Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
P
pve-manager
Project
Project
Details
Activity
Releases
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Administrator
pve-manager
Commits
c598d9e1
Commit
c598d9e1
authored
Feb 22, 2012
by
Dietmar Maurer
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
fix file upload permission checks
parent
598cccb5
Changes
3
Hide whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
10 additions
and
5 deletions
+10
-5
REST.pm
PVE/REST.pm
+3
-4
changelog.Debian
debian/changelog.Debian
+6
-0
defines.mk
defines.mk
+1
-1
No files found.
PVE/REST.pm
View file @
c598d9e1
...
@@ -321,10 +321,9 @@ sub rest_handler {
...
@@ -321,10 +321,9 @@ sub rest_handler {
if
(
$method
eq
'
POST
'
&&
$rel_uri
=~
m|^/nodes/([^/]+)/storage/([^/]+)/upload$|
)
{
if
(
$method
eq
'
POST
'
&&
$rel_uri
=~
m|^/nodes/([^/]+)/storage/([^/]+)/upload$|
)
{
my
(
$node
,
$storeid
)
=
(
$1
,
$2
);
my
(
$node
,
$storeid
)
=
(
$1
,
$2
);
my
$perm
=
{
# we disable CSRF checks if $isUpload is set,
path
=>
"
/storage/
$storeid
",
# to improve security we check user upload permission here
privs
=>
[
'
Datastore.AllocateSpace
'
],
my
$perm
=
{
check
=>
['
perm
',
"
/storage/
$storeid
",
['
Datastore.AllocateTemplate
']]
};
};
$rpcenv
->
check_api2_permissions
(
$perm
,
$username
,
{});
$rpcenv
->
check_api2_permissions
(
$perm
,
$username
,
{});
$isUpload
=
1
;
$isUpload
=
1
;
}
}
...
...
debian/changelog.Debian
View file @
c598d9e1
pve-manager (2.0-33) unstable; urgency=low
* fix file upload permission checks
-- Proxmox Support Team <support@proxmox.com> Wed, 22 Feb 2012 09:14:05 +0100
pve-manager (2.0-32) unstable; urgency=low
pve-manager (2.0-32) unstable; urgency=low
* added French translation
* added French translation
...
...
defines.mk
View file @
c598d9e1
...
@@ -2,7 +2,7 @@ RELEASE=2.0
...
@@ -2,7 +2,7 @@ RELEASE=2.0
VERSION=2.0
VERSION=2.0
PACKAGE=pve-manager
PACKAGE=pve-manager
PACKAGERELEASE=3
2
PACKAGERELEASE=3
3
BINDIR=${DESTDIR}/usr/bin
BINDIR=${DESTDIR}/usr/bin
PERLLIBDIR=${DESTDIR}/usr/share/perl5
PERLLIBDIR=${DESTDIR}/usr/share/perl5
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment