]> git.proxmox.com Git - pve-access-control.git/commitdiff
projects / pve-access-control.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 3d7afd6)
acl: add missing SDN ACL paths to allowed list
authorFabian Grünbichler <f.gruenbichler@proxmox.com>
Wed, 8 Nov 2023 06:55:17 +0000 (07:55 +0100)
committerThomas Lamprecht <t.lamprecht@proxmox.com>
Wed, 8 Nov 2023 12:09:28 +0000 (13:09 +0100)
else it's not actually possible to define ACLs on them, which means they are
effectively root only instead of allowing their intended permission scheme.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
src/PVE/AccessControl.pm patch | blob | blame | history

diff --git a/src/PVE/AccessControl.pm b/src/PVE/AccessControl.pm
index cc0f00b16c581e2100b71ec19dcde3b1cff82e69..9600e59ee5dd7c4eb147206d039d8a890f4e433b 100644 (file)
--- a/src/PVE/AccessControl.pm
+++ b/src/PVE/AccessControl.pm
@@ -1266,6 +1266,12 @@ sub check_path {
        |/pool
        |/pool/[[:alnum:]\.\-\_]+
        |/sdn
+       |/sdn/controllers
+       |/sdn/controllers/[[:alnum:]\_\-]+
+       |/sdn/dns
+       |/sdn/dns/[[:alnum:]]+
+       |/sdn/ipams
+       |/sdn/ipams/[[:alnum:]]+
        |/sdn/zones
        |/sdn/zones/[[:alnum:]\.\-\_]+
        |/sdn/zones/[[:alnum:]\.\-\_]+/[[:alnum:]\.\-\_]+
Access control framework