allow dots in access paths

[pve-access-control.git] / PVE / API2 / ACL.pm

diff --git a/PVE/API2/ACL.pm b/PVE/API2/ACL.pm
index c2d5665341cc6b3bbb51e96024cad537acf1ee1a..84d7549cfb7809768ee63181aa1542595d27205d 100644 (file)
--- a/PVE/API2/ACL.pm
+++ b/PVE/API2/ACL.pm
@@ -51,7 +51,7 @@ __PACKAGE__->register_method ({
 
        my $usercfg = $rpcenv->{user_cfg};
        if (!$usercfg || !$usercfg->{acl}) {
 
        my $usercfg = $rpcenv->{user_cfg};
        if (!$usercfg || !$usercfg->{acl}) {

-           return {};
+           return $res;

        }
 
        my $audit = $rpcenv->check($authuser, '/access', ['Sys.Audit'], 1);
        }
 
        my $audit = $rpcenv->check($authuser, '/access', ['Sys.Audit'], 1);


@@ -114,6 +114,7 @@ __PACKAGE__->register_method ({
                description => "Allow to propagate (inherit) permissions.",
                type => 'boolean', 
                optional => 1,
                description => "Allow to propagate (inherit) permissions.",
                type => 'boolean', 
                optional => 1,

+               default => 1,

            },
            delete => {
                description => "Remove permissions (instead of adding it).",
            },
            delete => {
                description => "Remove permissions (instead of adding it).",


@@ -140,7 +141,11 @@ __PACKAGE__->register_method ({
                        
                my $cfg = cfs_read_file("user.cfg");
 
                        
                my $cfg = cfs_read_file("user.cfg");
 

-               my $propagate = $param->{propagate} ? 1 : 0;
+               my $propagate = 1;
+               
+               if (defined($param->{propagate})) {
+                   $propagate = $param->{propagate} ? 1 : 0;
+               }

 
                foreach my $role (split_list($param->{roles})) {
                    die "role '$role' does not exist\n" 
 
                foreach my $role (split_list($param->{roles})) {
                    die "role '$role' does not exist\n"