proxmox-mirrors/pve-manager
1
0
Fork 0
mirror of https://git.proxmox.com/git/pve-manager synced 2025-10-04 11:31:32 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

api: replication: allow users to enumerate accessible replication jobs

Browse Source 
Previously, the /cluster/replication API handler would fail completely
with a HTTP 403 if a user does have VM.Audit permissions for
a single VM/CT. That was due to the 'noerr' parameter not set for
$rpcenv->check()

Signed-off-by: Lukas Wagner <l.wagner@proxmox.com>
Reviewed-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
This commit is contained in:
Lukas Wagner 2023-12-01 14:24:09 +01:00 committed by Thomas Lamprecht
parent ac7127388f
commit 4f0d58394f
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
PVE/API2/ReplicationConfig.pm
View File

@ -20,7 +20,8 @@ __PACKAGE__->register_method ({
method => 'GET',
description => "List replication jobs.",
permissions => {
description => "Requires the VM.Audit permission on /vms/<vmid>.",
description => "Will only return replication jobs for which the calling user has"
. " VM.Audit permission on /vms/<vmid>.",
user => 'all',
},
parameters => {
@ -47,7 +48,7 @@ __PACKAGE__->register_method ({
foreach my $id (sort keys %{$cfg->{ids}}) {
my $d = $cfg->{ids}->{$id};
my $vmid = $d->{guest};
next if !$rpcenv->check($authuser, "/vms/$vmid", [ 'VM.Audit' ]);
next if !$rpcenv->check($authuser, "/vms/$vmid", [ 'VM.Audit' ], 1);
$d->{id} = $id;
push @$res, $d;
}