all lists on lists.proxmox.com
 help / color / mirror / Atom feed
* [pdm-devel] [PATCH proxmox 1/2] access-control: improve description for `all-for-authid` parameter
@ 2025-11-19 11:15 Shannon Sterz
  2025-11-19 11:15 ` [pdm-devel] [PATCH proxmox 2/2] access-control: make `all-for-authid` work with tokens Shannon Sterz
  2025-11-19 12:26 ` [pdm-devel] applied-series: [PATCH proxmox 1/2] access-control: improve description for `all-for-authid` parameter Fabian Grünbichler
  0 siblings, 2 replies; 3+ messages in thread
From: Shannon Sterz @ 2025-11-19 11:15 UTC (permalink / raw)
  To: pdm-devel

Signed-off-by: Shannon Sterz <s.sterz@proxmox.com>
---
 proxmox-access-control/src/api/acl.rs | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/proxmox-access-control/src/api/acl.rs b/proxmox-access-control/src/api/acl.rs
index 1700f6e8..dfd13fd4 100644
--- a/proxmox-access-control/src/api/acl.rs
+++ b/proxmox-access-control/src/api/acl.rs
@@ -24,7 +24,11 @@ use crate::CachedUserInfo;
                 default: false,
             },
             "all-for-authid": {
-                description: "Whether to return all ACL entries for the exact current authid only.",
+                description: "Whether to return all ACL entries for the exact current authid only. \
+                    All ACL entries will appear as `AclUgidType::User` ACLs, regardles of whether \
+                    they are stored as user or group entries. Hence, when using this parameter this \
+                    endpoint cannot be used to retrieve information for updating the ACL tree \
+                    directly.",
                 type: bool,
                 optional: true,
                 default: false,
-- 
2.47.3



_______________________________________________
pdm-devel mailing list
pdm-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pdm-devel


^ permalink raw reply	[flat|nested] 3+ messages in thread
* [pdm-devel] [PATCH proxmox 2/2] access-control: make `all-for-authid` work with tokens
  2025-11-19 11:15 [pdm-devel] [PATCH proxmox 1/2] access-control: improve description for `all-for-authid` parameter Shannon Sterz
@ 2025-11-19 11:15 ` Shannon Sterz
  2025-11-19 12:26 ` [pdm-devel] applied-series: [PATCH proxmox 1/2] access-control: improve description for `all-for-authid` parameter Fabian Grünbichler
  1 sibling, 0 replies; 3+ messages in thread
From: Shannon Sterz @ 2025-11-19 11:15 UTC (permalink / raw)
  To: pdm-devel

previously specifying the `all-for-authid` parameter with the current
authid being a token, would return an empty list in any case. return
the acl's of the token properly instead.

Signed-off-by: Shannon Sterz <s.sterz@proxmox.com>
---
 proxmox-access-control/src/api/acl.rs | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/proxmox-access-control/src/api/acl.rs b/proxmox-access-control/src/api/acl.rs
index dfd13fd4..c8f046d2 100644
--- a/proxmox-access-control/src/api/acl.rs
+++ b/proxmox-access-control/src/api/acl.rs
@@ -269,10 +269,12 @@ fn extract_acl_node_data(
     exact: bool,
     auth_id_filter: &Option<Authid>,
 ) -> Vec<AclListItem> {
-    // tokens can't have tokens, so we can early return
-    if let Some(auth_id_filter) = auth_id_filter {
-        if auth_id_filter.is_token() {
-            return Vec::new();
+    if !all_for_authid {
+        // tokens can't have tokens, so we can early return
+        if let Some(auth_id_filter) = auth_id_filter {
+            if auth_id_filter.is_token() {
+                return Vec::new();
+            }
         }
     }
 
-- 
2.47.3



_______________________________________________
pdm-devel mailing list
pdm-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pdm-devel


^ permalink raw reply	[flat|nested] 3+ messages in thread
* [pdm-devel] applied-series: [PATCH proxmox 1/2] access-control: improve description for `all-for-authid` parameter
  2025-11-19 11:15 [pdm-devel] [PATCH proxmox 1/2] access-control: improve description for `all-for-authid` parameter Shannon Sterz
  2025-11-19 11:15 ` [pdm-devel] [PATCH proxmox 2/2] access-control: make `all-for-authid` work with tokens Shannon Sterz
@ 2025-11-19 12:26 ` Fabian Grünbichler
  1 sibling, 0 replies; 3+ messages in thread
From: Fabian Grünbichler @ 2025-11-19 12:26 UTC (permalink / raw)
  To: pdm-devel, Shannon Sterz


On Wed, 19 Nov 2025 12:15:18 +0100, Shannon Sterz wrote:
> 


Applied, thanks!

[1/2] access-control: improve description for `all-for-authid` parameter
      commit: 8359b7a986c9e4d5f2e3a9fad5274a4e8c548c93
[2/2] access-control: make `all-for-authid` work with tokens
      commit: f397d3b0630878f74382821ac4eb78f5b7ec9687

Best regards,
-- 
Fabian Grünbichler <f.gruenbichler@proxmox.com>


_______________________________________________
pdm-devel mailing list
pdm-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pdm-devel

^ permalink raw reply	[flat|nested] 3+ messages in thread
end of thread, other threads:[~2025-11-19 12:26 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2025-11-19 11:15 [pdm-devel] [PATCH proxmox 1/2] access-control: improve description for `all-for-authid` parameter Shannon Sterz
2025-11-19 11:15 ` [pdm-devel] [PATCH proxmox 2/2] access-control: make `all-for-authid` work with tokens Shannon Sterz
2025-11-19 12:26 ` [pdm-devel] applied-series: [PATCH proxmox 1/2] access-control: improve description for `all-for-authid` parameter Fabian Grünbichler

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.
Service provided by Proxmox Server Solutions GmbH | Privacy | Legal