From: Lorenz Stechauner <l.stechauner@proxmox.com>
Date: Thu, 20 May 2021 10:03:39 +0000 (+0200)
Subject: fix #3402: add Pool.Audit permission
X-Git-Url: https://git.proxmox.com/?p=pve-access-control.git;a=commitdiff_plain;h=6d048ad6fc1ad8ce4f27b069d304c423a96ff1dd;hp=8ac53236df4135819e9b87331744138d9618b959

fix #3402: add Pool.Audit permission

add new user "PVEPoolUser" and add Pool.Audit to "PVEAuditor".

Signed-off-by: Lorenz Stechauner <l.stechauner@proxmox.com>
---

diff --git a/README b/README
index 33643a6..c706e5b 100644
--- a/README
+++ b/README
@@ -96,6 +96,7 @@ privileges:
 	  VM.Config.Options: modify any other VM configuration 
 
 	Pool.Allocate: create/remove/modify a pool.
+	Pool.Audit: view a pool
 
 	Datastore.Allocate: create/remove/modify a data store.
 	Datastore.AllocateSpace: allocate space on a datastore
diff --git a/src/PVE/AccessControl.pm b/src/PVE/AccessControl.pm
index f7d4e78..888875e 100644
--- a/src/PVE/AccessControl.pm
+++ b/src/PVE/AccessControl.pm
@@ -819,8 +819,12 @@ my $privgroups = {
 	admin => [
 	    'Pool.Allocate', # create/delete pools
 	],
-	user => [],
-	audit => [],
+	user => [
+	    'Pool.Audit',
+	],
+	audit => [
+	    'Pool.Audit',
+	],
     },
 };