler
Thomas Lamprecht
Oguz Bektas
Wolfgang Bumiller