From 930dcfc8b0cd396bb682fae4fd08f52ecc12bdf1 Mon Sep 17 00:00:00 2001
From: Dietmar Maurer <dietmar@proxmox.com>
Date: Fri, 13 Jan 2012 13:31:18 +0100
Subject: [PATCH] allow user to see his own entry

---
 PVE/API2/User.pm | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/PVE/API2/User.pm b/PVE/API2/User.pm
index 4593567..8b06364 100644
--- a/PVE/API2/User.pm
+++ b/PVE/API2/User.pm
@@ -36,6 +36,7 @@ __PACKAGE__->register_method ({
     path => '', 
     method => 'GET',
     description => "User index.",
+    permissions => { user => 'all' },
     parameters => {
 	additionalProperties => 0,
 	properties => {
@@ -59,13 +60,17 @@ __PACKAGE__->register_method ({
     code => sub {
 	my ($param) = @_;
     
+	my $rpcenv = PVE::RPCEnvironment::get();
+	my $authuser = $rpcenv->get_user();
+
 	my $res = [];
 
 	my $usercfg = cfs_read_file("user.cfg");
  
 	foreach my $user (keys %{$usercfg->{users}}) {
-	    next if $user eq 'root';
-	    
+	    # root sees all entries, a user only sees its own entry
+	    next if $authuser ne 'root@pam' && $user ne $authuser;
+
 	    my $entry = &$extract_user_data($usercfg->{users}->{$user});
 
 	    if (defined($param->{enabled})) {
-- 
2.39.2