use PVE::JSONSchema qw(get_standard_option);
use PVE::RESTHandler;
use PVE::ReplicationConfig;
-use PVE::GuestHelpers qw(assert_tag_permissions check_vnet_access);
+use PVE::GuestHelpers qw(assert_tag_permissions);
use PVE::QemuConfig;
use PVE::QemuServer;
use PVE::QemuServer::Cloudinit;
return 1;
};
-my $check_bridge_access = sub {
- my ($rpcenv, $authuser, $param) = @_;
-
- return 1 if $authuser eq 'root@pam';
-
- foreach my $opt (keys %{$param}) {
- next if $opt !~ m/^net\d+$/;
- my $net = PVE::QemuServer::parse_net($param->{$opt});
- my $bridge = $net->{bridge};
- my $tag = $net->{tag};
- my $trunks = $net->{trunks};
- check_vnet_access($rpcenv, $authuser, $bridge, $tag, $trunks);
- }
- return 1;
-};
-
my $check_vm_modify_config_perm = sub {
my ($rpcenv, $authuser, $vmid, $pool, $key_list) = @_;
my $vzdump_conf = PVE::Storage::extract_vzdump_config($storecfg, $archive);
my $backup_conf = PVE::QemuServer::parse_vm_config("restore/qemu-server/$vmid.conf", $vzdump_conf, 1);
- &$check_bridge_access($rpcenv, $authuser, $backup_conf);
+ PVE::QemuServer::check_bridge_access($rpcenv, $authuser, $backup_conf);
$archive = $parse_restore_archive->($storecfg, $archive);
}
&$check_vm_create_serial_perm($rpcenv, $authuser, $vmid, $pool, $param);
&$check_vm_create_usb_perm($rpcenv, $authuser, $vmid, $pool, $param);
- &$check_bridge_access($rpcenv, $authuser, $param);
+ PVE::QemuServer::check_bridge_access->($rpcenv, $authuser, $param);
&$check_cpu_model_access($rpcenv, $authuser, $param);
$check_drive_param->($param, $storecfg);
&$check_storage_access($rpcenv, $authuser, $storecfg, $vmid, $param);
- &$check_bridge_access($rpcenv, $authuser, $param);
+ PVE::QemuServer::check_bridge_access($rpcenv, $authuser, $param);
my $updatefn = sub {
my $sharedvm = &$check_storage_access_clone($rpcenv, $authuser, $storecfg, $oldconf, $storage);
- &$check_bridge_access($rpcenv, $authuser, $oldconf);
+ PVE::QemuServer::check_bridge_access($rpcenv, $authuser, $oldconf);
die "can't clone VM to node '$target' (VM uses local storage)\n"
if $target && !$sharedvm;
});
}
+sub check_bridge_access {
+ my ($rpcenv, $authuser, $conf) = @_;
+
+ return 1 if $authuser eq 'root@pam';
+
+ for my $opt (sort keys $conf->%*) {
+ next if $opt !~ m/^net\d+$/;
+ my $net = parse_net($conf->{$opt});
+ my ($bridge, $tag, $trunks) = $net->@{'bridge', 'tag', 'trunks'};
+ PVE::GuestHelpers::check_vnet_access($rpcenv, $authuser, $bridge, $tag, $trunks);
+ }
+ return 1;
+};
+
# vzdump restore implementaion
sub tar_archive_read_firstfile {