proxmox-mirrors/pve-manager
1
0
Fork 0
mirror of https://git.proxmox.com/git/pve-manager synced 2025-05-01 19:15:26 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

add permissions for task API

Browse Source
This commit is contained in:
Dietmar Maurer 2012-02-06 09:33:57 +01:00
parent 937515d61b
commit 00cc94d33e
1 changed files with 17 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
PVE/API2/Tasks.pm
View File

@ -19,7 +19,10 @@ __PACKAGE__->register_method({
name => 'node_tasks', name => 'node_tasks',
path => '', path => '',
method => 'GET', method => 'GET',
permissions => { user => 'all' }, permissions => {
description => "List task associated with the current user, or all task the user has 'Sys.Audit' permissions on /nodes/<node> (the <node> the task runs on).",
user => 'all'
},
description => "Read task list for one node (finished tasks).", description => "Read task list for one node (finished tasks).",
proxyto => 'node', proxyto => 'node',
parameters => { parameters => {
@ -153,7 +156,10 @@ __PACKAGE__->register_method({
path => '{upid}', path => '{upid}',
method => 'DELETE', method => 'DELETE',
description => 'Stop a task.', description => 'Stop a task.',
permissions => { user => 'all' }, permissions => {
description => "The user needs 'Sys.Modify' permissions on '/nodes/<node>' if the task does not belong to him.",
user => 'all',
},
protected => 1, protected => 1,
proxyto => 'node', proxyto => 'node',
parameters => { parameters => {
@ -176,7 +182,7 @@ __PACKAGE__->register_method({
my $node = $param->{node}; my $node = $param->{node};
if ($user ne $task->{user}) { if ($user ne $task->{user}) {
$rpcenv->check($user, "/nodes/$node", [ 'Sys.Console' ]); $rpcenv->check($user, "/nodes/$node", [ 'Sys.Modify' ]);
} }
PVE::RPCEnvironment::check_worker($param->{upid}, 1); PVE::RPCEnvironment::check_worker($param->{upid}, 1);
@ -188,7 +194,10 @@ __PACKAGE__->register_method({
name => 'read_task_log', name => 'read_task_log',
path => '{upid}/log', path => '{upid}/log',
method => 'GET', method => 'GET',
permissions => { user => 'all' }, permissions => {
description => "The user needs 'Sys.Audit' permissions on '/nodes/<node>' if the task does not belong to him.",
user => 'all',
},
protected => 1, protected => 1,
description => "Read task log.", description => "Read task log.",
proxyto => 'node', proxyto => 'node',
@ -274,7 +283,10 @@ __PACKAGE__->register_method({
name => 'read_task_status', name => 'read_task_status',
path => '{upid}/status', path => '{upid}/status',
method => 'GET', method => 'GET',
permissions => { user => 'all' }, permissions => {
description => "The user needs 'Sys.Audit' permissions on '/nodes/<node>' if the task does not belong to him.",
user => 'all',
},
protected => 1, protected => 1,
description => "Read task status.", description => "Read task status.",
proxyto => 'node', proxyto => 'node',