path => '',
method => 'GET',
description => "List storage content.",
+ permissions => {
+ check => ['perm', '/storage/{storage}', ['Datastore.Audit', 'Datastore.AllocateSpace'], any => 1],
+ },
protected => 1,
proxyto => 'node',
parameters => {
code => sub {
my ($param) = @_;
+ my $rpcenv = PVE::RPCEnvironment::get();
+
+ my $authuser = $rpcenv->get_user();
+
my $cts = $param->{content} ? [ $param->{content} ] : [ @ctypes ];
my $storeid = $param->{storage};
my $cfg = cfs_read_file("storage.cfg");
- my $scfg = PVE::Storage::storage_config ($cfg, $storeid);
+ my $scfg = PVE::Storage::storage_config($cfg, $storeid);
my $res = [];
foreach my $ct (@$cts) {
my $data;
- if ($ct eq 'images') {
+ if ($ct eq 'images' || defined($param->{vmid})) {
$data = PVE::Storage::vdisk_list ($cfg, $storeid, $param->{vmid});
} elsif ($ct eq 'iso') {
- $data = PVE::Storage::template_list ($cfg, $storeid, 'iso')
- if !$param->{vmid};
+ $data = PVE::Storage::template_list ($cfg, $storeid, 'iso');
} elsif ($ct eq 'vztmpl') {
- $data = PVE::Storage::template_list ($cfg, $storeid, 'vztmpl')
- if !$param->{vmid};
+ $data = PVE::Storage::template_list ($cfg, $storeid, 'vztmpl');
} elsif ($ct eq 'backup') {
- $data = PVE::Storage::template_list ($cfg, $storeid, 'backup')
- if !$param->{vmid};
+ $data = PVE::Storage::template_list ($cfg, $storeid, 'backup');
}
next if !$data || !$data->{$storeid};
foreach my $item (@{$data->{$storeid}}) {
+ eval { $rpcenv->check_volume_access($authuser, $cfg, undef, $item->{volid}); };
+ next if $@;
+ $item->{content} = $ct;
push @$res, $item;
}
}
path => '',
method => 'POST',
description => "Allocate disk images.",
+ permissions => {
+ check => ['perm', '/storage/{storage}', ['Datastore.AllocateSpace']],
+ },
protected => 1,
proxyto => 'node',
parameters => {
node => get_standard_option('pve-node'),
storage => get_standard_option('pve-storage-id'),
filename => {
- description => "The name of the file to create/upload.",
+ description => "The name of the file to create.",
type => 'string',
},
vmid => get_standard_option('pve-vmid', { description => "Specify owner VM" } ),
raise_param_exc({ storage => "storage ID missmatch" })
if $storeid && $sid ne $storeid;
$volid = $volume;
+ $storeid = $sid;
};
raise_param_exc({ volume => $@}) if $@;
$volid = "$storeid:$volume";
}
- return $volid;
+ return wantarray ? ($volid, $storeid) : $volid;
};
__PACKAGE__->register_method ({
path => '{volume}',
method => 'GET',
description => "Get volume attributes",
+ permissions => {
+ description => "You need read access for the volume.",
+ user => 'all',
+ },
protected => 1,
proxyto => 'node',
parameters => {
code => sub {
my ($param) = @_;
- my $volid = &$real_volume_id($param->{storage}, $param->{volume});
+ my $rpcenv = PVE::RPCEnvironment::get();
+ my $authuser = $rpcenv->get_user();
+
+ my ($volid, $storeid) = &$real_volume_id($param->{storage}, $param->{volume});
my $cfg = cfs_read_file('storage.cfg');
+ $rpcenv->check_volume_access($authuser, $cfg, undef, $volid);
+
my $path = PVE::Storage::path($cfg, $volid);
my ($size, $format, $used) = PVE::Storage::file_size_info ($path);
path => '{volume}',
method => 'DELETE',
description => "Delete volume",
+ permissions => {
+ description => "You need 'Datastore.Allocate' privilege on the storage ('Datastore.AllocateSpace' is not enough).",
+ user => 'all',
+ },
protected => 1,
proxyto => 'node',
parameters => {
code => sub {
my ($param) = @_;
- my $volid = &$real_volume_id($param->{storage}, $param->{volume});
+ my $rpcenv = PVE::RPCEnvironment::get();
+ my $authuser = $rpcenv->get_user();
+
+ my ($volid, $storeid) = &$real_volume_id($param->{storage}, $param->{volume});
+ $rpcenv->check($authuser, "/storage/$storeid", ['Datastore.Allocate']);
+
my $cfg = cfs_read_file('storage.cfg');
PVE::Storage::vdisk_free ($cfg, $volid);
return undef;
}});
+__PACKAGE__->register_method ({
+ name => 'copy',
+ path => '{volume}',
+ method => 'POST',
+ description => "Copy a volume. This is experimental code - do not use.",
+ protected => 1,
+ proxyto => 'node',
+ parameters => {
+ additionalProperties => 0,
+ properties => {
+ node => get_standard_option('pve-node'),
+ storage => get_standard_option('pve-storage-id', { optional => 1}),
+ volume => {
+ description => "Source volume identifier",
+ type => 'string',
+ },
+ target => {
+ description => "Target volume identifier",
+ type => 'string',
+ },
+ target_node => get_standard_option('pve-node', {
+ description => "Target node. Default is local node.",
+ optional => 1,
+ }),
+ },
+ },
+ returns => {
+ type => 'string',
+ },
+ code => sub {
+ my ($param) = @_;
+
+ my $rpcenv = PVE::RPCEnvironment::get();
+
+ my $user = $rpcenv->get_user();
+
+ my $target_node = $param->{target_node} || PVE::INotify::nodename();
+ # pvesh examples
+ # cd /nodes/localhost/storage/local/content
+ # pve:/> create local:103/vm-103-disk-1.raw -target local:103/vm-103-disk-2.raw
+ # pve:/> create 103/vm-103-disk-1.raw -target 103/vm-103-disk-3.raw
+
+ my $src_volid = &$real_volume_id($param->{storage}, $param->{volume});
+ my $dst_volid = &$real_volume_id($param->{storage}, $param->{target});
+
+ print "DEBUG: COPY $src_volid TO $dst_volid\n";
+
+ my $cfg = cfs_read_file('storage.cfg');
+
+ # do all parameter checks first
+
+ # then do all short running task (to raise errors befor we go to background)
+
+ # then start the worker task
+ my $worker = sub {
+ my $upid = shift;
+
+ print "DEBUG: starting worker $upid\n";
+
+ my ($target_sid, $target_volname) = PVE::Storage::parse_volume_id($dst_volid);
+ #my $target_ip = PVE::Cluster::remote_node_ip($target_node);
+
+ # you need to get this working (fails currently, because storage_migrate() uses
+ # ssh to connect to local host (which is not needed
+ PVE::Storage::storage_migrate($cfg, $src_volid, $target_node, $target_sid, $target_volname);
+
+ print "DEBUG: end worker $upid\n";
+
+ };
+
+ return $rpcenv->fork_worker('imgcopy', undef, $user, $worker);
+ }});
+
1;