proxmox-mirrors/qemu-server
1
0
Fork 0
mirror of https://git.proxmox.com/git/qemu-server synced 2025-08-05 10:50:32 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

close #2741: add VM.Config.Cloudinit permission

Browse Source 
This allows setting ciuser, cipassword and all other cloudinit settings that
are not part of the network without VM.Config.Network permissions.
Keep VM.Config.Network still as fallback so custom roles that add
VM.Config.Network but not VM.Config.Cloudinit don't break.

Signed-off-by: Mira Limbeck <m.limbeck@proxmox.com>
This commit is contained in:
Mira Limbeck 2020-06-25 16:48:47 +02:00 committed by Thomas Lamprecht
parent f57666e949
commit fc701af740
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
PVE/API2/Qemu.pm
View File

@ -358,8 +358,10 @@ my $check_vm_modify_config_perm = sub {
$rpcenv->check_vm_perm($authuser, $vmid, $pool, ['VM.PowerMgmt']); $rpcenv->check_vm_perm($authuser, $vmid, $pool, ['VM.PowerMgmt']);
} elsif ($diskoptions->{$opt}) { } elsif ($diskoptions->{$opt}) {
$rpcenv->check_vm_perm($authuser, $vmid, $pool, ['VM.Config.Disk']); $rpcenv->check_vm_perm($authuser, $vmid, $pool, ['VM.Config.Disk']);
} elsif ($cloudinitoptions->{$opt} || ($opt =~ m/^(?:net|ipconfig)\d+$/)) { } elsif ($opt =~ m/^(?:net|ipconfig)\d+$/) {
$rpcenv->check_vm_perm($authuser, $vmid, $pool, ['VM.Config.Network']); $rpcenv->check_vm_perm($authuser, $vmid, $pool, ['VM.Config.Network']);
} elsif ($cloudinitoptions->{$opt}) {
$rpcenv->check_vm_perm($authuser, $vmid, $pool, ['VM.Config.Cloudinit', 'VM.Config.Network'], 1);
} elsif ($opt eq 'vmstate') { } elsif ($opt eq 'vmstate') {
# the user needs Disk and PowerMgmt privileges to change the vmstate # the user needs Disk and PowerMgmt privileges to change the vmstate
# also needs privileges on the storage, that will be checked later # also needs privileges on the storage, that will be checked later
@ -1354,6 +1356,7 @@ my $vm_config_perm_list = [
'VM.Config.Network', 'VM.Config.Network',
'VM.Config.HWType', 'VM.Config.HWType',
'VM.Config.Options', 'VM.Config.Options',
'VM.Config.Cloudinit',
]; ];
__PACKAGE__->register_method({ __PACKAGE__->register_method({