Skip to content

P
pve-manager
Commit 3677cf2c authored by Dietmar Maurer's avatar Dietmar Maurer
Browse files
Options

check storage permissions on vzdump API

parent 705ac953
Hide whitespace changes
Inline Side-by-side
Showing with 4 additions and 1 deletion
PVE/API2/VZDump.pm
View file @ 3677cf2c
...@@ -23,7 +23,7 @@ __PACKAGE__->register_method ({ ...@@ -23,7 +23,7 @@ __PACKAGE__->register_method ({
method => 'POST', method => 'POST',
description => "Create backup.", description => "Create backup.",
permissions => { permissions => {
description => "The user needs VM.Backup permissions on any VM.", description => "The user needs 'VM.Backup' permissions on any VM, and 'Datastore.AllocateSpace' on the backup storage.",
user => 'all', user => 'all',
}, },
protected => 1, protected => 1,
...@@ -108,6 +108,9 @@ __PACKAGE__->register_method ({ ...@@ -108,6 +108,9 @@ __PACKAGE__->register_method ({
if defined($param->{$key}) && ($user ne 'root@pam'); if defined($param->{$key}) && ($user ne 'root@pam');
} }
$rpcenv->check($user, "/storage/$param->{storage}", [ 'Datastore.AllocateSpace' ])
if $param->{storage};
my $vzdump = PVE::VZDump->new($cmdline, $param, $skiplist); my $vzdump = PVE::VZDump->new($cmdline, $param, $skiplist);
my $worker = sub { my $worker = sub {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment

Technounit-GROUP 2023