use crate::config::datastore;
use crate::server::WorkerTask;
use crate::tools;
-use crate::config::acl::{PRIV_DATASTORE_AUDIT, PRIV_DATASTORE_ALLOCATE_SPACE};
+use crate::config::acl::{
+ PRIV_DATASTORE_AUDIT,
+ PRIV_DATASTORE_READ,
+ PRIV_DATASTORE_PRUNE,
+ PRIV_DATASTORE_CREATE_BACKUP,
+};
fn read_backup_index(store: &DataStore, backup_dir: &BackupDir) -> Result<Vec<BackupContent>, Error> {
},
},
access: {
- permission: &Permission::Privilege(&["datastore", "{store}"], PRIV_DATASTORE_ALLOCATE_SPACE, false),
+ permission: &Permission::Privilege(&["datastore", "{store}"], PRIV_DATASTORE_PRUNE, false),
},
)]
/// Delete backup snapshot.
("store", false, &DATASTORE_SCHEMA),
])
)
-).access(None, &Permission::Privilege(&["datastore", "{store}"], PRIV_DATASTORE_ALLOCATE_SPACE, false));
+).access(None, &Permission::Privilege(&["datastore", "{store}"], PRIV_DATASTORE_PRUNE, false));
fn prune(
param: Value,
schema: UPID_SCHEMA,
},
access: {
- permission: &Permission::Privilege(&["datastore", "{store}"], PRIV_DATASTORE_ALLOCATE_SPACE, false),
+ permission: &Permission::Privilege(&["datastore", "{store}"], PRIV_DATASTORE_PRUNE, false),
},
)]
/// Start garbage collection.
("file-name", false, &BACKUP_ARCHIVE_NAME_SCHEMA),
]),
)
-).access(None, &Permission::Privilege(&["datastore", "{store}"], PRIV_DATASTORE_ALLOCATE_SPACE, false));
+).access(None, &Permission::Privilege(&["datastore", "{store}"], PRIV_DATASTORE_READ, false));
fn download_file(
_parts: Parts,
("backup-time", false, &BACKUP_TIME_SCHEMA),
]),
)
-).access(None, &Permission::Privilege(&["datastore", "{store}"], PRIV_DATASTORE_ALLOCATE_SPACE, false));
+).access(None, &Permission::Privilege(&["datastore", "{store}"], PRIV_DATASTORE_CREATE_BACKUP, false));
fn upload_backup_log(
_parts: Parts,